./net/haproxy, Reliable, high performance TCP/HTTP load balancer

[ CVSweb ] [ Homepage ] [ RSS ] [ Required by ] [ Add to tracker ]


Branch: CURRENT, Version: 1.6.4, Package name: haproxy-1.6.4, Maintainer: morr

HAProxy is a free, very fast and reliable solution offering high
availability, load balancing, and proxying for TCP and HTTP-based
applications. It is particularly suited for web sites crawling under
very high loads while needing persistence or Layer7 processing.
Supporting tens of thousands of connections is clearly realistic with
todays hardware.


Required to run:
[devel/pcre]


Package options: pcre, ssl

Master sites:

SHA1: df3d7f216fe4974d9eac55d76c7f729560c6e975
RMD160: 955c11358efe1cc2a47d705d5c8f0ca3d3056f3e
Filesize: 1522.73 KB

Version history: (Expand)


CVS history: (Expand)


   2016-03-14 10:23:31 by Filip Hajny | Files touched by this commit (3) | Package updated
Log message:
Update net/haproxy to 1.6.4. Throw in example config files.

2016/03/14 : 1.6.4
- BUG/MINOR: http: fix several off-by-one errors in the url_param
  parser
- BUG/MINOR: http: Be sure to process all the data received from a
  server
- BUG/MINOR: chunk: make chunk_dup() always check and set
  dst->size
- MINOR: chunks: ensure that chunk_strcpy() adds a trailing zero
- MINOR: chunks: add chunk_strcat() and chunk_newstr()
- MINOR: chunk: make chunk_initstr() take a const string
- MINOR: lru: new function to delete <nb> least recently used keys
- DOC: add Ben Shillito as the maintainer of 51d
- BUG/MINOR: 51d: Ensures a unique domain for each configuration
- BUG/MINOR: 51d: Aligns Pattern cache implementation with HAProxy
  best practices.
- BUG/MINOR: 51d: Releases workset back to pool.
- BUG/MINOR: 51d: Aligned const pointers to changes in 51Degrees.
- CLEANUP: 51d: Aligned if statements with HAProxy best practices
  and removed casts from malloc.
- DOC: fix a few spelling mistakes
- DOC: fix "workaround" spelling
- BUG/MINOR: examples: Fixing haproxy.spec to remove references to
  .cfg files
- MINOR: fix the return type for dns_response_get_query_id()
  function
- MINOR: server state: missing LF (\n) on error message printed
  when parsing server state file
- BUG/MEDIUM: dns: no DNS resolution happens if no ports provided
  to the nameserver
- BUG/MAJOR: servers state: server port is erased when dns
  resolution is enabled on a server
- BUG/MEDIUM: servers state: server port is used uninitialized
- BUG/MEDIUM: config: Adding validation to stick-table expire
  value.
- BUG/MEDIUM: sample: http_date() doesn't provide the right day of
  the week
- BUG/MEDIUM: channel: fix miscalculation of available buffer
  space.
- MEDIUM: pools: add a new flag to avoid rounding pool size up
- BUG/MEDIUM: buffers: do not round up buffer size during
  allocation
- BUG/MINOR: stream: don't force retries if the server is DOWN
- BUG/MINOR: counters: make the sc-inc-gpc0 and sc-set-gpt0 touch
  the table
- MINOR: unix: don't mention free ports on EAGAIN
- BUG/CLEANUP: CLI: report the proper field states in "show sess"
- MINOR: stats: send content-length with the redirect to allow
  keep-alive
- BUG: stream_interface: Reuse connection even if the output
  channel is empty
- DOC: remove old tunnel mode assumptions
