diff --git a/0001-BUG-MINOR-log-missing-some-ARGC_-entries-in-fmt_dire.patch b/0001-BUG-MINOR-log-missing-some-ARGC_-entries-in-fmt_dire.patch
deleted file mode 100644
index 9a1a391..0000000
--- a/0001-BUG-MINOR-log-missing-some-ARGC_-entries-in-fmt_dire.patch
+++ /dev/null
@@ -1,64 +0,0 @@
-From df0a5960987b3cb663dcfa93d29c21acc13cd3e3 Mon Sep 17 00:00:00 2001
-From: Willy Tarreau <w@1wt.eu>
-Date: Thu, 9 Jul 2015 11:20:00 +0200
-Subject: [PATCH 01/11] BUG/MINOR: log: missing some ARGC_* entries in
- fmt_directives()
-
-ARGC_CAP was not added to fmt_directives() which is used to format
-error messages when failing to parse log format expressions. The
-whole switch/case has been reorganized to match the declaration
-order making it easier to spot missing values. The default is not
-the "log" directive anymore but "undefined" asking to report the
-bug.
-
-Backport to 1.5 is not strictly needed but is desirable at least
-for code sanity.
-(cherry picked from commit 53e1a6d31743b1bef6063ff30b812521391ae3c3)
----
- src/log.c | 24 ++++++++++++++----------
- 1 file changed, 14 insertions(+), 10 deletions(-)
-
-diff --git a/src/log.c b/src/log.c
-index 1a5ad25..f0a3072 100644
---- a/src/log.c
-+++ b/src/log.c
-@@ -167,22 +167,26 @@ struct logformat_var_args var_args_list[] = {
- static inline const char *fmt_directive(const struct proxy *curproxy)
- {
- 	switch (curproxy->conf.args.ctx) {
--	case ARGC_UIF:
--		return "unique-id-format";
-+	case ARGC_ACL:
-+		return "acl";
-+	case ARGC_STK:
-+		return "stick";
-+	case ARGC_TRK:
-+		return "track-sc";
-+	case ARGC_LOG:
-+		return "log-format";
- 	case ARGC_HRQ:
- 		return "http-request";
- 	case ARGC_HRS:
- 		return "http-response";
--	case ARGC_STK:
--		return "stick";
--	case ARGC_TRK:
--		return "track-sc"; break;
-+	case ARGC_UIF:
-+		return "unique-id-format";
- 	case ARGC_RDR:
--		return "redirect"; break;
--	case ARGC_ACL:
--		return "acl"; break;
-+		return "redirect";
-+	case ARGC_CAP:
-+		return "capture";
- 	default:
--		return "log-format";
-+		return "undefined(please report this bug)"; /* must never happen */
- 	}
- }
- 
--- 
-2.1.4
-
diff --git a/0002-DOC-usesrc-root-privileges-requirements.patch b/0002-DOC-usesrc-root-privileges-requirements.patch
deleted file mode 100644
index 45cbe57..0000000
--- a/0002-DOC-usesrc-root-privileges-requirements.patch
+++ /dev/null
@@ -1,27 +0,0 @@
-From ea31f225c2c93a25b8bef7a9241a89cecfd9d350 Mon Sep 17 00:00:00 2001
-From: Baptiste Assmann <bedis9@gmail.com>
-Date: Fri, 17 Jul 2015 21:59:42 +0200
-Subject: [PATCH 02/11] DOC: usesrc root privileges requirements
-
-The "usesrc" parameter of the source statement requires root privileges.
-(cherry picked from commit 91bd337d90cb347feda34b01402f3471c8a4833c)
----
- doc/configuration.txt | 2 ++
- 1 file changed, 2 insertions(+)
-
-diff --git a/doc/configuration.txt b/doc/configuration.txt
-index 6714afb..64697a4 100644
---- a/doc/configuration.txt
-+++ b/doc/configuration.txt
-@@ -6117,6 +6117,8 @@ source <addr>[:<port>] [interface <name>]
-   is possible at the server level using the "source" server option. Refer to
-   section 5 for more information.
- 
-+  In order to work, "usesrc" requires root privileges.
-+
-   Examples :
-         backend private
-             # Connect to the servers using our 192.168.1.200 source address
--- 
-2.1.4
-
diff --git a/0003-BUILD-ssl-Allow-building-against-libssl-without-SSLv.patch b/0003-BUILD-ssl-Allow-building-against-libssl-without-SSLv.patch
deleted file mode 100644
index 458267e..0000000
--- a/0003-BUILD-ssl-Allow-building-against-libssl-without-SSLv.patch
+++ /dev/null
@@ -1,52 +0,0 @@
-From eee374c28ea8ea22834ff14515b5584bc3e0c7b5 Mon Sep 17 00:00:00 2001
-From: =?UTF-8?q?J=C3=A9r=C3=A9mie=20Courr=C3=A8ges-Anglas?= <jca@wxcvbn.org>
-Date: Sat, 25 Jul 2015 16:50:52 -0600
-Subject: [PATCH 03/11] BUILD: ssl: Allow building against libssl without
- SSLv3.
-
-If SSLv3 is explicitely requested but not available, warn the user and
-bail out.
-(cherry picked from commit 17c3f6284cf605e47f6525c077bc644c45272849)
----
- src/ssl_sock.c | 16 ++++++++++++++--
- 1 file changed, 14 insertions(+), 2 deletions(-)
-
-diff --git a/src/ssl_sock.c b/src/ssl_sock.c
-index 7d77d36..2ae45ec 100644
---- a/src/ssl_sock.c
-+++ b/src/ssl_sock.c
-@@ -1405,8 +1405,14 @@ int ssl_sock_prepare_ctx(struct bind_conf *bind_conf, SSL_CTX *ctx, struct proxy
- 		ssloptions |= SSL_OP_NO_TLSv1_2;
- 	if (bind_conf->ssl_options & BC_SSL_O_NO_TLS_TICKETS)
- 		ssloptions |= SSL_OP_NO_TICKET;
--	if (bind_conf->ssl_options & BC_SSL_O_USE_SSLV3)
-+	if (bind_conf->ssl_options & BC_SSL_O_USE_SSLV3) {
-+#ifndef OPENSSL_NO_SSL3
- 		SSL_CTX_set_ssl_version(ctx, SSLv3_server_method());
-+#else
-+		Alert("SSLv3 support requested but unavailable.\n");
-+		cfgerr++;
-+#endif
-+	}
- 	if (bind_conf->ssl_options & BC_SSL_O_USE_TLSV10)
- 		SSL_CTX_set_ssl_version(ctx, TLSv1_server_method());
- #if SSL_OP_NO_TLSv1_1
-@@ -1750,8 +1756,14 @@ int ssl_sock_prepare_srv_ctx(struct server *srv, struct proxy *curproxy)
- 		options |= SSL_OP_NO_TLSv1_2;
- 	if (srv->ssl_ctx.options & SRV_SSL_O_NO_TLS_TICKETS)
- 		options |= SSL_OP_NO_TICKET;
--	if (srv->ssl_ctx.options & SRV_SSL_O_USE_SSLV3)
-+	if (srv->ssl_ctx.options & SRV_SSL_O_USE_SSLV3) {
-+#ifndef OPENSSL_NO_SSL3
- 		SSL_CTX_set_ssl_version(srv->ssl_ctx.ctx, SSLv3_client_method());
-+#else
-+		Alert("SSLv3 support requested but unavailable.");
-+		cfgerr++;
-+#endif
-+	}
- 	if (srv->ssl_ctx.options & SRV_SSL_O_USE_TLSV10)
- 		SSL_CTX_set_ssl_version(srv->ssl_ctx.ctx, TLSv1_client_method());
- #if SSL_OP_NO_TLSv1_1
--- 
-2.1.4
-
diff --git a/0004-DOC-MINOR-fix-OpenBSD-versions-where-haproxy-works.patch b/0004-DOC-MINOR-fix-OpenBSD-versions-where-haproxy-works.patch
deleted file mode 100644
index de5b129..0000000
--- a/0004-DOC-MINOR-fix-OpenBSD-versions-where-haproxy-works.patch
+++ /dev/null
@@ -1,26 +0,0 @@
-From e4766ba031e1fea8f2ca139316dc4e8209e960c2 Mon Sep 17 00:00:00 2001
-From: Daniel Jakots <vigdis@chown.me>
-Date: Wed, 29 Jul 2015 08:03:08 +0200
-Subject: [PATCH 04/11] DOC/MINOR: fix OpenBSD versions where haproxy works
-
-(cherry picked from commit 17d228be14762b282e5262262c45ecee4c265552)
----
- README | 2 +-
- 1 file changed, 1 insertion(+), 1 deletion(-)
-
-diff --git a/README b/README
-index add7f06..e267730 100644
---- a/README
-+++ b/README
-@@ -39,7 +39,7 @@ and assign it to the TARGET variable :
-   - solaris     for Solaris 8 or 10 (others untested)
-   - freebsd     for FreeBSD 5 to 10 (others untested)
-   - osx         for Mac OS/X
--  - openbsd     for OpenBSD 3.1 to 5.2 (others untested)
-+  - openbsd     for OpenBSD 3.1 and above
-   - aix51       for AIX 5.1
-   - aix52       for AIX 5.2
-   - cygwin      for Cygwin
--- 
-2.1.4
-
diff --git a/0005-BUG-MINOR-http-sample-gmtime-localtime-can-fail.patch b/0005-BUG-MINOR-http-sample-gmtime-localtime-can-fail.patch
deleted file mode 100644
index 495c647..0000000
--- a/0005-BUG-MINOR-http-sample-gmtime-localtime-can-fail.patch
+++ /dev/null
@@ -1,33 +0,0 @@
-From 955587271031d66e9b7a768e3bb18dae00b60cc6 Mon Sep 17 00:00:00 2001
-From: Thierry FOURNIER <tfournier@arpalert.org>
-Date: Wed, 8 Jul 2015 00:15:20 +0200
-Subject: [PATCH 05/11] BUG/MINOR: http/sample: gmtime/localtime can fail
-
-The man said that gmtime() and localtime() can return a NULL value.
