./net/haproxy, Reliable, high performance TCP/HTTP load balancer

[ CVSweb ] [ Homepage ] [ RSS ] [ Required by ] [ Add to tracker ]

Branch: CURRENT, Version: 1.8.17, Package name: haproxy-1.8.17, Maintainer: morr

HAProxy is a free, very fast and reliable solution offering high
availability, load balancing, and proxying for TCP and HTTP-based
applications. It is particularly suited for web sites crawling under
very high loads while needing persistence or Layer7 processing.
Supporting tens of thousands of connections is clearly realistic with
todays hardware.

Required to run:

Required to build:

Package options: pcre, ssl

Master sites:

SHA1: 066878e2e443473d0cb9f8e74c28be822ec1e4be
RMD160: c8e381f552ed51636ad2917a2cd2c1e58b662e73
Filesize: 2028.833 KB

Version history: (Expand)

CVS history: (Expand)

   2019-06-13 11:07:08 by Adam Ciarcinski | Files touched by this commit (3) | Package updated
Log message:
haproxy: updated to 1.8.20

- BUG/MAJOR: listener: Make sure the listener exist before using it.
- BUG/MINOR: listener: keep accept rate counters accurate under saturation
- BUG/MEDIUM: logs: Only attempt to free startup_logs once.
- BUG/MEDIUM: 51d: fix possible segfault on deinit_51degrees()
- BUG/MINOR: ssl: fix warning about ssl-min/max-ver support
- MEDIUM: threads: Use __ATOMIC_SEQ_CST when using the newer atomic API.
- BUG/MEDIUM: threads/fd: do not forget to take into account epoll_fd/pipes
- BUG/MAJOR: spoe: Fix initialization of thread-dependent fields
- BUG/MAJOR: stats: Fix how huge POST data are read from the channel
- BUG/MINOR: http/counters: fix missing increment of fe->srv_aborts
- BUG/MEDIUM: ssl: ability to set TLS 1.3 ciphers using \ 
- DOC: The option httplog is no longer valid in a backend.
- BUG/MAJOR: checks: segfault during tcpcheck_main
- BUILD: makefile: work around an old bug in GNU make-3.80
- MINOR: tools: make memvprintf() never pass a NULL target to vsnprintf()
- BUILD: makefile: fix build of IPv6 header on aix51
- BUILD: makefile: add _LINUX_SOURCE_COMPAT to build on AIX-51
- BUILD: Makefile: disable shared cache on AIX 5.1
- BUG/MINOR: cli: correctly handle abns in 'show cli sockets'
- MINOR: cli: start addresses by a prefix in 'show cli sockets'
- BUG/MEDIUM: peers: fix a case where peer session is not cleanly reset on release.
- BUILD: use inttypes.h instead of stdint.h
- BUILD: connection: fix naming of ip_v field
- BUG/MEDIUM: pattern: assign pattern IDs after checking the config validity
- BUG/MEDIUM: spoe: Queue message only if no SPOE applet is attached to the stream
- BUG/MEDIUM: spoe: Return an error if nothing is encoded for fragmented messages
- BUG/MINOR: threads: fix the process range of thread masks
- MINOR: lists: Implement locked variations.
- BUG/MEDIUM: lists: Properly handle the case we're removing the first elt.
- BUG/MEDIUM: list: fix the rollback on addq in the locked liss
- BUG/MEDIUM: list: fix LIST_POP_LOCKED's removal of the last pointer
- BUG/MEDIUM: list: add missing store barriers when updating elements and head
- MINOR: list: make the delete and pop operations idempotent
- BUG/MEDIUM: list: correct fix for LIST_POP_LOCKED's removal of last element
- BUG/MEDIUM: list: fix again LIST_ADDQ_LOCKED
- BUG/MEDIUM: list: fix incorrect pointer unlocking in LIST_DEL_LOCKED()
- MAJOR: listener: do not hold the listener lock in listener_accept()
- BUG/MEDIUM: listener: use a self-locked list for the dequeue lists
- BUG/MEDIUM: listener: make sure the listener never accepts too many conns
- BUILD/MINOR: listener: Silent a few signedness warnings.
- MINOR: skip get_gmtime where tm is unused
- BUG/MAJOR: http_fetch: Get the channel depending on the keyword used
- BUG/MEDIUM: maps: only try to parse the default value when it's present
- BUG/MINOR: acl: properly detect pattern type SMP_T_ADDR
- BUG/MEDIUM: thread/http: Add missing locks in set-map and add-acl HTTP rules
- BUG/MINOR: 51d: Get the request channel to call CHECK_HTTP_MESSAGE_FIRST()
- BUG/MINOR: da: Get the request channel to call CHECK_HTTP_MESSAGE_FIRST()
- BUG/MINOR: spoe: Don't systematically wakeup SPOE stream in the applet handler

