- Update to version 3.0.1+git0.471a1b2f1:
* [RELEASE] Released version 3.0.1
* BUG/MINOR: mux-h1: Use the right variable to set NEGO_FF_FL_EXACT_SIZE flag
* BUG/MAJOR: mux-h1: Properly copy chunked input data during zero-copy nego
* BUG/MEDIUM: stconn/mux-h1: Fix suspect change causing timeouts
* BUG/MINOR: quic: ensure Tx buf is always purged
* BUG/MINOR: quic: fix computed length of emitted STREAM frames
* BUG/MEDIUM: ssl: bad auth selection with TLS1.2 and WolfSSL
* BUG/MEDIUM: ssl: wrong priority whem limiting ECDSA ciphers in ECDSA+RSA configuration
* BUG/MEDIUM: mux-quic: Don't unblock zero-copy fwding if blocked during nego
* CLEANUP: hlua: simplify ambiguous lua_insert() usage in hlua_ctx_resume()
* BUG/MINOR: hlua: fix leak in hlua_ckch_set() error path
* BUG/MINOR: hlua: prevent LJMP in hlua_traceback()
* BUG/MINOR: hlua: fix unsafe hlua_pusherror() usage
* BUG/MINOR: hlua: don't use lua_pushfstring() when we don't expect LJMP
* CLEANUP: hlua: use hlua_pusherror() where relevant
* BUG/MINOR: quic: prevent crash on qc_kill_conn()
* BUG/MEDIUM: mux-quic: Unblock zero-copy forwarding if the txbuf can be released
* MEDIUM: stconn: Be able to unblock zero-copy data forwarding from done_fastfwd
* BUG/MEDIUM: h1-htx: Don't state interim responses are bodyless
* BUG/MINOR: hlua: use CertCache.set() from various hlua contexts
* DOC: configuration: add an example for keywords from crt-store
* BUG/MINOR: tools: fix possible null-deref in env_expand() on out-of-memory
* BUG/MINOR: tcpcheck: report correct error in tcp-check rule parser
* BUG/MINOR: cfgparse: remove the correct option on httpcheck send-state warning
OBS-URL: https://build.opensuse.org/request/show/1179720
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/haproxy?expand=0&rev=144
* [RELEASE] Released version 3.0.1
* BUG/MINOR: mux-h1: Use the right variable to set NEGO_FF_FL_EXACT_SIZE flag
* BUG/MAJOR: mux-h1: Properly copy chunked input data during zero-copy nego
* BUG/MEDIUM: stconn/mux-h1: Fix suspect change causing timeouts
* BUG/MINOR: quic: ensure Tx buf is always purged
* BUG/MINOR: quic: fix computed length of emitted STREAM frames
* BUG/MEDIUM: ssl: bad auth selection with TLS1.2 and WolfSSL
* BUG/MEDIUM: ssl: wrong priority whem limiting ECDSA ciphers in ECDSA+RSA configuration
* BUG/MEDIUM: mux-quic: Don't unblock zero-copy fwding if blocked during nego
* CLEANUP: hlua: simplify ambiguous lua_insert() usage in hlua_ctx_resume()
* BUG/MINOR: hlua: fix leak in hlua_ckch_set() error path
* BUG/MINOR: hlua: prevent LJMP in hlua_traceback()
* BUG/MINOR: hlua: fix unsafe hlua_pusherror() usage
* BUG/MINOR: hlua: don't use lua_pushfstring() when we don't expect LJMP
* CLEANUP: hlua: use hlua_pusherror() where relevant
* BUG/MINOR: quic: prevent crash on qc_kill_conn()
* BUG/MEDIUM: mux-quic: Unblock zero-copy forwarding if the txbuf can be released
* MEDIUM: stconn: Be able to unblock zero-copy data forwarding from done_fastfwd
* BUG/MEDIUM: h1-htx: Don't state interim responses are bodyless
* BUG/MINOR: hlua: use CertCache.set() from various hlua contexts
* DOC: configuration: add an example for keywords from crt-store
* BUG/MINOR: tools: fix possible null-deref in env_expand() on out-of-memory
* BUG/MINOR: tcpcheck: report correct error in tcp-check rule parser
* BUG/MINOR: cfgparse: remove the correct option on httpcheck send-state warning
OBS-URL: https://build.opensuse.org/package/show/server:http/haproxy?expand=0&rev=305
- Update to version 2.9.3+git0.de3ab549a:
* [RELEASE] Released version 2.9.3
* BUG/MEDIUM: quic: keylog callback not called (USE_OPENSSL_COMPAT)
* BUG/MINOR: mux-h2: also count streams for refused ones
* BUG/MINOR: mux-quic: do not prevent non-STREAM sending on flow control
* BUILD: quic: missing include for quic_tp
* [RELEASE] Released version 2.9.2
* DOC: configuration: corrected description of keyword tune.ssl.ocsp-update.mindelay
* REGTESTS: add a test to ensure map-ordering is preserved
* BUG/MINOR: map: list-based matching potential ordering regression
* CLEANUP: quic: Double quic_dgram_parse() prototype declaration.
