Re: haproxy requests hanging since b0bdae7

Hi Willy, On Wed, Jun 06, 2018 at 02:09:01PM +0200, Willy Tarreau wrote: > On Wed, Jun 06, 2018 at 02:04:35PM +0200, Olivier Houchard wrote: > > When building without threads enabled, instead of just using the global > > runqueue, just use the local runqueue associated with the

Re: haproxy requests hanging since b0bdae7

g with debug enabled I see just a single line: > :f1.accept(0004)=0005 from [127.0.0.1:63663] ALPN= > > commit b0bdae7b88d53cf8f18af0deab6d4c29ac25b7f9 (refs/bisect/bad) > Author: Olivier Houchard > Date: Fri May 18 18:45:28 2018 +0200 > > MAJOR: tasks: Introduc

Re: [PATCH]: MINOR :task another explicit cast

Hi, On Tue, Jun 05, 2018 at 10:46:34AM +, David CARLIER wrote: > Hi, > > Did a full rebuild and caught it only. > > Regards. Oops, thanks a lot David, I hope it'll be the last one :) Willy, can you please push it ? Thanks ! Olivier

Re: error: 'all_threads_mask' undeclared (first use in this function)

Hi Igor, On Mon, Jun 04, 2018 at 03:18:02PM +0300, Igor Batkanov wrote: > Hello! > I've tried to create haproxy 1.8.9 RPM package using rpmbuild and got the > folowing error: error: 'all_threads_mask' undeclared (first use in this > function) > This is a problem when building haproxy without th

Re: [PATCH]: silencing compilation warning

that, but clang certainly does. Instead of using a static variable, I think merely adding a cast is better, as attached. What do you think ? Regards, Olivier >From 08bdd8e3b27afdd5101843f23edd337166c87159 Mon Sep 17 00:00:00 2001 From: Olivier Houchard Date: Fri, 1 Jun 2018 14:32:39 +0200 Subj

Re: 100% cpu using resolvers with haproxy v1.8.9

gt; Oops you're right indeed. There's a bug in the pollers revamp that has been done recently. The attached patch should fix it. Thanks for reporting ! Olivier >From 837f376310b3077740289bc2ced1a0a97a1f964f Mon Sep 17 00:00:00 2001 From: Olivier Houchard Date: Tue, 29 May 20

[PATCHES] Fix bugs in the new scheduler

>From f47ca20747c1cfc7b9e6413afe9c8819a84e485a Mon Sep 17 00:00:00 2001 From: Olivier Houchard Date: Mon, 28 May 2018 13:51:06 +0200 Subject: [PATCH 1/3] BUG/MEDIUM: tasks: Don't forget to increase/decrease tasks_run_queue. Don't forget to increase tasks_run_queue when we're ad

Re: DNS resolver + threads, 100% cpu usage / hang 1.9dev

Hi Pieter, On Tue, May 22, 2018 at 09:00:24PM +0200, PiBa-NL wrote: > Hi Olivier, > > Op 22-5-2018 om 18:46 schreef Olivier Houchard: > > Hi Pieter, > > > > Does the attached patch fix it for you ? It's been generated from master, > > but will probably appl

Re: DNS resolver + threads, 100% cpu usage / hang 1.9dev

-vv also added > below. > > Thanks > PiBa-NL (Pieter) > As usual, you did most of the work :) I think I understand what is going on, and it's ugly as hell. Does the attached patch fix it for you ? It's been generated from master, but will probably apply against 1.8 as wel

Re: [PATCH] Make sure all the pollers get fd updates

Hi, On Fri, May 04, 2018 at 05:32:24PM +0200, Olivier Houchard wrote: > Hi, > > When the code was changed to use one poller per thread, we overlooked the > fact that some fds can be shared between multiple threads, and when one > event occured, that required the fd to be added

Re: [PATCH] BUG/MEDIUM: pollers/kqueue: use incremented position in event list

On Fri, May 11, 2018 at 02:09:43PM +0200, Willy Tarreau wrote: > Hi guys, > > On Fri, May 11, 2018 at 01:57:10PM +0200, Olivier Houchard wrote: > > Hi Pieter, > > > > On Thu, May 10, 2018 at 01:12:40AM +0200, PiBa-NL wrote: > > > Hi Olivier, > > >

Re: [PATCH] BUG/MEDIUM: pollers/kqueue: use incremented position in event list

Hi Pieter, On Thu, May 10, 2018 at 01:12:40AM +0200, PiBa-NL wrote: > Hi Olivier, > > Please take a look at attached patch. When adding 2 fd's the second > overwrote the first one. > Tagged it medium as haproxy just didn't work at all. (with kqueue.). Though > it could perhaps also be minor, as t

[PATCH] Make sure all the pollers get fd updates

't be, backported, so a different patch, similar in spirit, will be developed. Regards, Olivier >From 7ae6ae7215984deb4487391201e3b0f99a072c4b Mon Sep 17 00:00:00 2001 From: Olivier Houchard Date: Wed, 25 Apr 2018 15:10:30 +0200 Subject: [PATCH 1/4] MINOR: fd: Make the lockless fd list work

Re: 1.9dev LUA shows partial results from print_r(core.get_info()) after adding headers ?

