mirror of
http://git.haproxy.org/git/haproxy.git/
synced 2025-02-24 06:36:55 +00:00
[RELEASE] Released version 1.5-dev18
Released version 1.5-dev18 with the following main changes :
- DOCS: Add explanation of intermediate certs to crt paramater
- DOC: typo and minor fixes in compression paragraph
- MINOR: config: http-request configuration error message misses new keywords
- DOC: minor typo fix in documentation
- BUG/MEDIUM: ssl: ECDHE ciphers not usable without named curve configured.
- MEDIUM: ssl: add bind-option "strict-sni"
- MEDIUM: ssl: add mapping from SNI to cert file using "crt-list"
- MEDIUM: regex: Use PCRE JIT in acl
- DOC: simplify bind option "interface" explanation
- DOC: tfo: bump required kernel to linux-3.7
- BUILD: add explicit support for TFO with USE_TFO
- MEDIUM: New cli option -Ds for systemd compatibility
- MEDIUM: add haproxy-systemd-wrapper
- MEDIUM: add systemd service
- BUG/MEDIUM: systemd-wrapper: don't leak zombie processes
- BUG/MEDIUM: remove supplementary groups when changing gid
- BUG/MEDIUM: config: fix parser crash with bad bind or server address
- BUG/MINOR: Correct logic in cut_crlf()
- CLEANUP: checks: Make desc argument to set_server_check_status const
- CLEANUP: dumpstats: Make cli_release_handler() static
- MEDIUM: server: Break out set weight processing code
- MEDIUM: server: Allow relative weights greater than 100%
- MEDIUM: server: Tighten up parsing of weight string
- MEDIUM: checks: Add agent health check
- BUG/MEDIUM: ssl: openssl 0.9.8 doesn't open /dev/random before chroot
- BUG/MINOR: time: frequency counters are not totally accurate
- BUG/MINOR: http: don't process abortonclose when request was sent
- BUG/MEDIUM: stream_interface: don't close outgoing connections on shutw()
- BUG/MEDIUM: checks: ignore late resets after valid responses
- DOC: fix bogus recommendation on usage of gpc0 counter
- BUG/MINOR: http-compression: lookup Cache-Control in the response, not the request
- MINOR: signal: don't block SIGPROF by default
- OPTIM: epoll: make use of EPOLLRDHUP
- OPTIM: splice: detect shutdowns and avoid splice() == 0
- OPTIM: splice: assume by default that splice is working correctly
- BUG/MINOR: log: temporary fix for lost SSL info in some situations
- BUG/MEDIUM: peers: only the last peers section was used by tables
- BUG/MEDIUM: config: verbosely reject peers sections with multiple local peers
- BUG/MINOR: epoll: use a fix maxevents argument in epoll_wait()
- BUG/MINOR: config: fix improper check for failed memory alloc in ACL parser
- BUG/MINOR: config: free peer's address when exiting upon parsing error
- BUG/MINOR: config: check the proper variable when parsing log minlvl
- BUG/MEDIUM: checks: ensure the health_status is always within bounds
- BUG/MINOR: cli: show sess should always validate s->listener
- BUG/MINOR: log: improper NULL return check on utoa_pad()
- CLEANUP: http: remove a useless null check
- CLEANUP: tcp/unix: remove useless NULL check in {tcp,unix}_bind_listener()
- BUG/MEDIUM: signal: signal handler does not properly check for signal bounds
- BUG/MEDIUM: tools: off-by-one in quote_arg()
- BUG/MEDIUM: uri_auth: missing NULL check and memory leak on memory shortage
- BUG/MINOR: unix: remove the 'level' field from the ux struct
- CLEANUP: http: don't try to deinitialize http compression if it fails before init
- CLEANUP: config: slowstart is never negative
- CLEANUP: config: maxcompcpuusage is never negative
- BUG/MEDIUM: log: emit '-' for empty fields again
- BUG/MEDIUM: checks: fix a race condition between checks and observe layer7
- BUILD: fix a warning emitted by isblank() on non-c99 compilers
- BUILD: improve the makefile's support for libpcre
- MEDIUM: halog: add support for counting per source address (-ic)
- MEDIUM: tools: make str2sa_range support all address syntaxes
- MEDIUM: config: make use of str2sa_range() instead of str2sa()
- MEDIUM: config: use str2sa_range() to parse server addresses
- MEDIUM: config: use str2sa_range() to parse peers addresses
- MINOR: tests: add a config file to ease address parsing tests.
