Hello community, here is the log from the commit of package haproxy for openSUSE:Factory checked in at 2015-01-08 23:02:32 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/haproxy (Old) and /work/SRC/openSUSE:Factory/.haproxy.new (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "haproxy" Changes: -------- --- /work/SRC/openSUSE:Factory/haproxy/haproxy.changes 2014-11-26 22:57:07.000000000 +0100 +++ /work/SRC/openSUSE:Factory/.haproxy.new/haproxy.changes 2015-01-08 23:02:37.000000000 +0100 @@ -1,0 +2,90 @@ +Tue Jan 6 09:28:16 UTC 2015 - [email protected] + +- pull fix from usptream: + 0001-BUG-MEDIUM-backend-correctly-detect-the-domain-when-.patch + BUG/MEDIUM: backend: correctly detect the domain when + use_domain_only is used + +------------------------------------------------------------------- +Wed Dec 31 22:17:18 UTC 2014 - [email protected] + +- update to 1.5.10 + - DOC: fix a few typos + - BUG/MINOR: http: fix typo: "401 Unauthorized" => "407 + Unauthorized" + - BUG/MINOR: parse: refer curproxy instead of proxy + - DOC: httplog does not support 'no' + - MINOR: map/acl/dumpstats: remove the "Done." message + - BUG/MEDIUM: sample: fix random number upper-bound + - BUG/MEDIUM: patterns: previous fix was incomplete + - BUG/MEDIUM: payload: ensure that a request channel is available + - BUG/MINOR: tcp-check: don't condition data polling on check + type + - BUG/MEDIUM: tcp-check: don't rely on random memory contents + - BUG/MEDIUM: tcp-checks: disable quick-ack unless next rule is + an expect + - BUG/MINOR: config: fix typo in condition when propagating + process binding + - BUG/MEDIUM: config: do not propagate processes between stopped + processes + - BUG/MAJOR: stream-int: properly check the memory allocation + return + - BUG/MEDIUM: memory: fix freeing logic in pool_gc2() + - BUG/MEDIUM: compression: correctly report zlib_mem +- drop patches that we pulled from git before: + 0001-BUG-MEDIUM-patterns-previous-fix-was-incomplete.patch + 0002-BUG-MEDIUM-payload-ensure-that-a-request-channel-is-.patch + 0003-BUG-MINOR-tcp-check-don-t-condition-data-polling-on-.patch + 0004-BUG-MEDIUM-tcp-check-don-t-rely-on-random-memory-con.patch + 0005-BUG-MEDIUM-tcp-checks-disable-quick-ack-unless-next-.patch + 0006-DOC-fix-a-few-typos.patch + 0007-BUG-MEDIUM-sample-fix-random-number-upper-bound.patch + 0008-DOC-httplog-does-not-support-no.patch + 0009-BUG-MINOR-http-fix-typo-401-Unauthorized-407-Unautho.patch + 0010-BUG-MINOR-parse-refer-curproxy-instead-of-proxy.patch + 0011-BUG-MINOR-config-fix-typo-in-condition-when-propagat.patch + 0012-BUG-MEDIUM-config-do-not-propagate-processes-between.patch + +------------------------------------------------------------------- +Sat Dec 20 01:20:07 UTC 2014 - [email protected] + +- pulled some more fixes from git: + 0003-BUG-MINOR-tcp-check-don-t-condition-data-polling-on-.patch + 0004-BUG-MEDIUM-tcp-check-don-t-rely-on-random-memory-con.patch + 0005-BUG-MEDIUM-tcp-checks-disable-quick-ack-unless-next-.patch + 0006-DOC-fix-a-few-typos.patch + 0007-BUG-MEDIUM-sample-fix-random-number-upper-bound.patch + 0008-DOC-httplog-does-not-support-no.patch + 0009-BUG-MINOR-http-fix-typo-401-Unauthorized-407-Unautho.patch + 0010-BUG-MINOR-parse-refer-curproxy-instead-of-proxy.patch + 0011-BUG-MINOR-config-fix-typo-in-condition-when-propagat.patch + 0012-BUG-MEDIUM-config-do-not-propagate-processes-between.patch + + see patch