On Sat, Apr 28, 2018 at 07:15:44PM -0400, Patrick Hemmer wrote:
> After much delay, I've addressed the requested changes as a new patch.
Both patches merged now (with SMP_F_CONST removed as noticed by Emeric).
Thanks!
Willy
On 2017/6/30 10:32, Willy Tarreau wrote:
> Hi Patrick,
>
> On Fri, Jun 30, 2017 at 10:28:11AM -0400, Patrick Hemmer wrote:
>>> The issue I'm having is that there's no notification
>>> that this will not work. Using #ifdef ensures that what is not
supported will
>>> report an error. Then the user
Hi Patrick,
On Fri, Jun 30, 2017 at 10:28:11AM -0400, Patrick Hemmer wrote:
> > The issue I'm having is that there's no notification
> > that this will not work. Using #ifdef ensures that what is not supported
> > will
> > report an error. Then the user looks at the keyword in the doc and reads
On 2017/6/30 01:00, Willy Tarreau wrote:
> Hi Patrick, sorry for the delay :-/
>
> On Mon, Jun 19, 2017 at 01:54:36PM -0400, Patrick Hemmer wrote:
>> Well my argument for keeping the name starting with `ssl_fc_session_` is
>> that there is also `ssl_fc_session_id`. These 2 fetches pull their
>>
Hi Willy, Patrick
> Le 30 juin 2017 à 07:00, Willy Tarreau a écrit :
>
> Hi Patrick, sorry for the delay :-/
>
> On Mon, Jun 19, 2017 at 01:54:36PM -0400, Patrick Hemmer wrote:
>> Well my argument for keeping the name starting with `ssl_fc_session_` is
>> that there is also
Hi Patrick, sorry for the delay :-/
On Mon, Jun 19, 2017 at 01:54:36PM -0400, Patrick Hemmer wrote:
> Well my argument for keeping the name starting with `ssl_fc_session_` is
> that there is also `ssl_fc_session_id`. These 2 fetches pull their
> attribute from the same "session" structure. They
Hi Patrick,
On Thu, Jun 22, 2017 at 03:57:18PM -0400, Patrick Hemmer wrote:
> Haven't heard anything back about the consistency aspect, so here's an
> updated patch with the other changes not affected by user experience
> consistency.
Sorry, I've been quite busy these last days and didn't have
On 2017/6/19 13:54, Patrick Hemmer wrote:
>
>
> On 2017/6/17 00:00, Willy Tarreau wrote:
>> Hi Patrick,
>>
>> On Fri, Jun 16, 2017 at 09:36:30PM -0400, Patrick Hemmer wrote:
>>> The main reason I had for supporting the older code is that it seems
>>> many (most?) linux distros, such as the one we
On 2017/6/17 00:00, Willy Tarreau wrote:
> Hi Patrick,
>
> On Fri, Jun 16, 2017 at 09:36:30PM -0400, Patrick Hemmer wrote:
>> The main reason I had for supporting the older code is that it seems
>> many (most?) linux distros, such as the one we use (CentOS/7), still
>> ship with 1.0.1 or 1.0.2.
Hi Patrick,
On Fri, Jun 16, 2017 at 09:36:30PM -0400, Patrick Hemmer wrote:
> The main reason I had for supporting the older code is that it seems
> many (most?) linux distros, such as the one we use (CentOS/7), still
> ship with 1.0.1 or 1.0.2. However since this is a minor change and a
>
On 2017/6/16 09:34, Willy Tarreau wrote:
> Hi Patrick,
>
> On Mon, Jun 12, 2017 at 07:31:36PM -0400, Patrick Hemmer wrote:
>> I patched my haproxy to add a ssl_fc_session_key fetch, and with the
>> value I was able to decrypt my test sessions encrypted with
>>
Hi Patrick,
On Mon, Jun 12, 2017 at 07:31:36PM -0400, Patrick Hemmer wrote:
> I patched my haproxy to add a ssl_fc_session_key fetch, and with the
> value I was able to decrypt my test sessions encrypted with
> TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256.
>
> Since the implementation was fairly easy,
Hi Patrick, Lukas
> Le 13 juin 2017 à 19:26, Lukas Tribus a écrit :
>
> Hi Patrick,
>
>
> Am 13.06.2017 um 01:31 schrieb Patrick Hemmer:
>>
>>
>> On 2017/6/12 15:14, Lukas Tribus wrote:
>>> Hello,
>>>
>>>
>>> Am 12.06.2017 um 19:35 schrieb Patrick Hemmer:
Would we be
Hi Patrick,
Am 13.06.2017 um 01:31 schrieb Patrick Hemmer:
>
>
> On 2017/6/12 15:14, Lukas Tribus wrote:
>> Hello,
>>
>>
>> Am 12.06.2017 um 19:35 schrieb Patrick Hemmer:
>>> Would we be able to get a new sample which provides the SSL session
>>> master-key?
>>> This is so that when performing
On 2017/6/12 15:14, Lukas Tribus wrote:
> Hello,
>
>
> Am 12.06.2017 um 19:35 schrieb Patrick Hemmer:
>> Would we be able to get a new sample which provides the SSL session
>> master-key?
>> This is so that when performing packet captures with ephemeral ciphers
>> (DHE), we can decrypt the
Hello,
Am 12.06.2017 um 19:35 schrieb Patrick Hemmer:
> Would we be able to get a new sample which provides the SSL session
> master-key?
> This is so that when performing packet captures with ephemeral ciphers
> (DHE), we can decrypt the traffic in the capture.
There is no master key. What you
Would we be able to get a new sample which provides the SSL session
master-key?
This is so that when performing packet captures with ephemeral ciphers
(DHE), we can decrypt the traffic in the capture.
-Patrick
17 matches
Mail list logo