Re: [EXTERNAL] testing websockets

2021-10-20 Thread Илья Шипицин
20, 2021, 9:50 AM Amaury Denoyelle wrote: > On Wed, Oct 20, 2021 at 09:59:59AM +0500, Илья Шипицин wrote: > > Hello, > > I've found a way how to test websockets automatically. > > this approach is able to catch > https://github.com/haproxy/haproxy/issues/737 > > &g

testing websockets

2021-10-19 Thread Илья Шипицин
Hello, I've found a way how to test websockets automatically. this approach is able to catch https://github.com/haproxy/haproxy/issues/737 the idea is to place haproxy between browser and kestrel in SignalR tests ( https://github.com/dotnet/aspnetcore/tree/main/src/SignalR ) test takes 3 hours

Re: [PATCH v2] BUILD: SSL: function "ERR_func_error_string" is deprecated in OpenSSL-3.0.0

2021-10-19 Thread Илья Шипицин
similar patchset https://patchwork.openvpn.net/project/openvpn2/list/?series=1309 Willy, please forward to SSL support team чт, 7 окт. 2021 г. в 14:08, Илья Шипицин : > > > чт, 7 окт. 2021 г. в 12:49, Willy Tarreau : > >> On Thu, Oct 07, 2021 at 11:30:54AM +0500,

Re: Inquiry of Vertical Balancer

2021-10-12 Thread Илья Шипицин
hello, please tell us more about the relation between Vertical Balancer and the mailing list you used. пн, 11 окт. 2021 г. в 18:25, Mr. Reeder : > Greetings, > Hope you are fine. Well I am in the market to purchase a Vertical Balancer > and through my search I came across your address. Kindly

Re: [ANNOUNCE] haproxy-2.5-dev9

2021-10-12 Thread Илья Шипицин
can remaining coverity findings be reviewed before 2.5 ? https://github.com/haproxy/haproxy/issues/1163 https://github.com/haproxy/haproxy/issues/1405 пт, 8 окт. 2021 г. в 22:23, Willy Tarreau : > Hi, > > HAProxy 2.5-dev9 was released on 2021/10/08. It added 162 new commits > after version

Re: [PATCH v2] BUILD: SSL: function "ERR_func_error_string" is deprecated in OpenSSL-3.0.0

2021-10-07 Thread Илья Шипицин
чт, 7 окт. 2021 г. в 12:49, Willy Tarreau : > On Thu, Oct 07, 2021 at 11:30:54AM +0500, ??? wrote: > > > Just thinking about something, given that the new API was already > adopted > > > by BoringSSL and will probably be at some point in time by LibreSSL, > would > > > it not be better

Re: [PATCH v2] BUILD: SSL: function "ERR_func_error_string" is deprecated in OpenSSL-3.0.0

2021-10-07 Thread Илья Шипицин
чт, 7 окт. 2021 г. в 10:58, Willy Tarreau : > Hi Ilya, > > On Wed, Oct 06, 2021 at 11:26:13PM +0500, Ilya Shipitsin wrote: > > +/* ERR_func_error_string is deprecated in OpenSSL-3.0.0 */ > > +#if (OPENSSL_VERSION_NUMBER >= 0x3000L) > > +#define HA_ERR_func_error_string(ret) "OPENSSL_internal"

Re: executable properties (checksec, BinSkim)

2021-10-06 Thread Илья Шипицин
No interest :) ? On Sat, Sep 18, 2021, 3:05 PM Илья Шипицин wrote: > Hello, > > I checked how looks binary shipped in several popular distributions > (ppa:vbernat/haproxy-2.4, docker haproxytech/haproxy-ubuntu, docker > haproxy). > > are we aware of those security features

Re: [PATCH] guard "ERR_func_error_string" for OpenSSL-3.0.0 no deprecated mode

2021-09-24 Thread Илья Шипицин
пт, 24 сент. 2021 г. в 20:23, Willy Tarreau : > On Fri, Sep 24, 2021 at 08:09:29PM +0500, ??? wrote: > > ??, 24 . 2021 ?. ? 19:49, Willy Tarreau : > > > > > On Fri, Sep 24, 2021 at 07:14:40PM +0500, ??? wrote: > > > > > I'd really prefer that we address all this API stuff

Re: [PATCH] guard "ERR_func_error_string" for OpenSSL-3.0.0 no deprecated mode

2021-09-24 Thread Илья Шипицин
пт, 24 сент. 2021 г. в 19:49, Willy Tarreau : > On Fri, Sep 24, 2021 at 07:14:40PM +0500, ??? wrote: > > > I'd really prefer that we address all this API stuff through the > > > openssl-compat stuff, so that over time we can more easily drop > > > unneeded stuff. Above that could be done

Re: [PATCH] guard "ERR_func_error_string" for OpenSSL-3.0.0 no deprecated mode

2021-09-24 Thread Илья Шипицин
пт, 24 сент. 2021 г. в 18:44, Willy Tarreau : > Hi Ilya, > > On Mon, Sep 20, 2021 at 10:37:04PM +0500, ??? wrote: > > Subject: [PATCH] BUILD: SSL: function "ERR_func_error_string" is > deprecated in > > OpenSSL-3.0.0 > > > > let us prepare for using OpenSSL-3.0.0 in no deprecation mode

