[PR] DOC: management: fix typos

[PR Bot]

Dear list!

Author: Andrey Lebedev 
Number of patches: 1

This is an automated relay of the Github pull request:
   DOC: management: fix typos

Patch title(s): 
   DOC: management: fix typos

Link:
   https://github.com/haproxy/haproxy/pull/2528

Edit locally:
   wget https://github.com/haproxy/haproxy/pull/2528.patch && vi 2528.patch

Apply locally:
   curl https://github.com/haproxy/haproxy/pull/2528.patch | git am -

Description:
   PR to fix some typos I found while reading `doc/management.txt`.

Instructions:
   This github pull request will be closed automatically; patch should be
   reviewed on the haproxy mailing list (haproxy@formilux.org). Everyone is
   invited to comment, even the patch's author. Please keep the author and
   list CCed in replies. Please note that in absence of any response this
   pull request will be lost.

[PR] Add destination ip as source ip

[PR Bot]

Dear list!

Author: SriVignessh Pss 
Number of patches: 2

This is an automated relay of the Github pull request:
   Add destination ip as source ip

Patch title(s): 
   add destination ip as source ip
   update alerts and doc

Link:
   https://github.com/haproxy/haproxy/pull/2524

Edit locally:
   wget https://github.com/haproxy/haproxy/pull/2524.patch && vi 2524.patch

Apply locally:
   curl https://github.com/haproxy/haproxy/pull/2524.patch | git am -

Description:
   When the Haproxy instance binds to multiple VIPs. We need a feature to
   identify the forwarded packet from Haproxy instance came from which
   VIP. Adding a feature to allow destinationip to bind as sourceIP in
   backend.
   
   Allow the haproxy instance to transport the response
   packet with the Source IP as incoming request destination IP.

Instructions:
   This github pull request will be closed automatically; patch should be
   reviewed on the haproxy mailing list (haproxy@formilux.org). Everyone is
   invited to comment, even the patch's author. Please keep the author and
   list CCed in replies. Please note that in absence of any response this
   pull request will be lost.

[PR] FEATURE: load private keys from PKCS#11 pkcs11-provider PEM files

[PR Bot]

Dear list!

Author: S-P Chan 
Number of patches: 1

This is an automated relay of the Github pull request:
   FEATURE: load private keys from PKCS#11 pkcs11-provider PEM files

Patch title(s): 
   FEATURE: load private keys from PKCS#11 pkcs11-provider PEM files

Link:
   https://github.com/haproxy/haproxy/pull/2493

Edit locally:
   wget https://github.com/haproxy/haproxy/pull/2493.patch && vi 2493.patch

Apply locally:
   curl https://github.com/haproxy/haproxy/pull/2493.patch | git am -

Description:
   With pkcs11-provider (https://github.com/latchset/pkcs11-provider) a
   specially formatted PEM stanza can be used
   to reference a PKCS#11
   URI to locate the private key.
   
   This PEM stanza can be used
   inside the crt file so that there is no change to the HAProxy config
   language.
   
   This works with OpenSSL 3 and pkcs11-provider after
   https://github.com/latchset/pkcs11-provider/commit/0806c3665 which
   added support for PKCS#11 URI-in-PEM.
   
   TODO: This PR works
   without forking (i.e., not in master-worker mode) as PKCS#11 drivers
   are fragile after fork.
   To use PKCS#11 keys in master-worker mode,
   we need to defer key loading to the child process.
   
   Format of
   PEM stanza:
   ```
   -BEGIN PKCS#11 PROVIDER URI-
   MIHWGhlQS0NTIzExIFByb3ZpZGVyIFVSSSB2MS4wDIG4cGtjczExOm1vZGVsPU5T
   UyUyMDM7bWFudWZhY3R1cmVyPU1vemlsbGElMjBGb3VuZGF0aW9uO3NlcmlhbD0w
   MDAwMDAwMDAwMDAwMDAwO3Rva2VuPU5TUyUyMENlcnRpZmljYXRlJTIwREI7aWQ9
   JTczJTQ5JTU1JTFBJTMyJUFFJThDJUIwJTQ1JTQ5JTAzJURDJUE4JTA0JTg0JTlF
   JUI0JTlGJTQxJUFFO3R5cGU9cHJpdmF0ZQ==
   -END PKCS#11 PROVIDER
   URI-
   ```
   
   Parsed ASN.1:
   ```
   0:d=0  hl=3 l=
   214 cons: SEQUENCE
   3:d=1  hl=2 l=  25 prim: VISIBLESTRING
   :PKCS#11 Provider URI v1.0
  30:d=1  hl=3 l= 184 prim: UTF8STRING
   :pkcs11:model=NSS%203;manufacturer=Mozilla%20Foundation;serial=000
   0;token=NSS%20Certificate%20DB;id=%73%49%55%1A%32%AE%8C%B0%45%
   49%03%DC%A8%04%84%9E%B4%9F%41%AE;type=private
   ```

Instructions:
   This github pull request will be closed automatically; patch should be
   reviewed on the haproxy mailing list (haproxy@formilux.org). Everyone is
   invited to comment, even the patch's author. Please keep the author and
   list CCed in replies. Please note that in absence of any response this
   pull request will be lost.

[PR] Update LICENSE to match license requirement of the upstream repository

[PR Bot]

Dear list!

Author: songliumeng <161319869+songlium...@users.noreply.github.com>
Number of patches: 1

This is an automated relay of the Github pull request:
   Update LICENSE to match license requirement of the upstream repository

Patch title(s): 
   Update LICENSE to match license requirement of the upstream repository

Link:
   https://github.com/haproxy/haproxy/pull/2466

Edit locally:
   wget https://github.com/haproxy/haproxy/pull/2466.patch && vi 2466.patch

Apply locally:
   curl https://github.com/haproxy/haproxy/pull/2466.patch | git am -

Description:
   This change is to fix https://github.com/haproxy/haproxy/issues/2463.

Instructions:
   This github pull request will be closed automatically; patch should be
   reviewed on the haproxy mailing list (haproxy@formilux.org). Everyone is
   invited to comment, even the patch's author. Please keep the author and
   list CCed in replies. Please note that in absence of any response this
   pull request will be lost.

[PR] BUILD: solaris: fix compilation errors

[PR Bot]

Dear list!

Author: matthias sweertvaegher <178714+mx...@users.noreply.github.com>
Number of patches: 1

This is an automated relay of the Github pull request:
   BUILD: solaris: fix compilation errors

Patch title(s): 
   BUILD: solaris: fix compilation errors

Link:
   https://github.com/haproxy/haproxy/pull/2465

Edit locally:
   wget https://github.com/haproxy/haproxy/pull/2465.patch && vi 2465.patch

Apply locally:
   curl https://github.com/haproxy/haproxy/pull/2465.patch | git am -

Description:
   Compilation on solaris fails because of usage of names reserved on
   that platform, i.e. 'queue' and 's_addr'.
   
   This patch
   redefines 'queue' as '_queue' and renames 's_addr' to 'srv_addr' which
   fixes compilation for now.
   
   Future plan: rename 'queue' in
   code base so define can be removed again.
   
   Backporting: 2.9,
   2.8

Instructions:
   This github pull request will be closed automatically; patch should be
   reviewed on the haproxy mailing list (haproxy@formilux.org). Everyone is
   invited to comment, even the patch's author. Please keep the author and
   list CCed in replies. Please note that in absence of any response this
   pull request will be lost.

[PR] BUILD: solaris: fix redefinition of queue struct

[PR Bot]

Dear list!

Author: matthias sweertvaegher <178714+mx...@users.noreply.github.com>
Number of patches: 1

This is an automated relay of the Github pull request:
   BUILD: solaris: fix redefinition of queue struct

Patch title(s): 
   BUILD: solaris: fix redefinition of queue struct

Link:
   https://github.com/haproxy/haproxy/pull/2460

Edit locally:
   wget https://github.com/haproxy/haproxy/pull/2460.patch && vi 2460.patch

Apply locally:
   curl https://github.com/haproxy/haproxy/pull/2460.patch | git am -

Description:
   Compilation on solaris fails because the name 'queue' is reserved:
   > include/haproxy/queue-t.h:43:8: error: redefinition of ‘struct
   queue’
   
   This patch redefines 'queue' as '_queue' which fixes
   compilation for now.
   
   Future plan: rename 'queue' in code base
   so define can be removed again.
   
   Backporting: 2.9, 2.8

Instructions:
   This github pull request will be closed automatically; patch should be
   reviewed on the haproxy mailing list (haproxy@formilux.org). Everyone is
   invited to comment, even the patch's author. Please keep the author and
   list CCed in replies. Please note that in absence of any response this
   pull request will be lost.

[PR] BUG/MEDIUM: server-state: update server if the ports in config and state match

[PR Bot]

Dear list!

Author: Steven Lu 
Number of patches: 1

This is an automated relay of the Github pull request:
   BUG/MEDIUM: server-state: update server if the ports in config and
   state match

Patch title(s): 
   BUG/MEDIUM: server-state: Only update server if the ports in config and 
state still match

Link:
   https://github.com/haproxy/haproxy/pull/2370

Edit locally:
   wget https://github.com/haproxy/haproxy/pull/2370.patch && vi 2370.patch

Apply locally:
   curl https://github.com/haproxy/haproxy/pull/2370.patch | git am -

Description:
   BUG/MEDIUM: server-state: update server if the ports in config and
   state match
   
   When `load-server-state-from-file` is enabled,
   and change the backend port or check port in the config file (without
   altering the backend name and server name), restarting haproxy will
   not apply the port number changes from the new config file. This will
   result in users being unable to connect to the backend using the new
   port.
   
   The reason is that haproxy only uses the backend name
   and server name to decide whether to use state information. To fix the
   issue, we can only update the server info if the ports in the config
   and the state still match.
   
   This patch should solve the issue
   #2103.

Instructions:
   This github pull request will be closed automatically; patch should be
   reviewed on the haproxy mailing list (haproxy@formilux.org). Everyone is
   invited to comment, even the patch's author. Please keep the author and
   list CCed in replies. Please note that in absence of any response this
   pull request will be lost.

[PR] DOC: updated 51Degrees repo URL for v.3.2.10

[PR Bot]

Dear list!

Author: Eugene Dorfman 
Number of patches: 1

This is an automated relay of the Github pull request:
   DOC: updated 51Degrees repo URL for v.3.2.10

Patch title(s): 
   DOC: updated 51Degrees repo URL for v.3.2.10

Link:
   https://github.com/haproxy/haproxy/pull/2354

Edit locally:
   wget https://github.com/haproxy/haproxy/pull/2354.patch && vi 2354.patch

Apply locally:
   curl https://github.com/haproxy/haproxy/pull/2354.patch | git am -

Description:
   the v3.2.10 branch has been migrated from the legacy git.51Degrees.com
   repo to github.com.  the files on the frozen branch are exactly the
   same.

Instructions:
   This github pull request will be closed automatically; patch should be
   reviewed on the haproxy mailing list (haproxy@formilux.org). Everyone is
   invited to comment, even the patch's author. Please keep the author and
   list CCed in replies. Please note that in absence of any response this
   pull request will be lost.

[PR] Add 3 features

[PR Bot]

Dear list!

Author: JihoJung 
Number of patches: 1

This is an automated relay of the Github pull request:
   Add 3 features

Patch title(s): 
   Add 3 features

Link:
   https://github.com/haproxy/haproxy/pull/2283

Edit locally:
   wget https://github.com/haproxy/haproxy/pull/2283.patch && vi 2283.patch

Apply locally:
   curl https://github.com/haproxy/haproxy/pull/2283.patch | git am -

Description:
   1) http-request options
  set-proxy-v2-header
  set-
   proxy-v2-tlv-header
   2) server option
  set-proxy-v2-tlv
   3) done memory leakage detection under valgrind
   
   ### do
   nothing
   6205 ==16466== LEAK SUMMARY:
   6206 ==16466==
   definitely lost: 0 bytes in 0 blocks
   6207 ==16466==indirectly
   lost: 0 bytes in 0 blocks
   6208 ==16466==  possibly lost:
   512,353 bytes in 70 blocks
   6209 ==16466==still reachable:
   239,043,476 bytes in 4,231 blocks
   6210 ==16466==
   suppressed: 0 bytes in 0 blocks
   
   ### only http
   6600
   ==18082== LEAK SUMMARY:
   6601 ==18082==definitely lost: 0 bytes
   in 0 blocks
   6602 ==18082==indirectly lost: 0 bytes in 0 blocks
   6603 ==18082==  possibly lost: 622,001 bytes in 146 blocks
   6604 ==18082==still reachable: 239,043,880 bytes in 4,232 blocks
   6605 ==18082== suppressed: 0 bytes in 0 blocks
   6606
   ==18082==
   6607 ==18082== ERROR SUMMARY: 58 errors from 58 contexts
   (suppressed: 0 from 0)
   6608 ==18082== could not unlink /tmp/vgdb-
   pipe-from-vgdb-to-18082-by-root-on-sun
   6609 ==18082== could not
   unlink /tmp/vgdb-pipe-to-vgdb-from-18082-by-root-on-sun
   6610
   ==18082== could not unlink /tmp/vgdb-pipe-shared-mem-vgdb-18082-by-
   root-on-sun
   
   ### only accept-proxy and send-proxy-v2
   6895
   ==19881== LEAK SUMMARY:
   6896 ==19881==definitely lost: 0 bytes
   in 0 blocks
   6897 ==19881==indirectly lost: 0 bytes in 0 blocks
   6898 ==19881==  possibly lost: 740,801 bytes in 286 blocks
   6899 ==19881==still reachable: 239,043,476 bytes in 4,231 blocks
   6900 ==19881== suppressed: 0 bytes in 0 blocks
   6901
   ==19881==
   6902 ==19881== ERROR SUMMARY: 77 errors from 77 contexts
   (suppressed: 0 from 0)
   6903 ==19881== could not unlink /tmp/vgdb-
   pipe-from-vgdb-to-19881-by-root-on-sun
   6904 ==19881== could not
   unlink /tmp/vgdb-pipe-to-vgdb-from-19881-by-root-on-sun
   6905
   ==19881== could not unlink /tmp/vgdb-pipe-shared-mem-vgdb-19881-by-
   root-on-sun
   
   ### my patch
   6921 ==21025== LEAK SUMMARY:
   6922 ==21025==definitely lost: 0 bytes in 0 blocks
   6923
   ==21025==indirectly lost: 0 bytes in 0 blocks
   6924 ==21025==
   possibly lost: 698,705 bytes in 222 blocks
   6925 ==21025==still
   reachable: 239,048,325 bytes in 4,269 blocks
   6926 ==21025==
   suppressed: 0 bytes in 0 blocks
   6927 ==21025==
   6928 ==21025==
   ERROR SUMMARY: 69 errors from 69 contexts (suppressed: 0 from 0)
   6929 ==21025== could not unlink /tmp/vgdb-pipe-from-vgdb-to-21025-by-
   root-on-sun
   6930 ==21025== could not unlink /tmp/vgdb-pipe-to-
   vgdb-from-21025-by-root-on-sun
   6931 ==21025== could not unlink
   /tmp/vgdb-pipe-shared-mem-vgdb-21025-by-root-on-sun
   
`
   `

Instructions:
   This github pull request will be closed automatically; patch should be
   reviewed on the haproxy mailing list (haproxy@formilux.org). Everyone is
   invited to comment, even the patch's author. Please keep the author and
   list CCed in replies. Please note that in absence of any response this
   pull request will be lost.

