[ANNOUNCE] haproxy-2.7-dev3

2022-08-07 Thread Willy Tarreau
t updated Revert "MINOR: cli: emit a warning when _getsocks was used more than once" MINOR: cli: warning on _getsocks when socket were closed Willy Tarreau (21): BUG/MEDIUM: tools: avoid calling dlsym() in static builds (try 2) BUG/MINOR: tools: fix statistica

Re: [PATCH] ubuntu-22.04 related ssl fixes (SECLEVEL related and ec curves renamed)

2022-08-06 Thread Willy Tarreau
On Sat, Aug 06, 2022 at 10:50:15PM +0500, ??? wrote: > I accidently lost "-E' flag on grep. > follow up patch attached. No problem, thanks for the quic response. At least it seems to work for me locally, I've just pushed it and we'll see. Thanks! Willy

Re: [PATCH] ubuntu-22.04 related ssl fixes (SECLEVEL related and ec curves renamed)

2022-08-06 Thread Willy Tarreau
On Sat, Aug 06, 2022 at 05:48:56PM +0200, Willy Tarreau wrote: > On Fri, Jul 29, 2022 at 09:37:46PM +0500, ??? wrote: > > gentle ping > > Sorry Ilya, but William is in vacation right now. Since I don't think > there's any risk with your patch, I took it. In the

Re: [PATCH] ubuntu-22.04 related ssl fixes (SECLEVEL related and ec curves renamed)

2022-08-06 Thread Willy Tarreau
On Fri, Jul 29, 2022 at 09:37:46PM +0500, ??? wrote: > gentle ping Sorry Ilya, but William is in vacation right now. Since I don't think there's any risk with your patch, I took it. In the worst case should William disagree with it, we could still patch later. Thanks! Willy

Re: Server timeouts since HAProxy 2.2

2022-08-06 Thread Willy Tarreau
On Thu, Aug 04, 2022 at 12:14:04PM +0200, Vincent Bernat wrote: > On 2022-08-04 10:35, William Edwards wrote: > > > However, > > https://haproxy.debian.net/#distribution=Debian=buster=2.2 > > says: > > > > "The Debian HAProxy packaging team provides various versions of HAProxy > > packages for

Re: haproxy listening on lots of UDP ports

2022-08-06 Thread Willy Tarreau
Hi Shawn, On Fri, Aug 05, 2022 at 05:18:06PM -0600, Shawn Heisey wrote: > I am running haproxy in a couple of places.  It is listening on multiple > seemingly random high UDP ports. These typically are syslog sockets. In fact the ports are not really "listening", it's just that in UDP there's no

Re: [PATCH] CI: enable weekly "m32" builds

2022-08-06 Thread Willy Tarreau
On Mon, Aug 01, 2022 at 07:40:43PM +0200, Tim Düsterhus wrote: > The updated patches LGTM. Thanks guys, now applied! Willy

Re: [PATCH] speling fixes

2022-08-06 Thread Willy Tarreau
On Fri, Jul 29, 2022 at 10:30:39PM +0500, ??? wrote: > Hello, > > yet another spell check fiexs. Now applied, thanks Ilya! Willy

Re: [PR] Fix -v flag usage with install(1) on OpenBSD/NetBSD/Solaris/AIX

2022-07-16 Thread Willy Tarreau
On Sat, Jul 16, 2022 at 07:01:22PM -0400, Brad Smith wrote: > On 7/16/2022 12:52 PM, Willy Tarreau wrote: > > On Sat, Jul 16, 2022 at 05:18:50AM -0400, Brad Smith wrote: > > > On Sat, Jul 16, 2022 at 11:09:19AM +0200, Willy Tarreau wrote: > > > > Looks good. L

Re: Higher Tc than timeout server

2022-07-16 Thread Willy Tarreau
Hi William, On Sat, Jul 16, 2022 at 06:43:09PM +0200, William Edwards wrote: > Hi, > > Sorry to bump this, but I haven't made any progress with this on my own. > Does anyone see what I'm missing here? > > > The Tc timer is documented as: > > > > > - Tc: total time to establish the TCP

Re: [PR] Fix -v flag usage with install(1) on OpenBSD/NetBSD/Solaris/AIX

2022-07-16 Thread Willy Tarreau
On Sat, Jul 16, 2022 at 05:18:50AM -0400, Brad Smith wrote: > On Sat, Jul 16, 2022 at 11:09:19AM +0200, Willy Tarreau wrote: > > Looks good. Let's just add a commit message and I'll merge it. > > > BUILD: makefile: Fix install(1) handling for OpenBSD/NetBSD/Solaris/AIX (...)