Re: HA-Proxy inquiry

2021-09-22 Thread Илья Шипицин
hello, there are several tutorials to start with, for example HAProxy version 2.4.0 - Starter Guide (cbonte.github.io) ср, 22 сент. 2021 г. в 10:16, Lhendup Norbu : > Dear Sir/Madan, > > > > I am Lhendup Norbu working in Bank of Bhutan

[PATCH] guard "ERR_func_error_string" for OpenSSL-3.0.0 no deprecated mode

2021-09-20 Thread Илья Шипицин
Hello, Fedora Rawhide now is shipped with OpenSSL-3.0.0 :) let us fix deprecations one by one. thanks, Ilya From 1d437e57e43e9c2f38977c373404e167f8230a08 Mon Sep 17 00:00:00 2001 From: Ilya Shipitsin Date: Mon, 20 Sep 2021 22:27:35 +0500 Subject: [PATCH] BUILD: SSL: function

executable properties (checksec, BinSkim)

2021-09-18 Thread Илья Шипицин
Hello, I checked how looks binary shipped in several popular distributions (ppa:vbernat/haproxy-2.4, docker haproxytech/haproxy-ubuntu, docker haproxy). are we aware of those security features ? shall we move them to Makefile ? or is it up to distribution ? ppa:vbernat/haproxy-2.4

Re: BoringSSL commit dddb60e breaks compilation of HAProxy

2021-09-08 Thread Илья Шипицин
ср, 8 сент. 2021 г. в 13:54, Willy Tarreau : > On Wed, Sep 08, 2021 at 12:05:23PM +0500, ??? wrote: > > Hello, Bob > > > > I tracked an issue https://github.com/haproxy/haproxy/issues/1386 > > > > > > let's track activity there > > Quite frankly, I'm seriously wondering how long we'll

Re: BoringSSL commit dddb60e breaks compilation of HAProxy

2021-09-08 Thread Илья Шипицин
Hello, Bob I tracked an issue https://github.com/haproxy/haproxy/issues/1386 let's track activity there вт, 7 сент. 2021 г. в 22:58, Zakharychev, Bob : > BoringSSL commit dddb60e, "Make most of crypto/x509 opaque.", breaks > compilation of HAProxy with the following errors (log from

Re: BoringSSL commit dddb60e breaks compilation of HAProxy

2021-09-07 Thread Илья Шипицин
yep :) CI: Github Actions: temporarily disable BoringSSL builds · haproxy/haproxy@30ee296 I had a look, I found the same as you (no easy fix). let us open github issue for tracking this. вт, 7 сент. 2021 г. в

[PATCH] spell fixes

2021-08-22 Thread Илья Шипицин
hello, yet another spell fixes. Ilya From af89f34503eed1f36b0e2262bb2cef286336fbc5 Mon Sep 17 00:00:00 2001 From: Ilya Shipitsin Date: Sun, 22 Aug 2021 22:18:07 +0500 Subject: [PATCH] CLEANUP: assorted typo fixes in the code and comments This is 26th iteration of typo fixes ---

[PATCH] prepare scripts/build-ssl.sh for OpenSSL-3.0.0beta2

2021-08-21 Thread Илья Шипицин
hello, starting with 3.0.0beta2 we need to specify libdir. thanks, Ilya From 6d000345e5f738d8e35f3818843ea8ab92d54f70 Mon Sep 17 00:00:00 2001 From: Ilya Shipitsin Date: Sat, 21 Aug 2021 16:01:25 +0500 Subject: [PATCH] BUILD: adopt script/build-ssl.sh for OpenSSL-3.0.0beta2 starting with

Re: double // after domain causes ERR_HTTP2_PROTOCOL_ERROR after upgrade to 2.4.3

2021-08-20 Thread Илья Шипицин
double slashes behaviour is changed in BUG/MEDIUM: h2: match absolute-path not path-absolute for :path · haproxy/haproxy@46b7dff (github.com) however, Tim submitted several "normalization" patches recently. as

Re: [PATCH] CI: Remove obsolete USE_SLZ=1 CI job

2021-08-15 Thread Илья Шипицин
ack from me. сб, 14 авг. 2021 г. в 17:40, Tim Duesterhus : > Using SLZ is a default, thus this build is equivalent to the "no features" > build. > --- > .github/matrix.py | 2 +- > 1 file changed, 1 insertion(+), 1 deletion(-) > > diff --git a/.github/matrix.py b/.github/matrix.py > index

[PATCH] CI: relax OpenSSL version comparision

2021-08-15 Thread Илья Шипицин
we do not need strict comparison here, 3.0.0 is enough. thanks, Ilya From 779e30baa8385d4484441fdb7a1069933d30be4a Mon Sep 17 00:00:00 2001 From: Ilya Shipitsin Date: Sun, 15 Aug 2021 12:55:08 +0500 Subject: [PATCH] CI: github actions: relax OpenSSL-3.0.0 version comparision we better to check

Re: [PATCH] assorted spelling fixes

2021-08-13 Thread Илья Шипицин
Gentle ping On Sat, Aug 7, 2021, 2:45 PM Илья Шипицин wrote: > Hello, > > yet another spelling fixes. > > Ilya >

is haproxy affected by new "Request Smuggling" attack ?

