Le 10/15/21 à 12:04 PM, Björn Jacke a écrit :
On 15.10.21 10:10, Christopher Faulet wrote:
It should work. What is your HAProxy version ?
2.4.7
Björn
Sorry Björn, I missed your reply. It is strange, there is no known bug in this
area for now. There is probably something in the request
ttp2 or is it by design and just the
documentation might need some clarification here.
Hi,
It should work. What is your HAProxy version ?
--
Christopher Faulet
nic_safe);
+ }
+
return 0;
err2:
Thanks Tim, now merged !
--
Christopher Faulet
bles. Thus, you can
indeed rely on "%si". But you must use 2.2.14 or newer.
--
Christopher Faulet
tp://git.haproxy.org/?p=haproxy-2.4.git
Changelog: http://www.haproxy.org/download/2.4/src/CHANGELOG
Cyril's HTML doc : http://cbonte.github.io/haproxy-dconv/
---
Complete changelog :
Christopher Faulet (2):
BUG/MEDIUM: http-ana: Clear request analyzers when applying redire
y, it was reported after the 2.4.6 was
released. We try to figure out if it is a major problem or not for now. But it
crashes HAProxy. So, a 2.4.7 will probably be released very soon.
--
Christopher Faulet
Le 10/3/21 à 7:46 PM, Matthias Fechner a écrit :
Am 03.10.2021 um 08:53 schrieb Christopher Faulet:
Damned ! You're right...
It is a typo in the commit feca2a453 ("BUG/MINOR: filters: Always set FLT_END
analyzer when CF_FLT_ANALYZE flag is set"). It also affects the 2.5-DEV.
Le 10/3/21 à 9:06 AM, Vincent Bernat a écrit :
❦ 3 October 2021 08:53 +02, Christopher Faulet:
I will push a fix. As a workaround, you can temporarily disable the HTTP
compression filter.
Will you release 2.4.6 or should we push packages for 2.4.5 with the
patch? For Debian/Ubuntu, I
Le 10/2/21 à 10:54 AM, Matthias Fechner a écrit :
Am 01.10.2021 um 18:09 schrieb Christopher Faulet:
HAProxy 2.4.5 was released on 2021/10/01. It added 69 new commits
after version 2.4.4.
Damned ! You're right...
It is a typo in the commit feca2a453 ("BUG/MINOR: filters: Always s
MINOR: server: implement a refcount for dynamic servers
MINOR: global: define MODE_STOPPING
BUG/MINOR: server: do not use refcount in free_server in stopping mode
MINOR: server: return the next srv instance on free_server
BUG/MINOR: stats: use refcount to protect dynamic se
docs that haproxy does not support HTTP/1.1 pipelining.
I agree. Pipelining should at least be removed from "option http-server-close"
description. And section 1.1 should be reword to be clear on this point.
--
Christopher Faulet
l
give you several hints.
Regards,
--
Christopher Faulet
/flt_spoe.c
@@ -17,6 +17,7 @@
#include
#include
#include
+#include
#include
#include
#include
Thanks Tim! Both patches merged now.
--
Christopher Faulet
Le 9/14/21 à 3:14 AM, Ryan Burn a écrit :
On Thu, Sep 9, 2021 at 12:22 AM Christopher Faulet <mailto:cfau...@haproxy.com>> wrote:
Le 8/11/21 à 2:53 AM, Ryan Burn a écrit :
> I'm working on integrating HAProxy with traceable.ai
<http://traceable.ai> <
5. This API is really experimental for now,
but it may be a solution to analyze the whole message payload, regardless its
size. However, It may be painful because the API may be incomplete and because
dealing with multiple buffers is not simple, especially if you don't want to
forward the payload before the end of analysis.
--
Christopher Faulet
m the HTX
representation. It counted for 1 byte. This explains the difference of 5 bytes
between 2.3 and 2.4.
