mirror of
http://git.haproxy.org/git/haproxy.git/
synced 2024-12-28 15:42:30 +00:00
7ff7747a17
134 Commits
Author | SHA1 | Message | Date | |
---|---|---|---|---|
Willy Tarreau
|
5d46fbddb1 |
[RELEASE] Released version 2.4-dev7
Released version 2.4-dev7 with the following main changes : - BUG/MINOR: stats: Continue to fill frontend stats on unimplemented metric - BUILD: ssl: guard Client Hello callbacks with HAVE_SSL_CLIENT_HELLO_CB macro instead of openssl version - BUG/MINOR: stats: Init the metric variable when frontend stats are filled - MINOR: contrib/prometheus-exporter: better output of Not-a-Number - CLEANUP: stats: improve field selection for frontend http fields - CLEANUP: assorted typo fixes in the code and comments - DOC: Improve documentation of the various hdr() fetches - MEDIUM: stats: allow to select one field in `stats_fill_be_stats` - MINOR: contrib/prometheus-exporter: use fill_be_stats for backend dump - MEDIUM: stats: allow to select one field in `stats_fill_sv_stats` - MINOR: contrib/prometheus-exporter: use fill_sv_stats for server dump - MINOR: abort() on my_unreachable() when DEBUG_USE_ABORT is set. - BUG/MEDIUM: filters/htx: Fix data forwarding when payload length is unknown - BUG/MINOR: config: fix leak on proxy.conn_src.bind_hdr_name - MINOR: reg-tests: add http-reuse test - CLEANUP: srv: fix comment for pool-max-conn - CLEANUP: backend: remove an obsolete comment on conn_backend_get - REORG: backend: simplify conn_backend_get - MINOR: ssl: Server ssl context prepare function refactoring - MINOR: ssl: Certificate chain loading refactorization - MEDIUM: ssl: Load client certificates in a ckch for backend servers - MEDIUM: ssl: Enable backend certificate hot update - MINOR: ssl: Remove client_crt member of the server's ssl context - CLEANUP: ssl/cli: rework free in cli_io_handler_commit_cert() - CLEANUP: ssl: remove SSL_CTX function parameter - CLEANUP: ssl: make load_srv_{ckchs,cert} match their bind counterpart - BUILD: Include stdlib.h in compiler.h if DEBUG_USE_ABORT is set - CI: Fix DEBUG_STRICT definition for Coverity - BUG/MINOR: stats: Remove a break preventing ST_F_QCUR to be set for servers - BUG/MINOR: stats: Add a break after filling ST_F_MODE field for servers - CLEANUP: ssl: remove dead code in ckch_inst_new_load_srv_store() - BUG/MINOR: ssl: init tmp chunk correctly in ssl_sock_load_sctl_from_file() - BUG/MEDIUM: session: only retrieve ready idle conn from session - BUG/MEDIUM: backend: never reuse a connection for tcp mode - REGTESTS: set_ssl_server_cert.vtc: remove the abort command - REGTESTS: set_ssl_server_cert.vtc: check the Sha1 Fingerprint - REGTESTS: set_ssl_server_cert.vtc: check the sha1 from the server - MEDIUM: stream-int: Take care of EOS if the SI wake callback function - MINOR: mux-h1: Try to wake up data layer first before calling its wake callback - MINOR: mux-h1: Wake up H1C after its creation if input buffer is not empty - MEDIUM: mux-h1: Add ST_READY state for the H1 connections - MINOR: stream: Add a function to validate TCP to H1 upgrades - MEDIUM: http-ana: Do nothing in wait-for-request analyzer if not htx - BUG/MEDIUM: stream: Don't immediatly ack the TCP to H1 upgrades - BUG/MAJOR: mux-h1: Properly handle TCP to H1 upgrades - MINOR: htx/http-ana: Save info about Upgrade option in the Connection header - MEDIUM: http-ana: Refuse invalid 101-switching-protocols responses - BUG/MINOR: h2/mux-h2: Reject 101 responses with a PROTOCOL_ERROR h2s error - MINOR: mux-h1/mux-fcgi: Don't set TUNNEL mode if payload length is unknown - MINOR: mux-h1: Split H1C_F_WAIT_OPPOSITE flag to separate input/output sides - MINOR: mux-h2: Add 2 flags to help to properly handle tunnel mode - MEDIUM: mux-h2: Block client data on server side waiting tunnel establishment - MEDIUM: mux-h2: Close streams when processing data for an aborted tunnel - MEDIUM: mux-h1: Properly handle tunnel establishments and aborts - BUG/MAJOR: mux-h1/mux-h2/htx: Fix HTTP tunnel management at the mux level - MINOR: htx: Rename HTX_FL_EOI flag into HTX_FL_EOM - REGTESTS: Don't run http_msg_full_on_eom script on the 2.4 anymore - MINOR: htx: Add a function to know if a block is the only one in a message - MAJOR: htx: Remove the EOM block type and use HTX_FL_EOM instead - MINOR: mux-h1: Add a flag on H1 streams with a response known to be bodyless - MEDIUM: mux-h1: Don't emit any payload for bodyless responses - MINOR: mux-h1: Don't emit C-L and T-E headers for 204 and 1xx responses - MINOR: mux-h1: Don't add Connection close/keep-alive header for 1xx messages - MINOR: h2/mux-h2: Add flags to notify the response is known to have no body - MEDIUM: mux-h2: Don't emit DATA frame for bodyless responses - MEDIUM: http-ana: Deal with L7 retries in HTTP analysers - MINOR: h1: reject websocket handshake if missing key - MEDIUM: h1: generate WebSocket key on response if needed - MINOR: mux_h2: define H2_SF_EXT_CONNECT_SENT stream flag - MEDIUM: h2: parse Extended CONNECT reponse to htx - MEDIUM: mux_h2: generate Extended CONNECT from htx upgrade - MEDIUM: h1: add a WebSocket key on handshake if needed - MEDIUM: mux_h2: generate Extended CONNECT response - MEDIUM: h2: parse Extended CONNECT request to htx - MEDIUM: h2: send connect protocol h2 settings - MINOR: vtc: add test for h1/h2 protocol upgrade translation - MINOR: vtc: add websocket test - REGTESTS: Fix required versions for several scripts - REGTEST: Don't use the websocket to validate http-check - MINOR: mux-h1/trace: add traces at level ERROR for all kind of errors - MINOR: mux-fcgi/trace: add traces at level ERROR for all kind of errors - MINOR: h1: Raise the chunk size limit up to (2^52 - 1) - BUG/MEDIUM: listener: do not accept connections faster than we can process them - REGTESTS: set_ssl_server_cert.vtc: set as broken - Revert "BUG/MEDIUM: listener: do not accept connections faster than we can process them" - BUG/MINOR: backend: check available list allocation for reuse - CI: Fix the coverity builds - DOC: management: fix "show resolvers" alphabetical ordering - MINOR: tools: add print_time_short() to print a condensed duration value - MINOR: activity: make profiling more manageable - MINOR: activity: declare a new structure to collect per-function activity - MEDIUM: tasks/activity: collect per-task statistics when profiling is enabled - MINOR: activity: also report collected tasks stats in "show profiling" - MINOR: activity: flush scheduler stats on "set profiling tasks on" - MINOR: activity: add a new "show tasks" command to list currently active tasks - MINOR: listener: export accept_queue_process - MINOR: session: export session_expire_embryonic() - MINOR: muxes: export the timeout and shutr task handlers - MINOR: checks: export a few functions that appear often in trace dumps - MINOR: peers: export process_peer_sync() to improve traces - MINOR: stick-tables: export process_table_expire() - MINOR: mux-h1: Remove first useless test on count in h1_process_output() - BUG/MINOR: stick-table: Always call smp_fetch_src() with a valid arg list - MINOR: http-fetch: Don't check if argument list is set in sample fetches - MINOR: http-conv: Don't check if argument list is set in sample converters - MINOR: sample: Don't check if argument list is set in sample fetches - MINOR: ssl-sample: Don't check if argument list is set in sample fetches - MINOR: mux-h2: Don't tests the start-line when sending HEADERS frame - MINOR: mux-h2: Slightly improve request HEADERS frames sending - MINOR: contrib/prometheus-exporter: declare states for objects - MAJOR: contrib/prometheus-exporter: move ftd/bkd/srv states to labels - MEDIUM: contrib/prometheus-exporter: Use dynamic labels instead of static ones - MINOR: listener: export manage_global_listener_queue() - BUG/MINOR: activity: take care of late wakeups in "show tasks" - REGTESTS: set_ssl_server_cert.vtc: remove SSL caching and set as working - REGTESTS: set_ssl_server_cert: cleanup the SSL caching option - MINOR: checks: Add function to get the result code corresponding to a status - MAJOR: contrib/prometheus-exporter: move health check status to labels - MINOR: contrib/prometheus-exporter: improve service status description field - MINOR: stats: improve pending connections description - MINOR: stats: improve max stats descriptions - MINOR: contrib/prometheus-exporter: use stats desc when possible - MINOR: contrib/prometheus-exporter: add uweight field - MINOR: contrib/prometheus-exporter: add recv logs_logs_total field - CLEANUP: contrib/prometheus-exporter: remove unused includes - CLEANUP: contrib/prometheus-exporter: align and reorder fields - CLEANUP: contrib/prometheus-exporter: remove description in README - DOC: contrib/prometheus-exporter: Add missing metrics in README - BUG/MINOR: contrib/prometheus-exporter: Add missing label for ST_F_HRSP_1XX - BUG/MINOR: contrib/prometheus-exporter: Restart labels dump at the right pos - BUG/MEDIUM: ssl/cli: abort ssl cert is freeing the old store - BUG/MEDIUM: ssl: check a connection's status before computing a handshake - BUG/MINOR: mux_h2: fix incorrect stat titles - MINOR: ssl/cli: flush the server session cache upon 'commit ssl cert' - BUG/MINOR: cli: fix set server addr/port coherency with health checks - MINOR: server: Don't set the check port during the update from a state file - MINOR: dns: Don't set the check port during a server dns resolution - MEDIUM: check: remove checkport checkaddr flag - MEDIUM: server: adding support for check_port in server state - BUG/MINOR: check: consitent way to set agentaddr - MEDIUM: check: align agentaddr and agentport behaviour - DOC: server: Add missing params in comment of the server state line parsing - BUG/MINOR: xxhash: make sure armv6 uses memcpy() - REGTESTS: mark http-check-send.vtc as 2.4-only - REGTESTS: mark sample_fetches/hashes.vtc as 2.4-only - BUG/MINOR: ssl: do not try to use early data if not configured - REGTESTS: unbreak http-check-send.vtc - MINOR: cli/show_fd: report local and report ports when known - BUILD: Makefile: move REGTESTST_TYPE default setting - BUG/MEDIUM: mux-h2: handle remaining read0 cases - CLEANUP: http-htx: Set buffer area to NULL instead of malloc(0) - BUG/MINOR: sock: Unclosed fd in case of connection allocation failure - BUG/MEDIUM: mux-h2: do not quit the demux loop before setting END_REACHED |
||
Willy Tarreau
|
24c41d55bd |
[RELEASE] Released version 2.4-dev6
Released version 2.4-dev6 with the following main changes : - MINOR: converter: adding support for url_enc - BUILD: SSL: guard TLS13 ciphersuites with HAVE_SSL_CTX_SET_CIPHERSUITES - BUILD: ssl: guard EVP_PKEY_get_default_digest_nid with ASN1_PKEY_CTRL_DEFAULT_MD_NID - BUILD: ssl: guard openssl specific with SSL_READ_EARLY_DATA_SUCCESS - BUILD: Makefile: exclude broken tests by default - CLEANUP: cfgparse: replace "realloc" with "my_realloc2" to fix to memory leak on error - BUG/MINOR: hlua: Fix memory leak in hlua_alloc - MINOR: contrib/prometheus-exporter: export build_info - DOC: fix some spelling issues over multiple files - CLEANUP: Fix spelling errors in comments - SCRIPTS: announce-release: fix typo in help message - CI: github: add a few more words to the codespell ignore list - DOC: Add maintainers for the Prometheus exporter - BUG/MINOR: sample: fix concat() converter's corruption with non-string variables - BUG/MINOR: server: Memory leak of proxy.used_server_addr during deinit - CLEANUP: sample: remove uneeded check in json validation - MINOR: reg-tests: add a way to add service dependency - BUG/MINOR: sample: check alloc_trash_chunk return value in concat() - BUG/MINOR: reg-tests: fix service dependency script - MINOR: reg-tests: add base prometheus test - Revert "BUG/MINOR: dns: SRV records ignores duplicated AR records" - BUG/MINOR: sample: Memory leak of sample_expr structure in case of error - BUG/MINOR: check: Don't perform any check on servers defined in a frontend - BUG/MINOR: init: enforce strict-limits when using master-worker - MINOR: contrib/prometheus-exporter: avoid connection close header - MINOR: contrib/prometheus-exporter: use fill_info for process dump - BUG/MINOR: init: Use a dynamic buffer to set HAPROXY_CFGFILES env variable - MINOR: config: Add failifnotcap() to emit an alert on proxy capabilities - MINOR: server: Forbid server definitions in frontend sections - BUG/MINOR: threads: Fixes the number of possible cpus report for Mac. - CLEANUP: pattern: rename pat_ref_commit() to pat_ref_commit_elt() - MINOR: pattern: add the missing generation ID manipulation functions - MINOR: peers: Add traces for peer control messages. - BUG/MINOR: dns: SRV records ignores duplicated AR records (v2) - BUILD: peers: fix build warning about unused variable - BUG/MEDIUM: stats: add missing INF_BUILD_INFO definition - MINOR: cache: Do not store responses with an unknown encoding - BUG/MINOR: peers: Possible appctx pointer dereference. - MINOR: build: discard echoing in help target - MINOR: cache: Remove the `hash` part of the accept-encoding secondary key - CLEANUP: cache: Use proper data types in secondary_key_cmp() - CLEANUP: Rename accept_encoding_hash_cmp to accept_encoding_bitmap_cmp - BUG/MINOR: peers: Wrong "new_conn" value for "show peers" CLI command. - MINOR: contrib: Make the wireshark peers dissector compile for more distribs. - BUG/MINOR: mux_h2: missing space between "st" and ".flg" in the "show fd" helper - CLEANUP: tools: make resolve_sym_name() take a const pointer - CLEANUP: cli: make "show fd" use a const connection to access other fields - MINOR: cli: make "show fd" also report the xprt and xprt_ctx - MINOR: xprt: add a new show_fd() helper to complete some "show fd" dumps. - MINOR: ssl: provide a "show fd" helper to report important SSL information - MINOR: xprt/mux: export all *_io_cb functions so that "show fd" resolves them - MINOR: mux-h2: make the "show fd" helper also decode the h2s subscriber when known - MINOR: mux-h1: make the "show fd" helper also decode the h1s subscriber when known - MINOR: mux-fcgi: make the "show fd" helper also decode the fstrm subscriber when known - CI: Pin VTest to a known good commit - MINOR: cli: give the show_fd helpers the ability to report a suspicious entry - MINOR: cli/show_fd: report some easily detectable suspicious states - MINOR: ssl/show_fd: report some FDs as suspicious when possible - MINOR: mux-h2/show_fd: report as suspicious an entry with too many calls - MINOR: mux-h1/show_fd: report as suspicious an entry with too many calls - BUG/MINOR: mworker: define _GNU_SOURCE for strsignal() - BUG/MEDIUM: tcpcheck: Don't destroy connection in the wake callback context - BUG/MEDIUM: mux-h2: Xfer rxbuf to the upper layer when creating a front stream - MINOR: http: Add HTTP 501-not-implemented error message - MINOR: muxes: Add exit status for errors about not implemented features - MINOR: mux-h1: Be prepared to return 501-not-implemented error during parsing - MEDIUM: mux-h1: Return a 501-not-implemented for upgrade requests with a body - DOC: Remove space after comma in converter signature - DOC: Rename '<var name>' to '<var>' in converter signature - MINOR: stats: duplicate 3 fields in bytes in info - MINOR: stats: add new start time field - MINOR: contrib/prometheus-exporter: merge info description from stats - MEDIUM: stats: allow to select one field in `stats_fill_fe_stats` - MINOR: contrib/prometheus-exporter: use fill_fe_stats for frontend dump - MINOR: contrib/prometheus-exporter: Don't needlessly set empty label for metrics - MINOR: contrib/prometheus-exporter: Split the PROMEX_FL_STATS_METRIC flag - MINOR: contrib/prometheus-exporter: Add promex_metric struct defining a metric - MEDIUM: contrib/prometheus-exporter: Rework matrices defining Promex metrics - BUG/MINOR: stream: Don't update counters when TCP to H2 upgrades are performed - BUG/MEDIUM: mux-h2: fix read0 handling on partial frames - MINOR: debug: always export the my_backtrace function - MINOR: debug: extract the backtrace dumping code to its own function - MINOR: debug: create ha_backtrace_to_stderr() to dump an instant backtrace - MEDIUM: debug: now always print a backtrace on CRASH_NOW() and friends - MINOR: debug: let ha_dump_backtrace() dump a bit further for some callers - BUILD: debug: fix build warning by consuming the write() result - MINOR: lua: remove unused variable - BUILD/MINOR: lua: define _GNU_SOURCE for LLONG_MAX |
||
Willy Tarreau
|
421ed3952d |
[RELEASE] Released version 2.4-dev5
Released version 2.4-dev5 with the following main changes : - BUG/MEDIUM: mux_h2: Add missing braces in h2_snd_buf()around trace+wakeup - BUILD: hpack: hpack-tbl-t.h uses VAR_ARRAY but does not include compiler.h - MINOR: time: increase the minimum wakeup interval to 60s - MINOR: check: do not ignore a connection header for http-check send - REGTESTS: complete http-check test - CI: travis-ci: drop coverity scan builds - MINOR: atomic: don't use ; to separate instruction on aarch64. - IMPORT: xxhash: update to v0.8.0 that introduces stable XXH3 variant - MEDIUM: xxhash: use the XXH3 functions to generate 64-bit hashes - MEDIUM: xxhash: use the XXH_INLINE_ALL macro to inline all functions - CLEANUP: xxhash: remove the unused src/xxhash.c - MINOR: sample: add the xxh3 converter - REGTESTS: add tests for the xxh3 converter - MINOR: protocol: Create proto_quic QUIC protocol layer. - MINOR: connection: Attach a "quic_conn" struct to "connection" struct. - MINOR: quic: Redefine control layer callbacks which are QUIC specific. - MINOR: ssl_sock: Initialize BIO and SSL objects outside of ssl_sock_init() - MINOR: connection: Add a new xprt to connection. - MINOR: ssl: Export definitions required by QUIC. - MINOR: cfgparse: Do not modify the QUIC xprt when parsing "ssl". - MINOR: tools: Add support for QUIC addresses parsing. - MINOR: quic: Add definitions for QUIC protocol. - MINOR: quic: Import C source code files for QUIC protocol. - MINOR: listener: Add QUIC info to listeners and receivers. - MINOR: server: Add QUIC definitions to servers. - MINOR: ssl: SSL CTX initialization modifications for QUIC. - MINOR: ssl: QUIC transport parameters parsing. - MINOR: quic: QUIC socket management finalization. - MINOR: cfgparse: QUIC default server transport parameters init. - MINOR: quic: Enable the compilation of QUIC modules. - MAJOR: quic: Make usage of ebtrees to store QUIC ACK ranges. - MINOR: quic: Attempt to make trace more readable - MINOR: quic: Make usage of the congestion control window. - MINOR: quic: Flag RX packet as ack-eliciting from the generic parser. - MINOR: quic: Code reordering to help in reviewing/modifying. - MINOR: quic: Add traces to congestion avoidance NewReno callback. - MINOR: quic: Display the SSL alert in ->ssl_send_alert() callback. - MINOR: quic: Update the initial salt to that of draft-29. - MINOR: quic: Add traces for in flght ack-eliciting packet counter. - MINOR: quic: make a packet build fails when qc_build_frm() fails. - MINOR: quic: Add traces for quic_packet_encrypt(). - MINOR: cache: Refactoring of secondary_key building functions - MINOR: cache: Avoid storing responses whose secondary key was not correctly calculated - BUG/MINOR: cache: Manage multiple headers in accept-encoding normalization - MINOR: cache: Add specific secondary key comparison mechanism - MINOR: http: Add helper functions to trim spaces and tabs - MEDIUM: cache: Manage a subset of encodings in accept-encoding normalizer - REGTESTS: cache: Simplify vary.vtc file - REGTESTS: cache: Add a specific test for the accept-encoding normalizer - MINOR: cache: Remove redundant test in http_action_req_cache_use - MINOR: cache: Replace the "process-vary" option's expected values - CI: GitHub Actions: enable daily Coverity scan - BUG/MEDIUM: cache: Fix hash collision in `accept-encoding` handling for `Vary` - MEDIUM: stick-tables: Add srvkey option to stick-table - REGTESTS: add test for stickiness using "srvkey addr" - BUILD: Makefile: disable -Warray-bounds until it's fixed in gcc 11 - BUG/MINOR: sink: Return an allocation failure in __sink_new if strdup() fails - BUG/MINOR: lua: Fix memory leak error cases in hlua_config_prepend_path - MINOR: lua: Use consistent error message 'memory allocation failed' - CLEANUP: Compare the return value of `XXXcmp()` functions with zero - CLEANUP: Apply the coccinelle patch for `XXXcmp()` on include/ - CLEANUP: Apply the coccinelle patch for `XXXcmp()` on contrib/ - MINOR: qpack: Add static header table definitions for QPACK. - CLEANUP: qpack: Wrong comment about the draft for QPACK static header table. - CLEANUP: quic: Remove useless QUIC event trace definitions. - BUG/MINOR: quic: Possible CRYPTO frame building errors. - MINOR: quic: Pass quic_conn struct to frame parsers. - BUG/MINOR: quic: Wrong STREAM frames parsing. - MINOR: quic: Drop packets with STREAM frames with wrong direction. - CLEANUP: ssl: Remove useless loop in tlskeys_list_get_next() - CLEANUP: ssl: Remove useless local variable in tlskeys_list_get_next() - MINOR: ssl: make tlskeys_list_get_next() take a list element - Revert "BUILD: Makefile: disable -Warray-bounds until it's fixed in gcc 11" - BUG/MINOR: cfgparse: Fail if the strdup() for `rule->be.name` for `use_backend` fails - CLEANUP: mworker: remove duplicate pointer tests in cfg_parse_program() - CLEANUP: Reduce scope of `header_name` in http_action_store_cache() - CLEANUP: Reduce scope of `hdr_age` in http_action_store_cache() - CLEANUP: spoe: fix typo on `var_check_arg` comment - BUG/MINOR: tcpcheck: Report a L7OK if the last evaluated rule is a send rule - CI: github actions: build several popular "contrib" tools - DOC: Improve the message printed when running `make` w/o `TARGET` - BUG/MEDIUM: server: srv_set_addr_desc() crashes when a server has no address - REGTESTS: add unresolvable servers to srvkey-addr - BUG/MINOR: stats: Make stat_l variable used to dump a stat line thread local - BUG/MINOR: quic: NULL pointer dereferences when building post handshake frames. - SCRIPTS: improve announce-release to support different tag and versions - SCRIPTS: make announce release support preparing announces before tag exists - CLEANUP: assorted typo fixes in the code and comments - BUG/MINOR: srv: do not init address if backend is disabled - BUG/MINOR: srv: do not cleanup idle conns if pool max is null - CLEANUP: assorted typo fixes in the code and comments - CLEANUP: few extra typo and fixes over last one ("ot" -> "to") |
||
Willy Tarreau
|
4d711760de |
[RELEASE] Released version 2.4-dev4
Released version 2.4-dev4 with the following main changes : - BUG/MEDIUM: lb-leastconn: Reposition a server using the right eweight - BUG/MEDIUM: mux-h1: Fix a deadlock when a 408 error is pending for a client - BUG/MEDIUM: ssl/crt-list: bad behavior with "commit ssl cert" - BUG/MAJOR: cache: Crash because of disabled entry not removed from the tree - BUILD: SSL: fine guard for SSL_CTX_add_server_custom_ext call - MEDIUM: cache: Add a secondary entry counter and insertion limitation - MEDIUM: cache: Avoid going over duplicates lists too often - MINOR: cache: Add a max-secondary-entries cache option - CI: cirrus: drop CentOS 6 builds - BUILD: Makefile: have "make clean" destroy .o/.a/.s in contrib subdirs as well - MINOR: vars: replace static functions with global ones - MINOR: opentracing: add ARGC_OT enum - CONTRIB: opentracing: add the OpenTracing filter - DOC: opentracing: add the OpenTracing filter section - REGTESTS: make use of HAPROXY_ARGS and pass -dM by default - BUG/MINOR: http: Establish a tunnel for all 2xx responses to a CONNECT - BUG/MINOR: mux-h1: Don't set CS_FL_EOI too early for protocol upgrade requests - BUG/MEDIUM: http-ana: Never for sending data in TUNNEL mode - CLEANUP: mux-h2: Rename h2s_frt_make_resp_data() to be generic - CLEANUP: mux-h2: Rename h2c_frt_handle_data() to be generic - BUG/MEDIUM: mux-h1: Handle h1_process() failures on a pipelined request - CLEANUP: debug: mark the RNG's seed as unsigned - CONTRIB: halog: fix build issue caused by %L printf format - CONTRIB: halog: mark the has_zero* functions unused - CONTRIB: halog: fix signed/unsigned build warnings on counts and timestamps - CONTRIB: debug: address "poll" utility build on non-linux platforms - BUILD: plock: remove dead code that causes a warning in gcc 11 - BUILD: ssl: fine guard for SSL_CTX_get0_privatekey call - BUG/MINOR: dns: SRV records ignores duplicated AR records - DOC: fix "smp_size" vs "sample_size" in "log" directive arguments - CLEANUP: assorted typo fixes in the code and comments - DOC: assorted typo fixes in the documentation - CI: codespell: whitelist "te" and "nd" words |
||
Willy Tarreau
|
a786c41f1f |
[RELEASE] Released version 2.4-dev3
Released version 2.4-dev3 with the following main changes : - MINOR: log: Logging HTTP path only with %HPO - BUG/MINOR: mux-h2/stats: make stream/connection proto errors more accurate - MINOR: traces: add a new level "error" below the "user" level - MINOR: mux-h2/trace: add traces at level ERROR for protocol errors - BUG/MINOR: mux-h2/stats: not all GOAWAY frames are errors - BUG/MINOR: lua: missing "\n" in error message - BUG/MINOR: lua: lua-load doesn't check its parameters - BUG/MINOR: lua: Post init register function are not executed beyond the first one - BUG/MINOR: lua: Some lua init operation are processed unsafe - MINOR: actions: Export actions lookup functions - MINOR: actions: add a function returning a service pointer from its name - MINOR: cli: add a function to look up a CLI service description - BUG/MINOR: lua: warn when registering action, conv, sf, cli or applet multiple times - MINOR: cache: Improve accept_encoding_normalizer - MINOR: cache: Add entry to the tree as soon as possible - BUG/MINOR: trace: Wrong displayed trace level - BUG/MAJOR: ring: tcp forward on ring can break the reader counter. - MINOR: lua: simplify hlua_alloc() to only rely on realloc() - MEDIUM: lua-thread: use atomics for memory accounting - MINOR: lua-thread: remove struct hlua from function hlua_prepend_path() - MEDIUM: lua-thread: make hlua_post_init() no longer use the runtime execution function - MINOR: lua-thread: hlua_ctx_renew() is never called with main gL lua state - MINOR: lua-thread: Use NULL context for main lua state - MINOR: lua-thread: Stop usage of struct hlua for the global lua state - MINOR: lua-thread: Replace embedded struct hlua_function by a pointer - MINOR: lua-thread: Split hlua_init() function in two parts - MINOR: lua-thread: make hlua_ctx_init() get L from its caller - MINOR: lua-thread: Split hlua_load function in two parts - MINOR: lua-thread: Split hlua_post_init() function in two parts - MINOR: lua-thread: Add the "thread" core variable - MEDIUM: lua-thread: No longer use locked context in initialization parts - MEDIUM: lua-thread: Apply lock only if the parent state is the main thread - MINOR: lua-thread: Replace global gL var with an array of states - MINOR: lua-thread: Replace "struct hlua_function" allocation by dedicated function - MINOR: lua-thread: Replace state_from by state_id - MINOR: lua-thread: Store each function reference and init reference in array - MEDIUM: lua-thread: Add the lua-load-per-thread directive - MINOR: lua-thread: Add verbosity in errors - REGTESTS: add a test for the threaded Lua code - BUILD/MINOR: haproxy DragonFlyBSD affinity build update. - DOC/MINOR: Fix formatting in Management Guide - MINOR: cache: Do not store stale entry - MINOR: cache: Add extra "cache-control" value checks - MEDIUM: cache: Remove cache entry in case of POST on the same resource - MINOR: cache: Consider invalid Age values as stale - BUG/MEDIUM: lua-thread: some parts must be initialized once - BUG/MINOR: lua-thread: close all states on deinit - BUG/MINOR: listener: use sockaddr_in6 for IPv6 - BUG/MINOR: mux-h1: Handle keep-alive timeout for idle frontend connections - MINOR: session: Add the idle duration field into the session - MINOR: mux-h1: Update session idle duration when data are received - MINOR: mux-h1: Reset session dates and durations info when the CS is detached - MINOR: logs: Use session idle duration when no stream is provided - MINOR: stream: Always get idle duration from the session - MINOR: stream: Don't retrieve anymore timing info from the mux csinfo - MINOR: mux-h1: Don't provide anymore timing info using cs_info structure - MINOR: muxes: Remove get_cs_info callback function now useless - MINOR: stream: Pass an optional input buffer when a stream is created - MINOR: mux-h1: Add a flag to disable reads to wait opposite side - MEDIUM: mux-h1: Use a h1c flag to block reads when splicing is in-progress - MINOR: mux-h1: Introduce H1C_F_IS_BACK flag on the H1 connection - MINOR: mux-h1: Separate parsing and formatting errors at H1 stream level - MINOR: mux-h1: Split front/back h1 stream creation in 2 functions - MINOR: mux-h1: Add a rxbuf into the H1 stream - MINOR: mux-h1: Don't set CS flags in internal parsing functions - MINOR: mux-h1: Add embryonic and attached states on the H1 connection - MINOR: mux-h1: rework the h1_timeout_task() function - MINOR: mux-h1: Reset more H1C flags when a H1 stream is destroyed - MINOR: mux-h1: Disable reads if an error was reported on the H1 stream - MINOR: mux-h1: Rework how shutdowns are handled - MINOR: mux-h1: Rework h1_refresh_timeout to be easier to read - MINOR: mux-h1: Process next request for IDLE connection only - MINOR: mux-h1: Add a idle expiration date on the H1 connection - MINOR: stick-tables: Add functions to update some values of a tracked counter - MINOR: session: Add functions to increase http values of tracked counters - MINOR: mux: Add a ctl parameter to get the exit status of the multiplexers - MINOR: logs: Get the multiplexer exist status when no stream is provided - MINOR: mux-h1: Add functions to send HTTP errors from the mux - MAJOR: mux-h1: Create the client stream as later as possible - DOC: config: Add notes about errors emitted by H1 mux - CLEANUP: mux-h1: Rename H1C_F_CS_* flags and reorder H1C flags - MINOR: http-ana: Remove useless update of t_idle duration of the stream - CLEANUP: htx: Remove HTX_FL_UPGRADE unsued flag - MEDIUM: http-ana: Don't process partial or empty request anymore - CLEANUP: http-ana: Remove TX_WAIT_NEXT_RQ unsued flag - CLEANUP: connection: Remove CS_FL_READ_PARTIAL flag - REGTESTS: Fix proxy_protocol_tlv_validation - MINOR: http-ana: Properly set message flags from the start-line flags - MINOR: h1-htx/http-ana: Set BODYLESS flag on message in TUNNEL state - MINOR: protocol: add a ->set_port() helper to address families - MINOR: listener: automatically set the port when creating listeners - MINOR: listener: now use a generic add_listener() function - MEDIUM: ssl: fatal error with bundle + openssl < 1.1.1 - BUG/MEDIUM: stream: Xfer the input buffer to a fully created stream - BUG/MINOR: stream: Don't use input buffer after the ownership xfer - MINOR: protocol: remove the redundant ->sock_domain field - MINOR: protocol: export protocol definitions - CLEANUP: protocol: group protocol struct members by usage - MINOR: protocol: add a set of ctrl_init/ctrl_close methods for setup/teardown - MINOR: connection: use the control layer's init/close - MINOR: udp: export udp_suspend_receiver() and udp_resume_receiver() - BUG/MAJOR: spoa/python: Fixing return None - DOC: spoa/python: Fixing typo in IP related error messages - DOC: spoa/python: Rephrasing memory related error messages - DOC: spoa/python: Fixing typos in comments - BUG/MINOR: spoa/python: Cleanup references for failed Module Addobject operations - BUG/MINOR: spoa/python: Cleanup ipaddress objects if initialization fails - BUG/MEDIUM: spoa/python: Fixing PyObject_Call positional arguments - BUG/MEDIUM: spoa/python: Fixing references to None - DOC: email change of the DeviceAtlas maintainer - MINOR: cache: Dump secondary entries in "show cache" - CLEANUP: connection: use fd_stop_both() instead of conn_stop_polling() - MINOR: stream-int: don't touch polling anymore on shutdown - MINOR: connection: implement cs_drain_and_close() - MINOR: mux-pt: take care of CS_SHR_DRAIN in shutr() - MINOR: checks: use cs_drain_and_close() instead of draining the connection - MINOR: checks: don't call conn_cond_update_polling() anymore - CLEANUP: connection: open-code conn_cond_update_polling() and update the comment - CLEANUP: connection: remove the unused conn_{stop,cond_update}_polling() - BUG/MINOR: http-check: Use right condition to consider HTX message as full - BUG/MINOR: tcpcheck: Don't rearm the check timeout on each read - MINOR: tcpcheck: Only wait for more payload data on HTTP expect rules - BUG/MINOR: tools: make parse_time_err() more strict on the timer validity - BUG/MINOR: tools: Reject size format not starting by a digit - MINOR: action: define enum for timeout type of the set-timeout rule - MINOR: stream: prepare the hot refresh of timeouts - MEDIUM: stream: support a dynamic server timeout - MEDIUM: stream: support a dynamic tunnel timeout - MEDIUM: http_act: define set-timeout server/tunnel action - MINOR: frontend: add client timeout sample fetch - MINOR: backend: add timeout sample fetches - MINOR: stream: add sample fetches - MINOR: stream: add timeout sample fetches - REGTESTS: add regtest for http-request set-timeout - CLEANUP: remove the unused fd_stop_send() in conn_xprt_shutw{,_hard}() - CLEANUP: connection: remove the unneeded fd_stop_{recv,send} on read0/shutw - MINOR: connection: remove sock-specific code from conn_sock_send() - REORG: connection: move the socket iocb (conn_fd_handler) to sock.c - MINOR: protocol: add a ->drain() function at the connection control layer - MINOR: connection: make conn_sock_drain() use the control layer's ->drain() - MINOR: protocol: add a pair of check_events/ignore_events functions at the ctrl layer - MEDIUM: connection: make use of the control layer check_events/ignore_events |
||
Willy Tarreau
|
c94431b308 |
[RELEASE] Released version 2.4-dev2
Released version 2.4-dev2 with the following main changes : - BUILD: Make DEBUG part of .build_opts - BUILD: Show the value of DEBUG= in haproxy -vv - CI: Set DEBUG=-DDEBUG_STRICT=1 in GitHub Actions - MINOR: stream: Add level 7 retries on http error 401, 403 - CLEANUP: remove unused function "ssl_sock_is_ckch_valid" - BUILD: SSL: add BoringSSL guarding to "RAND_keep_random_devices_open" - BUILD: SSL: do not "update" BoringSSL version equivalent anymore - BUG/MEDIUM: http_act: Restore init of log-format list - DOC: better describes how to configure a fallback crt - BUG/MAJOR: filters: Always keep all offsets up to date during data filtering - MINOR: cache: Prepare helper functions for Vary support - MEDIUM: cache: Add the Vary header support - MINOR: cache: Add a process-vary option that can enable/disable Vary processing - BUG/CRITICAL: cache: Fix trivial crash by sending accept-encoding header - BUG/MAJOR: peers: fix partial message decoding - DOC: cache: Add new caching limitation information - DOC: cache: Add information about Vary support - DOC: better document the config file format and escaping/quoting rules - DOC: Clarify %HP description in log-format - CI: github actions: update LibreSSL to 3.3.0 - CI: github actions: enable 51degrees feature - MINOR: fd/threads: silence a build warning with threads disabled - BUG/MINOR: tcpcheck: Don't forget to reset tcp-check flags on new kind of check - MINOR: tcpcheck: Don't handle anymore in-progress send rules in tcpcheck_main - BUG/MAJOR: tcpcheck: Allocate input and output buffers from the buffer pool - MINOR: tcpcheck: Don't handle anymore in-progress connect rules in tcpcheck_main - MINOR: config: Deprecate and ignore tune.chksize global option - MINOR: config: Add a warning if tune.chksize is used - REORG: tcpcheck: Move check option parsing functions based on tcp-check - MINOR: check: Always increment check health counter on CONPASS - MINOR: tcpcheck: Add support of L7OKC on expect rules error-status argument - DOC: config: Make disable-on-404 option clearer on transition conditions - DOC: config: Move req.hdrs and req.hdrs_bin in L7 samples fetches section - BUG/MINOR: http-fetch: Fix smp_fetch_body() when called from a health-check - MINOR: plock: use an ARMv8 instruction barrier for the pause instruction - MINOR: debug: add "debug dev sched" to stress the scheduler. - MINOR: debug: add a trivial PRNG for scheduler stress-tests - BUG/MEDIUM: lists: Lock the element while we check if it is in a list. - MINOR: task: remove tasklet_insert_into_tasklet_list() - MINOR: task: perform atomic counter increments only once per wakeup - MINOR: task: remove __tasklet_remove_from_tasklet_list() - BUG/MEDIUM: task: close a possible data race condition on a tasklet's list link - BUG/MEDIUM: local log format regression. |
||
Willy Tarreau
|
1a38ffcb0f |
[RELEASE] Released version 2.4-dev1