- DOC: ssl: Clarify when pre TLSv1.3 cipher can be used
- DOC: ssl: Stop documenting ciphers example to use
- BUG/MINOR: spoe: do not assume agent->rt is valid on exit
- BUG/MINOR: lua: initialize the correct idle conn lists for the SSL sockets
- BUG/MEDIUM: spoe: initialization depending on nbthread must be done last
- BUG/MEDIUM: server: initialize the idle conns list after parsing the config
- BUG/MAJOR: spoe: Don't try to get agent config during SPOP healthcheck
- BUG/MAJOR: stream: avoid double free on unique_id
- BUG/MINOR: config: Reinforce validity check when a process number is parsed

- DOC: http-request cache-use / http-response cache-store expects cache name
- BUG/MAJOR: cache: fix confusion between zero and uninitialized cache key
- BUG/MEDIUM: ssl: Disable anti-replay protection and set max data with 0RTT.
- DOC: Be a bit more explicit about allow-0rtt security implications.
- BUG/MEDIUM: ssl: missing allocation failure checks loading tls key file
- BUG/MINOR: backend: don't use url_param_name as a hint for BE_LB_ALGO_PH
- BUG/MINOR: backend: balance uri specific options were lost across defaults
- BUG/MINOR: backend: BE_LB_LKUP_CHTREE is a value, not a bit
- BUG/MINOR: stick_table: Prevent conn_cur from underflowing
- BUG/MINOR: server: don't always trust srv_check_health when loading a server state
- BUG/MINOR: check: Wake the check task if the check is finished in wake_srv_chk()
- BUG/MEDIUM: ssl: Fix handling of TLS 1.3 KeyUpdate messages
- DOC: mention the effect of nf_conntrack_tcp_loose on src/dst
- MINOR: h2: add a bit-based frame type representation
- MINOR: h2: declare new sets of frame types
- BUG/MINOR: mux-h2: CONTINUATION in closed state must always return GOAWAY
- BUG/MINOR: mux-h2: headers-type frames in HREM are always a connection error
- BUG/MINOR: mux-h2: make it possible to set the error code on an already closed \ 
- BUG/MINOR: hpack: return a compression error on invalid table size updates
- DOC: nbthread is no longer experimental.
- BUG/MINOR: spoe: corrected fragmentation string size
- BUG/MINOR: deinit: tcp_rep.inspect_rules not deinit, add to deinit
- SCRIPTS: add the slack channel URL to the announce script
- SCRIPTS: add the issue tracker URL to the announce script
- BUG/MINOR: stream: don't close the front connection when facing a backend error
- MINOR: xref: Add missing barriers.
- BUG/MEDIUM: mux-h2: wake up flow-controlled streams on initial window update
- BUG/MEDIUM: mux-h2: fix two half-closed to closed transitions
- BUG/MEDIUM: mux-h2: make sure never to send GOAWAY on too old streams
- BUG/MEDIUM: mux-h2: wait for the mux buffer to be empty before closing the \ 
- MINOR: stream-int: expand the flags to 32-bit
- MINOR: stream-int: add a new flag to mention that we want the connection to be \ 
- MINOR: connstream: have a new flag CS_FL_KILL_CONN to kill a connection
- BUG/MEDIUM: mux-h2: do not close the connection on aborted streams
- BUG/MEDIUM: stream: Don't forget to free s->unique_id in stream_free().
- BUG/MINOR: config: fix bind line thread mask validation
- BUG/MAJOR: config: verify that targets of track-sc and stick rules are present
- BUG/MAJOR: spoe: verify that backends used by SPOE cover all their callers' \ 
- BUG/MINOR: config: make sure to count the error on incorrect track-sc/stick rules
   2019-01-24 11:33:52 by Daniel Horecki | Files touched by this commit (2) | Package updated
Log message:
Update to version 1.8.17.


