Gooddaytoyou! *Energysav=ing
lightingfixture,helpstokeepyourelectric=expensesaslowaspossible;**Longlifetime,m=orethan10years(working8hoursaday),severaltimeslongerthanthe=lifespanoftraditional
Thank you for everything you do. You are one of the unsung heroes who
make the guts of the Internet possible.
Hehe don't feel like you're exagerating a bit here ? :-)
Willy
nope.
Baptiste
On 6/25/15, 5:17 AM, Remi Gacogne rgaco...@coredump.fr wrote:
Hey Remy, thanks for your feedback!
However, I have some concerns about the use of
SSL_set_session_secret_cb() for this feature, because it was clearly not
designed for this kind of manipulation. It has been removed from
BoringSSL
Hi,
I was unaware that BoringSSL removed the callback, but in that case, could
we limit this feature to only OpenSSL? I¹m also not seeing how using this
callback prevents rfc5077, could you please elaborate.
Yes, sorry, I didn't realize it earlier but that's not true for all
OpenSSL versions.
Hey,
Yes, sorry, I didn't realize it earlier but that's not true for all
OpenSSL versions. Starting with OpenSSL 1.0.0, tls1_process_ticket()
will decline decrypting session tickets sent by the client if the
session_secret_cb is in use:
if (s-tls_session_secret_cb)
Hello,
Everything said here is based on my opinion, so just add IMO in front
of every sentence :)
On 6/25/2015 6:01 PM, Remi Gacogne wrote:
Hi,
I was unaware that BoringSSL removed the callback, but in that case, could
we limit this feature to only OpenSSL? I¹m also not seeing how using
On 6/24/2015 8:58 PM, Baptiste wrote:
That said, I'll write a new DDOS protection article once HAProxy 1.6
will be released, since it embeds some new features which are
interesting on this topic.
I look forward to it. Thank you for your diligence!
Concerning your demand, I don't understand
haproxy
Why want to use ourFedEx account?
Our DHL account proivde lowwerChinaFedEx ratesthan your DHL account
We can pick up anywhere in China, ChineseFedEx only can pick up from big cities in China
We ready all documents to bothFedEx and destination customs cleaance.
We colloect from
Thank you for pointing this out, I missed it in my brief look of the code.
To me, this is reason enough to move to 1.0.2 (in addition to all the
other reasons given by you and Nenad).
I¹ll start prototyping the code using 1.0.2.
Agreed.
What I would also urge is to not use any openssl
If I use an unencrypted password that starts with an equal sign with the
password option in the userlist, instead of the insecure-password option then
HAProxy segfaults when I try to log in as the user with the badly configured
password. I realize that I should not be using an unencrypted
This line in the userlist will cause the segfault when you try to view
stats as the user test:
user test password =testing
The segfault error from messages is:
Jun 25 21:33:41 dev-tsl-haproxy-001 kernel: [ 4147.107578]
haproxy[6780]: segfault at 0 ip 7f6ae5fcfef6
Hi All,
Some time ago I created a small patch for haproxy 1.5 which is acting
in a simmilar way to cloud anti dos CAPTHA pages
(https://github.com/lazy404/haproxy/compare/ddos)
The idea is that when the site is attacked by bots sending http requests,
haproxy sends them a webpage with some
Hi,
On Wed, Jun 24, 2015 at 12:03:39PM -0600, Shawn Heisey wrote:
On 6/24/2015 11:12 AM, Willy Tarreau wrote:
The problem with configs posted on a blog is that people blindly copy-paste
them without understanding and then break a lot of things and ask for help.
Baptiste takes care of
On Wed, Jun 24, 2015 at 03:08:18PM -0600, Shawn Heisey wrote:
On 6/24/2015 1:23 PM, Willy Tarreau wrote:
Thus my first goal with HTTP/2 in haproxy really is to make it a
solid H2-H1 gateway in order to provide a seamless migration to H2
to everyone, just like haproxy was massively used to
Hi all,
Dave, thank you for proposing this feature, I truly think that being
able to serve RSA or ECDSA certificates depending on what the client
supports would be an awesome addition to HAproxy.
However, I have some concerns about the use of
SSL_set_session_secret_cb() for this feature,
15 matches
Mail list logo