headers for details. + +------------------------------------------------------------------- +Fri Nov 28 18:21:43 UTC 2014 - [email protected] + +- pulled 2 fixes from git: + - 0001-BUG-MEDIUM-patterns-previous-fix-was-incomplete.patch + Dmitry Sivachenko <[email protected]> reported that commit + 315ec42 ("BUG/MEDIUM: pattern: don't load more than once a + pattern list.") relies on an uninitialised variable in the + stack. While it used to work fine during the tests, if the + uninitialized variable is non-null, some patterns may be + aggregated if loaded multiple times, resulting in slower + processing, which was the original issue it tried to address. + - 0002-BUG-MEDIUM-payload-ensure-that-a-request-channel-is-.patch + Denys Fedoryshchenko reported a segfault when using certain + sample fetch functions in the "tcp-request connection" rulesets + despite the warnings. This is because some tests for the + existence of the channel were missing. + +------------------------------------------------------------------- +Wed Nov 26 12:29:42 UTC 2014 - [email protected] + +- fix bashisms in example scripts +- add patches: + * haproxy-1.5.8-fix-bashisms.patch + +------------------------------------------------------------------- Old: ---- haproxy-1.5.9.tar.gz New: ---- 0001-BUG-MEDIUM-backend-correctly-detect-the-domain-when-.patch haproxy-1.5.10.tar.gz haproxy-1.5.8-fix-bashisms.patch ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ haproxy.spec ++++++ --- /var/tmp/diff_new_pack.9TpaEq/_old 2015-01-08 23:02:38.000000000 +0100 +++ /var/tmp/diff_new_pack.9TpaEq/_new 2015-01-08 23:02:38.000000000 +0100 @@ -33,7 +33,7 @@ %bcond_without apparmor Name: haproxy -Version: 1.5.9 +Version: 1.5.10 Release: 0 # # @@ -60,6 +60,10 @@ Patch1: haproxy-1.2.16_config_haproxy_user.patch Patch2: haproxy-makefile_lib.patch Patch3: sec-options.patch +Patch4: haproxy-1.5.8-fix-bashisms.patch +# PATCH-UPSTREAM +Patch5: 0001-BUG-MEDIUM-backend-correctly-detect-the-domain-when-.patch +# Source99: haproxy-rpmlintrc # Summary: The Reliable, High Performance TCP/HTTP Load Balancer @@ -92,6 +96,8 @@ %patch1 %patch2 %patch3 +%patch4 -p1 +%patch5 -p1 %build %{__make} \ ++++++ 0001-BUG-MEDIUM-backend-correctly-detect-the-domain-when-.patch ++++++ >From 7ccea2642c54f9a07f4fbd29d3b005008cd457a3 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Cyril=20Bont=C3=A9?= <[email protected]> Date: Sun, 4 Jan 2015 15:17:36 +0100 Subject: [PATCH] BUG/MEDIUM: backend: correctly detect the domain when use_domain_only is used balance hdr(<name>) provides on option 'use_domain_only' to match only the domain part in a header (designed for the Host header). Olivier Fredj reported that the hashes were not the same for 'subdomain.domain.tld' and 'domain.tld'. This is because the pointer was rewinded one step to far, resulting in a hash calculated against wrong values : - '.domai' for 'subdomain.domain.tld' - ' domai' for 'domain.tld' (beginning with the space in the header line) Another special case is when no dot can be found in the header : the hash will be calculated against an empty string. The patch addresses both cases : 'domain' will be used to compute the hash for 'subdomain.domain.tld', 'domain.tld' and 'domain' (using the whole header value for the last case). The fix must be backported to haproxy 1.5 and 1.4. (cherry picked from commit f607d81d09ab839fb1143b749ff231d6093f2038) --- src/backend.c | 28 ++++++++++++++++------------ 1 file changed, 16 insertions(+), 12 deletions(-) diff --git a/src/backend.c b/src/backend.c index ada8370..9980cf8 100644 --- a/src/backend.c +++ b/src/backend.c @@ -408,29 +408,33 @@ struct server *get_server_hh(struct session *s) hash = gen_hash(px, p, len); } else { int dohash = 0; - p += len - 1; - start = end = p; + p += len; /* special computation, use only main domain name, not tld/host * going back from the end of string, start hashing at first * dot stop at next. * This is designed to work with the 'Host' header, and requires * a special option to activate this. */ + end = p; while (len) { - if (*p == '.') { - if (!dohash) { - dohash = 1; - start = end = p - 1; - } - else + if (dohash) { + /* Rewind the pointer until the previous char + * is a dot, this will allow to set the start + * position of the domain. */ + if (*(p - 1) == '.') break; - } else { - if (dohash) - start--; } - len--; + else if (*p == '.') { + /* The pointer is rewinded to the dot before the + * tld, we memorize the end of the domain and + * can enter the domain processing. */ + end = p; + dohash = 1; + } p--; + len--; } + start = p; hash = gen_hash(px, start, (end - start)); } if ((px->lbprm.algo & BE_LB_HASH_MOD) == BE_LB_HMOD_AVAL) -- 2.1.2 ++++++ haproxy-1.5.9.tar.gz -> haproxy-1.5.10.tar.gz ++++++ diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/haproxy-1.5.9/CHANGELOG new/haproxy-1.5.10/CHANGELOG --- old/haproxy-1.5.9/CHANGELOG 2014-11-26 00:38:07.000000000 +0100 +++ new/haproxy-1.5.10/CHANGELOG 2014-12-31 22:22:28.000000000 +0100 @@ -1,6 +1,24 @@ ChangeLog : =========== +2014/12/31 : 1.5.10 + - DOC: fix a few typos + - BUG/MINOR: http: fix typo: "401 Unauthorized" => "407 Unauthorized" + - BUG/MINOR: parse: refer curproxy instead of proxy + - DOC: httplog does not support 'no' + - MINOR: map/acl/dumpstats: remove the "Done." message + - BUG/MEDIUM: sample: fix random number upper-bound + - BUG/MEDIUM: patterns: previous fix was incomplete + - BUG/MEDIUM: payload: ensure that a request channel is available + - BUG/MINOR: tcp-check: don't condition data polling on check type + - BUG/MEDIUM: tcp-check: don't rely on random memory contents + - BUG/MEDIUM: tcp-checks: disable quick-ack unless next rule is an expect + - BUG/MINOR: config: fix typo in condition when propagating process binding + - BUG/MEDIUM: config: do not propagate processes between stopped processes + - BUG/MAJOR: stream-int: properly check the memory allocation return + - BUG/MEDIUM: memory: fix freeing logic in pool_gc2() + - BUG/MEDIUM: compression: correctly report zlib_mem + 2014/11/26 : 1.5.9 - BUILD: fix "make install" to support spaces in the install dirs - BUG/MEDIUM: checks: fix conflicts between agent checks and ssl healthchecks diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/haproxy-1.5.9/README new/haproxy-1.5.10/README --- old/haproxy-1.5.9/README 2014-11-26 00:38:07.000000000 +0100 +++ new/haproxy-1.5.10/README 2014-12-31 22:22:28.000000000 +0100 @@ -1,9 +1,9 @@ ---------------------- HAProxy how-to ---------------------- - version 1.5.9 + version 1.5.10 willy tarreau - 2014/11/25 + 2014/12/31 1) How to build it diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/haproxy-1.5.9/VERDATE new/haproxy-1.5.10/VERDATE --- old/haproxy-1.5.9/VERDATE 2014-11-26 00:38:07.000000000 +0100 +++ new/haproxy-1.5.10/VERDATE 2014-12-31 22:22:28.000000000 +0100 @@ -1,2 +1,2 @@ $Format:%ci$ -2014/11/25 +2014/12/31 diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/haproxy-1.5.9/VERSION new/haproxy-1.5.10/VERSION --- old/haproxy-1.5.9/VERSION 2014-11-26 00:38:07.000000000 +0100 +++ new/haproxy-1.5.10/VERSION 2014-12-31 22:22:28.000000000 +0100 @@ -1 +1 @@ -1.5.9 +1.5.10 diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/haproxy-1.5.9/doc/configuration.txt new/haproxy-1.5.10/doc/configuration.txt --- old/haproxy-1.5.9/doc/configuration.txt 2014-11-26 00:38:07.000000000 +0100 +++ new/haproxy-1.5.10/doc/configuration.txt 2014-12-31 22:22:28.000000000 +0100 @@ -2,9 +2,9 @@ HAProxy Configuration Manual ---------------------- - version 1.5.9 + version 1.5.10 willy tarreau - 2014/11/25 + 2014/12/31 This document covers the configuration language as implemented in the version @@ -4426,10 +4426,8 @@ This option may be set either in the frontend or the backend. - If this option has been enabled in a "defaults" section, it can be disabled - in a specific instance by prepending the "no" keyword before it. Specifying - only "option httplog" will automatically clear the 'clf' mode if it was set - by default. + Specifying only "option httplog" will automatically clear the 'clf' mode + if it was set by default. See also : section 8 about logging. diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/haproxy-1.5.9/examples/haproxy.spec new/haproxy-1.5.10/examples/haproxy.spec --- old/haproxy-1.5.9/examples/haproxy.spec 2014-11-26 00:38:07.000000000 +0100 +++ new/haproxy-1.5.10/examples/haproxy.spec 2014-12-31 22:22:28.000000000 +0100 @@ -1,6 +1,6 @@ Summary: HA-Proxy is a TCP/HTTP reverse proxy for high availability environments Name: haproxy -Version: 1.5.9 +Version: 1.5.10 Release: 1 License: GPL Group: System Environment/Daemons @@ -76,6 +76,9 @@ %attr(0755,root,root) %config %{_sysconfdir}/rc.d/init.d/%{name} %changelog +* Wed Dec 31 2014 Willy Tarreau <[email protected]> +- updated to 1.5.10 + * Wed Nov 26 2014 Willy Tarreau <[email protected]> - updated to 1.5.9 diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/haproxy-1.5.9/include/types/proto_http.h new/haproxy-1.5.10/include/types/proto_http.h --- old/haproxy-1.5.9/include/types/proto_http.h 2014-11-26 00:38:07.000000000 +0100 +++ new/haproxy-1.5.10/include/types/proto_http.h 2014-12-31 22:22:28.000000000 +0100 @@ -70,7 +70,7 @@ /* indicate how we *want* the connection to behave, regardless of what is in * the headers. We have 4 possible values right now : - * - WANT_KAL : try to maintain keep-alive (default hwen nothing configured) + * - WANT_KAL : try to maintain keep-alive (default when nothing configured) * - WANT_TUN : will be a tunnel (CONNECT). * - WANT_SCL : enforce close on the server side * - WANT_CLO : enforce close on both sides diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/haproxy-1.5.9/include/types/server.h new/haproxy-1.5.10/include/types/server.h --- old/haproxy-1.5.9/include/types/server.h 2014-11-26 00:38:07.000000000 +0100 +++ new/haproxy-1.5.10/include/types/server.h 2014-12-31 22:22:28.000000000 +0100 @@ -43,7 +43,7 @@ #include <types/checks.h> -/* server states. Only SRV_ST_DOWN indicates a down server. */ +/* server states. Only SRV_ST_STOPPED indicates a down server. */ enum srv_state { SRV_ST_STOPPED = 0, /* the server is down. Please keep set to zero. */ SRV_ST_STARTING, /* the server is warming