2019/01/08 : 1.8.17
    - BUG/MAJOR: stream-int: Update the stream expiration date in stream_int_notify()
    - MINOR: mux-h2: only increase the connection window with the first update
    - BUG/MEDIUM: mux-h2: mark that we have too many CS once we have more than \ 
the max
    - BUG/MEDIUM: server: Also copy "check-sni" for server templates.
    - MINOR: lb: allow redispatch when using consistent hash
    - MINOR: stream/cli: fix the location of the waiting flag in "show sess \ 
    - MINOR: stream/cli: report more info about the HTTP messages on "show \ 
sess all"
    - BUG/MEDIUM: cli: make "show sess" really thread-safe
    - BUG/MINOR: lua: Return an error if a legacy HTTP applet doesn't send anything
    - BUG/MINOR: lua: bad args are returned for Lua actions
    - BUG/MEDIUM: lua: dead lock when Lua tasks are trigerred
    - BUG/CRITICAL: mux-h2: re-check the frame length when PRIORITY is used

2018/12/21 : 1.8.16
    - BUG/MINOR: logs: leave startup-logs global and not per-thread
    - BUG/MEDIUM: dns: Don't prevent reading the last byte of the payload in \ 
    - BUG/MEDIUM: dns: overflowed dns name start position causing invalid dns error

2018/12/13 : 1.8.15
    - MINOR: threads: Make sure threads_sync_pipe is initialized before using it.
    - DOC: clarify force-private-cache is an option
    - BUG/MINOR: connection: avoid null pointer dereference in send-proxy-v2
    - BUG/MINOR: backend: check that the mux installed properly
    - BUG/MEDIUM: buffers: Make sure we don't wrap in buffer_insert_line2/replace2.
    - MEDIUM: ssl: add support for ciphersuites option for TLSv1.3
    - BUG/MEDIUM: Cur/CumSslConns counters not threadsafe.
    - BUG/MINOR: checks: queues null-deref
    - BUG/MEDIUM: mworker: segfault receiving SIGUSR1 followed by SIGTERM.
    - BUG/MEDIUM: stream: don't crash on out-of-memory
    - BUILD: ssl: fix null-deref warning in ssl_fc_cipherlist_str sample fetch
    - BUILD: ssl: fix another null-deref warning in ssl_sock_switchctx_cbk()
    - BUILD: stick-table: make sure not to fail on task_new() during initialization
    - BUILD: peers: check allocation error during peers_init_sync()
    - DOC: Fix a few typos
    - BUG/MEDIUM: threads: fix thread_release() at the end of the rendez-vous point
    - BUG/MEDIUM: threads: make sure threads_want_sync is marked volatile
    - BUILD: compiler: add a new statement "__unreachable()"
    - MINOR: lua: all functions calling lua_yieldk() may return
    - BUILD: lua: silence some compiler warnings about potential null derefs (#2)
    - BUILD: lua: silence some compiler warnings after WILL_LJMP
    - CLEANUP: stick-tables: Remove unneeded double (()) around conditional clause
    - BUILD: Makefile: add a "make opts" target to simply show the \ 
build options
    - BUILD: Makefile: speed up compiler options detection
    - BUILD: Makefile: silence an option conflict warning with clang
    - MINOR: server: Use memcpy() instead of strncpy().
    - MINOR: cfgparse: Write 130 as 128 as 0x82 and 0x80.
    - MINOR: peers: use defines instead of enums to appease clang.
    - DOC: fix reference to map files in MAINTAINERS
    - BUILD: compiler: rename __unreachable() to my_unreachable()
    - BUG/MEDIUM: pools: Fix the usage of mmap()) with DEBUG_UAF.
    - BUG/MEDIUM: h2: Close connection if no stream is left an GOAWAY was sent.
    - BUILD: Makefile: add the new ERR variable to force -Werror
    - BUG/MINOR: cache: Crashes with "total-max-size" > 2047(MB).
    - BUG/MINOR: cache: Wrong usage of shctx_init().
    - BUG/MINOR: ssl: Wrong usage of shctx_init().
    - DOC: cache: Missing information about "total-max-size"
    - BUG/MINOR: only mark connections private if NTLM is detected
    - BUG/MINOR: only auto-prefer last server if lb-alg is non-deterministic
    - BUG/MAJOR: http: http_txn_get_path() may deference an inexisting buffer
    - BUG/MEDIUM: auth/threads: use of crypt() is not thread-safe
    - BUG/MINOR: config: better detect the presence of the h2 pattern in npn/alpn
    - BUG/MEDIUM: Make sure stksess is properly aligned.
    - BUG/MINOR: config: Copy default error messages when parsing of a backend starts
    - BUG/MEDIUM: hpack: fix encoding of "accept-ranges" field
    - BUG/MINOR: ssl: ssl_sock_parse_clienthello ignores session id
    - BUG/MINOR: cfgparse: Fix transition between 2 sections with the same name
    - BUG/MINOR: cfgparse: Fix the call to post parser of the last sections parsed
    - BUG/MINOR: lb-map: fix unprotected update to server's score
    - BUG/MEDIUM: sample: Don't treat SMP_T_METH as SMP_T_STR.
    - BUG/MINOR: hpack: fix off-by-one in header name encoding length calculation
    - BUG/MINOR: mux-h2: refrain from muxing during the preface
    - BUG/MINOR: mux-h2: advertise a larger connection window size
    - BUILD: compression: fix build error with DEFAULT_MAXZLIBMEM
    - BUILD: threads: fix minor build warnings when threads are disabled
    - MINOR: stats: report the number of active jobs and listeners in "show \ 
    - MINOR: servers: Free [idle|safe|priv]_conns on exit.
    - DOC: clarify that check-sni needs an argument.
    - DOC: refer to check-sni in the documentation of sni
    - BUG: dns: Prevent stack-exhaustion via recursion loop in dns_read_name
    - BUG: dns: Prevent out-of-bounds read in dns_read_name()
    - BUG: dns: Prevent out-of-bounds read in dns_validate_dns_response()
    - BUG: dns: Fix out-of-bounds read via signedness error in \ 
    - BUG: dns: Fix off-by-one write in dns_validate_dns_response()
    - DOC: Update configuration doc about the maximum number of stick counters.
    - DOC: restore note about "independant" typo
    - DOC: Fix typos in README and CONTRIBUTING
    - DOC: Fix typos in different subsections of the documentation
    - DOC: fix a few typos in the documentation
   2018-11-29 10:02:37 by Daniel Horecki | Files touched by this commit (2) | Package updated
Log message:
Update to haproxy 1.8.14.


