- Update to version 1.7.5:
* BUG/MEDIUM: peers: fix buffer overflow control in intdecode.
* BUG/MEDIUM: buffers: Fix how input/output data are injected into buffers
* BUG/MEDIUM: http: Fix blocked HTTP/1.0 responses when compression is enabled
* BUG/MINOR: filters: Don't force the stream's wakeup when we wait in flt_end_analyze
* MINOR: config parsing: add warning when log-format/tcplog/httplog is overriden in "defaults" sections
OBS-URL: https://build.opensuse.org/request/show/493447
OBS-URL: https://build.opensuse.org/package/show/server:http/haproxy?expand=0&rev=146
- Update to version 1.7.4:
* MINOR: config: warn when some HTTP rules are used in a TCP proxy
* BUG/MINOR: spoe: Fix soft stop handler using a specific id for spoe filters
* BUG/MINOR: spoe: Fix parsing of arguments in spoe-message section
* BUG/MEDIUM: ssl: Clear OpenSSL error stack after trying to parse OCSP file
* BUG/MEDIUM: cli: Prevent double free in CLI ACL lookup
* BUG/MINOR: Fix "get map <map> <value>" CLI command
* BUG/MAJOR: connection: update CO_FL_CONNECTED before calling the data layer
* BUG/MEDIUM: ssl: switchctx should not return SSL_TLSEXT_ERR_ALERT_WARNING
* BUG/MINOR: checks: attempt clean shutw for SSL check
* BUG/MEDIUM: listener: do not try to rebind another process' socket
* BUG/MEDIUM: filters: Fix channels synchronization in flt_end_analyze
* BUG/MAJOR: stream-int: do not depend on connection flags to detect connection
* BUG/MEDIUM: connection: ensure to always report the end of handshakes
* BUG: payload: fix payload not retrieving arbitrary lengths
* BUG/MAJOR: http: fix typo in http_apply_redirect_rule
* BUG/MEDIUM: stream: fix client-fin/server-fin handling
* MINOR: fd: add a new flag HAP_POLL_F_RDHUP to struct poller
* BUG/MINOR: raw_sock: always perfom the last recv if RDHUP is not available
* DOC/MINOR: Fix typos in proxy protocol doc
* DOC: Protocol doc: add checksum, TLV type ranges
* DOC: Protocol doc: add SSL TLVs, rename CHECKSUM
* DOC: Protocol doc: add noop TLV
* MEDIUM: global: add a 'hard-stop-after' option to cap the soft-stop time
* BUG/MINOR: cfgparse: loop in tracked servers lists not detected by check_config_validity().
* MINOR: server: irrelevant error message with 'default-server' config file keyword.
* MINOR: doc: fix use-server example (imap vs mail)
* BUG/MEDIUM: tcp: don't require privileges to bind to device
OBS-URL: https://build.opensuse.org/request/show/483306
OBS-URL: https://build.opensuse.org/package/show/server:http/haproxy?expand=0&rev=145
- Update to version 1.7.3:
* BUG/MINOR: stream: Fix how backend-specific analyzers are set on a stream
* BUG/MEDIUM: tcp: don't poll for write when connect() succeeds
* BUG/MINOR: unix: fix connect's polling in case no data are scheduled
* BUG/MINOR: lua: Map.end are not reliable because "end" is a reserved keyword
* MINOR: dns: give ability to dns_init_resolvers() to close a socket when requested
* BUG/MAJOR: dns: restart sockets after fork()
* MINOR: chunks: implement a simple dynamic allocator for trash buffers
* BUG/MEDIUM: http: prevent redirect from overwriting a buffer
* BUG/MEDIUM: filters: Do not truncate HTTP response when body length is undefined
* BUG/MEDIUM: http: Prevent replace-header from overwriting a buffer