up (up but throttled) */ diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/haproxy-1.5.9/src/backend.c new/haproxy-1.5.10/src/backend.c --- old/haproxy-1.5.9/src/backend.c 2014-11-26 00:38:07.000000000 +0100 +++ new/haproxy-1.5.10/src/backend.c 2014-12-31 22:22:28.000000000 +0100 @@ -552,7 +552,7 @@ (__objt_server(conn->target)->nbpend + 1) < s->be->max_ka_queue))) && srv_is_usable(__objt_server(conn->target))) { /* This session was relying on a server in a previous request - * and the proxy has "option prefer-current-server" set, so + * and the proxy has "option prefer-last-server" set, so * let's try to reuse the same server. */ srv = __objt_server(conn->target); diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/haproxy-1.5.9/src/cfgparse.c new/haproxy-1.5.10/src/cfgparse.c --- old/haproxy-1.5.9/src/cfgparse.c 2014-11-26 00:38:07.000000000 +0100 +++ new/haproxy-1.5.10/src/cfgparse.c 2014-12-31 22:22:28.000000000 +0100 @@ -6006,7 +6006,10 @@ from = to; } - if (!from->cap & PR_CAP_FE) + if (!(from->cap & PR_CAP_FE)) + return; + + if (from->state == PR_STSTOPPED) return; /* default_backend */ @@ -6601,7 +6604,7 @@ curproxy->conf.args.file = curproxy->conf.uif_file; curproxy->conf.args.line = curproxy->conf.uif_line; parse_logformat_string(curproxy->conf.uniqueid_format_string, curproxy, &curproxy->format_unique_id, LOG_OPT_HTTP, - (proxy->cap & PR_CAP_FE) ? SMP_VAL_FE_HRQ_HDR : SMP_VAL_BE_HRQ_HDR, + (curproxy->cap & PR_CAP_FE) ? SMP_VAL_FE_HRQ_HDR : SMP_VAL_BE_HRQ_HDR, curproxy->conf.uif_file, curproxy->conf.uif_line); curproxy->conf.args.file = NULL; curproxy->conf.args.line = 0; diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/haproxy-1.5.9/src/checks.c new/haproxy-1.5.10/src/checks.c --- old/haproxy-1.5.9/src/checks.c 2014-11-26 00:38:07.000000000 +0100 +++ new/haproxy-1.5.10/src/checks.c 2014-12-31 22:22:28.000000000 +0100 @@ -1381,6 +1381,7 @@ struct connection *conn = check->conn; struct protocol *proto; int ret; + int quickack; /* tcpcheck send/expect initialisation */ if (check->type == PR_O2_TCPCHK_CHK) @@ -1436,18 +1437,23 @@ set_host_port(&conn->addr.to, check->port); } - if (check->type == PR_O2_TCPCHK_CHK) { + /* only plain tcp-check supports quick ACK */ + quickack = check->type == 0 || check->type == PR_O2_TCPCHK_CHK; + + if (check->type == PR_O2_TCPCHK_CHK && !LIST_ISEMPTY(&s->proxy->tcpcheck_rules)) { struct tcpcheck_rule *r = (struct tcpcheck_rule *) s->proxy->tcpcheck_rules.n; /* if first step is a 'connect', then tcpcheck_main must run it */ if (r->action == TCPCHK_ACT_CONNECT) { tcpcheck_main(conn); return SN_ERR_UP; } + if (r->action == TCPCHK_ACT_EXPECT) + quickack = 0; } ret = SN_ERR_INTERNAL; if (proto->connect) - ret = proto->connect(conn, check->type, (check->type) ? 0 : 2); + ret = proto->connect(conn, check->type, quickack ? 2 : 0); conn->flags |= CO_FL_WAKE_DATA; if (s->check.send_proxy) { conn->send_proxy_ofs = 1; @@ -1850,7 +1856,7 @@ static void tcpcheck_main(struct connection *conn) { char *contentptr; - struct tcpcheck_rule *cur = NULL; + struct tcpcheck_rule *cur, *next; int done = 0, ret = 0; struct check *check = conn->owner; struct server *s = check->server; @@ -1946,6 +1952,11 @@ break; } + /* have 'next' point to the next rule or NULL if we're on the last one */ + next = (struct tcpcheck_rule *)cur->list.n; + if (&next->list == head) + next = NULL; + if (check->current_step->action == TCPCHK_ACT_CONNECT) { struct protocol *proto; struct xprt_ops *xprt; @@ -1995,7 +2006,9 @@ ret = SN_ERR_INTERNAL; if (proto->connect) - ret = proto->connect(conn, check->type, (check->type) ? 