Re: [ANNOUNCE] haproxy-2.6-dev6

On Sat, Apr 16, 2022 at 11:12:41PM +0500, ??? wrote: > > > > William has also set up a build system that's triggered by the CI and > > that > > > > produces packages of the latest development version for various > > distros. > > > > The goal is to help users deploy development versions to

Re: Peers using heavily single cpu core

Hi Maciej, On Wed, Apr 20, 2022 at 02:51:32PM +0200, Maciej Zdeb wrote: > Hi Willy, > I saw Christopher changes are now merged. I was wondering how to proceed > with my issue. Right now in stream_new() I'm able to get cs_endpoint and > appctx (if endpoint is applet), so I can get thread_mask of ap

Re: Getting 504s at haproxy with long running reports

Hello Dan, On Wed, Apr 20, 2022 at 05:27:40PM +, Moore, Dan [TREAS] wrote: > Hello all, > > My problem is that my AppDev group has some web applications generating > reports that are taking a very long time to run which is resulting in 504s. > An example httplog entry is below. > > Apr 19 10

[ANNOUNCE] haproxy-2.6-dev7

MEDIUM: httpclient/ssl: verify is configurable and disabled by default Willy Tarreau (5): BUILD: calltrace: fix wrong include when building with TRACE=1 BUG/MEDIUM: logs: fix http-client's log srv initialization MINOR: task: add a new task_instant_wakeup() function ME

Re: [PATCH] BUG/MINOR: Fix memory leak in resolvers_deinit()

On Tue, Apr 26, 2022 at 11:28:47PM +0200, Tim Duesterhus wrote: > A config like the following: > > global > stats socket /run/haproxy/admin.sock mode 660 level admin expose-fd > listeners > > resolvers unbound > nameserver unbound 127.0.0.1:53 > > will report the following l

Re: [PATCH] CLEANUP: Destroy `http_err_chunks` members during deinit

Hi Tim, On Tue, Apr 26, 2022 at 11:35:07PM +0200, Tim Duesterhus wrote: > To make the deinit function a proper inverse of the init function we need to > free the `http_err_chunks`: > > ==252081== 311,296 bytes in 19 blocks are still reachable in loss record > 50 of 50 > ==252081==at

Re: [PATCH] MINOR: Call deinit_and_exit(0) for `haproxy -vv`

On Wed, Apr 27, 2022 at 12:08:11AM +0200, Tim Duesterhus wrote: > It appears that it is safe to call perform a clean deinit at this point, so > let's do this to exercise the deinit paths some more. OK let's try. If there were any issue with this, we could easily revert it without impact anyway. A

Re: HaProxy Patch for Issue #1679: MINOR: ssl: add a new global option "tune.ssl.hard-maxrecord"

Hi Thomas, On Wed, Apr 27, 2022 at 11:31:33AM +, Prückl Thomas wrote: > Hallo, > > I added a new option "tune.ssl.hard-maxrecord" to limit the maximum TLS > record size. > This option is useful when dealing the low footprint clients which are not > able to buffer a default 16KB record at on

Re: valgrind follow up

Hi Ilya, On Fri, Apr 29, 2022 at 04:35:03PM +0500, ??? wrote: > Hello, > > I added sample in my branch: CI: github actions: add valgrind smoke tests · > chipitsine/haproxy@7cd7f4a > > > here's its ru

Re: valgrind follow up

On Fri, Apr 29, 2022 at 02:43:24PM +0200, Tim Düsterhus wrote: > > Anyway your test is useful in that it reported quite a significant number > > of entries at once, we rarely see so many, so it will be a good starting > > point about new locations to look for. > > Those in Ilya's test are "false p

Re: [PATCH] CI: minor LibreSSL update 3.5.1 --> 3.5.2

On Thu, Apr 28, 2022 at 11:59:39AM +0500, ??? wrote: > Hello, > > small patch to sync with current LibreSSL release Merged, thank you Ilya! Willy

Re: Set environment variables

On Tue, Apr 26, 2022 at 03:34:32PM +0200, Aleksandar Lazic wrote: > On Tue, 26 Apr 2022 15:03:51 +0200 > Valerio Pachera wrote: > > > Hi, I have several backend configuration that make use of a custom script: > > > > external-check command 'custom-script.sh' > > > > The script read uses the env

[ANNOUNCE] haproxy-2.6-dev8

ectory with ca-file MEDIUM: httpclient: re-enable the verify by default BUG/MEDIUM: ssl/cli: fix yielding in show_cafile_detail BUG/MINOR: httpclient/ssl: use the correct verify constant Willy Tarreau (26): BUG/MINOR: http-act: make release_http_redir() more robust B