--
Christopher Faulet
sockaddr in fetch_url_ip/port
BUG/MAJOR: server: prevent deadlock when using 'set maxconn server'
BUG/MINOR: stick-table: insert srv in used_name tree even with fixed id
BUG/MAJOR: server: fix deadlock when changing maxconn via agent-check
Christopher Faulet (34):
G/MAJOR: server: fix deadlock when changing maxconn via agent-check
REGTESTS: fix maxconn update with agent-check
Christopher Faulet (35):
BUG/MINOR: hlua: Don't rely on top of the stack when using Lua buffers
BUG/MINOR: stream: Decrement server current session counter on L7 re
ttp_fetch: fix possible uninit sockaddr in fetch_url_ip/port
BUG/MAJOR: server: prevent deadlock when using 'set maxconn server'
BUG/MINOR: stick-table: insert srv in used_name tree even with fixed id
BUG/MAJOR: server: fix deadlock when changing maxconn via agent-check
apply scheme-based normalization on h1 requests
MEDIUM: h2: apply scheme-based normalization on h2 requests
REGTESTS: add http scheme-based normalization test
Christopher Faulet (19):
BUG/MINOR: server-state: load SRV resolution only if params match the
config
BUG/MINOR: server: For
ow if it is acceptable or not to change the
log level.
I guess that if no one has a better idea or any objections about this change,
you can provide a patch.
--
Christopher Faulet
If you don't specify a username (it is deprecated and not recommended), the
check only consists in parsing the Mysql Handshake Initialization packet or
Merged now, thanks !
--
Christopher Faulet
Le 7/3/21 à 10:22 AM, David CARLIER a écrit :
Hi here a follow-up of the previous patch but this time for OpenBSD.
Thanks, applied now !
--
Christopher Faulet
t; value is displayed as an IPv4 while it should be an IPv6. Could you
check your agent is properly decoding IPv6 values ?
You may also try to do a network capture between HAProxy and your agent.
--
Christopher Faulet
Le 6/1/21 à 12:35 AM, Aleksandar Lazic a écrit :
Fix alphabetical order of uuid
merged now, thanks !
--
Christopher Faulet
ream_uniq_id sample fetch, it is a good idea to add it. In fact,
when it makes sense, a log variable must also be accessible via a sample fetch.
Tim's remarks about the patch are valid. For the scope, INTRN or L4CLI, I don't
know. I'm inclined to choose INTRN.
--
Christopher Faulet
Le 22/04/2021 à 09:00, Maciej Zdeb a écrit :
śr., 21 kwi 2021 o 13:53 Christopher Faulet <mailto:cfau...@haproxy.com>> napisał(a):
The fix was merge in upstream :
* BUG/MAJOR: mux-h2: Properly detect too large frames when decoding headers
(http://git.haproxy.org/?p=ha
erver
BUG/MEDIUM: config: fix cpu-map notation with both process and threads
Christopher Faulet (18):
DOC: Explicitly state only IPv4 are supported by forwardfor/originalto
options
MINOR: No longer rely on deprecated sample fetches for predefined ACLs
BUG/MEDIUM: threads:
Le 27/04/2021 à 13:03, Aleksandar Lazic a écrit :
Hi.
attach the fix for set-timeout.
Thanks, now merged !
--
Christopher Faulet
Le 24/04/2021 à 13:09, Aleksandar Lazic a écrit :
Hi.
The HTML converter expects some formats to recognize if a keyword is a
keyword.
Regards
alex
Thanks, now merged !
--
Christopher Faulet
Le 24/04/2021 à 10:28, Илья Шипицин a écrit :
hello,
one more typo fixing.
Ilya
Thanks, now merged !
--
Christopher Faulet
Thanks Tim! The series was merged (but too late for the release :)
--
Christopher Faulet
ig: fix cpu-map notation with both process and threads
Christopher Faulet (15):
DOC: Explicitly state only IPv4 are supported by forwardfor/originalto
options
MINOR: No longer rely on deprecated sample fetches for predefined ACLs
BUG/MEDIUM: threads: Ignore current thread to end its
been backported yet. But it may be manually applied on the 2.3 and
2.2 if required. If so, optionally, this other one may be applied too :
* BUG/MEDIUM: mux-h2: Fix dfl calculation when merging CONTINUATION frames
(http://git.haproxy.org/?p=haproxy.git;a=commit;h=cb1847c7)
--
Christopher Faulet
understanding of how things work
I found a minor bug in his implementation of the query sort normalizer
and included a patch for that as well.