0 : 2); + ret = proto->connect(conn, + 1 /* I/O polling is always needed */, + (next && next->action == TCPCHK_ACT_EXPECT) ? 0 : 2); conn->flags |= CO_FL_WAKE_DATA; if (check->current_step->conn_opts & TCPCHK_OPT_SEND_PROXY) { conn->send_proxy_ofs = 1; diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/haproxy-1.5.9/src/compression.c new/haproxy-1.5.10/src/compression.c --- old/haproxy-1.5.9/src/compression.c 2014-11-26 00:38:07.000000000 +0100 +++ new/haproxy-1.5.10/src/compression.c 2014-12-31 22:22:28.000000000 +0100 @@ -412,6 +412,7 @@ struct comp_ctx *ctx = opaque; static char round = 0; /* order in deflateInit2 */ void *buf = NULL; + struct pool_head *pool = NULL; if (global.maxzlibmem > 0 && (global.maxzlibmem - zlib_used_memory) < (long)(items * size)) goto end; @@ -420,35 +421,40 @@ case 0: if (zlib_pool_deflate_state == NULL) zlib_pool_deflate_state = create_pool("zlib_state", size * items, MEM_F_SHARED); - ctx->zlib_deflate_state = buf = pool_alloc2(zlib_pool_deflate_state); + pool = zlib_pool_deflate_state; + ctx->zlib_deflate_state = buf = pool_alloc2(pool); break; case 1: if (zlib_pool_window == NULL) zlib_pool_window = create_pool("zlib_window", size * items, MEM_F_SHARED); - ctx->zlib_window = buf = pool_alloc2(zlib_pool_window); + pool = zlib_pool_window; + ctx->zlib_window = buf = pool_alloc2(pool); break; case 2: if (zlib_pool_prev == NULL) zlib_pool_prev = create_pool("zlib_prev", size * items, MEM_F_SHARED); - ctx->zlib_prev = buf = pool_alloc2(zlib_pool_prev); + pool = zlib_pool_prev; + ctx->zlib_prev = buf = pool_alloc2(pool); break; case 3: if (zlib_pool_head == NULL) zlib_pool_head = create_pool("zlib_head", size * items, MEM_F_SHARED); - ctx->zlib_head = buf = pool_alloc2(zlib_pool_head); + pool = zlib_pool_head; + ctx->zlib_head = buf = pool_alloc2(pool); break; case 4: if (zlib_pool_pending_buf == NULL) zlib_pool_pending_buf = create_pool("zlib_pending_buf", size * items, MEM_F_SHARED); - ctx->zlib_pending_buf = buf = pool_alloc2(zlib_pool_pending_buf); + pool = zlib_pool_pending_buf; + ctx->zlib_pending_buf = buf = pool_alloc2(pool); break; } if (buf != NULL) - zlib_used_memory += items * size; + zlib_used_memory += pool->size; end: diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/haproxy-1.5.9/src/dumpstats.c new/haproxy-1.5.10/src/dumpstats.c --- old/haproxy-1.5.9/src/dumpstats.c 2014-11-26 00:38:07.000000000 +0100 +++ new/haproxy-1.5.10/src/dumpstats.c 2014-12-31 22:22:28.000000000 +0100 @@ -1295,8 +1295,7 @@ pat_ref_prune(appctx->ctx.map.ref); /* return response */ - appctx->ctx.cli.msg = "Done.\n"; - appctx->st0 = STAT_CLI_PRINT; + appctx->st0 = STAT_CLI_PROMPT; return 1; } else { @@ -1788,8 +1787,7 @@ } /* The set is done, send message. */ - appctx->ctx.cli.msg = "Done.\n"; - appctx->st0 = STAT_CLI_PRINT; + appctx->st0 = STAT_CLI_PROMPT; return 1; } #ifdef USE_OPENSSL @@ -2138,8 +2136,7 @@ } /* The deletion is done, send message. */ - appctx->ctx.cli.msg = "Done.\n"; - appctx->st0 = STAT_CLI_PRINT; + appctx->st0 = STAT_CLI_PROMPT; return 1; } else { /* unknown "del" parameter */ @@ -2215,8 +2212,7 @@ } /* The add is done, send message. */ - appctx->ctx.cli.msg = "Done.