2021-08-09 Thread Илья Шипицин
Hello, HTTP/2: The Sequel is Always Worse | PortSwigger Research just in case (I'm sure it should have been addressed already). Ilya

Re: [PATCH] CI: travis-ci: disable arm64 builds

2021-08-09 Thread Илья Шипицин
I'm using arm64 in Oracle Cloud Ampere A1 Compute | Oracle also, I've found promising approach (using ARM on Github Actions) Bump Bootstrap version from 5.0.2 to 5.1.0 · phpmyadmin/phpmyadmin@c90affe (github.com)

[PATCH] assorted spelling fixes

2021-08-07 Thread Илья Шипицин
Hello, yet another spelling fixes. Ilya From 973815c22edbb65f71d22d5022e6e02b12d8cbd4 Mon Sep 17 00:00:00 2001 From: Ilya Shipitsin Date: Sat, 7 Aug 2021 14:41:56 +0500 Subject: [PATCH] CLEANUP: assorted typo fixes in the code and comments This is 25th iteration of typo fixes --- CONTRIBUTING

[PATCH] CI: travis-ci: disable arm64 builds

2021-08-03 Thread Илья Шипицин
Hello, it looks like "something on travis-ci side". CC src/raw_sock.o gcc: fatal error: Killed signal terminated program cc1 compilation terminated. let us disable arm64 for a while. Ilya From a06f34da9d0eb50a95776aafa097341ea1459430 Mon Sep 17 00:00:00 2001 From: Ilya Shipitsin Date:

Re: Supported certificate formats?

2021-08-03 Thread Илья Шипицин
any source as to what is actually > supported. > > > > Best regards, > > D > > > > *From: *Илья Шипицин > *Date: *Monday, 2. August 2021 at 20:14 > *To: *"Froehlich, Dominik" > *Subject: *Re: Supported certificate formats? > > > &g

Re: HashiCorp

2021-07-20 Thread Илья Шипицин
вт, 20 июл. 2021 г. в 17:28, Willy Tarreau : > Hello Joe, > > On Tue, Jul 20, 2021 at 11:04:38AM +, Joe Siganto wrote: > > Hi Illya, > > > > Please could you have our Emails removed from the subscription list? I > will > > have all emails with your domains from our campaigns, and as checked

Re: FYI: kubernetes api deprecation in 1.22

2021-07-16 Thread Илья Шипицин
after googling I came to the same conclusion as Dinko Korunic :) I missed that one пт, 16 июл. 2021 г. в 13:43, Aleksandar Lazic : > On 16.07.21 10:27, Илья Шипицин wrote: > > I wonder if Kubernetes has sort of ingress compliance test. Or is it up > to ingress it

Re: FYI: kubernetes api deprecation in 1.22

2021-07-16 Thread Илья Шипицин
I wonder if Kubernetes has sort of ingress compliance test. Or is it up to ingress itself On Fri, Jul 16, 2021, 1:21 PM Aleksandar Lazic wrote: > Hi. > > FYI that the 1.22 have some changes which also impacts Ingress and > Endpoints. > >

Re: Replying to spam [was: Some Spam Mail]

2021-07-15 Thread Илья Шипицин
, > > On 7/14/21 5:20 PM, Илья Шипицин wrote: > > Yes, go ahead > > Would you please stop replying to spam, especially with both the sender > and the list in Cc? It just causes more spam down the road. > > Best regards > Tim Düsterhus >

Re: HashiCorp

2021-07-14 Thread Илья Шипицин
Yes, go ahead On Wed, Jul 14, 2021, 6:55 PM Donna Nash wrote: > Good Day, > > > > I would like to know you are interested HashiCorp Users across a range of > industries and geographic regions. > > > > If yes we can move forward. > > > > Who we are > > > > We are a global database providing

Re: [PATCH] JA3 TLS Fingerprinting

2021-07-12 Thread Илья Шипицин
JA3 is good approach, but it lacks few ideas. we fingerprinted clients by "ssl ciphers" (all ciphers sent by client in Client Helo) + "all client curves" (also sent by client). however you approach is flexible enough to be extended. пн, 12 июл. 2021 г. в 20:03, Marcin Deranek : > Hi, > > Over

Re: Proposal about new default SSL log format

2021-07-03 Thread Илья Шипицин
which could come from log-format > > specific fields or already existing sample fetches. > > How about to combine ssl_version/ssl_ciphers in one line. > > It would be helpful to see also the backend status. > Maybe add a 14th and 15th line with following fields > > *backend_name

Re: Proposal about new default SSL log format

2021-07-02 Thread Илья Шипицин
also, "process name" is something that is prior knowledge. no need to log it every time (for millions of requests) пт, 2 июл. 2021 г. в 19:52, Илья Шипицин : > I worked with log formats a lot, couple of thoughts > > 1) tab separated is better for any log import

Re: Proposal about new default SSL log format

2021-07-02 Thread Илья Шипицин
I understand that everybody can redefine its own format. but I saw several times that default (not very comfortable) format was later adopted as industry wide. пт, 2 июл. 2021 г. в 19:52, Илья Шипицин : > I worked with log formats a lot, couple of thoughts > > 1) tab separated is bette

Re: Proposal about new default SSL log format

2021-07-02 Thread Илья Шипицин
I worked with log formats a lot, couple of thoughts 1) tab separated is better for any log import tool (mixing spaces and "/" is terrible for import) 2) time should be iso8601 пт, 2 июл. 2021 г. в 19:29, Remi Tricot-Le Breton : > Hello list, > > Some work in ongoing to ease connection error and

Re: SSL Labs says my server isn't doing ssl session resumption

2021-06-20 Thread Илья Шипицин
вс, 20 июн. 2021 г. в 11:43, Shawn Heisey : > On 6/17/2021 1:01 AM, Willy Tarreau wrote: > > I don't know if the config is responsible for this but I've just tested > > on haproxy.org and it does work there: > > > >Session resumption (caching) Yes > >Session resumption (tickets)

Re: Speeding up opentracing build in CI ?

