SHA256
1
0
forked from pool/haproxy
Commit Graph

184 Commits

Author SHA256 Message Date
Dominique Leuenberger
e9462799c6 Accepting request 794395 from server:http
- use the "profile profilename /path/to/binary" syntax to make
  "ps aufxZ" more readable

OBS-URL: https://build.opensuse.org/request/show/794395
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/haproxy?expand=0&rev=85
2020-04-17 22:27:40 +00:00
9b71bf8c52 - use the "profile profilename /path/to/binary" syntax to make
"ps aufxZ" more readable

OBS-URL: https://build.opensuse.org/package/show/server:http/haproxy?expand=0&rev=216
2020-04-15 23:11:37 +00:00
Dominique Leuenberger
554dadd8f5 Accepting request 791753 from server:http
Add bugnumbers that werent in the devel project but in leap/sles

OBS-URL: https://build.opensuse.org/request/show/791753
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/haproxy?expand=0&rev=84
2020-04-07 08:21:37 +00:00
0bd83e4d76 add bugnumbers that werent added to the devel project
OBS-URL: https://build.opensuse.org/package/show/server:http/haproxy?expand=0&rev=215
2020-04-06 11:31:12 +00:00
Dominique Leuenberger
8ef101d465 Accepting request 790908 from server:http
- Update to version 2.1.4+git0.3cfc2f1d9: (boo#1168023) CVE-2020-11100

OBS-URL: https://build.opensuse.org/request/show/790908
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/haproxy?expand=0&rev=83
2020-04-04 10:20:54 +00:00
ba3ebe78ca - Update to version 2.1.4+git0.3cfc2f1d9: (boo#1168023) CVE-2020-11100
OBS-URL: https://build.opensuse.org/package/show/server:http/haproxy?expand=0&rev=214
2020-04-02 13:29:08 +00:00
Dominique Leuenberger
e54ac01865 Accepting request 774671 from server:http
OBS-URL: https://build.opensuse.org/request/show/774671
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/haproxy?expand=0&rev=82
2020-02-19 11:41:00 +00:00
Marguerite Su
01a99e5686 Accepting request 774367 from home:kukuk:container
- Remove unsupported options from example haproxy.cfg
- Make haproxy useable for containers
  - Use sysusers.d to create users.
  - Use systemd_ordering instead of requiring systemd.
  - Own vim syntax directory instead of requiring vim. This also
    solves the problem the directory got never removed if vim is
    updated before haproxy.

OBS-URL: https://build.opensuse.org/request/show/774367
OBS-URL: https://build.opensuse.org/package/show/server:http/haproxy?expand=0&rev=213
2020-02-16 08:10:04 +00:00
051439ae93 - Update to version 2.1.3+git0.5c020bbdd:
OBS-URL: https://build.opensuse.org/package/show/server:http/haproxy?expand=0&rev=212
2020-02-12 15:42:47 +00:00
fbc8186248 - Update to version 2.1.2+git0.d5b6759b5:
* [RELEASE] Released version 2.1.2
  * BUILD: ssl: improve SSL_CTX_set_ecdh_auto compatibility
  * BUG/MEDIUM: stream: Be sure to never assign a TCP backend to an HTX stream
  * BUG/MINOR: state-file: do not leak memory on parse errors
  * BUG/MINOR: state-file: do not store duplicates in the global tree
  * BUG/MEDIUM: state-file: do not allocate a full buffer for each server entry
  * BUG/MINOR: ssl: openssl-compat: Fix getm_ defines
  * BUG/MEDIUM: fd/threads: fix a concurrency issue between add and rm on the same fd
  * MINOR: fd/threads: make _GET_NEXT()/_GET_PREV() use the volatile attribute
  * BUG/MEDIUM: ssl: Revamp the way early data are handled.
  * BUG/MAJOR: task: add a new TASK_SHARED_WQ flag to fix foreing requeuing
  * MINOR: task: only check TASK_WOKEN_ANY to decide to requeue a task
  * MINOR: http: add a new "replace-path" action
  * MINOR: debug: support logging to various sinks
  * BUG/MEDIUM: ssl: Don't set the max early data we can receive too early.
  * MINOR: sample: Validate the number of bits for the sha2 converter
  * BUG/MINOR: sample: always check converters' arguments
  * BUG/MINOR: sample: fix the closing bracket and LF in the debug converter
  * DOC: clarify the fact that replace-uri works on a full URI

- drop the udev buildrequires completely

OBS-URL: https://build.opensuse.org/package/show/server:http/haproxy?expand=0&rev=211
2020-02-07 12:48:28 +00:00
Dominique Leuenberger
10ce703ea7 Accepting request 766597 from server:http
OBS-URL: https://build.opensuse.org/request/show/766597
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/haproxy?expand=0&rev=81
2020-01-26 23:21:21 +00:00
Marguerite Su
65d319ff40 Accepting request 766595 from home:dimstar:Factory
- BuildRequire pkgconfig(udev) instead of udev: allow OBS to
  shortcut through the -mini flavors.