Best regards,
Thanks, The series was merged !
--
Christopher Faulet
x27;ll push my fix this morning. So you may just wait a bit to confirm it is the
same bug or not.
--
Christopher Faulet
s, we are
falling into a wakeup loop, waiting for more data while the buffer is full.
I have a fix but I must check with Willy how to proceed because I'm not 100%
sure for now.
--
Christopher Faulet
that the 8 v2 patches + the 3 patches from this
morning together result in something that is appropriate for HAProxy 2.4.
Tim,
I pushed all the series. Thanks !
--
Christopher Faulet
to modify it. And because it is a standalone feature, we may plan to backport it
to 2.4 if necessary.
--
Christopher Faulet
. Except if Willy has any comments, I'll merge it
soon.
--
Christopher Faulet
Le 10/04/2021 à 00:34, Robin H. Johnson a écrit :
On Fri, Apr 09, 2021 at 10:14:26PM +0200, Christopher Faulet wrote:
It seems you have a blocking call in one of your lua script. The threads dump
shows many threads blocked in hlua_ctx_init. Many others are executing lua.
Unfortunately, for a
said, this feature is under development.
--
Christopher Faulet
Le 13/04/2021 à 18:05, Tim Düsterhus a écrit :
Christopher,
On 4/13/21 4:59 PM, Christopher Faulet wrote:
+/* Sorts the parameters within the given query string. Returns an ist
containing
+ * the new path and backed by `trash` or IST_NULL if the `len` not
sufficiently
+ * large to store the
Le 13/04/2021 à 18:03, Tim Düsterhus a écrit :
Christopher,
On 4/13/21 4:38 PM, Christopher Faulet wrote:
At the end it remains your choice. The function is quite good. I just
wonder if it could be valuable to also handle single dot-segment here in
addition to double dot-segment. Thus, the
Le 13/04/2021 à 17:45, Tim Düsterhus a écrit :
Christopher,
On 4/13/21 2:41 PM, Christopher Faulet wrote:
Sorry for the delay. I'll comment your patches by replying inline when
No delay experienced. You said that you'd try this week and it's still
this week. So this is fine :-
Le 08/04/2021 à 20:59, Tim Duesterhus a écrit :
Willy,
Christopher,
and this final one adds a normalizer to turn the hex digits of percent
encoding into uppercase. Uppercase is the variant preferred by the URI RFC, so
this is what we do.
This one looks good.
--
Christopher Faulet
stener && sess->listener->counters)
_HA_ATOMIC_ADD(&sess->listener->counters->failed_rewrites, 1);
if (objt_server(s->target))
_HA_ATOMIC_ADD(&__objt_server(s->target)->counters.failed_rewrites, 1);
if (!(s->txn->req.flags & HTTP_MSGF_SOFT_RW)) {
ret = ACT_RET_ERR;
if (!(s->flags & SF_ERR_MASK))
s->flags |= SF_ERR_PRXCOND;
}
goto leave;
}
--
Christopher Faulet
Le 08/04/2021 à 20:59, Tim Duesterhus a écrit :
Willy,
Christopher,
most of the patch is moving around the config parser to support ingesting the
new argument.
This one looks good.
--
Christopher Faulet
Le 08/04/2021 à 20:59, Tim Duesterhus a écrit :
Willy,
Christopher,
I did not perform any measurements at all. But not reallocating for every
parameter should be better :-)
This one may be useless if you use the trash buffer to store the query
parameters.
--
Christopher Faulet
y = __istappend(newquery, '&');
+
+ if (istcat(&newquery, params[i], len) < 0)
+ goto fail;
+ }
+
+ free(params);
+
+ return newquery;
+
+ fail:
+ free(params);
+
+ return IST_NULL;
+}
/*
* Local variables:
--
Christopher Faulet
before
reading the 6th patch because for me it is the most important part. But I'm fine
with an option in a way or another.
--
Christopher Faulet
The list of supported normalizers may help the user here.
