- Update to version 2.9.1+git0.f72603ceb:
* [RELEASE] Released version 2.9.1
* DOC: config: also add arguments to the converters in the table
* DOC: config: add arguments to sample fetch methods in the table
* BUG/MEDIUM: mux-quic: report early error on stream
* BUG/MEDIUM: mux-h2: Report too large HEADERS frame only when rxbuf is empty
* CLEANUP: mux-h1: Fix a trace message about C-L header addition
* BUG/MEDIUM: mux-h1: Explicitly skip request's C-L header if not set originally
* BUG/MEDIUM: mux-h1: Cound data from input buf during zero-copy forwarding
* BUG/MEDIUM: stconn: Block zero-copy forwarding if EOS/ERROR on consumer side
* BUG/MEDIUM: quic: QUIC CID removed from tree without locking
* MINOR: version: mention that it's stable now
* BUG/MINOR: ext-check: cannot use without preserve-env
* BUG/MEDIUM: map/acl: pat_ref_{set,delete}_by_id regressions
* BUILD: ssl: update types in wolfssl cert selection callback
* BUG/MEDIUM: quic: Possible buffer overflow when building TLS records
* BUG/MINOR: mworker/cli: fix set severity-output support
* DOC: configuration: typo req.ssl_hello_type
* BUG/MINOR: lua: Wrong OCSP CID after modifying an SSL certficate (LUA)
* BUG/MINOR: ssl: Wrong OCSP CID after modifying an SSL certficate
* MINOR: ssl/cli: Add ha_(warning|alert) msgs to CLI ckch callback
* BUG/MINOR: ssl: Double free of OCSP Certificate ID
OBS-URL: https://build.opensuse.org/request/show/1133468
OBS-URL: https://build.opensuse.org/package/show/server:http/haproxy?expand=0&rev=297
- Update to version 2.9.0+git0.fddb8c13b:
* [RELEASE] Released version 2.9.0
* DOC: management: update stream vs session
* BUG/MEDIUM: peers: fix partial message decoding
* DOC: management: fix two latest typos (optionally, exception)
* DOC: config: fix typo abandonned -> abandoned
* DOC: config: clarify session vs stream
* DOC: config: add a few more differences between HTTP/1 and 2+
* DOC: config: update the reminder on the HTTP model and add some terminology
* MINOR: mux-quic: Disable zero-copy forwarding for send by default
* MINOR: mux-quic: Add global option to enable/disable zero-copy forwarding
0001-IMPORT-xxhash-update-xxHash-to-version-0.8.2.patch
- reenable the pcre jit after the last change
- use parallel build
- Ensure haproxy home directory is not world readable (bsc#1077716)
- Add dependency on apparmor-profiles (bsc#1079985)
- License is now GPL-3.0+ and LGPL-2.1+
- 0006-BUG-MAJOR-frontend-initialize-capture-pointers-earli.patch
- 0006-BUG-MAJOR-frontend-initialize-capture-pointers-earli.patch
- 0001-BUG-MEDIUM-systemd-set-KillMode-to-mixed.patch
- Install vim file to a more appropriate location
- added pre macro for systemd service file
OBS-URL: https://build.opensuse.org/request/show/1132452
OBS-URL: https://build.opensuse.org/package/show/server:http/haproxy?expand=0&rev=295
* [RELEASE] Released version 2.7.5
* OPTIM: mux-h1: limit first read size to avoid wrapping
* BUG/MAJOR: qpack: fix possible read out of bounds in static table
* BUG/MINOR: sock_unix: match finalname with tempname in sock_unix_addrcmp()
* BUG/MINOR: protocol: fix minor memory leak in protocol_bind_all()
* BUG/MINOR: proto_ux: report correct error when bind_listener fails
* BUG/MEDIUM: spoe: Don't set the default traget for the SPOE agent frontend
* BUG/MINOR: mux-h2: Fix possible null pointer deref on h2c in _h2_trace_header()
* MEDIUM: mux-h2/trace: add tracing support for headers
