- Update to version 2.6.5+git0.987a4e248:
* [RELEASE] Released version 2.6.5
* BUG/MINOR: http-act: initialize http fmt head earlier
* MINOR: debug: report applet pointer and handler in crashes when known
* DEBUG: stream: minor rearrangement of a few fields in struct stream.
* BUG/MINOR: mux-fcgi: fix the "show fd" dest buffer for the subscriber
* BUG/MINOR: mux-h1: fix the "show fd" dest buffer for the subscriber
* BUG/MINOR: mux-h2: fix the "show fd" dest buffer for the subscriber
* BUG/MINOR: httpclient: keep-alive was accidentely disabled
* BUG/MEDIUM: httpclient: always detach the caller before self-killing
* BUG/MINOR: h2: properly set the direction flag on HTX response
* BUG/MINOR: quic: Frames leak during retransmissions
* MINOR: quic: Trace typo fix in qc_release_frm()
* MINOR: quic: Add TX frames addresses to traces to several trace events
* BUG/MINOR: quic: Do not ack when probing
* MINOR: backend: always satisfy the first req reuse rule with l7 retries
* BUG/MEDIUM: mux-h1: always use RST to kill idle connections in pools
* REGTESTS: http_request_buffer: Add a barrier to not mix up log messages
* BUG/MINOR: regex: Properly handle PCRE2 lib compiled without JIT support
* BUILD: debug: make sure debug macros are never empty
* CLEANUP: exclude haring with .gitignore
* DEV: haring: support remapping LF in contents with CR VT
* DEV: haring: add a simple utility to read file-backed rings
* MINOR: sink/ring: rotate non-empty file-backed contents only
* MINOR: ring: archive a previous file-backed ring on startup
* BUILD: sink: replace S_IRUSR, S_IWUSR with their octal value
* MINOR: ring: add support for a backing-file
* MINOR: ring: support creating a ring from a linear area
* BUILD: ring: forward-declare struct appctx to avoid a build warning
* BUG/MINOR: ssl: leak of ckch_inst_link in ckch_inst_free() v2
OBS-URL: https://build.opensuse.org/request/show/1004374
OBS-URL: https://build.opensuse.org/package/show/server:http/haproxy?expand=0&rev=270
- Update to version 2.6.2+git0.16a3646fd:
* [RELEASE] Released version 2.6.2
* BUG/MINOR: backend: Fallback on RR algo if balance on source is impossible
* BUILD: quic: fix anonymous union for gcc-4.4
* BUG/MEDIUM: stconn: Only reset connect expiration when processing backend side
* BUILD: add detection for unsupported compiler models
* BUG/MEDIUM: mworker: proc_self incorrectly set crashes upon reload
* BUG/MAJOR: mux_quic: fix invalid PROTOCOL_VIOLATION on POST data overlap
* BUG/MINOR: mworker/cli: relative pid prefix not validated anymore
* BUG/MINOR: quic: do not send CONNECTION_CLOSE_APP in initial/handshake
* BUG/MINOR: tools: fix statistical_prng_range()'s output range
* BUG/MINOR: ssl: allow duplicate certificates in ca-file directories
* BUG/MINOR: resolvers: shut off the warning for the default resolvers
* MINOR: resolvers: resolvers_destroy() deinit and free a resolver
* BUG/MEDIUM: tools: avoid calling dlsym() in static builds (try 2)
* BUILD: makefile: Fix install(1) handling for OpenBSD/NetBSD/Solaris/AIX
* BUG/MEDIUM: tools: avoid calling dlsym() in static builds
* BUG/MINOR: debug: enter ha_panic() only once
* BUG/MEDIUM: cli/threads: make "show threads" more robust on applets
* BUG/MINOR: quic: fix closing state on NO_ERROR code sent
* BUG/MEDIUM: mux-quic: fix server chunked encoding response
* CLEANUP: h2: Typo fix in h2_unsubcribe() traces
* MINOR: qpack: properly handle invalid dynamic table references
* MINOR: h3: handle errors on HEADERS parsing/QPACK decoding
* MINOR: h3: add h3c pointer into h3s instance
