SHA256
1
0
forked from pool/haproxy
Commit Graph

132 Commits

Author SHA256 Message Date
Dominique Leuenberger
349d1d5262 Accepting request 674410 from server:http
OBS-URL: https://build.opensuse.org/request/show/674410
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/haproxy?expand=0&rev=69
2019-02-14 13:32:25 +00:00
Kristoffer Gronlund
eac5c83514 Accepting request 673401 from home:KGronlund:branches:server:http
- Update to version 1.8.19~git0.ebf033b4:
  * [RELEASE] Released version 1.8.19
  * BUG/MINOR: config: Reinforce validity check when a process number is parsed
  * BUG/MAJOR: stream: avoid double free on unique_id
  * BUG/MAJOR: spoe: Don't try to get agent config during SPOP healthcheck
  * BUG/MEDIUM: server: initialize the idle conns list after parsing the config
  * BUG/MEDIUM: spoe: initialization depending on nbthread must be done last
  * BUG/MINOR: lua: initialize the correct idle conn lists for the SSL sockets
  * BUG/MINOR: spoe: do not assume agent->rt is valid on exit
  * DOC: ssl: Stop documenting ciphers example to use
  * DOC: ssl: Clarify when pre TLSv1.3 cipher can be used
  * [RELEASE] Released version 1.8.18
  * BUG/MINOR: config: make sure to count the error on incorrect track-sc/stick rules
  * BUG/MAJOR: spoe: verify that backends used by SPOE cover all their callers' processes
  * BUG/MAJOR: config: verify that targets of track-sc and stick rules are present
  * BUG/MINOR: config: fix bind line thread mask validation
  * BUG/MEDIUM: stream: Don't forget to free s->unique_id in stream_free().
  * BUG/MEDIUM: mux-h2: do not close the connection on aborted streams
  * MINOR: connstream: have a new flag CS_FL_KILL_CONN to kill a connection
  * MINOR: stream-int: add a new flag to mention that we want the connection to be killed
  * MINOR: stream-int: expand the flags to 32-bit
  * BUG/MEDIUM: mux-h2: wait for the mux buffer to be empty before closing the connection
  * BUG/MEDIUM: mux-h2: make sure never to send GOAWAY on too old streams
  * BUG/MEDIUM: mux-h2: fix two half-closed to closed transitions
  * BUG/MEDIUM: mux-h2: wake up flow-controlled streams on initial window update
  * MINOR: xref: Add missing barriers.
  * BUG/MINOR: stream: don't close the front connection when facing a backend error
  * SCRIPTS: add the issue tracker URL to the announce script
  * SCRIPTS: add the slack channel URL to the announce script
  * BUG/MINOR: deinit: tcp_rep.inspect_rules not deinit, add to deinit

OBS-URL: https://build.opensuse.org/request/show/673401
OBS-URL: https://build.opensuse.org/package/show/server:http/haproxy?expand=0&rev=180
2019-02-13 08:21:04 +00:00
Dominique Leuenberger
fb2b24316a Accepting request 664293 from server:http
OBS-URL: https://build.opensuse.org/request/show/664293
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/haproxy?expand=0&rev=68
2019-01-11 13:04:56 +00:00
Kristoffer Gronlund
18d563cd4b Accepting request 664292 from home:KGronlund:branches:server:http
- Update to version 1.8.17~git0.e89d25b2 (bsc#1121283) (CVE-2018-20615):
  * BUG/CRITICAL: mux-h2: re-check the frame length when PRIORITY is used
  * BUG/MEDIUM: lua: dead lock when Lua tasks are trigerred
  * BUG/MINOR: lua: bad args are returned for Lua actions
  * BUG/MINOR: lua: Return an error if a legacy HTTP applet doesn't send anything
  * BUG/MEDIUM: cli: make "show sess" really thread-safe
  * MINOR: stream/cli: report more info about the HTTP messages on "show sess all"
  * MINOR: stream/cli: fix the location of the waiting flag in "show sess all"
  * MINOR: lb: allow redispatch when using consistent hash
  * BUG/MEDIUM: server: Also copy "check-sni" for server templates.
  * BUG/MEDIUM: mux-h2: mark that we have too many CS once we have more than the max
  * MINOR: mux-h2: only increase the connection window with the first update
  * BUG/MAJOR: stream-int: Update the stream expiration date in stream_int_notify()
  * BUG/MEDIUM: dns: overflowed dns name start position causing invalid dns error
  * BUG/MEDIUM: dns: Don't prevent reading the last byte of the payload in dns_validate_response()
  * BUG/MINOR: logs: leave startup-logs global and not per-thread

