Re: [update] haproxy to 2.3.4 (latest stable)
On Sat, 23 Jan 2021 09:46:11 -0500, Daniel Jakots wrote: > Here's a patch based on yours. It looks good to me so I'll commit it > in a few days. It's in. Thanks! Daniel
Re: [update] haproxy to 2.3.4 (latest stable)
On Wed, 20 Jan 2021 12:17:00 -0500, Aisha Tammy wrote: > > Hi, > I've linked the release note highlights of 2.2 > https://www.mail-archive.com/haproxy@formilux.org/msg37852.html > and the full changelog of 2.3 > https://www.haproxy.org/download/2.3/src/CHANGELOG > > An important highlight (which is why I updated haproxy) > was that since 2.2 haproxy now supports keeping the private and > public keys in separate files, while previously, they needed to be > in the same file. This allows us to directly use the output of > acme-client(1) without doing extra scripting. > > The latest stable is 2.3.4, the latest LTS is 2.2. Both of them > have the acme-client compatibility so I am fine with either (though > personally I'm partial to 2.3 just cuz its new and shiny). > > The libressl support seems to be doing fine. I have a test website > running behind haproxy which is working (with ocsp as > well) https://www.epsilonknot.xyz, so that seems OK. The logging > is definitely something I have not looked into a lot so if someone > can take a peek at that, that would be nice. Alright, thanks! Here's a patch based on yours. It looks good to me so I'll commit it in a few days. Index: Makefile === RCS file: /cvs/ports/net/haproxy/Makefile,v retrieving revision 1.73 diff -u -p -r1.73 Makefile --- Makefile17 Jan 2021 15:22:56 - 1.73 +++ Makefile23 Jan 2021 14:43:13 - @@ -2,9 +2,9 @@ COMMENT = reliable, high performance TCP/HTTP load balancer -DISTNAME = haproxy-2.0.20 +DISTNAME = haproxy-2.3.4 CATEGORIES = net www -HOMEPAGE = http://www.haproxy.org/ +HOMEPAGE = https://www.haproxy.org/ MAINTAINER = Daniel Jakots # GPLv2 @@ -12,7 +12,7 @@ PERMIT_PACKAGE = Yes WANTLIB += c crypto pcre pcreposix pthread ssl z -MASTER_SITES = ${HOMEPAGE}/download/2.0/src/ +MASTER_SITES = ${HOMEPAGE}/download/2.3/src/ HAPROXYCONF = ${SYSCONFDIR}/haproxy HAPROXYSTATE = /var/haproxy Index: distinfo === RCS file: /cvs/ports/net/haproxy/distinfo,v retrieving revision 1.43 diff -u -p -r1.43 distinfo --- distinfo17 Jan 2021 15:22:56 - 1.43 +++ distinfo23 Jan 2021 14:43:13 - @@ -1,2 +1,2 @@ -SHA256 (haproxy-2.0.20.tar.gz) = ZRU8mJ50EvaBXTsEcYS7B+63PMsQ9cBedXNH6mwxfOE= -SIZE (haproxy-2.0.20.tar.gz) = 2693943 +SHA256 (haproxy-2.3.4.tar.gz) = YBSM3+3WsZxAHbzXXM12pTwgvHbEkDK6Mq+YoKXEle0= +SIZE (haproxy-2.3.4.tar.gz) = 2909672 Index: patches/patch-Makefile === RCS file: patches/patch-Makefile diff -N patches/patch-Makefile --- patches/patch-Makefile 14 Dec 2020 23:26:59 - 1.10 +++ /dev/null 1 Jan 1970 00:00:00 - @@ -1,32 +0,0 @@ -$OpenBSD: patch-Makefile,v 1.10 2020/12/14 23:26:59 danj Exp $ - -- BUILD: makefile: Update feature flags for OpenBSD (90c9d78) -- BUILD: makefile: enable crypt(3) for OpenBSD (496374e) - -Index: Makefile Makefile.orig -+++ Makefile -@@ -362,10 +362,11 @@ ifeq ($(TARGET),osx) - EXPORT_SYMBOL = -export_dynamic - endif - --# OpenBSD 5.7 and above -+# OpenBSD 6.3 and above - ifeq ($(TARGET),openbsd) - set_target_defaults = $(call default_opts, \ --USE_POLL USE_TPROXY USE_THREAD USE_KQUEUE USE_ACCEPT4) -+USE_POLL USE_TPROXY USE_LIBCRYPT USE_THREAD USE_KQUEUE USE_ACCEPT4 \ -+USE_CLOSEFROM USE_GETADDRINFO) - endif - - # NetBSD -@@ -455,7 +456,9 @@ BUILD_FEATURES := $(foreach opt,$(patsubst USE_%,%,$(u - OPTIONS_CFLAGS += $(foreach opt,$(use_opts),$(if $($(opt)),-D$(opt),)) - - ifneq ($(USE_LIBCRYPT),) -+ifneq ($(TARGET),openbsd) - OPTIONS_LDFLAGS += -lcrypt -+endif - endif - - ifneq ($(USE_SLZ),) Index: patches/patch-doc_haproxy_1 === RCS file: /cvs/ports/net/haproxy/patches/patch-doc_haproxy_1,v retrieving revision 1.7 diff -u -p -r1.7 patch-doc_haproxy_1 --- patches/patch-doc_haproxy_1 9 Nov 2019 15:52:53 - 1.7 +++ patches/patch-doc_haproxy_1 23 Jan 2021 14:43:13 - @@ -2,7 +2,7 @@ $OpenBSD: patch-doc_haproxy_1,v 1.7 2019 Index: doc/haproxy.1 --- doc/haproxy.1.orig +++ doc/haproxy.1 -@@ -217,8 +217,7 @@ This signal is intercepted and ignored on systems with +@@ -218,8 +218,7 @@ This signal is intercepted and ignored on systems with .SH SEE ALSO Index: patches/patch-src_log_c === RCS file: patches/patch-src_log_c diff -N patches/patch-src_log_c --- patches/patch-src_log_c 14 Dec 2020 23:26:59 - 1.2 +++ /dev/null 1 Jan 1970 00:00:00 - @@ -1,21 +0,0 @@ -$OpenBSD: patch-src_log_c,v 1.2 2020/12/14 23:26:59 danj Exp $ - -This fixes `haproxy: vfprintf %s NULL in ">%s %2d %02d:%02d:%02d %.*s%*s"` -in syslog. It was never committed upstream and commit 5464885 shuffled the -code. - -It was discussed on the mailing
Re: [update] haproxy to 2.3.4 (latest stable)
On 1/19/21 1:18 PM, Daniel Jakots wrote: > On Tue, 19 Jan 2021 10:58:24 -0500, Aisha Tammy > wrote: > >> On 1/18/21 2:00 PM, Stuart Henderson wrote: >>> On 2021/01/18 13:15, Aisha Tammy wrote: Hi, I've attached update for haproxy. >>> >>> Probably best talk to maintainer, some people prefer to keep ports >>> on LTS versions. >>> >> >> I see. I've cc'ed Daniel for their input. > > Yes, please cc maintainers. > > I probably won't have time to look at it before the weekend but here's > a few things. Please don't send just diff but give details about what > you looked at. The committer will need to figure some stuff out, stuff > that you should already have figured yourself. It's helpful to mention > them to avoid duplicate work. > > Here's what I have in mind: can you link the release notes? Bonus point > if you noticed anything worth mentioning. > What have you tested? New Haproxy brings most of the time some libressl > "fun", and iirc they reworked the logging. As a maintainer note, here's > what happens with haproxy users: "few" people try their setups on > -current and whenever there's a new OpenBSD release, a few days after > it people complain stuff is broken :) > > Lastly, why do you want to update to 2.3? Is there any new feature you > need/want? As Stuart mentioned, some people prefer to keep ports on LTS > versions. While I'm not saying it's my case, a compelling reason is > helpful ;) > > > Cheers, > Daniel > Hi, I've linked