Re: [PATCH] DOC: add info about ssl-engine for 2.6
Alex, [adding William to Cc, as he requested that you update your patch based on my review] On 7/27/22 15:30, Aleksandar Lazic wrote: Thank you for your feedback. Attached the new version Please apologize the delay in getting back to you. I'm not sure if I'd drop the ... > In case that the ssl-engine is required can HAProxy be rebuild with USE_ENGINE=1 build flag. ... part, as it goes without saying that the feature will be available when setting the required flag. It's a little redundant. I don't have a strong preference, though. I suggest that William drops the sentence himself when applying the patch if he doesn't like that sentence. Best regards Tim Düsterhus
Re: [PATCH] DOC: add info about ssl-engine for 2.6
Hi Tim. Thank you for your feedback. Attached the new version regards Alex On 16.06.22 15:16, Tim Düsterhus wrote: Alex, From 85bcc5ea26d7c1f468dbbf6a10b33bc9f79da819 Mon Sep 17 00:00:00 2001 From: Aleksandar Lazic Date: Wed, 15 Jun 2022 23:52:30 +0200 Subject: [PATCH] DOC: add info about ssl-engine for 2.6 In the announcment of 2.6 is mentioned that the openssl engine There's a typo here: announcement. is not enabled by default. This patch add the information to the configuration.txt. Is related to #1752 Please explicitly mention 'GitHub issue': This is related to GitHub Issue #1752. Should be backported to 2.6 --- doc/configuration.txt | 4 1 file changed, 4 insertions(+) diff --git a/doc/configuration.txt b/doc/configuration.txt index 183710c35..d0e74e0fb 100644 --- a/doc/configuration.txt +++ b/doc/configuration.txt @@ -2666,6 +2666,10 @@ ssl-engine [algo of algorithms>] openssl configuration file uses: https://www.openssl.org/docs/man1.0.2/apps/config.html + Since version 2.6 is the ssl-engine not enabled in the default build. In case That first sentence sounds like a German sentence structure to me that is not correct English grammar. Suggestion that also unifies the wording with other places the refer to the USE_* flags: Version 2.6 disabled the support for engines in the default build. This option is only available when HAProxy has been compiled with USE_ENGINE. + that the ssl-engine is requierd can HAProxy be rebuild with USE_ENGINE=1 Typo: required + build flag. + ssl-mode-async Adds SSL_MODE_ASYNC mode to the SSL context. This enables asynchronous TLS I/O operations if asynchronous capable SSL engines are used. The current -- 2.25.1 Best regards Tim Düsterhus From b0991e2f011d8fbbde3fc3a3e4fcc4a956e41064 Mon Sep 17 00:00:00 2001 From: Aleksandar Lazic Date: Wed, 27 Jul 2022 15:24:54 +0200 Subject: [PATCH] DOC: add info about ssl-engine for 2.6 In the announcement of 2.6 is mentioned that the openssl engine is not enabled by default. This patch add the information to the configuration.txt. This is related to GitHub Issue #1752. Should be back ported to 2.6 --- doc/configuration.txt | 5 + 1 file changed, 5 insertions(+) diff --git a/doc/configuration.txt b/doc/configuration.txt index c348a08de..35d58f29c 100644 --- a/doc/configuration.txt +++ b/doc/configuration.txt @@ -2680,6 +2680,11 @@ ssl-engine [algo ] openssl configuration file uses: https://www.openssl.org/docs/man1.0.2/apps/config.html + Version 2.6 disabled the support for engines in the default build. This + option is only available when HAProxy has been compiled with USE_ENGINE. + In case that the ssl-engine is required can HAProxy be rebuild with + USE_ENGINE=1 build flag. + ssl-mode-async Adds SSL_MODE_ASYNC mode to the SSL context. This enables asynchronous TLS I/O operations if asynchronous capable SSL engines are used. The current -- 2.25.1
Re: [PATCH] DOC: add info about ssl-engine for 2.6
Alex, From 85bcc5ea26d7c1f468dbbf6a10b33bc9f79da819 Mon Sep 17 00:00:00 2001 From: Aleksandar Lazic Date: Wed, 15 Jun 2022 23:52:30 +0200 Subject: [PATCH] DOC: add info about ssl-engine for 2.6 In the announcment of 2.6 is mentioned that the openssl engine There's a typo here: announcement. is not enabled by default. This patch add the information to the configuration.txt. Is related to #1752 Please explicitly mention 'GitHub issue': This is related to GitHub Issue #1752. Should be backported to 2.6 --- doc/configuration.txt | 4 1 file changed, 4 insertions(+) diff --git a/doc/configuration.txt b/doc/configuration.txt index 183710c35..d0e74e0fb 100644 --- a/doc/configuration.txt +++ b/doc/configuration.txt @@ -2666,6 +2666,10 @@ ssl-engine [algo ] openssl configuration file uses: https://www.openssl.org/docs/man1.0.2/apps/config.html + Since version 2.6 is the ssl-engine not enabled in the default build. In case That first sentence sounds like a German sentence structure to me that is not correct English grammar. Suggestion that also unifies the wording with other places the refer to the USE_* flags: Version 2.6 disabled the support for engines in the default build. This option is only available when HAProxy has been compiled with USE_ENGINE. + that the ssl-engine is requierd can HAProxy be rebuild with USE_ENGINE=1 Typo: required + build flag. + ssl-mode-async Adds SSL_MODE_ASYNC mode to the SSL context. This enables asynchronous TLS I/O operations if asynchronous capable SSL engines are used. The current -- 2.25.1 Best regards Tim Düsterhus
[PATCH] DOC: add info about ssl-engine for 2.6
Hi. Attached a doc patch about ssl-engine and 2.6 is related to https://github.com/haproxy/haproxy/issues/1752 Regards Alex >From 85bcc5ea26d7c1f468dbbf6a10b33bc9f79da819 Mon Sep 17 00:00:00 2001 From: Aleksandar Lazic Date: Wed, 15 Jun 2022 23:52:30 +0200 Subject: [PATCH] DOC: add info about ssl-engine for 2.6 In the announcment of 2.6 is mentioned that the openssl engine is not enabled by default. This patch add the information to the configuration.txt. Is related to #1752 Should be backported to 2.6 --- doc/configuration.txt | 4 1 file changed, 4 insertions(+) diff --git a/doc/configuration.txt b/doc/configuration.txt index 183710c35..d0e74e0fb 100644 --- a/doc/configuration.txt +++ b/doc/configuration.txt @@ -2666,6 +2666,10 @@ ssl-engine [algo ] openssl configuration file uses: https://www.openssl.org/docs/man1.0.2/apps/config.html + Since version 2.6 is the ssl-engine not enabled in the default build. In case + that the ssl-engine is requierd can HAProxy be rebuild with USE_ENGINE=1 + build flag. + ssl-mode-async Adds SSL_MODE_ASYNC mode to the SSL context. This enables asynchronous TLS I/O operations if asynchronous capable SSL engines are used. The current -- 2.25.1