OBS-URL: https://build.opensuse.org/request/show/664292
OBS-URL: https://build.opensuse.org/package/show/server:http/haproxy?expand=0&rev=179
2019-01-10 08:51:30 +00:00
Dominique Leuenberger
61f7284fdb Accepting request 658885 from server:http
OBS-URL: https://build.opensuse.org/request/show/658885
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/haproxy?expand=0&rev=67
2018-12-18 13:58:57 +00:00
Kristoffer Gronlund
37083beefe Accepting request 658884 from home:KGronlund:branches:server:http
- Update to version 1.8.15~git0.6b6a350a: (bsc#1119419) (CVE-2018-20103) (VUL-0) (bsc#1119368) (CVE-2018-20102)
  * DOC: Update configuration doc about the maximum number of stick counters.
  * BUG: dns: Fix off-by-one write in dns_validate_dns_response()
  * BUG: dns: Fix out-of-bounds read via signedness error in dns_validate_dns_response()
  * BUG: dns: Prevent out-of-bounds read in dns_validate_dns_response()
  * BUG: dns: Prevent out-of-bounds read in dns_read_name()
  * BUG: dns: Prevent stack-exhaustion via recursion loop in dns_read_name
  * DOC: refer to check-sni in the documentation of sni
  * DOC: clarify that check-sni needs an argument.
  * MINOR: servers: Free [idle|safe|priv]_conns on exit.
  * MINOR: stats: report the number of active jobs and listeners in "show info"
  * BUG/MINOR: mux-h2: advertise a larger connection window size
  * BUG/MINOR: mux-h2: refrain from muxing during the preface
  * BUG/MINOR: hpack: fix off-by-one in header name encoding length calculation
  * BUG/MEDIUM: sample: Don't treat SMP_T_METH as SMP_T_STR.
  * BUG/MINOR: lb-map: fix unprotected update to server's score
  * BUG/MINOR: cfgparse: Fix the call to post parser of the last sections parsed
  * BUG/MINOR: cfgparse: Fix transition between 2 sections with the same name
  * BUG/MINOR: ssl: ssl_sock_parse_clienthello ignores session id
  * BUG/MEDIUM: hpack: fix encoding of "accept-ranges" field
  * BUG/MINOR: config: Copy default error messages when parsing of a backend starts
  * BUG/MEDIUM: Make sure stksess is properly aligned.
  * BUG/MINOR: config: better detect the presence of the h2 pattern in npn/alpn
  * BUG/MEDIUM: auth/threads: use of crypt() is not thread-safe
  * BUG/MAJOR: http: http_txn_get_path() may deference an inexisting buffer
  * BUG/MINOR: only auto-prefer last server if lb-alg is non-deterministic
  * BUG/MINOR: only mark connections private if NTLM is detected
  * DOC: cache: Missing information about "total-max-size"
  * BUG/MINOR: ssl: Wrong usage of shctx_init().
  * BUG/MINOR: cache: Wrong usage of shctx_init().

OBS-URL: https://build.opensuse.org/request/show/658884
OBS-URL: https://build.opensuse.org/package/show/server:http/haproxy?expand=0&rev=178
2018-12-17 10:05:47 +00:00
Dominique Leuenberger
6c8f1be5bc Accepting request 638409 from server:http
OBS-URL: https://build.opensuse.org/request/show/638409
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/haproxy?expand=0&rev=66
2018-09-28 06:53:14 +00:00
Kristoffer Gronlund
3696cb6079 Accepting request 638408 from home:KGronlund:branches:server:http
* BUG/MEDIUM: cache: don't cache when an Authorization header is present (VUL-1) (bsc#1094846) (CVE-2018-11469)

OBS-URL: https://build.opensuse.org/request/show/638408
OBS-URL: https://build.opensuse.org/package/show/server:http/haproxy?expand=0&rev=177
2018-09-26 14:03:33 +00:00
Kristoffer Gronlund
1a550b1bb7 Accepting request 638327 from home:KGronlund:branches:server:http
- Update to version 1.8.14~git0.52e4d43b: (bsc#1108683) (CVE-2018-14645)

OBS-URL: https://build.opensuse.org/request/show/638327
OBS-URL: https://build.opensuse.org/package/show/server:http/haproxy?expand=0&rev=176
2018-09-26 06:40:40 +00:00
9aa8092ed2 - also fix the systemd case for the apparmor_reload change
OBS-URL: https://build.opensuse.org/package/show/server:http/haproxy?expand=0&rev=175
2018-09-20 13:06:28 +00:00
17536a11cb - only reload the apparmor profile on newer distros, seems older
distros do not have apparmor-rpm-macros yet

- only use network namespaces on 12.x and newer, failed to build on
  sle11

- guard all parts referring to systemd to fix build on sle 11

OBS-URL: https://build.opensuse.org/package/show/server:http/haproxy?expand=0&rev=174
2018-09-20 12:51:25 +00:00
414daf069f - Update to version 1.8.14~git0.52e4d43b:
OBS-URL: https://build.opensuse.org/package/show/server:http/haproxy?expand=0&rev=173
2018-09-20 12:36:21 +00:00
Dominique Leuenberger
5d2dc28ce1 Accepting request 630825 from server:http
OBS-URL: https://build.opensuse.org/request/show/630825
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/haproxy?expand=0&rev=65
2018-08-22 12:22:32 +00:00
Marguerite Su
518d1cfede Accepting request 630511 from home:KGronlund:branches:server:http
- Require apparmor-abstractions to reduce dependencies (bsc#1100787)