[ANNOUNCE] haproxy-2.7-dev2

2022-07-16 Thread Willy Tarreau
mworker_pipe to mworker_sockpair BUG/MINOR: peers: fix possible NULL dereferences at config parsing MEDIUM: mworker/systemd: send STATUS over sd_notify Willy Tarreau (112): MINOR: tinfo: make tid temporarily still reflect global ID CLEANUP: config: remove unused proc_mask() MINOR

Re: [PR] Fix -v flag usage with install(1) on OpenBSD/NetBSD/Solaris/AIX

2022-07-16 Thread Willy Tarreau
On Sat, Jul 16, 2022 at 12:57:14AM -0400, Brad Smith wrote: > How about something like the following? > > > diff --git a/Makefile b/Makefile > index 85f6c632d..5cc59a061 100644 > --- a/Makefile > +++ b/Makefile > @@ -81,6 +81,9 @@ > # DESTDIR is not set by default and is used for installation

Re: [PR] Fix -v flag usage with install(1) on OpenBSD/NetBSD/Solaris/AIX

2022-07-15 Thread Willy Tarreau
On Sat, Jul 16, 2022 at 12:22:49AM -0400, Brad Smith wrote: > On 7/15/2022 11:59 PM, Willy Tarreau wrote: > > Hello, > > > > On Fri, Jul 15, 2022 at 07:27:12PM -0400, Brad Smith wrote: > > > On 7/15/2022 1:34 AM, ??? wrote: > > > > I wonder how

Re: SV: Suggestion

2022-07-15 Thread Willy Tarreau
Hi, On Sun, Jul 10, 2022 at 02:23:41PM +, Henning Svane wrote: > About IPv4 and IPv6 I was of that impression that when you declared the > stick-table you also declared it with a type for either ipv4 or ipv6, and it > was not possible to save both of them in the same table. I have no problem

Re: [PR] Fix -v flag usage with install(1) on OpenBSD/NetBSD/Solaris/AIX

2022-07-15 Thread Willy Tarreau
Hello, On Fri, Jul 15, 2022 at 07:27:12PM -0400, Brad Smith wrote: > On 7/15/2022 1:34 AM, ??? wrote: > > I wonder how do NetBSD/OpenBSD ports work, do they use their own > > "install" invocation instead of "make install" ? > > shouldn't they switch to "make install" ? > > NetBSD uses

Re: SV: SV: Config will not start on 2.6.1 on Ubuntu 22.04

2022-07-09 Thread Willy Tarreau
On Sat, Jul 09, 2022 at 01:46:03PM +0200, Vincent Bernat wrote: > On 7/9/22 10:55, Willy Tarreau wrote: > > On Sat, Jul 09, 2022 at 12:03:02AM +0200, Vincent Bernat wrote: > > > The error when not running as root is expected. However, the fact it does > > > not wor

Re: SV: SV: Config will not start on 2.6.1 on Ubuntu 22.04

2022-07-09 Thread Willy Tarreau
On Sat, Jul 09, 2022 at 12:03:02AM +0200, Vincent Bernat wrote: > The error when not running as root is expected. However, the fact it does > not work on boot, then works after is odd. Can you share a minimal > configuration file which exhibits this issue? That's very strange, it sounds as if the

[ANNOUNCE] haproxy-2.7-dev1

2022-06-24 Thread Willy Tarreau
o not look for key in extra files if already in pem Tim Duesterhus (1): CLEANUP: Re-apply xalloc_size.cocci (2) William Lallemand (3): BUG/MEDIUM: ssl/cli: crash when crt inserted into a crt-list REGTESTS: ssl: add the same cert for client/server BUG/MEDIUM: mwork

Re: lua: Add missed lua 5.4 references

2022-06-21 Thread Willy Tarreau
Hi Christian, On Tue, Jun 21, 2022 at 11:05:09PM +0200, Christian Ruppert wrote: > Hey guys, > > is there any news on this or got this one just lost? I couldn't find a > response to it so I assume it just got lost. > Or is there anything against it? > To bad forwarding doesn't work and since

Re: [PATCH 1/1]: MINOR __builtin_memcpy_inline usage introduction

2022-06-20 Thread Willy Tarreau
Hi David, On Sat, Jun 18, 2022 at 12:52:23PM +0100, David CARLIER wrote: > From 9d7b6448a2407451c3115b701c51f97ab2bf6a59 Mon Sep 17 00:00:00 2001 > From: David Carlier > Date: Sat, 18 Jun 2022 12:41:11 +0100 > Subject: [PATCH] MINOR: compiler __builtin_memcpy_inline usage introduction. > >

Re: [haproxy/haproxy] OPTIM/MINOR: h2_settings_initial_window_size default 64k (PR #1732)

2022-06-08 Thread Willy Tarreau
On Wed, Jun 08, 2022 at 09:22:31AM -0400, Glenn Strauss wrote: > Since DATA frames might be in flight on the network, the server may want > to be able to buffer twice the advertisted window size and defer sending > WINDOW_UPDATE once the advertised window size is buffered. Doing so > gives the

Re: [haproxy/haproxy] OPTIM/MINOR: h2_settings_initial_window_size default 64k (PR #1732)

2022-06-08 Thread Willy Tarreau
On Wed, Jun 08, 2022 at 08:29:48AM -0400, Glenn Strauss wrote: > > I agree that it's independent but it's the one that is not expected to > > cause any regression with any possible client. That's why I'd like to > > have the two. First that one because it should be durable. Second, your > > patch

Re: [haproxy/haproxy] OPTIM/MINOR: h2_settings_initial_window_size default 64k (PR #1732)

2022-06-08 Thread Willy Tarreau
Hello Glenn, On Tue, Jun 07, 2022 at 05:24:09PM -0400, Glenn Strauss wrote: > On Tue, Jun 07, 2022 at 09:27:43AM -0700, Willy Tarreau wrote: > > Hello Glenn, > > > > Thanks for your report, I understand the problem, that's very interesting. > > I would say it'

