head 1.11; access; symbols pkgsrc-2025Q3:1.10.0.26 pkgsrc-2025Q3-base:1.10 pkgsrc-2025Q2:1.10.0.24 pkgsrc-2025Q2-base:1.10 pkgsrc-2025Q1:1.10.0.22 pkgsrc-2025Q1-base:1.10 pkgsrc-2024Q4:1.10.0.20 pkgsrc-2024Q4-base:1.10 pkgsrc-2024Q3:1.10.0.18 pkgsrc-2024Q3-base:1.10 pkgsrc-2024Q2:1.10.0.16 pkgsrc-2024Q2-base:1.10 pkgsrc-2024Q1:1.10.0.14 pkgsrc-2024Q1-base:1.10 pkgsrc-2023Q4:1.10.0.12 pkgsrc-2023Q4-base:1.10 pkgsrc-2023Q3:1.10.0.10 pkgsrc-2023Q3-base:1.10 pkgsrc-2023Q2:1.10.0.8 pkgsrc-2023Q2-base:1.10 pkgsrc-2023Q1:1.10.0.6 pkgsrc-2023Q1-base:1.10 pkgsrc-2022Q4:1.10.0.4 pkgsrc-2022Q4-base:1.10 pkgsrc-2022Q3:1.10.0.2 pkgsrc-2022Q3-base:1.10 pkgsrc-2022Q2:1.9.0.4 pkgsrc-2022Q2-base:1.9 pkgsrc-2022Q1:1.9.0.2 pkgsrc-2022Q1-base:1.9 pkgsrc-2021Q4:1.8.0.10 pkgsrc-2021Q4-base:1.8 pkgsrc-2021Q3:1.8.0.8 pkgsrc-2021Q3-base:1.8 pkgsrc-2021Q2:1.8.0.6 pkgsrc-2021Q2-base:1.8 pkgsrc-2021Q1:1.8.0.4 pkgsrc-2021Q1-base:1.8 pkgsrc-2020Q4:1.8.0.2 pkgsrc-2020Q4-base:1.8 pkgsrc-2020Q3:1.7.0.10 pkgsrc-2020Q3-base:1.7 pkgsrc-2020Q2:1.7.0.8 pkgsrc-2020Q2-base:1.7 pkgsrc-2020Q1:1.7.0.4 pkgsrc-2020Q1-base:1.7 pkgsrc-2019Q4:1.7.0.6 pkgsrc-2019Q4-base:1.7 pkgsrc-2019Q3:1.7.0.2 pkgsrc-2019Q3-base:1.7 pkgsrc-2019Q2:1.6.0.2 pkgsrc-2019Q2-base:1.6 pkgsrc-2019Q1:1.5.0.6 pkgsrc-2019Q1-base:1.5 pkgsrc-2018Q4:1.5.0.4 pkgsrc-2018Q4-base:1.5 pkgsrc-2018Q3:1.5.0.2 pkgsrc-2018Q3-base:1.5 pkgsrc-2018Q2:1.4.0.2 pkgsrc-2018Q2-base:1.4 pkgsrc-2018Q1:1.3.0.2 pkgsrc-2018Q1-base:1.3 pkgsrc-2017Q4:1.2.0.14 pkgsrc-2017Q4-base:1.2 pkgsrc-2017Q3:1.2.0.12 pkgsrc-2017Q3-base:1.2 pkgsrc-2017Q2:1.2.0.8 pkgsrc-2017Q2-base:1.2 pkgsrc-2017Q1:1.2.0.6 pkgsrc-2017Q1-base:1.2 pkgsrc-2016Q4:1.2.0.4 pkgsrc-2016Q4-base:1.2 pkgsrc-2016Q3:1.2.0.2 pkgsrc-2016Q3-base:1.2 pkgsrc-2016Q2:1.1.0.4 pkgsrc-2016Q2-base:1.1 pkgsrc-2016Q1:1.1.0.2 pkgsrc-2016Q1-base:1.1; locks; strict; comment @# @; 1.11 date 2025.12.18.16.00.43; author jperkin; state dead; branches; next 1.10; commitid OcMTwctfCxoCiUmG; 1.10 date 2022.07.25.06.34.30; author adam; state Exp; branches; next 1.9; commitid pwNXWg2FDFhx5fND; 1.9 date 2022.02.21.17.13.39; author adam; state Exp; branches; next 1.8; commitid l3IORp0MusCFzvtD; 1.8 date 2020.12.06.11.22.53; author adam; state Exp; branches; next 1.7; commitid 3WnGZFLGy7MaQFyC; 1.7 date 2019.08.03.20.37.19; author morr; state Exp; branches; next 1.6; commitid NCmyyg7FCTOuGCxB; 1.6 date 2019.06.13.09.07.08; author adam; state Exp; branches; next 1.5; commitid hqHZ5YCmoXWIv0rB; 1.5 date 2018.07.25.13.51.18; author jperkin; state Exp; branches; next 1.4; commitid wqcYNjUOdw25twLA; 1.4 date 2018.04.05.09.18.39; author jperkin; state Exp; branches; next 1.3; commitid yMtA2UG8NmzAvexA; 1.3 date 2018.02.08.19.12.50; author jperkin; state Exp; branches; next 1.2; commitid aCQBj8FgbmldC5qA; 1.2 date 2016.07.03.14.06.45; author morr; state Exp; branches; next 1.1; commitid jZjDE2vkKC0iIScz; 1.1 date 2016.02.01.10.07.56; author jperkin; state Exp; branches 1.1.4.1; next ; commitid iKjSl6BDK4vKjcTy; 1.1.4.1 date 2016.07.14.18.31.58; author bsiegert; state Exp; branches; next ; commitid wcr0JLr9cj99Qjez; desc @@ 1.11 log @haproxy: Drop _XOPEN_SOURCE patches. These appear to no longer be necessary and are now actively harmful. @ text @$NetBSD: patch-Makefile,v 1.10 2022/07/25 06:34:30 adam Exp $ Do not hardcode _XOPEN_SOURCE. --- Makefile.orig 2022-07-22 15:29:36.000000000 +0000 +++ Makefile @@@@ -409,7 +409,7 @@@@ ifeq ($(TARGET),solaris) set_target_defaults = $(call default_opts, \ USE_POLL USE_TPROXY USE_LIBCRYPT USE_CRYPT_H USE_GETADDRINFO USE_THREAD \ USE_RT USE_OBSOLETE_LINKER USE_EVPORTS USE_CLOSEFROM) - TARGET_CFLAGS = -DFD_SETSIZE=65536 -D_REENTRANT -D_XOPEN_SOURCE=600 -D__EXTENSIONS__ + TARGET_CFLAGS = -DFD_SETSIZE=65536 -D_REENTRANT -D__EXTENSIONS__ TARGET_LDFLAGS = -lnsl -lsocket endif @ 1.10 log @haproxy: updated to 2.6.2 2.6.2 - MEDIUM: mux-h2: try to coalesce outgoing WINDOW_UPDATE frames - BUG/MINOR: ssl: Do not look for key in extra files if already in pem - BUG/MINOR: http-ana: Set method to HTTP_METH_OTHER when an HTTP txn is created - BUG/MINOR: http-fetch: Use integer value when possible in "method" sample fetch - MINOR: fd: add a new FD_DISOWN flag to prevent from closing a deleted FD - BUG/MEDIUM: ssl/fd: unexpected