OBS-URL: https://build.opensuse.org/request/show/630511
OBS-URL: https://build.opensuse.org/package/show/server:http/haproxy?expand=0&rev=172
2018-08-22 03:07:29 +00:00
Dominique Leuenberger
b4b5ca508c Accepting request 629892 from server:http
OBS-URL: https://build.opensuse.org/request/show/629892
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/haproxy?expand=0&rev=64
2018-08-17 22:06:17 +00:00
a35d5cdebd Accepting request 629492 from home:KGronlund:branches:server:http
- Update to version 1.8.13~git4.c1bfcd00:
  * MINOR: dns: new DNS options to allow/prevent IP address duplication
  * MINOR: dns: fix wrong score computation in dns_get_ip_from_response
  * BUG/MEDIUM: queue: prevent a backup server from draining the proxy's connections
  * BUG/MEDIUM: servers: check the queues once enabling a server
  * MEDIUM: proxy_protocol: Convert IPs to v6 when protocols are mixed
  * BUG/MEDIUM: threads: unbreak "bind" referencing an incorrect thread number
  * MINOR: threads: move "nbthread" parsing to hathreads.c
  * BUG/MEDIUM: threads: properly fix nbthreads == MAX_THREADS
  * BUG/MINOR: threads: Handle nbthread == MAX_THREADS.
  * BUG/MINOR: config: stick-table is not supported in defaults section
  * BUG/MEDIUM: h2: prevent orphaned streams from blocking a connection forever
  * BUG/MEDIUM: threads/sync: use sched_yield when available
  * BUG/MINOR: servers: Don't make "server" in a frontend fatal.
  * BUG/MEDIUM: stats: don't ask for more data as long as we're responding
  * BUG/MEDIUM: stream-int: don't immediately enable reading when the buffer was reportedly full
  * MINOR: h2: add the error code and the max/last stream IDs to "show fd"
  * BUG/MEDIUM: threads: Fix the exit condition of the thread barrier
  * MINOR: debug: Add checks for conn_stream flags
  * MINOR: debug: Add check for CO_FL_WILL_UPDATE
  * BUG/MINOR: http: Set brackets for the unlikely macro at the right place
  * BUG/MEDIUM: h2: make sure the last stream closes the connection after a timeout
  * BUG/MEDIUM: h2: never leave pending data in the output buffer on close
  * BUG/MEDIUM: h2: don't accept new streams if conn_streams are still in excess
  * MINOR: h2: add the mux and demux buffer lengths on "show fd"
  * MINOR: h2: keep a count of the number of conn_streams attached to the mux
  * BUG/MINOR: h2: remove accidental debug code introduced with show_fd function
  * MINOR: h2: implement a basic "show_fd" function
  * MINOR: mux: add a "show_fd" function to dump debugging information for "show fd"
  * BUG/MINOR: ssl: properly ref-count the tls_keys entries

OBS-URL: https://build.opensuse.org/request/show/629492
OBS-URL: https://build.opensuse.org/package/show/server:http/haproxy?expand=0&rev=171
2018-08-17 10:25:29 +00:00
Dominique Leuenberger
694032f3a0 Accepting request 621110 from server:http
Automatic submission by obs-autosubmit

OBS-URL: https://build.opensuse.org/request/show/621110
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/haproxy?expand=0&rev=63
2018-07-06 08:47:48 +00:00
7021702e8c Accepting request 619431 from home:KGronlund:branches:server:http
- Update to version 1.8.12~git0.8a200c71:
  * MINOR: stick-tables: make stktable_release() do nothing on NULL
  * BUG/MAJOR: stick_table: Complete incomplete SEGV fix

- Update to version 1.8.11~git0.1d6ef58d:
  * BUG/BUILD: threads: unbreak build without threads
  * BUG/MAJOR: Stick-tables crash with segfault when the key is not in the stick-table

OBS-URL: https://build.opensuse.org/request/show/619431
OBS-URL: https://build.opensuse.org/package/show/server:http/haproxy?expand=0&rev=170
2018-06-28 10:29:17 +00:00
Dominique Leuenberger
e501e6b89c Accepting request 618961 from server:http
OBS-URL: https://build.opensuse.org/request/show/618961
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/haproxy?expand=0&rev=62
2018-06-27 08:21:30 +00:00
Marguerite Su
1f5050c4b7 Accepting request 618843 from home:KGronlund:branches:server:http
- Update to version 1.8.10~git0.ec17d7a9:
  * MINOR: threads: Be sure to remove threads from all_threads_mask on exit
  * BUG/MEDIUM: threads: Use the sync point to check active jobs and exit
  * BUG/MEDIUM: fd: Don't modify the update_mask in fd_dodelete().
  * BUG/MAJOR: ssl: OpenSSL context is stored in non-reserved memory slot
  * BUG/MAJOR: ssl: Random crash with cipherlist capture
  * BUG/MINOR: lua: Segfaults with wrong usage of types.
  * BUG/MAJOR: map: fix a segfault when using http-request set-map
  * MINOR: lua: Increase debug information
  * BUG/MINOR: signals: ha_sigmask macro for multithreading
  * BUG/MINOR: don't ignore SIG{BUS,FPE,ILL,SEGV} during signal processing
  * BUG/MEDIUM: threads: handle signal queue only in thread 0
  * BUG/MINOR: unix: Make sure we can transfer abns sockets on seamless reload.
  * BUG/MINOR: contrib/modsecurity: update pointer on the end of the frame
  * BUG/MINOR: contrib/mod_defender: update pointer on the end of the frame
  * BUG/MINOR: contrib/modsecurity: Don't reset the status code during disconnect
  * BUG/MINOR: contrib/mod_defender: Don't reset the status code during disconnect
  * BUG/MINOR: contrib/spoa_example: Don't reset the status code during disconnect
  * MAJOR: spoe: upgrade the SPOP version to 2.0 and remove the support for 1.0
  * BUG/MEDIUM: lua/socket: Buffer error, may segfault
  * BUG/MEDIUM: lua/socket: Sheduling error on write: may dead-lock
  * BUG/MEDIUM: lua/socket: Notification error
  * BUG/MAJOR: lua: Dead lock with sockets
  * BUG/MEDIUM: lua/socket: wrong scheduling for sockets
  * MINOR: task/notification: Is notifications registered ?
  * BUG/MEDIUM: spoe: Return an error when the wrong ACK is received in sync mode
  * BUG/MEDIUM: stick-tables: Decrement ref_cnt in table_* converters
  * BUG/MEDIUM: lua/socket: Length required read doesn't work
  * BUG/MEDIUM: servers: Add srv_addr default placeholder to the state file
  * BUG/MEDIUM: fd: Only check update_mask against all_threads_mask.