Re: Rate Limiting with token/leaky bucket algorithm

2022-06-07 Thread Willy Tarreau
On Tue, Jun 07, 2022 at 01:51:06PM +0200, Seena Fallah wrote: > I also tried with this one but this will give me 20req/s 200 OK and the > rest of it 429 too many requests > ``` > listen test > bind :8000 > stick-table type ip size 100k expire 30s store http_req_rate(1s) > acl

Re: [ANNOUNCE] haproxy-2.6.0

2022-06-03 Thread Willy Tarreau
On Fri, Jun 03, 2022 at 11:43:32PM +0200, Vincent Bernat wrote: > ? 31 May 2022 17:56 +02, Willy Tarreau: > > > HAProxy 2.6.0 was released on 2022/05/31. It added 57 new commits > > after version 2.6-dev12, essentially small bug fixes, QUIC counters > > and doc upda

Re: deviceatlas compiler error

2022-06-03 Thread Willy Tarreau
Hello Amol, On Fri, Jun 03, 2022 at 11:09:07AM +0530, Amol Arote wrote: > We are trying to upgrade deviceatlas for HAProxy version 2.4.2-553dee3, but > while compiling deviceatlas its showing some error. > Below are the versions and steps which we perform for the same. Thanks for the report.

Re: [ANNOUNCE] haproxy-2.6.0

2022-05-31 Thread Willy Tarreau
On Tue, May 31, 2022 at 07:16:31PM +0200, Tim Düsterhus wrote: > Willy, > > you're probably expected this type of email from me :-) > > On 5/31/22 17:56, Willy Tarreau wrote: > > HAProxy 2.6.0 was released on 2022/05/31. It added 57 new commits > > I guess the release

Re: [haproxy/docs PATCH] Replace `primary` with `info` for HAProxy 2.5 on index.html

2022-05-31 Thread Willy Tarreau
On Tue, May 31, 2022 at 07:01:37PM +0200, Tim Düsterhus wrote: > Willy, > > On 5/31/22 18:26, Willy Tarreau wrote: > > On Tue, May 31, 2022 at 06:15:48PM +0200, Tim Duesterhus wrote: > > > 2.5 is neither the newest stable version, nor the newest LTS version, thus

Re: [haproxy/docs PATCH] Replace `primary` with `info` for HAProxy 2.5 on index.html

2022-05-31 Thread Willy Tarreau
On Tue, May 31, 2022 at 06:15:48PM +0200, Tim Duesterhus wrote: > 2.5 is neither the newest stable version, nor the newest LTS version, thus > there is no reason for it to be highlighted. Ah you're absolutely right. I left it on purpose but I guess my brain was completely washed by the long

[ANNOUNCE] haproxy-2.6.0

2022-05-31 Thread Willy Tarreau
n Ruppert, Christopher Faulet, Daniel Jakots, David Carlier, Emeric Brun, Frédéric Lécaille, Ilya Shipitsin, Lukas Tribus, Maciej Zdeb, Marno Krahmer, Miroslav Zagorac, Remi Tricot-Le Breton, Thayne McCombs, Thierry Fournier, Tim Duesterhus, William Dauchy, William Lallemand, Willy Tarreau

Re: [PATCH] DOC: Fix formatting in configuration.txt to fix dconv

2022-05-27 Thread Willy Tarreau
On Fri, May 27, 2022 at 11:20:36PM +0200, Tim Duesterhus wrote: > The missing space before the colon causes haproxy-dconv to misparse the > configuration.txt. Thanks Tim, now merged. Willy

[ANNOUNCE] haproxy-2.6-dev12

2022-05-27 Thread Willy Tarreau
Properly reject non-HTTP/1.x protocols REGTESTS: Do not use REQUIRE_VERSION for HAProxy 2.5+ (2) William Lallemand (2): DOC: configuration: add a warning for @system-ca on bind BUG/MINOR: ssl/lua: use correctly cert_ext in CertCache.set() Willy Tarreau (110): CLEANUP: init: address a

Re: [PATCH] BUG/MEDIUM: sample: Fix adjusting size in word converter

2022-05-27 Thread Willy Tarreau
On Wed, May 25, 2022 at 10:58:51PM -0600, astrotha...@gmail.com wrote: > From: Thayne McCombs > > Adjust the size of the sample buffer before we change the "area" > pointer. Otherwise, we end up not changing the size, because the area > pointer is already the same as "start" before we compute

Re: [PATCH] REGTESTS: Do not use REQUIRE_VERSION for HAProxy 2.5+ (2)

2022-05-27 Thread Willy Tarreau
On Mon, May 23, 2022 at 10:45:36PM +0200, Tim Duesterhus wrote: > Introduced in: > > 18c13d3bd MEDIUM: http-ana: Add a proxy option to restrict chars in request > header names (...) Merged, thanks Tim! Willy

Re: [ANNOUNCE] haproxy-2.6-dev11

2022-05-23 Thread Willy Tarreau
Hi Ilya, On Tue, May 24, 2022 at 09:53:01AM +0500, ??? wrote: > Hello, > > can we please address https://github.com/haproxy/haproxy/issues/1585 before > final 2.6 ? I thought it was since I replied it was an FP but OK, I pushed a patch to silence it. Thanks, Willy