\n"; - appctx->st0 = STAT_CLI_PRINT; + appctx->st0 = STAT_CLI_PROMPT; return 1; } else { /* unknown "del" parameter */ diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/haproxy-1.5.9/src/memory.c new/haproxy-1.5.10/src/memory.c --- old/haproxy-1.5.9/src/memory.c 2014-11-26 00:38:07.000000000 +0100 +++ new/haproxy-1.5.10/src/memory.c 2014-12-31 22:22:28.000000000 +0100 @@ -142,8 +142,7 @@ //qfprintf(stderr, "Flushing pool %s\n", entry->name); next = entry->free_list; while (next && - entry->allocated > entry->minavail && - entry->allocated > entry->used) { + (int)(entry->allocated - entry->used) > (int)entry->minavail) { temp = next; next = *(void **)temp; entry->allocated--; diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/haproxy-1.5.9/src/pattern.c new/haproxy-1.5.10/src/pattern.c --- old/haproxy-1.5.9/src/pattern.c 2014-11-26 00:38:07.000000000 +0100 +++ new/haproxy-1.5.10/src/pattern.c 2014-12-31 22:22:28.000000000 +0100 @@ -2096,7 +2096,7 @@ struct pat_ref *ref; struct pattern_expr *expr; struct pat_ref_elt *elt; - int reuse; + int reuse = 0; /* Lookup for the existing reference. */ ref = pat_ref_lookup(filename); diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/haproxy-1.5.9/src/payload.c new/haproxy-1.5.10/src/payload.c --- old/haproxy-1.5.9/src/payload.c 2014-11-26 00:38:07.000000000 +0100 +++ new/haproxy-1.5.10/src/payload.c 2014-12-31 22:22:28.000000000 +0100 @@ -72,6 +72,9 @@ chn = ((opt & SMP_OPT_DIR) == SMP_OPT_DIR_RES) ? s->rep : s->req; + if (!chn) + goto not_ssl_hello; + bleft = chn->buf->i; data = (const unsigned char *)chn->buf->p; @@ -276,6 +279,9 @@ chn = ((opt & SMP_OPT_DIR) == SMP_OPT_DIR_RES) ? s->rep : s->req; + if (!chn) + goto not_ssl_hello; + bleft = chn->buf->i; data = (unsigned char *)chn->buf->p; diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/haproxy-1.5.9/src/proto_http.c new/haproxy-1.5.10/src/proto_http.c --- old/haproxy-1.5.9/src/proto_http.c 2014-11-26 00:38:07.000000000 +0100 +++ new/haproxy-1.5.10/src/proto_http.c 2014-12-31 22:22:28.000000000 +0100 @@ -124,7 +124,7 @@ "Content-Type: text/html\r\n" "Proxy-Authenticate: Basic realm=\"%s\"\r\n" "\r\n" - "<html><body><h1>401 Unauthorized</h1>\nYou need a valid user and password to access this content.\n</body></html>\n"; + "<html><body><h1>407 Unauthorized</h1>\nYou need a valid user and password to access this content.\n</body></html>\n"; const int http_err_codes[HTTP_ERR_SIZE] = { @@ -9611,7 +9611,7 @@ * if prefix == "/", we don't want to add anything, otherwise it * makes it hard for the user to configure a self-redirection. */ - proxy->conf.args.ctx = ARGC_RDR; + curproxy->conf.args.ctx = ARGC_RDR; if (!(type == REDIRECT_TYPE_PREFIX && destination[0] == '/' && destination[1] == '\0')) { parse_logformat_string(destination, curproxy, &rule->rdr_fmt, LOG_OPT_HTTP, (curproxy->cap & PR_CAP_FE) ? SMP_VAL_FE_HRQ_HDR : SMP_VAL_BE_HRQ_HDR, diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/haproxy-1.5.9/src/sample.c new/haproxy-1.5.10/src/sample.c --- old/haproxy-1.5.9/src/sample.c 2014-11-26 00:38:07.000000000 +0100 +++ new/haproxy-1.5.10/src/sample.c 2014-12-31 22:22:28.000000000 +0100 @@ -1369,7 +1369,7 @@ /* reduce if needed. Don't do a modulo, use all bits! */ if (args && args[0].type == ARGT_UINT) - smp->data.uint = ((uint64_t)smp->data.uint * args[0].data.uint) >> 32; + smp->data.uint = ((uint64_t)smp->data.uint * args[0].data.uint) / ((u64)RAND_MAX+1); smp->type = SMP_T_UINT; smp->flags |= SMP_F_VOL_TEST | SMP_F_MAY_CHANGE; diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/haproxy-1.5.9/src/stream_interface.c new/haproxy-1.5.10/src/stream_interface.c --- old/haproxy-1.5.9/src/stream_interface.c 2014-11-26 00:38:07.000000000 +0100 +++ new/haproxy-1.5.10/src/stream_interface.c 2014-12-31 22:22:28.000000000 +0100 @@ -366,7 +366,7 @@ DPRINTF(stderr, "registering handler %p for si %p (was %p)\n", app, si, si->owner); appctx = si_alloc_appctx(si); - if (!si) + if (!appctx) return NULL; appctx_set_applet(appctx, app); ++++++ haproxy-1.5.8-fix-bashisms.patch ++++++ diff -Ndur haproxy-1.5.8/examples/build.cfg haproxy-1.5.8-fix-bashisms/examples/build.cfg --- haproxy-1.5.8/examples/build.cfg 2014-10-31 11:06:53.000000000 +0200 +++ haproxy-1.5.8-fix-bashisms/examples/build.cfg 2014-11-17 04:09:42.408078486 +0200 @@ -5,12 +5,12 @@ PATCH_LIST= FILE_LIST= -function do_compile_only { +do_compile_only() { $FLXMAKE CPU_OPTS="-march=$arch -mcpu=$cpu -Os -mpreferred-stack-boundary=2 -momit-leaf-frame-pointer -malign-jumps=0" \ TARGET=linux24 } -function do_prepack { +do_prepack() { mkdir -p $ROOTDIR/sbin/init.d ; cp examples/init.haproxy.flx0 $ROOTDIR/sbin/init.d/haproxy mkdir -p $ROOTDIR/usr/sbin ; cp haproxy $ROOTDIR/usr/sbin mkdir -p $ROOTDIR/usr/share/examples/$PKGRADIX/$PKGRADIX-$PKGVER/etc/haproxy/ diff -Ndur haproxy-1.5.8/examples/haproxy-1.1.21-flx.1.pkg haproxy-1.5.8-fix-bashisms/examples/haproxy-1.1.21-flx.1.pkg --- haproxy-1.5.8/examples/haproxy-1.1.21-flx.1.pkg 2014-10-31 11:06:53.000000000 +0200 +++ haproxy-1.5.8-fix-bashisms/examples/haproxy-1.1.21-flx.1.pkg 2014-11-17 04:09:28.396079434 +0200 @@ -1,10 +1,10 @@ #!/bin/sh -function do_compile { +do_compile() { $FLXMAKE COPTS="-march=$arch -mcpu=$cpu -Os -mpreferred-stack-boundary=2 -momit-leaf-frame-pointer -malign-jumps=0 -DNETFILTER -DTRANSPARENT" } -function do_prepack { +do_prepack() { mkdir -p $ROOTDIR/sbin/init.d ; cp init.d/haproxy $ROOTDIR/sbin/init.d mkdir -p $ROOTDIR/usr/sbin ; cp haproxy $ROOTDIR/usr/sbin mkdir -p $ROOTDIR/usr/share/examples/$PKGRADIX/$PKGRADIX-$PKGVER/etc diff -Ndur haproxy-1.5.8/examples/haproxy.init haproxy-1.5.8-fix-bashisms/examples/haproxy.init --- haproxy-1.5.8/examples/haproxy.init 2014-10-31 11:06:53.000000000 +0200 +++ haproxy-1.5.8-fix-bashisms/examples/haproxy.init 2014-11-17 04:10:05.127076949 +0200 @@ -116,7 +116,7 @@ check ;; *) - echo $"Usage: $BASENAME {start|stop|restart|reload|condrestart|status|check}" + echo "Usage: $BASENAME {start|stop|restart|reload|condrestart|status|check}" exit 1 esac diff -Ndur haproxy-1.5.8/examples/init.haproxy haproxy-1.5.8-fix-bashisms/examples/init.haproxy --- haproxy-1.5.8/examples/init.haproxy 2014-10-31 11:06:53.000000000 +0200 +++ haproxy-1.5.8-fix-bashisms/examples/init.haproxy 2014-11-17 04:10:58.897073312 +0200 @@ -19,7 +19,7 @@ maintfd=0 fi -maxfd=$[$maxconn*2 + $maintfd] +maxfd=$(($maxconn * 2 + $maintfd)) if [ $maxfd -lt 100 ]; then maxfd=100; fi @@ -31,7 +31,7 @@ # ulimit -c unlimited # soft stop -function do_stop { +do_stop() { pids=`pidof -o $$ -- $PNAME` if [ ! -z "$pids" ]; then echo "Asking $PNAME to terminate gracefully..." @@ -41,7 +41,7 @@ } # dump status -function do_status { +do_status() { pids=`pidof -o $$ -- $PNAME` if [ ! -z "$pids" ]; then echo "Dumping $PNAME status in logs." -- To unsubscribe, e-mail: [email protected] For additional commands, e-mail: [email protected]