OBS-URL: https://build.opensuse.org/request/show/618843
OBS-URL: https://build.opensuse.org/package/show/server:http/haproxy?expand=0&rev=169
2018-06-25 13:00:57 +00:00
Dominique Leuenberger
c7ce63317f Accepting request 612871 from server:http
- Update to version 1.8.9~git9.6d82e611:
  * BUG/MEDIUM: cache: don't cache when an Authorization header is present (VUL-1) (bsc#1094846)
  * BUG/MEDIUM: dns: Delay the attempt to run a DNS resolution on check failure.
  * BUG/MINOR: ssl/lua: prevent lua from affecting automatic maxconn computation
  * BUG/MEDIUM: contrib/modsecurity: Use network order to encode/decode flags
  * BUG/MEDIUM: contrib/mod_defender: Use network order to encode/decode flags
  * BUG/MEDIUM: spoe: Flags are not encoded in network order
  * BUG/MINOR: lua: Socket.send threw runtime error: 'close' needs 1 arguments.
  * BUG/MINOR: spoe: Mistake in error message about SPOE configuration
  * BUG/MEDIUM: ssl: properly protect SSL cert generation
  * BUG/MEDIUM: pollers: Use a global list for fd shared between threads.
  * BUG/MEDIUM: http: don't always abort transfers on CF_SHUTR
  * BUG/MINOR: lua: ensure large proxy IDs can be represented
  * BUG/MINOR: lua: schedule socket task upon lua connect()
  * BUG/MEDIUM: task: Don't free a task that is about to be run.
  * BUG/MINOR: map: correctly track reference to the last ref_elt being dumped
  * DOC/MINOR: clean up LUA documentation re: servers & array/table.
  * BUG/MINOR: lua: Put tasks to sleep when waiting for data
  * BUG/MEDIUM: threads: Fix the sync point for more than 32 threads
  * BUG/MINOR: checks: Fix check->health computation for flapping servers
  * BUG/MINOR: config: disable http-reuse on TCP proxies
  * BUG/MINOR: lua/threads: Make lua's tasks sticky to the current thread
  * BUG/MEDIUM: h2: implement missing support for chunked encoded uploads
  * MINOR: h2: detect presence of CONNECT and/or content-length
  * BUG/MEDIUM: lua: Fix segmentation fault if a Lua task exits
  * BUG/MINOR: log: t_idle (%Ti) is not set for some requests
  * BUG/MAJOR: channel: Fix crash when trying to read from a closed socket
  * BUG/MINOR: pattern: Add a missing HA_SPIN_INIT() in pat_ref_newid()

OBS-URL: https://build.opensuse.org/request/show/612871
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/haproxy?expand=0&rev=61
2018-05-29 14:53:35 +00:00
51100bdeec Accepting request 612869 from home:KGronlund:branches:server:http
fix version tag (thanks darix)
- Update to version 1.8.9~git9.6d82e611:

OBS-URL: https://build.opensuse.org/request/show/612869
OBS-URL: https://build.opensuse.org/package/show/server:http/haproxy?expand=0&rev=168
2018-05-29 12:59:33 +00:00
Marguerite Su
0dcc89ecab Accepting request 612802 from home:KGronlund:branches:server:http
- Update to version 1.8.9~gitv1.8.9.9.6d82e611:
  * BUG/MEDIUM: cache: don't cache when an Authorization header is present (VUL-1) (bsc#1094846)
  * BUG/MEDIUM: dns: Delay the attempt to run a DNS resolution on check failure.
  * BUG/MINOR: ssl/lua: prevent lua from affecting automatic maxconn computation
  * BUG/MEDIUM: contrib/modsecurity: Use network order to encode/decode flags
  * BUG/MEDIUM: contrib/mod_defender: Use network order to encode/decode flags
  * BUG/MEDIUM: spoe: Flags are not encoded in network order
  * BUG/MINOR: lua: Socket.send threw runtime error: 'close' needs 1 arguments.
  * BUG/MINOR: spoe: Mistake in error message about SPOE configuration
  * BUG/MEDIUM: ssl: properly protect SSL cert generation
  * BUG/MEDIUM: pollers: Use a global list for fd shared between threads.
  * BUG/MEDIUM: http: don't always abort transfers on CF_SHUTR
  * BUG/MINOR: lua: ensure large proxy IDs can be represented
  * BUG/MINOR: lua: schedule socket task upon lua connect()
  * BUG/MEDIUM: task: Don't free a task that is about to be run.
  * BUG/MINOR: map: correctly track reference to the last ref_elt being dumped
  * DOC/MINOR: clean up LUA documentation re: servers & array/table.
  * BUG/MINOR: lua: Put tasks to sleep when waiting for data
  * BUG/MEDIUM: threads: Fix the sync point for more than 32 threads
  * BUG/MINOR: checks: Fix check->health computation for flapping servers
  * BUG/MINOR: config: disable http-reuse on TCP proxies
  * BUG/MINOR: lua/threads: Make lua's tasks sticky to the current thread
  * BUG/MEDIUM: h2: implement missing support for chunked encoded uploads
  * MINOR: h2: detect presence of CONNECT and/or content-length
  * BUG/MEDIUM: lua: Fix segmentation fault if a Lua task exits
  * BUG/MINOR: log: t_idle (%Ti) is not set for some requests
  * BUG/MAJOR: channel: Fix crash when trying to read from a closed socket
  * BUG/MINOR: pattern: Add a missing HA_SPIN_INIT() in pat_ref_newid()