* BUG/MINOR: mux-quic: do not signal FIN if gap in buffer
* MINOR: ncbuf: implement ncb_is_fragmented()
* MINOR: quic: Increase the QUIC connections RX buffer size (upto 64Kb)
* MINOR: quic: Improvements for the datagrams receipt
* MINOR: task: Add tasklet_wakeup_after()
OBS-URL: https://build.opensuse.org/request/show/991595
OBS-URL: https://build.opensuse.org/package/show/server:http/haproxy?expand=0&rev=267
- Update to version 2.6.1+git0.f6ca66d44:
* [RELEASE] Released version 2.6.1
* REGTESTS: ssl: add the same cert for client/server
* BUG/MEDIUM: mworker: use default maxconn in wait mode
* BUG/MINOR: quic: Acknowledgement must be forced during handshake
* BUG/MEDIUM: ssl/cli: crash when crt inserted into a crt-list
* BUG/MINOR: quic: free rejected Rx packets
* BUG/MINOR: quic: purge conn Rx packet list on release
* BUG/MINOR: quic_stats: Duplicate "quic_streams_data_blocked_bidi" field name
* BUG/MINOR: quic: Unexpected half open connection counter wrapping
* BUG/MINOR: log: Properly test connection retries to fix dontlog-normal option
* MINOR: stream: Rely on stconn flags to abort stream destructive upgrade
* BUG/MEDIUM: stream: Properly handle destructive client connection upgrades
* BUG/MINOR: task: fix thread assignment in tasklet_kill()
* BUG/MINOR: quic: Wrong PTO calculation
* BUG/MINOR: quic: Stop hardcoding Retry packet Version field
* BUG/BUILD: h3: fix wrong label name
* BUG/MINOR: h3/qpack: deal with too many headers
* MINOR: qpack: add comments and remove a useless trace
* BUG/MINOR: qpack: support header litteral name decoding
* BUG/MEDIUM: mux-quic: fix segfault on flow-control frame cleanup
* BUG/MEDIUM: cli: Notify cli applet won't consume data during request processing
* BUG/MEDIUM: stconn: Don't wakeup applet for send if it won't consume data
* BUG/MINOR: tcp-rules: Make action call final on read error and delay expiration
* BUG/MINOR: mux-quic: fix memleak on frames rejected by transport
* BUG/MEDIUM: mux-quic: fix flow control connection Tx level
* BUG/MINOR: cli/stats: add missing trailing LF after "show info json"
* BUG/MINOR: server: do not enable DNS resolution on disabled proxies
* BUG/MINOR: cli/stats: add missing trailing LF after JSON outputs
* BUG/MINOR: h3: fix frame type definition
* REGTESTS: healthcheckmail: Relax health-check failure condition
* REGTESTS: healthcheckmail: Update the test to be functionnal again
* BUG/MINOR: checks: Properly handle email alerts in trace messages
* BUG/MINOR: trace: Test server existence for health-checks to get proxy
* BUG/MEDIUM: mailers: Set the object type for check attached to an email alert
* BUILD: compiler: implement unreachable for older compilers too
* REGTESTS: restrict_req_hdr_names: Extend supported versions
* REGTESTS: http_abortonclose: Extend supported versions
* BUG/MINOR: ssl_ckch: Fix possible uninitialized value in show_crlfile I/O handler
* BUG/MINOR: ssl_ckch: Fix possible uninitialized value in show_cafile I/O handler
* BUG/MINOR: ssl_ckch: Fix possible uninitialized value in show_cert I/O handler
* BUG/MINOR: ssl_ckch: Init right field when parsing "commit ssl crl-file" cmd
* BUG/MINOR: ssl_ckch: Dump cert transaction only once if show command yield
* BUG/MINOR: ssl_ckch: Dump CA transaction only once if show command yield
* BUG/MINOR: ssl_ckch: Dump CRL transaction only once if show command yield
* BUG/MINOR: ssl_ckch: Use right type for old entry in show_crlfile_ctx
* REGTESTS: http_request_buffer: Increase client timeout to wait "slow" clients
* REGTESTS: abortonclose: Add a barrier to not mix up log messages