-This is not tested. It appears that all the values of a 32 bit integer
-are valid, but it is better to check the return of these functions.
-
-However, if the integer move from 32 bits to 64 bits, some 64 values
-can be unsupported.
-(cherry picked from commit fac9ccfb705702f211f99e67d5f5d5129002086a)
-[wt: we only have sample_conv_date() in 1.5]
----
- src/proto_http.c | 2 ++
- 1 file changed, 2 insertions(+)
-
-diff --git a/src/proto_http.c b/src/proto_http.c
-index 5db64b5..02dc42b 100644
---- a/src/proto_http.c
-+++ b/src/proto_http.c
-@@ -11249,6 +11249,8 @@ static int sample_conv_http_date(const struct arg *args, struct sample *smp)
- 		curr_date += args[0].data.sint;
- 
- 	tm = gmtime(&curr_date);
-+	if (!tm)
-+		return 0;
- 
- 	temp = get_trash_chunk();
- 	temp->len = snprintf(temp->str, temp->size - temp->len,
--- 
-2.1.4
-
diff --git a/0006-DOC-typo-in-redirect-302-code-meaning.patch b/0006-DOC-typo-in-redirect-302-code-meaning.patch
deleted file mode 100644
index 468780c..0000000
--- a/0006-DOC-typo-in-redirect-302-code-meaning.patch
+++ /dev/null
@@ -1,27 +0,0 @@
-From 6c7351bdd0778bc171a2b54faed058eadc8c9d0d Mon Sep 17 00:00:00 2001
-From: Baptiste Assmann <bedis9@gmail.com>
-Date: Mon, 3 Aug 2015 11:42:50 +0200
-Subject: [PATCH 06/11] DOC: typo in 'redirect', 302 code meaning
-
-302 means a temprary move, not a permanent one
-(cherry picked from commit ea849c0cca63b1b56c9c36f9c3504caa5e826816)
----
- doc/configuration.txt | 2 +-
- 1 file changed, 1 insertion(+), 1 deletion(-)
-
-diff --git a/doc/configuration.txt b/doc/configuration.txt
-index 64697a4..e8d8b2a 100644
---- a/doc/configuration.txt
-+++ b/doc/configuration.txt
-@@ -5443,7 +5443,7 @@ redirect scheme   <sch> [code <code>] <option> [{if | unless} <condition>]
-               is desired. Only codes 301, 302, 303, 307 and 308 are supported,
-               with 302 used by default if no code is specified. 301 means
-               "Moved permanently", and a browser may cache the Location. 302
--              means "Moved permanently" and means that the browser should not
-+              means "Moved temporarily" and means that the browser should not
-               cache the redirection. 303 is equivalent to 302 except that the
-               browser will fetch the location with a GET method. 307 is just
-               like 302 but makes it clear that the same method must be reused.
--- 
-2.1.4
-
diff --git a/0007-DOC-mention-that-ms-is-left-padded-with-zeroes.patch b/0007-DOC-mention-that-ms-is-left-padded-with-zeroes.patch
deleted file mode 100644
index ea4bafe..0000000
--- a/0007-DOC-mention-that-ms-is-left-padded-with-zeroes.patch
+++ /dev/null
@@ -1,27 +0,0 @@
-From c3453d53f2862b22d8c8e7d2399dfc38ec966aa4 Mon Sep 17 00:00:00 2001
-From: Willy Tarreau <w@1wt.eu>
-Date: Sun, 9 Aug 2015 10:56:35 +0200
-Subject: [PATCH 07/11] DOC: mention that %ms is left-padded with zeroes.
-
-That's important to emit logs.
-(cherry picked from commit 812c88ec126e8fc4fc0f7853f265594d03c63956)
----
- doc/configuration.txt | 2 +-
- 1 file changed, 1 insertion(+), 1 deletion(-)
-
-diff --git a/doc/configuration.txt b/doc/configuration.txt
-index e8d8b2a..1d95b5b 100644
---- a/doc/configuration.txt
-+++ b/doc/configuration.txt
-@@ -12381,7 +12381,7 @@ Please refer to the table below for currently defined variables :
-   |   | %hrl | captured_request_headers CLF style            | string list |
-   |   | %hs  | captured_response_headers default style       | string      |
-   |   | %hsl | captured_response_headers CLF style           | string list |
--  |   | %ms  | accept date milliseconds                      | numeric     |
-+  |   | %ms  | accept date milliseconds (left-padded with 0) | numeric     |
-   |   | %pid | PID                                           | numeric     |
-   | H | %r   | http_request                                  | string      |
-   |   | %rc  | retries                                       | numeric     |
--- 
-2.1.4
-
diff --git a/0008-CLEANUP-.gitignore-ignore-more-test-files.patch b/0008-CLEANUP-.gitignore-ignore-more-test-files.patch
deleted file mode 100644
index 6062bbf..0000000
--- a/0008-CLEANUP-.gitignore-ignore-more-test-files.patch
+++ /dev/null
@@ -1,50 +0,0 @@
-From 1104336c0ba5f474fce8fe7c0125511b59f4dd3d Mon Sep 17 00:00:00 2001
-From: Willy Tarreau <w@1wt.eu>
-Date: Tue, 11 Aug 2015 11:20:45 +0200
-Subject: [PATCH 08/11] CLEANUP: .gitignore: ignore more test files
-
-Exclude from "git status" many of the files that often result from
-development tests and bug reports reproducers.
-(cherry picked from commit de365a320ead43168e78facfa337130759783515)
----
- .gitignore | 27 +++++++++++++++++++++++++++
- 1 file changed, 27 insertions(+)
-
-diff --git a/.gitignore b/.gitignore
-index 762f5ad..f6ccd0e 100644
---- a/.gitignore
-+++ b/.gitignore
-@@ -18,3 +18,30 @@ make-*
- dlmalloc.c
- 00*.patch
- *.service
-+*.bak
-+contrib/base64/base64rev
-+contrib/halog/halog
-+contrib/ip6range/ip6range
-+contrib/iprange/iprange
-+tests/test_hashes
-+/*.cfg
-+/*.conf
-+/*.diff
-+/*.patch
-+/*.c
-+/*.o
-+/*.so
-+/*.txt
-+/*.TXT
-+/*.txt.*
-+/*.prof
-+/*.gprof
-+/*.prof.*
-+/*.gprof.*
-+/*.tar
-+/*.tar.gz
-+/*.tgz
-+/*.mbox
-+/*.sh
-+/bug*
-+/TAGS
--- 
-2.1.4
-
diff --git a/0009-CLEANUP-.gitignore-finally-ignore-everything-but-wha.patch b/0009-CLEANUP-.gitignore-finally-ignore-everything-but-wha.patch
deleted file mode 100644
index 428ac20..0000000
--- a/0009-CLEANUP-.gitignore-finally-ignore-everything-but-wha.patch
+++ /dev/null
@@ -1,44 +0,0 @@
-From 5e077624951a65e6aae381c7213fc54984768dd4 Mon Sep 17 00:00:00 2001
-From: Willy Tarreau <w@1wt.eu>
-Date: Tue, 11 Aug 2015 11:21:47 +0200
-Subject: [PATCH 09/11] CLEANUP: .gitignore: finally ignore everything but what
- is known.
-
-Still too many files remain, it's easier to block everything but
-what we know.
-(cherry picked from commit d71f1766bdbb041f80394662b0d293f033f93005)
----
- .gitignore | 20 ++++++++++++++++++++
- 1 file changed, 20 insertions(+)
-
-diff --git a/.gitignore b/.gitignore
-index f6ccd0e..1953ba3 100644
---- a/.gitignore
-+++ b/.gitignore
-@@ -45,3 +45,23 @@ tests/test_hashes
- /*.sh
- /bug*
- /TAGS
-+# Below we forbid everything and only allow what we know, that's much easier
-+# than blocking about 500 different test files and bug report outputs.