OBS-URL: https://build.opensuse.org/request/show/766595
OBS-URL: https://build.opensuse.org/package/show/server:http/haproxy?expand=0&rev=210
2020-01-23 13:14:40 +00:00
Dominique Leuenberger
633d83d76f Accepting request 757905 from server:http
Automatic submission by obs-autosubmit

OBS-URL: https://build.opensuse.org/request/show/757905
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/haproxy?expand=0&rev=80
2019-12-23 21:39:22 +00:00
daef8935ae - Update to version 2.1.1+git0.4ae521379:
* [RELEASE] Released version 2.1.1
  * BUILD/MINOR: unix sockets: silence an absurd gcc warning about strncpy()
  * BUG/MINOR: listener: fix off-by-one in state name check
  * BUG/MINOR: server: make "agent-addr" work on default-server line
  * BUG/MINOR: listener: do not immediately resume on transient error
  * BUG/MINOR: mworker: properly pass SIGTTOU/SIGTTIN to workers
  * BUG/MINOR: log: fix minor resource leaks on logformat error path
  * DOC: remove references to the outdated architecture.txt
  * DOC: proxies: HAProxy only supports 3 connection modes
  * BUG/MINOR: tasks: only requeue a task if it was already in the queue
  * DOC: listeners: add a few missing transitions

OBS-URL: https://build.opensuse.org/package/show/server:http/haproxy?expand=0&rev=209
2019-12-11 17:08:16 +00:00
Dominique Leuenberger
d93710a12c Accepting request 754451 from server:http
- Update to version 2.0.10+git14.7caf150a

OBS-URL: https://build.opensuse.org/request/show/754451
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/haproxy?expand=0&rev=79
2019-12-11 11:02:32 +00:00
9541e980ce - Update to version 2.1.0+git33.8e4a62508:
* BUG/MEDIUM: proto_udp/threads: recv() and send() must not be exclusive.
  * BUG/MAJOR: dns: add minimalist error processing on the Rx path
  * BUG/MEDIUM: kqueue: Make sure we report read events even when no data.
  * DOC: document the listener state transitions
  * BUG/MEDIUM: listener/threads: fix a remaining race in the listener's accept()
  * BUG/MINOR: listener: also clear the error flag on a paused listener
  * BUG/MINOR: listener/threads: always use atomic ops to clear the FD events
  * BUG/MINOR: proxy: make soft_stop() also close FDs in LI_PAUSED state
  * BUG/MEDIUM: mux-fcgi: Handle cases where the HTX EOM block cannot be inserted
  * BUG/MINOR: mux-h1: Be sure to set CS_FL_WANT_ROOM when EOM can't be added

OBS-URL: https://build.opensuse.org/package/show/server:http/haproxy?expand=0&rev=208
2019-12-10 19:29:45 +00:00
3e55266962 - Update to version 2.1.0+git23.e77b108cd:
* BUG/MEDIUM: checks: Make sure we set the task affinity just before connecting.
  * BUG/MEDIUM: tasks: Make sure we switch wait queues in task_set_affinity().

OBS-URL: https://build.opensuse.org/package/show/server:http/haproxy?expand=0&rev=207
2019-12-06 15:44:20 +00:00
4b2faccf62 - Update to version 2.1.0+git21.67ff2112b:
* BUG/MINOR: mux-h1: Fix conditions to know whether or not we may receive data
  * BUG/MINOR: mux-h1: Don't rely on CO_FL_SOCK_RD_SH to set H1C_F_CS_SHUTDOWN
  * BUG/MEDIUM: mux-h1: Never reuse H1 connection if a shutw is pending
  * BUG/MINOR: ssl: certificate choice can be unexpected with openssl >= 1.1.1
  * BUG/MEDIUM: listener/thread: fix a race when pausing a listener
  * BUG/MINOR: ssl/cli: don't overwrite the filters variable
  * BUG/MINOR: stream-int: avoid calling rcv_buf() when splicing is still possible
  * BUG/MEDIUM: stream-int: don't subscribed for recv when we're trying to flush data
  * DOC: move the "group" keyword at the right place
  * DOC: Fix ordered list in summary

- switch to the 2.1 branch
  https://www.haproxy.com/blog/haproxy-2-1/
  https://www.mail-archive.com/haproxy@formilux.org/msg35491.html