- MINOR: ssl: add a global tunable for the max SSL/TLS record size
- BUG/MINOR: syscall: fix NR_accept4 system call on sparc/linux
- BUILD/MINOR: syscall: add definition of NR_accept4 for ARM
- MINOR: config: report missing peers section name
- BUG/MEDIUM: tools: fix bad character handling in str2sa_range()
- BUG/MEDIUM: stats: never apply "unix-bind prefix" to the global stats socket
- MINOR: tools: prepare str2sa_range() to return an error message
- BUG/MEDIUM: checks: don't call connect() on unsupported address families
- MINOR: tools: prepare str2sa_range() to accept a prefix
- MEDIUM: tools: make str2sa_range() parse unix addresses too
- MEDIUM: config: make str2listener() use str2sa_range() to parse unix addresses
- MEDIUM: config: use a single str2sa_range() call to parse bind addresses
- MEDIUM: config: use str2sa_range() to parse log addresses
- CLEANUP: tools: remove str2sun() which is not used anymore.
- MEDIUM: config: add complete support for str2sa_range() in dispatch
- MEDIUM: config: add complete support for str2sa_range() in server addr
- MEDIUM: config: add complete support for str2sa_range() in 'server'
- MEDIUM: config: add complete support for str2sa_range() in 'peer'
- MEDIUM: config: add complete support for str2sa_range() in 'source' and 'usesrc'
- CLEANUP: minor cleanup in str2sa_range() and str2ip()
- CLEANUP: config: do not use multiple errmsg at once
- MEDIUM: tools: support specifying explicit address families in str2sa_range()
- MAJOR: listener: support inheriting a listening fd from the parent
- MAJOR: tools: support environment variables in addresses
- BUG/MEDIUM: http: add-header should not emit "-" for empty fields
- BUG/MEDIUM: config: ACL compatibility check on "redirect" was wrong
- BUG/MEDIUM: http: fix another issue caused by http-send-name-header
- DOC: mention the new HTTP 307 and 308 redirect statues
- MEDIUM: poll: do not use FD_* macros anymore
- BUG/MAJOR: ev_select: disable the select() poller if maxsock > FD_SETSIZE
- BUG/MINOR: acl: ssl_fc_{alg,use}_keysize must parse integers, not strings
- BUG/MINOR: acl: ssl_c_used, ssl_fc{,_has_crt,_has_sni} take no pattern
- BUILD: fix usual isdigit() warning on solaris
- BUG/MEDIUM: tools: vsnprintf() is not always reliable on Solaris
- OPTIM: buffer: remove one jump in buffer_count()
- OPTIM: http: improve branching in chunk size parser
- OPTIM: http: optimize the response forward state machine
- BUILD: enable poll() by default in the makefile
- BUILD: add explicit support for Mac OS/X
- BUG/MAJOR: http: use a static storage for sample fetch context
- BUG/MEDIUM: ssl: improve error processing and reporting in ssl_sock_load_cert_list_file()
- BUG/MAJOR: http: fix regression introduced by commit a890d072
- BUG/MAJOR: http: fix regression introduced by commit d655ffe
- BUG/CRITICAL: using HTTP information in tcp-request content may crash the process
- MEDIUM: acl: remove flag ACL_MAY_LOOKUP which is improperly used
- MEDIUM: samples: use new flags to describe compatibility between fetches and their usages
- MINOR: log: indicate it when some unreliable sample fetches are logged
- MEDIUM: samples: move payload-based fetches and ACLs to their own file
- MINOR: backend: rename sample fetch functions and declare the sample keywords
- MINOR: frontend: rename sample fetch functions and declare the sample keywords
- MINOR: listener: rename sample fetch functions and declare the sample keywords
- MEDIUM: http: unify acl and sample fetch functions
- MINOR: session: rename sample fetch functions and declare the sample keywords
- MAJOR: acl: make all ACLs reference the fetch function via a sample.