* MINOR: ssl: Update ssl_fc_curve/ssl_bc_curve to use SSL_get0_group_name
* MINOR: ot: logsrv struct becomes logger
* MINOR: mux-h2: support limiting the total number of H2 streams per connection
* BUG/MEDIUM: spoe: Never create new spoe applet if there is no server up
* BUG/MEDIUM: stconn: Set fsb date if zero-copy forwarding is blocked during nego
* BUG/MEDIUM: stconn: Forward shutdown on write timeout only if it is forwardable
* BUG/MEDIUM: h3: fix incorrect snd_buf return value
* BUILD: quic: Missing quic_ssl.h header protection
* CLEANUP: quic: Remaining useless code into server part
* REGTESTS: check attach-srv out of order declaration
* MINOR: debug: add features and build options to "show dev"
* MINOR: global: export a way to list build options
* CI: use semantic version compare for determing "latest" OpenSSL
* BUG/MINOR: h3: disable fast-forward on buffer alloc failure
* BUG/MINOR: h3: close connection on sending alloc errors
* BUG/MINOR: h3: properly handle alloc failure on finalize
* MINOR: h3: add traces for connection init stage
* BUG/MINOR: h3: close connection on header list too big
* MINOR: h3: check connection error during sending
OBS-URL: https://build.opensuse.org/request/show/1141253
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/haproxy?expand=0&rev=140
- Update to version 2.9.1+git0.f72603ceb:
* [RELEASE] Released version 2.9.1
* DOC: config: also add arguments to the converters in the table
* DOC: config: add arguments to sample fetch methods in the table
* BUG/MEDIUM: mux-quic: report early error on stream
* BUG/MEDIUM: mux-h2: Report too large HEADERS frame only when rxbuf is empty
* CLEANUP: mux-h1: Fix a trace message about C-L header addition
* BUG/MEDIUM: mux-h1: Explicitly skip request's C-L header if not set originally
* BUG/MEDIUM: mux-h1: Cound data from input buf during zero-copy forwarding
* BUG/MEDIUM: stconn: Block zero-copy forwarding if EOS/ERROR on consumer side
* BUG/MEDIUM: quic: QUIC CID removed from tree without locking
* MINOR: version: mention that it's stable now
* BUG/MINOR: ext-check: cannot use without preserve-env
* BUG/MEDIUM: map/acl: pat_ref_{set,delete}_by_id regressions
* BUILD: ssl: update types in wolfssl cert selection callback
* BUG/MEDIUM: quic: Possible buffer overflow when building TLS records
* BUG/MINOR: mworker/cli: fix set severity-output support
* DOC: configuration: typo req.ssl_hello_type
* BUG/MINOR: lua: Wrong OCSP CID after modifying an SSL certficate (LUA)
* BUG/MINOR: ssl: Wrong OCSP CID after modifying an SSL certficate
* MINOR: ssl/cli: Add ha_(warning|alert) msgs to CLI ckch callback
* BUG/MINOR: ssl: Double free of OCSP Certificate ID
OBS-URL: https://build.opensuse.org/request/show/1137606
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/haproxy?expand=0&rev=139
- Update to version 2.9.1+git0.f72603ceb:
* [RELEASE] Released version 2.9.1
* DOC: config: also add arguments to the converters in the table
* DOC: config: add arguments to sample fetch methods in the table
* BUG/MEDIUM: mux-quic: report early error on stream
* BUG/MEDIUM: mux-h2: Report too large HEADERS frame only when rxbuf is empty
* CLEANUP: mux-h1: Fix a trace message about C-L header addition
