./net/haproxy, Reliable, high performance TCP/HTTP load balancer

[ CVSweb ] [ Homepage ] [ RSS ] [ Required by ] [ Add to tracker ]

Branch: CURRENT, Version: 1.8.1, Package name: haproxy-1.8.1, Maintainer: morr

HAProxy is a free, very fast and reliable solution offering high
availability, load balancing, and proxying for TCP and HTTP-based
applications. It is particularly suited for web sites crawling under
very high loads while needing persistence or Layer7 processing.
Supporting tens of thousands of connections is clearly realistic with
todays hardware.

Required to run:

Required to build:

Package options: pcre, ssl

Master sites:

SHA1: 9239e686fe8152cbb03d12f8deac271efd830f4f
RMD160: 514e4dd4cb76813e20cb57ddda9f8bb0de8ae2e5
Filesize: 1990.444 KB

Version history: (Expand)

CVS history: (Expand)

   2017-12-07 12:54:56 by Filip Hajny | Files touched by this commit (2) | Package updated
Log message:
Update net/haproxy to 1.8.1

Major new features in 1.8:
- JSON stats
- server templates
- dynamic cookies
- per-certificate "bind" configuration
- pipelined and asynchronous SPOE
- seamless reloads
- PCRE2 support
- hard-stop-after
- support for OpenSSL asynchronous crypto engines
- replacement of the systemd-wrapper with a new master-worker model
- DNS autonomous resolver
- DNS SRV records
- configurable severity output on the CLI
- TLS 1.3 with support for Early-Data (AKA 0-RTT) on both sides
- multi-thread support
- HTTP/2 support
- small objects cache

For full changelog in 1.8, see:

   2017-09-18 21:30:42 by Daniel Horecki | Files touched by this commit (2) | Package updated
Log message:
Update net/haproxy to version 1.7.9

- BUG/MINOR: peers: peer synchronization issue (with several peers sections).
- BUG/MINOR: lua: In error case, the safe mode is not removed
- BUG/MINOR: lua: executes the function destroying the Lua session in safe mode
- BUG/MAJOR: lua/socket: resources not detroyed when the socket is aborted
- BUG/MEDIUM: lua: bad memory access
- DOC: update CONTRIBUTING regarding optional parts and message format
- DOC: update the list of OpenSSL versions in the README
- MINOR: tools: add a portable timegm() alternative
- BUILD: lua: replace timegm() with my_timegm() to fix build on Solaris 10
- DOC: Updated 51Degrees git URL to point to a stable version.
- BUG/MINOR: http: Set the response error state in http_sync_res_state
- MINOR: http: Reorder/rewrite checks in http_resync_states
- MINOR: http: Switch requests/responses in TUNNEL mode only by checking txn flags
- BUG/MEDIUM: http: Switch HTTP responses in TUNNEL mode when body length is \ 
- BUG/MAJOR: http: Fix possible infinity loop in http_sync_(req|res)_state
- BUG/MINOR: lua: Fix Server.get_addr() port values
- BUG/MINOR: lua: Correctly use INET6_ADDRSTRLEN in Server.get_addr()
- BUG/MINOR: lua: always detach the tcp/http tasks before freeing them
- BUG/MINOR: lua: Fix bitwise logic for hlua_server_check_* functions.
   2017-07-23 19:33:40 by Adam Ciarcinski | Files touched by this commit (2)
Log message:
HAProxy 1.7.8 was released on 2017/07/07. It added 10 new commits after version
1.7.7. It fixes some major issues, a memory leak in the compression code, a
segfault when you dump a map on the CLI while trying to remove an entry and a
bug introduced by a fix in 1.7.5 that causes haproxy to ignore "timeout
   2017-07-04 09:04:17 by Adam Ciarcinski | Files touched by this commit (3) | Package updated
Log message:
- BUG/MINOR: Wrong peer task expiration handling during synchronization processing.
- BUG/MEDIUM: http: Drop the connection establishment when a redirect is performed
- BUG/MEDIUM: cfgparse: Check if tune.http.maxhdr is in the range 1..32767
- DOC: fix references to the section about the unix socket
- BUG/MINOR: haproxy/cli : fix for solaris/illumos distros for CMSG* macros
- BUG/MINOR: log: pin the front connection when front ip/ports are logged