> For my testcase it doesn't crash anymore with that change. But i'm not sure > if now its leaking memory instead for some cases.. Is there a easy way to > check? > > Regards, > PiBa-NL (Pieter) > Thanks a lot for the detailed analysis. That seems spot on. We decided

Re: Considering adding support for TCP Zero Copy

Hi Pavlos, On Thu, May 03, 2018 at 12:45:42PM +0200, Pavlos Parissis wrote: > Hi, > > Linux kernel version 4.14 adds support for zero-copy from user memory to TCP > sockets by setting > MSG_ZEROCOPY flag. This is for the sending side of the socket, for the > receiving side of the socket > we ne

Re: 1.8.7 http-tunnel doesn't seem to work? (but default http-keep-alive does)

Hi again, On Tue, Apr 17, 2018 at 01:07:49PM +0200, Olivier Houchard wrote: [...] > We only need one to prevent kevent() from trying to scanning the kqueue, so > only setting kev[0] should be enough. It's inside an #ifdef because > EV_RECEIPT was only implemented recently in OpenBSD

Re: 1.8.7 http-tunnel doesn't seem to work? (but default http-keep-alive does)

Hi Pieter, On Mon, Apr 16, 2018 at 10:41:48PM +0200, PiBa-NL wrote: > Hi Olivier, > > Op 16-4-2018 om 17:09 schreef Olivier Houchard: > > After some discussion with Willy, we came with a solution that may fix your > > problem with kqueue. > > Can you test the attached

Re: 1.8.7 http-tunnel doesn't seem to work? (but default http-keep-alive does)

Hi, On Mon, Apr 16, 2018 at 03:37:34PM +0200, Olivier Houchard wrote: > Hi Pieter, > > On Fri, Apr 13, 2018 at 06:50:50AM +, Pi Ba wrote: > > Using poll (startup with -dk) the request works properly. > > After some discussion with Willy, we came with a solution that m

Re: 1.8.7 http-tunnel doesn't seem to work? (but default http-keep-alive does)

you ? Thanks ! Olivier >From 3c0a505e5f163989239ffb5267ddf7c1ed549fb9 Mon Sep 17 00:00:00 2001 From: Olivier Houchard Date: Mon, 16 Apr 2018 13:24:48 +0200 Subject: [PATCH] BUG/MEDIUM: When adding new events, provide an output to get errors. When adding new events using kevent(), if there'

Re: HAProxy 1.8.X crashing

Hi Praveen, On Fri, Apr 13, 2018 at 02:03:47PM +, UPPALAPATI, PRAVEEN wrote: > Hi Oliver, > > The crash got fixed with the patch you provided before. > > Do you thing the latest patch will be the right solution? > > Thanks, > Praveen. > It should be fine. Regards, Olivier

Re: HAProxy 1.8.X crashing

limited to > the point of currently preventing us from using H2 on the backend, and > that's exactly why we're currently working on it. Ok, here is a patch that does exactly what you suggest. I'm not entirely happy with it, but it'll do the job, as a stopgap. I want this cr

Re: HAProxy 1.8.X crashing

Hi Willy, On Thu, Apr 12, 2018 at 08:53:51AM +0200, Willy Tarreau wrote: > Hi Olivier, > > On Wed, Apr 11, 2018 at 05:29:15PM +0200, Olivier Houchard wrote: > > From 7c9f06727cf60acf873353ac71283ff9c562aeee Mon Sep 17 00:00:00 2001 > > From: Olivier Houchard > > Date

Re: HAProxy 1.8.X crashing

rks fine with 1.7.x > version. > It's related to changes we made in the architecture in 1.8. The attached patch should fix it. It was made for master, but should apply to 1.8 as well. Thanks for reporting ! Olivier >From 7c9f06727cf60acf873353ac71283ff9c562aeee Mon Sep 17 00:00:00

[BUG][PATCH] fd: fix handling of poller updates

rom 348ce4601eb92b01c098b54e7fadb9822fd8d15f Mon Sep 17 00:00:00 2001 From: Olivier Houchard Date: Tue, 3 Apr 2018 19:06:18 +0200 Subject: [PATCH] BUG/MINOR: fd: Don't clear the update_mask in fd_insert. Clearing the update_mask bit in fd_insert may lead to duplicate insertion of fd in fd_updt, that could lead to a wr

[MINOR][PATCH] Fix segfault when trying to use seemless reload with at least an interface bound

uld fix it. Regards, Olivier >From b249119e571a1b5c597819701e5ec6f7d4525cf8 Mon Sep 17 00:00:00 2001 From: Olivier Houchard Date: Thu, 15 Mar 2018 17:48:49 +0100 Subject: [PATCH] MINOR: seemless reload: Fix crash when an interface is specified. When doing a seemless reload, while receiving t

Re: cppcheck finding

27; to itself. > > > > is it in purpose ? > > I suspect it's a mistake and that it was meant to be xfer_sock->prev instead. > CCing Olivier to double-check. > Oops, you're right, good catch ! The attached patch should fix it. Regards, Olivier >From 32b505d609

