- Update to version 3.0.1+git0.471a1b2f1:
* [RELEASE] Released version 3.0.1
* BUG/MINOR: mux-h1: Use the right variable to set NEGO_FF_FL_EXACT_SIZE flag
* BUG/MAJOR: mux-h1: Properly copy chunked input data during zero-copy nego
* BUG/MEDIUM: stconn/mux-h1: Fix suspect change causing timeouts
* BUG/MINOR: quic: ensure Tx buf is always purged
* BUG/MINOR: quic: fix computed length of emitted STREAM frames
* BUG/MEDIUM: ssl: bad auth selection with TLS1.2 and WolfSSL
* BUG/MEDIUM: ssl: wrong priority whem limiting ECDSA ciphers in ECDSA+RSA configuration
* BUG/MEDIUM: mux-quic: Don't unblock zero-copy fwding if blocked during nego
* CLEANUP: hlua: simplify ambiguous lua_insert() usage in hlua_ctx_resume()
* BUG/MINOR: hlua: fix leak in hlua_ckch_set() error path
* BUG/MINOR: hlua: prevent LJMP in hlua_traceback()
* BUG/MINOR: hlua: fix unsafe hlua_pusherror() usage
* BUG/MINOR: hlua: don't use lua_pushfstring() when we don't expect LJMP
* CLEANUP: hlua: use hlua_pusherror() where relevant
* BUG/MINOR: quic: prevent crash on qc_kill_conn()
* BUG/MEDIUM: mux-quic: Unblock zero-copy forwarding if the txbuf can be released
* MEDIUM: stconn: Be able to unblock zero-copy data forwarding from done_fastfwd
* BUG/MEDIUM: h1-htx: Don't state interim responses are bodyless
* BUG/MINOR: hlua: use CertCache.set() from various hlua contexts
* DOC: configuration: add an example for keywords from crt-store
* BUG/MINOR: tools: fix possible null-deref in env_expand() on out-of-memory
* BUG/MINOR: tcpcheck: report correct error in tcp-check rule parser
* BUG/MINOR: cfgparse: remove the correct option on httpcheck send-state warning
OBS-URL: https://build.opensuse.org/request/show/1179720
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/haproxy?expand=0&rev=144
* [RELEASE] Released version 3.0.1
* BUG/MINOR: mux-h1: Use the right variable to set NEGO_FF_FL_EXACT_SIZE flag
* BUG/MAJOR: mux-h1: Properly copy chunked input data during zero-copy nego
* BUG/MEDIUM: stconn/mux-h1: Fix suspect change causing timeouts
* BUG/MINOR: quic: ensure Tx buf is always purged
* BUG/MINOR: quic: fix computed length of emitted STREAM frames
* BUG/MEDIUM: ssl: bad auth selection with TLS1.2 and WolfSSL
* BUG/MEDIUM: ssl: wrong priority whem limiting ECDSA ciphers in ECDSA+RSA configuration
* BUG/MEDIUM: mux-quic: Don't unblock zero-copy fwding if blocked during nego
* CLEANUP: hlua: simplify ambiguous lua_insert() usage in hlua_ctx_resume()
* BUG/MINOR: hlua: fix leak in hlua_ckch_set() error path
* BUG/MINOR: hlua: prevent LJMP in hlua_traceback()
* BUG/MINOR: hlua: fix unsafe hlua_pusherror() usage
* BUG/MINOR: hlua: don't use lua_pushfstring() when we don't expect LJMP
* CLEANUP: hlua: use hlua_pusherror() where relevant
* BUG/MINOR: quic: prevent crash on qc_kill_conn()
* BUG/MEDIUM: mux-quic: Unblock zero-copy forwarding if the txbuf can be released
* MEDIUM: stconn: Be able to unblock zero-copy data forwarding from done_fastfwd
* BUG/MEDIUM: h1-htx: Don't state interim responses are bodyless
* BUG/MINOR: hlua: use CertCache.set() from various hlua contexts
* DOC: configuration: add an example for keywords from crt-store
* BUG/MINOR: tools: fix possible null-deref in env_expand() on out-of-memory
* BUG/MINOR: tcpcheck: report correct error in tcp-check rule parser
* BUG/MINOR: cfgparse: remove the correct option on httpcheck send-state warning
OBS-URL: https://build.opensuse.org/package/show/server:http/haproxy?expand=0&rev=305
- Update to version 2.9.3+git0.de3ab549a:
* [RELEASE] Released version 2.9.3
* BUG/MEDIUM: quic: keylog callback not called (USE_OPENSSL_COMPAT)
* BUG/MINOR: mux-h2: also count streams for refused ones
* BUG/MINOR: mux-quic: do not prevent non-STREAM sending on flow control
* BUILD: quic: missing include for quic_tp
* [RELEASE] Released version 2.9.2
* DOC: configuration: corrected description of keyword tune.ssl.ocsp-update.mindelay
* REGTESTS: add a test to ensure map-ordering is preserved
* BUG/MINOR: map: list-based matching potential ordering regression
* CLEANUP: quic: Double quic_dgram_parse() prototype declaration.
* MINOR: ssl: Update ssl_fc_curve/ssl_bc_curve to use SSL_get0_group_name
* MINOR: ot: logsrv struct becomes logger
* MINOR: mux-h2: support limiting the total number of H2 streams per connection
* BUG/MEDIUM: spoe: Never create new spoe applet if there is no server up
* BUG/MEDIUM: stconn: Set fsb date if zero-copy forwarding is blocked during nego
* BUG/MEDIUM: stconn: Forward shutdown on write timeout only if it is forwardable
* BUG/MEDIUM: h3: fix incorrect snd_buf return value
* BUILD: quic: Missing quic_ssl.h header protection
* CLEANUP: quic: Remaining useless code into server part
* REGTESTS: check attach-srv out of order declaration
* MINOR: debug: add features and build options to "show dev"
* MINOR: global: export a way to list build options
* CI: use semantic version compare for determing "latest" OpenSSL
* BUG/MINOR: h3: disable fast-forward on buffer alloc failure
* BUG/MINOR: h3: close connection on sending alloc errors
* BUG/MINOR: h3: properly handle alloc failure on finalize
* MINOR: h3: add traces for connection init stage
* BUG/MINOR: h3: close connection on header list too big
* MINOR: h3: check connection error during sending
OBS-URL: https://build.opensuse.org/request/show/1141253
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/haproxy?expand=0&rev=140
- Update to version 2.9.1+git0.f72603ceb:
* [RELEASE] Released version 2.9.1
* DOC: config: also add arguments to the converters in the table
* DOC: config: add arguments to sample fetch methods in the table
* BUG/MEDIUM: mux-quic: report early error on stream
* BUG/MEDIUM: mux-h2: Report too large HEADERS frame only when rxbuf is empty
* CLEANUP: mux-h1: Fix a trace message about C-L header addition
* BUG/MEDIUM: mux-h1: Explicitly skip request's C-L header if not set originally
* BUG/MEDIUM: mux-h1: Cound data from input buf during zero-copy forwarding
* BUG/MEDIUM: stconn: Block zero-copy forwarding if EOS/ERROR on consumer side
* BUG/MEDIUM: quic: QUIC CID removed from tree without locking
* MINOR: version: mention that it's stable now
* BUG/MINOR: ext-check: cannot use without preserve-env
* BUG/MEDIUM: map/acl: pat_ref_{set,delete}_by_id regressions
* BUILD: ssl: update types in wolfssl cert selection callback
* BUG/MEDIUM: quic: Possible buffer overflow when building TLS records
* BUG/MINOR: mworker/cli: fix set severity-output support
* DOC: configuration: typo req.ssl_hello_type
* BUG/MINOR: lua: Wrong OCSP CID after modifying an SSL certficate (LUA)
* BUG/MINOR: ssl: Wrong OCSP CID after modifying an SSL certficate
* MINOR: ssl/cli: Add ha_(warning|alert) msgs to CLI ckch callback
* BUG/MINOR: ssl: Double free of OCSP Certificate ID
OBS-URL: https://build.opensuse.org/request/show/1137606
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/haproxy?expand=0&rev=139
- Update to version 2.9.1+git0.f72603ceb:
* [RELEASE] Released version 2.9.1
* DOC: config: also add arguments to the converters in the table
* DOC: config: add arguments to sample fetch methods in the table
* BUG/MEDIUM: mux-quic: report early error on stream
* BUG/MEDIUM: mux-h2: Report too large HEADERS frame only when rxbuf is empty
* CLEANUP: mux-h1: Fix a trace message about C-L header addition
* BUG/MEDIUM: mux-h1: Explicitly skip request's C-L header if not set originally
* BUG/MEDIUM: mux-h1: Cound data from input buf during zero-copy forwarding
* BUG/MEDIUM: stconn: Block zero-copy forwarding if EOS/ERROR on consumer side
* BUG/MEDIUM: quic: QUIC CID removed from tree without locking
* MINOR: version: mention that it's stable now
* BUG/MINOR: ext-check: cannot use without preserve-env
* BUG/MEDIUM: map/acl: pat_ref_{set,delete}_by_id regressions
* BUILD: ssl: update types in wolfssl cert selection callback
* BUG/MEDIUM: quic: Possible buffer overflow when building TLS records
* BUG/MINOR: mworker/cli: fix set severity-output support
* DOC: configuration: typo req.ssl_hello_type
* BUG/MINOR: lua: Wrong OCSP CID after modifying an SSL certficate (LUA)
* BUG/MINOR: ssl: Wrong OCSP CID after modifying an SSL certficate
* MINOR: ssl/cli: Add ha_(warning|alert) msgs to CLI ckch callback
* BUG/MINOR: ssl: Double free of OCSP Certificate ID
OBS-URL: https://build.opensuse.org/request/show/1133468
OBS-URL: https://build.opensuse.org/package/show/server:http/haproxy?expand=0&rev=297
- Update to version 2.9.0+git0.fddb8c13b:
* [RELEASE] Released version 2.9.0
* DOC: management: update stream vs session
* BUG/MEDIUM: peers: fix partial message decoding
* DOC: management: fix two latest typos (optionally, exception)
* DOC: config: fix typo abandonned -> abandoned
* DOC: config: clarify session vs stream
* DOC: config: add a few more differences between HTTP/1 and 2+
* DOC: config: update the reminder on the HTTP model and add some terminology
* MINOR: mux-quic: Disable zero-copy forwarding for send by default
* MINOR: mux-quic: Add global option to enable/disable zero-copy forwarding
0001-IMPORT-xxhash-update-xxHash-to-version-0.8.2.patch
- reenable the pcre jit after the last change
- use parallel build
- Ensure haproxy home directory is not world readable (bsc#1077716)
- Add dependency on apparmor-profiles (bsc#1079985)
- License is now GPL-3.0+ and LGPL-2.1+
- 0006-BUG-MAJOR-frontend-initialize-capture-pointers-earli.patch
- 0006-BUG-MAJOR-frontend-initialize-capture-pointers-earli.patch
- 0001-BUG-MEDIUM-systemd-set-KillMode-to-mixed.patch
- Install vim file to a more appropriate location
- added pre macro for systemd service file
OBS-URL: https://build.opensuse.org/request/show/1132452
OBS-URL: https://build.opensuse.org/package/show/server:http/haproxy?expand=0&rev=295
- Update to version 2.7.5+git0.8d230219e:
* [RELEASE] Released version 2.7.5
* OPTIM: mux-h1: limit first read size to avoid wrapping
* BUG/MAJOR: qpack: fix possible read out of bounds in static table
* BUG/MINOR: sock_unix: match finalname with tempname in sock_unix_addrcmp()
* BUG/MINOR: protocol: fix minor memory leak in protocol_bind_all()
* BUG/MINOR: proto_ux: report correct error when bind_listener fails
* BUG/MEDIUM: spoe: Don't set the default traget for the SPOE agent frontend
* BUG/MINOR: mux-h2: Fix possible null pointer deref on h2c in _h2_trace_header()
* MEDIUM: mux-h2/trace: add tracing support for headers
* MINOR: h2: add h2_phdr_to_ist() to make ISTs from pseudo headers
* MEDIUM: bwlim: Support constants limit or period on set-bandwidth-limit actions
* BUG/MEDIUM: listener: duplicate inherited FDs if needed
* BUG/MINOR: quic: Missing STREAM frame data pointer updates
* BUG/MINOR: mux-h2: set CO_SFL_STREAMER when sending lots of data
* BUG/MEDIUM: mux-h2: only restart sending when mux buffer is decongested
* MINOR: buffer: add br_single() to check if a buffer ring has more than one buf
* BUG/MINOR: mux-h2: make sure the h2c task exists before refreshing it
* BUG/MEDIUM: connection: Preserve flags when a conn is removed from an idle list
* BUG/MINOR: quic: Missing STREAM frame length updates
* BUG/MINOR: tcp_sample: fix a bug in fc_dst_port and fc_dst_is_local sample fetches
* BUG/MEDIUM: mux-h1: Don't block SE_FL_ERROR if EOS is not reported on H1C
* DEBUG: ssl-sock/show_fd: Display SSL error code
* DEBUG: cli/show_fd: Display connection error code
* BUG/MEDIUM: resolvers: Properly stop server resolutions on soft-stop
* BUG/MEDIUM: proxy: properly stop backends on soft-stop
* BUG/MINOR: mux-h1: Don't report an H1C error on client timeout
* BUG/MEDIUM: mux-pt: Set EOS on error on sending path if read0 was received
OBS-URL: https://build.opensuse.org/request/show/1072696
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/haproxy?expand=0&rev=128
* [RELEASE] Released version 2.7.5
* OPTIM: mux-h1: limit first read size to avoid wrapping
* BUG/MAJOR: qpack: fix possible read out of bounds in static table
* BUG/MINOR: sock_unix: match finalname with tempname in sock_unix_addrcmp()
* BUG/MINOR: protocol: fix minor memory leak in protocol_bind_all()
* BUG/MINOR: proto_ux: report correct error when bind_listener fails
* BUG/MEDIUM: spoe: Don't set the default traget for the SPOE agent frontend
* BUG/MINOR: mux-h2: Fix possible null pointer deref on h2c in _h2_trace_header()
* MEDIUM: mux-h2/trace: add tracing support for headers
* MINOR: h2: add h2_phdr_to_ist() to make ISTs from pseudo headers
* MEDIUM: bwlim: Support constants limit or period on set-bandwidth-limit actions
* BUG/MEDIUM: listener: duplicate inherited FDs if needed
* BUG/MINOR: quic: Missing STREAM frame data pointer updates
* BUG/MINOR: mux-h2: set CO_SFL_STREAMER when sending lots of data
* BUG/MEDIUM: mux-h2: only restart sending when mux buffer is decongested
* MINOR: buffer: add br_single() to check if a buffer ring has more than one buf
* BUG/MINOR: mux-h2: make sure the h2c task exists before refreshing it
* BUG/MEDIUM: connection: Preserve flags when a conn is removed from an idle list
* BUG/MINOR: quic: Missing STREAM frame length updates
* BUG/MINOR: tcp_sample: fix a bug in fc_dst_port and fc_dst_is_local sample fetches
* BUG/MEDIUM: mux-h1: Don't block SE_FL_ERROR if EOS is not reported on H1C
* DEBUG: ssl-sock/show_fd: Display SSL error code
* DEBUG: cli/show_fd: Display connection error code
* BUG/MEDIUM: resolvers: Properly stop server resolutions on soft-stop
* BUG/MEDIUM: proxy: properly stop backends on soft-stop
* BUG/MINOR: mux-h1: Don't report an H1C error on client timeout
* BUG/MEDIUM: mux-pt: Set EOS on error on sending path if read0 was received
OBS-URL: https://build.opensuse.org/package/show/server:http/haproxy?expand=0&rev=279
- Update to version 2.6.5+git0.987a4e248:
* [RELEASE] Released version 2.6.5
* BUG/MINOR: http-act: initialize http fmt head earlier
* MINOR: debug: report applet pointer and handler in crashes when known
* DEBUG: stream: minor rearrangement of a few fields in struct stream.
