From a393c6b021158ca931de0b894c56c2686a9f008b Mon Sep 17 00:00:00 2001 From: Thomas Heil Date: Sun, 4 Jan 2015 18:21:07 +0100 Subject: [PATCH] haproxy: update to version 1.5.10 - DOC: fix a few typos - BUG/MINOR: http: fix typo: "401 Unauthorized" => "407 Unauthorized" - BUG/MINOR: parse: refer curproxy instead of proxy - DOC: httplog does not support 'no' - MINOR: map/acl/dumpstats: remove the "Done." message - BUG/MEDIUM: sample: fix random number upper-bound - BUG/MEDIUM: patterns: previous fix was incomplete - BUG/MEDIUM: payload: ensure that a request channel is available - BUG/MINOR: tcp-check: don't condition data polling on check type - BUG/MEDIUM: tcp-check: don't rely on random memory contents - BUG/MEDIUM: tcp-checks: disable quick-ack unless next rule is an expect - BUG/MINOR: config: fix typo in condition when propagating process binding - BUG/MEDIUM: config: do not propagate processes between stopped processes - BUG/MAJOR: stream-int: properly check the memory allocation return - BUG/MEDIUM: memory: fix freeing logic in pool_gc2() - BUG/MEDIUM: compression: correctly report zlib_mem Signed-off-by: Thomas Heil --- net/haproxy/Makefile | 6 +-- ...patterns-previous-fix-was-incomplete.patch | 34 ------------- ...ad-ensure-that-a-request-channel-is-.patch | 49 ------------------- 3 files changed, 3 insertions(+), 86 deletions(-) delete mode 100644 net/haproxy/patches/0001-BUG-MEDIUM-patterns-previous-fix-was-incomplete.patch delete mode 100644 net/haproxy/patches/0002-BUG-MEDIUM-payload-ensure-that-a-request-channel-is-.patch diff --git a/net/haproxy/Makefile b/net/haproxy/Makefile index 52ce9f052..77bf9f230 100644 --- a/net/haproxy/Makefile +++ b/net/haproxy/Makefile @@ -9,12 +9,12 @@ include $(TOPDIR)/rules.mk PKG_NAME:=haproxy -PKG_VERSION:=1.5.9 -PKG_RELEASE:=02 +PKG_VERSION:=1.5.10 +PKG_RELEASE:=00 PKG_SOURCE:=haproxy-$(PKG_VERSION).tar.gz PKG_SOURCE_URL:=http://haproxy.1wt.eu/download/1.5/src/ PKG_BUILD_DIR:=$(BUILD_DIR)/$(PKG_NAME)-$(BUILD_VARIANT)/$(PKG_NAME)-$(PKG_VERSION) -PKG_MD5SUM:=b7672bb6a8aa188a655b418f3c96f65c +PKG_MD5SUM:=5631457ea1f84b3c0d8e5bc8015ed329 PKG_MAINTAINER:=Thomas Heil PKG_LICENSE:=GPL-2.0 diff --git a/net/haproxy/patches/0001-BUG-MEDIUM-patterns-previous-fix-was-incomplete.patch b/net/haproxy/patches/0001-BUG-MEDIUM-patterns-previous-fix-was-incomplete.patch deleted file mode 100644 index c21234fad..000000000 --- a/net/haproxy/patches/0001-BUG-MEDIUM-patterns-previous-fix-was-incomplete.patch +++ /dev/null @@ -1,34 +0,0 @@ -From bad3c6f1b6d776e5d9951a3b3054b4dce8922c54 Mon Sep 17 00:00:00 2001 -From: Willy Tarreau -Date: Wed, 26 Nov 2014 13:17:03 +0100 -Subject: [PATCH 1/2] BUG/MEDIUM: patterns: previous fix was incomplete - -Dmitry Sivachenko reported that commit 315ec42 -("BUG/MEDIUM: pattern: don't load more than once a pattern list.") -relies on an uninitialised variable in the stack. While it used to -work fine during the tests, if the uninitialized variable is non-null, -some patterns may be aggregated if loaded multiple times, resulting in -slower processing, which was the original issue it tried to address. - -The fix needs to be backported to 1.5. -(cherry picked from commit 4deaf39243c4d941998b1b0175bad05b8a287c0b) ---- - src/pattern.c | 2 +- - 1 file changed, 1 insertion(+), 1 deletion(-) - -diff --git a/src/pattern.c b/src/pattern.c -index 20547f9..208e33a 100644 ---- a/src/pattern.c -+++ b/src/pattern.c -@@ -2096,7 +2096,7 @@ int pattern_read_from_file(struct pattern_head *head, unsigned int refflags, - struct pat_ref *ref; - struct pattern_expr *expr; - struct pat_ref_elt *elt; -- int reuse; -+ int reuse = 0; - - /* Lookup for the existing reference. */ - ref = pat_ref_lookup(filename); --- -2.0.4 - diff --git a/net/haproxy/patches/0002-BUG-MEDIUM-payload-ensure-that-a-request-channel-is-.patch b/net/haproxy/patches/0002-BUG-MEDIUM-payload-ensure-that-a-request-channel-is-.patch deleted file mode 100644 index d2161ef8f..000000000 --- a/net/haproxy/patches/0002-BUG-MEDIUM-payload-ensure-that-a-request-channel-is-.patch +++ /dev/null @@ -1,49 +0,0 @@ -From 1e89acb6be9ba6400fe4defd3b6b2cc94c6667d9 Mon Sep 17 00:00:00 2001 -From: Willy Tarreau -Date: Wed, 26 Nov 2014 13:24:24 +0100 -Subject: [PATCH 2/2] BUG/MEDIUM: payload: ensure that a request channel is - available - -Denys Fedoryshchenko reported a segfault when using certain -sample fetch functions in the "tcp-request connection" rulesets -despite the warnings. This is because some tests for the existence -of the channel were missing. - -The fetches which were fixed are : - - req.ssl_hello_type - - rep.ssl_hello_type - - req.ssl_sni - -This fix must be backported to 1.5. -(cherry picked from commit 83f2592bcd2e186beeabcba16be16faaab82bd39) ---- - src/payload.c | 6 ++++++ - 1 file changed, 6 insertions(+) - -diff --git a/src/payload.c b/src/payload.c -index 4057f6f..f62163c 100644 ---- a/src/payload.c -+++ b/src/payload.c -@@ -72,6 +72,9 @@ smp_fetch_ssl_hello_type(struct proxy *px, struct session *s, void *l7, unsigned - - chn = ((opt & SMP_OPT_DIR) == SMP_OPT_DIR_RES) ? s->rep : s->req; - -+ if (!chn) -+ goto not_ssl_hello; -+ - bleft = chn->buf->i; - data = (const unsigned char *)chn->buf->p; - -@@ -276,6 +279,9 @@ smp_fetch_ssl_hello_sni(struct proxy *px, struct session *s, void *l7, unsigned - - chn = ((opt & SMP_OPT_DIR) == SMP_OPT_DIR_RES) ? s->rep : s->req; - -+ if (!chn) -+ goto not_ssl_hello; -+ - bleft = chn->buf->i; - data = (unsigned char *)chn->buf->p; - --- -2.0.4 -