- MAJOR: acl: remove the arg_mask from the ACL definition and use the sample fetch's
- MAJOR: acl: remove fetch argument validation from the ACL struct
- MINOR: http: add new direction-explicit sample fetches for headers and cookies
- MINOR: payload: add new direction-explicit sample fetches
- CLEANUP: acl: remove ACL hooks which were never used
- MEDIUM: proxy: remove acl_requires and just keep a flag "http_needed"
- MINOR: sample: provide a function to report the name of a sample check point
- MAJOR: acl: convert all ACL requires to SMP use+val instead of ->requires
- CLEANUP: acl: remove unused references to ACL_USE_*
- MINOR: http: replace acl_parse_ver with acl_parse_str
- MEDIUM: acl: move the ->parse, ->match and ->smp fields to acl_expr
- MAJOR: acl: add option -m to change the pattern matching method
- MINOR: acl: remove the use_count in acl keywords
- MEDIUM: acl: have a pointer to the keyword name in acl_expr
- MEDIUM: acl: support using sample fetches directly in ACLs
- MEDIUM: http: remove val_usr() to validate user_lists
- MAJOR: sample: maintain a per-proxy list of the fetch args to resolve
- MINOR: ssl: add support for the "alpn" bind keyword
- MINOR: http: status code 303 is HTTP/1.1 only
- MEDIUM: http: implement redirect 307 and 308
- MINOR: http: status 301 should not be marked non-cacheable
This commit is contained in:
Willy Tarreau
parent
ab861d3856
commit
289dd92a64
141
CHANGELOG
141
CHANGELOG
@ -1,6 +1,147 @@
|
||||
ChangeLog :
|
||||
===========
|
||||
|
||||
2013/04/03 : 1.5-dev18
|
||||
- DOCS: Add explanation of intermediate certs to crt paramater
|
||||
- DOC: typo and minor fixes in compression paragraph
|
||||
- MINOR: config: http-request configuration error message misses new keywords
|
||||
- DOC: minor typo fix in documentation
|
||||
- BUG/MEDIUM: ssl: ECDHE ciphers not usable without named curve configured.
|
||||
- MEDIUM: ssl: add bind-option "strict-sni"
|
||||
- MEDIUM: ssl: add mapping from SNI to cert file using "crt-list"
|
||||
- MEDIUM: regex: Use PCRE JIT in acl
|
||||
- DOC: simplify bind option "interface" explanation
|
||||
- DOC: tfo: bump required kernel to linux-3.7
|
||||
- BUILD: add explicit support for TFO with USE_TFO
|
||||
- MEDIUM: New cli option -Ds for systemd compatibility
|
||||
- MEDIUM: add haproxy-systemd-wrapper
|
||||
- MEDIUM: add systemd service
|
||||
- BUG/MEDIUM: systemd-wrapper: don't leak zombie processes
|
||||
- BUG/MEDIUM: remove supplementary groups when changing gid
|
||||
- BUG/MEDIUM: config: fix parser crash with bad bind or server address
|
||||
- BUG/MINOR: Correct logic in cut_crlf()
|
||||
- CLEANUP: checks: Make desc argument to set_server_check_status const
|
||||
- CLEANUP: dumpstats: Make cli_release_handler() static
|
||||
- MEDIUM: server: Break out set weight processing code
|
||||
- MEDIUM: server: Allow relative weights greater than 100%
|
||||
- MEDIUM: server: Tighten up parsing of weight string
|
||||
- MEDIUM: checks: Add agent health check
|
||||
- BUG/MEDIUM: ssl: openssl 0.9.8 doesn't open /dev/random before chroot
|
||||
- BUG/MINOR: time: frequency counters are not totally accurate
|
||||
- BUG/MINOR: http: don't process abortonclose when request was sent
|
||||
- BUG/MEDIUM: stream_interface: don't close outgoing connections on shutw()
|
||||
- BUG/MEDIUM: checks: ignore late resets after valid responses
|
||||
- DOC: fix bogus recommendation on usage of gpc0 counter
|
||||
