haproxy: Update HAProxy to v1.8.27

- Update haproxy download URL and hash
- Fix ssl compat patch offsets

Signed-off-by: Christian Lachner <gladiac@gmail.com>

diff --git a/net/haproxy/Makefile b/net/haproxy/Makefile
index 73f1aed32add35ccc246e50970764f2a70f2ffa8..d5e53092715e87f5ccf3a34841b1592e569f26ee 100644 (file)
--- a/net/haproxy/Makefile
+++ b/net/haproxy/Makefile
@@ -10,12 +10,12 @@
 include $(TOPDIR)/rules.mk
 
 PKG_NAME:=haproxy
-PKG_VERSION:=1.8.26
+PKG_VERSION:=1.8.27
 PKG_RELEASE:=1
 
 PKG_SOURCE:=haproxy-$(PKG_VERSION).tar.gz
 PKG_SOURCE_URL:=https://www.haproxy.org/download/1.8/src/
-PKG_HASH:=e3c2a81b6f26dcb736a34ebb5f134d3251ceccf30386214655fa7ed6d3afa400
+PKG_HASH:=56ba6a21e13215fae56472ad37d5d68c3f19bde9da94c59e70b869eecf48bf50
 
 PKG_BUILD_DIR:=$(BUILD_DIR)/$(PKG_NAME)-$(BUILD_VARIANT)/$(PKG_NAME)-$(PKG_VERSION)
 PKG_LICENSE:=GPL-2.0

diff --git a/net/haproxy/get-latest-patches.sh b/net/haproxy/get-latest-patches.sh
index 416bb8c7d65eba4b8d17f51d1e7187b39e2627bb..138c195007340398ac8c0d7772f0532f3d69a230 100755 (executable)
--- a/net/haproxy/get-latest-patches.sh
+++ b/net/haproxy/get-latest-patches.sh
@@ -1,7 +1,7 @@
 #!/bin/bash
 
 CLONEURL=http://git.haproxy.org/git/haproxy-1.8.git
-BASE_TAG=v1.8.26
+BASE_TAG=v1.8.27
 TMP_REPODIR=tmprepo
 PATCHESDIR=patches
 

diff --git a/net/haproxy/patches/000-deprecated-openssl.patch b/net/haproxy/patches/000-deprecated-openssl.patch
index f407706ac6d706730bccc171b64543cf366a2535..e39359ed5965656c1384a216ed22797880fbfa71 100644 (file)
--- a/net/haproxy/patches/000-deprecated-openssl.patch
+++ b/net/haproxy/patches/000-deprecated-openssl.patch
@@ -35,7 +35,7 @@
  
  static HA_RWLOCK_T *ssl_rwlocks;
  
-@@ -1716,8 +1728,8 @@ ssl_sock_do_create_cert(const char *servername, struct bind_conf *bind_conf, SSL
+@@ -1720,8 +1732,8 @@ ssl_sock_do_create_cert(const char *servername, struct bind_conf *bind_conf, SSL
        ASN1_INTEGER_set(X509_get_serialNumber(newcrt), HA_ATOMIC_ADD(&ssl_ctx_serial, 1));
  
        /* Set duration for the certificate */
@@ -46,7 +46,7 @@
                goto mkcert_error;
  
        /* set public key in the certificate */
-@@ -6387,7 +6399,7 @@ smp_fetch_ssl_x_notafter(const struct arg *args, struct sample *smp, const char
+@@ -6395,7 +6407,7 @@ smp_fetch_ssl_x_notafter(const struct arg *args, struct sample *smp, const char
                goto out;
  
        smp_trash = get_trash_chunk();
@@ -55,7 +55,7 @@
                goto out;
  
        smp->data.u.str = *smp_trash;
-@@ -6487,7 +6499,7 @@ smp_fetch_ssl_x_notbefore(const struct a
+@@ -6495,7 +6507,7 @@ smp_fetch_ssl_x_notbefore(const struct a
                goto out;
  
        smp_trash = get_trash_chunk();
@@ -64,7 +64,7 @@
                goto out;
  
        smp->data.u.str = *smp_trash;
-@@ -9068,7 +9080,9 @@ static void __ssl_sock_init(void)
+@@ -9076,7 +9088,9 @@ static void __ssl_sock_init(void)
  #endif
  
        xprt_register(XPRT_SSL, &ssl_sock);
@@ -74,7 +74,7 @@
  #if (!defined(OPENSSL_NO_COMP) && !defined(SSL_OP_NO_COMPRESSION))
        cm = SSL_COMP_get_compression_methods();
        i = sk_SSL_COMP_num(cm);
-@@ -9077,7 +9091,7 @@ static void __ssl_sock_init(void)
+@@ -9085,7 +9099,7 @@ static void __ssl_sock_init(void)
        }
  #endif
  
@@ -83,7 +83,7 @@
        ssl_locking_init();
  #endif
  #if (OPENSSL_VERSION_NUMBER >= 0x1000200fL && !defined OPENSSL_NO_TLSEXT && !defined OPENSSL_IS_BORINGSSL && !defined LIBRESSL_VERSION_NUMBER)
-@@ -9106,8 +9120,8 @@ static void __ssl_sock_init(void)
+@@ -9114,8 +9128,8 @@ static void __ssl_sock_init(void)
  #else /* OPENSSL_IS_BORINGSSL */
                OPENSSL_VERSION_TEXT
                "\nRunning on OpenSSL version : %s%s",
@@ -94,7 +94,7 @@
  #endif
        memprintf(&ptr, "%s\nOpenSSL library supports TLS extensions : "
  #if OPENSSL_VERSION_NUMBER < 0x00907000L
-@@ -9198,12 +9212,14 @@ static void __ssl_sock_deinit(void)
+@@ -9206,12 +9220,14 @@ static void __ssl_sock_deinit(void)
        }
  #endif