-+/.*
-+/*
-+!/.gitignore
-+!/CHANGELOG
-+!/LICENSE
-+!/Makefile
-+!/README
-+!/ROADMAP
-+!/SUBVERS
-+!/VERDATE
-+!/VERSION
-+!/contrib
-+!/doc
-+!/ebtree
-+!/examples
-+!/include
-+!/src
-+!/tests
--- 
-2.1.4
-
diff --git a/0010-MEDIUM-config-emit-a-warning-on-a-frontend-without-l.patch b/0010-MEDIUM-config-emit-a-warning-on-a-frontend-without-l.patch
deleted file mode 100644
index 1ba594b..0000000
--- a/0010-MEDIUM-config-emit-a-warning-on-a-frontend-without-l.patch
+++ /dev/null
@@ -1,46 +0,0 @@
-From c7c1e55f09839727ba7defd37347fc500dabb202 Mon Sep 17 00:00:00 2001
-From: Willy Tarreau <w@1wt.eu>
-Date: Tue, 11 Aug 2015 11:36:45 +0200
-Subject: [PATCH 10/11] MEDIUM: config: emit a warning on a frontend without
- listener
-
-Commit c6678e2 ("MEDIUM: config: authorize frontend and listen without bind")
-completely removed the test for bind lines in frontends in order to make it
-easier for automated tools to generate configs (eg: replacing a bind with
-another one passing via a temporary config without any bind line). The
-problem is that some common mistakes are totally hidden now. For example,
-this apparently valid entry is silently ignored :
-
-       listen 1.2.3.4:8000
-           server s1 127.0.0.1:8000
-
-Hint: 1.2.3.4:8000 is mistakenly the proxy name here.
-
-Thus instead we now emit a warning to indicate that a frontend was found
-with no listener. This should be backported to 1.5 to help spot abnormal
-configurations.
-(cherry picked from commit f82d1ca2d7ec83804d6b54e61a35747ad2f85188)
----
- src/cfgparse.c | 6 ++++++
- 1 file changed, 6 insertions(+)
-
-diff --git a/src/cfgparse.c b/src/cfgparse.c
-index 2a5f178..d67edc5 100644
---- a/src/cfgparse.c
-+++ b/src/cfgparse.c
-@@ -6193,6 +6193,12 @@ int check_config_validity()
- 			break;
- 		}
- 
-+		if ((curproxy->cap & PR_CAP_FE) && LIST_ISEMPTY(&curproxy->conf.listeners)) {
-+			Warning("config : %s '%s' has no 'bind' directive. Please declare it as a backend if this was intended.\n",
-+			        proxy_type_str(curproxy), curproxy->id);
-+			err_code |= ERR_WARN;
-+		}
-+
- 		if ((curproxy->cap & PR_CAP_BE) && (curproxy->mode != PR_MODE_HEALTH)) {
- 			if (curproxy->lbprm.algo & BE_LB_KIND) {
- 				if (curproxy->options & PR_O_TRANSP) {
--- 
-2.1.4
-
diff --git a/0011-BUG-MEDIUM-counters-ensure-that-src_-inc-clr-_gpc0-c.patch b/0011-BUG-MEDIUM-counters-ensure-that-src_-inc-clr-_gpc0-c.patch
deleted file mode 100644
index ba4eaf5..0000000
--- a/0011-BUG-MEDIUM-counters-ensure-that-src_-inc-clr-_gpc0-c.patch
+++ /dev/null
@@ -1,93 +0,0 @@
-From ee12145d38a7dee81a20cf232c724ccb7a46ad8b Mon Sep 17 00:00:00 2001
-From: Willy Tarreau <w@1wt.eu>
-Date: Tue, 18 Aug 2015 17:15:20 +0200
-Subject: [PATCH 11/11] BUG/MEDIUM: counters: ensure that src_{inc,clr}_gpc0
- creates a missing entry
-
-During 1.5-dev20 there was some code refactoring to make the src_* fetch
-function use the same code as sc_*. Unfortunately this introduced a
-regression where src_* doesn't create an entry anymore if it does not
-exist in the table. The reason is that smp_fetch_sc_stkctr() only calls
-stktable_lookup_key() while src_inc_*/src_clr_* used to make use of
-stktable_update_key() which additionally create the entry if it does
-not exist.
-
-There's no point modifying the common function for these two exceptions,
-so instead we now have a function dedicated to the creation of this entry
-for src_* only. It is called when the entry didn't exist, so that requires
-minimal modifications to existing code.
-
-Thanks to Thierry Fournier for helping diagnose the issue.
-
-This fix must be backported to 1.5.
-(cherry picked from commit 0f4eadd4830279f5ee83aa545728fb750f5c8185)
-
-[Note: the backport to 1.5 significantly differs from the version in 1.6
- since we need to use the table's type and to retrieve the source address
- directly from the connection. At least it matches the way other src_*
- fetch functions work, and it's been verified to work fine]
----
- src/session.c | 33 +++++++++++++++++++++++++++++++++
- 1 file changed, 33 insertions(+)
-
-diff --git a/src/session.c b/src/session.c
-index 5b9e407..6d62e36 100644
---- a/src/session.c
-+++ b/src/session.c
-@@ -2806,6 +2806,33 @@ smp_fetch_sc_stkctr(struct session *l4, const struct arg *args, const char *kw)
- 	return &l4->stkctr[num];
- }
- 
-+/* same as smp_fetch_sc_stkctr() but dedicated to src_* and can create
-+ * the entry if it doesn't exist yet. This is needed for a few fetch
-+ * functions which need to create an entry, such as src_inc_gpc* and
-+ * src_clr_gpc*.
-+ */
-+struct stkctr *
-+smp_create_src_stkctr(struct session *sess, const struct arg *args, const char *kw)
-+{
-+	static struct stkctr stkctr;
-+	struct stktable_key *key;
-+	struct connection *conn = objt_conn(sess->si[0].end);
-+
-+	if (strncmp(kw, "src_", 4) != 0)
-+		return NULL;
-+
-+	if (!conn)
-+		return NULL;
-+
-+	key = addr_to_stktable_key(&conn->addr.from, args->data.prx->table.type);
-+	if (!key)
-+		return NULL;
-+
-+	stkctr.table = &args->data.prx->table;
-+	stkctr_set_entry(&stkctr, stktable_update_key(stkctr.table, key));
-+	return &stkctr;
-+}
-+
- /* set return a boolean indicating if the requested session counter is
-  * currently being tracked or not.
-  * Supports being called as "sc[0-9]_tracked" only.
-@@ -2887,6 +2914,9 @@ smp_fetch_sc_inc_gpc0(struct proxy *px, struct session *l4, void *l7, unsigned i
- 	if (!stkctr)
- 		return 0;
- 
-+	if (stkctr_entry(stkctr) == NULL)
-+		stkctr = smp_create_src_stkctr(l4, args, kw);
-+
- 	smp->flags = SMP_F_VOL_TEST;
- 	smp->type = SMP_T_UINT;
- 	smp->data.uint = 0;
-@@ -2924,6 +2954,9 @@ smp_fetch_sc_clr_gpc0(struct proxy *px, struct session *l4, void *l7, unsigned i
- 	if (!stkctr)
- 		return 0;
- 
-+	if (stkctr_entry(stkctr) == NULL)
-+		stkctr = smp_create_src_stkctr(l4, args, kw);
-+
- 	smp->flags = SMP_F_VOL_TEST;
- 	smp->type = SMP_T_UINT;
- 	smp->data.uint = 0;
--- 
-2.1.4
-
diff --git a/0012-DOC-ssl-missing-LF.patch b/0012-DOC-ssl-missing-LF.patch
deleted file mode 100644
index 6d66fbf..0000000
--- a/0012-DOC-ssl-missing-LF.patch
+++ /dev/null
@@ -1,27 +0,0 @@
-From 2272b4ffde38c836adfd9a9b43ff5c019ef4190a Mon Sep 17 00:00:00 2001
-From: Thierry FOURNIER <tfournier@arpalert.org>
-Date: Wed, 26 Aug 2015 08:21:26 +0200
-Subject: [PATCH 12/13] DOC: ssl: missing LF
-
-An error message miss LF
-(cherry picked from commit bc965348d7ccc0a306504232ab85dc240fd31fbf)
----
- src/ssl_sock.c | 2 +-
- 1 file changed, 1 insertion(+), 1 deletion(-)
-
-diff --git a/src/ssl_sock.c b/src/ssl_sock.c
-index 2ae45ec..8f698c0 100644
---- a/src/ssl_sock.c
-+++ b/src/ssl_sock.c
-@@ -1760,7 +1760,7 @@ int ssl_sock_prepare_srv_ctx(struct server *srv, struct proxy *curproxy)
- #ifndef OPENSSL_NO_SSL3
- 		SSL_CTX_set_ssl_version(srv->ssl_ctx.ctx, SSLv3_client_method());
- #else
--		Alert("SSLv3 support requested but unavailable.");
-+		Alert("SSLv3 support requested but unavailable.\n");
- 		cfgerr++;
- #endif
- 	}
--- 
-2.1.4
-
diff --git a/0013-DOC-fix-example-of-http-request-using-ssl_fc_session.patch b/0013-DOC-fix-example-of-http-request-using-ssl_fc_session.patch
deleted file mode 100644
index a5cefd1..0000000
--- a/0013-DOC-fix-example-of-http-request-using-ssl_fc_session.patch
+++ /dev/null
@@ -1,30 +0,0 @@
-From d3a93a932430bc1a4cd5d1350820c2bec706e26d Mon Sep 17 00:00:00 2001
-From: Willy Tarreau <w@1wt.eu>
-Date: Thu, 27 Aug 2015 17:15:05 +0200
-Subject: [PATCH 13/13] DOC: fix example of http-request using
- ssl_fc_session_id
-
-It was missing the ",hex" resulting in raw binary data being dumped in
-the header or the logs. Now we know where these crazy logs originated
-from!