- BUG/MINOR: http-compression: lookup Cache-Control in the response, not the request
|
||||
- MINOR: signal: don't block SIGPROF by default
|
||||
- OPTIM: epoll: make use of EPOLLRDHUP
|
||||
- OPTIM: splice: detect shutdowns and avoid splice() == 0
|
||||
- OPTIM: splice: assume by default that splice is working correctly
|
||||
- BUG/MINOR: log: temporary fix for lost SSL info in some situations
|
||||
- BUG/MEDIUM: peers: only the last peers section was used by tables
|
||||
- BUG/MEDIUM: config: verbosely reject peers sections with multiple local peers
|
||||
- BUG/MINOR: epoll: use a fix maxevents argument in epoll_wait()
|
||||
- BUG/MINOR: config: fix improper check for failed memory alloc in ACL parser
|
||||
- BUG/MINOR: config: free peer's address when exiting upon parsing error
|
||||
- BUG/MINOR: config: check the proper variable when parsing log minlvl
|
||||
- BUG/MEDIUM: checks: ensure the health_status is always within bounds
|
||||
- BUG/MINOR: cli: show sess should always validate s->listener
|
||||
- BUG/MINOR: log: improper NULL return check on utoa_pad()
|
||||
- CLEANUP: http: remove a useless null check
|
||||
- CLEANUP: tcp/unix: remove useless NULL check in {tcp,unix}_bind_listener()
|
||||
- BUG/MEDIUM: signal: signal handler does not properly check for signal bounds
|
||||
- BUG/MEDIUM: tools: off-by-one in quote_arg()
|
||||
- BUG/MEDIUM: uri_auth: missing NULL check and memory leak on memory shortage
|
||||
- BUG/MINOR: unix: remove the 'level' field from the ux struct
|
||||
- CLEANUP: http: don't try to deinitialize http compression if it fails before init
|
||||
- CLEANUP: config: slowstart is never negative
|
||||
- CLEANUP: config: maxcompcpuusage is never negative
|
||||
- BUG/MEDIUM: log: emit '-' for empty fields again
|
||||
- BUG/MEDIUM: checks: fix a race condition between checks and observe layer7
|
||||
- BUILD: fix a warning emitted by isblank() on non-c99 compilers
|
||||
- BUILD: improve the makefile's support for libpcre
|
||||
- MEDIUM: halog: add support for counting per source address (-ic)
|
||||
- MEDIUM: tools: make str2sa_range support all address syntaxes
|
||||
- MEDIUM: config: make use of str2sa_range() instead of str2sa()
|
||||
- MEDIUM: config: use str2sa_range() to parse server addresses
|
||||
- MEDIUM: config: use str2sa_range() to parse peers addresses
|
||||
- MINOR: tests: add a config file to ease address parsing tests.
|
||||
- MINOR: ssl: add a global tunable for the max SSL/TLS record size
|
||||
- BUG/MINOR: syscall: fix NR_accept4 system call on sparc/linux
|
||||
- BUILD/MINOR: syscall: add definition of NR_accept4 for ARM
|
||||
- MINOR: config: report missing peers section name
|
||||
- BUG/MEDIUM: tools: fix bad character handling in str2sa_range()
|
||||
- BUG/MEDIUM: stats: never apply "unix-bind prefix" to the global stats socket
|
||||
- MINOR: tools: prepare str2sa_range() to return an error message
|
||||
- BUG/MEDIUM: checks: don't call connect() on unsupported address families
|
||||
- MINOR: tools: prepare str2sa_range() to accept a prefix
|
||||
- MEDIUM: tools: make str2sa_range() parse unix addresses too
|
||||
- MEDIUM: config: make str2listener() use str2sa_range() to parse unix addresses
|
||||
- MEDIUM: config: use a single str2sa_range() call to parse bind addresses
|
||||
- MEDIUM: config: use str2sa_range() to parse log addresses
|
||||
- CLEANUP: tools: remove str2sun() which is not used anymore.