[PR] BUG/MEDIUM: h1-htx: Ensure chunked parsing with full output buffer

[PR Bot]

Dear list!

Author: Chris Staite 
Number of patches: 1

This is an automated relay of the Github pull request:
   BUG/MEDIUM: h1-htx: Ensure chunked parsing with full output buffer

Patch title(s): 
   BUG/MEDIUM: h1-htx: Ensure chunked parsing with full output buffer

Link:
   https://github.com/haproxy/haproxy/pull/2278

Edit locally:
   wget https://github.com/haproxy/haproxy/pull/2278.patch && vi 2278.patch

Apply locally:
   curl https://github.com/haproxy/haproxy/pull/2278.patch | git am -

Description:
   A previous fix to ensure that there is sufficient space on the output
   buffer to place parsed data (#2053) introduced an issue that if the
   output buffer is filled on a chunk boundary no data is parsed but the
   congested flag is not set due to the state not being H1_MSG_DATA.
   The check to ensure that there is sufficient space in the output
   buffer is actually already performed in all downstream functions
   before it is used. This makes the early optimisation that avoids the
   state transition to H1_MSG_DATA needless.  Therefore, in order to
   allow the chunk parser to continue in this edge case we can simply
   remove the early check.  This ensures that the state can progress and
   set the congested flag correctly in the caller.
   
   This patch
   fixes #2262. The upstream change that caused this logic error was
   backported as far as 2.5, therefore it makes sense to backport this
   fix back that far also.

Instructions:
   This github pull request will be closed automatically; patch should be
   reviewed on the haproxy mailing list (haproxy@formilux.org). Everyone is
   invited to comment, even the patch's author. Please keep the author and
   list CCed in replies. Please note that in absence of any response this
   pull request will be lost.

[PR] Fix build error on ppc64le: invalid parameter combination for AltiVec…

[PR Bot]

Dear list!

Author: Peter Varkoly 
Number of patches: 1

This is an automated relay of the Github pull request:
   Fix build error on ppc64le: invalid parameter combination for AltiVec…

Patch title(s): 
   Fix build error on ppc64le: invalid parameter combination for AltiVec 
intrinsic __builtin_vec_ld

Link:
   https://github.com/haproxy/haproxy/pull/2260

Edit locally:
   wget https://github.com/haproxy/haproxy/pull/2260.patch && vi 2260.patch

Apply locally:
   curl https://github.com/haproxy/haproxy/pull/2260.patch | git am -

Description:
   I got error haproxy with version 2.8.2:
   [  246s] In file included
   from include/haproxy/xxhash.h:43:0,
   [  246s]  from
   src/ssl_sock.c:84:
   [  246s] include/import/xxhash.h: In function
   'XXH3_accumulate_512_vsx':
   [  246s]
   include/import/xxhash.h:4148:9: error: invalid parameter combination
   for AltiVec intrinsic __builtin_vec_ld
   [  246s]  xxh_u64x2
   acc_vec= vec_xl(0, xacc + 2 * i);
   [  246s]
   ^
   [  246s] compilation terminated due to -Wfatal-errors.
   [  246s] make: *** [Makefile:1027: src/ssl_sock.o] Error 1
   [
   246s] make: *** Waiting for unfinished jobs
   [  247s] In file
   included from include/haproxy/xxhash.h:43:0,
   [  247s]
   from src/ssl_ocsp.c:84:
   [  247s] include/import/xxhash.h: In
   function 'XXH3_accumulate_512_vsx':
   [  247s]
   include/import/xxhash.h:4148:9: error: invalid parameter combination
   for AltiVec intrinsic __builtin_vec_ld
   [  247s]  xxh_u64x2
   acc_vec= vec_xl(0, xacc + 2 * i);
   [  247s]
   ^
   [  247s] compilation terminated due to -Wfatal-errors.
   [  247s] make: *** [Makefile:1027: src/ssl_ocsp.o] Error 1
   This patch fixes the build problem

Instructions:
   This github pull request will be closed automatically; patch should be
   reviewed on the haproxy mailing list (haproxy@formilux.org). Everyone is
   invited to comment, even the patch's author. Please keep the author and
   list CCed in replies. Please note that in absence of any response this
   pull request will be lost.

[PR] some typos for sock.c and proxy.c

[PR Bot]

Dear list!

Author: haojue 
Number of patches: 1

This is an automated relay of the Github pull request:
   some typos for sock.c and proxy.c

Patch title(s): 
   some typos for sock.c and proxy.c

Link:
   https://github.com/haproxy/haproxy/pull/2238

Edit locally:
   wget https://github.com/haproxy/haproxy/pull/2238.patch && vi 2238.patch

Apply locally:
   curl https://github.com/haproxy/haproxy/pull/2238.patch | git am -

Description:


Instructions:
   This github pull request will be closed automatically; patch should be
   reviewed on the haproxy mailing list (haproxy@formilux.org). Everyone is
   invited to comment, even the patch's author. Please keep the author and
   list CCed in replies. Please note that in absence of any response this
   pull request will be lost.

[PR] MINOR: lua: Allow reading "proc." scoped vars from LUA core.

[PR Bot]

Dear list!

Author: Daan van Gorkum 
Number of patches: 1

This is an automated relay of the Github pull request:
   MINOR: lua: Allow reading "proc." scoped vars from LUA core.

Patch title(s): 
   MINOR: lua: Allow reading "proc." scoped vars from LUA core.

Link:
   https://github.com/haproxy/haproxy/pull/2218

Edit locally:
   wget https://github.com/haproxy/haproxy/pull/2218.patch && vi 2218.patch

Apply locally:
   curl https://github.com/haproxy/haproxy/pull/2218.patch | git am -

Description:
   This adds the "core.get_var()" method allow the reading of "proc."
   scoped variables outside of TXN or HTTP/TCPApplet.
   
   Fixes:
   #2212

Instructions:
   This github pull request will be closed automatically; patch should be
   reviewed on the haproxy mailing list (haproxy@formilux.org). Everyone is
   invited to comment, even the patch's author. Please keep the author and
   list CCed in replies. Please note that in absence of any response this
   pull request will be lost.

[PR] Allow load of non-existing pattern files.

[PR Bot]

Dear list!

Author: Daan van Gorkum 
Number of patches: 1

This is an automated relay of the Github pull request:
   Allow load of non-existing pattern files.

Patch title(s): 
   Allow load of non-existing pattern files.

Link:
   https://github.com/haproxy/haproxy/pull/2209

Edit locally:
   wget https://github.com/haproxy/haproxy/pull/2209.patch && vi 2209.patch

Apply locally:
   curl https://github.com/haproxy/haproxy/pull/2209.patch | git am -

Description:
   To allow pure usage of the runtime API/LUA to add/remove entries in
   Maps/ACLs we should be able to load non-existing patterns. This make
   deploying easier as otherwise empty files needs to be created.
   A notice is issued when this config option is used and every time a
   non-existing file is loaded.
   
   Fixes: #2202

Instructions:
   This github pull request will be closed automatically; patch should be
   reviewed on the haproxy mailing list (haproxy@formilux.org). Everyone is
   invited to comment, even the patch's author. Please keep the author and
   list CCed in replies. Please note that in absence of any response this
   pull request will be lost.

[PR] Implement fetch for arbitrary TLV payloads

[PR Bot]

Dear list!

Author: Alexander Stephan 
Number of patches: 1

This is an automated relay of the Github pull request:
   Implement fetch for arbitrary TLV payloads

Patch title(s): 
   Fully working version with debug statements and missing test

Link:
   https://github.com/haproxy/haproxy/pull/2199

Edit locally:
   wget https://github.com/haproxy/haproxy/pull/2199.patch && vi 2199.patch

Apply locally:
   curl https://github.com/haproxy/haproxy/pull/2199.patch | git am -

Description:
   TODO:
   - [ ] Add / adjust test
   - [ ] Remove debug logs
   - [
   ] Always append to the list and return the first hit or traverse the
   list and overwrite. This is relevant for duplicate TLV which are
   technically possible, although unusual.
   - [ ] Make CRC32 and NETNS
   fetchable for consistency
   - [ ] Formatting to meet HAProxy
   contribution guidelines

Instructions:
   This github pull request will be closed automatically; patch should be
   reviewed on the haproxy mailing list (haproxy@formilux.org). Everyone is
   invited to comment, even the patch's author. Please keep the author and
   list CCed in replies. Please note that in absence of any response this
   pull request will be lost.

[PR] Improve wording of http-request wait-for-body

[PR Bot]

Dear list!

Author: Craig <99729+cr...@users.noreply.github.com>
Number of patches: 1

This is an automated relay of the Github pull request:
   Improve wording of http-request wait-for-body

Patch title(s): 
   Improve wording of http-request wait-for-body 

Link:
   https://github.com/haproxy/haproxy/pull/2122

Edit locally:
   wget https://github.com/haproxy/haproxy/pull/2122.patch && vi 2122.patch

Apply locally:
   curl https://github.com/haproxy/haproxy/pull/2122.patch | git am -

Description:
   Improve wording of http-request wait-for-body so it's easier to
   understand.

Instructions:
   This github pull request will be closed automatically; patch should be
   reviewed on the haproxy mailing list (haproxy@formilux.org). Everyone is
   invited to comment, even the patch's author. Please keep the author and
   list CCed in replies. Please note that in absence of any response this
   pull request will be lost.

[PR] BUG/MINOR: http-fetch: recognize IPv6 addresses in square brackets in req.hdr_ip()

[PR Bot]

Dear list!

Author: Oto Valek 
Number of patches: 2

This is an automated relay of the Github pull request:
   BUG/MINOR: http-fetch: recognize IPv6 addresses in square brackets in
   req.hdr_ip()

Patch title(s): 
   BUG/MINOR: http-fetch: recognize IPv6 addresses in square brackets in 
req.hdr_ip()
   REGTEST: added tests covering smp_fetch_hdr_ip()

Link:
   https://github.com/haproxy/haproxy/pull/2063

Edit locally:
   wget https://github.com/haproxy/haproxy/pull/2063.patch && vi 2063.patch

Apply locally:
   curl https://github.com/haproxy/haproxy/pull/2063.patch | git am -

Description:
   Fixes haproxy/haproxy#2054
   
   To comply with
   [RFC7239](https://www.rfc-editor.org/rfc/rfc7239.html#section-6.1) and
   [RFC3986](https://www.rfc-editor.org/rfc/rfc3986.html#section-3.2.2),
   the `req.hdr_ip()` should recognize IPv6 addresses in square brackets.
   As the `inet_pton()` call does not support this format, the
   `smp_fetch_hdr_ip()` function was changed to trim possible `'['` and
   `']'` before calling `inet_pton()`.
   
   New reg test cases were
   added to cover all 4 branches of smp_fetch_hdr_ip().

Instructions:
   This github pull request will be closed automatically; patch should be
   reviewed on the haproxy mailing list (haproxy@formilux.org). Everyone is
   invited to comment, even the patch's author. Please keep the author and
   list CCed in replies. Please note that in absence of any response this
   pull request will be lost.

[PR] BUG/MINOR: http-fetch: recognize IPv6 addresses in square brackets in req.hdr_ip()

[PR Bot]

Dear list!

Author: Oto Valek 
Number of patches: 2

This is an automated relay of the Github pull request:
   BUG/MINOR: http-fetch: recognize IPv6 addresses in square brackets in
   req.hdr_ip()

Patch title(s): 
   BUG/MINOR: http-fetch: recognize IPv6 addresses in square brackets in 
req.hdr_ip()
   REGTEST: enclose one of the IPv6 address in square brackets

Link:
   https://github.com/haproxy/haproxy/pull/2055

Edit locally:
   wget https://github.com/haproxy/haproxy/pull/2055.patch && vi 2055.patch

Apply locally:
   curl https://github.com/haproxy/haproxy/pull/2055.patch | git am -

Description:
   Fixes haproxy/haproxy#2054
   
   To comply with
   [RFC7239](https://www.rfc-editor.org/rfc/rfc7239.html#section-6.1) and
   [RFC3986](https://www.rfc-editor.org/rfc/rfc3986.html#section-3.2.2),
   the `req.hdr_ip()` should recognize IPv6 addresses in square brackets.
   As the `inet_pton()` call does not support this format, the
   `smp_fetch_hdr_ip()` function was changed to trim possible `'['` and
   `']'` before calling `inet_pton()`.
   
   Reg tests were updated to
   cover this case.

Instructions:
   This github pull request will be closed automatically; patch should be
   reviewed on the haproxy mailing list (haproxy@formilux.org). Everyone is
   invited to comment, even the patch's author. Please keep the author and
   list CCed in replies. Please note that in absence of any response this
   pull request will be lost.

[PR] prelim-wolfSSL updates

[PR Bot]

Dear list!

Author: Uriah Pollock 
Number of patches: 1

This is an automated relay of the Github pull request:
   prelim-wolfSSL updates

Patch title(s): 
   prelim-wolfSSL updates

Link:
   https://github.com/haproxy/haproxy/pull/1908

Edit locally:
   wget https://github.com/haproxy/haproxy/pull/1908.patch && vi 1908.patch

Apply locally:
   curl https://github.com/haproxy/haproxy/pull/1908.patch | git am -

Description:


Instructions:
   This github pull request will be closed automatically; patch should be
   reviewed on the haproxy mailing list (haproxy@formilux.org). Everyone is
   invited to comment, even the patch's author. Please keep the author and
   list CCed in replies. Please note that in absence of any response this
   pull request will be lost.

[PR] DOC: fix function formatting for http-request set-var and set-var-fmt

[PR Bot]

Dear list!

Author: Nik 
Number of patches: 1

This is an automated relay of the Github pull request:
   DOC: fix function formatting for http-request set-var and set-var-fmt

Patch title(s): 
   DOC: fix function formatting for http-request set-var and http-request 
set-var-fmt

Link:
   https://github.com/haproxy/haproxy/pull/1888

Edit locally:
   wget https://github.com/haproxy/haproxy/pull/1888.patch && vi 1888.patch

Apply locally:
   curl https://github.com/haproxy/haproxy/pull/1888.patch | git am -

Description:
   Hi. There is a formatting issue with `http-request set-var` and `http-
   request set-var-fmt`. When `dconv` builds the documentation it doesn't
   expect `...` in that part of the keyword so it gets skipped.
   ![set-var](https://user-images.githubusercontent.com/10053187/19404500
   9-b0ecab6a-8595-4fa5-b77d-816dfd112e30.png)
   
   I don't feel
   comfortable editing `dconv` since it relies on a complex regex that
   might affect other keywords so I added a quick fix by removing `...`.
   https://user-images.githubuser
   content.com/10053187/194045023-050ebf13-fb7e-4692-b520-526c06cc38bf.pn
   g">
   
   _(The formatting on the screenshot above is a bit off
   because I did a local build and didn't serve the files from a
   webserver)_

Instructions:
   This github pull request will be closed automatically; patch should be
   reviewed on the haproxy mailing list (haproxy@formilux.org). Everyone is
   invited to comment, even the patch's author. Please keep the author and
   list CCed in replies. Please note that in absence of any response this
   pull request will be lost.