Re: haproxy 1.8 ssl backend server leads to server session aborts

remove some gotos and would leave the main > part after all error handling. > I'm not sure I get that part. I don't mind one way or another, but I don't understand how it would remove gotos. > BTW this makes me realize that your inverted condition above seems wrong >

Re: haproxy 1.8 ssl backend server leads to server session aborts

Hi Emmanuel, On Tue, Feb 13, 2018 at 05:40:00PM +0100, Emmanuel Hocdet wrote: > Hi Olivier > > > Le 13 févr. 2018 à 15:27, Olivier Houchard a écrit : > > > > Thanks a lot for the detailed analyze, and sorry for the late answer. > > You're probably right, SSL

Re: haproxy 1.8 ssl backend server leads to server session aborts

nks a lot for the detailed analyze, and sorry for the late answer. You're probably right, SSL_ERROR_SYSCALL shouldn't be treated as an unrecoverable error. So, what you basically did was something equivalent to the patch attached ? Thanks a lot ! Olivier >From b423f94273be2c7040ce0861bd4a2

[PATCH] Fix build when compiling without threads traffic

Hi, Commit 1605c7ae6154d8c2cfcf3b325872b1a7266c5bc2 broke building haproxy without threads support. The attached patch should fix it. Regards, Olivier >From 17e4494874b4a75da039f06f00f668d413038283 Mon Sep 17 00:00:00 2001 From: Olivier Houchard Date: Wed, 24 Jan 2018 15:41:04 +0100 Subj

Re: Warnings when using dynamic cookies and server-template

Hi William, On Mon, Jan 22, 2018 at 08:03:55PM +0100, William Dauchy wrote: > Hello Olivier, > > On Wed, Jan 17, 2018 at 05:43:02PM +0100, Olivier Houchard wrote: > > Ok you got me convinced, the attached patch don't check for duplicate > > cookies for disabled se

Re: Warnings when using dynamic cookies and server-template

On Wed, Jan 17, 2018 at 04:42:01PM +0100, Pierre Cheynier wrote: > On 17/01/2018 15:56, Olivier Houchard wrote: > > > >> So, as a conclusion, I'm just not sure that producing this warning is > >> relevant in case the IP is duplicated for several servers *if they ar

Re: Warnings when using dynamic cookies and server-template

On Wed, Jan 17, 2018 at 02:25:59PM +0100, Pierre Cheynier wrote: > Hi, > > On 16/01/2018 18:48, Olivier Houchard wrote: > > > > Not really :) That's not a case I thought of. > > The attached patch disables the generation of the dynamic cookie if the IP > >

Re: Warnings when using dynamic cookies and server-template

Hi Pierre, On Tue, Jan 16, 2018 at 06:08:40PM +0100, Pierre Cheynier wrote: > Hi Olivier, > > > On 16/01/2018 15:43, Olivier Houchard wrote: > > I'm not so sure about this. > > It won't be checked again when server are enabled, so you won't get the >

Re: Warnings when using dynamic cookies and server-template

Hi Pierre, On Mon, Jan 15, 2018 at 06:45:52PM +0100, Pierre Cheynier wrote: > Hello, > > We started to use the server-template approach in which you basically > provision servers in backends using a "check disabled" state, then > re-enabling them using the Runtime API. > > I recently noticed tha

Re: [PATCH] dns: Handle SRV record weights correctly

Hi, On Tue, Jan 09, 2018 at 03:28:22PM +0100, Olivier Houchard wrote: > Hi Willy, > > On Tue, Jan 09, 2018 at 03:17:24PM +0100, Willy Tarreau wrote: > > Hi Olivier, > > > > On Mon, Jan 08, 2018 at 04:35:35PM +0100, Olivier Houchard wrote: > > > Hi, > &g

Re: [PATCH] dns: Handle SRV record weights correctly

Hi Willy, On Tue, Jan 09, 2018 at 03:17:24PM +0100, Willy Tarreau wrote: > Hi Olivier, > > On Mon, Jan 08, 2018 at 04:35:35PM +0100, Olivier Houchard wrote: > > Hi, > > > > The attached patch attempts to map SRV record weight to haproxy weight > > correctly, &g

[PATCH] dns: Handle SRV record weights correctly

, Olivier >From 8e8ab23223274ac75fdf1cfe2847337133fd59d2 Mon Sep 17 00:00:00 2001 From: Olivier Houchard Date: Mon, 8 Jan 2018 16:28:57 +0100 Subject: [PATCH] MINOR: Handle SRV record weight correctly. A SRV record weight can range from 0 to 65535, while haproxy weight goes from 0 to 255,

[PATCH] Remove rbtree.[ch]

Hi guys, The rbtree implementation as found in haproxy, is currently unused, and has been for quite some time. I don't think we will need it again, so the attached patch just removes it. Regards, Olivier >From 4ce3bce732fd816a835e4896646f260f0b7e6e7c Mon Sep 17 00:00:00 2001 From:

Re: Segfault with 1.8.0 build (RHEL5, old gcc).

