Re: [PATCH]: thread disable thread affinity for macOs arm64

Hi David, On Sun, Jan 15, 2023 at 04:32:05PM +, David CARLIER wrote: > Hi, > > here a patch to disable the cpu affinity feature on macOs arm64, > see the comments for more explanation. > > Cheers ! > From 70283dc8295a17254dcb6772247f68c68160d708 Mon Sep 17 00:00:00 2001 > From: David CARLI

Re: Haproxy (2.2.26) Wont Start - cannot find default_backend

Hi Lukas, On Thu, Jan 12, 2023 at 09:12:19PM +0100, Lukas Tribus wrote: > Hello, > > > On Thu, 12 Jan 2023 at 09:35, Aurelien DARRAGON wrote: > > > > Hi, > > > > > I am having trouble with Haproxy using a configuration was previously > > > worked and am getting a very odd to me error > > > > >

Re: is there releases.json ?

Hi Ilya, On Wed, Jan 11, 2023 at 08:39:43PM +0600, ??? wrote: > Hello, > > is "releases.json" generated by haproxy/make-releases-json at master · > haproxy/haproxy (github.com) > > published somewhere ? Yes, it'

Re: [PATCH] DOC: config: added optional rst-ttl argument to silent-drop in action

Hi Mathias, On Mon, Jan 09, 2023 at 01:25:30PM +, Mathias Weiersmüller (cyberheads GmbH) wrote: > This patch adds the optional silent-drop rst-ttl argument to the action lists > in > 5 places in the configuration manual. > > It should be backported to 2.7. I'll send you a patch for 2.7 when

Re: Question about the "name" option for the bind line

On Sun, Jan 08, 2023 at 05:54:46PM -0700, Shawn Heisey wrote: > On 1/7/23 09:59, Willy Tarreau wrote: > > Also if you want you can show the IP:ports by adding "stats show-legends" > > in your stats section. However, be aware that it will also show server IP > > a

Re: [PATCH] CLEANUP: fix a typo in an error message of http_str_to_htx

On Mon, Jan 09, 2023 at 01:31:06AM +, Manu Nicolas wrote: > This fixes a typo in an error message about headers in the > http_str_to_htx function. Applied, thank you Manu! Willy

Re: [ANNOUNCE] haproxy-2.8-dev1

Hi Alex, On Sat, Jan 07, 2023 at 06:31:40PM +0100, Aleksandar Lazic wrote: > > > On 07.01.23 10:38, Willy Tarreau wrote: > > Hi, > > > > HAProxy 2.8-dev1 was released on 2023/01/07. It added 206 new commits > > after version 2.8-dev0. > > [snipp] &

Re: Question about the "name" option for the bind line

On Sat, Jan 07, 2023 at 10:39:47AM -0700, Shawn Heisey wrote: > On 1/7/23 09:59, Willy Tarreau wrote: > > No, you just have one entry per "bind" line. If it's only a matter of > > listening on multiple host:port and you want them merged, you could > > probab

Re: Question about the "name" option for the bind line

On Sat, Jan 07, 2023 at 09:57:06AM -0700, Shawn Heisey wrote: > On 1/7/23 09:41, Shawn Heisey wrote: > > That's really cool.  But I have an oddity I'd like to share and see if > > it needs some work. > > Semi-related but separate: I have this line in that frontend: > > stats uri /redacted > >

Re: Question about the "name" option for the bind line

On Sat, Jan 07, 2023 at 09:41:01AM -0700, Shawn Heisey wrote: > On 1/7/23 07:46, Willy Tarreau wrote: > > Indeed, you need "option socket-stats" in the frontend that has such > > listeners, so that the stats are collected per-listening socket (this > > is not th

Re: Question about the "name" option for the bind line

Hello Marcel, On Sat, Jan 07, 2023 at 03:34:43PM +0100, Marcel Menzel wrote: > Hello list, > > according to the documentation [1], there is an option to set an optional > name for sockets that's being displayed on the stats page. I was hoping to > receive per address family statistics without hav

Re: Miscellaneous Crashes on 2.7.1

Hi Luke, On Sat, Jan 07, 2023 at 01:44:30PM +0100, Luke Seelenbinder wrote: > Hi list, > > We've been running 2.7.1 on a subset of our edge servers with QUIC + HTTP/3 > enabled, and we're seeing routine, but infrequent (~daily), crashes (mix of > SIGABRT / SIGSEGV). I have coredumps and there doe

