SHA256
1
0
forked from pool/haproxy
Commit Graph

68 Commits

Author SHA256 Message Date
00a86a081a - if we lock down the permissions the home directory has to be
owned by haproxy

OBS-URL: https://build.opensuse.org/package/show/server:http/haproxy?expand=0&rev=162
2018-03-08 19:19:41 +00:00
Marguerite Su
7a9be1bc6a Accepting request 582333 from home:jengelh:branches:server:http
- Avoid %__-type macro indirections. Remove redundant %clean
  section. Do not ignore errors from useradd.

OBS-URL: https://build.opensuse.org/request/show/582333
OBS-URL: https://build.opensuse.org/package/show/server:http/haproxy?expand=0&rev=161
2018-03-07 05:58:33 +00:00
Marguerite Su
7e6d8d08ea Accepting request 582025 from home:KGronlund:branches:server:http
- Ensure haproxy home directory is not world readable (bsc#1077716)

OBS-URL: https://build.opensuse.org/request/show/582025
OBS-URL: https://build.opensuse.org/package/show/server:http/haproxy?expand=0&rev=160
2018-03-04 07:09:23 +00:00
392b0f1e5b Accepting request 574248 from home:KGronlund:branches:server:http
- Update to version 1.8.4 (bsc#1080069):
  * BUG/MINOR: config: don't emit a warning when global stats is incompletely configured
  * DOC: Mention -Ws in the list of available options
  * DOC: Describe routing impact of using interface keyword on bind lines
  * MINOR: init: emit warning when -sf/-sd cannot parse argument
  * BUG/MEDIUM: standard: Fix memory leak in str2ip2()
  * BUG/MINOR: time/threads: ensure the adjusted time is always correct
  * BUG/MEDIUM: spoe: Allow producer to read and to forward shutdown on request side
  * BUG/MEDIUM: spoe: Always try to receive or send the frame to detect shutdowns
  * BUG/MINOR: epoll/threads: only call epoll_ctl(DEL) on polled FDs
  * BUG/MINOR: threads: Update labels array because of changes in lock_label enum
  * BUG/MINOR: cli: use global.maxsock and not maxfd to list all FDs
  * CLEANUP: Fix typo in ARGT_MSK6 comment
  * BUG/MINOR: sample: Fix output type of c_ipv62ip
  * CLEANUP: sample: Fix outdated comment about sample casts functions
  * CLEANUP: sample: Fix comment encoding of sample.c
  * BUILD: kqueue/threads: Add test on MAX_THREADS to avoid warnings when complied without threads
  * BUILD: epoll/threads: Add test on MAX_THREADS to avoid warnings when complied without threads
  * MINOR: threads: Use __decl_hathreads instead of #ifdef/#endif
  * BUG/MINOR: kqueue/threads: Don't forget to close kqueue_fd[tid] on each thread
  * BUG/MEDIUM: checks: Don't try to release undefined conn_stream when a check is freed
  * BUG/MEDIUM: threads/server: Fix deadlock in srv_set_stopping/srv_set_admin_flag
  * BUG/MINOR: threads: always set an owner to the thread_sync pipe
  * MINOR: threads: Fix build when we're not compiling with threads.
  * BUG/MINOR: mworker: only write to pidfile if it exists
  * BUG/MEDIUM: threads/mworker: fix a race on startup
  * BUG/MEDIUM: kqueue/threads: use one kqueue_fd per thread
  * BUG/MEDIUM: epoll/threads: use one epoll_fd per thread
  * MINOR: fd: add a bitmask to indicate that an FD is known by the poller
  * BUG/MEDIUM: fd: maintain a per-thread update mask

OBS-URL: https://build.opensuse.org/request/show/574248
OBS-URL: https://build.opensuse.org/package/show/server:http/haproxy?expand=0&rev=159
2018-02-08 13:29:47 +00:00
fc179e5573 - Update to version 1.8.3:
* [RELEASE] Released version 1.8.3
  * MEDIUM: h2: prepare a graceful shutdown when the frontend is stopped
  * BUG/MAJOR: hpack: don't return direct references to the dynamic headers table
  * BUG/MEDIUM: http: don't automatically forward request close
  * MINOR: don't close stdio anymore
  * BUG/MEDIUM: mworker: don't close stdio several time
  * BUG/MEDIUM: h2: ensure we always know the stream before sending a reset
  * DOC/MINOR: configuration: typo, formatting fixes
  * BUG/MEDIUM: h2: improve handling of frames received on closed streams
  * BUG/MEDIUM: h2: properly handle and report some stream errors