OBS-URL: https://build.opensuse.org/package/show/server:http/haproxy?expand=0&rev=206
2019-12-05 15:50:30 +00:00
a3cff431a4 - Update to version 2.0.10+git14.7caf150a:
* BUG/MINOR: mux-h1: Fix conditions to know whether or not we may receive data
  * BUG/MINOR: mux-h1: Don't rely on CO_FL_SOCK_RD_SH to set H1C_F_CS_SHUTDOWN
  * BUG/MEDIUM: mux-h1: Never reuse H1 connection if a shutw is pending
  * BUG/MINOR: ssl: certificate choice can be unexpected with openssl >= 1.1.1
  * BUG/MEDIUM: listener/thread: fix a race when pausing a listener
  * BUG/MINOR: stream-int: avoid calling rcv_buf() when splicing is still possible
  * BUG/MEDIUM: stream-int: don't subscribed for recv when we're trying to flush data
  * DOC: move the "group" keyword at the right place
  * DOC: clarify matching strings on binary fetches
  * DOC: Clarify behavior of server maxconn in HTTP mode

OBS-URL: https://build.opensuse.org/package/show/server:http/haproxy?expand=0&rev=205
2019-12-05 15:38:20 +00:00
b5054175fe - Update to version 2.0.10+git4.6d9a455d:
* BUG/MINOR: http-htx: Don't make http_find_header() fail if the value is empty

OBS-URL: https://build.opensuse.org/package/show/server:http/haproxy?expand=0&rev=204
2019-11-29 13:44:34 +00:00
792a076089 - Update to version 2.0.10+git3.200c6215:
* BUG/MINOR: contrib/prometheus-exporter: decode parameter and value only

OBS-URL: https://build.opensuse.org/package/show/server:http/haproxy?expand=0&rev=203
2019-11-28 16:08:41 +00:00
576cb54390 - Update to version 2.0.10+git2.3a00e5fc:
* BUG/MINOR: contrib/prometheus-exporter: Use HTX errors and not legacy ones
  * BUG/MINOR: stream: init variables when the list is empty

OBS-URL: https://build.opensuse.org/package/show/server:http/haproxy?expand=0&rev=202
2019-11-27 11:53:27 +00:00
Dominique Leuenberger
77c488d77c Accepting request 750840 from server:http
- Update to version 2.0.9+git0.efac87ee (bsc#1154980) (CVE-2019-18277):

OBS-URL: https://build.opensuse.org/request/show/750840
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/haproxy?expand=0&rev=78
2019-11-26 16:01:56 +00:00
2f7b766fc1 - Update to version 2.0.10+git0.ac198b92:
* [RELEASE] Released version 2.0.10
  * SCRIPTS: git-show-backports: add "-s" to proposed cherry-pick commands
  * SCRIPTS: create-release: show the correct origin name in suggested commands
  * BUG/MAJOR: mux-h2: don't try to decode a response HEADERS frame in idle state
  * BUG/MAJOR: h2: make header field name filtering stronger
  * BUG/MAJOR: h2: reject header values containing invalid chars
  * MINOR: ist: add ist_find_ctl()
  * BUG/MINOR: ssl: fix curve setup with LibreSSL
  * BUG/MINOR: cli: fix out of bounds in -S parser
  * DOC: Add documentation about the use-service action
  * DOC: Add missing stats fields in the management manual
  * BUG/MINOR: mux-h1: Adjust header case when chunked encoding is add to a message
  * BUG/MINOR: mux-h1: Fix a UAF in cfg_h1_headers_case_adjust_postparser()
  * MEDIUM: mux-h1: Add the support of headers adjustment for bogus HTTP/1 apps
  * REGTEST: vtest can now enable mcli with its own flag
  * MINOR: stats: Report max times in addition of the averages for sessions
  * BUG/MINOR: stream-int: Fix si_cs_recv() return value
  * MINOR: contrib/prometheus-exporter: Add a param to ignore servers in maintenance
  * MINOR: contrib/prometheus-exporter: filter exported metrics by scope
  * MINOR: contrib/prometheus-exporter: report the number of idle conns per server
  * BUG/MINOR: contrib/prometheus-exporter: Rename some metrics
  * MINOR: contrib/prometheus-exporter: Report metrics about max times for sessions
  * MINOR: counters: Add fields to store the max observed for {q,c,d,t}_time
  * MINOR: stream: Remove the lock on the proxy to update time stats
  * MINOR: freq_ctr: Make the sliding window sums thread-safe
  * BUG/MINOR: http-ana: Properly catch aborts during the payload forwarding
  * BUG/MINOR: mux-h1: Fix tunnel mode detection on the response path
  * BUILD: debug: Avoid warnings in dev mode with -02 because of some BUG_ON tests
  * BUG/MEDIUM: stream-int: Don't loose events on the CS when an EOS is reported
  * BUILD/MINOR: ssl: fix compiler warning about useless statement
  * BUG/MINOR: peers: "peer alive" flag not reset when deconnecting.
  * BUG/MEDIUM: mworker: don't fill the -sf argument with -1 during the reexec