-(cherry picked from commit fca4261dacab51db960d30120f4bb4201f7e4a51)
----
- doc/configuration.txt | 2 +-
- 1 file changed, 1 insertion(+), 1 deletion(-)
-
-diff --git a/doc/configuration.txt b/doc/configuration.txt
-index 1d95b5b..67d273b 100644
---- a/doc/configuration.txt
-+++ b/doc/configuration.txt
-@@ -3135,7 +3135,7 @@ http-request { allow | deny | tarpit | auth [realm <realm>] | redirect <rule> |
-   Example:
-         http-request set-header X-Haproxy-Current-Date %T
-         http-request set-header X-SSL                  %[ssl_fc]
--        http-request set-header X-SSL-Session_ID       %[ssl_fc_session_id]
-+        http-request set-header X-SSL-Session_ID       %[ssl_fc_session_id,hex]
-         http-request set-header X-SSL-Client-Verify    %[ssl_c_verify]
-         http-request set-header X-SSL-Client-DN        %{+Q}[ssl_c_s_dn]
-         http-request set-header X-SSL-Client-CN        %{+Q}[ssl_c_s_dn(cn)]
--- 
-2.1.4
-
diff --git a/0014-BUG-MINOR-http-remove-stupid-HTTP_METH_NONE-entry.patch b/0014-BUG-MINOR-http-remove-stupid-HTTP_METH_NONE-entry.patch
deleted file mode 100644
index 843d779..0000000
--- a/0014-BUG-MINOR-http-remove-stupid-HTTP_METH_NONE-entry.patch
+++ /dev/null
@@ -1,78 +0,0 @@
-From bcd033699c5a4904967652de4980e4f35f17ee34 Mon Sep 17 00:00:00 2001
-From: Willy Tarreau <w@1wt.eu>
-Date: Thu, 3 Sep 2015 17:15:21 +0200
-Subject: [PATCH 14/15] BUG/MINOR: http: remove stupid HTTP_METH_NONE entry
-
-When converting the "method" fetch to a string, we used to get an empty
-string if the first character was not an upper case. This was caused by
-the lookup function which returns HTTP_METH_NONE when a lookup is not
-possible, and this method being mapped to an empty string in the array.
-
-This is a totally stupid mechanism, there's no reason for having the
-result depend on the first char. In fact the message parser already
-checks that the syntax matches an HTTP token so we can only land there
-with a valid token, hence only HTTP_METH_OTHER should be returned.
-
-This fix should be backported to all actively supported branches.
-(cherry picked from commit b7ce424be2bc9df73a3b971fa9dd6daea0332bf1)
----
- include/types/proto_http.h |  1 -
- src/proto_http.c           | 11 ++++-------
- 2 files changed, 4 insertions(+), 8 deletions(-)
-
-diff --git a/include/types/proto_http.h b/include/types/proto_http.h
-index a5a5d31..dbce972 100644
---- a/include/types/proto_http.h
-+++ b/include/types/proto_http.h
-@@ -219,7 +219,6 @@ enum {
- 
- /* Known HTTP methods */
- enum http_meth_t {
--	HTTP_METH_NONE = 0,
- 	HTTP_METH_OPTIONS,
- 	HTTP_METH_GET,
- 	HTTP_METH_HEAD,
-diff --git a/src/proto_http.c b/src/proto_http.c
-index 02dc42b..46694cb 100644
---- a/src/proto_http.c
-+++ b/src/proto_http.c
-@@ -361,12 +361,11 @@ const struct http_method_desc http_methods[26][3] = {
- 		[0] = {	.meth = HTTP_METH_TRACE   , .len=5, .text="TRACE"   },
- 	},
- 	/* rest is empty like this :
--	 *      [1] = {	.meth = HTTP_METH_NONE    , .len=0, .text=""        },
-+	 *      [0] = {	.meth = HTTP_METH_OTHER   , .len=0, .text=""        },
- 	 */
- };
- 
- const struct http_method_name http_known_methods[HTTP_METH_OTHER] = {
--	[HTTP_METH_NONE]    = { "",         0 },
- 	[HTTP_METH_OPTIONS] = { "OPTIONS",  7 },
- 	[HTTP_METH_GET]     = { "GET",      3 },
- 	[HTTP_METH_HEAD]    = { "HEAD",     4 },
-@@ -793,8 +792,8 @@ struct chunk *http_error_message(struct session *s, int msgnum)
- }
- 
- /*
-- * returns HTTP_METH_NONE if there is nothing valid to read (empty or non-text
-- * string), HTTP_METH_OTHER for unknown methods, or the identified method.
-+ * returns a known method among HTTP_METH_* or HTTP_METH_OTHER for all unknown
-+ * ones.
-  */
- enum http_meth_t find_http_meth(const char *str, const int len)
- {
-@@ -810,10 +809,8 @@ enum http_meth_t find_http_meth(const char *str, const int len)
- 			if (likely(memcmp(str, h->text, h->len) == 0))
- 				return h->meth;
- 		};
--		return HTTP_METH_OTHER;
- 	}
--	return HTTP_METH_NONE;
--
-+	return HTTP_METH_OTHER;
- }
- 
- /* Parse the URI from the given transaction (which is assumed to be in request
--- 
-2.1.4
-
diff --git a/0015-BUG-MAJOR-http-don-t-call-http_send_name_header-afte.patch b/0015-BUG-MAJOR-http-don-t-call-http_send_name_header-afte.patch
deleted file mode 100644
index ca54264..0000000
--- a/0015-BUG-MAJOR-http-don-t-call-http_send_name_header-afte.patch
+++ /dev/null
@@ -1,49 +0,0 @@
-From 3f34b5539e7ba31e44055d853b9ba496e73e0bae Mon Sep 17 00:00:00 2001
-From: Willy Tarreau <w@1wt.eu>
-Date: Mon, 7 Sep 2015 19:32:33 +0200
-Subject: [PATCH 15/15] BUG/MAJOR: http: don't call http_send_name_header()
- after an error
-
-A crash was reported when using the "famous" http-send-name-header
-directive. This time it's a bit tricky, it requires a certain number of
-conditions to be met including maxconn on a server, queuing, timeout in
-the queue and cookie-based persistence.
-
-The problem is that in stream.c, before calling http_send_name_header(),
-we check a number of conditions to know if we have to replace the header
-name. But prior to reaching this place, it's possible for
-sess_update_stream_int() to fail and change the stream-int's state to
-SI_ST_CLO, send an error 503 to the client, and flush all buffers. But
-http_send_name_header() can only be called with valid buffer contents
-matching the http_msg's description. So when it rewinds the stream to
-modify the header, buf->o becomes negative by the size of the incoming
-request and is used as the argument to memmove() which basically
-displaces 4GB of memory off a few bytes to write the new name, resulting
-in a core and a core file that's really not fun to play with.
-
-The solution obviously consists in refraining from calling this nasty
-function when the stream interface is already closed.
-
-This bug also affects 1.5 and possibly 1.4, so the fix must be backported
-there.