OBS-URL: https://build.opensuse.org/package/show/server:http/haproxy?expand=0&rev=156
2017-12-31 02:26:21 +00:00
f1d1cfad8f - Update to version 1.8.2
OBS-URL: https://build.opensuse.org/package/show/server:http/haproxy?expand=0&rev=155
2017-12-24 23:43:13 +00:00
Kristoffer Gronlund
09681e1dbc Accepting request 548068 from home:KGronlund:branches:server:http
- Update to version 1.8.1 (bsc#1069954):
  * BUG/MAJOR: h2: correctly check the request length when building an H1 request
  * BUG/MAJOR: thread: Be sure to request a sync between threads only once at a time
  * BUG/MAJOR: thread/peers: fix deadlock on peers sync.
  * BUG/MEDIUM: h2: do not accept upper case letters in request header names
  * BUG/MEDIUM: h2: remove connection-specific headers from request
  * BUG/MEDIUM: h2: enforce the per-connection stream limit
  * BUG/MEDIUM: checks: Be sure we have a mux if we created a cs.
  * BUG/MEDIUM: peers: fix some track counter rules dont register entries for sync.
  * BUG/MEDIUM: h2: don't report an error after parsing a 100-continue response
  * BUG/MEDIUM: threads/peers: decrement, not increment jobs on quitting
  * BUG/MEDIUM: stream: fix session leak on applet-initiated connections
  * BUG/MEDIUM: cache: bad computation of the remaining size
  * BUG/MEDIUM: ssl: don't allocate shctx several time
  * BUG/MEDIUM: tcp-check: Don't lock the server in tcpcheck_main
  * BUG/MEDIUM: kqueue: Don't bother closing the kqueue after fork.
  * BUG/MINOR: h2: use the H2_F_DATA_* macros for DATA frames
  * BUG/MINOR: h2: reject response pseudo-headers from requests
  * BUG/MINOR: h2: properly check PRIORITY frames
  * BUG/MINOR: h2: reject incorrect stream dependencies on HEADERS frame
  * BUG/MINOR: h2: do not accept SETTINGS_ENABLE_PUSH other than 0 or 1
  * BUG/MINOR: h2: the TE header if present may only contain trailers
  * BUG/MINOR: h2: fix a typo causing PING/ACK to be responded to
  * BUG/MINOR: h2: ":path" must not be empty
  * BUG/MINOR: h2: try to abort closed streams as soon as possible
  * BUG/MINOR: h2: immediately close if receiving GOAWAY after the last stream
  * BUG/MINOR: hpack: dynamic table size updates are only allowed before headers
  * BUG/MINOR: hpack: reject invalid header index
  * BUG/MINOR: hpack: must reject huffman literals padded with more than 7 bits
  * BUG/MINOR: hpack: fix debugging output of pseudo header names

OBS-URL: https://build.opensuse.org/request/show/548068
OBS-URL: https://build.opensuse.org/package/show/server:http/haproxy?expand=0&rev=154
2017-12-04 13:36:45 +00:00
Kristoffer Gronlund
e713981734 Accepting request 546231 from home:KGronlund:branches:server:http
- License is now GPL-3.0+ and LGPL-2.1+

OBS-URL: https://build.opensuse.org/request/show/546231
OBS-URL: https://build.opensuse.org/package/show/server:http/haproxy?expand=0&rev=153
2017-11-28 13:55:11 +00:00
Kristoffer Gronlund
e4707d93a4 Accepting request 546033 from home:darix:branches:server:http
- [apparmor]: allow haproxy to restart itself. needed for seamless
  restart. also reload the apparmor profile on update.

- enable network namespaces on 42.3
- Enabled systemd notify mode: new BR: pkgconfig(libsystemd)
  This fixes problems with starting 1.8 on 42.3.
- apply build option changes as adviced by upstream

- Update to version 1.8.0:
  https://www.mail-archive.com/haproxy@formilux.org/msg28004.html

OBS-URL: https://build.opensuse.org/request/show/546033
OBS-URL: https://build.opensuse.org/package/show/server:http/haproxy?expand=0&rev=150
2017-11-27 15:03:06 +00:00
Kristoffer Gronlund
975a98b286 Accepting request 518340 from home:KGronlund:branches:server:http
- Update to version 1.7.9:
  * BUG/MINOR: peers: peer synchronization issue (with several peers sections).
  * BUG/MINOR: lua: In error case, the safe mode is not removed
  * BUG/MINOR: lua: executes the function destroying the Lua session in safe mode
  * BUG/MAJOR: lua/socket: resources not detroyed when the socket is aborted
  * BUG/MEDIUM: lua: bad memory access
  * DOC: update the list of OpenSSL versions in the README
  * DOC: Updated 51Degrees git URL to point to a stable version.
  * BUG/MINOR: http: Set the response error state in http_sync_res_state
  * MINOR: http: Reorder/rewrite checks in http_resync_states
  * MINOR: http: Switch requests/responses in TUNNEL mode only by checking txn flags
  * BUG/MEDIUM: http: Switch HTTP responses in TUNNEL mode when body length is undefined
  * BUG/MAJOR: http: Fix possible infinity loop in http_sync_(req|res)_state
  * BUG/MINOR: lua: Fix Server.get_addr() port values
  * BUG/MINOR: lua: Correctly use INET6_ADDRSTRLEN in Server.get_addr()
  * BUG/MINOR: lua: always detach the tcp/http tasks before freeing them
  * BUG/MINOR: lua: Fix bitwise logic for hlua_server_check_* functions.