Released version 2.4-dev1 with the following main changes : - MINOR: ist: Add istend() function to return a pointer to the end of the string - MINOR: sample: Add converters to parse FIX messages - REGTEST: converter: Add a regtest for fix converters - MINOR: sample: Add converts to parses MQTT messages - REGTEST: converter: Add a regtest for MQTT converters - MINOR: compat: automatically include malloc.h on glibc - MEDIUM: pools: call malloc_trim() from pool_gc() - MEDIUM: pattern: call malloc_trim() on pat_ref_reload() - MINOR: pattern: move the update revision to the pat_ref, not the expression - CLEANUP: pattern: delete the back refs at once during pat_ref_reload() - MINOR: pattern: new sflag PAT_SF_REGFREE indicates regex_free() is needed - MINOR: pattern: make the delete and prune functions more generic - MEDIUM: pattern: link all final elements from the reference - MEDIUM: pattern: change the pat_del_* functions to delete from the references - MINOR: pattern: remerge the list and tree deletion functions - MINOR: pattern: perform a single call to pat_delete_gen() under the expression - CLEANUP: acl: don't reference the generic pattern deletion function anymore - CLEANUP: pattern: remove pat_delete_fcts[] and pattern_head->delete() - MINOR: pattern: introduce pat_ref_delete_by_ptr() to delete a valid reference - MINOR: pattern: store a generation number in the reference patterns - MEDIUM: pattern: only match patterns that match the current generation - MINOR: pattern: add pat_ref_commit() to commit a previously inserted element - MINOR: pattern: implement pat_ref_load() to load a pattern at a given generation - MINOR: pattern: add pat_ref_purge_older() to purge old entries - MEDIUM: pattern: make pat_ref_prune() rely on pat_ref_purge_older() - MINOR: pattern: during reload, delete elements frem the ref, not the expression - MINOR: pattern: prepare removal of a pattern from the list head - MEDIUM: pattern: turn the pattern chaining to single-linked list - CLEANUP: cfgparse: remove duplicate registration for transparent build options - BUG/MINOR: ssl: don't report 1024 bits DH param load error when it's higher - MINOR: http-htx: Add understandable errors for the errorfiles parsing - MINOR: ssl: instantiate stats module - MINOR: ssl: count client hello for stats - MINOR: ssl: add counters for ssl sessions - DOC: config: Fix a typo on ssl_c_chain_der - MINOR: server: remove idle lock in srv_cleanup_connections - BUILD: ssl: silence build warning on uninitialised counters - BUILD: http-htx: fix build warning regarding long type in printf - REGTEST: ssl: test wildcard and multi-type + exclusions - BUG/MEDIUM: ssl/crt-list: correctly insert crt-list line if crt already loaded - CI: Expand use of GitHub Actions for CI - REGTEST: ssl: mark reg-tests/ssl/ssl_crt-list_filters.vtc as broken - BUG/MINOR: pattern: a sample marked as const could be written - BUG/MINOR: lua: set buffer size during map lookups - MEDIUM: cache: Change caching conditions - BUG/MINOR: stats: free dynamically stats fields/lines on shutdown - BUG/MEDIUM: stats: prevent crash if counters not alloc with dummy one - MINOR: peers: Add traces to peer_treat_updatemsg(). - BUG/MINOR: peers: Do not ignore a protocol error for dictionary entries. - BUG/MINOR: peers: Missing TX cache entries reset. - BUG/MEDIUM: peers: fix decoding of multi-byte length in stick-table messages - BUG/MINOR: http-fetch: Extract cookie value even when no cookie name - BUG/MINOR: http-fetch: Fix calls w/o parentheses of the cookie sample fetches - BUG/MEDIUM: check: reuse srv proto only if using same mode - MINOR: check: report error on incompatible proto - MINOR: check: report error on incompatible connect proto - BUG/MINOR: http-htx: Handle warnings when parsing http-error and http-errors - BUG/MAJOR: spoe: Be sure to remove all references on a released spoe applet - MINOR: spoe: Don't close connection in sync mode on processing timeout - BUG/MINOR: tcpcheck: Don't warn on unused rules if check option is after - MINOR: init: Fix the prototype for per-thread free callbacks - MINOR: config/mux-h2: Return ERR_ flags from init_h2() instead of a status - CLEANUP: config: Return ERR_NONE from config callbacks instead of 0 - MINOR: cfgparse: tighten the scope of newnameserver variable, free it on error. - REGTEST: make ssl_client_samples and ssl_server_samples require to 2.2 - REGTESTS: Add sample_fetches/cook.vtc - BUG/MEDIUM: filters: Forward all filtered data at the end of http filtering - BUG/MINOR: http-ana: Don't wait for the body of CONNECT requests - CLEANUP: flt-trace: Remove unused random-parsing option - MINOR: flt-trace: Add an option to inhibits trace messages - MINOR: flt-trace: Use a bitfield for the trace options - REGTESTS: Add a script to test the random forwarding with several filters - REGTESTS: mark the abns test as broken again - REGTESTS: converter: add url_dec test - CI: Stop hijacking the hosts file - CI: Make the h2spec workflow more consistent with the VTest workflow - CI: travis-ci: remove amd64, osx builds - CI: travis-ci: arm64 are not allowed to fail anymore - DOC: add missing 3.10 in the summary - MINOR: ssl: remove client hello counters - MEDIUM: stats: add counters for failed handshake - MINOR: ssl: create common ssl_ctx init - MEDIUM: cli/ssl: configure ssl on server at runtime - REGTEST: server/cli_set_ssl.vtc requires OpenSSL - DOC: coding-style: update a few rules about pointers - BUG/MINOR: ssl: segv on startup when AKID but no keyid - BUILD: ssl: use SSL_MODE_ASYNC macro instead of OPENSSL_VERSION - BUG/MEDIUM: http-ana: Don't eval http-after-response ruleset on empty messages - BUG/MEDIUM: ssl/crt-list: bundle support broken in crt-list - BUG/MEDIUM: ssl: error when no certificate are found - BUG/MINOR: ssl/crt-list: load bundle in crt-list only if activated - BUG/MEDIUM: ssl/crt-list: fix error when no file found - CI: Github Actions: enable prometheus exporter - CI: Github Actions: remove LibreSSL-3.0.2 builds - CI: Github Actions: enable BoringSSL builds - CI: travis-ci: remove builds migrated to GH actions - BUILD: makefile: enable crypt(3) for OpenBSD - CI: Github Action: run "apt-get update" before packages restore - BUILD: SSL: guard TLS13 ciphersuites with HAVE_SSL_CTX_SET_CIPHERSUITES - CI: Pass the github.event_name to matrix.py - CI: Clean up Windows CI - DOC: clarify how to create a fallback crt - CLEANUP: connection: do not use conn->owner when the session is known - BUG/MAJOR: connection: reset conn->owner when detaching from session list - REGTESTS: mark proxy_protocol_random_fail as broken - BUG/MINOR: http_htx: Fix searching headers by substring - MINOR: http_act: Add -m flag for del-header name matching method |
||
Willy Tarreau
|
1c0a722a83 |
[RELEASE] Released version 2.3.0
Released version 2.3.0 with the following main changes : - CLEANUP: pattern: remove unused entry "tree" in pattern.val - BUILD: ssl: use SSL_CTRL_GET_RAW_CIPHERLIST instead of OpenSSL versions - BUG/MEDIUM: filters: Don't try to init filters for disabled proxies - BUG/MINOR: proxy/server: Skip per-proxy/server post-check for disabled proxies - BUG/MINOR: checks: Report a socket error before any connection attempt - BUG/MINOR: server: Set server without addr but with dns in RMAINT on startup - MINOR: server: Copy configuration file and line for server templates - BUG/MEDIUM: mux-pt: Release the tasklet during an HTTP upgrade - BUILD: ssl: use HAVE_OPENSSL_KEYLOG instead of OpenSSL versions - MINOR: debug: don't count free(NULL) in memstats - BUG/MINOR: filters: Skip disabled proxies during startup only - MINOR: mux_h2: capitalize frame type in stats - MINOR: mux_h2: add stat for total count of connections/streams - MINOR: stats: do not display empty stat module title on html - BUG/MEDIUM: stick-table: limit the time spent purging old entries - BUG/MEDIUM: listener: only enable a listening listener if needed - BUG/MEDIUM: listener: never suspend inherited sockets - BUG/MEDIUM: listener: make the master also keep workers' inherited FDs - MINOR: fd: add fd_want_recv_safe() - MEDIUM: listeners: make use of fd_want_recv_safe() to enable early receivers - REGTESTS: mark abns_socket as working now - CLEANUP: mux-h2: Remove the h1 parser state from the h2 stream - MINOR: sock: add a check against cross worker<->master socket activities - CI: github actions: limit OpenSSL no-deprecated builds to "default,bug,devel" reg-tests - BUG/MEDIUM: server: make it possible to kill last idle connections - MINOR: mworker/cli: the master CLI use its own applet - MINOR: ssl: define SSL_CTX_set1_curves_list to itself on BoringSSL - BUILD: ssl: use feature macros for detecting ec curves manipulation support - DOC: Add dns as an available domain to show stat - BUILD: makefile: usual reorder of objects for faster builds - DOC: update INSTALL to mention that TCC is supported - DOC: mention in INSTALL that haproxy 2.3 is a stable version - MINOR: version: mention that it's stable now |
||
Willy Tarreau
|
bd703e5650 |
[RELEASE] Released version 2.3-dev9
Released version 2.3-dev9 with the following main changes : - CLEANUP: http_ana: remove unused assignation of `att_beg` - BUG/MEDIUM: ssl: OCSP must work with BoringSSL - BUG/MINOR: log: fix memory leak on logsrv parse error - BUG/MINOR: log: fix risk of null deref on error path - BUILD: ssl: more elegant OpenSSL early data support check - CI: github actions: update h2spec to 2.6.0 - BUG/MINOR: cache: Check the return value of http_replace_res_status - MINOR: cache: Store the "Last-Modified" date in the cache_entry - MINOR: cache: Process the If-Modified-Since header in conditional requests - MINOR: cache: Create res.cache_hit and res.cache_name sample fetches - MINOR: mux-h2: register a stats module - MINOR: mux-h2: add counters instance to h2c - MINOR: mux-h2: add stats for received frame types - MINOR: mux-h2: report detected error on stats - MINOR: mux-h2: count open connections/streams on stats - BUG/MINOR: server: fix srv downtime calcul on starting - BUG/MINOR: server: fix down_time report for stats - BUG/MINOR: lua: initialize sample before using it - MINOR: cache: Add Expires header value parsing - MINOR: ist: Add a case insensitive istmatch function - BUG/MINOR: cache: Manage multiple values in cache-control header value - BUG/MINOR: cache: Inverted variables in http_calc_maxage function - MINOR: pattern: make pat_ref_append() return the newly added element - MINOR: pattern: make pat_ref_add() rely on pat_ref_append() - MINOR: pattern: export pat_ref_push() - CLEANUP: pattern: use calloc() rather than malloc for structures - CLEANUP: pattern: fix spelling/grammatical/copy-paste in comments |
||
Willy Tarreau
|
fb1b9e3dec |
[RELEASE] Released version 2.3-dev8
Released version 2.3-dev8 with the following main changes : - MINOR: backend: replace the lbprm lock with an rwlock - MINOR: lb/map: use seek lock and read locks where appropriate - MINOR: lb/leastconn: only take a read lock in fwlc_get_next_server() - MINOR: lb/first: use a read lock in fas_get_next_server() - MINOR: lb/chash: use a read lock in chash_get_server_hash() - BUG/MINOR: disable dynamic OCSP load with BoringSSL - BUILD: ssl: make BoringSSL use its own version numbers - CLEANUP: threads: don't register an initcall when not debugging - MINOR: threads: change lock_t to an unsigned int - CLEANUP: tree-wide: reorder a few structures to plug some holes around locks - CLEANUP: task: remove the unused and mishandled global_rqueue_size - BUG/MEDIUM: connection: Never cleanup server lists when freeing private conns - MEDIUM: config: report that "nbproc" is deprecated - BUG/MINOR: listener: close before free in `listener_accept` - MINOR: ssl: 'ssl-load-extra-del-ext' removes the certificate extension - BUG/MINOR: queue: properly report redistributed connections - CONTRIB: tcploop: remove unused local variables in tcp_pause() - BUILD: makefile: add entries to build common debugging tools - BUG/MEDIUM: server: support changing the slowstart value from state-file - MINOR: http: Add `enum etag_type http_get_etag_type(const struct ist)` - MINOR: http: Add etag comparison function - MEDIUM: cache: Store the ETag information in the cache_entry - MEDIUM: cache: Add support for 'If-None-Match' request header - REGTEST: cache: Add if-none-match test case - CLEANUP: compression: Make use of http_get_etag_type() - BUG/MINOR: http-ana: Don't send payload for internal responses to HEAD requests - BUG/MAJOR: mux-h2: Don't try to send data if we know it is no longer possible - MINOR: threads/debug: only report used lock stats - MINOR: threads/debug: only report lock stats for used operations - MINOR: proxy; replace the spinlock with an rwlock - MINOR: server: read-lock the cookie during srv_set_dyncookie() - MINOR: proxy/cli: only take a read lock in "show errors" - OPTIM: queue: don't call pendconn_unlink() when the pendconn is not queued - MINOR: queue: split __pendconn_unlink() in per-srv and per-prx - MINOR: queue: reduce the locked area in pendconn_add() - OPTIM: queue: make the nbpend counters atomic - OPTIM: queue: decrement the nbpend and totpend counters outside of the lock - MINOR: leastconn: take the queue length into account when queuing servers - MEDIUM: fwlc: re-enable per-server queuing up to maxqueue - Revert "OPTIM: queue: don't call pendconn_unlink() when the pendconn is not queued" - MINOR: stats: support the "up" output modifier for "show stat" - MINOR: stats: also support a "no-maint" show stat modifier - MINOR: stats: indicate the number of servers in a backend's status - MEDIUM: ssl: ssl-load-extra-del-ext work only with .crt - REGTEST: ssl: test "set ssl cert" with separate key / crt - DOC: management: apply the "show stat" modifiers to "show stat", not "show info" - MINOR: stats: report server's user-configured weight next to effective weight - CI: travis-ci: switch to Ubuntu 20.04 - CONTRIB: release-estimator: Add release estimating tool - BUG/MEDIUM: queue: fix unsafe proxy pointer when counting nbpend - BUG/MINOR: extcheck: add missing checks on extchk_setenv() |
||
Willy Tarreau
|
9d58c9b251 |
[RELEASE] Released version 2.3-dev7
Released version 2.3-dev7 with the following main changes : - CI: travis-ci: replace not defined SSL_LIB, SSL_INC for BotringSSL builds - BUG/MINOR: init: only keep rlim_fd_cur if max is unlimited - BUG/MINOR: mux-h2: do not stop outgoing connections on stopping - MINOR: fd: report an error message when failing initial allocations - MINOR: proto-tcp: make use of connect(AF_UNSPEC) for the pause - MINOR: sock: add sock_accept_conn() to test a listening socket - MINOR: protocol: make proto_tcp & proto_uxst report listening sockets - MINOR: sockpair: implement the .rx_listening function - CLEANUP: tcp: make use of sock_accept_conn() where relevant - CLEANUP: unix: make use of sock_accept_conn() where relevant - BUG/MINOR: listener: detect and handle shared sockets stopped in other processes - CONTRIB: tcploop: implement a disconnect operation 'D' - CLEANUP: protocol: intitialize all of the sockaddr when disconnecting - BUG/MEDIUM: deinit: check fdtab before fdtab[fd].owner - BUG/MINOR: connection: fix loop iter on connection takeover - BUG/MEDIUM: connection: fix srv idle count on conn takeover - MINOR: connection: improve list api usage - MINOR: mux/connection: add a new mux flag for HOL risk - MINOR: connection: don't check priv flag on free - MEDIUM: backend: add new conn to session if mux marked as HOL blocking - MEDIUM: backend: add reused conn to sess if mux marked as HOL blocking - MEDIUM: h2: remove conn from session on detach - MEDIUM: fcgi: remove conn from session on detach - DOC: Describe reuse safe for HOL handling - MEDIUM: proxy: remove obsolete "mode health" - MEDIUM: proxy: remove obsolete "monitor-net" - CLEANUP: protocol: remove the ->drain() function - CLEANUP: fd: finally get rid of fd_done_recv() - MINOR: connection: make sockaddr_alloc() take the address to be copied - MEDIUM: listener: allocate the connection before queuing a new connection - MINOR: session: simplify error path in session_accept_fd() - MINOR: connection: add new error codes for accept_conn() - MINOR: sock: rename sock_accept_conn() to sock_accepting_conn() - MINOR: protocol: add a new function accept_conn() - MINOR: sock: implement sock_accept_conn() to accept a connection - MINOR: sockpair: implement sockpair_accept_conn() to accept a connection - MEDIUM: listener: use protocol->accept_conn() to accept a connection - MEDIUM: listener: remove the second pass of fd manipulation at the end - MINOR: protocol: add a default I/O callback and put it into the receiver - MINOR: log: set the UDP receiver's I/O handler in the receiver - MINOR: protocol: register the receiver's I/O handler and not the protocol's - CLEANUP: protocol: remove the now unused <handler> field of proto_fam->bind() - DOC: improve the documentation for "option nolinger" - BUG/MEDIUM: proxy: properly stop backends - BUG/MEDIUM: task: bound the number of tasks picked from the wait queue at once - MINOR: threads: augment rwlock debugging stats to report seek lock stats - MINOR: threads: add the transitions to/from the seek state - MEDIUM: task: use an upgradable seek lock when scanning the wait queue - BUILD: listener: avoir a build warning when threads are disabled - BUG/MINOR: peers: Possible unexpected peer seesion reset after collisions. - MINOR: ssl: add volatile flags to ssl samples - MEDIUM: backend: reuse connection if using a static sni - BUG/MEDIUM: spoe: Unset variable instead of set it if no data provided - BUG/MEDIUM: mux-h1: Get the session from the H1S when capturing bad messages - BUG/MEDIUM: lb: Always lock the server when calling server_{take,drop}_conn - DOC: fix typo in MAX_SESS_STKCTR |
||
Willy Tarreau
|
b7ffe1975a |
[RELEASE] Released version 2.3-dev6
Released version 2.3-dev6 with the following main changes : - REGTESTS: use "command" instead of "which" for better POSIX compatibility - BUILD: makefile: Update feature flags for OpenBSD - DOC: agent-check: fix typo in "fail" word expected reply - DOC: crt: advise to move away from cert bundle - BUG/MINOR: ssl/crt-list: exit on warning out of crtlist_parse_line() - REGTEST: fix host part in balance-uri-path-only.vtc - REGTEST: make ssl_client_samples and ssl_server_samples requiret to 2.3 - REGTEST: the iif converter test requires 2.3 - REGTEST: make agent-check.vtc require 1.8 - REGTEST: make abns_socket.vtc require 1.8 - REGTEST: make map_regm_with_backref require 1.7 - BUILD: makefile: Update feature flags for FreeBSD - OPTIM: backend/random: never queue on the server, always on the backend - OPTIM: backend: skip LB when we know the backend is full - BUILD: makefile: Fix building with closefrom() support enabled - BUILD: makefile: add an EXTRAVERSION variable to ease local naming - MINOR: tools: support for word expansion of environment in parse_line - BUILD: tools: fix minor build issue on isspace() - BUILD: makefile: Enable closefrom() support on Solaris - CLEANUP: ssl: Use structured format for error line report during crt-list parsing - MINOR: ssl: Add error if a crt-list might be truncated - MINOR: ssl: remove uneeded check in crtlist_parse_file - BUG/MINOR: Fix several leaks of 'log_tag' in init(). - DOC: tcp-rules: Refresh details about L7 matching for tcp-request content rules - MEDIUM: tcp-rules: Warn if a track-sc* content rule doesn't depend on content - BUG/MINOR: tcpcheck: Set socks4 and send-proxy flags before the connect call - DOC: ssl: new "cert bundle" behavior - BUG/MEDIUM: queue: make pendconn_cond_unlink() really thread-safe - CLEANUP: ssl: "bundle" is not an OpenSSL wording - MINOR: counters: fix a typo in comment - BUG/MINOR: stats: fix validity of the json schema - REORG: stats: export some functions - MINOR: stats: add stats size as a parameter for csv/json dump - MINOR: stats: hide px/sv/li fields in applet struct - REORG: stats: extract proxy json dump - REORG: stats: extract proxies dump loop in a function - MINOR: hlua: Display debug messages on stderr only in debug mode - MINOR: stats: define the concept of domain for statistics - MINOR: stats: define additional flag px cap on domain - MEDIUM: stats: add delimiter for static proxy stats on csv - MEDIUM: stats: define an API to register stat modules - MEDIUM: stats: add abstract type to store counters - MEDIUM: stats: integrate static proxies stats in new stats - MINOR: stats: support clear counters for dynamic stats - MINOR: stats: display extra proxy stats on the html page - MINOR: stats: add config "stats show modules" - MINOR: dns/stats: integrate dns counters in stats - MINOR: stats: remove for loop declaration - DOC: ssl: fix typo about ocsp files - BUG/MINOR: peers: Inconsistency when dumping peer status codes. - DOC: update INSTALL with supported OpenBSD / FreeBSD versions - BUG/MINOR: proto_tcp: Report warning messages when listeners are bound - CLEANUP: cache: Fix leak of cconf->c.name during config check - CLEANUP: ssl: Release cached SSL sessions on deinit - BUG/MINOR: mux-h1: Be sure to only set CO_RFL_READ_ONCE for the first read - BUG/MINOR: mux-h1: Always set the session on frontend h1 stream - MINOR: mux-h1: Don't wakeup the H1C when output buffer become available - CLEANUP: sock-unix: Remove an unreachable goto clause - BUG/MINOR: proxy: inc req counter on new syslog messages. - BUG/MEDIUM: log: old processes with log foward section don't die on soft stop. - MINOR: stats: inc req counter on listeners. - MINOR: channel: new getword and getchar functions on channel. - MEDIUM: log: syslog TCP support on log forward section. - BUG/MINOR: proxy/log: frontend/backend and log forward names must differ - DOC: re-work log forward bind statement documentation. - DOC: fix a confusing typo on a regsub example - BUILD: Add a DragonFlyBSD target - BUG/MINOR: makefile: fix a tiny typo in the target list - BUILD: makefile: Update feature flags for NetBSD - CI: travis-ci: help Coverity to detect BUG_ON() as a real stop - DOC: Add missing stats fields in the management doc - BUG/MEDIUM: mux-fcgi: Don't handle pending read0 too early on streams - BUG/MEDIUM: mux-h2: Don't handle pending read0 too early on streams - DOC: Fix typos in configuration.txt - BUG/MINOR: http: Fix content-length of the default 500 error - BUG/MINOR: http-htx: Expect no body for 204/304 internal HTTP responses - REGTESTS: mark abns_socket as broken - MEDIUM: fd: always wake up one thread when enabling a foreing FD - MEDIUM: listeners: don't bounce listeners management between queues - MEDIUM: init: stop disabled proxies after initializing fdtab - MEDIUM: listeners: make unbind_listener() converge if needed - MEDIUM: deinit: close all receivers/listeners before scanning proxies - MEDIUM: listeners: remove the now unused ZOMBIE state - MINOR: listeners: do not uselessly try to close zombie listeners in soft_stop() - CLEANUP: proxy: remove the first_to_listen hack in zombify_proxy() - MINOR: listeners: introduce listener_set_state() - MINOR: proxy: maintain per-state counters of listeners - MEDIUM: proxy: remove the unused PR_STFULL state - MEDIUM: proxy: remove the PR_STERROR state - MEDIUM: proxy: remove state PR_STPAUSED - MINOR: startup: don't rely on PR_STNEW to check for listeners - CLEANUP: peers: don't use the PR_ST* states to mark enabled/disabled - MEDIUM: proxy: replace proxy->state with proxy->disabled - MEDIUM: proxy: remove start_proxies() - MEDIUM: proxy: merge zombify_proxy() with stop_proxy() - MINOR: listeners: check the current listener state in pause_listener() - MINOR: listeners: check the current listener earlier state in resume_listener() - MEDIUM: listener/proxy: make the listeners notify about proxy pause/resume - MINOR: protocol: introduce protocol_{pause,resume}_all() - MAJOR: signals: use protocol_pause_all() and protocol_resume_all() - CLEANUP: proxy: remove the now unused pause_proxies() and resume_proxies() - MEDIUM: proto_tcp: make the pause() more robust in multi-process - BUG/MEDIUM: listeners: correctly report pause() errors - MINOR: listeners: move fd_stop_recv() to the receiver's socket code - CLEANUP: protocol: remove the ->disable_all method - CLEANUP: listeners: remove unused disable_listener and disable_all_listeners - MINOR: listeners: export enable_listener() - MINOR: protocol: directly call enable_listener() from protocol_enable_all() - CLEANUP: protocol: remove the ->enable_all method - CLEANUP: listeners: remove the now unused enable_all_listeners() - MINOR: protocol: rename the ->listeners field to ->receivers - MINOR: protocol: replace ->pause(listener) with ->rx_suspend(receiver) - MINOR: protocol: implement an ->rx_resume() method - MINOR: listener: use the protocol's ->rx_resume() method when available - MINOR: sock: provide a set of generic enable/disable functions - MINOR: protocol: add a new pair of rx_enable/rx_disable methods - MINOR: protocol: add a new pair of enable/disable methods for listeners - MEDIUM: listeners: now use the listener's ->enable/disable - MINOR: listeners: split delete_listener() in two versions - MINOR: listeners: count unstoppable jobs on creation, not deletion - MINOR: listeners: add a new stop_listener() function - MEDIUM: proxy: make stop_proxy() now use stop_listener() - MEDIUM: proxy: add mode PR_MODE_PEERS to flag peers frontends - MEDIUM: proxy: centralize proxy status update and reporting - MINOR: protocol: add protocol_stop_now() to instant-stop listeners - MEDIUM: proxy: make soft_stop() stop most listeners using protocol_stop_now() - MEDIUM: udp: implement udp_suspend() and udp_resume() - MINOR: listener: add a few BUG_ON() statements to detect inconsistencies - MEDIUM: listeners: always close master vs worker listeners - BROKEN/MEDIUM: listeners: rework the unbind logic to make it idempotent - MEDIUM: listener: let do_unbind_listener() decide whether to close or not - CLEANUP: listeners: remove the do_close argument to unbind_listener() - MINOR: listeners: move the LI_O_MWORKER flag to the receiver - MEDIUM: receivers: add an rx_unbind() method in the protocols - MINOR: listeners: split do_unbind_listener() in two - MEDIUM: listeners: implement protocol level ->suspend/resume() calls - MEDIUM: config: mark "grace" as deprecated - MEDIUM: config: remove the deprecated and dangerous global "debug" directive - BUG/MINOR: proxy: respect the proper format string in sig_pause/sig_listen - MINOR: peers: heartbeat, collisions and handshake information for "show peers" command. - BUILD: makefile: Enable getaddrinfo() on OS/X |
||
Christopher Faulet
|
05f0188943 |
[RELEASE] Released version 2.3-dev5
Released version 2.3-dev5 with the following main changes : - DOC: Fix typo in iif() example - CLEANUP: Update .gitignore - BUILD: introduce possibility to define ABORT_NOW() conditionally - CI: travis-ci: help Coverity to recognize abort() - BUG/MINOR: Fix type passed of sizeof() for calloc() - CLEANUP: Do not use a fixed type for 'sizeof' in 'calloc' - CLEANUP: tree-wide: use VAR_ARRAY instead of [0] in various definitions - BUILD: connection: fix build on clang after the VAR_ARRAY cleanup - BUG/MINOR: ssl: verifyhost is case sensitive - BUILD: makefile: change default value of CC from gcc to cc - CI: travis-ci: split asan step out of running tests - BUG/MINOR: server: report correct error message for invalid port on "socks4" - BUG/MEDIUM: ssl: Don't call ssl_sock_io_cb() directly. - BUG/MINOR: ssl/crt-list: crt-list could end without a \n - BUG/MINOR: log-forward: fail on unknown keywords - MEDIUM: log-forward: use "dgram-bind" instead of "bind" for the listener - BUG/MEDIUM: log-forward: always quit on parsing errors - MEDIUM: ssl: remove bundle support in crt-list and directories - MEDIUM: ssl/cli: remove support for multi certificates bundle - MINOR: ssl: crtlist_dup_ssl_conf() duplicates a ssl_bind_conf - MINOR: ssl: crtlist_entry_dup() duplicates a crtlist_entry - MEDIUM: ssl: emulates the multi-cert bundles in the crtlist - MEDIUM: ssl: emulate multi-cert bundles loading in standard loading - CLEANUP: ssl: remove test on "multi" variable in ckch functions - CLEANUP: ssl/cli: remove test on 'multi' variable in CLI functions - CLEANUP: ssl: remove utility functions for bundle - DOC: explain bundle emulation in configuration.txt - BUILD: fix build with openssl < 1.0.2 since bundle removal - BUG/MINOR: log: gracefully handle the "udp@" address format for log servers - BUG/MINOR: dns: gracefully handle the "udp@" address format for nameservers - MINOR: listener: create a new struct "settings" in bind_conf - MINOR: listener: move bind_proc and bind_thread to struct settings - MINOR: listener: move the interface to the struct settings - MINOR: listener: move the network namespace to the struct settings - REORG: listener: create a new struct receiver - REORG: listener: move the listening address to a struct receiver - REORG: listener: move the receiving FD to struct receiver - REORG: listener: move the listener's proto to the receiver - MINOR: listener: make sock_find_compatible_fd() check the socket type - REORG: listener: move the receiver part to a new file - MINOR: receiver: link the receiver to its settings - MINOR: receiver: link the receiver to its owner - MINOR: listener: prefer to retrieve the socket's settings via the receiver - MINOR: receiver: add a receiver-specific flag to indicate the socket is bound - MINOR: listener: move the INHERITED flag down to the receiver - MINOR: receiver: move the FOREIGN and V6ONLY options from listener to settings - MINOR: sock: make sock_find_compatible_fd() only take a receiver - MINOR: protocol: rename the ->bind field to ->listen - MINOR: protocol: add a new ->bind() entry to bind the receiver - MEDIUM: sock_inet: implement sock_inet_bind_receiver() - MEDIUM: tcp: make use of sock_inet_bind_receiver() - MEDIUM: udp: make use of sock_inet_bind_receiver() - MEDIUM: sock_unix: implement sock_unix_bind_receiver() - MEDIUM: uxst: make use of sock_unix_bind_receiver() - MEDIUM: sockpair: implement sockpair_bind_receiver() - MEDIUM: proto_sockpair: make use of sockpair_bind_receiver() - MEDIUM: protocol: explicitly start the receiver before the listener - MEDIUM: protocol: do not call proto->bind() anymore from bind_listener() - MINOR: protocol: add a new proto_fam structure for protocol families - MINOR: protocol: retrieve the family-specific fields from the family - CLEANUP: protocol: remove family-specific fields from struct protocol - MINOR: protocol: add a real family for existing FDs - CLEANUP: tools: make str2sa_range() less awful for fd@ and sockpair@ - MINOR: tools: make str2sa_range() take more options than just resolve - MINOR: tools: add several PA_O_PORT_* flags in str2sa_range() callers - MEDIUM: tools: make str2sa_range() validate callers' port specifications - MEDIUM: config: remove all checks for missing/invalid ports/ranges - MINOR: tools: add several PA_O_* flags in str2sa_range() callers - MINOR: listener: remove the inherited arg to create_listener() - MINOR: tools: make str2sa_range() optionally return the fd - MINOR: log: detect LOG_TARGET_FD from the fd and not from the syntax - MEDIUM: tools: make str2sa_range() resolve pre-bound listeners - MINOR: config: do not test an inherited socket again - MEDIUM: tools: make str2sa_range() check for the sockpair's FD usability - MINOR: tools: start to distinguish stream and dgram in str2sa_range() - MEDIUM: tools: make str2sa_range() only report AF_CUST_UDP on listeners - MINOR: tools: remove the central test for "udp" in str2sa_range() - MINOR: cfgparse: add str2receiver() to parse dgram receivers - MINOR: log-forward: use str2receiver() to parse the dgram-bind address - MEDIUM: config: make str2listener() not accept datagram sockets anymore - MINOR: listener: pass the chosen protocol to create_listeners() - MINOR: tools: make str2sa_range() directly return the protocol - MEDIUM: tools: make str2sa_range() check that the protocol has ->connect() - MINOR: protocol: add the control layer type in the protocol struct - MEDIUM: protocol: store the socket and control type in the protocol array - MEDIUM: tools: make str2sa_range() use protocol_lookup() - MEDIUM: proto_udp: replace last AF_CUST_UDP* with AF_INET* - MINOR: tools: drop listener detection hack from str2sa_range() - BUILD: sock_unix: add missing errno.h - MINOR: sock_inet: report the errno string in binding errors - MINOR: sock_unix: report the errno string in binding errors - BUILD: sock_inet: include errno.h - MINOR: h2/trace: also display the remaining frame length in traces - BUG/MINOR: h2/trace: do not display "stream error" after a frame ACK - BUG/MEDIUM: h2: report frame bits only for handled types - BUG/MINOR: http-fetch: Don't set the sample type during the htx prefetch - BUG/MINOR: Fix memory leaks cfg_parse_peers - BUG/MINOR: config: Fix memory leak on config parse listen - MINOR: backend: make the "whole" option of balance uri take only one bit - MINOR: backend: add a new "path-only" option to "balance uri" - REGTESTS: add a few load balancing tests - BUG/MEDIUM: listeners: do not pause foreign listeners - BUG/MINOR: listeners: properly close listener FDs - BUILD: trace: include tools.h |
||
Willy Tarreau
|
253c4dc200 |
[RELEASE] Released version 2.3-dev4
Released version 2.3-dev4 with the following main changes : - MINOR: hlua: Add error message relative to the Channel manipulation and HTTP mode - BUG/MEDIUM: ssl: crt-list negative filters don't work - DOC: overhauling github issue templates - MEDIUM: cfgparse: Emit hard error on truncated lines - DOC: cache: Use '<name>' instead of '<id>' in error message - MINOR: cache: Reject duplicate cache names - REGTEST: remove stray leading spaces in converteers_ref_cnt_never_dec.vtc - MINOR: stats: prevent favicon.ico requests for stats page - BUILD: tools: include auxv a bit later - BUILD: task: work around a bogus warning in gcc 4.7/4.8 at -O1 - MEDIUM: ssl: Support certificate chaining for certificate generation - MINOR: ssl: Support SAN extension for certificate generation - MINOR: tcp: don't try to set/clear v6only on inherited sockets - BUG/MINOR: reload: detect the OS's v6only status before choosing an old socket - MINOR: reload: determine the foreing binding status from the socket - MEDIUM: reload: stop passing listener options along with FDs - BUG/MEDIUM: ssl: fix ssl_bind_conf double free w/ wildcards - MEDIUM: fd: replace usages of fd_remove() with fd_stop_both() - CLEANUP: fd: remove fd_remove() and rename fd_dodelete() to fd_delete() - MINOR: fd: add a new "exported" flag and use it for all regular listeners - MEDIUM: reload: pass all exportable FDs, not just listeners - DOC: add description of pidfile in master-worker mode - BUG/MINOR: reload: do not fail when no socket is sent - REORG: tcp: move TCP actions from proto_tcp.c to tcp_act.c - CLEANUP: tcp: stop exporting smp_fetch_src() - REORG: tcp: move TCP sample fetches from proto_tcp.c to tcp_sample.c - REORG: tcp: move TCP bind/server keywords from proto_tcp.c to cfgparse-tcp.c - REORG: unix: move UNIX bind/server keywords from proto_uxst.c to cfgparse-unix.c - REORG: sock: start to move some generic socket code to sock.c - MINOR: sock: introduce sock_inet and sock_unix - MINOR: tcp/udp/unix: make use of proto->addrcmp() to compare addresses - MINOR: sock_inet: implement sock_inet_get_dst() - REORG: inet: replace tcp_is_foreign() with sock_inet_is_foreign() - REORG: sock_inet: move v6only_default from proto_tcp.c to sock_inet.c - REORG: sock_inet: move default_tcp_maxseg from proto_tcp.c - REORG: listener: move xfer_sock_list to sock.{c,h}. - MINOR: sock: add interface and namespace length to xfer_sock_list - MINOR: sock: implement sock_find_compatible_fd() - MINOR: sock_inet: move the IPv4/v6 transparent mode code to sock_inet - REORG: sock: move get_old_sockets() from haproxy.c - MINOR: sock: do not use LI_O_* in xfer_sock_list anymore - MINOR: sock: distinguish dgram from stream types when retrieving old sockets - BUILD: sock_unix: fix build issue with isdigit() - BUG/MEDIUM: http-ana: Don't wait to send 1xx responses received from servers - MINOR: http-htx: Add an option to eval query-string when the path is replaced - BUG/MINOR: http-rules: Replace path and query-string in "replace-path" action - MINOR: http-htx: Handle an optional reason when replacing the response status - MINOR: contrib/spoa-server: allow MAX_FRAME_SIZE override - BUG/MAJOR: contrib/spoa-server: Fix unhandled python call leading to memory leak - BUG/MINOR: contrib/spoa-server: Ensure ip address references are freed - BUG/MINOR: contrib/spoa-server: Do not free reference to NULL - BUG/MINOR: contrib/spoa-server: Updating references to free in case of failure - BUG/MEDIUM: contrib/spoa-server: Fix ipv4_address used instead of ipv6_address - CLEANUP: http: silence a cppcheck warning in get_http_auth() - REGTEST: increase some short timeouts to make tests more reliable - BUG/MINOR: threads: work around a libgcc_s issue with chrooting - BUILD: thread: limit the libgcc_s workaround to glibc only - MINOR: protocol: do not call proto->bind_all() anymore - MINOR: protocol: do not call proto->unbind_all() anymore - CLEANUP: protocol: remove all ->bind_all() and ->unbind_all() functions - MAJOR: init: start all listeners via protocols and not via proxies anymore - BUG/MINOR: startup: haproxy -s cause 100% cpu - Revert "BUG/MINOR: http-rules: Replace path and query-string in "replace-path" action" - BUG/MEDIUM: doc: Fix replace-path action description - MINOR: http-rules: Add set-pathq and replace-pathq actions - MINOR: http-fetch: Add pathq sample fetch - REGTEST: Add a test for request path manipulations, with and without the QS - MINOR: Commit .gitattributes - CLEANUP: Update .gitignore - BUG/MEDIUM: dns: Don't store additional records in a linked-list - BUG/MEDIUM: dns: Be sure to renew IP address for already known servers - MINOR: server: Improve log message sent when server address is updated - DOC: ssl-load-extra-files only applies to certificates on bind lines - BUG/MINOR: auth: report valid crypto(3) support depending on build options - BUG/MEDIUM: mux-h1: always apply the timeout on half-closed connections - BUILD: threads: better workaround for late loading of libgcc_s - BUILD: compiler: reserve the gcc version checks to the gcc compiler - BUILD: compiler: workaround a glibc madness around __attribute__() - BUILD: intops: on x86_64, the bswap instruction is called bswapq - BUILD: trace: always have an argument before variadic args in macros - BUILD: traces: don't pass an empty argument for missing ones - BUG/MINOR: haproxy: Free uri_auth->scope during deinit - CLEANUP: Free old_argv on deinit - CLEANUP: haproxy: Free post_proxy_check_list in deinit() - CLEANUP: haproxy: Free per_thread_*_list in deinit() - CLEANUP: haproxy: Free post_check_list in deinit() - BUG/MEDIUM: pattern: Renew the pattern expression revision when it is pruned - REORG: tools: move PARSE_OPT_* from tools.h to tools-t.h - MINOR: sample: Add iif(<true>,<false>) converter |
||
Willy Tarreau
|
f104b530e2 |
[RELEASE] Released version 2.3-dev3
Released version 2.3-dev3 with the following main changes : - SCRIPTS: git-show-backports: make -m most only show the left branch - SCRIPTS: git-show-backports: emit the shell command to backport a commit - BUILD: Makefile: require SSL_LIB, SSL_INC to be explicitly set - CI: travis-ci: specify SLZ_LIB, SLZ_INC for travis builds - BUG/MEDIUM: mux-h1: Refresh H1 connection timeout after a synchronous send - CLEANUP: dns: typo in reported error message - BUG/MAJOR: dns: disabled servers through SRV records never recover - BUG/MINOR: spoa-server: fix size_t format printing - DOC: spoa-server: fix false friends `actually` - BUG/MINOR: ssl: fix memory leak at OCSP loading - BUG/MEDIUM: ssl: memory leak of ocsp data at SSL_CTX_free() - BUG/MEDIUM: map/lua: Return an error if a map is loaded during runtime - MINOR: arg: Add an argument type to keep a reference on opaque data - BUG/MINOR: converters: Store the sink in an arg pointer for debug() converter - BUG/MINOR: lua: Duplicate map name to load it when a new Map object is created - BUG/MINOR: arg: Fix leaks during arguments validation for fetches/converters - BUG/MINOR: lua: Check argument type to convert it to IPv4/IPv6 arg validation - BUG/MINOR: lua: Check argument type to convert it to IP mask in arg validation - MINOR: hlua: Don't needlessly copy lua strings in trash during args validation - BUG/MINOR: lua: Duplicate lua strings in sample fetches/converters arg array - MEDIUM: lua: Don't filter exported fetches and converters - MINOR: lua: Add support for userlist as fetches and converters arguments - MINOR: lua: Add support for regex as fetches and converters arguments - MINOR: arg: Use chunk_destroy() to release string arguments - BUG/MINOR: snapshots: leak of snapshots on deinit() - CLEANUP: ssl: ssl_sock_crt2der semicolon and spaces - MINOR: ssl: add ssl_{c,s}_chain_der fetch methods - CLEANUP: fix all duplicated semicolons - BUG/MEDIUM: ssl: fix the ssl-skip-self-issued-ca option - BUG/MINOR: ssl: ssl-skip-self-issued-ca requires >= 1.0.2 - BUG/MINOR: stats: use strncmp() instead of memcmp() on health states - BUILD: makefile: don't disable -Wstringop-overflow anymore - BUG/MINOR: ssl: double free w/ smp_fetch_ssl_x_chain_der() - BUG/MEDIUM: htx: smp_prefetch_htx() must always validate the direction - BUG/MEDIUM: ssl: never generates the chain from the verify store - OPTIM: regex: PCRE2 use JIT match when JIT optimisation occured. - BUG/MEDIUM: ssl: does not look for all SNIs before chosing a certificate - CLEANUP: ssl: remove poorly readable nested ternary |