Hi Christopher, On Wed, Dec 06, 2017 at 05:34:15PM -0800, Christopher Lane wrote: > On Mon, Dec 4, 2017 at 11:56 AM, Christopher Lane > wrote: > > > > > > > > On Mon, Dec 4, 2017 at 4:22 AM Lukas Tribus wrote: > > > >>Hello Christopher, > > > > > >>2017-12-01 20:59 GMT+01:00 Christopher Lane : >

Re: Segfault with 1.8.0 build (RHEL5, old gcc).

ur issue ? Thanks a lot ! Olivier >From 5236a1a4ac19cc27c6f06d328b2df0c4cdfe220c Mon Sep 17 00:00:00 2001 From: Olivier Houchard Date: Fri, 1 Dec 2017 22:04:05 +0100 Subject: [PATCH] MINOR: checks: Be sure we have a mux if we created a cs. In connect_conn_chk(), there were one case we coul

[PATCH] Make thread affinity work on FreeBSD

Hi, The attached patch makes the call to pthread_setaffinity_np() work on FreeBSD. Regards, Olivier >From fc204ac3d7f9323b6583465ff5b42a0cfa46b8b1 Mon Sep 17 00:00:00 2001 From: Olivier Houchard Date: Fri, 1 Dec 2017 18:19:43 +0100 Subject: [PATCH] MINOR: threads: Fix pthread_setaffinity

Re: [PATCH] BUG/MINOR: ssl: fix CO_FL_EARLY_DATA removal with http mode

On Thu, Nov 30, 2017 at 03:32:20PM +0100, Emmanuel Hocdet wrote: > > > Le 30 nov. 2017 à 13:34, Olivier Houchard a écrit : > > > > Hi Emmanuel, > > > > On Thu, Nov 30, 2017 at 12:15:37PM +0100, Emmanuel Hocdet wrote: > >> Hi Olivier, > >>

Re: [PATCH] BUG/MINOR: ssl: fix CO_FL_EARLY_DATA removal with http mode

Hi Emmanuel, On Thu, Nov 30, 2017 at 12:15:37PM +0100, Emmanuel Hocdet wrote: > Hi Olivier, > > > Le 29 nov. 2017 à 19:57, Olivier Houchard a écrit : > > > > On Mon, Nov 27, 2017 at 06:19:41PM +0100, Emmanuel Hocdet wrote: > >>> Maybe the best

Re: [PATCH] BUG/MINOR: ssl: fix CO_FL_EARLY_DATA removal with http mode

e me a case where we have a need a sample fetch to know there were early data, even after the handshake, maybe we can introduce a new sample fetch, ssl_fc_has_insecure_early, or something ? Regards, Olivier >From bda3b7800677184ea19fb81f75f9a9b44c79efeb Mon Sep 17 00:00:00 2001 From: Olivier Ho

Re: [PATCH] BUG/MINOR: ssl: fix CO_FL_EARLY_DATA removal with http mode

Hi Emmanuel, On Mon, Nov 27, 2017 at 05:17:54PM +0100, Emmanuel Hocdet wrote: > > Hi, > > This patch fix CO_FL_EARLY_DATA removal to have correct ssl_fc_has_early > reporting. It work for 'mode http'. > > It does not fix ssl_fc_has_early for 'mode tcp'. In this mode CO_FL_EARLY_DATA > should no

[PATCH] Rename the global variable "proxy" to "proxies_list" replace-header

ainly come back to bite us at some point. Regards, Olivier >From da26886c44f7bd9dff656c43498664fb3518775d Mon Sep 17 00:00:00 2001 From: Olivier Houchard Date: Fri, 24 Nov 2017 16:54:05 +0100 Subject: [PATCH] MINOR/CLEANUP: proxy: rename "proxy" to "proxies_list" Rename the g

Re: [PATCH] MINOR: ssl: Handle early data with BoringSSL

Hi Willy, On Thu, Nov 23, 2017 at 07:44:13PM +0100, Willy Tarreau wrote: > On Thu, Nov 23, 2017 at 04:16:39PM +0100, Emmanuel Hocdet wrote: > > > > simplify patch: > > no need to bypass post SSL_do_handshake process, only remove > > CO_FL_EARLY_SSL_HS > > when handshake can't support early data.

[PATCH] ssl/mux: Handle early data with multiple streams

rom cdb181d78466a1ce2be2b8b621231ba2086f4979 Mon Sep 17 00:00:00 2001 From: Olivier Houchard Date: Thu, 23 Nov 2017 18:21:29 +0100 Subject: [PATCH 1/2] MINOR: ssl: Handle reading early data after writing better. It can happen that we want to read early data, write some, and then continue reading them. To do so, we ca

Re: [PATCH] do the handshake if we can't send early data

On Wed, Nov 22, 2017 at 05:42:42PM +0100, Olivier Houchard wrote: > Hi, > > We mistakely only try to go back to the SSL handshake when not able to send > early data if we're acting as a client, that is wrong, and leads to an > infinite loop if it happens on the server side.