-(cherry picked from commit 9c03b33329cb4924716edc1c851913a18b0670dc)
----
- src/session.c | 2 +-
- 1 file changed, 1 insertion(+), 1 deletion(-)
-
-diff --git a/src/session.c b/src/session.c
-index 6d62e36..7520a85 100644
---- a/src/session.c
-+++ b/src/session.c
-@@ -2293,7 +2293,7 @@ struct task *process_session(struct task *t)
- 
- 			/* Now we can add the server name to a header (if requested) */
- 			/* check for HTTP mode and proxy server_name_hdr_name != NULL */
--			if ((s->si[1].state >= SI_ST_CON) &&
-+			if ((s->si[1].state >= SI_ST_CON) && (s->si[1].state < SI_ST_CLO) &&
- 			    (s->be->server_id_hdr_name != NULL) &&
- 			    (s->be->mode == PR_MODE_HTTP) &&
- 			    objt_server(s->target)) {
--- 
-2.1.4
-
diff --git a/haproxy-1.2.16_config_haproxy_user.patch b/haproxy-1.2.16_config_haproxy_user.patch
deleted file mode 100644
index bbea24f..0000000
--- a/haproxy-1.2.16_config_haproxy_user.patch
+++ /dev/null
@@ -1,32 +0,0 @@
-Index: examples/examples.cfg
-===================================================================
---- examples/examples.cfg.orig
-+++ examples/examples.cfg
-@@ -3,8 +3,8 @@
- #	log	127.0.0.1 local1
- 	maxconn	4000
- 	ulimit-n 8000
--	uid	0
--	gid	0
-+	user	haproxy
-+	group	haproxy
- #	chroot	/tmp
- #	nbproc	2
- #	daemon
-Index: examples/haproxy.cfg
-===================================================================
---- examples/haproxy.cfg.orig
-+++ examples/haproxy.cfg
-@@ -5,9 +5,9 @@
- 	log 127.0.0.1	local1 notice
- 	#log loghost	local0 info
- 	maxconn 4096
--	chroot /usr/share/haproxy
--	uid 99
--	gid 99
-+	chroot /var/lib/haproxy
-+	user haproxy
-+	group haproxy
- 	daemon
- 	#debug
- 	#quiet
diff --git a/haproxy-1.5.14.tar.gz b/haproxy-1.5.14.tar.gz
deleted file mode 100644
index d1b88e9..0000000
--- a/haproxy-1.5.14.tar.gz
+++ /dev/null
@@ -1,3 +0,0 @@
-version https://git-lfs.github.com/spec/v1
-oid sha256:9565dd38649064d0350a2883fa81ccfe92eb17dcda457ebdc01535e1ab0c8f99
-size 1345345
diff --git a/haproxy-1.5.8-fix-bashisms.patch b/haproxy-1.5.8-fix-bashisms.patch
deleted file mode 100644
index 7486886..0000000
--- a/haproxy-1.5.8-fix-bashisms.patch
+++ /dev/null
@@ -1,76 +0,0 @@
-diff -Ndur haproxy-1.5.8/examples/build.cfg haproxy-1.5.8-fix-bashisms/examples/build.cfg
---- haproxy-1.5.8/examples/build.cfg	2014-10-31 11:06:53.000000000 +0200
-+++ haproxy-1.5.8-fix-bashisms/examples/build.cfg	2014-11-17 04:09:42.408078486 +0200
-@@ -5,12 +5,12 @@
- PATCH_LIST=
- FILE_LIST=
- 
--function do_compile_only {
-+do_compile_only() {
-     $FLXMAKE CPU_OPTS="-march=$arch -mcpu=$cpu -Os -mpreferred-stack-boundary=2 -momit-leaf-frame-pointer -malign-jumps=0" \
- 	     TARGET=linux24
- }
- 
--function do_prepack {
-+do_prepack() {
-     mkdir -p $ROOTDIR/sbin/init.d ; cp examples/init.haproxy.flx0 $ROOTDIR/sbin/init.d/haproxy
-     mkdir -p $ROOTDIR/usr/sbin ; cp haproxy $ROOTDIR/usr/sbin
-     mkdir -p $ROOTDIR/usr/share/examples/$PKGRADIX/$PKGRADIX-$PKGVER/etc/haproxy/
-diff -Ndur haproxy-1.5.8/examples/haproxy-1.1.21-flx.1.pkg haproxy-1.5.8-fix-bashisms/examples/haproxy-1.1.21-flx.1.pkg
---- haproxy-1.5.8/examples/haproxy-1.1.21-flx.1.pkg	2014-10-31 11:06:53.000000000 +0200
-+++ haproxy-1.5.8-fix-bashisms/examples/haproxy-1.1.21-flx.1.pkg	2014-11-17 04:09:28.396079434 +0200
-@@ -1,10 +1,10 @@
- #!/bin/sh
- 
--function do_compile {
-+do_compile() {
-     $FLXMAKE COPTS="-march=$arch -mcpu=$cpu -Os -mpreferred-stack-boundary=2 -momit-leaf-frame-pointer -malign-jumps=0 -DNETFILTER -DTRANSPARENT"
- }
- 
--function do_prepack {
-+do_prepack() {
-     mkdir -p $ROOTDIR/sbin/init.d ; cp init.d/haproxy $ROOTDIR/sbin/init.d
-     mkdir -p $ROOTDIR/usr/sbin ; cp haproxy $ROOTDIR/usr/sbin
-     mkdir -p $ROOTDIR/usr/share/examples/$PKGRADIX/$PKGRADIX-$PKGVER/etc
-diff -Ndur haproxy-1.5.8/examples/haproxy.init haproxy-1.5.8-fix-bashisms/examples/haproxy.init
---- haproxy-1.5.8/examples/haproxy.init	2014-10-31 11:06:53.000000000 +0200
-+++ haproxy-1.5.8-fix-bashisms/examples/haproxy.init	2014-11-17 04:10:05.127076949 +0200
-@@ -116,7 +116,7 @@
-     check
-     ;;
-   *)
--    echo $"Usage: $BASENAME {start|stop|restart|reload|condrestart|status|check}"
-+    echo "Usage: $BASENAME {start|stop|restart|reload|condrestart|status|check}"
-     exit 1
- esac
-  
-diff -Ndur haproxy-1.5.8/examples/init.haproxy haproxy-1.5.8-fix-bashisms/examples/init.haproxy
---- haproxy-1.5.8/examples/init.haproxy	2014-10-31 11:06:53.000000000 +0200
-+++ haproxy-1.5.8-fix-bashisms/examples/init.haproxy	2014-11-17 04:10:58.897073312 +0200
-@@ -19,7 +19,7 @@
-    maintfd=0
- fi
- 
--maxfd=$[$maxconn*2 + $maintfd]
-+maxfd=$(($maxconn * 2 + $maintfd))
- if [ $maxfd -lt 100 ]; then
-    maxfd=100;
- fi
-@@ -31,7 +31,7 @@
- # ulimit -c unlimited
- 
- # soft stop
--function do_stop {
-+do_stop() {
-    pids=`pidof -o $$ -- $PNAME`
-    if [ ! -z "$pids" ]; then
-       echo "Asking $PNAME to terminate gracefully..."
-@@ -41,7 +41,7 @@
- }
- 
- # dump status
--function do_status {
-+do_status() {
-    pids=`pidof -o $$ -- $PNAME`
-    if [ ! -z "$pids" ]; then
-       echo "Dumping $PNAME status in logs."
diff --git a/haproxy-makefile_lib.patch b/haproxy-1.6.0-makefile_lib.patch
similarity index 85%
rename from haproxy-makefile_lib.patch
rename to haproxy-1.6.0-makefile_lib.patch
index 0d4b4a8..abbc6a4 100644
--- a/haproxy-makefile_lib.patch
+++ b/haproxy-1.6.0-makefile_lib.patch
@@ -2,7 +2,7 @@ Index: Makefile
 ===================================================================
 --- Makefile.orig
 +++ Makefile
-@@ -567,7 +567,7 @@ ifneq ($(USE_PCRE)$(USE_STATIC_PCRE)$(US
+@@ -644,7 +644,7 @@ ifneq ($(USE_PCRE)$(USE_STATIC_PCRE)$(US
  PCREDIR	        := $(shell pcre-config --prefix 2>/dev/null || echo /usr/local)
  ifneq ($(PCREDIR),)
  PCRE_INC        := $(PCREDIR)/include
diff --git a/sec-options.patch b/haproxy-1.6.0-sec-options.patch
similarity index 87%
rename from sec-options.patch
rename to haproxy-1.6.0-sec-options.patch
index 2554d93..4edc8a9 100644
--- a/sec-options.patch
+++ b/haproxy-1.6.0-sec-options.patch
@@ -1,8 +1,8 @@
 Index: Makefile
 ===================================================================
---- Makefile.orig	2014-06-05 19:23:53.559663353 +0200
-+++ Makefile	2014-06-05 19:29:01.679662808 +0200
-@@ -594,6 +594,35 @@ OPTIONS_CFLAGS  += -DUSE_TFO
+--- Makefile.orig
++++ Makefile
+@@ -671,6 +671,35 @@ OPTIONS_CFLAGS  += -DUSE_TFO
  BUILD_OPTIONS   += $(call ignore_implicit,USE_TFO)
  endif
  
diff --git a/haproxy-1.6.0.tar.gz b/haproxy-1.6.0.tar.gz
new file mode 100644
index 0000000..058d322
--- /dev/null
+++ b/haproxy-1.6.0.tar.gz
@@ -0,0 +1,3 @@
+version https://git-lfs.github.com/spec/v1
+oid sha256:e83a272b7d3638cf1d37bba58d3e75f497c1862315ee5bb7f5efc1d98d26e25b
+size 1538022
diff --git a/haproxy-1.6.0_config_haproxy_user.patch b/haproxy-1.6.0_config_haproxy_user.patch
new file mode 100644
index 0000000..361e0e4
--- /dev/null
+++ b/haproxy-1.6.0_config_haproxy_user.patch
@@ -0,0 +1,95 @@
+Index: haproxy-1.6.0/examples/acl-content-sw.cfg
+===================================================================
+--- haproxy-1.6.0.orig/examples/acl-content-sw.cfg
++++ haproxy-1.6.0/examples/acl-content-sw.cfg
+@@ -5,9 +5,9 @@ global
+ 	log	   loghost   local0
+ 	log	   localhost local0 err
+ 	maxconn	   250
+-	uid	   71
+-	gid	   71
+-	chroot	   /var/empty
++	user	haproxy
++	group	haproxy
++	chroot	   /var/lib/haproxy
+ 	pidfile	   /var/run/haproxy.pid
+ 	daemon
+ 	quiet
+Index: haproxy-1.6.0/examples/auth.cfg
+===================================================================
+--- haproxy-1.6.0.orig/examples/auth.cfg
++++ haproxy-1.6.0/examples/auth.cfg
+@@ -1,7 +1,7 @@
+ global
+-#	chroot /var/empty/
+-#	uid 451
+-#	gid 451
++	user	haproxy
++	group	haproxy
++	chroot	   /var/lib/haproxy
+ 	log 192.168.131.214:8514 local4 debug
+ 	maxconn 8192
