On Mon, Jun 07, 2021 at 05:08:32PM +0500, Илья Шипицин wrote:
> пн, 7 июн. 2021 г. в 16:31, William Lallemand :
>
> > On Mon, Jun 07, 2021 at 04:02:00PM +0500, Илья Шипицин wrote:
> > > sorry, I do not have much spare time to implement that in short time
> > > per
do something like:
make DEBUG_CFLAGS="-g -Wno-deprecated-declarations"
--
William Lallemand
ll users and they
can be relevant at some point, not only for OpenSSL, but for the other
libs that are linked with haproxy.
In my opinion we should only disable them for this specific build of
OpenSSL 3.0.0 on the CI, not for everyone in the Makefile.
--
William Lallemand
nd build without -Werror in order to see the
-Wdeprecated-declarations warnings.
* port haproxy to the new API (long term goal) to be able to build
with openssl 3.0.0 with -Werror.
>
> @William Lallemand has an appetite to make it
> green ;)
>
I'll fix what I can to be able to
On Wed, May 05, 2021 at 09:11:08AM +0500, Илья Шипицин wrote:
> Hello,
>
> LibreSSL-3.3.3 just released. patch attached.
>
> thanks,
> Ilya
Thanks, pushed in master.
--
William Lallemand
ne, but it's for a new major release so
it's fine in my opinion.
--
William Lallemand
=haproxy-2.2.git
Changelog: http://www.haproxy.org/download/2.2/src/CHANGELOG
Cyril's HTML doc : http://cbonte.github.io/haproxy-dconv/
---
Complete changelog :
William Lallemand (2):
BUG/MEDIUM: ssl: ckch_inst->ctx not assigned with multi-bundle
certificates
REGTE
On Thu, Apr 01, 2021 at 02:26:07PM +0200, William Lallemand wrote:
> On Thu, Apr 01, 2021 at 10:19:31AM +, Jarno Huuskonen wrote:
> > Hello,
> >
> > I'm seeing a regression with 2.2.12 and using rsa and ecdsa certs on bind.
> > (cert1.pem.ecdsa
> > c
nks for the report, I can reproduce the problem, I'm investigating.
--
William Lallemand
On Fri, Mar 26, 2021 at 11:47:48PM +0500, Илья Шипицин wrote:
> Hello,
>
> yet another patch that removes few HA_OPENSSL_VERSION usage.
>
> Ilya
Pushed in master, thanks.
--
William Lallemand
On Thu, Mar 25, 2021 at 12:52:42AM +0500, Илья Шипицин wrote:
> Hello,
>
> yet another patch that removes several occurrences of HA_OPENSSL_VERSION
> also, fetches enabled for BoringSSL and LibreSSL-2.7.0 and higher
>
> Ilya
Looks good, pushed in master, thanks!
--
William Lallemand
one of you please have a look ?
>
I'll take a look.
--
William Lallemand
PATCH] BUILD: ssl: use feature guard instead of openssl
> > version for ecdh functions
> > To: HAProxy , Willy Tarreau
> > Delivered-To: haproxy@formilux.org
> > List-Id: Haproxy
> >
> > ping
> >
> > ??, 21 ???. 2021 ?. ? 13:02, ??? :
> >
> > > Hello,
> > >
> > > yet another patch that reduces number of HA_OPENSSL_VERSION use
> > >
> > > Ilya
> > >
> > >
> > >
>
> - End forwarded message -
>
Thanks, both merged.
--
William Lallemand
On Wed, Mar 24, 2021 at 11:29:19AM +0500, Илья Шипицин wrote:
> ping
>
> вс, 21 мар. 2021 г. в 13:02, Илья Шипицин :
>
> > Hello,
> >
> > yet another patch that reduces number of HA_OPENSSL_VERSION use
> >
> > Ilya
> >
> >
> >
Thanks, merged.
--
William Lallemand
On Wed, Mar 24, 2021 at 11:29:03AM +0500, Илья Шипицин wrote:
> ping
>
> сб, 20 мар. 2021 г. в 22:43, Илья Шипицин :
>
> > while refactoring HA_OPENSSL_VERSION usage,
> > I've found unused definitions. nice.
> >
> >
> > Ilya
> >
Thanks, merged.
--
William Lallemand
will need to be pushed each time a ticket expired.
--
William Lallemand
g56.html
> >
> >
> >
> >
> >
> >
> >
> > Thanks,
> >
> > -- Daniel
> >
> >
> >
>
> Hi,
>
> Thank you Daniel for reporting / fixing this.