Re: [PATCH 1/1: BUILD/MINOR: TCP_KEEPIDLE macos equivalence

example recently I broke MacOS build while trying to fix a clang warning. The two patches that caused the breakage were these ones: commit b12966af1006be8d4438ee1ca39c2541a1f2a4f9 Author: Willy Tarreau Date: Wed Apr 13 17:09:45 2022 +0200 BUILD: debug: mark the __start_mem_stats/__stop_

Re: DOC/MINOR: Typo in INSTALL doc

On Mon, May 02, 2022 at 11:02:11PM +, Tom?s Zubiri wrote: > Line 227/581 Col 53/75 char 9913/27467 > > Section 4.5 cryptography > "is known to build ant work with branches" > > Release Branch 2.5.0 Now fixed, thank you Tomas :-) Willy

Re: Fwd: Set environment variables

Hi Valerio, On Fri, May 06, 2022 at 04:25:23PM +0200, Valerio Pachera wrote: > Hi, I have several backend configuration that make use of a custom script: > > external-check command 'custom-script.sh' > > The script read uses the environment variables such as $HAPROXY_PROXY_NAME. > I would like t

Re: [PATCH] CI: dynamically determine actual h2spec version

On Thu, May 05, 2022 at 03:17:07PM +0500, ??? wrote: > Hi, > > small improvement, no need to use hardcoded version. Merged, thank you Ilya Willy

Re: Latest http/3 info

On Sat, May 07, 2022 at 09:11:30AM -0600, Shawn Heisey wrote: > If you look closely at the tcpdump output, you'll notice that when haproxy > replies, it replies from the actual IP address of the machine (.200) rather > than the ucarp VIP (.170) where it received the request.  Is this something > th

Re: [PATCH 1/1: BUILD/MINOR: TCP_KEEPIDLE macos equivalence

On Sun, May 08, 2022 at 10:21:28AM +0100, David CARLIER wrote: > On Sun, 8 May 2022 at 09:57, Willy Tarreau wrote: > > > > On Sun, May 01, 2022 at 03:33:17PM +0100, David CARLIER wrote: > > > Hi here a little patch to set idle time for SO_KEEPALIVE socket option. &g

Re: 2.5: Possibility to upgrade http/1.0 clients to http/1.1?

Hello Dominik, On Thu, May 05, 2022 at 07:55:06AM +, Froehlich, Dominik wrote: > Hello everyone, > > We recently bumped our HAproxy deployment to 2.5 and are now getting hit by > this fix: > > MEDIUM: mux-h1: Reject HTTP/1.0 GET/HEAD/DELETE requests with a payload > > > http://git.haproxy

Re: [PATCH 1/1: BUILD/MINOR: TCP_KEEPIDLE macos equivalence

On Sun, May 08, 2022 at 12:39:13PM +0200, Vincent Bernat wrote: > ? 8 May 2022 10:57 +02, Willy Tarreau: > > > After edition (still minimal and possibly inaccurate but the best I > > could do): > > > > On Linux the interval before starting to send TCP

[ANNOUNCE] haproxy-2.6-dev9

: resolvers: create a "default" resolvers section at startup DOC: resolvers: default resolvers section BUG/MINOR: startup: usage() when no -cc arguments Willy Tarreau (89): CLEANUP: backend: make alloc_{bind,dst}_address() idempotent MEDIUM: stream: remove the confusing S

Re: 2.5: Possibility to upgrade http/1.0 clients to http/1.1?

Hi Dominik, On Mon, May 09, 2022 at 08:46:20AM +, Froehlich, Dominik wrote: > Hi Willy, > > Thanks for your response. > > Yes, I agree an option that can be turned on would be the most feasible > solution for us. > > I can think of a similar option like we have for "option > h1-case-adjust-b

Re: Patch for GitHub Issue 1530

Hi Vignesh, On Mon, May 09, 2022 at 05:38:44PM +, Vig Nesh wrote: > Hello Team Haproxy, > > Thanks for providing an opportunity to work with the product, I have > submitted a patch for issue 1530 > along with this email. Now applied, thank you

Re: 2.5: Possibility to upgrade http/1.0 clients to http/1.1?

On Wed, May 11, 2022 at 08:43:38AM +, Froehlich, Dominik wrote: > Hi Willy, > > Thanks for the fruitful discussion! > > I've opened https://github.com/haproxy/haproxy/issues/1691 to track this > feature request. Thanks for this, Dominik! Willy

Re: Fwd: Set environment variables

On Mon, May 09, 2022 at 10:14:09AM +0200, Valerio Pachera wrote: > Thank you very much willy for your reply. > Unfortunately I'm not a developer so it will take too much time form me to > contribute to the code. No problem, do not worry. I've added an issue for this one: https://github.com/hap

Re: Fwd: Set environment variables

Hi Valerio, On Mon, May 09, 2022 at 10:14:09AM +0200, Valerio Pachera wrote: > Unfortunately I'm not a developer so it will take too much time form me to > contribute to the code. I've just implemented it in 2.6-dev as this commit: https://github.com/haproxy/haproxy/commit/973cf90714 Once 2