* BUG/MINOR: http: Return an error when a replace-header rule failed on the response
* BUG/MINOR: sendmail: The return of vsnprintf is not cleanly tested
* BUG/MAJOR: lua segmentation fault when the request is like 'GET ?arg=val HTTP/1.1'
* BUG/MEDIUM: config: reject anything but "if" or "unless" after a use-backend rule
* MINOR: http: don't close when redirect location doesn't start with "/"
OBS-URL: https://build.opensuse.org/request/show/460842
OBS-URL: https://build.opensuse.org/package/show/server:http/haproxy?expand=0&rev=144
- Update to version 1.7.2:
* BUG/MEDIUM: lua: In some case, the return of sample-fetches is ignored (2)
* BUG/MINOR: stream-int: automatically release SI_FL_WAIT_DATA on SHUTW_NOW
* DOC: lua: documentation about time parser functions
* DOC: lua: section declared twice
* BUG/MINOR: lua/cli: bad error message
* DOC: fix small typo in fe_id (backend instead of frontend)
* BUG/MINOR: Fix the sending function in Lua's cosocket
* BUG/MINOR: lua: memory leak executing tasks
* BUG/MINOR: lua: bad return code
* BUG/MEDIUM: ssl: properly reset the reused_sess during a forced handshake
* BUG/MEDIUM: ssl: avoid double free when releasing bind_confs
* BUG/MINOR: stats: fix be/sessions/current out in typed stats
* BUG/MINOR: backend: nbsrv() should return 0 if backend is disabled
* BUG/MEDIUM: ssl: for a handshake when server-side SNI changes
* BUG/MINOR: systemd: potential zombie processes
* DOC: Add timings events schemas
* BUG/MINOR: option prefer-last-server must be ignored in some case
* MINOR: stats: Support "select all" for backend actions
* BUG/MINOR: sample-fetches/stick-tables: bad type for the sample fetches sc*_get_gpt0
* BUG/MAJOR: channel: Fix the definition order of channel analyzers
* BUG/MINOR: http: report real parser state in error captures
* BUG/MAJOR: http: fix risk of getting invalid reports of bad requests
* MINOR: http: custom status reason.
* MINOR: connection: add sample fetch "fc_rcvd_proxy"
* BUG/MINOR: config: emit a warning if http-reuse is enabled with incompatible options
* BUG/MINOR: tools: fix off-by-one in port size check
* BUG/MEDIUM: server: consider AF_UNSPEC as a valid address family
* MEDIUM: server: split the address and the port into two different fields
* MINOR: tools: make str2sa_range() return the port in a separate argument
* MINOR: server: take the destination port from the port field, not the addr
* MEDIUM: server: disable protocol validations when the server doesn't resolve
* BUG/MEDIUM: tools: do not force an unresolved address to AF_INET:0.0.0.0
* BUG/MINOR: ssl: EVP_PKEY must be freed after X509_get_pubkey usage
* MINOR: proto_http.c 502 error txt typo.
* DOC: add deprecation notice to "block"
* BUG/MINOR: Reset errno variable before calling strtol(3)
OBS-URL: https://build.opensuse.org/request/show/453453
OBS-URL: https://build.opensuse.org/package/show/server:http/haproxy?expand=0&rev=142
* BUG/MAJOR: stream: fix session abort on resource shortage
* BUG/MINOR: cli: allow the backslash to be escaped on the CLI
* BUG/MEDIUM: cli: fix "show stat resolvers" and "show tls-keys"
* DOC: Fix map table's format
* DOC: Added 51Degrees conv and fetch functions to documentation.