* BUG/MINOR: mux-fcgi: fix the "show fd" dest buffer for the subscriber
* BUG/MINOR: mux-h1: fix the "show fd" dest buffer for the subscriber
* BUG/MINOR: mux-h2: fix the "show fd" dest buffer for the subscriber
* BUG/MINOR: httpclient: keep-alive was accidentely disabled
* BUG/MEDIUM: httpclient: always detach the caller before self-killing
* BUG/MINOR: h2: properly set the direction flag on HTX response
* BUG/MINOR: quic: Frames leak during retransmissions
* MINOR: quic: Trace typo fix in qc_release_frm()
* MINOR: quic: Add TX frames addresses to traces to several trace events
* BUG/MINOR: quic: Do not ack when probing
* MINOR: backend: always satisfy the first req reuse rule with l7 retries
* BUG/MEDIUM: mux-h1: always use RST to kill idle connections in pools
* REGTESTS: http_request_buffer: Add a barrier to not mix up log messages
* BUG/MINOR: regex: Properly handle PCRE2 lib compiled without JIT support
* BUILD: debug: make sure debug macros are never empty
* CLEANUP: exclude haring with .gitignore
* DEV: haring: support remapping LF in contents with CR VT
* DEV: haring: add a simple utility to read file-backed rings
* MINOR: sink/ring: rotate non-empty file-backed contents only
* MINOR: ring: archive a previous file-backed ring on startup
* BUILD: sink: replace S_IRUSR, S_IWUSR with their octal value
* MINOR: ring: add support for a backing-file
* MINOR: ring: support creating a ring from a linear area
* BUILD: ring: forward-declare struct appctx to avoid a build warning
* BUG/MINOR: ssl: leak of ckch_inst_link in ckch_inst_free() v2
OBS-URL: https://build.opensuse.org/request/show/1004374
OBS-URL: https://build.opensuse.org/package/show/server:http/haproxy?expand=0&rev=270
- Update to version 2.6.2+git0.16a3646fd:
* [RELEASE] Released version 2.6.2
* BUG/MINOR: backend: Fallback on RR algo if balance on source is impossible
* BUILD: quic: fix anonymous union for gcc-4.4
* BUG/MEDIUM: stconn: Only reset connect expiration when processing backend side
* BUILD: add detection for unsupported compiler models
* BUG/MEDIUM: mworker: proc_self incorrectly set crashes upon reload
* BUG/MAJOR: mux_quic: fix invalid PROTOCOL_VIOLATION on POST data overlap
* BUG/MINOR: mworker/cli: relative pid prefix not validated anymore
* BUG/MINOR: quic: do not send CONNECTION_CLOSE_APP in initial/handshake
* BUG/MINOR: tools: fix statistical_prng_range()'s output range
* BUG/MINOR: ssl: allow duplicate certificates in ca-file directories
* BUG/MINOR: resolvers: shut off the warning for the default resolvers
* MINOR: resolvers: resolvers_destroy() deinit and free a resolver
* BUG/MEDIUM: tools: avoid calling dlsym() in static builds (try 2)
* BUILD: makefile: Fix install(1) handling for OpenBSD/NetBSD/Solaris/AIX
* BUG/MEDIUM: tools: avoid calling dlsym() in static builds
* BUG/MINOR: debug: enter ha_panic() only once
* BUG/MEDIUM: cli/threads: make "show threads" more robust on applets
* BUG/MINOR: quic: fix closing state on NO_ERROR code sent
* BUG/MEDIUM: mux-quic: fix server chunked encoding response
* CLEANUP: h2: Typo fix in h2_unsubcribe() traces
* MINOR: qpack: properly handle invalid dynamic table references
* MINOR: h3: handle errors on HEADERS parsing/QPACK decoding
* MINOR: h3: add h3c pointer into h3s instance
* BUG/MINOR: mux-quic: do not signal FIN if gap in buffer
* MINOR: ncbuf: implement ncb_is_fragmented()
* MINOR: quic: Increase the QUIC connections RX buffer size (upto 64Kb)
* MINOR: quic: Improvements for the datagrams receipt
* MINOR: task: Add tasklet_wakeup_after()
OBS-URL: https://build.opensuse.org/request/show/991595
OBS-URL: https://build.opensuse.org/package/show/server:http/haproxy?expand=0&rev=267
- Update to version 2.6.1+git0.f6ca66d44:
* [RELEASE] Released version 2.6.1
* REGTESTS: ssl: add the same cert for client/server
* BUG/MEDIUM: mworker: use default maxconn in wait mode
* BUG/MINOR: quic: Acknowledgement must be forced during handshake
* BUG/MEDIUM: ssl/cli: crash when crt inserted into a crt-list
* BUG/MINOR: quic: free rejected Rx packets
* BUG/MINOR: quic: purge conn Rx packet list on release
* BUG/MINOR: quic_stats: Duplicate "quic_streams_data_blocked_bidi" field name
* BUG/MINOR: quic: Unexpected half open connection counter wrapping
* BUG/MINOR: log: Properly test connection retries to fix dontlog-normal option
* MINOR: stream: Rely on stconn flags to abort stream destructive upgrade
* BUG/MEDIUM: stream: Properly handle destructive client connection upgrades
* BUG/MINOR: task: fix thread assignment in tasklet_kill()
* BUG/MINOR: quic: Wrong PTO calculation
* BUG/MINOR: quic: Stop hardcoding Retry packet Version field
* BUG/BUILD: h3: fix wrong label name
* BUG/MINOR: h3/qpack: deal with too many headers
* MINOR: qpack: add comments and remove a useless trace
* BUG/MINOR: qpack: support header litteral name decoding
* BUG/MEDIUM: mux-quic: fix segfault on flow-control frame cleanup
* BUG/MEDIUM: cli: Notify cli applet won't consume data during request processing
* BUG/MEDIUM: stconn: Don't wakeup applet for send if it won't consume data
* BUG/MINOR: tcp-rules: Make action call final on read error and delay expiration
* BUG/MINOR: mux-quic: fix memleak on frames rejected by transport
* BUG/MEDIUM: mux-quic: fix flow control connection Tx level
* BUG/MINOR: cli/stats: add missing trailing LF after "show info json"
* BUG/MINOR: server: do not enable DNS resolution on disabled proxies
* BUG/MINOR: cli/stats: add missing trailing LF after JSON outputs
* BUG/MINOR: h3: fix frame type definition
* REGTESTS: healthcheckmail: Relax health-check failure condition
* REGTESTS: healthcheckmail: Update the test to be functionnal again
* BUG/MINOR: checks: Properly handle email alerts in trace messages
* BUG/MINOR: trace: Test server existence for health-checks to get proxy
* BUG/MEDIUM: mailers: Set the object type for check attached to an email alert
* BUILD: compiler: implement unreachable for older compilers too
* REGTESTS: restrict_req_hdr_names: Extend supported versions
* REGTESTS: http_abortonclose: Extend supported versions
* BUG/MINOR: ssl_ckch: Fix possible uninitialized value in show_crlfile I/O handler
* BUG/MINOR: ssl_ckch: Fix possible uninitialized value in show_cafile I/O handler
* BUG/MINOR: ssl_ckch: Fix possible uninitialized value in show_cert I/O handler
* BUG/MINOR: ssl_ckch: Init right field when parsing "commit ssl crl-file" cmd
* BUG/MINOR: ssl_ckch: Dump cert transaction only once if show command yield
* BUG/MINOR: ssl_ckch: Dump CA transaction only once if show command yield
* BUG/MINOR: ssl_ckch: Dump CRL transaction only once if show command yield
* BUG/MINOR: ssl_ckch: Use right type for old entry in show_crlfile_ctx
* REGTESTS: http_request_buffer: Increase client timeout to wait "slow" clients
* REGTESTS: abortonclose: Add a barrier to not mix up log messages
* MEDIUM: httpclient: Don't close CLI applet at the end of a response
* MEDIUM: http-ana: Always report rewrite failures as PRXCOND in logs
* BUG/MEDIUM: httpclient: Rework CLI I/O handler to handle full buffer cases
* BUG/MEDIUM: httpclient: Don't remove HTX header blocks before duplicating them
* BUG/MEDIUM: ssl/crt-list: Rework 'add ssl crt-list' to handle full buffer cases
* BUG/MEDIUM: ssl_ckch: Rework 'commit ssl ca-file' to handle full buffer cases
* BUG/MEDIUM: ssl_ckch: Rework 'commit ssl cert' to handle full buffer cases
* BUG/MINOR: ssl_ckch: Don't duplicate path when replacing a CA/CRL entry
* BUG/MINOR: ssl_ckch: Don't duplicate path when replacing a cert entry
* BUG/MEDIUM: ssl_ckch: Don't delete CA/CRL entry if it is being modified
* BUG/MEDIUM: ssl_ckch: Don't delete a cert entry if it is being modified
* BUG/MINOR: ssl_ckch: Free error msg if commit changes on a CA/CRL entry fails
* BUG/MINOR: ssl_ckch: Free error msg if commit changes on a cert entry fails
OBS-URL: https://build.opensuse.org/request/show/988057
OBS-URL: https://build.opensuse.org/package/show/server:http/haproxy?expand=0&rev=266
* [RELEASE] Released version 2.5.4
* BUG/MEDIUM: stream: Abort processing if response buffer allocation fails
* CI: github: enable pool debugging by default
* REGTESTS: fix the race conditions in 40be_2srv_odd_health_checks
* BUG/MINOR: proxy: preset the error message pointer to NULL in parse_new_proxy()
* DOC: Fix usage/examples of deprecated ACLs
* BUG/MAJOR: mux-h2: Be sure to always report HTX parsing error to the app layer
* BUG/MEDIUM: mux-h1: Don't wake h1s if mux is blocked on lack of output buffer
* BUG/MEDIUM: htx: Be sure to have a buffer to perform a raw copy of a message
OBS-URL: https://build.opensuse.org/package/show/server:http/haproxy?expand=0&rev=261
* [RELEASE] Released version 2.4.4
* Revert "BUG/MINOR: stream-int: Don't block reads in si_update_rx() if chn may receive"
* BUG/MAJOR: htx: fix missing header name length check in htx_add_header/trailer
* CLEANUP: htx: remove comments about "must be < 256 MB"
* BUG/MINOR: config: reject configs using HTTP with bufsize >= 256 MB
* DOC: configuration: remove wrong tcp-request examples in tcp-response
* BUG/MINOR: vars: fix set-var/unset-var exclusivity in the keyword parser
* CLEANUP: Add missing include guard to signal.h
* BUG/MINOR: tools: Fix loop condition in dump_text()
* BUG/MINOR threads: Use get_(local|gm)time instead of (local|gm)time
* BUG/MINOR: ebtree: remove dependency on incorrect macro for bits per long
* MINOR: time: add report_idle() to report process-wide idle time
* BUG/MINOR: time: fix idle time computation for long sleeps
* BUG/MINOR: lua: use strlcpy2() not strncpy() to copy sample keywords
* MINOR: compiler: implement an ONLY_ONCE() macro
* BUG/MINOR: base64: base64urldec() ignores padding in output size check
* BUG/MEDIUM: base64: check output boundaries within base64{dec,urldec}
* BUG/MINOR: stick-table: fix the sc-set-gpt* parser when using expressions
* MINOR: hlua: take the global Lua lock inside a global function
* REGTESTS: abortonclose: after retries, 503 is expected, not close
* REGTESTS: http_upgrade: fix incorrect expectation on TCP->H1->H2
* BUG/MEDIUM: h2: match absolute-path not path-absolute for :path
OBS-URL: https://build.opensuse.org/package/show/server:http/haproxy?expand=0&rev=249
* BUILD: backend: fix build breakage in idle conn locking fix
* [RELEASE] Released version 2.3.9
* BUG/MEDIUM: time: make sure to always initialize the global tick
* BUG/MINOR: stats: Apply proper styles in HTML status page.
* BUG/MINOR: payload: Wait for more data if buffer is empty in payload/payload_lv
* MEDIUM: backend: use a trylock to grab a connection on high FD counts as well
* BUG/MEDIUM: mux-h1: make h1_shutw_conn() idempotent
OBS-URL: https://build.opensuse.org/package/show/server:http/haproxy?expand=0&rev=242
* [RELEASE] Released version 2.3.4
* MINOR: contrib/prometheus-exporter: use fill_info for process dump
* MINOR: contrib/prometheus-exporter: avoid connection close header
* BUG/MINOR: init: enforce strict-limits when using master-worker
* BUG/MINOR: check: Don't perform any check on servers defined in a frontend
* BUG/MINOR: sample: Memory leak of sample_expr structure in case of error
* Revert "BUG/MINOR: dns: SRV records ignores duplicated AR records"
* MINOR: reg-tests: add base prometheus test
* BUG/MINOR: reg-tests: fix service dependency script
* BUG/MINOR: sample: check alloc_trash_chunk return value in concat()
* MINOR: reg-tests: add a way to add service dependency
OBS-URL: https://build.opensuse.org/package/show/server:http/haproxy?expand=0&rev=236
* [RELEASE] Released version 2.3.2
* BUG/MINOR: http-fetch: Fix smp_fetch_body() when called from a health-check
* DOC: config: Move req.hdrs and req.hdrs_bin in L7 samples fetches section
* BUG/MAJOR: tcpcheck: Allocate input and output buffers from the buffer pool
* MINOR: tcpcheck: Don't handle anymore in-progress send rules in tcpcheck_main
* BUG/MINOR: tcpcheck: Don't forget to reset tcp-check flags on new kind of check
* DOC: Clarify %HP description in log-format
* DOC: better document the config file format and escaping/quoting rules
* BUG/MAJOR: peers: fix partial message decoding
* BUG/MEDIUM: http_act: Restore init of log-format list
* BUILD: Show the value of DEBUG= in haproxy -vv
* BUILD: Make DEBUG part of .build_opts
* MINOR: http_act: Add -m flag for del-header name matching method
* REGTESTS: converter: add url_dec test
* REGTESTS: Add sample_fetches/cook.vtc
* DOC: cache: Add new caching limitation information
* MEDIUM: cache: Change caching conditions
* BUG/MAJOR: filters: Always keep all offsets up to date during data filtering
* DOC: better describes how to configure a fallback crt
* BUG/MINOR: http_htx: Fix searching headers by substring
* BUG/MAJOR: connection: reset conn->owner when detaching from session list
* CLEANUP: connection: do not use conn->owner when the session is known
* DOC: clarify how to create a fallback crt
* BUILD: makefile: enable crypt(3) for OpenBSD
* BUG/MEDIUM: ssl/crt-list: fix error when no file found
* BUG/MINOR: ssl/crt-list: load bundle in crt-list only if activated
* BUG/MEDIUM: ssl: error when no certificate are found
* BUG/MEDIUM: ssl/crt-list: bundle support broken in crt-list
* BUG/MEDIUM: http-ana: Don't eval http-after-response ruleset on empty messages
OBS-URL: https://build.opensuse.org/package/show/server:http/haproxy?expand=0&rev=234
* [RELEASE] Released version 2.3.1
* REGTEST: make ssl_client_samples and ssl_server_samples require to 2.2
* MINOR: peers: Add traces to peer_treat_updatemsg().
* REGTEST: ssl: mark reg-tests/ssl/ssl_crt-list_filters.vtc as broken
* REGTEST: ssl: test wildcard and multi-type + exclusions
* MINOR: cfgparse: tighten the scope of newnameserver variable, free it on error.