* BUG/MEDIUM: mux-h1: Explicitly skip request's C-L header if not set originally
* BUG/MEDIUM: mux-h1: Cound data from input buf during zero-copy forwarding
* BUG/MEDIUM: stconn: Block zero-copy forwarding if EOS/ERROR on consumer side
* BUG/MEDIUM: quic: QUIC CID removed from tree without locking
* MINOR: version: mention that it's stable now
* BUG/MINOR: ext-check: cannot use without preserve-env
* BUG/MEDIUM: map/acl: pat_ref_{set,delete}_by_id regressions
* BUILD: ssl: update types in wolfssl cert selection callback
* BUG/MEDIUM: quic: Possible buffer overflow when building TLS records
* BUG/MINOR: mworker/cli: fix set severity-output support
* DOC: configuration: typo req.ssl_hello_type
* BUG/MINOR: lua: Wrong OCSP CID after modifying an SSL certficate (LUA)
* BUG/MINOR: ssl: Wrong OCSP CID after modifying an SSL certficate
* MINOR: ssl/cli: Add ha_(warning|alert) msgs to CLI ckch callback
* BUG/MINOR: ssl: Double free of OCSP Certificate ID
OBS-URL: https://build.opensuse.org/request/show/1133468
OBS-URL: https://build.opensuse.org/package/show/server:http/haproxy?expand=0&rev=297
- Update to version 2.9.0+git0.fddb8c13b:
* [RELEASE] Released version 2.9.0
* DOC: management: update stream vs session
* BUG/MEDIUM: peers: fix partial message decoding
* DOC: management: fix two latest typos (optionally, exception)
* DOC: config: fix typo abandonned -> abandoned
* DOC: config: clarify session vs stream
* DOC: config: add a few more differences between HTTP/1 and 2+
* DOC: config: update the reminder on the HTTP model and add some terminology
* MINOR: mux-quic: Disable zero-copy forwarding for send by default
* MINOR: mux-quic: Add global option to enable/disable zero-copy forwarding
0001-IMPORT-xxhash-update-xxHash-to-version-0.8.2.patch
- reenable the pcre jit after the last change
- use parallel build
- Ensure haproxy home directory is not world readable (bsc#1077716)
- Add dependency on apparmor-profiles (bsc#1079985)
- License is now GPL-3.0+ and LGPL-2.1+
- 0006-BUG-MAJOR-frontend-initialize-capture-pointers-earli.patch
- 0006-BUG-MAJOR-frontend-initialize-capture-pointers-earli.patch
- 0001-BUG-MEDIUM-systemd-set-KillMode-to-mixed.patch
- Install vim file to a more appropriate location
- added pre macro for systemd service file
OBS-URL: https://build.opensuse.org/request/show/1132452
OBS-URL: https://build.opensuse.org/package/show/server:http/haproxy?expand=0&rev=295
- Update to version 2.7.5+git0.8d230219e:
* [RELEASE] Released version 2.7.5
* OPTIM: mux-h1: limit first read size to avoid wrapping
* BUG/MAJOR: qpack: fix possible read out of bounds in static table
* BUG/MINOR: sock_unix: match finalname with tempname in sock_unix_addrcmp()
* BUG/MINOR: protocol: fix minor memory leak in protocol_bind_all()
* BUG/MINOR: proto_ux: report correct error when bind_listener fails
* BUG/MEDIUM: spoe: Don't set the default traget for the SPOE agent frontend
* BUG/MINOR: mux-h2: Fix possible null pointer deref on h2c in _h2_trace_header()
* MEDIUM: mux-h2/trace: add tracing support for headers
* MINOR: h2: add h2_phdr_to_ist() to make ISTs from pseudo headers