[ANNOUNCE] haproxy-2.8-dev1

n ssl_ocsp_get_uri_from_cert() CLEANUP: ssl/ocsp: add spaces around operators BUG/MINOR: ssl/ocsp: httpclient blocked when doing a GET MINOR: httpclient: don't add body when istlen is empty MEDIUM: httpclient: change the default log format to skip duplicate proxy data

Re: [PATCH 1/3] REGTESTS: Remove REQUIRE_VERSION=1.9 from all tests

Hi Tim, On Wed, Jan 04, 2023 at 06:49:36PM +0100, Tim Duesterhus wrote: > HAProxy 2.0 is the lowest supported version, thus this always matches. (...) Series merged, thank you! Willy

Re: [ANNOUNCE] haproxy-1.8.31

On Wed, Jan 04, 2023 at 06:47:13PM +0100, Tim Düsterhus wrote: > Willy, > > On 1/4/23 18:33, Willy Tarreau wrote: > > > Is 1.8 officially EOL now? Asking, because then I'd remove it from here: > > > > > > https://github.com/docker-library/haproxy/tree

Re: [ANNOUNCE] haproxy-1.8.31

Hi Tim! On Wed, Jan 04, 2023 at 06:04:16PM +0100, Tim Düsterhus wrote: > Hi > > On 12/9/22 16:28, Christopher Faulet wrote: > > The EOL for the 1.8 is planned at the end of this year. Except if there are > > critical bugs in next few weeks, no further release should be expected. For > > Is 1.8 o

Re: [PATCH 0/5] Changes to matrix.py

On Tue, Jan 03, 2023 at 04:28:38PM +0100, William Lallemand wrote: > On Thu, Dec 29, 2022 at 06:24:52PM +0100, Willy Tarreau wrote: > > On Thu, Dec 29, 2022 at 11:15:30PM +0600, ??? wrote: > > > I'm fine with reformatting/caching/whatever. > > > > &

Re: [PATCH 0/5] Changes to matrix.py

On Thu, Dec 29, 2022 at 11:15:30PM +0600, ??? wrote: > I'm fine with reformatting/caching/whatever. > > btw, Tim, while on this, can you please add LibreSSL-3.7.0 (fixed) to > stable branches ? > I've forgotten, now we do not run libressl for stable branches at all Thank you both for the

Re: testing haproxy against older/newer gcc compilers

Hi Ilya, On Thu, Dec 29, 2022 at 09:24:43PM +0600, ??? wrote: > Hello, > > I noticed some patches/commits related to "fix compilation on gcc-4/5..." > > I came to an idea to use official gcc images: > https://hub.docker.com/_/gcc/tags?page=1 > that mostly works in Github actions except

Re: Query

Hi, On Thu, Dec 29, 2022 at 03:44:35PM +0500, Fida AWAN wrote: > I am setting up Percona-Xtradb-Cluster 5.7 with HAproxy version 2.6.7 and > heartbeat with two vms for percona cluster (...) > But the issue is when I > I have a third client vm in the same subnet with private ip 10.0.0.8 > When I t

Re: Ha proxy frontend

On Thu, Dec 29, 2022 at 11:33:03AM +0500, Ghufran Shahzad wrote: > Yes, sure, I make 2 azure vms, and install mysql server and use load > balancer , mysql percona clusters , then i install ha proxy on both vms but > when i access them it is not working, can you please give me a solution? You reali

Re: Ha proxy frontend

On Thu, Dec 29, 2022 at 11:26:43AM +0500, Ghufran Shahzad wrote: > how we can access frontend ip on ha proxy? kindly give me detailed > solution. thanks Could you please precise your question ? Willy

Re: Support arbitrary PROXY protocol v2 TLVs as samples

Hi Johannes, On Fri, Dec 23, 2022 at 02:08:09PM +, Bitsch, Johannes (external - Project) wrote: > Hi all, > > I created a feature request on github about supporting arbitrary PROXY > protocol v2 TLVs in haproxy a few weeks ago[1]. > > Since I haven't received any feedback or reactions on it

Re: Failures on "Generate Build Matrix"

On Fri, Dec 23, 2022 at 03:24:47PM +0100, William Lallemand wrote: > On Fri, Dec 23, 2022 at 12:14:15AM +0600, ??? wrote: > > haproxy/vtest.yml at master · chipitsine/haproxy (github.com) > > > > > > s

Re: Failures on "Generate Build Matrix"

On Fri, Dec 23, 2022 at 12:08:29AM +0600, ??? wrote: > not perfect, but it works Can you please elaborate ? You sent a two-line screenshot of something I have no idea what this is nor what to do with it. Are you suggesting to rename the token or something else ? I'm sorry but your message

