Hi all, În ziua de miercuri, 18 mai 2016, la 20:51:13 EEST, Willy Tarreau a scris: > Thanks Vincent! > > It looks pretty good and very clean in the end. > Arthur, as soon as you confirm it works for you I'll merge it. I'm keeping > it untouched below in case you missed it.
Something seems a bit off now. This is what happens when I manually start haproxy with the patch applied # /usr/bin/haproxy -f /etc/haproxy/haproxy.cfg -p /run/haproxy.pid -Ds [ALERT] 138/232913 (14342) : parsing [/etc/haproxy/haproxy.cfg:25] : unknown keyword 'tune.ssl.default-dh-param' in 'global' section [ALERT] 138/232913 (14342) : parsing [/etc/haproxy/haproxy.cfg:26] : 'ssl- default-bind-ciphers' is not implemented. [ALERT] 138/232913 (14342) : parsing [/etc/haproxy/haproxy.cfg:27] : unknown keyword 'ssl-default-bind-options' in 'global' section [ALERT] 138/232913 (14342) : parsing [/etc/haproxy/haproxy.cfg:28] : 'ssl- default-server-ciphers' is not implemented. [ALERT] 138/232913 (14342) : parsing [/etc/haproxy/haproxy.cfg:29] : unknown keyword 'ssl-default-server-options' in 'global' section [ALERT] 138/232913 (14342) : parsing [/etc/haproxy/haproxy.cfg:31] : 'crt- base' is not implemented. [ALERT] 138/232913 (14342) : parsing [/etc/haproxy/haproxy.cfg:78] : 'bind 163.172.36.33:443' unknown keyword 'ssl'. Registered keywords : [ ALL] accept-proxy [ ALL] backlog <arg> [ ALL] id <arg> [ ALL] maxconn <arg> [ ALL] name <arg> [ ALL] nice <arg> [ ALL] process <arg> [UNIX] gid <arg> [UNIX] group <arg> [UNIX] mode <arg> [UNIX] uid <arg> [UNIX] user <arg> [STAT] level <arg> [ TCP] defer-accept [ TCP] interface <arg> [ TCP] mss <arg> [ TCP] tcp-ut <arg> [ TCP] tfo [ TCP] transparent [ TCP] v4v6 [ TCP] v6only [ALERT] 138/232913 (14342) : parsing [/etc/haproxy/haproxy.cfg:79] : 'bind 2001:bc8:2377:200::1:443' unknown keyword 'ssl'. [ALERT] 138/232913 (14342) : parsing [/etc/haproxy/haproxy.cfg:80] : 'bind 163.172.36.33:59091' unknown keyword 'ssl'. [ALERT] 138/232913 (14342) : parsing [/etc/haproxy/haproxy.cfg:81] : 'bind 2001:bc8:2377:200::1:59091' unknown keyword 'ssl'. [ALERT] 138/232913 (14342) : parsing [/etc/haproxy/haproxy.cfg:82] : 'bind 163.172.36.33:59092' unknown keyword 'ssl'. [ALERT] 138/232913 (14342) : parsing [/etc/haproxy/haproxy.cfg:83] : 'bind 2001:bc8:2377:200::1:59092' unknown keyword 'ssl'. [ALERT] 138/232913 (14342) : parsing [/etc/haproxy/haproxy.cfg:84] : 'bind 163.172.36.33:8099' unknown keyword 'ssl'. [ALERT] 138/232913 (14342) : parsing [/etc/haproxy/haproxy.cfg:85] : 'bind 2001:bc8:2377:200::1:8099' unknown keyword 'ssl'. [ALERT] 138/232913 (14342) : parsing [/etc/haproxy/haproxy.cfg:142] : error detected while parsing an 'http-request auth' condition : unknown fetch method 'ssl_fc' in ACL expression 'ssl_fc'. [ALERT] 138/232913 (14342) : Error(s) found in configuration file : /etc/ haproxy/haproxy.cfg Needless to say that this is a valid config that works with 1.6.4. Thanks