2014-08-05 21:11:18 +02:00
|
|
|
-------------------------------------------------------------------
|
|
|
|
Wed Jul 30 09:47:38 UTC 2014 - mrueckert@suse.de
|
|
|
|
|
|
|
|
- pull important fixes from git:
|
|
|
|
0001-BUG-MINOR-server-move-the-directive-endif-to-the-end.patch
|
|
|
|
0002-BUG-MINOR-Fix-search-for-p-argument-in-systemd-wrapp.patch
|
|
|
|
0003-BUG-MAJOR-tcp-fix-a-possible-busy-spinning-loop-in-c.patch
|
|
|
|
Especially the last patch is important:
|
|
|
|
As a consequence of various recent changes on the sample
|
|
|
|
conversion, a corner case has emerged where it is possible to
|
|
|
|
wait forever for a sample in track-sc*.
|
|
|
|
|
|
|
|
-------------------------------------------------------------------
|
|
|
|
Mon Jul 28 11:33:14 UTC 2014 - kgronlund@suse.com
|
|
|
|
|
|
|
|
- update to 1.5.3
|
|
|
|
- DOC: fix typo in Unix Socket commands
|
|
|
|
- BUG/MEDIUM: connection: fix memory corruption when building a proxy v2 header
|
|
|
|
- BUG/MEDIUM: ssl: Fix a memory leak in DHE key exchange
|
|
|
|
- DOC: mention that Squid correctly responds 400 to PPv2 header
|
|
|
|
- BUG/MINOR: http: base32+src should use the big endian version of base32
|
|
|
|
- BUG/MEDIUM: connection: fix proxy v2 header again!
|
|
|
|
- Removed backported patches:
|
|
|
|
- 0001-DOC-mention-that-Squid-correctly-responds-400-to-PPv.patch
|
|
|
|
- 0002-DOC-fix-typo-in-Unix-Socket-commands.patch
|
|
|
|
- 0003-BUG-MEDIUM-ssl-Fix-a-memory-leak-in-DHE-key-exchange.patch
|
|
|
|
- 0004-BUG-MINOR-http-base32-src-should-use-the-big-endian-.patch
|
|
|
|
- 0005-BUG-MEDIUM-connection-fix-memory-corruption-when-bui.patch
|
|
|
|
- 0006-BUG-MEDIUM-connection-fix-proxy-v2-header-again.patch
|
|
|
|
|
|
|
|
-------------------------------------------------------------------
|
|
|
|
Mon Jul 21 13:45:40 UTC 2014 - mrueckert@suse.de
|
|
|
|
|
|
|
|
- added 0006-BUG-MEDIUM-connection-fix-proxy-v2-header-again.patch:
|
|
|
|
Last commit 77d1f01 ("BUG/MEDIUM: connection: fix memory
|
|
|
|
corruption when building a proxy v2 header") was wrong, using
|
|
|
|
&cn_trash instead of cn_trash resulting in a warning and the
|
|
|
|
client's SSL cert CN not being stored at the proper location.
|
|
|
|
|
2014-07-21 21:40:10 +02:00
|
|
|
-------------------------------------------------------------------
|
|
|
|
Fri Jul 18 15:01:53 UTC 2014 - mrueckert@suse.de
|
|
|
|
|
|
|
|
- added
|
|
|
|
0005-BUG-MEDIUM-connection-fix-memory-corruption-when-bui.patch:
|
|
|
|
BUG/MEDIUM: connection: fix memory corruption when building a
|
|
|
|
proxy v2 header
|
|
|
|
|
|
|
|
-------------------------------------------------------------------
|
|
|
|
Thu Jul 17 10:45:28 UTC 2014 - mrueckert@suse.de
|
|
|
|
|
|
|
|
- pulled a few fixes from the 1.5 branch: most notable the DHE
|
|
|
|
memleak fix. Adds the following patches:
|
|
|
|
0001-DOC-mention-that-Squid-correctly-responds-400-to-PPv.patch
|
|
|
|
0002-DOC-fix-typo-in-Unix-Socket-commands.patch
|
|
|
|
0003-BUG-MEDIUM-ssl-Fix-a-memory-leak-in-DHE-key-exchange.patch
|
|
|
|
0004-BUG-MINOR-http-base32-src-should-use-the-big-endian-.patch
|
|
|
|
|
|
|
|
-------------------------------------------------------------------
|
|
|
|
Sat Jul 12 16:56:27 UTC 2014 - mrueckert@suse.de
|
|
|
|
|
|
|
|
- update to 1.5.2
|
|
|
|
- BUG/MEDIUM: backend: Update hash to use unsigned int throughout
|
|
|
|
- BUG/MINOR: ssl: Fix external function in order not to return a
|
|
|
|
pointer on an internal trash buffer.
|
|
|
|
- DOC: expand the docs for the provided stats.
|
|
|
|
- BUG/MEDIUM: unix: do not unlink() abstract namespace sockets
|
|
|
|
upon failure.
|
|
|
|
- MINOR: stats: fix minor typo in HTML page
|
|
|
|
- BUG/MEDIUM: http: fetch "base" is not compatible with
|
|
|
|
set-header
|
|
|
|
- BUG/MINOR: counters: do not untrack counters before logging
|
|
|
|
- BUG/MAJOR: sample: correctly reinitialize sample fetch context
|
|
|
|
before calling sample_process()
|
|
|
|
- MINOR: stick-table: make stktable_fetch_key() indicate why it
|
|
|
|
failed
|
|
|
|
- BUG/MEDIUM: counters: fix track-sc* to wait on unstable
|
|
|
|
contents
|
|
|
|
- BUILD: remove TODO from the spec file and add README
|
|
|
|
- MINOR: log: make MAX_SYSLOG_LEN overridable at build time
|
|
|
|
- MEDIUM: log: support a user-configurable max log line length
|
|
|
|
- DOC: provide an example of how to use ssl_c_sha1
|
|
|
|
- BUILD: http: fix isdigit & isspace warnings on Solaris
|
|
|
|
- BUG/MINOR: listener: set the listener's fd to -1 after deletion
|
|
|
|
- BUG/MEDIUM: unix: failed abstract socket binding is retryable
|
|
|
|
- MEDIUM: listener: implement a per-protocol pause() function
|
|
|
|
- MEDIUM: listener: support rebinding during resume()
|
|
|
|
- BUG/MEDIUM: unix: completely unbind abstract sockets during a
|
|
|
|
pause()
|
|
|
|
- DOC: explicitly mention the limits of abstract namespace
|
|
|
|
sockets
|
|
|
|
- DOC: minor fix on {sc,src}_kbytes_{in,out}
|
|
|
|
- DOC: fix alphabetical sort of converters
|
|
|
|
- BUG/MAJOR: http: correctly rewind the request body after start
|
|
|
|
of forwarding
|
|
|
|
- DOC: remove references to CPU=native in the README
|
|
|
|
- DOC: mention that "compression offload" is ignored in defaults
|
|
|
|
section
|
|
|
|
- drop patches including in version upgrade.
|
|
|
|
- 0001-BUG-MEDIUM-http-fetch-base-is-not-compatible-with-se.patch
|
|
|
|
- 0002-BUG-MINOR-ssl-Fix-external-function-in-order-not-to-.patch
|
|
|
|
- 0003-BUG-MINOR-counters-do-not-untrack-counters-before-lo.patch
|
|
|
|
- 0004-BUG-MAJOR-sample-correctly-reinitialize-sample-fetch.patch
|
|
|
|
- 0005-MINOR-stick-table-make-stktable_fetch_key-indicate-w.patch
|
|
|
|
- 0006-BUG-MEDIUM-counters-fix-track-sc-to-wait-on-unstable.patch
|
|
|
|
- use www.haproxy.org now instead of the old domain which is just
|
|
|
|
redirecting to haproxy.org now.