Re: Failures on "Generate Build Matrix"

On Thu, Dec 22, 2022 at 11:56:24PM +0600, ??? wrote: > you can limit token scope to read repo information. I tried anyway, it created one and failed with: Failed to add secret. Secret names must not start with GITHUB_. So I guess we should have tried it before committing the entry :

Re: Failures on "Generate Build Matrix"

On Thu, Dec 22, 2022 at 11:56:24PM +0600, ??? wrote: > you can limit token scope to read repo information. But the request you're making with it concerns a different project (openssl), will this work ? Willy

Re: Failures on "Generate Build Matrix"

On Thu, Dec 22, 2022 at 11:35:35PM +0600, ??? wrote: > here's how it works > > (unfortunately, github does not allow secret named GITHUB_ , so I created > secret "TOKEN" and assigned it to variable GITHUB_API_TOKEN) > > I also added "env" to print all variables, you can value of > GITHUB

Re: Failures on "Generate Build Matrix"

On Thu, Dec 22, 2022 at 06:20:26PM +0100, William Lallemand wrote: > On Thu, Dec 22, 2022 at 06:12:46PM +0100, Willy Tarreau wrote: > > On Thu, Dec 22, 2022 at 11:00:26PM +0600, ??? wrote: > > > I'm not sure if it possible to issue organization based token (n

Re: Failures on "Generate Build Matrix"

On Thu, Dec 22, 2022 at 11:00:26PM +0600, ??? wrote: > I'm not sure if it possible to issue organization based token (not a > personal one). > > As for visibility, secrets are not visible for pull requests. My concern is not that they are in PR or any such thing, but they're passed in HT

Re: Failures on "Generate Build Matrix"

On Thu, Dec 22, 2022 at 10:32:22PM +0600, ??? wrote: > I attached a patch. It keeps current behaviour and is safe to apply. > > in order to make a difference, github token must be issued and set via > github ci settings. OK I understand better now, thanks! I didn't know that there was a

Re: Failures on "Generate Build Matrix"

On Thu, Dec 22, 2022 at 04:47:09PM +0600, ??? wrote: > what if I make it conditional, i.e. if github token is defined via env, > make non anonymous api call, I'm sorry, Ilya, but I have no idea what this means :-) Willy

Re: Failures on "Generate Build Matrix"

On Thu, Dec 22, 2022 at 03:49:34PM +0600, ??? wrote: > it is something I was afraid of "HTTP Error 403: rate limit exceeded". > ok, I'll try to deal with that Yep I've also seen a 429 this morning, indicating we were making too many requests to clone a repo. I think this is purely a probl

Re: [PATCH 1/1] BUG/MEDIUM: tests: use tmpdir to create UNIX socket

Hi Bertrand, On Sat, Dec 17, 2022 at 09:39:38PM +, Bertrand Jacquin wrote: > testdir can be a very long directory since it depends on source > directory path, this can lead to failure during tests when UNIX socket > path exceeds maximum allowed length of 97 characters as defined in > str2sa_ra

Re: Theoretical limits for a HAProxy instance

On Fri, Dec 16, 2022 at 05:42:50PM +0100, Iago Alonso wrote: > Hi, > > > Ah that's pretty useful :-) It's very likely dealing with the handshake. > > Could you please run "perf top" on this machine and list the 10 top-most > > lines ? I'm interested in seeing if you're saturating on crypto functio

Re: Followup on openssl 3.0 note seen in another thread

On Fri, Dec 16, 2022 at 06:58:33AM -0700, Shawn Heisey wrote: > On 12/16/22 01:59, Shawn Heisey wrote: > > On 12/16/22 00:26, Willy Tarreau wrote: > > > Both work for me using firefox (green flash after reload). > > > > It wasn't working when I tested it. 

Re: Followup on openssl 3.0 note seen in another thread

On Thu, Dec 15, 2022 at 08:40:59PM -0700, Shawn Heisey wrote: > On 12/15/22 09:47, Shawn Heisey wrote: > > The version of curl with http3 support is not available in any of the > > distro repos for my Ubuntu machines, so I found a docker image with it. > > That works in cases where a browser won't

Re: Followup on openssl 3.0 note seen in another thread

On Thu, Dec 15, 2022 at 09:47:36AM -0700, Shawn Heisey wrote: > Just got a look at the patch. One line code fixes are awesome. We all love them. Sometimes I even suspect we unconsciously create such bugs to have the pleasure of contemplating these fixes :-) Willy