OBS-URL: https://build.opensuse.org/request/show/518340
OBS-URL: https://build.opensuse.org/package/show/server:http/haproxy?expand=0&rev=149
2017-08-23 10:58:53 +00:00
Kristoffer Gronlund
c3b95c864d Accepting request 509191 from home:KGronlund:branches:server:http
- Update to version 1.7.8:
  * BUG/MINOR: stream: flag TASK_WOKEN_RES not set if task in runqueue
  * BUG/MAJOR: cli: fix custom io_release was crushed by NULL.
  * BUG/MAJOR: map: fix segfault during 'show map/acl' on cli.
  * BUG/MAJOR: compression: Be sure to release the compression state in all cases
  * DOC: fix references to the section about time format.
  * BUG/MEDIUM: map/acl: fix unwanted flags inheritance.
  * BUG/MINOR: stream: Don't forget to remove CF_WAKE_ONCE flag on response channel
  * BUG/MINOR: http: Don't reset the transaction if there are still data to send
  * BUG/MEDIUM: filters: Be sure to call flt_end_analyze for both channels
  * BUG/MINOR: http: properly handle all 1xx informational responses

- Update to version 1.7.7:
  * BUG/MINOR: Wrong peer task expiration handling during synchronization processing.
  * BUG/MEDIUM: http: Drop the connection establishment when a redirect is performed
  * BUG/MEDIUM: cfgparse: Check if tune.http.maxhdr is in the range 1..32767
  * DOC: fix references to the section about the unix socket
  * BUG/MINOR: log: pin the front connection when front ip/ports are logged

OBS-URL: https://build.opensuse.org/request/show/509191
OBS-URL: https://build.opensuse.org/package/show/server:http/haproxy?expand=0&rev=148
2017-07-14 07:24:47 +00:00
67274980c0 Accepting request 504548 from home:KGronlund:branches:server:http
- Update to version 1.7.6:
  * DOC: changed "block"(deprecated) examples to http-request deny
  * DOC: add few comments to examples.
  * DOC: update sample code for PROXY protocol
  * DOC: mention lighttpd 1.4.46 implements PROXY
  * DOC: stick-table is available in frontend sections
  * BUG/MINOR: dns: Wrong address family used when creating IPv6 sockets.
  * BUG/MINOR: config: missing goto out after parsing an incorrect ACL character
  * BUG/MINOR: arg: don't try to add an argument on failed memory allocation
  * BUG/MEDIUM: arg: ensure that we properly unlink unresolved arguments on error
  * BUG/MEDIUM: acl: don't free unresolved args in prune_acl_expr()
  * MINOR: lua: ensure the memory allocator is used all the time
  * CLEANUP: logs: typo: simgle => single
  * BUG/MEDIUM: acl: proprely release unused args in prune_acl_expr()
  * BUG/MAJOR: Use -fwrapv.
  * BUG/MINOR: server: don't use "proxy" when px is really meant.
  * BUG/MINOR: server: missing default server 'resolvers' setting duplication.
  * DOC: add layer 4 links/cross reference to "block" keyword.
  * DOC: errloc/errorloc302/errorloc303 missing status codes.
  * BUG/MEDIUM: lua: memory leak
  * MEDIUM: config: don't check config validity when there are fatal errors
  * BUG/MINOR: hash-balance-factor isn't effective in certain circumstances
  * MINOR/DOC: lua: just precise one thing
  * BUG/MINOR: http: Fix conditions to clean up a txn and to handle the next request
  * DOC: update RFC references
  * BUG/MINOR: checks: don't send proxy protocol with agent checks
  * BUG/MEDIUM: lua: segfault if a converter or a sample doesn't return anything
  * BUG/MAJOR: http: call manage_client_side_cookies() before erasing the buffer
  * BUG/MINOR: buffers: Fix bi/bo_contig_space to handle full buffers
  * BUG/MINOR: acls: Set the right refflag when patterns are loaded from a map

OBS-URL: https://build.opensuse.org/request/show/504548
OBS-URL: https://build.opensuse.org/package/show/server:http/haproxy?expand=0&rev=147
2017-06-19 15:03:13 +00:00
e0ccc65b5d Accepting request 493447 from home:KGronlund:branches:server:http
- Update to version 1.7.5:
  * BUG/MEDIUM: peers: fix buffer overflow control in intdecode.
  * BUG/MEDIUM: buffers: Fix how input/output data are injected into buffers
  * BUG/MEDIUM: http: Fix blocked HTTP/1.0 responses when compression is enabled
  * BUG/MINOR: filters: Don't force the stream's wakeup when we wait in flt_end_analyze
  * MINOR: config parsing: add warning when log-format/tcplog/httplog is overriden in "defaults" sections

OBS-URL: https://build.opensuse.org/request/show/493447
OBS-URL: https://build.opensuse.org/package/show/server:http/haproxy?expand=0&rev=146
2017-05-08 14:57:05 +00:00
6fdf47da4f Accepting request 483306 from home:KGronlund:branches:server:http
- Update to version 1.7.4:
  * MINOR: config: warn when some HTTP rules are used in a TCP proxy
  * BUG/MINOR: spoe: Fix soft stop handler using a specific id for spoe filters
  * BUG/MINOR: spoe: Fix parsing of arguments in spoe-message section
  * BUG/MEDIUM: ssl: Clear OpenSSL error stack after trying to parse OCSP file
  * BUG/MEDIUM: cli: Prevent double free in CLI ACL lookup
  * BUG/MINOR: Fix "get map <map> <value>" CLI command
  * BUG/MAJOR: connection: update CO_FL_CONNECTED before calling the data layer
  * BUG/MEDIUM: ssl: switchctx should not return SSL_TLSEXT_ERR_ALERT_WARNING
  * BUG/MINOR: checks: attempt clean shutw for SSL check
  * BUG/MEDIUM: listener: do not try to rebind another process' socket
  * BUG/MEDIUM: filters: Fix channels synchronization in flt_end_analyze
  * BUG/MAJOR: stream-int: do not depend on connection flags to detect connection
  * BUG/MEDIUM: connection: ensure to always report the end of handshakes
  * BUG: payload: fix payload not retrieving arbitrary lengths
  * BUG/MAJOR: http: fix typo in http_apply_redirect_rule
  * BUG/MEDIUM: stream: fix client-fin/server-fin handling
  * MINOR: fd: add a new flag HAP_POLL_F_RDHUP to struct poller
  * BUG/MINOR: raw_sock: always perfom the last recv if RDHUP is not available
  * DOC/MINOR: Fix typos in proxy protocol doc
  * DOC: Protocol doc: add checksum, TLV type ranges
  * DOC: Protocol doc: add SSL TLVs, rename CHECKSUM
  * DOC: Protocol doc: add noop TLV
  * MEDIUM: global: add a 'hard-stop-after' option to cap the soft-stop time
  * BUG/MINOR: cfgparse: loop in tracked servers lists not detected by check_config_validity().
  * MINOR: server: irrelevant error message with 'default-server' config file keyword.
  * MINOR: doc: fix use-server example (imap vs mail)
  * BUG/MEDIUM: tcp: don't require privileges to bind to device