|
|
|
|
|
2014-07-02 15:05:11 +02:00
|
|
|
-------------------------------------------------------------------
|
|
|
|
Tue Jul 1 12:13:33 UTC 2014 - kgronlund@suse.com
|
|
|
|
|
|
|
|
- BUG/MEDIUM: counters: fix track-sc* to wait on unstable contents
|
|
|
|
- MINOR: stick-table: make stktable_fetch_key() indicate why it failed
|
|
|
|
- BUG/MAJOR: sample: correctly reinitialize sample fetch context before calling sample_process()
|
|
|
|
- BUG/MINOR: counters: do not untrack counters before logging
|
|
|
|
- BUG/MINOR: ssl: Fix external function in order not to return a pointer on an internal trash buffer.
|
|
|
|
- BUG/MEDIUM: http: fetch "base" is not compatible with set-header
|
|
|
|
|
|
|
|
- Add patches:
|
|
|
|
- 0001-BUG-MEDIUM-http-fetch-base-is-not-compatible-with-se.patch
|
|
|
|
- 0002-BUG-MINOR-ssl-Fix-external-function-in-order-not-to-.patch
|
|
|
|
- 0003-BUG-MINOR-counters-do-not-untrack-counters-before-lo.patch
|
|
|
|
- 0004-BUG-MAJOR-sample-correctly-reinitialize-sample-fetch.patch
|
|
|
|
- 0005-MINOR-stick-table-make-stktable_fetch_key-indicate-w.patch
|
|
|
|
- 0006-BUG-MEDIUM-counters-fix-track-sc-to-wait-on-unstable.patch
|
|
|
|
|
2014-06-25 15:24:23 +02:00
|
|
|
-------------------------------------------------------------------
|
|
|
|
Tue Jun 24 15:55:48 UTC 2014 - mrueckert@suse.de
|
|
|
|
|
|
|
|
- install the vim file into the versioned directory and dont cover
|
|
|
|
the current symlink with a directory
|
|
|
|
|
|
|
|
-------------------------------------------------------------------
|
|
|
|
Tue Jun 24 13:00:39 UTC 2014 - mrueckert@suse.de
|
|
|
|
|
|
|
|
- add Requires to vim to make the ownership of the vim directory
|
|
|
|
clear and not break any symlink handling the vim package might
|
|
|
|
use.
|
|
|
|
|
|
|
|
-------------------------------------------------------------------
|
|
|
|
Tue Jun 24 12:23:55 UTC 2014 - mrueckert@suse.de
|
|
|
|
|
|
|
|
- update to 1.5.1
|
|
|
|
- BUG/MINOR: config: http-request replace-header arg typo
|
|
|
|
- BUG/MINOR: ssl: rejects OCSP response without nextupdate.
|
|
|
|
- BUG/MEDIUM: ssl: Fix to not serve expired OCSP responses.
|
|
|
|
- BUG/MINOR: ssl: Fix OCSP resp update fails with the same
|
|
|
|
certificate configured twice. (cherry picked from commit
|
|
|
|
1d3865b096b43b9a6d6a564ffb424ffa6f1ef79f)
|
|
|
|
- BUG/MEDIUM: Consistently use 'check' in process_chk
|
|
|
|
- BUG/MAJOR: session: revert all the crappy client-side timeout
|
|
|
|
changes
|
|
|
|
- BUG/MINOR: logs: properly initialize and count log sockets
|
|
|
|
- drop haproxy-1.5.0_consistently_use_check.patch:
|
|
|
|
included upstream
|
|
|
|
|
|
|
|
-------------------------------------------------------------------
|
|
|
|
Tue Jun 24 09:51:25 UTC 2014 - kgronlund@suse.com
|
|
|
|
|
|
|
|
- Install vim file to a more appropriate location
|
|
|
|
|
|
|
|
-------------------------------------------------------------------
|
|
|
|
Mon Jun 23 09:19:04 UTC 2014 - kgronlund@suse.com
|
|
|
|
|
|
|
|
- added pre macro for systemd service file
|
|
|
|
|
|
|
|
-------------------------------------------------------------------
|
|
|
|
Mon Jun 23 08:28:06 UTC 2014 - kgronlund@suse.com
|
|
|
|
|
|
|
|
- Use better systemd detection consistently
|
|
|
|
|
|
|
|
-------------------------------------------------------------------
|
|
|
|
Sun Jun 22 19:48:11 UTC 2014 - mrueckert@suse.de
|
|
|
|
|
|
|
|
- pull commit 9ac7cabaf9945fb92c96cb92f5ea85235f54f7d6:
|
|
|
|
Consistently use 'check' in process_chk
|
|
|
|
I am not entirely sure that this is a bug, but it seems
|
|
|
|
to me that it may cause a problem if there agent-check is
|
|
|
|
configured and there is some kind of error making a connection
|
|
|
|
for it.
|
|
|
|
adds patch haproxy-1.5.0_consistently_use_check.patch
|
|
|
|
|
|
|
|
-------------------------------------------------------------------
|
|
|
|
Fri Jun 20 14:37:21 UTC 2014 - mrueckert@suse.de
|
|
|
|
|
|
|
|
- update to 1.5.0
|
|
|
|
For people who don't follow the development versions, 1.5 expands
|
|
|
|
1.4 with many new features and performance improvements,
|
|
|
|
including native SSL support on both sides with SNI/NPN/ALPN and
|
|
|
|
OCSP stapling, IPv6 and UNIX sockets are supported everywhere,
|
|
|
|
full HTTP keep-alive for better support of NTLM and improved
|
|
|
|
efficiency in static farms, HTTP/1.1 compression (deflate, gzip)
|
|
|
|
to save bandwidth, PROXY protocol versions 1 and 2 on both sides,
|
|
|
|
data sampling on everything in request or response, including
|
|
|
|
payload, ACLs can use any matching method with any input sample
|
|
|
|
maps and dynamic ACLs updatable from the CLI stick-tables support
|
|
|
|
counters to track activity on any input sample custom format for
|
|
|
|
logs, unique-id, header rewriting, and redirects, improved health
|
|
|
|
checks (SSL, scripted TCP, check agent, ...), much more scalable
|
|
|
|
configuration supports hundreds of thousands of backends and
|
|
|
|
certificates without sweating.
|
|
|
|
|
|
|
|
For all the details see /usr/share/doc/packages/haproxy/CHANGELOG
|
|
|
|
|
|
|
|
- enable tcp fast open if the kernel is recent enough
|
|
|
|
- enable PCRE JIT if PCRE is recent enough
|
|
|
|
- enable openssl support!
|
|
|
|
- haproxy can finally terminate ssl itself and also talk SSL to
|
|
|
|
the backend servers.
|
|
|
|
- including SNI/NPN/ALPN support.
|
|
|
|
new buildrequires openssl and pkgconfig
|
|
|
|
- enable deflate support
|
|
|
|
new buildrequires zlib-devel
|
|
|
|
- enable transparent proxy support
|
|
|
|
- enable usage of accept4. reduces the syscall amount.