[ANNOUNCE] haproxy-2.6-dev10

when loading a dir w/ ca-file MEDIUM: ssl: ignore dotfiles when loading a dir w/ crt DOC: configuration: add the httpclient keywords to the global keywords index BUG/MEDIUM: wdt: don't trigger the watchdog when p is unitialized Willy Tarreau (34): MINOR: compil

Re: [PATCH] CI: determine actual LibreSSL version dynamically

> From da2b295f45ecc6d99559ef147569514816ad6f7c Mon Sep 17 00:00:00 2001 > From: Ilya Shipitsin > Date: Fri, 13 May 2022 21:59:38 +0500 > Subject: [PATCH] CI: determine actual LibreSSL version dynamically > > this change introduce "LIBRESSL_VERSION=latest" semantic, which scans > http://ftp.openb

Re: [PATCH 1/1]: BUILD/MINOR: solaris based oses build fix/get_exe_path implementation.

Hi David, > From 5b175adfa5ef9ab52ce69f7eb6775efe8a828974 Mon Sep 17 00:00:00 2001 > From: David Carlier > Date: Fri, 13 May 2022 20:16:15 +0100 > Subject: [PATCH] BUILD/MINOR: few solaris updates. > > - get_exec_path using getexecname, fetching AT_SUN_EXECNAME from the > auxiliary vectors. >

Re: [PATCH v2 2/3] CLEANUP: Add missing header to hlua_fcn.c

On Sat, May 14, 2022 at 10:17:25PM +0200, Tim Duesterhus wrote: > Found with -Wmissing-prototypes: (...) All the series merged (with v2), thank you Tim! Willy

Re: [PATCH 1/1]: BUILD/MINOR: solaris based oses build fix/get_exe_path implementation.

Both patches merged, thanks David! Willy

Re: [PATCH] CLEANUP: http_ana: Make use of the return value of stream_generate_unique_id()

On Wed, May 18, 2022 at 12:22:15AM +0200, Tim Duesterhus wrote: > Even if `unique_id` and `s->unique_id` are identical it is a bit odd to > `isttest()` `unique_id` and then use `s->unique_id` in the call to > `http_add_header()`. Agreed, better be consistent. Now applied, thank you Tim! Willy

Re: [PATCH 1/1] : BUILD/MINOR cpuset build fix for FreeBSD 13.1

Hi David, On Wed, May 18, 2022 at 03:50:04PM +0100, David CARLIER wrote: > Hi, > > FreeBSD 13.1 had been released this week and here a little fix for the > cpuset part. Merged, thank you! Willy

Re: GitHub Issue Tracker: New "Close Reason" feature

Hi Tim, On Thu, May 19, 2022 at 09:18:16PM +0200, Tim Düsterhus wrote: > Hi! > > as a heads up for the folks with issue tracker access: > > https://github.blog/changelog/2022-05-19-the-new-github-issues-may-19th-update/ > > GitHub updated the issue tracker to basically" allow specifying whether

Re: Paid feature development: TCP stream compression

On Fri, May 20, 2022 at 12:16:07PM +0100, Mark Zealey wrote: > Thanks, we may use this for a very rough proof-of-concept. However we are > dealing with millions of concurrent connections, 10-100 million connections > per day, so we'd prefer to pay someone to develop (+ test!) something for > haprox

Re: Paid feature development: TCP stream compression

On Fri, May 20, 2022 at 04:20:45PM +0500, ??? wrote: > yes, it was I meant actually. haproxy currently is not suitable for > compressing tcp streams. even if such feature will be considered as useful, > it will take time. Compression is not done on TCP but since it's done using a filter t

Re: Increase SSL Key Generation after upgrade from 2.4.15 to 2.4.17

Hi Tomasz, On Fri, May 20, 2022 at 05:17:19PM +0200, Tomasz Ludwiczak wrote: > Hi, > > I am seeing an increase in SSL Key Generation after upgrading from 2.4.15 > to 2.4.17. I have not changed the openssl version. Does anyone have an idea > what this could be related to? > I have looked at the ch

Re: [PATCH] CI: determine actual OpenSSL version dynamically

On Fri, May 20, 2022 at 11:10:28PM +0500, ??? wrote: > Hello, > > another small improvement, this change introduce "OPENSSL_VERSION=latest" > semantic. Applied, thank you Ilya! Willy

[ANNOUNCE] haproxy-2.6-dev11

sl-provider' global option BUG/MINOR: ssl: Fix crash when no private key is found in pem MINOR: ssl: Add 'ssl-provider-path' global option Tim Duesterhus (4): CLEANUP: Add missing header to ssl_utils.c CLEANUP: Add missing header to hlua_fcn.c CLEANUP: R