Re: [PATCH v2] CLEANUP: tools: Crash if inet_ntop fails due to ENOSPC in sa2str

2022-05-23 Thread Willy Tarreau
On Mon, May 23, 2022 at 09:30:49AM +0200, Tim Duesterhus wrote: > This is impossible, because we pass a destination buffer that is appropriately > sized to hold an IPv6 address. Applied now, thank you Tim! Willy

Re: Peers using heavily single cpu core

2022-05-23 Thread Willy Tarreau
Hi Maciej, On Mon, May 23, 2022 at 08:50:53AM +0200, Maciej Zdeb wrote: > Hi Christopher, > I've verified that outgoing connections are now spread between multiple > threads! Thank you very much! That's really great, thank you for testing! I, too, thought it was worth being merged even this late

Re: [PATCH 2/2] CLEANUP: tools: Crash if inet_ntop fails in sa2str

2022-05-23 Thread Willy Tarreau
On Sun, May 22, 2022 at 01:06:28PM +0200, Tim Duesterhus wrote: > @@ -1374,7 +1374,10 @@ char * sa2str(const struct sockaddr_storage *addr, int > port, int map_ports) > default: > return NULL; > } > - inet_ntop(addr->ss_family, ptr, buffer, sizeof(buffer)); > +

Re: [PATCH 1/2] BUG/MEDIUM: tools: Fix `inet_ntop` usage in sa2str

2022-05-23 Thread Willy Tarreau
On Sun, May 22, 2022 at 01:06:27PM +0200, Tim Duesterhus wrote: > The given size must be the size of the destination buffer, not the size of the > (binary) address representation. > > This fixes GitHub issue #1599. > > The bug was introduced in 92149f9a82a9b55c598f1cc815bc330c555f3561 which is

Re: [PATCH] CLEANUP: tools: Clean up non-QUIC error message handling in str2sa_range()

2022-05-23 Thread Willy Tarreau
On Sun, May 22, 2022 at 12:40:58PM +0200, Tim Duesterhus wrote: > If QUIC support is enabled both branches of the ternary conditional are > identical, upsetting Coverity. Move the full conditional into the non-QUIC > preprocessor branch to make the code more clear. > > This resolves GitHub issue

[ANNOUNCE] haproxy-2.6-dev11

2022-05-21 Thread Willy Tarreau
l-provider-path' global option Tim Duesterhus (4): CLEANUP: Add missing header to ssl_utils.c CLEANUP: Add missing header to hlua_fcn.c CLEANUP: Remove unused function hlua_get_top_error_string CLEANUP: http_ana: Make use of the return value of stream_generate_unique_id()

Re: [PATCH] CI: determine actual OpenSSL version dynamically

2022-05-20 Thread Willy Tarreau
On Fri, May 20, 2022 at 11:10:28PM +0500, ??? wrote: > Hello, > > another small improvement, this change introduce "OPENSSL_VERSION=latest" > semantic. Applied, thank you Ilya! Willy

Re: Increase SSL Key Generation after upgrade from 2.4.15 to 2.4.17

2022-05-20 Thread Willy Tarreau
Hi Tomasz, On Fri, May 20, 2022 at 05:17:19PM +0200, Tomasz Ludwiczak wrote: > Hi, > > I am seeing an increase in SSL Key Generation after upgrading from 2.4.15 > to 2.4.17. I have not changed the openssl version. Does anyone have an idea > what this could be related to? > I have looked at the

Re: Paid feature development: TCP stream compression

2022-05-20 Thread Willy Tarreau
On Fri, May 20, 2022 at 04:20:45PM +0500, ??? wrote: > yes, it was I meant actually. haproxy currently is not suitable for > compressing tcp streams. even if such feature will be considered as useful, > it will take time. Compression is not done on TCP but since it's done using a filter

Re: Paid feature development: TCP stream compression

2022-05-20 Thread Willy Tarreau
On Fri, May 20, 2022 at 12:16:07PM +0100, Mark Zealey wrote: > Thanks, we may use this for a very rough proof-of-concept. However we are > dealing with millions of concurrent connections, 10-100 million connections > per day, so we'd prefer to pay someone to develop (+ test!) something for >

Re: GitHub Issue Tracker: New "Close Reason" feature

2022-05-20 Thread Willy Tarreau
Hi Tim, On Thu, May 19, 2022 at 09:18:16PM +0200, Tim Düsterhus wrote: > Hi! > > as a heads up for the folks with issue tracker access: > > https://github.blog/changelog/2022-05-19-the-new-github-issues-may-19th-update/ > > GitHub updated the issue tracker to basically" allow specifying

Re: [PATCH 1/1] : BUILD/MINOR cpuset build fix for FreeBSD 13.1

2022-05-20 Thread Willy Tarreau
Hi David, On Wed, May 18, 2022 at 03:50:04PM +0100, David CARLIER wrote: > Hi, > > FreeBSD 13.1 had been released this week and here a little fix for the > cpuset part. Merged, thank you! Willy

Re: [PATCH] CLEANUP: http_ana: Make use of the return value of stream_generate_unique_id()

2022-05-17 Thread Willy Tarreau
On Wed, May 18, 2022 at 12:22:15AM +0200, Tim Duesterhus wrote: > Even if `unique_id` and `s->unique_id` are identical it is a bit odd to > `isttest()` `unique_id` and then use `s->unique_id` in the call to > `http_add_header()`. Agreed, better be consistent. Now applied, thank you Tim! Willy

Re: [PATCH 1/1]: BUILD/MINOR: solaris based oses build fix/get_exe_path implementation.