OBS-URL: https://build.opensuse.org/request/show/612802
OBS-URL: https://build.opensuse.org/package/show/server:http/haproxy?expand=0&rev=167
2018-05-29 09:24:09 +00:00
Dominique Leuenberger
d21917dbe2 Accepting request 605117 from server:http
OBS-URL: https://build.opensuse.org/request/show/605117
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/haproxy?expand=0&rev=60
2018-05-08 11:38:45 +00:00
Kristoffer Gronlund
90c2067cec Accepting request 605111 from home:KGronlund:branches:server:http
- Update to version 1.8.8:
  * BUG/CRITICAL: h2: fix incorrect frame length check (VUL-0) (bsc#1089837)
  * MINOR: cli: Ensure the CLI always outputs an error when it should
  * BUG/MINOR: cli: Guard against NULL messages when using CLI_ST_PRINT_FREE
  * BUG/MEDIUM: kqueue: When adding new events, provide an output to get errors.
  * BUG/MINOR: http: Return an error in proxy mode when url2sa fails
  * BUG/MEDIUM: connection: Make sure we have a mux before calling detach().
  * BUG/MEDIUM: threads: Fix the max/min calculation because of name clashes

OBS-URL: https://build.opensuse.org/request/show/605111
OBS-URL: https://build.opensuse.org/package/show/server:http/haproxy?expand=0&rev=166
2018-05-07 13:36:50 +00:00
a71f91e607 - Update to version 1.8.7:
* [RELEASE] Released version 1.8.7
  * MINOR: servers: Support alphanumeric characters for the server templates names
  * BUG/MAJOR: cache: always initialize newly created objects
  * [RELEASE] Released version 1.8.6
  * BUG/MINOR: spoe: Don't release the context buffer in .check_timeouts callbaclk
  * BUG/MINOR: spoe: Initialize variables used during conf parsing before any check
  * BUG/MAJOR: cache: fix random crashes caused by incorrect delete() on non-first blocks
  * BUG/MINOR: fd: Don't clear the update_mask in fd_insert.
  * BUG/MINOR: cache: fix "show cache" output
  * BUG/MINOR: email-alert: Set the mailer port during alert initialization
  * BUG/MINOR: checks: check the conn_stream's readiness and not the connection
  * BUG/MEDIUM: h2: always add a stream to the send or fctl list when blocked
  * BUILD/MINOR: threads: always export thread_sync_io_handler()
  * BUG/MEDIUM: h2: don't consider pending data on detach if connection is in error
  * BUG/MEDIUM: h2/threads: never release the task outside of the task handler
  * MINOR: h2: fuse h2s_detach() and h2s_free() into h2s_destroy()
  * MINOR: h2: always call h2s_detach() in h2_detach()
  * BUG/MAJOR: h2: remove orphaned streams from the send list before closing
  * MINOR: h2: provide and use h2s_detach() and h2s_free()
  * CLEANUP: h2: rename misleading h2c_stream_close() to h2s_close()
  * BUG/MINOR: hpack: fix harmless use of uninitialized value in hpack_dht_insert
  * BUILD/MINOR: cli: fix a build warning introduced by last commit
  * MINOR: cli: make "show fd" report the mux and mux_ctx pointers when available
  * MINOR: cli/threads: make "show fd" report thread_sync_io_handler instead of "unknown"
  * BUILD/MINOR: fix build when USE_THREAD is not defined
  * BUG/MINOR: lua funtion hlua_socket_settimeout don't check negative values
  * BUG/MINOR: lua: the function returns anything