OBS-URL: https://build.opensuse.org/request/show/483306
OBS-URL: https://build.opensuse.org/package/show/server:http/haproxy?expand=0&rev=145
2017-03-29 13:00:07 +00:00
d13203d52b Accepting request 460842 from home:KGronlund:branches:server:http
- Update to version 1.7.3:
  * BUG/MINOR: stream: Fix how backend-specific analyzers are set on a stream
  * BUG/MEDIUM: tcp: don't poll for write when connect() succeeds
  * BUG/MINOR: unix: fix connect's polling in case no data are scheduled
  * BUG/MINOR: lua: Map.end are not reliable because "end" is a reserved keyword
  * MINOR: dns: give ability to dns_init_resolvers() to close a socket when requested
  * BUG/MAJOR: dns: restart sockets after fork()
  * MINOR: chunks: implement a simple dynamic allocator for trash buffers
  * BUG/MEDIUM: http: prevent redirect from overwriting a buffer
  * BUG/MEDIUM: filters: Do not truncate HTTP response when body length is undefined
  * BUG/MEDIUM: http: Prevent replace-header from overwriting a buffer
  * BUG/MINOR: http: Return an error when a replace-header rule failed on the response
  * BUG/MINOR: sendmail: The return of vsnprintf is not cleanly tested
  * BUG/MAJOR: lua segmentation fault when the request is like 'GET ?arg=val HTTP/1.1'
  * BUG/MEDIUM: config: reject anything but "if" or "unless" after a use-backend rule
  * MINOR: http: don't close when redirect location doesn't start with "/"

OBS-URL: https://build.opensuse.org/request/show/460842
OBS-URL: https://build.opensuse.org/package/show/server:http/haproxy?expand=0&rev=144
2017-02-28 13:08:50 +00:00
205356b9f7 Accepting request 453453 from home:KGronlund:branches:server:http
- Update to version 1.7.2:
  * BUG/MEDIUM: lua: In some case, the return of sample-fetches is ignored (2)
  * BUG/MINOR: stream-int: automatically release SI_FL_WAIT_DATA on SHUTW_NOW
  * DOC: lua: documentation about time parser functions
  * DOC: lua: section declared twice
  * BUG/MINOR: lua/cli: bad error message
  * DOC: fix small typo in fe_id (backend instead of frontend)
  * BUG/MINOR: Fix the sending function in Lua's cosocket
  * BUG/MINOR: lua: memory leak executing tasks
  * BUG/MINOR: lua: bad return code
  * BUG/MEDIUM: ssl: properly reset the reused_sess during a forced handshake
  * BUG/MEDIUM: ssl: avoid double free when releasing bind_confs
  * BUG/MINOR: stats: fix be/sessions/current out in typed stats
  * BUG/MINOR: backend: nbsrv() should return 0 if backend is disabled
  * BUG/MEDIUM: ssl: for a handshake when server-side SNI changes
  * BUG/MINOR: systemd: potential zombie processes
  * DOC: Add timings events schemas
  * BUG/MINOR: option prefer-last-server must be ignored in some case
  * MINOR: stats: Support "select all" for backend actions
  * BUG/MINOR: sample-fetches/stick-tables: bad type for the sample fetches sc*_get_gpt0
  * BUG/MAJOR: channel: Fix the definition order of channel analyzers
  * BUG/MINOR: http: report real parser state in error captures
  * BUG/MAJOR: http: fix risk of getting invalid reports of bad requests
  * MINOR: http: custom status reason.
  * MINOR: connection: add sample fetch "fc_rcvd_proxy"
  * BUG/MINOR: config: emit a warning if http-reuse is enabled with incompatible options
  * BUG/MINOR: tools: fix off-by-one in port size check
  * BUG/MEDIUM: server: consider AF_UNSPEC as a valid address family
  * MEDIUM: server: split the address and the port into two different fields
  * MINOR: tools: make str2sa_range() return the port in a separate argument
  * MINOR: server: take the destination port from the port field, not the addr
  * MEDIUM: server: disable protocol validations when the server doesn't resolve
  * BUG/MEDIUM: tools: do not force an unresolved address to AF_INET:0.0.0.0
  * BUG/MINOR: ssl: EVP_PKEY must be freed after X509_get_pubkey usage
  * MINOR: proto_http.c 502 error txt typo.
  * DOC: add deprecation notice to "block"
  * BUG/MINOR: Reset errno variable before calling strtol(3)