[PR] Allow "no option forwardfor"

[PR Bot]

Dear list!

Author: Samuel Maftoul 
Number of patches: 2

This is an automated relay of the Github pull request:
   Allow "no option forwardfor"

Patch title(s): 
   [WIP] allow "no option forwardfor"
   Require both frontend and backend to have option forwardfor to enable it

Link:
   https://github.com/haproxy/haproxy/pull/1853

Edit locally:
   wget https://github.com/haproxy/haproxy/pull/1853.patch && vi 1853.patch

Apply locally:
   curl https://github.com/haproxy/haproxy/pull/1853.patch | git am -

Description:
   Fixes #130 
   
   * Move the `forwardfor` logic before we check the
   negation of options ( https://github.com/haproxy/haproxy/blob/94f763b5
   e4b2aafd2c6d65f074fdc28735556f25/src/cfgparse-listen.c#L2071 ) so we
   can negate it.
   * Add logic to differentiate KWM_NO and KWM_STD so
   we modify options for the proxy.
   * Modify logic to include the
   header only if both frontend and backend have the header enabled.
   About this  last point (and the 2nd commit of this PR) , I'm not sure
   it's what I'm supposed to do.
   Maybe I should also some
   `no_options` logic to properly disable the header in the backend ?
   Also, this PR so far is missing docs, but I want the logic to be clear
   before writing the document (or should it be done the other way around
   ?).
   Finally, it may also miss some tests, should I add them to htt
   ps://github.com/haproxy/haproxy/blob/025945f12cde56dde22baec286393fd1f
   048c0fc/reg-tests/http-rules/except-forwardfor-originalto.vtc ?

Instructions:
   This github pull request will be closed automatically; patch should be
   reviewed on the haproxy mailing list (haproxy@formilux.org). Everyone is
   invited to comment, even the patch's author. Please keep the author and
   list CCed in replies. Please note that in absence of any response this
   pull request will be lost.

[PR] fix some typos

[PR Bot]

Dear list!

Author: cui fliter 
Number of patches: 1

This is an automated relay of the Github pull request:
   fix some typos

Patch title(s): 
   fix some typos

Link:
   https://github.com/haproxy/haproxy/pull/1843

Edit locally:
   wget https://github.com/haproxy/haproxy/pull/1843.patch && vi 1843.patch

Apply locally:
   curl https://github.com/haproxy/haproxy/pull/1843.patch | git am -

Description:


Instructions:
   This github pull request will be closed automatically; patch should be
   reviewed on the haproxy mailing list (haproxy@formilux.org). Everyone is
   invited to comment, even the patch's author. Please keep the author and
   list CCed in replies. Please note that in absence of any response this
   pull request will be lost.

[PR] haproxy: fix build on older MacOS

[PR Bot]

Dear list!

Author: Sergey Fedorov 
Number of patches: 1

This is an automated relay of the Github pull request:
   haproxy: fix build on older MacOS

Patch title(s): 
   haproxy: fix build on older MacOS

Link:
   https://github.com/haproxy/haproxy/pull/1833

Edit locally:
   wget https://github.com/haproxy/haproxy/pull/1833.patch && vi 1833.patch

Apply locally:
   curl https://github.com/haproxy/haproxy/pull/1833.patch | git am -

Description:
   The PR adds fixes for older MacOS. Confirmed to build on 10.6.8.
   1. `TCP_CONNECTION_INFO` is available in 10.11+.
   2.
   `_malloc_zone_pressure_relief` is available in 10.7+.
   For details
   see: https://trac.macports.org/ticket/65699
   
   P. S. Build on
   the current MacOS is unaffected (confirmed to build fine):
   https://github.com/macports/macports-ports/pull/15789 (checks pass).

Instructions:
   This github pull request will be closed automatically; patch should be
   reviewed on the haproxy mailing list (haproxy@formilux.org). Everyone is
   invited to comment, even the patch's author. Please keep the author and
   list CCed in replies. Please note that in absence of any response this
   pull request will be lost.

[PR] Fix -v flag usage with install(1) on OpenBSD/NetBSD/Solaris/AIX

[PR Bot]

Dear list!

Author: Brad Smith 
Number of patches: 1

This is an automated relay of the Github pull request:
   Fix -v flag usage with install(1) on OpenBSD/NetBSD/Solaris/AIX

Patch title(s): 
   Fix -v flag usage with install(1) on OpenBSD/NetBSD/Solaris/AIX

Link:
   https://github.com/haproxy/haproxy/pull/1786

Edit locally:
   wget https://github.com/haproxy/haproxy/pull/1786.patch && vi 1786.patch

Apply locally:
   curl https://github.com/haproxy/haproxy/pull/1786.patch | git am -

Description:
   The install(1) program on OpenBSD/NetBSD/Solaris/AIX do not support
   the -v verbose flag. FreeBSD / DragonFlyBSD/ macOS and GNU install do.
   The generic target now has the flag disabled the target is more
   portable.

Instructions:
   This github pull request will be closed automatically; patch should be
   reviewed on the haproxy mailing list (haproxy@formilux.org). Everyone is
   invited to comment, even the patch's author. Please keep the author and
   list CCed in replies. Please note that in absence of any response this
   pull request will be lost.

[PR] OPTIM/MINOR: h2_settings_initial_window_size default 64k

[PR Bot]

Dear list!

Author: Glenn Strauss 
Number of patches: 1

This is an automated relay of the Github pull request:
   OPTIM/MINOR: h2_settings_initial_window_size default 64k

Patch title(s): 
   OPTIM/MINOR: h2_settings_initial_window_size default 64k

Link:
   https://github.com/haproxy/haproxy/pull/1732

Edit locally:
   wget https://github.com/haproxy/haproxy/pull/1732.patch && vi 1732.patch

Apply locally:
   curl https://github.com/haproxy/haproxy/pull/1732.patch | git am -

Description:
   OPTIM/MINOR: h2_settings_initial_window_size default 64k
   change from RFC 7540 default 65535 (64k-1)
   
   avoid some
   degenerative WINDOW_UPDATE behaviors in the wild
   https://github.com/nghttp2/nghttp2/issues/1722

Instructions:
   This github pull request will be closed automatically; patch should be
   reviewed on the haproxy mailing list (haproxy@formilux.org). Everyone is
   invited to comment, even the patch's author. Please keep the author and
   list CCed in replies. Please note that in absence of any response this
   pull request will be lost.

[PR] OPTIM/MINOR: h2_settings_initial_window_size default 64k

[PR Bot]

Dear list!

Author: Glenn Strauss 
Number of patches: 1

This is an automated relay of the Github pull request:
   OPTIM/MINOR: h2_settings_initial_window_size default 64k

Patch title(s): 
   OPTIM/MINOR: h2_settings_initial_window_size default 64k

Link:
   https://github.com/haproxy/haproxy/pull/1732

Edit locally:
   wget https://github.com/haproxy/haproxy/pull/1732.patch && vi 1732.patch

Apply locally:
   curl https://github.com/haproxy/haproxy/pull/1732.patch | git am -

Description:
   OPTIM/MINOR: h2_settings_initial_window_size default 64k
   change from RFC 7540 default 65535 (64k-1)
   
   avoid some
   degenerative WINDOW_UPDATE behaviors in the wild
   https://github.com/nghttp2/nghttp2/issues/1722

Instructions:
   This github pull request will be closed automatically; patch should be
   reviewed on the haproxy mailing list (haproxy@formilux.org). Everyone is
   invited to comment, even the patch's author. Please keep the author and
   list CCed in replies. Please note that in absence of any response this
   pull request will be lost.

[PR] chore: Included githubactions in the dependabot config

[PR Bot]

Dear list!

Author: naveen <172697+naveensriniva...@users.noreply.github.com>
Number of patches: 1

This is an automated relay of the Github pull request:
   chore: Included githubactions in the dependabot config

Patch title(s): 
   chore: Included githubactions in the dependabot config

Link:
   https://github.com/haproxy/haproxy/pull/1713

Edit locally:
   wget https://github.com/haproxy/haproxy/pull/1713.patch && vi 1713.patch

Apply locally:
   curl https://github.com/haproxy/haproxy/pull/1713.patch | git am -

Description:
   This should help with keeping the GitHub actions updated on new
   releases. This will also help with keeping it secure.
   Dependabot helps in keeping the supply chain secure
   https://docs.github.com/en/code-security/dependabot
   
   GitHub
   actions up to date https://docs.github.com/en/code-
   security/dependabot/working-with-dependabot/keeping-your-actions-up-
   to-date-with-dependabot
   https://github.com/ossf/scorecard/blob/main/docs/checks.md#dependency-
   update-tool
   Signed-off-by: naveen
   <172697+naveensriniva...@users.noreply.github.com>

Instructions:
   This github pull request will be closed automatically; patch should be
   reviewed on the haproxy mailing list (haproxy@formilux.org). Everyone is
   invited to comment, even the patch's author. Please keep the author and
   list CCed in replies. Please note that in absence of any response this
   pull request will be lost.

[PR] fix: Correct data types list

[PR Bot]

Dear list!

Author: Fionera 
Number of patches: 1

This is an automated relay of the Github pull request:
   fix: Correct data types list

Patch title(s): 
   fix: Correct data types list

Link:
   https://github.com/haproxy/haproxy/pull/1603

Edit locally:
   wget https://github.com/haproxy/haproxy/pull/1603.patch && vi 1603.patch

Apply locally:
   curl https://github.com/haproxy/haproxy/pull/1603.patch | git am -

Description:
   There is a Typo in the peers-v2.0 Doc

Instructions:
   This github pull request will be closed automatically; patch should be
   reviewed on the haproxy mailing list (haproxy@formilux.org). Everyone is
   invited to comment, even the patch's author. Please keep the author and
   list CCed in replies. Please note that in absence of any response this
   pull request will be lost.

[PR] Add script to generate JSON and YAML releases files

[PR Bot]

Dear list!

Author: Daniele Rondina 
Number of patches: 1

This is an automated relay of the Github pull request:
   Add script to generate JSON and YAML releases files

Patch title(s): 
   Add script to generate JSON and YAML releases files

Link:
   https://github.com/haproxy/haproxy/pull/1539

Edit locally:
   wget https://github.com/haproxy/haproxy/pull/1539.patch && vi 1539.patch

Apply locally:
   curl https://github.com/haproxy/haproxy/pull/1539.patch | git am -

Description:
   Related to https://github.com/haproxy/haproxy/issues/1537.
   
   I
   haven't test the DOWNLOAD_TOOLS env option and i dunno if you prefer
   to set by default to 1.
   
   Let me know wdyt and if it works on
   your tree. ;)
   
   To execute this script just:
   ```shell
   $> bash scripts/generate-tags-json.sh 
   ```

Instructions:
   This github pull request will be closed automatically; patch should be
   reviewed on the haproxy mailing list (haproxy@formilux.org). Everyone is
   invited to comment, even the patch's author. Please keep the author and
   list CCed in replies. Please note that in absence of any response this
   pull request will be lost.

[PR] fix problem which don't support 1-byte atomic instructions natively on RISCV64 architecture

[PR Bot]

Dear list!

Author: xiaobin 
Number of patches: 1

This is an automated relay of the Github pull request:
   fix problem which don't support 1-byte atomic instructions natively on
   RISCV64 architecture

Patch title(s): 
   fix __atomic problem for riscv

Link:
   https://github.com/haproxy/haproxy/pull/1455

Edit locally:
   wget https://github.com/haproxy/haproxy/pull/1455.patch && vi 1455.patch

Apply locally:
   curl https://github.com/haproxy/haproxy/pull/1455.patch | git am -