the release note highlights of 2.2 https://www.mail-archive.com/haproxy@formilux.org/msg37852.html and the full changelog of 2.3 https://www.haproxy.org/download/2.3/src/CHANGELOG An important highlight (which is why I updated haproxy) was that since 2.2 haproxy now supports keeping the private and public keys in separate files, while previously, they needed to be in the same file. This allows us to directly use the output of acme-client(1) without doing extra scripting. The latest stable is 2.3.4, the latest LTS is 2.2. Both of them have the acme-client compatibility so I am fine with either (though personally I'm partial to 2.3 just cuz its new and shiny). The libressl support seems to be doing fine. I have a test website running behind haproxy which is working (with ocsp as well) https://www.epsilonknot.xyz, so that seems OK. The logging is definitely something I have not looked into a lot so if someone can take a peek at that, that would be nice. Thanks a lot! Best, Aisha
Re: [update] haproxy to 2.3.4 (latest stable)
On 1/18/21 2:00 PM, Stuart Henderson wrote: > On 2021/01/18 13:15, Aisha Tammy wrote: >> Hi, >> I've attached update for haproxy. > > Probably best talk to maintainer, some people prefer to keep ports on > LTS versions. > I see. I've cc'ed Daniel for their input. Thanks, Aisha >> -DISTNAME = haproxy-2.0.19 >> +DISTNAME = haproxy-2.3.4 >> CATEGORIES =net www >> HOMEPAGE = http://www.haproxy.org/ > > That has https now. > >> MAINTAINER =Daniel Jakots >> @@ -12,7 +12,7 @@ PERMIT_PACKAGE = Yes >> >> WANTLIB += c crypto pcre pcreposix pthread ssl z >> >> -MASTER_SITES = ${HOMEPAGE}/download/2.0/src/ >> +MASTER_SITES = ${HOMEPAGE}/download/2.3/src/ >> >> HAPROXYCONF = ${SYSCONFDIR}/haproxy >> HAPROXYSTATE = /var/haproxy >> diff --git a/net/haproxy/distinfo b/net/haproxy/distinfo >> index d0558081adc..2cd2f40ecdb 100644 >> --- a/net/haproxy/distinfo >> +++ b/net/haproxy/distinfo >> @@ -1,2 +1,2 @@ >> -SHA256 (haproxy-2.0.19.tar.gz) = >> 3MRErArKCRfiiWUxNDM/fCnQXYRObNYN0E4jtf+AyS0= >> -SIZE (haproxy-2.0.19.tar.gz) = 2682426 >> +SHA256 (haproxy-2.3.4.tar.gz) = YBSM3+3WsZxAHbzXXM12pTwgvHbEkDK6Mq+YoKXEle0= >> +SIZE (haproxy-2.3.4.tar.gz) = 2909672 >> diff --git a/net/haproxy/patches/patch-Makefile >> b/net/haproxy/patches/patch-Makefile >> deleted file mode 100644 >> index 16af6ebfddf..000 >> --- a/net/haproxy/patches/patch-Makefile >> +++ /dev/null >> @@ -1,32 +0,0 @@ >> -$OpenBSD: patch-Makefile,v 1.10 2020/12/14 23:26:59 danj Exp $ >> - >> -- BUILD: makefile: Update feature flags for OpenBSD (90c9d78) >> -- BUILD: makefile: enable crypt(3) for OpenBSD (496374e) >> - >> -Index: Makefile >> Makefile.orig >> -+++ Makefile >> -@@ -362,10 +362,11 @@ ifeq ($(TARGET),osx) >> - EXPORT_SYMBOL = -export_dynamic >> - endif >> - >> --# OpenBSD 5.7 and above >> -+# OpenBSD 6.3 and above >> - ifeq ($(TARGET),openbsd) >> - set_target_defaults = $(call default_opts, \ >> --USE_POLL USE_TPROXY USE_THREAD USE_KQUEUE USE_ACCEPT4) >> -+USE_POLL USE_TPROXY USE_LIBCRYPT USE_THREAD USE_KQUEUE USE_ACCEPT4 >>\ >> -+USE_CLOSEFROM USE_GETADDRINFO) >> - endif >> - >> - # NetBSD >> -@@ -455,7 +456,9 @@ BUILD_FEATURES := $(foreach opt,$(patsubst USE_%,%,$(u >> - OPTIONS_CFLAGS += $(foreach opt,$(use_opts),$(if $($(opt)),-D$(opt),)) >> - >> - ifneq ($(USE_LIBCRYPT),) >> -+ifneq ($(TARGET),openbsd) >> - OPTIONS_LDFLAGS += -lcrypt >> -+endif >> - endif >> - >> - ifneq ($(USE_SLZ),) >> diff --git a/net/haproxy/patches/patch-src_log_c >> b/net/haproxy/patches/patch-src_log_c >> deleted file mode 100644 >> index 8469acea3e2..000 >> --- a/net/haproxy/patches/patch-src_log_c >> +++ /dev/null >> @@ -1,21 +0,0 @@ >> -$OpenBSD: patch-src_log_c,v 1.2 2020/12/14 23:26:59 danj Exp $ >> - >> -This fixes `haproxy: vfprintf %s NULL in ">%s %2d %02d:%02d:%02d >> %.*s%*s"` >> -in syslog. It was never committed upstream and commit 5464885 shuffled the >> -code. >> - >> -It was discussed on the mailing list: >> -https://www.mail-archive.com/haproxy@formilux.org/msg35601.html >> - >> -Index: src/log.c >> src/log.c.orig >> -+++ src/log.c >> -@@ -1389,7 +1389,7 @@ static char *update_log_hdr(const time_t time) >> - ">%s %2d %02d:%02d:%02d %.*s%*s", >> - monthname[tm.tm_mon], >> - tm.tm_mday, tm.tm_hour, tm.tm_min, tm.tm_sec, >> -- (int)host.data, host.area, sep, ""); >> -+ (int)host.data, host.area ? host.area : "", >> sep, ""); >> -/* WARNING: depending upon implementations, snprintf may return >> - * either -1 or the number of bytes that would be needed to >> store >> - * the total message. In both cases, we must adjust it. >> >
Re: [update] haproxy to 2.3.4 (latest stable)
On Tue, 19 Jan 2021 10:58:24 -0500, Aisha Tammy wrote: > On 1/18/21 2:00 PM, Stuart Henderson wrote: > > On 2021/01/18 13:15, Aisha Tammy wrote: > >> Hi, > >> I've attached update for haproxy. > > > > Probably best talk to maintainer, some people prefer to keep ports > > on LTS versions. > > > > I see. I've cc'ed Daniel for their input. Yes, please cc maintainers. I probably won't have time to look at it before the weekend but here's a few things. Please don't send just diff but give details about what you looked at. The committer will need to figure some stuff out, stuff that you should already have figured yourself. It's helpful to mention them to avoid duplicate work. Here's what I have in mind: can you link the release notes? Bonus point if you noticed anything worth mentioning. What have you tested? New Haproxy brings most of the time some libressl "fun", and iirc they reworked the logging. As a maintainer note, here's what happens with haproxy users: "few" people try their setups on -current and whenever there's a new OpenBSD release, a few days after it people complain stuff is broken :) Lastly, why do you want to update to 2.3? Is there any new feature you need/want? As Stuart mentioned, some people prefer to keep ports on LTS versions. While I'm not saying it's my case, a compelling reason is helpful ;) Cheers, Daniel
Re: [update] haproxy to 2.3.4 (latest stable)
