Received: from localhost (localhost [127.0.0.1]) by mail.netbsd.org (Postfix) with ESMTP id AADF884FF8 for ; Wed, 22 Nov 2023 11:41:37 +0000 (UTC) X-Virus-Scanned: amavisd-new at netbsd.org Received: from mail.netbsd.org ([127.0.0.1]) by localhost (mail.netbsd.org [127.0.0.1]) (amavisd-new, port 10025) with ESMTP id 5vFCYlP40aYN for ; Wed, 22 Nov 2023 11:41:36 +0000 (UTC) Received: from cvs.NetBSD.org (ivanova.netbsd.org [199.233.217.197]) by mail.netbsd.org (Postfix) with ESMTP id 7518F84CD0 for ; Wed, 22 Nov 2023 11:41:36 +0000 (UTC) Received: by cvs.NetBSD.org (Postfix, from userid 500) id 6E425FA3F; Wed, 22 Nov 2023 11:41:36 +0000 (UTC) Content-Transfer-Encoding: 7bit Content-Type: multipart/mixed; boundary="_----------=_1700653296230180" MIME-Version: 1.0 Date: Wed, 22 Nov 2023 11:41:36 +0000 From: "Adam Ciarcinski" Subject: CVS commit: pkgsrc/net/haproxy To: pkgsrc-changes@NetBSD.org Approved: commit_and_comment Reply-To: adam@netbsd.org X-Mailer: log_accum Message-Id: <20231122114136.6E425FA3F@cvs.NetBSD.org> This is a multi-part message in MIME format. --_----------=_1700653296230180 Content-Disposition: inline Content-Transfer-Encoding: 8bit Content-Type: text/plain; charset="US-ASCII" Module Name: pkgsrc Committed By: adam Date: Wed Nov 22 11:41:36 UTC 2023 Modified Files: pkgsrc/net/haproxy: Makefile distinfo Log Message: haproxy: updated to 2.8.4 2.8.4 - BUILD: bug: make BUG_ON() void to avoid a rare warning - BUG/MINOR: quic: Leak of frames to send. - BUG/MINOR: quic: Wrong cluster secret initialization - MINOR: quic: QUIC openssl wrapper implementation - MINOR: quic: Include QUIC opensssl wrapper header from TLS stacks compatibility header - MINOR: quic: Do not enable O-RTT with USE_QUIC_OPENSSL_COMPAT - MINOR: quic: Set the QUIC connection as extra data before calling SSL_set_quic_method() - MINOR: quic: Do not enable 0RTT with SSL_set_quic_early_data_enabled() - MINOR: quic: Add a compilation option for the QUIC OpenSSL wrapper - MINOR: quic: Export some KDF functions (QUIC-TLS) - MINOR: quic: Initialize TLS contexts for QUIC openssl wrapper - MINOR: quic: Call the keylog callback for QUIC openssl wrapper from SSL_CTX_keylog() - MINOR: quic: Add a quic_openssl_compat struct to quic_conn struct - MINOR: quic: SSL context initialization with QUIC OpenSSL wrapper. - MINOR: quic: Add "limited-quic" new tuning setting - DOC: quic: Add "limited-quic" new tuning setting - BUG/MINOR: quic+openssl_compat: Non initialized TLS encryption levels - MINOR: quic: Warning for OpenSSL wrapper QUIC bindings without "limited-quic" - MINOR: quic+openssl_compat: Do not start without "limited-quic" - MINOR: quic+openssl_compat: Emit an alert for "allow-0rtt" option - BUILD: Makefile: add USE_QUIC_OPENSSL_COMPAT to make help - BUG/MINOR: quic: allow-0rtt warning must only be emitted with quic bind - BUG/MINOR: quic: ssl_quic_initial_ctx() uses error count not error code - BUILD: quic: fix build on centos 8 and USE_QUIC_OPENSSL_COMPAT - MINOR: hlua: add hlua_stream_ctx_prepare helper function - BUG/MEDIUM: hlua: streams don't support mixing lua-load with lua-load-per-thread - Revert "BUG/MEDIUM: quic: missing check of dcid for init pkt including a token" - CI: musl: highlight section if there are coredumps - CI: musl: drop shopt in workflow invocation - BUG/MEDIUM: hlua: don't pass stale nargs argument to lua_resume() - BUG/MINOR: hlua/init: coroutine may not resume itself - BUG/MEDIUM: mux-fcgi: Don't swap trash and dbuf when handling STDERR records - BUG/MINOR: promex: fix backend_agg_check_status - BUG/MEDIUM: master/cli: Pin the master CLI on the first thread of the group 1 - BUG/MINOR: freq_ctr: fix possible negative rate with the scaled API - BUG/MAJOR: mux-h2: Report a protocol error for any DATA frame before headers - BUG/MINOR: server: add missing free for server->rdr_pfx - MINOR: pattern: fix pat_{parse,match}_ip() function comments - BUG/MEDIUM: server/cli: don't delete a dynamic server that has streams - BUG/MINOR: mux-quic: remove full demux flag on ncbuf release - BUG/MEDIUM: actions: always apply a longest match on prefix lookup - BUG/MEDIUM: quic_conn: let the scheduler kill the task when needed - BUG/MEDIUM: http-ana: Try to handle response before handling server abort - MINOR: hlua: Set context's appctx when the lua socket is created - MINOR: hlua: Don't preform operations on a not connected socket - MINOR: hlua: Save the lua socket's timeout in its context - MINOR: hlua: Save the lua socket's server in its context - MINOR: hlua: Test the hlua struct first when the lua socket is connecting - BUG/MEDIUM: hlua: Initialize appctx used by a lua socket on connect only - BUG/MINOR: mux-h1: Handle read0 in rcv_pipe() only when data receipt was tried - BUG/MINOR: mux-h1: Ignore C-L when sending H1 messages if T-E is also set - BUG/MEDIUM: h1: Ignore C-L value in the H1 parser if T-E is also set - BUG/MINOR: hq-interop: simplify parser requirement - BUG/MEDIUM: stconn: Fix comparison sign in sc_need_room() - BUG/MINOR: quic: Avoid crashing with unsupported cryptographic algos - BUG/MINOR: quic: reject packet with no frame - BUG/MEDIUM: mux-quic: fix RESET_STREAM on send-only stream - BUG/MINOR: mux-quic: support initial 0 max-stream-data - BUG/MINOR: h3: strengthen host/authority header parsing - BUG/MINOR: mux-quic: fix free on qcs-new fail alloc - BUG/MEDIUM: quic-conn: free unsent frames on retransmit to prevent crash - BUG/MINOR: mux-h1: Send a 400-bad-request on shutdown before the first request - BUG/MINOR: mux-h2: make up other blocked streams upon removal from list - BUG/MEDIUM: mux-h2: Don't report an error on shutr if a shutw is pending - BUG/MINOR: mux-h2: fix http-request and http-keep-alive timeouts again - BUG/MINOR: trace: fix trace parser error reporting - BUG/MEDIUM: peers: Be sure to always refresh recconnect timer in sync task - BUG/MEDIUM: peers: Fix synchro for huge number of tables - BUG/MINOR: mux-h2: commit the current stream ID even on reject - BUG/MINOR: mux-h2: update tracked counters with req cnt/req err - DOC: internal: filters: fix reference to entities.pdf - BUG/MINOR: ssl: load correctly @system-ca when ca-base is define - MINOR: lua: Add flags to configure logging behaviour - DEBUG: mux-h2/flags: fix list of h2c flags used by the flags decoder - MINOR: connection: add conn_pr_mode_to_proto_mode() helper func - BUG/MEDIUM: server: "proto" not working for dynamic servers - BUG/MINOR: quic: do not consider idle timeout on CLOSING state - BUG/MINOR: ssl: use a thread-safe sslconns increment - MINOR: frontend: implement a dedicated actconn increment function - MEDIUM: quic: count quic_conn instance for maxconn - MEDIUM: quic: count quic_conn for global sslconns - BUG/MINOR: ssl: suboptimal certificate selection with TLSv1.3 and dual ECDSA/RSA - BUG/MINOR: mux-quic: fix early close if unset client timeout - BUG/MEDIUM: ssl: segfault when cipher is NULL - BUG/MINOR: tcpcheck: Report hexstring instead of binary one on check failure - BUG/MINOR: stktable: missing free in parse_stick_table() - BUG/MINOR: cfgparse/stktable: fix error message on stktable_init() failure - BUG/MEDIUM: pattern: don't trim pools under lock in pat_ref_purge_range() - BUG/MEDIUM: stconn: Don't report rcv/snd expiration date if SC cannot epxire - BUG/MEDIUM: Don't apply a max value on room_needed in sc_need_room() - BUG/MINOR: stconn: Sanitize report for read activity - CLEANUP: htx: Properly indent htx_reserve_max_data() function - BUG/MEDIUM: quic: fix actconn on quic_conn alloc failure - BUG/MEDIUM: quic: fix sslconns on quic_conn alloc failure - BUG/MINOR: stick-table/cli: Check for invalid ipv4 key - BUG/MINOR: mux-h1: Properly handle http-request and http-keep-alive timeouts - BUG/MEDIUM: freq-ctr: Don't report overshoot for long inactivity period - BUG/MEDIUM: pool: fix releasable pool calculation when overloaded - BUG/MINOR: quic: idle timer task requeued in the past - BUG/MEDIUM: quic: Avoid trying to send