2022-05-17 Thread Willy Tarreau
Both patches merged, thanks David! Willy

Re: [PATCH v2 2/3] CLEANUP: Add missing header to hlua_fcn.c

2022-05-17 Thread Willy Tarreau
On Sat, May 14, 2022 at 10:17:25PM +0200, Tim Duesterhus wrote: > Found with -Wmissing-prototypes: (...) All the series merged (with v2), thank you Tim! Willy

Re: [PATCH 1/1]: BUILD/MINOR: solaris based oses build fix/get_exe_path implementation.

2022-05-14 Thread Willy Tarreau
Hi David, > From 5b175adfa5ef9ab52ce69f7eb6775efe8a828974 Mon Sep 17 00:00:00 2001 > From: David Carlier > Date: Fri, 13 May 2022 20:16:15 +0100 > Subject: [PATCH] BUILD/MINOR: few solaris updates. > > - get_exec_path using getexecname, fetching AT_SUN_EXECNAME from the > auxiliary vectors. >

Re: [PATCH] CI: determine actual LibreSSL version dynamically

2022-05-14 Thread Willy Tarreau
> From da2b295f45ecc6d99559ef147569514816ad6f7c Mon Sep 17 00:00:00 2001 > From: Ilya Shipitsin > Date: Fri, 13 May 2022 21:59:38 +0500 > Subject: [PATCH] CI: determine actual LibreSSL version dynamically > > this change introduce "LIBRESSL_VERSION=latest" semantic, which scans >

[ANNOUNCE] haproxy-2.6-dev10

2022-05-14 Thread Willy Tarreau
when loading a dir w/ crt DOC: configuration: add the httpclient keywords to the global keywords index BUG/MEDIUM: wdt: don't trigger the watchdog when p is unitialized Willy Tarreau (34): MINOR: compiler: add a new macro to set an attribute on an enum when possible

Re: Fwd: Set environment variables

2022-05-13 Thread Willy Tarreau
Hi Valerio, On Mon, May 09, 2022 at 10:14:09AM +0200, Valerio Pachera wrote: > Unfortunately I'm not a developer so it will take too much time form me to > contribute to the code. I've just implemented it in 2.6-dev as this commit: https://github.com/haproxy/haproxy/commit/973cf90714 Once

Re: Fwd: Set environment variables

2022-05-11 Thread Willy Tarreau
On Mon, May 09, 2022 at 10:14:09AM +0200, Valerio Pachera wrote: > Thank you very much willy for your reply. > Unfortunately I'm not a developer so it will take too much time form me to > contribute to the code. No problem, do not worry. I've added an issue for this one:

Re: 2.5: Possibility to upgrade http/1.0 clients to http/1.1?

2022-05-11 Thread Willy Tarreau
On Wed, May 11, 2022 at 08:43:38AM +, Froehlich, Dominik wrote: > Hi Willy, > > Thanks for the fruitful discussion! > > I've opened https://github.com/haproxy/haproxy/issues/1691 to track this > feature request. Thanks for this, Dominik! Willy

Re: Patch for GitHub Issue 1530

2022-05-11 Thread Willy Tarreau
Hi Vignesh, On Mon, May 09, 2022 at 05:38:44PM +, Vig Nesh wrote: > Hello Team Haproxy, > > Thanks for providing an opportunity to work with the product, I have > submitted a patch for issue 1530 > along with this email. Now applied, thank

Re: 2.5: Possibility to upgrade http/1.0 clients to http/1.1?

2022-05-09 Thread Willy Tarreau
Hi Dominik, On Mon, May 09, 2022 at 08:46:20AM +, Froehlich, Dominik wrote: > Hi Willy, > > Thanks for your response. > > Yes, I agree an option that can be turned on would be the most feasible > solution for us. > > I can think of a similar option like we have for "option >

[ANNOUNCE] haproxy-2.6-dev9

2022-05-08 Thread Willy Tarreau
DOC: resolvers: default resolvers section BUG/MINOR: startup: usage() when no -cc arguments Willy Tarreau (89): CLEANUP: backend: make alloc_{bind,dst}_address() idempotent MEDIUM: stream: remove the confusing SF_ADDR_SET flag MINOR: conn_stream: remove the now unused CS_FL_

Re: [PATCH 1/1: BUILD/MINOR: TCP_KEEPIDLE macos equivalence

2022-05-08 Thread Willy Tarreau
On Sun, May 08, 2022 at 12:39:13PM +0200, Vincent Bernat wrote: > ? 8 May 2022 10:57 +02, Willy Tarreau: > > > After edition (still minimal and possibly inaccurate but the best I > > could do): > > > > On Linux the interval before starting

Re: [PATCH 1/1: BUILD/MINOR: TCP_KEEPIDLE macos equivalence

2022-05-08 Thread Willy Tarreau
On Sun, May 08, 2022 at 10:21:28AM +0100, David CARLIER wrote: > On Sun, 8 May 2022 at 09:57, Willy Tarreau wrote: > > > > On Sun, May 01, 2022 at 03:33:17PM +0100, David CARLIER wrote: > > > Hi here a little patch to set idle time for SO_KEEPALIVE socket option. &g

Re: 2.5: Possibility to upgrade http/1.0 clients to http/1.1?

