haproxy: update to version 1.5.10
- DOC: fix a few typos - BUG/MINOR: http: fix typo: "401 Unauthorized" => "407 Unauthorized" - BUG/MINOR: parse: refer curproxy instead of proxy - DOC: httplog does not support 'no' - MINOR: map/acl/dumpstats: remove the "Done." message - BUG/MEDIUM: sample: fix random number upper-bound - BUG/MEDIUM: patterns: previous fix was incomplete - BUG/MEDIUM: payload: ensure that a request channel is available - BUG/MINOR: tcp-check: don't condition data polling on check type - BUG/MEDIUM: tcp-check: don't rely on random memory contents - BUG/MEDIUM: tcp-checks: disable quick-ack unless next rule is an expect - BUG/MINOR: config: fix typo in condition when propagating process binding - BUG/MEDIUM: config: do not propagate processes between stopped processes - BUG/MAJOR: stream-int: properly check the memory allocation return - BUG/MEDIUM: memory: fix freeing logic in pool_gc2() - BUG/MEDIUM: compression: correctly report zlib_mem Signed-off-by: Thomas Heil <heil@terminal-consulting.de>
This commit is contained in:
Thomas Heil
parent
5ef87ec191
commit
a393c6b021
|
|
@ -9,12 +9,12 @@
|
|||
include $(TOPDIR)/rules.mk
|
||||
|
||||
PKG_NAME:=haproxy
|
||||
PKG_VERSION:=1.5.9
|
||||
PKG_RELEASE:=02
|
||||
PKG_VERSION:=1.5.10
|
||||
PKG_RELEASE:=00
|
||||
PKG_SOURCE:=haproxy-$(PKG_VERSION).tar.gz
|
||||
PKG_SOURCE_URL:=http://haproxy.1wt.eu/download/1.5/src/
|
||||
PKG_BUILD_DIR:=$(BUILD_DIR)/$(PKG_NAME)-$(BUILD_VARIANT)/$(PKG_NAME)-$(PKG_VERSION)
|
||||
PKG_MD5SUM:=b7672bb6a8aa188a655b418f3c96f65c
|
||||
PKG_MD5SUM:=5631457ea1f84b3c0d8e5bc8015ed329
|
||||
PKG_MAINTAINER:=Thomas Heil <heil@terminal-consulting.de>
|
||||
PKG_LICENSE:=GPL-2.0
|
||||
|
||||
|
|
|
|||
|
|
@ -1,34 +0,0 @@
|
|||
From bad3c6f1b6d776e5d9951a3b3054b4dce8922c54 Mon Sep 17 00:00:00 2001
|
||||
From: Willy Tarreau <w@1wt.eu>
|
||||
Date: Wed, 26 Nov 2014 13:17:03 +0100
|
||||
Subject: [PATCH 1/2] BUG/MEDIUM: patterns: previous fix was incomplete
|
||||
|
||||
Dmitry Sivachenko <trtrmitya@gmail.com> reported that commit 315ec42
|
||||
("BUG/MEDIUM: pattern: don't load more than once a pattern list.")
|
||||
relies on an uninitialised variable in the stack. While it used to
|
||||
work fine during the tests, if the uninitialized variable is non-null,
|
||||
some patterns may be aggregated if loaded multiple times, resulting in
|
||||
slower processing, which was the original issue it tried to address.
|
||||
|
||||
The fix needs to be backported to 1.5.
|
||||
(cherry picked from commit 4deaf39243c4d941998b1b0175bad05b8a287c0b)
|
||||
---
|
||||
src/pattern.c | 2 +-
|
||||
1 file changed, 1 insertion(+), 1 deletion(-)
|
||||
|
||||
diff --git a/src/pattern.c b/src/pattern.c
|
||||
index 20547f9..208e33a 100644
|
||||
--- a/src/pattern.c
|
||||
+++ b/src/pattern.c
|
||||
@@ -2096,7 +2096,7 @@ int pattern_read_from_file(struct pattern_head *head, unsigned int refflags,
|
||||
struct pat_ref *ref;
|
||||
struct pattern_expr *expr;
|
||||
struct pat_ref_elt *elt;
|
||||
- int reuse;
|
||||
+ int reuse = 0;
|
||||
|
||||
/* Lookup for the existing reference. */
|
||||
ref = pat_ref_lookup(filename);
|
||||
--
|
||||
2.0.4
|
||||
|
||||
|
|
@ -1,49 +0,0 @@
|
|||
From 1e89acb6be9ba6400fe4defd3b6b2cc94c6667d9 Mon Sep 17 00:00:00 2001
|
||||
From: Willy Tarreau <w@1wt.eu>
|
||||
Date: Wed, 26 Nov 2014 13:24:24 +0100
|
||||
Subject: [PATCH 2/2] BUG/MEDIUM: payload: ensure that a request channel is
|
||||
available
|
||||
|
||||
Denys Fedoryshchenko reported a segfault when using certain
|
||||
sample fetch functions in the "tcp-request connection" rulesets
|
||||
despite the warnings. This is because some tests for the existence
|
||||
of the channel were missing.
|
||||
|
||||
The fetches which were fixed are :
|
||||
- req.ssl_hello_type
|
||||
- rep.ssl_hello_type
|
||||
- req.ssl_sni
|
||||
|
||||
This fix must be backported to 1.5.
|
||||
(cherry picked from commit 83f2592bcd2e186beeabcba16be16faaab82bd39)
|
||||
---
|
||||
src/payload.c | 6 ++++++
|
||||
1 file changed, 6 insertions(+)
|
||||
|
||||
diff --git a/src/payload.c b/src/payload.c
|
||||
index 4057f6f..f62163c 100644
|
||||
--- a/src/payload.c
|
||||
+++ b/src/payload.c
|
||||
@@ -72,6 +72,9 @@ smp_fetch_ssl_hello_type(struct proxy *px, struct session *s, void *l7, unsigned
|
||||
|
||||
chn = ((opt & SMP_OPT_DIR) == SMP_OPT_DIR_RES) ? s->rep : s->req;
|
||||
|
||||
+ if (!chn)
|
||||
+ goto not_ssl_hello;
|
||||
+
|
||||
bleft = chn->buf->i;
|
||||
data = (const unsigned char *)chn->buf->p;
|
||||
|
||||
@@ -276,6 +279,9 @@ smp_fetch_ssl_hello_sni(struct proxy *px, struct session *s, void *l7, unsigned
|
||||
|
||||
chn = ((opt & SMP_OPT_DIR) == SMP_OPT_DIR_RES) ? s->rep : s->req;
|
||||
|
||||
+ if (!chn)
|
||||
+ goto not_ssl_hello;
|
||||
+
|
||||
bleft = chn->buf->i;
|
||||
data = (unsigned char *)chn->buf->p;
|
||||
|
||||
--
|
||||
2.0.4
|
||||
|
||||
Loading…
Reference in New Issue