- BUG/MAJOR: http-reuse: fix risk of orphaned connections
- BUG/MEDIUM: http-reuse: do not share private connections across
  backends
- BUG/MINOR: ssl: Be sure to use unique serial for regenerated
  certificates
- BUG/MINOR: stats: fix missing comma in stats on agent drain
- BUG/MINOR: lua: unsafe initialization
- DOC: lua: fix somme errors
- DOC: add server name at rate-limit sessions example
- BUG/MEDIUM: ssl: fix off-by-one in ALPN list allocation
- BUG/MEDIUM: ssl: fix off-by-one in NPN list allocation
- DOC: LUA: fix some typos and syntax errors
- MINOR: cfgparse: warn for incorrect 'timeout retry' keyword
  spelling in resolvers
- MINOR: mailers: increase default timeout to 10 seconds
- MINOR: mailers: use <CRLF> for all line endings
- BUG/MAJOR: lua: applets can't sleep.
- BUG/MINOR: server: some prototypes are renamed
- BUG/MINOR: lua: Useless copy
- BUG/MEDIUM: stats: stats bind-process doesn't propagate the
  process mask correctly
- BUG/MINOR: server: fix the format of the warning on address
  change
- BUG/MEDIUM: chunks: always reject negative-length chunks
- BUG/MINOR: systemd: ensure we don't miss signals
- BUG/MINOR: systemd: report the correct signal in debug message
  output
- BUG/MINOR: systemd: propagate the correct signal to haproxy
- MINOR: systemd: ensure a reload doesn't mask a stop
- BUG/MEDIUM: cfgparse: wrong argument offset after parsing server
  "sni" keyword
- CLEANUP: stats: Avoid computation with uninitialized bits.
- CLEANUP: pattern: Ignore unknown samples in pat_match_ip().
- CLEANUP: map: Avoid memory leak in out-of-memory condition.
- BUG/MINOR: tcpcheck: fix incorrect list usage resulting in
  failure to load certain configs
- BUG/MAJOR: samples: check smp->strm before using it
- MINOR: sample: add a new helper to initialize the owner of a
  sample
- MINOR: sample: always set a new sample's owner before evaluating
  it
- BUG/MAJOR: vars: always retrieve the stream and session from the
  sample
- CLEANUP: payload: remove useless and confusing nullity checks
  for channel buffer
- BUG/MINOR: ssl: fix usage of the various sample fetch functions
- MINOR: cfgparse: warn when uid parameter is not a number
- MINOR: cfgparse: warn when gid parameter is not a number
- BUG/MINOR: standard: Avoid free of non-allocated pointer
- BUG/MINOR: pattern: Avoid memory leak on out-of-memory condition
- CLEANUP: http: fix a build warning introduced by a recent fix
- BUG/MINOR: log: GMT offset not updated when entering/leaving DST
   2016-03-05 12:29:49 by Jonathan Perkin | Files touched by this commit (1813) | Package updated
Log message:
Bump PKGREVISION for security/openssl ABI bump.
   2016-02-16 22:59:46 by Daniel Horecki | Files touched by this commit (2) | Package updated
Log message:
Add fd limits to startup script. Bump PKGREVISION.
   2016-02-01 11:07:56 by Jonathan Perkin | Files touched by this commit (4)
Log message:
Fix build on SunOS.  Clean up patches while here.
   2016-01-03 18:13:40 by Daniel Horecki | Files touched by this commit (3) | Package updated
Log message:
2015/12/27 : 1.6.3
    - BUG/MINOR: http rule: http capture 'id' rule points to a non existing id
    - BUG/MINOR: server: check return value of fgets() in apply_server_state()