[PATCH] do the handshake if we can't send early data

>From 2c011f4bfa515495c47c2495510ee01b199d4a26 Mon Sep 17 00:00:00 2001 From: Olivier Houchard Date: Wed, 22 Nov 2017 17:38:37 +0100 Subject: [PATCH] BUG/MINOR: ssl: Always start the handshake if we can't send early data. The current code only tries to do the handshake in case we can't send early data if we're actin

[PATCHES] Fix TLS 1.3 session resumption, and 0RTT with threads.

ad is used. Regards, Olivier >From e32a831c1cbff1fcfb66565273ec98052f3a7f79 Mon Sep 17 00:00:00 2001 From: Olivier Houchard Date: Thu, 16 Nov 2017 17:42:52 +0100 Subject: [PATCH 1/2] MINOR: SSL: Store the ASN1 representation of client sessions. Instead of storing the SSL_SESSION pointer di

Re: [PATCH] Fix SRV records again

On Mon, Nov 06, 2017 at 03:19:25PM +0100, Olivier Houchard wrote: > Hi, > > The attached patch fixes a locking issue that prevented SRV records from > working. > > Regards, > > Olivier > And another one, that fix a deadlock that occurs when checks trigger DNs res

[PATCH] Fix SRV records again

Hi, The attached patch fixes a locking issue that prevented SRV records from working. Regards, Olivier >From 109dfc4075132881d4330f26d437dc8725a608dd Mon Sep 17 00:00:00 2001 From: Olivier Houchard Date: Mon, 6 Nov 2017 15:15:04 +0100 Subject: [PATCH] BUG/MINOR: dns: Don't try to

[PATCHES] TLS 1.3 session resumption and early data to servers

Olivier >From 7db328b4e5028a80c9817049108f5625513a87e8 Mon Sep 17 00:00:00 2001 From: Olivier Houchard Date: Thu, 2 Nov 2017 19:04:38 +0100 Subject: [PATCH 1/4] BUG/MINOR; ssl: Don't assume we have a ssl_bind_conf because a SNI is matched. We only have a ssl_bind_conf if crt-list is used, however we can still match a ce

[PATCH] Fix SRV records again

001 From: Olivier Houchard Date: Tue, 31 Oct 2017 15:21:19 +0100 Subject: [PATCH] BUG/MINOR: dns: Fix SRV records with the new thread code. srv_set_fqdn() may be called with the DNS lock already held, but tries to lock it anyway. So, add a new parameter to let it know if it was already locked or

Re: [PATCHES][ssl] Add 0-RTT support with OpenSSL 1.1.1

On Fri, Oct 27, 2017 at 03:54:27PM +0200, Emmanuel Hocdet wrote: > > > Le 27 oct. 2017 à 15:02, Olivier Houchard a écrit : > > > > The attached patch does use the ssl_conf, instead of abusing ssl_options. > > I also added a new field in global_ssl, I wasn't so

Re: [PATCHES][ssl] Add 0-RTT support with OpenSSL 1.1.1

Hi, On Fri, Oct 27, 2017 at 12:45:36PM +0200, Olivier Houchard wrote: > On Fri, Oct 27, 2017 at 12:36:31PM +0200, Emmanuel Hocdet wrote: > > > > > Le 27 oct. 2017 ?? 11:22, Emmanuel Hocdet a ??crit : > > > > > > Hi Olivier > > > > &g

Re: [PATCHES][ssl] Add 0-RTT support with OpenSSL 1.1.1

On Fri, Oct 27, 2017 at 12:36:31PM +0200, Emmanuel Hocdet wrote: > > > Le 27 oct. 2017 ?? 11:22, Emmanuel Hocdet a ??crit : > > > > Hi Olivier > > > >> Le 27 oct. 2017 ?? 01:08, Olivier Houchard a > >> ??crit : > >> > >> Hi,

Re: [PATCHES][ssl] Add 0-RTT support with OpenSSL 1.1.1

On Fri, Oct 27, 2017 at 11:22:15AM +0200, Emmanuel Hocdet wrote: > Hi Olivier > > > Le 27 oct. 2017 ?? 01:08, Olivier Houchard a ??crit > > : > > > > Hi, > > > > You'll find attached updated patches, rebased on the latest master, and on > >

Re: [PATCHES][ssl] Add 0-RTT support with OpenSSL 1.1.1

eg) { #if (!defined SSL_NO_GENERATE_CERTIFICATES) - SSL_CTX *ctx; - if (s->generate_certs && - (ctx = ssl_sock_generate_certificate(servername, s, ssl))) { - /* switch ctx */ + if (s->generate_certs &&

Re: [PATCH] support Openssl 1.1.1 early callback API for HS

Hi Emmanuel, On Wed, Oct 25, 2017 at 02:37:58PM +0200, Emmanuel Hocdet wrote: > Hi, > > . patches serie rebase from master > . update openssl 1.1.1 api calls with new early callback name > (https://www.openssl.org/docs/manmaster/man3/SSL_CTX_set_client_hello_cb.html >

Re: [PATCH] MINOR: server: missing chunck allocation in srv_update_status()