Re: [PATCH] CLEANUP: tools: Clean up non-QUIC error message handling in str2sa_range()

On Sun, May 22, 2022 at 12:40:58PM +0200, Tim Duesterhus wrote: > If QUIC support is enabled both branches of the ternary conditional are > identical, upsetting Coverity. Move the full conditional into the non-QUIC > preprocessor branch to make the code more clear. > > This resolves GitHub issue #

Re: [PATCH 1/2] BUG/MEDIUM: tools: Fix `inet_ntop` usage in sa2str

On Sun, May 22, 2022 at 01:06:27PM +0200, Tim Duesterhus wrote: > The given size must be the size of the destination buffer, not the size of the > (binary) address representation. > > This fixes GitHub issue #1599. > > The bug was introduced in 92149f9a82a9b55c598f1cc815bc330c555f3561 which is in

Re: [PATCH 2/2] CLEANUP: tools: Crash if inet_ntop fails in sa2str

On Sun, May 22, 2022 at 01:06:28PM +0200, Tim Duesterhus wrote: > @@ -1374,7 +1374,10 @@ char * sa2str(const struct sockaddr_storage *addr, int > port, int map_ports) > default: > return NULL; > } > - inet_ntop(addr->ss_family, ptr, buffer, sizeof(buffer)); > + if

Re: Peers using heavily single cpu core

Hi Maciej, On Mon, May 23, 2022 at 08:50:53AM +0200, Maciej Zdeb wrote: > Hi Christopher, > I've verified that outgoing connections are now spread between multiple > threads! Thank you very much! That's really great, thank you for testing! I, too, thought it was worth being merged even this late

Re: [PATCH v2] CLEANUP: tools: Crash if inet_ntop fails due to ENOSPC in sa2str

On Mon, May 23, 2022 at 09:30:49AM +0200, Tim Duesterhus wrote: > This is impossible, because we pass a destination buffer that is appropriately > sized to hold an IPv6 address. Applied now, thank you Tim! Willy

Re: [ANNOUNCE] haproxy-2.6-dev11

Hi Ilya, On Tue, May 24, 2022 at 09:53:01AM +0500, ??? wrote: > Hello, > > can we please address https://github.com/haproxy/haproxy/issues/1585 before > final 2.6 ? I thought it was since I replied it was an FP but OK, I pushed a patch to silence it. Thanks, Willy

Re: [PATCH] REGTESTS: Do not use REQUIRE_VERSION for HAProxy 2.5+ (2)

On Mon, May 23, 2022 at 10:45:36PM +0200, Tim Duesterhus wrote: > Introduced in: > > 18c13d3bd MEDIUM: http-ana: Add a proxy option to restrict chars in request > header names (...) Merged, thanks Tim! Willy

Re: [PATCH] BUG/MEDIUM: sample: Fix adjusting size in word converter

On Wed, May 25, 2022 at 10:58:51PM -0600, astrotha...@gmail.com wrote: > From: Thayne McCombs > > Adjust the size of the sample buffer before we change the "area" > pointer. Otherwise, we end up not changing the size, because the area > pointer is already the same as "start" before we compute the

[ANNOUNCE] haproxy-2.6-dev12

in sa2str CLEANUP: tools: Crash if inet_ntop fails due to ENOSPC in sa2str BUG/MEDIUM: http: Properly reject non-HTTP/1.x protocols REGTESTS: Do not use REQUIRE_VERSION for HAProxy 2.5+ (2) William Lallemand (2): DOC: configuration: add a warning for @system-ca on bind BUG/MINOR:

Re: [PATCH] DOC: Fix formatting in configuration.txt to fix dconv

On Fri, May 27, 2022 at 11:20:36PM +0200, Tim Duesterhus wrote: > The missing space before the colon causes haproxy-dconv to misparse the > configuration.txt. Thanks Tim, now merged. Willy

[ANNOUNCE] haproxy-2.6.0

tors: Aleksandar Lazic, Amaury Denoyelle, Bertrand Jacquin, Christian Ruppert, Christopher Faulet, Daniel Jakots, David Carlier, Emeric Brun, Frédéric Lécaille, Ilya Shipitsin, Lukas Tribus, Maciej Zdeb, Marno Krahmer, Miroslav Zagorac, Remi Tricot-Le Breton, Thayne McCombs, Thierry Fo

Re: [haproxy/docs PATCH] Replace `primary` with `info` for HAProxy 2.5 on index.html

On Tue, May 31, 2022 at 06:15:48PM +0200, Tim Duesterhus wrote: > 2.5 is neither the newest stable version, nor the newest LTS version, thus > there is no reason for it to be highlighted. Ah you're absolutely right. I left it on purpose but I guess my brain was completely washed by the long releas

Re: [haproxy/docs PATCH] Replace `primary` with `info` for HAProxy 2.5 on index.html