OBS-URL: https://build.opensuse.org/package/show/server:http/haproxy?expand=0&rev=165
2018-04-07 00:20:45 +00:00
Dominique Leuenberger
808d239d6d Accepting request 590972 from server:http
OBS-URL: https://build.opensuse.org/request/show/590972
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/haproxy?expand=0&rev=59
2018-03-28 08:29:54 +00:00
Marguerite Su
43d601cc21 Accepting request 590965 from home:KGronlund:branches:server:http
- Update to version 1.8.5:
  * BUG/MINOR: listener: Don't decrease actconn twice when a new session is rejected
  * BUG/MINOR: h2: ensure we can never send an RST_STREAM in response to an RST_STREAM
  * BUG/MEDIUM: h2: properly account for DATA padding in flow control
  * DOC: don't suggest using http-server-close
  * DOC: log: more than 2 log servers are allowed
  * BUILD/BUG: enable -fno-strict-overflow by default
  * MINOR: log: stop emitting alerts when it's not possible to write on the socket
  * BUG/MEDIUM: threads/queue: wake up other threads upon dequeue
  * BUG/MINOR: tcp-check: use the server's service port as a fallback
  * BUG/MEDIUM: tcp-check: single connect rule can't detect DOWN servers
  * BUG/MINOR: lua: return bad error messages
  * BUG/MINOR: spoa-example: unexpected behavior for more than 127 args
  * BUG/MINOR: cli: Fix a crash when sending a command with too many arguments
  * BUG/MINOR: seemless reload: Fix crash when an interface is specified.
  * BUG/MINOR: dns: don't downgrade DNS accepted payload size automatically
  * BUG/MAJOR: threads/queue: Fix thread-safety issues on the queues management
  * BUG/MEDIUM: threads/unix: Fix a deadlock when a listener is temporarily disabled
  * BUG/MEDIUM: spoe: Remove idle applets from idle list when HAProxy is stopping
  * BUG/MINOR: force-persist and ignore-persist only apply to backends
  * BUG/MEDIUM: fix a 100% cpu usage with cpu-map and nbthread/nbproc
  * BUG/MINOR: cli: Fix a typo in the 'set rate-limit' usage
  * BUG/MINOR: cli: Fix a crash when passing a negative or too large value to "show fd"
  * BUG/MEDIUM: h2: also arm the h2 timeout when sending
  * BUG/MINOR: unix: Don't mess up when removing the socket from the xfer_sock_list.
  * BUG/MINOR: session: Fix tcp-request session failure if handshake.
  * MINOR: systemd: Add SystemD's SystemCallFilter option to the unit file
  * MINOR: systemd: Add SystemD's Protect*= options to the unit file
  * MINOR: systemd: Add section for SystemD sandboxing to unit file
  * BUG/MEDIUM: buffer: Fix the wrapping case in bi_putblk
  * BUG/MEDIUM: buffer: Fix the wrapping case in bo_putblk
  * BUG/MEDIUM: h2: always consume any trailing data after end of output buffers
  * MINOR: stats: display the number of threads in the statistics.
  * BUG/MINOR: h2: Set the target of dbuf_wait to h2c
  * MINOR: debug/pools: make DEBUG_UAF also detect underflows
  * BUG/MINOR: debug/pools: properly handle out-of-memory when building with DEBUG_UAF
  * DOC: cfgparse: Warn on option (tcp|http)log in backend
  * DOC: lua: new prototype for function "register_action()"
  * BUG/MEDIUM: ssl/sample: ssl_bc_* fetch keywords are broken.
  * BUG/MEDIUM: http: Switch the HTTP response in tunnel mode as earlier as possible
  * BUG/MINOR: ssl/threads: Make management of the TLS ticket keys files thread-safe
  * BUG/MINOR: init: Add missing brackets in the code parsing -sf/-st
  * BUG/MEDIUM: ssl: Shutdown the connection for reading on SSL_ERROR_SYSCALL
  * BUG/MEDIUM: ssl: Don't always treat SSL_ERROR_SYSCALL as unrecovarable.
  * BUG/MINOR: threads: fix missing thread lock labels for 1.8

OBS-URL: https://build.opensuse.org/request/show/590965
OBS-URL: https://build.opensuse.org/package/show/server:http/haproxy?expand=0&rev=164
2018-03-26 07:48:16 +00:00
Dominique Leuenberger
3110332817 Accepting request 584998 from server:http
OBS-URL: https://build.opensuse.org/request/show/584998
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/haproxy?expand=0&rev=58
2018-03-11 14:25:02 +00:00
Kristoffer Gronlund
d27ef0296e Accepting request 584997 from home:KGronlund:branches:server:http
- if we lock down the permissions the home directory has to be owned by haproxy (bsc#1077716)

OBS-URL: https://build.opensuse.org/request/show/584997
OBS-URL: https://build.opensuse.org/package/show/server:http/haproxy?expand=0&rev=163
2018-03-09 12:08:51 +00:00
00a86a081a - if we lock down the permissions the home directory has to be
owned by haproxy

OBS-URL: https://build.opensuse.org/package/show/server:http/haproxy?expand=0&rev=162
2018-03-08 19:19:41 +00:00
Dominique Leuenberger
9ab520a129 Accepting request 583731 from server:http
OBS-URL: https://build.opensuse.org/request/show/583731
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/haproxy?expand=0&rev=57
2018-03-07 09:40:00 +00:00
Marguerite Su
7a9be1bc6a Accepting request 582333 from home:jengelh:branches:server:http
- Avoid %__-type macro indirections. Remove redundant %clean
  section. Do not ignore errors from useradd.

