Hi Igor,
On Mon, Jun 04, 2018 at 03:18:02PM +0300, Igor Batkanov wrote:
> Hello!
> I've tried to create haproxy 1.8.9 RPM package using rpmbuild and got the
> folowing error: error: 'all_threads_mask' undeclared (first use in this
> function)
>
This is a problem when building haproxy without
, but clang certainly does.
Instead of using a static variable, I think merely adding a cast is better,
as attached. What do you think ?
Regards,
Olivier
>From 08bdd8e3b27afdd5101843f23edd337166c87159 Mon Sep 17 00:00:00 2001
From: Olivier Houchard
Date: Fri, 1 Jun 2018 14:32:39 +0200
Subject:
.
>
Oops you're right indeed. There's a bug in the pollers revamp that has been
done recently.
The attached patch should fix it.
Thanks for reporting !
Olivier
>From 837f376310b3077740289bc2ced1a0a97a1f964f Mon Sep 17 00:00:00 2001
From: Olivier Houchard
Date: Tue, 29 May 2018 14:42:2
>From f47ca20747c1cfc7b9e6413afe9c8819a84e485a Mon Sep 17 00:00:00 2001
From: Olivier Houchard <ohouch...@haproxy.com>
Date: Mon, 28 May 2018 13:51:06 +0200
Subject: [PATCH 1/3] BUG/MEDIUM: tasks: Don't forget to increase/decrease
tasks_run_queue.
Don't forget to increase tasks_run_queue w
Hi Pieter,
On Tue, May 22, 2018 at 09:00:24PM +0200, PiBa-NL wrote:
> Hi Olivier,
>
> Op 22-5-2018 om 18:46 schreef Olivier Houchard:
> > Hi Pieter,
> >
> > Does the attached patch fix it for you ? It's been generated from master,
> > but will probably apply aga
, you did most of the work :)
I think I understand what is going on, and it's ugly as hell.
Does the attached patch fix it for you ? It's been generated from master,
but will probably apply against 1.8 as well.
Thanks !
Olivier
>From b938f86e1fe51e95adc73f9e583dd225f5ecf88d Mon Sep 17 00:0
On Fri, May 11, 2018 at 02:09:43PM +0200, Willy Tarreau wrote:
> Hi guys,
>
> On Fri, May 11, 2018 at 01:57:10PM +0200, Olivier Houchard wrote:
> > Hi Pieter,
> >
> > On Thu, May 10, 2018 at 01:12:40AM +0200, PiBa-NL wrote:
> > > Hi Olivier,
> > >
Hi Pieter,
On Thu, May 10, 2018 at 01:12:40AM +0200, PiBa-NL wrote:
> Hi Olivier,
>
> Please take a look at attached patch. When adding 2 fd's the second
> overwrote the first one.
> Tagged it medium as haproxy just didn't work at all. (with kqueue.). Though
> it could perhaps also be minor, as
be, backported, so a different patch, similar in spirit, will be developed.
Regards,
Olivier
>From 7ae6ae7215984deb4487391201e3b0f99a072c4b Mon Sep 17 00:00:00 2001
From: Olivier Houchard <ohouch...@haproxy.com>
Date: Wed, 25 Apr 2018 15:10:30 +0200
Subject: [PATCH 1/4] MINOR: fd: Make the lo
crash anymore with that change. But i'm not sure
> if now its leaking memory instead for some cases.. Is there a easy way to
> check?
>
> Regards,
> PiBa-NL (Pieter)
>
Thanks a lot for the detailed analysis. That seems spot on.
We decided to do something a bit different than your proposed f
Hi Pavlos,
On Thu, May 03, 2018 at 12:45:42PM +0200, Pavlos Parissis wrote:
> Hi,
>
> Linux kernel version 4.14 adds support for zero-copy from user memory to TCP
> sockets by setting
> MSG_ZEROCOPY flag. This is for the sending side of the socket, for the
> receiving side of the socket
> we
Hi again,
On Tue, Apr 17, 2018 at 01:07:49PM +0200, Olivier Houchard wrote:
[...]
> We only need one to prevent kevent() from trying to scanning the kqueue, so
> only setting kev[0] should be enough. It's inside an #ifdef because
> EV_RECEIPT was only implemented recently in OpenBSD, so
Hi Pieter,
On Mon, Apr 16, 2018 at 10:41:48PM +0200, PiBa-NL wrote:
> Hi Olivier,
>
> Op 16-4-2018 om 17:09 schreef Olivier Houchard:
> > After some discussion with Willy, we came with a solution that may fix your
> > problem with kqueue.
