./net/haproxy, Reliable, high performance TCP/HTTP load balancer

[ CVSweb ] [ Homepage ] [ RSS ] [ Required by ] [ Add to tracker ]


Branch: CURRENT, Version: 1.5.9, Package name: haproxy-1.5.9, Maintainer: morr

HAProxy is a free, very fast and reliable solution offering high
availability, load balancing, and proxying for TCP and HTTP-based
applications. It is particularly suited for web sites crawling under
very high loads while needing persistence or Layer7 processing.
Supporting tens of thousands of connections is clearly realistic with
todays hardware.


Required to run:
[devel/pcre]


Package options: pcre

Master sites:

SHA1: 62620311db4b18f10464ffcbcc0398161f5c8a6b
RMD160: 7354413b99cf7543febb89fbc360adf79cfab1c3
Filesize: 1308.513 KB

Version history: (Expand)


CVS history: (Expand)


   2014-11-30 16:51:15 by Blue Rats | Files touched by this commit (2)
Log message:
2014/11/26 : 1.5.9
    - BUILD: fix "make install" to support spaces in the install dirs
    - BUG/MEDIUM: checks: fix conflicts between agent checks and ssl healthcheck
s
    - BUG/MEDIUM: ssl: fix bad ssl context init can cause segfault in case of OO
M.
    - BUG/MINOR: samples: fix unnecessary memcopy converting binary to string.
    - BUG/MEDIUM: connection: sanitize PPv2 header length before parsing address
 information
    - BUG/MEDIUM: pattern: don't load more than once a pattern list.
    - BUG/MEDIUM: ssl: force a full GC in case of memory shortage
    - BUG/MINOR: config: don't inherit the default balance algorithm in frontend
s
    - BUG/MAJOR: frontend: initialize capture pointers earlier
    - BUG/MINOR: stats: correctly set the request/response analysers
    - DOC: fix typo in the body parser documentation for msg.sov
    - BUG/MINOR: peers: the buffer size is global.tune.bufsize, not trash.size
    - MINOR: sample: add a few basic internal fetches (nbproc, proc, stopping)
    - BUG/MAJOR: sessions: unlink session from list on out of memory
   2014-11-18 03:37:06 by Blue Rats | Files touched by this commit (2)
Log message:
ChangeLog :
===========

2014/10/31 : 1.5.8
    - BUG/MAJOR: buffer: check the space left is enough or not when input data \ 
in a buffer is wrapped
    - BUG/BUILD: revert accidental change in the makefile from latest SSL fix

2014/10/30 : 1.5.7
    - BUG/MEDIUM: regex: fix pcre_study error handling
    - BUG/MINOR: log: fix request flags when keep-alive is enabled
    - MINOR: ssl: add fetchs 'ssl_c_der' and 'ssl_f_der' to return DER formatted \ 
certs
    - MINOR: ssl: add statement to force some ssl options in global.
    - BUG/MINOR: ssl: correctly initialize ssl ctx for invalid certificates
    - BUG/MEDIUM: http: don't dump debug headers on MSG_ERROR
    - BUG/MAJOR: cli: explicitly call cli_release_handler() upon error
    - BUG/MEDIUM: tcp: fix outgoing polling based on proxy protocol
    - BUG/MEDIUM: tcp: don't use SO_ORIGINAL_DST on non-AF_INET sockets

2014/10/18 : 1.5.6
    - BUG/MEDIUM: systemd: set KillMode to 'mixed'
    - MINOR: systemd: Check configuration before start
    - BUG/MEDIUM: config: avoid skipping disabled proxies
    - BUG/MINOR: config: do not accept more track-sc than configured
    - BUG/MEDIUM: backend: fix URI hash when a query string is present