 Released version 1.8.13 with the following main changes :
    - MINOR: systemd: consider exit status 143 as successful
    - BUG/MINOR: ssl: properly ref-count the tls_keys entries
    - MINOR: mux: add a "show_fd" function to dump debugging \ 
information for "show fd"
    - MINOR: h2: implement a basic "show_fd" function
    - BUG/MINOR: h2: remove accidental debug code introduced with show_fd function
    - MINOR: h2: keep a count of the number of conn_streams attached to the mux
    - MINOR: h2: add the mux and demux buffer lengths on "show fd"
    - BUG/MEDIUM: h2: don't accept new streams if conn_streams are still in excess
    - BUG/MEDIUM: h2: never leave pending data in the output buffer on close
    - BUG/MEDIUM: h2: make sure the last stream closes the connection after a timeout
    - BUG/MINOR: http: Set brackets for the unlikely macro at the right place
    - BUILD: Generate sha256 checksums in publish-release
    - MINOR: debug: Add check for CO_FL_WILL_UPDATE
    - MINOR: debug: Add checks for conn_stream flags
    - BUG/MEDIUM: threads: Fix the exit condition of the thread barrier
    - MINOR: h2: add the error code and the max/last stream IDs to "show \ 
    - BUG/MEDIUM: stream-int: don't immediately enable reading when the buffer \ 
was reportedly full
    - BUG/MEDIUM: stats: don't ask for more data as long as we're responding
    - BUG/MINOR: servers: Don't make "server" in a frontend fatal.
    - BUG/MEDIUM: threads/sync: use sched_yield when available
    - BUG/MEDIUM: h2: prevent orphaned streams from blocking a connection forever
    - BUG/MINOR: config: stick-table is not supported in defaults section
    - BUG/MINOR: threads: Handle nbthread == MAX_THREADS.
    - BUG/MEDIUM: threads: properly fix nbthreads == MAX_THREADS
    - MINOR: threads: move "nbthread" parsing to hathreads.c
    - BUG/MEDIUM: threads: unbreak "bind" referencing an incorrect \ 
thread number
    - MEDIUM: proxy_protocol: Convert IPs to v6 when protocols are mixed
    - SCRIPTS: git-show-backports: add missing quotes to "echo"