> > Can you test the att
Hi,
On Mon, Apr 16, 2018 at 03:37:34PM +0200, Olivier Houchard wrote:
> Hi Pieter,
>
> On Fri, Apr 13, 2018 at 06:50:50AM +, Pi Ba wrote:
> > Using poll (startup with -dk) the request works properly.
>
> After some discussion with Willy, we came with a solution that m
you ?
Thanks !
Olivier
>From 3c0a505e5f163989239ffb5267ddf7c1ed549fb9 Mon Sep 17 00:00:00 2001
From: Olivier Houchard <ohouch...@haproxy.com>
Date: Mon, 16 Apr 2018 13:24:48 +0200
Subject: [PATCH] BUG/MEDIUM: When adding new events, provide an output to get
errors.
When adding new events
Hi Praveen,
On Fri, Apr 13, 2018 at 02:03:47PM +, UPPALAPATI, PRAVEEN wrote:
> Hi Oliver,
>
> The crash got fixed with the patch you provided before.
>
> Do you thing the latest patch will be the right solution?
>
> Thanks,
> Praveen.
>
It should be fine.
Regards,
Olivier
the point of currently preventing us from using H2 on the backend, and
> that's exactly why we're currently working on it.
Ok, here is a patch that does exactly what you suggest. I'm not entirely
happy with it, but it'll do the job, as a stopgap. I want this crash
fixed :)
Olivier
>From
Hi Willy,
On Thu, Apr 12, 2018 at 08:53:51AM +0200, Willy Tarreau wrote:
> Hi Olivier,
>
> On Wed, Apr 11, 2018 at 05:29:15PM +0200, Olivier Houchard wrote:
> > From 7c9f06727cf60acf873353ac71283ff9c562aeee Mon Sep 17 00:00:00 2001
> > From: Olivier Houchard <ohouch...@ha
ne with 1.7.x
> version.
>
It's related to changes we made in the architecture in 1.8.
The attached patch should fix it. It was made for master, but should apply to
1.8 as well.
Thanks for reporting !
Olivier
>From 7c9f06727cf60acf873353ac71283ff9c562aeee Mon Sep 17 00:00:00 2001
From:
uld fix it.
Regards,
Olivier
>From b249119e571a1b5c597819701e5ec6f7d4525cf8 Mon Sep 17 00:00:00 2001
From: Olivier Houchard <ohouch...@haproxy.com>
Date: Thu, 15 Mar 2018 17:48:49 +0100
Subject: [PATCH] MINOR: seemless reload: Fix crash when an interface is
specified.
When doing a see
elf.
> >
> > is it in purpose ?
>
> I suspect it's a mistake and that it was meant to be xfer_sock->prev instead.
> CCing Olivier to double-check.
>
Oops, you're right, good catch !
The attached patch should fix it.
Regards,
Olivier
>From 32b505d6093bad96eb4a65272bd
all error handling.
>
I'm not sure I get that part. I don't mind one way or another, but I don't
understand how it would remove gotos.
> BTW this makes me realize that your inverted condition above seems wrong
> (|| instead of &&).
>
Oops, that is true, those things are too compl
Hi Emmanuel,
On Tue, Feb 13, 2018 at 05:40:00PM +0100, Emmanuel Hocdet wrote:
> Hi Olivier
>
> > Le 13 févr. 2018 à 15:27, Olivier Houchard <ohouch...@haproxy.com> a écrit :
> >
> > Thanks a lot for the detailed analyze, and sorry for the late ans
for the detailed analyze, and sorry for the late answer.
You're probably right, SSL_ERROR_SYSCALL shouldn't be treated as an
unrecoverable error.
So, what you basically did was something equivalent to the patch attached ?
Thanks a lot !
Olivier
>From b423f94273be2c7040ce0861bd4a21617b4c5c2b Mon
Hi,
Commit 1605c7ae6154d8c2cfcf3b325872b1a7266c5bc2 broke building haproxy
without threads support. The attached patch should fix it.