* MINOR: h2: add h2_phdr_to_ist() to make ISTs from pseudo headers
* MEDIUM: bwlim: Support constants limit or period on set-bandwidth-limit actions
* BUG/MEDIUM: listener: duplicate inherited FDs if needed
* BUG/MINOR: quic: Missing STREAM frame data pointer updates
* BUG/MINOR: mux-h2: set CO_SFL_STREAMER when sending lots of data
* BUG/MEDIUM: mux-h2: only restart sending when mux buffer is decongested
* MINOR: buffer: add br_single() to check if a buffer ring has more than one buf
* BUG/MINOR: mux-h2: make sure the h2c task exists before refreshing it
* BUG/MEDIUM: connection: Preserve flags when a conn is removed from an idle list
* BUG/MINOR: quic: Missing STREAM frame length updates
* BUG/MINOR: tcp_sample: fix a bug in fc_dst_port and fc_dst_is_local sample fetches
* BUG/MEDIUM: mux-h1: Don't block SE_FL_ERROR if EOS is not reported on H1C
* DEBUG: ssl-sock/show_fd: Display SSL error code
* DEBUG: cli/show_fd: Display connection error code
* BUG/MEDIUM: resolvers: Properly stop server resolutions on soft-stop
* BUG/MEDIUM: proxy: properly stop backends on soft-stop
* BUG/MINOR: mux-h1: Don't report an H1C error on client timeout
* BUG/MEDIUM: mux-pt: Set EOS on error on sending path if read0 was received
OBS-URL: https://build.opensuse.org/package/show/server:http/haproxy?expand=0&rev=279
- Update to version 2.6.5+git0.987a4e248:
* [RELEASE] Released version 2.6.5
* BUG/MINOR: http-act: initialize http fmt head earlier
* MINOR: debug: report applet pointer and handler in crashes when known
* DEBUG: stream: minor rearrangement of a few fields in struct stream.
* BUG/MINOR: mux-fcgi: fix the "show fd" dest buffer for the subscriber
* BUG/MINOR: mux-h1: fix the "show fd" dest buffer for the subscriber
* BUG/MINOR: mux-h2: fix the "show fd" dest buffer for the subscriber
* BUG/MINOR: httpclient: keep-alive was accidentely disabled
* BUG/MEDIUM: httpclient: always detach the caller before self-killing
* BUG/MINOR: h2: properly set the direction flag on HTX response
* BUG/MINOR: quic: Frames leak during retransmissions
* MINOR: quic: Trace typo fix in qc_release_frm()
* MINOR: quic: Add TX frames addresses to traces to several trace events
* BUG/MINOR: quic: Do not ack when probing
* MINOR: backend: always satisfy the first req reuse rule with l7 retries
* BUG/MEDIUM: mux-h1: always use RST to kill idle connections in pools
* REGTESTS: http_request_buffer: Add a barrier to not mix up log messages
* BUG/MINOR: regex: Properly handle PCRE2 lib compiled without JIT support
* BUILD: debug: make sure debug macros are never empty
* CLEANUP: exclude haring with .gitignore
* DEV: haring: support remapping LF in contents with CR VT
* DEV: haring: add a simple utility to read file-backed rings
* MINOR: sink/ring: rotate non-empty file-backed contents only
* MINOR: ring: archive a previous file-backed ring on startup
* BUILD: sink: replace S_IRUSR, S_IWUSR with their octal value
* MINOR: ring: add support for a backing-file
* MINOR: ring: support creating a ring from a linear area
* BUILD: ring: forward-declare struct appctx to avoid a build warning
* BUG/MINOR: ssl: leak of ckch_inst_link in ckch_inst_free() v2
OBS-URL: https://build.opensuse.org/request/show/1004374
OBS-URL: https://build.opensuse.org/package/show/server:http/haproxy?expand=0&rev=270
- Update to version 2.6.2+git0.16a3646fd:
* [RELEASE] Released version 2.6.2