2021-06-17 Thread Илья Шипицин
чт, 17 июн. 2021 г. в 19:39, Willy Tarreau : > On Thu, Jun 17, 2021 at 04:31:57PM +0200, Tim Düsterhus wrote: > > Willy, William, > > > > On 6/17/21 3:55 PM, William Lallemand wrote: > > > > OK that's a net win, openssl-3.0.0-alpha17 dropped from 8'29 to 2'55. > > > > I've just excluded versions

Re: SSL Labs says my server isn't doing ssl session resumption

2021-06-16 Thread Илья Шипицин
ср, 16 июн. 2021 г. в 20:27, Lukas Tribus : > On Wed, 16 Jun 2021 at 17:03, Илья Шипицин wrote: > > > > ssl sessions are for tls1.0 (disabled in your config) > > tls1.2 uses tls tickets for resumption > > That is not true, you can disable TLS tickets and still

Re: SSL Labs says my server isn't doing ssl session resumption

2021-06-16 Thread Илья Шипицин
ssl sessions are for tls1.0 (disabled in your config) tls1.2 uses tls tickets for resumption what does ssl labs say on tls tickets ? сб, 12 июн. 2021 г. в 05:51, Shawn Heisey : > I'm fiddling with ssl labs to see how I can improve my TLS setup. > > Here's what they say about a site I have

Re: [PATCH] CI: cirrus: add alpine linux to the jobs

2021-06-14 Thread Илья Шипицин
That's why Travis badge in README.md makes sense On Mon, Jun 14, 2021, 5:16 PM Willy Tarreau wrote: > On Mon, Jun 14, 2021 at 02:33:20PM +0200, William Lallemand wrote: > > On Mon, Jun 14, 2021 at 12:01:11PM +0200, Tim Düsterhus wrote: > > > We only run Travis once weekly, because of the

Re: [PATCH 0/4] Use 'feature cmd' in regtests

2021-06-14 Thread Илья Шипицин
I believe William means conditions like "openssl is 1.1.0 or higher", but that's possible using grep пн, 14 июн. 2021 г. в 15:33, Tim Düsterhus : > William, > > On 6/14/21 12:12 PM, William Lallemand wrote: > >> > >> feature cmd "$HAPROXY_PROGRAM -vv |grep -vq BoringSSL" > >> > >> and then

Re: [PATCH] CI: Replace the requirement for 'sudo' with a call to 'ulimit -n'

2021-06-13 Thread Илья Шипицин
Anyway, ACK from me. ulimit is less evil than sudo On Sun, Jun 13, 2021, 4:25 PM Tim Düsterhus wrote: > Ilya, > > On 6/13/21 3:18 PM, Илья Шипицин wrote: > > It was in my to do list as well. I recall I ran tests without increasing > > limits. > > > > Which test

Re: [PATCH] CI: Replace the requirement for 'sudo' with a call to 'ulimit -n'

2021-06-13 Thread Илья Шипицин
It was in my to do list as well. I recall I ran tests without increasing limits. Which test requires 5 open files? Maybe the one currently disabled? Also, it does not like a good pattern to open so many files. If we really use as many files, shouldn't we revisit that area? On Sun, Jun 13,

[PATCH] typo fixes

2021-06-12 Thread Илья Шипицин
Hello, yet more typo and spelling fixes. Ilya From 3328f8814e7d1d5c1d708c3d5c6a472e645c9d71 Mon Sep 17 00:00:00 2001 From: Ilya Shipitsin Date: Sat, 12 Jun 2021 15:55:27 +0500 Subject: [PATCH] CLEANUP: assorted typo fixes in the code and comments This is 24th iteration of typo fixes ---

Re: [PATCH] CI: cirrus: add alpine linux to the jobs

2021-06-12 Thread Илья Шипицин
final apline/musl patch attached пт, 11 июн. 2021 г. в 23:02, Илья Шипицин : > it works :) > > oops · chipitsine/haproxy@2ce9681 (github.com) > <https://github.com/chipitsine/haproxy/runs/2805388200> > > I'll polish it a bit and will send final patch tomorrow > &g

Re: [PATCH 0/4] Use 'feature cmd' in regtests

2021-06-11 Thread Илья Шипицин
haproxy/regression-testing.txt at master · haproxy/haproxy (github.com) <https://github.com/haproxy/haproxy/blob/master/doc/regression-testing.txt> can it be converted into md/rst ?? please please ? пт, 11 июн. 2021 г. в 23:19, Илья Шипицин : > there's reg-test documentation for

Re: [PATCH 0/4] Use 'feature cmd' in regtests

2021-06-11 Thread Илья Шипицин
there's reg-test documentation for beginners. should it be updated as well ? пт, 11 июн. 2021 г. в 22:56, Tim Duesterhus : > Hi! > > I hope I added all the active developers that touch the reg-tests to the > 'CC' > list :-) > > This series updates the regtests to make use of VTest's 'feature

