./net/haproxy, Reliable, high performance TCP/HTTP load balancer

[ CVSweb ] [ Homepage ] [ RSS ] [ Required by ] [ Add to tracker ]

Branch: CURRENT, Version: 1.7.5, Package name: haproxy-1.7.5, Maintainer: morr

HAProxy is a free, very fast and reliable solution offering high
availability, load balancing, and proxying for TCP and HTTP-based
applications. It is particularly suited for web sites crawling under
very high loads while needing persistence or Layer7 processing.
Supporting tens of thousands of connections is clearly realistic with
todays hardware.

Required to run:

Required to build:

Package options: pcre, ssl

Master sites:

SHA1: 1b06931b9fd83ba64ef59a25b9ce6275b0f67809
RMD160: 40de07d042461cf00a08187629ef89747aed02dc
Filesize: 1703.104 KB

Version history: (Expand)

CVS history: (Expand)

   2017-04-03 22:56:50 by Daniel Horecki | Files touched by this commit (2) | Package updated
Log message:
Update to newest version 1.7.5.


2017/04/03 : 1.7.5
    - BUG/MEDIUM: peers: fix buffer overflow control in intdecode.
    - BUG/MEDIUM: buffers: Fix how input/output data are injected into buffers
    - BUG/MEDIUM: http: Fix blocked HTTP/1.0 responses when compression is enabled
    - BUG/MINOR: filters: Don't force the stream's wakeup when we wait in \ 
    - DOC: fix parenthesis and add missing "Example" tags
    - DOC: update the contributing file
    - DOC: log-format/tcplog/httplog update
    - MINOR: config parsing: add warning when log-format/tcplog/httplog is \ 
overriden in "defaults" sections

2017/03/27 : 1.7.4
    - MINOR: config: warn when some HTTP rules are used in a TCP proxy
    - BUG/MINOR: spoe: Fix soft stop handler using a specific id for spoe filters
    - BUG/MINOR: spoe: Fix parsing of arguments in spoe-message section
    - BUG/MEDIUM: ssl: Clear OpenSSL error stack after trying to parse OCSP file
    - BUG/MEDIUM: cli: Prevent double free in CLI ACL lookup
    - BUG/MINOR: Fix "get map <map> <value>" CLI command
    - BUG/MAJOR: connection: update CO_FL_CONNECTED before calling the data layer
    - BUG/MEDIUM: ssl: switchctx should not return SSL_TLSEXT_ERR_ALERT_WARNING
    - BUG/MINOR: checks: attempt clean shutw for SSL check
    - CONTRIB: tcploop: add limits.h to fix build issue with some compilers
    - CONTRIB: tcploop: make it build on FreeBSD
    - CONTRIB: tcploop: fix time format to silence build warnings
    - CONTRIB: tcploop: report action 'K' (kill) in usage message
    - CONTRIB: tcploop: fix connect's address length
    - CONTRIB: tcploop: use the trash instead of NULL for recv()
    - BUG/MEDIUM: listener: do not try to rebind another process' socket
    - BUG/MEDIUM: filters: Fix channels synchronization in flt_end_analyze
    - BUG/MAJOR: stream-int: do not depend on connection flags to detect connection
    - BUG/MEDIUM: connection: ensure to always report the end of handshakes
    - BUG: payload: fix payload not retrieving arbitrary lengths
    - BUG/MAJOR: http: fix typo in http_apply_redirect_rule
    - MINOR: doc: 2.4. Examples should be 2.5. Examples
    - BUG/MEDIUM: stream: fix client-fin/server-fin handling
    - MINOR: fd: add a new flag HAP_POLL_F_RDHUP to struct poller
    - BUG/MINOR: raw_sock: always perfom the last recv if RDHUP is not available
    - DOC/MINOR: Fix typos in proxy protocol doc
    - DOC: Protocol doc: add checksum, TLV type ranges
    - DOC: Protocol doc: add SSL TLVs, rename CHECKSUM
    - DOC: Protocol doc: add noop TLV
    - MEDIUM: global: add a 'hard-stop-after' option to cap the soft-stop time
    - BUG/MINOR: cfgparse: loop in tracked servers lists not detected by \ 
    - MINOR: server: irrelevant error message with 'default-server' config file \ 
    - MINOR: doc: fix use-server example (imap vs mail)
    - BUG/MEDIUM: tcp: don't require privileges to bind to device
    - BUILD: make the release script use shortlog for the final changelog
    - BUILD: scripts: fix typo in announce-release error message
   2017-03-07 18:48:06 by Daniel Horecki | Files touched by this commit (3) | Package updated
Log message:
Update to newest stable version 1.7.3.

ChangeLog to long to include here, please take a look at

Fixes PR pkg/52014
   2017-01-09 19:57:21 by Daniel Horecki | Files touched by this commit (2) | Package updated
Log message:
Update to newest version.