|
|
|
|
- enable building and installing of halog
|
|
|
|
- install vim file into the correct place
|
|
|
|
- dropped patches:
|
|
|
|
0001-MEDIUM-add-systemd-service.patch
|
|
|
|
0002-MEDIUM-add-haproxy-systemd-wrapper.patch
|
|
|
|
0003-MEDIUM-New-cli-option-Ds-for-systemd-compatibility.patch
|
|
|
|
0004-BUG-MEDIUM-systemd-wrapper-don-t-leak-zombie-process.patch
|
|
|
|
0005-BUILD-stdbool-is-not-portable-again.patch
|
|
|
|
0006-MEDIUM-haproxy-systemd-wrapper-Use-haproxy-in-same-d.patch
|
|
|
|
0007-MEDIUM-systemd-wrapper-Kill-child-processes-when-int.patch
|
|
|
|
0008-LOW-systemd-wrapper-Write-debug-information-to-stdou.patch
|
|
|
|
0009-openSUSE-Configure-haproxy-user.patch
|
|
|
|
0010-openSUSE-Fix-path-to-PCRE-library.patch
|
|
|
|
0011-BUILD-MINOR-systemd-fix-compiler-warning-about-unuse.patch
|
|
|
|
0012-BUG-MEDIUM-systemd-wrapper-fix-locating-of-haproxy-b.patch
|
|
|
|
0013-MINOR-systemd-wrapper-re-execute-on-SIGUSR2.patch
|
|
|
|
0014-MINOR-systemd-wrapper-improve-logging.patch
|
|
|
|
0015-MINOR-systemd-wrapper-propagate-exit-status.patch
|
|
|
|
- added haproxy-1.2.16_config_haproxy_user.patch:
|
|
|
|
(replaces 0009-openSUSE-Configure-haproxy-user.patch)
|
|
|
|
- added haproxy-1.5_check_config_before_start.patch:
|
|
|
|
systemd allows us to run other things before we start the final
|
|
|
|
daemon. use this to check the configuration before launching.
|
|
|
|
- added haproxy-makefile_lib.patch
|
|
|
|
(replaces 0010-openSUSE-Fix-path-to-PCRE-library.patch)
|
|
|
|
- added sec-options.patch:
|
|
|
|
allow it more easily to build haproxy with PIE, stackprotector
|
|
|
|
and relro. all those options are enabled on our build.
|
|
|
|
- added apparmor profile
|
|
|
|
usr.sbin.haproxy.apparmor
|
|
|
|
local.usr.sbin.haproxy.apparmor
|
|
|
|
- change the conditionals for systemd to use bcond_with to make it
|
|
|
|
more obvious what we are guarding.
|
|
|
|
|
2014-05-23 07:27:51 +02:00
|
|
|
-------------------------------------------------------------------
|
|
|
|
Wed May 21 10:50:21 UTC 2014 - jsegitz@novell.com
|
|
|
|
|
|
|
|
- added necessary macros for systemd files
|
|
|
|
|
2014-05-06 17:38:15 +02:00
|
|
|
-------------------------------------------------------------------
|
|
|
|
Tue May 6 06:12:08 UTC 2014 - kgronlund@suse.com
|
|
|
|
|
|
|
|
- update to 1.4.25 (bnc#876438)
|
|
|
|
- DOC: typo: nosepoll self reference in config guide
|
|
|
|
- BUG/MINOR: deinit: free fdinfo while doing cleanup
|
|
|
|
- BUG/MEDIUM: server: set the macro for server's max weight SRV_UWGHT_MAX to SRV_UWGHT_RANGE
|
|
|
|
- BUG/MINOR: use the same check condition for server as other algorithms
|
|
|
|
- BUG/MINOR: stream-int: also consider ENOTCONN in addition to EAGAIN for recv()
|
|
|
|
- BUG/MINOR: fix forcing fastinter in "on-error"
|
|
|
|
- BUG/MEDIUM: http/auth: Sometimes the authentication credentials can be mix between two requests
|
|
|
|
- BUG/MAJOR: http: don't emit the send-name-header when no server is available
|
|
|
|
- BUG/MEDIUM: http: "option checkcache" fails with the no-cache header
|
|
|
|
- MEDIUM: session: disable lingering on the server when the client aborts
|
|
|
|
- MINOR: config: warn when a server with no specific port uses rdp-cookie
|
|
|
|
- MEDIUM: increase chunk-size limit to 2GB-1
|
|
|
|
- DOC: add a mention about the limited chunk size
|
|
|
|
- MEDIUM: http: add "redirect scheme" to ease HTTP to HTTPS redirection
|
|
|
|
- BUILD: proto_tcp: remove a harmless warning
|
|
|
|
- BUG/MINOR: acl: remove patterns from the tree before freeing them
|
|
|
|
- BUG/MEDIUM: checks: fix slow start regression after fix attempt
|
|
|
|
- BUG/MAJOR: server: weight calculation fails for map-based algorithms
|
|
|
|
- BUG/MINOR: backend: fix target address retrieval in transparent mode
|
|
|
|
- BUG/MEDIUM: stick: completely remove the unused flag from the store entries
|
|
|
|
- BUG/MEDIUM: stick-tables: complete the latest fix about store-responses
|
|
|
|
- BUG/MEDIUM: checks: tracking servers must not inherit the MAINT flag
|
|
|
|
- BUG/MINOR: stats: report correct throttling percentage for servers in slowstart
|
|
|
|
- BUG/MINOR: stats: correctly report throttle rate of low weight servers
|
|
|
|
- BUG/MINOR: checks: successful check completion must not re-enable MAINT servers
|
|
|
|
- BUG/MEDIUM: stats: the web interface must check the tracked servers before enabling
|
|
|
|
- BUG/MINOR: channel: initialize xfer_small/xfer_large on new buffers
|
|
|
|
- BUG/MINOR: stream-int: also consider ENOTCONN in addition to EAGAIN
|
|
|
|
- BUG/MEDIUM: http: don't start to forward request data before the connect
|
|
|
|
- DOC: fix misleading information about SIGQUIT
|
|
|
|
- BUILD: simplify the date and version retrieval in the makefile
|
|
|
|
- BUILD: prepare the makefile to skip format lines in SUBVERS and VERDATE
|
|
|
|
- BUILD: use format tags in VERDATE and SUBVERS files
|
|
|
|
|
|
|
|
- Reorganized patches and backported fixes for systemd wrapper:
|
|
|
|
- Renamed 0006-haproxy-1.2.16_config_haproxy_user.patch to 0009-openSUSE-Configure-haproxy-user.patch
|
|
|
|
- Renamed 0007-haproxy-makefile_lib.patch to 0010-openSUSE-Fix-path-to-PCRE-library.patch
|
|
|
|
- Removed 0008-MEDIUM-haproxy-systemd-wrapper-Revised-implementatio.patch
|
|
|
|
- Added 0006-MEDIUM-haproxy-systemd-wrapper-Use-haproxy-in-same-d.patch
|
|
|
|
- Added 0007-MEDIUM-systemd-wrapper-Kill-child-processes-when-int.patch
|
|
|
|
- Added 0008-LOW-systemd-wrapper-Write-debug-information-to-stdou.patch
|
|
|
|
- Added 0011-BUILD-MINOR-systemd-fix-compiler-warning-about-unuse.patch
|
|
|
|
- Added 0012-BUG-MEDIUM-systemd-wrapper-fix-locating-of-haproxy-b.patch
|
|
|
|
- Added 0013-MINOR-systemd-wrapper-re-execute-on-SIGUSR2.patch
|
|
|
|
- Added 0014-MINOR-systemd-wrapper-improve-logging.patch
|
|
|
|
- Added 0015-MINOR-systemd-wrapper-propagate-exit-status.patch
|
|
|
|
|
2013-12-18 16:53:39 +01:00
|
|
|
-------------------------------------------------------------------
|
|
|
|
Fri Nov 22 09:54:48 UTC 2013 - kgronlund@suse.com
|
|
|
|
|
|
|
|
- Backport haproxy-systemd-wrapper from upstream
|
|
|
|
- Patch haproxy-systemd-wrapper to work on openSUSE
|
|
|
|
|
|
|
|
-------------------------------------------------------------------
|
|
|
|
Thu Oct 31 12:46:04 UTC 2013 - kgronlund@suse.com
|
|
|
|
|
|
|
|
- Remove duplicate Requires: from .spec file.