* MINOR: config/mux-h2: Return ERR_ flags from init_h2() instead of a status
* MINOR: init: Fix the prototype for per-thread free callbacks
* BUG/MINOR: tcpcheck: Don't warn on unused rules if check option is after
* MINOR: spoe: Don't close connection in sync mode on processing timeout
* BUG/MAJOR: spoe: Be sure to remove all references on a released spoe applet
* BUG/MINOR: http-htx: Handle warnings when parsing http-error and http-errors
* MINOR: check: report error on incompatible connect proto
* MINOR: check: report error on incompatible proto
* BUG/MEDIUM: check: reuse srv proto only if using same mode
* BUG/MINOR: http-fetch: Fix calls w/o parentheses of the cookie sample fetches
* BUG/MINOR: http-fetch: Extract cookie value even when no cookie name
* BUG/MEDIUM: peers: fix decoding of multi-byte length in stick-table messages
* BUG/MINOR: peers: Missing TX cache entries reset.
* BUG/MINOR: peers: Do not ignore a protocol error for dictionary entries.
* BUG/MINOR: stats: free dynamically stats fields/lines on shutdown
* BUG/MINOR: lua: set buffer size during map lookups
* BUG/MINOR: pattern: a sample marked as const could be written
OBS-URL: https://build.opensuse.org/package/show/server:http/haproxy?expand=0&rev=233
- use parallel build
- Update to version 2.2.4+git0.de456726d:
* [RELEASE] Released version 2.2.4
* REGTEST: make map_regm_with_backref require 1.7
* REGTEST: make abns_socket.vtc require 1.8
* REGTEST: make agent-check.vtc require 1.8
* REGTEST: fix host part in balance-uri-path-only.vtc
* BUG/MINOR: ssl/crt-list: exit on warning out of crtlist_parse_line()
* DOC: agent-check: fix typo in "fail" word expected reply
* REGTESTS: use "command" instead of "which" for better POSIX compatibility
* BUILD: trace: include tools.h
* BUG/MEDIUM: listeners: do not pause foreign listeners
* REGTESTS: add a few load balancing tests
* MINOR: backend: add a new "path-only" option to "balance uri"
* MINOR: backend: make the "whole" option of balance uri take only one bit
* MINOR: h2/trace: also display the remaining frame length in traces
* BUG/MINOR: Fix memory leaks cfg_parse_peers
* BUG/MEDIUM: h2: report frame bits only for handled types
* BUG/MINOR: config: Fix memory leak on config parse listen
* BUG/MINOR: http-fetch: Don't set the sample type during the htx prefetch
* BUG/MINOR: h2/trace: do not display "stream error" after a frame ACK
* BUG/MINOR: ssl/crt-list: crt-list could end without a \n
* BUG/MEDIUM: ssl: Don't call ssl_sock_io_cb() directly.
* BUG/MINOR: server: report correct error message for invalid port on "socks4"
* BUG/MINOR: ssl: verifyhost is case sensitive
* BUG/MINOR: Fix type passed of sizeof() for calloc()
* BUG/MEDIUM: pattern: Renew the pattern expression revision when it is pruned
* BUILD: threads: better workaround for late loading of libgcc_s
OBS-URL: https://build.opensuse.org/request/show/839173
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/haproxy?expand=0&rev=92
- Update to version 2.2.2+git0.b8a2763d5:
* [RELEASE] Released version 2.2.2
* BUG/MEDIUM: tcp-checks: always attach the transport before installing the mux
* BUG/MEDIUM: backend: always attach the transport before installing the mux
* SCRIPTS: announce-release: add the link to the wiki in the announce messages
* MINOR: stream-int: Be sure to have a mux to do sends and receives
* MINOR: connection: Preinstall the mux for non-ssl connect
* BUG/MEDIUM: connection: Be sure to always install a mux for sync connect
* BUG/MINOR: tcp-rules: Set the inspect-delay when a tcp-response action yields
* BUG/MINOR: tcp-rules: Preserve the right filter analyser on content eval abort
* BUG/MINOR: lua: Abort execution of actions that yield on a final evaluation
* BUG/MEDIUM: dns: Don't yield in do-resolve action on a final evaluation
* MEDIUM: lua: Add support for the Lua 5.4
* BUG/MAJOR: dns: don't treat Authority records as an error
* BUG/MAJOR: dns: fix null pointer dereference in snr_update_srv_status
* BUG/MINOR: debug: Don't dump the lua stack if it is not initialized
* BUILD: tools: fix build with static only toolchains
* BUG/MINOR: mux-fcgi: Don't url-decode the QUERY_STRING parameter anymore
OBS-URL: https://build.opensuse.org/request/show/823717
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/haproxy?expand=0&rev=90
* [RELEASE] Released version 2.2.2
* BUG/MEDIUM: tcp-checks: always attach the transport before installing the mux
* BUG/MEDIUM: backend: always attach the transport before installing the mux
* SCRIPTS: announce-release: add the link to the wiki in the announce messages
* MINOR: stream-int: Be sure to have a mux to do sends and receives
* MINOR: connection: Preinstall the mux for non-ssl connect
* BUG/MEDIUM: connection: Be sure to always install a mux for sync connect
* BUG/MINOR: tcp-rules: Set the inspect-delay when a tcp-response action yields
* BUG/MINOR: tcp-rules: Preserve the right filter analyser on content eval abort
* BUG/MINOR: lua: Abort execution of actions that yield on a final evaluation
* BUG/MEDIUM: dns: Don't yield in do-resolve action on a final evaluation
* MEDIUM: lua: Add support for the Lua 5.4
* BUG/MAJOR: dns: don't treat Authority records as an error
* BUG/MAJOR: dns: fix null pointer dereference in snr_update_srv_status
* BUG/MINOR: debug: Don't dump the lua stack if it is not initialized
* BUILD: tools: fix build with static only toolchains
* BUG/MINOR: mux-fcgi: Don't url-decode the QUERY_STRING parameter anymore
OBS-URL: https://build.opensuse.org/package/show/server:http/haproxy?expand=0&rev=223
- Update to version 2.2.1+git0.0ef71a557:
* [RELEASE] Released version 2.2.1
* BUG/MEDIUM: http-ana: Only set CF_EXPECT_MORE flag on data filtering
* BUG/MEDIUM: stream-int: Don't set MSG_MORE flag if no more data are expected
* BUG/MINOR: htx: add two missing HTX_FL_EOI and remove an unexpected one
* MEDIUM: htx: Add a flag on a HTX message when no more data are expected
* BUG/MEDIUM: dns: Release answer items when a DNS resolution is freed
* BUG/MAJOR: dns: Make the do-resolve action thread-safe
* BUG/MAJOR: tasks: don't requeue global tasks into the local queue
* BUG/MEDIUM: resolve: fix init resolving for ring and peers section.
* BUG/MEDIUM: arg: empty args list must be dropped
* DOC: ssl: req_ssl_sni needs implicit TLS
* BUILD: config: fix again bugs gcc warnings on calloc
* BUG/MAJOR: tasks: make sure to always lock the shared wait queue if needed
* BUILD: config: address build warning on raspbian+rpi4
* BUG/MEDIUM: channel: Be aware of SHUTW_NOW flag when output data are peeked
* BUG/MEDIUM: server: fix possibly uninitialized state file on close
* BUG/MEDIUM: server: resolve state file handle leak on reload
* BUG/MEDIUM: fcgi-app: fix memory leak in fcgi_flt_http_headers
* BUG/MEDIUM: log: issue mixing sampled to not sampled log servers.
* BUG/MINOR: mux-fcgi: Set flags on the right stream field for empty FCGI_STDOUT
* BUG/MINOR: mux-fcgi: Set conn state to RECORD_P when skipping the record padding
* BUG/MINOR: mux-fcgi: Handle empty STDERR record
* BUG/MEDIUM: mux-h1: Continue to process request when switching in tunnel mode
* BUG/MEDIUM: mux-fcgi: Don't add private connections in available connection list
* BUG/MEDIUM: mux-h2: Don't add private connections in available connection list
* CONTRIB: da: fix memory leak in dummy function da_atlas_open()
* BUG/MEDIUM: lists: add missing store barrier in MT_LIST_ADD/MT_LIST_ADDQ
* BUG/MEDIUM: lists: add missing store barrier on MT_LIST_BEHEAD()
* BUG/MINOR: sample: Free str.area in smp_check_const_meth
OBS-URL: https://build.opensuse.org/request/show/822445
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/haproxy?expand=0&rev=89
* [RELEASE] Released version 2.2.1
* BUG/MEDIUM: http-ana: Only set CF_EXPECT_MORE flag on data filtering
* BUG/MEDIUM: stream-int: Don't set MSG_MORE flag if no more data are expected
* BUG/MINOR: htx: add two missing HTX_FL_EOI and remove an unexpected one
* MEDIUM: htx: Add a flag on a HTX message when no more data are expected
* BUG/MEDIUM: dns: Release answer items when a DNS resolution is freed
* BUG/MAJOR: dns: Make the do-resolve action thread-safe
* BUG/MAJOR: tasks: don't requeue global tasks into the local queue
* BUG/MEDIUM: resolve: fix init resolving for ring and peers section.
* BUG/MEDIUM: arg: empty args list must be dropped
* DOC: ssl: req_ssl_sni needs implicit TLS
* BUILD: config: fix again bugs gcc warnings on calloc
* BUG/MAJOR: tasks: make sure to always lock the shared wait queue if needed
* BUILD: config: address build warning on raspbian+rpi4
* BUG/MEDIUM: channel: Be aware of SHUTW_NOW flag when output data are peeked
* BUG/MEDIUM: server: fix possibly uninitialized state file on close
* BUG/MEDIUM: server: resolve state file handle leak on reload
* BUG/MEDIUM: fcgi-app: fix memory leak in fcgi_flt_http_headers
* BUG/MEDIUM: log: issue mixing sampled to not sampled log servers.
* BUG/MINOR: mux-fcgi: Set flags on the right stream field for empty FCGI_STDOUT
* BUG/MINOR: mux-fcgi: Set conn state to RECORD_P when skipping the record padding
* BUG/MINOR: mux-fcgi: Handle empty STDERR record
* BUG/MEDIUM: mux-h1: Continue to process request when switching in tunnel mode
* BUG/MEDIUM: mux-fcgi: Don't add private connections in available connection list
* BUG/MEDIUM: mux-h2: Don't add private connections in available connection list
* CONTRIB: da: fix memory leak in dummy function da_atlas_open()
* BUG/MEDIUM: lists: add missing store barrier in MT_LIST_ADD/MT_LIST_ADDQ
* BUG/MEDIUM: lists: add missing store barrier on MT_LIST_BEHEAD()
* BUG/MINOR: sample: Free str.area in smp_check_const_meth
OBS-URL: https://build.opensuse.org/package/show/server:http/haproxy?expand=0&rev=222
- Update to version 2.2.0+git0.3a00c915f:
https://www.haproxy.com/blog/announcing-haproxy-2-2/
* [RELEASE] Released version 2.2.0
* MINOR: version: mention that it's an LTS release now
* DOC: minor update to coding style file
* DOC: update INSTALL with new compiler versions
* CLEANUP: ssl: remove unrelevant comment in smp_fetch_ssl_x_keylog()
* DOC: configuration: remove obsolete mentions of H2 being converted to HTTP/1.x
* BUG/MINOR: connection: See new connection as available only on reuse always
* BUG/MEDIUM: connection: Don't consider new private connections as available
* BUG/MINOR: backend: Remove CO_FL_SESS_IDLE if a client remains on the last server
* MINOR: mux-h1: Improve traces about the splicing
- refreshed patches to apply cleanly again:
haproxy-1.6.0-makefile_lib.patch
haproxy-1.6.0-sec-options.patch
- track series file in source rpm
OBS-URL: https://build.opensuse.org/request/show/819260
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/haproxy?expand=0&rev=88
https://www.haproxy.com/blog/announcing-haproxy-2-2/
* [RELEASE] Released version 2.2.0
* MINOR: version: mention that it's an LTS release now
* DOC: minor update to coding style file
* DOC: update INSTALL with new compiler versions
* CLEANUP: ssl: remove unrelevant comment in smp_fetch_ssl_x_keylog()
* DOC: configuration: remove obsolete mentions of H2 being converted to HTTP/1.x
* BUG/MINOR: connection: See new connection as available only on reuse always
* BUG/MEDIUM: connection: Don't consider new private connections as available
* BUG/MINOR: backend: Remove CO_FL_SESS_IDLE if a client remains on the last server
* MINOR: mux-h1: Improve traces about the splicing
- refreshed patches to apply cleanly again:
haproxy-1.6.0-makefile_lib.patch
haproxy-1.6.0-sec-options.patch
- track series file in source rpm
OBS-URL: https://build.opensuse.org/package/show/server:http/haproxy?expand=0&rev=221
- Update to version 2.1.7+git0.8bebf80fb:
* [RELEASE] Released version 2.1.7
- Update to version 2.1.6+git1.661c88907:
* BUG/MAJOR: http-htx: Don't forget to copy error messages from defaults sections
- Update to version 2.1.6+git0.34db76106:
* [RELEASE] Released version 2.1.6
* BUG/MINOR: mworker: fix a memleak when execvp() failed
* BUG/MINOR: ssl: fix a trash buffer leak in some error cases
* BUG/MEDIUM: mworker: fix the reload with an -- option
* BUG/MINOR: init: -S can have a parameter starting with a dash
* BUG/MINOR: init: -x can have a parameter starting with a dash
* BUG/MEDIUM: mworker: fix the copy of options in copy_argv()
* BUG/MEDIUM: contrib/prometheus-exporter: Properly set flags to dump metrics
* BUG/MEDIUM: hlua: Lock pattern references to perform set/add/del operations
* BUG/MEDIUM: http-htx: Duplicate error messages as raw data instead of string
* BUG/MEDIUM: lua: Reset analyse expiration timeout before executing a lua action
* BUG/MINOR: peers: fix internal/network key type mapping.
* SCRIPTS: publish-release: pass -n to gzip to remove timestamp
* Revert "BUG/MEDIUM: connections: force connections cleanup on server changes"
OBS-URL: https://build.opensuse.org/request/show/813045
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/haproxy?expand=0&rev=87
* [RELEASE] Released version 2.1.6
* BUG/MINOR: mworker: fix a memleak when execvp() failed
* BUG/MINOR: ssl: fix a trash buffer leak in some error cases
* BUG/MEDIUM: mworker: fix the reload with an -- option
* BUG/MINOR: init: -S can have a parameter starting with a dash
* BUG/MINOR: init: -x can have a parameter starting with a dash
* BUG/MEDIUM: mworker: fix the copy of options in copy_argv()
* BUG/MEDIUM: contrib/prometheus-exporter: Properly set flags to dump metrics
* BUG/MEDIUM: hlua: Lock pattern references to perform set/add/del operations
* BUG/MEDIUM: http-htx: Duplicate error messages as raw data instead of string
* BUG/MEDIUM: lua: Reset analyse expiration timeout before executing a lua action
* BUG/MINOR: peers: fix internal/network key type mapping.
* SCRIPTS: publish-release: pass -n to gzip to remove timestamp
* Revert "BUG/MEDIUM: connections: force connections cleanup on server changes"
OBS-URL: https://build.opensuse.org/package/show/server:http/haproxy?expand=0&rev=218
* [RELEASE] Released version 2.1.2
* BUILD: ssl: improve SSL_CTX_set_ecdh_auto compatibility
* BUG/MEDIUM: stream: Be sure to never assign a TCP backend to an HTX stream
* BUG/MINOR: state-file: do not leak memory on parse errors
* BUG/MINOR: state-file: do not store duplicates in the global tree
* BUG/MEDIUM: state-file: do not allocate a full buffer for each server entry
* BUG/MINOR: ssl: openssl-compat: Fix getm_ defines
* BUG/MEDIUM: fd/threads: fix a concurrency issue between add and rm on the same fd
* MINOR: fd/threads: make _GET_NEXT()/_GET_PREV() use the volatile attribute
* BUG/MEDIUM: ssl: Revamp the way early data are handled.