On Tue, Oct 24, 2017 at 07:12:15PM +0200, Olivier Houchard wrote: > On Tue, Oct 24, 2017 at 05:37:42PM +0200, Baptiste wrote: > > Hi, > > > > While testing Christopher's DNS "thread-safe" code, I found a bug in > > srv_update_status following a recent upd

[PATCH] MINOR: Fix checks when connect_conn_chk() fails srv_update_status()

17 00:00:00 2001 From: Olivier Houchard Date: Tue, 24 Oct 2017 19:03:30 +0200 Subject: [PATCH 2/2] BUG/MINOR: checks: Don't forget to release the connection on error case. When switching the check code to a non-permanent connection, the new code forgot to free the connection if an error hap

Re: [PATCH] MINOR: server: missing chunck allocation in srv_update_status()

On Tue, Oct 24, 2017 at 05:37:42PM +0200, Baptiste wrote: > Hi, > > While testing Christopher's DNS "thread-safe" code, I found a bug in > srv_update_status following a recent update (related to threads too). > > The patch is in attachment. Ah you beat me at it ! I ran in the exact same issue.

[PATCH] Reset a few more counters on "clear counters"

rom: Olivier Houchard Date: Tue, 17 Oct 2017 19:23:25 +0200 Subject: [PATCH] MINOR: stats: Clear a bit more counters with in cli_parse_clear_counters(). Clear MaxSslRate, SslFrontendMaxKeyRate and SslBackendMaxKeyRate when clear counters is used, it was probably forgotten when those counters were ad

[PATCH] checks: Add a keyword to specify the SNI in health checks

Hi, The attached patch adds a new keyword to servers, "check-sni", that lets you specify which SNI to use when doing health checks over SSL. Regards, Olivier >From 24779f0985041f4e680855d453a4bc5d096756f9 Mon Sep 17 00:00:00 2001 From: Olivier Houchard Date: Tue, 17 Oct 2017 1

[PATCH] Properly handle weight increase with consistent weight

needed. Regards, Olivier >From a8d290e08d4820fe5058ba00fd4ef762e562cb69 Mon Sep 17 00:00:00 2001 From: Olivier Houchard Date: Tue, 17 Oct 2017 15:52:59 +0200 Subject: [PATCH] MINOR: server: Handle weight increase in consistent hash. When the server weight is rised using the CLI, extra nodes have

Re: Reload takes about 3 minutes

Hi Joel, On Fri, Oct 13, 2017 at 03:22:56PM +0200, Joel W Kall wrote: > Got some results from strace. Running the reload with sudo takes about 3 > minutes and shows that it spends most of the time on: > > 14:39:38.077925 poll([{fd=6, events=POLLIN}], 1, -1) = ? > ERESTART_RESTARTBLOCK (Interrupte

Re: [PATCHES][ssl] Add 0-RTT support with OpenSSL 1.1.1

Hi Igor, On Tue, Oct 03, 2017 at 12:06:05AM +0800, Igor Pav wrote: > It's excited, does server line(client side) support 0-rtt? > Unfortunately, it does not yet. I'm investigating adding it. Regards, Olivier > On Mon, Oct 2, 2017 at 11:18 PM, Olivier Houchard > wrot

[PATCHES][ssl] Add 0-RTT support with OpenSSL 1.1.1

(!node || container_of(node, struct sni_ctx, name)->neg) { #if (!defined SSL_NO_GENERATE_CERTIFICATES) - SSL_CTX *ctx; - if (s->generate_certs && - (ctx = ssl_sock_generate_certificate(servername, s, ssl))) { - /* switch ctx

[PATCH][MINOR] Inline functions in common/net_helper.h

001 From: Olivier Houchard Date: Wed, 13 Sep 2017 11:49:22 +0200 Subject: [PATCH] MINOR: net_helper: Inline functions meant to be inlined. --- include/common/net_helper.h | 12 ++-- 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/include/common/net_helper.h b/include/common/net_

Re: FreeBSD CPU Affinity

On Thu, Aug 17, 2017 at 04:27:55PM +0300, Dmitry Sivachenko wrote: > > > On 16 Aug 2017, at 18:32, Olivier Houchard wrote: > > > > > > > > I think I know what's going on. > > Can you try the attached patch ? > > > > Thanks ! > &g

Re: FreeBSD CPU Affinity

On Wed, Aug 16, 2017 at 11:43:30AM -0400, Mark Staudinger wrote: > On Wed, 16 Aug 2017 11:32:01 -0400, Olivier Houchard > wrote: > > > On Wed, Aug 16, 2017 at 11:28:52AM -0400, Mark Staudinger wrote: > > > On Wed, 16 Aug 2017 10:47:32 -0400, Dmitry Sivac

Re: FreeBSD CPU Affinity

check for cpuset_setaffinity() and log > > possible error? > > Output of from truss on starup yields this: > > 3862: cpuset_setaffinity(0x3,0x2,0x,0x8,0x773dd0) ERR#34 > 'Result too large' > 3863: cpuset_setaffinity(0x3,0x2,0x,0