* MEDIUM: httpclient: Don't close CLI applet at the end of a response
* MEDIUM: http-ana: Always report rewrite failures as PRXCOND in logs
* BUG/MEDIUM: httpclient: Rework CLI I/O handler to handle full buffer cases
* BUG/MEDIUM: httpclient: Don't remove HTX header blocks before duplicating them
* BUG/MEDIUM: ssl/crt-list: Rework 'add ssl crt-list' to handle full buffer cases
* BUG/MEDIUM: ssl_ckch: Rework 'commit ssl ca-file' to handle full buffer cases
* BUG/MEDIUM: ssl_ckch: Rework 'commit ssl cert' to handle full buffer cases
* BUG/MINOR: ssl_ckch: Don't duplicate path when replacing a CA/CRL entry
* BUG/MINOR: ssl_ckch: Don't duplicate path when replacing a cert entry
* BUG/MEDIUM: ssl_ckch: Don't delete CA/CRL entry if it is being modified
* BUG/MEDIUM: ssl_ckch: Don't delete a cert entry if it is being modified
* BUG/MINOR: ssl_ckch: Free error msg if commit changes on a CA/CRL entry fails
* BUG/MINOR: ssl_ckch: Free error msg if commit changes on a cert entry fails
OBS-URL: https://build.opensuse.org/request/show/988057
OBS-URL: https://build.opensuse.org/package/show/server:http/haproxy?expand=0&rev=266
* [RELEASE] Released version 2.5.4
* BUG/MEDIUM: stream: Abort processing if response buffer allocation fails
* CI: github: enable pool debugging by default
* REGTESTS: fix the race conditions in 40be_2srv_odd_health_checks
* BUG/MINOR: proxy: preset the error message pointer to NULL in parse_new_proxy()
* DOC: Fix usage/examples of deprecated ACLs
* BUG/MAJOR: mux-h2: Be sure to always report HTX parsing error to the app layer
* BUG/MEDIUM: mux-h1: Don't wake h1s if mux is blocked on lack of output buffer
* BUG/MEDIUM: htx: Be sure to have a buffer to perform a raw copy of a message
OBS-URL: https://build.opensuse.org/package/show/server:http/haproxy?expand=0&rev=261
* [RELEASE] Released version 2.4.4
* Revert "BUG/MINOR: stream-int: Don't block reads in si_update_rx() if chn may receive"
* BUG/MAJOR: htx: fix missing header name length check in htx_add_header/trailer
* CLEANUP: htx: remove comments about "must be < 256 MB"
* BUG/MINOR: config: reject configs using HTTP with bufsize >= 256 MB
* DOC: configuration: remove wrong tcp-request examples in tcp-response
* BUG/MINOR: vars: fix set-var/unset-var exclusivity in the keyword parser
* CLEANUP: Add missing include guard to signal.h
* BUG/MINOR: tools: Fix loop condition in dump_text()
* BUG/MINOR threads: Use get_(local|gm)time instead of (local|gm)time
* BUG/MINOR: ebtree: remove dependency on incorrect macro for bits per long
* MINOR: time: add report_idle() to report process-wide idle time
* BUG/MINOR: time: fix idle time computation for long sleeps
* BUG/MINOR: lua: use strlcpy2() not strncpy() to copy sample keywords
* MINOR: compiler: implement an ONLY_ONCE() macro
* BUG/MINOR: base64: base64urldec() ignores padding in output size check
* BUG/MEDIUM: base64: check output boundaries within base64{dec,urldec}
* BUG/MINOR: stick-table: fix the sc-set-gpt* parser when using expressions
* MINOR: hlua: take the global Lua lock inside a global function
* REGTESTS: abortonclose: after retries, 503 is expected, not close
* REGTESTS: http_upgrade: fix incorrect expectation on TCP->H1->H2
* BUG/MEDIUM: h2: match absolute-path not path-absolute for :path
OBS-URL: https://build.opensuse.org/package/show/server:http/haproxy?expand=0&rev=249
* BUILD: backend: fix build breakage in idle conn locking fix
* [RELEASE] Released version 2.3.9
* BUG/MEDIUM: time: make sure to always initialize the global tick
* BUG/MINOR: stats: Apply proper styles in HTML status page.