Description:
   When building on RISCV64 architecture, I met the following error.
   ```shell
   /usr/bin/ld: src/cfgparse.o: in function
   `check_config_validity':
   /home/haproxy/src/cfgparse.c:2476:
   undefined reference to `__atomic_exchange_1'
   /usr/bin/ld:
   src/dns.o: in function `dns_resolve_send':
   /home/haproxy/src/dns.c:313: undefined reference to
   `__atomic_fetch_sub_1'
   /usr/bin/ld: /home/haproxy/src/dns.c:354:
   undefined reference to `__atomic_fetch_add_1'
   /usr/bin/ld:
   /home/haproxy/src/dns.c:304: undefined reference to
   `__atomic_fetch_add_1'
   /usr/bin/ld: src/dns.o: in function
   `dns_session_io_handler':
   /home/haproxy/src/dns.c:726: undefined
   reference to `__atomic_fetch_sub_1'
   /usr/bin/ld:
   /home/haproxy/src/dns.c:713: undefined reference to
   `__atomic_fetch_add_1'
   /usr/bin/ld: src/dns.o: in function
   `b_getblk':
   /home/haproxy/include/haproxy/buf.h:328: undefined
   reference to `__atomic_fetch_add_1'
   /usr/bin/ld: src/dns.o: in
   function `pool_free':
   /home/haproxy/include/haproxy/pool.h:291:
   undefined reference to `__atomic_fetch_add_1'
   /usr/bin/ld:
   src/dns.o: in function `__pool_alloc':
   /home/haproxy/include/haproxy/pool.h:246: undefined reference to
   `__atomic_fetch_sub_1'
   /usr/bin/ld: src/dns.o: in function
   `pool_free':
   /home/haproxy/include/haproxy/pool.h:291: undefined
   reference to `__atomic_fetch_add_1'
   /usr/bin/ld: src/dns.o: in
   function `dns_process_req':
   /home/haproxy/src/dns.c:1196:
   undefined reference to `__atomic_fetch_add_1'
   /usr/bin/ld:
   src/sink.o: in function `sink_forward_oc_io_handler':
   /home/haproxy/src/sink.c:515: undefined reference to
   `__atomic_fetch_sub_1'
   /usr/bin/ld: /home/haproxy/src/sink.c:549:
   undefined reference to `__atomic_fetch_add_1'
   /usr/bin/ld:
   /home/haproxy/src/sink.c:549: undefined reference to
   `__atomic_fetch_add_1'
   /usr/bin/ld: /home/haproxy/src/sink.c:501:
   undefined reference to `__atomic_fetch_add_1'
   /usr/bin/ld:
   src/sink.o: in function `sink_forward_io_handler':
   /home/haproxy/src/sink.c:375: undefined reference to
   `__atomic_fetch_sub_1'
   /usr/bin/ld: src/sink.o: in function
   `b_peek_ofs':
   /home/haproxy/include/haproxy/buf.h:142: undefined
   reference to `__atomic_fetch_add_1'
   /usr/bin/ld:
   /home/haproxy/include/haproxy/buf.h:143: undefined reference to
   `__atomic_fetch_add_1'
   /usr/bin/ld:
   /home/haproxy/include/haproxy/buf.h:143: undefined reference to
   `__atomic_fetch_add_1'
   /usr/bin/ld: src/ring.o: in function
   `ring_detach_appctx':
   /home/haproxy/src/ring.c:240: undefined
   reference to `__atomic_fetch_sub_1'
   /usr/bin/ld: src/ring.o: in
   function `cli_io_handler_show_ring':
   /home/haproxy/src/ring.c:320:
   undefined reference to `__atomic_fetch_sub_1'
   /usr/bin/ld:
   /home/haproxy/src/ring.c:354: undefined reference to
   `__atomic_fetch_add_1'
   /usr/bin/ld: /home/haproxy/src/ring.c:354:
   undefined reference to `__atomic_fetch_add_1'
   /usr/bin/ld:
   /home/haproxy/src/ring.c:311: undefined reference to
   `__atomic_fetch_add_1'
   collect2: error: ld returned 1 exit status
   make: *** [Makefile:933: haproxy] Error 1
   ```
   It seems the
   target platform doesn't support 1-byte atomic instructions natively.
   So I add `-latomic` to support when compiling.
   The result:
   ```shell
   [root@master0 haproxy]# ./haproxy
   HAProxy version
   2.5-dev13-47940c-45 2021/11/10 - https://haproxy.org/
   Status:
   development branch - not safe for use in production.
   Known bugs:
   https://github.com/haproxy/haproxy/issues?q=is:issue+is:open
   Running on: Linux 5.4.61 #20 SMP Thu Aug 26 11:50:01 CST 2021 riscv64
   Usage : haproxy [-f ]* [ -vdVD ] [ -n  ] [ -N
]
   [ -p  ] [ -m  ] [ -C 
   ] [-- *]
   -v displays version ; -vv shows known
   build options.
   -d enters debug mode ; -db only disables
   background mode.
   -dM[] poisons memory with 
   (defaults to 0x50)
   -V enters verbose mode (disables quiet
   mode)
   -D goes daemon ; -C changes to  before loading
   files.
   -W master-worker mode.
   -q quiet mode :
   don't display messages
   -c check mode : only check config
   files and exit
   -cc check condition : evaluate a condition
   and exit
   -n sets the maximum total # of connections (uses
   ulimit -n)
   -m limits the usable amount of memory (in MB)
   -N sets the 

[PR] Some grammar in peers.txt

[PR Bot]

Dear list!

Author: John Roesler 
Number of patches: 1

This is an automated relay of the Github pull request:
   Some grammar in peers.txt

Patch title(s): 
   Some grammar

Link:
   https://github.com/haproxy/haproxy/pull/1436

Edit locally:
   wget https://github.com/haproxy/haproxy/pull/1436.patch && vi 1436.patch

Apply locally:
   curl https://github.com/haproxy/haproxy/pull/1436.patch | git am -

Description:


Instructions:
   This github pull request will be closed automatically; patch should be
   reviewed on the haproxy mailing list (haproxy@formilux.org). Everyone is
   invited to comment, even the patch's author. Please keep the author and
   list CCed in replies. Please note that in absence of any response this
   pull request will be lost.

[PR] BUG/MEDIUM: lua: fix invalid return types in hlua_http_msg_get_body

[PR Bot]

Dear list!

Author: vishnu 
Number of patches: 1

This is an automated relay of the Github pull request:
   BUG/MEDIUM: lua: fix invalid return types in hlua_http_msg_get_body

Patch title(s): 
   BUG/MEDIUM: lua: fix invalid return types in hlua_http_msg_get_body

Link:
   https://github.com/haproxy/haproxy/pull/1427

Edit locally:
   wget https://github.com/haproxy/haproxy/pull/1427.patch && vi 1427.patch

Apply locally:
   curl https://github.com/haproxy/haproxy/pull/1427.patch | git am -

Description:
   hlua_http_msg_get_body must return either a Lua string or nil.
   For
   some HTTPMessage objects, HTX_BLK_EOT blocks are also present in the
   HTX buffer along with HTX_BLK_DATA blocks. In such cases,
   _hlua_http_msg_dup will start copying data into a luaL_Buffer until it
   encounters an HTX_BLK_EOT. But then instead of pushing neither the
   luaL_Buffer nor `nil` to the Lua stack, the function will return
   immediately. The end result will be that the caller of the
   HTTPMessage.get_body() method from a Lua filter will see whatever
   object was on top of the stack as return value. It may be either a
   userdata object if HTTPMessage.get_body was called with only two
   arguments, or the third argument itself if called with three
   arguments. Hence HTTPMessage.get_body would return either nil, or
   HTTPMessage body as Lua string, or a userdata objects, or number.
   This fix ensure that HTTPMessage.get_body() will always return either
   a string or nil.
   
   Fixes #1426 .

Instructions:
   This github pull request will be closed automatically; patch should be
   reviewed on the haproxy mailing list (haproxy@formilux.org). Everyone is
   invited to comment, even the patch's author. Please keep the author and
   list CCed in replies. Please note that in absence of any response this
   pull request will be lost.

[PR] Typos fixed "it" should be "is"

[PR Bot]

Dear list!

Author: Anubhav 
Number of patches: 1

This is an automated relay of the Github pull request:
   Typos fixed "it" should be "is"

Patch title(s): 
   Typos fixed "it" should be "is"

Link:
   https://github.com/haproxy/haproxy/pull/1415

Edit locally:
   wget https://github.com/haproxy/haproxy/pull/1415.patch && vi 1415.patch

Apply locally:
   curl https://github.com/haproxy/haproxy/pull/1415.patch | git am -

Description:
   Could you please add the label `hacktoberfest-accepted` to the PR
   (obviously if you feel that it's not invalid/spam and should be
   merged)

Instructions:
   This github pull request will be closed automatically; patch should be
   reviewed on the haproxy mailing list (haproxy@formilux.org). Everyone is
   invited to comment, even the patch's author. Please keep the author and
   list CCed in replies. Please note that in absence of any response this
   pull request will be lost.

[PR] Using standard 'OOM' instead of 'Out of Memory'

[PR Bot]

Dear list!

Author: SuvP 
Number of patches: 1

This is an automated relay of the Github pull request:
   Using standard 'OOM' instead of 'Out of Memory'

Patch title(s): 
   Using standard 'OOM' instead of 'Out of Memory'

Link:
   https://github.com/haproxy/haproxy/pull/1397

Edit locally:
   wget https://github.com/haproxy/haproxy/pull/1397.patch && vi 1397.patch

Apply locally:
   curl https://github.com/haproxy/haproxy/pull/1397.patch | git am -

Description:
   Refers to #1025 
   Using  well known word 'OOM' instead of 'Out of
   Memory'
   This will reduce binary size as well.
   Have tried to
   keep context wherever required.

Instructions:
   This github pull request will be closed automatically; patch should be
   reviewed on the haproxy mailing list (haproxy@formilux.org). Everyone is
   invited to comment, even the patch's author. Please keep the author and
   list CCed in replies. Please note that in absence of any response this
   pull request will be lost.

[PR] DOC/MINOR: fix typo in management document

[PR Bot]

Dear list!

Author: Jonathon Lacher <6679714+jonathonlac...@users.noreply.github.com>
Number of patches: 1

This is an automated relay of the Github pull request:
   DOC/MINOR: fix typo in management document

Patch title(s): 
   DOC/MINOR: fix typo in management document

Link:
   https://github.com/haproxy/haproxy/pull/1341

Edit locally:
   wget https://github.com/haproxy/haproxy/pull/1341.patch && vi 1341.patch

Apply locally:
   curl https://github.com/haproxy/haproxy/pull/1341.patch | git am -

Description:


Instructions:
   This github pull request will be closed automatically; patch should be
   reviewed on the haproxy mailing list (haproxy@formilux.org). Everyone is
   invited to comment, even the patch's author. Please keep the author and
   list CCed in replies. Please note that in absence of any response this
   pull request will be lost.

[PR] Release the lock init_mutex before the program ends for issue#1326.

[PR Bot]

Dear list!

Author: jenny-cheung 
Number of patches: 2

This is an automated relay of the Github pull request:
   Release the lock init_mutex before the program ends for issue#1326.

Patch title(s): 
   a fix patch for issue#1326
   Release the lock and fix the indentation problem.

Link:
   https://github.com/haproxy/haproxy/pull/1332

Edit locally:
   wget https://github.com/haproxy/haproxy/pull/1332.patch && vi 1332.patch

Apply locally:
   curl https://github.com/haproxy/haproxy/pull/1332.patch | git am -

Description:
   Release the lock init_mutex before the program ends for issue#1326.

Instructions:
   This github pull request will be closed automatically; patch should be
   reviewed on the haproxy mailing list (haproxy@formilux.org). Everyone is
   invited to comment, even the patch's author. Please keep the author and
   list CCed in replies. Please note that in absence of any response this
   pull request will be lost.

[PR] a fix patch for issue#1326

[PR Bot]

Dear list!

Author: jenny-cheung 
Number of patches: 1

This is an automated relay of the Github pull request:
   a fix patch for issue#1326

Patch title(s): 
   a fix patch for issue#1326

Link:
   https://github.com/haproxy/haproxy/pull/1329

Edit locally:
   wget https://github.com/haproxy/haproxy/pull/1329.patch && vi 1329.patch

Apply locally:
   curl https://github.com/haproxy/haproxy/pull/1329.patch | git am -

Description:
   a fix patch for issue#1326. Thank you for the checking.

Instructions:
   This github pull request will be closed automatically; patch should be
   reviewed on the haproxy mailing list (haproxy@formilux.org). Everyone is
   invited to comment, even the patch's author. Please keep the author and
   list CCed in replies. Please note that in absence of any response this
   pull request will be lost.

[PR] fix: TYPED_DATA typos for UINT64

[PR Bot]

Dear list!

Author: Willem van der Schyff 
Number of patches: 1

This is an automated relay of the Github pull request:
   fix: TYPED_DATA typos for UINT64

Patch title(s): 
   fix: TYPED_DATA typos for UINT64

Link:
   https://github.com/haproxy/haproxy/pull/1316

Edit locally:
   wget https://github.com/haproxy/haproxy/pull/1316.patch && vi 1316.patch

Apply locally:
   curl https://github.com/haproxy/haproxy/pull/1316.patch | git am -

Description:
   ![image](https://user-images.githubusercontent.com/237710/125155722-13
   31af80-e162-11eb-8287-a48160ee8ca7.png)
   ![image](https://user-images.githubusercontent.com/237710/125155728-16
   c53680-e162-11eb-971c-8cf8f33e9cad.png)

Instructions:
   This github pull request will be closed automatically; patch should be
   reviewed on the haproxy mailing list (haproxy@formilux.org). Everyone is
   invited to comment, even the patch's author. Please keep the author and
   list CCed in replies. Please note that in absence of any response this
   pull request will be lost.

[PR] DOC: Fix typo in starter guide

[PR Bot]

Dear list!

Author: Mark Mullan 
Number of patches: 1

This is an automated relay of the Github pull request:
   DOC: Fix typo in starter guide

Patch title(s): 
   DOC: Fix typo in starter guide

Link:
   https://github.com/haproxy/haproxy/pull/1265

Edit locally:
   wget https://github.com/haproxy/haproxy/pull/1265.patch && vi 1265.patch

Apply locally:
   curl https://github.com/haproxy/haproxy/pull/1265.patch | git am -

Description:


Instructions:
   This github pull request will be closed automatically; patch should be
   reviewed on the haproxy mailing list (haproxy@formilux.org). Everyone is
   invited to comment, even the patch's author. Please keep the author and
   list CCed in replies. Please note that in absence of any response this
   pull request will be lost.

[PR] Correct example reload command in the document

[PR Bot]

Dear list!

Author: varnav 
Number of patches: 1

This is an automated relay of the Github pull request:
   Correct example reload command in the document

Patch title(s): 
   Correct example reload command in the document

Link:
   https://github.com/haproxy/haproxy/pull/1245

Edit locally:
   wget https://github.com/haproxy/haproxy/pull/1245.patch && vi 1245.patch

Apply locally:
   curl https://github.com/haproxy/haproxy/pull/1245.patch | git am -

Description:
   Current example is:
   
   `echo "reload" | socat /var/run/haproxy-
   master.sock`
   
   it will cause socat error:
   
   `exactly 2
   addresses required (there are 1); use option "-h" for help`
   Correct working command is:
   
   `echo "reload" | socat
   /var/run/haproxy-master.sock stdin`

Instructions:
   This github pull request will be closed automatically; patch should be
   reviewed on the haproxy mailing list (haproxy@formilux.org). Everyone is
   invited to comment, even the patch's author. Please keep the author and
   list CCed in replies. Please note that in absence of any response this
   pull request will be lost.

[PR] proto_tcp.c: fix printing of muliple setsockopt errors

[PR Bot]

Dear list!

Author: Björn Jacke 
Number of patches: 1

This is an automated relay of the Github pull request:
   proto_tcp.c: fix printing of muliple setsockopt errors

Patch title(s): 
   proto_tcp.c: fix printing of muliple setsockopt errors

Link:
   https://github.com/haproxy/haproxy/pull/1049

Edit locally:
   wget https://github.com/haproxy/haproxy/pull/1049.patch && vi 1049.patch

Apply locally:
   curl https://github.com/haproxy/haproxy/pull/1049.patch | git am -

Description:
   Attached patch is an attempt to fix the output of multiple
   setsockopt() warnings. Currently only the latest warning is printed
   because msg is overwritten with each new failed setsockopt() call.
   Signed-off-by: Bjoern Jacke 
   
   There is at
   least one thing left, which should be fixed somehow: if many
   setsockopt() calls fail, then errlen exceeds and the warning message
   is truncated, I've seen this happend actually. This is a TODO for
   someone, who knows the code better :-)

Instructions:
   This github pull request will be closed automatically; patch should be
   reviewed on the haproxy mailing list (haproxy@formilux.org). Everyone is
   invited to comment, even the patch's author. Please keep the author and
   list CCed in replies. Please note that in absence of any response this
   pull request will be lost.

[PR] Fixed null pointer dereference in srv_cleanup_connections()

[PR Bot]

Dear list!

Author: Peter Skarpetis 
Number of patches: 1

This is an automated relay of the Github pull request:
   Fixed null pointer dereference in srv_cleanup_connections()

Patch title(s): 
   Fixed null pointer dereference in srv_cleanup_connections()

Link:
   https://github.com/haproxy/haproxy/pull/1031

Edit locally:
   wget https://github.com/haproxy/haproxy/pull/1031.patch && vi 1031.patch

Apply locally:
   curl https://github.com/haproxy/haproxy/pull/1031.patch | git am -

Description:
   haproxy_srv_cleanup_connections_crash.cfg causes a null pointer
   dereference in srv_cleanup_connections . Configuration file works in
   2.0.19  branch but crashes in all subsequent versions including the
   dev branch. I did not track down the cause, I just added the null
   pointer check to stop the crashing.
   
   Crash can be reproduced
   with the following command:
   ./haproxy -c -f
   haproxy_srv_cleanup_connections_crash.cfg
   haproxy_srv_cleanup_connections_crash.cfg  can be grabbed from the
   gist below:
   https://gist.github.com/peterska/769f41562f6b045df59df
   2294b2c20f0#file-haproxy_srv_cleanup_connections_crash-cfg
   configuration file has been edited enough to cause the crash while
   removing all references to certificates and CA authorities. It is not
   a production config file.

Instructions:
   This github pull request will be closed automatically; patch should be
   reviewed on the haproxy mailing list (haproxy@formilux.org). Everyone is
   invited to comment, even the patch's author. Please keep the author and
   list CCed in replies. Please note that in absence of any response this
   pull request will be lost.

[PR] smp_size and sample_size seems to be mixed in docu

[PR Bot]

Dear list!

Author: Jan Wagner 
Number of patches: 1

This is an automated relay of the Github pull request:
   smp_size and sample_size seems to be mixed in docu

Patch title(s): 
   smp_size and sample_size seems to be mixed

Link:
   https://github.com/haproxy/haproxy/pull/1012

Edit locally:
   wget https://github.com/haproxy/haproxy/pull/1012.patch && vi 1012.patch

Apply locally:
   curl https://github.com/haproxy/haproxy/pull/1012.patch | git am -

Description:


Instructions:
   This github pull request will be closed automatically; patch should be
   reviewed on the haproxy mailing list (haproxy@formilux.org). Everyone is
   invited to comment, even the patch's author. Please keep the author and
   list CCed in replies. Please note that in absence of any response this
   pull request will be lost.

[PR] Skip unsupported ciphers for ecdsa cert

[PR Bot]

Dear list!

Author: Marcoen Hirschberg 
Number of patches: 3

This is an automated relay of the Github pull request:
   Skip unsupported ciphers for ecdsa cert

Patch title(s): 
   MINOR: ssl: variable renames for clarity
   MINOR: ssl: skip unknown client cipher
   BUG/MINOR: ssl: only choose ECDSA cert if server and client have common 
ECDSA ciphers

Link:
   https://github.com/haproxy/haproxy/pull/983

Edit locally:
   wget https://github.com/haproxy/haproxy/pull/983.patch && vi 983.patch

Apply locally:
   curl https://github.com/haproxy/haproxy/pull/983.patch | git am -

Description:


Instructions:
   This github pull request will be closed automatically; patch should be
   reviewed on the haproxy mailing list (haproxy@formilux.org). Everyone is
   invited to comment, even the patch's author. Please keep the author and
   list CCed in replies. Please note that in absence of any response this
   pull request will be lost.

[PR] Add srvkey option to stick-table

[PR Bot]

Dear list!

Author: Thayne McCombs 
Number of patches: 2

This is an automated relay of the Github pull request:
   Add srvkey option to stick-table

Patch title(s): 
   Add srvkey option to stick-table