||
Willy Tarreau
|
3f3cc8c8c7 |
[RELEASE] Released version 2.3-dev2
Released version 2.3-dev2 with the following main changes : - DOC: ssl: req_ssl_sni needs implicit TLS - BUG/MEDIUM: arg: empty args list must be dropped - BUG/MEDIUM: resolve: fix init resolving for ring and peers section. - BUG/MAJOR: tasks: don't requeue global tasks into the local queue - MINOR: tasks/debug: make the thread affinity BUG_ON check a bit stricter - MINOR: tasks/debug: add a few BUG_ON() to detect use of wrong timer queue - MINOR: tasks/debug: add a BUG_ON() check to detect requeued task on free - BUG/MAJOR: dns: Make the do-resolve action thread-safe - BUG/MEDIUM: dns: Release answer items when a DNS resolution is freed - MEDIUM: htx: Add a flag on a HTX message when no more data are expected - BUG/MEDIUM: stream-int: Don't set MSG_MORE flag if no more data are expected - BUG/MEDIUM: http-ana: Only set CF_EXPECT_MORE flag on data filtering - CLEANUP: dns: remove 45 "return" statements from dns_validate_dns_response() - BUG/MINOR: htx: add two missing HTX_FL_EOI and remove an unexpected one - BUG/MINOR: mux-fcgi: Don't url-decode the QUERY_STRING parameter anymore - BUILD: tools: fix build with static only toolchains - DOC: Use gender neutral language - BUG/MINOR: debug: Don't dump the lua stack if it is not initialized - BUG/MAJOR: dns: fix null pointer dereference in snr_update_srv_status - BUG/MAJOR: dns: don't treat Authority records as an error - CI : travis-ci : prepare for using stock OpenSSL - CI: travis-ci : switch to stock openssl when openssl-1.1.1 is used - MEDIUM: lua: Add support for the Lua 5.4 - BUG/MEDIUM: dns: Don't yield in do-resolve action on a final evaluation - BUG/MINOR: lua: Abort execution of actions that yield on a final evaluation - MINOR: tcp-rules: Return an internal error if an action yields on a final eval - BUG/MINOR: tcp-rules: Preserve the right filter analyser on content eval abort - BUG/MINOR: tcp-rules: Set the inspect-delay when a tcp-response action yields - MEDIUM: tcp-rules: Use a dedicated expiration date for tcp ruleset - MEDIUM: lua: Set the analyse expiration date with smaller wake_time only - BUG/MEDIUM: connection: Be sure to always install a mux for sync connect - MINOR: connection: Preinstall the mux for non-ssl connect - MINOR: stream-int: Be sure to have a mux to do sends and receives - BUG/MINOR: lua: Fix a possible null pointer deref on lua ctx - SCRIPTS: announce-release: add the link to the wiki in the announce messages - CI: travis-ci: use better name for Coverity scan job - CI: travis-ci: use proper linking flags for SLZ build - BUG/MEDIUM: backend: always attach the transport before installing the mux - BUG/MEDIUM: tcp-checks: always attach the transport before installing the mux - MINOR: connection: avoid a useless recvfrom() on outgoing connections - MINOR: mux-h1: do not even try to receive if the connection is not fully set up - MINOR: mux-h1: do not try to receive on backend before sending a request - CLEANUP: assorted typo fixes in the code and comments - BUG/MEDIUM: ssl: check OCSP calloc in ssl_sock_load_ocsp() |
||
Willy Tarreau
|
e732cbd8a9 |
[RELEASE] Released version 2.3-dev1
Released version 2.3-dev1 with the following main changes : - MINOR: config: make strict limits enabled by default - BUG/MINOR: acl: Fix freeing of expr->smp in prune_acl_expr - BUG/MINOR: sample: Fix freeing of conv_exprs in release_sample_expr - BUG/MINOR: haproxy: Free proxy->format_unique_id during deinit - BUG/MINOR: haproxy: Add missing free of server->(hostname|resolvers_id) - BUG/MINOR: haproxy: Free proxy->unique_id_header during deinit - BUG/MINOR: haproxy: Free srule->file during deinit - BUG/MINOR: haproxy: Free srule->expr during deinit - BUG/MINOR: sample: Free str.area in smp_check_const_bool - BUG/MINOR: sample: Free str.area in smp_check_const_meth - CLEANUP: haproxy: Free proxy_deinit_list in deinit() - CLEANUP: haproxy: Free post_deinit_list in deinit() - CLEANUP: haproxy: Free server_deinit_list in deinit() - CLEANUP: haproxy: Free post_server_check_list in deinit() - CLEANUP: Add static void vars_deinit() - CLEANUP: Add static void hlua_deinit() - CLEANUP: contrib/prometheus-exporter: typo fixes for ssl reuse metric - BUG/MEDIUM: lists: add missing store barrier on MT_LIST_BEHEAD() - BUG/MEDIUM: lists: add missing store barrier in MT_LIST_ADD/MT_LIST_ADDQ - MINOR: tcp: Support TCP keepalive parameters customization - BUILD: tcp: condition TCP keepalive settings to platforms providing them - MINOR: lists: rename some MT_LIST operations to clarify them - MINOR: buffer: use MT_LIST_ADDQ() for buffer_wait lists additions - MINOR: connection: use MT_LIST_ADDQ() to add connections to idle lists - MINOR: tasks: use MT_LIST_ADDQ() when killing tasks. - CONTRIB: da: fix memory leak in dummy function da_atlas_open() - CI: travis-ci: speed up osx build by running brew scripted, switch to latest osx image - BUG/MEDIUM: mux-h2: Don't add private connections in available connection list - BUG/MEDIUM: mux-fcgi: Don't add private connections in available connection list - MINOR: connection: Set the SNI on server connections before installing the mux - MINOR: connection: Set new connection as private on reuse never - MINOR: connection: Add a wrapper to mark a connection as private - MEDIUM: connection: Add private connections synchronously in session server list - MINOR: connection: Use a dedicated function to look for a session's connection - MINOR: connection: Set the conncetion target during its initialisation - MINOR: session: Take care to decrement idle_conns counter in session_unown_conn - MINOR: server: Factorize code to deal with reuse of server idle connections - MINOR: server: Factorize code to deal with connections removed from an idle list - CLEANUP: connection: remove unused field idle_time from the connection struct - BUG/MEDIUM: mux-h1: Continue to process request when switching in tunnel mode - MINOR: raw_sock: Report the number of bytes emitted using the splicing - MINOR: contrib/prometheus-exporter: Add missing global and per-server metrics - MINOR: backend: Add sample fetches to get the server's weight - BUG/MINOR: mux-fcgi: Handle empty STDERR record - BUG/MINOR: mux-fcgi: Set conn state to RECORD_P when skipping the record padding - BUG/MINOR: mux-fcgi: Set flags on the right stream field for empty FCGI_STDOUT - BUG/MINOR: backend: fix potential null deref on srv_conn - BUG/MEDIUM: log: issue mixing sampled to not sampled log servers. - MEDIUM: udp: adds minimal proto udp support for message listeners. - MEDIUM: log/sink: re-work and merge of build message API. - MINOR: log: adds syslog udp message handler and parsing. - MEDIUM: log: adds log forwarding section. - MINOR: log: adds counters on received syslog messages. - BUG/MEDIUM: fcgi-app: fix memory leak in fcgi_flt_http_headers - BUG/MEDIUM: server: resolve state file handle leak on reload - BUG/MEDIUM: server: fix possibly uninitialized state file on close - BUG/MEDIUM: channel: Be aware of SHUTW_NOW flag when output data are peeked - BUILD: config: address build warning on raspbian+rpi4 - BUG/MAJOR: tasks: make sure to always lock the shared wait queue if needed - BUILD: config: fix again bugs gcc warnings on calloc |
||
Willy Tarreau
|
3a00c915fd |
[RELEASE] Released version 2.2.0
Released version 2.2.0 with the following main changes : - BUILD: mux-h2: fix typo breaking build when using DEBUG_LOCK - CLEANUP: makefile: update the outdated list of DEBUG_xxx options - BUILD: tools: make resolve_sym_name() return a const - CLEANUP: auth: fix useless self-include of auth-t.h - BUILD: tree-wide: cast arguments to tolower/toupper to unsigned char - CLEANUP: assorted typo fixes in the code and comments - WIP/MINOR: ssl: add sample fetches for keylog in frontend - DOC: fix tune.ssl.keylog sample fetches array - BUG/MINOR: ssl: check conn in keylog sample fetch - DOC: configuration: various typo fixes - MINOR: log: Remove unused case statement during the log-format string parsing - BUG/MINOR: mux-h1: Fix the splicing in TUNNEL mode - BUG/MINOR: mux-h1: Don't read data from a pipe if the mux is unable to receive - BUG/MINOR: mux-h1: Disable splicing only if input data was processed - BUG/MEDIUM: mux-h1: Disable splicing for the conn-stream if read0 is received - MINOR: mux-h1: Improve traces about the splicing - BUG/MINOR: backend: Remove CO_FL_SESS_IDLE if a client remains on the last server - BUG/MEDIUM: connection: Don't consider new private connections as available - BUG/MINOR: connection: See new connection as available only on reuse always - DOC: configuration: remove obsolete mentions of H2 being converted to HTTP/1.x - CLEANUP: ssl: remove unrelevant comment in smp_fetch_ssl_x_keylog() - DOC: update INSTALL with new compiler versions - DOC: minor update to coding style file - MINOR: version: mention that it's an LTS release now |
||
Willy Tarreau
|
62f11a589f |
[RELEASE] Released version 2.2-dev12
Released version 2.2-dev12 with the following main changes : - BUG/MINOR: mux_h2: don't lose the leaving trace in h2_io_cb() - MINOR: cli: make "show sess" stop at the last known session - CLEANUP: buffers: remove unused buffer_wq_lock lock - BUG/MEDIUM: buffers: always allocate from the local cache first - MINOR: connection: align toremove_{lock,connections} and cleanup into idle_conns - CONTRIB: debug: add missing flags SI_FL_L7_RETRY & SI_FL_D_L7_RETRY - BUG/MEDIUM: connections: Don't increase curr_used_conns for shared connections. - BUG/MEDIUM: checks: Increment the server's curr_used_conns - REORG: buffer: rename buffer.c to dynbuf.c - REORG: includes: create tinfo.h for the thread_info struct - CLEANUP: pool: only include the type files from types - MINOR: pools: move the LRU cache heads to thread_info - BUG/MINOR: debug: fix "show fd" null-deref when built with DEBUG_FD - MINOR: stats: add 3 new output values for the per-server idle conn state - MINOR: activity: add per-thread statistics on FD takeover - BUG/MINOR: server: start cleaning idle connections from various points - MEDIUM: server: improve estimate of the need for idle connections - MINOR: stats: add the estimated need of concurrent connections per server - BUG/MINOR: threads: Don't forget to init each thread toremove_lock. - BUG/MEDIUM: lists: Lock the element while we check if it is in a list. - Revert "BUG/MEDIUM: lists: Lock the element while we check if it is in a list." - BUG/MINOR: haproxy: don't wake already stopping threads on exit - BUG/MINOR: server: always count one idle slot for current thread - MEDIUM: server: use the two thresholds for the connection release algorithm - BUG/MINOR: http-rules: Fix ACLs parsing for http deny rules - BUG/MINOR: sched: properly cover for a rare MT_LIST_ADDQ() race - MINOR: mux-h1: avoid taking the toremove_lock in on dying tasks - MINOR: mux-h2: avoid taking the toremove_lock in on dying tasks - MINOR: mux-fcgi: avoid taking the toremove_lock in on dying tasks - MINOR: pools: increase MAX_BASE_POOLS to 64 - DOC: ssl: add "allow-0rtt" and "ciphersuites" in crt-list - BUG/MEDIUM: pattern: Add a trailing \0 to match strings only if possible - BUG/MEDIUM: log-format: fix possible endless loop in parse_logformat_string() - BUG/MINOR: proxy: fix dump_server_state()'s misuse of the trash - BUG/MINOR: proxy: always initialize the trash in show servers state - MINOR: cli/proxy: add a new "show servers conn" command - MINOR: server: skip servers with no idle conns earlier - BUG/MINOR: server: fix the connection release logic regarding nearly full conditions - MEDIUM: server: add a new pool-low-conn server setting - BUG/MEDIUM: backend: always search in the safe list after failing on the idle one - MINOR: backend: don't always takeover from the same threads - MINOR: sched: make sched->task_list_size atomic - MEDIUM: sched: create a new TASK_KILLED task flag - MEDIUM: sched: implement task_kill() to kill a task - MEDIUM: mux-h1: use task_kill() during h1_takeover() instead of task_wakeup() - MEDIUM: mux-h2: use task_kill() during h2_takeover() instead of task_wakeup() - MEDIUM: mux-fcgi: use task_kill() during fcgi_takeover() instead of task_wakeup() - MINOR: list: Add MT_LIST_DEL_SAFE_NOINIT() and MT_LIST_ADDQ_NOCHECK() - CLEANUP: connections: rename the toremove_lock to takeover_lock - MEDIUM: connections: Don't use a lock when moving connections to remove. - DOC: configuration: add missing index entries for tune.pool-{low,high}-fd-ratio - DOC: configuration: fix alphabetical ordering for tune.pool-{high,low}-fd-ratio - MINOR: config: add a new tune.idle-pool.shared global setting. - MINOR: 51d: silence a warning about null pointer dereference - MINOR: debug: add a new "debug dev memstats" command - MINOR: log-format: allow to preserve spacing in log format strings - BUILD: debug: avoid build warnings with DEBUG_MEM_STATS - BUG/MAJOR: sched: make sure task_kill() always queues the task - BUG/MEDIUM: muxes: Make sure nobody stole the connection before using it. - BUG/MEDIUM: cli/proxy: don't try to dump idle connection state if there's none - BUILD: haproxy: fix build error when RLIMIT_AS is not set - BUG/MAJOR: sched: make it work also when not building with DEBUG_STRICT - MINOR: log: add time second fraction field to rfc5424 log timestamp. - BUG/MINOR: log: missing timezone on iso dates. - BUG/MEDIUM: server: don't kill all idle conns when there are not enough - MINOR: sched: split tasklet_wakeup() into tasklet_wakeup_on() - BUG/MEDIUM: connections: Set the tid for the old tasklet on takeover. - BUG/MEDIUM: connections: Let the xprt layer know a takeover happened. - BUG/MINOR: http_act: don't check capture id in backend (2) - BUILD: makefile: disable threads by default on OpenBSD - BUILD: peers: fix build warning with gcc 4.2.1 - CI: cirrus-ci: exclude slow reg-tests |
||
Willy Tarreau
|
4462af8da2 |
[RELEASE] Released version 2.2-dev11
Released version 2.2-dev11 with the following main changes : - REGTEST: Add a simple script to tests errorfile directives in proxy sections - BUG/MEDIUM: fcgi-app: Resolve the sink if a fcgi-app logs in a ring buffer - BUG/MINOR: spoe: correction of setting bits for analyzer - BUG/MINOR: cfgparse: Support configurations without newline at EOF - MINOR: cfgparse: Warn on truncated lines / files - BUG/MINOR: http_ana: clarify connection pointer check on L7 retry - MINOR: debug: add a new DEBUG_FD build option - BUG/MINOR: tasks: make sure never to exceed max_processed - MINOR: task: add a new pointer to current tasklet queue - BUG/MEDIUM: task: be careful not to run too many tasks at TL_URGENT - BUG/MINOR: cfgparse: Fix argument reference in PARSE_ERR_TOOMANY message - BUG/MINOR: cfgparse: Fix calculation of position for PARSE_ERR_TOOMANY message - BUG/MEDIUM: ssl: fix ssl_bind_conf double free - MINOR: ssl: free bind_conf_node in crtlist_free() - MINOR: ssl: free the crtlist and the ckch during the deinit() - BUG/MINOR: ssl: fix build with ckch_deinit() and crtlist_deinit() - BUG/MINOR: ssl/cli: certs added from the CLI can't be deleted - MINOR: ssl: move the ckch/crtlist deinit to ssl_sock.c - MEDIUM: tasks: apply a fair CPU distribution between tasklet classes - MINOR: tasks: make current_queue an index instead of a pointer - MINOR: tasks: add a mask of the queues with active tasklets - MINOR: tasks: pass the queue index to run_task_from_list() - MINOR: tasks: make run_tasks_from_lists() scan the queues itself - MEDIUM: tasks: add a tune.sched.low-latency option - BUG/MEDIUM: ssl/cli: 'commit ssl cert' crashes when no private key - BUG/MINOR: cfgparse: don't increment linenum on incomplete lines - MINOR: tools: make parse_line() always terminate the args list - BUG/MINOR: cfgparse: report extraneous args *after* the string is allocated - MINOR: cfgparse: sanitize the output a little bit - MINOR: cli/ssl: handle trailing slashes in crt-list commands - MINOR: ssl: add the ssl_s_* sample fetches for server side certificate - BUG/MEDIUM: http-ana: Don't loop trying to generate a malformed 500 response - BUG/MINOR: stream-int: Don't wait to send truncated HTTP messages - BUG/MINOR: http-ana: Set CF_EOI on response channel for generated responses - BUG/MINOR: http-ana: Don't wait to send 1xx responses generated by HAProxy - MINOR: spoe: Don't systematically create new applets if processing rate is low - DOC: fix some typos in the ssl_s_{s|i}_dn documentation - BUILD: fix ssl_sample.c when building against BoringSSL - CI: travis-ci: switch BoringSSL builds to ninja - CI: extend spellchecker whitelist - DOC: assorted typo fixes in the documentation - CLEANUP: assorted typo fixes in the code and comments - MINOR: http: Add support for http 413 status - REGTEST: ssl: tests the ssl_f_* sample fetches - REGTEST: ssl: add some ssl_c_* sample fetches test - DOC: ssl: update the documentation of "commit ssl cert" - BUG/MINOR: cfgparse: correctly deal with empty lines - BUG/MEDIUM: fetch: Fix hdr_ip misparsing IPv4 addresses due to missing NUL |
||
Willy Tarreau
|
dc0936c255 |
[RELEASE] Released version 2.2-dev10
Released version 2.2-dev10 with the following main changes : - BUILD: include: add sys/types before netinet/tcp.h - BUG/MEDIUM: log: don't hold the log lock during writev() on a file descriptor - BUILD: Remove nowarn for warnings that do not trigger - BUG/MEDIUM: pattern: fix thread safety of pattern matching - BUILD: Re-enable -Wimplicit-fallthrough - BUG/MINOR: ssl: fix ssl-{min,max}-ver with openssl < 1.1.0 - BUILD: thread: add parenthesis around values of locking macros - BUILD: proto_uxst: shut up yet another gcc's absurd warning - BUG/MEDIUM: checks: Fix off-by-one in allocation of SMTP greeting cmd - CI: travis-ci: use "-O1" for clang builds - MINOR: haproxy: Add void deinit_and_exit(int) - MINOR: haproxy: Make use of deinit_and_exit() for clean exits - BUG/MINOR: haproxy: Free rule->arg.vars.expr during deinit_act_rules - BUILD: compression: make gcc 10 happy with free_zlib() - BUILD: atomic: add string.h for memcpy() on ARM64 - BUG/MINOR: http: make smp_fetch_body() report that the contents may change - BUG/MINOR: tcp-rules: tcp-response must check the buffer's fullness - BUILD: haproxy: mark deinit_and_exit() as noreturn - BUG/MAJOR: vars: Fix bogus free() during deinit() for http-request rules - BUG/MEDIUM: ebtree: use a byte-per-byte memcmp() to compare memory blocks - MINOR: tools: add a new configurable line parse, parse_line() - BUG/MEDIUM: cfgparse: use parse_line() to expand/unquote/unescape config lines - BUG/MEDIUM: cfgparse: stop after a reasonable amount of fatal error - MINOR: http: do not close connections anymore after internal responses - BUG/MINOR: cfgparse: Add missing fatal++ in PARSE_ERR_HEX case - BUG/MINOR: spoe: add missing key length check before checking key names - MINOR: version: put the compiler version output into version.c not haproxy.c - MINOR: compiler: always define __has_feature() - MINOR: version: report the presence of the compiler's address sanitizer - BUILD: Fix build by including haproxy/global.h - BUG/MAJOR: connection: always disable ready events once reported - CLEANUP: activity: remove unused counter fd_lock - DOC: fd: make it clear that some fields ordering must absolutely be respected - MINOR: activity: report the number of times poll() reports I/O - MINOR: activity: rename confusing poll_* fields in the output - MINOR: fd: Fix a typo in a coment. - BUG/MEDIUM: fd: Don't fd_stop_recv() a fd we don't own. - BUG/MEDIUM: fd: Call fd_stop_recv() when we just got a fd. - MINOR: activity: group the per-loop counters at the top - MINOR: activity: rename the "stream" field to "stream_calls" - MEDIUM: fd: refine the fd_takeover() migration lock - MINOR: fd: slightly optimize the fd_takeover double-CAS loop - MINOR: fd: factorize the fd_takeover() exit path to make it safer - MINOR: peers: do not use localpeer as an array anymore - MEDIUM: peers: add the "localpeer" global option - MEDIUM: fd: add experimental support for edge-triggered polling - CONTRIB: debug: add the missing flags CO_FL_SAFE_LIST and CO_FL_IDLE_LIST - MINOR: haproxy: process signals before runnable tasks - MEDIUM: tasks: clean up the front side of the wait queue in wake_expired_tasks() - MEDIUM: tasks: also process late wakeups in process_runnable_tasks() - BUG/MINOR: cli: allow space escaping on the CLI - BUG/MINOR: mworker/cli: fix the escaping in the master CLI - BUG/MINOR: mworker/cli: fix semicolon escaping in master CLI - REGTEST: http-rules: test spaces in ACLs - REGTEST: http-rules: test spaces in ACLs with master CLI - BUG/MAJOR: init: properly compute the default global.maxpipes value - MEDIUM: map: make the "clear map" operation yield - BUG/MEDIUM: stream-int: fix loss of CO_SFL_MSG_MORE flag in forwarding - MINOR: mux_h1: Set H1_F_CO_MSG_MORE if we know we have more to send. - BUG/MINOR: systemd: Wait for network to be online - DOC: configuration: Unindent non-code sentences in the protobuf example - DOC: configuration: http-check send was missing from matrix |
||
Willy Tarreau
|
1385c88560 |
[RELEASE] Released version 2.2-dev9
Released version 2.2-dev9 with the following main changes : - BUG/MINOR: http-htx: Don't forget to release the http reply in release function - BUG/MINOR: http-htx: Fix a leak on error path during http reply parsing - MINOR: checks: Remove dead code from process_chk_conn() - REGTESTS: checks: Fix tls_health_checks when IPv6 addresses are used - REGTESTS: Add missing OPENSSL to REQUIRE_OPTIONS for lua/txn_get_priv - MINOR: lua: Use vars_unset_by_name_ifexist() - CLEANUP: vars: Remove void vars_unset_by_name(const char*, size_t, struct sample*) - MINOR: vars: Make vars_(un|)set_by_name(_ifexist|) return a success value - MINOR: lua: Make `set_var()` and `unset_var()` return success - MEDIUM: lua: Add `ifexist` parameter to `set_var` - MEDIUM: ring: new section ring to declare custom ring buffers. - REGTESTS: Add missing OPENSSL to REQUIRE_OPTIONS for compression/lua_validation - REGTESTS: Require the version 2.2 to execute lua/set_var - BUG/MEDIUM: checks: Refresh the conn-stream and the connection after a connect - MINOR: checks: Remove useless tests on the connection and conn-stream - BUG/MEDIUM: contrib/spoa: do not register python3.8 if --embed fail - BUG/MEDIUM: connection: Ignore PP2 unique ID for stream-less connections - BUG/MINOR: connection: Always get the stream when available to send PP2 line - BUG/MEDIUM: backend: set the connection owner to the session when using alpn. - MINOR: pools: compute an estimate of each pool's average needed objects - MEDIUM: pools: directly free objects when pools are too much crowded - REGTEST: Add connection/proxy_protocol_send_unique_id_alpn - MINOR: http-ana: Make the function http_reply_to_htx() public - MINOR: http-ana: Use proxy's error replies to emit 401/407 responses - MINOR: http-rules: Use an action function to eval http-request auth rules - CLEANUP: http: Remove unused HTTP message templates - BUG/MEDIUM: checks: Don't blindly subscribe for receive if waiting for connect - MINOR: checks: I/O callback function only rely on the data layer wake callback - BUG/MINOR: lua: Add missing string length for lua sticktable lookup - BUG/MEDIUM: logs: fix trailing zeros on log message. - CI: cirrus-ci: skip reg-tests/connection/proxy_protocol_send_unique_id_alpn.vtc on CentOS 6 - BUG/MINOR: nameservers: fix error handling in parsing of resolv.conf - BUG/MEDIUM: checks: Don't add a tcpcheck ruleset twice in the shared tree - MEDIUM: ssl: use TLSv1.2 as the minimum default on bind lines - CLEANUP: pools: use the regular lock for the flush operation on lockless pools - SCRIPTS: publish-release: pass -n to gzip to remove timestamp - MINOR: ring: re-work ring attach generic API. - BUG/MINOR: error on unknown statement in ring section. - MEDIUM: ring: add server statement to forward messages from a ring - MEDIUM: ring: add new srv statement to support octet counting forward - MINOR: ssl: set ssl-min-ver in ambiguous configurations - CLEANUP: ssl: remove comment from dump_crtlist_sslconf() - BUILD: sink: address build warning on 32-bit architectures - BUG/MINOR: peers: fix internal/network key type mapping. - CLEANUP: regex: remove outdated support for regex actions - Revert "MINOR: ssl: rework add cert chain to CTX to be libssl independent" - MINOR: mux-h1/proxy: Add a proxy option to disable clear h2 upgrade - BUG/MEDIUM: lua: Reset analyse expiration timeout before executing a lua action - DOC: add a line about comments in crt-list - BUG/MEDIUM: hlua: Lock pattern references to perform set/add/del operations - BUG/MINOR: checks: Fix test on http-check rulesets during config validity check - BUG/MEDIUM: contrib/prometheus-exporter: Properly set flags to dump metrics - BUG/MEDIUM: mworker: fix the copy of options in copy_argv() - BUG/MINOR: init: -x can have a parameter starting with a dash - BUG/MINOR: init: -S can have a parameter starting with a dash - BUG/MEDIUM: mworker: fix the reload with an -- option - BUG/MINOR: ssl: fix a trash buffer leak in some error cases - BUG/MINOR: mworker: fix a memleak when execvp() failed - MINOR: sample: Add secure_memcmp converter - REORG: ebtree: move the C files from ebtree/ to src/ - REORG: ebtree: move the include files from ebtree to include/import/ - REORG: ebtree: clean up remains of the ebtree/ directory - REORG: include: create new file haproxy/api-t.h - REORG: include: create new file haproxy/api.h - REORG: include: update all files to use haproxy/api.h or api-t.h if needed - CLEANUP: include: remove common/config.h - CLEANUP: include: remove unused template.h - REORG: include: move MIN/MAX from tools.h to compat.h - REORG: include: move SWAP/MID_RANGE/MAX_RANGE from tools.h to standard.h - CLEANUP: include: remove unused common/tools.h - REORG: include: move the base files from common/ to haproxy/ - REORG: include: move version.h to haproxy/ - REORG: include: move base64.h, errors.h and hash.h from common to to haproxy/ - REORG: include: move openssl-compat.h from common/ to haproxy/ - REORG: include: move ist.h from common/ to import/ - REORG: include: move the BUG_ON() code to haproxy/bug.h - REORG: include: move debug.h from common/ to haproxy/ - CLEANUP: debug: drop unused function p_malloc() - REORG: include: split buf.h into haproxy/buf-t.h and haproxy/buf.h - REORG: include: move istbuf.h to haproxy/ - REORG: include: split mini-clist into haproxy/list and list-t.h - REORG: threads: extract atomic ops from hathreads.h - CLEANUP: threads: remove a few needless includes of hathreads.h - REORG: include: split hathreads into haproxy/thread.h and haproxy/thread-t.h - CLEANUP: thread: rename __decl_hathreads() to __decl_thread() - REORG: include: move time.h from common/ to haproxy/ - REORG: include: move integer manipulation functions from standard.h to intops.h - CLEANUP: include: remove excessive includes of common/standard.h - REORG: include: move freq_ctr to haproxy/ - CLEANUP: pool: include freq_ctr.h and remove locally duplicated functions - REORG: memory: move the pool type definitions to haproxy/pool-t.h - REORG: memory: move the OS-level allocator to haproxy/pool-os.h - MINOR: memory: don't let __pool_get_first() pick from the cache - MEDIUM: memory: don't let pool_put_to_cache() free the objects itself - MINOR: memory: move pool-specific path of the locked pool_free() to __pool_free() - MEDIUM: memory: make local pools independent on lockless pools - REORG: include: move common/memory.h to haproxy/pool.h - REORG: include: move common/chunk.h to haproxy/chunk.h - REORG: include: move activity to haproxy/ - REORG: include: move common/buffer.h to haproxy/dynbuf{,-t}.h - REORG: include: move common/net_helper.h to haproxy/net_helper.h - REORG: include: move common/namespace.h to haproxy/namespace{,-t}.h - REORG: include: split common/regex.h into haproxy/regex{,-t}.h - REORG: include: split common/xref.h into haproxy/xref{,-t}.h - REORG: include: move common/ticks.h to haproxy/ticks.h - REORG: include: split common/http.h into haproxy/http{,-t}.h - REORG: include: split common/http-hdr.h into haproxy/http-hdr{,-t}.h - REORG: include: move common/h1.h to haproxy/h1.h - REORG: include: split common/htx.h into haproxy/htx{,-t}.h - REORG: include: move hpack*.h to haproxy/ and split hpack-tbl - REORG: include: move common/h2.h to haproxy/h2.h - REORG: include: move common/fcgi.h to haproxy/ - REORG: include: move protocol.h to haproxy/protocol{,-t}.h - REORG: tools: split common/standard.h into haproxy/tools{,-t}.h - REORG: include: move dict.h to hparoxy/dict{,-t}.h - REORG: include: move shctx to haproxy/shctx{,-t}.h - REORG: include: move port_range.h to haproxy/port_range{,-t}.h - REORG: include: move fd.h to haproxy/fd{,-t}.h - REORG: include: move ring to haproxy/ring{,-t}.h - REORG: include: move sink.h to haproxy/sink{,-t}.h - REORG: include: move pipe.h to haproxy/pipe{,-t}.h - CLEANUP: include: remove empty raw_sock.h - REORG: include: move proto_udp.h to haproxy/proto_udp{,-t}.h - REORG: include: move proto/proto_sockpair.h to haproxy/proto_sockpair.h - REORG: include: move compression.h to haproxy/compression{,-t}.h - REORG: include: move h1_htx.h to haproxy/h1_htx.h - REORG: include: move http_htx.h to haproxy/http_htx{,-t}.h - REORG: include: move hlua.h to haproxy/hlua{,-t}.h - REORG: include: move hlua_fcn.h to haproxy/hlua_fcn.h - REORG: include: move action.h to haproxy/action{,-t}.h - REORG: include: move arg.h to haproxy/arg{,-t}.h - REORG: include: move auth.h to haproxy/auth{,-t}.h - REORG: include: move dns.h to haproxy/dns{,-t}.h - REORG: include: move flt_http_comp.h to haproxy/ - REORG: include: move counters.h to haproxy/counters-t.h - REORG: include: split mailers.h into haproxy/mailers{,-t}.h - REORG: include: move capture.h to haproxy/capture{,-t}.h - REORG: include: move frontend.h to haproxy/frontend.h - REORG: include: move obj_type.h to haproxy/obj_type{,-t}.h - REORG: include: move http_rules.h to haproxy/http_rules.h - CLEANUP: include: remove unused mux_pt.h - REORG: include: move mworker.h to haproxy/mworker{,-t}.h - REORG: include: move ssl_utils.h to haproxy/ssl_utils.h - REORG: include: move ssl_ckch.h to haproxy/ssl_ckch{,-t}.h - REORG: move ssl_crtlist.h to haproxy/ssl_crtlist{,-t}.h - REORG: include: move lb_chash.h to haproxy/lb_chash{,-t}.h - REORG: include: move lb_fas.h to haproxy/lb_fas{,-t}.h - REORG: include: move lb_fwlc.h to haproxy/lb_fwlc{,-t}.h - REORG: include: move lb_fwrr.h to haproxy/lb_fwrr{,-t}.h - REORG: include: move listener.h to haproxy/listener{,-t}.h - REORG: include: move pattern.h to haproxy/pattern{,-t}.h - REORG: include: move map to haproxy/map{,-t}.h - REORG: include: move payload.h to haproxy/payload.h - REORG: include: move sample.h to haproxy/sample{,-t}.h - REORG: include: move protocol_buffers.h to haproxy/protobuf{,-t}.h - REORG: include: move vars.h to haproxy/vars{,-t}.h - REORG: include: split global.h into haproxy/global{,-t}.h - REORG: include: move task.h to haproxy/task{,-t}.h - REORG: include: move proto_tcp.h to haproxy/proto_tcp.h - REORG: include: move signal.h to haproxy/signal{,-t}.h - REORG: include: move tcp_rules.h to haproxy/tcp_rules.h - REORG: include: move connection.h to haproxy/connection{,-t}.h - REORG: include: move checks.h to haproxy/check{,-t}.h - REORG: include: move http_fetch.h to haproxy/http_fetch.h - REORG: include: move peers.h to haproxy/peers{,-t}.h - REORG: include: move stick_table.h to haproxy/stick_table{,-t}.h - REORG: include: move session.h to haproxy/session{,-t}.h - REORG: include: move trace.h to haproxy/trace{,-t}.h - REORG: include: move acl.h to haproxy/acl.h{,-t}.h - REORG: include: split common/uri_auth.h into haproxy/uri_auth{,-t}.h - REORG: move applet.h to haproxy/applet{,-t}.h - REORG: include: move stats.h to haproxy/stats{,-t}.h - REORG: include: move cli.h to haproxy/cli{,-t}.h - REORG: include: move lb_map.h to haproxy/lb_map{,-t}.h - REORG: include: move ssl_sock.h to haproxy/ssl_sock{,-t}.h - REORG: include: move stream_interface.h to haproxy/stream_interface{,-t}.h - REORG: include: move channel.h to haproxy/channel{,-t}.h - REORG: include: move http_ana.h to haproxy/http_ana{,-t}.h - REORG: include: move filters.h to haproxy/filters{,-t}.h - REORG: include: move fcgi-app.h to haproxy/fcgi-app{,-t}.h - REORG: include: move log.h to haproxy/log{,-t}.h - REORG: include: move proxy.h to haproxy/proxy{,-t}.h - REORG: include: move spoe.h to haproxy/spoe{,-t}.h - REORG: include: move backend.h to haproxy/backend{,-t}.h - REORG: include: move queue.h to haproxy/queue{,-t}.h - REORG: include: move server.h to haproxy/server{,-t}.h - REORG: include: move stream.h to haproxy/stream{,-t}.h - REORG: include: move cfgparse.h to haproxy/cfgparse.h - CLEANUP: hpack: export debug functions and move inlines to .h - REORG: check: move the e-mail alerting code to mailers.c - REORG: check: move tcpchecks away from check.c - REORG: check: move email_alert* from proxy-t.h to mailers-t.h - REORG: check: extract the external checks from check.{c,h} - CLEANUP: include: don't include stddef.h directly - CLEANUP: include: don't include proxy-t.h in global-t.h - CLEANUP: include: move sample_data out of sample-t.h - REORG: include: move the error reporting functions to from log.h to errors.h - BUILD: reorder objects in the Makefile for faster builds - CLEANUP: compiler: add a THREAD_ALIGNED macro and use it where appropriate - CLEANUP: include: make atomic.h part of the base API - REORG: include: move MAX_THREADS to defaults.h - REORG: include: move THREAD_LOCAL and __decl_thread() to compiler.h - CLEANUP: include: tree-wide alphabetical sort of include files - REORG: include: make list-t.h part of the base API - REORG: dgram: rename proto_udp to dgram |
||
Willy Tarreau
|
73b943b964 |
[RELEASE] Released version 2.2-dev8