* BUG/MINOR: payload: Wait for more data if buffer is empty in payload/payload_lv
* MEDIUM: backend: use a trylock to grab a connection on high FD counts as well
* BUG/MEDIUM: mux-h1: make h1_shutw_conn() idempotent
OBS-URL: https://build.opensuse.org/package/show/server:http/haproxy?expand=0&rev=242
* [RELEASE] Released version 2.3.4
* MINOR: contrib/prometheus-exporter: use fill_info for process dump
* MINOR: contrib/prometheus-exporter: avoid connection close header
* BUG/MINOR: init: enforce strict-limits when using master-worker
* BUG/MINOR: check: Don't perform any check on servers defined in a frontend
* BUG/MINOR: sample: Memory leak of sample_expr structure in case of error
* Revert "BUG/MINOR: dns: SRV records ignores duplicated AR records"
* MINOR: reg-tests: add base prometheus test
* BUG/MINOR: reg-tests: fix service dependency script
* BUG/MINOR: sample: check alloc_trash_chunk return value in concat()
* MINOR: reg-tests: add a way to add service dependency
OBS-URL: https://build.opensuse.org/package/show/server:http/haproxy?expand=0&rev=236
* [RELEASE] Released version 2.3.2
* BUG/MINOR: http-fetch: Fix smp_fetch_body() when called from a health-check
* DOC: config: Move req.hdrs and req.hdrs_bin in L7 samples fetches section
* BUG/MAJOR: tcpcheck: Allocate input and output buffers from the buffer pool
* MINOR: tcpcheck: Don't handle anymore in-progress send rules in tcpcheck_main
* BUG/MINOR: tcpcheck: Don't forget to reset tcp-check flags on new kind of check
* DOC: Clarify %HP description in log-format
* DOC: better document the config file format and escaping/quoting rules
* BUG/MAJOR: peers: fix partial message decoding
* BUG/MEDIUM: http_act: Restore init of log-format list
* BUILD: Show the value of DEBUG= in haproxy -vv
* BUILD: Make DEBUG part of .build_opts
* MINOR: http_act: Add -m flag for del-header name matching method
* REGTESTS: converter: add url_dec test
* REGTESTS: Add sample_fetches/cook.vtc
* DOC: cache: Add new caching limitation information
* MEDIUM: cache: Change caching conditions
* BUG/MAJOR: filters: Always keep all offsets up to date during data filtering
* DOC: better describes how to configure a fallback crt
* BUG/MINOR: http_htx: Fix searching headers by substring
* BUG/MAJOR: connection: reset conn->owner when detaching from session list
* CLEANUP: connection: do not use conn->owner when the session is known
* DOC: clarify how to create a fallback crt
* BUILD: makefile: enable crypt(3) for OpenBSD
* BUG/MEDIUM: ssl/crt-list: fix error when no file found
* BUG/MINOR: ssl/crt-list: load bundle in crt-list only if activated
* BUG/MEDIUM: ssl: error when no certificate are found
* BUG/MEDIUM: ssl/crt-list: bundle support broken in crt-list
* BUG/MEDIUM: http-ana: Don't eval http-after-response ruleset on empty messages
OBS-URL: https://build.opensuse.org/package/show/server:http/haproxy?expand=0&rev=234
* [RELEASE] Released version 2.3.1
* REGTEST: make ssl_client_samples and ssl_server_samples require to 2.2
* MINOR: peers: Add traces to peer_treat_updatemsg().
* REGTEST: ssl: mark reg-tests/ssl/ssl_crt-list_filters.vtc as broken
* REGTEST: ssl: test wildcard and multi-type + exclusions
* MINOR: cfgparse: tighten the scope of newnameserver variable, free it on error.
* MINOR: config/mux-h2: Return ERR_ flags from init_h2() instead of a status
* MINOR: init: Fix the prototype for per-thread free callbacks
* BUG/MINOR: tcpcheck: Don't warn on unused rules if check option is after
* MINOR: spoe: Don't close connection in sync mode on processing timeout
* BUG/MAJOR: spoe: Be sure to remove all references on a released spoe applet
* BUG/MINOR: http-htx: Handle warnings when parsing http-error and http-errors
* MINOR: check: report error on incompatible connect proto
* MINOR: check: report error on incompatible proto
* BUG/MEDIUM: check: reuse srv proto only if using same mode
* BUG/MINOR: http-fetch: Fix calls w/o parentheses of the cookie sample fetches
* BUG/MINOR: http-fetch: Extract cookie value even when no cookie name
* BUG/MEDIUM: peers: fix decoding of multi-byte length in stick-table messages
* BUG/MINOR: peers: Missing TX cache entries reset.
