Browse Source

haproxy: Update HAProxy to v2.4.9

- Update haproxy download URL and hash
- Switched over to using USE_LIBATOMIC in favor of -latomic
- Added a patch which fixes nossl builds

Signed-off-by: Christian Lachner <gladiac@gmail.com>
lilik-openwrt-22.03
Christian Lachner 3 years ago
committed by Hannu Nyman
parent
commit
7b7366b1d9
3 changed files with 92 additions and 5 deletions
  1. +4
    -4
      net/haproxy/Makefile
  2. +1
    -1
      net/haproxy/get-latest-patches.sh
  3. +87
    -0
      net/haproxy/patches/000-BUILD-MINOR-server-fix-compilation-without-SSL.patch

+ 4
- 4
net/haproxy/Makefile View File

@ -10,12 +10,12 @@
include $(TOPDIR)/rules.mk
PKG_NAME:=haproxy
PKG_VERSION:=2.4.7
PKG_VERSION:=2.4.9
PKG_RELEASE:=$(AUTORELEASE)
PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz
PKG_SOURCE_URL:=https://www.haproxy.org/download/2.4/src
PKG_HASH:=52af97f72f22ffd8a7a995fafc696291d37818feda50a23caef7dc0622421845
PKG_HASH:=d56c7fe3c5afedd1b9a19e1b7f8f954feaf50a9c2f205f99891043858b72a763
PKG_MAINTAINER:=Thomas Heil <heil@terminal-consulting.de>, \
Christian Lachner <gladiac@gmail.com>
@ -102,13 +102,13 @@ define Build/Compile
PCREDIR="$(STAGING_DIR)/usr/" \
USE_LUA=1 LUA_LIB_NAME="lua5.3" LUA_INC="$(STAGING_DIR)/usr/include/lua5.3" LUA_LIB="$(STAGING_DIR)/usr/lib" \
SMALL_OPTS="-DBUFSIZE=16384 -DMAXREWRITE=1030 -DSYSTEM_MAXCONN=165530" \
USE_ZLIB=1 USE_PCRE=1 USE_PCRE_JIT=1 USE_PTHREAD_PSHARED=1 USE_PROMEX=1 \
USE_ZLIB=1 USE_PCRE=1 USE_PCRE_JIT=1 USE_PTHREAD_PSHARED=1 USE_LIBATOMIC=1 USE_PROMEX=1 \
VERSION="$(PKG_VERSION)" SUBVERS="-$(PKG_RELEASE)" \
VERDATE="$(shell date -d @$(SOURCE_DATE_EPOCH) '+%Y/%m/%d')" IGNOREGIT=1 \
$(ADDON) \
CFLAGS="$(TARGET_CFLAGS) -fno-strict-aliasing -Wdeclaration-after-statement -Wno-unused-label -Wno-sign-compare -Wno-unused-parameter -Wno-clobbered -Wno-missing-field-initializers -Wno-cast-function-type -Wno-address-of-packed-member -Wtype-limits -Wshift-negative-value -Wshift-overflow=2 -Wduplicated-cond -Wnull-dereference -fwrapv -fasynchronous-unwind-tables -Wno-null-dereference" \
LD="$(TARGET_CC)" \
LDFLAGS="$(TARGET_LDFLAGS) -latomic"
LDFLAGS="$(TARGET_LDFLAGS)"
$(MAKE_VARS) $(MAKE) -C $(PKG_BUILD_DIR) \
DESTDIR="$(PKG_INSTALL_DIR)" \


+ 1
- 1
net/haproxy/get-latest-patches.sh View File

@ -1,7 +1,7 @@
#!/bin/sh
CLONEURL=https://git.haproxy.org/git/haproxy-2.4.git
BASE_TAG=v2.4.4
BASE_TAG=v2.4.9
TMP_REPODIR=tmprepo
PATCHESDIR=patches


+ 87
- 0
net/haproxy/patches/000-BUILD-MINOR-server-fix-compilation-without-SSL.patch View File

@ -0,0 +1,87 @@
commit ea489aa18caacf057880c67b933689c363307a23
Author: Amaury Denoyelle <adenoyelle@haproxy.com>
Date: Thu Nov 25 10:20:19 2021 +0100
BUILD/MINOR: server: fix compilation without SSL
The build without SSL was broken by the following backported commit:
8e99b84dba7755e73563093a8fcedb25e70e7b94
MEDIUM: server/backend: implement websocket protocol selection
Fix this by checking the ALPN only if USE_OPENSSL and
TLSEXT_TYPE_application_layer_protocol_negotiation are defined. Else
always use the server mux-proto.
No need to backport.
--- a/src/server.c
+++ b/src/server.c
@@ -204,7 +204,33 @@ void srv_set_dyncookie(struct server *s)
*/
int srv_check_reuse_ws(struct server *srv)
{
- if (srv->mux_proto || srv->use_ssl != 1 || !srv->ssl_ctx.alpn_str) {
+#if defined(USE_OPENSSL) && defined(TLSEXT_TYPE_application_layer_protocol_negotiation)
+ if (!srv->mux_proto && srv->use_ssl && srv->ssl_ctx.alpn_str) {
+ /* ALPN selection.
+ * Based on the assumption that only "h2" and "http/1.1" token
+ * are used on server ALPN.
+ */
+ const struct ist alpn = ist2(srv->ssl_ctx.alpn_str,
+ srv->ssl_ctx.alpn_len);
+
+ switch (srv->ws) {
+ case SRV_WS_AUTO:
+ /* for auto mode, consider reuse as possible if the
+ * server uses a single protocol ALPN
+ */
+ if (!istchr(alpn, ','))
+ return 1;
+ break;
+
+ case SRV_WS_H2:
+ return isteq(alpn, ist("\x02h2"));
+
+ case SRV_WS_H1:
+ return isteq(alpn, ist("\x08http/1.1"));
+ }
+ }
+ else {
+#endif /* defined(OPENSSL) && defined(TLSEXT_TYPE_application_layer_protocol_negotiation) */
/* explicit srv.mux_proto or no ALPN : srv.mux_proto is used
* for mux selection.
*/
@@ -232,31 +258,9 @@ int srv_check_reuse_ws(struct server *sr
return 1;
break;
}
+#if defined(USE_OPENSSL) && defined(TLSEXT_TYPE_application_layer_protocol_negotiation)
}
- else {
- /* ALPN selection.
- * Based on the assumption that only "h2" and "http/1.1" token
- * are used on server ALPN.
- */
- const struct ist alpn = ist2(srv->ssl_ctx.alpn_str,
- srv->ssl_ctx.alpn_len);
-
- switch (srv->ws) {
- case SRV_WS_AUTO:
- /* for auto mode, consider reuse as possible if the
- * server uses a single protocol ALPN
- */
- if (!istchr(alpn, ','))
- return 1;
- break;
-
- case SRV_WS_H2:
- return isteq(alpn, ist("\x02h2"));
-
- case SRV_WS_H1:
- return isteq(alpn, ist("\x08http/1.1"));
- }
- }
+#endif /* defined(OPENSSL) && defined(TLSEXT_TYPE_application_layer_protocol_negotiation) */
return 0;
}

Loading…
Cancel
Save