OBS-URL: https://build.opensuse.org/request/show/453453
OBS-URL: https://build.opensuse.org/package/show/server:http/haproxy?expand=0&rev=142
2017-01-30 14:53:28 +00:00
61e04c2c81 - Update to version 1.7.1:
* BUG/MAJOR: stream: fix session abort on resource shortage
  * BUG/MINOR: cli: allow the backslash to be escaped on the CLI
  * BUG/MEDIUM: cli: fix "show stat resolvers" and "show tls-keys"
  * DOC: Fix map table's format
  * DOC: Added 51Degrees conv and fetch functions to documentation.
  * BUG/MINOR: http: don't send an extra CRLF after a Set-Cookie in a redirect
  * DOC: mention that req_tot is for both frontends and backends
  * BUG/MEDIUM: variables: some variable name can hide another ones
  * BUG/MINOR: stats: fix be/sessions/max output in html stats
  * MINOR: proxy: Add fe_name/be_name fetchers next to existing fe_id/be_id
  * DOC: lua: Documentation about some entry missing
  * MINOR: Do not forward the header "Expect: 100-continue" when the option http-buffer-request is set
  * DOC: Add undocumented argument of the trace filter
  * DOC: Fix some typo in SPOE documentation
  * BUG/MINOR: cli: be sure to always warn the cli applet when input buffer is full
  * MINOR: applet: Count number of (active) applets
  * MINOR: task: Rename run_queue and run_queue_cur counters
  * BUG/MEDIUM: stream: Save unprocessed events for a stream
  * BUG/MAJOR: Fix how the list of entities waiting for a buffer is handled
  * BUILD/MEDIUM: Fixing the build using LibreSSL
  * [RELEASE] Released version 1.7.1

OBS-URL: https://build.opensuse.org/package/show/server:http/haproxy?expand=0&rev=141
2016-12-24 02:37:37 +00:00
cafb4f7d34 Accepting request 444073 from home:KGronlund:branches:server:http
Fix source URL.

OBS-URL: https://build.opensuse.org/request/show/444073
OBS-URL: https://build.opensuse.org/package/show/server:http/haproxy?expand=0&rev=139
2016-12-06 11:34:56 +00:00
da47bd97cb Accepting request 443139 from home:KGronlund:branches:server:http
- Update to version 1.7.0:
  * BUG/MEDIUM: proxy: return "none" and "unknown" for unknown LB algos
  * BUG/MINOR: stats: make field_str() return an empty string on NULL
  * BUG/MEDIUM: http: Fix tunnel mode when the CONNECT method is used
  * BUG/MINOR: http: Keep the same behavior between 1.6 and 1.7 for tunneled txn
  * BUG/MINOR: filters: Protect args in macros HAS_DATA_FILTERS and IS_DATA_FILTER
  * BUG/MINOR: filters: Invert evaluation order of HTTP_XFER_BODY and XFER_DATA analyzers
  * BUG/MINOR: http: Call XFER_DATA analyzer when HTTP txn is switched in tunnel mode

OBS-URL: https://build.opensuse.org/request/show/443139
OBS-URL: https://build.opensuse.org/package/show/server:http/haproxy?expand=0&rev=138
2016-12-02 11:21:32 +00:00
Kristoffer Gronlund
0fce639874 Source as URL is not compatible with source as git repo.
OBS-URL: https://build.opensuse.org/package/show/server:http/haproxy?expand=0&rev=137
2016-11-02 17:54:13 +00:00
Kristoffer Gronlund
54bdf6f42d OBS-URL: https://build.opensuse.org/package/show/server:http/haproxy?expand=0&rev=136 2016-11-02 17:49:54 +00:00
Kristoffer Gronlund
2b9286edca Accepting request 438382 from home:KGronlund:branches:server:http
- Update to version 1.6.9+git.1477940904.ab45181 (fate#321723)
  * BUILD: poll: remove unused hap_fd_isset() which causes a warning with clang
  * MINOR: cfgparse: few memory leaks fixes.
  * MINOR: build: Allow linking to device-atlas library file
  * DOC: Fix typo in description of `-st` parameter in man page
  * BUG/MEDIUM: peers: on shutdown, wake up the appctx, not the stream
  * BUG/MEDIUM: peers: fix use after free in peer_session_create()
  * BUG/MEDIUM: systemd: let the wrapper know that haproxy has completed or failed
  * MINOR: systemd: report it when execve() fails
  * BUG/MINOR: systemd: check return value of calloc()
  * BUG/MINOR: systemd: always restore signals before execve()
  * BUG/MINOR: systemd: make the wrapper return a non-null status code on error
  * BUG/MINOR: ssl: prevent multiple entries for the same certificate
  * BUG/MINOR: ssl: Check malloc return code
  * BUG/MINOR: vars: smp_fetch_var() doesn't depend on HTTP but on the session
  * BUG/MINOR: vars: make smp_fetch_var() more robust against misuses
  * BUG/MINOR: vars: use sess and not s->sess in action_store()
  * MEDIUM: make SO_REUSEPORT configurable
  * MINOR: Add fe_req_rate sample fetch
  * MINOR: show Running on zlib version
  * MINOR: show Built with PCRE version
  * BUG/MINOR: displayed PCRE version is running release