[PATCH][MINOR] rename the raw socket constructor

Sep 17 00:00:00 2001 From: Olivier Houchard Date: Mon, 14 Aug 2017 15:59:44 +0200 Subject: [PATCH] MINOR: Use a better name for the constructor than __ssl_sock_deinit() --- src/raw_sock.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/raw_sock.c b/src/raw_sock.c in

Re: [PATCHES] SRV record support

Hi, After some review and tests by Baptiste, here comes an updated patchset, with a few bugfixes. This one is probably mergeable. Regards, Olivier >From 1b408464590fea38d8a45b2b7fed5c615465a858 Mon Sep 17 00:00:00 2001 From: Olivier Houchard Date: Thu, 6 Jul 2017 18:46:47 +0200 Subj

Re: [PATCHES] SRV record support

Hi, On Fri, Aug 04, 2017 at 09:18:30PM +0200, Willy Tarreau wrote: > Just a few questions and minor comments below : > > On Fri, Aug 04, 2017 at 06:49:43PM +0200, Olivier Houchard wrote: > > This also adds support for SRV records. To use them, simply use a SRV label > > ins

[PATCHES] SRV record support

rs in the haproxy config. Any testing would be greatly appreciated. Regards, Olivier >From 1b408464590fea38d8a45b2b7fed5c615465a858 Mon Sep 17 00:00:00 2001 From: Olivier Houchard Date: Thu, 6 Jul 2017 18:46:47 +0200 Subject: [PATCH 1/4] MINOR: dns: Cache previous DNS answers. As DNS servers may

Minor bugfix

Hi guys, The attached patch fixes a potential use after free, if for some reason we failed to get the address of a transfered socket. It should be fairly safe to apply. Regards, Olivier >From 6fa0e381b38d3a9a3d29e59cbcca34fb1d375e3e Mon Sep 17 00:00:00 2001 From: Olivier Houchard Date: Mon,

Re: [RFC][PATCHES] seamless reload

Hi Pavlos, On Sun, May 07, 2017 at 12:05:28AM +0200, Pavlos Parissis wrote: [...] > Ignore ignore what I wrote, I am an idiot I am an idiot as I forgot the most > important bit of the test, to enable the seamless reload by suppling the > HAPROXY_STATS_SOCKET environment variable:-( > > I added to

Re: [RFC][PATCHES] seamless reload

On Thu, May 04, 2017 at 10:03:07AM +, Pierre Cheynier wrote: > Hi Olivier, > > Many thanks for that ! As you know, we are very interested on this topic. > We'll test your patches soon for sure. > > Pierre Hi Pierre :) Thanks ! I'm very interested in knowing how well it works for you. Maybe

[PATCH] minor harmless bugfix in server_parse_sni_expr

p 17 00:00:00 2001 From: Olivier Houchard Date: Thu, 20 Apr 2017 18:21:17 +0200 Subject: [PATCH] MINOR: server: don't use "proxy" when px is really meant. In server_parse_sni_expr(), we use the "proxy" global variable, when we should probably be using "px" give

[PATCH] Fix haproxy hangs on FreeBSD >= 11

rom 163be439a8bc6e5aa1cf3fea0f086d518ddad0a9 Mon Sep 17 00:00:00 2001 From: Olivier Houchard Date: Wed, 19 Apr 2017 11:34:10 +0200 Subject: [PATCH] BUG/MAJOR: Use -fwrapv. Haproxy relies on signed integer wraparound on overflow, however this is really an undefined behavior, so the C compiler is allowed to do whatever it wa

Re: [RFC][PATCHES] seamless reload

On Wed, Apr 19, 2017 at 09:58:27AM +0200, Pavlos Parissis wrote: > On 13/04/2017 06:18 μμ, Olivier Houchard wrote: > > On Thu, Apr 13, 2017 at 06:00:59PM +0200, Conrad Hoffmann wrote: > >> On 04/13/2017 05:10 PM, Olivier Houchard wrote: > >>> On Thu, Apr 13, 20

Re: [RFC][PATCHES] seamless reload

On Thu, Apr 13, 2017 at 06:00:59PM +0200, Conrad Hoffmann wrote: > On 04/13/2017 05:10 PM, Olivier Houchard wrote: > > On Thu, Apr 13, 2017 at 04:59:26PM +0200, Conrad Hoffmann wrote: > >> Sure, here it is ;P > >> > >> I now get a segfault (on reload): >

Re: [RFC][PATCHES] seamless reload

art_proxies (verbose=0) at src/proxy.c:793 > #8 0x004091ec in main (argc=21, argv=0x7ffccc775168) at > src/haproxy.c:1942 Ok, yet another stupid mistake, hopefully the attached patch fixes this :) Thanks ! Olivier >From 7c7fe0c00129d60617cba786cbec7bbdd9ce08f8 Mon Sep 17 00:00

Re: [RFC][PATCHES] seamless reload

On Thu, Apr 13, 2017 at 03:06:47PM +0200, Conrad Hoffmann wrote: > > > On 04/13/2017 02:28 PM, Olivier Houchard wrote: > > On Thu, Apr 13, 2017 at 12:59:38PM +0200, Conrad Hoffmann wrote: > >> On 04/13/2017 11:31 AM, Olivier Houchard wrote: > >>> On Thu, Apr