On Tue, May 31, 2022 at 07:01:37PM +0200, Tim Düsterhus wrote: > Willy, > > On 5/31/22 18:26, Willy Tarreau wrote: > > On Tue, May 31, 2022 at 06:15:48PM +0200, Tim Duesterhus wrote: > > > 2.5 is neither the newest stable version, nor the newest LTS version, thus > &g

Re: [ANNOUNCE] haproxy-2.6.0

On Tue, May 31, 2022 at 07:16:31PM +0200, Tim Düsterhus wrote: > Willy, > > you're probably expected this type of email from me :-) > > On 5/31/22 17:56, Willy Tarreau wrote: > > HAProxy 2.6.0 was released on 2022/05/31. It added 57 new commits > > I guess the re

Re: deviceatlas compiler error

Hello Amol, On Fri, Jun 03, 2022 at 11:09:07AM +0530, Amol Arote wrote: > We are trying to upgrade deviceatlas for HAProxy version 2.4.2-553dee3, but > while compiling deviceatlas its showing some error. > Below are the versions and steps which we perform for the same. Thanks for the report. Addi

Re: [ANNOUNCE] haproxy-2.6.0

On Fri, Jun 03, 2022 at 11:43:32PM +0200, Vincent Bernat wrote: > ? 31 May 2022 17:56 +02, Willy Tarreau: > > > HAProxy 2.6.0 was released on 2022/05/31. It added 57 new commits > > after version 2.6-dev12, essentially small bug fixes, QUIC counters > > and doc updates

Re: Rate Limiting with token/leaky bucket algorithm

On Tue, Jun 07, 2022 at 01:51:06PM +0200, Seena Fallah wrote: > I also tried with this one but this will give me 20req/s 200 OK and the > rest of it 429 too many requests > ``` > listen test > bind :8000 > stick-table type ip size 100k expire 30s store http_req_rate(1s) > acl exceeds_

Re: [haproxy/haproxy] OPTIM/MINOR: h2_settings_initial_window_size default 64k (PR #1732)

Hello Glenn, On Tue, Jun 07, 2022 at 05:24:09PM -0400, Glenn Strauss wrote: > On Tue, Jun 07, 2022 at 09:27:43AM -0700, Willy Tarreau wrote: > > Hello Glenn, > > > > Thanks for your report, I understand the problem, that's very interesting. > > I would say i

Re: [haproxy/haproxy] OPTIM/MINOR: h2_settings_initial_window_size default 64k (PR #1732)

On Wed, Jun 08, 2022 at 08:29:48AM -0400, Glenn Strauss wrote: > > I agree that it's independent but it's the one that is not expected to > > cause any regression with any possible client. That's why I'd like to > > have the two. First that one because it should be durable. Second, your > > patch a

Re: [haproxy/haproxy] OPTIM/MINOR: h2_settings_initial_window_size default 64k (PR #1732)

On Wed, Jun 08, 2022 at 09:22:31AM -0400, Glenn Strauss wrote: > Since DATA frames might be in flight on the network, the server may want > to be able to buffer twice the advertisted window size and defer sending > WINDOW_UPDATE once the advertised window size is buffered. Doing so > gives the ele

Re: [PATCH 1/1]: MINOR __builtin_memcpy_inline usage introduction

Hi David, On Sat, Jun 18, 2022 at 12:52:23PM +0100, David CARLIER wrote: > From 9d7b6448a2407451c3115b701c51f97ab2bf6a59 Mon Sep 17 00:00:00 2001 > From: David Carlier > Date: Sat, 18 Jun 2022 12:41:11 +0100 > Subject: [PATCH] MINOR: compiler __builtin_memcpy_inline usage introduction. > > Optim

Re: lua: Add missed lua 5.4 references

Hi Christian, On Tue, Jun 21, 2022 at 11:05:09PM +0200, Christian Ruppert wrote: > Hey guys, > > is there any news on this or got this one just lost? I couldn't find a > response to it so I assume it just got lost. > Or is there anything against it? > To bad forwarding doesn't work and since this

[ANNOUNCE] haproxy-2.7-dev1

t compilation errors fixes Glenn Strauss (1): OPTIM: mux-h2: increase h2_settings_initial_window_size default to 64k Remi Tricot-Le Breton (1): BUG/MINOR: ssl: Do not look for key in extra files if already in pem Tim Duesterhus (1): CLEANUP: Re-apply xalloc_size.cocci

Re: SV: SV: Config will not start on 2.6.1 on Ubuntu 22.04

On Sat, Jul 09, 2022 at 12:03:02AM +0200, Vincent Bernat wrote: > The error when not running as root is expected. However, the fact it does > not work on boot, then works after is odd. Can you share a minimal > configuration file which exhibits this issue? That's very strange, it sounds as if the