Released version 2.2-dev8 with the following main changes : - MINOR: checks: Improve report of unexpected errors for expect rules - MEDIUM: checks: Add matching on log-format string for expect rules - DOC: Fix req.body and co documentation to be accurate - MEDIUM: checks: Remove dedicated sample fetches and use response ones instead - CLEANUP: checks: sort and rename tcpcheck_expect_type types - MINOR: checks: Use dedicated actions to send log-format strings in send rules - MINOR: checks: Simplify matching on HTTP headers in HTTP expect rules - MINOR: checks/sample: Remove unnecessary tests on the sample session - REGTEST: checks: Adapt SSL error message reported when connection is rejected - MINOR: mworker: replace ha_alert by ha_warning when exiting successfuly - MINOR: checks: Support log-format string to set the URI for HTTP send rules - MINOR: checks: Support log-format string to set the body for HTTP send rules - DOC: Be more explicit about configurable check ok/error/timeout status - MINOR: checks: Make matching on HTTP headers for expect rules less obscure - BUG/MEDIUM: lua: Fix dumping of stick table entries for STD_T_DICT - BUG/MINOR: config: Make use_backend and use-server post-parsing less obscur - REGTESTS: make the http-check-send test require version 2.2 - BUG/MINOR: http-ana: fix NTLM response parsing again - BUG/MEDIUM: http_ana: make the detection of NTLM variants safer - BUG/MINOR: cfgparse: Abort parsing the current line if an invalid \x sequence is encountered - MINOR: cfgparse: Improve error message for invalid \x sequences - CI: travis-ci: enable arm64 builds again - MEDIUM: ssl: increase default-dh-param to 2048 - CI: travis-ci: skip pcre2 on arm64 build - CI: travis-ci: extend the build time for SSL to 60 minutes - CLEANUP: config: drop unused setting CONFIG_HAP_MEM_OPTIM - CLEANUP: config: drop unused setting CONFIG_HAP_INLINE_FD_SET - CLENAUP: config: move CONFIG_HAP_LOCKLESS_POOLS out of config.h - CLEANUP: remove THREAD_LOCAL from config.h - CI: travis-ci: upgrade LibreSSL versions - DOC: assorted typo fixes in the documentation - CI: extend spellchecker whitelist - CLEANUP: assorted typo fixes in the code and comments - MAJOR: contrib: porting spoa_server to support python3 - BUG/MEDIUM: checks: Subscribe to I/O events on an unfinished connect - BUG/MINOR: checks: Don't subscribe to I/O events if it is already done - BUG/MINOR: checks: Rely on next I/O oriented rule when waiting for a connection - MINOR: checks: Don't try to send outgoing data if waiting to be able to send - MINOR: sample: Move aes_gcm_dec implementation into sample.c - MINOR: sample: Add digest and hmac converters - BUG/MEDIUM: checks: Subscribe to I/O events only if a mux was installed - BUG/MINOR: sample/ssl: Fix digest converter for openssl < 1.1.0 - BUG/MINOR: pools: use %u not %d to report pool stats in "show pools" - BUG/MINOR: pollers: remove uneeded free in global init - CLEANUP: select: enhance readability in init - BUG/MINOR: soft-stop: always wake up waiting threads on stopping - MINOR: soft-stop: let the first stopper only signal other threads - BUILD: select: only declare existing local labels to appease clang - BUG/MEDIUM: streams: Remove SF_ADDR_SET if we're retrying due to L7 retry. - BUG/MEDIUM: stream: Only allow L7 retries when using HTTP. - DOC: retry-on can only be used with mode http - MEDIUM: ssl: allow to register callbacks for SSL/TLS protocol messages - MEDIUM: ssl: split ssl_sock_msgcbk() and use a new callback mechanism - MINOR: ssl: add a new function ssl_sock_get_ssl_object() - MEDIUM: ssl: use ssl_sock_get_ssl_object() in fetchers where appropriate - REORG: ssl: move macros and structure definitions to ssl_sock.h - CLEANUP: ssl: remove the shsess_* macros - REORG: move the crt-list structures in their own .h - REORG: ssl: move the ckch structures to types/ssl_ckch.h - CLEANUP: ssl: add ckch prototypes in proto/ssl_ckch.h - REORG: ssl: move crtlist functions to src/ssl_crtlist.c - CLEANUP: ssl: avoid circular dependencies in ssl_crtlist.h - REORG: ssl: move the ckch_store related functions to src/ssl_ckch.c - REORG: ssl: move ckch_inst functions to src/ssl_ckch.c - REORG: ssl: move the crt-list CLI functions in src/ssl_crtlist.c - REORG: ssl: move the CLI 'cert' functions to src/ssl_ckch.c - REORG: ssl: move ssl configuration to cfgparse-ssl.c - MINOR: ssl: remove static keyword in some SSL utility functions - REORG: ssl: move ssl_sock_ctx and fix cross-dependencies issues - REORG: ssl: move sample fetches to src/ssl_sample.c - REORG: ssl: move utility functions to src/ssl_utils.c - DOC: ssl: update MAINTAINERS file - CI: travis-ci: switch arm64 builds to use openssl from distro - MINOR: stats: Prepare for more accurate moving averages - MINOR: stats: Expose native cum_req metric for a server - MEDIUM: stats: Enable more accurate moving average calculation for stats - BUILD: ssl: include buffer common headers for ssl_sock_ctx - BUILD: ssl: include errno.h in ssl_crtlist.c - CLEANUP: acl: remove unused assignment - DOC/MINOR: halog: Add long help info for ic flag - BUILD: ssl: fix build without OPENSSL_NO_ENGINE - DOC: SPOE is no longer experimental - BUG/MINOR: cache: Don't needlessly test "cache" keyword in parse_cache_flt() - MINOR: config: Don't dump keywords if argument is NULL - MEDIUM: checks: Make post-41 the default mode for mysql checks - BUG/MINOR: logs: prevent double line returns in some events. - MEDIUM: sink: build header in sink_write for log formats - MEDIUM: logs: buffer targets now rely on new sink_write - MEDIUM: sink: add global statement to create a new ring (sink buffer) - MEDIUM: hpack: use a pool for the hpack table - BUG/MAJOR: mux-fcgi: Stop sending loop if FCGI stream is blocked for any reason - BUG/MEDIUM: ring: write-lock the ring while attaching/detaching - MINOR: applet: adopt the wait list entry from the CLI - MINOR: ring: make the applet code not depend on the CLI - Revert "MEDIUM: sink: add global statement to create a new ring (sink buffer)" - CI: travis-ci: fix libslz download URL - MINOR: ssl: split config and runtime variable for ssl-{min,max}-ver - CLEANUP: http_ana: Remove unused TXN flags - BUG/MINOR: http-rules: Mark http return rules as final - MINOR: http-htx: Add http_reply type based on what is used for http return rules - CLEANUP: http-htx: Rename http_error structure into http_error_msg - MINOR: http-rules: Use http_reply structure for http return rules - MINOR: http-htx: Use a dedicated function to release http_reply objects - MINOR: http-htx: Use a dedicated function to parse http reply arguments - MINOR: http-htx: Use a dedicated function to check http reply validity - MINOR: http-ana: Use a dedicated function to send a response from an http reply - MEDIUM: http-rules: Rely on http reply for http deny/tarpit rules - MINOR: http-htx: Store default error messages in a global http reply array - MINOR: http-htx: Store messages of an http-errors section in a http reply array - MINOR: http-htx: Store errorloc/errorfile messages in http replies - MINOR: proxy: Add references on http replies for proxy error messages - MINOR: http-htx: Use http reply from the http-errors section - MINOR: http-ana: Use a TXN flag to prevent after-response ruleset evaluation - MEDIUM: http-ana: Use http replies for HTTP error messages - CLEANUP: http-htx: Remove unused storage of error messages in buffers - MINOR: htx: Add a function to copy a buffer in an HTX message - CLEANUP: channel: Remove channel_htx_copy_msg() function - MINOR: http-ana: Add a function to write an http reply in an HTX message - MINOR: http-htx/proxy: Add http-error directive using http return syntax - DOC: Fix "errorfile" description in the configuration manual - BUG/MINOR: checks: Respect check-ssl param when a port or an addr is specified - BUILD: hpack: make sure the hpack table can still be built standalone - CONTRIB: hpack: make use of the simplified standalone HPACK API - MINOR: connection: add pp2-never-send-local to support old PP2 behavior |
||
Willy Tarreau
|
fc0b8f39a6 |
[RELEASE] Released version 2.2-dev7
Released version 2.2-dev7 with the following main changes : - MINOR: version: Show uname output in display_version() - CI: run weekly OpenSSL "no-deprecated" builds - CLEANUP: log: fix comment of parse_logformat_string() - DOC: Improve documentation on http-request set-src - MINOR: ssl/cli: disallow SSL options for directory in 'add ssl crt-list' - MINOR: ssl/cli: restrain certificate path when inserting into a directory - MINOR: ssl: add ssl-skip-self-issued-ca global option - BUG/MINOR: ssl: default settings for ssl server options are not used - MINOR: config: add a global directive to set default SSL curves - BUG/MEDIUM: http-ana: Handle NTLM messages correctly. - DOC: internals: update the SSL architecture schema - BUG/MINOR: tools: fix the i386 version of the div64_32 function - BUG/MINOR: mux-fcgi/trace: fix wrong set of trace flags in fcgi_strm_add_eom() - BUG/MINOR: http: make url_decode() optionally convert '+' to SP - DOC: option logasap does not depend on mode - MEDIUM: memory: make pool_gc() run under thread isolation - MINOR: contrib: make the peers wireshark dissector a plugin - BUG/MINOR: http-ana: Throw a 500 error if after-response ruleset fails on errors - BUG/MINOR: check: Update server address and port to execute an external check - MINOR: mini-clist: Add functions to iterate backward on a list - MINOR: checks: Add a way to send custom headers and payload during http chekcs - MINOR: server: respect warning and alert semantic - BUG/MINOR: checks: Respect the no-check-ssl option - BUG/MEDIUM: server/checks: Init server check during config validity check - CLEANUP: checks: Don't export anymore init_check and srv_check_healthcheck_port - BUG/MINOR: checks: chained expect will not properly wait for enough data - BUG/MINOR: checks: Forbid tcp-check lines in default section as documented - MINOR: checks: Use an enum to describe the tcp-check rule type - MINOR: checks: Simplify connection flag parsing in tcp-check connect - MEDIUM: checks: rewind to the first inverse expect rule of a chain on new data - MINOR: checks: simplify tcp expect config parser - MINOR: checks: add min-recv tcp-check expect option - MINOR: checks: add linger option to tcp connect - MINOR: checks: define a tcp expect type - MEDIUM: checks: rewrite tcp-check expect block - MINOR: checks: Stop xform buffers to null-terminated string for tcp-check rules - MINOR: checks: add rbinary expect match type - MINOR: checks: Simplify functions to get step id and comment - MEDIUM: checks: capture groups in expect regexes - MINOR: checks: Don't use a static tcp rule list head - MEDIUM: checks: Use a non-comment rule iterator to get next rule - MEDIUM: proxy/checks: Register a keyword to parse tcp-check rules - MINOR: checks: Set the tcp-check rule index during parsing - MINOR: checks: define tcp-check send type - MINOR: checks: define a tcp-check connect type - MEDIUM: checks: Add implicit tcp-check connect rule - MAJOR: checks: Refactor and simplify the tcp-check loop - MEDIUM: checks: Associate a session to each tcp-check healthcheck - MINOR: checks/vars: Add a check scope for variables - MEDIUM: checks: Parse custom action rules in tcp-checks - MINOR: checks: Add support to set-var and unset-var rules in tcp-checks - MINOR: checks: Add the sni option for tcp-check connect rules - MINOR: checks: Add the via-socks4 option for tcp-check connect rules - MINOR: checks: Add the alpn option for tcp-check connect rules - MINOR: ssl: Export a generic function to parse an alpn string - MINOR: checks: Add the default option for tcp-check connect rules - MINOR: checks: Add the addr option for tcp-check connect rule - MEDIUM: checks: Support expression to set the port - MEDIUM: checks: Support log-format strings for tcp-check send rules - MINOR: log: Don't depends on a stream to process samples in log-format string - MINOR: log: Don't systematically set LW_REQ when a sample expr is added - MEDIUM: checks: Add a shared list of tcp-check rules - MINOR: sample: add htonl converter - MINOR: sample: add cut_crlf converter - MINOR: sample: add ltrim converter - MINOR: sample: add rtrim converter - MINOR: checks: Use a name for the healthcheck status enum - MINOR: checks: Add option to tcp-check expect rules to customize error status - MINOR: checks: Merge tcp-check comment rules with the others at config parsing - MINOR: checks: Add a sample fetch to extract a block from the input check buffer - MEDIUM: checks: Add on-error/on-success option on tcp-check expect rules - MEDIUM: checks: Add status-code sample expression on tcp-check expect rules - MINOR: checks: Relax the default option for tcp-check connect rules - MEDIUM: checks: Add a list of vars to set before executing a tpc-check ruleset - MINOR: checks: Export the tcpcheck_eval_ret enum - MINOR: checks: Use dedicated function to handle onsuccess/onerror messages - MINOR: checks: Support custom functions to eval a tcp-check expect rules - MEDIUM: checks: Implement redis check using tcp-check rules - MEDIUM: checks: Implement ssl-hello check using tcp-check rules - MEDIUM: checks: Implement smtp check using tcp-check rules - MEDIUM: checks: Implement postgres check using tcp-check rules - MEDIUM: checks: Implement MySQL check using tcp-check rules - MEDIUM: checks: Implement LDAP check using tcp-check rules - MEDIUM: checks: Implement SPOP check using tcp-check rules - MINOR: server/checks: Move parsing of agent keywords in checks.c - MINOR: server/checks: Move parsing of server check keywords in checks.c - MEDIUM: checks: Implement agent check using tcp-check rules - REGTEST: Adapt regtests about checks to recent changes - MINOR: Produce tcp-check info message for pure tcp-check rules only - MINOR: checks: Add an option to set success status of tcp-check expect rules - MINOR: checks: Improve log message of tcp-checks on success - MINOR: proxy/checks: Move parsing of httpchk option in checks.c - MINOR: proxy/checks: Move parsing of tcp-check option in checks.c - MINOR: proxy/checks: Register a keyword to parse http-check rules - MINOR: proxy/checks: Move parsing of external-check option in checks.c - MINOR: proxy/checks: Register a keyword to parse external-check rules - MEDIUM: checks: Use a shared ruleset to store tcp-check rules - MINOR: checks: Use an indirect string to represent the expect matching string - MINOR: checks: Introduce flags to configure in tcp-check expect rules - MINOR: standard: Add my_memspn and my_memcspn - MINOR: checks: Add a reverse non-comment rule iterator to get last rule - MAJOR: checks: Implement HTTP check using tcp-check rules - MINOR: checks: Make resume conditions more explicit in tcpcheck_main() - MINOR: connection: Add macros to know if a conn or a cs uses an HTX mux - MEDIUM: checks: Refactor how data are received in tcpcheck_main() - MINOR: checks/obj_type: Add a new object type for checks - BUG/MINOR: obj_type: Handle stream object in obj_base_ptr() function - MINOR: checks: Use the check as origin when a session is created - MINOR: checks: Add a mux proto to health-check and tcp-check connect rule - MINOR: connection: Add a function to install a mux for a health-check - MAJOR: checks: Use the best mux depending on the protocol for health checks - MEDIUM: checks: Implement default TCP check using tcp-check rules - MINOR: checks: Remove unused code about pure TCP checks - CLEANUP: checks: Reorg checks.c file to be more readable - REGTEST: Fix reg-tests about health-checks to adapt them to recent changes - MINOR: ist: Add a function to retrieve the ist pointer - MINOR: checks: Use ist API as far as possible - BUG/MEDIUM: checks: Be sure to subscribe for sends if outgoing data remains - MINOR: checks: Use a tree instead of a list to store tcp-check rulesets - BUG/MINOR: checks: Send the right amount of outgoing data for HTTP checks - REGTEST: Add scripts to test based tcp-check health-checks - Revert "MEDIUM: checks: capture groups in expect regexes" - DOC: Add documentation about comments for tcp-check and http-check directives - DOC: Fix the tcp-check and http-check directives layout - BUG/MEDIUM: checks: Use the mux protocol specified on the server line - MINOR: checks: Support mux protocol definition for tcp and http health checks - BUG/MINOR: mux-fcgi: Be sure to have a connection as session's origin to use it - MINOR: checks: Support list of status codes on http-check expect rules - BUG/MEDIUM: checks: Unsubscribe to mux events when a conn-stream is destroyed - REGTEST: Add a script to validate agent checks - BUG/MINOR: server: Fix server_finalize_init() to avoid unused variable - BUG/MEDIUM: checks: unsubscribe for events on the old conn-stream on connect - BUG/MINOR: checks: Only use ssl_sock_is_ssl() if compiled with SSL support - BUG/MINOR: checks/server: use_ssl member must be signed - BUG/MEDIUM: sessions: Always pass the mux context as argument to destroy a mux - BUG/MEDIUM: checks: Destroy the conn-stream before the session - BUG/MINOR: checks: Fix PostgreSQL regex on the authentication packet - CI: cirrus-ci: remove reg-tests/checks/tcp-check-ssl.vtc on CentOS 6 - MINOR: checks: Support HTTP/2 version (without '.0') for http-check send rules - MINOR: checks: Use ver keyword to specify the HTTP version for http checks - BUG/MINOR: checks: Remove wrong variable redeclaration - BUG/MINOR: checks: Properly handle truncated mysql server messages - CLEANUP: checks: Remove unused code when ldap server message is parsed - MINOR: checks: Make the use of the check's server more explicit on connect - BUG/MINOR: checks: Avoid incompatible cast when a binary string is parsed - BUG/MINOR: checks: Remove bad call to free() when an expect rule is parsed - BUG/MINOR: checks: Don't lose warning on proxy capability - MINOR: log: Add "Tu" timer - BUG/MINOR: checks: Set the output buffer length before calling parse_binary() - BUG/MEDIUM: mux-h1: make sure we always have a timeout on front connections - REGTEST: ssl: test the client certificate authentication - DOC: give a more accurate description of what check does - BUG/MEDIUM: capture: capture-req/capture-res converters crash without a stream - BUG/MEDIUM: capture: capture.{req,res}.* crash without a stream - BUG/MEDIUM: http: the "http_first_req" sample fetch could crash without a steeam - BUG/MEDIUM: http: the "unique-id" sample fetch could crash without a steeam - CLEANUP: http: add a few comments on certain functions' assumptions about streams - BUG/MEDIUM: sample: make the CPU and latency sample fetches check for a stream - MINOR: http-htx: Export functions to update message authority and host - MINOR: checks: Don't support multiple host header for http-check send rule - MINOR: checks: Skip some headers for http-check send rules - MINOR: checks: Keep the Host header and the request uri synchronized - CLEANUP: checks: Fix checks includes - DOC: Fix send rules in the http-check connect example - DOC: Add more info about request formatting in http-check send description - REGTEST: http-rules: Require PCRE or PCRE2 option to run map_redirect script - REGTEST: ssl: remove curl from the "add ssl crt-list" test - REGTEST: ssl: improve the "set ssl cert" test - CLEANUP: ssl: silence a build warning when threads are disabled - BUG/MEDIUM: listener: mark the thread as not stuck inside the loop - MINOR: threads: export the POSIX thread ID in panic dumps - BUG/MINOR: debug: properly use long long instead of long for the thread ID - BUG/MEDIUM: shctx: really check the lock's value while waiting - BUG/MEDIUM: shctx: bound the number of loops that can happen around the lock - MINOR: stream: report the list of active filters on stream crashes - BUG/MEDIUM: mux-fcgi: Return from detach if server don't keep the connection - BUG/MEDIUM: mux_fcgi: Free the FCGI connection at the end of fcgi_release() - BUG/MEDIUM: mux-fcgi: Fix wrong test on FCGI_CF_KEEP_CONN in fcgi_detach() - BUG/MEDIUM: connections: force connections cleanup on server changes - BUG/MEDIUM: h1: Don't compare host and authority if only h1 headers are parsed - BUG/MEDIUM: ssl: fix the id length check within smp_fetch_ssl_fc_session_id() - CLEANUP: connections: align function declaration - BUG/MINOR: sample: Set the correct type when a binary is converted to a string - MEDIUM: checks/http-fetch: Support htx prefetch from a check for HTTP samples - DOC: Document the log-format parameter for tcp-check send/send-binary rules - MINOR: checks: Add support of payload-based sample fetches - MINOR: checks: Add support of be_id, be_name, srv_id and srv_name sample fetches - MINOR: checks: Add support of server side ssl sample fetches - MINOR: checks: Add support of HTTP response sample fetches - MINOR: http-htx: Support different methods to look for header names - MINOR: checks: Set by default expect rule status to UNKNOWN during parsing - BUG/MINOR: checks: Support multiple HTTP expect rules - REGTEST: checks: Fix sync condition for agent-check - MEDIUM: checks: Support matching on headers for http-check expect rules - MINOR: lua: allow changing port with set_addr - BUG/MINOR: da: Fix HTX message prefetch - BUG/MINOR: wurfl: Fix HTX message prefetch - BUG/MINOR: 51d: Fix HTX message prefetch - MINOR: ist: add istadv() function - MINOR: ist: add istissame() function - MINOR: istbuf: add ist2buf() function - BUG/MINOR: threads: fix multiple use of argument inside HA_ATOMIC_CAS() - BUG/MINOR: threads: fix multiple use of argument inside HA_ATOMIC_UPDATE_{MIN,MAX}() - DOC: update intro.txt for 2.2 - DOC: intro: add a contacts section |
||
Willy Tarreau
|
d008930265 |
[RELEASE] Released version 2.2-dev6
Released version 2.2-dev6 with the following main changes : - BUG/MINOR: ssl: memory leak when find_chain is NULL - CLEANUP: ssl: rename ssl_get_issuer_chain to ssl_get0_issuer_chain - MINOR: ssl: rework add cert chain to CTX to be libssl independent - BUG/MINOR: peers: init bind_proc to 1 if it wasn't initialized - BUG/MINOR: peers: avoid an infinite loop with peers_fe is NULL - BUG/MINOR: peers: Use after free of "peers" section. - CI: github actions: add weekly h2spec test - BUG/MEDIUM: mux_h1: Process a new request if we already received it. - MINOR: build: Fix build in mux_h1 - CLEANUP: remove obsolete comments - BUG/MEDIUM: dns: improper parsing of aditional records - MINOR: ssl: skip self issued CA in cert chain for ssl_ctx - MINOR: listener: add so_name sample fetch - MEDIUM: stream: support use-server rules with dynamic names - MINOR: servers: Add a counter for the number of currently used connections. - MEDIUM: connections: Revamp the way idle connections are killed - MINOR: cli: add a general purpose pointer in the CLI struct - MINOR: ssl: add a list of bind_conf in struct crtlist - REORG: ssl: move SETCERT enum to ssl_sock.h - BUG/MINOR: ssl: ckch_inst wrongly inserted in crtlist_entry - REORG: ssl: move some functions above crtlist_load_cert_dir() - MINOR: ssl: use crtlist_free() upon error in directory loading - MINOR: ssl: add a list of crtlist_entry in ckch_store - MINOR: ssl: store a ptr to crtlist in crtlist_entry - MINOR: ssl/cli: update pointer to store in 'commit ssl cert' - MEDIUM: ssl/cli: 'add ssl crt-list' command - REGTEST: ssl/cli: test the 'add ssl crt-list' command - BUG/MINOR: ssl: entry->ckch_inst not initialized - REGTEST: ssl/cli: change test type to devel - REGTEST: make the PROXY TLV validation depend on version 2.2 - CLEANUP: assorted typo fixes in the code and comments - BUG/MINOR: stats: Fix color of draining servers on stats page - DOC: internals: Fix spelling errors in filters.txt - MINOR: connections: Don't mark conn flags 0x00000001 and 0x00000002 as unused. - REGTEST: make the unique-id test depend on version 2.0 - BUG/MEDIUM: dns: Consider the fact that dns answers are case-insensitive - MINOR: ssl: split the line parsing of the crt-list - MINOR: ssl/cli: support filters and options in add ssl crt-list - MINOR: ssl: add a comment above the ssl_bind_conf keywords - REGTEST: ssl/cli: tests options and filters w/ add ssl crt-list - REGTEST: ssl: pollute the crt-list file - BUG/CRITICAL: hpack: never index a header into the headroom after wrapping - BUG/MINOR: protocol_buffer: Wrong maximum shifting. - CLEANUP: src/fd.c: mask setsockopt with DISGUISE - BUG/MINOR: ssl/cli: initialize fcount int crtlist_entry - REGTEST: ssl/cli: add other cases of 'add ssl crt-list' - CLEANUP: assorted typo fixes in the code and comments - DOC: management: add the new crt-list CLI commands - BUG/MINOR: ssl/cli: fix spaces in 'show ssl crt-list' - MINOR: ssl/cli: 'del ssl crt-list' delete an entry - MINOR: ssl/cli: replace dump/show ssl crt-list by '-n' option - CI: use better SSL library definition - CI: travis-ci: enable DEBUG_STRICT=1 for CI builds - CI: travis-ci: upgrade openssl to 1.1.1f - MINOR: ssl: improve the errors when a crt can't be open - CI: cirrus-ci: rename openssl package after it is renamed in FreeBSD - CI: adopt openssl download script to download all versions - BUG/MINOR: ssl/cli: lock the ckch structures during crt-list delete - MINOR: ssl/cli: improve error for bundle in add/del ssl crt-list - MINOR: ssl/cli: 'del ssl cert' deletes a certificate - BUG/MINOR: ssl: trailing slashes in directory names wrongly cached - BUG/MINOR: ssl/cli: memory leak in 'set ssl cert' - CLEANUP: ssl: use the refcount for the SSL_CTX' - CLEANUP: ssl/cli: use the list of filters in the crtlist_entry - BUG/MINOR: ssl: memleak of the struct cert_key_and_chain - CLEANUP: ssl: remove a commentary in struct ckch_inst - MINOR: ssl: initialize all list in ckch_inst_new() - MINOR: ssl: free instances and SNIs with ckch_inst_free() - MINOR: ssl: replace ckchs_free() by ckch_store_free() - BUG/MEDIUM: ssl/cli: trying to access to free'd memory - MINOR: ssl: ckch_store_new() alloc and init a ckch_store - MINOR: ssl: crtlist_new() alloc and initialize a struct crtlist - REORG: ssl: move some free/new functions - MINOR: ssl: crtlist_entry_{new, free} - BUG/MINOR: ssl: ssl_conf always set to NULL on crt-list parsing - MINOR: ssl: don't alloc ssl_conf if no option found - BUG/MINOR: connection: always send address-less LOCAL PROXY connections - BUG/MINOR: peers: Incomplete peers sections should be validated. - MINOR: init: report in "haproxy -c" whether there were warnings or not - MINOR: init: add -dW and "zero-warning" to reject configs with warnings - MINOR: init: report the compiler version in haproxy -vv - CLEANUP: assorted typo fixes in the code and comments - MINOR: init: report the haproxy version and executable path once on errors - DOC: Make how "option redispatch" works more explicit - BUILD: Makefile: add linux-musl to TARGET - CLEANUP: assorted typo fixes in the code and comments - CLEANUP: http: Fixed small typo in parse_http_return - DOC: hashing: update link to hashing functions |
||
Willy Tarreau
|
3328f18596 |
[RELEASE] Released version 2.2-dev5
Released version 2.2-dev5 with the following main changes : - CLEANUP: ssl: is_default is a bit in ckch_inst - BUG/MINOR: ssl/cli: sni_ctx' mustn't always be used as filters - DOC: ssl: clarify security implications of TLS tickets - CLEANUP: remove support for Linux i686 vsyscalls - CLEANUP: drop support for USE_MY_ACCEPT4 - CLEANUP: remove support for USE_MY_EPOLL - CLEANUP: remove support for USE_MY_SPLICE - CLEANUP: remove the now unused common/syscall.h - BUILD: make dladdr1 depend on glibc version and not __USE_GNU - BUILD: wdt: only test for SI_TKILL when compiled with thread support - BUILD: Makefile: the compiler-specific flags should all be in SPEC_CFLAGS - CLEANUP: ssl: separate the directory loading in a new function - BUG/MINOR: buffers: MT_LIST_DEL_SAFE() expects the temporary pointer. - BUG/MEDIUM: mt_lists: Make sure we set the deleted element to NULL; - MINOR: init: move the maxsock calculation code to compute_ideal_maxsock() - MEDIUM: init: always try to push the FD limit when maxconn is set from -m - BUG/MAJOR: list: fix invalid element address calculation - BUILD: stream-int: fix a few includes dependencies - MINOR: mt_lists: Appease gcc. - MINOR: lists: Implement function to convert list => mt_list and mt_list => list - MINOR: servers: Kill priv_conns. - MINOR: lists: fix indentation. - BUG/MEDIUM: random: align the state on 2*64 bits for ARM64 - BUG/MEDIUM: connections: Don't assume the connection has a valid session. - BUG/MEDIUM: pools: Always update free_list in pool_gc(). - BUG/MINOR: haproxy: always initialize sleeping_thread_mask - BUG/MINOR: listener/mq: do not dispatch connections to remote threads when stopping - BUG/MINOR: haproxy/threads: try to make all threads leave together - Revert "BUILD: travis-ci: enable s390x builds" - BUILD: travis-ci: enable regular s390x builds - DOC: proxy_protocol: Reserve TLV type 0x05 as PP2_TYPE_UNIQUE_ID - MINOR: proxy_protocol: Ingest PP2_TYPE_UNIQUE_ID on incoming connections - MEDIUM: proxy_protocol: Support sending unique IDs using PPv2 - CLEANUP: connection: Add blank line after declarations in PP handling - CLEANUP: assorted typo fixes in the code and comments - CI: add spellcheck github action - DOC: correct typo in alert message about rspirep - CI: travis: switch linux builds to clang-9 - MINOR: debug: add a new DISGUISE() macro to pass a value as identity - MINOR: debug: consume the write() result in BUG_ON() to silence a warning - MINOR: use DISGUISE() everywhere we deliberately want to ignore a result - BUILD: pools: silence build warnings with DEBUG_MEMORY_POOLS and DEBUG_UAF - CLEANUP: connection: Stop directly setting an ist's .ptr - CI: travis: revert to clang-7 for BoringSSL tests - BUILD: on ARM, must be linked to libatomic. - BUILD: makefile: fix regex syntax in ARM platform detection - BUG/MEDIUM: peers: resync ended with RESYNC_PARTIAL in wrong cases. - REORG: ssl: move ssl_sock_load_cert() - MINOR: ssl: pass ckch_inst to ssl_sock_load_ckchs() - MEDIUM: ssl: allow crt-list caching - MINOR: ssl: directories are loaded like crt-list - BUG/MINOR: ssl: can't open directories anymore - BUG/MEDIUM: spoe: dup agent's engine_id string from trash.area - MINOR: fd: Use a separate lock for logs instead of abusing the fd lock. - MINOR: mux_pt: Don't try to remove the connection from the idle list. - MINOR: ssl/cli: show/dump ssl crt-list - BUG/MINOR: ssl/cli: free the trash chunk in dump_crtlist - MEDIUM: fd: Introduce a running mask, and use it instead of the spinlock. - BUG/MINOR: ssl: memory leak in crtlist_parse_file() - MINOR: tasks: Provide the tasklet to the callback. - BUG/MINOR: ssl: memleak of struct crtlist_entry - BUG/MINOR: pattern: Do not pass len = 0 to calloc() - BUILD: makefile: fix expression again to detect ARM platform - CI: travis: re-enable ASAN on clang - CI: travis: proper group output redirection together with travis_wait - DOC: assorted typo fixes in the documentation - MINOR: wdt: Move the definitions of WDTSIG and DEBUGSIG into types/signal.h. - BUG/MEDIUM: wdt: Don't ignore WDTSIG and DEBUGSIG in __signal_process_queue(). - MINOR: memory: Change the flush_lock to a spinlock, and don't get it in alloc. - MINOR: ssl/cli: 'new ssl cert' command - MINOR: ssl/cli: show certificate status in 'show ssl cert' - MEDIUM: sessions: Don't be responsible for connections anymore. - MEDIUM: servers: Split the connections into idle, safe, and available. - MINOR: fd: Implement fd_takeover(). - MINOR: connections: Add a new mux method, "takeover". - MINOR: connections: Make the "list" element a struct mt_list instead of list. - MINOR: connections: Add a flag to know if we're in the safe or idle list. - MEDIUM: connections: Attempt to get idle connections from other threads. - MEDIUM: mux_h1: Implement the takeover() method. - MEDIUM: mux_h2: Implement the takeover() method. - MEDIUM: mux_fcgi: Implement the takeover() method. - MEDIUM: connections: Kill connections even if we are reusing one. - BUG/MEDIUM: connections: Don't forget to decrement idle connection counters. - BUG/MINOR: ssl: Do not free garbage pointers on memory allocation failure - BUG/MINOR: ssl: Correctly add the 1 for the sentinel to the number of elements - BUG/MINOR: ssl: crtlist_dup_filters() must return NULL with fcount == 0 - BUG/MEDIUM: build: Fix compilation by spelling decl correctly. - BUILD/MEDIUM: fd: Declare fd_mig_lock as extern. - CI: run travis-ci builds on push only, skip pull requests - CI: temporarily disable unstable travis arm64 builds - BUG/MINOR: ssl/cli: free BIO upon error in 'show ssl cert' - BUG/MINOR: connections: Make sure we free the connection on failure. - BUG/MINOR: ssl/cli: fix a potential NULL dereference - BUG/MEDIUM: h1: Make sure we subscribe before going into idle list. - BUG/MINOR: connections: Set idle_time before adding to idle list. - MINOR: muxes: Note that we can't usee a connection when added to the srv idle. - REGTEST: increase timeouts on the seamless-reload test - BUG/MINOR: haproxy/threads: close a possible race in soft-stop detection - CLEANUP: haproxy/threads: don't check global_tasks_mask twice |
||
Willy Tarreau
|
5a753bd7b7 |
[RELEASE] Released version 2.2-dev4
Released version 2.2-dev4 with the following main changes : - MEDIUM: buffer: remove the buffer_wq lock - MINOR: ssl: move find certificate chain code to its own function - MINOR: ssl: resolve issuers chain later - MINOR: ssl: resolve ocsp_issuer later - MINOR: ssl/cli: "show ssl cert" command should print the "Chain Filename:" - BUG/MINOR: h2: reject again empty :path pseudo-headers - MINOR: wdt: always clear sigev_value to make valgrind happy - MINOR: epoll: always initialize all of epoll_event to please valgrind - BUG/MINOR: sample: Make sure to return stable IDs in the unique-id fetch - BUG/MEDIUM: ssl: chain must be initialized with sk_X509_new_null() - BUILD: cirrus-ci: suppress OS version check when installing packages - BUG/MINOR: http_ana: make sure redirect flags don't have overlapping bits - CLEANUP: fd: remove the FD_EV_STATUS aggregate - CLEANUP: fd: remove some unneeded definitions of FD_EV_* flags - MINOR: fd: merge the read and write error bits into RW error - BUG/MINOR: dns: ignore trailing dot - MINOR: contrib/prometheus-exporter: Add the last heathcheck duration metric - BUG/MINOR: http-htx: Do case-insensive comparisons on Host header name - MINOR: mux-h1: Remove useless case-insensitive comparisons - MINOR: rawsock: always mark the FD not ready when we're certain it happens - MEDIUM: connection: make the subscribe() call able to wakeup if ready - MEDIUM: connection: don't stop receiving events in the FD handler - MEDIUM: mux-h1: do not blindly wake up the tasklet at end of request anymore - BUG/MINOR: arg: don't reject missing optional args - MINOR: tools: make sure to correctly check the returned 'ms' in date2std_log - MINOR: debug: report the task handler's pointer relative to main - BUG/MEDIUM: debug: make the debug_handler check for the thread in threads_to_dump - MINOR: haproxy: export main to ease access from debugger - MINOR: haproxy: export run_poll_loop - MINOR: task: export run_tasks_from_list - BUILD: tools: remove obsolete and conflicting trace() from standard.c - MINOR: tools: add new function dump_addr_and_bytes() - MINOR: tools: add resolve_sym_name() to resolve function pointers - MINOR: debug: use resolve_sym_name() to dump task handlers - MINOR: cli: make "show fd" rely on resolve_sym_name() - MEDIUM: debug: add support for dumping backtraces of stuck threads - MINOR: debug: call backtrace() once upon startup - MINOR: ssl: add "ca-verify-file" directive - BUG/MINOR: wdt: do not return an error when the watchdog couldn't be enabled - BUILD: Makefile: include librt before libpthread - MEDIUM: wdt: fall back to CLOCK_REALTIME if CLOCK_THREAD_CPUTIME is not available - MINOR: wdt: do not depend on USE_THREAD - MINOR: debug: report the number of entries in the backtrace - MINOR: debug: improve backtrace() on aarch64 and possibly other systems - MINOR: debug: use our own backtrace function on clang+x86_64 - MINOR: debug: dump the whole trace if we can't spot the starting point - BUILD: tools: unbreak resolve_sym_name() on non-GNU platforms - BUILD: tools: rely on __ELF__ not USE_DL to enable use of dladdr() - CLEANUP: contrib/spoa_example: Fix several typos - BUILD: makefile: do not modify the build options during make reg-tests - BUG/MEDIUM: connection: stop polling for sending when the event is ready - MEDIUM: stream-int: make sure to try to immediately validate the connection - MINOR: tcp/uxst/sockpair: only ask for I/O when really waiting for a connect() - MEDIUM: connection: only call ->wake() for connect() without I/O - OPTIM: connection: disable receiving on disabled events when the run queue is too high - OPTIM: mux-h1: subscribe rather than waking up at a few other places - REGTEST: Add unique-id reg-test - MINOR: stream: Add stream_generate_unique_id function - MINOR: stream: Use stream_generate_unique_id - BUG/MINOR: connection/debug: do not enforce !event_type on subscribe() anymore - MINOR: ssl/cli: support crt-list filters - MINOR: ssl: reach a ckch_store from a sni_ctx - DOC: fix incorrect indentation of http_auth_* - BUG/MINOR: ssl-sock: do not return an uninitialized pointer in ckch_inst_sni_ctx_to_sni_filters - MINOR: debug: add CLI command "debug dev write" to write an arbitrary size - MINOR: ist: Add `IST_NULL` macro - MINOR: ist: Add `int isttest(const struct ist)` - MINOR: ist: Add `struct ist istalloc(size_t)` and `void istfree(struct ist*)` - CLEANUP: Use `isttest()` and `istfree()` - MINOR: ist: Add `struct ist istdup(const struct ist)` - MINOR: proxy: Make `header_unique_id` a `struct ist` - MEDIUM: stream: Make the `unique_id` member of `struct stream` a `struct ist` - OPTIM: startup: fast unique_id allocation for acl. - DOC: configuration.txt: fix various typos - DOC: assorted typo fixes in the documentation and Makefile - BUG/MINOR: init: make the automatic maxconn consider the max of soft/hard limits - BUG/MAJOR: proxy_protocol: Properly validate TLV lengths - CLEANUP: proxy_protocol: Use `size_t` when parsing TLVs - MINOR: buf: Add function to insert a string at an absolute offset in a buffer - MINOR: htx: Add a function to return a block at a specific offset - MINOR: htx: Use htx_find_offset() to truncate an HTX message - MINOR: flt_trace: Use htx_find_offset() to get the available payload length - BUG/MINOR: filters: Use filter offset to decude the amount of forwarded data - BUG/MINOR: filters: Forward everything if no data filters are called - BUG/MEDIUM: cache/filters: Fix loop on HTX blocks caching the response payload - BUG/MEDIUM: compression/filters: Fix loop on HTX blocks compressing the payload - BUG/MINOR: http-ana: Reset request analysers on a response side error - BUG/MINOR: lua: Abort when txn:done() is called from a Lua action - BUG/MINOR: lua: Ignore the reserve to know if a channel is full or not - MINOR: lua: Add function to know if a channel is a response one - MINOR: lua: Stop using the lua txn in hlua_http_get_headers() - MINOR: lua: Stop using the lua txn in hlua_http_rep_hdr() - MINOR: lua: Stop using lua txn in hlua_http_del_hdr() and hlua_http_add_hdr() - MINOR: lua: Remove the flag HLUA_TXN_HTTP_RDY - MINOR: lua: Rename hlua_action_wake_time() to hlua_set_wake_time() - BUG/MINOR: lua: Init the lua wake_time value before calling a lua function - BUG/MINOR: http-rules: Return ACT_RET_ABRT to abort a transaction - BUG/MINOR: http-rules: Preserve FLT_END analyzers on reject action - BUG/MINOR: http-rules: Fix a typo in the reject action function - MINOR: cache/filters: Initialize the cache filter when stream is created - MINOR: compression/filters: Initialize the comp filter when stream is created - BUG/MINOR: rules: Preserve FLT_END analyzers on silent-drop action - BUG/MINOR: rules: Return ACT_RET_ABRT when a silent-drop action is executed - BUG/MINOR: rules: Increment be_counters if backend is assigned for a silent-drop - BUG/MINOR: http-rules: Abort transaction when a redirect is applied on response - BUILD: buffer: types/{ring.h,checks.h} should include buf.h, not buffer.h - BUILD: ssl: include mini-clist.h - BUILD: global: must not include common/standard.h but only types/freq_ctr.h - BUILD: freq_ctr: proto/freq_ctr needs to include common/standard.h - BUILD: listener: types/listener.h must not include standard.h - BUG/MEDIUM: random: initialize the random pool a bit better - BUG/MEDIUM: random: implement per-thread and per-process random sequences - Revert "BUG/MEDIUM: random: implement per-thread and per-process random sequences" - BUILD: cirrus-ci: get rid of unstable freebsd images - MINOR: tools: add 64-bit rotate operators - BUG/MEDIUM: random: implement a thread-safe and process-safe PRNG - MINOR: backend: use a single call to ha_random32() for the random LB algo - BUG/MINOR: checks/threads: use ha_random() and not rand() - MINOR: sample: make all bits random on the rand() sample fetch - MINOR: tools: add a generic function to generate UUIDs - DOC: fix typo about no-tls-tickets - DOC: improve description of no-tls-tickets - DOC: assorted typo fixes in the documentation - CLEANUP: remove unused code in 'my_ffsl/my_flsl' functions |
||
Willy Tarreau
|
32bf97fb60 |
[RELEASE] Released version 2.2-dev3
