Hi David,
On Tue, Feb 09, 2016 at 02:13:27PM +, David Birdsong wrote:
> Ok, I think this thread helped to uncover the root issue:
> https://github.com/hashicorp/consul-template/issues/442
>
> root cause in go 1.5:
> https://github.com/golang/go/issues/13164
I have only quickly read some of
Hi Christopher,
thanks for this. It looks clean enough to be merged.
I'm a little bit concerned with the addition of conn->ssl_detection_exp
because we try to keep the connection struct as small as possible. But
in this case there's no other place to store it. Thus I would change it
to "exp" and
Le 09/02/2016 09:04, Willy Tarreau a écrit :
thanks for this. It looks clean enough to be merged.
I'm a little bit concerned with the addition of conn->ssl_detection_exp
because we try to keep the connection struct as small as possible. But
in this case there's no other place to store it. Thus
> But I don't get your point.
I may have not been accurate enough.
> I can't see any discrepancies.
> Could you give me a hint what are you talking about?
>
>>> => bind's port is being used for health checks => If multiple bind are
>>> present, the first one is used.
>
>
>> I don't see it. Can you please elaborate what exact commit ID your are
>> refering to?
>
> You are probably refering to the github fork, which is as always outdated,
> and where line 2539 points to the local definition of SSL_OP_SINGLE_DH_USE:
> #ifndef SSL_OP_SINGLE_ECDH_USE
> #define
Hi Lukas,
Lukas Tribus wrote:
>>> I don't see it. Can you please elaborate what exact commit ID your are
>>> refering to?
>> You are probably refering to the github fork, which is as always outdated,
>> and where line 2539 points to the local definition of SSL_OP_SINGLE_DH_USE:
>> #ifndef
> Baptiste, thanks a lot for your patience and your detailed answer.
You're welcome!
> Et pour toi en francais: je suis désolé si tu es maintenant faché.
Fur disch in Deutsch: kein problem. Ich will ein Bier!
>> listen activemq-works
>> bind :8162
>> bind :8192
>> bind :9400
>> option
On Wed, Feb 3, 2016 at 7:48 PM Willy Tarreau wrote:
> Hi David,
>
> On Tue, Feb 02, 2016 at 11:56:25PM +, David Birdsong wrote:
> > Has nobody else run into this w/ consul? Given the plethora of tools
> around
> > consul and haproxy and templating, I know others are using
Hi Lukas,
Lukas Tribus wrote:
> I don't see it. Can you please elaborate what exact commit ID your are
> refering to?
I was looking at
http://git.haproxy.org/?p=haproxy.git;a=blob;f=src/src/ssl_sock.c;h=5cec6a4cd6ce5d16f9564e60fa57b24c46112bac;hb=HEAD#l2539
> As far as I an see we do the exact
>> In HAProxy, this flag is currently statically disabled by default in
>> src/ssl_sock.c line 2539. Thus, when used with older OpenSSL versions
>> than 1.0.1r or 1.0.2f, users could be vulnerable.
>
> I don't see it. Can you please elaborate what exact commit ID your are
> refering to?
You are
Baptiste, thanks a lot for your patience and your detailed answer.
Et pour toi en francais: je suis désolé si tu es maintenant faché.
> listen activemq-works
> bind :8162
> bind :8192
> bind :9400
> option httpchk HEAD /
> server zd-activemq-s21 10.50.241.93:+1 check
> server
> In HAProxy, this flag is currently statically disabled by default in
> src/ssl_sock.c line 2539. Thus, when used with older OpenSSL versions
> than 1.0.1r or 1.0.2f, users could be vulnerable.
I don't see it. Can you please elaborate what exact commit ID your are
refering to?
As far as I an
Hi there,
following CVE-2016-0701, the OpenSSL project switched the behavior of
the SSL_OP_SINGLE_DH_USE flag to a no-op and forcefully enabled the
feature. This results in OpenSSL always generating a new DH parameters
for each handshake which can protect the private DH exponent from
certain
On Mon, 8 Feb 2016 21:20:25 +0100
Beluc wrote:
> Hi,
> Thank you for answering !
>
> Le 8 févr. 2016 9:05 PM, "Thierry FOURNIER"
> a écrit :
> >
> > On Mon, 8 Feb 2016 18:36:38 +0100
> > Beluc wrote:
> >
> > > Hi,
> > >
> >
I have been looking at the documentation for haproxy and I can’t seem to find
anyway of limiting the size of each backend proxy queue. I can see how to limit
the queue size and number of connections handle by each of the backend servers.
I can see how to configure the backend queue timeout,
Hi,
i'm currently testing 1.6.3 and request body logging. I'm wondering that
logging of req body even works without setting "option
http-buffer-request". Also "no option http-buffer-request" seems to have no
effect.
Is this intended or have i missed something?
simplified config:
frontend
Hi,
In our deployment we sometimes spin up a HAProxy container
simultaneously with backends, and since they're registered the moment
a container is spawned, they will be added to rotation immediately,
before the process inside had a chance to start up. Because HAProxy
starts up much faster, this
On Tue, Feb 09, 2016 at 03:45:15PM +, Chris White wrote:
> I have been looking at the documentation for haproxy and I can???t seem to
> find anyway of limiting the size of each backend proxy queue. I can see how
> to limit the queue size and number of connections handle by each of the
>
On Tue, Feb 09, 2016 at 01:26:30PM +, Grüninger, Andreas (LGL Extern) wrote:
> I would perform the health checks on exactly the ports which are used for the
> server definition.
> I would use the default port and add the offset. Exactly that what is done
> for the server definition.
There's
On Mon, Feb 08, 2016 at 10:51:43PM -0800, Peter Mellquist wrote:
> How can I get off this mailing list please! ( I love HAProxy but not all
> the mails ).
You have all the links here :
http://www.haproxy.org/#tact
If this doesn't work for you (there's no reason) you can e-mail me privately
On Tue, Feb 09, 2016 at 06:10:01PM +0100, bjun...@gmail.com wrote:
> Hi,
>
> i'm currently testing 1.6.3 and request body logging. I'm wondering that
> logging of req body even works without setting "option
> http-buffer-request". Also "no option http-buffer-request" seems to have no
> effect.
>
Hi,
On Tue, Feb 09, 2016 at 01:59:40PM -0800, Maciej Katafiasz wrote:
> Hi,
>
> In our deployment we sometimes spin up a HAProxy container
> simultaneously with backends, and since they're registered the moment
> a container is spawned, they will be added to rotation immediately,
> before the
Hi Pedro,
On Mon, Feb 08, 2016 at 05:05:02PM +, Pedro Mata-Mouros wrote:
> Hi all,
>
> I was sure that stats page refreshes in the browser would not increase the
> sessions on a given backend, but I???m seeing otherwise. Could you please
> just confirm if this is normal, as I can???t
23 matches
Mail list logo