* BUG/MAJOR: task: add a new TASK_SHARED_WQ flag to fix foreing requeuing
* MINOR: task: only check TASK_WOKEN_ANY to decide to requeue a task
* MINOR: http: add a new "replace-path" action
* MINOR: debug: support logging to various sinks
* BUG/MEDIUM: ssl: Don't set the max early data we can receive too early.
* MINOR: sample: Validate the number of bits for the sha2 converter
* BUG/MINOR: sample: always check converters' arguments
* BUG/MINOR: sample: fix the closing bracket and LF in the debug converter
* DOC: clarify the fact that replace-uri works on a full URI
- drop the udev buildrequires completely
OBS-URL: https://build.opensuse.org/package/show/server:http/haproxy?expand=0&rev=211
* [RELEASE] Released version 2.1.1
* BUILD/MINOR: unix sockets: silence an absurd gcc warning about strncpy()
* BUG/MINOR: listener: fix off-by-one in state name check
* BUG/MINOR: server: make "agent-addr" work on default-server line
* BUG/MINOR: listener: do not immediately resume on transient error
* BUG/MINOR: mworker: properly pass SIGTTOU/SIGTTIN to workers
* BUG/MINOR: log: fix minor resource leaks on logformat error path
* DOC: remove references to the outdated architecture.txt
* DOC: proxies: HAProxy only supports 3 connection modes
* BUG/MINOR: tasks: only requeue a task if it was already in the queue
* DOC: listeners: add a few missing transitions
OBS-URL: https://build.opensuse.org/package/show/server:http/haproxy?expand=0&rev=209
* BUG/MEDIUM: proto_udp/threads: recv() and send() must not be exclusive.
* BUG/MAJOR: dns: add minimalist error processing on the Rx path
* BUG/MEDIUM: kqueue: Make sure we report read events even when no data.
* DOC: document the listener state transitions
* BUG/MEDIUM: listener/threads: fix a remaining race in the listener's accept()
* BUG/MINOR: listener: also clear the error flag on a paused listener
* BUG/MINOR: listener/threads: always use atomic ops to clear the FD events
* BUG/MINOR: proxy: make soft_stop() also close FDs in LI_PAUSED state
* BUG/MEDIUM: mux-fcgi: Handle cases where the HTX EOM block cannot be inserted
* BUG/MINOR: mux-h1: Be sure to set CS_FL_WANT_ROOM when EOM can't be added
OBS-URL: https://build.opensuse.org/package/show/server:http/haproxy?expand=0&rev=208
* BUG/MINOR: mux-h1: Fix conditions to know whether or not we may receive data
* BUG/MINOR: mux-h1: Don't rely on CO_FL_SOCK_RD_SH to set H1C_F_CS_SHUTDOWN
* BUG/MEDIUM: mux-h1: Never reuse H1 connection if a shutw is pending
* BUG/MINOR: ssl: certificate choice can be unexpected with openssl >= 1.1.1
* BUG/MEDIUM: listener/thread: fix a race when pausing a listener
* BUG/MINOR: ssl/cli: don't overwrite the filters variable
* BUG/MINOR: stream-int: avoid calling rcv_buf() when splicing is still possible
* BUG/MEDIUM: stream-int: don't subscribed for recv when we're trying to flush data
* DOC: move the "group" keyword at the right place
* DOC: Fix ordered list in summary
- switch to the 2.1 branch
https://www.haproxy.com/blog/haproxy-2-1/https://www.mail-archive.com/haproxy@formilux.org/msg35491.html
OBS-URL: https://build.opensuse.org/package/show/server:http/haproxy?expand=0&rev=206
* BUG/MINOR: mux-h1: Fix conditions to know whether or not we may receive data
* BUG/MINOR: mux-h1: Don't rely on CO_FL_SOCK_RD_SH to set H1C_F_CS_SHUTDOWN
* BUG/MEDIUM: mux-h1: Never reuse H1 connection if a shutw is pending
* BUG/MINOR: ssl: certificate choice can be unexpected with openssl >= 1.1.1
* BUG/MEDIUM: listener/thread: fix a race when pausing a listener
* BUG/MINOR: stream-int: avoid calling rcv_buf() when splicing is still possible
* BUG/MEDIUM: stream-int: don't subscribed for recv when we're trying to flush data
* DOC: move the "group" keyword at the right place
* DOC: clarify matching strings on binary fetches
* DOC: Clarify behavior of server maxconn in HTTP mode
OBS-URL: https://build.opensuse.org/package/show/server:http/haproxy?expand=0&rev=205
* [RELEASE] Released version 2.0.10
* SCRIPTS: git-show-backports: add "-s" to proposed cherry-pick commands
* SCRIPTS: create-release: show the correct origin name in suggested commands
* BUG/MAJOR: mux-h2: don't try to decode a response HEADERS frame in idle state
* BUG/MAJOR: h2: make header field name filtering stronger
* BUG/MAJOR: h2: reject header values containing invalid chars
* MINOR: ist: add ist_find_ctl()
* BUG/MINOR: ssl: fix curve setup with LibreSSL
* BUG/MINOR: cli: fix out of bounds in -S parser
* DOC: Add documentation about the use-service action
* DOC: Add missing stats fields in the management manual
* BUG/MINOR: mux-h1: Adjust header case when chunked encoding is add to a message
* BUG/MINOR: mux-h1: Fix a UAF in cfg_h1_headers_case_adjust_postparser()
* MEDIUM: mux-h1: Add the support of headers adjustment for bogus HTTP/1 apps
* REGTEST: vtest can now enable mcli with its own flag
* MINOR: stats: Report max times in addition of the averages for sessions
* BUG/MINOR: stream-int: Fix si_cs_recv() return value
* MINOR: contrib/prometheus-exporter: Add a param to ignore servers in maintenance
* MINOR: contrib/prometheus-exporter: filter exported metrics by scope
* MINOR: contrib/prometheus-exporter: report the number of idle conns per server
* BUG/MINOR: contrib/prometheus-exporter: Rename some metrics
* MINOR: contrib/prometheus-exporter: Report metrics about max times for sessions
* MINOR: counters: Add fields to store the max observed for {q,c,d,t}_time
* MINOR: stream: Remove the lock on the proxy to update time stats
* MINOR: freq_ctr: Make the sliding window sums thread-safe
* BUG/MINOR: http-ana: Properly catch aborts during the payload forwarding
* BUG/MINOR: mux-h1: Fix tunnel mode detection on the response path
* BUILD: debug: Avoid warnings in dev mode with -02 because of some BUG_ON tests
* BUG/MEDIUM: stream-int: Don't loose events on the CS when an EOS is reported
* BUILD/MINOR: ssl: fix compiler warning about useless statement
* BUG/MINOR: peers: "peer alive" flag not reset when deconnecting.
* BUG/MEDIUM: mworker: don't fill the -sf argument with -1 during the reexec
OBS-URL: https://build.opensuse.org/package/show/server:http/haproxy?expand=0&rev=201
* BUG/MINOR: ssl: fix crt-list neg filter for openssl < 1.1.1
* BUG/MINOR: peers: Wrong null "server_name" data field handling.
* MINOR: peers: Add debugging information to "show peers".
* MINOR: peers: Add TX/RX heartbeat counters.
* MINOR: peers: Alway show the table info for disconnected peers.
OBS-URL: https://build.opensuse.org/package/show/server:http/haproxy?expand=0&rev=196
- Update to version 2.0.6+git0.58706ab4:
* [RELEASE] Released version 2.0.6
* MINOR: sample: Add UUID-fetch
* BUG/MINOR: Missing stat_field_names (since f21d17bb)
* BUG/MINOR: backend: Fix a possible null pointer dereference
* BUG/MINOR: acl: Fix memory leaks when an ACL expression is parsed
* BUG/MINOR: filters: Properly set the HTTP status code on analysis error
* BUG/MEDIUM: http: also reject messages where "chunked" is missing from transfer-enoding
* BUG/MINOR: ssl: always check for ssl connection before getting its XPRT context
* BUG/MINOR: listener: Fix a possible null pointer dereference
* MINOR: stats: report the number of idle connections for each server
* BUG/MEDIUM: connection: don't keep more idle connections than ever needed
* BUG/MAJOR: ssl: ssl_sock was not fully initialized.
* BUG/MINOR: lb/leastconn: ignore the server weights for empty servers
* MINOR: contrib/prometheus-exporter: Report DRAIN/MAINT/NOLB status for servers
* BUG/MINOR: checks: do not uselessly poll for reads before the connection is up
* BUG/MINOR: checks: make __event_chk_srv_r() report success before closing
* BUG/MINOR: checks: start sending the request right after connect()
* BUG/MINOR: checks: stop polling for write when we have nothing left to send
* BUG/MEDIUM: cache: Don't cache objects if the size of headers is too big
* BUG/MEDIUM: cache: Properly copy headers splitted on several shctx blocks
* BUG/MINOR: mux-h1: Be sure to update the count before adding EOM after trailers
* BUG/MINOR: mux-h1: Don't stop anymore input processing when the max is reached
* BUG/MINOR: mux-h1: Fix size evaluation of HTX messages after headers parsing
* BUG/MINOR: h1: Properly reset h1m when parsing is restarted
* BUG/MINOR: http-ana: Reset response flags when 1xx messages are handled
* BUG/MEDIUM: peers: local peer socket not bound.
* BUG/MEDIUM: proto-http: Always start the parsing if there is no outgoing data
* BUG/MEDIUM: url32 does not take the path part into account in the returned hash.
* BUG/MEDIUM: listener/threads: fix an AB/BA locking issue in delete_listener()
OBS-URL: https://build.opensuse.org/request/show/731948
OBS-URL: https://build.opensuse.org/package/show/server:http/haproxy?expand=0&rev=193
* [RELEASE] Released version 2.0.5
* BUG/MEDIUM: mux_pt: Don't call unsubscribe if we did not subscribe.
* MINOR: fd: make sure to mark the thread as not stuck in fd_update_events()
* BUG/MINOR: stats: Wait the body before processing POST requests
* BUG/MEDIUM: lua: Fix test on the direction to set the channel exp timeout
* BUG/MEDIUM: mux_h1: Don't bother subscribing in recv if we're not connected.
* BUG/MINOR: Fix prometheus '# TYPE' and '# HELP' headers
* BUG/MINOR: lua: fix setting netfilter mark
* BUG/MEDIUM: proxy: Don't use cs_destroy() when freeing the conn_stream.
* BUG/MEDIUM: proxy: Don't forget the SF_HTX flag when upgrading TCP=>H1+HTX.
* BUG/MINOR: buffers/threads: always clear a buffer's head before releasing it
* MINOR: ssl: ssl_fc_has_early should work for BoringSSL
* BUG/MINOR: ssl: fix 0-RTT for BoringSSL
* BUG/MEDIUM: stick-table: Wrong stick-table backends parsing.
* [RELEASE] Released version 2.0.4
* BUG/MEDIUM: checks: make sure to close nicely when we're the last to speak
* BUG/MINOR: mux-h2: always reset rcvd_s when switching to a new frame
* BUG/MINOR: mux-h2: always send stream window update before connection's
* BUG/MEDIUM: mux-h2: do not recheck a frame type after a state transition
* BUG/MINOR: mux-h2: do not send REFUSED_STREAM on aborted uploads
* BUG/MINOR: mux-h2: use CANCEL, not STREAM_CLOSED in h2c_frt_handle_data()
* BUG/MINOR: mux-h2: don't refrain from sending an RST_STREAM after another one
* BUG/MEDIUM: fd: Always reset the polled_mask bits in fd_dodelete().
* BUG/MEDIUM: proxy: Make sure to destroy the stream on upgrade from TCP to H2
* BUG/MEDIUM: mux-h2: split the stream's and connection's window sizes
* BUG/MEDIUM: mux-h2: unbreak receipt of large DATA frames
* BUG/MINOR: stream-int: also update analysers timeouts on activity
* BUG/MAJOR: http/sample: use a static buffer for raw -> htx conversion
* BUG/MEDIUM: lb-chash: Ensure the tree integrity when server weight is increased
OBS-URL: https://build.opensuse.org/package/show/server:http/haproxy?expand=0&rev=189
- Update to version 2.0.3+git14.0ff395c1 (bsc#1142529) (CVE-2019-14241):
* BUG/MAJOR: queue/threads: avoid an AB/BA locking issue in process_srv_queue()
* BUG/MINOR: htx: Fix free space addresses calculation during a block expansion
* BUG/MINOR: hlua: Only execute functions of HTTP class if the txn is HTTP ready
* MINOR: hlua: Add a flag on the lua txn to know in which context it can be used
* MINOR: hlua: Don't set request analyzers on response channel for lua actions
* BUG/MEDIUM: hlua: Check the calling direction in lua functions of the HTTP class
* BUG/MINOR: hlua/htx: Reset channels analyzers when txn:done() is called
* DOC: improve the wording in CONTRIBUTING about how to document a bug fix
* BUG/MINOR: log: make sure writev() is not interrupted on a file output
* BUG/MEDIUM: streams: Don't switch the SI to SI_ST_DIS if we have data to send.
* BUG/MEDIUM: lb-chash: Fix the realloc() when the number of nodes is increased
* BUILD: threads: add the definition of PROTO_LOCK
* BUG/MINOR: proxy: always lock stop_proxy()
* BUG/MEDIUM: protocols: add a global lock for the init/deinit stuff
* [RELEASE] Released version 2.0.3
* BUG/CRITICAL: http_ana: Fix parsing of malformed cookies which start by a delimiter
* BUG/MINOR: http_htx: Support empty errorfiles
* BUG/MINOR: http_ana: Be sure to have an allocated buffer to generate an error
* BUG/MEDIUM: tcp-checks: do not dereference inexisting conn_stream
* BUG/MINOR: mux-h1: Close server connection if input data remains in h1_detach()
* BUG/MEDIUM: mux-h1: Trim excess server data at the end of a transaction
* BUG/MINOR: checks: do not exit tcp-checks from the middle of the loop
* BUG/MINOR: session: Send a default HTTP error if accept fails for a H1 socket
* BUG/MINOR: session: Emit an HTTP error if accept fails only for H1 connection
* BUG/MINOR: debug: Remove flags CO_FL_SOCK_WR_ENA/CO_FL_SOCK_RD_ENA
* DOC: htx: Update comments in HTX files
* BUG/MINOR: hlua: Make the function txn:done() HTX aware
* BUG/MINOR: cache/htx: Make maxage calculation HTX aware
* BUG/MINOR: http_htx: Initialize HTX error messages for TCP proxies
OBS-URL: https://build.opensuse.org/request/show/719829
OBS-URL: https://build.opensuse.org/package/show/server:http/haproxy?expand=0&rev=188
- Update to version 2.0.1+git27.5db881ff:
* BUG/MINOR: ssl: revert empty handshake detection in OpenSSL <= 1.0.2
* BUG/MEDIUM: servers: Don't forget to set srv_cs to NULL if we can't reuse it.
* BUG/MEDIUM: stream-int: Don't rely on CF_WRITE_PARTIAL to unblock opposite si
* MINOR: stream-int: Factorize processing done after sending data in si_cs_send()
* BUG/MINOR: mux-h1: Don't process input or ouput if an error occurred
* BUG/MEDIUM: mux-h1: Handle TUNNEL state when outgoing messages are formatted
* BUG/MEDIUM: lb_fas: Don't test the server's lb_tree from outside the lock
* BUG/MEDIUM: http/applet: Finish request processing when a service is registered
* MINOR: action: Add the return code ACT_RET_DONE for actions
* BUG/MINOR: contrib/prometheus-exporter: Don't try to add empty data blocks
* MINOR: server: Add "no-tfo" option.