Released version 2.2-dev3 with the following main changes : - SCRIPTS: announce-release: place the send command in the mail's header - SCRIPTS: announce-release: allow the user to force to overwrite old files - SCRIPTS: backport: fix the master branch detection - BUG/MINOR: http-act: Set stream error flag before returning an error - BUG/MINOR: http-act: Fix bugs on error path during parsing of return actions - BUG/MEDIUM: ssl/cli: 'commit ssl cert' wrong SSL_CTX init - BUG/MEDIUM: tcp-rules: Fix track-sc* actions for L4/L5 TCP rules - DOC: schematic of the SSL certificates architecture - BUG/MAJOR: mux-h2: don't wake streams after connection was destroyed - BUG/MINOR: unix: better catch situations where the unix socket path length is close to the limit - BUILD: cirrus-ci: switch to "snap" images to unify openssl naming - BUILD: cirrus-ci: workaround "pkg install" bug - BUILD: cirrus-ci: add ERR=1 to freebsd builds - BUG/MINOR: connection: correctly retry I/O on signals - CLEANUP: mini-clist: simplify nested do { while(1) {} } while (0) - BUILD: http_act: cast file sizes when reporting file size error - BUG/MEDIUM: listener: only consider running threads when resuming listeners - BUG/MINOR: listener: enforce all_threads_mask on bind_thread on init - BUG/MINOR: tcp: avoid closing fd when socket failed in tcp_bind_listener - MINOR: build: add aix72-gcc build TARGET and power{8,9} CPUs - BUILD: travis-ci: no more allowed failures for openssl-1.0.2 - BUILD: travis-ci: harden builds, add ERR=1 (warning ought to be errors) - BUILD: scripts/build-ssl.sh: use "uname" instead of ${TRAVIS_OS_NAME} - BUG/MINOR: tcp: don't try to set defaultmss when value is negative - SCRIPTS: make announce-release executable again - BUG/MINOR: namespace: avoid closing fd when socket failed in my_socketat - BUG/MEDIUM: muxes: Use the right argument when calling the destroy method. - BUG/MINOR: mux-fcgi: Forbid special characters when matching PATH_INFO param - CLEANUP: ssl: remove unused functions in openssl-compat.h - MINOR: mux-fcgi: Make the capture of the path-info optional in pathinfo regex - MINOR: tools: add is_idchar() to tell if a char may belong to an identifier - MINOR: chunk: implement chunk_strncpy() to copy partial strings - MINOR: sample/acl: use is_idchar() to locate the fetch/conv name - MEDIUM: arg: make make_arg_list() stop after its own arguments - MEDIUM: arg: copy parsed arguments into the trash instead of allocating them - MEDIUM: arg: make make_arg_list() support quotes in arguments - MINOR: sample: make sample_parse_expr() able to return an end pointer - MEDIUM: log-format: make the LF parser aware of sample expressions' end - BUG/MINOR: arg: report an error if an argument is larger than bufsize - SCRIPTS: announce-release: use mutt -H instead of -i to include the draft - BUILD: enable ERR=1 in github cygwin builds - BUG/MINOR: arg: fix again incorrect argument length check - MINOR: sample: regsub now supports backreferences - BUG/MINOR: tools: also accept '+' as a valid character in an identifier - MINOR: http-htx: Add a function to retrieve the headers size of an HTX message - MINOR: filters: Forward data only if the last filter forwards something - BUG/MINOR: filters: Count HTTP headers as filtered data but don't forward them - BUG/MINOR: http-htx: Don't return error if authority is updated without changes - BUG/MINOR: stream: Don't incr frontend cum_req counter when stream is closed - BUG/MINOR: sample: exit regsub() in case of trash allocation error - MINOR: ssl: add "issuers-chain-path" directive. - REGTESTS: use "command -v" instead of "which" - BUG/MINOR: http-ana: Matching on monitor-uri should be case-sensitive - MINOR: http-ana: Match on the path if the monitor-uri starts by a / - BUG/MINOR: ssl: Stop passing dynamic strings as format arguments - BUG/MAJOR: http-ana: Always abort the request when a tarpit is triggered - BUG/MINOR: mux: do not call conn_xprt_stop_recv() on buffer shortage - MINOR: checks: do not call conn_xprt_stop_send() anymore - CLEANUP: epoll: place the struct epoll_event in the stack - MEDIUM: connection: remove the intermediary polling state from the connection - MINOR: raw_sock: directly call fd_stop_send() and not conn_xprt_stop_send() - MINOR: tcp/uxst/sockpair: use fd_want_send() instead of conn_xprt_want_send() - MINOR: connection: remove the last calls to conn_xprt_{want,stop}_* - CLEANUP: connection: remove the definitions of conn_xprt_{stop,want}_{send,recv} - MINOR: connection: introduce a new receive flag: CO_RFL_READ_ONCE - MINOR: mux-h1: pass CO_RFL_READ_ONCE to the lower layers when relevant - MINOR: ist: add an iststop() function - BUG/MINOR: http: http-request replace-path duplicates the query string - CLEANUP: sample: use iststop instead of a for loop - BUG/MEDIUM: shctx: make sure to keep all blocks aligned - MINOR: compiler: move CPU capabilities definition from config.h and complete them - BUG/MEDIUM: ebtree: don't set attribute packed without unaligned access support - CLEANUP: http/h1: rely on HA_UNALIGNED_LE instead of checking for CPU families - BUILD: fix recent build failure on unaligned archs - MINOR: ssl: load the key from a dedicated file - BUG/MINOR: ssl: load .key in a directory only after PEM - MINOR: compiler: drop special cases of likely/unlikely for older compilers - CLEANUP: conn: Do not pass a pointer to likely - CLEANUP: net_helper: Do not negate the result of unlikely - BUILD: remove obsolete support for -mregparm / USE_REGPARM - CLEANUP: cfgparse: Fix type of second calloc() parameter - BUILD: ssl: only pass unsigned chars to isspace() - BUILD: general: always pass unsigned chars to is* functions - BUG/MINOR: sample: fix the json converter's endian-sensitivity - BUG/MEDIUM: ssl: fix several bad pointer aliases in a few sample fetch functions - CLEANUP: fd: use a union in fd_rm_from_fd_list() to shut aliasing warnings - CLEANUP: cache: use read_u32/write_u32 to access the cache entry's hash - CLEANUP: stick-tables: use read_u32() to display a node's key - CLEANUP: sample: use read_u64() in ipmask() to apply an IPv6 mask - MINOR: pattern: fix all remaining strict aliasing issues - CLEANUP: lua: fix aliasing issues in the address matching code - CLEANUP: connection: use read_u32() instead of a cast in the netscaler parser - BUILD: makefile: re-enable strict aliasing - BUG/MINOR: connection: make sure to correctly tag local PROXY connections - MINOR: compiler: add new alignment macros - BUILD: ebtree: improve architecture-specific alignment - MINOR: config: mark global.debug as deprecated - BUILD: travis-ci: enable s390x builds - MINOR: ssl/cli: 'show ssl cert' displays the chain - MINOR: ssl/cli: 'show ssl cert'displays the issuer in the chain - MINOR: ssl/cli: reorder 'show ssl cert' output - CLEANUP: ssl: move issuer_chain tree and definition - DOC: proxy-protocol: clarify IPv6 address representation in the spec |
||
Willy Tarreau
|
4c47d9106a |
[RELEASE] Released version 2.2-dev2
Released version 2.2-dev2 with the following main changes : - BUILD: CI: temporarily mark openssl-1.0.2 as allowed failure - MEDIUM: cli: Allow multiple filter entries for "show table" - BUG/MEDIUM: netscaler: Don't forget to allocate storage for conn->src/dst. - BUG/MINOR: ssl: ssl_sock_load_pem_into_ckch is not consistent - BUILD: stick-table: fix build errors introduced by last stick-table change - BUG/MINOR: cli: Missing arg offset for filter data values. - MEDIUM: streams: Always create a conn_stream in connect_server(). - MEDIUM: connections: Get ride of the xprt_done callback. - CLEANUP: changelog: remove the duplicate entry for 2.2-dev1 - BUILD: CI: move cygwin builds to Github Actions - MINOR: cli: Report location of errors or any extra data for "show table" - BUG/MINOR: ssl/cli: free the previous ckch content once a PEM is loaded - CLEANUP: backend: remove useless test for inexistent connection - CLEANUP: backend: shut another false null-deref in back_handle_st_con() - CLEANUP: stats: shut up a wrong null-deref warning from gcc 9.2 - BUG/MINOR: ssl: increment issuer refcount if in chain - BUG/MINOR: ssl: memory leak w/ the ocsp_issuer - BUG/MINOR: ssl: typo in previous patch - BUG/MEDIUM: connections: Set CO_FL_CONNECTED in conn_complete_session(). - BUG/MINOR: ssl/cli: ocsp_issuer must be set w/ "set ssl cert" - MEDIUM: connection: remove CO_FL_CONNECTED and only rely on CO_FL_WAIT_* - BUG/MEDIUM: 0rtt: Only consider the SSL handshake. - MINOR: stream-int: always report received shutdowns - MINOR: connection: remove CO_FL_SSL_WAIT_HS from CO_FL_HANDSHAKE - MEDIUM: connection: use CO_FL_WAIT_XPRT more consistently than L4/L6/HANDSHAKE - MINOR: connection: remove checks for CO_FL_HANDSHAKE before I/O - MINOR: connection: do not check for CO_FL_SOCK_RD_SH too early - MINOR: connection: don't check for CO_FL_SOCK_WR_SH too early in handshakes - MINOR: raw-sock: always check for CO_FL_SOCK_WR_SH before sending - MINOR: connection: remove some unneeded checks for CO_FL_SOCK_WR_SH - BUG/MINOR: stktable: report the current proxy name in error messages - BUG/MEDIUM: mux-h2: make sure we don't emit TE headers with anything but "trailers" - MINOR: lua: Add hlua_prepend_path function - MINOR: lua: Add lua-prepend-path configuration option - MINOR: lua: Add HLUA_PREPEND_C?PATH build option - BUILD: cfgparse: silence a bogus gcc warning on 32-bit machines - BUG/MINOR: http-ana: Increment the backend counters on the backend - BUG/MINOR: stream: Be sure to have a listener to increment its counters - BUG/MEDIUM: streams: Move the conn_stream allocation outside #IF USE_OPENSSL. - REGTESTS: make the set_ssl_cert test require version 2.2 - BUG/MINOR: ssl: Possible memleak when allowing the 0RTT data buffer. - MINOR: ssl: Remove dead code. - BUG/MEDIUM: ssl: Don't forget to free ctx->ssl on failure. - BUG/MEDIUM: stream: Don't install the mux in back_handle_st_con(). - MEDIUM: streams: Don't close the connection in back_handle_st_con(). - MEDIUM: streams: Don't close the connection in back_handle_st_rdy(). - BUILD: CI: disable slow regtests on Travis - BUG/MINOR: tcpchecks: fix the connect() flags regarding delayed ack - BUG/MINOR: http-rules: Always init log-format expr for common HTTP actions - BUG/MINOR: connection: fix ip6 dst_port copy in make_proxy_line_v2 - BUG/MINOR: dns: allow 63 char in hostname - MINOR: proxy: clarify number of connections log when stopping - DOC: word converter ignores delimiters at the start or end of input string - MEDIUM: raw-sock: remove obsolete calls to fd_{cant,cond,done}_{send,recv} - BUG/MINOR: ssl/cli: fix unused variable with openssl < 1.0.2 - MEDIUM: pipe/thread: reduce the locking overhead - MEDIUM: pipe/thread: maintain a per-thread local cache of recently used pipes - BUG/MEDIUM: pipe/thread: fix atomicity of pipe counters - MINOR: tasks: move the list walking code to its own function - MEDIUM: tasks: implement 3 different tasklet classes with their own queues - MEDIUM: tasks: automatically requeue into the bulk queue an already running tasklet - OPTIM: task: refine task classes default CPU bandwidth ratios - BUG/MEDIUM: connections: Don't forget to unlock when killing a connection. - MINOR: task: permanently flag tasklets waking themselves up - MINOR: task: make sched->current also reflect tasklets - MINOR: task: detect self-wakeups on tl==sched->current instead of TASK_RUNNING - OPTIM: task: readjust CPU bandwidth distribution since last update - MINOR: task: don't set TASK_RUNNING on tasklets - BUG/MEDIUM: memory_pool: Update the seq number in pool_flush(). - MINOR: memory: Only init the pool spinlock once. - BUG/MEDIUM: memory: Add a rwlock before freeing memory. - BUG/MAJOR: memory: Don't forget to unlock the rwlock if the pool is empty. - MINOR: ssl: ssl-load-extra-files configure loading of files - SCRIPTS: add a new "backport" script to simplify long series of backports - BUG/MINOR: ssl: we may only ignore the first 64 errors - SCRIPTS: use /usr/bin/env bash instead of /bin/bash for scripts - BUG/MINOR: ssl: clear the SSL errors on DH loading failure - CLEANUP: hpack: remove a redundant test in the decoder - CLEANUP: peers: Remove unused static function `free_dcache` - CLEANUP: peers: Remove unused static function `free_dcache_tx` - CONTRIB: debug: add missing flags SF_HTX and SF_MUX - CONTRIB: debug: add the possibility to decode the value as certain types only - CONTRIB: debug: support reporting multiple values at once - BUG/MINOR: http-act: Use the good message to test strict rewritting mode - MINOR: global: Set default tune.maxrewrite value during global structure init - MINOR: http-rules: Set SF_ERR_PRXCOND termination flag when a header rewrite fails - MINOR: http-htx: Emit a warning if an error file runs over the buffer's reserve - MINOR: htx: Add a function to append an HTX message to another one - MINOR: htx/channel: Add a function to copy an HTX message in a channel's buffer - BUG/MINOR: http-ana: Don't overwrite outgoing data when an error is reported - MINOR: dns: Dynamically allocate dns options to reduce the act_rule size - MINOR: dns: Add function to release memory allocated for a do-resolve rule - BUG/MINOR: http-ana: Reset HTX first index when HAPRoxy sends a response - BUG/MINOR: http-ana: Set HTX_FL_PROXY_RESP flag if a server perform a redirect - MINOR: http-rules: Add a flag on redirect rules to know the rule direction - MINOR: http-rules: Handle the rule direction when a redirect is evaluated - MINOR: http-ana: Rely on http_reply_and_close() to handle server error - MINOR: http-ana: Add a function for forward internal responses - MINOR: http-ana/http-rules: Use dedicated function to forward internal responses - MEDIUM: http: Add a ruleset evaluated on all responses just before forwarding - MEDIUM: http-rules: Add the return action to HTTP rules - MEDIUM: http-rules: Support extra headers for HTTP return actions - CLEANUP: lua: Remove consistency check for sample fetches and actions - BUG/MINOR: http-ana: Increment failed_resp counters on invalid response - MINOR: lua: Get the action return code on the stack when an action finishes - MINOR: lua: Create the global 'act' object to register all action return codes - MINOR: lua: Add act:wake_time() function to set a timeout when an action yields - MEDIUM: lua: Add ability for actions to intercept HTTP messages - REGTESTS: Add reg tests for the HTTP return action - REGTESTS: Add a reg test for http-after-response rulesets - BUILD: lua: silence a warning on systems where longjmp is not marked as noreturn - MINOR: acl: Warn when an ACL is named 'or' - CONTRIB: debug: also support reading values from stdin - SCRIPTS: backport: use short revs and resolve the initial commit - BUG/MINOR: acl: Fix type of log message when an acl is named 'or' |
||
Willy Tarreau
|
71f95fa20e |
[RELEASE] Released version 2.2-dev1
Released version 2.2-dev1 with the following main changes : - DOC: this is development again - MINOR: version: this is development again, update the status - SCRIPTS: update create-release to fix the changelog on new branches - CLEANUP: ssl: Clean up error handling - BUG/MINOR: contrib/prometheus-exporter: decode parameter and value only - BUG/MINOR: h1: Don't test the host header during response parsing - BUILD/MINOR: trace: fix use of long type in a few printf format strings - DOC: Clarify behavior of server maxconn in HTTP mode - MINOR: ssl: deduplicate ca-file - MINOR: ssl: compute ca-list from deduplicate ca-file - MINOR: ssl: deduplicate crl-file - CLEANUP: dns: resolution can never be null - BUG/MINOR: http-htx: Don't make http_find_header() fail if the value is empty - DOC: ssl/cli: set/commit/abort ssl cert - BUG/MINOR: ssl: fix SSL_CTX_set1_chain compatibility for openssl < 1.0.2 - BUG/MINOR: fcgi-app: Make the directive pass-header case insensitive - BUG/MINOR: stats: Fix HTML output for the frontends heading - BUG/MINOR: ssl: fix X509 compatibility for openssl < 1.1.0 - DOC: clarify matching strings on binary fetches - DOC: Fix ordered list in summary - DOC: move the "group" keyword at the right place - MEDIUM: init: prevent process and thread creation at runtime - BUG/MINOR: ssl/cli: 'ssl cert' cmd only usable w/ admin rights - BUG/MEDIUM: stream-int: don't subscribed for recv when we're trying to flush data - BUG/MINOR: stream-int: avoid calling rcv_buf() when splicing is still possible - BUG/MINOR: ssl/cli: don't overwrite the filters variable - BUG/MEDIUM: listener/thread: fix a race when pausing a listener - BUG/MINOR: ssl: certificate choice can be unexpected with openssl >= 1.1.1 - BUG/MEDIUM: mux-h1: Never reuse H1 connection if a shutw is pending - BUG/MINOR: mux-h1: Don't rely on CO_FL_SOCK_RD_SH to set H1C_F_CS_SHUTDOWN - BUG/MINOR: mux-h1: Fix conditions to know whether or not we may receive data - BUG/MEDIUM: tasks: Make sure we switch wait queues in task_set_affinity(). - BUG/MEDIUM: checks: Make sure we set the task affinity just before connecting. - MINOR: debug: replace popen() with pipe+fork() in "debug dev exec" - MEDIUM: init: set NO_NEW_PRIVS by default when supported - BUG/MINOR: mux-h1: Be sure to set CS_FL_WANT_ROOM when EOM can't be added - BUG/MEDIUM: mux-fcgi: Handle cases where the HTX EOM block cannot be inserted - BUG/MINOR: proxy: make soft_stop() also close FDs in LI_PAUSED state - BUG/MINOR: listener/threads: always use atomic ops to clear the FD events - BUG/MINOR: listener: also clear the error flag on a paused listener - BUG/MEDIUM: listener/threads: fix a remaining race in the listener's accept() - MINOR: listener: make the wait paths cleaner and more reliable - MINOR: listener: split dequeue_all_listener() in two - REORG: listener: move the global listener queue code to listener.c - DOC: document the listener state transitions - BUG/MEDIUM: kqueue: Make sure we report read events even when no data. - BUG/MAJOR: dns: add minimalist error processing on the Rx path - BUG/MEDIUM: proto_udp/threads: recv() and send() must not be exclusive. - DOC: listeners: add a few missing transitions - BUG/MINOR: tasks: only requeue a task if it was already in the queue - MINOR: tasks: split wake_expired_tasks() in two parts to avoid useless wakeups - DOC: proxies: HAProxy only supports 3 connection modes - DOC: remove references to the outdated architecture.txt - BUG/MINOR: log: fix minor resource leaks on logformat error path - BUG/MINOR: mworker: properly pass SIGTTOU/SIGTTIN to workers - BUG/MINOR: listener: do not immediately resume on transient error - BUG/MINOR: server: make "agent-addr" work on default-server line - BUG/MINOR: listener: fix off-by-one in state name check - BUILD/MINOR: unix sockets: silence an absurd gcc warning about strncpy() - MEDIUM: h1-htx: Add HTX EOM block when the message is in H1_MSG_DONE state - MINOR: http-htx: Add some htx sample fetches for debugging purpose - REGTEST: Add an HTX reg-test to check an edge case - DOC: clarify the fact that replace-uri works on a full URI - BUG/MINOR: sample: fix the closing bracket and LF in the debug converter - BUG/MINOR: sample: always check converters' arguments - MINOR: sample: Validate the number of bits for the sha2 converter - BUG/MEDIUM: ssl: Don't set the max early data we can receive too early. - MINOR: ssl/cli: 'show ssl cert' give information on the certificates - BUG/MINOR: ssl/cli: fix build for openssl < 1.0.2 - MINOR: debug: support logging to various sinks - MINOR: http: add a new "replace-path" action - REGTEST: ssl: test the "set ssl cert" CLI command - REGTEST: run-regtests: implement #REQUIRE_BINARIES - MINOR: task: only check TASK_WOKEN_ANY to decide to requeue a task - BUG/MAJOR: task: add a new TASK_SHARED_WQ flag to fix foreing requeuing - BUG/MEDIUM: ssl: Revamp the way early data are handled. - MINOR: fd/threads: make _GET_NEXT()/_GET_PREV() use the volatile attribute - BUG/MEDIUM: fd/threads: fix a concurrency issue between add and rm on the same fd - REGTEST: make the "set ssl cert" require version 2.1 - BUG/MINOR: ssl: openssl-compat: Fix getm_ defines - BUG/MEDIUM: state-file: do not allocate a full buffer for each server entry - BUG/MINOR: state-file: do not store duplicates in the global tree - BUG/MINOR: state-file: do not leak memory on parse errors - BUG/MAJOR: mux-h1: Don't pretend the input channel's buffer is full if empty - BUG/MEDIUM: stream: Be sure to never assign a TCP backend to an HTX stream - BUILD: ssl: improve SSL_CTX_set_ecdh_auto compatibility - BUILD: travis-ci: link with ssl libraries using rpath instead of LD_LIBRARY_PATH/DYLD_LIBRARY_PATH - BUILD: travis-ci: reenable address sanitizer for clang builds - BUG/MINOR: checks: refine which errno values are really errors. - BUG/MINOR: connection: only wake send/recv callbacks if the FD is active - CLEANUP: connection: conn->xprt is never NULL - MINOR: pollers: add a new flag to indicate pollers reporting ERR & HUP - MEDIUM: tcp: make tcp_connect_probe() consider ERR/HUP - REORG: connection: move tcp_connect_probe() to conn_fd_check() - MINOR: connection: check for connection validation earlier - MINOR: connection: remove the double test on xprt_done_cb() - CLEANUP: connection: merge CO_FL_NOTIFY_DATA and CO_FL_NOTIFY_DONE - MINOR: poller: do not call the IO handler if the FD is not active - OPTIM: epoll: always poll for recv if neither active nor ready - OPTIM: polling: do not create update entries for FD removal - BUG/MEDIUM: checks: Only attempt to do handshakes if the connection is ready. - BUG/MEDIUM: connections: Hold the lock when wanting to kill a connection. - BUILD: CI: modernize cirrus-ci - MINOR: config: disable busy polling on old processes - MINOR: ssl: Remove unused variable "need_out". - BUG/MINOR: h1: Report the right error position when a header value is invalid - BUG/MINOR: proxy: Fix input data copy when an error is captured - BUG/MEDIUM: http-ana: Truncate the response when a redirect rule is applied - BUG/MINOR: channel: inject output data at the end of output - BUG/MEDIUM: session: do not report a failure when rejecting a session - MEDIUM: dns: implement synchronous send - MINOR: raw_sock: make sure to disable polling once everything is sent - MINOR: http: Add 410 to http-request deny - MINOR: http: Add 404 to http-request deny - CLEANUP: mux-h2: remove unused goto "out_free_h2s" - BUILD: cirrus-ci: choose proper openssl package name - BUG/MAJOR: listener: do not schedule a task-less proxy - CLEANUP: server: remove unused err section in server_finalize_init - REGTEST: set_ssl_cert.vtc: replace "echo" with "printf" - BUG/MINOR: stream-int: Don't trigger L7 retry if max retries is already reached - BUG/MEDIUM: tasks: Use the MT macros in tasklet_free(). - BUG/MINOR: mux-h2: use a safe list_for_each_entry in h2_send() - BUG/MEDIUM: mux-h2: fix missing test on sending_list in previous patch - CLEANUP: ssl: remove opendir call in ssl_sock_load_cert - MEDIUM: lua: don't call the GC as often when dealing with outgoing connections - BUG/MEDIUM: mux-h2: don't stop sending when crossing a buffer boundary - BUG/MINOR: cli/mworker: can't start haproxy with 2 programs - REGTEST: mcli/mcli_start_progs: start 2 programs - BUG/MEDIUM: mworker: remain in mworker mode during reload - DOC: clarify crt-base usage - CLEANUP: compression: remove unused deinit_comp_ctx section - BUG/MEDIUM: mux_h1: Don't call h1_send if we subscribed(). - BUG/MEDIUM: raw_sock: Make sur the fd and conn are sync. - CLEANUP: proxy: simplify proxy_parse_rate_limit proxy checks - BUG/MAJOR: hashes: fix the signedness of the hash inputs - REGTEST: add sample_fetches/hashes.vtc to validate hashes - BUG/MEDIUM: cli: _getsocks must send the peers sockets - CLEANUP: cli: deduplicate the code in _getsocks - BUG/MINOR: stream: don't mistake match rules for store-request rules - BUG/MEDIUM: connection: add a mux flag to indicate splice usability - BUG/MINOR: pattern: handle errors from fgets when trying to load patterns - MINOR: connection: move the CO_FL_WAIT_ROOM cleanup to the reader only - MINOR: stream-int: remove dependency on CO_FL_WAIT_ROOM for rcv_buf() - MEDIUM: connection: get rid of CO_FL_CURR_* flags - BUILD: pattern: include errno.h - MEDIUM: mux-h2: do not try to stop sending streams on blocked mux - MEDIUM: mux-fcgi: do not try to stop sending streams on blocked mux - MEDIUM: mux-h2: do not make an h2s subscribe to itself on deferred shut - MEDIUM: mux-fcgi: do not make an fstrm subscribe to itself on deferred shut - REORG: stream/backend: move backend-specific stuff to backend.c - MEDIUM: backend: move the connection finalization step to back_handle_st_con() - MEDIUM: connection: merge the send_wait and recv_wait entries - MEDIUM: xprt: merge recv_wait and send_wait in xprt_handshake - MEDIUM: ssl: merge recv_wait and send_wait in ssl_sock - MEDIUM: mux-h1: merge recv_wait and send_wait - MEDIUM: mux-h2: merge recv_wait and send_wait event notifications - MEDIUM: mux-fcgi: merge recv_wait and send_wait event notifications - MINOR: connection: make the last arg of subscribe() a struct wait_event* - MINOR: ssl: Add support for returning the dn samples from ssl_(c|f)_(i|s)_dn in LDAP v3 (RFC2253) format. - DOC: Fix copy and paste mistake in http-response replace-value doc - BUG/MINOR: cache: Fix leak of cache name in error path - BUG/MINOR: dns: Make dns_query_id_seed unsigned - BUG/MINOR: 51d: Fix bug when HTX is enabled - MINOR: http-htx: Move htx sample fetches in the scope "internal" - MINOR: http-htx: Rename 'internal.htx_blk.val' to 'internal.htx_blk.data' - MINOR: http-htx: Make 'internal.htx_blk_data' return a binary string - DOC: Add a section to document the internal sample fetches - MINOR: mux-h1: Inherit send flags from the upper layer - MINOR: contrib/prometheus-exporter: Add heathcheck status/code in server metrics - BUG/MINOR: http-ana/filters: Wait end of the http_end callback for all filters - BUG/MINOR: http-rules: Remove buggy deinit functions for HTTP rules - BUG/MINOR: stick-table: Use MAX_SESS_STKCTR as the max track ID during parsing - MEDIUM: http-rules: Register an action keyword for all http rules - MINOR: tcp-rules: Always set from which ruleset a rule comes from - MINOR: actions: Use ACT_RET_CONT code to ignore an error from a custom action - MINOR: tcp-rules: Kill connections when custom actions return ACT_RET_ERR - MINOR: http-rules: Return an error when custom actions return ACT_RET_ERR - MINOR: counters: Add a counter to report internal processing errors - MEDIUM: http-ana: Properly handle internal processing errors - MINOR: http-rules: Add a rule result to report internal error - MINOR: http-rules: Handle internal errors during HTTP rules evaluation - MINOR: http-rules: Add more return codes to let custom actions act as normal ones - MINOR: tcp-rules: Handle denied/aborted/invalid connections from TCP rules - MINOR: http-rules: Handle denied/aborted/invalid connections from HTTP rules - MINOR: stats: Report internal errors in the proxies/listeners/servers stats - MINOR: contrib/prometheus-exporter: Export internal errors per proxy/server - MINOR: counters: Remove failed_secu counter and use denied_resp instead - MINOR: counters: Review conditions to increment counters from analysers - MINOR: http-ana: Add a txn flag to support soft/strict message rewrites - MINOR: http-rules: Handle all message rewrites the same way - MINOR: http-rules: Add a rule to enable or disable the strict rewriting mode - MEDIUM: http-rules: Enable the strict rewriting mode by default - REGTEST: Fix format of set-uri HTTP request rule in h1or2_to_h1c.vtc - MINOR: actions: Add a function pointer to release args used by actions - MINOR: actions: Regroup some info about HTTP rules in the same struct - MINOR: http-rules/tcp-rules: Call the defined action function first if defined - MINOR: actions: Rename the act_flag enum into act_opt - MINOR: actions: Add flags to configure the action behaviour - MINOR: actions: Use an integer to set the action type - MINOR: http-rules: Use a specific action type for some custom HTTP actions - MINOR: http-rules: Make replace-header and replace-value custom actions - MINOR: http-rules: Make set-header and add-header custom actions - MINOR: http-rules: Make set/del-map and add/del-acl custom actions - MINOR: http-rules: Group all processing of early-hint rule in its case clause - MEDIUM: http-rules: Make early-hint custom actions - MINOR: http-rule/tcp-rules: Make track-sc* custom actions - MINOR: tcp-rules: Make tcp-request capture a custom action - MINOR: http-rules: Add release functions for existing HTTP actions - BUG/MINOR: http-rules: Fix memory releases on error path during action parsing - MINOR: tcp-rules: Add release functions for existing TCP actions - BUG/MINOR: tcp-rules: Fix memory releases on error path during action parsing - MINOR: http-htx: Add functions to read a raw error file and convert it in HTX - MINOR: http-htx: Add functions to create HTX redirect message - MINOR: config: Use dedicated function to parse proxy's errorfiles - MINOR: config: Use dedicated function to parse proxy's errorloc - MEDIUM: http-htx/proxy: Use a global and centralized storage for HTTP error messages - MINOR: proxy: Register keywords to parse errorfile and errorloc directives - MINOR: http-htx: Add a new section to create groups of custom HTTP errors - MEDIUM: proxy: Add a directive to reference an http-errors section in a proxy - MINOR: http-rules: Update txn flags and status when a deny rule is executed - MINOR: http-rules: Support an optional status on deny rules for http reponses - MINOR: http-rules: Use same function to parse request and response deny actions - MINOR: http-ana: Add an error message in the txn and send it when defined - MEDIUM: http-rules: Support an optional error message in http deny rules - REGTEST: Add a strict rewriting mode reg test - REGEST: Add reg tests about error files - MINOR: ssl: accept 'verify' bind option with 'set ssl cert' - BUG/MINOR: ssl: ssl_sock_load_ocsp_response_from_file memory leak - BUG/MINOR: ssl: ssl_sock_load_issuer_file_into_ckch memory leak - BUG/MINOR: ssl: ssl_sock_load_sctl_from_file memory leak - BUG/MINOR: http_htx: Fix some leaks on error path when error files are loaded - CLEANUP: http-ana: Remove useless test on txn when the error message is retrieved - BUILD: CI: introduce ARM64 builds - BUILD: ssl: more elegant anti-replay feature presence check - MINOR: proxy/http-ana: Add support of extra attributes for the cookie directive - MEDIUM: dns: use Additional records from SRV responses - CLEANUP: Consistently `unsigned int` for bitfields - CLEANUP: pattern: remove the pat_time definition - BUG/MINOR: http_act: don't check capture id in backend - BUG/MINOR: ssl: fix build on development versions of openssl-1.1.x |
||
Willy Tarreau
|
e54b43af1e |
[RELEASE] Released version 2.1.0
Released version 2.1.0 with the following main changes : - BUG/MINOR: init: fix set-dumpable when using uid/gid - MINOR: init: avoid code duplication while setting identify - BUG/MINOR: ssl: ssl_pkey_info_index ex_data can store a dereferenced pointer - BUG/MINOR: ssl: fix crt-list neg filter for openssl < 1.1.1 - MINOR: peers: Alway show the table info for disconnected peers. - MINOR: peers: Add TX/RX heartbeat counters. - MINOR: peers: Add debugging information to "show peers". - BUG/MINOR: peers: Wrong null "server_name" data field handling. - MINOR: ssl/cli: 'abort ssl cert' deletes an on-going transaction - BUG/MEDIUM: mworker: don't fill the -sf argument with -1 during the reexec - BUG/MINOR: peers: "peer alive" flag not reset when deconnecting. - BUILD/MINOR: ssl: fix compiler warning about useless statement - BUG/MEDIUM: stream-int: Don't loose events on the CS when an EOS is reported - MINOR: contrib/prometheus-exporter: filter exported metrics by scope - MINOR: contrib/prometheus-exporter: Add a param to ignore servers in maintenance - BUILD: debug: Avoid warnings in dev mode with -02 because of some BUG_ON tests - BUG/MINOR: mux-h1: Fix tunnel mode detection on the response path - BUG/MINOR: http-ana: Properly catch aborts during the payload forwarding - DOC: Update http-buffer-request description to remove the part about chunks - BUG/MINOR: stream-int: Fix si_cs_recv() return value - DOC: internal: document the init calls - MEDIUM: dns: Add resolve-opts "ignore-weight" - MINOR: ssl: ssl_sock_prepare_ctx() return an error code - MEDIUM: ssl/cli: apply SSL configuration on SSL_CTX during commit - MINOR: ssl/cli: display warning during 'commit ssl cert' - MINOR: version: report the version status in "haproxy -v" - MINOR: version: emit the link to the known bugs in output of "haproxy -v" - DOC: Add documentation about the use-service action - MINOR: ssl: fix possible null dereference in error handling - BUG/MINOR: ssl: fix curve setup with LibreSSL - BUG/MINOR: ssl: Stop passing dynamic strings as format arguments - CLEANUP: ssl: check if a transaction exists once before setting it - BUG/MINOR: cli: fix out of bounds in -S parser - MINOR: ist: add ist_find_ctl() - BUG/MAJOR: h2: reject header values containing invalid chars - BUG/MAJOR: h2: make header field name filtering stronger - BUG/MAJOR: mux-h2: don't try to decode a response HEADERS frame in idle state - MINOR: h2: add a function to report H2 error codes as strings - MINOR: mux-h2/trace: report the connection and/or stream error code - SCRIPTS: create-release: show the correct origin name in suggested commands - SCRIPTS: git-show-backports: add "-s" to proposed cherry-pick commands - BUG/MEDIUM: trace: fix a typo causing an incorrect startup error - BUILD: reorder the objects in the makefile - DOC: mention in INSTALL haproxy 2.1 is a stable stable version - MINOR: version: indicate that this version is stable |
||
Willy Tarreau
|
846813260d |
[RELEASE] Released version 2.1-dev5
Released version 2.1-dev5 with the following main changes : - BUG/MEDIUM: ssl/cli: don't alloc path when cert not found - BUG/MINOR: ssl/cli: unable to update a certificate without bundle extension - BUG/MINOR: ssl/cli: fix an error when a file is not found - MINOR: ssl/cli: replace the default_ctx during 'commit ssl cert' - DOC: fix date and http_date keywords syntax - MINOR: peers: Add "log" directive to "peers" section. - BUG/MEDIUM: mux-h1: Disable splicing for chunked messages - BUG/MEDIUM: stream: Be sure to support splicing at the mux level to enable it - MINOR: flt_trace: Rename macros to print trace messages - MINOR: trace: Add a set of macros to trace events if HA is compiled with debug - MEDIUM: stream/trace: Register a new trace source with its events - MINOR: doc: http-reuse connection pool fix - BUG/MEDIUM: stream: Be sure to release allocated captures for TCP streams - MINOR: http-ana: Remove the unused function http_reset_txn() - BUG/MINOR: action: do-resolve now use cached response - BUG: dns: timeout resolve not applied for valid resolutions - DOC: management: fix typo on "cache_lookups" stats output - BUG/MINOR: stream: init variables when the list is empty - BUG/MEDIUM: tasks: Make tasklet_remove_from_tasklet_list() no matter the tasklet. - BUG/MINOR: queue/threads: make the queue unlinking atomic - BUG/MEDIUM: Make sure we leave the session list in session_free(). - CLEANUP: session: slightly simplify idle connection cleanup logic - MINOR: memory: also poison the area on freeing - CLEANUP: cli: use srv_shutdown_streams() instead of open-coding it - CLEANUP: stats: use srv_shutdown_streams() instead of open-coding it - BUG/MEDIUM: listeners: always pause a listener on out-of-resource condition - BUILD: contrib/da: remove an "unused" warning - BUG/MEDIUM: filters: Don't call TCP callbacks for HTX streams - MEDIUM: filters: Adapt filters API to allow again TCP filtering on HTX streams - MINOR: freq_ctr: Make the sliding window sums thread-safe - MINOR: stream: Remove the lock on the proxy to update time stats - MINOR: counters: Add fields to store the max observed for {q,c,d,t}_time - MINOR: stats: Report max times in addition of the averages for sessions - MINOR: contrib/prometheus-exporter: Report metrics about max times for sessions - BUG/MINOR: contrib/prometheus-exporter: Rename some metrics - MINOR: contrib/prometheus-exporter: report the number of idle conns per server - DOC: Add missing stats fields in the management manual - BUG/MINOR: mux-h1: Properly catch parsing errors on payload and trailers - BUG/MINOR: mux-h1: Don't set CS_FL_EOS on a read0 when receiving data to pipe - MINOR: mux-h1: Set EOI on the conn-stream when EOS is reported in TUNNEL state - MINOR: sink: Set the default max length for a message to BUFSIZE - MINOR: ring: make the parse function automatically set the handler/release - BUG/MINOR: log: make "show startup-log" use a ring buffer instead - MINOR: stick-table: allow sc-set-gpt0 to set value from an expression |
||
Willy Tarreau
|
1753cb544d |
[RELEASE] Released version 2.1-dev4
Released version 2.1-dev4 with the following main changes : - BUG/MINOR: cli: don't call the kw->io_release if kw->parse failed - BUG/MINOR: mux-h2: Don't pretend mux buffers aren't full anymore if nothing sent - BUG/MAJOR: stream-int: Don't receive data from mux until SI_ST_EST is reached - DOC: remove obsolete section about header manipulation - BUG/MINOR: ssl/cli: cleanup on cli_parse_set_cert error - MINOR: ssl/cli: rework the 'set ssl cert' IO handler - BUILD: CI: comment out cygwin build, upgrade various ssl libraries - DOC: Improve documentation of http-re(quest|sponse) replace-(header|value|uri) - BUILD/MINOR: tools: shut up the format truncation warning in get_gmt_offset() - BUG/MINOR: spoe: fix off-by-one length in UUID format string - BUILD/MINOR: ssl: shut up a build warning about format truncation - BUILD: do not disable -Wformat-truncation anymore - MINOR: chunk: add chunk_istcat() to concatenate an ist after a chunk - Revert "MINOR: istbuf: add b_fromist() to make a buffer from an ist" - MINOR: mux: Add a new method to get informations about a mux. - BUG/MEDIUM: stream_interface: Only use SI_ST_RDY when the mux is ready. - BUG/MEDIUM: servers: Only set SF_SRV_REUSED if the connection if fully ready. - MINOR: doc: fix busy-polling performance reference - MINOR: config: allow no set-dumpable config option - MINOR: init: always fail when setrlimit fails - MINOR: ssl/cli: rework 'set ssl cert' as 'set/commit' - CLEANUP: ssl/cli: remove leftovers of bundle/certs (it < 2) - REGTEST: vtest can now enable mcli with its own flag - BUG/MINOR: config: Update cookie domain warn to RFC6265 - MINOR: sample: add us/ms support to date/http_date - BUG/MINOR: ssl/cli: check trash allocation in cli_io_handler_commit_cert() - BUG/MEDIUM: mux-h2: report no available stream on a connection having errors - BUG/MEDIUM: mux-h2: immediately remove a failed connection from the idle list - BUG/MEDIUM: mux-h2: immediately report connection errors on streams - BUG/MINOR: stats: properly check the path and not the whole URI - BUG/MINOR: ssl: segfault in cli_parse_set_cert with old openssl/boringssl - BUG/MINOR: ssl: ckch->chain must be initialized - BUG/MINOR: ssl: double free on error for ckch->{key,cert} - MINOR: ssl: BoringSSL ocsp_response does not need issuer - BUG/MEDIUM: ssl/cli: fix dot research in cli_parse_set_cert - MINOR: backend: Add srv_name sample fetche - DOC: Add GitHub issue config.yml |
||
Willy Tarreau
|
c70df53250 |
[RELEASE] Released version 2.1-dev3
Released version 2.1-dev3 with the following main changes :
- MINOR: mux-h2/trace: missing conn pointer in demux full message
- MINOR: mux-h2: add a per-connection list of blocked streams
- BUILD: ebtree: make eb_is_empty() and eb_is_dup() take a const
- BUG/MEDIUM: mux-h2: do not enforce timeout on long connections
- BUG/MEDIUM: tasks: Don't forget to decrement tasks_run_queue.
