Re: end all sessions for specific user

2020-12-03 Thread Lukas Tribus
Hello, On Friday, 4 December 2020, Yossi Nachum wrote: > If I will change the map file via admin socket > Will it shutdown old/current sessions? Better, you don't need to shutdown anything, because HTTP authentication works on a HTTP transaction level, so each request is authenticated, even i

RE: end all sessions for specific user

2020-12-03 Thread Yossi Nachum
If I will change the map file via admin socket Will it shutdown old/current sessions? Thanks Yossi Nachum -Original Message- From: Lukas Tribus Sent: Thursday, December 3, 2020 8:14 PM To: Yossi Nachum Cc: Lukas Tribus ; haproxy@formilux.org Subject: Re: end all sessions for specific u

Re: end all sessions for specific user

2020-12-03 Thread Lukas Tribus
Hello, On Thu, 3 Dec 2020 at 16:17, Yossi Nachum wrote: > > Hi, > I'm using haproxy 1.8 > This is my global and frontend configuration which include user auth: > [...] > acl network_allowed src,map_ip_int(/etc/haproxy/allowed_ips.lst,0) -m int > eq 1 > acl users_allowed hdr(MD5UP),map(/etc/h

RE: end all sessions for specific user

2020-12-03 Thread Yossi Nachum
Hi, I'm using haproxy 1.8 This is my global and frontend configuration which include user auth: global log /var/lib/haproxy/dev/log local0 info stats socket /run/haproxy.sock mode 660 level admin stats timeout 30s daemon pidfile /var/run/haproxy.pid maxconn 20 nbproc 1 tune.max

Re: end all sessions for specific user

2020-12-03 Thread Lukas Tribus
Hello, On Thu, 3 Dec 2020 at 15:32, Yossi Nachum wrote: > > Hi, > > > > I have haproxy configuration that based on a file with username and password. > > When I disable a user his new sessions are blocked with 407 but his > old/current sessions are still processed Please share your configuratio

end all sessions for specific user

2020-12-03 Thread Yossi Nachum
Hi, I have haproxy configuration that based on a file with username and password. When I disable a user his new sessions are blocked with 407 but his old/current sessions are still processed Is there a way to identify these user current sessions and kill them with "shutdown session" runtime ap

Re: [PR] Skip unsupported ciphers for ecdsa cert

2020-12-03 Thread Emeric Brun
Hi Marcoen, Before resubnmit, elease remember to use more explicit variables to know server/client side cipher list. R, Emeric On 12/1/20 10:26 AM, Marcoen Hirschberg wrote: > Thanks, they are now enabled. > > I've fixed boringssl builds and tested it with libressl locally as well. > > I wil