|
|
|
|
|
|
|
|
-------------------------------------------------------------------
|
|
|
|
Thu Oct 31 12:41:12 UTC 2013 - kgronlund@suse.com
|
|
|
|
|
|
|
|
- Re-enable sysvinit support for older versions
|
|
|
|
(server:http still builds for older versions)
|
|
|
|
|
2013-10-29 09:25:21 +01:00
|
|
|
-------------------------------------------------------------------
|
|
|
|
Mon Oct 28 14:32:00 UTC 2013 - p.drouand@gmail.com
|
|
|
|
|
|
|
|
- Add systemd support
|
|
|
|
Target distributions all support systemd; keep alive sysvinit support
|
|
|
|
is useless
|
|
|
|
|
2013-10-15 10:42:00 +02:00
|
|
|
-------------------------------------------------------------------
|
|
|
|
Thu Oct 10 15:16:32 UTC 2013 - cdenicolo@suse.com
|
|
|
|
|
|
|
|
- license update: GPL-2.0+ and LGPL-2.1+
|
|
|
|
only header files are LGPL, the rest is still GPL
|
|
|
|
|
|
|
|
-------------------------------------------------------------------
|
|
|
|
Tue Jun 18 09:14:13 UTC 2013 - mrueckert@suse.de
|
|
|
|
|
|
|
|
- update to 1.4.24 (bnc#825412)
|
|
|
|
- BUG/MAJOR: backend: consistent hash can loop forever in certain
|
|
|
|
circumstances
|
|
|
|
- BUG/MEDIUM: checks: disable TCP quickack when pure TCP checks
|
|
|
|
are used
|
|
|
|
- MEDIUM: protocol: implement a "drain" function in protocol
|
|
|
|
layers
|
|
|
|
- BUG/CRITICAL: fix a possible crash when using negative header
|
|
|
|
occurrences CVE-2013-2175
|
|
|
|
|
|
|
|
-------------------------------------------------------------------
|
|
|
|
Wed Apr 3 14:47:43 UTC 2013 - mrueckert@suse.de
|
|
|
|
|
|
|
|
- update to 1.4.23 CVE-2013-1912
|
|
|
|
- CONTRIB: halog: sort URLs by avg bytes_read or total bytes_read
|
|
|
|
- BUG: fix garbage data when http-send-name-header replaces an
|
|
|
|
existing header
|
|
|
|
- BUG/MEDIUM: remove supplementary groups when changing gid
|
|
|
|
- BUG/MINOR: Correct logic in cut_crlf()
|
|
|
|
- BUG/MINOR: config: use a copy of the file name in proxy
|
|
|
|
configurations
|
|
|
|
- BUG/MINOR: epoll: correctly disable FD polling in fd_rem()
|
|
|
|
- MINOR: halog: sort output by cookie code
|
|
|
|
- BUG/MINOR: halog: -ad/-ac report the correct number of output
|
|
|
|
lines
|
|
|
|
- BUG/MINOR: halog: fix help message for -ut/-uto
|
|
|
|
- BUG/MEDIUM: http: set DONTWAIT on data when switching to tunnel
|
|
|
|
mode
|
|
|
|
- BUG/MEDIUM: command-line option -D must have precedence over
|
|
|
|
"debug"
|
|
|
|
- OPTIM: halog: keep a fast path for the lines-count only
|
|
|
|
- MINOR: halog: add a parameter to limit output line count
|
|
|
|
- BUG: halog: fix broken output limitation
|
|
|
|
- MEDIUM: checks: avoid accumulating TIME_WAITs during checks
|
|
|
|
- MEDIUM: checks: prevent TIME_WAITs from appearing also on
|
|
|
|
timeouts
|
|
|
|
- BUG/MAJOR: cli: show sess <id> may randomly corrupt the
|
|
|
|
back-ref list
|
|
|
|
- BUG/MINOR: http: don't report client aborts as server errors
|
|
|
|
- BUG/MINOR: http: don't log a 503 on client errors while waiting
|
|
|
|
for requests
|
|
|
|
- BUG/MEDIUM: tcp: process could theorically crash on lack of
|
|
|
|
source ports
|
|
|
|
- BUG/MINOR: http: don't abort client connection on premature
|
|
|
|
responses
|
|
|
|
- BUILD: no need to clean up when making git-tar
|
|
|
|
- MINOR: http: always report PR-- flags for redirect rules
|
|
|
|
- BUG/MINOR: time: frequency counters are not totally accurate
|
|
|
|
- BUG/MINOR: http: don't process abortonclose when request was
|
|
|
|
sent
|
|
|
|
- BUG/MINOR: epoll: use a fix maxevents argument in epoll_wait()
|
|
|
|
- BUG/MINOR: config: fix improper check for failed memory alloc
|
|
|
|
in ACL parser
|
|
|
|
- BUG/MEDIUM: checks: ensure the health_status is always within
|
|
|
|
bounds
|
|
|
|
- CLEANUP: http: remove a useless null check
|
|
|
|
- BUG/MEDIUM: signal: signal handler does not properly check for
|
|
|
|
signal bounds
|
|
|
|
- BUG/MEDIUM: uri_auth: missing NULL check and memory leak on
|
|
|
|
memory shortage
|
|
|
|
- CLEANUP: config: slowstart is never negative
|
|
|
|
- BUILD: improve the makefile's support for libpcre
|
|
|
|
- BUG/MINOR: checks: fix an warning introduced by commit 2f61455a
|
|
|
|
- MEDIUM: halog: add support for counting per source address
|
|
|
|
(-ic)
|
|
|
|
- DOC: mention the new HTTP 307 and 308 redirect statues
|
|
|
|
(cherry picked from commit
|
|
|
|
b67fdc4cd8bde202f2805d98683ddab929469a05)
|
|
|
|
- MEDIUM: poll: do not use FD_* macros anymore
|
|
|
|
- BUG/MAJOR: ev_select: disable the select() poller if maxsock >
|
|
|
|
FD_SETSIZE
|
|
|
|
- BUILD: enable poll() by default in the makefile
|
|
|
|
- BUILD: add explicit support for Mac OS/X
|
|
|
|
- BUG/CRITICAL: using HTTP information in tcp-request content may
|
|
|
|
crash the process CVE-2013-1912
|
|
|
|
- MEDIUM: http: implement redirect 307 and 308
|
|
|
|
- MINOR: http: status 301 should not be marked non-cacheable
|
|
|
|
- adapt haproxy-makefile_lib.patch to the rewritten Makefile
|
|
|
|
|
|
|
|
-------------------------------------------------------------------
|
|
|
|
Mon Nov 12 14:10:33 UTC 2012 - mrueckert@suse.de
|
|
|
|
|
|
|
|
- switch license tag to spdx format.