Released version 1.8.14 with the following main changes :
    - BUG/MEDIUM: servers: check the queues once enabling a server
    - BUG/MEDIUM: queue: prevent a backup server from draining the proxy's \ 
    - MINOR: dns: fix wrong score computation in dns_get_ip_from_response
    - MINOR: dns: new DNS options to allow/prevent IP address duplication
    - BUG/MEDIUM: lua: possible CLOSE-WAIT state with '\n' headers
    - MINOR: threads: Introduce double-width CAS on x86_64 and arm.
    - BUG/MEDIUM: threads: fix the double CAS implementation for ARMv7
    - MINOR: threads: add more consistency between certain variables in \ 
no-thread case
    - BUG/MEDIUM: threads: fix the no-thread case after the change to the sync point
    - MEDIUM: hathreads: implement a more flexible rendez-vous point
    - BUG/MEDIUM: cli: make "show fd" thread-safe
    - BUG/MINOR: ssl: empty connections reported as errors.
    - BUG/MEDIUM: ssl: fix missing error loading a keytype cert from a bundle.
    - BUG/MEDIUM: ssl: loading dh param from certifile causes unpredictable error.
    - BUG/MINOR: map: fix map_regm with backref
    - DOC: dns: explain set server ... fqdn requires resolver
    - DOC: ssl: Use consistent naming for TLS protocols
    - BUG/MEDIUM: lua: socket timeouts are not applied
    - BUG/MEDIUM: cli/threads: protect all "proxy" commands against \ 
concurrent updates
    - BUG/MEDIUM: cli/threads: protect some server commands against concurrent \ 
    - DOC: Fix spelling error in configuration doc
    - BUG/MEDIUM: unix: provide a ->drain() function
    - BUG/MINOR: lua: Bad HTTP client request duration.
    - BUG/MEDIUM: mux_pt: dereference the connection with care in mux_pt_wake()
    - BUG/MEDIUM: lua: reset lua transaction between http requests
    - BUG/MEDIUM: hlua: Make sure we drain the output buffer when done.
    - BUG/MAJOR: thread: lua: Wrong SSL context initialization.
    - BUG/MEDIUM: hlua: Don't call RESET_SAFE_LJMP if SET_SAFE_LJMP returns 0.
    - BUG/MEDIUM: dns/server: fix incomatibility between SRV resolution and \ 
server state file
    - BUG/MEDIUM: ECC cert should work with TLS < v1.2 and openssl >= 1.1.1
    - MINOR: thread: implement HA_ATOMIC_XADD()
    - BUG/MINOR: stream: use atomic increments for the request counter
    - BUG/MEDIUM: session: fix reporting of handshake processing time in the logs
    - BUG/MEDIUM: h2: fix risk of memory leak on malformated wrapped frames
    - BUG/MINOR: dns: check and link servers' resolvers right after config parsing
    - BUG/MINOR: http/threads: atomically increment the error snapshot ID
    - BUG/MEDIUM: snapshot: take the proxy's lock while dumping errors
    - BUG/MAJOR: kqueue: Don't reset the changes number by accident.
    - BUG/MINOR: server: Crash when setting FQDN via CLI.
    - DOC: Fix typos in lua documentation
    - BUG/MEDIUM: patterns: fix possible double free when reloading a pattern list
    - BUG/MINOR: tools: fix set_net_port() / set_host_port() on IPv4
    - BUG/MINOR: cli: make sure the "getsock" command is only called \ 
on connections
    - BUG/CRITICAL: hpack: fix improper sign check on the header index value
   2018-08-31 11:16:14 by Tobias Nygren | Files touched by this commit (1)
Log message:
haproxy: remove PLIST.Linux (systemd-wrapper removed in 1.8-dev2)
   2018-07-25 15:51:18 by Jonathan Perkin | Files touched by this commit (4)
Log message:
haproxy: Fix SunOS C99 handling.
   2018-07-09 09:37:03 by Daniel Horecki | Files touched by this commit (2) | Package updated
Log message:
Update to newest version of haproxy 1.8.12.