    - BUG/MINOR: acl: don't use record layer in req_ssl_ver
    - BUILD: freebsd: double declaration
    - BUG/MEDIUM: lua: clean output buffer
    - BUILD: check for libressl to be able to build against it
    - DOC: lua-api/index.rst small example fixes, spelling correction.
    - DOC: lua: architecture and first steps
    - DOC: relation between timeout http-request and option http-buffer-request
    - BUILD: Make deviceatlas require PCRE
    - BUG: http: do not abort keep-alive connections on server timeout
    - BUG/MEDIUM: http: switch the request channel to no-delay once done.
    - BUG/MINOR: lua: don't force-sslv3 LUA's SSL socket
    - BUILD/MINOR: http: proto_http.h needs sample.h
    - BUG/MEDIUM: http: don't enable auto-close on the response side
    - BUG/MEDIUM: stream: fix half-closed timeout handling
    - CLEANUP: compression: don't allocate DEFAULT_MAXZLIBMEM without USE_ZLIB
    - BUG/MEDIUM: cli: changing compression rate-limiting must require admin level
    - BUG/MEDIUM: sample: urlp can't match an empty value
    - BUILD: dumpstats: silencing warning for printf format specifier / time_t
    - CLEANUP: proxy: calloc call inverted arguments
    - MINOR: da: silent logging by default and displaying DeviceAtlas support if \ 
built.
    - BUG/MEDIUM: da: stop DeviceAtlas processing in the convertor if there is \ 
no input.
    - DOC: Edited 51Degrees section of README/ (cherry picked from commit \ 
a7bbdd955984f0d69812ff055cc145a338e76daa)
    - BUG/MEDIUM: checks: email-alert not working when declared in defaults
    - BUG/MINOR: checks: email-alert causes a segfault when an unknown mailers \ 
section is configured
    - BUG/MINOR: checks: typo in an email-alert error message
    - BUG/MINOR: tcpcheck: conf parsing error when no port configured on server \ 
and last rule is a CONNECT with no port
    - BUG/MINOR: tcpcheck: conf parsing error when no port configured on server \ 
and first rule(s) is (are) COMMENT
    - BUG/MEDIUM: http: fix http-reuse when frontend and backend differ
    - DOC: prefer using http-request/response over reqXXX/rspXXX directives
    - BUG/MEDIUM: config: properly adjust maxconn with nbproc when memmax is forced
    - BUG/MEDIUM: peers: table entries learned from a remote are pushed to \ 
others after a random delay.
    - BUG/MEDIUM: peers: old stick table updates could be repushed.
    - CLEANUP: haproxy: using _GNU_SOURCE instead of __USE_GNU macro.
    - MINOR: lua: service/applet can have access to the HTTP headers when a POST \ 
is received
    - REORG/MINOR: lua: convert boolean "int" to bitfield
    - BUG/MEDIUM: lua: Lua applets must not fetch samples using http_txn
    - BUG/MINOR: lua: Lua applets must not use http_txn
    - BUG/MEDIUM: lua: Forbid HTTP applets from being called from tcp rulesets
    - BUG/MAJOR: lua: Do not force the HTTP analysers in use-services
    - CLEANUP: lua: bad error messages
    - DOC: lua: fix lua API
    - DOC: mailers: typo in 'hostname' description
    - DOC: compression: missing mention of libslz for compression algorithm
    - BUILD/MINOR: regex: missing header
    - BUG/MINOR: stream: bad return code
    - DOC: lua: fix somme errors and add implicit types

