Hi Olivier,
On Mon, Jan 23, 2017 at 08:31:13PM +0100, Olivier Doucet wrote:
> Hello,
>
> I'm actually implementing OCSP stapling on my haproxy instance.
>
> It seems we can update ocsp (with set ssl ocsp-response on socket) only if
> a previous OCSP record exist.
>
> For example :
> Case #1
>
On Fri, Feb 03, 2017 at 01:35:02PM +0100, Dave Cottlehuber wrote:
> This is exactly like Zerg http://erlangonxen.org/zerg the requirements
> are that haproxy:
Just reading this made me throw up. The problem is while I can to a certain
extent imagine that for a demo, I already imagine that some
Hi Olivier,
On Sat, Feb 04, 2017 at 11:52:30AM +0100, Olivier Doucet wrote:
> Hello,
>
> I'm trying to capture the cipher suites sent by browser when negociating
> the encryption level with HAProxy.
> Digging into the haproxy doc, I can already find the TLS version and cipher
> used (variables
Hi,
I am using haproxy 1.7.2 version and trying to use reload option which is
failing in my environment with RHEL 7.2 version, same works fine in RHEL 6.8
version.
Please find the logs below:
Feb 8 23:38:19 localhost systemd: Reloaded SYSV: HA-Proxy is a TCP/HTTP
reverse proxy which is
On Wed, Feb 08, 2017 at 05:55:36PM +, Jesse Schulman wrote:
> Looks good to me, I applied both patches and the issue I was having with
> lua remains fixed.
Thank you Jesse, that's exactly what I needed. Now I've merged them.
Thanks,
Willy
Hi Emmanuel,
On Tue, Feb 07, Emmanuel Hocdet wrote:
> I'm not able to reproduce this crash with current 1.8dev and openssl 1.0.2j.
OK, thanks for checking. I'll try to compile openssl-1.0.2/openssl-1.1.0 and
test with those to see if it's specific to openssl that comes w/centos7.
Do you have
Looks good to me, I applied both patches and the issue I was having with
lua remains fixed.
Thanks!
Jesse
On Wed, Feb 8, 2017 at 2:21 AM Willy Tarreau wrote:
> Hi Jesse,
>
> On Tue, Feb 07, 2017 at 06:37:09PM +, Jesse Schulman wrote:
> > Thank you for the update, we are
Try this:
backend app
balance roundrobin
cookie SERVERID insert indirect nocache
server hdp01.example.local 192.168.1.100:7070 check cookie hdp01
server hdp02.example.local 192.168.1.101:7070 check cookie hdp02
From: Hoang Le Trung [mailto:hoangletr...@orenj.com]
Sent: Tuesday,
Hi Christopher,
Christopher Faulet wrote:
> You did well to reopen the issue. And you're right, this bug is similar
> to the one on redirect rules. I submitted a patch and it will be merged
> soon by Willy (see "[PATCH] 2 fixes for replace-header rules").
Thank you for the fix!
Best,
Holger
Le 07/02/2017 à 16:41, Holger Just a écrit :
Hi all,
I just checked and the issue is still present in current master. Could
you maybe have a look at this issue?
It smells a bit like this could potentially be connected to the issue
discussed in the thread "Lua sample fetch logging ends up in
On Wed, Feb 08, 2017 at 05:29:19PM +0100, Christopher Faulet wrote:
> Willy,
>
> Here are 2 patches to fix bugs on replace-header rules. The first one is
> similar to the one on redirect rules. It fixes an issue reported by
> Holger Just ("Strange behavior of sample fetches in http-response
>
Willy,
Here are 2 patches to fix bugs on replace-header rules. The first one is
similar to the one on redirect rules. It fixes an issue reported by
Holger Just ("Strange behavior of sample fetches in http-response
replace-header option").
The second one is a trivial fix :)
--
Christopher
On Wed, Feb 08, 2017 at 11:16:58AM +0100, Christopher Faulet wrote:
> Hi,
>
> This patch fixes the bug reported by Kristjan Koppel and Brian Loss in the
> thread "Gzip compression and transfer: chunked". It should be backported in
> 1.7
Merged, thanks guys!
Willy
Hi Jesse,
On Tue, Feb 07, 2017 at 06:37:09PM +, Jesse Schulman wrote:
> Thank you for the update, we are running the patch Thierry provided with
> success, but we only do a lua call within the %[] almost identically to the
> simple reproducer I provided. I *think* we are safe considering we
Hi,
This patch fixes the bug reported by Kristjan Koppel and Brian Loss in
the thread "Gzip compression and transfer: chunked". It should be
backported in 1.7
Kristjan and Brian, thanks for your help.
--
Christopher Faulet
>From 23b39e87cce785437950552f5be0744b5768914a Mon Sep 17 00:00:00
15 matches
Mail list logo