fd close using async engine - BUILD: Makefile: Add Lua 5.4 autodetect - CI: re-enable gcc asan builds - MINOR: fd: Add BUG_ON checks on fd_insert() - BUG/MINOR: peers/config: always fill the bind_conf's argument - BUG/MINOR: http-check: Preserve headers if not redefined by an implicit rule - BUG/MINOR: http-act: Properly generate 103 responses when several rules are used - BUG/MINOR: peers: fix possible NULL dereferences at config parsing - BUG/MINOR: http-htx: Fix scheme based normalization for URIs wih userinfo - MINOR: http: Add function to get port part of a host - MINOR: http: Add function to detect default port - BUG/MEDIUM: h1: Improve authority validation for CONNCET request - MINOR: http-htx: Use new HTTP functions for the scheme based normalization - BUG/MEDIUM: http-fetch: Don't fetch the method if there is no stream - REGTEESTS: filters: Fix CONNECT request in random-forwarding script - BUG/MINOR: mux-h1: Be sure to commit htx changes in the demux buffer - BUG/MEDIUM: http-ana: Don't wait to have an empty buf to switch in TUNNEL state - BUG/MEDIUM: mux-h1: Handle connection error after a synchronous send - MEDIUM: mworker: set the iocb of the socketpair without using fd_insert() - BUG/MINOR: quic: Missing acknowledgments for trailing packets - BUG/MINOR: quic: Wrong reuse of fulfilled dgram RX buffer - BUG/MAJOR: quic: Big RX dgrams leak when fulfilling a buffer - BUG/MAJOR: quic: Big RX dgrams leak with POST requests - BUILD: quic+h3: 32-bit compilation errors fixes - BUG/MINOR: quic: Dropped packets not counted (with RX buffers full) - MINOR: quic: Add new stats counter to diagnose RX buffer overrun - MINOR: quic: Duplicated QUIC_RX_BUFSZ definition - MINOR: task: Add tasklet_wakeup_after() - MINOR: quic: Improvements for the datagrams receipt - MINOR: quic: Increase the QUIC connections RX buffer size (upto 64Kb) - MINOR: ncbuf: implement ncb_is_fragmented() - BUG/MINOR: mux-quic: do not signal FIN if gap in buffer - MINOR: h3: add h3c pointer into h3s instance - MINOR: h3: handle errors on HEADERS parsing/QPACK decoding - MINOR: qpack: properly handle invalid dynamic table references - CLEANUP: h2: Typo fix in h2_unsubcribe() traces - BUG/MEDIUM: mux-quic: fix server chunked encoding response - BUG/MINOR: quic: fix closing state on NO_ERROR code sent - BUG/MEDIUM: cli/threads: make "show threads" more robust on applets - BUG/MINOR: debug: enter ha_panic() only once - BUG/MEDIUM: tools: avoid calling dlsym() in static builds - BUILD: makefile: Fix install(1) handling for OpenBSD/NetBSD/Solaris/AIX - BUG/MEDIUM: tools: avoid calling dlsym() in static builds (try 2) - MINOR: resolvers: resolvers_destroy() deinit and free a resolver - BUG/MINOR: resolvers: shut off the warning for the default resolvers - BUG/MINOR: ssl: allow duplicate certificates in ca-file directories - BUG/MINOR: tools: fix statistical_prng_range()'s output range - BUG/MINOR: quic: do not send CONNECTION_CLOSE_APP in initial/handshake - BUG/MINOR: mworker/cli: relative pid prefix not validated anymore - BUG/MAJOR: mux_quic: fix invalid PROTOCOL_VIOLATION on POST data overlap - BUG/MEDIUM: mworker: proc_self incorrectly set crashes upon reload - BUILD: add detection for unsupported compiler models - BUG/MEDIUM: stconn: Only reset connect expiration when processing backend side - BUILD: quic: fix anonymous union for gcc-4.4 - BUG/MINOR: backend: Fallback on RR algo if balance on source is impossible @ text @d1 1 a1 1 $NetBSD: patch-Makefile,v 1.9 2022/02/21 17:13:39 adam Exp $ @ 1.9 log @haproxy: updated to 2.5.3 2.5.3 - MINOR: sock: move the unused socket cleaning code into its own function - BUG/MEDIUM: mworker: close unused transferred FDs on load failure - BUG/MINOR: mworker: fix a FD leak of a sockpair upon a failed reload - BUG/MINOR: sink: Use the right field in appctx context in release callback - BUG/MEDIUM: resolvers: Really ignore trailing dot in domain names - BUG/MEDIUM: fd: always align fdtab[] to 64 bytes - BUG/MAJOR: compiler: relax alignment constraints on certain structures - MINOR: httpclient: Don't limit data transfer to 1024 bytes - BUG/MINOR: httpclient: reinit flags in httpclient_start() - BUG/MINOR: mailers: negotiate SMTP, not ESMTP - BUG/MINOR: ssl: Add