Re: Followup on openssl 3.0 note seen in another thread

On Fri, Dec 16, 2022 at 01:44:15AM -0500, John Lauro wrote: > What exactly is needed to reproduce the poor performance issue with openssl > 3? I was able to test 20k req/sec with it using k6 to simulate 16k users > over a wan. The k6 box did have openssl1. Probably could have sustained > more, b

Re: Followup on openssl 3.0 note seen in another thread

On Thu, Dec 15, 2022 at 11:39:16PM -0700, Shawn Heisey wrote: > On 12/15/22 21:49, Willy Tarreau wrote: > > There's currently a great momentum around WolfSSL that was already > > adopted by Apache, Curl, and Ngtcp2 (which is the QUIC stack that > > powers most HTTP

Re: Followup on openssl 3.0 note seen in another thread

On Fri, Dec 16, 2022 at 07:29:23AM +0100, Vincent Bernat wrote: > On 2022-12-16 05:49, Willy Tarreau wrote: > > There's currently a great momentum around WolfSSL that was already > > adopted by Apache, Curl, and Ngtcp2 (which is the QUIC stack that > > powers most HTTP

Re: Followup on openssl 3.0 note seen in another thread

On Thu, Dec 15, 2022 at 08:58:29PM -0700, Shawn Heisey wrote: > I'm sure the performance issue has been brought to the attention of the > OpenSSL project ... what did they have to say about the likelihood and > timeline for providing a fix? They're still working on it for 3.1. 3.1-alpha is "less w

Re: Followup on openssl 3.0 note seen in another thread

On Thu, Dec 15, 2022 at 08:56:13AM +0100, Vincent Bernat wrote: > On 2022-12-14 15:15, Willy Tarreau wrote: > > Possibly, yes. It's more efficient in every way from what we can see. > > For users who build themselves (and with QUIC right now you don't have > >

Re: Followup on openssl 3.0 note seen in another thread

On Thu, Dec 15, 2022 at 10:23:59AM +0600, ??? wrote: > Can you try to bisect? > > I suspect that it won't help, browsers tend to remember things in their own > way That's often the problem we've been facing as well during tests. When a browser decides that your QUIC implementation doesn'

Re: Followup on openssl 3.0 note seen in another thread

On Wed, Dec 14, 2022 at 07:01:59AM -0700, Shawn Heisey wrote: > On 12/14/22 06:07, Willy Tarreau wrote: > > By the way, are you running with OpenSSL > > 3.0 ? That one is absolutely terrible and makes extreme abuse of > > mutexes and locks, to the point that certain workload

Re: Theoretical limits for a HAProxy instance

On Wed, Dec 14, 2022 at 02:04:44PM +0100, Iago Alonso wrote: > Also, our connections are renewed constantly, with a ssl rate of about 3000 > per second, same as our connection rate. Very useful, that answers one of my previous questions. Then please check "perf top", it will be very instructive I

Re: Theoretical limits for a HAProxy instance

On Wed, Dec 14, 2022 at 12:50:10PM +0100, Iago Alonso wrote: > Hi, > > We are not sure what element produces the errors, in the haproxy logs we > don't see them. Then they don't pass through haproxy nor do they come from haproxy. > What does it happen with the new connections when we hit the > l

Re: [PATCH] MINOR : converter: add param converter

On Wed, Dec 14, 2022 at 12:19:59AM -0700, Thayne McCombs wrote: > Add a converter that extracts a parameter from string of delimited > key/value pairs. Great, now merged. Thank you! Willy

Re: Theoretical limits for a HAProxy instance

Hi, On Tue, Dec 13, 2022 at 03:33:58PM +0100, Iago Alonso wrote: > Hi, > > We do hit our defined max ssl/conn rates, but given the spare > resources, we don't expect to suddenly return 5xx. What bothers me is that once this limit is reached there's no more connection accepted by haproxy so you s

Re: [PATCH]: BUILD: insecure-setuid-wanted support on FreeBSD

On Thu, Dec 08, 2022 at 08:40:02AM +, David CARLIER wrote: > ping :) is the mailing list still the way for patches or is github more > appropriate for better traceability ? The mailing list is still preferred for patches, but I previously got the impression that you resent the same. Better mak

Re: [PATCH] MINOR : converter: add param converter

On Wed, Jun 08, 2022 at 01:56:20AM -0600, astrotha...@gmail.com wrote: > +param(,[]) > + This extracts the first occurrence of the parameter in the input > string > + where parameters are delimited by , which defaults to "&", and the > name > + and value of the parameter are separated by a "=

Re: [PATCH] MINOR : converter: add param converter

On Tue, Dec 06, 2022 at 03:44:00PM -0700, Thayne wrote: > Any update on this? Hmm indeed it left forgotten in the dust, we must get back to it to verify that it's OK then merge it. Thanks for the reminder, Thayne! Willy