   Harden sa2str agains 107-byte-long abstract unix domain path

Link:
   https://github.com/haproxy/haproxy/pull/979

Edit locally:
   wget https://github.com/haproxy/haproxy/pull/979.patch && vi 979.patch

Apply locally:
   curl https://github.com/haproxy/haproxy/pull/979.patch | git am -

Description:
   This allows using the address of the server rather than the name of
   the
   server for keeping track of servers in a backend for
   stickiness.
   
   Fixes #814
   
   I haven't tested this at all
   yet, and it still needs some polish, but here is a draft of how to fix
   #814. 
   
   This is my first significant contribution to haproxy,
   so I would not be surprised if I'm doing something terribly wrong, and
   I'm sure there are at least some small mistakes in it. Initial
   feedback would be very welcome.

Instructions:
   This github pull request will be closed automatically; patch should be
   reviewed on the haproxy mailing list (haproxy@formilux.org). Everyone is
   invited to comment, even the patch's author. Please keep the author and
   list CCed in replies. Please note that in absence of any response this
   pull request will be lost.

[PR] hpack-tbl-t.h uses VAR_ARRAY and requires compiler.h to be included

[PR Bot]

Dear list!

Author: Christian Ruppert 
Number of patches: 1

This is an automated relay of the Github pull request:
   hpack-tbl-t.h uses VAR_ARRAY and requires compiler.h to be included

Patch title(s): 
   hpack-tbl-t.h uses VAR_ARRAY and requires compiler.h to be included

Link:
   https://github.com/haproxy/haproxy/pull/942

Edit locally:
   wget https://github.com/haproxy/haproxy/pull/942.patch && vi 942.patch

Apply locally:
   curl https://github.com/haproxy/haproxy/pull/942.patch | git am -

Description:
   This fixes building hpack from contrib, which failed because of the
   undeclared VAR_ARRAY:
   
   make -C contrib/hpack
   ...
   cc
   -O2 -Wall -g -I../../include -fwrapv -fno-strict-aliasing   -c -o gen-
   enc.o gen-enc.c
   In file included from gen-enc.c:18:
   ../../include/haproxy/hpack-tbl-t.h:105:23: error: 'VAR_ARRAY'
   undeclared here (not in a function)
 105 |  struct hpack_dte
   dte[VAR_ARRAY]; /* dynamic table entries */
   ...
   
   Signed-
   off-by: Christian Ruppert 

Instructions:
   This github pull request will be closed automatically; patch should be
   reviewed on the haproxy mailing list (haproxy@formilux.org). Everyone is
   invited to comment, even the patch's author. Please keep the author and
   list CCed in replies. Please note that in absence of any response this
   pull request will be lost.

[PR] SOCKS4(A)

[PR Bot]

Dear list!

Author: alexzk1 
Number of patches: 30

This is an automated relay of the Github pull request:
   SOCKS4(A)

Patch title(s): 
   trying to resolve server domain using SOCKS4A
   added htonl for IP
   fixed access to non-existing address
   more checks
   moved domen dump to backend
   fixed wrong paste in wrong file
   added error message
   updated error text
   made socks4 to use fake 10.10.10.10
   moved struct socks4_request back to header as it could have alignment there
   added domain to debug out
   removed htonl call for fake ip
   fixed user_length
   added explicit #pragma pack
   added debug out of socks4a header
   added back htonl
   fixed userid, domain must follow it, not replace
   made single block send for socks4a
   updated debug text
   fixed "correction"
   removed extra if ()?:
   changed dumper to use unsigned char*
   updated debug text
   removed closing domain string in connection
   updated debug texts, added domain set to tcp check
   updated conn_set_domain to allow nullptr which just frees then, moved 
conn_set_domain in tcp_check as it can be couple cases
   updated debug text
   moved fake host definitions to separated file, made connection check for 
fake IP not conditional to debug
   updated debug output
   more text update

Link:
   https://github.com/haproxy/haproxy/pull/883

Edit locally:
   wget https://github.com/haproxy/haproxy/pull/883.patch && vi 883.patch

Apply locally:
   curl https://github.com/haproxy/haproxy/pull/883.patch | git am -

Description:
   So I completely understand that you will dislike what my formatter did
   there, but you can just reject. I don't care as it was paid update.
   So what it do:
   1. adds support for socks4A, if it cannot resolve
   dns localy it does ..read file "fake_host.h"
   2. you forgot to
   copy-paste setup from "backend.c" to "tcpcheck.c" for socks4. So since
   2.1 it does not do check over socks.
   I fixed that and removed
   copy-paste by doing function.
   Also it is generic rule, if any
   piece of code met twice -> do a function. 90% of your current can be
   changed in that way.
   3. and at then end I have rhetoric question:
   if you invented there virtual functions and virtual table, why the
   hell you keep using C and don't switch to C++ ?

Instructions:
   This github pull request will be closed automatically; patch should be
   reviewed on the haproxy mailing list (haproxy@formilux.org). Everyone is
   invited to comment, even the patch's author. Please keep the author and
   list CCed in replies. Please note that in absence of any response this
   pull request will be lost.

[PR] Prevent favicon.ico requests errors for stats page.

[PR Bot]

Dear list!

Author: zurikus 
Number of patches: 2

This is an automated relay of the Github pull request:
   Prevent favicon.ico requests errors for stats page.

Patch title(s): 
   Prevent favicon.ico requests for stats page
   Merge pull request #1 from zurikus/zurikus-patch-1

Link:
   https://github.com/haproxy/haproxy/pull/824

Edit locally:
   wget https://github.com/haproxy/haproxy/pull/824.patch && vi 824.patch

Apply locally:
   curl https://github.com/haproxy/haproxy/pull/824.patch | git am -

Description:
   Prevent favicon.ico requests errors for stats page.
   
   Haproxy
   stats page don't have a favicon.ico, but browsers make a request for
   it.
   This lead to errors during stats page requests:
   
   Aug
   18 08:46:41 somehost.example.net haproxy[1521534]: X.X.X.X:61403
   [18/Aug/2020:08:46:41.437] stats stats/ -1/-1/-1/-1/0 503 222 - - SC--
   2/2/0/0/0 0/0 "GET /favicon.ico HTTP/1.1"
   Aug 18 08:46:42
   somehost.example.net haproxy[1521534]: X.X.X.X:61403
   [18/Aug/2020:08:46:42.650] stats stats/ -1/-1/-1/-1/0 503 222 - - SC--
   2/2/0/0/0 0/0 "GET /favicon.ico HTTP/1.1"
   
   Patch provided set
   empty favicon.ico for haproxy stats page.

Instructions:
   This github pull request will be closed automatically; patch should be
   reviewed on the haproxy mailing list (haproxy@formilux.org). Everyone is
   invited to comment, even the patch's author. Please keep the author and
   list CCed in replies. Please note that in absence of any response this
   pull request will be lost.

[PR] DOC: Update docs / comments to be inclusive of all gender identities

[PR Bot]

Dear list!

Author: Jackie Tapia 
Number of patches: 2

This is an automated relay of the Github pull request:
   DOC: Update docs / comments to be inclusive of all gender identities

Patch title(s): 
   Update docs / comments to be more inclusive of all gender identities
   Update contributing doc

Link:
   https://github.com/haproxy/haproxy/pull/772

Edit locally:
   wget https://github.com/haproxy/haproxy/pull/772.patch && vi 772.patch

Apply locally:
   curl https://github.com/haproxy/haproxy/pull/772.patch | git am -

Description:
   To promote an inclusive environment for all communities, this PR
   converts all references of gender specific pronouns, e.g "he" or
   "she", into the third-person pronoun "they" as it is inclusive of all
   people. Furthermore, documentation / comments should use singular
   "they" when referring to a generic person whose gender is unknown or
   irrelevant to the context.
   
   Also, remove some trailing
   whitespaces from the files modified.

Instructions:
   This github pull request will be closed automatically; patch should be
   reviewed on the haproxy mailing list (haproxy@formilux.org). Everyone is
   invited to comment, even the patch's author. Please keep the author and
   list CCed in replies. Please note that in absence of any response this
   pull request will be lost.

[PR] http-check send was missing from matrix

[PR Bot]

Dear list!

Author: Peter Gervai 
Number of patches: 1

This is an automated relay of the Github pull request:
   http-check send was missing from matrix

Patch title(s): 
   http-check send was missing from matrix

Link:
   https://github.com/haproxy/haproxy/pull/678

Edit locally:
   wget https://github.com/haproxy/haproxy/pull/678.patch && vi 678.patch

Apply locally:
   curl https://github.com/haproxy/haproxy/pull/678.patch | git am -

Description:
   while it probably shouldn't have.

Instructions:
   This github pull request will be closed automatically; patch should be
   reviewed on the haproxy mailing list (haproxy@formilux.org). Everyone is
   invited to comment, even the patch's author. Please keep the author and
   list CCed in replies. Please note that in absence of any response this
   pull request will be lost.

[PR] Unindent non-code sentences in the protobuf example

[PR Bot]

Dear list!

Author: Peter Gervai 
Number of patches: 1

This is an automated relay of the Github pull request:
   Unindent non-code sentences in the protobuf example

Patch title(s): 
   Unindent non-code sentences in the protobuf example

Link:
   https://github.com/haproxy/haproxy/pull/677

Edit locally:
   wget https://github.com/haproxy/haproxy/pull/677.patch && vi 677.patch

Apply locally:
   curl https://github.com/haproxy/haproxy/pull/677.patch | git am -

Description:
   Unindent to make the explanation go back to text from code formatted
   example in tyhe HTMLized version. Still it's not perfect since these
   are not haproxy examples but protobuf config, but... way better.

Instructions:
   This github pull request will be closed automatically; patch should be
   reviewed on the haproxy mailing list (haproxy@formilux.org). Everyone is
   invited to comment, even the patch's author. Please keep the author and
   list CCed in replies. Please note that in absence of any response this
   pull request will be lost.

[PR] The agent-check fail state is represented as "fail"

[PR Bot]

Dear list!

Author: Jack Neely 
Number of patches: 1

This is an automated relay of the Github pull request:
   The agent-check fail state is represented as "fail"

Patch title(s): 
   The agent-check fail state is represented as "fail"

Link:
   https://github.com/haproxy/haproxy/pull/642

Edit locally:
   wget https://github.com/haproxy/haproxy/pull/642.patch && vi 642.patch

Apply locally:
   curl https://github.com/haproxy/haproxy/pull/642.patch | git am -

Description:
   Documentation has stated the string is "failed" and this doesn't match
   the source code.  An agent-check returning "failed" causes HAProxy to
   not make state changes.

Instructions:
   This github pull request will be closed automatically; patch should be
   reviewed on the haproxy mailing list (haproxy@formilux.org). Everyone is
   invited to comment, even the patch's author. Please keep the author and
   list CCed in replies. Please note that in absence of any response this
   pull request will be lost.

[PR] Do not build OpenSSL from source for ARM64

[PR Bot]

Dear list!

Author: Martin Tzvetanov Grigorov 
Number of patches: 1

This is an automated relay of the Github pull request:
   Do not build OpenSSL from source for ARM64

Patch title(s): 
   Do not build OpenSSL from source for ARM64

Link:
   https://github.com/haproxy/haproxy/pull/630

Edit locally:
   wget https://github.com/haproxy/haproxy/pull/630.patch && vi 630.patch

Apply locally:
   curl https://github.com/haproxy/haproxy/pull/630.patch | git am -

Description:
   Use openssl and libssl-dev from Ubuntu repositories. They come pre-
   installed by TravisCI.

Instructions:
   This github pull request will be closed automatically; patch should be
   reviewed on the haproxy mailing list (haproxy@formilux.org). Everyone is
   invited to comment, even the patch's author. Please keep the author and
   list CCed in replies. Please note that in absence of any response this
   pull request will be lost.

[PR] Build and test on AARCH64 at GitHub actions

[PR Bot]

Dear list!

Author: Martin Tzvetanov Grigorov 
Number of patches: 21

This is an automated relay of the Github pull request:
   Build and test on AARCH64 at GitHub actions

Patch title(s): 
   Add ARM64 testing
   Fix YAML
   Do not use '-it' for 'docker run'
   Create a custom Dockerfile where the build & test will be executed
   Checkout the project
   Checkout VTest and install dependencies in Docker
   Use Ubuntu:20.04 instead of Centos:8
   Extract the Shell script into a file
   Export CC for `make vtest`
   Add dependency to zlib1g-dev
   Add gcc to general dependencies
   Install wget to be able to download OpenSSL
   Disable LeakSanitizer because it fails with:
   Do not build OpenSSL. It is too slow with QEMU
   Remove USE_OPENSSL=0
   Remove testing of WURFL
   Re-enable OpenSSL because without it some tests fail
   Rename arm64.yml to aarch64.yml for consistency
   Use checkout@v2
   Add a README explaining how the testing on AARCH64 works
   Re-enable testing for Windows

Link:
   https://github.com/haproxy/haproxy/pull/617

Edit locally:
   wget https://github.com/haproxy/haproxy/pull/617.patch && vi 617.patch

Apply locally:
   curl https://github.com/haproxy/haproxy/pull/617.patch | git am -

Description:
   Since testing on ARM64/AARCH64 has been [disabled](https://github.com/
   haproxy/haproxy/commit/18b303e9f9b38e3a35b05cfe54d57ce3c81599c0#diff-3
   54f30a63fb0907d4ad57269548329e3) at TravisCI because there were some
   infrastructure related problems I propose a new way to test at GitHub
   Actions.
   The new approach is based on QEMU and uses Docker images
   to simplify the setup of QEMU.
   
   All is nice and shiny but
   there is one big problem - few tests fail consistently:
   
   ```
   ## Starting vtest ##
   Testing with haproxy version: 2.2-dev0-bbd4d68-993
   #top  TEST
   reg-tests/ssl/wrong_ctx_storage.vtc FAILED (0.280) exit=2
   #top
   TEST reg-tests/connection/proxy_protocol_random_fail.vtc FAILED
   (0.306) exit=2
   #top  TEST reg-tests/seamless-
   reload/abns_socket.vtc FAILED (0.711) exit=2
   #top  TEST reg-
   tests/http-rules/map_regm_with_backref.vtc FAILED (0.642) exit=2
   #
   top  TEST reg-tests/http-
   rules/converters_ipmask_concat_strcmp_field_word.vtc FAILED (0.778)
   exit=2
   5 tests failed, 0 tests skipped, 48 tests passed
   ## Gathering results
   ##
   ## Test case: reg-
   tests/connection/proxy_protocol_random_fail.vtc ##
   ## test
   results in:
   "/tmp/haregtests-2020-05-06_11-59-19.fNnEdV/vtc.7747.3fdec118"
    top  shell_exit not as expected: got 0x007f wanted 0x
   ## Test case: reg-tests/http-
   rules/converters_ipmask_concat_strcmp_field_word.vtc ##
   ##
   test results in:
   "/tmp/haregtests-2020-05-06_11-59-19.fNnEdV/vtc.7747.4f6aaeeb"
    c1   HTTP header is incomplete
   ## Test case: reg-
   tests/http-rules/map_regm_with_backref.vtc ##
   ## test results
   in: "/tmp/haregtests-2020-05-06_11-59-19.fNnEdV/vtc.7747.2a6adc02"
    c1   HTTP header is incomplete
    s1   HTTP rx failed (fd:6
   read: Connection reset by peer)
   ## Test case: reg-
   tests/ssl/wrong_ctx_storage.vtc ##
   ## test results in:
   "/tmp/haregtests-2020-05-06_11-59-19.fNnEdV/vtc.7747.6fe1dd3f"
    top  shell_exit not as expected: got 0x007f wanted 0x
   ## Test case: reg-tests/seamless-reload/abns_socket.vtc ##
   ## test results in:
   "/tmp/haregtests-2020-05-06_11-59-19.fNnEdV/vtc.7747.09b9aabe"
    c1   Failed to open 127.0.0.1 39405: (null)
   make: ***
   [Makefile:995: reg-tests] Error 1
   ```
   
   I've explained how
   to run the setup locally in `.github/workflows/aarch64/README.md`.

Instructions:
   This github pull request will be closed automatically; patch should be
   reviewed on the haproxy mailing list (haproxy@formilux.org). Everyone is
   invited to comment, even the patch's author. Please keep the author and
   list CCed in replies. Please note that in absence of any response this
   pull request will be lost.

[PR] Updating Documentation for Hashing

[PR Bot]

Dear list!

Author: Adam Mills 
Number of patches: 1

This is an automated relay of the Github pull request:
   Updating Documentation for Hashing

Patch title(s): 
   Updating Documentation for Hashing

Link:
   https://github.com/haproxy/haproxy/pull/582

Edit locally:
   wget https://github.com/haproxy/haproxy/pull/582.patch && vi 582.patch

Apply locally:
   curl https://github.com/haproxy/haproxy/pull/582.patch | git am -

Description:
   Bret Mulvey, the author of the article cited in this pulication has
   migrated his work to papa.bretmulvey.com. I was able to view an
   archival version of Bret M.'s original post
   (http://home.comcast.net/~bretm/hash/3.html) and have validated that
   this is the same paper that is originally cited.

Instructions:
   This github pull request will be closed automatically; patch should be
   reviewed on the haproxy mailing list (haproxy@formilux.org). Everyone is
   invited to comment, even the patch's author. Please keep the author and
   list CCed in replies. Please note that in absence of any response this
   pull request will be lost.

[PR] DOC: correct typo in alert message

[PR Bot]

Dear list!

Author: Balvinder Singh Rawat 
Number of patches: 1

This is an automated relay of the Github pull request:
   DOC: correct typo in alert message

Patch title(s): 
   correct typo in alert message

Link:
   https://github.com/haproxy/haproxy/pull/547

Edit locally:
   wget https://github.com/haproxy/haproxy/pull/547.patch && vi 547.patch

Apply locally:
   curl https://github.com/haproxy/haproxy/pull/547.patch | git am -

Description:
   This message comes when we run:
   ```
   haproxy -c -V -f
   /etc/haproxy/haproxy.cfg
   [ALERT] 072/233727 (30865) : parsing
   [/etc/haproxy/haproxy.cfg:34] : The 'rspirep' directive is not
   supported anymore sionce HAProxy 2.1. Use 'http-response replace-
   header' instead.
   [ALERT] 072/233727 (30865) : Error(s) found in
   configuration file : /etc/haproxy/haproxy.cfg
   [ALERT] 072/233727
   (30865) : Fatal errors found in configuration.
   ```

Instructions:
   This github pull request will be closed automatically; patch should be
   reviewed on the haproxy mailing list (haproxy@formilux.org). Everyone is
   invited to comment, even the patch's author. Please keep the author and
   list CCed in replies. Please note that in absence of any response this
   pull request will be lost.

[PR] Docs tls tickets

[PR Bot]

Dear list!

Author: Björn Jacke 
Number of patches: 2

This is an automated relay of the Github pull request:
   Docs tls tickets

Patch title(s): 
   BUG/MINOR: fix typo of tls-tickets
   DOC: improve description of no-tls-tickets

Link:
   https://github.com/haproxy/haproxy/pull/537

Edit locally:
   wget https://github.com/haproxy/haproxy/pull/537.patch && vi 537.patch

Apply locally:
   curl https://github.com/haproxy/haproxy/pull/537.patch | git am -

Description:
   typo in parameter and description improvement

Instructions:
   This github pull request will be closed automatically; patch should be
   reviewed on the haproxy mailing list (haproxy@formilux.org). Everyone is
   invited to comment, even the patch's author. Please keep the author and
   list CCed in replies. Please note that in absence of any response this
   pull request will be lost.

[PR] Add missing string length for lua sticktable lookup

[PR Bot]

Dear list!

Author: Nathan Neulinger 
Number of patches: 1

This is an automated relay of the Github pull request:
   Add missing string length for lua sticktable lookup

Patch title(s): 
   Add missing string length for lua sticktable lookup

Link:
   https://github.com/haproxy/haproxy/pull/530

Edit locally:
   wget https://github.com/haproxy/haproxy/pull/530.patch && vi 530.patch

Apply locally:
   curl https://github.com/haproxy/haproxy/pull/530.patch | git am -

Description:
   Consider moving this to smp_to_stkey - or at least adding a:
   ```if ( smp->data.u.str.data == 0 ) { static_table_key.key_len =
   strlen(smp->data.u.str.key); }```
   