* BUG/MEDIUM: sessions: Don't keep an extra idle connection in sessions.
* BUG/MEDIUM: servers: Authorize tfo in default-server.
* BUG/MEDIUM: connections: Make sure we're unsubscribe before upgrading the mux.
* BUG/MINOR: contrib/prometheus-exporter: Respect the reserve when data are sent
* BUG/MINOR: hlua/htx: Respect the reserve when HTX data are sent
* BUG/MEDIUM: channel/htx: Use the total HTX size in channel_htx_recv_limit()
* BUG/MINOR: hlua: Don't use channel_htx_recv_max()
* BUG/MINOR: contrib/prometheus-exporter: Don't use channel_htx_recv_max()
* BUG/MEDIUM: checks: Make sure the tasklet won't run if the connection is closed.
* BUG/MEDIUM: connections: Always call shutdown, with no linger.
* BUG/MINOR: mux-h1: Don't return the empty chunk on HEAD responses
* BUG/MINOR: mux-h1: Skip trailers for non-chunked outgoing messages
* BUG/MEDIUM: checks: unblock signals in external checks
* BUG/MEDIUM: mux-h1: Always release H1C if a shutdown for writes was reported
* BUG/MEDIUM: ssl: Don't attempt to set alpn if we're not using SSL.
* BUG/MINOR: mworker/cli: don't output a \n before the response
* BUG/MINOR: mux-h1: Make format errors during output formatting fatal
* BUG/MEDIUM: mux-h1: Use buf_room_for_htx_data() to detect too large messages
OBS-URL: https://build.opensuse.org/request/show/714254
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/haproxy?expand=0&rev=71
- Update to version 2.0.1+git27.5db881ff:
* BUG/MINOR: ssl: revert empty handshake detection in OpenSSL <= 1.0.2
* BUG/MEDIUM: servers: Don't forget to set srv_cs to NULL if we can't reuse it.
* BUG/MEDIUM: stream-int: Don't rely on CF_WRITE_PARTIAL to unblock opposite si
* MINOR: stream-int: Factorize processing done after sending data in si_cs_send()
* BUG/MINOR: mux-h1: Don't process input or ouput if an error occurred
* BUG/MEDIUM: mux-h1: Handle TUNNEL state when outgoing messages are formatted
* BUG/MEDIUM: lb_fas: Don't test the server's lb_tree from outside the lock
* BUG/MEDIUM: http/applet: Finish request processing when a service is registered
* MINOR: action: Add the return code ACT_RET_DONE for actions
* BUG/MINOR: contrib/prometheus-exporter: Don't try to add empty data blocks
* MINOR: server: Add "no-tfo" option.
* BUG/MEDIUM: sessions: Don't keep an extra idle connection in sessions.
* BUG/MEDIUM: servers: Authorize tfo in default-server.
* BUG/MEDIUM: connections: Make sure we're unsubscribe before upgrading the mux.
* BUG/MINOR: contrib/prometheus-exporter: Respect the reserve when data are sent
* BUG/MINOR: hlua/htx: Respect the reserve when HTX data are sent
* BUG/MEDIUM: channel/htx: Use the total HTX size in channel_htx_recv_limit()
* BUG/MINOR: hlua: Don't use channel_htx_recv_max()
* BUG/MINOR: contrib/prometheus-exporter: Don't use channel_htx_recv_max()
* BUG/MEDIUM: checks: Make sure the tasklet won't run if the connection is closed.
* BUG/MEDIUM: connections: Always call shutdown, with no linger.
* BUG/MINOR: mux-h1: Don't return the empty chunk on HEAD responses
* BUG/MINOR: mux-h1: Skip trailers for non-chunked outgoing messages
* BUG/MEDIUM: checks: unblock signals in external checks
* BUG/MEDIUM: mux-h1: Always release H1C if a shutdown for writes was reported
* BUG/MEDIUM: ssl: Don't attempt to set alpn if we're not using SSL.
* BUG/MINOR: mworker/cli: don't output a \n before the response
* BUG/MINOR: mux-h1: Make format errors during output formatting fatal
* BUG/MEDIUM: mux-h1: Use buf_room_for_htx_data() to detect too large messages
OBS-URL: https://build.opensuse.org/request/show/714216
OBS-URL: https://build.opensuse.org/package/show/server:http/haproxy?expand=0&rev=186
* BUG/MEDIUM: htx: Fully update HTX message when the block value is changed
* MINOR: htx: Add the function htx_change_blk_value_len()
* BUG/MEDIUM: compression: Set Vary: Accept-Encoding for compressed responses
* BUG/MINOR: mux-h1: Add the header connection in lower case in outgoing messages
* BUG/MINOR: lua/htx: Make txn.req_req_* and txn.res_rep_* HTX aware
* BUG/MEDIUM: h2/htx: Update data length of the HTX when the cookie list is built
OBS-URL: https://build.opensuse.org/package/show/server:http/haproxy?expand=0&rev=183
- Update to version 2.0.0~git0.ba23630a:
- new internal native HTTP representation called HTX, was already in 1.9
and is now enabled by default in 2.0 ;
- end-to-end HTTP/2 support including trailers and continuation frames,
as needed for gRPC ; HTTP/2 may also be upgraded from HTTP/1.1 using
the H2 preface;
- server connection pooling and more advanced reuse, with ALPN protocol
negotiation (already in 1.9) ;
- layer 7 retries, allowing to use 0-RTT and TCP Fast Open to the servers
as well as on the frontend ;
- much more scalable multi-threading, which is even enabled by default on
platforms where it was successfully tested ; by default, as many threads
are started as the number of CPUs haproxy is allowed to run on. This
removes a lot of configuration burden in VMs and containers ;
- automatic maxconn setting for the process and the frontends, directly
based on the number of available FDs (easier configuration in containers
and with systemd) ;
- logging to stdout for use in containers and systemd (already in 1.9).
Logs can now provide micro-second resolution for some events ;
- peers now support SSL, declaration of multiple stick-tables directly in
the peers section, and synchronization of server names, not just IDs ;
- In master-worker mode, the master process now exposes its own CLI and
can communicate with all other processes (including the stopping ones),
even allowing to connect to their CLI and check their state. It is also
possible to start some sidecar programs and monitor them from the master,
and the master can automatically kill old processes that survived too
many reloads ;
- the incoming connections are load-balanced between all threads depending
on their load to minimize the processing time and maximize the capacity
(already in 1.9) ;
- the SPOE connection load-balancing was significantly improved in order
to reduce high percentiles of SPOA response time (already in 1.9) ;
- the "random" load balancing algorithm and a power-of-two-choices variant
were introduced ;
- statistics improvements with per-thread counters for certain things, and
a prometheus exporter for all our statistics;
- lots of debugging help, it's easier to produce a core dump, there are
new commands on the CLI to control various things, there is a watchdog
to fail cleanly when a thread deadlock or a spinning task are detected,
so overall it should provide a better experience in field and less
round trips between users and developers (hence less stress during an
incident).
- all 3 device detection engines are now compatible with multi-threading
and can be build-tested without any external dependencies ;
- "do-resolve" http-request action to perform a DNS resolution on any,
sample, and resolvers now support relying on /etc/resolv.conf to match
the local resolver ;
- log sampling and balancing : it's now possible to send 1 log every 10
to a server, or to spread the logging load over multiple log servers;
- a new SPOA agent (spoa_server) allows to interface haproxy with Python
and Lua programs ;
- support for Solaris' event ports (equivalent of kqueue or epoll) which
will significantly improve the performance there when dealing with
numerous connections ;
- some warnings are now reported for some deprecated options that will
be removed in 2.1. Since 2.0 is long term supported, there's no
emergency to convert them, however if you see these warnings, you
need to understand that you're among their extremely rare users and
just because of this you may be taking risks by keeping them ;
- A new SOCKS4 server-side layer was provided ; it allows outgoing
connections to be forwarded through a SOCKS4 proxy (such as ssh -D).
- priority- and latency- aware server queues : it is possible now to
assign priorities to certain requests and/or to give them a time
bonus or penalty to refine control of the traffic and be able to
engage on SLAs.
- internally the architecture was significantly redesigned to allow to
further improve performance and make it easier to implement protocols
that span over multiple layers (such as QUIC). This work started in
1.9 and will continue with 2.1.
- the I/O, applets and tasks now share the same multi-threaded scheduler,
giving a much better responsiveness and fairness between all tasks as
is visible with the CLI which always responds instantly even under
extreme loads (started in 1.9) ;
- the internal buffers were redesigned to ease zero-copy operations, so
that it is possible to sustain a high bandwidth even when forwarding
HTTP/1 to/from HTTP/2 (already in 1.9) ;
OBS-URL: https://build.opensuse.org/request/show/710358
OBS-URL: https://build.opensuse.org/package/show/server:http/haproxy?expand=0&rev=182
- Update to version 1.8.20~git0.6fb9fadc:
* [RELEASE] Released version 1.8.20
* BUG/MINOR: spoe: Don't systematically wakeup SPOE stream in the applet handler
* BUG/MINOR: da: Get the request channel to call CHECK_HTTP_MESSAGE_FIRST()
* BUG/MINOR: 51d: Get the request channel to call CHECK_HTTP_MESSAGE_FIRST()
* BUG/MEDIUM: thread/http: Add missing locks in set-map and add-acl HTTP rules
* BUG/MINOR: acl: properly detect pattern type SMP_T_ADDR
* BUG/MEDIUM: maps: only try to parse the default value when it's present
* BUG/MAJOR: http_fetch: Get the channel depending on the keyword used
* MINOR: skip get_gmtime where tm is unused
* BUILD/MINOR: listener: Silent a few signedness warnings.
* BUG/MEDIUM: listener: make sure the listener never accepts too many conns
* BUG/MEDIUM: listener: use a self-locked list for the dequeue lists
* MAJOR: listener: do not hold the listener lock in listener_accept()
* BUG/MEDIUM: list: fix incorrect pointer unlocking in LIST_DEL_LOCKED()
* BUG/MEDIUM: list: fix again LIST_ADDQ_LOCKED
* BUG/MEDIUM: list: correct fix for LIST_POP_LOCKED's removal of last element
* MINOR: list: make the delete and pop operations idempotent
* BUG/MEDIUM: list: add missing store barriers when updating elements and head
* BUG/MEDIUM: list: fix LIST_POP_LOCKED's removal of the last pointer
* BUG/MEDIUM: list: fix the rollback on addq in the locked liss
* BUG/MEDIUM: lists: Properly handle the case we're removing the first elt.
* MINOR: lists: Implement locked variations.
* BUG/MINOR: threads: fix the process range of thread masks
* BUG/MEDIUM: spoe: Return an error if nothing is encoded for fragmented messages
* BUG/MEDIUM: spoe: Queue message only if no SPOE applet is attached to the stream
* BUG/MEDIUM: pattern: assign pattern IDs after checking the config validity
* BUILD: connection: fix naming of ip_v field
* BUILD: use inttypes.h instead of stdint.h
* BUG/MEDIUM: peers: fix a case where peer session is not cleanly reset on release.
OBS-URL: https://build.opensuse.org/request/show/700384
OBS-URL: https://build.opensuse.org/package/show/server:http/haproxy?expand=0&rev=181
- Update to version 1.8.19~git0.ebf033b4:
* [RELEASE] Released version 1.8.19
* BUG/MINOR: config: Reinforce validity check when a process number is parsed
* BUG/MAJOR: stream: avoid double free on unique_id
* BUG/MAJOR: spoe: Don't try to get agent config during SPOP healthcheck
* BUG/MEDIUM: server: initialize the idle conns list after parsing the config
* BUG/MEDIUM: spoe: initialization depending on nbthread must be done last
* BUG/MINOR: lua: initialize the correct idle conn lists for the SSL sockets
* BUG/MINOR: spoe: do not assume agent->rt is valid on exit
* DOC: ssl: Stop documenting ciphers example to use
* DOC: ssl: Clarify when pre TLSv1.3 cipher can be used
* [RELEASE] Released version 1.8.18
* BUG/MINOR: config: make sure to count the error on incorrect track-sc/stick rules
* BUG/MAJOR: spoe: verify that backends used by SPOE cover all their callers' processes
* BUG/MAJOR: config: verify that targets of track-sc and stick rules are present
* BUG/MINOR: config: fix bind line thread mask validation
* BUG/MEDIUM: stream: Don't forget to free s->unique_id in stream_free().
* BUG/MEDIUM: mux-h2: do not close the connection on aborted streams
* MINOR: connstream: have a new flag CS_FL_KILL_CONN to kill a connection
* MINOR: stream-int: add a new flag to mention that we want the connection to be killed
* MINOR: stream-int: expand the flags to 32-bit
* BUG/MEDIUM: mux-h2: wait for the mux buffer to be empty before closing the connection
* BUG/MEDIUM: mux-h2: make sure never to send GOAWAY on too old streams
* BUG/MEDIUM: mux-h2: fix two half-closed to closed transitions
* BUG/MEDIUM: mux-h2: wake up flow-controlled streams on initial window update
* MINOR: xref: Add missing barriers.
* BUG/MINOR: stream: don't close the front connection when facing a backend error
* SCRIPTS: add the issue tracker URL to the announce script
* SCRIPTS: add the slack channel URL to the announce script
* BUG/MINOR: deinit: tcp_rep.inspect_rules not deinit, add to deinit
OBS-URL: https://build.opensuse.org/request/show/673401
OBS-URL: https://build.opensuse.org/package/show/server:http/haproxy?expand=0&rev=180
- Update to version 1.8.17~git0.e89d25b2 (bsc#1121283) (CVE-2018-20615):
* BUG/CRITICAL: mux-h2: re-check the frame length when PRIORITY is used
* BUG/MEDIUM: lua: dead lock when Lua tasks are trigerred
* BUG/MINOR: lua: bad args are returned for Lua actions
* BUG/MINOR: lua: Return an error if a legacy HTTP applet doesn't send anything
* BUG/MEDIUM: cli: make "show sess" really thread-safe
* MINOR: stream/cli: report more info about the HTTP messages on "show sess all"
* MINOR: stream/cli: fix the location of the waiting flag in "show sess all"
* MINOR: lb: allow redispatch when using consistent hash
* BUG/MEDIUM: server: Also copy "check-sni" for server templates.
* BUG/MEDIUM: mux-h2: mark that we have too many CS once we have more than the max
* MINOR: mux-h2: only increase the connection window with the first update
* BUG/MAJOR: stream-int: Update the stream expiration date in stream_int_notify()
* BUG/MEDIUM: dns: overflowed dns name start position causing invalid dns error
* BUG/MEDIUM: dns: Don't prevent reading the last byte of the payload in dns_validate_response()
* BUG/MINOR: logs: leave startup-logs global and not per-thread
OBS-URL: https://build.opensuse.org/request/show/664292
OBS-URL: https://build.opensuse.org/package/show/server:http/haproxy?expand=0&rev=179
- Update to version 1.8.15~git0.6b6a350a: (bsc#1119419) (CVE-2018-20103) (VUL-0) (bsc#1119368) (CVE-2018-20102)
* DOC: Update configuration doc about the maximum number of stick counters.
* BUG: dns: Fix off-by-one write in dns_validate_dns_response()
* BUG: dns: Fix out-of-bounds read via signedness error in dns_validate_dns_response()
* BUG: dns: Prevent out-of-bounds read in dns_validate_dns_response()
* BUG: dns: Prevent out-of-bounds read in dns_read_name()
* BUG: dns: Prevent stack-exhaustion via recursion loop in dns_read_name
* DOC: refer to check-sni in the documentation of sni
* DOC: clarify that check-sni needs an argument.