+ 
+Index: haproxy-1.6.0/examples/content-sw-sample.cfg
+===================================================================
+--- haproxy-1.6.0.orig/examples/content-sw-sample.cfg
++++ haproxy-1.6.0/examples/content-sw-sample.cfg
+@@ -11,9 +11,9 @@ global
+         maxconn         10000
+         stats socket    /var/run/haproxy.stat mode 600 level admin
+         log             127.0.0.1 local0
+-        uid             200
+-        gid             200
+-        chroot          /var/empty
++        user	haproxy
++        group	haproxy
++        chroot	   /var/lib/haproxy
+         daemon
+ 
+ # The public 'www' address in the DMZ
+Index: haproxy-1.6.0/examples/option-http_proxy.cfg
+===================================================================
+--- haproxy-1.6.0.orig/examples/option-http_proxy.cfg
++++ haproxy-1.6.0/examples/option-http_proxy.cfg
+@@ -6,9 +6,9 @@ global
+         maxconn         20000
+ 	ulimit-n	16384
+         log             127.0.0.1 local0
+-        uid             200
+-        gid             200
+-        chroot          /var/empty
++	chroot /var/lib/haproxy
++	user haproxy
++	group haproxy
+ 	nbproc		4
+         daemon
+ 
+Index: haproxy-1.6.0/examples/ssl.cfg
+===================================================================
+--- haproxy-1.6.0.orig/examples/ssl.cfg
++++ haproxy-1.6.0/examples/ssl.cfg
+@@ -4,6 +4,9 @@
+ 
+ global
+ 	maxconn 100
++	chroot /var/lib/haproxy
++	user haproxy
++	group haproxy
+ 
+ defaults
+ 	mode http
+Index: haproxy-1.6.0/examples/transparent_proxy.cfg
+===================================================================
+--- haproxy-1.6.0.orig/examples/transparent_proxy.cfg
++++ haproxy-1.6.0/examples/transparent_proxy.cfg
+@@ -6,6 +6,10 @@
+ #
+ 
+ global
++	chroot /var/lib/haproxy
++	user haproxy
++	group haproxy
++
+ defaults
+ 	timeout client		30s
+ 	timeout server		30s
diff --git a/haproxy.cfg b/haproxy.cfg
new file mode 100644
index 0000000..dc68fe5
--- /dev/null
+++ b/haproxy.cfg
@@ -0,0 +1,35 @@
+global
+  log /dev/log daemon
+  maxconn 32768
+  chroot /var/lib/haproxy
+  user haproxy
+  group haproxy
+  daemon
+  stats socket /var/lib/haproxy/stats user haproxy group haproxy mode 0640 level operator
+  tune.bufsize 32768
+  tune.ssl.default-dh-param 2048
+  ssl-default-bind-ciphers ALL:!aNULL:!eNULL:!EXPORT:!DES:!3DES:!MD5:!PSK:!RC4:!ADH:!LOW@STRENGTH
+
+defaults
+  log     global
+  mode    http
+  option  log-health-checks
+  option  log-separate-errors
+  option  dontlog-normal
+  option  dontlognull
+  option  httplog
+  option  socket-stats
+  retries 3
+  option  redispatch
+  maxconn 10000
+  timeout connect     5s
+  timeout client     50s
+  timeout server    450s
+
+listen stats
+  bind 0.0.0.0:80
+  bind :::80 v6only
+  stats enable
+  stats uri     /
+  stats refresh 5s
+  rspadd Server:\ haproxy/1.6
diff --git a/haproxy.changes b/haproxy.changes
index 9f30cbb..8c8ba3c 100644
--- a/haproxy.changes
+++ b/haproxy.changes
@@ -1,3 +1,61 @@
+-------------------------------------------------------------------
+Tue Oct 13 19:39:12 UTC 2015 - mrueckert@suse.de
+
+- update to 1.6.0
+  The most user-visible changes, we can cite the simpler handling
+  of multiple configuration files, the support for quotes and
+  environment variables in the configuration, a significant
+  reduction of the memory usage thanks to a new dynamic buffer
+  allocator, notifications over e-mail, server state keeping across
+  reloads, dynamic DNS-based server address resolution, new
+  scripting capabilities thanks to the embedded Lua interpreter,
+  use of variables in the configuration to manipulate samples,
+  request body buffering and analysis, support for two third-party
+  device identification products (DeviceAtlas and 51Degrees), a lot
+  of new sample converters including arithmetic operators and table
+  lookups, TLS ticket secret sharing between nodes, TLS SNI to the
+  server, full tables replication between peers, ability to
+  instruct the kernel to quickly kill dead connections, support for
+  Linux namespaces, and a number of other less visible goodies. The
+  performance has also been improved a lot with support for server
+  connection multiplexing, much faster and cheaper HTTP compression
+  via libslz, and the addition of a pattern cache to speed up
+  certain expensive ACLs. The great flexibility offered by this
+  version will allow many users to significantly simplify their
+  configurations. Some users will notice a huge performance boost
+  after they enable the features designed for them.
+
+  for all the details see /usr/share/doc/packages/haproxy/CHANGELOG
+- drop patches we pulled from upstream git:
+  0001-BUG-MINOR-log-missing-some-ARGC_-entries-in-fmt_dire.patch
+  0002-DOC-usesrc-root-privileges-requirements.patch
+  0003-BUILD-ssl-Allow-building-against-libssl-without-SSLv.patch
+  0004-DOC-MINOR-fix-OpenBSD-versions-where-haproxy-works.patch
+  0005-BUG-MINOR-http-sample-gmtime-localtime-can-fail.patch
+  0006-DOC-typo-in-redirect-302-code-meaning.patch
+  0007-DOC-mention-that-ms-is-left-padded-with-zeroes.patch
+  0008-CLEANUP-.gitignore-ignore-more-test-files.patch
+  0009-CLEANUP-.gitignore-finally-ignore-everything-but-wha.patch
+  0010-MEDIUM-config-emit-a-warning-on-a-frontend-without-l.patch
+  0011-BUG-MEDIUM-counters-ensure-that-src_-inc-clr-_gpc0-c.patch
+  0012-DOC-ssl-missing-LF.patch
+  0013-DOC-fix-example-of-http-request-using-ssl_fc_session.patch
+  0014-BUG-MINOR-http-remove-stupid-HTTP_METH_NONE-entry.patch
+  0015-BUG-MAJOR-http-don-t-call-http_send_name_header-afte.patch
+- refresh/redo patches to apply cleanly again:
+  old: haproxy-1.2.16_config_haproxy_user.patch
+  new: haproxy-1.6.0_config_haproxy_user.patch
+  old: haproxy-makefile_lib.patch
+  new: haproxy-1.6.0-makefile_lib.patch
+  old: sec-options.patch
+  new: haproxy-1.6.0-sec-options.patch
+- added new haproxy.cfg to have a minimal config we can actually
+  launch!
+- drop patch haproxy-1.5.8-fix-bashisms.patch: patched files no
+  longer exist
+- drop haproxy.vim: we will use the copy which ships with the
+  upstream tarball now.
+
 -------------------------------------------------------------------
 Wed Sep 23 19:26:54 UTC 2015 - dmueller@suse.com
 
diff --git a/haproxy.spec b/haproxy.spec
index da9dcc2..824323b 100644
--- a/haproxy.spec
+++ b/haproxy.spec
@@ -19,6 +19,12 @@
 %bcond_with tcp_fast_open
 %endif
 
+%if 0%{?suse_version} > 1320
+%bcond_without lua
+%else
+%bcond_with lua
+%endif
+
 %if 0%{?suse_version} >= 1310
 %bcond_without systemd
 %else
@@ -33,12 +39,15 @@
 %bcond_without  apparmor
 
 Name:           haproxy
-Version:        1.5.14
+Version:        1.6.0
 Release:        0
 #
 #
 BuildRoot:      %{_tmppath}/%{name}-%{version}-build
 BuildRequires:  libgcrypt-devel
+%if %{with lua}
+BuildRequires:  lua-devel >= 5.3
+%endif
 BuildRequires:  pcre-devel
 BuildRequires:  zlib-devel
 BuildRequires:  openssl-devel
@@ -54,44 +63,12 @@ BuildRequires:  vim
 Url:            http://www.haproxy.org/
 Source:         http://www.haproxy.org/download/1.5/src/haproxy-%{version}.tar.gz
 Source1:        %{pkg_name}.init
-Source2:        http://www.haproxy.org/download/contrib/haproxy.vim
-Source3:        usr.sbin.haproxy.apparmor
-Source4:        local.usr.sbin.haproxy.apparmor
-Patch1:         haproxy-1.2.16_config_haproxy_user.patch
-Patch2:         haproxy-makefile_lib.patch
-Patch3:         sec-options.patch
-Patch4:         haproxy-1.5.8-fix-bashisms.patch
-# BUG/MINOR: log: missing some ARGC_* entries in fmt_directives()
-Patch5:         0001-BUG-MINOR-log-missing-some-ARGC_-entries-in-fmt_dire.patch
-# DOC: usesrc root privileges requirements
-Patch6:         0002-DOC-usesrc-root-privileges-requirements.patch
-# BUILD: ssl: Allow building against libssl without SSLv3.