Regards,
Olivier
>From 17e4494874b4a75da039f06f00f668d413038283 Mon Sep 17 00:00:00 2001
From: Olivier Houchard <ohouch...@haproxy.com>
Date: Wed, 24 Ja
Hi William,
On Mon, Jan 22, 2018 at 08:03:55PM +0100, William Dauchy wrote:
> Hello Olivier,
>
> On Wed, Jan 17, 2018 at 05:43:02PM +0100, Olivier Houchard wrote:
> > Ok you got me convinced, the attached patch don't check for duplicate
> > cookies for disabled server,
On Wed, Jan 17, 2018 at 04:42:01PM +0100, Pierre Cheynier wrote:
> On 17/01/2018 15:56, Olivier Houchard wrote:
> >
> >> So, as a conclusion, I'm just not sure that producing this warning is
> >> relevant in case the IP is duplicated for several servers *if they are
>
On Wed, Jan 17, 2018 at 02:25:59PM +0100, Pierre Cheynier wrote:
> Hi,
>
> On 16/01/2018 18:48, Olivier Houchard wrote:
> >
> > Not really :) That's not a case I thought of.
> > The attached patch disables the generation of the dynamic cookie if the IP
> > is 0.
Hi Pierre,
On Tue, Jan 16, 2018 at 06:08:40PM +0100, Pierre Cheynier wrote:
> Hi Olivier,
>
>
> On 16/01/2018 15:43, Olivier Houchard wrote:
> > I'm not so sure about this.
> > It won't be checked again when server are enabled, so you won't get the
> > warning i
Hi Pierre,
On Mon, Jan 15, 2018 at 06:45:52PM +0100, Pierre Cheynier wrote:
> Hello,
>
> We started to use the server-template approach in which you basically
> provision servers in backends using a "check disabled" state, then
> re-enabling them using the Runtime API.
>
> I recently noticed
Hi,
On Tue, Jan 09, 2018 at 03:28:22PM +0100, Olivier Houchard wrote:
> Hi Willy,
>
> On Tue, Jan 09, 2018 at 03:17:24PM +0100, Willy Tarreau wrote:
> > Hi Olivier,
> >
> > On Mon, Jan 08, 2018 at 04:35:35PM +0100, Olivier Houchard wrote:
> > > Hi,
>
Hi Willy,
On Tue, Jan 09, 2018 at 03:17:24PM +0100, Willy Tarreau wrote:
> Hi Olivier,
>
> On Mon, Jan 08, 2018 at 04:35:35PM +0100, Olivier Houchard wrote:
> > Hi,
> >
> > The attached patch attempts to map SRV record weight to haproxy weight
> > correctly,
&g
>From 8e8ab23223274ac75fdf1cfe2847337133fd59d2 Mon Sep 17 00:00:00 2001
From: Olivier Houchard <ohouch...@haproxy.com>
Date: Mon, 8 Jan 2018 16:28:57 +0100
Subject: [PATCH] MINOR: Handle SRV record weight correctly.
A SRV record weight can range from 0 to 65535, while haproxy weight go
Hi guys,
The rbtree implementation as found in haproxy, is currently unused, and has
been for quite some time.
I don't think we will need it again, so the attached patch just removes it.
Regards,
Olivier
>From 4ce3bce732fd816a835e4896646f260f0b7e6e7c Mon Sep 17 00:00:00 2001
From: Oliv
Hi Christopher,
On Wed, Dec 06, 2017 at 05:34:15PM -0800, Christopher Lane wrote:
> On Mon, Dec 4, 2017 at 11:56 AM, Christopher Lane
> wrote:
> >
> >
> >
> > On Mon, Dec 4, 2017 at 4:22 AM Lukas Tribus wrote:
> >
> >>Hello Christopher,
> >
> >
>
lot !
Olivier
>From 5236a1a4ac19cc27c6f06d328b2df0c4cdfe220c Mon Sep 17 00:00:00 2001
From: Olivier Houchard <ohouch...@haproxy.com>
Date: Fri, 1 Dec 2017 22:04:05 +0100
Subject: [PATCH] MINOR: checks: Be sure we have a mux if we created a cs.
In connect_conn_chk(), there were one case w
Hi,
The attached patch makes the call to pthread_setaffinity_np() work on
FreeBSD.
Regards,
Olivier
>From fc204ac3d7f9323b6583465ff5b42a0cfa46b8b1 Mon Sep 17 00:00:00 2001
From: Olivier Houchard <ohouch...@haproxy.com>
Date: Fri, 1 Dec 2017 18:19:43 +0100
Subject: [PATCH] MINOR: thr
On Thu, Nov 30, 2017 at 03:32:20PM +0100, Emmanuel Hocdet wrote:
>
> > Le 30 nov. 2017 à 13:34, Olivier Houchard <ohouch...@haproxy.com> a écrit :
> >
> > Hi Emmanuel,
> >
> > On Thu, Nov 30, 2017 at 12:15:37PM +0100, Emmanuel Hocdet wrote:
> >>
a need a sample fetch to know there
were early data, even after the handshake, maybe we can introduce a new
sample fetch, ssl_fc_has_insecure_early, or something ?