> The patch looks correct and may be applied.
>
> Baptiste
Thanks, applied.
--
William Lallemand
aproxy/openssl-compat.h
> That guard does not depend anymore on HA_OPENSSL_VERSION
Thanks, merged!
--
William Lallemand
On Thu, Feb 18, 2021 at 07:06:14PM +0500, Илья Шипицин wrote:
> ping :)
>
> On Sat, Feb 13, 2021, 11:48 AM Илья Шипицин wrote:
>
> > I changed macro name, new patch attached
> >
Merged, thanks.
--
William Lallemand
On Sat, Feb 13, 2021 at 12:21:56AM +0500, Илья Шипицин wrote:
> Hello,
>
> let as switch to feature macro instead of HA_OPENSSL_VERSION.
>
> Ilya
Hello Ilya,
For more concistency with the other macros I'd rather use
"HAVE_SSL_SCTL" instead of "HAVE_OP
n the crt-list though, I think you meant
"show ssl cert"? The crt-list are only useful to manage multiple
certificates and SNIs on a bind line, in the case of a server line you
only need one certicate.
--
William Lallemand
On Mon, Feb 08, 2021 at 05:17:32PM +0500, Илья Шипицин wrote:
> usually I do such a stupid mistakes on friday.
> I wonder about next friday :(
>
> new patch attached.
>
> Ilya
>
Don't worry it happens to me quite a lot :-)
Applied, thanks.
--
William Lallemand
def SSL_CTRL_SET_MSG_CALLBACK
> SSL_CTX_set_msg_callback(ctx, ssl_sock_msgcbk);
> #endif
> #ifdef HAVE_OPENSSL_KEYLOG
> --
> 2.29.2
>
It looks like you sent the exact same patch by mistake.
--
William Lallemand
On Sat, Feb 06, 2021 at 09:18:30PM +0500, Илья Шипицин wrote:
> you are right.
> I've fixed it.
>
Thanks, both pushed in master.
--
William Lallemand
On Fri, Feb 05, 2021 at 10:31:53AM +0100, William Lallemand wrote:
> Ok, I'm going to do the change in the help command then.
>
In fact I just take a look again at this, and I think we've done the
patch the wrong way.
In 'run-regtests.sh' there is already a default se
On Fri, Feb 05, 2021 at 08:41:47AM +0100, Willy Tarreau wrote:
> Hi William,
>
> On Fri, Jan 29, 2021 at 02:44:27PM +0100, William Lallemand wrote:
> > Hello List,
> >
> > According to `make reg-tests-help` the REGTESTS_TYPES parameter must be
> > configured as
it the only variable that use "?=" in the Makefile and I'm
not sure we want to proceed this way.
Regards,
--
William Lallemand
7000L
> +#ifdef SSL_CTRL_SET_MSG_CALLBACK
> SSL_CTX_set_msg_callback(ctx, ssl_sock_msgcbk);
> #endif
> #ifdef HAVE_OPENSSL_KEYLOG
> --
> 2.29.2
>
Please add a commit message in your patches, patches with only a subject
line won't be taken. See this part of the co
&& !defined OPENSSL_NO_TLSEXT
> && !defined OPENSSL_IS_BORINGSSL)
> +#ifdef HAVE_SL_CTX_ADD_SERVER_CUSTOM_EXT
> sctl_ex_index = SSL_CTX_get_ex_new_index(0, NULL, NULL, NULL,
> ssl_sock_sctl_free_func);
> #endif
>
--
William Lallemand
On Sat, Jan 23, 2021 at 12:23:01AM +0500, Илья Шипицин wrote:
> updated patch attached
>
Thanks, merged.
--
William Lallemand
; >> I'm not sure it is good thing.
> >>
> >> if you thing it is, please modify patch when applying. I'm ok with such
> >> change.
> >>
> >> пн, 18 янв. 2021 г. в 15:53, Илья Шипицин :
> >>
> >>>
> >>>
>
9 run_poll_loop () at src/haproxy.c:2859
> #10 0x004f63b7 in run_thread_poll_loop (data=)
> at src/haproxy.c:3028
> #11 0x004faaac in main (argc=,
> argv=0x7fffedc68498) at src/haproxy.c:904
>
> See: https://man7.org/linux/man-pages/man3/strsignal.3.html
Thanks, merged. I've added the missing backport info in the commit message and
renamed the worker tag by mworker.