Re: [PATCH] spelling fixes

On Wed, Dec 07, 2022 at 09:48:17AM +0500, ??? wrote: > Hello, > > yet another spelling fix. Applied and pushed, thank you Ilya! Willy

Re: Reproducible CI build with OpenSSL and "latest" keyword

On Tue, Dec 06, 2022 at 06:59:30PM +0100, Tim Düsterhus wrote: > William, > > On 12/6/22 15:37, William Lallemand wrote: > > As I already mentionned, I don't really like the "latest" keyword for > > the OpenSSL version as it prevent us to have reproducible builds. > > It updates versions without w

Re: [ANNOUNCE] haproxy-2.6.7

On Fri, Dec 02, 2022 at 09:30:32PM +0100, Christopher Faulet wrote: > First of all, there is a pending fix not included in this release. It was > first backported then reverted. It will be backported again just after the > release and will be shipped with the 2.6.8. The aim is to not introduce > is

Re: LICENSE: wurfl: clarify the dummy library license

On Thu, Dec 01, 2022 at 10:26:04PM -0500, Luca Passani wrote: > Yes, this is fine. You can add my sign-off on my behalf. Thank you, Willy. Perfect, now done. Thank you Luca! Willy

Re: LICENSE: wurfl: clarify the dummy library license

Hi Luca, On Thu, Dec 01, 2022 at 08:07:19PM -0500, Luca Passani wrote: > Hey Paul, can you handle this? You are hereby authorized to write "signed > off by Luca Passani, CTO, ScientiaMobile, Inc." Please note that it should be: Signed-off-by: name Thus in your case: Signed-off-by: Luca

Re: LICENSE: wurfl: clarify the dummy library license

Hi Paul/Luca, On Thu, Dec 01, 2022 at 05:32:37PM +0100, Scientiamobile wrote: > This patch clarifies the WURFL dummy library license. > Should be backported where relevant. Thank you for handling this! I'm having two comments below: > From 50b8b8fcd3cd4cd1cc2402d06fc89b146b33be23 Mon Sep 17 00:0

Re: [ANNOUNCE] haproxy-2.7.0

Hi Tim! I knew you would be the first one reporting some misses despite my great care for not triggering your radar ;-) On Thu, Dec 01, 2022 at 05:18:32PM +0100, Tim Düsterhus wrote: > Willy, > > On 12/1/22 16:13, Willy Tarreau wrote: > > hope I didn't mess up with the rele

[ANNOUNCE] haproxy-2.7.0

ng retransmissions Ilya Shipitsin (1): CLEANUP: assorted typo fixes in the code and comments Stefan Eissing (1): BUILD: quic: allow build with USE_QUIC and USE_OPENSSL_WOLFSSL William Lallemand (2): MINOR: ssl: forgotten newline in error messages on ca-file BUG/MINOR: s

[ANNOUNCE] haproxy-2.7-dev10

"chosen" all over the code Mathias Weiersmueller (1): MEDIUM: tcp-act: add parameter rst-ttl to silent-drop Uriah Pollock (2): BUILD: quic: use openssl-compat.h instead of openssl/ssl.h MEDIUM: ssl: add minimal WolfSSL support with OpenSSL compatibility mode Willy Tar

Re: [PATCH] fix spelling "choosen" --> "chosen"

Hi Ilya, On Sat, Nov 19, 2022 at 06:25:39PM +0500, ??? wrote: > Hello, > > can we settle it before 2.7 ? After seeing William's response indicating that it wouldn't build I thought it was merged but apparently not. We'll have a second look, thanks for the reminder. Willy

Re: [PATCH] MEDIUM: frontend: add parameter rst-ttl to silent-drop

Hi Mathias, On Fri, Nov 18, 2022 at 11:38:06PM +, Mathias Weiersmüller (cyberheads GmbH) wrote: > Hi, > > I've accepted Willy's challenge from HAProxy.conf 2022, here is my shot: Oh thank you! > The silent-drop action was extended with an additional optional parameter, > [rst-ttl ], causi

[ANNOUNCE] haproxy-2.7-dev9

when using QUIC CLEANUP: ssl: remove printf in bind_parse_ignore_err BUG/MINOR: ssl: crt-ignore-err memory leak with 'all' parameter MINOR: ssl: ssl_sock_load_cert_chain() display error strings MINOR: ssl: reintroduce ERR_GET_LIB(ret) == ERR_LIB_PEM in ssl_sock

