cpet/openbsd-ports
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
153,400 Commits 1 Branch 0 Tags
Commit Graph

81 Commits

Author SHA1 Message Date
danj
104fe2bb47 Update to haproxy-2.0.19 2020-12-14 23:26:59 +00:00
danj
b8be89cd6d Add support for encrypted passwords in Userlists 
This is a backport from upstream:
BUILD: makefile: enable crypt(3) for OpenBSD (496374e)

Upstream diff from Matthieu Guegan, port one from brad. Prodded by both.
 2020-11-26 23:28:27 +00:00
danj
6ef539baf3 Backport two commits to support closefrom() 
From brad
 2020-10-24 18:27:51 +00:00
danj
73e1f9da9d Fix CFLAGS handling 
The proper variable to override for optimizations is CPU_CFLAGS.
Upstream Makefile adds -fno-strict-aliasing so remove it.

From brad
 2020-10-24 18:27:05 +00:00
danj
ffdc5178d6 Update to haproxy-2.0.18 2020-10-22 22:03:36 +00:00
danj
05464cc878 Add patch to fix vfprintf %s NULL in syslog 
From Willy Tarreau, via Matthieu Guegan
 2020-09-22 14:12:21 +00:00
danj
0859186aeb Update to haproxy-2.0.17 2020-09-21 19:19:05 +00:00
danj
da2a3863a9 Update to haproxy-2.0.15 2020-06-23 17:35:41 +00:00
cwen
250d5aaa37 haproxy: don't require `-latomic' anymore on powerpc, now that this arch 
switched to clang

OK danj@ (maintainer), also built by kettenis@
 2020-04-06 13:36:08 +00:00
sthen
b5edc4961c haproxy: use V=1 for building to unhide command lines. ok danj 2020-04-05 19:28:09 +00:00
danj
6f88c608f0 Update to haproxy-2.0.14 
From the Announce email:
The main driver for this release is that it contains a fix for a
serious vulnerability that was responsibly reported last week by
Felix Wilhelm from Google Project Zero, affecting the HPACK
decoder used for HTTP/2.  CVE-2020-11100 was assigned to this
issue.

This vulnerability makes it possible under certain circumstances
to write to a wide range of memory locations within the process'
heap, with the limitation that the attacker doesn't control the
absolute address, so the most likely result and by a far margin
will be a process crash, but it is not possible to completely
rule out the faint possibility of a remote code execution, at
least in a lab-controlled environment.
 2020-04-02 23:01:17 +00:00
danj
31b52064ac Update to haproxy-2.0.12 2020-02-06 20:16:26 +00:00
danj
b5cb592a59 Update to haproxy-2.0.8 
Enable zlib
From Matthieu Guegan (matthieu dot guegan at deindeal dot ch)
 2019-11-09 15:52:53 +00:00
danj
3a4e833600 Update to haproxy-1.9.10 2019-08-13 00:34:03 +00:00
sthen
48b0b9660c replace simple PERMIT_PACKAGE_CDROM=Yes with PERMIT_PACKAGE=Yes 2019-07-12 20:48:23 +00:00
danj
20fb1d8c8f Update to haproxy-1.9.8 
With some help from tb@ for the LibreSSL part.
 2019-06-10 23:01:13 +00:00
cwen
235b5eb19d haproxy: needs atomics on macppc (and probably hppa) 
Successfully tested on macppc.

OK jca@, "no objection" danj@ (maintainer)
 2019-03-14 21:37:20 +00:00
jca
8642cc437b ports-gcc should bring atomic ops support on hppa, remove workaround 
"no objection" maintainer
 2019-01-14 18:18:59 +00:00
jca
e6f3ebf319 haproxy now uses TLS (__thread) by default, switch to ports-gcc on gcc archs 
"no objection" maintainer
 2019-01-14 18:17:50 +00:00
danj
5bdbf63dbc Update to haproxy-1.8.17 
Fix CVE-2018-20615: """BUG/CRITICAL: mux-h2: re-check the frame
length when PRIORITY is used

An incorrect frame length check is performed on HEADERS frame having
the PRIORITY flag, possibly resulting in a read-past-bound which can
cause a crash depending how the frame is crafted. All 1.9 and 1.8
versions are affected. As a result, all HTTP/2 users must either
upgrade or temporarily disable HTTP/2 by commenting the "npn h2" and
"alpn h2" statements on their related "bind" lines."""
 2019-01-11 01:09:50 +00:00
danj
2ea6f71113 Update to haproxy-1.8.16 2018-12-27 21:28:28 +00:00
danj
453877888b Update to haproxy-1.8.15 
2 CVEs are fixed with this update
 2018-12-15 20:25:54 +00:00
danj
dee14f1fc3 Update to haproxy-1.8.14 
This update brings HTTP/2 support.