ACK frames from an empty ack ranges tree - BUG/MEDIUM: quic: Possible crashes when sending too short Initial packets - BUG/MEDIUM: quic: Avoid some crashes upon TX packet allocation failures - BUG/MEDIUM: stconn: Don't update stream expiration date if already expired - DOC: management: -q is quiet all the time - BUG/MINOR: quic: fix retry token check inconsistency - DOC: config: use the word 'backend' instead of 'proxy' in 'track' description - BUG/MEDIUM: applet: Remove appctx from buffer wait list on release - BUG/MINOR: sink: don't learn srv port from srv addr - DOC: quic: Wrong syntax for "quic-cc-algo" keyword. - BUG/MEDIUM: connection: report connection errors even when no mux is installed - BUG/MINOR: stconn: Handle abortonclose if backend connection was already set up - MINOR: connection: Add a CTL flag to notify mux it should wait for reads again - MEDIUM: mux-h1: Handle MUX_SUBS_RECV flag in h1_ctl() and susbscribe for reads - BUG/MEDIUM: stream: Properly handle abortonclose when set on backend only - REGTESTS: http: Improve script testing abortonclose option - BUG/MEDIUM: stconn: Report a send activity everytime data were sent - BUG/MEDIUM: applet: Report a send activity everytime data were sent - BUG/MEDIUM: mworker: set the master variable earlier - BUG/MEDIUM: stream: Don't call mux .ctl() callback if not implemented - BUG/MEDIUM: stconn: Update fsb date on partial sends - MINOR: htx: Use a macro for overhead induced by HTX - MINOR: channel: Add functions to get info on buffers and deal with HTX streams - BUG/MINOR: stconn: Fix streamer detection for HTX streams - BUG/MINOR: stconn: Use HTX-aware channel's functions to get info on buffer - BUG/MINOR: stconn/applet: Report send activity only if there was output data - BUG/MINOR: stconn: Report read activity on non-indep streams for partial sends To generate a diff of this commit: cvs rdiff -u -r1.114 -r1.115 pkgsrc/net/haproxy/Makefile cvs rdiff -u -r1.106 -r1.107 pkgsrc/net/haproxy/distinfo Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. --_----------=_1700653296230180 Content-Disposition: inline Content-Length: 1760 Content-Transfer-Encoding: binary Content-Type: text/x-diff; charset=us-ascii Modified files: Index: pkgsrc/net/haproxy/Makefile diff -u pkgsrc/net/haproxy/Makefile:1.114 pkgsrc/net/haproxy/Makefile:1.115 --- pkgsrc/net/haproxy/Makefile:1.114 Tue Oct 24 22:10:18 2023 +++ pkgsrc/net/haproxy/Makefile Wed Nov 22 11:41:36 2023 @@ -1,7 +1,6 @@ -# $NetBSD: Makefile,v 1.114 2023/10/24 22:10:18 wiz Exp $ +# $NetBSD: Makefile,v 1.115 2023/11/22 11:41:36 adam Exp $ -DISTNAME= haproxy-2.8.3 -PKGREVISION= 1 +DISTNAME= haproxy-2.8.4 CATEGORIES= net www MASTER_SITES= https://www.haproxy.org/download/${PKGVERSION_NOREV:R}/src/ Index: pkgsrc/net/haproxy/distinfo diff -u pkgsrc/net/haproxy/distinfo:1.106 pkgsrc/net/haproxy/distinfo:1.107 --- pkgsrc/net/haproxy/distinfo:1.106 Mon Sep 18 05:53:59 2023 +++ pkgsrc/net/haproxy/distinfo Wed Nov 22 11:41:36 2023 @@ -1,8 +1,8 @@ -$NetBSD: distinfo,v 1.106 2023/09/18 05:53:59 adam Exp $ +$NetBSD: distinfo,v 1.107 2023/11/22 11:41:36 adam Exp $ -BLAKE2s (haproxy-2.8.3.tar.gz) = cf9bb7fc0e6d9cd199fa79f57c59d749ed17cb1dbf51f490a8b27a5ce1eac0e9 -SHA512 (haproxy-2.8.3.tar.gz) = 1fe08c29b22581cc5a71934e420c00faaba0f5b5028b10f82e0a16556fcdd4a3943b9f2f3e2ad675442d70cf37a125a3583cdf2d4ae45d3db67bc42cfc457112 -Size (haproxy-2.8.3.tar.gz) = 4350288 bytes +BLAKE2s (haproxy-2.8.4.tar.gz) = 32a59bb3090040d438edeb77eda717589abbe173cacbdb369e125b5ad0141e56 +SHA512 (haproxy-2.8.4.tar.gz) = 7de5098d6004e66da656a83d86fdb342e465d503c3e179678bf989abb6735e61f35522d913e9046774cd71b0853737f9a84a2561dfd35395f95ecfbd987c0cd6 +Size (haproxy-2.8.4.tar.gz) = 4361756 bytes SHA1 (patch-Makefile) = 36c0e5d46b30d7b28fdb4b3fdbb4fe052fa8d850 SHA1 (patch-include_haproxy_proxy-t.h) = 5560f5f50e66cf122fe8464f74541f226e127e8d SHA1 (patch-include_haproxy_queue-t.h) = bf2ea918a6d8ec3d3fb2f88b7b9303a695381d96 --_----------=_1700653296230180--