2022-05-08 Thread Willy Tarreau
Hello Dominik, On Thu, May 05, 2022 at 07:55:06AM +, Froehlich, Dominik wrote: > Hello everyone, > > We recently bumped our HAproxy deployment to 2.5 and are now getting hit by > this fix: > > MEDIUM: mux-h1: Reject HTTP/1.0 GET/HEAD/DELETE requests with a payload > > >

Re: Latest http/3 info

2022-05-08 Thread Willy Tarreau
On Sat, May 07, 2022 at 09:11:30AM -0600, Shawn Heisey wrote: > If you look closely at the tcpdump output, you'll notice that when haproxy > replies, it replies from the actual IP address of the machine (.200) rather > than the ucarp VIP (.170) where it received the request.  Is this something >

Re: [PATCH] CI: dynamically determine actual h2spec version

2022-05-08 Thread Willy Tarreau
On Thu, May 05, 2022 at 03:17:07PM +0500, ??? wrote: > Hi, > > small improvement, no need to use hardcoded version. Merged, thank you Ilya Willy

Re: Fwd: Set environment variables

2022-05-08 Thread Willy Tarreau
Hi Valerio, On Fri, May 06, 2022 at 04:25:23PM +0200, Valerio Pachera wrote: > Hi, I have several backend configuration that make use of a custom script: > > external-check command 'custom-script.sh' > > The script read uses the environment variables such as $HAPROXY_PROXY_NAME. > I would like

Re: DOC/MINOR: Typo in INSTALL doc

2022-05-08 Thread Willy Tarreau
On Mon, May 02, 2022 at 11:02:11PM +, Tom?s Zubiri wrote: > Line 227/581 Col 53/75 char 9913/27467 > > Section 4.5 cryptography > "is known to build ant work with branches" > > Release Branch 2.5.0 Now fixed, thank you Tomas :-) Willy

Re: [PATCH 1/1: BUILD/MINOR: TCP_KEEPIDLE macos equivalence

2022-05-08 Thread Willy Tarreau
S build while trying to fix a clang warning. The two patches that caused the breakage were these ones: commit b12966af1006be8d4438ee1ca39c2541a1f2a4f9 Author: Willy Tarreau Date: Wed Apr 13 17:09:45 2022 +0200 BUILD: debug: mark the __start_mem_stats/__stop_mem_stats symbols as weak

[ANNOUNCE] haproxy-2.6-dev8

2022-04-30 Thread Willy Tarreau
lt BUG/MEDIUM: ssl/cli: fix yielding in show_cafile_detail BUG/MINOR: httpclient/ssl: use the correct verify constant Willy Tarreau (26): BUG/MINOR: http-act: make release_http_redir() more robust BUG/MINOR: sample: add missing use_backend/use-server contexts in smp_resol

Re: Set environment variables

2022-04-30 Thread Willy Tarreau
On Tue, Apr 26, 2022 at 03:34:32PM +0200, Aleksandar Lazic wrote: > On Tue, 26 Apr 2022 15:03:51 +0200 > Valerio Pachera wrote: > > > Hi, I have several backend configuration that make use of a custom script: > > > > external-check command 'custom-script.sh' > > > > The script read uses the

Re: [PATCH] CI: minor LibreSSL update 3.5.1 --> 3.5.2

2022-04-30 Thread Willy Tarreau
On Thu, Apr 28, 2022 at 11:59:39AM +0500, ??? wrote: > Hello, > > small patch to sync with current LibreSSL release Merged, thank you Ilya! Willy

Re: valgrind follow up

2022-04-29 Thread Willy Tarreau
On Fri, Apr 29, 2022 at 02:43:24PM +0200, Tim Düsterhus wrote: > > Anyway your test is useful in that it reported quite a significant number > > of entries at once, we rarely see so many, so it will be a good starting > > point about new locations to look for. > > Those in Ilya's test are "false

Re: valgrind follow up

2022-04-29 Thread Willy Tarreau
Hi Ilya, On Fri, Apr 29, 2022 at 04:35:03PM +0500, ??? wrote: > Hello, > > I added sample in my branch: CI: github actions: add valgrind smoke tests · > chipitsine/haproxy@7cd7f4a > > > here's its

Re: HaProxy Patch for Issue #1679: MINOR: ssl: add a new global option "tune.ssl.hard-maxrecord"

2022-04-27 Thread Willy Tarreau
Hi Thomas, On Wed, Apr 27, 2022 at 11:31:33AM +, Prückl Thomas wrote: > Hallo, > > I added a new option "tune.ssl.hard-maxrecord" to limit the maximum TLS > record size. > This option is useful when dealing the low footprint clients which are not > able to buffer a default 16KB record at

Re: [PATCH] MINOR: Call deinit_and_exit(0) for `haproxy -vv`

2022-04-26 Thread Willy Tarreau
On Wed, Apr 27, 2022 at 12:08:11AM +0200, Tim Duesterhus wrote: > It appears that it is safe to call perform a clean deinit at this point, so > let's do this to exercise the deinit paths some more. OK let's try. If there were any issue with this, we could easily revert it without impact anyway.