- DOC: changed "block"(deprecated) examples to http-request deny
- DOC: add few comments to examples.
- DOC: update sample code for PROXY protocol
- DOC: mention lighttpd 1.4.46 implements PROXY
- DOC: stick-table is available in frontend sections
- BUG/MINOR: dns: Wrong address family used when creating IPv6 sockets.
- BUG/MINOR: config: missing goto out after parsing an incorrect ACL character
- BUG/MINOR: arg: don't try to add an argument on failed memory allocation
- BUG/MEDIUM: arg: ensure that we properly unlink unresolved arguments on error
- BUG/MEDIUM: acl: don't free unresolved args in prune_acl_expr()
- MINOR: lua: ensure the memory allocator is used all the time
- CLEANUP: logs: typo: simgle => single
- BUG/MEDIUM: acl: proprely release unused args in prune_acl_expr()
- BUG/MAJOR: Use -fwrapv.
- BUG/MINOR: server: don't use "proxy" when px is really meant.
- BUG/MINOR: server: missing default server 'resolvers' setting duplication.
- DOC: add layer 4 links/cross reference to "block" keyword.
- DOC: errloc/errorloc302/errorloc303 missing status codes.
- BUG/MEDIUM: lua: memory leak
- MEDIUM: config: don't check config validity when there are fatal errors
- BUG/MINOR: hash-balance-factor isn't effective in certain circumstances
- MINOR/DOC: lua: just precise one thing
- BUG/MINOR: http: Fix conditions to clean up a txn and to handle the next request
- DOC: update RFC references
- BUG/MINOR: checks: don't send proxy protocol with agent checks
- BUG/MAJOR: dns: Broken kqueue events handling (BSD systems).
- BUG/MEDIUM: lua: segfault if a converter or a sample doesn't return anything
- BUG/MINOR: Makefile: fix compile error with USE_LUA=1 in ubuntu16.04
- BUG/MAJOR: http: call manage_client_side_cookies() before erasing the buffer
- BUG/MINOR: buffers: Fix bi/bo_contig_space to handle full buffers
- BUG/MINOR: acls: Set the right refflag when patterns are loaded from a map
- BUG/MINOR: http/filters: Be sure to wait if a filter loops in HTTP_MSG_ENDING
- BUG/MEDIUM: peers: Peers CLOSE_WAIT issue.
- BUG/MAJOR: server: Segfault after parsing server state file.
- BUG/MEDIUM: unix: never unlink a unix socket from the file system
- scripts: create-release pass -n to tail
- SCRIPTS: create-release: enforce GIT_COMMITTER_{NAME|EMAIL} validity
   2017-04-03 22:56:50 by Daniel Horecki | Files touched by this commit (2) | Package updated
Log message:
Update to newest version 1.7.5.


2017/04/03 : 1.7.5
    - BUG/MEDIUM: peers: fix buffer overflow control in intdecode.
    - BUG/MEDIUM: buffers: Fix how input/output data are injected into buffers
    - BUG/MEDIUM: http: Fix blocked HTTP/1.0 responses when compression is enabled
    - BUG/MINOR: filters: Don't force the stream's wakeup when we wait in \ 
    - DOC: fix parenthesis and add missing "Example" tags
    - DOC: update the contributing file
    - DOC: log-format/tcplog/httplog update
    - MINOR: config parsing: add warning when log-format/tcplog/httplog is \ 
overriden in "defaults" sections