Regards,
Olivier
>From bda3b7800677184ea19fb81f75f9a9b44c79efeb Mon Sep 17 00:00:00 2001
From: Olivier Houchard <ohouch...@ha
Hi Emmanuel,
On Mon, Nov 27, 2017 at 05:17:54PM +0100, Emmanuel Hocdet wrote:
>
> Hi,
>
> This patch fix CO_FL_EARLY_DATA removal to have correct ssl_fc_has_early
> reporting. It work for 'mode http'.
>
> It does not fix ssl_fc_has_early for 'mode tcp'. In this mode CO_FL_EARLY_DATA
> should
Hi Willy,
On Thu, Nov 23, 2017 at 07:44:13PM +0100, Willy Tarreau wrote:
> On Thu, Nov 23, 2017 at 04:16:39PM +0100, Emmanuel Hocdet wrote:
> >
> > simplify patch:
> > no need to bypass post SSL_do_handshake process, only remove
> > CO_FL_EARLY_SSL_HS
> > when handshake can't support early
rom cdb181d78466a1ce2be2b8b621231ba2086f4979 Mon Sep 17 00:00:00 2001
From: Olivier Houchard <ohouch...@haproxy.com>
Date: Thu, 23 Nov 2017 18:21:29 +0100
Subject: [PATCH 1/2] MINOR: ssl: Handle reading early data after writing
better.
It can happen that we want to read early data, write some, and then continu
On Wed, Nov 22, 2017 at 05:42:42PM +0100, Olivier Houchard wrote:
> Hi,
>
> We mistakely only try to go back to the SSL handshake when not able to send
> early data if we're acting as a client, that is wrong, and leads to an
> infinite loop if it happens on the server side.
>
.
Regards,
Olivier
>From e32a831c1cbff1fcfb66565273ec98052f3a7f79 Mon Sep 17 00:00:00 2001
From: Olivier Houchard <ohouch...@haproxy.com>
Date: Thu, 16 Nov 2017 17:42:52 +0100
Subject: [PATCH 1/2] MINOR: SSL: Store the ASN1 representation of client
sessions.
Instead of storing the SS
On Mon, Nov 06, 2017 at 03:19:25PM +0100, Olivier Houchard wrote:
> Hi,
>
> The attached patch fixes a locking issue that prevented SRV records from
> working.
>
> Regards,
>
> Olivier
>
And another one, that fix a deadlock that occurs when checks trigger DNs
res
rom 7db328b4e5028a80c9817049108f5625513a87e8 Mon Sep 17 00:00:00 2001
From: Olivier Houchard <cog...@ci0.org>
Date: Thu, 2 Nov 2017 19:04:38 +0100
Subject: [PATCH 1/4] BUG/MINOR; ssl: Don't assume we have a ssl_bind_conf
because a SNI is matched.
We only have a ssl_bind_conf if crt-list is used, however we can still
match a ce
001
From: Olivier Houchard <ohouch...@haproxy.com>
Date: Tue, 31 Oct 2017 15:21:19 +0100
Subject: [PATCH] BUG/MINOR: dns: Fix SRV records with the new thread code.
srv_set_fqdn() may be called with the DNS lock already held, but tries to
lock it anyway. So, add a new parameter to le
On Fri, Oct 27, 2017 at 03:54:27PM +0200, Emmanuel Hocdet wrote:
>
> > Le 27 oct. 2017 à 15:02, Olivier Houchard <ohouch...@haproxy.com> a écrit :
> >
> > The attached patch does use the ssl_conf, instead of abusing ssl_options.