While there, add better support for deviceatlas option, from David CARLIER.
   2015-12-29 05:04:32 by David A. Holland | Files touched by this commit (82)
Log message:
Fix missing/broken rcsids.
   2015-11-12 17:35:28 by Daniel Horecki | Files touched by this commit (1)
Log message:
Remove obsolete patch.
   2015-11-12 17:32:29 by Daniel Horecki | Files touched by this commit (5) | Package updated
Log message:
Update to newest version.

ChangeLog (only stable versions):

2015/11/03 : 1.6.2
    - BUILD: ssl: fix build error introduced in commit 7969a3 with OpenSSL < 1.0.0
    - DOC: fix a typo for a "deviceatlas" keyword
    - FIX: small typo in an example using the "Referer" header
    - BUG/MEDIUM: config: count memory limits on 64 bits, not 32
    - BUG/MAJOR: dns: first DNS response packet not matching queried hostname \ 
may lead to a loop
    - BUG/MINOR: dns: unable to parse CNAMEs response
    - BUG/MINOR: examples/haproxy.init: missing brace in quiet_check()
    - DOC: deviceatlas: more example use cases.
    - BUG/BUILD: replace haproxy-systemd-wrapper with $(EXTRA) in install-bin.
    - BUG/MAJOR: http: don't requeue an idle connection that is already queued
    - DOC: typo on capture.res.hdr and capture.req.hdr
    - BUG/MINOR: dns: check for duplicate nameserver id in a resolvers section \ 
was missing
    - CLEANUP: use direction names in place of numeric values
    - BUG/MEDIUM: lua: sample fetches based on response doesn't work

2015/10/20 : 1.6.1
    - DOC: specify that stats socket doc (section 9.2) is in management
    - BUILD: install only relevant and existing documentation
    - CLEANUP: don't ignore debian/ directory if present
    - BUG/MINOR: dns: parsing error of some DNS response
    - BUG/MEDIUM: namespaces: don't fail if no namespace is used
    - BUG/MAJOR: ssl: free the generated SSL_CTX if the LRU cache is disabled
    - MEDIUM: dns: Don't use the ANY query type

2015/10/13 : 1.6.0
    - BUG/MINOR: Handle interactive mode in cli handler
    - DOC: global section missing parameters
    - DOC: backend section missing parameters
    - DOC: stats paramaters available in frontend
    - MINOR: lru: do not allocate useless memory in lru64_lookup
    - BUG/MINOR: http: Add OPTIONS in supported http methods (found by \ 
find_http_meth)
    - BUG/MINOR: ssl: fix management of the cache where forged certificates are \ 
stored
    - MINOR: ssl: Release Servers SSL context when HAProxy is shut down
    - MINOR: ssl: Read the file used to generate certificates in any order
    - MINOR: ssl: Add support for EC for the CA used to sign generated certificates
    - MINOR: ssl: Add callbacks to set DH/ECDH params for generated certificates
    - BUG/MEDIUM: logs: fix time zone offset format in RFC5424
    - BUILD: Fix the build on OSX (htonll/ntohll)
    - BUILD: enable build on Linux/s390x
    - BUG/MEDIUM: lua: direction test failed
    - MINOR: lua: fix a spelling error in some error messages
    - CLEANUP: cli: ensure we can never double-free error messages
    - BUG/MEDIUM: lua: force server-close mode on Lua services
    - MEDIUM: init: support more command line arguments after pid list
    - MEDIUM: init: support a list of files on the command line
    - MINOR: debug: enable memory poisonning to use byte 0
    - BUILD: ssl: fix build error introduced by recent commit
    - BUG/MINOR: config: make the stats socket pass the correct proxy to the parsers
    - MEDIUM: server: implement TCP_USER_TIMEOUT on the server
    - DOC: mention the "namespace" options for bind and server lines
    - DOC: add the "management" documentation
    - DOC: move the stats socket documentation from config to management
    - MINOR: examples: update haproxy.spec to mention new docs
    - DOC: mention management.txt in README
    - DOC: remove haproxy-{en,fr}.txt
    - BUILD: properly report when USE_ZLIB and USE_SLZ are used together
    - MINOR: init: report use of libslz instead of "no compression"
    - CLEANUP: examples: remove some obsolete and confusing files
    - CLEANUP: examples: remove obsolete configuration file samples
    - CLEANUP: examples: fix the example file content-sw-sample.cfg
    - CLEANUP: examples: update sample file option-http_proxy.cfg
    - CLEANUP: examples: update sample file ssl.cfg
    - CLEANUP: tests: move a test file from examples/ to tests/
    - CLEANUP: examples: shut up warnings in transparent proxy example
    - CLEANUP: tests: removed completely obsolete test files
    - DOC: update ROADMAP to remove what was done in 1.6
    - BUG/MEDIUM: pattern: fixup use_after_free in the pat_ref_delete_by_id