-Patch7:         0003-BUILD-ssl-Allow-building-against-libssl-without-SSLv.patch
-# DOC/MINOR: fix OpenBSD versions where haproxy works
-Patch8:         0004-DOC-MINOR-fix-OpenBSD-versions-where-haproxy-works.patch
-# BUG/MINOR: http/sample: gmtime/localtime can fail
-Patch9:         0005-BUG-MINOR-http-sample-gmtime-localtime-can-fail.patch
-# DOC: typo in 'redirect', 302 code meaning
-Patch10:        0006-DOC-typo-in-redirect-302-code-meaning.patch
-# DOC: mention that %ms is left-padded with zeroes.
-Patch11:        0007-DOC-mention-that-ms-is-left-padded-with-zeroes.patch
-# CLEANUP: .gitignore: ignore more test files
-Patch12:        0008-CLEANUP-.gitignore-ignore-more-test-files.patch
-# CLEANUP: .gitignore: finally ignore everything but what is known.
-Patch13:        0009-CLEANUP-.gitignore-finally-ignore-everything-but-wha.patch
-# MEDIUM: config: emit a warning on a frontend without listener
-Patch14:        0010-MEDIUM-config-emit-a-warning-on-a-frontend-without-l.patch
-# BUG/MEDIUM: counters: ensure that src_{inc,clr}_gpc0 creates a missing entry
-Patch15:        0011-BUG-MEDIUM-counters-ensure-that-src_-inc-clr-_gpc0-c.patch
-# DOC: ssl: missing LF
-Patch16:        0012-DOC-ssl-missing-LF.patch
-# DOC: fix example of http-request using ssl_fc_session_id
-Patch17:        0013-DOC-fix-example-of-http-request-using-ssl_fc_session.patch
-# BUG/MINOR: http: remove stupid HTTP_METH_NONE entry
-Patch18:        0014-BUG-MINOR-http-remove-stupid-HTTP_METH_NONE-entry.patch
-# BUG/MAJOR: http: don't call http_send_name_header() after an error
-Patch19:        0015-BUG-MAJOR-http-don-t-call-http_send_name_header-afte.patch
-
+Source2:        usr.sbin.haproxy.apparmor
+Source3:        local.usr.sbin.haproxy.apparmor
+Source4:        haproxy.cfg
+Patch1:         haproxy-1.6.0_config_haproxy_user.patch
+Patch2:         haproxy-1.6.0-makefile_lib.patch
+Patch3:         haproxy-1.6.0-sec-options.patch
 #
 Source99:       haproxy-rpmlintrc
 #
@@ -122,25 +99,9 @@ the most work done from every CPU cycle.
 
 %prep
 %setup -q
-%patch1
+%patch1 -p1
 %patch2
 %patch3
-%patch4 -p1
-%patch5 -p1
-%patch6 -p1
-%patch7 -p1
-%patch8 -p1
-%patch9 -p1
-%patch10 -p1
-%patch11 -p1
-%patch12 -p1
-%patch13 -p1
-%patch14 -p1
-%patch15 -p1
-%patch16 -p1
-%patch17 -p1
-%patch18 -p1
-%patch19 -p1
 
 %build
 %{__make} \
@@ -157,6 +118,10 @@ the most work done from every CPU cycle.
     %ifarch %ix86
     USE_REGPARM=1 \
     %endif
+    USE_PTHREAD_PSHARED=1 \
+    %if %{with lua}
+    USE_LUA=1 \
+    %endif
     USE_TPROXY=1 \
     USE_LINUX_TPROXY=1 \
     USE_LINUX_SPLICE=1 \
@@ -167,9 +132,10 @@ the most work done from every CPU cycle.
     USE_PIE=1 \
     USE_STACKPROTECTOR=1 \
     USE_RELRO_NOW=1 \
-%if %{with tcp_fast_open}
+    %if %{with tcp_fast_open}
     USE_TFO=1 \
-%endif
+    %endif
+    USE_NS=1 \
     LIB="%{_lib}" \
     PREFIX="%{_prefix}" \
     DEBUG_CFLAGS="%{optflags}"
@@ -178,28 +144,30 @@ make -C contrib/halog    PREFIX="%{_prefix}" \
     DEFINE="%{optflags} -pie -fpie -fstack-protector -Wl,-z,relro,-z,now"
 
 %install
-%{__install} -D -m 0755 %{pkg_name}              %{buildroot}%{_sbindir}/%{pkg_name}
-%{__install} -D -m 0644 examples/%{pkg_name}.cfg %{buildroot}%{_sysconfdir}/%{pkg_name}/%{pkg_name}.cfg
+install -D -m 0755 %{pkg_name}         %{buildroot}%{_sbindir}/%{pkg_name}
+install -d -m 0750                     %{buildroot}%{_sysconfdir}/%{pkg_name}/
+install    -m 0640 %{S:4}              %{buildroot}%{_sysconfdir}/%{pkg_name}/%{pkg_name}.cfg
+
+install -D -m 0755 contrib/halog/halog %{buildroot}%{_sbindir}/haproxy-halog
 
-%{__install} -D -m 0755 contrib/halog/halog       %{buildroot}%{_sbindir}/haproxy-halog
 %if %{with systemd}
-%{__install} -D -m 0755 haproxy-systemd-wrapper  %{buildroot}%{_sbindir}/haproxy-systemd-wrapper
-%{__install} -D -m 0644 contrib/systemd/%{pkg_name}.service  %{buildroot}%{_unitdir}/%{pkg_name}.service
+install -D -m 0755 haproxy-systemd-wrapper              %{buildroot}%{_sbindir}/haproxy-systemd-wrapper
+install -D -m 0644 contrib/systemd/%{pkg_name}.service  %{buildroot}%{_unitdir}/%{pkg_name}.service
 ln -sf /sbin/service   %{buildroot}%{_sbindir}/rc%{pkg_name}
 %else
-%{__install} -D -m 0755 %{S:1}                   %{buildroot}%{_sysconfdir}/init.d/%{pkg_name}
-%{__ln_s} -f %{_sysconfdir}/init.d/%{pkg_name}   %{buildroot}%{_sbindir}/rc%{pkg_name}
+install -D -m 0755 %{S:1}                      %{buildroot}%{_sysconfdir}/init.d/%{pkg_name}
+%{__ln_s} -f %{_sysconfdir}/init.d/%{pkg_name} %{buildroot}%{_sbindir}/rc%{pkg_name}
 %endif
 
-%{__install} -d -m 0755                          %{buildroot}%{pkg_home}
-%{__install} -D -m 0644 %{S:2}                   %{buildroot}%{vim_data_dir}/syntax/%{pkg_name}.vim
-%{__install} -D -m 0644 doc/%{pkg_name}.1        %{buildroot}%{_mandir}/man1/%{pkg_name}.1
+install -d -m 0755                          %{buildroot}%{pkg_home}
+install -D -m 0644 examples/haproxy.vim     %{buildroot}%{vim_data_dir}/syntax/%{pkg_name}.vim
+install -D -m 0644 doc/%{pkg_name}.1        %{buildroot}%{_mandir}/man1/%{pkg_name}.1
 %if %{with apparmor}
-%{__install} -D -m 0644 %{S:3}                   %{buildroot}/etc/apparmor.d/usr.sbin.haproxy
-%{__install} -D -m 0644 %{S:4}                   %{buildroot}/etc/apparmor.d/local/usr.sbin.haproxy
+install -D -m 0644 %{S:2}                   %{buildroot}/etc/apparmor.d/usr.sbin.haproxy
+install -D -m 0644 %{S:3}                   %{buildroot}/etc/apparmor.d/local/usr.sbin.haproxy
 %endif
 
-%{__rm} examples/haproxy.spec
+rm examples/haproxy.spec examples/*init* examples/haproxy.vim
 
 %if 0%{?suse_version} < 1230
 %clean
@@ -241,18 +209,14 @@ ln -sf /sbin/service   %{buildroot}%{_sbindir}/rc%{pkg_name}
 %doc CHANGELOG README LICENSE
 %doc ROADMAP doc/* examples/
 %doc contrib/netsnmp-perl/ contrib/selinux/
-%dir %{_sysconfdir}/%{pkg_name}
-%config(noreplace) %{_sysconfdir}/%{pkg_name}/%{pkg_name}.cfg
+%dir               %attr(-,root,haproxy) %{_sysconfdir}/%{pkg_name}
+%config(noreplace) %attr(-,root,haproxy) %{_sysconfdir}/%{pkg_name}/*
 %if %{with systemd}
 %{_unitdir}/%{pkg_name}.service
 %{_sbindir}/haproxy-systemd-wrapper
-
 %else
-
 %config(noreplace) %{_sysconfdir}/init.d/%{pkg_name}
-
 %endif
-
 %{_sbindir}/haproxy
 %{_sbindir}/haproxy-halog
 %{_sbindir}/rchaproxy
diff --git a/haproxy.vim b/haproxy.vim
deleted file mode 100644
index 2a30fb6..0000000
--- a/haproxy.vim
+++ /dev/null
@@ -1,164 +0,0 @@
-" Vim syntax file
-" Language:    HAproxy
-" Maintainer:  Bruno Michel <brmichel@free.fr>
-" Last Change: Mar 30, 2007
-" Version:     0.3
-" URL:         http://haproxy.1wt.eu/
-" URL:         http://vim.sourceforge.net/scripts/script.php?script_id=1845
-
-" It is suggested to add the following line to $HOME/.vimrc :
-"    au BufRead,BufNewFile haproxy* set ft=haproxy
-
-" For version 5.x: Clear all syntax items
-" For version 6.x: Quit when a syntax file was already loaded
-if version < 600
-	syntax clear
-elseif exists("b:current_syntax")
-	finish
-endif
-
-if version >= 600
-	setlocal iskeyword=_,-,a-z,A-Z,48-57
-else
-	set iskeyword=_,-,a-z,A-Z,48-57
-endif
-
-
-" Escaped chars
-syn match   hapEscape    +\\\(\\\| \|n\|r\|t\|#\|x\x\x\)+