--
William Lallemand
client that sends:
>
> accept-encoding: br,br,br,br,[…],br
>
> > The comment of the accept_encoding_normalizer function does not match
> > its behavior anymore either.
>
> Indeed. I adjusted that on v2.
>
> Best regards
> Tim Düsterhus
>
Thanks to both of you, applied.
--
William Lallemand
On Thu, Jan 14, 2021 at 12:13:17PM +0100, William Dauchy wrote:
> On Thu, Jan 14, 2021 at 11:21 AM William Lallemand
> wrote:
> > VTest is not really suited to test the process management, for example
> > the tests doing a reload have timing issues because VTest is not abl
l, void *priv)
> {
We probably want to remove the defined(IS_BORINGSSL) from the ssl_sock.c too.
Why don't you define a macro constant with the feature name in
openssl-compat.h and test this constant in ssl_sock.c? Like it was done
for various fonctions.
Regards,
--
William Lallemand
FILTER PCRE PCRE_JIT PCRE2 PCRE2_JIT PRIVATE_CACHE
> THREAD PTHREAD_PSHARED BACKTRACE STATIC_PCRE STATIC_PCRE2 TPROXY LINUX_TPROXY
> LINUX_SPLICE LIBCRYPT CRYPT_H GETADDRINFO OPENSSL LUA FUTEX ACCEPT4 CLOSEFROM
> ZLIB SLZ CPU_AFFINITY TFO NS DL RT DEVICEATLAS 51DEGREES WURFL SYSTEMD
> OBSOLETE_LINKER PRCTL THREAD_DUMP EVPORTS OT QUIC; echo " $*" | (fmt || cat)
> 2>/dev/null
> EPOLL KQUEUE NETFILTER PCRE PCRE_JIT PCRE2 PCRE2_JIT PRIVATE_CACHE
>
> This commit ensure the help target always discard line echoing
> regardless of V variable as done for reg-tests-help target.
Thanks, merged!
--
William Lallemand
*top 0.0 RESETTING after
> /home/fred/src/varnish-cache-haproxy/d02286d.vtc
> ** h10.0 Reset and free h1 haproxy 12728
> ** h10.0 Wait
> -** h10.0 Stop HAproxy pid=12728
> +** h10.0 Stop HAProxy pid=12728
> h10.0 Kill(2)=0: Success
> h10.0 STDOUT poll 0x10
> ** h10.1 WAIT4 pid=12728 status=0x0002 (user 0.00 sys 0.004000)
These are VTest output, you probably want to patch VTest or the example
won't be accurate!
--
William Lallemand
/\n";
> PRODUCT_STATUS "\n", haproxy_version, haproxy_date);
>
> if (strlen(PRODUCT_URL_BUGS) > 0) {
>
I wanted to do this a long time ago, and at this time we decided to keep
it as it was to not break existing scripts. I think we'll let Willy
decide if that's a good idea now :-)
Regards,
--
William Lallemand
On Thu, Jan 14, 2021 at 10:35:27AM +0100, William Dauchy wrote:
> On Wed, Jan 13, 2021 at 1:22 PM William Lallemand
> wrote:
> > Thanks to both of you! merged in master.
>
> a side note: yesterday evening I wanted to have a look at a reg-test
> in order to prevent it in the
your review.
> thanks for your time reviewing the issue.
> regards,
Thanks to both of you! merged in master.
--
William Lallemand
the CI, it seems they succeed. But that doesn't mean they're reliable
> or anything, very often regtests start to fail sporadically in a single
> environment before we figure the problem.
>
These reg-tests are of types "slow" and "broken" not launched by the CI.
--
William Lallemand
On Thu, Jan 07, 2021 at 12:28:02PM +0500, Илья Шипицин wrote:
> Hi,
>
> another series of removing HA_OPENSSL_VERSION
>
> Ilya
Thanks, merged.
--
William Lallemand
, Jan 02, 2021 at 10:47:17PM +0100, Tim Duesterhus wrote:
> This is only required to process the `age` header.
Thanks Tim, pushed in master.
--
William Lallemand
On Fri, Dec 11, 2020 at 09:58:31PM +0500, Илья Шипицин wrote:
> ping :)
>
> пт, 27 нояб. 2020 г. в 02:58, Илья Шипицин :
>
> > Hello,
> >
> > let us continue to improve ssl guarding.
> >
> > Ilya
> >
Thanks, merged.
--
William Lallemand
an never remove it again.