OBS-URL: https://build.opensuse.org/package/show/server:http/haproxy?expand=0&rev=201
2019-11-25 20:12:37 +00:00
Ismail Dönmez
8d13208d60 Fix wrong CVE number
OBS-URL: https://build.opensuse.org/package/show/server:http/haproxy?expand=0&rev=200
2019-11-25 17:33:22 +00:00
Ismail Dönmez
8938e79583 Merge with maintenance changelog
OBS-URL: https://build.opensuse.org/package/show/server:http/haproxy?expand=0&rev=199
2019-11-25 16:52:41 +00:00
Dominique Leuenberger
5faa04e97e Accepting request 750309 from server:http
Add missing CVE information

OBS-URL: https://build.opensuse.org/request/show/750309
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/haproxy?expand=0&rev=77
2019-11-23 23:32:30 +00:00
Ismail Dönmez
83d316d6e2 -
OBS-URL: https://build.opensuse.org/package/show/server:http/haproxy?expand=0&rev=198
2019-11-22 13:55:34 +00:00
Ismail Dönmez
8f23fd1c65 Add missing CVE
OBS-URL: https://build.opensuse.org/package/show/server:http/haproxy?expand=0&rev=197
2019-11-22 13:54:15 +00:00
Dominique Leuenberger
31b9347df5 Accepting request 749635 from server:http
- Update to version 2.0.9+git6.26b7b800:

OBS-URL: https://build.opensuse.org/request/show/749635
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/haproxy?expand=0&rev=76
2019-11-21 11:57:43 +00:00
86577882a0 - Update to version 2.0.9+git6.26b7b800:
* BUG/MINOR: ssl: fix crt-list neg filter for openssl < 1.1.1
  * BUG/MINOR: peers: Wrong null "server_name" data field handling.
  * MINOR: peers: Add debugging information to "show peers".
  * MINOR: peers: Add TX/RX heartbeat counters.
  * MINOR: peers: Alway show the table info for disconnected peers.

OBS-URL: https://build.opensuse.org/package/show/server:http/haproxy?expand=0&rev=196
2019-11-19 14:18:27 +00:00
590a165c90 - Update to version 2.0.9+git1.caf02113:
OBS-URL: https://build.opensuse.org/package/show/server:http/haproxy?expand=0&rev=195
2019-11-19 13:57:11 +00:00
Dominique Leuenberger
020dd47147 Accepting request 735634 from server:http
OBS-URL: https://build.opensuse.org/request/show/735634
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/haproxy?expand=0&rev=75
2019-10-14 10:31:19 +00:00
Marguerite Su
452ad474ed Accepting request 735623 from home:KGronlund:branches:server:http
Update to 2.0.7

OBS-URL: https://build.opensuse.org/request/show/735623
OBS-URL: https://build.opensuse.org/package/show/server:http/haproxy?expand=0&rev=194
2019-10-07 08:34:05 +00:00
Dominique Leuenberger
20f28697bf Accepting request 731949 from server:http
OBS-URL: https://build.opensuse.org/request/show/731949
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/haproxy?expand=0&rev=74
2019-09-24 23:50:23 +00:00
Kristoffer Gronlund
04b5e98275 Accepting request 731948 from home:KGronlund:branches:server:http
- Update to version 2.0.6+git0.58706ab4:
  * [RELEASE] Released version 2.0.6
  * MINOR: sample: Add UUID-fetch
  * BUG/MINOR: Missing stat_field_names (since f21d17bb)
  * BUG/MINOR: backend: Fix a possible null pointer dereference
  * BUG/MINOR: acl: Fix memory leaks when an ACL expression is parsed
  * BUG/MINOR: filters: Properly set the HTTP status code on analysis error
  * BUG/MEDIUM: http: also reject messages where "chunked" is missing from transfer-enoding
  * BUG/MINOR: ssl: always check for ssl connection before getting its XPRT context
  * BUG/MINOR: listener: Fix a possible null pointer dereference
  * MINOR: stats: report the number of idle connections for each server
  * BUG/MEDIUM: connection: don't keep more idle connections than ever needed
  * BUG/MAJOR: ssl: ssl_sock was not fully initialized.
  * BUG/MINOR: lb/leastconn: ignore the server weights for empty servers
  * MINOR: contrib/prometheus-exporter: Report DRAIN/MAINT/NOLB status for servers
  * BUG/MINOR: checks: do not uselessly poll for reads before the connection is up
  * BUG/MINOR: checks: make __event_chk_srv_r() report success before closing
  * BUG/MINOR: checks: start sending the request right after connect()
  * BUG/MINOR: checks: stop polling for write when we have nothing left to send
  * BUG/MEDIUM: cache: Don't cache objects if the size of headers is too big
  * BUG/MEDIUM: cache: Properly copy headers splitted on several shctx blocks
  * BUG/MINOR: mux-h1: Be sure to update the count before adding EOM after trailers
  * BUG/MINOR: mux-h1: Don't stop anymore input processing when the max is reached
  * BUG/MINOR: mux-h1: Fix size evaluation of HTX messages after headers parsing
  * BUG/MINOR: h1: Properly reset h1m when parsing is restarted
  * BUG/MINOR: http-ana: Reset response flags when 1xx messages are handled
  * BUG/MEDIUM: peers: local peer socket not bound.
  * BUG/MEDIUM: proto-http: Always start the parsing if there is no outgoing data
  * BUG/MEDIUM: url32 does not take the path part into account in the returned hash.
  * BUG/MEDIUM: listener/threads: fix an AB/BA locking issue in delete_listener()