|
|
|
|
|
|
|
|
-------------------------------------------------------------------
|
|
|
|
Mon Nov 12 13:50:46 UTC 2012 - mrueckert@suse.de
|
|
|
|
|
|
|
|
- update to 1.4.22
|
|
|
|
- BUG/MEDIUM: option forwardfor if-none doesn't work with some
|
|
|
|
configurations
|
|
|
|
- MINOR: balance uri: added 'whole' parameter to include query
|
|
|
|
string in hash calculation
|
|
|
|
- DOC: specify the default value for maxconn in the context of a
|
|
|
|
proxy
|
|
|
|
- BUG/MINOR: checks: expire on timeout.check if smaller than
|
|
|
|
timeout.connect
|
|
|
|
- REORG/MINOR: use dedicated proxy flags for the cookie handling
|
|
|
|
- BUG/MINOR: config: do not report twice the incompatibility
|
|
|
|
between cookie and non-http
|
|
|
|
- MINOR: http: add support for "httponly" and "secure" cookie
|
|
|
|
attributes
|
|
|
|
- MEDIUM: stats: add support for soft stop/soft start in the
|
|
|
|
admin interface
|
|
|
|
- BUILD: add support for linux kernels >= 2.6.28
|
|
|
|
- MINOR: contrib/iprange: add a network IP range to mask
|
|
|
|
converter
|
|
|
|
- BUILD: add an AIX 5.2 (and later) target.
|
|
|
|
- MINOR: halog: use the more recent dual-mode fgets2
|
|
|
|
implementation
|
|
|
|
- BUG/MEDIUM: ebtree: ebmb_insert() must not call cmp_bits on
|
|
|
|
full-length matches
|
|
|
|
- CLEANUP: halog: make clean should also remove .o files
|
|
|
|
(cherry picked from commit
|
|
|
|
8ad4193100aafa19f04929670371bf823dbe11d0)
|
|
|
|
- OPTIM: halog: make use of memchr() on platforms which provide a
|
|
|
|
fast one
|
|
|
|
- OPTIM: halog: improve cold-cache behaviour when loading a file
|
|
|
|
- [MINOR] config: make it possible to specify a cookie even
|
|
|
|
without a server
|
|
|
|
- MINOR: config: tolerate server "cookie" setting in non-HTTP
|
|
|
|
mode
|
|
|
|
- BUG/MINOR: tarpit: fix condition to return the HTTP 500 message
|
|
|
|
|
|
|
|
-------------------------------------------------------------------
|
|
|
|
Tue Oct 30 16:02:03 UTC 2012 - mrueckert@suse.de
|
|
|
|
|
|
|
|
- fix description in the init script
|
|
|
|
|
|
|
|
-------------------------------------------------------------------
|
|
|
|
Tue May 22 16:47:45 UTC 2012 - pascal.bleser@opensuse.org
|
|
|
|
|
|
|
|
- update to 1.4.21 (bnc#763833) CVE-2012-2391
|
|
|
|
- MINOR: patch for minor typo (ressources/resources)
|
|
|
|
- CLEANUP: fix typo in findserver() log message
|
|
|
|
- DOC: cleanup indentation, alignment, columns and chapters
|
|
|
|
- DOC: fix some keywords arguments documentation
|
|
|
|
- MINOR: stats admin: allow unordered parameters in POST requests
|
|
|
|
- MINOR: stats admin: use the backend id instead of its name in
|
|
|
|
the form
|
|
|
|
- BUG/MAJOR: trash must always be the size of a buffer
|
|
|
|
- DOC: fix minor regex example issue and improve doc on stats
|
|
|
|
- BUG/MAJOR: possible crash when using capture headers on TCP
|
|
|
|
frontends
|
|
|
|
- MINOR: config: disable header captures in TCP mode and complain
|
|
|
|
- BUG/MEDIUM: balance source did not properly hash IPv6 addresses
|
|
|
|
- CLEANUP: http: message parser must ignore HTTP_MSG_ERROR
|
|
|
|
- CLEANUP: remove a few warning about unchecked return values in
|
|
|
|
debug code
|
|
|
|
- CLEANUP: http: remove unused http_msg->col
|
|
|
|
- BUG/MINOR: http: error snapshots are wrong if buffer wraps
|
|
|
|
- BUG/MAJOR: checks: don't call set_server_status_* when no LB
|
|
|
|
algo is set
|
|
|
|
- MINOR: proxy: make findproxy() return proxies from numeric IDs
|
|
|
|
too
|
|
|
|
- BUILD: http: stop gcc-4.1.2 from complaining about possibly
|
|
|
|
uninitialized values
|
|
|
|
- BUG/MINOR: stop connect timeout when connect succeeds
|
|
|
|
|
|
|
|
-------------------------------------------------------------------
|
|
|
|
Sun Mar 11 19:16:20 UTC 2012 - pascal.bleser@opensuse.org
|
|
|
|
|
|
|
|
- update to 1.4.20:
|
|
|
|
- BUG/MINOR: fix typo in processing of http-send-name-header
|
|
|
|
- BUG/MEDIUM: correctly disable servers tracking another disabled servers.