- BUG/MINOR: peers: crash on reload without local peer.
- BUG/MINOR: mux-h2/trace: Fix traces on h2c initialization
- MINOR: h1-htx: Update h1_copy_msg_data() to ease the traces in the mux-h1
- MINOR: htx: Adapt htx_dump() to be used from traces
- MINOR: mux-h1/trace: register a new trace source with its events
- MINOR: proxy: Store http-send-name-header in lower case
- MINOR: http: Remove headers matching the name of http-send-name-header option
- BUG/MINOR: mux-h1: Adjust header case when the server name is add to a request
- BUG/MINOR: mux-h1: Adjust header case when chunked encoding is add to a message
- MINOR: mux-h1: Try to wakeup the stream on output buffer allocation
- MINOR: fcgi: Add function to get the string representation of a record type
- MINOR: mux-fcgi/trace: Register a new trace source with its events
- BUG/MEDIUM: cache: make sure not to cache requests with absolute-uri
- DOC: clarify some points around http-send-name-header's behavior
- MEDIUM: mux-h2: support emitting CONTINUATION frames after HEADERS
- BUG/MINOR: mux-h1/mux-fcgi/trace: Fix position of the 4th arg in some traces
- DOC: fix typo in Prometheus exporter doc
- MINOR: h2: clarify the rules for how to convert an H2 request to HTX
- MINOR: htx: Add 2 flags on the start-line to have more info about the uri
- MINOR: http: Add a function to get the authority into a URI
- MINOR: h1-htx: Set the flag HTX_SL_F_HAS_AUTHORITY during the request parsing
- MEDIUM: http-htx: Keep the Host header and the request start-line synchronized
- MINOR: h1-htx: Only use the path of a normalized URI to format a request line
- MEDIUM: h2: make the request parser rebuild a complete URI
- MINOR: h2: report in the HTX flags when the request has an authority
- MEDIUM: mux-h2: do not map Host to :authority on output
- MEDIUM: h2: use the normalized URI encoding for absolute form requests
- MINOR: stats: mention in the help message support for "json" and "typed"
- MINOR: stats: get rid of the ST_CONVDONE flag
- MINOR: stats: replace the ST_* uri_auth flags with STAT_*
- MINOR: stats: always merge the uri_auth flags into the appctx flags
- MINOR: stats: set the appctx flags when initializing the applet only
- MINOR: stats: get rid of the STAT_SHOWADMIN flag
- MINOR: stats: make stats_dump_fields_json() directly take flags
- MINOR: stats: uniformize the calling convention of the dump functions
- MINOR: stats: support the "desc" output format modifier for info and stat
- MINOR: stats: prepare to add a description with each stat/info field
- MINOR: stats: make "show stat" and "show info"
- MINOR: stats: fill all the descriptions for "show info" and "show stat"
- BUG/MEDIUM: applet: always check a fast running applet's activity before killing
- BUILD: stats: fix missing '=' sign in array declaration
- MINOR: lists: add new macro LIST_SPLICE_END_DETACHED
- MINOR: list: add new macro MT_LIST_BEHEAD
- MEDIUM: task: Split the tasklet list into two lists.
- MINOR: h2: Document traps to be avoided on multithread.
- MINOR: lists: Try to use local variables instead of macro arguments.
- MINOR: lists: Fix alignement of \ when relevant.
- MINOR: mux-h2: also support emitting CONTINUATION on trailers
- MINOR: ssl: crt-list do ckchn_lookup
- REORG: ssl: rename ckch_node to ckch_store
- REORG: ssl: move structures to ssl_sock.h
- MINOR: ssl: initialize the sni_keytypes_map as EB_ROOT
- MINOR: ssl: initialize explicitly the sni_ctx trees
- BUG/MINOR: ssl: abort on sni allocation failure
- BUG/MINOR: ssl: free the sni_keytype nodes
- BUG/MINOR: ssl: abort on sni_keytypes allocation failure
- MEDIUM: ssl: introduce the ckch instance structure
- MEDIUM: ssl: split ssl_sock_add_cert_sni()
- MINOR: ssl: ssl_sock_load_ckchn() can properly fail
- MINOR: ssl: ssl_sock_load_multi_ckchs() can properly fail
- MEDIUM: ssl: ssl_sock_load_ckchs() alloc a ckch_inst
- MINOR: ssl: ssl_sock_load_crt_file_into_ckch() is filling from a BIO
- MEDIUM: ssl/cli: 'set ssl cert' updates a certificate from the CLI
- MINOR: ssl: load the sctl in/from the ckch
- MINOR: ssl: load the ocsp in/from the ckch
- BUG/MEDIUM: ssl: NULL dereference in ssl_sock_load_cert_sni()
- BUG/MINOR: ssl: fix build without SSL
- BUG/MINOR: ssl: fix build without multi-cert bundles
- BUILD: ssl: wrong #ifdef for SSL engines code
- BUG/MINOR: ssl: fix OCSP build with BoringSSL
- BUG/MEDIUM: htx: Catch chunk_memcat() failures when HTX data are formatted to h1
- BUG/MINOR: chunk: Fix tests on the chunk size in functions copying data
- BUG/MINOR: mux-h1: Mark the output buffer as full when the xfer is interrupted
- MINOR: mux-h1: Xfer as much payload data as possible during output processing
- CLEANUP: h1-htx: Move htx-to-h1 formatting functions from htx.c to h1_htx.c
- BUG/MINOR: mux-h1: Capture ignored parsing errors
- MINOR: h1: Reject requests with different occurrences of the header host
- MINOR: h1: Reject requests if the authority does not match the header host
- REGTESTS: Send valid URIs in peers reg-tests and fix HA config to avoid warnings
- REGTESTS: Adapt proxy_protocol_random_fail.vtc to match normalized URI too
- BUG/MINOR: WURFL: fix send_log() function arguments
- BUG/MINOR: ssl: fix error messages for OCSP loading
- BUG/MINOR: ssl: can't load ocsp files
- MINOR: version: make the version strings variables, not constants
- BUG/MINOR: http-htx: Properly set htx flags on error files to support keep-alive
- MINOR: htx: Add a flag on HTX to known when a response was generated by HAProxy
- MINOR: mux-h1: Force close mode for proxy responses with an unfinished request
- BUILD: travis-ci: limit build to branches "master" and "next"
- BUILD/MEDIUM: threads: rename thread_info struct to ha_thread_info
- BUILD/SMALL: threads: enable threads on osx
- BUILD/MEDIUM: threads: enable cpu_affinity on osx
- MINOR: istbuf: add b_fromist() to make a buffer from an ist
- BUG/MINOR: cache: also cache absolute URIs
- BUG/MINOR: mworker/ssl: close openssl FDs unconditionally
- BUG/MINOR: tcp: Don't alter counters returned by tcp info fetchers
- BUG/MEDIUM: lists: Handle 1-element-lists in MT_LIST_BEHEAD().
- BUG/MEDIUM: mux_pt: Make sure we don't have a conn_stream before freeing.
- BUG/MEDIUM: tasklet: properly compute the sleeping threads mask in tasklet_wakeup()
- BUG/MAJOR: idle conns: schedule the cleanup task on the correct threads
- BUG/MEDIUM: task: make tasklets either local or shared but not both at once
- Revert
|
||
Willy Tarreau
|
cb8f03fc46 |
[RELEASE] Released version 2.1-dev2
Released version 2.1-dev2 with the following main changes :
- DOC: management: document reuse and connect counters in the CSV format
- DOC: management: document cache_hits and cache_lookups in the CSV format
- BUG/MINOR: dns: remove irrelevant dependency on a client connection
- MINOR: applet: make appctx use their own pool
- BUG/MEDIUM: checks: Don't attempt to receive data if we already subscribed.
- BUG/MEDIUM: http/htx: unbreak option http_proxy
- BUG/MINOR: backend: do not try to install a mux when the connection failed
- MINOR: mux-h2: Don't adjust anymore the amount of data sent in h2_snd_buf()
- BUG/MINOR: http_fetch: Fix http_auth/http_auth_group when called from TCP rules
- BUG/MINOR: http_htx: Initialize HTX error messages for TCP proxies
- BUG/MINOR: cache/htx: Make maxage calculation HTX aware
- BUG/MINOR: hlua: Make the function txn:done() HTX aware
- MINOR: proto_htx: Directly call htx_check_response_for_cacheability()
- MINOR: proto_htx: Rely on the HTX function to apply a redirect rules
- MINOR: proto_htx: Add the function htx_return_srv_error()
- MINOR: backend/htx: Don't rewind output data to set the sni on a srv connection
- MINOR: proto_htx: Don't stop forwarding when there is a post-connect processing
- DOC: htx: Update comments in HTX files
- CLEANUP: htx: Remove the unsued function htx_add_blk_type_size()
- MINOR: htx: Deduce the number of used blocks from tail and head values
- MINOR: htx: Use an array of char to store HTX blocks
- MINOR: htx: Slightly update htx_dump() to report better messages
- DOC: htx: Add internal documentation about the HTX
- MAJOR: http: Deprecate and ignore the option "http-use-htx"
- MEDIUM: mux-h2: Remove support of the legacy HTTP mode
- CLEANUP: h2: Remove functions converting h2 requests to raw HTTP/1.1 ones
- MINOR: connection: Remove the multiplexer protocol PROTO_MODE_HTX
- MINOR: stream: Rely on HTX analyzers instead of legacy HTTP ones
- MEDIUM: http_fetch: Remove code relying on HTTP legacy mode
- MINOR: config: Remove tests on the option 'http-use-htx'
- MINOR: stream: Remove tests on the option 'http-use-htx' in stream_new()
- MINOR: proxy: Remove tests on the option 'http-use-htx' during H1 upgrade
- MINOR: hlua: Remove tests on the option 'http-use-htx' to reject TCP applets
- MINOR: cache: Remove tests on the option 'http-use-htx'
- MINOR: contrib/prometheus-exporter: Remove tests on the option 'http-use-htx'
- CLEANUP: proxy: Remove the flag PR_O2_USE_HTX
- MINOR: proxy: Don't adjust connection mode of HTTP proxies anymore
- MEDIUM: backend: Remove code relying on the HTTP legacy mode
- MEDIUM: hlua: Remove code relying on the legacy HTTP mode
- MINOR: http_act: Remove code relying on the legacy HTTP mode
- MEDIUM: cache: Remove code relying on the legacy HTTP mode
- MEDIUM: compression: Remove code relying on the legacy HTTP mode
- MINOR: flt_trace: Remove code relying on the legacy HTTP mode
- MINOR: stats: Remove code relying on the legacy HTTP mode
- MAJOR: filters: Remove code relying on the legacy HTTP mode
- MINOR: stream: Remove code relying on the legacy HTTP mode
- MAJOR: http: Remove the HTTP legacy code
- MINOR: hlua: Remove useless test on TX_CON_WANT_* flags
- MINOR: proto_http: Remove unused http txn flags
- MINOR: proto_http: Remove the unused flag HTTP_MSGF_WAIT_CONN
- CLEANUP: proto_http: Group remaining flags of the HTTP transaction
- CLEANUP: channel: Remove the unused flag CF_WAKE_CONNECT
- CLEANUP: proto_http: Remove unecessary includes and comments
- CLEANUP: proto_http: Move remaining code from proto_http.c to proto_htx.c
- REORG: proto_htx: Move HTX analyzers & co to http_ana.{c,h} files
- BUG/MINOR: debug: Remove flags CO_FL_SOCK_WR_ENA/CO_FL_SOCK_RD_ENA
- MINOR: proxy: Remove support of the option 'http-tunnel'
- DOC: config: Update as a result of the legacy HTTP removal
- MEDIUM: config: Remove parsing of req* and rsp* directives
- MINOR: proxy: Remove the unused list of block rules
- MINOR: proxy/http_ana: Remove unused req_exp/rsp_exp and req_add/rsp_add lists
- DOC: config: Remove unsupported req* and rsp* keywords
- MINOR: global: Preset tune.max_http_hdr to its default value
- MINOR: http: Don't store raw HTTP errors in chunks anymore
- BUG/MINOR: session: Emit an HTTP error if accept fails only for H1 connection
- BUG/MINOR: session: Send a default HTTP error if accept fails for a H1 socket
- CLEANUP: mux-h2: Remove unused flags H2_SF_CHNK_*
- BUG/MINOR: checks: do not exit tcp-checks from the middle of the loop
- MINOR: config: Warn only if the option http-use-htx is used with "no" prefix
- BUG/MEDIUM: mux-h1: Trim excess server data at the end of a transaction
- MINOR: connection: add conn_get_src() and conn_get_dst()
- MINOR: frontend: switch to conn_get_{src,dst}() for logging and debugging
- MINOR: backend: switch to conn_get_{src,dst}() for port and address mapping
- MINOR: ssl: switch to conn_get_dst() to retrieve the destination address
- MINOR: tcp: replace various calls to conn_get_{from,to}_addr with conn_get_{src,dst}
- MINOR: stream-int: use conn_get_{src,dst} in conn_si_send_proxy()
- MINOR: stream/cli: use conn_get_{src,dst} in "show sess" and "show peers" output
- MINOR: log: use conn_get_{dst,src}() to retrieve the cli/frt/bck/srv/ addresses
- MINOR: http/htx: use conn_get_dst() to retrieve the destination address
- MINOR: lua: use conn_get_{src,dst} to retrieve connection addresses
- MINOR: http: check the source address via conn_get_src() in sample fetch functions
- CLEANUP: connection: remove the now unused conn_get_{from,to}_addr()
- MINOR: connection: add new src and dst fields
- MINOR: connection: use conn->{src,dst} instead of &conn->addr.{from,to}
- MINOR: ssl-sock: use conn->dst instead of &conn->addr.to
- MINOR: lua: switch to conn->dst for a connection's target address
- MINOR: peers: use conn->dst for the peer's target address
- MINOR: htx: switch from conn->addr.{from,to} to conn->{src,dst}
- MINOR: stream: switch from conn->addr.{from,to} to conn->{src,dst}
- MINOR: proxy: switch to conn->src in error snapshots
- MINOR: session: use conn->src instead of conn->addr.from
- MINOR: tcp: replace conn->addr.{from,to} with conn->{src,dst}
- MINOR: unix: use conn->dst for the target address in ->connect()
- MINOR: sockpair: use conn->dst for the target address in ->connect()
- MINOR: log: use conn->{src,dst} instead of conn->addr.{from,to}
- MINOR: checks: replace conn->addr.to with conn->dst
- MINOR: frontend: switch from conn->addr.{from,to} to conn->{src,dst}
- MINOR: http: convert conn->addr.from to conn->src in sample fetches
- MEDIUM: backend: turn all conn->addr.{from,to} to conn->{src,dst}
- MINOR: connection: create a new pool for struct sockaddr_storage
- MEDIUM: connection: make sure all address producers allocate their address
- MAJOR: connection: remove the addr field
- MINOR: connection: don't use clear_addr() anymore, just release the address
- MINOR: stream: add a new target_addr entry in the stream structure
- MAJOR: stream: store the target address into s->target_addr
- MINOR: peers: now remove the remote connection setup code
- MEDIUM: lua: do not allocate the remote connection anymore
- MEDIUM: backend: always release any existing prior connection in connect_server()
- MEDIUM: backend: remove impossible cases from connect_server()
- BUG/MINOR: mux-h1: Close server connection if input data remains in h1_detach()
- BUG/MEDIUM: tcp-checks: do not dereference inexisting conn_stream
- BUG/MINOR: http_ana: Be sure to have an allocated buffer to generate an error
- BUG/MINOR: http_htx: Support empty errorfiles
- BUG/CRITICAL: http_ana: Fix parsing of malformed cookies which start by a delimiter
- BUG/MEDIUM: protocols: add a global lock for the init/deinit stuff
- BUG/MINOR: proxy: always lock stop_proxy()
- MEDIUM: mux-h1: Add the support of headers adjustment for bogus HTTP/1 apps
- BUILD: threads: add the definition of PROTO_LOCK
- BUG/MEDIUM: lb-chash: Fix the realloc() when the number of nodes is increased
- BUG/MEDIUM: streams: Don't switch the SI to SI_ST_DIS if we have data to send.
- BUG/MINOR: log: make sure writev() is not interrupted on a file output
- DOC: improve the wording in CONTRIBUTING about how to document a bug fix
- MEDIUM: h1: Don't try to subscribe if we managed to read data.
- MEDIUM: h1: Don't wake the H1 tasklet if we got the whole request.
- REGTESTS: checks: exclude freebsd target for tcp-check_multiple_ports.vtc
- BUG/MINOR: hlua/htx: Reset channels analyzers when txn:done() is called
- BUG/MEDIUM: hlua: Check the calling direction in lua functions of the HTTP class
- MINOR: hlua: Don't set request analyzers on response channel for lua actions
- MINOR: hlua: Add a flag on the lua txn to know in which context it can be used
- BUG/MINOR: hlua: Only execute functions of HTTP class if the txn is HTTP ready
- BUG/MINOR: htx: Fix free space addresses calculation during a block expansion
- MINOR: ssl: merge ssl_sock_load_cert_file() and ssl_sock_load_cert_chain_file()
- MEDIUM: ssl: use cert_key_and_chain struct in ssl_sock_load_cert_file()
- MEDIUM: ssl: split the loading of the certificates
- MEDIUM: ssl: lookup and store in a ckch_node tree
- MEDIUM: ssl: load DH param in struct cert_key_and_chain
- BUG/MAJOR: queue/threads: avoid an AB/BA locking issue in process_srv_queue()
- MINOR: ssl: use STACK_OF for chain certs
- MINOR: ssl: add extra chain compatibility
- MINOR: ssl: check private key consistency in loading
- MINOR: ssl: do not look at DHparam with OPENSSL_NO_DH
- CLEANUP: ssl: ssl_sock_load_crt_file_into_ckch
- MINOR: ssl: clean ret variable in ssl_sock_load_ckchn
- MAJOR: fd: Get rid of the fd cache.
- MEDIUM: pollers: Remember the state for read and write for each threads.
- MEDIUM: mux-h2: don't try to read more than needed
- BUG/BUILD: ssl: fix build with openssl < 1.0.2
- BUG/MEDIUM: ssl: does not try to free a DH in a ckch
- BUG/MINOR: debug: fix a small race in the thread dumping code
- MINOR: wdt: also consider that waiting in the thread dumper is normal
- REGTESTS: checks: make 4be_1srv_health_checks more reliable
- BUILD: ssl: BoringSSL add EVP_PKEY_base_id
- BUG/MEDIUM: ssl: don't free the ckch in multi-cert bundle
- BUG/MINOR: ssl: fix ressource leaks on error
- BUG/MEDIUM: lb-chash: Ensure the tree integrity when server weight is increased
- BUG/MAJOR: http/sample: use a static buffer for raw -> htx conversion
- BUG/MINOR: stream-int: make sure to always release empty buffers after sending
- BUG/MEDIUM: ssl: open the right path for multi-cert bundle
- BUG/MINOR: stream-int: also update analysers timeouts on activity
- BUG/MEDIUM: mux-h2: unbreak receipt of large DATA frames
- BUG/MEDIUM: mux-h2: split the stream's and connection's window sizes
- BUG/MEDIUM: proxy: Make sure to destroy the stream on upgrade from TCP to H2
- DOC: Add 'Question.md' issue template, discouraging asking questions
- BUG/MEDIUM: fd: Always reset the polled_mask bits in fd_dodelete().
- BUG/MEDIUM: pollers: Clear the poll_send bits as well.
- BUILD: travis-ci: enable daily Coverity scan
- BUG/MINOR: mux-h2: don't refrain from sending an RST_STREAM after another one
- BUG/MINOR: mux-h2: use CANCEL, not STREAM_CLOSED in h2c_frt_handle_data()
- BUG/MINOR: mux-h2: do not send REFUSED_STREAM on aborted uploads
- BUG/MEDIUM: mux-h2: do not recheck a frame type after a state transition
- BUG/MINOR: mux-h2: always send stream window update before connection's
- BUG/MINOR: mux-h2: always reset rcvd_s when switching to a new frame
- BUG/MEDIUM: checks: make sure to close nicely when we're the last to speak
- BUG/MEDIUM: stick-table: Wrong stick-table backends parsing.
- CLEANUP: mux-h2: move the demuxed frame check code in its own function
- MINOR: cache: add method to cache hash
- MINOR: cache: allow caching of OPTIONS request
- BUG/MINOR: ssl: fix 0-RTT for BoringSSL
- MINOR: ssl: ssl_fc_has_early should work for BoringSSL
- BUG/MINOR: pools: don't mark the thread harmless if already isolated
- BUG/MINOR: buffers/threads: always clear a buffer's head before releasing it
- CLEANUP: buffer: replace b_drop() with b_free()
- CLEANUP: task: move the cpu_time field to the task-only part
- MINOR: cli: add two new states to print messages on the CLI
- MINOR: cli: add cli_msg(), cli_err(), cli_dynmsg(), cli_dynerr()
- CLEANUP: cli: replace all occurrences of manual handling of return messages
- BUG/MEDIUM: proxy: Don't forget the SF_HTX flag when upgrading TCP=>H1+HTX.
- BUG/MEDIUM: proxy: Don't use cs_destroy() when freeing the conn_stream.
- BUG/MINOR: lua: fix setting netfilter mark
- BUG/MINOR: Fix prometheus '# TYPE' and '# HELP' headers
- BUG/MEDIUM: lua: Fix test on the direction to set the channel exp timeout
- BUG/MINOR: stats: Wait the body before processing POST requests
- MINOR: fd: make sure to mark the thread as not stuck in fd_update_events()
- BUG/MEDIUM: mux_pt: Don't call unsubscribe if we did not subscribe.
- BUILD: travis-ci: trigger non-mainstream configurations only on daily builds.
- MINOR: debug: indicate the applet name when the task is task_run_applet()
- MINOR: tools: add append_prefixed_str()
- MINOR: lua: export applet and task handlers
- MEDIUM: debug: make the thread dump code show Lua backtraces
- BUG/MEDIUM: h1: Always try to receive more in h1_rcv_buf().
- MINOR: list: add LIST_SPLICE() to merge one list into another
- MINOR: tools: add a DEFNULL() macro to use NULL for empty args
- REORG: trace: rename trace.c to calltrace.c and mention it's not thread-safe
- MINOR: sink: create definitions a minimal code for event sinks
- MINOR: sink: add a support for file descriptors
- MINOR: trace: start to create a new trace subsystem
- MINOR: trace: add allocation of buffer-sized trace buffers
- MINOR: trace/cli: register the "trace" CLI keyword to list the sources
- MINOR: trace/cli: parse the "level" argument to configure the trace verbosity
- MINOR: trace/cli: add "show trace" to report trace state and statistics
- MINOR: trace: implement a very basic trace() function
- MINOR: trace: add the file name and line number in the prefix
- MINOR: trace: make trace() now also take a level in argument
- MINOR: trace: implement a call to a decode function
- MINOR: trace: add per-level macros to produce traces
- MINOR: trace: add a definition of typed arguments to trace()
- MINOR: trace: make sure to always stop the locking when stopping or pausing
- MINOR: trace: add the possibility to lock on some arguments
- MINOR: trace: parse the "lock" argument to trace
- MINOR: trace: retrieve useful pointers and enforce lock-on
- DOC: management: document the "trace" and "show trace" commands
- BUILD: trace: make the lockon_ptr const to silence a warning without threads
- BUG/MEDIUM: mux-h1: do not truncate trailing 0CRLF on buffer boundary
- BUG/MEDIUM: mux-h1: do not report errors on transfers ending on buffer full
- DOC: fixed typo in management.txt
- BUG/MINOR: mworker: disable SIGPROF on re-exec
- BUG/MEDIUM: listener/threads: fix an AB/BA locking issue in delete_listener()
- BUG/MEDIUM: url32 does not take the path part into account in the returned hash.
- MINOR: backend: Add srv_queue converter
- MINOR: sink: set the fd-type sinks to non-blocking
- MINOR: tools: add a function varint_bytes() to report the size of a varint
- MINOR: buffer: add functions to read/write varints from/to buffers
- MINOR: fd: add fd_write_frag_line() to send a fragmented line to an fd
- MINOR: sink: now call the generic fd write function
- MINOR: ring: add a new mechanism for retrieving/storing ring data in buffers
- MINOR: ring: add a ring_write() function
- MINOR: ring: add a generic CLI io_handler to dump a ring buffer
- MINOR: sink: add support for ring buffers
- MINOR: sink: implement "show events" to show supported sinks and dump the rings
- MINOR: sink: now report the number of dropped events on output
- MINOR: trace: support a default callback for the source
- MINOR: trace: extend the source location to 13 chars
- MINOR: trace: show thread number and source name in the trace
- MINOR: trace: change the TRACE() calling convention to put the args and cb last
- MINOR: connection: add the fc_pp_authority fetch -- authority TLV, from PROXYv2
- MINOR: tools: add a generic struct "name_desc" for name-description pairs
- MINOR: trace: replace struct trace_lockon_args with struct name_desc
- MINOR: trace: change the "payload" level to "data" and move it
- MINOR: trace: prepend the function name for developer level traces
- MINOR: trace: also report the trace level in the output
- MINOR: trace: change the detail_level to per-source verbosity
- MINOR: mux-h2/trace: register a new trace source with its events
- MINOR: mux-h2/trace: add the default decoding callback
- MEDIUM: mux-h2/trace: add lots of traces all over the code
- MINOR: mux-h2: add functions to convert an h2c/h2s state to a string
- MINOR: mux-h2/trace: add a new verbosity level "clean"
- MINOR: mux-h2/trace: only decode the start-line at verbosity other than "minimal"
- MINOR: mux-h2/trace: always report the h2c/h2s state and flags
- MINOR: mux-h2/trace: report h2s->id before h2c->dsi for the stream ID
- CLEANUP: mux-h2/trace: reformat the "received" messages for better alignment
- CLEANUP: mux-h2/trace: lower-case event names
- MINOR: trace: extend default event names to 12 chars
- BUG/MINOR: ring: fix the way watchers are counted
- MINOR: cli: extend the CLI context with a list and two offsets
- MINOR: mux-h2/trace: report the connection pointer and state before FRAME_H
- MEDIUM: ring: implement a wait mode for watchers
- BUG/MEDIUM: mux-h2/trace: do not dereference h2c->conn after failed idle
- BUG/MEDIUM: mux-h2/trace: fix missing braces added with traces
- BUG/MINOR: ring: b_peek_varint() returns a uint64_t, not a size_t
- CLEANUP: fd: remove leftovers of the fdcache
- MINOR: fd: add a new "initialized" bit in the fdtab struct
- MINOR: fd/log/sink: make the non-blocking initialization depend on the initialized bit
- MEDIUM: log: use the new generic fd_write_frag_line() function
- MINOR: log: add a target type instead of hacking the address family
- MEDIUM: log: add support for logging to a ring buffer
- MINOR: send-proxy-v2: sends authority TLV according to TLV received
- MINOR: build: add linux-glibc-legacy build TARGET
- BUG/MEDIUM: peers: local peer socket not bound.
- BUILD: connection: silence gcc warning with extra parentheses
- BUG/MINOR: http-ana: Reset response flags when 1xx messages are handled
- BUG/MINOR: h1: Properly reset h1m when parsing is restarted
- BUG/MINOR: mux-h1: Fix size evaluation of HTX messages after headers parsing
- BUG/MINOR: mux-h1: Don't stop anymore input processing when the max is reached
- BUG/MINOR: mux-h1: Be sure to update the count before adding EOM after trailers
- BUG/MEDIUM: cache: Properly copy headers splitted on several shctx blocks
- BUG/MEDIUM: cache: Don't cache objects if the size of headers is too big
- BUG/MINOR: mux-h1: Fix a possible null pointer dereference in h1_subscribe()
- MEDIUM: fd: remove the FD_EV_POLLED status bit
- MEDIUM: fd: simplify the fd_*_{recv,send} functions using BTS/BTR
- MINOR: fd: make updt_fd_polling() a normal function
- CONTRIB: debug: add new program "poll" to test poll() events
- BUG/MINOR: checks: stop polling for write when we have nothing left to send
- BUG/MINOR: checks: start sending the request right after connect()
- BUG/MINOR: checks: make __event_chk_srv_r() report success before closing
- BUG/MINOR: checks: do not uselessly poll for reads before the connection is up
- BUG/MINOR: mux-h1: Fix a UAF in cfg_h1_headers_case_adjust_postparser()
- BUILD: CI: add basic CentOS 6 cirrus build
- MINOR: contrib/prometheus-exporter: Report DRAIN/MAINT/NOLB status for servers
- BUG/MINOR: lb/leastconn: ignore the server weights for empty servers
- BUG/MAJOR: ssl: ssl_sock was not fully initialized.