OBS-URL: https://build.opensuse.org/request/show/731948
OBS-URL: https://build.opensuse.org/package/show/server:http/haproxy?expand=0&rev=193
2019-09-19 12:20:44 +00:00
Kristoffer Gronlund
f2059c30e6 Accepting request 725263 from home:kukuk:branches:server:http
- Use %license instead of %doc [bsc#1082318]
- Recommend apparmor, it's not required to work (make haproxy useable in a container)

OBS-URL: https://build.opensuse.org/request/show/725263
OBS-URL: https://build.opensuse.org/package/show/server:http/haproxy?expand=0&rev=192
2019-09-19 11:49:19 +00:00
Dominique Leuenberger
983ce48057 Accepting request 726527 from server:http
Automatic submission by obs-autosubmit

OBS-URL: https://build.opensuse.org/request/show/726527
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/haproxy?expand=0&rev=73
2019-09-07 09:26:26 +00:00
530d7f588c - enable prometheus exporter
OBS-URL: https://build.opensuse.org/package/show/server:http/haproxy?expand=0&rev=191
2019-08-20 15:07:03 +00:00
3991d9682a - enable verbose make output
OBS-URL: https://build.opensuse.org/package/show/server:http/haproxy?expand=0&rev=190
2019-08-20 14:06:00 +00:00
0852a3b9d8 - Update to version 2.0.5+git0.d905f49a:
* [RELEASE] Released version 2.0.5
  * BUG/MEDIUM: mux_pt: Don't call unsubscribe if we did not subscribe.
  * MINOR: fd: make sure to mark the thread as not stuck in fd_update_events()
  * BUG/MINOR: stats: Wait the body before processing POST requests
  * BUG/MEDIUM: lua: Fix test on the direction to set the channel exp timeout
  * BUG/MEDIUM: mux_h1: Don't bother subscribing in recv if we're not connected.
  * BUG/MINOR: Fix prometheus '# TYPE' and '# HELP' headers
  * BUG/MINOR: lua: fix setting netfilter mark
  * BUG/MEDIUM: proxy: Don't use cs_destroy() when freeing the conn_stream.
  * BUG/MEDIUM: proxy: Don't forget the SF_HTX flag when upgrading TCP=>H1+HTX.
  * BUG/MINOR: buffers/threads: always clear a buffer's head before releasing it
  * MINOR: ssl: ssl_fc_has_early should work for BoringSSL
  * BUG/MINOR: ssl: fix 0-RTT for BoringSSL
  * BUG/MEDIUM: stick-table: Wrong stick-table backends parsing.
  * [RELEASE] Released version 2.0.4
  * BUG/MEDIUM: checks: make sure to close nicely when we're the last to speak
  * BUG/MINOR: mux-h2: always reset rcvd_s when switching to a new frame
  * BUG/MINOR: mux-h2: always send stream window update before connection's
  * BUG/MEDIUM: mux-h2: do not recheck a frame type after a state transition
  * BUG/MINOR: mux-h2: do not send REFUSED_STREAM on aborted uploads
  * BUG/MINOR: mux-h2: use CANCEL, not STREAM_CLOSED in h2c_frt_handle_data()
  * BUG/MINOR: mux-h2: don't refrain from sending an RST_STREAM after another one
  * BUG/MEDIUM: fd: Always reset the polled_mask bits in fd_dodelete().
  * BUG/MEDIUM: proxy: Make sure to destroy the stream on upgrade from TCP to H2
  * BUG/MEDIUM: mux-h2: split the stream's and connection's window sizes
  * BUG/MEDIUM: mux-h2: unbreak receipt of large DATA frames
  * BUG/MINOR: stream-int: also update analysers timeouts on activity
  * BUG/MAJOR: http/sample: use a static buffer for raw -> htx conversion
  * BUG/MEDIUM: lb-chash: Ensure the tree integrity when server weight is increased