+ }
+ cur_arg++;
+
+ *orig_arg = cur_arg;
+ return ACT_RET_PRS_OK;
+}
+
--
Christopher Faulet
Le 08/04/2021 à 20:59, Tim Duesterhus a écrit :
Willy,
Christopher,
I used uri_auth.[ch] as the basis for the source file structure (comments and
stuff).
Thanks, nothing to say about this one :)
--
Christopher Faulet
ist *dst);
returning for instance 0 on success and anything else on error. This way, it is
easy to return an enum instead of an integer to be able to handle errors.
--
Christopher Faulet
Le 12/04/2021 à 09:40, Илья Шипицин a écrit :
Dear Team,
can we address at least #1112, #1119 before 2.4 is released ?
Of course, thanks for the reminder !
--
Christopher Faulet
e a separate lua
context for each thread loading the scripts with "lua-load-per-thread"
directive. Out of curiosity, on the 1.8, are you running HAProxy with several
threads or are you spawning several processes?
--
Christopher Faulet
view.
I'll add additional remarks to each patch, explaining my decisions in more
detail.
Thanks Tim, I'll try to review your patches next week.
--
Christopher Faulet
h indicates an error.
Now if the "u" is followed by an "s" we properly continue processing the
time instead of immediately failing.
Thanks, now merged !
--
Christopher Faulet
ump.
Sorry to ask you so much work, it is pretty hard to track this kind of bug.
Thanks !
--
Christopher Faulet
in tcp backend (which is backend for SPOE/A) but it seems to
be one of very few options that do not have "no option httpchk".
Hi,
Indeed, you can't. But you may override it with the right health-check type. For
instance "option tcp-check". Or better "option spop-che
fires the watchdog. Because,
under the hood, it is the true issue :)
--
Christopher Faulet
m other places. Thus, I guess we must
find a more global way to prevent the lua stack dump.
--
Christopher Faulet
piler barriers
are necessary to avoid instructions reordering. It is the purpose of attached
patches. Sorry to ask you it again, but could you make some tests ?
Thanks !
--
Christopher Faulet
>From b4f55500b514e5bfcdaba938cbd2b0ba3cfb2f62 Mon Sep 17 00:00:00 2001
From: Christopher Faulet
Date:
ture id in backend
Christopher Faulet (24):
BUG/MEDIUM: stream: Be sure to release allocated captures for TCP streams
BUG/MINOR: http-rules: Remove buggy deinit functions for HTTP rules
BUG/MINOR: stick-table: Use MAX_SESS_STKCTR as the max track ID during
parsing
MINOR:
nn (1):
BUG/MINOR: http_act: don't check capture id in backend
Christopher Faulet (35):
BUG/MEDIUM: stream: Be sure to release allocated captures for TCP streams
BUG/MINOR: http-rules: Remove buggy deinit functions for HTTP rules
BUG/MINOR: stick-table: Use MAX_SESS_STKCTR
rienced this bug
on the 2.2, it is probably easier to test patches for this version.
If fixed, it could be good to figure out why the watchdog is triggered on your
old processes.
--
Christopher Faulet
>From a61789a1d62fd71c751189faf5371740dd375f33 Mon Sep 17 00:00:00 2001
From: Christopher Faulet
_GNU_SOURCE for strsignal()
BUILD/MINOR: lua: define _GNU_SOURCE for LLONG_MAX
Christopher Faulet (30):
BUG/MINOR: init: Use a dynamic buffer to set HAPROXY_CFGFILES env variable
BUG/MEDIUM: filters/htx: Fix data forwarding when payload length is
unknown
BUG/MINOR: stick-tab
Baptiste Assmann (1):
BUG/MINOR: resolvers: new callback to properly handle SRV record errors
Bertrand Jacquin (2):
BUG/MINOR: mworker: define _GNU_SOURCE for strsignal()
BUILD/MINOR: lua: define _GNU_SOURCE for LLONG_MAX
Christopher Faulet (31):
BUG/MINOR: init: Use a dynamic
.haproxy.org/?p=haproxy-2.2.git
Changelog: http://www.haproxy.org/download/2.2/src/CHANGELOG
Cyril's HTML doc : http://cbonte.github.io/haproxy-dconv/
---
Complete changelog :
Baptiste Assmann (1):
MINOR: resolvers: new function find_srvrq_answer_record()
Christopher Faulet (
east on the 2.2. The listeners code has changed in
the 2.3 but we have no idea if the bug can be triggered too on 2.3 or 2.4.