- MEDIUM: fd: mark the FD as ready when it's inserted
- MINOR: fd: add two new calls fd_cond_{recv,send}()
- MEDIUM: connection: enable reading only once the connection is confirmed
- MINOR: fd: add two flags ERR and SHUT to describe FD states
- MEDIUM: fd: do not use the FD_POLL_* flags in the pollers anymore
- BUG/MEDIUM: connection: don't keep more idle connections than ever needed
- MINOR: stats: report the number of idle connections for each server
- BUILD: CI: skip reg-tests/connection/proxy_protocol_random_fail.vtc on CentOS 6
- BUILD/MINOR: auth: enabling for osx
- BUG/MINOR: listener: Fix a possible null pointer dereference
- BUG/MINOR: ssl: always check for ssl connection before getting its XPRT context
- MINOR: stats: Add JSON export from the stats page
- BUG/MINOR: filters: Properly set the HTTP status code on analysis error
- MINOR: sample: Add UUID-fetch
- CLEANUP: mux-h2: Remove unused flag H2_SF_DATA_CHNK
- BUG/MINOR: acl: Fix memory leaks when an ACL expression is parsed
- BUG/MINOR: backend: Fix a possible null pointer dereference
- BUG/MINOR: Missing stat_field_names (since
|
||
Willy Tarreau
|
db5140741d |
[RELEASE] Released version 2.1-dev1
Released version 2.1-dev1 with the following main changes : - BUG/MEDIUM: h2/htx: Update data length of the HTX when the cookie list is built - DOC: this is a development branch again. - MEDIUM: Make 'block' directive fatal - MEDIUM: Make 'redispatch' directive fatal - MEDIUM: Make '(cli|con|srv)timeout' directive fatal - MEDIUM: Remove 'option independant-streams' - MINOR: sample: Add sha2([<bits>]) converter - MEDIUM: server: server-state global file stored in a tree - BUG/MINOR: lua/htx: Make txn.req_req_* and txn.res_rep_* HTX aware - BUG/MINOR: mux-h1: Add the header connection in lower case in outgoing messages - BUG/MEDIUM: compression: Set Vary: Accept-Encoding for compressed responses - MINOR: htx: Add the function htx_change_blk_value_len() - BUG/MEDIUM: htx: Fully update HTX message when the block value is changed - BUG/MEDIUM: mux-h2: Reset padlen when several frames are demux - BUG/MEDIUM: mux-h2: Remove the padding length when a DATA frame size is checked - BUG/MEDIUM: lb_fwlc: Don't test the server's lb_tree from outside the lock - BUG/MAJOR: sample: Wrong stick-table name parsing in "if/unless" ACL condition. - BUILD: mworker: silence two printf format warnings around getpid() - BUILD: makefile: use :space: instead of digits to count commits - BUILD: makefile: adjust the sed expression of "make help" for solaris - BUILD: makefile: do not rely on shell substitutions to determine git version - BUG/MINOR: mworker-prog: Fix segmentation fault during cfgparse - BUG/MINOR: spoe: Fix memory leak if failing to allocate memory - BUG/MEDIUM: mworker: don't call the thread and fdtab deinit - BUG/MEDIUM: stream_interface: Don't add SI_FL_ERR the state is < SI_ST_CON. - BUG/MEDIUM: connections: Always add the xprt handshake if needed. - BUG/MEDIUM: ssl: Don't do anything in ssl_subscribe if we have no ctx. - BUG/MEDIUM: mworker/cli: command pipelining doesn't work anymore - BUG/MINOR: htx: Save hdrs_bytes when the HTX start-line is replaced - BUG/MAJOR: mux-h1: Don't crush trash chunk area when outgoing message is formatted - BUG/MINOR: memory: Set objects size for pools in the per-thread cache - BUG/MINOR: log: Detect missing sampling ranges in config - BUG/MEDIUM: proto_htx: Don't add EOM on 1xx informational messages - BUG/MEDIUM: mux-h1: Use buf_room_for_htx_data() to detect too large messages - BUG/MINOR: mux-h1: Make format errors during output formatting fatal - BUG/MEDIUM: ssl: Don't attempt to set alpn if we're not using SSL. - BUG/MEDIUM: mux-h1: Always release H1C if a shutdown for writes was reported - BUG/MINOR: mworker/cli: don't output a \n before the response - BUG/MEDIUM: checks: unblock signals in external checks - BUG/MINOR: mux-h1: Skip trailers for non-chunked outgoing messages - BUG/MINOR: mux-h1: Don't return the empty chunk on HEAD responses - BUG/MEDIUM: connections: Always call shutdown, with no linger. - BUG/MEDIUM: checks: Make sure the tasklet won't run if the connection is closed. - BUG/MINOR: contrib/prometheus-exporter: Don't use channel_htx_recv_max() - BUG/MINOR: hlua: Don't use channel_htx_recv_max() - BUG/MEDIUM: channel/htx: Use the total HTX size in channel_htx_recv_limit() - BUG/MINOR: hlua/htx: Respect the reserve when HTX data are sent - BUG/MINOR: contrib/prometheus-exporter: Respect the reserve when data are sent - BUG/MEDIUM: connections: Make sure we're unsubscribe before upgrading the mux. - BUG/MEDIUM: servers: Authorize tfo in default-server. - BUG/MEDIUM: sessions: Don't keep an extra idle connection in sessions. - MINOR: server: Add "no-tfo" option. - BUG/MINOR: contrib/prometheus-exporter: Don't try to add empty data blocks - MINOR: action: Add the return code ACT_RET_DONE for actions - BUG/MEDIUM: http/applet: Finish request processing when a service is registered - BUG/MEDIUM: lb_fas: Don't test the server's lb_tree from outside the lock - BUG/MEDIUM: mux-h1: Handle TUNNEL state when outgoing messages are formatted - BUG/MINOR: mux-h1: Don't process input or ouput if an error occurred - MINOR: stream-int: Factorize processing done after sending data in si_cs_send() - BUG/MEDIUM: stream-int: Don't rely on CF_WRITE_PARTIAL to unblock opposite si - DOC: contrib: spoa_server Add some hints for building spoa_server - DOC: Fix typo in intro.txt - BUG/MEDIUM: servers: Don't forget to set srv_cs to NULL if we can't reuse it. - BUG/MINOR: ssl: revert empty handshake detection in OpenSSL <= 1.0.2 - MINOR: pools: release the pool's lock during the malloc/free calls - MINOR: pools: always pre-initialize allocated memory outside of the lock - MINOR: pools: make the thread harmless during the mmap/munmap syscalls - BUG/MEDIUM: fd/threads: fix excessive CPU usage on multi-thread accept - BUG/MINOR: server: Be really able to keep "pool-max-conn" idle connections - BUG/MEDIUM: checks: Don't attempt to read if we destroyed the connection. - BUG/MEDIUM: da: cast the chunk to string. - DOC: Fix typos and grammer in configuration.txt - CLEANUP: proto_tcp: Remove useless header inclusions. - BUG/MEDIUM: servers: Fix a race condition with idle connections. - MINOR: task: introduce work lists - BUG/MAJOR: listener: fix thread safety in resume_listener() - BUG/MEDIUM: mux-h1: Don't release h1 connection if there is still data to send - BUG/MINOR: mux-h1: Correctly report Ti timer when HTX and keepalives are used - BUG/MEDIUM: streams: Don't give up if we couldn't send the request. - BUG/MEDIUM: streams: Don't redispatch with L7 retries if redispatch isn't set. - BUG/MINOR: mux-pt: do not pretend there's more data after a read0 - BUG/MEDIUM: tcp-check: unbreak multiple connect rules again - MEDIUM: mworker-prog: Add user/group options to program section - REGTESTS: checks: tcp-check connect to multiple ports - BUG/MEDIUM: threads: cpu-map designating a single thread/process are ignored |
||
Willy Tarreau
|
ba23630ad0 |
[RELEASE] Released version 2.0.0
Released version 2.0.0 with the following main changes : - MINOR: fd: Don't use atomic operations when it's not needed. - DOC: mworker-prog: documentation for the program section - MINOR: http: add a new "http-request replace-uri" action - BUG/MINOR: 51d/htx: The _51d_fetch method, and the methods it calls are now HTX aware. - MINOR: 51d: Added dummy libraries for the 51Degrees module for testing. - MINOR: mworker: change formatting in uptime field of "show proc" - MINOR: mworker: add the HAProxy version in "show proc" - MINOR: doc: Remove -Ds option in man page - MINOR: doc: add master-worker in the man page - MINOR: doc: mention HAPROXY_LOCALPEER in the man - BUILD: Silence gcc warning about unused return value - CLEANUP: 51d: move the 51d dummy lib to contrib/51d/src to match the real lib - BUILD: travis-ci: add 51Degree device detection, update openssl to 1.1.1c - MINOR: doc: update the manpage and usage message about -S - BUILD/MINOR: 51d: Updated build registration output to indicate thatif the library is a dummy one or not. - BUG/MEDIUM: h1: Don't wait for handshake if we had an error. - BUG/MEDIUM: h1: Wait for the connection if the handshake didn't complete. - BUG/MINOR: task: prevent schedulable tasks from starving under high I/O activity - BUG/MINOR: fl_trace/htx: Be sure to always forward trailers and EOM - BUG/MINOR: channel/htx: Call channel_htx_full() from channel_full() - BUG/MINOR: http: Use the global value to limit the number of parsed headers - BUG/MINOR: htx: Detect when tail_addr meet end_addr to maximize free rooms - BUG/MEDIUM: htx: Don't change position of the first block during HTX analysis - CLEANUP: channel: Remove channel_htx_fwd_payload() and channel_htx_fwd_all() - BUG/MEDIUM: proto_htx: Introduce the state ENDING during forwarding - MINOR: htx: Add 3 flags on the start-line to deal with the request schemes - MINOR: h2: Set flags about the request's scheme on the start-line - MINOR: mux-h1: Set flags about the request's scheme on the start-line - MINOR: mux-h2: Forward clients scheme to servers checking start-line flags - MEDIUM: server: server-state only rely on server name - CLEANUP: connection: rename the wait_event.task field to .tasklet - CLEANUP: tasks: rename task_remove_from_tasklet_list() to tasklet_remove_* - BUG/MEDIUM: connections: Don't call shutdown() if we want to disable linger. - DOC: add some environment variables in section 2.3 - BUILD: makefile: clarify the "help" output and list options - BUG/MINOR: mux-h1: Wake busy mux for I/O when message is fully sent - BUG: tasks: fix bug introduced by latest scheduler cleanup - BUG/MEDIUM: mux-h2: fix early close with option abortonclose - BUG/MEDIUM: connections: Don't use ALPN to pick mux when in mode TCP. - BUG/MEDIUM: connections: Don't try to send early data if we have no mux. - BUG/MEDIUM: mux-h2: properly account for the appended data in HTX - BUILD: makefile: further clarify the "help" output and list targets - BUILD: makefile: rename "linux2628" to "linux-glibc" and remove older targets - BUILD: travis-ci: switch to linux-glibc instead of linux2628 - DOC: update few references to the linux* targets and change them to linux-glibc - BUILD: makefile: detect and reject recently removed linux targets - BUILD: makefile: enable linux namespaces by default on linux - BUILD: makefile: enable TFO on linux platforms - BUILD: makefile: enable getaddrinfo on the linux-glibc target - DOC: small updates to the CONTRIBUTING file - BUG/MEDIUM: ssl: Make sure we initiate the handshake after using early data. - CLEANUP: removed obsolete examples an move a few to better places - DOC: Fix typos in CONTRIBUTING - DOC: update the outdated ROADMAP file - DOC: create a BRANCHES file to explain the life cycle - DOC: mention in INSTALL haproxy 2.0 is a long-term supported stable version - BUILD: travis-ci: TFO and GETADDRINFO are now enabled by default - BUILD: makefile: make the obsolete target detection compatible with make-3.80 - BUILD: tools: work around an internal compiler bug in gcc-3.4 - BUILD: pattern: work around an internal compiler bug in gcc-3.4 - BUILD: makefile: enable USE_RT on Solaris - BUILD: makefile: do not use echo -n - DOC: mention a few common build errors in the INSTALL file |
||
Willy Tarreau
|
ca3551f005 |
[RELEASE] Released version 2.0-dev7
Released version 2.0-dev7 with the following main changes : - BUG/MEDIUM: mux-h2: make sure the connection timeout is always set - MINOR: tools: add new bitmap manipulation functions - MINOR: logs: use the new bitmap functions instead of fd_sets for encoding maps - MINOR: chunks: Make sure trash_size is only set once. - Revert "MINOR: chunks: Make sure trash_size is only set once." - MINOR: threads: serialize threads initialization - MINOR peers: data structure simplifications for server names dictionary cache. - DOC: peers: Update for dictionary cache entries for peers protocol. - MINOR: dict: Store the length of the dictionary entries. - MINOR: peers: A bit of optimization when encoding cached server names. - MINOR: peers: Optimization for dictionary cache lookup. - MEDIUM: tools: improve time format error detection - BUG/MEDIUM: H1: When upgrading, make sure we don't free the buffer too early. - BUG/MEDIUM: stream_interface: Make sure we call si_cs_process() if CS_FL_EOI. - MINOR: threads: avoid clearing harmless twice in thread_release() - MEDIUM: threads: add thread_sync_release() to synchronize steps - BUG/MEDIUM: init/threads: prevent initialized threads from starting before others - OPTIM/MINOR: init/threads: only call protocol_enable_all() on first thread - BUG/MINOR: dict: race condition fix when inserting dictionary entries. - MEDIUM: init/threads: don't use spinlocks during the init phase - BUG/MINOR: cache/htx: Fix the counting of data already sent by the cache applet - BUG/MEDIUM: compression/htx: Fix the adding of the last data block - MINOR: flt_trace: Don't scrash the original offset during the random forwarding - MAJOR: htx: Rework how free rooms are tracked in an HTX message - MINOR: htx: Add the function htx_move_blk_before() - Revert "BUG/MEDIUM: H1: When upgrading, make sure we don't free the buffer too early." - BUG/MINOR: http-rules: mention "deny_status" for "deny" in the error message - MINOR: http: turn default error files to HTTP/1.1 - BUG/MEDIUM: h1: Don't try to subscribe if we had a connection error. - BUG/MEDIUM: h1: Don't consider we're connected if the handshake isn't done. - MINOR: contrib/spoa_server: Upgrade SPOP to 2.0 - BUG/MEDIUM: contrib/spoa_server: Set FIN flag on agent frames - MINOR: contrib/spoa_server: Add random IP score - DOC/MINOR: contrib/spoa_server: Fix typo in README |
||
Willy Tarreau
|
b57f109966 |
[RELEASE] Released version 2.0-dev6
Released version 2.0-dev6 with the following main changes : - BUG/MEDIUM: connection: fix multiple handshake polling issues - MINOR: connection: also stop receiving after a SOCKS4 response - MINOR: mux-h1: don't try to recv() before the connection is ready - BUG/MEDIUM: mux-h1: only check input data for the current stream, not next one - MEDIUM: mux-h1: don't use CS_FL_REOS anymore - CLEANUP: connection: remove the now unused CS_FL_REOS flag - CONTRIB: debug: add 4 missing connection/conn_stream flags - MEDIUM: stream: make a full process_stream() loop when completing I/O on exit - MINOR: server: increase the default pool-purge-delay to 5 seconds - BUILD: tools: do not use the weak attribute for trace() on obsolete linkers - BUG/MEDIUM: vars: make sure the scope is always valid when accessing vars - BUG/MEDIUM: vars: make the tcp/http unset-var() action support conditions - BUILD: task: fix a build warning when threads are disabled - CLEANUP: peers: Remove tabs characters. - CLEANUP: peers: Replace hard-coded values by macros. - BUG/MINOR: peers: Wrong stick-table update message building. - MINOR: dict: Add dictionary new data structure. - MINOR: peers: Add a LRU cache implementation for dictionaries. - MINOR: stick-table: Add "server_name" new data type. - MINOR: cfgparse: Space allocation for "server_name" stick-table data type. - MINOR: proxy: Add a "server by name" tree to proxy. - MINOR: server: Add a dictionary for server names. - MINOR: stream: Stickiness server lookup by name. - MINOR: peers: Make peers protocol support new "server_name" data type. - MINOR: stick-table: Make the CLI stick-table handler support dictionary entry data type. - REGTEST: Add a basic server by name stickiness reg test. - MINOR: peers: Add dictionary cache information to "show peers" CLI command. - MINOR: peers: Replace hard-coded for peer protocol 64-bits value encoding by macros. - MINOR: peers: Replace hard-coded values for peer protocol messaging by macros. - CLEANUP: ssl: remove unneeded defined(OPENSSL_IS_BORINGSSL) - BUILD: travis-ci improvements - MINOR: SSL: add client/server random sample fetches - BUG/MINOR: channel/htx: Don't alter channel during forward for empty HTX message - BUG/MINOR: contrib/prometheus-exporter: Add HTX data block in one time - BUG/MINOR: mux-h1: errflag must be set on H1S and not H1M during output processing - MEDIUM: mux-h1: refactor output processing - MINOR: mux-h1: Add the flag HAVE_O_CONN on h1s - MINOR: mux-h1: Add h1_eval_htx_hdrs_size() to estimate size of the HTX headers - MINOR: mux-h1: Don't count the EOM in the estimated size of headers - MEDIUM: cache/htx: Always store info about HTX blocks in the cache - MEDIUM: htx: Add the parsing of trailers of chunked messages - MINOR: htx: Don't use end-of-data blocks anymore - BUG/MINOR: mux-h1: Don't send more data than expected - BUG/MINOR: flt_trace/htx: Only apply the random forwarding on the message body. - BUG/MINOR: peers: Wrong "server_name" decoding. - BUG/MEDIUM: servers: Don't attempt to destroy idle connections if disabled. - MEDIUM: checks: Make sure we unsubscribe before calling cs_destroy(). - MEDIUM: connections: Wake the upper layer even if sending/receiving is disabled. - MEDIUM: ssl: Handle subscribe by itself. - MINOR: ssl: Make ssl_sock_handshake() static. - MINOR: connections: Add a new xprt method, remove_xprt. - MINOR: connections: Add a new xprt method, add_xprt(). - MEDIUM: connections: Introduce a handshake pseudo-XPRT. - MEDIUM: connections: Remove CONN_FL_SOCK* - BUG/MEDIUM: ssl: Don't forget to initialize ctx->send_recv and ctx->recv_wait. - BUG/MINOR: peers: Wrong server name parsing. - MINOR: server: really increase the pool-purge-delay default to 5 seconds - BUG/MINOR: stream: don't emit a send-name-header in conn error or disconnect states - MINOR: stream-int: use bit fields to match multiple stream-int states at once - MEDIUM: stream-int: remove dangerous interval checks for stream-int states - MEDIUM: stream-int: introduce a new state SI_ST_RDY - MAJOR: stream-int: switch from SI_ST_CON to SI_ST_RDY on I/O - MEDIUM: stream-int: make idle-conns switch to ST_RDY - MEDIUM: stream: re-arrange the connection setup status reporting - MINOR: stream-int: split si_update() into si_update_rx() and si_update_tx() - MINOR: stream-int: make si_sync_send() from the send code of si_update_both() - MEDIUM: stream: rearrange the events to remove the loop - MEDIUM: stream: only loop on flags relevant to the analysers - MEDIUM: stream: don't abusively loop back on changes on CF_SHUT*_NOW - BUILD: stream-int: avoid a build warning in dev mode in si_state_bit() - BUILD: peers: fix a build warning about an incorrect intiialization - BUG/MINOR: time: make sure only one thread sets global_now at boot - BUG/MEDIUM: tcp: Make sure we keep the polling consistent in tcp_probe_connect. |
||
Willy Tarreau
|
abc874ea45 |
[RELEASE] Released version 2.0-dev5
Released version 2.0-dev5 with the following main changes : - BUILD: watchdog: use si_value.sival_int, not si_int for the timer's value - BUILD: signals: FreeBSD has SI_LWP instead of SI_TKILL - BUILD: watchdog: condition it to USE_RT - MINOR: raw_sock: report global traffic statistics - MINOR: stats: report the global output bit rate in human readable form - BUG/MINOR: proto-htx: Try to keep connections alive on redirect - BUG/MEDIUM: spoe: Don't use the SPOE applet after releasing it - BUG/MINOR: lua: Set right direction and flags on new HTTP objects - BUG/MINOR: mux-h2: Count EOM in bytes sent when a HEADERS frame is formatted - BUG/MINOR: mux-h1: Report EOI instead EOS on parsing error or H2 upgrade - BUG/MEDIUM: proto-htx: Not forward too much data when 1xx reponses are handled - BUG/MINOR: htx: Remove a forgotten while loop in htx_defrag() - DOC: fix typos - BUG/MINOR: ssl_sock: Fix memory leak when disabling compression - OPTIM: freq-ctr: don't take the date lock for most updates - MEDIUM: mux-h2: avoid doing expensive buffer realigns when not absolutely needed - CLEANUP: debug: remove the TRACE() macro - MINOR: buffer: introduce b_make() to make a buffer from its parameters - MINOR: buffer: add a new buffer ring API to manipulate rings of buffers - MEDIUM: mux-h2: replace all occurrences of mbuf with a buffer ring - MEDIUM: mux-h2: make the conditions to send based on mbuf, not just its tail - MINOR: mux-h2: introduce h2_release_mbuf() to release all buffers in the mbuf ring - MEDIUM: mux-h2: make the send() function iterate over all mux buffers - CLEANUP: mux-h2: consistently use a local variable for the mbuf - MINOR: mux-h2: report the mbuf's head and tail in "show fd" - MAJOR: mux-h2: switch to next mux buffer on buffer full condition. - BUILD: connections: shut up gcc about impossible out-of-bounds warning - BUILD: ssl: fix latest LibreSSL reg-test error - MINOR: cli/activity: remove "fd_del" and "fd_skip" from show activity - MINOR: cli/activity: add 3 general purpose counters in development mode - BUG/MAJOR: lb/threads: make sure the avoided server is not full on second pass - BUG/MEDIUM: queue: fix the tree walk in pendconn_redistribute. - BUG/MEDIUM: threads: fix double-word CAS on non-optimized 32-bit platforms - MEDIUM: config: now alert when two servers have the same name - MINOR: htx: Remove the macro IS_HTX_SMP() and always use IS_HTX_STRM() instead - MINOR: htx: Move the macro IS_HTX_STRM() in proto/stream.h - MINOR: htx: Store the head position instead of the wrap one - MINOR: htx: Store start-line block's position instead of address of its payload - MINOR: htx: Add functions to get the first block of an HTX message - MINOR: mux-h2/htx: Get the start-line from the head when HEADERS frame is built - MINOR: htx: Replace the function http_find_stline() by http_get_stline() - CLEANUP: htx: Remove unused function htx_get_stline() - MINOR: http/htx: Use sl_pos directly to replace the start-line - MEDIUM: http/htx: Perform analysis relatively to the first block - MINOR: channel/htx: Call channel_htx_recv_max() from channel_recv_max() - MINOR: htx: Add function htx_get_max_blksz() - BUG/MINOR: htx: Change htx_xfer_blk() to also count metadata - MEDIUM: mux-h1: Use the count value received from the SI in h1_rcv_buf() - MINOR: mux-h2: Use the count value received from the SI in h2_rcv_buf() - MINOR: stream-int: Don't use the flag CO_RFL_KEEP_RSV anymore in si_cs_recv() - MINOR: connection: Remove the unused flag CO_RFL_KEEP_RSV - MINOR: mux-h2/htx: Support zero-copy when possible in h2_rcv_buf() - MINOR: htx: Add a field to set the memory used by headers in the HTX start-line - MINOR: h2/htx: Set hdrs_bytes on the SL when an HTX message is produced - MINOR: mux-h1: Set hdrs_bytes on the SL when an HTX message is produced - MINOR: htx: Be sure to xfer all headers in one time in htx_xfer_blks() - MEDIUM: htx: 1xx messages are now part of the final reponses - MINOR: channel/htx: Add function to forward headers of an HTX message - MINOR: filters/htx: Use channel_htx_fwd_headers() after headers filtering - MINOR: proto-htx: Use channel_htx_fwd_headers() to forward 1xx responses - MEDIUM: htx: Store the first block position instead of the start-line one - MINOR: stats/htx: don't use the first block position but the head one - MINOR: channel/htx: Add functions to forward a part or all HTX payload - MINOR: proto-htx: Use channel_htx_fwd_all() when unfiltered body are forwarded - MEDIUM: filters/htx: Filter body relatively to the first block - MINOR: htx: Optimize htx_drain() when all data are drained - MINOR: htx: don't rely on htx_find_blk() anymore in the function htx_truncate() - MINOR: htx: remove the unused function htx_find_blk() - MINOR: htx: Remove support of pseudo headers because it is unused - BUG/MEDIUM: http: fix "http-request reject" when not final - MINOR: ssl: Make sure the underlying xprt's init method doesn't fail. - MINOR: ssl: Don't forget to call the close method of the underlying xprt. - MINOR: htx: rename htx_append_blk_value() to htx_add_data_atonce() - MINOR: htx: make htx_add_data() return the transmitted byte count - MEDIUM: htx: make htx_add_data() never defragment the buffer - MINOR: activity: write totals on the "show activity" output - MINOR: activity: report totals and average separately - MEDIUM: poller: separate the wait time from the wake events - MINOR: activity: report the number of failed pool/buffer allocations - MEDIUM: buffers: relax the buffer lock a little bit - MINOR: task: turn the WQ lock to an RW_LOCK - MEDIUM: task: don't grab the WR lock just to check the WQ - BUG/MEDIUM: mux-h1: Don't skip the TCP splicing when there is no more data to read - MEDIUM: sessions: Introduce session flags. - BUG/MEDIUM: h2: Don't forget to set h2s->cs to NULL after having free'd cs. - BUG/MEDIUM: mux-h2: fix the conditions to end the h2_send() loop - BUG/MEDIUM: mux-h2: don't refrain from offering oneself a used buffer - BUG/MEDIUM: connection: Use the session to get the origin address if needed. - MEDIUM: tasks: Get rid of active_tasks_mask. - MEDIUM: connection: Upstream SOCKS4 proxy support - BUILD: contrib/prometheus: fix build breakage caused by move of idle_pct - BUG/MINOR: deinit/threads: make hard-stop-after perform a clean exit |
||
Willy Tarreau
|
567406949b |
[RELEASE] Released version 2.0-dev4
Released version 2.0-dev4 with the following main changes : - BUILD: enable freebsd builds on cirrus-ci - BUG/MINOR: http_fetch: Rely on the smp direction for "cookie()" and "hdr()" - MEDIUM: Make 'option forceclose' actually warn - MEDIUM: Make 'resolution_pool_size' directive fatal - DOC: management: place "show activity" at the right place - MINOR: cli/activity: show the dumping thread ID starting at 1 - MINOR: task: export global_task_mask - MINOR: cli/debug: add a thread dump function - BUG/MEDIUM: streams: Don't use CF_EOI to decide if the request is complete. - BUG/MEDIUM: streams: Try to L7 retry before aborting the connection. - BUG/MINOR: debug: make ha_task_dump() always check the task before dumping it - BUG/MINOR: debug: make ha_task_dump() actually dump the requested task - MINOR: debug: make ha_thread_dump() and ha_task_dump() take a buffer - BUG/MINOR: debug: don't check the call date on tasklets - MINOR: thread: implement ha_thread_relax() - MINOR: task: put barriers after each write to curr_task - MINOR: task: always reset curr_task when freeing a task or tasklet - MINOR: stream: detach the stream from its own task on stream_free() - MEDIUM: debug/threads: implement an advanced thread dump system - REGTEST: extend the check duration on tls_health_checks and mark it slow - DOC: fix "successful" typo - MINOR: init: setenv HAPROXY_CFGFILES - MINOR: threads/init: synchronize the threads startup - MEDIUM: init/mworker: make the pipe register function a regular initcall - CLEANUP: memory: make the fault injection code use the OTHER_LOCK label - CLEANUP: threads: remove the now unused START_LOCK label - MINOR: init/threads: make the global threads an array of structs - MINOR: threads: add each thread's clockid into the global thread_info - CLEANUP: stream: remove an obsolete debugging test - MINOR: tools: add dump_hex() - MINOR: debug: implement ha_panic() - MINOR: debug/cli: add some debugging commands for developers - MINOR: tools: provide a may_access() function and make dump_hex() use it - MINOR: debug: make ha_panic() report threads starting at 1 - REORG: compat: move some integer limit definitions from standard.h to compat.h - REORG: threads: move the struct thread_info from global.h to hathreads.h - MINOR: compat: make sure to always define clockid_t - MINOR: threads: always place the clockid in the struct thread_info - MINOR: threads: add a thread-local thread_info pointer "ti" - MINOR: time: move the cpu, mono, and idle time to thread_info - MINOR: time: add a function to retrieve another thread's cputime - MINOR: debug: report each thread's cpu usage in "show thread" - BUILD: threads: only assign the clock_id when supported - BUILD: makefile: use USE_OBSOLETE_LINKER for solaris - BUILD: makefile: remove -fomit-frame-pointer optimisation (solaris) - MAJOR: polling: add event ports support (Solaris) - BUG/MEDIUM: streams: Don't switch from SI_ST_CON to SI_ST_DIS on read0. - CLEANUP: time: refine the test on _POSIX_TIMERS - MINOR: compat: define a new empty type empty_t for non-implemented fields - CLEANUP: time: switch clockid_t to empty_t when not available - BUG/MINOR: mworker: Fix memory leak of mworker_proc members - CLEANUP: objtype: make obj_type() and obj_type_name() take consts - MINOR: debug: switch to SIGURG for thread dumps - CLEANUP: threads: really move thread_info to hathreads.c - MINOR: threads: make threads_{harmless|want_rdv}_mask constant 0 without threads - CLEANUP: debug: always report harmless/want_rdv even without threads - MINOR: threads: implement ha_tkill() and ha_tkillall() - CLEANUP: debug: make use of ha_tkill() and remove ifdefs - MINOR: stream: introduce a stream_dump() function and use it in stream_dump_and_crash() - MINOR: debug: dump streams when an applet, iocb or stream is known - MINOR: threads: add a "stuck" flag to the thread_info struct - MINOR: threads: add a timer_t per thread in thread_info - MAJOR: watchdog: implement a thread lockup detection mechanism - MINOR: stream: remove the cpu time detection from process_stream() - MINOR: connection: report the mux names in "haproxy -vv" - CLEANUP: mux-h1: use "H1" and not "h1" as the mux's name - BUG/MEDIUM: WURFL: segfault in wurfl-get() with missing info. - MINOR: WURFL: call header_retireve_callback() in dummy library - MINOR: WURFL: fixed Engine load failed error when wurfl-information-list contains wurfl_root_id - MINOR: WURFL: shows log messages during module initialization - MINOR: WURFL: removes heading wurfl-information-separator from wurfl-get-all() and wurfl-get() results - MINOR: WURFL: wurfl_get() and wurfl_get_all() now return an empty string if device detection fails - MEDIUM: WURFL: HTX awareness. - MINOR: WURFL: module version bump to 2.0 - MINOR: WURFL: do not emit warnings when not configured - CONTRIB: wurfl: address 3 build issues in the wurfl dummy library - BUG/MEDIUM: init/threads: provide per-thread alloc/free function callbacks - BUILD: travis: add sanitizers to travis-ci builds - BUILD: time: remove the test on _POSIX_C_SOURCE - CLEANUP: build: rename some build macros to use the USE_* ones - CLEANUP: raw_sock: remove support for very old linux splice bug workaround - BUG/MEDIUM: dns: make the port numbers unsigned - MEDIUM: config: deprecate the antique req* and rsp* commands |
||
Willy Tarreau
|
a257a9b015 |
[RELEASE] Released version 2.0-dev3
Released version 2.0-dev3 with the following main changes : - BUG/MINOR: peers: Really close the sessions with no heartbeat. - CLEANUP: peers: remove useless annoying tabulations. - CLEANUP: peers: replace timeout constants by macros. - REGTEST: Enable again reg tests with HEAD HTTP method usage. - DOC: The option httplog is no longer valid in a backend. - DOC: peers: Peers protocol documentation update. - REGTEST: remove unexpected "nbthread" statement from Lua test cases - BUILD: Makefile: remove 11-years old workarounds for deprecated options - BUILD: remove 10-years old error message for obsolete option USE_TCPSPLICE - BUILD: Makefile: remove outdated support for dlmalloc - BUILD: Makefile: consider a variable's origin and not its value for the options list - BUILD: Makefile: also report disabled options in the BUILD_OPTIONS variable - BUILD: Makefile: shorten default settings declaration - BUILD: Makefile: clean up the target declarations - BUILD: report the whole feature set with their status in haproxy -vv - BUILD: pass all "USE_*" variables as -DUSE_* to the compiler - REGTEST: script: make the script use the new features list - REGTEST: script: remove platform-specific assigments of OPTIONS - BUG/MINOR: peers: Missing initializations after peer session shutdown. - BUG/MINOR: contrib/prometheus-exporter: Fix applet accordingly to recent changes - BUILD/MINOR: listener: Silent a few signedness warnings. - BUG/MINOR: mux-h1: Only skip invalid C-L headers on output - BUG/MEDIUM: mworker: don't free the wrong child when not found - BUG/MEDIUM: checks: Don't bother subscribing if we have a connection error. - BUG/MAJOR: checks: segfault during tcpcheck_main - BUILD: makefile: work around an old bug in GNU make-3.80 - BUILD: makefile: work around another bug in make 3.80 - BUILD: http: properly mark some struct as extern - BUILD: chunk: properly declare pool_head_trash as extern - BUILD: cache: avoid a build warning with some compilers/linkers - MINOR: tools: make memvprintf() never pass a NULL target to vsnprintf() - MINOR: tools: add an unsetenv() implementation - BUILD: re-implement an initcall variant without using executable sections - BUILD: use inttypes.h instead of stdint.h - BUILD: connection: fix naming of ip_v field - BUILD: makefile: fix build of IPv6 header on aix51 - BUILD: makefile: add _LINUX_SOURCE_COMPAT to build on AIX-51 - BUILD: define unsetenv on AIX 5.1 - BUILD: Makefile: disable shared cache on AIX 5.1 - MINOR: ssl: Add aes_gcm_dec converter - REORG: mworker: move serializing functions to mworker.c - REORG: mworker: move signals functions to mworker.c - REORG: mworker: move IPC functions to mworker.c - REORG: mworker: move signal handlers and related functions - REORG: mworker: move mworker_cleanlisteners to mworker.c - MINOR: mworker: calloc mworker_proc structures - MINOR: mworker: don't use children variable anymore - MINOR: cli: export cli_parse_default() definition in cli.h - REORG: mworker/cli: move CLI functions to mworker.c - MEDIUM: mworker-prog: implement program for master-worker - MINOR: mworker/cli: show programs in 'show proc' - BUG/MINOR: cli: correctly handle abns in 'show cli sockets' - MINOR: cli: start addresses by a prefix in 'show cli sockets' - MINOR: cli: export HAPROXY_CLI environment variable - BUG/MINOR: htx: Preserve empty HTX messages with an unprocessed parsing error - BUG/MINOR: proto_htx: Reset to_forward value when a message is set to DONE - REGTEST: http-capture/h00000: Relax a regex matching the log message - REGTEST: http-messaging/h00000: Fix the test when the HTX is enabled - REGTEST: http-rules/h00003: Use a different client for requests expecting a 301 - REGTEST: log/b00000: Be sure the client always hits its timeout - REGTEST: lua/b00003: Relax the regex matching the log message - REGTEST: lua/b00003: Specify the HAProxy pid when the command ss is executed - BUG/MEDIUM: peers: fix a case where peer session is not cleanly reset on release. - BUG/MEDIUM: h2: Don't attempt to recv from h2_process_demux if we subscribed. - BUG/MEDIUM: htx: fix random premature abort of data transfers - BUG/MEDIUM: streams: Don't remove the SI_FL_ERR flag in si_update_both(). - BUG/MEDIUM: streams: Store prev_state before calling si_update_both(). - BUG/MEDIUM: stream: Don't clear the stream_interface flags in si_update_both. - MINOR: initcall: Don't forget to define the __start/stop_init_##stg symbols. - MINOR: threads: Implement thread_cpus_enabled() for FreeBSD. - BUG/MEDIUM: pattern: assign pattern IDs after checking the config validity - MINOR: skip get_gmtime where tm is unused - MINOR: ssl: Activate aes_gcm_dec converter for BoringSSL - BUG/MEDIUM: streams: Only re-run process_stream if we're in a connected state. - BUG/MEDIUM: stream_interface: Don't bother doing chk_rcv/snd if not connected. - BUG/MEDIUM: task/threads: address a fairness issue between local and global tasks - BUG/MINOR: tasks: make sure the first task to be queued keeps its nice value - BUG/MINOR: listener: renice the accept ring processing task - MINOR: cli/listener: report the number of accepts on "show activity" - MINOR: cli/activity: report the accept queue sizes in "show activity" - BUG/MEDIUM: spoe: Queue message only if no SPOE applet is attached to the stream - BUG/MEDIUM: spoe: Return an error if nothing is encoded for fragmented messages - BUG/MINOR: spoe: Be sure to set tv_request when each message fragment is encoded - BUG/MEDIUM: htx: Defrag if blocks position is changed and the payloads wrap - BUG/MEDIUM: htx: Don't crush blocks payload when append is done on a data block - MEDIUM: htx: Deprecate the option 'http-tunnel' and ignore it in HTX - MINOR: proto_htx: Don't adjust transaction mode anymore in HTX analyzers - BUG/MEDIUM: htx: Fix the process of HTTP CONNECT with h2 connections - MINOR: mux-h1: Simplify handling of 1xx responses - MINOR: stats/htx: Don't add "Connection: close" header anymore in stats responses - MEDIUM: h1: Add an option to sanitize connection headers during parsing - MEDIUM: mux-h1: Simplify the connection mode management by sanitizing headers - MINOR: mux-h1: Don't release the conn_stream anymore when h1s is destroyed - BUG/MINOR: mux-h1: Handle the flag CS_FL_KILL_CONN during a shutdown read/write - MINOR: mux-h2: Add a mux_ops dedicated to the HTX mode - MINOR: muxes: Add a flag to specify a multiplexer uses the HTX - MINOR: stream: Set a flag when the stream uses the HTX - MINOR: http: update the macro IS_HTX_STRM() to check the stream flag SF_HTX - MINOR: http_fetch/htx: Use stream flags instead of px mode in smp_prefetch_htx - MINOR: filters/htx: Use stream flags instead of px mode to instanciate a filter - MINOR: muxes: Rely on conn_is_back() during init to handle front/back conn - MEDIUM: muxes: Add an optional input buffer during mux initialization - MINOR: muxes: Pass the context of the mux to destroy() instead of the connection - MEDIUM: muxes: Be prepared to don't own connection during the release - MEDIUM: connection: Add conn_upgrade_mux_fe() to handle mux upgrades - MEDIUM: htx: Allow the option http-use-htx to be used on TCP proxies too - MAJOR: proxy/htx: Handle mux upgrades from TCP to HTTP in HTX mode - MAJOR: muxes/htx: Handle inplicit upgrades from h1 to h2 - MAJOR: htx: Enable the HTX mode by default for all proxies - REGTEST: Use HTX by default and add '--no-htx' option to disable it - BUG/MEDIUM: muxes: Don't dereference mux context if null in release functions - CLEANUP: task: do not export rq_next anymore - MEDIUM: tasks: improve fairness between the local and global queues - MEDIUM: tasks: only base the nice offset on the run queue depth - MINOR: tasks: restore the lower latency scheduling when niced tasks are present - BUG/MEDIUM: map: Fix memory leak in the map converter - BUG/MINOR: ssl: Fix 48 byte TLS ticket key rotation - BUILD: task/thread: fix single-threaded build of task.c - BUILD: cli/threads: fix build in single-threaded mode - BUG/MEDIUM: muxes: Make sure we unsubcribed when destroying mux ctx. - BUG/MEDIUM: h2: Make sure we're not already in the send_list in h2_subscribe(). - BUG/MEDIUM: h2: Revamp the way send