Re: dsr and haproxy

On Mon, Nov 07, 2022 at 09:00:11AM -0500, John Lauro wrote: > The SYN-ACK tracking works in transparert mode with haproxy. I have setup > haproxy to rebind all connections before and basically proxy the internet > (and use NAT for udp). That said, I assume the point of DSR is that it's > not alwa

Re: dsr and haproxy

On Fri, Nov 04, 2022 at 05:33:40PM +0100, Lukas Tribus wrote: > On Fri, 4 Nov 2022 at 16:50, Szabo, Istvan (Agoda) > wrote: > > > > Yeah, that's why I'm curious anybody ever made it work somehow? > > Perhaps I should have been clearer. > > It's not supported because it's not possible. > > Hapro

Re: [PATCH]: BUILD: insecure-setuid-wanted support on FreeBSD

Hi David, On Fri, Nov 04, 2022 at 07:34:46PM +, David CARLIER wrote: > Hi, > > here a little patch to port the insecure-setuid-wanted directive on FreeBSD. Thanks. I'm having a few comments below. > From be693024d7e49173f7ff37566232238fc5ea1887 Mon Sep 17 00:00:00 2001 > From: David CARLIER

Re: [PATCH] CI: switch to LibreSSL-3.6.1, enable QUIC

On Sat, Nov 05, 2022 at 10:12:00AM +0500, ??? wrote: > gentle ping Sorry Ilya, quite busy at the moment, now applied. Thanks! Willy

Re: [PATCH] fix spelling "choosen" --> "chosen"

On Wed, Nov 02, 2022 at 10:43:49AM +0100, William Lallemand wrote: > > > - if (!tp->choosen) > > > + if (!tp->chosen) > > > return; > > > > > > - chunk_appendf(b, "\n\tversion_information:(choosen=0x%08x", > > > tp->choosen); > > > + chunk_appendf(b, "\n\tversion_information:(chosen=0x

Re: [PATCH] fix spelling "choosen" --> "chosen"

Hi Ilya, On Tue, Nov 01, 2022 at 03:49:18PM +0500, ??? wrote: > Hello, > > I'm not sure how good is idea to fix variable names. > if we want to keep as is, I'd setup spelling exclusion. Interesting. I'm CCing the relevant maintainers, they're the best placed to know if they're willing t

Re: [PATCH] CI: monthly scheduled cross compile jobs

On Sat, Oct 29, 2022 at 08:17:17AM +0500, ??? wrote: > gentle ping Sorry for the delay, Ilya, currently busy working on the upcoming conference :-/ Both patches applied (this one and the spelling fixes). Thanks! Willy

Re: some updates around haproxy-dconv

Hi Cyril, On Sun, Oct 16, 2022 at 08:49:48PM +0200, Cyril Bonté wrote: > Hi all ! > > Yes, I'm quite far from the mailing list, and I fear I won't be as active as > before for some more times. life happens... > Nevertheless, here are some updates : > > * Concerning the syntax for keywords with

Re: [PATCH] improve quictls build time

On Sat, Oct 15, 2022 at 10:10:38AM +0500, ??? wrote: > Hello, > > currently QuicTLS takes 3m40s > disabling "tests" saves 40sec per build. Applied, thank you Ilya! Willy

[ANNOUNCE] haproxy-2.7-dev8

an allocated area MINOR: buffers: split b_force_xfer() into b_cpy() and b_force_xfer() MINOR: logs: startup-logs can use a shm for logging the reload MINOR: mworker/cli: reload command displays the startup-logs DOC: management: update the "reload" command of the master

Re: [PATCH 2/2] CI: Replace the deprecated `::set-output` command by writing to $GITHUB_OUTPUT in workflow definition

On Fri, Oct 14, 2022 at 07:46:07PM +0200, Tim Duesterhus wrote: > See "CI: Replace the deprecated `::set-output` command by writing to > $GITHUB_OUTPUT in matrix.py" for the reasoning behind this commit. (...) both patches applied, thanks Tim! Willy

Re: [PATCH] CI: use proper version generating when {OPENSSL,LIBRESSL}_VERSION=latest semantic is used

Hi Ilya, On Tue, Oct 11, 2022 at 12:18:40PM +0500, ??? wrote: > split patches attached. Sorry for the delay. Both applied now, thank you! Willy

Re: [PATCH] CI: use proper version generating when {OPENSSL,LIBRESSL}_VERSION=latest semantic is used

On Tue, Oct 11, 2022 at 10:27:20AM +0500, ??? wrote: > I was in doubt whether to split it into 2 patches (because they touch > single file), The principle to keep in mind is that you may want to change your mind later regarding any of the changes, so if they're independent, they should be