2017/03/27 : 1.7.4
    - MINOR: config: warn when some HTTP rules are used in a TCP proxy
    - BUG/MINOR: spoe: Fix soft stop handler using a specific id for spoe filters
    - BUG/MINOR: spoe: Fix parsing of arguments in spoe-message section
    - BUG/MEDIUM: ssl: Clear OpenSSL error stack after trying to parse OCSP file
    - BUG/MEDIUM: cli: Prevent double free in CLI ACL lookup
    - BUG/MINOR: Fix "get map <map> <value>" CLI command
    - BUG/MAJOR: connection: update CO_FL_CONNECTED before calling the data layer
    - BUG/MEDIUM: ssl: switchctx should not return SSL_TLSEXT_ERR_ALERT_WARNING
    - BUG/MINOR: checks: attempt clean shutw for SSL check
    - CONTRIB: tcploop: add limits.h to fix build issue with some compilers
    - CONTRIB: tcploop: make it build on FreeBSD
    - CONTRIB: tcploop: fix time format to silence build warnings
    - CONTRIB: tcploop: report action 'K' (kill) in usage message
    - CONTRIB: tcploop: fix connect's address length
    - CONTRIB: tcploop: use the trash instead of NULL for recv()
    - BUG/MEDIUM: listener: do not try to rebind another process' socket
    - BUG/MEDIUM: filters: Fix channels synchronization in flt_end_analyze
    - BUG/MAJOR: stream-int: do not depend on connection flags to detect connection
    - BUG/MEDIUM: connection: ensure to always report the end of handshakes
    - BUG: payload: fix payload not retrieving arbitrary lengths
    - BUG/MAJOR: http: fix typo in http_apply_redirect_rule
    - MINOR: doc: 2.4. Examples should be 2.5. Examples
    - BUG/MEDIUM: stream: fix client-fin/server-fin handling
    - MINOR: fd: add a new flag HAP_POLL_F_RDHUP to struct poller
    - BUG/MINOR: raw_sock: always perfom the last recv if RDHUP is not available
    - DOC/MINOR: Fix typos in proxy protocol doc
    - DOC: Protocol doc: add checksum, TLV type ranges
    - DOC: Protocol doc: add SSL TLVs, rename CHECKSUM
    - DOC: Protocol doc: add noop TLV
    - MEDIUM: global: add a 'hard-stop-after' option to cap the soft-stop time
    - BUG/MINOR: cfgparse: loop in tracked servers lists not detected by \ 
    - MINOR: server: irrelevant error message with 'default-server' config file \ 
    - MINOR: doc: fix use-server example (imap vs mail)
    - BUG/MEDIUM: tcp: don't require privileges to bind to device
    - BUILD: make the release script use shortlog for the final changelog
    - BUILD: scripts: fix typo in announce-release error message
   2017-03-07 18:48:06 by Daniel Horecki | Files touched by this commit (3) | Package updated
Log message:
Update to newest stable version 1.7.3.

ChangeLog to long to include here, please take a look at

Fixes PR pkg/52014
   2017-01-09 19:57:21 by Daniel Horecki | Files touched by this commit (2) | Package updated
Log message:
Update to newest version.


2016/12/25 : 1.6.11
    - BUILD: contrib: fix ip6range build on Centos 7
    - BUG/MINOR: cli: fix pointer size when reporting data/transport layer name
    - BUG/MINOR: cli: dequeue from the proxy when changing a maxconn
    - BUG/MINOR: cli: wake up the CLI's task after a timeout update
    - BUG/MINOR: freq-ctr: make swrate_add() support larger values
    - BUG/MEDIUM: proxy: return "none" and "unknown" for \ 
unknown LB algos
    - BUG/MAJOR: stream: fix session abort on resource shortage
    - BUG/MINOR: http: don't send an extra CRLF after a Set-Cookie in a redirect
    - BUG/MEDIUM: variables: some variable name can hide another ones
    - BUG/MINOR: cli: be sure to always warn the cli applet when input buffer is full
    - MINOR: applet: Count number of (active) applets
    - MINOR: task: Rename run_queue and run_queue_cur counters
    - BUG/MEDIUM: stream: Save unprocessed events for a stream
    - BUG/MAJOR: Fix how the list of entities waiting for a buffer is handled
    - BUG/MEDIUM: lua: In some case, the return of sample-fetches is ignored (2)
    - BUG/MINOR: stream-int: automatically release SI_FL_WAIT_DATA on SHUTW_NOW
    - DOC: lua: section declared twice
    - DOC: fix small typo in fe_id (backend instead of frontend)
    - BUG/MINOR: lua: memory leak executing tasks
    - BUG/MEDIUM: ssl: properly reset the reused_sess during a forced handshake
    - BUG/MEDIUM: ssl: avoid double free when releasing bind_confs
    - BUG/MINOR: backend: nbsrv() should return 0 if backend is disabled
    - BUG/MEDIUM: ssl: for a handshake when server-side SNI changes
    - BUG/MINOR: systemd: potential zombie processes