OBS-URL: https://build.opensuse.org/request/show/438382
OBS-URL: https://build.opensuse.org/package/show/server:http/haproxy?expand=0&rev=135
2016-11-02 17:11:57 +00:00
9ac841762e Accepting request 424127 from home:KGronlund:branches:server:http
- Update to 1.6.9
  - MINOR: cli: allow the semi-colon to be escaped on the CLI
  - BUG/MINOR: payload: fix SSLv2 version parser
  - BUG/MAJOR: stream: properly mark the server address as unset on connect retry
  - DOC: Updated 51Degrees readme.
  - BUG/MAJOR: stick-counters: possible crash when using sc_trackers with wrong table
  - BUG/MINOR: peers: empty chunks after a resync.
  - BUG/MINOR: peers: some updates are pushed twice after a resync.
  - MINOR: sample: use smp_make_rw() in upper/lower converters
  - BUG/MEDIUM: stick-table: properly convert binary samples to keys
  - BUG/MEDIUM: stick-tables: do not fail on string keys with no allocated size
  - BUG/MAJOR: server: the "sni" directive could randomly cause trouble
  - MINOR: sample: provide smp_is_rw() and smp_make_rw()
  - MINOR: sample: implement smp_is_safe() and smp_make_safe()
  - BUG/MEDIUM: samples: make smp_dup() always duplicate the sample
  - BUG/MAJOR: compression: initialize avail_in/next_in even during flush
  - BUILD: make proto_tcp.c compatible with musl library
  - DOC: minor typo fixes to improve HTML parsing by haproxy-dconv
  - BUG/MEDIUM: stream-int: completely detach connection on connect error
  - BUG/MEDIUM: lua: somme HTTP manipulation functions are called without valid requests
  - DOC: lua: remove old functions
  - BUG/MINOR: peers: Fix peers data decoding issue
  - BUG/MEDIUM: lua: the function txn_done() from action wrapper can crash
  - BUG/MEDIUM: lua: the function txn_done() from sample fetches can crash

OBS-URL: https://build.opensuse.org/request/show/424127
OBS-URL: https://build.opensuse.org/package/show/server:http/haproxy?expand=0&rev=132
2016-09-01 13:11:23 +00:00
c2f35e8c56 - update to 1.6.7
OBS-URL: https://build.opensuse.org/package/show/server:http/haproxy?expand=0&rev=131
2016-07-19 01:55:50 +00:00
55e4255fc5 - pull patches from git to fix some important issues:
0001-BUG-MAJOR-fix-listening-IP-address-storage-for-front.patch
  0002-BUG-MINOR-fix-listening-IP-address-storage-for-front.patch
  0003-DOC-Fix-typo-so-fetch-is-properly-parsed-by-Cyril-s-.patch
  0004-BUG-MAJOR-http-fix-breakage-of-reqdeny-causing-rando.patch
  0005-BUG-MEDIUM-stick-tables-fix-breakage-in-table-conver.patch
  0006-BUG-MEDIUM-dns-unbreak-DNS-resolver-after-header-fix.patch
  0007-BUILD-fix-build-on-Solaris-11.patch
  0008-CLEANUP-connection-fix-double-negation-on-memcmp.patch
  0009-BUG-MEDIUM-stats-show-servers-state-may-show-an-serv.patch
  0010-BUG-MEDIUM-fix-risk-of-segfault-with-show-tls-keys.patch
  0011-BUG-MEDIUM-sticktables-segfault-in-some-configuratio.patch
  0012-BUG-MEDIUM-lua-converters-doesn-t-work.patch
  0013-BUG-MINOR-http-add-header-header-name-copied-twice.patch
  0014-BUG-MEDIUM-http-add-header-buffer-overwritten.patch

OBS-URL: https://build.opensuse.org/package/show/server:http/haproxy?expand=0&rev=129
2016-06-09 12:56:55 +00:00
1eab77f05f - update to 1.6.5
OBS-URL: https://build.opensuse.org/package/show/server:http/haproxy?expand=0&rev=128
2016-05-10 14:53:24 +00:00
507d800e36 - update to 1.6.4
OBS-URL: https://build.opensuse.org/package/show/server:http/haproxy?expand=0&rev=127
2016-03-14 02:47:18 +00:00
Kristoffer Gronlund
606affff1c Accepting request 353085 from home:conecenter:branches:server:http
- update to 1.6.3