> > I also added a new field in g
Hi,
On Fri, Oct 27, 2017 at 12:45:36PM +0200, Olivier Houchard wrote:
> On Fri, Oct 27, 2017 at 12:36:31PM +0200, Emmanuel Hocdet wrote:
> >
> > > Le 27 oct. 2017 ?? 11:22, Emmanuel Hocdet <m...@gandi.net> a ??crit :
> > >
> > > Hi Olivier
>
On Fri, Oct 27, 2017 at 12:36:31PM +0200, Emmanuel Hocdet wrote:
>
> > Le 27 oct. 2017 ?? 11:22, Emmanuel Hocdet <m...@gandi.net> a ??crit :
> >
> > Hi Olivier
> >
> >> Le 27 oct. 2017 ?? 01:08, Olivier Houchard <ohouch...@haproxy.com> a
>
On Fri, Oct 27, 2017 at 11:22:15AM +0200, Emmanuel Hocdet wrote:
> Hi Olivier
>
> > Le 27 oct. 2017 ?? 01:08, Olivier Houchard <ohouch...@haproxy.com> a ??crit
> > :
> >
> > Hi,
> >
> > You'll find attached updated patches, rebased on the la
)) {
- /* switch ctx */
+ if (s->generate_certs &&
ssl_sock_generate_certificate(servername, s, ssl)) {
+ /* switch ctx done in ssl_sock_generate_certificate */
return SSL_TLSEXT_ERR_OK;
}
#endif
Hi Emmanuel,
On Wed, Oct 25, 2017 at 02:37:58PM +0200, Emmanuel Hocdet wrote:
> Hi,
>
> . patches serie rebase from master
> . update openssl 1.1.1 api calls with new early callback name
> (https://www.openssl.org/docs/manmaster/man3/SSL_CTX_set_client_hello_cb.html
>
On Tue, Oct 24, 2017 at 07:12:15PM +0200, Olivier Houchard wrote:
> On Tue, Oct 24, 2017 at 05:37:42PM +0200, Baptiste wrote:
> > Hi,
> >
> > While testing Christopher's DNS "thread-safe" code, I found a bug in
> > srv_update_status following a
:00:00 2001
From: Olivier Houchard <ohouch...@haproxy.com>
Date: Tue, 24 Oct 2017 19:03:30 +0200
Subject: [PATCH 2/2] BUG/MINOR: checks: Don't forget to release the connection
on error case.
When switching the check code to a non-permanent connection, the new code
forgot to free the c
On Tue, Oct 24, 2017 at 05:37:42PM +0200, Baptiste wrote:
> Hi,
>
> While testing Christopher's DNS "thread-safe" code, I found a bug in
> srv_update_status following a recent update (related to threads too).
>
> The patch is in attachment.
Ah you beat me at it ! I ran in the exact same issue.
rom: Olivier Houchard <ohouch...@haproxy.com>
Date: Tue, 17 Oct 2017 19:23:25 +0200
Subject: [PATCH] MINOR: stats: Clear a bit more counters with in
cli_parse_clear_counters().
Clear MaxSslRate, SslFrontendMaxKeyRate and SslBackendMaxKeyRate when
clear counters is used, it was probably forgotten w
Hi,
The attached patch adds a new keyword to servers, "check-sni", that lets you
specify which SNI to use when doing health checks over SSL.
Regards,
Olivier
>From 24779f0985041f4e680855d453a4bc5d096756f9 Mon Sep 17 00:00:00 2001
From: Olivier Houchard <ohouch...@haproxy.com>
as needed.
Regards,
Olivier
>From a8d290e08d4820fe5058ba00fd4ef762e562cb69 Mon Sep 17 00:00:00 2001
From: Olivier Houchard <ohouch...@haproxy.com>
Date: Tue, 17 Oct 2017 15:52:59 +0200
Subject: [PATCH] MINOR: server: Handle weight increase in consistent hash.
When the server weight is ri
Hi Joel,
On Fri, Oct 13, 2017 at 03:22:56PM +0200, Joel W Kall wrote:
> Got some results from strace. Running the reload with sudo takes about 3
> minutes and shows that it spends most of the time on:
>
> 14:39:38.077925 poll([{fd=6, events=POLLIN}], 1, -1) = ?
> ERESTART_RESTARTBLOCK
Hi Igor,
On Tue, Oct 03, 2017 at 12:06:05AM +0800, Igor Pav wrote:
> It's excited, does server line(client side) support 0-rtt?
>
Unfortunately, it does not yet. I'm investigating adding it.
Regards,
Olivier
> On Mon, Oct 2, 2017 at 11:18 PM, Olivier Houchard <ohouch...@haproxy.c
(ctx = ssl_sock_generate_certificate(servername, s, ssl))) {
- /* switch ctx */
+ if (s->generate_certs &&
ssl_sock_generate_certificate(servername, s, ssl)) {
+ /* switch ctx done in ssl_sock_generate_certificate */
return S
rom: Olivier Houchard <ohouch...@haproxy.com>
Date: Wed, 13 Sep 2017 11:49:22 +0200
Subject: [PATCH] MINOR: net_helper: Inline functions meant to be inlined.