|
||||
- MEDIUM: config: add complete support for str2sa_range() in dispatch
|
||||
- MEDIUM: config: add complete support for str2sa_range() in server addr
|
||||
- MEDIUM: config: add complete support for str2sa_range() in 'server'
|
||||
- MEDIUM: config: add complete support for str2sa_range() in 'peer'
|
||||
- MEDIUM: config: add complete support for str2sa_range() in 'source' and 'usesrc'
|
||||
- CLEANUP: minor cleanup in str2sa_range() and str2ip()
|
||||
- CLEANUP: config: do not use multiple errmsg at once
|
||||
- MEDIUM: tools: support specifying explicit address families in str2sa_range()
|
||||
- MAJOR: listener: support inheriting a listening fd from the parent
|
||||
- MAJOR: tools: support environment variables in addresses
|
||||
- BUG/MEDIUM: http: add-header should not emit "-" for empty fields
|
||||
- BUG/MEDIUM: config: ACL compatibility check on "redirect" was wrong
|
||||
- BUG/MEDIUM: http: fix another issue caused by http-send-name-header
|
||||
- DOC: mention the new HTTP 307 and 308 redirect statues
|
||||
- MEDIUM: poll: do not use FD_* macros anymore
|
||||
- BUG/MAJOR: ev_select: disable the select() poller if maxsock > FD_SETSIZE
|
||||
- BUG/MINOR: acl: ssl_fc_{alg,use}_keysize must parse integers, not strings
|
||||
- BUG/MINOR: acl: ssl_c_used, ssl_fc{,_has_crt,_has_sni} take no pattern
|
||||
- BUILD: fix usual isdigit() warning on solaris
|
||||
- BUG/MEDIUM: tools: vsnprintf() is not always reliable on Solaris
|
||||
- OPTIM: buffer: remove one jump in buffer_count()
|
||||
- OPTIM: http: improve branching in chunk size parser
|
||||
- OPTIM: http: optimize the response forward state machine
|
||||
- BUILD: enable poll() by default in the makefile
|
||||
- BUILD: add explicit support for Mac OS/X
|
||||
- BUG/MAJOR: http: use a static storage for sample fetch context
|
||||
- BUG/MEDIUM: ssl: improve error processing and reporting in ssl_sock_load_cert_list_file()
|
||||
- BUG/MAJOR: http: fix regression introduced by commit a890d072
|
||||
- BUG/MAJOR: http: fix regression introduced by commit d655ffe
|
||||
- BUG/CRITICAL: using HTTP information in tcp-request content may crash the process
|
||||
- MEDIUM: acl: remove flag ACL_MAY_LOOKUP which is improperly used
|
||||
- MEDIUM: samples: use new flags to describe compatibility between fetches and their usages
|
||||
- MINOR: log: indicate it when some unreliable sample fetches are logged
|
||||
- MEDIUM: samples: move payload-based fetches and ACLs to their own file
|
||||
- MINOR: backend: rename sample fetch functions and declare the sample keywords
|
||||
- MINOR: frontend: rename sample fetch functions and declare the sample keywords
|
||||
- MINOR: listener: rename sample fetch functions and declare the sample keywords
|
||||
- MEDIUM: http: unify acl and sample fetch functions
|
||||
- MINOR: session: rename sample fetch functions and declare the sample keywords
|
||||
- MAJOR: acl: make all ACLs reference the fetch function via a sample.
