On 05/22/2018 04:31 PM, Sander Hoentjen wrote:
> On 05/22/2018 04:19 PM, Emeric Brun wrote:
>> Hi Sander,
>>
>> On 05/22/2018 02:04 PM, Sander Hoentjen wrote:
>>> On 05/22/2018 12:04 PM, Lukas Tribus wrote:
>>>> Hello,
>>>>
>>>> On 22 May 2018 at 11:48, Sander Hoentjen <san...@hoentjen.eu> wrote:
>>>>> I did, but I still experience the same issues. What is your exact
>>>>> haproxy version you tested with? Mine is 1.8.8
>>>>> Built with OpenSSL version : OpenSSL 1.1.1-pre6 (beta) 1 May 2018
>>>>> Running on OpenSSL version : OpenSSL 1.1.1-pre6 (beta) 1 May 2018
>>>> I'm using the development tree. So if it doesn't depend on openssl, it
>>>> may be bug that has been fixed in haproxy itself.
>>>>
>>>> Can you try 1.8.9?
>>> I just tried HA-Proxy version 1.8.9-83616ec 2018/05/18, it has the same
>>> issue unfortunately.
>>>
>> Do you use chroot ?
>>
>> I remember a behavior change between 1.1.0 and 1.1.1. After an elapsed time
>> (or a number of new sess) openssl
>> try to re-open some /dev/Xrandom sources. And it could fail in a chroot.
>>
>> https://github.com/openssl/openssl/issues/5330
>>
>>
> Thanks, I do use chroot. In that issue it is mentioned that this problem
> has been fixed, but I will test without chroot anyway. Will report
> tomorrow if this worked or not.
I can confirm the issue is gone when I don't use chroot. I will try to
see if I can get more info like a strace soon. I won't be able to today
though. Thanks Lucas and Emeric!