* MINOR: servers: Free [idle|safe|priv]_conns on exit.
* MINOR: stats: report the number of active jobs and listeners in "show info"
* BUG/MINOR: mux-h2: advertise a larger connection window size
* BUG/MINOR: mux-h2: refrain from muxing during the preface
* BUG/MINOR: hpack: fix off-by-one in header name encoding length calculation
* BUG/MEDIUM: sample: Don't treat SMP_T_METH as SMP_T_STR.
* BUG/MINOR: lb-map: fix unprotected update to server's score
* BUG/MINOR: cfgparse: Fix the call to post parser of the last sections parsed
* BUG/MINOR: cfgparse: Fix transition between 2 sections with the same name
* BUG/MINOR: ssl: ssl_sock_parse_clienthello ignores session id
* BUG/MEDIUM: hpack: fix encoding of "accept-ranges" field
* BUG/MINOR: config: Copy default error messages when parsing of a backend starts
* BUG/MEDIUM: Make sure stksess is properly aligned.
* BUG/MINOR: config: better detect the presence of the h2 pattern in npn/alpn
* BUG/MEDIUM: auth/threads: use of crypt() is not thread-safe
* BUG/MAJOR: http: http_txn_get_path() may deference an inexisting buffer
* BUG/MINOR: only auto-prefer last server if lb-alg is non-deterministic
* BUG/MINOR: only mark connections private if NTLM is detected
* DOC: cache: Missing information about "total-max-size"
* BUG/MINOR: ssl: Wrong usage of shctx_init().
* BUG/MINOR: cache: Wrong usage of shctx_init().
OBS-URL: https://build.opensuse.org/request/show/658884
OBS-URL: https://build.opensuse.org/package/show/server:http/haproxy?expand=0&rev=178
- Update to version 1.8.13~git4.c1bfcd00:
* MINOR: dns: new DNS options to allow/prevent IP address duplication
* MINOR: dns: fix wrong score computation in dns_get_ip_from_response
* BUG/MEDIUM: queue: prevent a backup server from draining the proxy's connections
* BUG/MEDIUM: servers: check the queues once enabling a server
* MEDIUM: proxy_protocol: Convert IPs to v6 when protocols are mixed
* BUG/MEDIUM: threads: unbreak "bind" referencing an incorrect thread number
* MINOR: threads: move "nbthread" parsing to hathreads.c
* BUG/MEDIUM: threads: properly fix nbthreads == MAX_THREADS
* BUG/MINOR: threads: Handle nbthread == MAX_THREADS.
* BUG/MINOR: config: stick-table is not supported in defaults section
* BUG/MEDIUM: h2: prevent orphaned streams from blocking a connection forever
* BUG/MEDIUM: threads/sync: use sched_yield when available
* BUG/MINOR: servers: Don't make "server" in a frontend fatal.
* BUG/MEDIUM: stats: don't ask for more data as long as we're responding
* BUG/MEDIUM: stream-int: don't immediately enable reading when the buffer was reportedly full
* MINOR: h2: add the error code and the max/last stream IDs to "show fd"
* BUG/MEDIUM: threads: Fix the exit condition of the thread barrier
* MINOR: debug: Add checks for conn_stream flags
* MINOR: debug: Add check for CO_FL_WILL_UPDATE
* BUG/MINOR: http: Set brackets for the unlikely macro at the right place
* BUG/MEDIUM: h2: make sure the last stream closes the connection after a timeout
* BUG/MEDIUM: h2: never leave pending data in the output buffer on close
* BUG/MEDIUM: h2: don't accept new streams if conn_streams are still in excess
* MINOR: h2: add the mux and demux buffer lengths on "show fd"
* MINOR: h2: keep a count of the number of conn_streams attached to the mux
* BUG/MINOR: h2: remove accidental debug code introduced with show_fd function
* MINOR: h2: implement a basic "show_fd" function
* MINOR: mux: add a "show_fd" function to dump debugging information for "show fd"
* BUG/MINOR: ssl: properly ref-count the tls_keys entries
OBS-URL: https://build.opensuse.org/request/show/629492
OBS-URL: https://build.opensuse.org/package/show/server:http/haproxy?expand=0&rev=171
- Update to version 1.8.10~git0.ec17d7a9:
* MINOR: threads: Be sure to remove threads from all_threads_mask on exit
* BUG/MEDIUM: threads: Use the sync point to check active jobs and exit
* BUG/MEDIUM: fd: Don't modify the update_mask in fd_dodelete().
* BUG/MAJOR: ssl: OpenSSL context is stored in non-reserved memory slot
* BUG/MAJOR: ssl: Random crash with cipherlist capture
* BUG/MINOR: lua: Segfaults with wrong usage of types.
* BUG/MAJOR: map: fix a segfault when using http-request set-map
* MINOR: lua: Increase debug information
* BUG/MINOR: signals: ha_sigmask macro for multithreading
* BUG/MINOR: don't ignore SIG{BUS,FPE,ILL,SEGV} during signal processing
* BUG/MEDIUM: threads: handle signal queue only in thread 0
* BUG/MINOR: unix: Make sure we can transfer abns sockets on seamless reload.
* BUG/MINOR: contrib/modsecurity: update pointer on the end of the frame
* BUG/MINOR: contrib/mod_defender: update pointer on the end of the frame
* BUG/MINOR: contrib/modsecurity: Don't reset the status code during disconnect
* BUG/MINOR: contrib/mod_defender: Don't reset the status code during disconnect
* BUG/MINOR: contrib/spoa_example: Don't reset the status code during disconnect
* MAJOR: spoe: upgrade the SPOP version to 2.0 and remove the support for 1.0
* BUG/MEDIUM: lua/socket: Buffer error, may segfault
* BUG/MEDIUM: lua/socket: Sheduling error on write: may dead-lock
* BUG/MEDIUM: lua/socket: Notification error
* BUG/MAJOR: lua: Dead lock with sockets
* BUG/MEDIUM: lua/socket: wrong scheduling for sockets
* MINOR: task/notification: Is notifications registered ?
* BUG/MEDIUM: spoe: Return an error when the wrong ACK is received in sync mode
* BUG/MEDIUM: stick-tables: Decrement ref_cnt in table_* converters
* BUG/MEDIUM: lua/socket: Length required read doesn't work
* BUG/MEDIUM: servers: Add srv_addr default placeholder to the state file
* BUG/MEDIUM: fd: Only check update_mask against all_threads_mask.
OBS-URL: https://build.opensuse.org/request/show/618843
OBS-URL: https://build.opensuse.org/package/show/server:http/haproxy?expand=0&rev=169
- Update to version 1.8.9~git9.6d82e611:
* BUG/MEDIUM: cache: don't cache when an Authorization header is present (VUL-1) (bsc#1094846)
* BUG/MEDIUM: dns: Delay the attempt to run a DNS resolution on check failure.
* BUG/MINOR: ssl/lua: prevent lua from affecting automatic maxconn computation
* BUG/MEDIUM: contrib/modsecurity: Use network order to encode/decode flags
* BUG/MEDIUM: contrib/mod_defender: Use network order to encode/decode flags
* BUG/MEDIUM: spoe: Flags are not encoded in network order
* BUG/MINOR: lua: Socket.send threw runtime error: 'close' needs 1 arguments.
* BUG/MINOR: spoe: Mistake in error message about SPOE configuration
* BUG/MEDIUM: ssl: properly protect SSL cert generation
* BUG/MEDIUM: pollers: Use a global list for fd shared between threads.
* BUG/MEDIUM: http: don't always abort transfers on CF_SHUTR
* BUG/MINOR: lua: ensure large proxy IDs can be represented
* BUG/MINOR: lua: schedule socket task upon lua connect()
* BUG/MEDIUM: task: Don't free a task that is about to be run.
* BUG/MINOR: map: correctly track reference to the last ref_elt being dumped
* DOC/MINOR: clean up LUA documentation re: servers & array/table.
* BUG/MINOR: lua: Put tasks to sleep when waiting for data
* BUG/MEDIUM: threads: Fix the sync point for more than 32 threads
* BUG/MINOR: checks: Fix check->health computation for flapping servers
* BUG/MINOR: config: disable http-reuse on TCP proxies
* BUG/MINOR: lua/threads: Make lua's tasks sticky to the current thread
* BUG/MEDIUM: h2: implement missing support for chunked encoded uploads
* MINOR: h2: detect presence of CONNECT and/or content-length
* BUG/MEDIUM: lua: Fix segmentation fault if a Lua task exits
* BUG/MINOR: log: t_idle (%Ti) is not set for some requests
* BUG/MAJOR: channel: Fix crash when trying to read from a closed socket
* BUG/MINOR: pattern: Add a missing HA_SPIN_INIT() in pat_ref_newid()
OBS-URL: https://build.opensuse.org/request/show/612871
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/haproxy?expand=0&rev=61
- Update to version 1.8.9~gitv1.8.9.9.6d82e611:
* BUG/MEDIUM: cache: don't cache when an Authorization header is present (VUL-1) (bsc#1094846)
* BUG/MEDIUM: dns: Delay the attempt to run a DNS resolution on check failure.
* BUG/MINOR: ssl/lua: prevent lua from affecting automatic maxconn computation
* BUG/MEDIUM: contrib/modsecurity: Use network order to encode/decode flags
* BUG/MEDIUM: contrib/mod_defender: Use network order to encode/decode flags
* BUG/MEDIUM: spoe: Flags are not encoded in network order
* BUG/MINOR: lua: Socket.send threw runtime error: 'close' needs 1 arguments.
* BUG/MINOR: spoe: Mistake in error message about SPOE configuration
* BUG/MEDIUM: ssl: properly protect SSL cert generation
* BUG/MEDIUM: pollers: Use a global list for fd shared between threads.
* BUG/MEDIUM: http: don't always abort transfers on CF_SHUTR
* BUG/MINOR: lua: ensure large proxy IDs can be represented
* BUG/MINOR: lua: schedule socket task upon lua connect()
* BUG/MEDIUM: task: Don't free a task that is about to be run.
* BUG/MINOR: map: correctly track reference to the last ref_elt being dumped
* DOC/MINOR: clean up LUA documentation re: servers & array/table.
* BUG/MINOR: lua: Put tasks to sleep when waiting for data
* BUG/MEDIUM: threads: Fix the sync point for more than 32 threads
* BUG/MINOR: checks: Fix check->health computation for flapping servers
* BUG/MINOR: config: disable http-reuse on TCP proxies
* BUG/MINOR: lua/threads: Make lua's tasks sticky to the current thread
* BUG/MEDIUM: h2: implement missing support for chunked encoded uploads
* MINOR: h2: detect presence of CONNECT and/or content-length
* BUG/MEDIUM: lua: Fix segmentation fault if a Lua task exits
* BUG/MINOR: log: t_idle (%Ti) is not set for some requests
* BUG/MAJOR: channel: Fix crash when trying to read from a closed socket
* BUG/MINOR: pattern: Add a missing HA_SPIN_INIT() in pat_ref_newid()
OBS-URL: https://build.opensuse.org/request/show/612802
OBS-URL: https://build.opensuse.org/package/show/server:http/haproxy?expand=0&rev=167
- Update to version 1.8.8:
* BUG/CRITICAL: h2: fix incorrect frame length check (VUL-0) (bsc#1089837)
* MINOR: cli: Ensure the CLI always outputs an error when it should
* BUG/MINOR: cli: Guard against NULL messages when using CLI_ST_PRINT_FREE
* BUG/MEDIUM: kqueue: When adding new events, provide an output to get errors.
* BUG/MINOR: http: Return an error in proxy mode when url2sa fails
* BUG/MEDIUM: connection: Make sure we have a mux before calling detach().
* BUG/MEDIUM: threads: Fix the max/min calculation because of name clashes
OBS-URL: https://build.opensuse.org/request/show/605111
OBS-URL: https://build.opensuse.org/package/show/server:http/haproxy?expand=0&rev=166
* [RELEASE] Released version 1.8.7
* MINOR: servers: Support alphanumeric characters for the server templates names
* BUG/MAJOR: cache: always initialize newly created objects
* [RELEASE] Released version 1.8.6
* BUG/MINOR: spoe: Don't release the context buffer in .check_timeouts callbaclk
* BUG/MINOR: spoe: Initialize variables used during conf parsing before any check
* BUG/MAJOR: cache: fix random crashes caused by incorrect delete() on non-first blocks
* BUG/MINOR: fd: Don't clear the update_mask in fd_insert.
* BUG/MINOR: cache: fix "show cache" output
* BUG/MINOR: email-alert: Set the mailer port during alert initialization
* BUG/MINOR: checks: check the conn_stream's readiness and not the connection
* BUG/MEDIUM: h2: always add a stream to the send or fctl list when blocked
* BUILD/MINOR: threads: always export thread_sync_io_handler()
* BUG/MEDIUM: h2: don't consider pending data on detach if connection is in error
* BUG/MEDIUM: h2/threads: never release the task outside of the task handler
* MINOR: h2: fuse h2s_detach() and h2s_free() into h2s_destroy()
* MINOR: h2: always call h2s_detach() in h2_detach()
* BUG/MAJOR: h2: remove orphaned streams from the send list before closing
* MINOR: h2: provide and use h2s_detach() and h2s_free()
* CLEANUP: h2: rename misleading h2c_stream_close() to h2s_close()
* BUG/MINOR: hpack: fix harmless use of uninitialized value in hpack_dht_insert
* BUILD/MINOR: cli: fix a build warning introduced by last commit
* MINOR: cli: make "show fd" report the mux and mux_ctx pointers when available
* MINOR: cli/threads: make "show fd" report thread_sync_io_handler instead of "unknown"
* BUILD/MINOR: fix build when USE_THREAD is not defined
* BUG/MINOR: lua funtion hlua_socket_settimeout don't check negative values
* BUG/MINOR: lua: the function returns anything
OBS-URL: https://build.opensuse.org/package/show/server:http/haproxy?expand=0&rev=165
- Update to version 1.8.5:
* BUG/MINOR: listener: Don't decrease actconn twice when a new session is rejected
* BUG/MINOR: h2: ensure we can never send an RST_STREAM in response to an RST_STREAM
* BUG/MEDIUM: h2: properly account for DATA padding in flow control
* DOC: don't suggest using http-server-close
* DOC: log: more than 2 log servers are allowed
* BUILD/BUG: enable -fno-strict-overflow by default
* MINOR: log: stop emitting alerts when it's not possible to write on the socket
* BUG/MEDIUM: threads/queue: wake up other threads upon dequeue
* BUG/MINOR: tcp-check: use the server's service port as a fallback
* BUG/MEDIUM: tcp-check: single connect rule can't detect DOWN servers
* BUG/MINOR: lua: return bad error messages
* BUG/MINOR: spoa-example: unexpected behavior for more than 127 args
* BUG/MINOR: cli: Fix a crash when sending a command with too many arguments
* BUG/MINOR: seemless reload: Fix crash when an interface is specified.
* BUG/MINOR: dns: don't downgrade DNS accepted payload size automatically
* BUG/MAJOR: threads/queue: Fix thread-safety issues on the queues management
* BUG/MEDIUM: threads/unix: Fix a deadlock when a listener is temporarily disabled
* BUG/MEDIUM: spoe: Remove idle applets from idle list when HAProxy is stopping
* BUG/MINOR: force-persist and ignore-persist only apply to backends
* BUG/MEDIUM: fix a 100% cpu usage with cpu-map and nbthread/nbproc
* BUG/MINOR: cli: Fix a typo in the 'set rate-limit' usage
* BUG/MINOR: cli: Fix a crash when passing a negative or too large value to "show fd"
* BUG/MEDIUM: h2: also arm the h2 timeout when sending
* BUG/MINOR: unix: Don't mess up when removing the socket from the xfer_sock_list.