-
-" Comments
-syn match   hapComment   /#.*$/ contains=hapTodo
-syn keyword hapTodo      contained TODO FIXME XXX
-syn case ignore
-
-" Sections
-syn match   hapSection   /^\s*\(global\|defaults\)/
-syn match   hapSection   /^\s*\(listen\|frontend\|backend\|ruleset\)/         skipwhite nextgroup=hapSectLabel
-syn match   hapSectLabel /\S\+/                                               skipwhite nextgroup=hapIp1 contained
-syn match   hapIp1       /\(\d\{1,3}\.\d\{1,3}\.\d\{1,3}\.\d\{1,3}\)\?:\d\{1,5}/        nextgroup=hapIp2 contained
-syn match   hapIp2       /,\(\d\{1,3}\.\d\{1,3}\.\d\{1,3}\.\d\{1,3}\)\?:\d\{1,5}/hs=s+1 nextgroup=hapIp2 contained
-
-" Parameters
-syn keyword hapParam     chroot cliexp clitimeout contimeout
-syn keyword hapParam     daemon debug disabled
-syn keyword hapParam     enabled
-syn keyword hapParam     fullconn
-syn keyword hapParam     gid grace
-syn keyword hapParam     maxconn monitor-uri
-syn keyword hapParam     nbproc noepoll nopoll
-syn keyword hapParam     pidfile
-syn keyword hapParam     quiet
-syn keyword hapParam     redispatch retries
-syn keyword hapParam     reqallow  reqdel  reqdeny  reqpass  reqtarpit  skipwhite nextgroup=hapRegexp
-syn keyword hapParam     reqiallow reqidel reqideny reqipass reqitarpit skipwhite nextgroup=hapRegexp
-syn keyword hapParam     rspdel  rspdeny    skipwhite nextgroup=hapRegexp
-syn keyword hapParam     rspidel rspideny   skipwhite nextgroup=hapRegexp
-syn keyword hapParam     reqsetbe reqisetbe skipwhite nextgroup=hapRegexp2
-syn keyword hapParam     reqadd reqiadd rspadd rspiadd
-syn keyword hapParam     server source srvexp srvtimeout
-syn keyword hapParam     uid ulimit-n
-syn keyword hapParam     reqrep reqirep rsprep rspirep    skipwhite nextgroup=hapRegexp
-syn keyword hapParam     errorloc errorloc302 errorloc303 skipwhite nextgroup=hapStatus
-syn keyword hapParam     default_backend                  skipwhite nextgroup=hapSectLabel
-syn keyword hapParam     appsession  skipwhite nextgroup=hapAppSess
-syn keyword hapParam     bind        skipwhite nextgroup=hapIp1
-syn keyword hapParam     balance     skipwhite nextgroup=hapBalance
-syn keyword hapParam     cookie      skipwhite nextgroup=hapCookieNam
-syn keyword hapParam     capture     skipwhite nextgroup=hapCapture
-syn keyword hapParam     dispatch    skipwhite nextgroup=hapIpPort
-syn keyword hapParam     source      skipwhite nextgroup=hapIpPort
-syn keyword hapParam     mode        skipwhite nextgroup=hapMode
-syn keyword hapParam     monitor-net skipwhite nextgroup=hapIPv4Mask
-syn keyword hapParam     option      skipwhite nextgroup=hapOption
-syn keyword hapParam     stats       skipwhite nextgroup=hapStats
-syn keyword hapParam     server      skipwhite nextgroup=hapServerN
-syn keyword hapParam     source      skipwhite nextgroup=hapServerEOL
-syn keyword hapParam     log         skipwhite nextgroup=hapGLog,hapLogIp
-
-" Options and additional parameters
-syn keyword hapAppSess   contained len timeout
-syn keyword hapBalance   contained roundrobin source
-syn keyword hapLen       contained len
-syn keyword hapGLog      contained global
-syn keyword hapMode      contained http tcp health
-syn keyword hapOption    contained abortonclose allbackups checkcache clitcpka dontlognull forceclose forwardfor
-syn keyword hapOption    contained httpchk httpclose httplog keepalive logasap persist srvtcpka ssl-hello-chk
-syn keyword hapOption    contained tcplog tcpka tcpsplice
-syn keyword hapOption    contained except skipwhite nextgroup=hapIPv4Mask
-syn keyword hapStats     contained uri realm auth scope enable
-syn keyword hapLogFac    contained kern user mail daemon auth syslog lpr news nextgroup=hapLogLvl skipwhite
-syn keyword hapLogFac    contained uucp cron auth2 ftp ntp audit alert cron2  nextgroup=hapLogLvl skipwhite
-syn keyword hapLogFac    contained local0 local1 local2 local3 local4 local5 local6 local7 nextgroup=hapLogLvl skipwhite
-syn keyword hapLogLvl    contained emerg alert crit err warning notice info debug
-syn keyword hapCookieKey contained rewrite insert nocache postonly indirect prefix nextgroup=hapCookieKey skipwhite
-syn keyword hapCapture   contained cookie nextgroup=hapNameLen skipwhite
-syn keyword hapCapture   contained request response nextgroup=hapHeader skipwhite
-syn keyword hapHeader    contained header nextgroup=hapNameLen skipwhite
-syn keyword hapSrvKey    contained backup cookie check inter rise fall port source minconn maxconn weight usesrc
-syn match   hapStatus    contained /\d\{3}/
-syn match   hapIPv4Mask  contained /\d\{1,3}\.\d\{1,3}\.\d\{1,3}\.\d\{1,3}\(\/\d\{1,2}\)\?/
-syn match   hapLogIp     contained /\d\{1,3}\.\d\{1,3}\.\d\{1,3}\.\d\{1,3}/   nextgroup=hapLogFac skipwhite
-syn match   hapIpPort    contained /\d\{1,3}\.\d\{1,3}\.\d\{1,3}\.\d\{1,3}:\d\{1,5}/
-syn match   hapServerAd  contained /\d\{1,3}\.\d\{1,3}\.\d\{1,3}\.\d\{1,3}\(:[+-]\?\d\{1,5}\)\?/ nextgroup=hapSrvEOL skipwhite
-syn match   hapNameLen   contained /\S\+/ nextgroup=hapLen       skipwhite
-syn match   hapCookieNam contained /\S\+/ nextgroup=hapCookieKey skipwhite
-syn match   hapServerN   contained /\S\+/ nextgroup=hapServerAd  skipwhite
-syn region  hapSrvEOL    contained start=/\S/ end=/$/ contains=hapSrvKey
-syn region  hapRegexp    contained start=/\S/ end=/\(\s\|$\)/ skip=/\\ / nextgroup=hapRegRepl skipwhite
-syn region  hapRegRepl   contained start=/\S/ end=/$/ contains=hapComment,hapEscape,hapBackRef
-syn region  hapRegexp2   contained start=/\S/ end=/\(\s\|$\)/ skip=/\\ / nextgroup=hapSectLabel skipwhite
-syn match   hapBackref   contained /\\\d/
-
-
-" Transparent is a Vim keyword, so we need a regexp to match it
-syn match   hapParam     +transparent+
-syn match   hapOption    +transparent+ contained
-
-
-" Define the default highlighting.
-" For version 5.7 and earlier: only when not done already
-" For version 5.8 and later: only when an item doesn't have highlighting yet
-if version < 508
-	command -nargs=+ HiLink hi link <args>
-else
-	command -nargs=+ HiLink hi def link <args>
-endif
-
-HiLink      hapEscape    SpecialChar
-HiLink      hapBackRef   Special
-HiLink      hapComment   Comment
-HiLink      hapTodo      Todo
-HiLink      hapSection   Constant
-HiLink      hapSectLabel Identifier
-HiLink      hapParam     Keyword
-
-HiLink      hapRegexp    String
-HiLink      hapRegexp2   hapRegexp
-HiLink      hapIp1       Number
-HiLink      hapIp2       hapIp1
-HiLink      hapLogIp     hapIp1
-HiLink      hapIpPort    hapIp1
-HiLink      hapIPv4Mask  hapIp1
-HiLink      hapServerAd  hapIp1
-HiLink      hapStatus    Number
-
-HiLink      hapOption    Operator
-HiLink      hapAppSess   hapOption
-HiLink      hapBalance   hapOption
-HiLink      hapCapture   hapOption
-HiLink      hapCookieKey hapOption
-HiLink      hapHeader    hapOption
-HiLink      hapGLog      hapOption
-HiLink      hapLogFac    hapOption
-HiLink      hapLogLvl    hapOption
-HiLink      hapMode      hapOption
-HiLink      hapStats     hapOption
-HiLink      hapLen       hapOption
-HiLink      hapSrvKey    hapOption
-
-
-delcommand HiLink
-
-let b:current_syntax = "haproxy"
-" vim: ts=8