Re: SV: SV: Config will not start on 2.6.1 on Ubuntu 22.04

On Sat, Jul 09, 2022 at 01:46:03PM +0200, Vincent Bernat wrote: > On 7/9/22 10:55, Willy Tarreau wrote: > > On Sat, Jul 09, 2022 at 12:03:02AM +0200, Vincent Bernat wrote: > > > The error when not running as root is expected. However, the fact it does > > > not work o

Re: [PR] Fix -v flag usage with install(1) on OpenBSD/NetBSD/Solaris/AIX

Hello, On Fri, Jul 15, 2022 at 07:27:12PM -0400, Brad Smith wrote: > On 7/15/2022 1:34 AM, ??? wrote: > > I wonder how do NetBSD/OpenBSD ports work, do they use their own > > "install" invocation instead of "make install" ? > > shouldn't they switch to "make install" ? > > NetBSD uses th

Re: SV: Suggestion

Hi, On Sun, Jul 10, 2022 at 02:23:41PM +, Henning Svane wrote: > About IPv4 and IPv6 I was of that impression that when you declared the > stick-table you also declared it with a type for either ipv4 or ipv6, and it > was not possible to save both of them in the same table. I have no problem t

Re: [PR] Fix -v flag usage with install(1) on OpenBSD/NetBSD/Solaris/AIX

On Sat, Jul 16, 2022 at 12:22:49AM -0400, Brad Smith wrote: > On 7/15/2022 11:59 PM, Willy Tarreau wrote: > > Hello, > > > > On Fri, Jul 15, 2022 at 07:27:12PM -0400, Brad Smith wrote: > > > On 7/15/2022 1:34 AM, ??? wrote: > > > > I wonder how

Re: [PR] Fix -v flag usage with install(1) on OpenBSD/NetBSD/Solaris/AIX

On Sat, Jul 16, 2022 at 12:57:14AM -0400, Brad Smith wrote: > How about something like the following? > > > diff --git a/Makefile b/Makefile > index 85f6c632d..5cc59a061 100644 > --- a/Makefile > +++ b/Makefile > @@ -81,6 +81,9 @@ > # DESTDIR is not set by default and is used for installation

[ANNOUNCE] haproxy-2.7-dev2

NUP: mworker: rename mworker_pipe to mworker_sockpair BUG/MINOR: peers: fix possible NULL dereferences at config parsing MEDIUM: mworker/systemd: send STATUS over sd_notify Willy Tarreau (112): MINOR: tinfo: make tid temporarily still reflect global ID CLEANUP: config: remove unused pro

Re: [PR] Fix -v flag usage with install(1) on OpenBSD/NetBSD/Solaris/AIX

On Sat, Jul 16, 2022 at 05:18:50AM -0400, Brad Smith wrote: > On Sat, Jul 16, 2022 at 11:09:19AM +0200, Willy Tarreau wrote: > > Looks good. Let's just add a commit message and I'll merge it. > > > BUILD: makefile: Fix install(1) handling for OpenBSD/NetBSD/Solaris/A

Re: Higher Tc than timeout server

Hi William, On Sat, Jul 16, 2022 at 06:43:09PM +0200, William Edwards wrote: > Hi, > > Sorry to bump this, but I haven't made any progress with this on my own. > Does anyone see what I'm missing here? > > > The Tc timer is documented as: > > > > > - Tc: total time to establish the TCP connectio

Re: [PR] Fix -v flag usage with install(1) on OpenBSD/NetBSD/Solaris/AIX

On Sat, Jul 16, 2022 at 07:01:22PM -0400, Brad Smith wrote: > On 7/16/2022 12:52 PM, Willy Tarreau wrote: > > On Sat, Jul 16, 2022 at 05:18:50AM -0400, Brad Smith wrote: > > > On Sat, Jul 16, 2022 at 11:09:19AM +0200, Willy Tarreau wrote: > > > > Looks good. Let&#

Re: [PATCH] speling fixes

On Fri, Jul 29, 2022 at 10:30:39PM +0500, ??? wrote: > Hello, > > yet another spell check fiexs. Now applied, thanks Ilya! Willy

Re: [PATCH] CI: enable weekly "m32" builds

On Mon, Aug 01, 2022 at 07:40:43PM +0200, Tim Düsterhus wrote: > The updated patches LGTM. Thanks guys, now applied! Willy

Re: haproxy listening on lots of UDP ports

Hi Shawn, On Fri, Aug 05, 2022 at 05:18:06PM -0600, Shawn Heisey wrote: > I am running haproxy in a couple of places.  It is listening on multiple > seemingly random high UDP ports. These typically are syslog sockets. In fact the ports are not really "listening", it's just that in UDP there's no

Re: Server timeouts since HAProxy 2.2

On Thu, Aug 04, 2022 at 12:14:04PM +0200, Vincent Bernat wrote: > On 2022-08-04 10:35, William Edwards wrote: > > > However, > > https://haproxy.debian.net/#distribution=Debian&release=buster&version=2.2 > > says: > > > > "The Debian HAProxy packaging team provides various versions of HAProxy > >