2018/06/27 : 1.8.12
    - BUG/MAJOR: stick_table: Complete incomplete SEGV fix
    - MINOR: stick-tables: make stktable_release() do nothing on NULL

2018/06/26 : 1.8.11
    - BUG/MAJOR: Stick-tables crash with segfault when the key is not in the \ 
    - BUG/BUILD: threads: unbreak build without threads

2018/06/22 : 1.8.10
    - BUG/MINOR: lua: Socket.send threw runtime error: 'close' needs 1 arguments.
    - BUG/MEDIUM: spoe: Flags are not encoded in network order
    - BUG/MEDIUM: contrib/mod_defender: Use network order to encode/decode flags
    - BUG/MEDIUM: contrib/modsecurity: Use network order to encode/decode flags
    - BUG/MINOR: ssl/lua: prevent lua from affecting automatic maxconn computation
    - BUG/MEDIUM: cache: don't cache when an Authorization header is present
    - BUG/MEDIUM: dns: Delay the attempt to run a DNS resolution on check failure.
    - BUG/BUILD: threads: unbreak build without threads
    - BUG/BUILD: fd: fix typo causing a warning when threads are disabled
    - BUG/MEDIUM: fd: Only check update_mask against all_threads_mask.
    - BUG/MEDIUM: servers: Add srv_addr default placeholder to the state file
    - BUG/MEDIUM: lua/socket: Length required read doesn't work
    - BUG/MEDIUM: stick-tables: Decrement ref_cnt in table_* converters
    - BUG/MEDIUM: spoe: Return an error when the wrong ACK is received in sync mode
    - MINOR: task/notification: Is notifications registered ?
    - BUG/MEDIUM: lua/socket: wrong scheduling for sockets
    - BUG/MAJOR: lua: Dead lock with sockets
    - BUG/MEDIUM: lua/socket: Notification error
    - BUG/MEDIUM: lua/socket: Sheduling error on write: may dead-lock
    - BUG/MEDIUM: lua/socket: Buffer error, may segfault
    - MAJOR: spoe: upgrade the SPOP version to 2.0 and remove the support for 1.0
    - BUG/MINOR: contrib/spoa_example: Don't reset the status code during disconnect
    - BUG/MINOR: contrib/mod_defender: Don't reset the status code during disconnect
    - BUG/MINOR: contrib/modsecurity: Don't reset the status code during disconnect
    - BUG/MINOR: contrib/mod_defender: update pointer on the end of the frame
    - BUG/MINOR: contrib/modsecurity: update pointer on the end of the frame
    - DOC: SPOE.txt: fix a typo
    - DOC: contrib/modsecurity: few typo fixes
    - BUG/MINOR: unix: Make sure we can transfer abns sockets on seamless reload.
    - BUG/MEDIUM: threads: handle signal queue only in thread 0
    - BUG/MINOR: don't ignore SIG{BUS,FPE,ILL,SEGV} during signal processing
    - BUG/MINOR: signals: ha_sigmask macro for multithreading
    - MINOR: lua: Increase debug information
    - BUG/MAJOR: map: fix a segfault when using http-request set-map
    - BUG/MINOR: lua: Segfaults with wrong usage of types.
    - BUG/MAJOR: ssl: Random crash with cipherlist capture
    - BUG/MAJOR: ssl: OpenSSL context is stored in non-reserved memory slot
    - BUG/MEDIUM: fd: Don't modify the update_mask in fd_dodelete().
    - BUG/MEDIUM: threads: Use the sync point to check active jobs and exit
    - MINOR: threads: Be sure to remove threads from all_threads_mask on exit