>
For people interested, the bug was discussed here:
https://github.com/haproxy/haproxy/issues/1004
--
William Lallemand
On Fri, Dec 11, 2020 at 02:53:13PM +0100, Björn Jacke wrote:
> Hi William,
>
> On 11.12.20 12:29, William Lallemand wrote:
> > If we want the "set ssl ocsp-response" command to work in this particular
> > case,
> > I think we need to change the key, but
want the "set ssl ocsp-response" command to work in this particular case,
I think we need to change the key, but the problem is that the OCSP response
only contains an OCSP_CERTID for helping us finding where we should apply the
certificate, and the serialNumber alone is not enough to index the response.
--
William Lallemand
On Thu, Dec 10, 2020 at 03:24:39PM +0100, Björn Jacke wrote:
> Hi William,
>
> On 09.12.20 09:27, William Lallemand wrote:
> > $ echo -e -n "@1 set ssl cert server1.fullchain.pem <<\n$(cat
> > server2.fullchain.pem)\n\n" | socat - /tmp/master.socket
>
On Tue, Dec 08, 2020 at 06:42:13PM +0100, Björn Jacke wrote:
> Hi William,
>
> On 08.12.20 15:13, William Lallemand wrote:> I then updated the
> certificate this way:
> >
> > $ echo -e -n "@1 set ssl cert server1.fullchain.pem <<\n$(cat
> >
On Tue, Dec 08, 2020 at 11:48:41AM +0100, William Lallemand wrote:
> On Sat, Dec 05, 2020 at 02:57:03AM +0100, Björn Jacke wrote:
> > Hi,
> >
> > I ran into an issue with haproxy 2.2.6, where I'm not sure if this is
> > working as intended or not. I have
> certificate of course.
>
Looks like a bug to me, the intermediate certificate is indeed supposed
to be updated, I'll look into this.
--
William Lallemand
= in haproxy -vv
William Dauchy (1):
REGTESTS: converter: add url_dec test
William Lallemand (6):
DOC: add missing 3.10 in the summary
BUG/MINOR: ssl: segv on startup when AKID but no keyid
BUG/MEDIUM: ssl/crt-list: bundle support broken in crt-list
BUG/MEDIUM: ssl: error when
ot totally replaced (the ENGINE
part for example) so we can't remove that for now. The deprecated flag
is an indicator and I don't know any distribution which build with this
way, so we are safe for now, but we should definitively migrate what is
deprecated if that's possible.
--
William Lallemand
On Tue, Nov 24, 2020 at 08:59:05AM -0300, Joao Morais wrote:
>
>
> > Em 24 de nov de 2020, à(s) 05:47, William Lallemand
> > escreveu:
> >
> > Hello Joao,
> >
> > On Sat, Nov 21, 2020 at 12:33:38PM -0300, Joao Morais wrote:
> >>
>
On Sat, Nov 21, 2020 at 11:23:32PM +0500, Илья Шипицин wrote:
> hopefully final BoringSSL patches this week.
>
> Ilya
Thanks, all merged!
--
William Lallemand
> declared certificate act as a fallback.
It looks good in my opinion, can you make a new patch for it?
Thanks
--
William Lallemand
t case, the fallback certificate will be "default.pem", and
in the second case, it will be the fist line of "list1.crtlist".
--
William Lallemand
On Sat, Nov 21, 2020 at 07:48:48AM -0300, Joao Morais wrote:
--
William Lallemand
0001-DOC-clarify-how-to-create-a-fallback-crt.patch
Description: Binary data
On Thu, Nov 19, 2020 at 12:58:06AM +0500, Илья Шипицин wrote:
> ping :) ?
>
> сб, 14 нояб. 2020 г. в 02:04, Илья Шипицин :
>
> > Hi.
> >
> > next define improvement.
> >
> > Ilya
> >
Thanks, merged.
--
William Lallemand
erver.c | 41 -
> src/ssl_sock.c | 17 ++
> 13 files changed, 165 insertions(+), 46 deletions(-)
> create mode 100644 reg-tests/server/cli_set_ssl.vtc
>
Thanks, now merged.
--
William Lallemand
ess, there's Ubuntu 16.04 as well, which gets regular
> maintenance till April 2021 and extended maintenance till April 2024.
> And yes, I do want to see older versions of openssl continue to work as
> long as it doesn't come with too high a maintenance cost.