* BUG/MINOR: peers: Do not ignore a protocol error for dictionary entries.
* BUG/MINOR: stats: free dynamically stats fields/lines on shutdown
* BUG/MINOR: lua: set buffer size during map lookups
* BUG/MINOR: pattern: a sample marked as const could be written
OBS-URL: https://build.opensuse.org/package/show/server:http/haproxy?expand=0&rev=233
* [RELEASE] Released version 2.2.2
* BUG/MEDIUM: tcp-checks: always attach the transport before installing the mux
* BUG/MEDIUM: backend: always attach the transport before installing the mux
* SCRIPTS: announce-release: add the link to the wiki in the announce messages
* MINOR: stream-int: Be sure to have a mux to do sends and receives
* MINOR: connection: Preinstall the mux for non-ssl connect
* BUG/MEDIUM: connection: Be sure to always install a mux for sync connect
* BUG/MINOR: tcp-rules: Set the inspect-delay when a tcp-response action yields
* BUG/MINOR: tcp-rules: Preserve the right filter analyser on content eval abort
* BUG/MINOR: lua: Abort execution of actions that yield on a final evaluation
* BUG/MEDIUM: dns: Don't yield in do-resolve action on a final evaluation
* MEDIUM: lua: Add support for the Lua 5.4
* BUG/MAJOR: dns: don't treat Authority records as an error
* BUG/MAJOR: dns: fix null pointer dereference in snr_update_srv_status
* BUG/MINOR: debug: Don't dump the lua stack if it is not initialized
* BUILD: tools: fix build with static only toolchains
* BUG/MINOR: mux-fcgi: Don't url-decode the QUERY_STRING parameter anymore
OBS-URL: https://build.opensuse.org/package/show/server:http/haproxy?expand=0&rev=223
* [RELEASE] Released version 2.2.1
* BUG/MEDIUM: http-ana: Only set CF_EXPECT_MORE flag on data filtering
* BUG/MEDIUM: stream-int: Don't set MSG_MORE flag if no more data are expected
* BUG/MINOR: htx: add two missing HTX_FL_EOI and remove an unexpected one
* MEDIUM: htx: Add a flag on a HTX message when no more data are expected
* BUG/MEDIUM: dns: Release answer items when a DNS resolution is freed
* BUG/MAJOR: dns: Make the do-resolve action thread-safe
* BUG/MAJOR: tasks: don't requeue global tasks into the local queue
* BUG/MEDIUM: resolve: fix init resolving for ring and peers section.
* BUG/MEDIUM: arg: empty args list must be dropped
* DOC: ssl: req_ssl_sni needs implicit TLS
* BUILD: config: fix again bugs gcc warnings on calloc
* BUG/MAJOR: tasks: make sure to always lock the shared wait queue if needed
* BUILD: config: address build warning on raspbian+rpi4
* BUG/MEDIUM: channel: Be aware of SHUTW_NOW flag when output data are peeked
* BUG/MEDIUM: server: fix possibly uninitialized state file on close
* BUG/MEDIUM: server: resolve state file handle leak on reload
* BUG/MEDIUM: fcgi-app: fix memory leak in fcgi_flt_http_headers
* BUG/MEDIUM: log: issue mixing sampled to not sampled log servers.