OBS-URL: https://build.opensuse.org/request/show/582333
OBS-URL: https://build.opensuse.org/package/show/server:http/haproxy?expand=0&rev=161
2018-03-07 05:58:33 +00:00
Dominique Leuenberger
37d7b1936b Accepting request 582332 from server:http
OBS-URL: https://build.opensuse.org/request/show/582332
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/haproxy?expand=0&rev=56
2018-03-04 11:52:48 +00:00
Marguerite Su
7e6d8d08ea Accepting request 582025 from home:KGronlund:branches:server:http
- Ensure haproxy home directory is not world readable (bsc#1077716)

OBS-URL: https://build.opensuse.org/request/show/582025
OBS-URL: https://build.opensuse.org/package/show/server:http/haproxy?expand=0&rev=160
2018-03-04 07:09:23 +00:00
Dominique Leuenberger
2eb224fb66 Accepting request 574250 from server:http
OBS-URL: https://build.opensuse.org/request/show/574250
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/haproxy?expand=0&rev=55
2018-02-09 14:51:18 +00:00
392b0f1e5b Accepting request 574248 from home:KGronlund:branches:server:http
- Update to version 1.8.4 (bsc#1080069):
  * BUG/MINOR: config: don't emit a warning when global stats is incompletely configured
  * DOC: Mention -Ws in the list of available options
  * DOC: Describe routing impact of using interface keyword on bind lines
  * MINOR: init: emit warning when -sf/-sd cannot parse argument
  * BUG/MEDIUM: standard: Fix memory leak in str2ip2()
  * BUG/MINOR: time/threads: ensure the adjusted time is always correct
  * BUG/MEDIUM: spoe: Allow producer to read and to forward shutdown on request side
  * BUG/MEDIUM: spoe: Always try to receive or send the frame to detect shutdowns
  * BUG/MINOR: epoll/threads: only call epoll_ctl(DEL) on polled FDs
  * BUG/MINOR: threads: Update labels array because of changes in lock_label enum
  * BUG/MINOR: cli: use global.maxsock and not maxfd to list all FDs
  * CLEANUP: Fix typo in ARGT_MSK6 comment
  * BUG/MINOR: sample: Fix output type of c_ipv62ip
  * CLEANUP: sample: Fix outdated comment about sample casts functions
  * CLEANUP: sample: Fix comment encoding of sample.c
  * BUILD: kqueue/threads: Add test on MAX_THREADS to avoid warnings when complied without threads
  * BUILD: epoll/threads: Add test on MAX_THREADS to avoid warnings when complied without threads
  * MINOR: threads: Use __decl_hathreads instead of #ifdef/#endif
  * BUG/MINOR: kqueue/threads: Don't forget to close kqueue_fd[tid] on each thread
  * BUG/MEDIUM: checks: Don't try to release undefined conn_stream when a check is freed
  * BUG/MEDIUM: threads/server: Fix deadlock in srv_set_stopping/srv_set_admin_flag
  * BUG/MINOR: threads: always set an owner to the thread_sync pipe
  * MINOR: threads: Fix build when we're not compiling with threads.
  * BUG/MINOR: mworker: only write to pidfile if it exists
  * BUG/MEDIUM: threads/mworker: fix a race on startup
  * BUG/MEDIUM: kqueue/threads: use one kqueue_fd per thread
  * BUG/MEDIUM: epoll/threads: use one epoll_fd per thread
  * MINOR: fd: add a bitmask to indicate that an FD is known by the poller
  * BUG/MEDIUM: fd: maintain a per-thread update mask

OBS-URL: https://build.opensuse.org/request/show/574248
OBS-URL: https://build.opensuse.org/package/show/server:http/haproxy?expand=0&rev=159
2018-02-08 13:29:47 +00:00
Dominique Leuenberger
9738d363f6 Accepting request 565889 from server:http
OBS-URL: https://build.opensuse.org/request/show/565889
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/haproxy?expand=0&rev=54
2018-01-17 20:57:09 +00:00
Kristoffer Gronlund
9c5a77bd65 Accepting request 564524 from home:KGronlund:branches:server:http
Updated tarball

OBS-URL: https://build.opensuse.org/request/show/564524
OBS-URL: https://build.opensuse.org/package/show/server:http/haproxy?expand=0&rev=158
2018-01-15 22:32:45 +00:00
cc46fa9271 actually switch to new tarball
OBS-URL: https://build.opensuse.org/package/show/server:http/haproxy?expand=0&rev=157
2018-01-01 17:18:51 +00:00
fc179e5573 - Update to version 1.8.3:
* [RELEASE] Released version 1.8.3
  * MEDIUM: h2: prepare a graceful shutdown when the frontend is stopped
  * BUG/MAJOR: hpack: don't return direct references to the dynamic headers table
  * BUG/MEDIUM: http: don't automatically forward request close
  * MINOR: don't close stdio anymore
  * BUG/MEDIUM: mworker: don't close stdio several time
  * BUG/MEDIUM: h2: ensure we always know the stream before sending a reset
  * DOC/MINOR: configuration: typo, formatting fixes
  * BUG/MEDIUM: h2: improve handling of frames received on closed streams
  * BUG/MEDIUM: h2: properly handle and report some stream errors