* MEDIUM: bwlim: Support constants limit or period on set-bandwidth-limit actions
* BUG/MEDIUM: listener: duplicate inherited FDs if needed
* BUG/MINOR: quic: Missing STREAM frame data pointer updates
* BUG/MINOR: mux-h2: set CO_SFL_STREAMER when sending lots of data
* BUG/MEDIUM: mux-h2: only restart sending when mux buffer is decongested
* MINOR: buffer: add br_single() to check if a buffer ring has more than one buf
* BUG/MINOR: mux-h2: make sure the h2c task exists before refreshing it
* BUG/MEDIUM: connection: Preserve flags when a conn is removed from an idle list
* BUG/MINOR: quic: Missing STREAM frame length updates
* BUG/MINOR: tcp_sample: fix a bug in fc_dst_port and fc_dst_is_local sample fetches
* BUG/MEDIUM: mux-h1: Don't block SE_FL_ERROR if EOS is not reported on H1C
* DEBUG: ssl-sock/show_fd: Display SSL error code
* DEBUG: cli/show_fd: Display connection error code
* BUG/MEDIUM: resolvers: Properly stop server resolutions on soft-stop
* BUG/MEDIUM: proxy: properly stop backends on soft-stop
* BUG/MINOR: mux-h1: Don't report an H1C error on client timeout
* BUG/MEDIUM: mux-pt: Set EOS on error on sending path if read0 was received
OBS-URL: https://build.opensuse.org/request/show/1072696
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/haproxy?expand=0&rev=128
* [RELEASE] Released version 2.7.5
* OPTIM: mux-h1: limit first read size to avoid wrapping
* BUG/MAJOR: qpack: fix possible read out of bounds in static table
* BUG/MINOR: sock_unix: match finalname with tempname in sock_unix_addrcmp()
* BUG/MINOR: protocol: fix minor memory leak in protocol_bind_all()
* BUG/MINOR: proto_ux: report correct error when bind_listener fails
* BUG/MEDIUM: spoe: Don't set the default traget for the SPOE agent frontend
* BUG/MINOR: mux-h2: Fix possible null pointer deref on h2c in _h2_trace_header()
* MEDIUM: mux-h2/trace: add tracing support for headers
* MINOR: h2: add h2_phdr_to_ist() to make ISTs from pseudo headers
* MEDIUM: bwlim: Support constants limit or period on set-bandwidth-limit actions
* BUG/MEDIUM: listener: duplicate inherited FDs if needed
* BUG/MINOR: quic: Missing STREAM frame data pointer updates
* BUG/MINOR: mux-h2: set CO_SFL_STREAMER when sending lots of data
* BUG/MEDIUM: mux-h2: only restart sending when mux buffer is decongested
* MINOR: buffer: add br_single() to check if a buffer ring has more than one buf
* BUG/MINOR: mux-h2: make sure the h2c task exists before refreshing it
* BUG/MEDIUM: connection: Preserve flags when a conn is removed from an idle list
* BUG/MINOR: quic: Missing STREAM frame length updates
* BUG/MINOR: tcp_sample: fix a bug in fc_dst_port and fc_dst_is_local sample fetches
* BUG/MEDIUM: mux-h1: Don't block SE_FL_ERROR if EOS is not reported on H1C
* DEBUG: ssl-sock/show_fd: Display SSL error code
* DEBUG: cli/show_fd: Display connection error code
* BUG/MEDIUM: resolvers: Properly stop server resolutions on soft-stop
* BUG/MEDIUM: proxy: properly stop backends on soft-stop
* BUG/MINOR: mux-h1: Don't report an H1C error on client timeout
* BUG/MEDIUM: mux-pt: Set EOS on error on sending path if read0 was received
OBS-URL: https://build.opensuse.org/package/show/server:http/haproxy?expand=0&rev=279