   equivalent to smp_to_stkey

Instructions:
   This github pull request will be closed automatically; patch should be
   reviewed on the haproxy mailing list (haproxy@formilux.org). Everyone is
   invited to comment, even the patch's author. Please keep the author and
   list CCed in replies. Please note that in absence of any response this
   pull request will be lost.

[PR] MINOR: Add health check duration metric to Prometheus service

[PR Bot]

Dear list!

Author: Seena Fallah 
Number of patches: 1

This is an automated relay of the Github pull request:
   MINOR: Add health check duration metric to Prometheus service

Patch title(s): 
   MINOR: Add health check duration metric to Prometheus service

Link:
   https://github.com/haproxy/haproxy/pull/520

Edit locally:
   wget https://github.com/haproxy/haproxy/pull/520.patch && vi 520.patch

Apply locally:
   curl https://github.com/haproxy/haproxy/pull/520.patch | git am -

Description:
   Fixes: #519

Instructions:
   This github pull request will be closed automatically; patch should be
   reviewed on the haproxy mailing list (haproxy@formilux.org). Everyone is
   invited to comment, even the patch's author. Please keep the author and
   list CCed in replies. Please note that in absence of any response this
   pull request will be lost.

[PR] Add verfied chain

[PR Bot]

Dear list!

Author: Arjen Nienhuis 
Number of patches: 2

This is an automated relay of the Github pull request:
   Add verfied chain

Patch title(s): 
   MINOR: add fetch 'ssl_c_verified_chain'
   Merge branch 'master' of https://github.com/haproxy/haproxy

Link:
   https://github.com/haproxy/haproxy/pull/396

Edit locally:
   wget https://github.com/haproxy/haproxy/pull/396.patch && vi 396.patch

Apply locally:
   curl https://github.com/haproxy/haproxy/pull/396.patch | git am -

Description:


Instructions:
   This github pull request will be closed automatically; patch should be
   reviewed on the haproxy mailing list (haproxy@formilux.org). Everyone is
   invited to comment, even the patch's author. Please keep the author and
   list CCed in replies. Please note that in absence of any response this
   pull request will be lost.

[PR] modify if condition redundant

[PR Bot]

Dear list!

Author: Weiliang Li 
Number of patches: 1

This is an automated relay of the Github pull request:
   modify if condition redundant

Patch title(s): 
   modify if condition redundant

Link:
   https://github.com/haproxy/haproxy/pull/355

Edit locally:
   wget https://github.com/haproxy/haproxy/pull/355.patch && vi 355.patch

Apply locally:
   curl https://github.com/haproxy/haproxy/pull/355.patch | git am -

Description:
   Identical inner 'if' condition is always true (outer condition is
   'ext_child->command[i]' and inner condition is
   'ext_child->command[i]')

Instructions:
   This github pull request will be closed automatically; patch should be
   reviewed on the haproxy mailing list (haproxy@formilux.org). Everyone is
   invited to comment, even the patch's author. Please keep the author and
   list CCed in replies. Please note that in absence of any response this
   pull request will be lost.

[PR] MINOR: stick-table: allow sc-set-gpt0 to set value from an expression

[PR Bot]

Dear list!

Author: Cédric Dufour 
Number of patches: 2

This is an automated relay of the Github pull request:
   MINOR: stick-table: allow sc-set-gpt0 to set value from an expression

Patch title(s): 
   MINOR: stick-table: allow sc-set-gpt0 to set value from an expression
   coding style (should have been in my previous commit)

Link:
   https://github.com/haproxy/haproxy/pull/354

Edit locally:
   wget https://github.com/haproxy/haproxy/pull/354.patch && vi 354.patch

Apply locally:
   curl https://github.com/haproxy/haproxy/pull/354.patch | git am -

Description:
   Allow the `sc-set-gpt0()` action to set GPT0 to a value dynamically
   evaluated from
   its `` argument (in addition to the existing
   static `` alternative).
   
   Hello HAProxy team!
   While working on a use-case we have at hand, we ended up desperately
   needing the ability to set GPT0 from a dynamic value. This patch is
   mostly copy-paste from the `set-var()` action.
   
   Looking
   forwards to your review and best,
   
   Cédric

Instructions:
   This github pull request will be closed automatically; patch should be
   reviewed on the haproxy mailing list (haproxy@formilux.org). Everyone is
   invited to comment, even the patch's author. Please keep the author and
   list CCed in replies. Please note that in absence of any response this
   pull request will be lost.

[PR] updating req.body_param doc with chunk-encoding limitation

[PR Bot]

Dear list!

Author: fclerg <29798784+fcl...@users.noreply.github.com>
Number of patches: 1

This is an automated relay of the Github pull request:
   updating req.body_param doc with chunk-encoding limitation

Patch title(s): 
   updating req.body_param doc with chunk-encoding limitation

Link:
   https://github.com/haproxy/haproxy/pull/333

Edit locally:
   wget https://github.com/haproxy/haproxy/pull/333.patch && vi 333.patch

Apply locally:
   curl https://github.com/haproxy/haproxy/pull/333.patch | git am -

Description:


Instructions:
   This github pull request will be closed automatically; patch should be
   reviewed on the haproxy mailing list (haproxy@formilux.org). Everyone is
   invited to comment, even the patch's author. Please keep the author and
   list CCed in replies. Please note that in absence of any response this
   pull request will be lost.

[PR] Fix backend typo

[PR Bot]

Dear list!

Author: Rick Rackow 
Number of patches: 1

This is an automated relay of the Github pull request:
   Fix backend typo

Patch title(s): 
   Fix backend typ

Link:
   https://github.com/haproxy/haproxy/pull/316

Edit locally:
   wget https://github.com/haproxy/haproxy/pull/316.patch && vi 316.patch

Apply locally:
   curl https://github.com/haproxy/haproxy/pull/316.patch | git am -

Description:


Instructions:
   This github pull request will be closed automatically; patch should be
   reviewed on the haproxy mailing list (haproxy@formilux.org). Everyone is
   invited to comment, even the patch's author. Please keep the author and
   list CCed in replies. Please note that in absence of any response this
   pull request will be lost.

[PR] minor: a type error

[PR Bot]

Dear list!

Author: ArthurMa <4406art...@gmail.com>
Number of patches: 1

This is an automated relay of the Github pull request:
   minor: a type error

Patch title(s): 
   minor: a type error

Link:
   https://github.com/haproxy/haproxy/pull/291

Edit locally:
   wget https://github.com/haproxy/haproxy/pull/291.patch && vi 291.patch

Apply locally:
   curl https://github.com/haproxy/haproxy/pull/291.patch | git am -

Description:


Instructions:
   This github pull request will be closed automatically; patch should be
   reviewed on the haproxy mailing list (haproxy@formilux.org). Everyone is
   invited to comment, even the patch's author. Please keep the author and
   list CCed in replies. Please note that in absence of any response this
   pull request will be lost.

[PR] MINOR: remove limit of 1k socket connections with systemd

[PR Bot]

Dear list!

Author: Björn Jacke 
Number of patches: 1

This is an automated relay of the Github pull request:
   MINOR: remove limit of 1k socket connections with systemd

Patch title(s): 
   MINOR: remove limit of 1k socket connections with systemd

Link:
   https://github.com/haproxy/haproxy/pull/280

Edit locally:
   wget https://github.com/haproxy/haproxy/pull/280.patch && vi 280.patch

Apply locally:
   curl https://github.com/haproxy/haproxy/pull/280.patch | git am -

Description:
   systemd by default limits the max open files to 1k, which also limits
   the socket connections to 1k, the service script must be told to
   remove the limit.

Instructions:
   This github pull request will be closed automatically; patch should be
   reviewed on the haproxy mailing list (haproxy@formilux.org). Everyone is
   invited to comment, even the patch's author. Please keep the author and
   list CCed in replies. Please note that in absence of any response this
   pull request will be lost.

[PR] MINOR: remove limit of 1k socket connections with systemd

[PR Bot]

Dear list!

