Am 22.06.2018 um 16:42 schrieb William Lallemand:
> Hi,
>
> HAProxy 1.8.10 was released on 2018/06/22. It added 40 new commits
> after version 1.8.9.
The image is also updated.
https://hub.docker.com/r/me2digital/haproxy18/
###
$ docker run --rm --entrypoint /usr/local/sbin/haproxy me2digital/haproxy18 -vv
HA-Proxy version 1.8.10-ec17d7a 2018/06/22
Copyright 2000-2018 Willy Tarreau
Build options :
TARGET = linux2628
CPU = generic
CC = gcc
CFLAGS = -O2 -g -fno-strict-aliasing -Wdeclaration-after-statement -fwrapv
-fno-strict-overflow -Wno-unused-label
OPTIONS = USE_LINUX_SPLICE=1 USE_GETADDRINFO=1 USE_ZLIB=1 USE_REGPARM=1
USE_OPENSSL=1 USE_LUA=1 USE_PCRE=1 USE_PCRE_JIT=1 USE_TFO=1
Default settings :
maxconn = 2000, bufsize = 16384, maxrewrite = 1024, maxpollevents = 200
Built with OpenSSL version : OpenSSL 1.0.2k-fips 26 Jan 2017
Running on OpenSSL version : OpenSSL 1.0.2k-fips 26 Jan 2017
OpenSSL library supports TLS extensions : yes
OpenSSL library supports SNI : yes
OpenSSL library supports : SSLv3 TLSv1.0 TLSv1.1 TLSv1.2
Built with Lua version : Lua 5.3.4
Built with transparent proxy support using: IP_TRANSPARENT IPV6_TRANSPARENT
IP_FREEBIND
Encrypted password support via crypt(3): yes
Built with multi-threading support.
Built with PCRE version : 8.32 2012-11-30
Running on PCRE version : 8.32 2012-11-30
PCRE library supports JIT : yes
Built with zlib version : 1.2.7
Running on zlib version : 1.2.7
Compression algorithms supported : identity("identity"), deflate("deflate"),
raw-deflate("deflate"), gzip("gzip")
Built with network namespace support.
Available polling systems :
epoll : pref=300, test result OK
poll : pref=200, test result OK
select : pref=150, test result OK
Total: 3 (3 usable), will use epoll.
Available filters :
[SPOE] spoe
[COMP] compression
[TRACE] trace
###
Best regards
aleks
> This version fixes several bugs that were crashing haproxy, when using
> http-request set-map with a wrong type or with the cirpherlist capture.
> Some deadlocks and crashes were also fixed that were provoked by the lua.
>
> There was also an issue with the poller which was using 100% of the CPU.
>
> It fixes several issues where haproxy was not leaving anymore when asked for a
> soft stop, or a reload in master-worker mode. These issues were amplified with
> the use of nbthread.
>
> The SPOP version has been upgraded to 2.0. Due to an inconsistency in the
> examples and the reference implementation the 1.0 version is not supported
> anymore. This new version is basically the 1.0 with a bugfix. If your SPOP
> agent does not work anymore, you must upgrade the version and fix the SPOP
> flags. See commits c4dcaff, 48d02d0, 633f3bf in the master.
>
> Thanks to all people who reported and helped fix those issues.
>
> Users are encouraged to update.
>
> Please find the usual URLs below :
>Site index : http://www.haproxy.org/
>Discourse: http://discourse.haproxy.org/
>Sources : http://www.haproxy.org/download/1.8/src/
>Git repository : http://git.haproxy.org/git/haproxy-1.8.git/
>Git Web browsing : http://git.haproxy.org/?p=haproxy-1.8.git
>Changelog: http://www.haproxy.org/download/1.8/src/CHANGELOG
>Cyril's HTML doc : http://cbonte.github.io/haproxy-dconv/
>
>
> ---
> Complete changelog :
> Christopher Faulet (9):
> BUG/MEDIUM: contrib/mod_defender: Use network order to encode/decode
> flags
> BUG/MEDIUM: contrib/modsecurity: Use network order to encode/decode
> flags
> BUG/MEDIUM: spoe: Return an error when the wrong ACK is received in
> sync mode
> MAJOR: spoe: upgrade the SPOP version to 2.0 and remove the support for
> 1.0
> BUG/MINOR: contrib/spoa_example: Don't reset the status code during
> disconnect
> BUG/MINOR: contrib/mod_defender: Don't reset the status code during
> disconnect
> BUG/MINOR: contrib/modsecurity: Don't reset the status code during
> disconnect
> BUG/MEDIUM: threads: Use the sync point to check active jobs and exit
> MINOR: threads: Be sure to remove threads from all_threads_mask on exit
>
> Daniel Corbett (2):
> BUG/MEDIUM: servers: Add srv_addr default placeholder to the state file
> BUG/MEDIUM: stick-tables: Decrement ref_cnt in table_* converters
>
> David Carlier (1):
> DOC: contrib/modsecurity: few typo fixes
>
> Dragan Dosen (2):
> BUG/MINOR: contrib/mod_defender: update pointer on the end of the frame
> BUG/MINOR: contrib/modsecurity: update pointer on the end of the frame
>
> Frédéric Lécaille (1):
> BUG/MINOR: lua: Segfaults with wrong usage of types.
>
> Kevin Zhu (1):
> DOC: SPOE.txt: fix a typo
>
> Olivier Houchard (4):
> BUG/MEDIUM: dns: Delay the attempt to run a DNS resolution on check
> failure.
> BUG/MEDIUM: fd: Only check update_mask against all_threads_mask.
> BUG/MINOR: unix: Make sure we can