On 2024-02-02 16:38, Lukas Tribus wrote:
WolfSSL support in HAProxy is experimental to the point that not only
does it require compiling library and application from source, it also
requires tinkering with LD paths to be able to even start the binary,
so it's not like the INSTALL instructions are
On Fri, 2 Feb 2024 at 08:43, Willy Tarreau wrote:
>
> Hi Lukas!
>
> On Thu, Feb 01, 2024 at 02:52:10PM +, Lukas Tribus wrote:
> > On Thu, 1 Feb 2024 at 12:08, William Lallemand
> > wrote:
> > >
> > > That's interesting, however I'm surprised the init does not work before
> > > the chroot,
>
Hi Lukas!
On Thu, Feb 01, 2024 at 02:52:10PM +, Lukas Tribus wrote:
> On Thu, 1 Feb 2024 at 12:08, William Lallemand wrote:
> >
> > That's interesting, however I'm surprised the init does not work before the
> > chroot,
> > we are doing a RAND_bytes() with OpenSSL before the chroot to achiev
Hello William,
On Thu, 1 Feb 2024 at 17:52, William Lallemand wrote:
> > I consider getrandom() a modern and simple solution to all those problems.
>
> Unfortunately this is still a fallback solution if getrandom() is not
> accessible or if the support is not built, as this is a fallback in
> op
On 2024-02-01 15:52, Lukas Tribus wrote:
On Thu, 1 Feb 2024 at 12:08, William Lallemand wrote:
>
> That's interesting, however I'm surprised the init does not work before the
chroot,
> we are doing a RAND_bytes() with OpenSSL before the chroot to achieve this.
This approach can actually hide c
On Thu, 1 Feb 2024 at 12:08, William Lallemand wrote:
>
> That's interesting, however I'm surprised the init does not work before the
> chroot,
> we are doing a RAND_bytes() with OpenSSL before the chroot to achieve this.
This approach can actually hide chroot issues leading to nasty
operational
On 2024-01-30 20:45, Lukas Tribus wrote:
Suggest enabling getrandom() syscall in wolfssl to avoid chroot
problems when using wolfssl.
---
Also see:
https://discourse.haproxy.org/t/haproxy-no-responses-when-built-with-wolfssl-while-working-with-openssl/9320/15
---
INSTALL | 3 ++-
1 file chan
Suggest enabling getrandom() syscall in wolfssl to avoid chroot
problems when using wolfssl.
---
Also see:
https://discourse.haproxy.org/t/haproxy-no-responses-when-built-with-wolfssl-while-working-with-openssl/9320/15
---
INSTALL | 3 ++-
1 file changed, 2 insertions(+), 1 deletion(-)
diff --g
8 matches
Mail list logo