Re: [PATCH] CI: use proper version generating when {OPENSSL,LIBRESSL}_VERSION=latest semantic is used

Hi Ilya, On Sat, Oct 08, 2022 at 08:17:26PM +0500, ??? wrote: > Hello, > > when OPENSSL_VERSION=latest (same for LIBRESSL_VERSION=latest) was > introduced, I made a mistake, and resolved version was generated as > OPENSSL=3.0.5 which makes no sense to build-ssl.sh, proper version should

Re: [PATCH 0/2] Reapply Coccinelle patches

Hi Tim! On Sat, Oct 08, 2022 at 12:33:17PM +0200, Tim Duesterhus wrote: > Willy, > > as with the past branches, I've reapplied the Coccinelle patches to do > some cleanup before the release. Thank you, now applied. Willy

[ANNOUNCE] haproxy-2.7-dev7

ker: mworker_cli_proxy_new_listener() returns a bind_conf MINOR: mworker: stores the mcli_reload bind_conf MINOR: mworker/cli: the mcli_reload bind_conf only send the reload status DOC: management: describe the new reload command behavior DOC: management: add timeout on t

[ANNOUNCE] haproxy-2.7-dev6

MEDIUM: httpclient: httpclient_create_proxy() creates a proxy for httpclient MEDIUM: httpclient: allow to use another proxy MINOR: httpclient: export httpclient_create_proxy() MEDIUM: quic: separate path for rx and tx with set_encryption_secrets Willy Tarreau (50): BUG/MINOR:

Re: [PR] fix some typos

On Wed, Sep 14, 2022 at 11:05:30PM +0200, Tim Düsterhus wrote: > On 9/14/22 22:43, Willy Tarreau wrote: > > Thanks, but quite honnestly, even this one is not a commit message. > > There really is not much to be explained for some obvious typo fixes in > comments (i.e. not even c

Re: [PR] fix some typos

Hi Tim, On Wed, Sep 14, 2022 at 07:44:27PM +0200, Tim Düsterhus wrote: > The fixes look correct to me, but the commit message is horrible. I've > attached the patch with a proper commit message (dropping the Signed-off-by > and adding a Co-authored-by). > > Best regards > Tim Düsterhus > From e2

Re: [PATCH] DOC: fix TOC in starter guide for subsection 3.3.8. and 3.4.9

On Mon, Sep 12, 2022 at 12:19:42PM +0200, Tim Düsterhus wrote: > Mathias, > > On 9/10/22 20:08, Mathias Weiersmüller (cyberheads GmbH) wrote: > > The subsection 3.4.9 (Standard features : Statistics) in the starter guide > > from 2.4 up to latest points to a non-existing anchor. It looks like th

Re: lua workers and peer stick tables

Hi Dave, On Thu, Sep 08, 2022 at 01:20:57AM +, Dave Cottlehuber wrote: > The second part, is it possible to access peer stick tables? > > I don't see them in the objects listed by Thierry, nor when recursively > dumping the core object. > > https://www.arpalert.org/src/haproxy-lua-api/2.6/#e

Re: [PATCH] Allow disabling "option forwardfor"

Hi Samuel, On Thu, Sep 08, 2022 at 09:04:22AM +0200, Samuel Maftoul wrote: > Hi, > > This is the continuation of a discussion that happened on github ( > https://github.com/haproxy/haproxy/pull/1853). Thanks for this. > Here, I applied Willy's 3rd proposal: adding a keyword to the forwardfor >

Re: [PATCH] cirrus-ci: bump FreeBSD image to 13.1

On Fri, Sep 09, 2022 at 12:27:09PM +0200, Tim Düsterhus wrote: > Willy, > > On 9/8/22 19:04, ??? wrote: > > as we install freebsd binary packages, we need to bump image from time to > > time > > to match prebuilt packages. > > > > The patch LGTM and should unbreak CI. Please take it. A

Re: lua workers and peer stick tables

Hi Dave, On Wed, Sep 07, 2022 at 09:04:44PM +, Dave Cottlehuber wrote: > hi, > > I'm working towards dumping a list of top N http requesters via a > lua-driven HTTP response, from a peer synced table. > > The first stage is to dump without peers. I have found the stick table > object, but ca

Re: server cookie value uniqueness

Hello Artur, On Tue, Sep 06, 2022 at 05:50:47PM +0200, Artur wrote: > Hello ! > > I'm adding two servers s01 and s02 to the current config and setting the > same cookie value as for existing s1 and s2. > These cookies are here to permit sticky sessions. > What may be the behaviour of haproxy in t

Re: Warnings with gcc 12.2.0 ... is the community interested in those, or already aware?