Re: [RFC][PATCHES] seamless reload

On Thu, Apr 13, 2017 at 12:59:38PM +0200, Conrad Hoffmann wrote: > On 04/13/2017 11:31 AM, Olivier Houchard wrote: > > On Thu, Apr 13, 2017 at 11:17:45AM +0200, Conrad Hoffmann wrote: > >> Hi Olivier, > >> > >> On 04/12/2017 06:09 PM, Olivier Houchard wrote:

Re: [RFC][PATCHES] seamless reload

On Thu, Apr 13, 2017 at 11:17:45AM +0200, Conrad Hoffmann wrote: > Hi Olivier, > > On 04/12/2017 06:09 PM, Olivier Houchard wrote: > > On Wed, Apr 12, 2017 at 05:50:54PM +0200, Olivier Houchard wrote: > >> On Wed, Apr 12, 2017 at 05:30:17PM +0200, Conrad Hoffma

Re: [RFC][PATCHES] seamless reload

On Wed, Apr 12, 2017 at 11:19:37AM -0700, Steven Davidovitz wrote: > I had a problem testing it on Mac OS X, because cmsghdr is aligned to 4 > bytes. I changed the CMSG_ALIGN(sizeof(struct cmsghdr)) call to CMSG_LEN(0) > to fix it. > Oh right, I'll change that. Thanks a lot ! Olivier

Re: [RFC][PATCHES] seamless reload

vier >From 7dc2432f3a7c4a9e9531adafa4524a199e394f90 Mon Sep 17 00:00:00 2001 From: Olivier Houchard Date: Wed, 12 Apr 2017 19:32:15 +0200 Subject: [PATCH 10/10] MINOR: tcp: Attempt to reset TCP_MAXSEG when reusing a socket. Guess the default value for TCP_MAXSEG by binding a temporary TCP socke

Re: [RFC][PATCHES] seamless reload

On Wed, Apr 12, 2017 at 05:50:54PM +0200, Olivier Houchard wrote: > On Wed, Apr 12, 2017 at 05:30:17PM +0200, Conrad Hoffmann wrote: > > Hi again, > > > > so I tried to get this to work, but didn't manage yet. I also don't quite > > understand how this i

Re: [RFC][PATCHES] seamless reload

On Wed, Apr 12, 2017 at 05:30:17PM +0200, Conrad Hoffmann wrote: > Hi again, > > so I tried to get this to work, but didn't manage yet. I also don't quite > understand how this is supposed to work. The first haproxy process is > started _without_ the -x option, is that correct? Where does that ins

Re: [RFC][PATCHES] seamless reload

On Wed, Apr 12, 2017 at 05:30:17PM +0200, Conrad Hoffmann wrote: > Hi again, > > so I tried to get this to work, but didn't manage yet. I also don't quite > understand how this is supposed to work. The first haproxy process is > started _without_ the -x option, is that correct? Where does that ins

Re: [RFC][PATCHES] seamless reload

_argc + nb_pid + 1 + (stats_socket != NULL ? 2 : 0), sizeof(char *)); Regards, Olivier >From 526dca943b9cc89732c54bc43a6ce36e17b67890 Mon Sep 17 00:00:00 2001 From: Olivier Houchard Date: Sun, 9 Apr 2017 16:28:10 +0200 Subject: [PATCH 7/9] MINOR: systemd wrapper: add s

Re: [RFC][PATCHES] seamless reload

On Tue, Apr 11, 2017 at 08:16:48PM +0200, Willy Tarreau wrote: > Hi guys, > > On Mon, Apr 10, 2017 at 11:08:56PM +0200, Pavlos Parissis wrote: > > IMHO: a better name would be 'stats nounsedsockets', as it is referring to a > > generic functionality of UNIX stats socket, rather to a very specific

Re: [RFC][PATCHES] seamless reload

On Tue, Apr 11, 2017 at 01:23:42PM +0200, Pavlos Parissis wrote: > On 10/04/2017 11:52 μμ, Olivier Houchard wrote: > > On Mon, Apr 10, 2017 at 11:08:56PM +0200, Pavlos Parissis wrote: > >> On 10/04/2017 08:09 , Olivier Houchard wrote: > >>> > >>> Hi, &

Re: [RFC][PATCHES] seamless reload

On Mon, Apr 10, 2017 at 11:08:56PM +0200, Pavlos Parissis wrote: > On 10/04/2017 08:09 ????, Olivier Houchard wrote: > > > > Hi, > > > > On top of those patches, here a 3 more patches. > > The first one makes the systemd wrapper check for a HAPROXY_STATS_SOCKET

Re: [RFC][PATCHES] seamless reload

On Mon, Apr 10, 2017 at 10:49:21PM +0200, Pavlos Parissis wrote: > On 07/04/2017 11:17 ????, Olivier Houchard wrote: > > On Fri, Apr 07, 2017 at 09:58:57PM +0200, Pavlos Parissis wrote: > >> On 06/04/2017 04:57 , Olivier Houchard wrote: > >>> On Thu, Apr 06, 20

<    1   2   3   >