* BUG/MINOR: backend: Fallback on RR algo if balance on source is impossible
* BUILD: quic: fix anonymous union for gcc-4.4
* BUG/MEDIUM: stconn: Only reset connect expiration when processing backend side
* BUILD: add detection for unsupported compiler models
* BUG/MEDIUM: mworker: proc_self incorrectly set crashes upon reload
* BUG/MAJOR: mux_quic: fix invalid PROTOCOL_VIOLATION on POST data overlap
* BUG/MINOR: mworker/cli: relative pid prefix not validated anymore
* BUG/MINOR: quic: do not send CONNECTION_CLOSE_APP in initial/handshake
* BUG/MINOR: tools: fix statistical_prng_range()'s output range
* BUG/MINOR: ssl: allow duplicate certificates in ca-file directories
* BUG/MINOR: resolvers: shut off the warning for the default resolvers
* MINOR: resolvers: resolvers_destroy() deinit and free a resolver
* BUG/MEDIUM: tools: avoid calling dlsym() in static builds (try 2)
* BUILD: makefile: Fix install(1) handling for OpenBSD/NetBSD/Solaris/AIX
* BUG/MEDIUM: tools: avoid calling dlsym() in static builds
* BUG/MINOR: debug: enter ha_panic() only once
* BUG/MEDIUM: cli/threads: make "show threads" more robust on applets
* BUG/MINOR: quic: fix closing state on NO_ERROR code sent
* BUG/MEDIUM: mux-quic: fix server chunked encoding response
* CLEANUP: h2: Typo fix in h2_unsubcribe() traces
* MINOR: qpack: properly handle invalid dynamic table references
* MINOR: h3: handle errors on HEADERS parsing/QPACK decoding
* MINOR: h3: add h3c pointer into h3s instance
* BUG/MINOR: mux-quic: do not signal FIN if gap in buffer
* MINOR: ncbuf: implement ncb_is_fragmented()
* MINOR: quic: Increase the QUIC connections RX buffer size (upto 64Kb)
* MINOR: quic: Improvements for the datagrams receipt
* MINOR: task: Add tasklet_wakeup_after()
OBS-URL: https://build.opensuse.org/request/show/991595
OBS-URL: https://build.opensuse.org/package/show/server:http/haproxy?expand=0&rev=267
- Update to version 2.6.1+git0.f6ca66d44:
* [RELEASE] Released version 2.6.1
* REGTESTS: ssl: add the same cert for client/server
* BUG/MEDIUM: mworker: use default maxconn in wait mode
* BUG/MINOR: quic: Acknowledgement must be forced during handshake
* BUG/MEDIUM: ssl/cli: crash when crt inserted into a crt-list
* BUG/MINOR: quic: free rejected Rx packets
* BUG/MINOR: quic: purge conn Rx packet list on release
* BUG/MINOR: quic_stats: Duplicate "quic_streams_data_blocked_bidi" field name
* BUG/MINOR: quic: Unexpected half open connection counter wrapping
* BUG/MINOR: log: Properly test connection retries to fix dontlog-normal option
* MINOR: stream: Rely on stconn flags to abort stream destructive upgrade
* BUG/MEDIUM: stream: Properly handle destructive client connection upgrades
* BUG/MINOR: task: fix thread assignment in tasklet_kill()
* BUG/MINOR: quic: Wrong PTO calculation
* BUG/MINOR: quic: Stop hardcoding Retry packet Version field
* BUG/BUILD: h3: fix wrong label name
* BUG/MINOR: h3/qpack: deal with too many headers
* MINOR: qpack: add comments and remove a useless trace
* BUG/MINOR: qpack: support header litteral name decoding
* BUG/MEDIUM: mux-quic: fix segfault on flow-control frame cleanup
* BUG/MEDIUM: cli: Notify cli applet won't consume data during request processing
* BUG/MEDIUM: stconn: Don't wakeup applet for send if it won't consume data
* BUG/MINOR: tcp-rules: Make action call final on read error and delay expiration
* BUG/MINOR: mux-quic: fix memleak on frames rejected by transport