* BUG/MINOR: mux-fcgi: Set flags on the right stream field for empty FCGI_STDOUT
* BUG/MINOR: mux-fcgi: Set conn state to RECORD_P when skipping the record padding
* BUG/MINOR: mux-fcgi: Handle empty STDERR record
* BUG/MEDIUM: mux-h1: Continue to process request when switching in tunnel mode
* BUG/MEDIUM: mux-fcgi: Don't add private connections in available connection list
* BUG/MEDIUM: mux-h2: Don't add private connections in available connection list
* CONTRIB: da: fix memory leak in dummy function da_atlas_open()
* BUG/MEDIUM: lists: add missing store barrier in MT_LIST_ADD/MT_LIST_ADDQ
* BUG/MEDIUM: lists: add missing store barrier on MT_LIST_BEHEAD()
* BUG/MINOR: sample: Free str.area in smp_check_const_meth
OBS-URL: https://build.opensuse.org/package/show/server:http/haproxy?expand=0&rev=222
https://www.haproxy.com/blog/announcing-haproxy-2-2/
* [RELEASE] Released version 2.2.0
* MINOR: version: mention that it's an LTS release now
* DOC: minor update to coding style file
* DOC: update INSTALL with new compiler versions
* CLEANUP: ssl: remove unrelevant comment in smp_fetch_ssl_x_keylog()
* DOC: configuration: remove obsolete mentions of H2 being converted to HTTP/1.x
* BUG/MINOR: connection: See new connection as available only on reuse always
* BUG/MEDIUM: connection: Don't consider new private connections as available
* BUG/MINOR: backend: Remove CO_FL_SESS_IDLE if a client remains on the last server
* MINOR: mux-h1: Improve traces about the splicing
- refreshed patches to apply cleanly again:
haproxy-1.6.0-makefile_lib.patch
haproxy-1.6.0-sec-options.patch
- track series file in source rpm
OBS-URL: https://build.opensuse.org/package/show/server:http/haproxy?expand=0&rev=221
* [RELEASE] Released version 2.1.6
* BUG/MINOR: mworker: fix a memleak when execvp() failed
* BUG/MINOR: ssl: fix a trash buffer leak in some error cases
* BUG/MEDIUM: mworker: fix the reload with an -- option
* BUG/MINOR: init: -S can have a parameter starting with a dash
* BUG/MINOR: init: -x can have a parameter starting with a dash
* BUG/MEDIUM: mworker: fix the copy of options in copy_argv()
* BUG/MEDIUM: contrib/prometheus-exporter: Properly set flags to dump metrics
* BUG/MEDIUM: hlua: Lock pattern references to perform set/add/del operations
* BUG/MEDIUM: http-htx: Duplicate error messages as raw data instead of string
* BUG/MEDIUM: lua: Reset analyse expiration timeout before executing a lua action
* BUG/MINOR: peers: fix internal/network key type mapping.
* SCRIPTS: publish-release: pass -n to gzip to remove timestamp
* Revert "BUG/MEDIUM: connections: force connections cleanup on server changes"
OBS-URL: https://build.opensuse.org/package/show/server:http/haproxy?expand=0&rev=218
* [RELEASE] Released version 2.1.2
* BUILD: ssl: improve SSL_CTX_set_ecdh_auto compatibility
* BUG/MEDIUM: stream: Be sure to never assign a TCP backend to an HTX stream
* BUG/MINOR: state-file: do not leak memory on parse errors
* BUG/MINOR: state-file: do not store duplicates in the global tree
* BUG/MEDIUM: state-file: do not allocate a full buffer for each server entry
* BUG/MINOR: ssl: openssl-compat: Fix getm_ defines
* BUG/MEDIUM: fd/threads: fix a concurrency issue between add and rm on the same fd
* MINOR: fd/threads: make _GET_NEXT()/_GET_PREV() use the volatile attribute
* BUG/MEDIUM: ssl: Revamp the way early data are handled.
* BUG/MAJOR: task: add a new TASK_SHARED_WQ flag to fix foreing requeuing
* MINOR: task: only check TASK_WOKEN_ANY to decide to requeue a task
* MINOR: http: add a new "replace-path" action
* MINOR: debug: support logging to various sinks
* BUG/MEDIUM: ssl: Don't set the max early data we can receive too early.
* MINOR: sample: Validate the number of bits for the sha2 converter
* BUG/MINOR: sample: always check converters' arguments
* BUG/MINOR: sample: fix the closing bracket and LF in the debug converter
* DOC: clarify the fact that replace-uri works on a full URI
- drop the udev buildrequires completely
OBS-URL: https://build.opensuse.org/package/show/server:http/haproxy?expand=0&rev=211