Re: [PATCH] CI: cirrus: add alpine linux to the jobs

2021-06-11 Thread Илья Шипицин
it works :) oops · chipitsine/haproxy@2ce9681 (github.com) <https://github.com/chipitsine/haproxy/runs/2805388200> I'll polish it a bit and will send final patch tomorrow пт, 11 июн. 2021 г. в 20:42, Илья Шипицин : > > > пт, 11 июн. 2021 г. в 20:34, William Lallemand : >

Re: [PATCH] CI: cirrus: add alpine linux to the jobs

2021-06-11 Thread Илья Шипицин
пт, 11 июн. 2021 г. в 20:34, William Lallemand : > On Fri, Jun 11, 2021 at 08:14:49PM +0500, Илья Шипицин wrote: > > I've found ubuntu musl package, so we can just link to it in CI, for > > example (I'll try) > > > > > Well, that won't give you the same e

Re: [PATCH] CI: cirrus: add alpine linux to the jobs

2021-06-11 Thread Илья Шипицин
пт, 11 июн. 2021 г. в 20:18, Willy Tarreau : > On Fri, Jun 11, 2021 at 08:14:49PM +0500, ??? wrote: > > @Willy Tarreau , do you think it is good idea to display libc > > variant in "haproxy -vv" ? > > If needed we can (for those that are detectable), but I'm not convinced > of the

Re: [PATCH] CI: cirrus: add alpine linux to the jobs

2021-06-11 Thread Илья Шипицин
@Willy Tarreau , do you think it is good idea to display libc variant in "haproxy -vv" ? (not sure actually whether musl represent itself in recognizable way) I've found ubuntu musl package, so we can just link to it in CI, for example (I'll try) пт, 11 июн. 2021 г. в 20:03, Ил

Re: [PATCH] CI: cirrus: add alpine linux to the jobs

2021-06-11 Thread Илья Шипицин
пт, 11 июн. 2021 г. в 19:43, William Lallemand : > On Fri, Jun 11, 2021 at 07:09:14PM +0500, Илья Шипицин wrote: > > I'm against expanding cirrus matrix. cirrus is overloaded already, I'm > > afraid they will not stay for long time. > > using custom images in github actio

Re: [PATCH] CI: cirrus: add alpine linux to the jobs

2021-06-11 Thread Илья Шипицин
William, if you do not have a time, I can try to create github action based on your cirrus patch ... tomorrow ? пт, 11 июн. 2021 г. в 19:09, Илья Шипицин : > I'm against expanding cirrus matrix. cirrus is overloaded already, I'm > afraid they will not stay for long time. > using cust

Re: [PATCH] CI: cirrus: add alpine linux to the jobs

2021-06-11 Thread Илья Шипицин
I'm against expanding cirrus matrix. cirrus is overloaded already, I'm afraid they will not stay for long time. using custom images in github actions is straightforward, have a look centos 6 · chipitsine/haproxy@20fabcd (github.com)

Re: Speeding up opentracing build in CI ?

2021-06-10 Thread Илья Шипицин
I was mistaken. LibreSSL does not like parallel install libressl fails on `make -j4 install` · Issue #461 · libressl-portable/portable (github.com) anyway, if CI works, I'm ok with changes чт, 10 июн. 2021 г. в 20:49, William Lallemand

Re: Speeding up opentracing build in CI ?

2021-06-10 Thread Илья Шипицин
openssl does not support -j for make install I filed a bug on them, they told me "OK, just don't use it" On Thu, Jun 10, 2021, 8:52 AM Willy Tarreau wrote: > On Thu, Jun 10, 2021 at 07:19:37AM +0200, Willy Tarreau wrote: > > On Thu, Jun 10, 2021 at 10:15:46AM +0500, ??? wrote: > > >

Re: Speeding up opentracing build in CI ?

2021-06-09 Thread Илья Шипицин
OT takes about 30 sec (it is built with almost everything disabled). the biggest time eater is openssl-3.0.0 hopefully, OT will speed up to 10 sec by using parallel builds чт, 10 июн. 2021 г. в 10:05, Willy Tarreau : > On Thu, Jun 10, 2021 at 07:55:17AM +0300, ??? wrote: > > First one

Re: Speeding up opentracing build in CI ?

2021-06-09 Thread Илья Шипицин
First one is supposed to be cached one day together with "opt" folder. However, we can indeed use parallel builds until cache is enabled for github actions On Thu, Jun 10, 2021, 7:49 AM Willy Tarreau wrote: > Tim, Ilya, > > while testing Miroslav's fix, I found the opentracing build to be

Re: enaling cache in github actions

2021-06-08 Thread Илья Шипицин
16:59, Tim Düsterhus : > Ilya, > > On 5/15/21 5:30 PM, Илья Шипицин wrote: > > I've found that we do not cache "download-cache" and "opt" folders, > > thus we build BoringSSL on every build (no cache). > > > > I tried to enable cache > > >

Re: [PATCH] CI: Make matrix.py executable and add shebang

2021-06-08 Thread Илья Шипицин
ack from me. вт, 8 июн. 2021 г. в 18:17, Tim Duesterhus : > It's a script, allow executing this as a script without needing to invoke > `python3` manually. > --- > .github/matrix.py | 2 ++ > 1 file changed, 2 insertions(+) > mode change 100644 => 100755 .github/matrix.py > > diff --git