Re: [PATCH] ubuntu-22.04 related ssl fixes (SECLEVEL related and ec curves renamed)

On Fri, Jul 29, 2022 at 09:37:46PM +0500, ??? wrote: > gentle ping Sorry Ilya, but William is in vacation right now. Since I don't think there's any risk with your patch, I took it. In the worst case should William disagree with it, we could still patch later. Thanks! Willy

Re: [PATCH] ubuntu-22.04 related ssl fixes (SECLEVEL related and ec curves renamed)

On Sat, Aug 06, 2022 at 05:48:56PM +0200, Willy Tarreau wrote: > On Fri, Jul 29, 2022 at 09:37:46PM +0500, ??? wrote: > > gentle ping > > Sorry Ilya, but William is in vacation right now. Since I don't think > there's any risk with your patch, I took

Re: [PATCH] ubuntu-22.04 related ssl fixes (SECLEVEL related and ec curves renamed)

On Sat, Aug 06, 2022 at 10:50:15PM +0500, ??? wrote: > I accidently lost "-E' flag on grep. > follow up patch attached. No problem, thanks for the quic response. At least it seems to work for me locally, I've just pushed it and we'll see. Thanks! Willy

[ANNOUNCE] haproxy-2.7-dev3

used more than once BUG/MINOR: mworker: PROC_O_LEAVING used but not updated Revert "MINOR: cli: emit a warning when _getsocks was used more than once" MINOR: cli: warning on _getsocks when socket were closed Willy Tarreau (21): BUG/MEDIUM: tools: avoid call

Re: [RFC] [PATCH] BUG: http-ana: fix crash or wrong header deletion by http-restrict-req-hdr-names

Hi Mateusz, On Tue, Aug 16, 2022 at 11:58:02PM +, hapr...@sl.damisa.net wrote: > Hi, > > as suggested by Willy on GitHub, I'm submitting my patch for > https://github.com/haproxy/haproxy/issues/1822. Thank you! > This is my first contribution, so I'm tagging it as RFC for now ;) > > I'm no

Re: [PATCH] BUG/MEDIUM: http-ana: fix crash or wrong header deletion by http-restrict-req-hdr-names

On Wed, Aug 17, 2022 at 01:05:55PM +, Mateusz Malek wrote: > On 17.08.2022 14:59, Mateusz Malek wrote: > > Sure - here you go: > > Sorry, wrong file. Patch in previous email had a typo (double /req9 > call instead of /req9 and /req10) in VTest test case. Perfect, thank you, now applied! I've

[ANNOUNCE] haproxy-2.6.3

ong return value for fd_send_uxst() DEBUG: fd: split the fd check MEDIUM: resolvers: continue startup if network is unavailable BUG/MINOR: mworker: PROC_O_LEAVING used but not updated Willy Tarreau (18): BUG/MEDIUM: queue/threads: limit the number of entries dequeued at once

Re: [*EXT*] [ANNOUNCE] haproxy-2.6.3

On Fri, Aug 19, 2022 at 11:37:47PM +0200, Vincent Bernat wrote: > On 2022-08-19 23:09, Ionel GARDAIS wrote: > > Aug 19 22:09:09 haproxy-2 haproxy[1280]: [WARNING] (1280) : Failed to > > connect to the old process socket '/run/haproxy/admin.sock' > > Aug 19 22:09:09 haproxy-2 haproxy[1280]: [ALERT

[ANNOUNCE] haproxy-2.7-dev4

and (3): BUG/MINOR: ssl/cli: error when the ca-file is empty MINOR: ssl: handle ca-file appending in cafile_entry MINOR: ssl/cli: implement "add ssl ca-file" Willy Tarreau (27): MINOR: debug: make the mem_stats section aligned to void* MINOR: debug: store and rep

Re: [*EXT*] [ANNOUNCE] haproxy-2.6.3

Hi Bren, On Sat, Aug 20, 2022 at 02:05:37PM +, Bren wrote: > I also had to roll back. I compile from source and push out the binary with > Ansible which hung on reload. I observed an haproxy process running as root > using 100% CPU. It never restarted - I had to kill the processes. > > When I

Re: [*EXT*] [ANNOUNCE] haproxy-2.6.3

On Sat, Aug 20, 2022 at 09:36:21PM +0200, Ionel GARDAIS wrote: > That was it : > - remove the EXTRAOPTS from /etc/default/haproxy > - stop the running process referencing -x /run/haproxy/admin.sock on the CLI > - upgrade > > All is OK. > First processes do not list -x on the CLI and a reload spawn