* BUG/MEDIUM: mux-quic: fix flow control connection Tx level
* BUG/MINOR: cli/stats: add missing trailing LF after "show info json"
* BUG/MINOR: server: do not enable DNS resolution on disabled proxies
* BUG/MINOR: cli/stats: add missing trailing LF after JSON outputs
* BUG/MINOR: h3: fix frame type definition
* REGTESTS: healthcheckmail: Relax health-check failure condition
* REGTESTS: healthcheckmail: Update the test to be functionnal again
* BUG/MINOR: checks: Properly handle email alerts in trace messages
* BUG/MINOR: trace: Test server existence for health-checks to get proxy
* BUG/MEDIUM: mailers: Set the object type for check attached to an email alert
* BUILD: compiler: implement unreachable for older compilers too
* REGTESTS: restrict_req_hdr_names: Extend supported versions
* REGTESTS: http_abortonclose: Extend supported versions
* BUG/MINOR: ssl_ckch: Fix possible uninitialized value in show_crlfile I/O handler
* BUG/MINOR: ssl_ckch: Fix possible uninitialized value in show_cafile I/O handler
* BUG/MINOR: ssl_ckch: Fix possible uninitialized value in show_cert I/O handler
* BUG/MINOR: ssl_ckch: Init right field when parsing "commit ssl crl-file" cmd
* BUG/MINOR: ssl_ckch: Dump cert transaction only once if show command yield
* BUG/MINOR: ssl_ckch: Dump CA transaction only once if show command yield
* BUG/MINOR: ssl_ckch: Dump CRL transaction only once if show command yield
* BUG/MINOR: ssl_ckch: Use right type for old entry in show_crlfile_ctx
* REGTESTS: http_request_buffer: Increase client timeout to wait "slow" clients
* REGTESTS: abortonclose: Add a barrier to not mix up log messages
* MEDIUM: httpclient: Don't close CLI applet at the end of a response
* MEDIUM: http-ana: Always report rewrite failures as PRXCOND in logs
* BUG/MEDIUM: httpclient: Rework CLI I/O handler to handle full buffer cases
* BUG/MEDIUM: httpclient: Don't remove HTX header blocks before duplicating them
* BUG/MEDIUM: ssl/crt-list: Rework 'add ssl crt-list' to handle full buffer cases
* BUG/MEDIUM: ssl_ckch: Rework 'commit ssl ca-file' to handle full buffer cases
* BUG/MEDIUM: ssl_ckch: Rework 'commit ssl cert' to handle full buffer cases
* BUG/MINOR: ssl_ckch: Don't duplicate path when replacing a CA/CRL entry
* BUG/MINOR: ssl_ckch: Don't duplicate path when replacing a cert entry
* BUG/MEDIUM: ssl_ckch: Don't delete CA/CRL entry if it is being modified
* BUG/MEDIUM: ssl_ckch: Don't delete a cert entry if it is being modified
* BUG/MINOR: ssl_ckch: Free error msg if commit changes on a CA/CRL entry fails
* BUG/MINOR: ssl_ckch: Free error msg if commit changes on a cert entry fails
OBS-URL: https://build.opensuse.org/request/show/988057
OBS-URL: https://build.opensuse.org/package/show/server:http/haproxy?expand=0&rev=266
* [RELEASE] Released version 2.5.4
* BUG/MEDIUM: stream: Abort processing if response buffer allocation fails
* CI: github: enable pool debugging by default
* REGTESTS: fix the race conditions in 40be_2srv_odd_health_checks
* BUG/MINOR: proxy: preset the error message pointer to NULL in parse_new_proxy()
* DOC: Fix usage/examples of deprecated ACLs
* BUG/MAJOR: mux-h2: Be sure to always report HTX parsing error to the app layer
* BUG/MEDIUM: mux-h1: Don't wake h1s if mux is blocked on lack of output buffer
* BUG/MEDIUM: htx: Be sure to have a buffer to perform a raw copy of a message
OBS-URL: https://build.opensuse.org/package/show/server:http/haproxy?expand=0&rev=261