Re: [PATCH] BUG/MAJOR: fix listening IP address storage for frontends

Wed, 18 May 2016 13:39:30 -0700 

Hi,

Le 18/05/2016 22:36, Arthur Țițeică a écrit :

Hi all,

În ziua de miercuri, 18 mai 2016, la 20:51:13 EEST, Willy Tarreau a scris:

Thanks Vincent!

It looks pretty good and very clean in the end.
Arthur, as soon as you confirm it works for you I'll merge it. I'm keeping
it untouched below in case you missed it.


Something seems a bit off now.

This is what happens when I manually start haproxy with the patch applied

# /usr/bin/haproxy -f /etc/haproxy/haproxy.cfg -p /run/haproxy.pid -Ds
[ALERT] 138/232913 (14342) : parsing [/etc/haproxy/haproxy.cfg:25] : unknown
keyword 'tune.ssl.default-dh-param' in 'global' section
[ALERT] 138/232913 (14342) : parsing [/etc/haproxy/haproxy.cfg:26] : 'ssl-
default-bind-ciphers' is not implemented.
[ALERT] 138/232913 (14342) : parsing [/etc/haproxy/haproxy.cfg:27] : unknown
keyword 'ssl-default-bind-options' in 'global' section
[ALERT] 138/232913 (14342) : parsing [/etc/haproxy/haproxy.cfg:28] : 'ssl-
default-server-ciphers' is not implemented.
[ALERT] 138/232913 (14342) : parsing [/etc/haproxy/haproxy.cfg:29] : unknown
keyword 'ssl-default-server-options' in 'global' section
[ALERT] 138/232913 (14342) : parsing [/etc/haproxy/haproxy.cfg:31] : 'crt-
base' is not implemented.
[ALERT] 138/232913 (14342) : parsing [/etc/haproxy/haproxy.cfg:78] : 'bind
163.172.36.33:443' unknown keyword 'ssl'. Registered keywords :
     [ ALL] accept-proxy
     [ ALL] backlog <arg>
     [ ALL] id <arg>
     [ ALL] maxconn <arg>
     [ ALL] name <arg>
     [ ALL] nice <arg>
     [ ALL] process <arg>
     [UNIX] gid <arg>
     [UNIX] group <arg>
     [UNIX] mode <arg>
     [UNIX] uid <arg>
     [UNIX] user <arg>
     [STAT] level <arg>
     [ TCP] defer-accept
     [ TCP] interface <arg>
     [ TCP] mss <arg>
     [ TCP] tcp-ut <arg>
     [ TCP] tfo
     [ TCP] transparent
     [ TCP] v4v6
     [ TCP] v6only
[ALERT] 138/232913 (14342) : parsing [/etc/haproxy/haproxy.cfg:79] : 'bind
2001:bc8:2377:200::1:443' unknown keyword 'ssl'.
[ALERT] 138/232913 (14342) : parsing [/etc/haproxy/haproxy.cfg:80] : 'bind
163.172.36.33:59091' unknown keyword 'ssl'.
[ALERT] 138/232913 (14342) : parsing [/etc/haproxy/haproxy.cfg:81] : 'bind
2001:bc8:2377:200::1:59091' unknown keyword 'ssl'.
[ALERT] 138/232913 (14342) : parsing [/etc/haproxy/haproxy.cfg:82] : 'bind
163.172.36.33:59092' unknown keyword 'ssl'.
[ALERT] 138/232913 (14342) : parsing [/etc/haproxy/haproxy.cfg:83] : 'bind
2001:bc8:2377:200::1:59092' unknown keyword 'ssl'.
[ALERT] 138/232913 (14342) : parsing [/etc/haproxy/haproxy.cfg:84] : 'bind
163.172.36.33:8099' unknown keyword 'ssl'.
[ALERT] 138/232913 (14342) : parsing [/etc/haproxy/haproxy.cfg:85] : 'bind
2001:bc8:2377:200::1:8099' unknown keyword 'ssl'.
[ALERT] 138/232913 (14342) : parsing [/etc/haproxy/haproxy.cfg:142] : error
detected while parsing an 'http-request auth' condition : unknown fetch method
'ssl_fc' in ACL expression 'ssl_fc'.
[ALERT] 138/232913 (14342) : Error(s) found in configuration file : /etc/
haproxy/haproxy.cfg

Needless to say that this is a valid config that works with 1.6.4.


It looks like you didn't recompile with USE_OPENSSL=1
haproxy -vv should give some hints.

--
Cyril Bonté

Reply via email to