* BUG/MINOR: http: don't send an extra CRLF after a Set-Cookie in a redirect
* DOC: mention that req_tot is for both frontends and backends
* BUG/MEDIUM: variables: some variable name can hide another ones
* BUG/MINOR: stats: fix be/sessions/max output in html stats
* MINOR: proxy: Add fe_name/be_name fetchers next to existing fe_id/be_id
* DOC: lua: Documentation about some entry missing
* MINOR: Do not forward the header "Expect: 100-continue" when the option http-buffer-request is set
* DOC: Add undocumented argument of the trace filter
* DOC: Fix some typo in SPOE documentation
* BUG/MINOR: cli: be sure to always warn the cli applet when input buffer is full
* MINOR: applet: Count number of (active) applets
* MINOR: task: Rename run_queue and run_queue_cur counters
* BUG/MEDIUM: stream: Save unprocessed events for a stream
* BUG/MAJOR: Fix how the list of entities waiting for a buffer is handled
* BUILD/MEDIUM: Fixing the build using LibreSSL
* [RELEASE] Released version 1.7.1
OBS-URL: https://build.opensuse.org/package/show/server:http/haproxy?expand=0&rev=141
- Update to version 1.7.0:
* BUG/MEDIUM: proxy: return "none" and "unknown" for unknown LB algos
* BUG/MINOR: stats: make field_str() return an empty string on NULL
* BUG/MEDIUM: http: Fix tunnel mode when the CONNECT method is used
* BUG/MINOR: http: Keep the same behavior between 1.6 and 1.7 for tunneled txn
* BUG/MINOR: filters: Protect args in macros HAS_DATA_FILTERS and IS_DATA_FILTER
* BUG/MINOR: filters: Invert evaluation order of HTTP_XFER_BODY and XFER_DATA analyzers
* BUG/MINOR: http: Call XFER_DATA analyzer when HTTP txn is switched in tunnel mode
OBS-URL: https://build.opensuse.org/request/show/443139
OBS-URL: https://build.opensuse.org/package/show/server:http/haproxy?expand=0&rev=138
- Update to version 1.6.9+git.1477940904.ab45181 (fate#321723)
* BUILD: poll: remove unused hap_fd_isset() which causes a warning with clang
* MINOR: cfgparse: few memory leaks fixes.
* MINOR: build: Allow linking to device-atlas library file
* DOC: Fix typo in description of `-st` parameter in man page
* BUG/MEDIUM: peers: on shutdown, wake up the appctx, not the stream
* BUG/MEDIUM: peers: fix use after free in peer_session_create()
* BUG/MEDIUM: systemd: let the wrapper know that haproxy has completed or failed
* MINOR: systemd: report it when execve() fails
* BUG/MINOR: systemd: check return value of calloc()
* BUG/MINOR: systemd: always restore signals before execve()
* BUG/MINOR: systemd: make the wrapper return a non-null status code on error
* BUG/MINOR: ssl: prevent multiple entries for the same certificate
* BUG/MINOR: ssl: Check malloc return code
* BUG/MINOR: vars: smp_fetch_var() doesn't depend on HTTP but on the session
* BUG/MINOR: vars: make smp_fetch_var() more robust against misuses
* BUG/MINOR: vars: use sess and not s->sess in action_store()
* MEDIUM: make SO_REUSEPORT configurable
* MINOR: Add fe_req_rate sample fetch
* MINOR: show Running on zlib version
* MINOR: show Built with PCRE version
* BUG/MINOR: displayed PCRE version is running release
OBS-URL: https://build.opensuse.org/request/show/438382
OBS-URL: https://build.opensuse.org/package/show/server:http/haproxy?expand=0&rev=135
- Update to 1.6.9
- MINOR: cli: allow the semi-colon to be escaped on the CLI
- BUG/MINOR: payload: fix SSLv2 version parser
- BUG/MAJOR: stream: properly mark the server address as unset on connect retry
- DOC: Updated 51Degrees readme.
- BUG/MAJOR: stick-counters: possible crash when using sc_trackers with wrong table
- BUG/MINOR: peers: empty chunks after a resync.
- BUG/MINOR: peers: some updates are pushed twice after a resync.
- MINOR: sample: use smp_make_rw() in upper/lower converters
- BUG/MEDIUM: stick-table: properly convert binary samples to keys
- BUG/MEDIUM: stick-tables: do not fail on string keys with no allocated size
- BUG/MAJOR: server: the "sni" directive could randomly cause trouble
- MINOR: sample: provide smp_is_rw() and smp_make_rw()
- MINOR: sample: implement smp_is_safe() and smp_make_safe()
- BUG/MEDIUM: samples: make smp_dup() always duplicate the sample
- BUG/MAJOR: compression: initialize avail_in/next_in even during flush
- BUILD: make proto_tcp.c compatible with musl library
- DOC: minor typo fixes to improve HTML parsing by haproxy-dconv
- BUG/MEDIUM: stream-int: completely detach connection on connect error
- BUG/MEDIUM: lua: somme HTTP manipulation functions are called without valid requests
- DOC: lua: remove old functions
- BUG/MINOR: peers: Fix peers data decoding issue
- BUG/MEDIUM: lua: the function txn_done() from action wrapper can crash
- BUG/MEDIUM: lua: the function txn_done() from sample fetches can crash
OBS-URL: https://build.opensuse.org/request/show/424127
OBS-URL: https://build.opensuse.org/package/show/server:http/haproxy?expand=0&rev=132
- BUILD: ssl: fix build error introduced in commit 7969a3 with
OpenSSL < 1.0.0
- DOC: fix a typo for a "deviceatlas" keyword
- FIX: small typo in an example using the "Referer" header
- BUG/MEDIUM: config: count memory limits on 64 bits, not 32
- BUG/MAJOR: dns: first DNS response packet not matching queried
hostname may lead to a loop
- BUG/MINOR: dns: unable to parse CNAMEs response
- BUG/MINOR: examples/haproxy.init: missing brace in
quiet_check()
- DOC: deviceatlas: more example use cases.