Re: [PATCH] CLEANUP: Destroy `http_err_chunks` members during deinit

2022-04-26 Thread Willy Tarreau
Hi Tim, On Tue, Apr 26, 2022 at 11:35:07PM +0200, Tim Duesterhus wrote: > To make the deinit function a proper inverse of the init function we need to > free the `http_err_chunks`: > > ==252081== 311,296 bytes in 19 blocks are still reachable in loss record > 50 of 50 > ==252081==at

Re: [PATCH] BUG/MINOR: Fix memory leak in resolvers_deinit()

2022-04-26 Thread Willy Tarreau
On Tue, Apr 26, 2022 at 11:28:47PM +0200, Tim Duesterhus wrote: > A config like the following: > > global > stats socket /run/haproxy/admin.sock mode 660 level admin expose-fd > listeners > > resolvers unbound > nameserver unbound 127.0.0.1:53 > > will report the following

[ANNOUNCE] haproxy-2.6-dev7

2022-04-23 Thread Willy Tarreau
and disabled by default Willy Tarreau (5): BUILD: calltrace: fix wrong include when building with TRACE=1 BUG/MEDIUM: logs: fix http-client's log srv initialization MINOR: task: add a new task_instant_wakeup() function MEDIUM: queue: use tasklet_instant_wakeup() to wake tasks

Re: Getting 504s at haproxy with long running reports

2022-04-22 Thread Willy Tarreau
Hello Dan, On Wed, Apr 20, 2022 at 05:27:40PM +, Moore, Dan [TREAS] wrote: > Hello all, > > My problem is that my AppDev group has some web applications generating > reports that are taking a very long time to run which is resulting in 504s. > An example httplog entry is below. > > Apr 19

Re: Peers using heavily single cpu core

2022-04-20 Thread Willy Tarreau
Hi Maciej, On Wed, Apr 20, 2022 at 02:51:32PM +0200, Maciej Zdeb wrote: > Hi Willy, > I saw Christopher changes are now merged. I was wondering how to proceed > with my issue. Right now in stream_new() I'm able to get cs_endpoint and > appctx (if endpoint is applet), so I can get thread_mask of

Re: [ANNOUNCE] haproxy-2.6-dev6

2022-04-16 Thread Willy Tarreau
On Sat, Apr 16, 2022 at 11:12:41PM +0500, ??? wrote: > > > > William has also set up a build system that's triggered by the CI and > > that > > > > produces packages of the latest development version for various > > distros. > > > > The goal is to help users deploy development versions to

Re: [ANNOUNCE] haproxy-2.6-dev6

2022-04-16 Thread Willy Tarreau
Hi Ilya, On Sat, Apr 16, 2022 at 10:08:58PM +0500, ??? wrote: > ??, 16 ???. 2022 ?. ? 19:07, Willy Tarreau : > > > Hi, > > > > HAProxy 2.6-dev6 was released on 2022/04/16. It added 150 new commits > > after version 2.6-dev5. > > > > can we s

[ANNOUNCE] haproxy-2.6-dev6

2022-04-16 Thread Willy Tarreau
ssl: add USE_ENGINE and disable the openssl engine by default CI: github actions: disable -Wno-deprecated Willy Tarreau (45): CLEANUP: connection: reduce the with of the mux dump output BUG/MINOR: stats: define the description' background color in dark color scheme BUILD: makef

Re: [PATCH 1/1]: BUILD/MEDIUM: tcp_sample porting get_tcp_info to macOs

2022-04-15 Thread Willy Tarreau
Hi David, Done reviewing/editing/testing/merging both patches now. Thanks! Willy

Re: QUIC and HTTP/3

2022-04-12 Thread Willy Tarreau
On Mon, Apr 11, 2022 at 06:10:30AM -0600, Shawn Heisey wrote: > On 4/10/2022 11:32 PM, Willy Tarreau wrote: > > Interesting, and not much surprising, given that SSL is handled a bit > > differently. I suspect we'll see other funny stuff. By the way, if you're > > receivi

Re: [ANNOUNCE] haproxy-2.6-dev5

2022-04-12 Thread Willy Tarreau
On Tue, Apr 12, 2022 at 11:07:09AM +0500, ??? wrote: > Hello, > > can we pay some attention to cppcheck findings before 2.6 ? > https://github.com/haproxy/haproxy/issues/1184 > > I found cppcheck somewhat useful (and somewhat noisy as well, but cppcheck > folks are really friendly on

Re: HTTP/3 -- POST requests not working

2022-04-12 Thread Willy Tarreau
Hi Shawn, On Mon, Apr 11, 2022 at 01:05:21PM -0600, Shawn Heisey wrote: > On 4/11/22 12:16, Shawn Heisey wrote: > > Two different browsers have the same problem, so I am currently > > speculating that it's an issue with haproxy or apache.  I think I can > > install nginx without too much trouble

Re: [PATCH] CI: cirrus: update freebsd image to the actual 13.0 version

2022-04-12 Thread Willy Tarreau
On Mon, Apr 11, 2022 at 11:02:04PM +0500, ??? wrote: > From: Ilya Shipitsin > Date: Mon, 11 Apr 2022 22:25:35 +0500 > Subject: [PATCH] CI: cirrus: switch to FreeBSD-13.0 > > we use outdated FreeBSD-12.2, which is outdated, let us update > to the actual release Ah cool, I noticed it was

Re: Possible bug in stats page dark mode

2022-04-11 Thread Willy Tarreau
On Sun, Apr 10, 2022 at 12:25:54PM -0600, Shawn Heisey wrote: > On the dark mode stats page served by version 2.6-dev5, the frontend or > backend description is grey text on a white background.  It's very hard to > read. Ah indeed, a "th.desc" entry was missing to replace the background, now

Re: [PATCH 1/1]: pool UAF pools ID setting on Linux 5.17 and onwards.