OBS-URL: https://build.opensuse.org/package/show/server:http/haproxy?expand=0&rev=156
2017-12-31 02:26:21 +00:00
f1d1cfad8f - Update to version 1.8.2
OBS-URL: https://build.opensuse.org/package/show/server:http/haproxy?expand=0&rev=155
2017-12-24 23:43:13 +00:00
Dominique Leuenberger
b0dd02264e Accepting request 548086 from server:http
OBS-URL: https://build.opensuse.org/request/show/548086
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/haproxy?expand=0&rev=53
2017-12-05 00:30:30 +00:00
Kristoffer Gronlund
09681e1dbc Accepting request 548068 from home:KGronlund:branches:server:http
- Update to version 1.8.1 (bsc#1069954):
  * BUG/MAJOR: h2: correctly check the request length when building an H1 request
  * BUG/MAJOR: thread: Be sure to request a sync between threads only once at a time
  * BUG/MAJOR: thread/peers: fix deadlock on peers sync.
  * BUG/MEDIUM: h2: do not accept upper case letters in request header names
  * BUG/MEDIUM: h2: remove connection-specific headers from request
  * BUG/MEDIUM: h2: enforce the per-connection stream limit
  * BUG/MEDIUM: checks: Be sure we have a mux if we created a cs.
  * BUG/MEDIUM: peers: fix some track counter rules dont register entries for sync.
  * BUG/MEDIUM: h2: don't report an error after parsing a 100-continue response
  * BUG/MEDIUM: threads/peers: decrement, not increment jobs on quitting
  * BUG/MEDIUM: stream: fix session leak on applet-initiated connections
  * BUG/MEDIUM: cache: bad computation of the remaining size
  * BUG/MEDIUM: ssl: don't allocate shctx several time
  * BUG/MEDIUM: tcp-check: Don't lock the server in tcpcheck_main
  * BUG/MEDIUM: kqueue: Don't bother closing the kqueue after fork.
  * BUG/MINOR: h2: use the H2_F_DATA_* macros for DATA frames
  * BUG/MINOR: h2: reject response pseudo-headers from requests
  * BUG/MINOR: h2: properly check PRIORITY frames
  * BUG/MINOR: h2: reject incorrect stream dependencies on HEADERS frame
  * BUG/MINOR: h2: do not accept SETTINGS_ENABLE_PUSH other than 0 or 1
  * BUG/MINOR: h2: the TE header if present may only contain trailers
  * BUG/MINOR: h2: fix a typo causing PING/ACK to be responded to
  * BUG/MINOR: h2: ":path" must not be empty
  * BUG/MINOR: h2: try to abort closed streams as soon as possible
  * BUG/MINOR: h2: immediately close if receiving GOAWAY after the last stream
  * BUG/MINOR: hpack: dynamic table size updates are only allowed before headers
  * BUG/MINOR: hpack: reject invalid header index
  * BUG/MINOR: hpack: must reject huffman literals padded with more than 7 bits
  * BUG/MINOR: hpack: fix debugging output of pseudo header names

OBS-URL: https://build.opensuse.org/request/show/548068
OBS-URL: https://build.opensuse.org/package/show/server:http/haproxy?expand=0&rev=154
2017-12-04 13:36:45 +00:00
Dominique Leuenberger
19d948f0b9 Accepting request 546232 from server:http
OBS-URL: https://build.opensuse.org/request/show/546232
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/haproxy?expand=0&rev=52
2017-11-29 09:54:23 +00:00
Kristoffer Gronlund
e713981734 Accepting request 546231 from home:KGronlund:branches:server:http
- License is now GPL-3.0+ and LGPL-2.1+

OBS-URL: https://build.opensuse.org/request/show/546231
OBS-URL: https://build.opensuse.org/package/show/server:http/haproxy?expand=0&rev=153
2017-11-28 13:55:11 +00:00
Kristoffer Gronlund
0642ef5274 Accepting request 546181 from home:KGronlund:branches:server:http
Add bugzilla reference
- Update to version 1.8.0 (bsc#1069954):

OBS-URL: https://build.opensuse.org/request/show/546181
OBS-URL: https://build.opensuse.org/package/show/server:http/haproxy?expand=0&rev=152
2017-11-28 09:34:06 +00:00
Kristoffer Gronlund
ee6d71b81e Accepting request 546048 from home:KGronlund:branches:server:http
Replacing the tarball

OBS-URL: https://build.opensuse.org/request/show/546048
OBS-URL: https://build.opensuse.org/package/show/server:http/haproxy?expand=0&rev=151
2017-11-27 15:34:17 +00:00
Kristoffer Gronlund
e4707d93a4 Accepting request 546033 from home:darix:branches:server:http
- [apparmor]: allow haproxy to restart itself. needed for seamless
  restart. also reload the apparmor profile on update.

- enable network namespaces on 42.3
- Enabled systemd notify mode: new BR: pkgconfig(libsystemd)
  This fixes problems with starting 1.8 on 42.3.
- apply build option changes as adviced by upstream

- Update to version 1.8.0:
  https://www.mail-archive.com/haproxy@formilux.org/msg28004.html

OBS-URL: https://build.opensuse.org/request/show/546033
OBS-URL: https://build.opensuse.org/package/show/server:http/haproxy?expand=0&rev=150
2017-11-27 15:03:06 +00:00
Dominique Leuenberger
d385b18561 Accepting request 518364 from server:http
1

OBS-URL: https://build.opensuse.org/request/show/518364
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/haproxy?expand=0&rev=51
2017-08-24 16:55:41 +00:00