|
||||
- MAJOR: acl: remove the arg_mask from the ACL definition and use the sample fetch's
|
||||
- MAJOR: acl: remove fetch argument validation from the ACL struct
|
||||
- MINOR: http: add new direction-explicit sample fetches for headers and cookies
|
||||
- MINOR: payload: add new direction-explicit sample fetches
|
||||
- CLEANUP: acl: remove ACL hooks which were never used
|
||||
- MEDIUM: proxy: remove acl_requires and just keep a flag "http_needed"
|
||||
- MINOR: sample: provide a function to report the name of a sample check point
|
||||
- MAJOR: acl: convert all ACL requires to SMP use+val instead of ->requires
|
||||
- CLEANUP: acl: remove unused references to ACL_USE_*
|
||||
- MINOR: http: replace acl_parse_ver with acl_parse_str
|
||||
- MEDIUM: acl: move the ->parse, ->match and ->smp fields to acl_expr
|
||||
- MAJOR: acl: add option -m to change the pattern matching method
|
||||
- MINOR: acl: remove the use_count in acl keywords
|
||||
- MEDIUM: acl: have a pointer to the keyword name in acl_expr
|
||||
- MEDIUM: acl: support using sample fetches directly in ACLs
|
||||
- MEDIUM: http: remove val_usr() to validate user_lists
|
||||
- MAJOR: sample: maintain a per-proxy list of the fetch args to resolve
|
||||
- MINOR: ssl: add support for the "alpn" bind keyword
|
||||
- MINOR: http: status code 303 is HTTP/1.1 only
|
||||
- MEDIUM: http: implement redirect 307 and 308
|
||||
- MINOR: http: status 301 should not be marked non-cacheable
|
||||
|
||||
2012/12/28 : 1.5-dev17
|
||||
- MINOR: ssl: Setting global tune.ssl.cachesize value to 0 disables SSL session cache.
|
||||
- BUG/MEDIUM: stats: fix stats page regression introduced by commit 20b0de5
|
||||
|
||||
4
README
4
README
@ -1,9 +1,9 @@
|
||||
----------------------
|
||||
HAProxy how-to
|
||||
----------------------
|
||||
version 1.5-dev17
|
||||
version 1.5-dev18
|
||||
willy tarreau
|
||||
2012/12/28
|
||||
2014/04/03
|
||||
|
||||
|
||||
1) How to build it
|
||||
|
||||
@ -4,7 +4,7 @@
|
||||
----------------------
|
||||
version 1.5
|
||||
willy tarreau
|
||||
2012/12/28
|
||||
2013/04/03
|
||||
|
||||
|
||||
This document covers the configuration language as implemented in the version
|
||||
|
||||
@ -1,6 +1,6 @@
|
||||
Summary: HA-Proxy is a TCP/HTTP reverse proxy for high availability environments
|
||||
Name: haproxy
|
||||
Version: 1.5-dev17
|
||||
Version: 1.5-dev18
|
||||
Release: 1
|
||||
License: GPL
|
||||
Group: System Environment/Daemons
|
||||
@ -76,6 +76,9 @@ fi
|
||||
%attr(0755,root,root) %config %{_sysconfdir}/rc.d/init.d/%{name}
|
||||
|
||||
%changelog
|
||||
* Wed Apr 3 2013 Willy Tarreau <w@1wt.eu>
|
||||
- updated to 1.5-dev18
|
||||
|
||||
* Fri Dec 28 2012 Willy Tarreau <w@1wt.eu>
|
||||
- updated to 1.5-dev17
|
||||
|
||||
|
||||
@ -1,6 +1,6 @@
|
||||
/*
|
||||
* HA-Proxy : High Availability-enabled HTTP/TCP proxy
|
||||
* Copyright 2000-2012 Willy Tarreau <w@1wt.eu>.
|
||||
* Copyright 2000-2013 Willy Tarreau <w@1wt.eu>.
|
||||
*
|
||||
* This program is free software; you can redistribute it and/or
|
||||
* modify it under the terms of the GNU General Public License
|
||||
@ -205,7 +205,7 @@ static struct task *manage_global_listener_queue(struct task *t);
|
||||
void display_version()
|
||||
{
|
||||
printf("HA-Proxy version " HAPROXY_VERSION " " HAPROXY_DATE"\n");
|
||||
printf("Copyright 2000-2012 Willy Tarreau <w@1wt.eu>\n\n");
|
||||
printf("Copyright 2000-2013 Willy Tarreau <w@1wt.eu>\n\n");
|
||||
}
|
||||
|
||||
void display_build_opts()
|
||||
|
||||
Loading…
Reference in New Issue
Block a user