mirror of
http://git.haproxy.org/git/haproxy.git/
synced 2025-01-08 06:09:44 +00:00
b63dbb7b2e
This one was deprecated in 2.3 and marked for removal in 2.5. It suffers too many limitations compared to threads, and prevents some improvements from being engaged. Instead of a bypassable startup error, there is now a hard error. The parsing code was removed, and very few obvious cases were as well. The code is deeply rooted at certain places (e.g. "for" loops iterating from 0 to nbproc) so it will not be that trivial to remove everywhere. The "bind" and "bind-process" parsers will have to be adjusted, though maybe not completely changed if we later want to support thread groups for large NUMA machines. Some stats socket restrictions were removed, and the doc was updated according to what was done. A few places in the doc still refer to nbproc and will have to be revisited. The master-worker code also refers to the process number to distinguish between master and workers and will have to be carefully adjusted. The MAX_PROCS macro was reset to 1, this will at least reduce the size of some remaining arrays. Two regtests were dependieng on this directive, one with an explicit "nbproc 1" and another one testing the master's CLI using nbproc 4. Both were adapted.
61 lines
1.7 KiB
Plaintext
61 lines
1.7 KiB
Plaintext
#commit b406b87
|
|
# BUG/MEDIUM: connection: don't store recv() result into trash.data
|
|
#
|
|
# Cyril Bonté discovered that the proxy protocol randomly fails since
|
|
# commit 843b7cb ("MEDIUM: chunks: make the chunk struct's fields match
|
|
# the buffer struct"). This is because we used to store recv()'s return
|
|
# code into trash.data which is now unsigned, so it never compares as
|
|
# negative against 0. Let's clean this up and test the result itself
|
|
# without storing it first.
|
|
|
|
varnishtest "PROXY protocol random failures"
|
|
#REQUIRE_OPTIONS=OPENSSL
|
|
|
|
feature ignore_unknown_macro
|
|
|
|
#REGTEST_TYPE=broken
|
|
|
|
syslog Slog_1 -repeat 8 -level info {
|
|
recv
|
|
expect ~ "Connect from .* to ${h1_ssl_addr}:${h1_ssl_port}"
|
|
recv
|
|
expect ~ "ssl-offload-http/http .* \"POST (https://.*:${h1_ssl_port})?/[1-8] HTTP/(2\\.0|1\\.1)\""
|
|
} -start
|
|
|
|
haproxy h1 -conf {
|
|
global
|
|
tune.ssl.default-dh-param 2048
|
|
stats bind-process 1
|
|
log ${Slog_1_addr}:${Slog_1_port} len 2048 local0 debug err
|
|
|
|
defaults
|
|
mode http
|
|
timeout client 1s
|
|
timeout server 1s
|
|
timeout connect 1s
|
|
log global
|
|
|
|
listen http
|
|
bind unix@"${tmpdir}/http.socket" accept-proxy name ssl-offload-http
|
|
option forwardfor
|
|
|
|
listen ssl-offload-http
|
|
option httplog
|
|
bind "fd@${ssl}" ssl crt ${testdir}/common.pem ssl no-sslv3 alpn h2,http/1.1
|
|
server http unix@"${tmpdir}/http.socket" send-proxy
|
|
} -start
|
|
|
|
|
|
shell {
|
|
HOST=${h1_ssl_addr}
|
|
if [ "$HOST" = "::1" ] ; then
|
|
HOST="\[::1\]"
|
|
fi
|
|
for i in 1 2 3 4 5 6 7 8 ; do
|
|
urls="$urls https://$HOST:${h1_ssl_port}/$i"
|
|
done
|
|
curl -i -k -d 'x=x' $urls & wait $!
|
|
}
|
|
|
|
syslog Slog_1 -wait
|