OBS-URL: https://build.opensuse.org/package/show/server:http/haproxy?expand=0&rev=189
2019-08-20 14:02:26 +00:00
Dominique Leuenberger
a9db4bae78 Accepting request 719848 from server:http
OBS-URL: https://build.opensuse.org/request/show/719848
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/haproxy?expand=0&rev=72
2019-07-31 12:30:10 +00:00
Kristoffer Gronlund
52b33deb58 Accepting request 719829 from home:KGronlund:branches:server:http
- Update to version 2.0.3+git14.0ff395c1 (bsc#1142529) (CVE-2019-14241):
  * BUG/MAJOR: queue/threads: avoid an AB/BA locking issue in process_srv_queue()
  * BUG/MINOR: htx: Fix free space addresses calculation during a block expansion
  * BUG/MINOR: hlua: Only execute functions of HTTP class if the txn is HTTP ready
  * MINOR: hlua: Add a flag on the lua txn to know in which context it can be used
  * MINOR: hlua: Don't set request analyzers on response channel for lua actions
  * BUG/MEDIUM: hlua: Check the calling direction in lua functions of the HTTP class
  * BUG/MINOR: hlua/htx: Reset channels analyzers when txn:done() is called
  * DOC: improve the wording in CONTRIBUTING about how to document a bug fix
  * BUG/MINOR: log: make sure writev() is not interrupted on a file output
  * BUG/MEDIUM: streams: Don't switch the SI to SI_ST_DIS if we have data to send.
  * BUG/MEDIUM: lb-chash: Fix the realloc() when the number of nodes is increased
  * BUILD: threads: add the definition of PROTO_LOCK
  * BUG/MINOR: proxy: always lock stop_proxy()
  * BUG/MEDIUM: protocols: add a global lock for the init/deinit stuff
  * [RELEASE] Released version 2.0.3
  * BUG/CRITICAL: http_ana: Fix parsing of malformed cookies which start by a delimiter
  * BUG/MINOR: http_htx: Support empty errorfiles
  * BUG/MINOR: http_ana: Be sure to have an allocated buffer to generate an error
  * BUG/MEDIUM: tcp-checks: do not dereference inexisting conn_stream
  * BUG/MINOR: mux-h1: Close server connection if input data remains in h1_detach()
  * BUG/MEDIUM: mux-h1: Trim excess server data at the end of a transaction
  * BUG/MINOR: checks: do not exit tcp-checks from the middle of the loop
  * BUG/MINOR: session: Send a default HTTP error if accept fails for a H1 socket
  * BUG/MINOR: session: Emit an HTTP error if accept fails only for H1 connection
  * BUG/MINOR: debug: Remove flags CO_FL_SOCK_WR_ENA/CO_FL_SOCK_RD_ENA
  * DOC: htx: Update comments in HTX files
  * BUG/MINOR: hlua: Make the function txn:done() HTX aware
  * BUG/MINOR: cache/htx: Make maxage calculation HTX aware
  * BUG/MINOR: http_htx: Initialize HTX error messages for TCP proxies

OBS-URL: https://build.opensuse.org/request/show/719829
OBS-URL: https://build.opensuse.org/package/show/server:http/haproxy?expand=0&rev=188
2019-07-30 14:49:53 +00:00
Dominique Leuenberger
215237a5b2 Accepting request 714254 from server:http
- Update to version 2.0.1+git27.5db881ff:
  * BUG/MINOR: ssl: revert empty handshake detection in OpenSSL <= 1.0.2
  * BUG/MEDIUM: servers: Don't forget to set srv_cs to NULL if we can't reuse it.
  * BUG/MEDIUM: stream-int: Don't rely on CF_WRITE_PARTIAL to unblock opposite si
  * MINOR: stream-int: Factorize processing done after sending data in si_cs_send()
  * BUG/MINOR: mux-h1: Don't process input or ouput if an error occurred
  * BUG/MEDIUM: mux-h1: Handle TUNNEL state when outgoing messages are formatted
  * BUG/MEDIUM: lb_fas: Don't test the server's lb_tree from outside the lock
  * BUG/MEDIUM: http/applet: Finish request processing when a service is registered
  * MINOR: action: Add the return code ACT_RET_DONE for actions
  * BUG/MINOR: contrib/prometheus-exporter: Don't try to add empty data blocks
  * MINOR: server: Add "no-tfo" option.
  * BUG/MEDIUM: sessions: Don't keep an extra idle connection in sessions.
  * BUG/MEDIUM: servers: Authorize tfo in default-server.
  * BUG/MEDIUM: connections: Make sure we're unsubscribe before upgrading the mux.
  * BUG/MINOR: contrib/prometheus-exporter: Respect the reserve when data are sent
  * BUG/MINOR: hlua/htx: Respect the reserve when HTX data are sent
  * BUG/MEDIUM: channel/htx: Use the total HTX size in channel_htx_recv_limit()
  * BUG/MINOR: hlua: Don't use channel_htx_recv_max()
  * BUG/MINOR: contrib/prometheus-exporter: Don't use channel_htx_recv_max()
  * BUG/MEDIUM: checks: Make sure the tasklet won't run if the connection is closed.
  * BUG/MEDIUM: connections: Always call shutdown, with no linger.
  * BUG/MINOR: mux-h1: Don't return the empty chunk on HEAD responses
  * BUG/MINOR: mux-h1: Skip trailers for non-chunked outgoing messages
  * BUG/MEDIUM: checks: unblock signals in external checks
  * BUG/MEDIUM: mux-h1: Always release H1C if a shutdown for writes was reported
  * BUG/MEDIUM: ssl: Don't attempt to set alpn if we're not using SSL.
  * BUG/MINOR: mworker/cli: don't output a \n before the response
  * BUG/MINOR: mux-h1: Make format errors during output formatting fatal
  * BUG/MEDIUM: mux-h1: Use buf_room_for_htx_data() to detect too large messages