|
|
|
|
- BUG/MEDIUM: zero-weight servers must not dequeue requests from the backend
|
|
|
|
- MINOR: halog: add some help on the command line (cherry picked from
|
|
|
|
commit 615674cdec067066a42f53f5d55628ab7b207e6c)
|
|
|
|
- BUG: queue: fix dequeueing sequence on HTTP keep-alive sessions
|
|
|
|
- BUG: http: disable TCP delayed ACKs when forwarding content-length data
|
|
|
|
- BUG: checks: fix server maintenance exit sequence
|
|
|
|
- BUG/MINOR: stream_sock: don't remove BF_EXPECT_MORE and BF_SEND_DONTWAIT on
|
|
|
|
partial writes
|
|
|
|
- DOC: enumerate valid status codes for "observe layer7"
|
|
|
|
|
|
|
|
-------------------------------------------------------------------
|
|
|
|
Wed Feb 8 15:30:58 UTC 2012 - mrueckert@suse.de
|
|
|
|
|
|
|
|
- update to 1.4.19
|
|
|
|
- MEDIUM: http: add support for sending the server's name in the
|
|
|
|
outgoing request
|
|
|
|
- BUG/MINOR: fix options forwardfor if-none when an alternative
|
|
|
|
header name is specified
|
|
|
|
- MINOR: task: new function task_schedule() to schedule a wake up
|
|
|
|
- BUG/MEDIUM: checks: fix slowstart behaviour when server
|
|
|
|
tracking is in use
|
|
|
|
- BUG: tcp: option nolinger does not work on backends
|
|
|
|
- BUG: ebtree: ebst_lookup() could return the wrong entry
|
|
|
|
- BUG: http: re-enable TCP quick-ack upon incomplete HTTP
|
|
|
|
requests
|
|
|
|
- CLEANUP: ebtree: remove a few annoying signedness warnings
|
|
|
|
- CLEANUP: ebtree: remove 4-year old harmless typo in duplicates
|
|
|
|
insertion code
|
|
|
|
- CLEANUP: ebtree: remove another typo, a wrong initialization in
|
|
|
|
insertion code
|
|
|
|
- BUG: proto_tcp: set AF_INET on tproxy for use with recent
|
|
|
|
kernels
|
|
|
|
- MINOR: halog: add support for matching queued requests
|
|
|
|
- BUG: http: tighten the list of allowed characters in a URI
|
|
|
|
|
|
|
|
-------------------------------------------------------------------
|
|
|
|
Wed Nov 9 12:09:33 UTC 2011 - mrueckert@suse.de
|
|
|
|
|
|
|
|
- update to 1.4.18
|
|
|
|
- [MINOR] http: *_dom matching header functions now also split on
|
|
|
|
":"
|
|
|
|
- [MINOR] halog: support backslash-escaped quotes
|
|
|
|
- BUILD/MINOR: fix the source URL in the spec file
|
|
|
|
- DOC: acl is http_first_req, not http_req_first
|
|
|
|
- BUG/MEDIUM: don't trim last spaces from headers consisting only
|
|
|
|
of spaces
|
|
|
|
- MINOR: acl: add new matches for header/path/url length
|
|
|
|
- [MINOR] halog: do not consider byte 0x8A as end of line
|
|
|
|
- [OPTIM] halog: make fgets parse more bytes by blocks
|
|
|
|
- [OPTIM] halog: add assembly version of the field lookup code
|
|
|
|
- [CLEANUP] startup: report only the basename in the usage
|
|
|
|
message
|
|
|
|
- [DOC] update the README file to reflect new naming rules for
|
|
|
|
patches
|
|
|
|
|
|
|
|
-------------------------------------------------------------------
|
|
|
|
Mon Sep 05 22:26:59 UTC 2011 - pascal.bleser@opensuse.org
|
|
|
|
|
|
|
|
- update to 1.4.17:
|
|
|
|
- [MINOR] halog: add support for termination code matching (-tcn/-TCN)
|
|
|
|
- [MINOR] halog: make SKIP_CHAR stop on field delimiters
|
|
|
|
- [MINOR] halog: add support for HTTP log matching (-H)
|
|
|
|
- [MINOR] halog: gain back performance before SKIP_CHAR fix
|
|
|
|
- [OPTIM] halog: cache some common fields positions
|
|
|
|
- [OPTIM] halog: check once for correct line format and reuse the pointer
|
|
|
|
- [OPTIM] halog: remove many 'if' by using a function pointer for the filters
|
|
|
|
- [OPTIM] halog: remove support for tab delimiters in input data
|
|
|
|
- [MINOR] halog: add -hs/-HS to filter by HTTP status code range
|
|
|
|
- [CLEANUP] update the year in the copyright banner
|
|
|
|
- [BUG] check: http-check expect + regex would crash in defaults section
|
|
|
|
- [MEDIUM] http: make x-forwarded-for addition conditional
|
|
|
|
- [DOC] fixed a few "sensible" -> "sensitive" errors
|
|
|
|
- [MINOR] stats: display "<NONE>" instead of the frontend name when unknown
|
|
|
|
- [BUG] http: trailing white spaces must also be trimmed after headers
|
|
|
|
- [MINOR] http: take a capture of too large requests and responses
|
|
|
|
- [MINOR] http: take a capture of truncated responses
|
|
|
|
- [MINOR] http: take a capture of bad content-lengths.
|
|
|
|
|
|
|
|
-------------------------------------------------------------------
|
|
|
|
Sat Aug 13 22:49:36 UTC 2011 - mrueckert@suse.de
|
|
|
|
|
|
|
|
- update to version 1.4.16
|
|
|
|
- [BUG] checks: fix support of Mysqld >= 5.5 for mysql-check
|
|
|
|
- [DOC] Minor spelling fixes and grammatical enhancements
|
|
|
|
- [CLEANUP] Remove assigned but unused variables
|
|
|
|
- [BUG] checks: http-check expect could fail a check on
|
|
|
|
multi-packet responses
|
|
|
|
- [DOC] fix minor typo in the "dispatch" doc
|
|
|
|
- [MINOR] http: make the "HTTP 200" status code configurable.
|
|
|
|
- [MINOR] http: partially revert the chunking optimization for
|
|
|
|
now
|
|
|
|
- [MINOR] stream_sock: always clear BF_EXPECT_MORE upon complete
|
|
|
|
transfer
|
|
|
|
- [CLEANUP] stream_sock: remove unneeded FL_TCP and factor out
|
|
|
|
test
|
|
|
|
- [MEDIUM] http: add support for "http-no-delay"
|
|
|
|
- [OPTIM] http: optimize chunking again in non-interactive mode
|
|
|
|
- [OPTIM] stream_sock: avoid fast-forwarding of partial data
|
|
|
|
- [OPTIM] stream_sock: don't use splice on too small payloads
|
|
|
|
- [BUG] stats: support url-encoded forms
|
|
|
|
- [BUG] halog: correctly handle truncated last line
|
|
|
|
- [DOC] fix typos, "#" is a sharp, not a dash
|
|
|
|
|
|
|
|
-------------------------------------------------------------------
|
|
|
|
Fri Apr 15 22:14:24 UTC 2011 - pascal.bleser@opensuse.org
|
|
|
|
|
|
|
|
- revert splitting out the documentation
|
|
|
|
|
|
|
|
-------------------------------------------------------------------
|
|
|
|
Thu Apr 14 19:18:45 UTC 2011 - pascal.bleser@opensuse.org
|
|
|
|
|
|
|
|
- split out documentation and examples into haproxy-doc
|
|
|
|
- add rpmlintrc to suppress false positive warnings about
|
|
|
|
script examples in documentation files (without exec flag)
|
|
|
|
- fix license
|
|
|
|
|
|
|
|
-------------------------------------------------------------------
|
|
|
|
Tue Apr 12 15:31:38 UTC 2011 - mrueckert@suse.de
|
|
|
|
|
|
|
|
- update to version 1.4.15
|
|
|
|
- [CRITICAL] fix risk of crash when dealing with space in
|
|
|
|
response cookies
|
|
|
|
- additional changes from 1.4.14
|
|
|
|
- [MINOR] config: fix endianness of server check port
|
|
|
|
- [BUG] http: fix possible incorrect forwarded wrapping chunk
|
|
|
|
size (take 2)
|
|
|
|
- [MINOR] tools: add two macros MID_RANGE and MAX_RANGE
|
|
|
|
- [BUG] http: fix content-length handling on 32-bit platforms
|
|
|
|
- [OPTIM] buffers: uninline buffer_forward()
|
|
|
|
|
|
|
|
-------------------------------------------------------------------
|
|
|
|
Wed Mar 9 12:00:23 UTC 2011 - mrueckert@suse.de
|
|
|
|
|
|
|
|
- update to 1.4.13
|
|
|
|
- config: don't crash on empty pattern files.
|
|
|
|
- additional changes from 1.4.12
|
|
|
|
- stats: add support for several packets in stats admin
|
|
|
|
- stats: admin commands must check the proxy state
|
|
|
|
- stats: admin web interface must check the proxy state
|
|
|
|
- http: update the header list's tail when removing the last
|
|
|
|
header
|
|
|
|
- fix typos (http-request instead of http-check) (cherry
|
|
|
|
picked from commit 8f2a1e72bebea700f37add40997b716fdfd86b9c)
|
|
|
|
- http: use correct ACL pointer when evaluating authentication
|
|
|
|
- cfgparse: correctly count one socket per port in ranges
|
|
|
|
- startup: set the rlimits before binding ports, not after.
