On Sat, Jun 13, 2020 at 04:55:53PM +0200, Tim Düsterhus wrote:
> William,
>
> Am 13.06.20 um 16:46 schrieb Tim Düsterhus:
> > tune.ssl.default-dh-param 2048 solved the issue for me.
> >
> > I'd argue that this is a bug in HAProxy nonetheless, because apparently
> > the crt-list file is not fully
William,
Am 15.06.20 um 14:56 schrieb William Lallemand:
> I think I found the problem, could you try the attached patch for 2.1?
>
I'd prefer not, because I don't have a staging system where I could
easily reproduce the issue (and generating SSL certs to test this
properly is annoying). I was e
On Mon, Jun 15, 2020 at 03:48:40PM +0200, Tim Düsterhus wrote:
> William,
>
> Am 15.06.20 um 14:56 schrieb William Lallemand:
> > I think I found the problem, could you try the attached patch for 2.1?
> >
>
> I'd prefer not, because I don't have a staging system where I could
> easily reproduce
Change systemd service file to wait for network to be completely
online. This solves two problems:
If haproxy is configured to bind to IP address(es) that are not yet
assigned, haproxy would previously fail. The workaround is to use
"option transparent".
If haproxy us configured to use a resolver
On Sun, Jun 14, 2020 at 05:27:36PM +0200, Tim Duesterhus wrote:
> We cannot simply `release_sample_expr(rule->arg.vars.expr)` for a
> `struct act_rule`, because `rule->arg` is a union that might not
> contain valid `vars`. This leads to a crash on a configuration using
> `http-request redirect` and
Hi Tim,
On Sun, Jun 14, 2020 at 06:24:19PM +0200, Tim Düsterhus wrote:
> Hi List,
> Willy,
> Ilya,
>
> I noticed that the reg-tests were unable find the issue reported by
> William here:
> https://www.mail-archive.com/haproxy@formilux.org/msg37637.html
>
> This is because VTest never performs a
I posted this patch to start some discussion here. I'm not the first to
notice this problem but I was, until now, hesitant to change the systemd
service file until now. The reason for this was that waiting for
network-online.target could delay boot time. Please see systemd network
target docs here
Instead of just calling release_sample_arg(conv_expr->arg_p) we also must
free() the conv_expr itself (after removing it from the list).
Given the following example configuration:
frontend foo
bind *:8080
mode http
http-request set-var(txn.foo) str(bar)
acl is_
Willy,
this series fixes up a few more frees. This time I have verified the changes
a bit more carefully, running configuration check on a real world configuration
of mine within valgrind. It still reports a five leaks (but less than without
applying these patches!) and does not report any memory
Given the following example configuration:
frontend foo
mode http
bind *:8080
unique-id-format x
Running a configuration check with valgrind reports:
==30712== 42 (40 direct, 2 indirect) bytes in 1 blocks are definitely lost
in loss record 18 of 39
==30712==
Given the following example configuration:
resolvers test
nameserver test 127.0.0.1:53
listen foo
bind *:8080
server foo example.com resolvers test
Running a configuration check within valgrind reports:
==21995== 5 bytes in 1 blocks are definitely lost in loss
Instead of simply calling free() in expr->smp->arg_p in certain cases
properly free the sample using release_sample_expr().
Given the following example configuration:
frontend foo
bind *:8080
mode http
http-request set-var(txn.foo) str(bar)
acl is_match str(foo
Hi Tim,
On Tue, Jun 16, 2020 at 12:03:01AM +0200, Tim Duesterhus wrote:
> Willy,
>
> this series fixes up a few more frees. This time I have verified the changes
> a bit more carefully, running configuration check on a real world
> configuration
> of mine within valgrind. It still reports a five
14 matches
Mail list logo