Re: [PATCH] CI: enable openssl-3.0.0 builds

2021-06-07 Thread Илья Шипицин
lliam Lallemand wrote: > > > > On Mon, Jun 07, 2021 at 04:02:00PM +0500, Илья Шипицин wrote: > > > >> sorry, I do not have much spare time to implement that in short time > > > >> perspective. > > > >> I think of 2-3 month timeframe. > > &

Re: [PATCH] CI: enable openssl-3.0.0 builds

2021-06-07 Thread Илья Шипицин
пн, 7 июн. 2021 г. в 16:31, William Lallemand : > On Mon, Jun 07, 2021 at 04:02:00PM +0500, Илья Шипицин wrote: > > sorry, I do not have much spare time to implement that in short time > > perspective. > > I think of 2-3 month timeframe. > > > > Isn't it possibl

Re: [PATCH] CI: enable openssl-3.0.0 builds

2021-06-07 Thread Илья Шипицин
sorry, I do not have much spare time to implement that in short time perspective. I think of 2-3 month timeframe. пн, 7 июн. 2021 г. в 13:07, William Lallemand : > On Sun, Jun 06, 2021 at 05:36:45AM +0200, Willy Tarreau wrote: > > On Sun, Jun 06, 2021 at 12:51:53AM +0200, Tim Düsterhus wrote: >

Re: Official ubuntu 20 repository

2021-06-07 Thread Илья Шипицин
пн, 7 июн. 2021 г. в 12:20, Valters Jansons : > On Mon, Jun 7, 2021 at 12:34 AM Ismail Azerty > wrote: > > For some security reasons, our security teams want us to use the > official repository, or recompile the whole project on ubuntu 20. > > Official Ubuntu repositories are "slow" to

Re: [PATCH] CI: enable openssl-3.0.0 builds

2021-06-04 Thread Илья Шипицин
here are two patches: - deprecated warnings suppressed - openssl-3.0.0 enabled ср, 2 июн. 2021 г. в 21:51, Tim Düsterhus : > Dinko, > > On 6/2/21 1:34 PM, Dinko Korunic wrote: > > Yes, GItHub Actions has support for flagging some of the jobs in matrix > as experimental (which will permit job to

Re: Modify POST data (with lua)?

2021-06-02 Thread Илья Шипицин
ср, 2 июн. 2021 г. в 18:00, Elias Abacioglu < elias.abacio...@deltaprojects.com>: > > Hi Tim > > On Wed, Jun 2, 2021 at 12:38 PM Tim Düsterhus wrote: > >> Elias, >> >> On 6/2/21 12:16 PM, Elias Abacioglu wrote: >> > I'm planning on placing an API behind HAProxy and want a way to modify >> the >>

Re: [PATCH] CI: enable openssl-3.0.0 builds

2021-06-02 Thread Илья Шипицин
ср, 2 июн. 2021 г. в 16:27, Tim Düsterhus : > Ilya, > > On 6/2/21 12:58 PM, Илья Шипицин wrote: > > as openssl-3.0.0 is getting close to release, let us add it to build > matrix. > > > > I dislike that this is going to report all commits in red, until the > build

[PATCH] CI: enable openssl-3.0.0 builds

2021-06-02 Thread Илья Шипицин
Hello, as openssl-3.0.0 is getting close to release, let us add it to build matrix. thanks, Ilya From 1651766c81e141c1a077499e151e6c619289883a Mon Sep 17 00:00:00 2001 From: Ilya Shipitsin Date: Wed, 2 Jun 2021 10:42:09 + Subject: [PATCH] CI: github actions: add OpenSSL-3.0.0 builds

Re: how to write to a file safely in haproxy

2021-05-26 Thread Илья Шипицин
Not clear what recommendation did you read. you might consider dataplane api for config management: haproxytech/dataplaneapi: HAProxy Data Plane API (github.com) On Wed, May 26, 2021, 4:32 PM reshma r wrote: > Hello all, > Periodically I need to

Re: [PATCH] CI: enable OpenTracing feature

2021-05-18 Thread Илья Шипицин
Miroslav, can you please keep an eye on patch from OpenTracing build failures using clang · Issue #1242 · haproxy/haproxy (github.com) ? вт, 18 мая 2021 г. в 21:38, Willy Tarreau : > On Tue, May 18, 2021 at 01:32:56PM +0200, Tim Düsterhus wrote:

[PATCH] CI: enable OpenTracing feature

2021-05-18 Thread Илья Шипицин
Hello, this enables OpenTracing for CI builds. thanks. Ilya From 9ca15c0d95b1c4fa5dc040116f9ec006712095f1 Mon Sep 17 00:00:00 2001 From: Ilya Shipitsin Date: Tue, 18 May 2021 09:46:43 + Subject: [PATCH] CI: github actions: add OpenTracing builds let us add OpenTracing module to "all

Re: [PATCH] move VTest installation to scripts/build-vtest.sh

2021-05-18 Thread Илья Шипицин
вт, 18 мая 2021 г. в 13:54, Willy Tarreau : > On Sat, May 15, 2021 at 05:53:57PM +0200, Tim Düsterhus wrote: > > Willy, > > Ilya, > > > > On 5/15/21 8:58 AM, ??? wrote: > > > I attached a patch that uses "curl". on a distance it seems to be > faster > > > for 50% > > > > > > > This one