On Mon, Sep 05, 2022 at 08:43:18AM -0600, Shawn Heisey wrote: > On 9/5/22 02:45, Tim Düsterhus wrote: > > I'd say: Create an issue at https://github.com/haproxy/haproxy/issues. > > In the worst case it's just a duplicate and will be labeled as such. > > > > In the ideal case you would've simply sh

Re: MINOR: Revert part of clarifying samples support per os commit

On Sat, Sep 03, 2022 at 12:21:56AM -0400, Brad Smith wrote: > On 9/3/2022 12:12 AM, Willy Tarreau wrote: > > On Thu, Aug 25, 2022 at 11:13:38PM -0400, Brad Smith wrote: > > > Commit 5c83e3a1563cd7face299bf08037e51f976eb5e3 made some adjustments > > > to clarify wh

Re: [PATCH] BUILD: makefile: enable crypt(3) for NetBSD

On Sat, Sep 03, 2022 at 12:19:24AM -0400, Brad Smith wrote: > On 9/3/2022 12:11 AM, Willy Tarreau wrote: > > On Sat, Aug 13, 2022 at 12:57:31AM -0400, Brad Smith wrote: > > > Allow NetBSD to support encrypted passwords in Userlists. > > > > > Mergd, thank you B

Re: Server state file: port doesn't change after config update

Hi Bren, On Mon, Aug 22, 2022 at 05:20:37PM +, Bren wrote: > Hello, > > We've been seeing another minor issue I've been meaning to ask about. We're > using a server state file: > > server-state-file /var/lib/haproxy/server_state > > In my systemd config for haproxy I've added a couple line

Re: most probably next LibreSSL release will come with ... QUIC

Hi, On Wed, Aug 31, 2022 at 10:20:42PM +0200, Lukas Tribus wrote: > Hello, > > > wolfSSL has also chosen to use the same API for QUIC: > > https://www.wolfssl.com/wolfssl-quic-support/ > > > The wolfSSL QUIC API is aligned with the corresponding APIs in other *SSL > > libraries, making integra

Re: MINOR: Revert part of clarifying samples support per os commit

On Thu, Aug 25, 2022 at 11:13:38PM -0400, Brad Smith wrote: > Commit 5c83e3a1563cd7face299bf08037e51f976eb5e3 made some adjustments > to clarify which TCP_INFO information is supported by each respective > OS. (...) Merged, thank you Brad! Willy

Re: [PATCH] BUILD: makefile: enable crypt(3) for NetBSD

On Sat, Aug 13, 2022 at 12:57:31AM -0400, Brad Smith wrote: > Allow NetBSD to support encrypted passwords in Userlists. > Mergd, thank you Brad! Willy

[ANNOUNCE] haproxy-2.6.5

use host_only to remove its port. BUG/MINOR: ssl: fix deinit of the ca-file tree BUG/MINOR: ssl: leak of ckch_inst_link in ckch_inst_free() BUG/MINOR: ssl: revert two wrong fixes with ckhi_link BUG/MINOR: ssl: leak of ckch_inst_link in ckch_inst_free() v2 Willy Tarreau (26):

[ANNOUNCE] haproxy-2.7-dev5

rt_only converters BUG/MINOR: httpclient: fix resolution with port DOC: configuration.txt: do-resolve must use host_only to remove its port. BUG/MINOR: ssl: fix deinit of the ca-file tree BUG/MINOR: ssl: leak of ckch_inst_link in ckch_inst_free() BUG/MINOR: ssl: revert tw

Re: [PATCH] MINOR: tcp_sample: extend support for get_tcp_info to OpenBSD

On Tue, Aug 23, 2022 at 10:37:28PM -0400, Brad Smith wrote: > On 8/23/2022 10:22 PM, Willy Tarreau wrote: > > Hi Brad, > > > > On Sat, Aug 13, 2022 at 11:25:32PM -0400, Brad Smith wrote: > > > I'm not sure if MINOR is right. Currently the build is broken si

Re: [PATCH] MINOR: tcp_sample: extend support for get_tcp_info to OpenBSD

Hi Brad, On Sat, Aug 13, 2022 at 11:25:32PM -0400, Brad Smith wrote: > I'm not sure if MINOR is right. Currently the build is broken since TCP_INFO > was added. Just to be certain, you mean the build is broken without your patch or with it ? If it's broken without, it means that your patch is a b

<    1   2   3   4   5   6   7   8   9   10   >