2016/11/20 : 1.6.10
    - BUG/MINOR: Fix OSX compilation errors
    - BUG/MINOR: displayed PCRE version is running release
    - MINOR: show Built with PCRE version
    - MINOR: show Running on zlib version
    - MINOR: Add fe_req_rate sample fetch
    - MEDIUM: make SO_REUSEPORT configurable
    - BUG/MINOR: vars: use sess and not s->sess in action_store()
    - BUG/MINOR: vars: make smp_fetch_var() more robust against misuses
    - BUG/MINOR: vars: smp_fetch_var() doesn't depend on HTTP but on the session
    - BUG/MINOR: ssl: Check malloc return code
    - BUG/MINOR: ssl: prevent multiple entries for the same certificate
    - BUG/MINOR: systemd: make the wrapper return a non-null status code on error
    - BUG/MINOR: systemd: always restore signals before execve()
    - BUG/MINOR: systemd: check return value of calloc()
    - MINOR: systemd: report it when execve() fails
    - BUG/MEDIUM: systemd: let the wrapper know that haproxy has completed or failed
    - BUILD: protocol: fix some build errors on OpenBSD
    - BUILD: log: iovec requires to include sys/uio.h on OpenBSD
    - BUILD: tcp: do not include netinet/ip.h for IP_TTL
    - BUILD: checks: remove the last strcat and eliminate a warning on OpenBSD
    - BUILD: poll: remove unused hap_fd_isset() which causes a warning with clang
    - MINOR: cfgparse: few memory leaks fixes.
    - MINOR: build: Allow linking to device-atlas library file
    - DOC: Fix typo in description of `-st` parameter in man page
    - BUG/MEDIUM: peers: on shutdown, wake up the appctx, not the stream
    - BUG/MEDIUM: peers: fix use after free in peer_session_create()
    - BUG/MEDIUM: systemd-wrapper: return correct exit codes
    - BUG/MEDIUM: srv-state: properly restore the DRAIN state
    - BUG/MINOR: srv-state: allow to have both CMAINT and FDRAIN flags
    - BUG/MEDIUM: servers: properly propagate the maintenance states during startup
    - BUG: vars: Fix 'set-var' converter because of a typo
    - BUG/MEDIUM: channel: bad unlikely macro
    - CLEANUP: lua: move comment
    - CLEANUP: lua: control executed twice
    - CLEANUP: ssl: Fix bind keywords name in comments
    - DOC: ssl: Use correct wording for ca-sign-pass
    - BUG/MINOR: stick-table: handle out-of-memory condition gracefully
    - BUG/MEDIUM: connection: check the control layer before stopping polling
    - BUG/MEDIUM: stick-table: fix regression caused by recent fix for out-of-memory
    - CONTRIB: initiate a debugging suite to make debugging easier
    - BUG/MINOR: cli: properly decrement ref count on tables during failed dumps
    - BUG/MEDIUM: lua: In some case, the return of sample-fetche is ignored
   2016-11-13 20:37:18 by Daniel Horecki | Files touched by this commit (2)
Log message:
Add lua option.

Fixes PR pkg/51608.