Author: Björn Jacke 
Number of patches: 1

This is an automated relay of the Github pull request:
   MINOR: remove limit of 1k socket connections with systemd

Patch title(s): 
   MINOR: remove limit of 1k socket connections with systemd

Link:
   https://github.com/haproxy/haproxy/pull/280

Edit locally:
   wget https://github.com/haproxy/haproxy/pull/280.patch && vi 280.patch

Apply locally:
   curl https://github.com/haproxy/haproxy/pull/280.patch | git am -

Description:
   systemd by default limits the max open files to 1k, which also limits
   the socket connections to 1k, the service script must be told to
   remove the limit.

Instructions:
   This github pull request will be closed automatically; patch should be
   reviewed on the haproxy mailing list (haproxy@formilux.org). Everyone is
   invited to comment, even the patch's author. Please keep the author and
   list CCed in replies. Please note that in absence of any response this
   pull request will be lost.

[PR] Add UUID fetch

[PR Bot]

Dear list!

Author: Luca Schimweg 
Number of patches: 3

This is an automated relay of the Github pull request:
   Add UUID fetch

Patch title(s): 
   Add UUID Generator
   UUID: Use suggestions from mailing list
   Add documentation for UUID-Fetch

Link:
   https://github.com/haproxy/haproxy/pull/271

Edit locally:
   wget https://github.com/haproxy/haproxy/pull/271.patch && vi 271.patch

Apply locally:
   curl https://github.com/haproxy/haproxy/pull/271.patch | git am -

Description:
   We discussed this in the mailing list

Instructions:
   This github pull request will be closed automatically; patch should be
   reviewed on the haproxy mailing list (haproxy@formilux.org). Everyone is
   invited to comment, even the patch's author. Please keep the author and
   list CCed in replies. Please note that in absence of any response this
   pull request will be lost.

[PR] Add support for server maintenance

[PR Bot]

Dear list!

Author: Mickaël Martin 
Number of patches: 1

This is an automated relay of the Github pull request:
   Add support for server maintenance

Patch title(s): 
   Add support for server maintenance

Link:
   https://github.com/haproxy/haproxy/pull/261

Edit locally:
   wget https://github.com/haproxy/haproxy/pull/261.patch && vi 261.patch

Apply locally:
   curl https://github.com/haproxy/haproxy/pull/261.patch | git am -

Description:
   Linked to https://github.com/haproxy/haproxy/issues/255
   Just
   adding maintenance state for prometheus monitoring.

Instructions:
   This github pull request will be closed automatically; patch should be
   reviewed on the haproxy mailing list (haproxy@formilux.org). Everyone is
   invited to comment, even the patch's author. Please keep the author and
   list CCed in replies. Please note that in absence of any response this
   pull request will be lost.

[PR] MINOR: connection: add TCP keep-alive parameters

[PR Bot]

Dear list!

Author: Sven Ulland 
Number of patches: 1

This is an automated relay of the Github pull request:
   MINOR: connection: add TCP keep-alive parameters

Patch title(s): 
   MINOR: connection: add TCP keep-alive parameters

Link:
   https://github.com/haproxy/haproxy/pull/252

Edit locally:
   wget https://github.com/haproxy/haproxy/pull/252.patch && vi 252.patch

Apply locally:
   curl https://github.com/haproxy/haproxy/pull/252.patch | git am -

Description:
   Add configuration parameters to control TCP keep-alives:
   * tcp-
   keepalive-time: Idle time before keep-alive probes are sent
   * tcp-
   keepalive-interval: Interval between keep-alive probes
   * tcp-
   keepalive-count: Number of keep-alive probes to send before giving up
   Tested with TCP and HTTP, and with different settings in the default,
   listen, frontend and backend sections.
   
   Potential issues:
   * Only tested on Linux.
   * Darwin `#ifdef TCP_KEEPALIVE`
   implemented but untested.
   * No Windows support.
   Rationale:
   * HAProxy only allows enabling/disabling TCP keep-
   alives; not controlling parameters.
   * System default parameters
   controllable using sysctl.
   * System defaults apply to all
   connections. Default idle time: 7200 seconds, as required by RFC 1122.
   * The `sysctl` command does not work on Docker containers due to read-
   only procfs.
   * The Docker `privileged` flag could have worked, but
   is unsupported on AWS Fargate.
   * The Docker `sysctl` flag could
   have worked, but is unsupported on AWS Fargate.
   * The Docker Linux
   capability flags could have worked, but are unsupported on AWS
   Fargate.
   * I'm behind a Cisco Meraki NAT gateway that has a fixed
   TCP NAT timeout of 300 seconds, meaning connections are dropped before
   the TCP keep-alive idle time kicks in (default 7200 seconds on Linux).
   Meraki support confirms the fixed 300 second timeout.
   * Instead of
   requiring all clients to increase the TCP keep-alive probe frequency,
   fix it centrally by enabling parameters in HAProxy.

Instructions:
   This github pull request will be closed automatically; patch should be
   reviewed on the haproxy mailing list (haproxy@formilux.org). Everyone is
   invited to comment, even the patch's author. Please keep the author and
   list CCed in replies. Please note that in absence of any response this
   pull request will be lost.

[PR] DOC: fixed typo in management.txt

[PR Bot]

Dear list!

Author: n9 
Number of patches: 1

This is an automated relay of the Github pull request:
   DOC: fixed typo in management.txt

Patch title(s): 
   DOC: fixed typo in management.txt

Link:
   https://github.com/haproxy/haproxy/pull/234

Edit locally:
   wget https://github.com/haproxy/haproxy/pull/234.patch && vi 234.patch

Apply locally:
   curl https://github.com/haproxy/haproxy/pull/234.patch | git am -

Description:
   replaced fot -> for
   added two periods

Instructions:
   This github pull request will be closed automatically; patch should be
   reviewed on the haproxy mailing list (haproxy@formilux.org). Everyone is
   invited to comment, even the patch's author. Please keep the author and
   list CCed in replies. Please note that in absence of any response this
   pull request will be lost.

[PR] DOC: proxy: Fix typo in PROXY file

[PR Bot]

Dear list!

Author: Alex Gusev 
Number of patches: 1

This is an automated relay of the Github pull request:
   DOC: proxy: Fix typo in PROXY file

Patch title(s): 
   DOC: proxy: Fix typo in PROXY file

Link:
   https://github.com/haproxy/haproxy/pull/191

Edit locally:
   wget https://github.com/haproxy/haproxy/pull/191.patch && vi 191.patch

Apply locally:
   curl https://github.com/haproxy/haproxy/pull/191.patch | git am -

Description:


Instructions:
   This github pull request will be closed automatically; patch should be
   reviewed on the haproxy mailing list (haproxy@formilux.org). Everyone is
   invited to comment, even the patch's author. Please keep the author and
   list CCed in replies. Please note that in absence of any response this
   pull request will be lost.

[PR] add a vhost setting per backend

[PR Bot]

Dear list!

Author: romain.d.morotti 
Number of patches: 4

This is an automated relay of the Github pull request:
   add a vhost setting  per backend

Patch title(s): 
   add vhost setting per backend. it sets the host header in requests, in 
healthchecks and in TLS connections (SNI).
   add unit test on vhost.
   add documentation on vhost setting.
   use spaces for alignment. not tabs.

Link:
   https://github.com/haproxy/haproxy/pull/167

Edit locally:
   wget https://github.com/haproxy/haproxy/pull/167.patch && vi 167.patch

Apply locally:
   curl https://github.com/haproxy/haproxy/pull/167.patch | git am -

Description:
   Add a vhost setting per backend. It sets the host header for the
   backend in http requests, http healthchecks and TLS connections.
   This is required to support services using the host header for routing
   (kube ingress, ALB, other load balancer...).

Instructions:
   This github pull request will be closed automatically; patch should be
   reviewed on the haproxy mailing list (haproxy@formilux.org). Everyone is
   invited to comment, even the patch's author. Please keep the author and
   list CCed in replies. Please note that in absence of any response this
   pull request will be lost.

[PR] Corrected Typo

[PR Bot]

Dear list!

Author: Rajesh Rajendran 
Number of patches: 1

This is an automated relay of the Github pull request:
   Corrected Typo

Patch title(s): 
   Corrected Typo

Link:
   https://github.com/haproxy/haproxy/pull/160

Edit locally:
   wget https://github.com/haproxy/haproxy/pull/160.patch && vi 160.patch

Apply locally:
   curl https://github.com/haproxy/haproxy/pull/160.patch | git am -

Description:


Instructions:
   This github pull request will be closed automatically; patch should be
   reviewed on the haproxy mailing list (haproxy@formilux.org). Everyone is
   invited to comment, even the patch's author. Please keep the author and
   list CCed in replies. Please note that in absence of any response this
   pull request will be lost.

[PR] MINOR: doc: Remove -Ds option in man page

[PR Bot]

Dear list!

Author: Kazuo Yagi 
Number of patches: 1

This is an automated relay of the Github pull request:
   MINOR: doc: Remove -Ds option in man page

Patch title(s): 
   MINOR: doc: Remove -Ds option in man page

Link:
   https://github.com/haproxy/haproxy/pull/120

Edit locally:
   wget https://github.com/haproxy/haproxy/pull/120.patch && vi 120.patch

Apply locally:
   curl https://github.com/haproxy/haproxy/pull/120.patch | git am -

Description:
   `-Ds` option should be removed from man page. It is no longer
   supported as this commit shows: https://github.com/haproxy/haproxy/com
   mit/095ba4c2428ec8bcccb134b3d24f07de2aabbdcd
   
   I noticed that
   the option has already gone when upgrading my haproxy from 1.7 to
   2.0-dev7. I have had the old and new haproxy running as a pod on my
   Kubernetes cluster, therefore, it is important for me to know what
   option is provided to keep the process in the foreground.
   After upgrading, I was able to make my haproxy running successfully by
   removing `-Ds` option and `daemon` global parameter in the config.
   Thank you.

Instructions:
   This github pull request will be closed automatically; patch should be
   reviewed on the haproxy mailing list (haproxy@formilux.org). Everyone is
   invited to comment, even the patch's author. Please keep the author and
   list CCed in replies. Please note that in absence of any response this
   pull request will be lost.

[PR] travis-ci: mark LibreSSL builds as allowed failures

[PR Bot]

Dear list!

Author: Ilya Shipitsin 
Number of patches: 4

This is an automated relay of the Github pull request:
   travis-ci: mark LibreSSL builds as allowed failures

Patch title(s): 
   BUILD: remove "build_libressl" duplicate declaration
   BUILD: travis-ci: get back to osx without openssl support
   BUILD: enable several LibreSSL hacks, including
   BUILD: temporarily mark LibreSSL builds as allowed to fail

Link:
   https://github.com/haproxy/haproxy/pull/92

Edit locally:
   wget https://github.com/haproxy/haproxy/pull/92.patch && vi 92.patch

Apply locally:
   curl https://github.com/haproxy/haproxy/pull/92.patch | git am -

Description:


Instructions:
   This github pull request will be closed automatically; patch should be
   reviewed on the haproxy mailing list (haproxy@formilux.org). Everyone is
   invited to comment, even the patch's author. Please keep the author and
   list CCed in replies. Please note that in absence of any response this
   pull request will be lost.

[PR] BUILD: extend travis-ci matrix

[PR Bot]

Dear list!

Author: Ilya Shipitsin 
Number of patches: 1

This is an automated relay of the Github pull request:
   BUILD: extend travis-ci matrix

Patch title(s): 
   BUILD: extend travis-ci matrix

Link:
   https://github.com/haproxy/haproxy/pull/91

Edit locally:
   wget https://github.com/haproxy/haproxy/pull/91.patch && vi 91.patch

Apply locally:
   curl https://github.com/haproxy/haproxy/pull/91.patch | git am -

Description:
   added openssl-1.0.2, 1.1.0, 1.1.1, libressl-2.7.5, 2.8.3, 2.9.1
   added linux-ppc64le image
   
   libressl builds are yet broken.
   they will get repaired after separate patch (already sent to mailing
   list)

Instructions:
   This github pull request will be closed automatically; patch should be
   reviewed on the haproxy mailing list (haproxy@formilux.org). Everyone is
   invited to comment, even the patch's author. Please keep the author and
   list CCed in replies. Please note that in absence of any response this
   pull request will be lost.

[PR] modescurity spoa (contrib) crash if Host header is absent in HTTP request

[PR Bot]

Dear list!

Author: Yann Cézard 
Number of patches: 1

This is an automated relay of the Github pull request:
   modescurity spoa (contrib) crash if Host header is absent in HTTP
   request

Patch title(s): 
   If host header is NULL, don't try to strdup it.

Link:
   https://github.com/haproxy/haproxy/pull/86

Edit locally:
   wget https://github.com/haproxy/haproxy/pull/86.patch && vi 86.patch

Apply locally:
   curl https://github.com/haproxy/haproxy/pull/86.patch | git am -

Description:
   I discovered this bug when running OWASP regression tests against
   HAProxy + modsecurity-spoa (it's a POC to evaluate how it is working).
   I found out that modsecurity spoa will crash when the request doesn't
   have any Host header.
   
   ## Output of `haproxy -vv` and `uname
   -a`
   All HAProxy version / bug is related to the modsecurity spoa
   (contrib) and present in all versions.
   
   ## What's the
   configuration?
   Not linked to any specific configuration, just
   using the modsecurity spoa makes it vulnerable to this bug.
   ## Steps to reproduce the behavior
   
   1. Install and configure
   the modsecurity spoa, configure haproxy to check all its request with
   modsecuirty (cf. https://github.com/haproxy/haproxy/blob/master/contri
   b/modsecurity/README which by the way have some erronous information
   in it, I'll made another pull request later).
   If you don't want to
   bother with compiling and such, there is a pretty good Docker image
   there : https://github.com/jcmoraisjr/modsecurity-
   spoa/blob/master/rootfs/Dockerfile. You'll stil have to configure
   HAProxy to use it, as explained in the README file.
   2. curl -i -H
   "Host:" http://your.haproxy.domain
   
   ## Actual behavior
   The
   modsecurity spoa just crash.
   That could be annoying, even if it is
   configured to restart by itself (systemd or docker rule to do so),
   because during the time it gets up again, haproxy would not check the
   requests againts modsecurity (this could be mitigated by using an
   HAProxy rule rejecting all HTTP requests with no Host header). That
   means someone who wants to attack a site protected using HAProxy +
   modsecurity-spoa could disable modsecurity checks by doing HTTP
   requests without host, than all subsequent requests would be treated
   by HAProxy bypassing all modsecurity checks.
   
   ## Expected
   behavior
   modsecurity does not crash, and if using the OWASP CRS
   rules, the request is blocked because it is missing the Host header.
   ## Do you have any idea what may have caused this?
   This is because
   in modsec_wrapper.c, at line 328, strlen(req->hostname) will crash
   because req->hostname is NULL.
   