2018/05/18 : 1.8.9
    - BUG/MINOR: pattern: Add a missing HA_SPIN_INIT() in pat_ref_newid()
    - BUG/MAJOR: channel: Fix crash when trying to read from a closed socket
    - BUG/MINOR: log: t_idle (%Ti) is not set for some requests
    - BUG/MEDIUM: lua: Fix segmentation fault if a Lua task exits
    - MINOR: h2: detect presence of CONNECT and/or content-length
    - BUG/MEDIUM: h2: implement missing support for chunked encoded uploads
    - BUG/MINOR: lua/threads: Make lua's tasks sticky to the current thread
    - BUG/MINOR: config: disable http-reuse on TCP proxies
    - BUG/MINOR: checks: Fix check->health computation for flapping servers
    - BUG/MEDIUM: threads: Fix the sync point for more than 32 threads
    - BUG/MINOR: lua: Put tasks to sleep when waiting for data
    - DOC/MINOR: clean up LUA documentation re: servers & array/table.
    - BUG/MINOR: map: correctly track reference to the last ref_elt being dumped
    - BUG/MEDIUM: task: Don't free a task that is about to be run.
    - BUG/MINOR: lua: schedule socket task upon lua connect()
    - BUG/MINOR: lua: ensure large proxy IDs can be represented
    - BUG/MEDIUM: http: don't always abort transfers on CF_SHUTR
    - BUG/MEDIUM: pollers: Use a global list for fd shared between threads.
    - BUG/MEDIUM: ssl: properly protect SSL cert generation
    - BUG/MINOR: spoe: Mistake in error message about SPOE configuration

2018/04/19 : 1.8.8
    - BUG/MEDIUM: threads: Fix the max/min calculation because of name clashes
    - BUG/MEDIUM: connection: Make sure we have a mux before calling detach().
    - BUG/MINOR: http: Return an error in proxy mode when url2sa fails
    - BUG/MEDIUM: kqueue: When adding new events, provide an output to get errors.
    - BUG/MINOR: cli: Guard against NULL messages when using CLI_ST_PRINT_FREE
    - MINOR: cli: Ensure the CLI always outputs an error when it should
    - DOC: lua: update the links to the config and Lua API
    - BUG/CRITICAL: h2: fix incorrect frame length check
   2018-04-14 11:29:06 by Adam Ciarcinski | Files touched by this commit (2) | Package updated
Log message:
haproxy: updated to 1.8.7

- BUG/MAJOR: cache: always initialize newly created objects
- MINOR: servers: Support alphanumeric characters for the server templates names

- BUG/MINOR: lua: the function returns anything
- BUG/MINOR: lua funtion hlua_socket_settimeout don't check negative values
- BUILD/MINOR: fix build when USE_THREAD is not defined
- MINOR: cli/threads: make "show fd" report thread_sync_io_handler \ 
instead of "unknown"
- MINOR: cli: make "show fd" report the mux and mux_ctx pointers when \ 
- BUILD/MINOR: cli: fix a build warning introduced by last commit
- BUG/MINOR: hpack: fix harmless use of uninitialized value in hpack_dht_insert
- CLEANUP: h2: rename misleading h2c_stream_close() to h2s_close()
- MINOR: h2: provide and use h2s_detach() and h2s_free()
- BUG/MAJOR: h2: remove orphaned streams from the send list before closing
- MINOR: h2: always call h2s_detach() in h2_detach()
- MINOR: h2: fuse h2s_detach() and h2s_free() into h2s_destroy()
- BUG/MEDIUM: h2/threads: never release the task outside of the task handler
- BUG/MEDIUM: h2: don't consider pending data on detach if connection is in error
- BUILD/MINOR: threads: always export thread_sync_io_handler()
- BUG/MEDIUM: h2: always add a stream to the send or fctl list when blocked
- BUG/MINOR: checks: check the conn_stream's readiness and not the connection
- BUG/MINOR: email-alert: Set the mailer port during alert initialization
- BUG/MINOR: cache: fix "show cache" output
- BUG/MINOR: fd: Don't clear the update_mask in fd_insert.
- BUG/MAJOR: cache: fix random crashes caused by incorrect delete() on non-first \ 
- BUG/MINOR: spoe: Initialize variables used during conf parsing before any check
- BUG/MINOR: spoe: Don't release the context buffer in .check_timeouts callbaclk