* BUG/MINOR: session: Fix tcp-request session failure if handshake.
* MINOR: systemd: Add SystemD's SystemCallFilter option to the unit file
* MINOR: systemd: Add SystemD's Protect*= options to the unit file
* MINOR: systemd: Add section for SystemD sandboxing to unit file
* BUG/MEDIUM: buffer: Fix the wrapping case in bi_putblk
* BUG/MEDIUM: buffer: Fix the wrapping case in bo_putblk
* BUG/MEDIUM: h2: always consume any trailing data after end of output buffers
* MINOR: stats: display the number of threads in the statistics.
* BUG/MINOR: h2: Set the target of dbuf_wait to h2c
* MINOR: debug/pools: make DEBUG_UAF also detect underflows
* BUG/MINOR: debug/pools: properly handle out-of-memory when building with DEBUG_UAF
* DOC: cfgparse: Warn on option (tcp|http)log in backend
* DOC: lua: new prototype for function "register_action()"
* BUG/MEDIUM: ssl/sample: ssl_bc_* fetch keywords are broken.
* BUG/MEDIUM: http: Switch the HTTP response in tunnel mode as earlier as possible
* BUG/MINOR: ssl/threads: Make management of the TLS ticket keys files thread-safe
* BUG/MINOR: init: Add missing brackets in the code parsing -sf/-st
* BUG/MEDIUM: ssl: Shutdown the connection for reading on SSL_ERROR_SYSCALL
* BUG/MEDIUM: ssl: Don't always treat SSL_ERROR_SYSCALL as unrecovarable.
* BUG/MINOR: threads: fix missing thread lock labels for 1.8
OBS-URL: https://build.opensuse.org/request/show/590965
OBS-URL: https://build.opensuse.org/package/show/server:http/haproxy?expand=0&rev=164
- Update to version 1.8.4 (bsc#1080069):
* BUG/MINOR: config: don't emit a warning when global stats is incompletely configured
* DOC: Mention -Ws in the list of available options
* DOC: Describe routing impact of using interface keyword on bind lines
* MINOR: init: emit warning when -sf/-sd cannot parse argument
* BUG/MEDIUM: standard: Fix memory leak in str2ip2()
* BUG/MINOR: time/threads: ensure the adjusted time is always correct
* BUG/MEDIUM: spoe: Allow producer to read and to forward shutdown on request side
* BUG/MEDIUM: spoe: Always try to receive or send the frame to detect shutdowns
* BUG/MINOR: epoll/threads: only call epoll_ctl(DEL) on polled FDs
* BUG/MINOR: threads: Update labels array because of changes in lock_label enum
* BUG/MINOR: cli: use global.maxsock and not maxfd to list all FDs
* CLEANUP: Fix typo in ARGT_MSK6 comment
* BUG/MINOR: sample: Fix output type of c_ipv62ip
* CLEANUP: sample: Fix outdated comment about sample casts functions
* CLEANUP: sample: Fix comment encoding of sample.c
* BUILD: kqueue/threads: Add test on MAX_THREADS to avoid warnings when complied without threads
* BUILD: epoll/threads: Add test on MAX_THREADS to avoid warnings when complied without threads
* MINOR: threads: Use __decl_hathreads instead of #ifdef/#endif
* BUG/MINOR: kqueue/threads: Don't forget to close kqueue_fd[tid] on each thread
* BUG/MEDIUM: checks: Don't try to release undefined conn_stream when a check is freed
* BUG/MEDIUM: threads/server: Fix deadlock in srv_set_stopping/srv_set_admin_flag
* BUG/MINOR: threads: always set an owner to the thread_sync pipe
* MINOR: threads: Fix build when we're not compiling with threads.
* BUG/MINOR: mworker: only write to pidfile if it exists
* BUG/MEDIUM: threads/mworker: fix a race on startup
* BUG/MEDIUM: kqueue/threads: use one kqueue_fd per thread
* BUG/MEDIUM: epoll/threads: use one epoll_fd per thread
* MINOR: fd: add a bitmask to indicate that an FD is known by the poller
* BUG/MEDIUM: fd: maintain a per-thread update mask
OBS-URL: https://build.opensuse.org/request/show/574248
OBS-URL: https://build.opensuse.org/package/show/server:http/haproxy?expand=0&rev=159
* [RELEASE] Released version 1.8.3
* MEDIUM: h2: prepare a graceful shutdown when the frontend is stopped
* BUG/MAJOR: hpack: don't return direct references to the dynamic headers table
* BUG/MEDIUM: http: don't automatically forward request close
* MINOR: don't close stdio anymore
* BUG/MEDIUM: mworker: don't close stdio several time
* BUG/MEDIUM: h2: ensure we always know the stream before sending a reset
* DOC/MINOR: configuration: typo, formatting fixes
* BUG/MEDIUM: h2: improve handling of frames received on closed streams
* BUG/MEDIUM: h2: properly handle and report some stream errors
OBS-URL: https://build.opensuse.org/package/show/server:http/haproxy?expand=0&rev=156
- Update to version 1.8.1 (bsc#1069954):
* BUG/MAJOR: h2: correctly check the request length when building an H1 request
* BUG/MAJOR: thread: Be sure to request a sync between threads only once at a time
* BUG/MAJOR: thread/peers: fix deadlock on peers sync.
* BUG/MEDIUM: h2: do not accept upper case letters in request header names
* BUG/MEDIUM: h2: remove connection-specific headers from request
* BUG/MEDIUM: h2: enforce the per-connection stream limit
* BUG/MEDIUM: checks: Be sure we have a mux if we created a cs.
* BUG/MEDIUM: peers: fix some track counter rules dont register entries for sync.
* BUG/MEDIUM: h2: don't report an error after parsing a 100-continue response
* BUG/MEDIUM: threads/peers: decrement, not increment jobs on quitting
* BUG/MEDIUM: stream: fix session leak on applet-initiated connections
* BUG/MEDIUM: cache: bad computation of the remaining size
* BUG/MEDIUM: ssl: don't allocate shctx several time
* BUG/MEDIUM: tcp-check: Don't lock the server in tcpcheck_main
* BUG/MEDIUM: kqueue: Don't bother closing the kqueue after fork.
* BUG/MINOR: h2: use the H2_F_DATA_* macros for DATA frames
* BUG/MINOR: h2: reject response pseudo-headers from requests
* BUG/MINOR: h2: properly check PRIORITY frames
* BUG/MINOR: h2: reject incorrect stream dependencies on HEADERS frame
* BUG/MINOR: h2: do not accept SETTINGS_ENABLE_PUSH other than 0 or 1
* BUG/MINOR: h2: the TE header if present may only contain trailers
* BUG/MINOR: h2: fix a typo causing PING/ACK to be responded to
* BUG/MINOR: h2: ":path" must not be empty
* BUG/MINOR: h2: try to abort closed streams as soon as possible
* BUG/MINOR: h2: immediately close if receiving GOAWAY after the last stream
* BUG/MINOR: hpack: dynamic table size updates are only allowed before headers
* BUG/MINOR: hpack: reject invalid header index
* BUG/MINOR: hpack: must reject huffman literals padded with more than 7 bits
* BUG/MINOR: hpack: fix debugging output of pseudo header names
OBS-URL: https://build.opensuse.org/request/show/548068
OBS-URL: https://build.opensuse.org/package/show/server:http/haproxy?expand=0&rev=154
- Update to version 1.7.9:
* BUG/MINOR: peers: peer synchronization issue (with several peers sections).
* BUG/MINOR: lua: In error case, the safe mode is not removed
* BUG/MINOR: lua: executes the function destroying the Lua session in safe mode
* BUG/MAJOR: lua/socket: resources not detroyed when the socket is aborted
* BUG/MEDIUM: lua: bad memory access
* DOC: update the list of OpenSSL versions in the README
* DOC: Updated 51Degrees git URL to point to a stable version.
* BUG/MINOR: http: Set the response error state in http_sync_res_state
* MINOR: http: Reorder/rewrite checks in http_resync_states
* MINOR: http: Switch requests/responses in TUNNEL mode only by checking txn flags
* BUG/MEDIUM: http: Switch HTTP responses in TUNNEL mode when body length is undefined
* BUG/MAJOR: http: Fix possible infinity loop in http_sync_(req|res)_state
* BUG/MINOR: lua: Fix Server.get_addr() port values
* BUG/MINOR: lua: Correctly use INET6_ADDRSTRLEN in Server.get_addr()
* BUG/MINOR: lua: always detach the tcp/http tasks before freeing them
* BUG/MINOR: lua: Fix bitwise logic for hlua_server_check_* functions.
OBS-URL: https://build.opensuse.org/request/show/518340
OBS-URL: https://build.opensuse.org/package/show/server:http/haproxy?expand=0&rev=149
- Update to version 1.7.8:
* BUG/MINOR: stream: flag TASK_WOKEN_RES not set if task in runqueue
* BUG/MAJOR: cli: fix custom io_release was crushed by NULL.
* BUG/MAJOR: map: fix segfault during 'show map/acl' on cli.
* BUG/MAJOR: compression: Be sure to release the compression state in all cases
* DOC: fix references to the section about time format.
* BUG/MEDIUM: map/acl: fix unwanted flags inheritance.
* BUG/MINOR: stream: Don't forget to remove CF_WAKE_ONCE flag on response channel
* BUG/MINOR: http: Don't reset the transaction if there are still data to send
* BUG/MEDIUM: filters: Be sure to call flt_end_analyze for both channels
* BUG/MINOR: http: properly handle all 1xx informational responses
- Update to version 1.7.7:
* BUG/MINOR: Wrong peer task expiration handling during synchronization processing.
* BUG/MEDIUM: http: Drop the connection establishment when a redirect is performed
* BUG/MEDIUM: cfgparse: Check if tune.http.maxhdr is in the range 1..32767
* DOC: fix references to the section about the unix socket
* BUG/MINOR: log: pin the front connection when front ip/ports are logged
OBS-URL: https://build.opensuse.org/request/show/509191
OBS-URL: https://build.opensuse.org/package/show/server:http/haproxy?expand=0&rev=148
- Update to version 1.7.6:
* DOC: changed "block"(deprecated) examples to http-request deny
* DOC: add few comments to examples.
* DOC: update sample code for PROXY protocol
* DOC: mention lighttpd 1.4.46 implements PROXY
* DOC: stick-table is available in frontend sections
* BUG/MINOR: dns: Wrong address family used when creating IPv6 sockets.
* BUG/MINOR: config: missing goto out after parsing an incorrect ACL character
* BUG/MINOR: arg: don't try to add an argument on failed memory allocation
* BUG/MEDIUM: arg: ensure that we properly unlink unresolved arguments on error
* BUG/MEDIUM: acl: don't free unresolved args in prune_acl_expr()
* MINOR: lua: ensure the memory allocator is used all the time
* CLEANUP: logs: typo: simgle => single
* BUG/MEDIUM: acl: proprely release unused args in prune_acl_expr()
* BUG/MAJOR: Use -fwrapv.
* BUG/MINOR: server: don't use "proxy" when px is really meant.
* BUG/MINOR: server: missing default server 'resolvers' setting duplication.
* DOC: add layer 4 links/cross reference to "block" keyword.
* DOC: errloc/errorloc302/errorloc303 missing status codes.
* BUG/MEDIUM: lua: memory leak
* MEDIUM: config: don't check config validity when there are fatal errors
* BUG/MINOR: hash-balance-factor isn't effective in certain circumstances
* MINOR/DOC: lua: just precise one thing
* BUG/MINOR: http: Fix conditions to clean up a txn and to handle the next request
* DOC: update RFC references
* BUG/MINOR: checks: don't send proxy protocol with agent checks
* BUG/MEDIUM: lua: segfault if a converter or a sample doesn't return anything
* BUG/MAJOR: http: call manage_client_side_cookies() before erasing the buffer
* BUG/MINOR: buffers: Fix bi/bo_contig_space to handle full buffers
* BUG/MINOR: acls: Set the right refflag when patterns are loaded from a map
OBS-URL: https://build.opensuse.org/request/show/504548
OBS-URL: https://build.opensuse.org/package/show/server:http/haproxy?expand=0&rev=147
- Update to version 1.7.5:
* BUG/MEDIUM: peers: fix buffer overflow control in intdecode.
* BUG/MEDIUM: buffers: Fix how input/output data are injected into buffers
* BUG/MEDIUM: http: Fix blocked HTTP/1.0 responses when compression is enabled
* BUG/MINOR: filters: Don't force the stream's wakeup when we wait in flt_end_analyze
* MINOR: config parsing: add warning when log-format/tcplog/httplog is overriden in "defaults" sections
OBS-URL: https://build.opensuse.org/request/show/493447
OBS-URL: https://build.opensuse.org/package/show/server:http/haproxy?expand=0&rev=146
- Update to version 1.7.4:
* MINOR: config: warn when some HTTP rules are used in a TCP proxy
* BUG/MINOR: spoe: Fix soft stop handler using a specific id for spoe filters
* BUG/MINOR: spoe: Fix parsing of arguments in spoe-message section
* BUG/MEDIUM: ssl: Clear OpenSSL error stack after trying to parse OCSP file
* BUG/MEDIUM: cli: Prevent double free in CLI ACL lookup
* BUG/MINOR: Fix "get map <map> <value>" CLI command
* BUG/MAJOR: connection: update CO_FL_CONNECTED before calling the data layer
* BUG/MEDIUM: ssl: switchctx should not return SSL_TLSEXT_ERR_ALERT_WARNING
* BUG/MINOR: checks: attempt clean shutw for SSL check
* BUG/MEDIUM: listener: do not try to rebind another process' socket
* BUG/MEDIUM: filters: Fix channels synchronization in flt_end_analyze
* BUG/MAJOR: stream-int: do not depend on connection flags to detect connection
* BUG/MEDIUM: connection: ensure to always report the end of handshakes
* BUG: payload: fix payload not retrieving arbitrary lengths
* BUG/MAJOR: http: fix typo in http_apply_redirect_rule
* BUG/MEDIUM: stream: fix client-fin/server-fin handling
* MINOR: fd: add a new flag HAP_POLL_F_RDHUP to struct poller
* BUG/MINOR: raw_sock: always perfom the last recv if RDHUP is not available
* DOC/MINOR: Fix typos in proxy protocol doc
* DOC: Protocol doc: add checksum, TLV type ranges
* DOC: Protocol doc: add SSL TLVs, rename CHECKSUM
* DOC: Protocol doc: add noop TLV
* MEDIUM: global: add a 'hard-stop-after' option to cap the soft-stop time
* BUG/MINOR: cfgparse: loop in tracked servers lists not detected by check_config_validity().
* MINOR: server: irrelevant error message with 'default-server' config file keyword.