OBS-URL: https://build.opensuse.org/request/show/353085
OBS-URL: https://build.opensuse.org/package/show/server:http/haproxy?expand=0&rev=126
2016-01-11 14:46:52 +00:00
e7412317a3 - on sle11 we still need to own /etc/apparmor.d/local
OBS-URL: https://build.opensuse.org/package/show/server:http/haproxy?expand=0&rev=125
2015-11-21 01:36:28 +00:00
509735af61 - instead of owning the apparmor directories, BR apparmor-profiles.
OBS-URL: https://build.opensuse.org/package/show/server:http/haproxy?expand=0&rev=124
2015-11-21 01:15:34 +00:00
caf6874175 - fix link to tarball
OBS-URL: https://build.opensuse.org/package/show/server:http/haproxy?expand=0&rev=123
2015-11-10 14:50:35 +00:00
873fbe6a22 - update to 1.6.2
- BUILD: ssl: fix build error introduced in commit 7969a3 with
    OpenSSL < 1.0.0
  - DOC: fix a typo for a "deviceatlas" keyword
  - FIX: small typo in an example using the "Referer" header
  - BUG/MEDIUM: config: count memory limits on 64 bits, not 32
  - BUG/MAJOR: dns: first DNS response packet not matching queried
    hostname may lead to a loop
  - BUG/MINOR: dns: unable to parse CNAMEs response
  - BUG/MINOR: examples/haproxy.init: missing brace in
    quiet_check()
  - DOC: deviceatlas: more example use cases.
  - BUG/BUILD: replace haproxy-systemd-wrapper with $(EXTRA) in
    install-bin.
  - BUG/MAJOR: http: don't requeue an idle connection that is
    already queued
  - DOC: typo on capture.res.hdr and capture.req.hdr
  - BUG/MINOR: dns: check for duplicate nameserver id in a
    resolvers section was missing
  - CLEANUP: use direction names in place of numeric values
  - BUG/MEDIUM: lua: sample fetches based on response doesn't work
- drop haproxy-1.6.0-ssl-098.patch: included upstream

OBS-URL: https://build.opensuse.org/package/show/server:http/haproxy?expand=0&rev=122
2015-11-03 12:04:29 +00:00
a0ac0e2dfc - update to 1.6.1
- DOC: specify that stats socket doc (section 9.2) is in
    management
  - BUILD: install only relevant and existing documentation
  - CLEANUP: don't ignore debian/ directory if present
  - BUG/MINOR: dns: parsing error of some DNS response
  - BUG/MEDIUM: namespaces: don't fail if no namespace is used
  - BUG/MAJOR: ssl: free the generated SSL_CTX if the LRU cache is
    disabled
  - MEDIUM: dns: Don't use the ANY query type
- drop haproxy-1.6.0-ssl.crash.patch included in update

OBS-URL: https://build.opensuse.org/package/show/server:http/haproxy?expand=0&rev=121
2015-10-22 10:25:40 +00:00
4ee640c9c5 - add haproxy-1.6.0-ssl-098.patch:
fix building on openssl 0.9.8

OBS-URL: https://build.opensuse.org/package/show/server:http/haproxy?expand=0&rev=120
2015-10-19 16:16:21 +00:00
e8450b8cfb - added haproxy-1.6.0-ssl.crash.patch: fix SNI related crash
OBS-URL: https://build.opensuse.org/package/show/server:http/haproxy?expand=0&rev=119
2015-10-16 17:18:31 +00:00
76bbbc310e - only use network namespace support on distros newer than 13.2
OBS-URL: https://build.opensuse.org/package/show/server:http/haproxy?expand=0&rev=118
2015-10-15 23:25:07 +00:00
3d2a7368d4 - update to 1.6.0
- drop patches we pulled from upstream git:
  0001-BUG-MINOR-log-missing-some-ARGC_-entries-in-fmt_dire.patch
  0002-DOC-usesrc-root-privileges-requirements.patch
  0003-BUILD-ssl-Allow-building-against-libssl-without-SSLv.patch
  0004-DOC-MINOR-fix-OpenBSD-versions-where-haproxy-works.patch
  0005-BUG-MINOR-http-sample-gmtime-localtime-can-fail.patch
  0006-DOC-typo-in-redirect-302-code-meaning.patch
  0007-DOC-mention-that-ms-is-left-padded-with-zeroes.patch
  0008-CLEANUP-.gitignore-ignore-more-test-files.patch
  0009-CLEANUP-.gitignore-finally-ignore-everything-but-wha.patch
  0010-MEDIUM-config-emit-a-warning-on-a-frontend-without-l.patch
  0011-BUG-MEDIUM-counters-ensure-that-src_-inc-clr-_gpc0-c.patch
  0012-DOC-ssl-missing-LF.patch
  0013-DOC-fix-example-of-http-request-using-ssl_fc_session.patch
  0014-BUG-MINOR-http-remove-stupid-HTTP_METH_NONE-entry.patch
  0015-BUG-MAJOR-http-don-t-call-http_send_name_header-afte.patch
- refresh/redo patches to apply cleanly again:
  old: haproxy-1.2.16_config_haproxy_user.patch
  new: haproxy-1.6.0_config_haproxy_user.patch
  old: haproxy-makefile_lib.patch
  new: haproxy-1.6.0-makefile_lib.patch
  old: sec-options.patch
  new: haproxy-1.6.0-sec-options.patch
- added new haproxy.cfg to have a minimal config we can actually
  launch!
- drop patch haproxy-1.5.8-fix-bashisms.patch: patched files no
  longer exist
- drop haproxy.vim: we will use the copy which ships with the
  upstream tarball now.