However, we have not found the time to investigate more for now. So, stay tuned.
--
Christopher Faulet
/cbonte.github.io/haproxy-dconv/
---
Complete changelog :
Amaury Denoyelle (1):
BUG/MINOR: backend: fix condition for reuse on mode HTTP
Baptiste Assmann (1):
MINOR: resolvers: new function find_srvrq_answer_record()
Christopher Faulet (23):
BUG/MINOR: hlua: Don
x27;s it. And it was finally backported in 2.2 and 2.1.
--
Christopher Faulet
is missing. Could you test with the
attached patch please ? On top of the 2.2.9 or 2.2.10, as you want.
Thanks,
--
Christopher Faulet
>From 6406528c25ec73ff0a47696ac2decde95867fdda Mon Sep 17 00:00:00 2001
From: Olivier Houchard
Date: Thu, 18 Feb 2021 23:55:30 +0100
Subject: [PATCH] BUG/MEDIUM:
Cyril's HTML doc : http://cbonte.github.io/haproxy-dconv/
---
Complete changelog :
Amaury Denoyelle (2):
MINOR: check: do not ignore a connection header for http-check send
BUG/MINOR: backend: hold correctly lock when killing idle conn
Baptiste Assmann (1):
BUG/MINOR: reso
dle conn
BUG/MINOR: stats: fix compare of no-maint url suffix
Baptiste Assmann (1):
BUG/MINOR: resolvers: new callback to properly handle SRV record errors
Christopher Faulet (25):
BUG/MINOR: http-ana: Don't increment HTTP error counter on internal errors
BUG/MEDIUM: mux-h
Le 28/02/2021 à 16:11, Tim Duesterhus a écrit :
Refactoring performed with the following Coccinelle patch:
@@
struct ist i;
expression p, l;
@@
- i.ptr = p;
- i.len = l;
+ i = ist2(p, l);
Both merged, thanks !
--
Christopher Faulet
present for
2.4 only, so no backport needed.
Thanks William, now merged !
--
Christopher Faulet
Le 18/02/2021 à 23:05, William Dauchy a écrit :
now that htx is the default everywhere, we can remove the need to put
htx as a mandatory option to setup prometheus.
Thanks William, the series is now merged !
--
Christopher Faulet
haproxy/commit/1d7d0f8). Not
backported yet.
Thanks !
--
Christopher Faulet
st parsing resolution in the SPOE
to find the sink corresponding to the ring buffer. It also fails on the 2.4-dev.
I'll fix it soon.
--
Christopher Faulet
Le 15/02/2021 à 17:22, William Dauchy a écrit :
we previously forgot to add `agent-*` commands.
Take this opportunity to rewrite the help string in a simpler way for
readability (mainly removing simple quotes)
Now merged, thanks !
--
Christopher Faulet
Le 16/02/2021 à 12:47, David Carlier a écrit :
Hi,
Here a patch proposal to update the DeviceAtlas Detection build in order to
support the pcre2 library as option.
Would be nice if backported back to the supported stable releases.
Now merged, thanks !
--
Christopher Faulet
listener.c| 18 ++
src/stats.c | 166 +++
9 files changed, 365 insertions(+), 138 deletions(-)
Thanks William, now merged, including the changes discussed offlist.
--
Christopher Faulet
*info;
if (check_status < HCHK_STATUS_SIZE)
Thanks William, both merged !
--
Christopher Faulet
Le 11/02/2021 à 19:35, Илья Шипицин a écrit :
Hello,
attached patch fix freebsd builds.
Ilya
Thanks, now merged !
--
Christopher Faulet
. Just a
minor change. And in the last one, I removed the "chunk_appendf(msg, "\n");" to
move the LF in ha_warning() calls.