2014/10/08 : 1.5.5
    - DOC: Address issue where documentation is excluded due to a gitignore rule.
    - MEDIUM: Improve signal handling in systemd wrapper.
    - BUG/MINOR: config: don't propagate process binding for dynamic use_backend
    - MINOR: Also accept SIGHUP/SIGTERM in systemd-wrapper
    - DOC: clearly state that the "show sess" output format is not fixed
    - MINOR: stats: fix minor typo fix in stats_dump_errors_to_buffer()
    - DOC: indicate in the doc that track-sc* can wait if data are missing
    - MEDIUM: http: enable header manipulation for 101 responses
    - BUG/MEDIUM: config: propagate frontend to backend process binding again.
    - MEDIUM: config: properly propagate process binding between proxies
    - MEDIUM: config: make the frontends automatically bind to the listeners' \ 
processes
    - MEDIUM: config: compute the exact bind-process before listener's maxaccept
    - MEDIUM: config: only warn if stats are attached to multi-process bind \ 
directives
    - MEDIUM: config: report it when tcp-request rules are misplaced
    - MINOR: config: detect the case where a tcp-request content rule has no \ 
inspect-delay
    - MEDIUM: systemd-wrapper: support multiple executable versions and names
    - BUG/MEDIUM: remove debugging code from systemd-wrapper
    - BUG/MEDIUM: http: adjust close mode when switching to backend
    - BUG/MINOR: config: don't propagate process binding on fatal errors.
    - BUG/MEDIUM: check: rule-less tcp-check must detect connect failures
    - BUG/MINOR: tcp-check: report the correct failed step in the status
    - DOC: indicate that weight zero is reported as DRAIN
   2014-10-03 11:30:45 by Blue Rats | Files touched by this commit (1)
Log message:
Fix build failure on CentOS 7, setting TARGET=generic until we devise a
better setting.
   2014-09-12 23:37:38 by Daniel Horecki | Files touched by this commit (2) | Package updated
Log message:
Update to version 1.5.4.

Changes:

- BUG: config: error in http-response replace-header number of arguments
- BUG/MINOR: Fix search for -p argument in systemd wrapper.
- BUG/MEDIUM: auth: fix segfault with http-auth and a configuration with an \ 
unknown encryption algorithm
- BUG/MEDIUM: config: userlists should ensure that encrypted passwords are supported
- MEDIUM: connection: add new bit in Proxy Protocol V2
- BUG/MINOR: server: move the directive #endif to the end of file
- BUG/MEDIUM: http: tarpit timeout is reset
- BUG/MAJOR: tcp: fix a possible busy spinning loop in content track-sc*
- BUG/MEDIUM: http: fix inverted condition in pat_match_meth()
- BUG/MEDIUM: http: fix improper parsing of HTTP methods for use with ACLs
- BUG/MINOR: pattern: remove useless allocation of unused trash in pat_parse_reg()
- BUG/MEDIUM: acl: correctly compute the output type when a converter is used
- CLEANUP: acl: cleanup some of the redundancy and spaghetti after last fix
- BUG/CRITICAL: http: don't update msg->sov once data start to leave the buffer
   2014-07-27 18:33:36 by Filip Hajny | Files touched by this commit (2) | Package updated
Log message:
Update haproxy to 1.5.3.

2014/07/25 : 1.5.3
- DOC: fix typo in Unix Socket commands
- BUG/MEDIUM: connection: fix memory corruption when building a proxy
  v2 header
- BUG/MEDIUM: ssl: Fix a memory leak in DHE key exchange
- DOC: mention that Squid correctly responds 400 to PPv2 header
- BUG/MINOR: http: base32+src should use the big endian version of base32
- BUG/MEDIUM: connection: fix proxy v2 header again!
   2014-07-14 17:30:10 by Filip Hajny | Files touched by this commit (7) | Package updated
Log message:
Update haproxy to 1.5.2. Introduce support for OpenSSL, PCRE and Zlib.

1.5.2
-----
Two extra important issues were discovered since 1.5.1 which were fixed
in 1.5.2. The first one can cause some sample fetch combinations to fail
together in a same expression, and one artificial case (but totally
useless) may even crash the process. The second one is an incomplete
fix in 1.5-dev23 for the request body forwarding. Hash-based balancing
algorithms and http-send-name-header may fail if a request contains
a body which starts to be forwarded before the contents are used.
A few other bugs were fixed, and the max syslog line length is now
configurable per logger.

1.5.1
-----
Version 1.5.1 fixes a few bugs from 1.5.0 among which a really annoying
one which can cause some file descriptor leak when dealing with clients
which disappear from the net, resulting in the impossibility to accept
new connections after some time.

