SSL test crashing HAProxy (6 replies)

Hi,

I'm an admin for a software dev company. We host our software in the AWS
cloud, using HAProxy as an entry point to a private VPC. Our HAProxy
handles SSL. Recently, we've had an issue that we can reproduce on multiple
proxies.
We found that running the following test against our proxies causes the
HAProxy service to crash or hang:
https://www.ssllabs.com/ssltest/analyze.html

We have to restart the HAProxy service for it to begin responding again.
The crash seems to be related to cipher suite testing; HAProxy seems to
crash during the part of that SSLlabs.com test called "testing deprecated
cipher suites", and we found the solution is to specify a particular list
of ciphers using the option "ssl-default-bind-ciphers".

We are using HAProxy 1.6.2. We are able to reproduce the issue on 1.6.3
also.

Although we have a solution, and we can reproduce in a test environment
consistently, we're unable to find a cause for this behaviour. Any ideas? I
can provide obfuscated configs and logs if needed, although logging doesn't
seem to shed much light.

Thanks in advance!
-Phil