missing return value check in ssl_ocsp_response_print - BUG/MINOR: ssl: Fix leak in "show ssl ocsp-response" CLI command - BUG/MINOR: ssl: Missing return value check in ssl_ocsp_response_print - CLEANUP: httpclient/cli: fix indentation alignment of the help message - BUG/MINOR: tools: url2sa reads ipv4 too far - BUG/MEDIUM: httpclient: limit transfers to the maximum available room - DEBUG: buffer: check in __b_put_blk() whether the buffer room is respected 2.5.2 - BUG/MEDIUM: connection: properly leave stopping list on error - BUG/MEDIUM: htx: Adjust length to add DATA block in an empty HTX buffer - BUG/MINOR: httpclient: don't send an empty body - BUG/MINOR: httpclient: set default Accept and User-Agent headers - BUG/MINOR: httpclient/lua: don't pop the lua stack when getting headers - BUILD/MINOR: fix solaris build with clang. - BUG/MEDIUM: server: avoid changing healthcheck ctx with set server ssl - DOC: management: mark "set server ssl" as deprecated - MEDIUM: cli: yield between each pipelined command - MINOR: channel: add new function co_getdelim() to support multiple delimiters - BUG/MINOR: cli: avoid O(bufsize) parsing cost on pipelined commands - MEDIUM: h2/hpack: emit a Dynamic Table Size Update after settings change - BUG/MEDIUM: cli: Never wait for more data on client shutdown - BUG/MEDIUM: mcli: do not try to parse empty buffers - BUG/MEDIUM: mcli: always realign wrapping buffers before parsing them - BUG/MINOR: stream: make the call_rate only count the no-progress calls - DEBUG: cli: add a new "debug dev fd" expert command - BUILD: debug/cli: condition test of O_ASYNC to its existence - DEBUG: pools: add new build option DEBUG_POOL_INTEGRITY - REGTESTS: ssl: Fix ssl_errors regtest with OpenSSL 1.0.2 - BUG/MEDIUM: mworker: don't lose the stats socket on failed reload - BUG/MINOR: mworker: does not add the -sf in wait mode - BUG/MINOR: pools: always flush pools about to be destroyed - DEBUG: pools: add extra sanity checks when picking objects from a local cache - DEBUG: pools: let's add reverse mapping from cache heads to thread and pool - DEBUG: pools: replace the link pointer with the caller's address on pool_free() - BUG/MAJOR: sched: prevent rare concurrent wakeup of multi-threaded tasks - BUG/MINOR: mworker: does not erase the pidfile upon reload - DEBUG: fd: make sure we never try to insert/delete an impossible FD number - MINOR: listener: replace the listener's spinlock with an rwlock - BUG/MEDIUM: listener: read-lock the listener during accept() - BUG/MINOR: httpclient: Revisit HC request and response buffers allocation - BUG/MEDIUM: httpclient: Xfer the request when the stream is created - BUG/MINOR: ssl: Remove empty lines from "show ssl ocsp-response " output - BUG/MINOR: jwt: Double free in deinit function - BUG/MINOR: jwt: Missing pkey free during cleanup - BUG/MINOR: jwt: Memory leak if same key is used in multiple jwt_verify calls - BUG/MINOR: httpclient/cli: display junk characters in vsn - BUG/MAJOR: http/htx: prevent unbounded loop in http_manage_server_side_cookies - BUG/MAJOR: spoe: properly detach all agents when releasing the applet - REGTESTS: server: close an occasional race on dynamic_server_ssl.vtc - REGTESTS: peers: leave a bit more time to peers to synchronize - BUG/MEDIUM: h2/hpack: fix emission of HPACK DTSU after settings change - BUG/MINOR: mux-h2: update the session's idle delay before creating the stream @ text @d1 1 a1 1 $NetBSD: patch-Makefile,v 1.8 2020/12/06 11:22:53 adam Exp $ d5 1 a5 1 --- Makefile.orig 2022-02-18 17:08:02.000000000 +0000 d7 1 a7 1 @@@@ -378,7 +378,7 @@@@ ifeq ($(TARGET),solaris) a15 22 @@@@ -994,8 +994,8 @@@@ src/haproxy.o: src/haproxy.c $(DEP) -c -o $@@ $< install-man: - $(Q)install -v -d "$(DESTDIR)$(MANDIR)"/man1 - $(Q)install -v -m 644 doc/haproxy.1 "$(DESTDIR)$(MANDIR)"/man1 + $(Q)install -d "$(DESTDIR)$(MANDIR)"/man1 + $(Q)install -m 644 doc/haproxy.1 "$(DESTDIR)$(MANDIR)"/man1 EXCLUDE_DOCUMENTATION = lgpl gpl coding-style DOCUMENTATION = $(filter-out $(EXCLUDE_DOCUMENTATION),$(patsubst doc/%.txt,%,$(wildcard doc/*.txt))) @@@@ -1013,8 +1013,8 @@@@ install-bin: exit 1; \ fi; \ done - $(Q)install -v -d "$(DESTDIR)$(SBINDIR)" - $(Q)install -v haproxy $(EXTRA) "$(DESTDIR)$(SBINDIR)" + $(Q)install -d "$(DESTDIR)$(SBINDIR)" + $(Q)install haproxy $(EXTRA) "$(DESTDIR)$(SBINDIR)" install: install-bin install-man install-doc @ 1.8 log @haproxy: updated to 2.3.2 2.3.2 - BUILD: http-htx: fix build warning regarding long type in printf - CLEANUP: cfgparse: remove duplicate registration for transparent build options - BUG/MEDIUM: filters: Forward all filtered data at the end of http filtering - BUG/MINOR: http-ana: Don't wait for the body of CONNECT requests - DOC: add missing 3.10 in the summary - BUG/MINOR: ssl: segv on startup when AKID but no keyid - BUG/MEDIUM: http-ana: Don't eval http-after-response ruleset on empty messages - BUG/MEDIUM: ssl/crt-list: bundle support broken in crt-list - BUG/MEDIUM: ssl: error when no certificate are found - BUG/MINOR: ssl/crt-list: load bundle in crt-list only if activated - BUG/MEDIUM: ssl/crt-list: fix error when no file found - BUILD: makefile: enable crypt(3) for OpenBSD - DOC: clarify how to create a fallback crt - CLEANUP: connection: do not use conn->owner when the session is known - BUG/MAJOR: connection: reset conn->owner when detaching from session list - BUG/MINOR: http_htx: Fix searching headers by substring - DOC: better describes how to configure a fallback crt - BUG/MAJOR: filters: Always keep all offsets up to date during data filtering - MEDIUM: cache: Change caching conditions - DOC: cache: Add new caching limitation information - REGTESTS: Add sample_fetches/cook.vtc - REGTESTS: converter: add url_dec test - MINOR: http_act: Add -m flag for del-header name matching method - BUILD: Make DEBUG part of .build_opts - BUILD: Show the value of DEBUG= in haproxy -vv - BUG/MEDIUM: http_act: Restore init of log-format list - BUG/MAJOR: peers: fix partial message decoding - DOC: better document the config file format and escaping/quoting rules - DOC: Clarify %HP description in log-format - BUG/MINOR: tcpcheck: Don't forget to reset tcp-check flags on new kind of check - MINOR: tcpcheck: Don't handle anymore in-progress send rules in tcpcheck_main - BUG/MAJOR: tcpcheck: Allocate input and output buffers from the buffer pool - DOC: config: Move req.hdrs and req.hdrs_bin in L7 samples fetches section - BUG/MINOR: http-fetch: Fix smp_fetch_body() when called from a health-check 2.3.1 - BUG/MINOR: ssl: don't report 1024 bits DH param load error when it's higher - MINOR: http-htx: Add understandable errors for the errorfiles parsing - DOC: config: Fix a typo on ssl_c_chain_der - BUG/MEDIUM: ssl/crt-list: correctly insert crt-list line if crt already loaded - BUG/MINOR: pattern: a sample marked as const could be written - BUG/MINOR: lua: set buffer size during map lookups - BUG/MINOR: stats: free dynamically stats fields/lines on shutdown - BUG/MINOR: peers: Do not ignore a protocol error for dictionary entries. - BUG/MINOR: peers: Missing TX cache entries reset. - BUG/MEDIUM: peers: fix decoding of multi-byte length in stick-table messages - BUG/MINOR: http-fetch: Extract cookie value even when no cookie name - BUG/MINOR: http-fetch: Fix calls w/o parentheses of the cookie sample fetches - BUG/MEDIUM: check: reuse srv proto only if using same mode - MINOR: check: report error on incompatible proto - MINOR: check: report error on incompatible connect proto - BUG/MINOR: http-htx: Handle warnings when parsing http-error and http-errors - BUG/MAJOR: spoe: Be sure to remove all references on a released spoe applet - MINOR: spoe: Don't close connection in sync mode on processing timeout - BUG/MINOR: tcpcheck: Don't warn on unused rules if check option is after - MINOR: init: Fix the prototype for per-thread free callbacks - MINOR: config/mux-h2: Return ERR_ flags from init_h2() instead of a status - MINOR: cfgparse: tighten the scope of newnameserver variable, free it on error. - REGTEST: ssl: test wildcard and multi-type + exclusions - REGTEST: ssl: mark reg-tests/ssl/ssl_crt-list_filters.vtc as broken - MINOR: peers: Add traces to peer_treat_updatemsg(). - REGTEST: make ssl_client_samples and ssl_server_samples require to 2.2 2.3.0 - CLEANUP: pattern: remove unused entry "tree" in pattern.val - BUILD: ssl: use SSL_CTRL_GET_RAW_CIPHERLIST instead of OpenSSL versions - BUG/MEDIUM: filters: Don't try to init filters for disabled proxies - BUG/MINOR: proxy/server: Skip per-proxy/server post-check for disabled proxies - BUG/MINOR: checks: Report a socket error before any connection attempt - BUG/MINOR: server: Set server without addr but with dns in RMAINT on startup - MINOR: server: Copy configuration file and line for server templates - BUG/MEDIUM: mux-pt: Release the tasklet during an HTTP upgrade - BUILD: ssl: use HAVE_OPENSSL_KEYLOG instead of OpenSSL versions - MINOR: debug: don't count free(NULL) in memstats - BUG/MINOR: filters: Skip disabled proxies during startup only - MINOR: mux_h2: capitalize frame type in stats - MINOR: mux_h2: add stat for total count of connections/streams - MINOR: stats: do not display empty stat module title on html - BUG/MEDIUM: stick-table: limit the time spent purging old entries - BUG/MEDIUM: listener: only enable a listening listener if needed - BUG/MEDIUM: listener: never suspend inherited sockets - BUG/MEDIUM: listener: make the master also keep workers' inherited FDs - MINOR: fd: add fd_want_recv_safe() - MEDIUM: listeners: make use of fd_want_recv_safe() to enable early receivers - REGTESTS: mark abns_socket as working now - CLEANUP: mux-h2: Remove the h1 parser state from the h2 stream - MINOR: sock: add a check against cross worker<->master socket activities - CI: github actions: limit OpenSSL no-deprecated builds to "default,bug,devel" reg-tests - BUG/MEDIUM: server: make it possible to kill last idle connections - MINOR: mworker/cli: the master CLI use its own applet - MINOR: ssl: define SSL_CTX_set1_curves_list to itself on BoringSSL - BUILD: ssl: use feature macros for detecting ec curves manipulation support - DOC: Add dns as an available domain to show stat - BUILD: makefile: usual reorder of objects for faster builds - DOC: update INSTALL to mention that TCC is supported - DOC: mention in INSTALL that haproxy 2.3 is a stable version - MINOR: version: mention that it's stable now @ text @d1 1 a1 1 $NetBSD: patch-Makefile,v 1.7 2019/08/03 20:37:19 morr Exp $ d5 1 a5 1 --- Makefile.orig 2020-11-28 15:51:33.000000000 +0000 d7 1 a7 1 @@@@ -361,7 +361,7 @@@@ ifeq ($(TARGET),solaris) d11 1 a11 1 - TARGET_CFLAGS = -DFD_SETSIZE=65536 -D_REENTRANT -D_XOPEN_SOURCE=500 -D__EXTENSIONS__ d16 1 a16 1 @@@@ -924,8 +924,8 @@@@ src/haproxy.o: src/haproxy.c $(DEP) d27 1 a27 1 @@@@ -943,8 +943,8 @@@@ install-bin: @ 1.7 log @Update to version 2.0.3. ChangeLog too big to list here, please take a look at http://www.haproxy.org/download/2.0/src/CHANGELOG @ text @d1 1 a1 1 $NetBSD: patch-Makefile,v 1.6 2019/06/13 09:07:08 adam Exp $ d5 1 a5 1 --- Makefile.orig 2019-07-23 13:21:26.000000000 +0000 d7 1 a7 1 @@@@ -333,7 +333,7 @@@@ ifeq ($(TARGET),solaris) d10 1 a10 1 USE_RT USE_OBSOLETE_LINKER USE_EVPORTS) d16 1 a16 1 @@@@ -852,8 +852,8 @@@@ src/haproxy.o: src/haproxy.c $(DEP) d27 1 a27 1 @@@@ -871,8 +871,8 @@@@ install-bin: @ 1.6 log @haproxy: updated to 1.8.20 1.8.20 - BUG/MAJOR: listener: Make sure the listener exist before using it. - BUG/MINOR: listener: keep accept rate counters accurate under saturation - BUG/MEDIUM: logs: Only attempt to free startup_logs once. - BUG/MEDIUM: 51d: fix possible segfault on deinit_51degrees() - BUG/MINOR: ssl: fix warning about ssl-min/max-ver support - MEDIUM: threads: Use __ATOMIC_SEQ_CST when using the newer atomic API. - BUG/MEDIUM: threads/fd: do not forget to take into account epoll_fd/pipes - BUG/MAJOR: spoe: Fix initialization of thread-dependent fields - BUG/MAJOR: stats: Fix how huge POST data are read from the channel - BUG/MINOR: http/counters: fix missing increment of fe->srv_aborts - BUG/MEDIUM: ssl: ability to set TLS 1.3 ciphers using ssl-default-server-ciphersuites - DOC: The option httplog is no longer valid in a backend. - BUG/MAJOR: checks: segfault during tcpcheck_main - BUILD: makefile: work around an old bug in GNU make-3.80 - MINOR: tools: make memvprintf() never pass a NULL target to vsnprintf() - BUILD: makefile: fix build of IPv6 header on aix51 - BUILD: makefile: add _LINUX_SOURCE_COMPAT to build on AIX-51 - BUILD: Makefile: disable shared cache on AIX 5.1 - BUG/MINOR: cli: correctly handle abns in 'show cli sockets' - MINOR: cli: start addresses by a prefix in 'show cli sockets' - BUG/MEDIUM: peers: fix a