Re: unexpected asan behaviour

2021-05-18 Thread Илья Шипицин
Maybe sudo drops env variables On Tue, May 18, 2021, 12:29 PM Tim Düsterhus wrote: > Ilya, > > On 5/17/21 3:57 PM, Илья Шипицин wrote: > > FYI, this is not what it supposed to be > > > > BUILD/MINOR: ssl: Fix compilation with SSL enabled · > > haproxy/haprox

unexpected asan behaviour

2021-05-17 Thread Илья Шипицин
Tim, FYI, this is not what it supposed to be BUILD/MINOR: ssl: Fix compilation with SSL enabled · haproxy/haproxy@d75b99e (github.com) according to global ASAN_OPTIONS it was supposed to go to separate log. but something went wrong :) it is

enaling cache in github actions

2021-05-15 Thread Илья Шипицин
I've found that we do not cache "download-cache" and "opt" folders, thus we build BoringSSL on every build (no cache). I tried to enable cache https://github.com/chipitsine/haproxy/blob/master/.github/workflows/vtest.yml#L46-L53 github does not like such caching keys: Error: Key Validation

Re: DNS service discovery and consistent hashing

2021-05-15 Thread Илья Шипицин
maybe using dataplane api https://github.com/haproxytech/dataplaneapi will give you required flexibility пт, 14 мая 2021 г. в 01:58, Andrew Rodland : > At Vimeo we have a custom tool since 2015 that monitors the membership of > clusters of servers, templates out a config with servers assigned

Re: [PATCH] move VTest installation to scripts/build-vtest.sh

2021-05-15 Thread Илья Шипицин
сб, 15 мая 2021 г. в 01:14, Илья Шипицин : > > > сб, 15 мая 2021 г. в 00:56, Nicolas CARPi : > >> > I compared several times, git clone is faster >> In my hands curl is the fastest option compared to git clone. >> > > ok, I'll make more comparison tomorrow

Re: [PATCH] move VTest installation to scripts/build-vtest.sh

2021-05-14 Thread Илья Шипицин
сб, 15 мая 2021 г. в 00:56, Nicolas CARPi : > > I compared several times, git clone is faster > In my hands curl is the fastest option compared to git clone. > ok, I'll make more comparison tomorrow > > Wouldn't "git clone --depth 1" be a good option to consider here? It > avoids getting the

Re: [PATCH] move VTest installation to scripts/build-vtest.sh

2021-05-14 Thread Илья Шипицин
сб, 15 мая 2021 г. в 00:20, Tim Düsterhus : > Ilya, > > On 5/14/21 9:02 PM, Илья Шипицин wrote: > > let us unify VTest installation magic. > > I disagree with using 'git clone' here, cloning the repository with full > history is wasteful. Please use the tarball approach f

[PATCH] move VTest installation to scripts/build-vtest.sh

2021-05-14 Thread Илья Шипицин
Hello, let us unify VTest installation magic. Ilya From 9f85fe25ad9ee6bf753311a44a5089a6ee2096c9 Mon Sep 17 00:00:00 2001 From: Ilya Shipitsin Date: Fri, 14 May 2021 23:59:35 +0500 Subject: [PATCH] CI: introduce scripts/build-vtest.sh for installing VTest we install VTest for all CI systems,

Re: adding Coverity badge to some visible place

2021-05-14 Thread Илья Шипицин
some tools (e.g. Coverity, Travis-CI) are not attached to commits directly. travis runs once a week, badge would be nice as well пт, 14 мая 2021 г. в 20:45, Daniel Corbett : > Hello Ilya, > > > From: Илья Шипицин > > Sent: Friday, May 14, 2021 11:10 AM > > To: HAPr

adding Coverity badge to some visible place

2021-05-14 Thread Илья Шипицин
Hello, I would like to improve code quality visibility. what if we convert README --> README.md and put Coverity badge there ? Ilya

Re: [PATCH] BUILD/MINOR: opentracing: fixed compilation with filter, enabled

2021-05-12 Thread Илья Шипицин
I did not mean to postpone Miroslav's patch :) On Wed, May 12, 2021, 10:39 AM Willy Tarreau wrote: > Hi Ilya, > > On Tue, May 11, 2021 at 10:59:46PM +0500, ??? wrote: > > I tried opentracing ci, I estimate 1-2 weeks to stabilize. Can we delay > 2.4 > > after that? > > If you mean

Re: [PATCH] BUILD/MINOR: opentracing: fixed compilation with filter, enabled

2021-05-11 Thread Илья Шипицин
I tried opentracing ci, I estimate 1-2 weeks to stabilize. Can we delay 2.4 after that? On Tue, May 11, 2021, 10:37 PM Miroslav Zagorac wrote: > Hello, > > The inclusion of header files proxy.h and tools.h was added to the > addons/ot/include/include.h file. Without this HAProxy cannot be >

Re: [PATCH] CI: Build VTest with clang

2021-05-10 Thread Илья Шипицин
There are vtest build in cirrus and travis as well. What if we move vtest building into "scripts/build-vtest.sh" ? On Tue, May 11, 2021, 1:54 AM Tim Duesterhus wrote: > Willy, > Ilya, > > not tested, but it should be simple enough to not mess it up. > > Best regards > Tim Düsterhus > > Apply

[PATCH] spell check fixes

2021-05-10 Thread Илья Шипицин
Hello, yet another spell check improvements. Ilya From 58ea7d81c586a609aa7bdea44d0c33a7de500fda Mon Sep 17 00:00:00 2001 From: Ilya Shipitsin Date: Mon, 10 May 2021 12:50:00 +0500 Subject: [PATCH 2/2] CLEANUP: assorted typo fixes in the code and comments This is 23rd iteration of typo fixes