2016/12/25 : 1.6.11
    - BUILD: contrib: fix ip6range build on Centos 7
    - BUG/MINOR: cli: fix pointer size when reporting data/transport layer name
    - BUG/MINOR: cli: dequeue from the proxy when changing a maxconn
    - BUG/MINOR: cli: wake up the CLI's task after a timeout update
    - BUG/MINOR: freq-ctr: make swrate_add() support larger values
    - BUG/MEDIUM: proxy: return "none" and "unknown" for \ 
unknown LB algos
    - BUG/MAJOR: stream: fix session abort on resource shortage
    - BUG/MINOR: http: don't send an extra CRLF after a Set-Cookie in a redirect
    - BUG/MEDIUM: variables: some variable name can hide another ones
    - BUG/MINOR: cli: be sure to always warn the cli applet when input buffer is full
    - MINOR: applet: Count number of (active) applets
    - MINOR: task: Rename run_queue and run_queue_cur counters
    - BUG/MEDIUM: stream: Save unprocessed events for a stream
    - BUG/MAJOR: Fix how the list of entities waiting for a buffer is handled
    - BUG/MEDIUM: lua: In some case, the return of sample-fetches is ignored (2)
    - BUG/MINOR: stream-int: automatically release SI_FL_WAIT_DATA on SHUTW_NOW
    - DOC: lua: section declared twice
    - DOC: fix small typo in fe_id (backend instead of frontend)
    - BUG/MINOR: lua: memory leak executing tasks
    - BUG/MEDIUM: ssl: properly reset the reused_sess during a forced handshake
    - BUG/MEDIUM: ssl: avoid double free when releasing bind_confs
    - BUG/MINOR: backend: nbsrv() should return 0 if backend is disabled
    - BUG/MEDIUM: ssl: for a handshake when server-side SNI changes
    - BUG/MINOR: systemd: potential zombie processes

2016/11/20 : 1.6.10
    - BUG/MINOR: Fix OSX compilation errors
    - BUG/MINOR: displayed PCRE version is running release
    - MINOR: show Built with PCRE version
    - MINOR: show Running on zlib version
    - MINOR: Add fe_req_rate sample fetch
    - MEDIUM: make SO_REUSEPORT configurable
    - BUG/MINOR: vars: use sess and not s->sess in action_store()
    - BUG/MINOR: vars: make smp_fetch_var() more robust against misuses
    - BUG/MINOR: vars: smp_fetch_var() doesn't depend on HTTP but on the session
    - BUG/MINOR: ssl: Check malloc return code
    - BUG/MINOR: ssl: prevent multiple entries for the same certificate
    - BUG/MINOR: systemd: make the wrapper return a non-null status code on error
    - BUG/MINOR: systemd: always restore signals before execve()
    - BUG/MINOR: systemd: check return value of calloc()
    - MINOR: systemd: report it when execve() fails
    - BUG/MEDIUM: systemd: let the wrapper know that haproxy has completed or failed
    - BUILD: protocol: fix some build errors on OpenBSD
    - BUILD: log: iovec requires to include sys/uio.h on OpenBSD
    - BUILD: tcp: do not include netinet/ip.h for IP_TTL
    - BUILD: checks: remove the last strcat and eliminate a warning on OpenBSD
    - BUILD: poll: remove unused hap_fd_isset() which causes a warning with clang
    - MINOR: cfgparse: few memory leaks fixes.
    - MINOR: build: Allow linking to device-atlas library file
    - DOC: Fix typo in description of `-st` parameter in man page
    - BUG/MEDIUM: peers: on shutdown, wake up the appctx, not the stream
    - BUG/MEDIUM: peers: fix use after free in peer_session_create()
    - BUG/MEDIUM: systemd-wrapper: return correct exit codes
    - BUG/MEDIUM: srv-state: properly restore the DRAIN state
    - BUG/MINOR: srv-state: allow to have both CMAINT and FDRAIN flags
    - BUG/MEDIUM: servers: properly propagate the maintenance states during startup
    - BUG: vars: Fix 'set-var' converter because of a typo
    - BUG/MEDIUM: channel: bad unlikely macro
    - CLEANUP: lua: move comment
    - CLEANUP: lua: control executed twice
    - CLEANUP: ssl: Fix bind keywords name in comments
    - DOC: ssl: Use correct wording for ca-sign-pass
    - BUG/MINOR: stick-table: handle out-of-memory condition gracefully
    - BUG/MEDIUM: connection: check the control layer before stopping polling
    - BUG/MEDIUM: stick-table: fix regression caused by recent fix for out-of-memory
    - CONTRIB: initiate a debugging suite to make debugging easier
    - BUG/MINOR: cli: properly decrement ref count on tables during failed dumps
    - BUG/MEDIUM: lua: In some case, the return of sample-fetche is ignored
   2016-11-13 20:37:18 by Daniel Horecki | Files touched by this commit (2)
Log message:
Add lua option.

Fixes PR pkg/51608.
   2016-10-13 21:08:34 by Daniel Horecki | Files touched by this commit (2) | Package updated
Log message:
Update package to newest version.