---
include/common/net_helper.h | 12 ++--
1 file changed, 6 insertions(+), 6 deletions(-)
diff --git a/include/common/net_h
On Thu, Aug 17, 2017 at 04:27:55PM +0300, Dmitry Sivachenko wrote:
>
> > On 16 Aug 2017, at 18:32, Olivier Houchard <ohouch...@haproxy.com> wrote:
> >
> >
> >
> > I think I know what's going on.
> > Can you try the attached patch ?
> >
&g
On Wed, Aug 16, 2017 at 11:43:30AM -0400, Mark Staudinger wrote:
> On Wed, 16 Aug 2017 11:32:01 -0400, Olivier Houchard <ohouch...@haproxy.com>
> wrote:
>
> > On Wed, Aug 16, 2017 at 11:28:52AM -0400, Mark Staudinger wrote:
> > > On Wed, 16 Aug 2017 10:47:32 -0400, D
esting on FreeBSD-10-stable though.
> >
> > May be you add return code check for cpuset_setaffinity() and log
> > possible error?
>
> Output of from truss on starup yields this:
>
> 3862: cpuset_setaffinity(0x3,0x2,0x,0x8,0x773dd0) ERR#34
> 'Resul
Sep 17 00:00:00 2001
From: Olivier Houchard <ohouch...@haproxy.com>
Date: Mon, 14 Aug 2017 15:59:44 +0200
Subject: [PATCH] MINOR: Use a better name for the constructor than
__ssl_sock_deinit()
---
src/raw_sock.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/src/raw_soc
Hi,
After some review and tests by Baptiste, here comes an updated patchset,
with a few bugfixes.
This one is probably mergeable.
Regards,
Olivier
>From 1b408464590fea38d8a45b2b7fed5c615465a858 Mon Sep 17 00:00:00 2001
From: Olivier Houchard <ohouch...@haproxy.com>
Date: Thu, 6 Jul 2
Hi,
On Fri, Aug 04, 2017 at 09:18:30PM +0200, Willy Tarreau wrote:
> Just a few questions and minor comments below :
>
> On Fri, Aug 04, 2017 at 06:49:43PM +0200, Olivier Houchard wrote:
> > This also adds support for SRV records. To use them, simply use a SRV label
> >
nfig.
Any testing would be greatly appreciated.
Regards,
Olivier
>From 1b408464590fea38d8a45b2b7fed5c615465a858 Mon Sep 17 00:00:00 2001
From: Olivier Houchard <ohouch...@haproxy.com>
Date: Thu, 6 Jul 2017 18:46:47 +0200
Subject: [PATCH 1/4] MINOR: dns: Cache previous DNS answers.
As DNS ser
Hi guys,
The attached patch fixes a potential use after free, if for some reason we
failed to get the address of a transfered socket.
It should be fairly safe to apply.
Regards,
Olivier
>From 6fa0e381b38d3a9a3d29e59cbcca34fb1d375e3e Mon Sep 17 00:00:00 2001
From: Olivier Houchard <
Hi Pavlos,
On Sun, May 07, 2017 at 12:05:28AM +0200, Pavlos Parissis wrote:
[...]
> Ignore ignore what I wrote, I am an idiot I am an idiot as I forgot the most
> important bit of the test, to enable the seamless reload by suppling the
> HAPROXY_STATS_SOCKET environment variable:-(
>
> I added
On Thu, May 04, 2017 at 10:03:07AM +, Pierre Cheynier wrote:
> Hi Olivier,
>
> Many thanks for that ! As you know, we are very interested on this topic.
> We'll test your patches soon for sure.
>
> Pierre
Hi Pierre :)
Thanks ! I'm very interested in knowing how well it works for you.
Maybe
p 17 00:00:00 2001
From: Olivier Houchard <ohouch...@haproxy.com>
Date: Thu, 20 Apr 2017 18:21:17 +0200
Subject: [PATCH] MINOR: server: don't use "proxy" when px is really meant.
In server_parse_sni_expr(), we use the "proxy" global variable, when we
should probably be us
rom 163be439a8bc6e5aa1cf3fea0f086d518ddad0a9 Mon Sep 17 00:00:00 2001
From: Olivier Houchard <ohouch...@haproxy.com>
Date: Wed, 19 Apr 2017 11:34:10 +0200
Subject: [PATCH] BUG/MAJOR: Use -fwrapv.