* MINOR: doc: fix use-server example (imap vs mail)
* BUG/MEDIUM: tcp: don't require privileges to bind to device
OBS-URL: https://build.opensuse.org/request/show/483306
OBS-URL: https://build.opensuse.org/package/show/server:http/haproxy?expand=0&rev=145
- Update to version 1.7.3:
* BUG/MINOR: stream: Fix how backend-specific analyzers are set on a stream
* BUG/MEDIUM: tcp: don't poll for write when connect() succeeds
* BUG/MINOR: unix: fix connect's polling in case no data are scheduled
* BUG/MINOR: lua: Map.end are not reliable because "end" is a reserved keyword
* MINOR: dns: give ability to dns_init_resolvers() to close a socket when requested
* BUG/MAJOR: dns: restart sockets after fork()
* MINOR: chunks: implement a simple dynamic allocator for trash buffers
* BUG/MEDIUM: http: prevent redirect from overwriting a buffer
* BUG/MEDIUM: filters: Do not truncate HTTP response when body length is undefined
* BUG/MEDIUM: http: Prevent replace-header from overwriting a buffer
* BUG/MINOR: http: Return an error when a replace-header rule failed on the response
* BUG/MINOR: sendmail: The return of vsnprintf is not cleanly tested
* BUG/MAJOR: lua segmentation fault when the request is like 'GET ?arg=val HTTP/1.1'
* BUG/MEDIUM: config: reject anything but "if" or "unless" after a use-backend rule
* MINOR: http: don't close when redirect location doesn't start with "/"
OBS-URL: https://build.opensuse.org/request/show/460842
OBS-URL: https://build.opensuse.org/package/show/server:http/haproxy?expand=0&rev=144
- Update to version 1.7.2:
* BUG/MEDIUM: lua: In some case, the return of sample-fetches is ignored (2)
* BUG/MINOR: stream-int: automatically release SI_FL_WAIT_DATA on SHUTW_NOW
* DOC: lua: documentation about time parser functions
* DOC: lua: section declared twice
* BUG/MINOR: lua/cli: bad error message
* DOC: fix small typo in fe_id (backend instead of frontend)
* BUG/MINOR: Fix the sending function in Lua's cosocket
* BUG/MINOR: lua: memory leak executing tasks
* BUG/MINOR: lua: bad return code
* BUG/MEDIUM: ssl: properly reset the reused_sess during a forced handshake
* BUG/MEDIUM: ssl: avoid double free when releasing bind_confs
* BUG/MINOR: stats: fix be/sessions/current out in typed stats
* BUG/MINOR: backend: nbsrv() should return 0 if backend is disabled
* BUG/MEDIUM: ssl: for a handshake when server-side SNI changes
* BUG/MINOR: systemd: potential zombie processes
* DOC: Add timings events schemas
* BUG/MINOR: option prefer-last-server must be ignored in some case
* MINOR: stats: Support "select all" for backend actions
* BUG/MINOR: sample-fetches/stick-tables: bad type for the sample fetches sc*_get_gpt0
* BUG/MAJOR: channel: Fix the definition order of channel analyzers
* BUG/MINOR: http: report real parser state in error captures
* BUG/MAJOR: http: fix risk of getting invalid reports of bad requests
* MINOR: http: custom status reason.
* MINOR: connection: add sample fetch "fc_rcvd_proxy"
* BUG/MINOR: config: emit a warning if http-reuse is enabled with incompatible options
* BUG/MINOR: tools: fix off-by-one in port size check
* BUG/MEDIUM: server: consider AF_UNSPEC as a valid address family
* MEDIUM: server: split the address and the port into two different fields
* MINOR: tools: make str2sa_range() return the port in a separate argument
* MINOR: server: take the destination port from the port field, not the addr
* MEDIUM: server: disable protocol validations when the server doesn't resolve
* BUG/MEDIUM: tools: do not force an unresolved address to AF_INET:0.0.0.0
* BUG/MINOR: ssl: EVP_PKEY must be freed after X509_get_pubkey usage
* MINOR: proto_http.c 502 error txt typo.
* DOC: add deprecation notice to "block"
* BUG/MINOR: Reset errno variable before calling strtol(3)
OBS-URL: https://build.opensuse.org/request/show/453453
OBS-URL: https://build.opensuse.org/package/show/server:http/haproxy?expand=0&rev=142
* BUG/MAJOR: stream: fix session abort on resource shortage
* BUG/MINOR: cli: allow the backslash to be escaped on the CLI
* BUG/MEDIUM: cli: fix "show stat resolvers" and "show tls-keys"
* DOC: Fix map table's format
* DOC: Added 51Degrees conv and fetch functions to documentation.
* BUG/MINOR: http: don't send an extra CRLF after a Set-Cookie in a redirect
* DOC: mention that req_tot is for both frontends and backends
* BUG/MEDIUM: variables: some variable name can hide another ones
* BUG/MINOR: stats: fix be/sessions/max output in html stats
* MINOR: proxy: Add fe_name/be_name fetchers next to existing fe_id/be_id
* DOC: lua: Documentation about some entry missing
* MINOR: Do not forward the header "Expect: 100-continue" when the option http-buffer-request is set
* DOC: Add undocumented argument of the trace filter
* DOC: Fix some typo in SPOE documentation
* BUG/MINOR: cli: be sure to always warn the cli applet when input buffer is full
* MINOR: applet: Count number of (active) applets
* MINOR: task: Rename run_queue and run_queue_cur counters
* BUG/MEDIUM: stream: Save unprocessed events for a stream
* BUG/MAJOR: Fix how the list of entities waiting for a buffer is handled
* BUILD/MEDIUM: Fixing the build using LibreSSL
* [RELEASE] Released version 1.7.1
OBS-URL: https://build.opensuse.org/package/show/server:http/haproxy?expand=0&rev=141
- Update to version 1.7.0:
* BUG/MEDIUM: proxy: return "none" and "unknown" for unknown LB algos
* BUG/MINOR: stats: make field_str() return an empty string on NULL
* BUG/MEDIUM: http: Fix tunnel mode when the CONNECT method is used
* BUG/MINOR: http: Keep the same behavior between 1.6 and 1.7 for tunneled txn
* BUG/MINOR: filters: Protect args in macros HAS_DATA_FILTERS and IS_DATA_FILTER
* BUG/MINOR: filters: Invert evaluation order of HTTP_XFER_BODY and XFER_DATA analyzers
* BUG/MINOR: http: Call XFER_DATA analyzer when HTTP txn is switched in tunnel mode
OBS-URL: https://build.opensuse.org/request/show/443139
OBS-URL: https://build.opensuse.org/package/show/server:http/haproxy?expand=0&rev=138
- Update to version 1.6.9+git.1477940904.ab45181 (fate#321723)
* BUILD: poll: remove unused hap_fd_isset() which causes a warning with clang
* MINOR: cfgparse: few memory leaks fixes.
* MINOR: build: Allow linking to device-atlas library file
* DOC: Fix typo in description of `-st` parameter in man page
* BUG/MEDIUM: peers: on shutdown, wake up the appctx, not the stream
* BUG/MEDIUM: peers: fix use after free in peer_session_create()
* BUG/MEDIUM: systemd: let the wrapper know that haproxy has completed or failed
* MINOR: systemd: report it when execve() fails
* BUG/MINOR: systemd: check return value of calloc()
* BUG/MINOR: systemd: always restore signals before execve()
* BUG/MINOR: systemd: make the wrapper return a non-null status code on error
* BUG/MINOR: ssl: prevent multiple entries for the same certificate
* BUG/MINOR: ssl: Check malloc return code
* BUG/MINOR: vars: smp_fetch_var() doesn't depend on HTTP but on the session
* BUG/MINOR: vars: make smp_fetch_var() more robust against misuses
* BUG/MINOR: vars: use sess and not s->sess in action_store()
* MEDIUM: make SO_REUSEPORT configurable
* MINOR: Add fe_req_rate sample fetch
* MINOR: show Running on zlib version
* MINOR: show Built with PCRE version
* BUG/MINOR: displayed PCRE version is running release
OBS-URL: https://build.opensuse.org/request/show/438388
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/haproxy?expand=0&rev=44
- Update to version 1.6.9+git.1477940904.ab45181 (fate#321723)
* BUILD: poll: remove unused hap_fd_isset() which causes a warning with clang
* MINOR: cfgparse: few memory leaks fixes.
* MINOR: build: Allow linking to device-atlas library file
* DOC: Fix typo in description of `-st` parameter in man page
* BUG/MEDIUM: peers: on shutdown, wake up the appctx, not the stream
* BUG/MEDIUM: peers: fix use after free in peer_session_create()
* BUG/MEDIUM: systemd: let the wrapper know that haproxy has completed or failed
* MINOR: systemd: report it when execve() fails
* BUG/MINOR: systemd: check return value of calloc()
* BUG/MINOR: systemd: always restore signals before execve()
* BUG/MINOR: systemd: make the wrapper return a non-null status code on error
* BUG/MINOR: ssl: prevent multiple entries for the same certificate
* BUG/MINOR: ssl: Check malloc return code
* BUG/MINOR: vars: smp_fetch_var() doesn't depend on HTTP but on the session
* BUG/MINOR: vars: make smp_fetch_var() more robust against misuses
* BUG/MINOR: vars: use sess and not s->sess in action_store()
* MEDIUM: make SO_REUSEPORT configurable
* MINOR: Add fe_req_rate sample fetch
* MINOR: show Running on zlib version
* MINOR: show Built with PCRE version
* BUG/MINOR: displayed PCRE version is running release
OBS-URL: https://build.opensuse.org/request/show/438382
OBS-URL: https://build.opensuse.org/package/show/server:http/haproxy?expand=0&rev=135
- Update to 1.6.9
- MINOR: cli: allow the semi-colon to be escaped on the CLI
- BUG/MINOR: payload: fix SSLv2 version parser
- BUG/MAJOR: stream: properly mark the server address as unset on connect retry
- DOC: Updated 51Degrees readme.
- BUG/MAJOR: stick-counters: possible crash when using sc_trackers with wrong table
- BUG/MINOR: peers: empty chunks after a resync.
- BUG/MINOR: peers: some updates are pushed twice after a resync.
- MINOR: sample: use smp_make_rw() in upper/lower converters
- BUG/MEDIUM: stick-table: properly convert binary samples to keys
- BUG/MEDIUM: stick-tables: do not fail on string keys with no allocated size
- BUG/MAJOR: server: the "sni" directive could randomly cause trouble
- MINOR: sample: provide smp_is_rw() and smp_make_rw()
- MINOR: sample: implement smp_is_safe() and smp_make_safe()
- BUG/MEDIUM: samples: make smp_dup() always duplicate the sample
- BUG/MAJOR: compression: initialize avail_in/next_in even during flush
- BUILD: make proto_tcp.c compatible with musl library
- DOC: minor typo fixes to improve HTML parsing by haproxy-dconv
- BUG/MEDIUM: stream-int: completely detach connection on connect error
- BUG/MEDIUM: lua: somme HTTP manipulation functions are called without valid requests
- DOC: lua: remove old functions
- BUG/MINOR: peers: Fix peers data decoding issue
- BUG/MEDIUM: lua: the function txn_done() from action wrapper can crash
- BUG/MEDIUM: lua: the function txn_done() from sample fetches can crash
OBS-URL: https://build.opensuse.org/request/show/424127
OBS-URL: https://build.opensuse.org/package/show/server:http/haproxy?expand=0&rev=132
- fix link to tarball
- update to 1.6.2
- BUILD: ssl: fix build error introduced in commit 7969a3 with
OpenSSL < 1.0.0
- DOC: fix a typo for a "deviceatlas" keyword
- FIX: small typo in an example using the "Referer" header
- BUG/MEDIUM: config: count memory limits on 64 bits, not 32
- BUG/MAJOR: dns: first DNS response packet not matching queried
hostname may lead to a loop
- BUG/MINOR: dns: unable to parse CNAMEs response
- BUG/MINOR: examples/haproxy.init: missing brace in
quiet_check()
- DOC: deviceatlas: more example use cases.
- BUG/BUILD: replace haproxy-systemd-wrapper with $(EXTRA) in
install-bin.
- BUG/MAJOR: http: don't requeue an idle connection that is
already queued
- DOC: typo on capture.res.hdr and capture.req.hdr
- BUG/MINOR: dns: check for duplicate nameserver id in a
resolvers section was missing
- CLEANUP: use direction names in place of numeric values
- BUG/MEDIUM: lua: sample fetches based on response doesn't work
- drop haproxy-1.6.0-ssl-098.patch: included upstream
- update to 1.6.1
- DOC: specify that stats socket doc (section 9.2) is in
management
- BUILD: install only relevant and existing documentation
- CLEANUP: don't ignore debian/ directory if present
OBS-URL: https://build.opensuse.org/request/show/343758
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/haproxy?expand=0&rev=34
- BUILD: ssl: fix build error introduced in commit 7969a3 with
OpenSSL < 1.0.0
- DOC: fix a typo for a "deviceatlas" keyword
- FIX: small typo in an example using the "Referer" header
- BUG/MEDIUM: config: count memory limits on 64 bits, not 32
- BUG/MAJOR: dns: first DNS response packet not matching queried
hostname may lead to a loop
- BUG/MINOR: dns: unable to parse CNAMEs response
- BUG/MINOR: examples/haproxy.init: missing brace in
quiet_check()
- DOC: deviceatlas: more example use cases.
- BUG/BUILD: replace haproxy-systemd-wrapper with $(EXTRA) in
install-bin.
- BUG/MAJOR: http: don't requeue an idle connection that is
already queued
- DOC: typo on capture.res.hdr and capture.req.hdr
- BUG/MINOR: dns: check for duplicate nameserver id in a
resolvers section was missing
- CLEANUP: use direction names in place of numeric values
- BUG/MEDIUM: lua: sample fetches based on response doesn't work
- drop haproxy-1.6.0-ssl-098.patch: included upstream
OBS-URL: https://build.opensuse.org/package/show/server:http/haproxy?expand=0&rev=122
- DOC: specify that stats socket doc (section 9.2) is in
management
- BUILD: install only relevant and existing documentation
- CLEANUP: don't ignore debian/ directory if present
- BUG/MINOR: dns: parsing error of some DNS response
- BUG/MEDIUM: namespaces: don't fail if no namespace is used
- BUG/MAJOR: ssl: free the generated SSL_CTX if the LRU cache is
disabled
- MEDIUM: dns: Don't use the ANY query type
- drop haproxy-1.6.0-ssl.crash.patch included in update
OBS-URL: https://build.opensuse.org/package/show/server:http/haproxy?expand=0&rev=121
- drop patches we pulled from upstream git:
0001-BUG-MINOR-log-missing-some-ARGC_-entries-in-fmt_dire.patch
0002-DOC-usesrc-root-privileges-requirements.patch
0003-BUILD-ssl-Allow-building-against-libssl-without-SSLv.patch
0004-DOC-MINOR-fix-OpenBSD-versions-where-haproxy-works.patch
0005-BUG-MINOR-http-sample-gmtime-localtime-can-fail.patch
0006-DOC-typo-in-redirect-302-code-meaning.patch
0007-DOC-mention-that-ms-is-left-padded-with-zeroes.patch
0008-CLEANUP-.gitignore-ignore-more-test-files.patch
0009-CLEANUP-.gitignore-finally-ignore-everything-but-wha.patch
0010-MEDIUM-config-emit-a-warning-on-a-frontend-without-l.patch
0011-BUG-MEDIUM-counters-ensure-that-src_-inc-clr-_gpc0-c.patch
0012-DOC-ssl-missing-LF.patch
0013-DOC-fix-example-of-http-request-using-ssl_fc_session.patch
0014-BUG-MINOR-http-remove-stupid-HTTP_METH_NONE-entry.patch
0015-BUG-MAJOR-http-don-t-call-http_send_name_header-afte.patch
- refresh/redo patches to apply cleanly again:
old: haproxy-1.2.16_config_haproxy_user.patch
new: haproxy-1.6.0_config_haproxy_user.patch
old: haproxy-makefile_lib.patch
new: haproxy-1.6.0-makefile_lib.patch
old: sec-options.patch
new: haproxy-1.6.0-sec-options.patch
- added new haproxy.cfg to have a minimal config we can actually
launch!
- drop patch haproxy-1.5.8-fix-bashisms.patch: patched files no
longer exist
- drop haproxy.vim: we will use the copy which ships with the
upstream tarball now.
OBS-URL: https://build.opensuse.org/package/show/server:http/haproxy?expand=0&rev=117
oid sha256:467c8b85b0b4b1b0eeb7f4893621e1717767083156ba49fcd531cbe815e179eb
size 4824237
Reference in New Issue
Block a user
Blocking a user prevents them from interacting with repositories, such as opening or commenting on pull requests or issues. Learn more about blocking a user.