OBS-URL: https://build.opensuse.org/request/show/714254
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/haproxy?expand=0&rev=71
2019-07-11 11:17:17 +00:00
f088b3cf73 clean up servicedata
OBS-URL: https://build.opensuse.org/package/show/server:http/haproxy?expand=0&rev=187
2019-07-09 11:53:39 +00:00
dd9924b71b Accepting request 714216 from home:KGronlund:branches:server:http
- Update to version 2.0.1+git27.5db881ff:
  * BUG/MINOR: ssl: revert empty handshake detection in OpenSSL <= 1.0.2
  * BUG/MEDIUM: servers: Don't forget to set srv_cs to NULL if we can't reuse it.
  * BUG/MEDIUM: stream-int: Don't rely on CF_WRITE_PARTIAL to unblock opposite si
  * MINOR: stream-int: Factorize processing done after sending data in si_cs_send()
  * BUG/MINOR: mux-h1: Don't process input or ouput if an error occurred
  * BUG/MEDIUM: mux-h1: Handle TUNNEL state when outgoing messages are formatted
  * BUG/MEDIUM: lb_fas: Don't test the server's lb_tree from outside the lock
  * BUG/MEDIUM: http/applet: Finish request processing when a service is registered
  * MINOR: action: Add the return code ACT_RET_DONE for actions
  * BUG/MINOR: contrib/prometheus-exporter: Don't try to add empty data blocks
  * MINOR: server: Add "no-tfo" option.
  * BUG/MEDIUM: sessions: Don't keep an extra idle connection in sessions.
  * BUG/MEDIUM: servers: Authorize tfo in default-server.
  * BUG/MEDIUM: connections: Make sure we're unsubscribe before upgrading the mux.
  * BUG/MINOR: contrib/prometheus-exporter: Respect the reserve when data are sent
  * BUG/MINOR: hlua/htx: Respect the reserve when HTX data are sent
  * BUG/MEDIUM: channel/htx: Use the total HTX size in channel_htx_recv_limit()
  * BUG/MINOR: hlua: Don't use channel_htx_recv_max()
  * BUG/MINOR: contrib/prometheus-exporter: Don't use channel_htx_recv_max()
  * BUG/MEDIUM: checks: Make sure the tasklet won't run if the connection is closed.
  * BUG/MEDIUM: connections: Always call shutdown, with no linger.
  * BUG/MINOR: mux-h1: Don't return the empty chunk on HEAD responses
  * BUG/MINOR: mux-h1: Skip trailers for non-chunked outgoing messages
  * BUG/MEDIUM: checks: unblock signals in external checks
  * BUG/MEDIUM: mux-h1: Always release H1C if a shutdown for writes was reported
  * BUG/MEDIUM: ssl: Don't attempt to set alpn if we're not using SSL.
  * BUG/MINOR: mworker/cli: don't output a \n before the response
  * BUG/MINOR: mux-h1: Make format errors during output formatting fatal
  * BUG/MEDIUM: mux-h1: Use buf_room_for_htx_data() to detect too large messages

OBS-URL: https://build.opensuse.org/request/show/714216
OBS-URL: https://build.opensuse.org/package/show/server:http/haproxy?expand=0&rev=186
2019-07-09 11:52:16 +00:00
Kristoffer Gronlund
d8bbfd9540 Accepting request 712629 from home:jengelh:branches:server:http
- Correct version line, which should be 2.0.0+git6.