- BUG/MINOR: threads: fix missing thread lock labels for 1.8
- BUG/MEDIUM: ssl: Don't always treat SSL_ERROR_SYSCALL as unrecovarable.
- BUG/MEDIUM: ssl: Shutdown the connection for reading on SSL_ERROR_SYSCALL
- BUG/MINOR: init: Add missing brackets in the code parsing -sf/-st
- BUG/MINOR: ssl/threads: Make management of the TLS ticket keys files thread-safe
- BUG/MEDIUM: http: Switch the HTTP response in tunnel mode as earlier as possible
- BUG/MEDIUM: ssl/sample: ssl_bc_* fetch keywords are broken.
- DOC: lua: new prototype for function "register_action()"
- DOC: cfgparse: Warn on option (tcp|http)log in backend
- BUG/MINOR: debug/pools: properly handle out-of-memory when building with DEBUG_UAF
- MINOR: debug/pools: make DEBUG_UAF also detect underflows
- BUG/MINOR: h2: Set the target of dbuf_wait to h2c
- MINOR: stats: display the number of threads in the statistics.
- BUG/MEDIUM: h2: always consume any trailing data after end of output buffers
- BUG/MEDIUM: buffer: Fix the wrapping case in bo_putblk
- BUG/MEDIUM: buffer: Fix the wrapping case in bi_putblk
- Revert "BUG/MINOR: send-proxy-v2: string size must include ('\0')"
- MINOR: systemd: Add section for SystemD sandboxing to unit file
- MINOR: systemd: Add SystemD's Protect*= options to the unit file
- MINOR: systemd: Add SystemD's SystemCallFilter option to the unit file
- MINOR/BUILD: fix Lua build on Mac OS X
- BUILD/MINOR: fix Lua build on Mac OS X (again)
- BUG/MINOR: session: Fix tcp-request session failure if handshake.
- CLEANUP: .gitignore: Ignore binaries from the contrib directory
- BUG/MINOR: unix: Don't mess up when removing the socket from the xfer_sock_list.
- BUG/MEDIUM: h2: also arm the h2 timeout when sending
- BUG/MINOR: cli: Fix a crash when passing a negative or too large value to \ 
"show fd"
- CLEANUP: ssl: Remove a duplicated #include
- CLEANUP: cli: Remove a leftover debug message
- BUG/MINOR: cli: Fix a typo in the 'set rate-limit' usage
- BUG/MEDIUM: fix a 100% cpu usage with cpu-map and nbthread/nbproc
- BUG/MINOR: force-persist and ignore-persist only apply to backends
- BUG/MEDIUM: spoe: Remove idle applets from idle list when HAProxy is stopping
- BUG/MEDIUM: threads/unix: Fix a deadlock when a listener is temporarily disabled
- BUG/MAJOR: threads/queue: Fix thread-safety issues on the queues management
- BUG/MINOR: dns: don't downgrade DNS accepted payload size automatically
- BUG/MINOR: seemless reload: Fix crash when an interface is specified.
- BUG/MINOR: cli: Fix a crash when sending a command with too many arguments
- BUILD: ssl: Fix build with OpenSSL without NPN capability
- BUG/MINOR: spoa-example: unexpected behavior for more than 127 args
- BUG/MINOR: lua: return bad error messages
- BUG/MEDIUM: tcp-check: single connect rule can't detect DOWN servers
- BUG/MINOR: tcp-check: use the server's service port as a fallback
- BUG/MEDIUM: threads/queue: wake up other threads upon dequeue
- MINOR: log: stop emitting alerts when it's not possible to write on the socket
- BUILD/BUG: enable -fno-strict-overflow by default
- DOC: log: more than 2 log servers are allowed
- DOC: don't suggest using http-server-close
- BUG/MEDIUM: h2: properly account for DATA padding in flow control
- BUG/MINOR: h2: ensure we can never send an RST_STREAM in response to an RST_STREAM
- BUG/MINOR: listener: Don't decrease actconn twice when a new session is rejected
   2018-04-05 11:18:39 by Jonathan Perkin | Files touched by this commit (5)
Log message:
haproxy: Rework SunOS XOPEN_SOURCE handling.

This package explicitly avoids C99-isms and fails to build in C99 mode with
older compilers, even though it works fine with newer compilers that default
to C99 mode.  So, we need to explicitly request XPG4_2 if and only if the
compiler does not default to C99, and must not require C99.