>
It looks worse with CentOS, it uses a 1.0.1 release :-)
--
William Lallemand
On Tue, Nov 17, 2020 at 09:18:43AM -0300, Joao Morais wrote:
>
>
> > Em 17 de nov de 2020, à(s) 05:28, William Lallemand
> > escreveu:
> >
> > You could also do
> >
> > /tmp/default.pem !*
> >
> > That will ignore the creation of t
On Tue, Nov 17, 2020 at 09:09:38AM +0100, William Lallemand wrote:
> On Mon, Nov 16, 2020 at 08:44:58PM -0300, Joao Morais wrote:
> >
> > Hello list, I have a `crt-list` keyword configuring a list of
> > crt/keys, something like this:
> >
> > /t
should work on the first line.
Ideally we need a "crt-fallback" keyword which insert the crt in the
default_ctx without inserting it in the SNI tree.
--
William Lallemand
NOR: http-fetch: Extract cookie value even when no cookie name
Thierry Fournier (2):
BUG/MINOR: pattern: a sample marked as const could be written
BUG/MINOR: lua: set buffer size during map lookups
William Lallemand (3):
BUG/MEDIUM: ssl/crt-list: correctly insert crt-list line
s good. I think a VTC file which tests this feature could
also be a good idea, so we don't break this accidentaly.
Thanks!
--
William Lallemand
On Thu, Oct 29, 2020 at 01:17:55PM +0100, William Dauchy wrote:
> so we can reuse it later
>
> Signed-off-by: William Dauchy
Could you add a little more explanations in the commit message for this
one, and separate clearly the subject from the commit message?
Thanks!
--
William Lallemand
point of view :-)
--
William Lallemand
rs should consider this one if they didn't emit
the 2.3.0 yet.
We'll probably make a 2.3.1 release at the end of next week.
Sorry for the mess!
--
William Lallemand
On Tue, Nov 03, 2020 at 02:19:10PM +0500, Илья Шипицин wrote:
> Hi,
>
> the less we use HA_OPENSSL_VERSION_NUMBER, the better.
>
> cheers,
> Ilya
Thanks, merged in master.
--
William Lallemand
t locally, I never
> > linked haproxy with the no-deprecated mode before, I don't even know if
> >
>
I can reproduce that on my laptop with OpenSSL 1.1.1g, no need to set
the no deprecated mode.
--
William Lallemand
s one, I'll need to test that locally, I never
linked haproxy with the no-deprecated mode before, I don't even know if
every haproxy features are supported with this mode.
>
> should we address those failures before 2.3 release ?
>
It's better if we can fix the FreeBSD issue and at least identify what
the problems are with the openSSL issue.
--
William Lallemand
On Sat, Oct 31, 2020 at 02:13:35AM +0500, Илья Шипицин wrote:
> hi,
>
> let us use SSL_CTRL_GET_RAW_CIPHERLIST instead of versions.
>
> cheers,
> Ilya
Thanks, pushed in master.
--
William Lallemand
of the status code is probably failing
> roughly never, but I guess it's better to be safe there.
>
I think the impact is reasonable here, I'll take this one.
Thanks!
--
William Lallemand
On Sun, Oct 25, 2020 at 07:37:16PM +0500, Илья Шипицин wrote:
> Hi,
>
> we missed couple of releases.
>
> Ilya
Merged, thanks.
--
William Lallemand
; Ilya
Totally agree with this, merged in master.
--
William Lallemand
> Manu
>
>
>
Thanks, pushed in master and backported in 2.2 and 2.1!
--
William Lallemand
On Thu, Oct 22, 2020 at 08:41:35PM +0200, William Lallemand wrote:
> On Thu, Oct 22, 2020 at 10:20:12PM +0500, Илья Шипицин wrote:
> > can we backport
> > http://git.haproxy.org/?p=haproxy.git;a=commit;h=b3201a3e077198b3f75ebe8661aa45589b811552
> > to 2.1 as well ? it was not
d versions each time they change their
API. That's not how a stable branch is supposed to work.
Since people using boringSSL does not use a boringSSL release, I don't
see why they would need a haproxy release :-)
--
William Lallemand
> ninja-build, libpcre3-dev ]
>
Is there a reason we need both libprcre packages?
--
William Lallemand
> /* close random device FDs */
> RAND_keep_random_devices_open(0);
> #endif
> --
> 2.26.2
>
This one should be dropped?
--
William Lallemand
ne HA_OPENSSL_VERSION_NUMBER OPENSSL_VERSION_NUMBER
> #endif
Hello,
That's interesting to make it build with relatively new versions of
boringSSL. But it does not activate TLSv1.3 keywords and features this
way.
That should probably be enough for backporting in previous versions
though.