|
|
|
|
- acl: srv_id must return no match when the server is NULL
|
|
|
|
- acl: fd leak when reading patterns from file
|
|
|
|
- fix minor typo in "usesrc"
|
|
|
|
- http: fix possible incorrect forwarded wrapping chunk size
|
|
|
|
- http: fix computation of message body length after forwarding
|
|
|
|
has started
|
|
|
|
- http: balance url_param did not work with first parameters on
|
|
|
|
POST
|
|
|
|
- update the url_param regression test to test check_post too
|
|
|
|
|
|
|
|
-------------------------------------------------------------------
|
|
|
|
>>>>>>> ./haproxy.changes.r40
|
|
|
|
Tue Feb 15 14:30:53 UTC 2011 - mrueckert@suse.de
|
|
|
|
|
|
|
|
- update to 1.4.11
|
|
|
|
- cfgparse: Check whether the path given for the stats socket
|
|
|
|
actually fits into the sockaddr_un structure to avoid
|
|
|
|
truncation.
|
|
|
|
- fix a minor typo
|
|
|
|
- fix ignore-persist documentation
|
|
|
|
- http: fix http-pretend-keepalive and httpclose/tunnel mode
|
|
|
|
- add warnings on features not compatible with multi-process mode
|
|
|
|
- acl: add be_id/srv_id to match backend's and server's id
|
|
|
|
- log: add support for passing the forwarded hostname
|
|
|
|
- log: ability to override the syslog tag
|
|
|
|
- fix minor typos in the doc
|
|
|
|
- fix another typo in the doc
|
|
|
|
- http chunking: don't report a parsing error on connection
|
|
|
|
errors
|
|
|
|
- stream_interface: truncate buffers when sending error messages
|
|
|
|
- http: fix incorrect error reporting during data transfers
|
|
|
|
- session: correctly leave turn-around and queue states on abort
|
|
|
|
- session: release slot before processing pending connections
|
|
|
|
- stats: report HTTP message state and buffer flags in error
|
|
|
|
dumps
|
|
|
|
- http: support wrapping messages in error captures
|
|
|
|
- http: capture incorrectly chunked message bodies
|
|
|
|
- stats: add global event ID and count
|
|
|
|
- http: don't send each chunk in a separate packet
|
|
|
|
- acl: fix handling of empty lines in pattern files
|
|
|
|
- ebtree: fix ebmb_lookup() with len smaller than the tree's keys
|
|
|
|
- ebtree: ebmb_lookup: reduce stack usage by moving the return
|
|
|
|
code out of the loop
|
|
|
|
|
|
|
|
-------------------------------------------------------------------
|
|
|
|
Mon Nov 29 13:57:37 UTC 2010 - pascal.bleser@opensuse.org
|
|
|
|
|
|
|
|
- update to 1.4.10:
|
|
|
|
* a possible crash when using Cookie-based persistence with
|
|
|
|
appsessions was fixed
|
|
|
|
* header processing could become wrong after a single reqidel
|
|
|
|
rule removed exactly two headers
|
|
|
|
* some out-of-memory conditions were not correctly handled in
|
|
|
|
appsession or cookie captures
|
|
|
|
* users of appsessions are strongly encouraged to upgrade
|
|
|
|
|
|
|
|
-------------------------------------------------------------------
|
|
|
|
Tue Nov 2 13:11:15 UTC 2010 - pascal.bleser@opensuse.org
|
|
|
|
|
|
|
|
- update to 1.4.9:
|
|
|
|
* the Web interface now allows you to enable or disable servers
|
|
|
|
* the ECV and LDAPv3 checks were merged
|
|
|
|
* the MySQL check was improved to support a real login sequence
|
|
|
|
* persistence cookies can now be timestamped to support a maximum
|
|
|
|
idle time and a maximum life time, and can be removed by the
|
|
|
|
server if needed (e.g. logout)
|
|
|
|
* the SNMP plugin was improved to report socket stats
|
|
|
|
* some Cacti templates were merged
|
|
|
|
* the halog tool can now instantly report per-URL response times
|
|
|
|
|
|
|
|
-------------------------------------------------------------------
|
|
|
|
Tue Aug 17 15:46:13 UTC 2010 - mrueckert@suse.de
|
|
|
|
|
|
|
|
- implement graceful restart in the init script
|
|
|
|
|
|
|
|
-------------------------------------------------------------------
|
|
|
|
Tue Jun 22 14:49:12 UTC 2010 - mrueckert@suse.de
|
|
|
|
|
|
|
|
- update to 1.4.8:
|
|
|
|
* mention 'option http-server-close' effect in Tq section
|
|
|
|
* summarize and highlight persistent connections behaviour
|
|
|
|
* add configuration samples
|
|
|
|
* stick_table: the fix for the memory leak caused a regression
|
|
|
|
* client: don't add a new session to the list too early
|
|
|
|
|
|
|
|
-------------------------------------------------------------------
|
|
|
|
Thu Jun 10 09:03:34 UTC 2010 - pascal.bleser@opensuse.org
|
|
|
|
|
|
|
|
- update to 1.4.7:
|
|
|
|
* fixes problems where consistent hashing was broken when no
|
|
|
|
server ID was specified in the configuration
|
|
|
|
* some errors were incorrectly reported as failed instead of
|
|
|
|
denied in the statistics
|
|
|
|
* the dispatch and http_proxy modes were fixed
|
|
|
|
* a few termination flags in the logs used for troubleshooting
|
|
|
|
were corrected
|
|
|
|
* a few other minor issues were fixed
|
|
|
|
* upgrading is recommended
|
|
|
|
|
|
|
|
-------------------------------------------------------------------
|
|
|
|
Mon May 17 20:29:02 UTC 2010 - pascal.bleser@opensuse.org
|
|
|
|
|
|
|
|
- update to 1.4.6:
|
|
|
|
* a minor precision about RDP cookies was added to the
|
|
|
|
documentation
|
|
|
|
* a new ACL keyword was added
|
|
|
|
* those who had no problem building and running 1.4.5 don't need
|
|
|
|
to upgrade
|
|
|
|
|
|
|
|
- drop haproxy-fix_dprintf.patch, merged upstream
|
|
|
|
|
|
|
|
-------------------------------------------------------------------
|
|
|
|
Fri May 14 07:18:03 UTC 2010 - pascal.bleser@opensuse.org
|
|
|
|
|
|
|
|
- update to 1.4.5:
|
|
|
|
* Haproxy can now read huge ACL pattern lists from files and
|
|
|
|
match inputs against them without any noticeable performance
|
|
|
|
impact, making geolocation possible
|
|
|
|
* adds a new "ignore-persist" directive, allowing it to ignore
|
|
|
|
the persistence cookie if an ACL-based condition is matched
|
|
|
|
(which is useful for static objects in stateful farms)
|
|
|
|
* a few other minor improvements
|
|
|
|
* a nice performance boost of the log analyzer, which can now
|
|
|
|
process more than 1 GB of logs per second and report request
|
|
|
|
counts by status codes
|
|
|
|
|
|
|
|