1.5.0
-----
1.5 expands 1.4 with many new features and performance improvements,
including native SSL support on both sides with SNI/NPN/ALPN and OCSP
stapling, IPv6 and UNIX sockets are supported everywhere, full HTTP
keep-alive for better support of NTLM and improved efficiency in
static farms, HTTP/1.1 compression (deflate, gzip) to save bandwidth,
PROXY protocol versions 1 and 2 on both sides, data sampling on
everything in request or response, including payload, ACLs can use
any matching method with any input sample maps and dynamic ACLs
updatable from the CLI stick-tables support counters to track
activity on any input sample custom format for logs, unique-id,
header rewriting, and redirects, improved health checks (SSL,
scripted TCP, check agent, ...), much more scalable configuration
supports hundreds of thousands of backends and certificates without
sweating.

Full changelog for the 1.5 branch:

http://www.haproxy.org/download/1.5/src/CHANGELOG
   2014-04-27 03:28:01 by Blue Rats | Files touched by this commit (3) | Package updated
Log message:
Update to latest stable release, 1.4.25. Some changes to files/haproxy.sh:

* Don't hardcode PREFIX nor PKG_SYSCONFDIR;
* Add a configtest() function to test the configuration file before restart
  so lazy SysOps (me) don't have to remember command arguments;

From CHANGELOG:

    - DOC: typo: nosepoll self reference in config guide
    - BUG/MINOR: deinit: free fdinfo while doing cleanup
    - BUG/MEDIUM: server: set the macro for server's max weight SRV_UWGHT_MAX to \ 
SRV_UWGHT_RANGE
    - BUG/MINOR: use the same check condition for server as other algorithms
    - BUG/MINOR: stream-int: also consider ENOTCONN in addition to EAGAIN for recv()
    - BUG/MINOR: fix forcing fastinter in "on-error"
    - BUG/MEDIUM: http/auth: Sometimes the authentication credentials can be mix \ 
between two requests
    - BUG/MAJOR: http: don't emit the send-name-header when no server is available
    - BUG/MEDIUM: http: "option checkcache" fails with the no-cache header
    - MEDIUM: session: disable lingering on the server when the client aborts
    - MINOR: config: warn when a server with no specific port uses rdp-cookie
    - MEDIUM: increase chunk-size limit to 2GB-1
    - DOC: add a mention about the limited chunk size
    - MEDIUM: http: add "redirect scheme" to ease HTTP to HTTPS redirection
    - BUILD: proto_tcp: remove a harmless warning
    - BUG/MINOR: acl: remove patterns from the tree before freeing them
    - BUG/MEDIUM: checks: fix slow start regression after fix attempt
    - BUG/MAJOR: server: weight calculation fails for map-based algorithms
    - BUG/MINOR: backend: fix target address retrieval in transparent mode
    - BUG/MEDIUM: stick: completely remove the unused flag from the store entries
    - BUG/MEDIUM: stick-tables: complete the latest fix about store-responses
    - BUG/MEDIUM: checks: tracking servers must not inherit the MAINT flag
    - BUG/MINOR: stats: report correct throttling percentage for servers in slowstart
    - BUG/MINOR: stats: correctly report throttle rate of low weight servers
    - BUG/MINOR: checks: successful check completion must not re-enable MAINT servers
    - BUG/MEDIUM: stats: the web interface must check the tracked servers before \ 
enabling
    - BUG/MINOR: channel: initialize xfer_small/xfer_large on new buffers
    - BUG/MINOR: stream-int: also consider ENOTCONN in addition to EAGAIN
    - BUG/MEDIUM: http: don't start to forward request data before the connect
    - DOC: fix misleading information about SIGQUIT
    - BUILD: simplify the date and version retrieval in the makefile
    - BUILD: prepare the makefile to skip format lines in SUBVERS and VERDATE
    - BUILD: use format tags in VERDATE and SUBVERS files
   2014-04-24 18:23:59 by Jonathan Perkin | Files touched by this commit (3) | Package updated
Log message:
Remove -fomit-frame-pointer on SunOS, it kills debuggability and is the
only OS for which the flag is supplied.

Bump PKGREVISION.