Most libressl patching done by jsing@
ok tb@ jsing@
 2018-12-05 16:32:13 +00:00
danj
a4f3eb6c2e Update to haproxy-1.7.11 2018-05-26 16:40:04 +00:00
sthen
3d9171fba7 unbreak; we now have all functions that haproxy uses in openssl-compat.h 
(there are more !LIBRESSL pieces src/ssl_sock.c)
 2018-03-20 21:57:55 +00:00
sthen
139e13f31b we have all functions other than SSL_SESSION_set1_id now; unbreak, from jsing 2018-03-18 12:24:43 +00:00
sthen
03c18e5bcd fix now we have X509_get0_tbs_sigalg 2018-02-23 10:25:17 +00:00
sthen
671eca8fb6 cope with DH_set0_pqg addition 2018-02-19 10:26:10 +00:00
sthen
811c606bd1 add "defined(LIBRESSL_VERSION_NUMBER) && " to the ifdef 2018-02-15 13:58:25 +00:00
sthen
e9cb28456b adapt compat code conditionals for ASN1_STRING_get0_data() to unbreak 
since it was added in libressl, ok jsing
 2018-02-15 13:45:49 +00:00
danj
a66cab4eed Update to haproxy-1.7.10 2018-01-21 17:14:08 +00:00
jsg
9a190ffe23 Now that arm has switched to clang the base compiler has atomic builtins 
and accepts -mfpu=neon.

ok jca@ sthen@
 2018-01-20 14:03:39 +00:00
rpe
9a8b5ccd06 Change the shebang line from /bin/sh to /bin/ksh in all ports rc.d 
daemon scripts and bump subpackages that contain the *.rc scripts.

discussed with and OK aja@
OK tb
 2018-01-11 19:27:01 +00:00
danj
5ba8a1c7fb Update to haproxy-1.7.9 
From ChangeLog: BUG/MAJOR: http: Fix possible infinity loop in
http_sync_(req|res)_state
 2017-08-21 01:32:19 +00:00
danj
88dc65fb0a Update to haproxy-1.7.8 
This moves the port to the latest stable branch. Thanks to Bernard Spil
for patching haproxy to make it work with libressl and pointing it to me!

OK gonzalo@
 2017-08-12 14:20:11 +00:00
danj
09168d30e1 Update to haproxy-1.6.13 2017-06-20 17:38:40 +00:00
danj
0737c10470 Update to haproxy-1.6.12 2017-04-05 03:34:57 +00:00
naddy
2e12ef0622 Unbreak after libressl change: remove direct access to field now private. 
Similar to upstream changes for OpenSSL 1.1.0.  Not tested at run time.
ok danj@ sthen@
 2017-02-01 15:49:34 +00:00
danj
892545f724 Update to haproxy-1.6.11 2016-12-30 14:02:17 +00:00
jca
d4b8d537c2 Needs __sync_sub_and_fetch_4 and friends, build with lang/gcc on arm. 
ok danj (maintainer)
 2016-12-29 14:05:08 +00:00
jca
898293df04 Move NO_TEST, and kill a trailing whitespace. 
ok danj@ (maintainer)
 2016-12-29 13:52:14 +00:00
danj
c0dee63708 Update to haproxy-1.6.10 2016-11-26 12:29:50 +00:00
danj
04a92c12b7 Patch has been (finally, yay) committed upstream 2016-10-20 16:19:11 +00:00
danj
e9cc00c472 Make use of the accept4() API on OpenBSD. 
From Brad, ok jca@
 2016-09-27 17:04:58 +00:00
danj
38ab7a348d Update to haproxy-1.6.9 2016-08-31 17:50:39 +00:00
danj
eb68ef5395 Maintenance update to haproxy-1.6.8 2016-08-17 18:57:57 +00:00
danj
1344f9a3e6 update to haproxy-1.6.7 
from David Carlier
 2016-08-01 17:30:50 +00:00
danj
7fc676bcc9 update to haproxy-1.6.6 
from David Carlier
 2016-06-27 18:41:11 +00:00
jasper
a2e16608d9 Security fix for CVE-2016-5360 
ok danj@ (MAINTAINER)
 2016-06-15 06:55:58 +00:00
gonzalo
8fb1926a7a Update for Haproxy to 1.6.5 from David CARLIER 
http://www.haproxy.org/download/1.6/src/CHANGELOG
 2016-05-13 03:34:28 +00:00