case where peer session is not cleanly reset on release. - BUILD: use inttypes.h instead of stdint.h - BUILD: connection: fix naming of ip_v field - BUG/MEDIUM: pattern: assign pattern IDs after checking the config validity - BUG/MEDIUM: spoe: Queue message only if no SPOE applet is attached to the stream - BUG/MEDIUM: spoe: Return an error if nothing is encoded for fragmented messages - BUG/MINOR: threads: fix the process range of thread masks - MINOR: lists: Implement locked variations. - BUG/MEDIUM: lists: Properly handle the case we're removing the first elt. - BUG/MEDIUM: list: fix the rollback on addq in the locked liss - BUG/MEDIUM: list: fix LIST_POP_LOCKED's removal of the last pointer - BUG/MEDIUM: list: add missing store barriers when updating elements and head - MINOR: list: make the delete and pop operations idempotent - BUG/MEDIUM: list: correct fix for LIST_POP_LOCKED's removal of last element - BUG/MEDIUM: list: fix again LIST_ADDQ_LOCKED - BUG/MEDIUM: list: fix incorrect pointer unlocking in LIST_DEL_LOCKED() - MAJOR: listener: do not hold the listener lock in listener_accept() - BUG/MEDIUM: listener: use a self-locked list for the dequeue lists - BUG/MEDIUM: listener: make sure the listener never accepts too many conns - BUILD/MINOR: listener: Silent a few signedness warnings. - MINOR: skip get_gmtime where tm is unused - BUG/MAJOR: http_fetch: Get the channel depending on the keyword used - BUG/MEDIUM: maps: only try to parse the default value when it's present - BUG/MINOR: acl: properly detect pattern type SMP_T_ADDR - BUG/MEDIUM: thread/http: Add missing locks in set-map and add-acl HTTP rules - BUG/MINOR: 51d: Get the request channel to call CHECK_HTTP_MESSAGE_FIRST() - BUG/MINOR: da: Get the request channel to call CHECK_HTTP_MESSAGE_FIRST() - BUG/MINOR: spoe: Don't systematically wakeup SPOE stream in the applet handler 1.8.19 - DOC: ssl: Clarify when pre TLSv1.3 cipher can be used - DOC: ssl: Stop documenting ciphers example to use - BUG/MINOR: spoe: do not assume agent->rt is valid on exit - BUG/MINOR: lua: initialize the correct idle conn lists for the SSL sockets - BUG/MEDIUM: spoe: initialization depending on nbthread must be done last - BUG/MEDIUM: server: initialize the idle conns list after parsing the config - BUG/MAJOR: spoe: Don't try to get agent config during SPOP healthcheck - BUG/MAJOR: stream: avoid double free on unique_id - BUG/MINOR: config: Reinforce validity check when a process number is parsed 1.8.18 - DOC: http-request cache-use / http-response cache-store expects cache name - BUG/MAJOR: cache: fix confusion between zero and uninitialized cache key - BUG/MEDIUM: ssl: Disable anti-replay protection and set max data with 0RTT. - DOC: Be a bit more explicit about allow-0rtt security implications. - BUG/MEDIUM: ssl: missing allocation failure checks loading tls key file - BUG/MINOR: backend: don't use url_param_name as a hint for BE_LB_ALGO_PH - BUG/MINOR: backend: balance uri specific options were lost across defaults - BUG/MINOR: backend: BE_LB_LKUP_CHTREE is a value, not a bit - BUG/MINOR: stick_table: Prevent conn_cur from underflowing - BUG/MINOR: server: don't always trust srv_check_health when loading a server state - BUG/MINOR: check: Wake the check task if the check is finished in wake_srv_chk() - BUG/MEDIUM: ssl: Fix handling of TLS 1.3 KeyUpdate messages - DOC: mention the effect of nf_conntrack_tcp_loose on src/dst - MINOR: h2: add a bit-based frame type representation - MINOR: h2: declare new sets of frame types - BUG/MINOR: mux-h2: CONTINUATION in closed state must always return GOAWAY - BUG/MINOR: mux-h2: headers-type frames in HREM are always a connection error - BUG/MINOR: mux-h2: make it possible to set the error code on an already closed stream - BUG/MINOR: hpack: return a compression error on invalid table size updates - DOC: nbthread is no longer experimental. - BUG/MINOR: spoe: corrected fragmentation string size - BUG/MINOR: deinit: tcp_rep.inspect_rules not deinit, add to deinit - SCRIPTS: add the slack channel URL to the announce script - SCRIPTS: add the issue tracker URL to the announce script - BUG/MINOR: stream: don't close the front connection when facing a backend error - MINOR: xref: Add