Re: haproxy 2.6.2 warnings while installation

Hi Amol, On Mon, Aug 22, 2022 at 11:42:01AM +0530, Amol Arote wrote: > We are using haproxy 2.6.2 on Centos 7.9 , > > Following are warning seen during > > *make TARGET=linux-glibc USE_PCRE=1 USE_OPENSSL=1 USE_ZLIB=1* > > [image: image.png] > > src/http_fetch.c:356:6: warning: âhtxâ may be use

Re: Understanding show table output and rate limiting weirdness

Hi Corin, On Fri, Aug 19, 2022 at 08:55:17AM +, Corin Langosch wrote: > Hello guys, > > I'm using the docker image 2.5.7-2ef551d with basic rate limiting configured > like this: > > backend test > acl test_rate_limit_by_ip_exceeds_limit > src,table_http_req_rate(test_rate_limit_by_ip

Re: [PATCH] MINOR: tcp_sample: extend support for get_tcp_info to OpenBSD

Hi Brad, On Sat, Aug 13, 2022 at 11:25:32PM -0400, Brad Smith wrote: > I'm not sure if MINOR is right. Currently the build is broken since TCP_INFO > was added. Just to be certain, you mean the build is broken without your patch or with it ? If it's broken without, it means that your patch is a b

Re: [PATCH] MINOR: tcp_sample: extend support for get_tcp_info to OpenBSD

On Tue, Aug 23, 2022 at 10:37:28PM -0400, Brad Smith wrote: > On 8/23/2022 10:22 PM, Willy Tarreau wrote: > > Hi Brad, > > > > On Sat, Aug 13, 2022 at 11:25:32PM -0400, Brad Smith wrote: > > > I'm not sure if MINOR is right. Currently the build is broken si

[ANNOUNCE] haproxy-2.7-dev5

rt_only converters BUG/MINOR: httpclient: fix resolution with port DOC: configuration.txt: do-resolve must use host_only to remove its port. BUG/MINOR: ssl: fix deinit of the ca-file tree BUG/MINOR: ssl: leak of ckch_inst_link in ckch_inst_free() BUG/MINOR: ssl: revert tw

[ANNOUNCE] haproxy-2.6.5

use host_only to remove its port. BUG/MINOR: ssl: fix deinit of the ca-file tree BUG/MINOR: ssl: leak of ckch_inst_link in ckch_inst_free() BUG/MINOR: ssl: revert two wrong fixes with ckhi_link BUG/MINOR: ssl: leak of ckch_inst_link in ckch_inst_free() v2 Willy Tarreau (26):

Re: [PATCH] BUILD: makefile: enable crypt(3) for NetBSD

On Sat, Aug 13, 2022 at 12:57:31AM -0400, Brad Smith wrote: > Allow NetBSD to support encrypted passwords in Userlists. > Mergd, thank you Brad! Willy

Re: MINOR: Revert part of clarifying samples support per os commit

On Thu, Aug 25, 2022 at 11:13:38PM -0400, Brad Smith wrote: > Commit 5c83e3a1563cd7face299bf08037e51f976eb5e3 made some adjustments > to clarify which TCP_INFO information is supported by each respective > OS. (...) Merged, thank you Brad! Willy

Re: most probably next LibreSSL release will come with ... QUIC

Hi, On Wed, Aug 31, 2022 at 10:20:42PM +0200, Lukas Tribus wrote: > Hello, > > > wolfSSL has also chosen to use the same API for QUIC: > > https://www.wolfssl.com/wolfssl-quic-support/ > > > The wolfSSL QUIC API is aligned with the corresponding APIs in other *SSL > > libraries, making integra

Re: Server state file: port doesn't change after config update

Hi Bren, On Mon, Aug 22, 2022 at 05:20:37PM +, Bren wrote: > Hello, > > We've been seeing another minor issue I've been meaning to ask about. We're > using a server state file: > > server-state-file /var/lib/haproxy/server_state > > In my systemd config for haproxy I've added a couple line

Re: [PATCH] BUILD: makefile: enable crypt(3) for NetBSD

On Sat, Sep 03, 2022 at 12:19:24AM -0400, Brad Smith wrote: > On 9/3/2022 12:11 AM, Willy Tarreau wrote: > > On Sat, Aug 13, 2022 at 12:57:31AM -0400, Brad Smith wrote: > > > Allow NetBSD to support encrypted passwords in Userlists. > > > > > Mergd, thank you B

Re: MINOR: Revert part of clarifying samples support per os commit

On Sat, Sep 03, 2022 at 12:21:56AM -0400, Brad Smith wrote: > On 9/3/2022 12:12 AM, Willy Tarreau wrote: > > On Thu, Aug 25, 2022 at 11:13:38PM -0400, Brad Smith wrote: > > > Commit 5c83e3a1563cd7face299bf08037e51f976eb5e3 made some adjustments > > > to clarify wh

<    1   2   3   4   5   6   7   8   9   10   >