On Wed, 20 Jan 2021 12:17:00 -0500, Aisha Tammy <[email protected]> wrote:
> > Hi, > I've linked the release note highlights of 2.2 > https://www.mail-archive.com/[email protected]/msg37852.html > and the full changelog of 2.3 > https://www.haproxy.org/download/2.3/src/CHANGELOG > > An important highlight (which is why I updated haproxy) > was that since 2.2 haproxy now supports keeping the private and > public keys in separate files, while previously, they needed to be > in the same file. This allows us to directly use the output of > acme-client(1) without doing extra scripting. > > The latest stable is 2.3.4, the latest LTS is 2.2. Both of them > have the acme-client compatibility so I am fine with either (though > personally I'm partial to 2.3 just cuz its new and shiny). > > The libressl support seems to be doing fine. I have a test website > running behind haproxy which is working (with ocsp as > well) https://www.epsilonknot.xyz, so that seems OK. The logging > is definitely something I have not looked into a lot so if someone > can take a peek at that, that would be nice. Alright, thanks! Here's a patch based on yours. It looks good to me so I'll commit it in a few days. Index: Makefile =================================================================== RCS file: /cvs/ports/net/haproxy/Makefile,v retrieving revision 1.73 diff -u -p -r1.73 Makefile --- Makefile 17 Jan 2021 15:22:56 -0000 1.73 +++ Makefile 23 Jan 2021 14:43:13 -0000 @@ -2,9 +2,9 @@ COMMENT = reliable, high performance TCP/HTTP load balancer -DISTNAME = haproxy-2.0.20 +DISTNAME = haproxy-2.3.4 CATEGORIES = net www -HOMEPAGE = http://www.haproxy.org/ +HOMEPAGE = https://www.haproxy.org/ MAINTAINER = Daniel Jakots <[email protected]> # GPLv2 @@ -12,7 +12,7 @@ PERMIT_PACKAGE = Yes WANTLIB += c crypto pcre pcreposix pthread ssl z -MASTER_SITES = ${HOMEPAGE}/download/2.0/src/ +MASTER_SITES = ${HOMEPAGE}/download/2.3/src/ HAPROXYCONF = ${SYSCONFDIR}/haproxy HAPROXYSTATE = /var/haproxy Index: distinfo =================================================================== RCS file: /cvs/ports/net/haproxy/distinfo,v retrieving revision 1.43 diff -u -p -r1.43 distinfo --- distinfo 17 Jan 2021 15:22:56 -0000 1.43 +++ distinfo 23 Jan 2021 14:43:13 -0000 @@ -1,2 +1,2 @@ -SHA256 (haproxy-2.0.20.tar.gz) = ZRU8mJ50EvaBXTsEcYS7B+63PMsQ9cBedXNH6mwxfOE= -SIZE (haproxy-2.0.20.tar.gz) = 2693943 +SHA256 (haproxy-2.3.4.tar.gz) = YBSM3+3WsZxAHbzXXM12pTwgvHbEkDK6Mq+YoKXEle0= +SIZE (haproxy-2.3.4.tar.gz) = 2909672 Index: patches/patch-Makefile =================================================================== RCS file: patches/patch-Makefile diff -N patches/patch-Makefile --- patches/patch-Makefile 14 Dec 2020 23:26:59 -0000 1.10 +++ /dev/null 1 Jan 1970 00:00:00 -0000 @@ -1,32 +0,0 @@ -$OpenBSD: patch-Makefile,v 1.10 2020/12/14 23:26:59 danj Exp $ - -- BUILD: makefile: Update feature flags for OpenBSD (90c9d78) -- BUILD: makefile: enable crypt(3) for OpenBSD (496374e) - -Index: Makefile ---- Makefile.orig -+++ Makefile -@@ -362,10 +362,11 @@ ifeq ($(TARGET),osx) - EXPORT_SYMBOL = -export_dynamic - endif - --# OpenBSD 5.7 and above -+# OpenBSD 6.3 and above - ifeq ($(TARGET),openbsd) - set_target_defaults = $(call default_opts, \ -- USE_POLL USE_TPROXY USE_THREAD USE_KQUEUE USE_ACCEPT4) -+ USE_POLL USE_TPROXY USE_LIBCRYPT USE_THREAD USE_KQUEUE USE_ACCEPT4 \ -+ USE_CLOSEFROM USE_GETADDRINFO) - endif - - # NetBSD -@@ -455,7 +456,9 @@ BUILD_FEATURES := $(foreach opt,$(patsubst USE_%,%,$(u - OPTIONS_CFLAGS += $(foreach opt,$(use_opts),$(if $($(opt)),-D$(opt),)) - - ifneq ($(USE_LIBCRYPT),) -+ifneq ($(TARGET),openbsd) - OPTIONS_LDFLAGS += -lcrypt -+endif - endif - - ifneq ($(USE_SLZ),) Index: patches/patch-doc_haproxy_1 =================================================================== RCS file: /cvs/ports/net/haproxy/patches/patch-doc_haproxy_1,v retrieving revision 1.7 diff -u -p -r1.7 patch-doc_haproxy_1 --- patches/patch-doc_haproxy_1 9 Nov 2019 15:52:53 -0000 1.7 +++ patches/patch-doc_haproxy_1 23 Jan 2021 14:43:13 -0000 @@ -2,7 +2,7 @@ $OpenBSD: patch-doc_haproxy_1,v 1.7 2019 Index: doc/haproxy.1 --- doc/haproxy.1.orig +++ doc/haproxy.1 -@@ -217,8 +217,7 @@ This signal is intercepted and ignored on systems with +@@ -218,8 +218,7 @@ This signal is intercepted and ignored on systems with .SH SEE ALSO Index: patches/patch-src_log_c =================================================================== RCS file: patches/patch-src_log_c diff -N patches/patch-src_log_c --- patches/patch-src_log_c 14 Dec 2020 23:26:59 -0000 1.2 +++ /dev/null 1 Jan 1970 00:00:00 -0000 @@ -1,21 +0,0 @@ -$OpenBSD: patch-src_log_c,v 1.2 2020/12/14 23:26:59 danj Exp $ - -This fixes `haproxy: vfprintf %s NULL in "<<<<>%s %2d %02d:%02d:%02d %.*s%*s"` -in syslog. It was never committed upstream and commit 5464885 shuffled the -code. - -It was discussed on the mailing list: -https://www.mail-archive.com/[email protected]/msg35601.html - -Index: src/log.c ---- src/log.c.orig -+++ src/log.c -@@ -1389,7 +1389,7 @@ static char *update_log_hdr(const time_t time) - "<<<<>%s %2d %02d:%02d:%02d %.*s%*s", - monthname[tm.tm_mon], - tm.tm_mday, tm.tm_hour, tm.tm_min, tm.tm_sec, -- (int)host.data, host.area, sep, ""); -+ (int)host.data, host.area ? host.area : "", sep, ""); - /* WARNING: depending upon implementations, snprintf may return - * either -1 or the number of bytes that would be needed to store - * the total message. In both cases, we must adjust it.