missing barriers. - BUG/MEDIUM: mux-h2: wake up flow-controlled streams on initial window update - BUG/MEDIUM: mux-h2: fix two half-closed to closed transitions - BUG/MEDIUM: mux-h2: make sure never to send GOAWAY on too old streams - BUG/MEDIUM: mux-h2: wait for the mux buffer to be empty before closing the connection - MINOR: stream-int: expand the flags to 32-bit - MINOR: stream-int: add a new flag to mention that we want the connection to be killed - MINOR: connstream: have a new flag CS_FL_KILL_CONN to kill a connection - BUG/MEDIUM: mux-h2: do not close the connection on aborted streams - BUG/MEDIUM: stream: Don't forget to free s->unique_id in stream_free(). - BUG/MINOR: config: fix bind line thread mask validation - BUG/MAJOR: config: verify that targets of track-sc and stick rules are present - BUG/MAJOR: spoe: verify that backends used by SPOE cover all their callers' processes - BUG/MINOR: config: make sure to count the error on incorrect track-sc/stick rules @ text @d1 1 a1 1 $NetBSD: patch-Makefile,v 1.5 2018/07/25 13:51:18 jperkin Exp $ d5 1 a5 1 --- Makefile.orig 2019-04-25 21:59:27.000000000 +0000 d7 5 a11 5 @@@@ -316,7 +316,7 @@@@ ifeq ($(TARGET),solaris) # This is for Solaris 8 # We also enable getaddrinfo() which works since solaris 8. USE_POLL = implicit - TARGET_CFLAGS = -fomit-frame-pointer -DFD_SETSIZE=65536 -D_REENTRANT -D_XOPEN_SOURCE=500 -D__EXTENSIONS__ d14 24 a37 2 USE_TPROXY = implicit USE_LIBCRYPT = implicit @ 1.5 log @haproxy: Fix SunOS C99 handling. @ text @d1 1 a1 1 $NetBSD: patch-Makefile,v 1.4 2018/04/05 09:18:39 jperkin Exp $ a3 1 Skip installing unnecessary documentation. d5 1 a5 1 --- Makefile.orig 2018-06-27 14:27:32.000000000 +0000 d7 1 a7 1 @@@@ -310,7 +310,7 @@@@ ifeq ($(TARGET),solaris) a15 10 @@@@ -933,9 +933,6 @@@@ DOCUMENTATION = $(filter-out $(EXCLUDE_D install-doc: install -d "$(DESTDIR)$(DOCDIR)" - for x in $(DOCUMENTATION); do \ - install -m 644 doc/$$x.txt "$(DESTDIR)$(DOCDIR)" ; \ - done install-bin: @@for i in haproxy $(EXTRA); do \ @ 1.4 log @haproxy: Rework SunOS XOPEN_SOURCE handling. This package explicitly avoids C99-isms and fails to build in C99 mode with older compilers, even though it works fine with newer compilers that default to C99 mode. So, we need to explicitly request XPG4_2 if and only if the compiler does not default to C99, and must not require C99. @ text @d1 1 a1 1 $NetBSD: patch-Makefile,v 1.3 2018/02/08 19:12:50 jperkin Exp $ d6 1 a6 1 --- Makefile.orig 2017-12-30 17:13:19.000000000 +0000 d8 1 a8 1 @@@@ -309,7 +309,7 @@@@ ifeq ($(TARGET),solaris) d13 1 a13 1 + TARGET_CFLAGS = -DFD_SETSIZE=65536 -D_REENTRANT -D__EXTENSIONS__ -D_XOPEN_SOURCE_EXTENDED=1 d17 1 a17 1 @@@@ -931,9 +931,6 @@@@ DOCUMENTATION = $(filter-out $(EXCLUDE_D @ 1.3 log @haproxy: Use C99. @ text @d1 1 a1 1 $NetBSD: patch-Makefile,v 1.2 2016/07/03 14:06:45 morr Exp $ d3 1 a3 1 Specify C99. d13 1 a13 1 + TARGET_CFLAGS = -DFD_SETSIZE=65536 -D_REENTRANT -D_XOPEN_SOURCE=600 -D__EXTENSIONS__ @ 1.2 log @Update to newer version 1.6.6. Changes: - BUG/MAJOR: fix listening IP address storage for frontends - BUG/MINOR: fix listening IP address storage for frontends (cont) - DOC: Fix typo so fetch is properly parsed by Cyril's converter - BUG/MAJOR: http: fix breakage of "reqdeny" causing random crashes - BUG/MEDIUM: stick-tables: fix breakage in table converters - BUG/MEDIUM: dns: unbreak DNS resolver after header fix - BUILD: fix build on Solaris 11 - CLEANUP: connection: fix double negation on memcmp() - BUG/MEDIUM: stats: show servers state may show an servers from another backend - BUG/MEDIUM: fix risk of segfault with "show tls-keys" - BUG/MEDIUM: sticktables: segfault in some configuration error cases - BUG/MEDIUM: lua: converters doesn't work - BUG/MINOR: http: add-header: header name copied twice - BUG/MEDIUM: http: add-header: buffer overwritten - BUG/MINOR: ssl: fix potential memory leak in ssl_sock_load_dh_params() - BUG/MINOR: http: url32+src should use the big endian version of url32 - BUG/MINOR: http: url32+src should check cli_conn before using it - DOC: http: add documentation for url32 and url32+src - BUG/MINOR: fix http-response set-log-level parsing error - MINOR: systemd: Use variable for config and pidfile paths - MINOR: systemd: Perform sanity check on config before reload (cherry picked from commit 68535bddf305fdd22f1449a039939b57245212e7) - BUG/MINOR: init: always ensure that global.rlimit_nofile matches actual limits - BUG/MINOR: init: ensure that FD limit is raised to the max allowed - BUG/MEDIUM: external-checks: close all FDs right after the fork() - BUG/MAJOR: external-checks: use asynchronous signal delivery - BUG/MINOR: external-checks: do not unblock undesired signals - BUILD/MEDIUM: rebuild everything when an include file is changed - BUILD/MEDIUM: force a full rebuild if some build options change - BUG/MINOR: srv-state: fix incorrect output of state file - BUG/MINOR: ssl: close ssl key file on error - BUG/MINOR: http: fix misleading error message for response captures - BUG/BUILD: don't automatically run "make" on "make install" - DOC: add missing doc for http-request deny [deny_status ] Drop one patch included upstream. @ text @d1 1 a1 1 $NetBSD: patch-Makefile,v 1.1 2016/02/01 10:07:56 jperkin Exp $ d3 1 d6 1 a6 1 --- Makefile.orig 2016-06-26 17:41:01.000000000 +0000 d8 10 a17 1 @@@@ -812,9 +812,6 @@@@ DOCUMENTATION = $(filter-out $(EXCLUDE_D @ 1.1 log @Fix build on SunOS. Clean up patches while here. @ text @d1 1 a1 1 $NetBSD$ d5 1 a5 1 --- Makefile.orig 2015-11-03 10:22:06.000000000 +0000 d7 1 a7 1 @@@@ -801,9 +801,6 @@@@ DOCUMENTATION = $(filter-out $(EXCLUDE_D d15 2 a16 2 install-bin: haproxy $(EXTRA) install -d "$(DESTDIR)$(SBINDIR)" @ 1.1.4.1 log @Pullup ticket #5057 - requested by sevan net/haproxy: security fix Revisions pulled up: - net/haproxy/Makefile 1.28 - net/haproxy/distinfo 1.23 - net/haproxy/patches/patch-Makefile 1.2 --- Module Name: pkgsrc Committed By: morr Date: Sun Jul 3 14:06:45 UTC 2016 Modified Files: pkgsrc/net/haproxy: Makefile distinfo pkgsrc/net/haproxy/patches: patch-Makefile Log Message: Update to newer version 1.6.6. Changes: - BUG/MAJOR: fix listening IP address storage for frontends - BUG/MINOR: fix listening IP address storage for frontends (cont) - DOC: Fix typo so fetch is properly parsed by Cyril's converter - BUG/MAJOR: http: fix breakage of "reqdeny" causing random crashes - BUG/MEDIUM: stick-tables: fix breakage in table converters - BUG/MEDIUM: dns: unbreak DNS resolver after header fix - BUILD: fix build on Solaris 11 - CLEANUP: connection: fix double negation on memcmp() - BUG/MEDIUM: stats: show servers state may show an servers from another backend - BUG/MEDIUM: fix risk of segfault with "show tls-keys" - BUG/MEDIUM: sticktables: segfault in some configuration error cases - BUG/MEDIUM: lua: converters doesn't work - BUG/MINOR: http: add-header: header name copied twice - BUG/MEDIUM: http: add-header: buffer overwritten - BUG/MINOR: ssl: fix potential memory leak in ssl_sock_load_dh_params() - BUG/MINOR: http: url32+src should use the big endian version of url32 - BUG/MINOR: http: url32+src should check cli_conn before using it - DOC: http: add documentation for url32 and url32+src - BUG/MINOR: fix http-response set-log-level parsing error - MINOR: systemd: Use variable for config and pidfile paths - MINOR: systemd: Perform sanity check on config before reload (cherry picked from commit 68535bddf305fdd22f1449a039939b57245212e7) - BUG/MINOR: init: always ensure that global.rlimit_nofile matches actual limits - BUG/MINOR: init: ensure that FD limit is raised to the max allowed - BUG/MEDIUM: external-checks: close all FDs right after the fork() - BUG/MAJOR: external-checks: use asynchronous signal delivery - BUG/MINOR: external-checks: do not unblock undesired signals - BUILD/MEDIUM: rebuild everything when an include file is changed - BUILD/MEDIUM: force a full rebuild if some build options change - BUG/MINOR: srv-state: fix incorrect output of state file - BUG/MINOR: ssl: close ssl key file on error - BUG/MINOR: http: fix misleading error message for response captures - BUG/BUILD: don't automatically run "make" on "make install" - DOC: add missing doc for http-request deny [deny_status ] Drop one patch included upstream. @ text @d5 1 a5 1 --- Makefile.orig 2016-06-26 17:41:01.000000000 +0000 d7 1 a7 1 @@@@ -812,9 +812,6 @@@@ DOCUMENTATION = $(filter-out $(EXCLUDE_D d15 2 a16 2 install-bin: @@for i in haproxy $(EXTRA); do \ @