--
William Lallemand
hin HAProxy, you will still
have the same problem if the master crashes.
It's also a big change of behavior that could break existing scripts.
In my opinion this should be done this in your init script.
--
William Lallemand
And then compose a SSLKEYLOGFILE from your logs that you will open with
wireshark.
--
William Lallemand
the CLI instead ?
Willy has maybe a better suggestion about this.
--
William Lallemand
as well as private keys (.key) are supported with multi-cert bundling.
>
> "sctl": Try to load ".sctl" for each crt keyword.
Thanks, merged.
--
William Lallemand
uct bind_conf
> *bind_conf, struct proxy *cu
> }
> }
> }
> - if (cfgerr & ERR_CODE)
> - goto error;
> -
> entry = NULL;
> }
>
Thanks, merged.
--
William Lallemand
his in the future, allowing easy re-use within all line-based config
> parsers.
>
> see https://github.com/haproxy/haproxy/issues/860#issuecomment-693422936
> see 0354b658f061d00d5ab4b728d7deeff2c8f1503a
>
> This should be backported as a warning to 2.2.
Thanks, both merged.
--
William Lallemand
On Tue, Sep 29, 2020 at 11:26:21AM +0200, Willy Tarreau wrote:
> On Mon, Sep 28, 2020 at 02:31:18PM +0200, William Lallemand wrote:
> > > diff --git a/doc/management.txt b/doc/management.txt
> > > index adbad95d3..42e8ddbca 100644
> > > --- a/doc/management.txt
> will
> + avoid confusion, especailly when it comes to the `commit` command.
>
> prompt
>Toggle the prompt at the beginning of the line and enter or leave
> interactive
I don't think that's the good approach for 2.3, I replied on the github
issue: https://github.com/haproxy/haproxy/issues/872
--
William Lallemand
.com/haproxy/haproxy/issues/785
I'll update this soon since the subject evolved a little bit from the
development team point of view.
--
William Lallemand
On Tue, Sep 15, 2020 at 01:24:04PM -0300, Joao Morais wrote:
>
>
> > Em 15 de set de 2020, à(s) 12:36, William Lallemand
> > escreveu:
> >
> > Oh right... the space in "[was: ]" is troublesome for cutting the string,
> > we must remove it.
>
f-record%20separator_30
>
The problem with this is that it's not human readable since this is a
non-printable character. I prefer to keep it simple.
--
William Lallemand
On Tue, Sep 15, 2020 at 05:39:18PM +0200, Tim Düsterhus wrote:
> William,
>
> Am 15.09.20 um 17:36 schrieb William Lallemand:
> > Oh right... the space in "[was: ]" is troublesome for cutting the string,
> > we must remove it.
> >
>
> Why not use the
On Tue, Sep 15, 2020 at 11:52:15AM -0300, Joao Morais wrote:
>
>
> > Em 14 de set de 2020, à(s) 19:14, William Lallemand
> > escreveu:
> >
> > Hello,
> >
> > On Mon, Sep 14, 2020 at 12:09:21PM -0300, Joao Morais wrote:
> >> Hello list,
e lay out is immutable. Maybe I missed some
> optional json output in the doc?
>
It is supposed to be splitable easily with cut, but if that does not
work this is a clearly a bug.
--
William Lallemand
to
> link the mailing list thread in the issue for reference.
>
Okay, thanks!
--
William Lallemand
On Tue, Sep 08, 2020 at 06:59:07PM +0200, William Lallemand wrote:
> On Tue, Sep 08, 2020 at 05:51:31PM +0200, Willy Tarreau wrote:
> > On Tue, Sep 08, 2020 at 05:21:34PM +0200, William Lallemand wrote:
> > > Also, when reading the RFC about the 304, I notice that they impose to
On Tue, Sep 08, 2020 at 05:51:31PM +0200, Willy Tarreau wrote:
> On Tue, Sep 08, 2020 at 05:21:34PM +0200, William Lallemand wrote:
> > Also, when reading the RFC about the 304, I notice that they impose to
> > remove some of the entity headers in the case of the weak etag, so th
On Tue, Sep 08, 2020 at 04:11:40PM +0200, Tim Düsterhus wrote:
> William,
>
> [Did you leave out the list intentionally?]
>
Oops, no sorry, I'll bounce my previous mail on the list.
> Am 08.09.20 um 14:40 schrieb William Lallemand:
> >> diff --git a/include/haproxy
201 - 300 of 702 matches
Mail list logo