[PATCH] enable QUIC for CI builds when appropriate

2021-05-09 Thread Илья Шипицин
Hello, USE_QUIC=1 added for BoringSSL builds. thanks, Ilya From 2a79e92bdac01d926e7f85583f455db17f1515bb Mon Sep 17 00:00:00 2001 From: Ilya Shipitsin Date: Sun, 9 May 2021 21:27:28 +0500 Subject: [PATCH] CI: Github Actions: enable USE_QUIC=1 for BoringSSL builds if haproxy is built against

Re: [PATCH] MINOR: opentracing: register config file and line number on log servers

2021-05-08 Thread Илья Шипицин
7939eaa8d3310378d419d90c5#diff-b525f86b1f4925509959f857496dff18a9c4ed34fcc7f49357c5a6d00fb64d17R91 Tim, do you know how to add it using ${{ contains(matrix.FLAGS, 'USE_OT=1') }} condition ? чт, 8 апр. 2021 г. в 14:44, Илья Шипицин : > > > чт, 8 апр. 2021 г. в 14:25, Willy Tarreau : > &

[PATCH] CI: switch to the latest stable LibreSSL-3.3.3

2021-05-04 Thread Илья Шипицин
Hello, LibreSSL-3.3.3 just released. patch attached. thanks, Ilya From bddc3bb1f9726b1bee964a66e77575f054faae2b Mon Sep 17 00:00:00 2001 From: Ilya Shipitsin Date: Wed, 5 May 2021 09:01:03 +0500 Subject: [PATCH] CI: Github Actions: switch to LibreSSL-3.3.3 stable LibreSSL-3.3.3 released, let

[PATCH] typo fixes

2021-04-24 Thread Илья Шипицин
hello, one more typo fixing. Ilya From 95a5f29e573ef02bc31c74d426f2db8fbdc1f57d Mon Sep 17 00:00:00 2001 From: Ilya Shipitsin Date: Sat, 24 Apr 2021 13:25:42 +0500 Subject: [PATCH] CLEANUP: assorted typo fixes in the code and comments This is 22nd iteration of typo fixes ---

[PATCH] CI: travis-ci: enable graviton2 builds

2021-04-15 Thread Илья Шипицин
Hello, as described in travis-ci docs: https://blog.travis-ci.com/2020-09-11-arm-on-aws it is next generation armv8 available on AWS. cheers, Ilya From 4365c936396a5c7c4f710ed8267b06a73fd5bbcc Mon Sep 17 00:00:00 2001 From: Ilya Shipitsin Date: Thu, 15 Apr 2021 19:16:09 +0500 Subject: [PATCH]

[PATCH] fix cirrus-ci builds by installing "pcre" package

2021-04-14 Thread Илья Шипицин
Hello, something changed in freebsd packaging. we now need to install pcre directly. Ilya From 406a5b8cfee330cc74c18f0eca1811195e7eff6d Mon Sep 17 00:00:00 2001 From: Ilya Shipitsin Date: Wed, 14 Apr 2021 21:47:34 +0500 Subject: [PATCH] CI: cirrus: install "pcre" package it turned out that our

Re: [ANNOUNCE] haproxy-2.4-dev16

2021-04-12 Thread Илья Шипицин
Dear Team, can we address at least #1112, #1119 before 2.4 is released ? пт, 9 апр. 2021 г. в 20:52, Willy Tarreau : > Hi, > > HAProxy 2.4-dev16 was released on 2021/04/09. It added 37 new commits > after version 2.4-dev15. > > This one is particularly calm, I even hesitated between making it

Re: [PATCH] MINOR: opentracing: register config file and line number on log servers

2021-04-08 Thread Илья Шипицин
чт, 8 апр. 2021 г. в 14:25, Willy Tarreau : > On Wed, Apr 07, 2021 at 05:26:24PM +0500, ??? wrote: > > we run "all features anebled" gcc and clang builds, for example > > BUG/MINOR: tools: fix parsing "us" unit for timers · > > haproxy/haproxy@a683805 (github.com) > > < >

Re: [PATCH] MINOR: opentracing: register config file and line number on log servers

2021-04-07 Thread Илья Шипицин
On Wed, Apr 7, 2021, 2:16 PM Miroslav Zagorac wrote: > On 04/07/2021 12:13 PM, Илья Шипицин wrote: > > do you consider adding opentracing to "github actions" CI ? > > > > Hello Илья, > > I don't know how to add it because I never used it. The filter uses &

Re: [PATCH] MINOR: opentracing: register config file and line number on log servers

2021-04-07 Thread Илья Шипицин
do you consider adding opentracing to "github actions" CI ? ср, 7 апр. 2021 г. в 14:35, Miroslav Zagorac : > Hello, > > due to the modified function declaration, the opentracing filter can no > longer be compiled. > > In commit 9533a7038 new parameters have been added to the declaration > of

Re: zlib vs slz (perfoarmance)

2021-03-30 Thread Илья Шипицин
вт, 30 мар. 2021 г. в 17:44, Willy Tarreau : > On Tue, Mar 30, 2021 at 02:25:14PM +0500, ??? wrote: > > I would wait for feedback from some other high load projects. From my > > observation it is significant benefit. > > Originally slz was written for use in haproxy to solve the huge

  1   2   3   4   5   6   7   8   9   >