On 2021/01/18 13:15, Aisha Tammy wrote: > Hi, > I've attached update for haproxy. Probably best talk to maintainer, some people prefer to keep ports on LTS versions. > -DISTNAME = haproxy-2.0.19 > +DISTNAME = haproxy-2.3.4 > CATEGORIES = net www > HOMEPAGE = http://www.haproxy.org/ That has https now. > MAINTAINER = Daniel Jakots > @@ -12,7 +12,7 @@ PERMIT_PACKAGE =Yes > > WANTLIB += c crypto pcre pcreposix pthread ssl z > > -MASTER_SITES = ${HOMEPAGE}/download/2.0/src/ > +MASTER_SITES = ${HOMEPAGE}/download/2.3/src/ > > HAPROXYCONF =${SYSCONFDIR}/haproxy > HAPROXYSTATE = /var/haproxy > diff --git a/net/haproxy/distinfo b/net/haproxy/distinfo > index d0558081adc..2cd2f40ecdb 100644 > --- a/net/haproxy/distinfo > +++ b/net/haproxy/distinfo > @@ -1,2 +1,2 @@ > -SHA256 (haproxy-2.0.19.tar.gz) = 3MRErArKCRfiiWUxNDM/fCnQXYRObNYN0E4jtf+AyS0= > -SIZE (haproxy-2.0.19.tar.gz) = 2682426 > +SHA256 (haproxy-2.3.4.tar.gz) = YBSM3+3WsZxAHbzXXM12pTwgvHbEkDK6Mq+YoKXEle0= > +SIZE (haproxy-2.3.4.tar.gz) = 2909672 > diff --git a/net/haproxy/patches/patch-Makefile > b/net/haproxy/patches/patch-Makefile > deleted file mode 100644 > index 16af6ebfddf..000 > --- a/net/haproxy/patches/patch-Makefile > +++ /dev/null > @@ -1,32 +0,0 @@ > -$OpenBSD: patch-Makefile,v 1.10 2020/12/14 23:26:59 danj Exp $ > - > -- BUILD: makefile: Update feature flags for OpenBSD (90c9d78) > -- BUILD: makefile: enable crypt(3) for OpenBSD (496374e) > - > -Index: Makefile > Makefile.orig > -+++ Makefile > -@@ -362,10 +362,11 @@ ifeq ($(TARGET),osx) > - EXPORT_SYMBOL = -export_dynamic > - endif > - > --# OpenBSD 5.7 and above > -+# OpenBSD 6.3 and above > - ifeq ($(TARGET),openbsd) > - set_target_defaults = $(call default_opts, \ > --USE_POLL USE_TPROXY USE_THREAD USE_KQUEUE USE_ACCEPT4) > -+USE_POLL USE_TPROXY USE_LIBCRYPT USE_THREAD USE_KQUEUE USE_ACCEPT4 > \ > -+USE_CLOSEFROM USE_GETADDRINFO) > - endif > - > - # NetBSD > -@@ -455,7 +456,9 @@ BUILD_FEATURES := $(foreach opt,$(patsubst USE_%,%,$(u > - OPTIONS_CFLAGS += $(foreach opt,$(use_opts),$(if $($(opt)),-D$(opt),)) > - > - ifneq ($(USE_LIBCRYPT),) > -+ifneq ($(TARGET),openbsd) > - OPTIONS_LDFLAGS += -lcrypt > -+endif > - endif > - > - ifneq ($(USE_SLZ),) > diff --git a/net/haproxy/patches/patch-src_log_c > b/net/haproxy/patches/patch-src_log_c > deleted file mode 100644 > index 8469acea3e2..000 > --- a/net/haproxy/patches/patch-src_log_c > +++ /dev/null > @@ -1,21 +0,0 @@ > -$OpenBSD: patch-src_log_c,v 1.2 2020/12/14 23:26:59 danj Exp $ > - > -This fixes `haproxy: vfprintf %s NULL in ">%s %2d %02d:%02d:%02d > %.*s%*s"` > -in syslog. It was never committed upstream and commit 5464885 shuffled the > -code. > - > -It was discussed on the mailing list: > -https://www.mail-archive.com/haproxy@formilux.org/msg35601.html > - > -Index: src/log.c > src/log.c.orig > -+++ src/log.c > -@@ -1389,7 +1389,7 @@ static char *update_log_hdr(const time_t time) > -">%s %2d %02d:%02d:%02d %.*s%*s", > -monthname[tm.tm_mon], > -tm.tm_mday, tm.tm_hour, tm.tm_min, tm.tm_sec, > -- (int)host.data, host.area, sep, ""); > -+ (int)host.data, host.area ? host.area : "", > sep, ""); > - /* WARNING: depending upon implementations, snprintf may return > - * either -1 or the number of bytes that would be needed to > store > - * the total message. In both cases, we must adjust it. >