2022-04-10 Thread Willy Tarreau
Hi David, On Sun, Apr 10, 2022 at 10:51:27AM +0100, David CARLIER wrote: > From 7f599d96c248ea6b7a67168ea68b31470c08b61d Mon Sep 17 00:00:00 2001 > From: David Carlier > Date: Sun, 10 Apr 2022 10:47:16 +0100 > Subject: [PATCH] BUILD/MEDIUM: pool UAF's pool set an id on Linux 5.17 and > onwards.

Re: [PATCH 1/1]: BUILD/MEDIUM: tcp_sample porting get_tcp_info to macOs

2022-04-10 Thread Willy Tarreau
Hi David, On Sat, Apr 09, 2022 at 02:44:54PM +0100, David CARLIER wrote: > Hi, > > here a patch proposal to port a subset of the get_tcp_info samples to macOs. Thanks, that's quite interesting, but I really don't like the reordering of the functions to try to group between OSes, for me this is

Re: QUIC and HTTP/3

2022-04-10 Thread Willy Tarreau
Hi Shawn, responding to all your messages at once. On Sun, Apr 10, 2022 at 04:16:55PM -0600, Shawn Heisey wrote: > On 4/9/2022 3:30 AM, Willy Tarreau wrote: > > I'd encourage you to place QUIC in a separate haproxy process. > > I have this working. > > On another system

Re: [PATCH] doc: adjust QUICTLS part

2022-04-10 Thread Willy Tarreau
On Sun, Apr 10, 2022 at 12:14:23PM +0500, ??? wrote: > Hello, > > small fix for guide how to build QUICTLS Applied, thank you Ilya! Willy

Re: [PATCH 1/2] CI: Update to actions/checkout@v3

2022-04-10 Thread Willy Tarreau
On Sat, Apr 09, 2022 at 10:08:41PM +0200, Tim Duesterhus wrote: > No functional change, but we should keep this current. (...) both patches applied, thank you Tim! Willy

[ANNOUNCE] haproxy-2.6-dev5

2022-04-09 Thread Willy Tarreau
MINOR: httpclient: enable request buffering MEDIUM: httpclient: enable l7-retry BUG/MINOR: httpclient: end callback in applet release Willy Tarreau (22): BUG/MINOR: samples: add missing context names for sample fetch functions MINOR: management: add some basic keyword dump infras

Re: QUIC and HTTP/3

2022-04-09 Thread Willy Tarreau
On Sat, Apr 09, 2022 at 09:21:31AM +0500, ??? wrote: > there are missing bits ... > https://github.com/haproxy/haproxy/blob/master/INSTALL#L392 Yep and it does work, as I've applied it as-is two weeks ago and it worked. Shawn, however, please use the latest 2.6-dev for QUIC. A lot of

Re: [EXTERNAL] Re: [PATCH 0/16] opentracing: reenable usage of vars to transmit opentracing context

2022-04-08 Thread Willy Tarreau
On Fri, Apr 08, 2022 at 04:45:46PM +0200, Miroslav Zagorac wrote: > On 08.04.2022 16:24, Willy Tarreau wrote: > > My concern is essentially this one: is there any risk that a 2.5 user > > currently using opentracing would be hit by a bug introduced with this > > pa

Re: [EXTERNAL] Re: [PATCH 0/16] opentracing: reenable usage of vars to transmit opentracing context

2022-04-08 Thread Willy Tarreau
On Fri, Apr 08, 2022 at 04:04:07PM +0200, Miroslav Zagorac wrote: > > - 0014-MAJOR-opentracing-reenable-usage-of-vars-to-transmit.patch > >=> while I'm fine for 2.6, I'm really not for 2.5 without a big > > compelling reason. It's a feature addition, not a bug fix. > > Either

Re: [PATCH 0/16] opentracing: reenable usage of vars to transmit opentracing context

2022-04-08 Thread Willy Tarreau
On Fri, Apr 08, 2022 at 03:36:30PM +0200, Miroslav Zagorac wrote: > Hello Willy, > > today I tested the operation speed of the opentracing module on branch 2.4 > and 2.5 several times and unfortunately I can't confirm what I wrote > yesterday (that the operation speed is almost doubled). > > The

Re: [PATCH 0/16] opentracing: reenable usage of vars to transmit opentracing context

2022-04-08 Thread Willy Tarreau
Hi Miroslav, On Fri, Apr 08, 2022 at 11:01:49AM +0200, Miroslav Zagorac wrote: > Hello Willy, > > the attachment contains patches for haproxy branches 2.4 and 2.[56]. > > Branch 2.4 does not have several patches because they are not > applicable to it. The numbering has stayed the same, so you

  1   2   3   4   5   6   7   8   9   10   >