- 29 Sep, 2023 5 commits
-
-
Thomas Gambier authored
-
Thomas Gambier authored
-
Thomas Gambier authored
this is a fixup of 54a08186
-
Thomas Gambier authored
-
Thomas Gambier authored
For slapos-node package compilation, we use DESTDIR pointing to temp location and PREFIX pointing to future /opt/slapos. Without this commit, bison look at wrong directory for data: bison: cannot open file `/opt/slapos/parts/bison/share/bison/m4sugar/m4sugar.m4'
-
- 28 Sep, 2023 5 commits
-
-
Thomas Gambier authored
-
Jérome Perrin authored
We configure haproxy with "verify optional", which makes haproxy request a client certificate, but accept the case where client does not present a certificate, but as described in [1], if client present a certificate and this certificate can not be verified, handshake is aborted. This is not what we want, we want to treat the case of a non verified certificate same as the case of the absence of certificate. This configures haproxy accordingly, using "crt-ignore-err all" to allow handshake anyway. Once this was fixed, there was a remaining problem with client_cert_verified acl, haproxy acl are OR, but this rule was supposed to be a AND (client present a certificate AND it is verified), this was rewritten to use inline condition which are AND. [1]: https://cbonte.github.io/haproxy-dconv/1.8/configuration.html#5.1-verify Also adjust test_x_forwarded_for_stripped_when_no_certificate to assert that there is no X-Forwarded-For header at all when no client certificate.
-
Thomas Gambier authored
-
Thomas Gambier authored
-
Xavier Thompson authored
-
- 27 Sep, 2023 9 commits
-
-
Kazuhiko Shiozaki authored
-
Kazuhiko Shiozaki authored
-
Kazuhiko Shiozaki authored
-
Kazuhiko Shiozaki authored
-
Kazuhiko Shiozaki authored
-
Joanne Hugé authored
-
Thomas Gambier authored
-
Jérome Perrin authored
-
Jérome Perrin authored
-
- 26 Sep, 2023 6 commits
-
-
Lu Xu authored
-
Lu Xu authored
-
Kazuhiko Shiozaki authored
See merge request nexedi/slapos!1433
-
Boxiang Sun authored
If a server reboots brutally, there will be a legacy httpd pid file stay in the file system, and the OS may reuse the PID that remains in that file, which will cause httpd service to fail to start even if there is no such httpd service is running. This commit implemented the following logic: 0. If there is no existing PID file, then run the httpd service directly 1. If the PID file exists and contains the PID used by another process, we delete the PID file, then restart the httpd service 2. If the PID file exists and contains the PID used by another running httpd service, we allow the httpd report the "already running" error normally
-
Thomas Gambier authored
-
- 25 Sep, 2023 2 commits
-
-
Kazuhiko Shiozaki authored
This is the last version supporting python 2.7.
-
Lu Xu authored
See merge request nexedi/slapos!1428
-
- 22 Sep, 2023 9 commits
-
-
Lu Xu authored
-
Lu Xu authored
-
Joanne Hugé authored
-
Joanne Hugé authored
-
Lu Xu authored
-
Lu Xu authored
-
Titouan Soulard authored
-
Titouan Soulard authored
-
Jérome Perrin authored
-
- 21 Sep, 2023 2 commits
- 20 Sep, 2023 1 commit
-
-
Jérome Perrin authored
-
- 18 Sep, 2023 1 commit
-
-
Titouan Soulard authored
-