Haproxy relies on signed integer wraparound on overflow, however this is
really an undefined behavior, so the C compiler i
On Wed, Apr 19, 2017 at 09:58:27AM +0200, Pavlos Parissis wrote:
> On 13/04/2017 06:18 μμ, Olivier Houchard wrote:
> > On Thu, Apr 13, 2017 at 06:00:59PM +0200, Conrad Hoffmann wrote:
> >> On 04/13/2017 05:10 PM, Olivier Houchard wrote:
> >>> On Thu, Apr 13, 20
On Thu, Apr 13, 2017 at 06:00:59PM +0200, Conrad Hoffmann wrote:
> On 04/13/2017 05:10 PM, Olivier Houchard wrote:
> > On Thu, Apr 13, 2017 at 04:59:26PM +0200, Conrad Hoffmann wrote:
> >> Sure, here it is ;P
> >>
> >> I now get a segfault (on reload):
>
s (verbose=0) at src/proxy.c:793
> #8 0x004091ec in main (argc=21, argv=0x7ffccc775168) at
> src/haproxy.c:1942
Ok, yet another stupid mistake, hopefully the attached patch fixes this :)
Thanks !
Olivier
>From 7c7fe0c00129d60617cba786cbec7bbdd9ce08f8 Mon Sep 17 00:00:00 2001
Fro
On Thu, Apr 13, 2017 at 03:06:47PM +0200, Conrad Hoffmann wrote:
>
>
> On 04/13/2017 02:28 PM, Olivier Houchard wrote:
> > On Thu, Apr 13, 2017 at 12:59:38PM +0200, Conrad Hoffmann wrote:
> >> On 04/13/2017 11:31 AM, Olivier Houchard wrote:
> >>> On Thu, Apr
On Thu, Apr 13, 2017 at 12:59:38PM +0200, Conrad Hoffmann wrote:
> On 04/13/2017 11:31 AM, Olivier Houchard wrote:
> > On Thu, Apr 13, 2017 at 11:17:45AM +0200, Conrad Hoffmann wrote:
> >> Hi Olivier,
> >>
> >> On 04/12/2017 06:09 PM, Olivier Houchard wrote:
On Thu, Apr 13, 2017 at 11:17:45AM +0200, Conrad Hoffmann wrote:
> Hi Olivier,
>
> On 04/12/2017 06:09 PM, Olivier Houchard wrote:
> > On Wed, Apr 12, 2017 at 05:50:54PM +0200, Olivier Houchard wrote:
> >> On Wed, Apr 12, 2017 at 05:30:17PM +0200, Conrad Hoffma
On Wed, Apr 12, 2017 at 11:19:37AM -0700, Steven Davidovitz wrote:
> I had a problem testing it on Mac OS X, because cmsghdr is aligned to 4
> bytes. I changed the CMSG_ALIGN(sizeof(struct cmsghdr)) call to CMSG_LEN(0)
> to fix it.
>
Oh right, I'll change that.
Thanks a lot !
Olivier
vier
>From 7dc2432f3a7c4a9e9531adafa4524a199e394f90 Mon Sep 17 00:00:00 2001
From: Olivier Houchard <ohouch...@haproxy.com>
Date: Wed, 12 Apr 2017 19:32:15 +0200
Subject: [PATCH 10/10] MINOR: tcp: Attempt to reset TCP_MAXSEG when reusing a
socket.