   ## Do you have an idea how to
   solve the issue?
   Checking if req->hostname is NULL before trying
   to do the chunk_strdup.
   ```
 if (req->hostname != NULL) {
   req->parsed_uri.hostname = chunk_strdup(req, req->hostname,
   strlen(req->hostname));
} else {
   req->parsed_uri.hostname = NULL;
 }
   ```
   I tried that
   patch, it works fine, no crash, and the query is then correctly
   intercepted by the modsecuirty / CRS rules :
   1556193994.134313
   [00] [client 127.0.0.1] ModSecurity: Warning. Operator EQ matched 0 at
   REQUEST_HEADERS. [file "/etc/modsecurity/owasp-modsecurity-
   crs/rules/REQUEST-920-PROTOCOL-ENFORCEMENT.conf"] [line "605"] [id
   "920280"] [msg "Request Missing a Host Header"] [severity "WARNING"]
   [ver "OWASP_CRS/3.1.0"] [tag "application-multi"] [tag "language-
   multi"] [tag "platform-multi"] [tag "attack-protocol"] [tag
   "OWASP_CRS/PROTOCOL_VIOLATION/MISSING_HEADER_HOST"] [tag
   "WASCTC/WASC-21"] [tag "OWASP_TOP_10/A7"] [tag "PCI/6.5.10"] [hostname
   "c3cfbbe6058a"] [uri "http://www.google.com/../../index.html;]
   [unique_id ""]
   
   This patch could be applyed to any versions of
   HAProxy proposing the modsecurity contrib.

Instructions:
   This github pull request will be closed automatically; patch should be
   reviewed on the haproxy mailing list (haproxy@formilux.org). Everyone is
   invited to comment, even the patch's author. Please keep the author and
   list CCed in replies. Please note that in absence of any response this
   pull request will be lost.

[PR] modsecuirty spoa (contrib) / README Typos and fix to the reject example

[PR Bot]

Dear list!

Author: Yann Cézard 
Number of patches: 1

This is an automated relay of the Github pull request:
   modsecuirty spoa (contrib) / README Typos and fix to the reject
   example

Patch title(s): 
   Typos and fix the reject example (thanks to 
https://www.mail-archive.com/haproxy@formilux.org/msg30056.html).

Link:
   https://github.com/haproxy/haproxy/pull/87

Edit locally:
   wget https://github.com/haproxy/haproxy/pull/87.patch && vi 87.patch

Apply locally:
   curl https://github.com/haproxy/haproxy/pull/87.patch | git am -

Description:
   Thanks to https://www.mail-
   archive.com/haproxy@formilux.org/msg30056.html which helped me a lot
   to have a working setup.

Instructions:
   This github pull request will be closed automatically; patch should be
   reviewed on the haproxy mailing list (haproxy@formilux.org). Everyone is
   invited to comment, even the patch's author. Please keep the author and
   list CCed in replies. Please note that in absence of any response this
   pull request will be lost.

[PR] DOC: The option httplog is no longer valid in a backend.

[PR Bot]

Dear list!

Author: Freddy Spierenburg 
Number of patches: 1

This is an automated relay of the Github pull request:
   DOC: The option httplog is no longer valid in a backend.

Patch title(s): 
   DOC: The option httplog is no longer valid in a backend.

Link:
   https://github.com/haproxy/haproxy/pull/68

Edit locally:
   wget https://github.com/haproxy/haproxy/pull/68.patch && vi 68.patch

Apply locally:
   curl https://github.com/haproxy/haproxy/pull/68.patch | git am -

Description:
   Inside the Proxy keywords matrix it looks like the option httplog is
   stil valid within a backend. This is no longer the case, hence this
   updates the documentation.

Instructions:
   This github pull request will be closed automatically; patch should be
   reviewed on the haproxy mailing list (haproxy@formilux.org). Everyone is
   invited to comment, even the patch's author. Please keep the author and
   list CCed in replies. Please note that in absence of any response this
   pull request will be lost.

[PR] IPv6: properly format an address coming from IPv6 socket as hex in lf_ip

[PR Bot]

Dear list!

Author: Radek Zajic 
Number of patches: 1

This is an automated relay of the Github pull request:
   IPv6: properly format an address coming from IPv6 socket as hex in
   lf_ip

Patch title(s): 
   IPv6: properly format an address coming from IPv6 socket as hex string in 
lf_ip

Link:
   https://github.com/haproxy/haproxy/pull/59

Edit locally:
   wget https://github.com/haproxy/haproxy/pull/59.patch && vi 59.patch

Apply locally:
   curl https://github.com/haproxy/haproxy/pull/59.patch | git am -

Description:
   Dear `haproxy` maintainers,
   
   we've recently discovered an
   issue with formatting IPv6 addresses as hex strings (in e.g.
   `%{+X}ci`). This issue occurs e.g. when formatting `unique-id-format`
   as recommended in the docs: `%{+X}o\ %ci:%cp_%fi:%fp_%Ts_%rt:%pid`.
   This pull request proposes a change that properly formats addresses
   from IPv4 sockets as 8-char hex-string and addresses from IPv6 sockets
   as 32-char hex-string.
   
   The result looks like this:
   ```
   Mar  8 13:28:21 hostname haproxy[11719]: ::1:38370 [00
   01:95E2_0001:1F98_5C825FE5_000
   1:2DC7] [1552048101] webfarm webfarm/server1.yourserver.com
   0/0/0/0/0/0/0/0 302 183 - - --NN 1/1/0/0/0 0/0 "GET / HTTP/1.1"
   Mar  8 13:28:21 hostname haproxy[11719]: 127.0.0.1:42268
   [7F01:A51C_7F01:1F98_5C825FE5_0002:2DC7] [1552048101] webfarm
   webfarm/server1.yourserver.com 0/0/0/0/0/0/0/0 302 183 - - --NN
   1/1/0/0/0 0/0 "GET / HTTP/1.1
   ```
   
   Please also note that
   in case of an IPv6-bind processing IPv4-packets (e.g. bind to `::`)
   results in [IPv4-mapped-IPv6 addresses](https://en.wikipedia.org/wiki/
   IPv6#IPv4-mapped_IPv6_addresses) in **both text and hex form**, e.g.:
   ```
   Mar  8 13:18:09 hostname haproxy[8586]: :::127.0.0.1:41874
   [7F01:A392_7F0
   1:1F98_5C825D81_:218A] [1552047489] webfarm
   webfarm/server1.yourserver.com 0/0/0/0/0/0/1/1 301 219 - - --NN
   1/1/0/0/0 0/0 "GET / HTTP/1.1"
   ```
   For the sake of consistency
   between `inet_ntop` result (IPv4-mapped-IPv6 address) and the hex
   formatter, the hex representation is kept as 32-char hex string.
   Comments are welcome.
   Please consider merging this patch into
   `master`.
   
   Thank you.
   
   Radek Zajic
   [tech.showmax.com](https://tech.showmax.com/)

Instructions:
   This github pull request will be closed automatically; patch should be
   reviewed on the haproxy mailing list (haproxy@formilux.org). Everyone is
   invited to comment, even the patch's author. Please keep the author and
   list CCed in replies. Please note that in absence of any response this
   pull request will be lost.

[PR] Fix typos in comments and documentation

[PR Bot]

Dear list!

Author: Joseph Herlant 
Number of patches: 1

This is an automated relay of the Github pull request:
   Fix typos in comments and documentation

Patch title(s): 
   Fix typos in comments and documentation

Link:
   https://github.com/haproxy/haproxy/pull/1

Edit locally:
   wget https://github.com/haproxy/haproxy/pull/1.patch && vi 1.patch

Apply locally:
   curl https://github.com/haproxy/haproxy/pull/1.patch | git am -

Description:
   Hi,
   
   I found some typos while reading the documentation so I
   ended up running a tool called `misspell` on the repo that basically
   fixes common misspells.
   Reviewed the result, did some changes, but
   I think we should be ok with what's left here.
   
   Let me know if
   you want to break this change into smaller changes or if there are
   some elements I might have missed.
   
   Thanks
   Jospeh

Instructions:
   This github pull request will be closed automatically; patch should be
   reviewed on the haproxy mailing list (haproxy@formilux.org). Everyone is
   invited to comment, even the patch's author. Please keep the author and
   list CCed in replies. Please note that in absence of any response this
   pull request will be lost.

[PR] avoid overriding external prefix

[PR Bot]

Dear list!

Author: Stephen 
Number of patches: 1

This is an automated relay of the Github pull request:
   avoid overriding external prefix

Patch title(s): 
   avoid overriding external prefix

Link:
   https://github.com/haproxy/haproxy/pull/82

Edit locally:
   wget https://github.com/haproxy/haproxy/pull/82.patch && vi 82.patch

Apply locally:
   curl https://github.com/haproxy/haproxy/pull/82.patch | git am -

Description:


Instructions:
   This github pull request will be closed automatically; patch should be
   reviewed on the haproxy mailing list (haproxy@formilux.org). Everyone is
   invited to comment, even the patch's author. Please keep the author and
   list CCed in replies. Please note that in absence of any response this
   pull request will be lost.

[PR] Fix typo

[PR Bot]

Dear list!

Author: CJ Ting 
Number of patches: 1

This is an automated relay of the Github pull request:
   Fix typo

Patch title(s): 
   Fix typo

Link:
   https://github.com/haproxy/haproxy/pull/81

Edit locally:
   wget https://github.com/haproxy/haproxy/pull/81.patch && vi 81.patch

Apply locally:
   curl https://github.com/haproxy/haproxy/pull/81.patch | git am -

Description:


Instructions:
   This github pull request will be closed automatically; patch should be
   reviewed on the haproxy mailing list (haproxy@formilux.org). Everyone is
   invited to comment, even the patch's author. Please keep the author and
   list CCed in replies. Please note that in absence of any response this
   pull request will be lost.

[PR] Update transparent_proxy.cfg

[PR Bot]

Dear list!

Author: hflamboauto1 
Number of patches: 1

This is an automated relay of the Github pull request:
   Update transparent_proxy.cfg

Patch title(s): 
   Update transparent_proxy.cfg

Link:
   https://github.com/haproxy/haproxy/pull/79

Edit locally:
   wget https://github.com/haproxy/haproxy/pull/79.patch && vi 79.patch

Apply locally:
   curl https://github.com/haproxy/haproxy/pull/79.patch | git am -

Description:
   This is basically a question regarding this value.
   Everywhere on
   "internet resources" i see *clientip* ... which one is correct? This
   example ?

Instructions:
   This github pull request will be closed automatically; patch should be
   reviewed on the haproxy mailing list (haproxy@formilux.org). Everyone is
   invited to comment, even the patch's author. Please keep the author and
   list CCed in replies. Please note that in absence of any response this
   pull request will be lost.

[PR] BUG/MINOR: Makefile: fix compile error with USE_LUA=1 in ubuntu16.04

[PR Bot]

Dear list!

Author: Nan Liu 
Number of patches: 1

This is an automated relay of the Github pull request:
   BUG/MINOR: Makefile: fix compile error with USE_LUA=1 in ubuntu16.04

Patch title(s): 
   BUG/MINOR: Makefile: fix compile error with USE_LUA=1 in ubuntu16.04

Link:
   https://github.com/haproxy/haproxy/pull/78

Edit locally:
   wget https://github.com/haproxy/haproxy/pull/78.patch && vi 78.patch

Apply locally:
   curl https://github.com/haproxy/haproxy/pull/78.patch | git am -

Description:
   include/types/hlua.h:6:17: fatal error: lua.h: No such file or
   directory

Instructions:
   This github pull request will be closed automatically; patch should be
   reviewed on the haproxy mailing list (haproxy@formilux.org). Everyone is
   invited to comment, even the patch's author. Please keep the author and
   list CCed in replies. Please note that in absence of any response this
   pull request will be lost.

[PR] Updating rpmbuild spec file Source0 directive

[PR Bot]

Dear list!

Author: GitHub 
Number of patches: 1

This is an automated relay of the Github pull request:
   Updating rpmbuild spec file Source0 directive

Patch title(s): 
   Updating rpmbuild spec file Source0 directive

Link:
   https://github.com/haproxy/haproxy/pull/77

Edit locally:
   wget https://github.com/haproxy/haproxy/pull/77.patch && vi 77.patch

Apply locally:
   curl https://github.com/haproxy/haproxy/pull/77.patch | git am -

Description:


Instructions:
   This github pull request will be closed automatically; patch should be
   reviewed on the haproxy mailing list (haproxy@formilux.org). Everyone is
   invited to comment, even the patch's author. Please keep the author and
   list CCed in replies. Please note that in absence of any response this
   pull request will be lost.

[PR] Update haproxy.spec URLs to haproxy.org

[PR Bot]

Dear list!

Author: Grant 
Number of patches: 1

This is an automated relay of the Github pull request:
   Update haproxy.spec URLs to haproxy.org

Patch title(s): 
   Update haproxy.spec URLs to haproxy.org

Link:
   https://github.com/haproxy/haproxy/pull/23

Edit locally:
   wget https://github.com/haproxy/haproxy/pull/23.patch && vi 23.patch

Apply locally:
   curl https://github.com/haproxy/haproxy/pull/23.patch | git am -

Description:


Instructions:
   This github pull request will be closed automatically; patch should be
   reviewed on the haproxy mailing list (haproxy@formilux.org). Everyone is
   invited to comment, even the patch's author. Please keep the author and
   list CCed in replies. Please note that in absence of any response this
   pull request will be lost.

[PR] Minor spelling correction

[PR Bot]

Dear list!

Author: Ian Miell 
Number of patches: 2

This is an automated relay of the Github pull request:
   Minor spelling correction

Patch title(s): 
   Very minor spelling correction
   Merge pull request #1 from ianmiell/ianmiell-patch-1

Link:
   https://github.com/haproxy/haproxy/pull/33

Edit locally:
   wget https://github.com/haproxy/haproxy/pull/33.patch && vi 33.patch

Apply locally:
   curl https://github.com/haproxy/haproxy/pull/33.patch | git am -

Description:
   'optionnally' -> 'optionally'

Instructions:
   This github pull request will be closed automatically; patch should be
   reviewed on the haproxy mailing list (haproxy@formilux.org). Everyone is
   invited to comment, even the patch's author. Please keep the author and
   list CCed in replies. Please note that in absence of any response this
   pull request will be lost.

[PR] Cleanup

[PR Bot No-Reply]

Dear list!

Author: Erwan Velu 
Number of patches: 8

This is an automated relay of the Github pull request:
   Cleanup

Patch title(s): 
   CLEANUP: don't ignore debian/ directory if present
   cfgparse: Protect free on NULL pointer
   proto_http: Removing useless variable assignation
   proto_http: Removing useless variable
   proto_http: Removing useless delta assignation
   dumpstats: Removing useless variables allocation
   payload: Removing useless pointer arithmetic
   dns: Removing usless variable & assignation

Link:
   https://github.com/haproxy/haproxy/pull/42

Edit locally:
   wget https://github.com/haproxy/haproxy/pull/42.patch && vi 42.patch

Apply locally:
   curl https://github.com/haproxy/haproxy/pull/42.patch | git am -

Description:
   Please find in this PR my with contribution to the project.
   It
   does contains a few commits targeting a static analysis of possible
   mistakes or useless code.
   My changes looks like safe but as I'm
   new to that code, I could be wrong. Feel free to pick only some
   commits if some looks like too picky or useless for the project.
   That was my 2 cents applying to the current master tree.
   Cheers,
   Erwan

Instructions:
   This github pull request will be closed automatically; patch should be
   reviewed on the haproxy mailing list (haproxy@formilux.org). Everyone is
   invited to comment, even the patch's author. Please keep the author and
   list CCed in replies. Please note that in absence of any response this
   pull request will be lost.