> On Jan 30, 2017, at 17:00, Willy Tarreau wrote:
>
> Hi Grant,
>>
>> To work around this, without complicating the init code, do you think it is
>> OK to directly call ssl_init_single_engine inside
>> ssl_parse_glabal_ssl_engine?
>
> I still find this problematic. Normally what we have here
Hi Baptiste,
On Mon, Jan 30, 2017 at 11:07:53PM +0100, Baptiste wrote:
> Hi all,
>
> Please find attached a patch to fix the issue reported by Joshua on the ML
> and sjiveson on discourse.
> I moved the initialisation of the dns_resolvers() after the fork. I can
> confirm now than each process ha
Hi Grant,
On Mon, Jan 30, 2017 at 02:05:54PM -0800, Grant Zhang wrote:
(...)
ACK for the first parts.
> One issue I find during testing is that this delayed engine init via
> hap_register_post_check does not work the way we like: if the SSL
> certificate uses a RSA key, during certificate loadi
Hi all,
Please find attached a patch to fix the issue reported by Joshua on the ML
and sjiveson on discourse.
I moved the initialisation of the dns_resolvers() after the fork. I can
confirm now than each process has its own UDP socket to send DNS requests.
Baptiste
From 9c77b0f8e1ecee1a330827e134
Hi Willy,
> On Jan 30, 2017, at 02:03, Willy Tarreau wrote:
>
> Do you think it would make sense to consider that if no list of algo is
> specified then it defaults to all ? I tend to think probably not from
> a technical perspective but maybe for some users it can make sense.
+1
>
> Also this
On Sat, Jan 28, 2017 at 09:38:13AM +0100, thierry.fourn...@arpalert.org wrote:
> Hi, I prefer the prefix '_' because it is shorter that "match_". I'm
> confident for the unicity of these name because there are locked in the
> namespace "Map". If someone uses "_beg" or "_end" in other context,
> the
Hi Krishna,
back on earth ;-)
On Tue, Jan 03, 2017 at 03:07:26PM +0530, Krishna Kumar (Engineering) wrote:
> I explored your suggestion of "hard-coded periods", and have some
> problems: code complexity seems to be very high at updates (as well
> as retrievals possibly); and I may not be able to
Thanks everyone for the help!
On Fri, Jan 27, 2017 at 12:37 PM Patrick Hemmer
wrote:
>
>
> On 2017/1/27 15:31, Ciprian Dorin Craciun wrote:
>
> On Fri, Jan 27, 2017 at 10:24 PM, Patrick Hemmer
> wrote:
>
> Something that might satisfy both requests, why not just append to the
> existing reques
On Mon, Jan 30, 2017 at 06:19:25PM +0100, thierry.fourn...@arpalert.org wrote:
> > Thanks for doing this, I think it's the right way to address it. Do you
> > think
> > there is a way to emit a warning when the deprecated names are used ? That
> > would be nice for next version, though it's not cr
On Mon, 30 Jan 2017 08:37:16 +0100
Willy Tarreau wrote:
> Hi Thierry,
>
> On Sat, Jan 28, 2017 at 09:38:13AM +0100, thierry.fourn...@arpalert.org wrote:
> > >From dc3695a41af3d3a77681cec0ba23005d0370fc07 Mon Sep 17 00:00:00 2001
> > From: Thierry FOURNIER
> > Date: Sat, 28 Jan 2017 08:33:08 +01
sorry for unclear question, it's quite simple, build haproxy from git
with boringssl (DBUILD_SHARED_LIBS=1), just config a simple SSL
frontend.
On Mon, Jan 30, 2017 at 5:42 PM, Willy Tarreau wrote:
> On Mon, Jan 30, 2017 at 04:07:33PM +0800, Igor Pav wrote:
>> any idea with error?
>>
>> undefine
Hi Grant!
On Tue, Jan 24, 2017 at 08:31:46PM +, Grant Zhang wrote:
> This patch adds the global 'ssl-engine' keyword. First arg is an engine
> identifier followed by a list of default_algorithms the engine will
> operate.
>
> If the openssl version is too old, an error is reported when the op
On Mon, Jan 30, 2017 at 04:07:33PM +0800, Igor Pav wrote:
> any idea with error?
>
> undefined symbol: BIO_read_filename
I doubt you'll get any useful response if you don't provide at least a
bit of information, such as what ssl lib you're using, whether or not
this is with the patch applied, bu
any idea with error?
undefined symbol: BIO_read_filename
On Mon, Jan 16, 2017 at 7:42 PM, Willy Tarreau wrote:
> On Fri, Jan 13, 2017 at 06:11:55PM +0100, Emmanuel Hocdet wrote:
>> for 1.8dev
>
> now applied, thanks.
>
> Willy
>
14 matches
Mail list logo