- BUG/BUILD: replace haproxy-systemd-wrapper with $(EXTRA) in
install-bin.
- BUG/MAJOR: http: don't requeue an idle connection that is
already queued
- DOC: typo on capture.res.hdr and capture.req.hdr
- BUG/MINOR: dns: check for duplicate nameserver id in a
resolvers section was missing
- CLEANUP: use direction names in place of numeric values
- BUG/MEDIUM: lua: sample fetches based on response doesn't work
- drop haproxy-1.6.0-ssl-098.patch: included upstream
OBS-URL: https://build.opensuse.org/package/show/server:http/haproxy?expand=0&rev=122
- DOC: specify that stats socket doc (section 9.2) is in
management
- BUILD: install only relevant and existing documentation
- CLEANUP: don't ignore debian/ directory if present
- BUG/MINOR: dns: parsing error of some DNS response
- BUG/MEDIUM: namespaces: don't fail if no namespace is used
- BUG/MAJOR: ssl: free the generated SSL_CTX if the LRU cache is
disabled
- MEDIUM: dns: Don't use the ANY query type
- drop haproxy-1.6.0-ssl.crash.patch included in update
OBS-URL: https://build.opensuse.org/package/show/server:http/haproxy?expand=0&rev=121
- drop patches we pulled from upstream git:
0001-BUG-MINOR-log-missing-some-ARGC_-entries-in-fmt_dire.patch
0002-DOC-usesrc-root-privileges-requirements.patch
0003-BUILD-ssl-Allow-building-against-libssl-without-SSLv.patch
0004-DOC-MINOR-fix-OpenBSD-versions-where-haproxy-works.patch
0005-BUG-MINOR-http-sample-gmtime-localtime-can-fail.patch
0006-DOC-typo-in-redirect-302-code-meaning.patch
0007-DOC-mention-that-ms-is-left-padded-with-zeroes.patch
0008-CLEANUP-.gitignore-ignore-more-test-files.patch
0009-CLEANUP-.gitignore-finally-ignore-everything-but-wha.patch
0010-MEDIUM-config-emit-a-warning-on-a-frontend-without-l.patch
0011-BUG-MEDIUM-counters-ensure-that-src_-inc-clr-_gpc0-c.patch
0012-DOC-ssl-missing-LF.patch
0013-DOC-fix-example-of-http-request-using-ssl_fc_session.patch
0014-BUG-MINOR-http-remove-stupid-HTTP_METH_NONE-entry.patch
0015-BUG-MAJOR-http-don-t-call-http_send_name_header-afte.patch
- refresh/redo patches to apply cleanly again:
old: haproxy-1.2.16_config_haproxy_user.patch
new: haproxy-1.6.0_config_haproxy_user.patch
old: haproxy-makefile_lib.patch
new: haproxy-1.6.0-makefile_lib.patch
old: sec-options.patch
new: haproxy-1.6.0-sec-options.patch
- added new haproxy.cfg to have a minimal config we can actually
launch!
- drop patch haproxy-1.5.8-fix-bashisms.patch: patched files no
longer exist
- drop haproxy.vim: we will use the copy which ships with the
upstream tarball now.
OBS-URL: https://build.opensuse.org/package/show/server:http/haproxy?expand=0&rev=117