Guess the default value for TCP_MAXSEG by
On Wed, Apr 12, 2017 at 05:50:54PM +0200, Olivier Houchard wrote:
> On Wed, Apr 12, 2017 at 05:30:17PM +0200, Conrad Hoffmann wrote:
> > Hi again,
> >
> > so I tried to get this to work, but didn't manage yet. I also don't quite
> > understand how this is supposed
On Wed, Apr 12, 2017 at 05:30:17PM +0200, Conrad Hoffmann wrote:
> Hi again,
>
> so I tried to get this to work, but didn't manage yet. I also don't quite
> understand how this is supposed to work. The first haproxy process is
> started _without_ the -x option, is that correct? Where does that
On Wed, Apr 12, 2017 at 05:30:17PM +0200, Conrad Hoffmann wrote:
> Hi again,
>
> so I tried to get this to work, but didn't manage yet. I also don't quite
> understand how this is supposed to work. The first haproxy process is
> started _without_ the -x option, is that correct? Where does that
+ 1 +
(stats_socket != NULL ? 2 : 0), sizeof(char *));
Regards,
Olivier
>From 526dca943b9cc89732c54bc43a6ce36e17b67890 Mon Sep 17 00:00:00 2001
From: Olivier Houchard <ohouch...@haproxy.com>
Date: Sun, 9 Apr 2017 16:28:10 +0200
Subject: [PATCH 7/9] MINOR: systemd wrappe
On Tue, Apr 11, 2017 at 08:16:48PM +0200, Willy Tarreau wrote:
> Hi guys,
>
> On Mon, Apr 10, 2017 at 11:08:56PM +0200, Pavlos Parissis wrote:
> > IMHO: a better name would be 'stats nounsedsockets', as it is referring to a
> > generic functionality of UNIX stats socket, rather to a very specific
On Tue, Apr 11, 2017 at 01:23:42PM +0200, Pavlos Parissis wrote:
> On 10/04/2017 11:52 μμ, Olivier Houchard wrote:
> > On Mon, Apr 10, 2017 at 11:08:56PM +0200, Pavlos Parissis wrote:
> >> On 10/04/2017 08:09 , Olivier Houchard wrote:
> >>>
> >>> Hi,
On Mon, Apr 10, 2017 at 11:08:56PM +0200, Pavlos Parissis wrote:
> On 10/04/2017 08:09 ????, Olivier Houchard wrote:
> >
> > Hi,
> >
> > On top of those patches, here a 3 more patches.
> > The first one makes the systemd wrapper check for a HAPROXY_STATS_SOCKET
On Mon, Apr 10, 2017 at 10:49:21PM +0200, Pavlos Parissis wrote:
> On 07/04/2017 11:17 ????, Olivier Houchard wrote:
> > On Fri, Apr 07, 2017 at 09:58:57PM +0200, Pavlos Parissis wrote:
> >> On 06/04/2017 04:57 , Olivier Houchard wrote:
> >>> On Thu, Apr 06, 20
socket,
and close any socket nout bound to our process, to save a few file
descriptors.
Regards,
Olivier
>From 8d6c38b6824346b096ba31757ab62bc986a433b3 Mon Sep 17 00:00:00 2001
From: Olivier Houchard <ohouch...@haproxy.com>
Date: Sun, 9 Apr 2017 16:28:10 +0200
Subject: [PATCH 7/9] MINOR
On Fri, Apr 07, 2017 at 09:58:57PM +0200, Pavlos Parissis wrote:
> On 06/04/2017 04:57 ????, Olivier Houchard wrote:
> > On Thu, Apr 06, 2017 at 04:56:47PM +0200, Pavlos Parissis wrote:
> >> On 06/04/2017 04:25 , Olivier Houchard wrote:
> >>> Hi,
> >>>
On Thu, Apr 06, 2017 at 04:56:47PM +0200, Pavlos Parissis wrote:
> On 06/04/2017 04:25 μμ, Olivier Houchard wrote:
> > Hi,
> >
> > The attached patchset is the first cut at an attempt to work around the
> > linux issues with SOREUSEPORT that makes haproxy refuse
behavior instead of opening any missing socket ? I'm still
undecided about that.
Any testing, comments, etc would be greatly appreciated.
Regards,
Olivier
>From f2a13d1ce2f182170f70fe3d5312a538788f5877 Mon Sep 17 00:00:00 2001
From: Olivier Houchard <ohouch...@haproxy.com>
Date: Wed, 5 Apr 2017
00:00:00 2001
From: Olivier Houchard <cog...@ci0.org>
Date: Tue, 4 Apr 2017 22:10:36 +0200
Subject: [PATCH] MINOR server: Restrict dynamic cookie check to the same
proxy.
Each time we generate a dynamic cookie, we try to make sure the same
cookie hasn't been generated for another server,
On Wed, Mar 15, 2017 at 03:52:04PM +0200, Jarno Huuskonen wrote:
> Hi Olivier,
>
> On Tue, Mar 14, Olivier Houchard wrote:
> > Hi guys,
> >
> > You'll find attached patches to add support for dynamically-generated
> > session
> > cookies for each
l the load-balancers.
Any comment would be welcome.
Thanks !
Olivier
>From a29344438de3777ab692978b5195adfd100f219f Mon Sep 17 00:00:00 2001
From: Olivier Houchard <ohouch...@haproxy.com>
Date: Tue, 14 Mar 2017 20:01:29 +0100
Subject: [PATCH 1/2] MINOR: server: Add dynamic session co
101 - 198 of 198 matches
Mail list logo