OBS-URL: https://build.opensuse.org/package/show/server:http/haproxy?expand=0&rev=117
2015-10-15 09:38:17 +00:00
Dominique Leuenberger
26c4149063 Accepting request 329654 from network:ha-clustering:Factory
- Backport patches from upstream:
  - BUG/MINOR: http: remove stupid HTTP_METH_NONE entry
  - BUG/MAJOR: http: don't call http_send_name_header() after an error
- Add 0014-BUG-MINOR-http-remove-stupid-HTTP_METH_NONE-entry.patch
- Add 0015-BUG-MAJOR-http-don-t-call-http_send_name_header-afte.patch

- Backport patches from upstream:
  - BUG/MINOR: log: missing some ARGC_* entries in fmt_directives()
  - DOC: usesrc root privileges requirements
  - BUILD: ssl: Allow building against libssl without SSLv3.
  - DOC/MINOR: fix OpenBSD versions where haproxy works
  - BUG/MINOR: http/sample: gmtime/localtime can fail
  - DOC: typo in 'redirect', 302 code meaning
  - DOC: mention that %ms is left-padded with zeroes.
  - CLEANUP: .gitignore: ignore more test files
  - CLEANUP: .gitignore: finally ignore everything but what is known.
  - MEDIUM: config: emit a warning on a frontend without listener
  - BUG/MEDIUM: counters: ensure that src_{inc,clr}_gpc0 creates a missing entry
  - DOC: ssl: missing LF
  - DOC: fix example of http-request using ssl_fc_session_id
- Add 0001-BUG-MINOR-log-missing-some-ARGC_-entries-in-fmt_dire.patch
- Add 0002-DOC-usesrc-root-privileges-requirements.patch
- Add 0003-BUILD-ssl-Allow-building-against-libssl-without-SSLv.patch
- Add 0004-DOC-MINOR-fix-OpenBSD-versions-where-haproxy-works.patch
- Add 0005-BUG-MINOR-http-sample-gmtime-localtime-can-fail.patch
- Add 0006-DOC-typo-in-redirect-302-code-meaning.patch
- Add 0007-DOC-mention-that-ms-is-left-padded-with-zeroes.patch
- Add 0008-CLEANUP-.gitignore-ignore-more-test-files.patch
- Add 0009-CLEANUP-.gitignore-finally-ignore-everything-but-wha.patch
- Add 0010-MEDIUM-config-emit-a-warning-on-a-frontend-without-l.patch (forwarded request 329653 from KGronlund)

OBS-URL: https://build.opensuse.org/request/show/329654
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/haproxy?expand=0&rev=32
2015-09-08 15:45:55 +00:00
Stephan Kulow
bc4e2e452d Accepting request 315017 from network:ha-clustering:Factory
- Update to 1.5.14 (CVE-2015-3281) (bsc#937042)
  + BUILD/MINOR: tools: rename popcount to my_popcountl
  + BUG/MAJOR: buffers: make the buffer_slow_realign() function respect output data (forwarded request 315015 from KGronlund)

OBS-URL: https://build.opensuse.org/request/show/315017
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/haproxy?expand=0&rev=31
2015-07-05 16:03:07 +00:00
Dominique Leuenberger
6ef3b657c7 Accepting request 314323 from network:ha-clustering:Factory
1

OBS-URL: https://build.opensuse.org/request/show/314323
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/haproxy?expand=0&rev=30
2015-06-30 08:19:18 +00:00
Dominique Leuenberger
bc564798e8 Accepting request 309522 from network:ha-clustering:Factory
1

OBS-URL: https://build.opensuse.org/request/show/309522
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/haproxy?expand=0&rev=29
2015-06-02 08:08:16 +00:00
Dominique Leuenberger
4341af3d61 Accepting request 305164 from network:ha-clustering:Factory
1

OBS-URL: https://build.opensuse.org/request/show/305164
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/haproxy?expand=0&rev=28
2015-05-04 22:55:48 +00:00
Dominique Leuenberger
20b0b77293 Accepting request 298279 from network:ha-clustering:Factory
1

OBS-URL: https://build.opensuse.org/request/show/298279
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/haproxy?expand=0&rev=27
2015-04-21 23:19:28 +00:00
Dominique Leuenberger
7e05bbad57 Accepting request 294149 from network:ha-clustering:Factory
1

OBS-URL: https://build.opensuse.org/request/show/294149
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/haproxy?expand=0&rev=26
2015-04-07 07:29:14 +00:00
Dominique Leuenberger
55a8adac48 Accepting request 290035 from network:ha-clustering:Factory
1

OBS-URL: https://build.opensuse.org/request/show/290035
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/haproxy?expand=0&rev=25
2015-03-11 08:58:15 +00:00
Dominique Leuenberger
f9f3980388 Accepting request 286482 from network:ha-clustering:Factory
1

OBS-URL: https://build.opensuse.org/request/show/286482
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/haproxy?expand=0&rev=24
2015-02-18 10:39:34 +00:00
Dominique Leuenberger
19468e40d2 Accepting request 283856 from network:ha-clustering:Factory
1

OBS-URL: https://build.opensuse.org/request/show/283856
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/haproxy?expand=0&rev=23
2015-02-03 14:35:26 +00:00
Dominique Leuenberger
e34dc6d53d Accepting request 280162 from network:ha-clustering:Factory
1

OBS-URL: https://build.opensuse.org/request/show/280162
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/haproxy?expand=0&rev=22
2015-01-08 22:02:32 +00:00
Dominique Leuenberger
087642f75c Accepting request 263108 from network:ha-clustering:Factory
1

OBS-URL: https://build.opensuse.org/request/show/263108
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/haproxy?expand=0&rev=21
2014-11-26 19:55:40 +00:00
Dominique Leuenberger
aa795aba83 Accepting request 262856 from network:ha-clustering:Factory
1

OBS-URL: https://build.opensuse.org/request/show/262856
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/haproxy?expand=0&rev=20
2014-11-26 09:33:24 +00:00