-------------------------------------------------------------------
|
|
|
|
Thu Apr 8 09:41:51 UTC 2010 - pascal.bleser@opensuse.org
|
|
|
|
|
|
|
|
- update to 1.4.4:
|
|
|
|
* brings a new option to work around optimization issues with
|
|
|
|
Tomcat and Jetty in server close mode, and for a bug in Jetty's
|
|
|
|
handling of Expect: 100-continue
|
|
|
|
* a very old appsession unexpected match of shorter cookie names
|
|
|
|
was also fixed
|
|
|
|
* a new feature to make it possible to connect to a server from
|
|
|
|
an IP found in a header was merged: it allows you to run
|
|
|
|
stunnel+haproxy in transparent mode together
|
|
|
|
|
|
|
|
-------------------------------------------------------------------
|
|
|
|
Fri Apr 2 23:42:44 UTC 2010 - pascal.bleser@opensuse.org
|
|
|
|
|
|
|
|
- update to 1.4.3:
|
|
|
|
* fxes a regression introduced in 1.4.2 which could cause a
|
|
|
|
connection to still be attempted on the server side in case of
|
|
|
|
an error on the client side; this issue could even lead to a
|
|
|
|
crash if a Layer7 hash algorithm was used, so this code was
|
|
|
|
strengthened
|
|
|
|
* the configuration parser now detects many more inappropriate
|
|
|
|
options in TCP mode and emits related warnings
|
|
|
|
* it is now possible to indicate in the configuration that a
|
|
|
|
server will start in the "disabled" state
|
|
|
|
* other very minor issues were fixed
|
|
|
|
|
|
|
|
-------------------------------------------------------------------
|
|
|
|
Thu Mar 18 12:00:49 UTC 2010 - pascal.bleser@opensuse.org
|
|
|
|
|
|
|
|
- update to 1.4.2:
|
|
|
|
* fixes a very rare case of stuck client sessions when using
|
|
|
|
keep-alive
|
|
|
|
* fixes a url_param hash bug which could result in a dead server
|
|
|
|
in very rare situations
|
|
|
|
* fixes status codes 501 and 505 which could cause a server to be
|
|
|
|
marked down if on-error was used
|
|
|
|
* fixes a risk of getting truncated HTTP responses when
|
|
|
|
chunk-encoding was used
|
|
|
|
* fixes an issue with anonymous ACLs
|
|
|
|
* improvements on health checks
|
|
|
|
|
|
|
|
-------------------------------------------------------------------
|
|
|
|
Fri Mar 5 00:45:12 UTC 2010 - pascal.bleser@opensuse.org
|
|
|
|
|
|
|
|
- update to 1.4.1:
|
|
|
|
* some errors were incorrectly reported as 502 with the flags
|
|
|
|
"SL" in the logs; this is now fixed
|
|
|
|
* other minor issues were fixed
|
|
|
|
* documentation was updated
|
|
|
|
|
|
|
|
-------------------------------------------------------------------
|
|
|
|
Fri Feb 26 20:44:34 UTC 2010 - pascal.bleser@opensuse.org
|
|
|
|
|
|
|
|
- update to 1.4.0:
|
|
|
|
* new features:
|
|
|
|
+ keep-alive
|
|
|
|
+ IP-based stickiness
|
|
|
|
+ consistent hashing
|
|
|
|
+ support for the RDP protocol
|
|
|
|
+ a much nicer stats interface
|
|
|
|
+ a much-improved performance level
|
|
|
|
* add -fno-strict-aliasing
|
|
|
|
|
|
|
|
- changes from 1.4rc1:
|
|
|
|
* new features:
|
|
|
|
+ server maintenance mode
|
|
|
|
+ HTTP authentication (server and proxy)
|
|
|
|
+ secure passwords
|
|
|
|
+ conditional request/response header rewriting using ACLs
|
|
|
|
+ anonymous ACLs that can be declared inline
|
|
|
|
+ support for HTTP/1.1 101+Upgrade status code to support non-
|
|
|
|
HTTP protocols such as WebSocket
|
|
|
|
|
|
|
|
-------------------------------------------------------------------
|
|
|
|
Thu Feb 11 15:20:01 UTC 2010 - mrueckert@suse.de
|
|
|
|
|
|
|
|
- update to 1.3.23
|
|
|
|
|
|
|
|
-------------------------------------------------------------------
|
|
|
|
Tue Sep 15 14:09:34 CEST 2009 - mrueckert@suse.de
|
|
|
|
|
|
|
|
- update to 1.3.20
|
|
|
|
|
|
|
|
-------------------------------------------------------------------
|
|
|
|
Fri Apr 3 13:54:40 CEST 2009 - mrueckert@suse.de
|
|
|
|
|
|
|
|
- update to 1.3.17
|
|
|
|
|
|
|
|
-------------------------------------------------------------------
|
|
|
|
Mon Mar 9 16:40:38 CET 2009 - mrueckert@suse.de
|
|
|
|
|
|
|
|
- update to 1.3.15.8
|
|
|
|
|
|
|
|
-------------------------------------------------------------------
|
|
|
|
Wed Feb 4 15:13:15 CET 2009 - mrueckert@suse.de
|
|
|
|
|
|
|
|
- update to 1.3.15.7
|
|
|
|
|
|
|
|
-------------------------------------------------------------------
|
|
|
|
Mon Sep 15 15:52:45 CEST 2008 - mrueckert@suse.de
|
|
|
|
|
|
|
|
- update to 1.3.15.4
|
|
|
|
|
|
|
|
-------------------------------------------------------------------
|
|
|
|
Sun Nov 4 21:21:35 CET 2007 - mrueckert@suse.de
|
|
|
|
|
|
|
|
- update to 1.3.13.1:
|
|
|
|
too many changes see changelog file
|
|
|
|
|
|
|
|
-------------------------------------------------------------------
|
|
|
|
Mon Apr 2 00:53:38 CEST 2007 - mrueckert@suse.de
|
|
|
|
|
|
|
|
- prepared spec for easy split out of -snapshot packages.
|
|
|
|
- added vim syntax file
|
|
|
|
|
|
|
|
-------------------------------------------------------------------
|
|
|
|
Mon Mar 19 17:50:33 CET 2007 - mrueckert@suse.de
|
|
|
|
|
|
|
|
- update to 1.2.17:
|
|
|
|
- replaced the linked-list with a faster rbtree in the scheduler
|
|
|
|
- add user/group support (Marcus Rueckert)
|
|
|
|
- add the "except" keyword to the "forwardfor" option (Bryan
|
|
|
|
Germann)
|
|
|
|
- re-implemented support for multi-line headers (was
|
|
|
|
incidently reverted)
|
|
|
|
- fixed possible crash when no cookie was set on a server
|
|
|
|
- fixed various length checks in appsession
|
|
|
|
- fixed unlikely memory leak in appsession in case of memory
|
|
|
|
shortage
|
|
|
|
- updates to the architecture guide
|
|
|
|
- remove haproxy-1.2.16_username_groupname_support.patch:
|
|
|
|
patch included upstream
|
|
|
|
|
|
|
|
-------------------------------------------------------------------
|
|
|
|
Mon Jan 8 00:27:17 CET 2007 - mrueckert@suse.de
|
|
|
|
|
|
|
|
- initial package of 1.2.16
|
|
|
|
- added 2 patches:
|
|
|
|
haproxy-1.2.16_config_haproxy_user.patch
|
|
|
|
haproxy-1.2.16_username_groupname_support.patch
|
|
|
|
the patches allow to specify username and groupname instead of
|
|
|
|
uid/gid. The patches are needed as we do not have a static
|
|
|
|
uid/gid for the haproxy user/group.
|
|
|
|
|