Re: [PATCH] Re: 1.8.8 & 1.9dev, lua, xref_get_peer_and_lock hang / 100% cpu usage after restarting haproxy a few times

2018-05-26 Thread Thierry FOURNIER
On Sat, 26 May 2018 19:47:54 +0200 PiBa-NL wrote: > Hi Thierry, > > Op 25-5-2018 om 15:40 schreef Thierry FOURNIER: > > On Fri, 18 May 2018 22:17:00 +0200 > > PiBa-NL wrote: > > > >> Hi Thierry, > >> > >> Op 18-5-2018 om 20:00 schreef Thierry

Use acl on spoe events

2018-05-26 Thread Joao Morais
Hi list, I’m trying to filter spoe events using acl, no success atm. This is the relevant part of my configuration: === /etc/haproxy/haproxy.cfg === frontend bar ... filter spoe engine modsecurity config /etc/haproxy/spoe-modsecurity.conf http-request deny if {

Re: [PATCH] Re: 1.8.8 & 1.9dev, lua, xref_get_peer_and_lock hang / 100% cpu usage after restarting haproxy a few times

2018-05-26 Thread Thierry Fournier
> On 26 May 2018, at 19:47, PiBa-NL wrote: > > Hi Thierry, > > Op 25-5-2018 om 15:40 schreef Thierry FOURNIER: >> On Fri, 18 May 2018 22:17:00 +0200 >> PiBa-NL wrote: >> >>> Hi Thierry, >>> >>> Op 18-5-2018 om 20:00 schreef Thierry FOURNIER:

1.9dev, lua, socket:settimeout() is not being honored and continuous to wait

2018-05-26 Thread PiBa-NL
Hi Thierry, There is still 'something' remaining where 'socket:settimout' is not honored. See attached script and output below (slightly modified version from before.) ran against the same ' ./tcploop 81 L W N20 A R S:"response1\r\n" R P6000 S:"response2\r\n" R [ F K ] ' with 6 second delay

Re: [PATCH] Re: 1.8.8 & 1.9dev, lua, xref_get_peer_and_lock hang / 100% cpu usage after restarting haproxy a few times

2018-05-26 Thread PiBa-NL
Hi Thierry, Op 25-5-2018 om 15:40 schreef Thierry FOURNIER: On Fri, 18 May 2018 22:17:00 +0200 PiBa-NL wrote: Hi Thierry, Op 18-5-2018 om 20:00 schreef Thierry FOURNIER: Hi Pieter, Could you test the attached patch ? It seems to fix the problem, but I have some

JWT payloads break b64dec convertor

2018-05-26 Thread Jonathan Matthews
Hello folks, The payload (and other parts) of a JSON Web Token (JWT, a popular and growing auth standard: https://tools.ietf.org/html/rfc7519) is base64 encoded. Unfortunately, the payload encoding (specified in https://tools.ietf.org/html/rfc7515) is defined as the "URL safe" variant. This

Re: [PATCH] lua socket / Read maount of data

2018-05-26 Thread Willy Tarreau
On Fri, May 25, 2018 at 04:40:45PM +0200, Thierry Fournier wrote: > Hi, > > Actually, I'm working with Lua and Redis, and I found a bug with the > socket function. It impacts the read of a great amount of data when > these data arriving in a lot of network packet. > > the Lua user ask for 1

Re: Connections stuck in CLOSE_WAIT state with h2

2018-05-26 Thread Willy Tarreau
On Fri, May 25, 2018 at 03:43:16PM +0200, Janusz Dziemidowicz wrote: > 2018-05-24 23:26 GMT+02:00 Willy Tarreau : > >> Anyway, I'll do another round of experiments (without tfo) tomorrow. > > > > Much appreciated, thank you. > > I've removed tfo, curves and tls-ticket-keys from bind