Re: Active Internet-Draft: Suppressing CA Certificates in TLS 1.3

Hi. On 28.02.22 13:55, Branitsky, Norman wrote: Future requirement for HAProxy? https://datatracker.ietf.org/doc/draft-kampanakis-tls-scas-latest/ From my point of view is this draft heavily based on the implementation of the underlaying TLS library. For everyone which want to know what th

docker hub not updated with most recent releases (2.5.4/2.4.14)

Dear Maintainers, It looks like the official docker image's aren't updated to the most recent release. Looking at the jenkins jobs; https://github.com/docker-library/repo-info/tree/master/repos/haproxy => https://doi-janky.infosiftr.net/job/repo-info/job/remote/ it appears it fails to checkout fro

ACL execution order, short circuit behaviour?

Dear all, I’m trying to understand, how ACL chains, e.g. for `http-request deny` are executed, and whether they support short-circuit. Example: acl1: ip in particular range acl2: comple regex match with a long list of patterns http-request deny acl1 !acl2 That would mean block the request i

Re: docker hub not updated with most recent releases (2.5.4/2.4.14)

Olaf, On 2/28/22 15:24, Olaf Buitelaar wrote: It looks like the official docker image's aren't updated to the most recent release. Looking at the jenkins jobs; https://github.com/docker-library/repo-info/tree/master/repos/haproxy => https://doi-janky.infosiftr.net/job/repo-info/job/remote/ it ap

Re: docker hub not updated with most recent releases (2.5.4/2.4.14)

Dear Olaf, As Tim said, official Docker images are not (directly) provided by HAProxy team. We do however provide the following Docker images which are usually up to date: https://hub.docker.com/u/haproxytech They come in several flavours, namely Alpine,

Re: [PATCH 1/2] CLEANUP: connection: Indicate unreachability to the compiler in conn_recv_proxy

On Fri, Feb 25, 2022 at 09:44:26PM +0100, Tim Duesterhus wrote: > Transform the unreachability comment into a call to `my_unreachable()` to > allow > the compiler from benefitting from it. > > see d1b15b6e9b4d4d378a6169929a86f25b95eafc57 > see 615f81eb5ad3e8c691901db8ce3e6a4a6b6efa49 Note: I adj

система защиты

Автоматически формируемая электронная почта системы обороны РФ: Введение санкций против банков вызывает постепенный обвал филиалов за рубежом, который очень быстро распространяется. Центробанк России выводит все средства из-за блокировки государственных резервов. Банки в РФ рухнут в течение недел

[PATCH] MINOR: queue: Replace if() + abort() with BUG_ON()

see 5cd4bbd7a ("BUG/MAJOR: threads/queue: Fix thread-safety issues on the queues management") --- src/queue.c | 15 +++ 1 file changed, 7 insertions(+), 8 deletions(-) diff --git a/src/queue.c b/src/queue.c index b1be766b9..002b94b85 100644 --- a/src/queue.c +++ b/src/queue.c @@ -567

Re: ACL execution order, short circuit behaviour?

Hi Alex, On Mon, Feb 28, 2022 at 02:36:51PM +, Lais, Alexander wrote: > Dear all, > > I'm trying to understand, how ACL chains, e.g. for `http-request deny` are > executed, and whether they support short-circuit. > > > Example: > > acl1: ip in particular range > acl2: comple regex match w

[PATCH] BUILD ssl: another build warning on LIBRESSL_VERSION_NUMBER

Hi William, Please find attached a patch I used in order to remove some LIBRESSL_VERSION_NUMBER warnings when building haproxy 2.5.4 with an old version of OpenSSL. Cheers, Julien >From 88defc4fb4989018c5348ebfe0d70dd223860981 Mon Sep 17 00:00:00 2001 From: Julien Thomas Date: Mon, 28 Feb 2022 2