OBS-URL: https://build.opensuse.org/request/show/712629
OBS-URL: https://build.opensuse.org/package/show/server:http/haproxy?expand=0&rev=185
2019-07-01 06:33:01 +00:00
16c166eb7b - allow the new master socket path in the apparmor profile
OBS-URL: https://build.opensuse.org/package/show/server:http/haproxy?expand=0&rev=184
2019-06-18 12:09:30 +00:00
4a51530556 - Update to version 2.0.0~git6.41dc8432:
* BUG/MEDIUM: htx: Fully update HTX message when the block value is changed
  * MINOR: htx: Add the function htx_change_blk_value_len()
  * BUG/MEDIUM: compression: Set Vary: Accept-Encoding for compressed responses
  * BUG/MINOR: mux-h1: Add the header connection in lower case in outgoing messages
  * BUG/MINOR: lua/htx: Make txn.req_req_* and txn.res_rep_* HTX aware
  * BUG/MEDIUM: h2/htx: Update data length of the HTX when the cookie list is built

OBS-URL: https://build.opensuse.org/package/show/server:http/haproxy?expand=0&rev=183
2019-06-18 12:07:56 +00:00
d7f112bb8f Accepting request 710358 from home:KGronlund:branches:server:http
- Update to version 2.0.0~git0.ba23630a:
  - new internal native HTTP representation called HTX, was already in 1.9
    and is now enabled by default in 2.0 ;
  - end-to-end HTTP/2 support including trailers and continuation frames,
    as needed for gRPC ; HTTP/2 may also be upgraded from HTTP/1.1 using
    the H2 preface;
  - server connection pooling and more advanced reuse, with ALPN protocol
    negotiation (already in 1.9) ;
  - layer 7 retries, allowing to use 0-RTT and TCP Fast Open to the servers
    as well as on the frontend ;
  - much more scalable multi-threading, which is even enabled by default on
    platforms where it was successfully tested ; by default, as many threads
    are started as the number of CPUs haproxy is allowed to run on. This
    removes a lot of configuration burden in VMs and containers ;
  - automatic maxconn setting for the process and the frontends, directly
    based on the number of available FDs (easier configuration in containers
    and with systemd) ;
  - logging to stdout for use in containers and systemd (already in 1.9).
    Logs can now provide micro-second resolution for some events ;
  - peers now support SSL, declaration of multiple stick-tables directly in
    the peers section, and synchronization of server names, not just IDs ;
  - In master-worker mode, the master process now exposes its own CLI and
    can communicate with all other processes (including the stopping ones),
    even allowing to connect to their CLI and check their state. It is also
    possible to start some sidecar programs and monitor them from the master,
    and the master can automatically kill old processes that survived too
    many reloads ;
  - the incoming connections are load-balanced between all threads depending
    on their load to minimize the processing time and maximize the capacity
    (already in 1.9) ;
  - the SPOE connection load-balancing was significantly improved in order
    to reduce high percentiles of SPOA response time (already in 1.9) ;
  - the "random" load balancing algorithm and a power-of-two-choices variant
    were introduced ;
  - statistics improvements with per-thread counters for certain things, and
    a prometheus exporter for all our statistics;
  - lots of debugging help, it's easier to produce a core dump, there are
    new commands on the CLI to control various things, there is a watchdog
    to fail cleanly when a thread deadlock or a spinning task are detected,
    so overall it should provide a better experience in field and less
    round trips between users and developers (hence less stress during an
    incident).
  - all 3 device detection engines are now compatible with multi-threading
    and can be build-tested without any external dependencies ;
  - "do-resolve" http-request action to perform a DNS resolution on any,
    sample, and resolvers now support relying on /etc/resolv.conf to match
    the local resolver ;
  - log sampling and balancing : it's now possible to send 1 log every 10
    to a server, or to spread the logging load over multiple log servers;
  - a new SPOA agent (spoa_server) allows to interface haproxy with Python
    and Lua programs ;
  - support for Solaris' event ports (equivalent of kqueue or epoll) which
    will significantly improve the performance there when dealing with
    numerous connections ;
  - some warnings are now reported for some deprecated options that will
    be removed in 2.1. Since 2.0 is long term supported, there's no
    emergency to convert them, however if you see these warnings, you
    need to understand that you're among their extremely rare users and
    just because of this you may be taking risks by keeping them ;
  - A new SOCKS4 server-side layer was provided ; it allows outgoing
    connections to be forwarded through a SOCKS4 proxy (such as ssh -D).
  - priority- and latency- aware server queues : it is possible now to
    assign priorities to certain requests and/or to give them a time
    bonus or penalty to refine control of the traffic and be able to
    engage on SLAs.
  - internally the architecture was significantly redesigned to allow to
    further improve performance and make it easier to implement protocols
    that span over multiple layers (such as QUIC). This work started in
    1.9 and will continue with 2.1.
  - the I/O, applets and tasks now share the same multi-threaded scheduler,
    giving a much better responsiveness and fairness between all tasks as
    is visible with the CLI which always responds instantly even under
    extreme loads (started in 1.9) ;
  - the internal buffers were redesigned to ease zero-copy operations, so
    that it is possible to sustain a high bandwidth even when forwarding
    HTTP/1 to/from HTTP/2 (already in 1.9) ;

OBS-URL: https://build.opensuse.org/request/show/710358
OBS-URL: https://build.opensuse.org/package/show/server:http/haproxy?expand=0&rev=182
2019-06-17 17:09:24 +00:00