2016/08/30 : 1.6.9
    - DOC: Updated 51Degrees readme.
    - BUG/MAJOR: stream: properly mark the server address as unset on connect retry
    - BUG/MINOR: payload: fix SSLv2 version parser
    - MINOR: cli: allow the semi-colon to be escaped on the CLI

2016/08/14 : 1.6.8
    - BUG/MEDIUM: lua: the function txn_done() from sample fetches can crash
    - BUG/MEDIUM: lua: the function txn_done() from action wrapper can crash
    - BUG/MINOR: peers: Fix peers data decoding issue
    - DOC: lua: remove old functions
    - BUG/MEDIUM: lua: somme HTTP manipulation functions are called without \ 
valid requests
    - BUG/MEDIUM: stream-int: completely detach connection on connect error
    - DOC: minor typo fixes to improve HTML parsing by haproxy-dconv
    - BUILD: make proto_tcp.c compatible with musl library
    - BUG/MAJOR: compression: initialize avail_in/next_in even during flush
    - BUG/MEDIUM: samples: make smp_dup() always duplicate the sample
    - MINOR: sample: implement smp_is_safe() and smp_make_safe()
    - MINOR: sample: provide smp_is_rw() and smp_make_rw()
    - BUG/MAJOR: server: the "sni" directive could randomly cause trouble
    - BUG/MEDIUM: stick-tables: do not fail on string keys with no allocated size
    - BUG/MEDIUM: stick-table: properly convert binary samples to keys
    - MINOR: sample: use smp_make_rw() in upper/lower converters
    - BUG/MINOR: peers: some updates are pushed twice after a resync.
    - BUG/MINOR: peers: empty chunks after a resync.
    - BUG/MAJOR: stick-counters: possible crash when using sc_trackers with \ 
wrong table

2016/07/13 : 1.6.7
    - MINOR: new function my_realloc2 = realloc + free upon failure
    - CLEANUP: fixed some usages of realloc leading to memory leak
    - Revert "BUG/MINOR: ssl: fix potential memory leak in \ 
    - BUG/MEDIUM: dns: fix alignment issues in the DNS response parser
    - BUG/MINOR: Fix endiness issue in DNS header creation code
   2016-07-07 10:55:34 by Thomas Klausner | Files touched by this commit (1)
Log message:
Remove obsolete patch (not in distinfo)
   2016-07-03 16:06:45 by Daniel Horecki | Files touched by this commit (3) | Package updated
Log message:
Update to newer version 1.6.6.


- BUG/MAJOR: fix listening IP address storage for frontends
- BUG/MINOR: fix listening IP address storage for frontends (cont)
- DOC: Fix typo so fetch is properly parsed by Cyril's converter
- BUG/MAJOR: http: fix breakage of "reqdeny" causing random crashes
- BUG/MEDIUM: stick-tables: fix breakage in table converters
- BUG/MEDIUM: dns: unbreak DNS resolver after header fix
- BUILD: fix build on Solaris 11
- CLEANUP: connection: fix double negation on memcmp()
- BUG/MEDIUM: stats: show servers state may show an servers from another backend
- BUG/MEDIUM: fix risk of segfault with "show tls-keys"
- BUG/MEDIUM: sticktables: segfault in some configuration error cases
- BUG/MEDIUM: lua: converters doesn't work
- BUG/MINOR: http: add-header: header name copied twice
- BUG/MEDIUM: http: add-header: buffer overwritten
- BUG/MINOR: ssl: fix potential memory leak in ssl_sock_load_dh_params()
- BUG/MINOR: http: url32+src should use the big endian version of url32
- BUG/MINOR: http: url32+src should check cli_conn before using it
- DOC: http: add documentation for url32 and url32+src
- BUG/MINOR: fix http-response set-log-level parsing error
- MINOR: systemd: Use variable for config and pidfile paths
- MINOR: systemd: Perform sanity check on config before reload (cherry picked \ 
from commit 68535bddf305fdd22f1449a039939b57245212e7)
- BUG/MINOR: init: always ensure that global.rlimit_nofile matches actual limits
- BUG/MINOR: init: ensure that FD limit is raised to the max allowed
- BUG/MEDIUM: external-checks: close all FDs right after the fork()
- BUG/MAJOR: external-checks: use asynchronous signal delivery
- BUG/MINOR: external-checks: do not unblock undesired signals
- BUILD/MEDIUM: rebuild everything when an include file is changed
- BUILD/MEDIUM: force a full rebuild if some build options change
- BUG/MINOR: srv-state: fix incorrect output of state file
- BUG/MINOR: ssl: close ssl key file on error
- BUG/MINOR: http: fix misleading error message for response captures
- BUG/BUILD: don't automatically run "make" on "make install"
- DOC: add missing doc for http-request deny [deny_status <status>]

Drop one patch included upstream.
   2016-06-08 12:16:57 by Jonathan Perkin | Files touched by this commit (89)
Log message:
Remove the stability entity, it has no meaning outside of an official context.