--
Christopher Faulet
Le 10/02/2021 à 09:09, Илья Шипицин a écrit :
Hello,
this is pure cleanup.
should fix #1048
Thanks Ilya, now merged !
--
Christopher Faulet
corresponding commit is :
commit a22782b597ee9a3bfecb18a66e29633c8e814216
Author: Christopher Faulet
Date: Mon Feb 8 17:18:01 2021 +0100
BUG/MEDIUM: mux-h1: Always set CS_FL_EOI for response in MSG_DONE state
During the message parsing, if in MSG_DONE state, the CS_FL_EOI flag must
However, I will merge the bug fix.
There is no reason to not take it.
--
Christopher Faulet
Le 08/02/2021 à 15:03, Christian Ruppert a écrit :
On 2021-02-08 14:46, Christopher Faulet wrote:
Le 08/02/2021 à 14:31, Christian Ruppert a écrit :
Hi list, Christopher,
we're having issues with the mentioned commit / patch:
d13afbcce5e664f9cfe797eee8c527e5fa947f1b
https://git.haproxy.o
o happends with a working HAProxy.
Much later, the site loaded, sometimes broken though.
I'll try to prepare a config snipped if required.
Is there anything know already?
Thanks Christian, I'll take a look. Could you confirm or inform it happens only
with requests with a "Connec
a bit foggy for me
:) Do you feel confident to handle all the changes ?
--
Christopher Faulet
second over last
elapsed second."),
- [ST_F_RATE_LIM] = IST("Configured limit on new sessions per
second."),
- [ST_F_RATE_MAX] = IST("Maximum observed number of sessions per
second."),
[ST_F_CHECK_STATUS] = IST("Status of last health check, per state label
value."),
[ST_F_CHECK_CODE] = IST("layer5-7 code, if available of the last health
check."),
[ST_F_CHECK_DURATION] = IST("Total duration of the latest server health
check, in seconds."),
Both merged, thanks William !
--
Christopher Faulet
Le 06/02/2021 à 18:30, Илья Шипицин a écrit :
Hello,
another cleanup.
Now merged. Thanks !
--
Christopher Faulet
Le 03/02/2021 à 12:19, William Dauchy a écrit :
On Wed, Feb 3, 2021 at 9:59 AM Christopher Faulet wrote:
At first glance, I'm just a bit annoyed with the patch 5. In the documentation,
it is stated that "addr" option will be used for agent-check too. And there is
no info abo
her you again. So, I propose you to merge the first patch and
to add a new one to not set the check port when the server state file is loaded.
Then I can merge the third patch and amend the second one to move the check port
assignment before merging it. And finally I can merge the fourth and fifth patches.
--
Christopher Faulet
For me, it is
a consistency matter. But I understand it is also mandatory for dynamic
environments.
Once that said, I don't really know how all of this is interacting with the
servers state file. I don't really how this part works, so I may missed something.
--
Christopher Faulet
RV_F_AGENTADDR for the agent-checks. For me, we can probably remove
all these flags and handle inheritance at the post-init stage. But if we must
keep some flags, only SRV_F_AGNTADDR/SRV_F_AGENTPORT are useful.
On the CLI, the inconsistency also exists. There is a way to change the agent
port and the health-check address but not the opposite. It is not really handy.
So, it may be good to take a global look at this stuff. I may missed something.
And be carefull for the backports because the health-checks were refactored in
the 2.2.
--
Christopher Faulet
check_state =
get_check_status_info(i);
labels[2].name =
ist("state");
No comments about the other patches. Except the README is now outdated and
does not reflect recent changes. It could be good to keep it up-to-date as far
as possible.
Le 22/01/2021 à 07:08, Willy Tarreau a écrit :
On Thu, Jan 21, 2021 at 11:09:33PM +0100, Aleksandar Lazic wrote:
On 21.01.21 21:57, Christopher Faulet wrote:
Le 21/01/2021 à 21:19, Aleksandar Lazic a écrit :
Hi.
I'm not sure if I have missed something, because there are so many
201 - 300 of 757 matches
Mail list logo