subscriptions works. - MINOR: connections: Remove the SUB_CALL_UNSUBSCRIBE flag. - BUG/MEDIUM: Threads: Only use the gcc >= 4.7 builtins when using gcc >= 4.7. - BUILD: address a few cases of "static <type> inline foo()" - BUILD: do not specify "const" on functions returning structs or scalars - BUILD: htx: fix a used uninitialized warning on is_cookie2 - MINOR: peers: Add a new command to the CLI for peers. - DOC: update for "show peers" CLI command. - BUG/MAJOR: lb/threads: fix insufficient locking on round-robin LB - MEDIUM: mworker: store the leaving state of a process - MEDIUM: mworker-prog: implements 'option start-on-reload' - CLEANUP: mworker: remove the type field in mworker_proc - MEDIUM: mworker/cli: export the HAPROXY_MASTER_CLI variable - MINOR: cli: don't add a semicolon at the end of HAPROXY_CLI - MINOR: mworker: export HAPROXY_MWORKER=1 when running in mworker mode - MINOR: init: add a "set-dumpable" global directive to enable core dumps - BUG/MINOR: listener/mq: correctly scan all bound threads under low load - BUG/MINOR: mworker: mworker_kill should apply on every children - BUG/MINOR: mworker: don't exit with an ambiguous value - BUG/MINOR: mworker: ensure that we still quits with SIGINT - REGTESTS: exclude tests that require ssl, pcre if no such feature is enabled - BUG/MINOR: mux-h1: Process input even if the input buffer is empty - BUG/MINOR: mux-h1: Don't switch the parser in busy mode if other side has done - BUG/MEDIUM: mux-h1: Notify the stream waiting for TCP splicing if ibuf is empty - BUG/MEDIUM: mux-h1: Enable TCP splicing to exchange data only - MINOR: mux-h1: Handle read0 during TCP splicing - BUG/MEDIUM: htx: Don't return the start-line if the HTX message is empty - BUG/MAJOR: http_fetch: Get the channel depending on the keyword used - BUG/MINOR: http_fetch/htx: Allow permissive sample prefetch for the HTX - BUG/MINOR: http_fetch/htx: Use HTX versions if the proxy enables the HTX mode - BUG/MEDIUM: tasks: Make sure we set TASK_QUEUED before adding a task to the rq. - BUG/MEDIUM: tasks: Make sure we modify global_tasks_mask with the rq_lock. - MINOR: tasks: Don't consider we can wake task with tasklet_wakeup(). - MEDIUM: tasks: No longer use rq.node.leaf_p as a lock. - MINOR: tasks: Don't set the TASK_RUNNING flag when adding in the tasklet list. - BUG/MEDIUM: applets: Don't use task_in_rq(). - BUG/MAJOR: task: make sure never to delete a queued task - MINOR: task/thread: factor out a wake-up condition - CLEANUP: task: remain consistent when using the task's handler - MEDIUM: tasks: Merge task_delete() and task_free() into task_destroy(). - MEDIUM: tasks: Don't account a destroyed task as a runned task. - BUG/MINOR: contrib/prometheus-exporter: Fix a typo in the run-queue metric type - MINOR: contrib/prometheus-exporter: Remove usless rate metrics - MINOR: contrib/prometheus-exporter: Rename some metrics to be more usable - MINOR: contrib/prometheus-exporter: Follow best practices about metrics type - BUG/MINOR: mworker: disable busy polling in the master process - MEDIUM: tasks: Use __ha_barrier_store after modifying global_tasks_mask. - MEDIUM: ssl: Give ssl_sock its own context. - MEDIUM: connections: Move some fields from struct connection to ssl_sock_ctx. - MEDIUM: ssl: provide its own subscribe/unsubscribe function. - MEDIUM: connections: Provide a xprt_ctx for each xprt method. - MEDIUM: ssl: provide our own BIO. - BUILD/medium: ssl: Fix build with OpenSSL < 1.1.0 - MINOR: peers: adds counters on show peers about tasks calls. - MEDIUM: enable travis-ci builds - MINOR: fd: Add a counter of used fds. - MEDIUM: connections: Add a way to control the number of idling connections. - BUG/MEDIUM: maps: only try to parse the default value when it's present - BUG/MINOR: acl: properly detect pattern type SMP_T_ADDR - REGTEST: Missing REQUIRE_VERSION declarations. - MINOR: proto_tcp: tcp-request content: enable set-dst and set-dst-var - BUG/MEDIUM: h1: Don't parse chunks CRLF if not enough data are available - BUG/MEDIUM: thread/http: Add missing locks in set-map and add-acl HTTP rules - BUG/MEDIUM: stream: Don't request a server connection if a shutw was scheduled - BUG/MINOR: 51d: Get the request channel to call CHECK_HTTP_MESSAGE_FIRST() - BUG/MINOR: da: Get the request channel to call CHECK_HTTP_MESSAGE_FIRST() - MINOR: gcc: Fix a silly gcc warning in connect_server() - MINOR: ssl/cli: async fd io-handlers printable on show fd - Revert "CLEANUP: wurfl: remove dead, broken and unmaintained code" - BUILD: add USE_WURFL to the list of known build options - MINOR: wurfl: indicate in haproxy -vv the wurfl version in use - BUILD: wurfl: build fix for 1.9/2.0 code base - CLEANUP: wurfl: removed deprecated methods - DOC: wurfl: added point of contact in MAINTAINERS file - MINOR: wurfl: enabled multithreading mode - MINOR: contrib: dummy wurfl library - MINOR: dns: dns_requester structures are now in a memory pool - MINOR: dns: move callback affection in dns_link_resolution() - MINOR: obj_type: new object type for struct stream - MINOR: action: new '(http-request|tcp-request content) do-resolve' action - MINOR: log: Extract some code to send syslog messages. - REGTEST: replace LEVEL option by a more human readable one. - REGTEST: rename the reg test files. - REGTEST: adapt some reg tests after renaming. - REGTEST: make the "run-regtests" script search for tests in reg-tests by default - BUG/MAJOR: stream: Missing DNS context initializations. - BUG/MEDIUM: stream: Fix the way early aborts on the client side are handled - BUG/MINOR: spoe: Don't systematically wakeup SPOE stream in the applet handler - BUG/MEDIUM: ssl: Return -1 on recv/send if we got EAGAIN. - BUG/MAJOR: lb/threads: fix AB/BA locking issue in round-robin LB - BUG/MAJOR: muxes: Use the HTX mode to find the best mux for HTTP proxies only - BUG/MINOR: htx: Exclude TCP proxies when the HTX mode is handled during startup - CLEANUP: task: report calls as unsigned in show sess - MINOR: tasks/activity: report the context switch and task wakeup rates - MINOR: stream: measure and report a stream's call rate in "show sess" - MINOR: applet: measure and report an appctx's call rate in "show sess" - BUILD: extend Travis CI config to support more platforms - REGTEST: exclude osx and generic targets for 40be_2srv_odd_health_checks - REGTEST: relax the IPv6 address format checks in converters_ipmask_concat_strcmp_field_word - REGTEST: exclude OSX and generic targets from abns_socket.vtc - BUILD: travis: remove the "allow_failures" entry - BUG/MINOR: activity: always initialize the profiling variable - MINOR: activity: make the profiling status per thread and not global - MINOR: activity: enable automatic profiling turn on/off - CLEANUP: standard: use proper const to addr_to_str() and port_to_str() - BUG/MINOR: proto_http: properly reset the stream's call rate on keep-alive - MINOR: connection: make the debugging helper functions safer - MINOR: stream/debug: make a stream dump and crash function - MEDIUM: appctx/debug: force a crash if an appctx spins over itself forever - MEDIUM: stream/debug: force a crash if a stream spins over itself forever - MEDIUM: streams: measure processing time and abort when detecting bugs - BUILD/MEDIUM: contrib: Dummy DeviceAtlas API. - MEDIUM: da: HTX mode support. - BUG/MEDIUM: mux-h2: properly deal with too large headers frames - BUG/MINOR: http: Call stream_inc_be_http_req_ctr() only one time per request - BUG/MEDIUM: spoe: arg len encoded in previous frag frame but len changed - MINOR: spoe: Use the sample context to pass frag_ctx info during encoding - DOC: contrib/modsecurity: Typos and fix the reject example - BUG/MEDIUM: contrib/modsecurity: If host header is NULL, don't try to strdup it - MINOR: log: Add "sample" new keyword to "log" lines. - MINOR: log: Enable the log sampling and load-balancing feature. - DOC: log: Document the sampling and load-balancing logging feature. - REGTEST: Add a new reg test for log load-balancing feature. - BUG/MAJOR: map/acl: real fix segfault during show map/acl on CLI - REGTEST: Make this reg test be Linux specific. - CLEANUP: task: move the task_per_thread definition to task.h - MINOR: activity: report context switch counts instead of rates - MINOR: threads: Implement HA_ATOMIC_LOAD(). - BUG/MEDIUM: port_range: Make the ring buffer lock-free. - BUG/MEDIUM: listener: Fix how unlimited number of consecutive accepts is handled - MINOR: config: Test validity of tune.maxaccept during the config parsing - CLEANUP: config: Don't alter listener->maxaccept when nbproc is set to 1 - BUG/MEDIUM: servers: fix typo "src" instead of "srv" - BUG/MEDIUM: ssl: Don't pretend we can retry a recv/send if we got a shutr/w. - BUG/MINOR: haproxy: fix rule->file memory leak - BUG/MINOR: log: properly free memory on logformat parse error and deinit() - BUG/MINOR: checks: free memory allocated for tasklets - BUG/MEDIUM: pattern: fix memory leak in regex pattern functions - BUG/MEDIUM: channels: Don't forget to reset output in channel_erase(). - BUG/MEDIUM: connections: Make sure we remove CO_FL_SESS_IDLE on disown. - MINOR: threads: flatten the per-thread cpu-map - MINOR: init/threads: remove the useless tids[] array - MINOR: init/threads: make the threads array global - BUG/MEDIUM: ssl: Use the early_data API the right way. - BUG/MEDIUM: streams: Don't add CF_WRITE_ERROR if early data were rejected. - MEDIUM: streams: Add the ability to retry a request on L7 failure. - MEDIUM: streams: Add a way to replay failed 0rtt requests. - MEDIUM: streams: Add a new keyword for retry-on, "junk-response" - BUG/MINOR: stream: also increment the retry stats counter on L7 retries - BUG/MEDIUM: checks: make sure the warmup task takes the server lock - BUG/MINOR: logs/threads: properly split the log area upon startup - BUILD: extend travis-ci matrix - CLEANUP: Remove appsession documentation - DOC: Fix typo in keyword matrix - BUILD: remove "build_libressl" duplicate declaration - BUILD: travis-ci: get back to osx without openssl support - BUILD: enable several LibreSSL hacks, including - BUILD: temporarily mark LibreSSL builds as allowed to fail - BUILD: travis: TMPDIR replacement. - BUG/MEDIUM: ssl: Don't attempt to use early data with libressl. - MINOR: doc: Document allow-0rtt on the server line. - MINOR: doc: Document the interaction of allow-0rtt and retry-on 0rtt-rejected. - MEDIUM: proto: Change the prototype of the connect() method. - MEDIUM: tcp: add the "tfo" option to support TCP fastopen on the server - MINOR: config: Extract the code of "stick-table" line parsing. - BUILD/MINOR: stick-table: Compilation fix. - MEDIUM: stick-table: Stop handling stick-tables as proxies. - MINOR: stick-tables: Add peers process binding computing. - MINOR: stick-table: Add prefixes to stick-table names. - MINOR: peers: Do not emit global stick-table names. - DOC: Update for "table" lines in "peers" section. - REGTEST: Add reg tests for "table" lines in "peers" sections. - MEDIUM: regex: modify regex_comp() to atomically allocate/free the my_regex struct - REGTEST: make the tls_health_checks test much faster - REGTEST: make the "table in peers" test require v2.0 - BUG/MINOR: mux-h2: rely on trailers output not input to turn them to empty data - BUG/MEDIUM: h2/htx: always fail on too large trailers - MEDIUM: mux-h2: discard contents that are to be sent after a shutdown - BUG/MEDIUM: mux-h2/htx: never wait for EOM when processing trailers - BUG/MEDIUM: h2/htx: never leave a trailers block alone with no EOM block - REGTEST: Flag some slow reg tests. - REGTEST: Reg tests file renaming. - REGTEST: Wrong renaming for one reg test. - REGTEST: Wrong assumption in IP:port logging test. - BUG/MINOR: mworker/ssl: close OpenSSL FDs on reload - MINOR: systemd: Use the variables from /etc/default/haproxy - MINOR: systemd: Make use of master socket in systemd unit - MINOR: systemd: support /etc/sysconfig/ for redhat based distrib - BUG/MEDIUM: stick-table: fix regression caused by a change in proxy struct - BUG/MEDIUM: tasks: fix possible segfault on task_destroy() - CLEANUP: task: remove unneeded tests before task_destroy() - MINOR: mworker: support a configurable maximum number of reloads - BUG/MINOR: mux-h2: fix the condition to close a cs-less h2s on the backend - BUG/MEDIUM: spoe: Be sure the sample is found before setting its context - BUG/MINOR: mux-h1: Fix the parsing of trailers - BUG/MINOR: htx: Never transfer more than expected in htx_xfer_blks() - MINOR: htx: Split on DATA blocks only when blocks are moved to an HTX message - MINOR: htx: Don't try to append a trailer block with the previous one - MINOR: htx: Remove support for unused OOB HTX blocks - BUILD: travis-ci bugfixes and improvements - BUG/MEDIUM: servers: Don't use the same srv flag for cookie-set and TFO. - BUG/MEDIUM: h2: Make sure we set send_list to NULL in h2_detach(). - BUILD: ssl: fix again a libressl build failure after the openssl FD leak fix - CLEANUP: ssl-sock: use HA_OPENSSL_VERSION_NUMBER instead of OPENSSL_VERSION_NUMBER - BUILD: ssl: make libressl use its own version numbers - CLEANUP: ssl: remove 57 occurrences of useless tests on LIBRESSL_VERSION_NUMBER - MINOR: ssl: enable aes_gcm_dec on LibreSSL - BUILD: ssl: fix libressl build again after aes-gcm-enc - REORG: ssl: move openssl-compat from proto to common - REORG: ssl: move some OpenSSL defines from ssl_sock to openssl-compat - CLEANUP: ssl: never include openssl/*.h outside of openssl-compat.h anymore - CLEANUP: ssl: make inclusion of openssl headers safe - BUILD: add BoringSSL to travis-ci build matrix - BUILD: threads: Add __ha_cas_dw fallback for single threaded builds - BUG/MINOR: stream: Attach the read side on the response as soon as possible - BUG/MEDIUM: http: Use pointer to the begining of input to parse message headers - BUG/MEDIUM: h2: Don't check send_wait to know if we're in the send_list. - BUG/MEDIUM: streams: Make sur SI_FL_L7_RETRY is set before attempting a retry. - MEDIUM: streams: Add a new http action, disable-l7-retry. - MINOR: streams: Introduce a new retry-on keyword, all-retryable-errors. - BUG/MINOR: vars: Fix memory leak in vars_check_arg - BUILD: travis-ci: make TMPDIR global variable in travis-ci - CLEANUP: ssl: move the SSL_OP_* and SSL_MODE_* definitions to openssl-compat - CLEANUP: ssl: remove ifdef around SSL_CTX_get_extra_chain_certs() - CLEANUP: ssl: move all BIO_* definitions to openssl-compat - BUILD: threads: fix again the __ha_cas_dw() definition - BUG/MAJOR: mux-h2: do not add a stream twice to the send list - Revert "BUG/MINOR: vars: Fix memory leak in vars_check_arg" - BUG/MINOR: peers: Fix memory leak in cfg_parse_peers - BUG/MINOR: htx: make sure to always initialize the HTTP method when parsing a buffer - REGTEST: fix tls_health_checks random failures on MacOS in Travis-CI - MINOR: spoe: Set the argument chunk size to 0 when SPOE variables are checked - BUG/MINOR: vars: Fix memory leak in vars_check_arg - BUG/MAJOR: ssl: segfault upon an heartbeat request - MINOR: spoa-server: Clone the v1.7 spoa-example project - MINOR: spoa-server: move some definition from spoa_server.c to spoa_server.h - MINOR: spoa-server: Externalise debug functions - MINOR: spoe-server: rename "worker" functions - MINOR: spoa-server: Replace the thread init system by processes - MINOR: spoa-server: With debug mode, start only one process - MINOR: spoa-server: Allow registering external processes - MINOR: spoa-server: Allow registering message processors - MINOR: spoa-server: Load files - MINOR: spoa-server: Prepare responses - MINOR: spoa-server: Execute registered callbacks - MINOR: spoa-server: Add Lua processing - MINOR: spoa-server: Add python - MINOR/DOC: spoe-server: Add documentation - BUG/MEDIUM: connections: Don't forget to set xprt_ctx to NULL on close. - MINOR: lists: add LIST_ADDED() to check if an element belongs to a list - CLEANUP: mux-h2: use LIST_ADDED() instead of LIST_ISEMPTY() where relevant - MINOR: mux-h2: add two H2S flags to report the need for shutr/shutw - CLEANUP: mux-h2: simply use h2s->flags instead of ret in h2_deferred_shut() - CLEANUP: connection: remove the handle field from the wait_event struct - BUG/MINOR: log: Wrong log format initialization. - BUG/MINOR: mux-h2: make the do_shut{r,w} functions more robust against retries - BUG/MINOR: mworker: use after free when the PID not assigned - MINOR: mux-h2: remove useless test on stream ID vs last in wake function - MINOR: mux-h2: make h2_wake_some_streams() not depend on the CS flags - MINOR: mux-h2: make h2s_wake_one_stream() the only function to deal with CS - MINOR: mux-h2: make h2s_wake_one_stream() not depend on temporary CS flags - BUG/MINOR: mux-h2: make sure to honor KILL_CONN in do_shut{r,w} - CLEANUP: mux-h2: don't test for impossible CS_FL_REOS conditions - MINOR: mux-h2: add macros to check multiple stream states at once - MINOR: mux-h2: stop relying on CS_FL_REOS - BUG/MEDIUM: mux-h2: Set EOI on the conn_stream during h2_rcv_buf() - BUILD: debug: make gcc not complain on the ABORT_NOW() macro - MINOR: debug: add a new BUG_ON macro - MINOR: h2: Use BUG_ON() to enforce rules in subscribe/unsubscribe. - MINOR: h1: Use BUG_ON() to enforce rules in subscribe/unsubscribe. - MINOR: connections: Use BUG_ON() to enforce rules in subscribe/unsubscribe. - BUILD: ist: turn the lower/upper case tables to literal on obsolete linkers |
||
Willy Tarreau
|
6e893b9931 |
[RELEASE] Released version 2.0-dev2
Released version 2.0-dev2 with the following main changes : - CLEANUP: http: Remove unreachable code in parse_http_req_capture - CLEANUP: stream: Remove bogus loop in conn_si_send_proxy - MINOR: lists: Implement locked variations. - MEDIUM: servers: Used a locked list for idle_orphan_conns. - MEDIUM: servers: Reorganize the way idle connections are cleaned. - BUG/MEDIUM: lists: Properly handle the case we're removing the first elt. - MINOR: cfgparse: Add a cast to make gcc happier. - BUG/MEDIUM: standard: Wrong reallocation size. - BUG/MINOR: listener: keep accept rate counters accurate under saturation - DOC: fix alphabetic ordering for "tune.fail-alloc" setting - MAJOR: config: disable support for nbproc and nbthread in parallel - MEDIUM: listener: keep a single thread-mask and warn on "process" misuse - MAJOR: listener: do not hold the listener lock in listener_accept() - MINOR: listener: maintain a per-thread count of the number of connections on a listener - MINOR: tools: implement functions to look up the nth bit set in a mask - MINOR: listener: pre-compute some thread counts per bind_conf - MINOR: listener: implement multi-queue accept for threads - MAJOR: listener: use the multi-queue for multi-thread listeners - MINOR: activity: add accept queue counters for pushed and overflows - MINOR: config: add global tune.listener.multi-queue setting - MAJOR: threads: enable one thread per CPU by default - DOC: update management.txt to reflect that threads are used by default - BUG/MINOR: config: don't over-count the global maxsock value - BUG/MEDIUM: list: fix the rollback on addq in the locked liss - BUG/MEDIUM: list: fix LIST_POP_LOCKED's removal of the last pointer - BUG/MEDIUM: list: add missing store barriers when updating elements and head - MINOR: list: make the delete and pop operations idempotent - MINOR: server: remove a few unneeded LIST_INIT calls after LIST_DEL_LOCKED - BUG/MEDIUM: listener: use a self-locked list for the dequeue lists - BUG/MEDIUM: listener: make sure the listener never accepts too many conns - BUG/MEDIUM: list: correct fix for LIST_POP_LOCKED's removal of last element - MINOR: listener: introduce listener_backlog() to report the backlog value - MINOR: listener: do not needlessly set l->maxconn - MINOR: proxy: do not change the listeners' maxconn when updating the frontend's - MEDIUM: config: don't enforce a low frontend maxconn value anymore - MINOR: peers: Add a message for heartbeat. - MINOR: global: keep a copy of the initial rlim_fd_cur and rlim_fd_max values - BUG/MINOR: init: never lower rlim_fd_max - BUG/MINOR: checks: make external-checks restore the original rlim_fd_cur/max - BUG/MINOR: mworker: be careful to restore the original rlim_fd_cur/max on reload - MINOR: init: make the maxpipe computation more accurate - MINOR: init: move some maxsock updates earlier - MEDIUM: init: make the global maxconn default to what rlim_fd_cur permits - REGTEST: fix a spurious "nbthread 4" in the connection test - DOC: update the text related to the global maxconn value - BUG/MAJOR: mux-h2: fix race condition between close on both ends - MINOR: sample: Replace "req.ungrpc" smp fetch by a "ungrpc" converter. - BUG/MEDIUM: list: fix again LIST_ADDQ_LOCKED - MINOR: htx: unconditionally handle parsing errors in requests or responses - MINOR: mux-h2: always pass HTX_FL_PARSING_ERROR between h2s and buf on RX - BUG/MEDIUM: h2/htx: verify that :path doesn't contain invalid chars - MINOR: sample: Code factorization "ungrpc" converter. - MINOR: sample: Rework gRPC converter code. - CLEANUP: wurfl: remove dead, broken and unmaintained code - MINOR: config: relax the range checks on cpu-map - BUG/MINOR: ssl: fix warning about ssl-min/max-ver support - MINOR: sample: Extract some protocol buffers specific code. - DOC: Remove tabs and fixed punctuation. - MINOR: sample: Add a protocol buffers specific converter. - REGTEST: Peers reg tests. - REGTEST: Enable reg tests with HEAD HTTP method usage. - MINOR: lists: add a LIST_DEL_INIT() macro - MINOR: task: use LIST_DEL_INIT() to remove a task from the queue - MINOR: listener: improve incoming traffic distribution - MINOR: tools: implement my_flsl() - MEDIUM: listener: change the LB algorithm again to use two round robins instead - CLEANUP: listener: remove old thread bit mapping - MINOR: listener: move thr_idx from the bind_conf to the listener - BUG/MEDIUM: logs: Only attempt to free startup_logs once. - BUG/MAJOR: config: Wrong maxconn adjustment. - BUG/MEDIUM: 51d: fix possible segfault on deinit_51degrees() - OPTIM: task: limit the impact of memory barriers in taks_remove_from_task_list() - MINOR: fd: Remove debugging code. - BUG/MEDIUM: listeners: Don't call fd_stop_recv() if fd_updt is NULL. - MINOR: threads: Implement __ha_barrier_atomic*. - MEDIUM: threads: Use __ATOMIC_SEQ_CST when using the newer atomic API. - MINOR: threads: Add macros to do atomic operation with no memory barrier. - MEDIUM: various: Use __ha_barrier_atomic* when relevant. - MEDIUM: applets: Use the new _HA_ATOMIC_* macros. - MEDIUM: xref: Use the new _HA_ATOMIC_* macros. - MEDIUM: fd: Use the new _HA_ATOMIC_* macros. - MEDIUM: freq_ctr: Use the new _HA_ATOMIC_* macros. - MEDIUM: proxy: Use the new _HA_ATOMIC_* macros. - MEDIUM: server: Use the new _HA_ATOMIC_* macros. - MEDIUM: task: Use the new _HA_ATOMIC_* macros. - MEDIUM: activity: Use the new _HA_ATOMIC_* macros. - MEDIUM: backend: Use the new _HA_ATOMIC_* macros. - MEDIUM: cache: Use the new _HA_ATOMIC_* macros. - MEDIUM: checks: Use the new _HA_ATOMIC_* macros. - MEDIUM: pollers: Use the new _HA_ATOMIC_* macros. - MEDIUM: compression: Use the new _HA_ATOMIC_* macros. - MEDIUM: spoe: Use the new _HA_ATOMIC_* macros. - MEDIUM: threads: Use the new _HA_ATOMIC_* macros. - MEDIUM: http: Use the new _HA_ATOMIC_* macros. - MEDIUM: lb/threads: Use the new _HA_ATOMIC_* macros. - MEDIUM: listeners: Use the new _HA_ATOMIC_* macros. - MEDIUM: logs: Use the new _HA_ATOMIC_* macros. - MEDIUM: memory: Use the new _HA_ATOMIC_* macros. - MEDIUM: peers: Use the new _HA_ATOMIC_* macros. - MEDIUM: proto_tcp: Use the new _HA_ATOMIC_* macros. - MEDIUM: queues: Use the new _HA_ATOMIC_* macros. - MEDIUM: sessions: Use the new _HA_ATOMIC_* macros. - MEDIUM: ssl: Use the new _HA_ATOMIC_* macros. - MEDIUM: stream: Use the new _HA_ATOMIC_* macros. - MEDIUM: tcp_rules: Use the new _HA_ATOMIC_* macros. - MEDIUM: time: Use the new _HA_ATOMIC_* macros. - MEDIUM: vars: Use the new _HA_ATOMIC_* macros. - MINOR: config: remove obsolete use of DEFAULT_MAXCONN at various places - MINOR: config: continue to rely on DEFAULT_MAXCONN to set the minimum maxconn - BUG/MEDIUM: list: fix incorrect pointer unlocking in LIST_DEL_LOCKED() - BUG/MEDIUM: listener: make sure we don't pick stopped threads - MEDIUM: list: Remove useless barriers. - MEDIUM: list: Use _HA_ATOMIC_* - MEDIUM: connections: Use _HA_ATOMIC_* - BUG/MAJOR: tasks: Use the TASK_GLOBAL flag to know if we're in the global rq. - BUG/MEDIUM: threads/fd: do not forget to take into account epoll_fd/pipes - BUG/MEDIUM: init/threads: consider epoll_fd/pipes for automatic maxconn calculation - BUG/MEDIUM: tasks: Make sure we wake sleeping threads if needed. - BUG/MINOR: mux-h1: Don't report an error on EOS if no message was received - BUG/MINOR: stats/htx: Call channel_add_input() when response headers are sent - BUG/MINOR: lua/htx: Use channel_add_input() when response data are added - BUG/MINOR: lua/htx: Don't forget to call htx_to_buf() when appropriate - MINOR: stats: Add the status code STAT_STATUS_IVAL to handle invalid requests - MINOR: stats: Move stuff about the stats status codes in stats files - BUG/MINOR: stats: Be more strict on what is a valid request to the stats applet - Revert "REGTEST: Enable reg tests with HEAD HTTP method usage." - BUILD: listener: shut up a build warning when threads are disabled - BUILD: Makefile: allow the reg-tests target to be verbose - BUILD: Makefile: resolve LEVEL before calling run-regtests - BUG/MAJOR: spoe: Fix initialization of thread-dependent fields - BUG/MAJOR: stats: Fix how huge POST data are read from the channel - BUG/MINOR: http/counters: fix missing increment of fe->srv_aborts - BUG/MEDIUM: mux-h2: Always wakeup streams with no id to avoid frozen streams - MINOR: mux-h2: Set REFUSED_STREAM error to reset a stream if no data was never sent - MINOR: muxes: Report the Last read with a dedicated flag - MINOR: proto-http/proto-htx: Make error handling clearer during data forwarding - BUILD: tools: fix a build warning on some 32-bit archs - MINOR: init: report the list of optionally available services - MEDIUM: proto_htx: Switch to infinite forwarding if there is no data filter - BUG/MINOR: cache: Fully consume large requests in the cache applet - BUG/MINOR: stats: Fully consume large requests in the stats applet - BUG/MEDIUM: lua: Fully consume large requests when an HTTP applet ends - MINOR: proto_http: Add function to handle the header "Expect: 100-continue" - MINOR: proto_htx: Add function to handle the header "Expect: 100-continue" - MINOR: stats/cache: Handle the header Expect when applets are registered - MINOR: http/applets: Handle all applets intercepting HTTP requests the same way - CLEANUP: cache: don't export http_cache_applet anymore - MINOR: lua: Don't handle the header Expect in lua HTTP applets anymore - BUG/MINOR: doc: Be accurate on the behavior on pool-purge-delay. - Revert "MEDIUM: proto_htx: Switch to infinite forwarding if there is no data filter" - BUG/MEDIUM: mux-h2: Make sure we destroyed the h2s once shutr/shutw is done. - BUG/MEDIUM: mux-h2: Don't bother keeping the h2s if detaching and nothing to send. - BUG/MEDIUM: mux-h2: Use the right list in h2_stop_senders(). - MINOR: mux-h2: copy small data blocks more often and reduce the number of pauses - CLEANUP: mux-h2: add some comments to help understand the code - BUG/MEDIUM: ssl: ability to set TLS 1.3 ciphers using ssl-default-server-ciphersuites - BUG/MINOR: log: properly format IPv6 address when LOG_OPT_HEXA modifier is used. - BUG/MEDIUM: h2: Try to be fair when sending data. - BUG/MINOR: proto-http: Don't forward request body anymore on error - MINOR: mux-h2: Remove useless test on ES flag in h2_frt_transfer_data() - MINOR: connection: and new flag to mark end of input (EOI) - MINOR: channel: Report EOI on the input channel if it was reached in the mux - MEDIUM: mux-h2: Don't mix the end of the message with the end of stream - MINOR: mux-h1: Set CS_FL_EOI the end of the message is reached - BUG/MEDIUM: http/htx: Fix handling of the option abortonclose - CLEANUP: muxes/stream-int: Remove flags CS_FL_READ_NULL and SI_FL_READ_NULL - MEDIUM: proto_htx: Reintroduce the infinite forwarding on data - BUG/MEDIUM: h2: only destroy the h2s if h2s->cs is NULL. - BUG/MEDIUM: h2: Use the new sending_list in h2s_notify_send(). - BUG/MEDIUM: h2: Follow the same logic in h2_deferred_shut than in h2_snd_buf. - BUG/MEDIUM: h2: Remove the tasklet from the task list if unsubscribing. - BUG/MEDIUM: task/h2: add an idempotent task removal fucntion - CLEANUP: task: only perform a LIST_DEL() when the list is not empty - BUG/MEDIUM: mux-h2: make sure to always notify streams of EOS condition - CONTRIB: debug: report the CS and CF's EOI flags - MINOR: channel: don't unset CF_SHUTR_NOW after shutting down. |
||
Willy Tarreau
|
6c1b667e57 |
[RELEASE] Released version 2.0-dev1
Released version 2.0-dev1 with the following main changes :
- MINOR: mux-h2: only increase the connection window with the first update
- REGTESTS: remove the expected window updates from H2 handshakes
- BUG/MINOR: mux-h2: make empty HEADERS frame return a connection error
- BUG/MEDIUM: mux-h2: mark that we have too many CS once we have more than the max
- MEDIUM: mux-h2: remove padlen during headers phase
- MINOR: h2: add a bit-based frame type representation
- MINOR: mux-h2: remove useless check for empty frame length in h2s_decode_headers()
- MEDIUM: mux-h2: decode HEADERS frames before allocating the stream
- MINOR: mux-h2: make h2c_send_rst_stream() use the dummy stream's error code
- MINOR: mux-h2: add a new dummy stream for the REFUSED_STREAM error code
- MINOR: mux-h2: fail stream creation more cleanly using RST_STREAM
- MINOR: buffers: add a new b_move() function
- MINOR: mux-h2: make h2_peek_frame_hdr() support an offset
- MEDIUM: mux-h2: handle decoding of CONTINUATION frames
- CLEANUP: mux-h2: remove misleading comments about CONTINUATION
- BUG/MEDIUM: servers: Don't try to reuse connection if we switched server.
- BUG/MEDIUM: tasks: Decrement tasks_run_queue in tasklet_free().
- BUG/MINOR: htx: send the proper authenticate header when using http-request auth
- BUG/MEDIUM: mux_h2: Don't add to the idle list if we're full.
- BUG/MEDIUM: servers: Fail if we fail to allocate a conn_stream.
- BUG/MAJOR: servers: Use the list api correctly to avoid crashes.
- BUG/MAJOR: servers: Correctly use LIST_ELEM().
- BUG/MAJOR: sessions: Use an unlimited number of servers for the conn list.
- BUG/MEDIUM: servers: Flag the stream_interface on handshake error.
- MEDIUM: servers: Be smarter when switching connections.
- MEDIUM: sessions: Keep track of which connections are idle.
- MINOR: payload: add sample fetch for TLS ALPN
- BUG/MEDIUM: log: don't mark log FDs as non-blocking on terminals
- MINOR: channel: Add the function channel_add_input
- MINOR: stats/htx: Call channel_add_input instead of updating channel state by hand
- BUG/MEDIUM: cache: Be sure to end the forwarding when XFER length is unknown
- BUG/MAJOR: htx: Return the good block address after a defrag
- MINOR: lb: allow redispatch when using consistent hash
- CLEANUP: mux-h2: fix end-of-stream flag name when processing headers
- BUG/MEDIUM: mux-h2: always restart reading if data are available
- BUG/MINOR: mux-h2: set the stream-full flag when leaving h2c_decode_headers()
- BUG/MINOR: mux-h2: don't check the CS count in h2c_bck_handle_headers()
- BUG/MINOR: mux-h2: mark end-of-stream after processing response HEADERS, not before
- BUG/MINOR: mux-h2: only update rxbuf's length for H1 headers
- BUG/MEDIUM: mux-h1: use per-direction flags to indicate transitions
- BUG/MEDIUM: mux-h1: make HTX chunking consistent with H2
- BUG/MAJOR: stream-int: Update the stream expiration date in stream_int_notify()
- BUG/MEDIUM: proto-htx: Set SI_FL_NOHALF on server side when request is done
- BUG/MEDIUM: mux-h1: Add a task to handle connection timeouts
- MINOR: mux-h2: make h2c_decode_headers() return a status, not a count
- MINOR: mux-h2: add a new dummy stream : h2_error_stream
- MEDIUM: mux-h2: make h2c_decode_headers() support recoverable errors
- BUG/MINOR: mux-h2: detect when the HTX EOM block cannot be added after headers
- MINOR: mux-h2: remove a misleading and impossible test
- CLEANUP: mux-h2: clean the stream error path on HEADERS frame processing
- MINOR: mux-h2: check for too many streams only for idle streams
- MINOR: mux-h2: set H2_SF_HEADERS_RCVD when a HEADERS frame was decoded
- BUG/MEDIUM: mux-h2: decode trailers in HEADERS frames
- MINOR: h2: add h2_make_h1_trailers to turn H2 headers to H1 trailers
- MEDIUM: mux-h2: pass trailers to H1 (legacy mode)
- MINOR: htx: add a new function to add a block without filling it
- MINOR: h2: add h2_make_htx_trailers to turn H2 headers to HTX trailers
- MEDIUM: mux-h2: pass trailers to HTX
- MINOR: mux-h1: parse the content-length header on output and set H1_MF_CLEN
- BUG/MEDIUM: mux-h1: don't enforce chunked encoding on requests
- MINOR: mux-h2: make HTX_BLK_EOM processing idempotent
- MINOR: h1: make the H1 headers block parser able to parse headers only
- MEDIUM: mux-h2: emit HEADERS frames when facing HTX trailers blocks
- MINOR: stream/htx: Add info about the HTX structs in "show sess all" command
- MINOR: stream: Add the subscription events of SIs in "show sess all" command
- MINOR: mux-h1: Add the subscription events in "show fd" command
- BUG/MEDIUM: h1: Get the h1m state when restarting the headers parsing
- BUG/MINOR: cache/htx: Be sure to count partial trailers
- BUG/MEDIUM: h1: In h1_init(), wake the tasklet instead of calling h1_recv().
- BUG/MEDIUM: server: Defer the mux init until after xprt has been initialized.
- MINOR: connections: Remove a stall comment.
- BUG/MEDIUM: cli: make "show sess" really thread-safe
- BUILD: add a new file "version.c" to carry version updates
- MINOR: stream/htx: add the HTX flags output in "show sess all"
- MINOR: stream/cli: fix the location of the waiting flag in "show sess all"
- MINOR: stream/cli: report more info about the HTTP messages on "show sess all"
- BUG/MINOR: lua: bad args are returned for Lua actions
- BUG/MEDIUM: lua: dead lock when Lua tasks are trigerred
- MINOR: htx: Add an helper function to get the max space usable for a block
- MINOR: channel/htx: Add HTX version for some helper functions
- BUG/MEDIUM: cache/htx: Respect the reserve when cached objects are served
- BUG/MINOR: stats/htx: Respect the reserve when the stats page is dumped
- DOC: regtest: make it clearer what the purpose of the "broken" series is
- REGTEST: mailers: add new test for 'mailers' section
- REGTEST: Add a reg test for health-checks over SSL/TLS.
- BUG/MINOR: mux-h1: Close connection on shutr only when shutw was really done
- MEDIUM: mux-h1: Clarify how shutr/shutw are handled
- BUG/MINOR: compression: Disable it if another one is already in progress
- BUG/MINOR: filters: Detect cache+compression config on legacy HTTP streams
- BUG/MINOR: cache: Disable the cache if any compression filter precedes it
- REGTEST: Add some informatoin to test results.
- MINOR: htx: Add a function to truncate all blocks after a specific offset
- MINOR: channel/htx: Add the HTX version of channel_truncate/erase
- BUG/MINOR: proto_htx: Use HTX versions to truncate or erase a buffer
- BUG/CRITICAL: mux-h2: re-check the frame length when PRIORITY is used
- DOC: Fix typo in req.ssl_alpn example (commit 4afdd138424ab...)
- DOC: http-request cache-use / http-response cache-store expects cache name
- REGTEST: "capture (request|response)" regtest.
- BUG/MINOR: lua/htx: Respect the reserve when data are send from an HTX applet
- REGTEST: filters: add compression test
- BUG/MEDIUM: init: Initialize idle_orphan_conns for first server in server-template
- BUG/MEDIUM: ssl: Disable anti-replay protection and set max data with 0RTT.
- DOC: Be a bit more explicit about allow-0rtt security implications.
- MINOR: mux-h1: make the mux_h1_ops struct static
- BUILD: makefile: add an EXTRA_OBJS variable to help build optional code
- BUG/MEDIUM: connection: properly unregister the mux on failed initialization
- BUG/MAJOR: cache: fix confusion between zero and uninitialized cache key
- REGTESTS: test case for map_regm commit
|
||
Willy Tarreau
|
fba74ea7b0 |
[RELEASE] Released version 2.0-dev0
Released version 2.0-dev0 with the following main changes : - BUG/MAJOR: connections: Close the connection before freeing it. - REGTEST: Require the option LUA to run lua tests - REGTEST: script: Process script arguments before everything else - REGTEST: script: Evaluate the varnishtest command to allow quoted parameters - REGTEST: script: Add the option --clean to remove previous log direcotries - REGTEST: script: Add the option --debug to show logs on standard ouput - REGTEST: script: Add the option --keep-logs to keep all log directories - REGTEST: script: Add the option --use-htx to enable the HTX in regtests - REGTEST: script: Print only errors in the results report - REGTEST: Add option to use HTX prefixed by the macro 'no-htx' - REGTEST: Make reg-tests target support argument. - REGTEST: Fix a typo about barrier type. - REGTEST: Be less Linux specific with a syslog regex. - REGTEST: Missing enclosing quotes for ${tmpdir} macro. - REGTEST: Exclude freebsd target for some reg tests. - BUG/MEDIUM: h2: Don't forget to quit the sending_list if SUB_CALL_UNSUBSCRIBE. - BUG/MEDIUM: mux-h2: Don't forget to quit the send list on error reports - BUG/MEDIUM: dns: Don't prevent reading the last byte of the payload in dns_validate_response() - BUG/MEDIUM: dns: overflowed dns name start position causing invalid dns error - BUG/MINOR: compression/htx: Don't compress responses with unknown body length - BUG/MINOR: compression/htx: Don't add the last block of data if it is empty - MEDIUM: mux_h1: Implement h1_show_fd. - REGTEST: script: Add support of alternatives in requited options list - REGTEST: Add a basic test for the compression - BUG/MEDIUM: mux-h2: don't needlessly wake up the demux on short frames - REGTEST: A basic test for "http-buffer-request" - BUG/MEDIUM: server: Also copy "check-sni" for server templates. - MINOR: ssl: Add ssl_sock_set_alpn(). - MEDIUM: checks: Add check-alpn. |
||
Willy Tarreau
|
822305067b |
[RELEASE] Released version 1.9.0
Released version 1.9.0 with the following main changes : - BUG/MEDIUM: compression: Use the right buffer pointers to compress input data - BUG/MINOR: mux_pt: Set CS_FL_WANT_ROOM when count is zero in rcv_buf() callback - BUG/MEDIUM: connection: Add a new CS_FL_ERR_PENDING flag to conn_streams. - CONTRIB: debug: teach the "flags" utility about new conn_stream flags - BUG/MEDIUM: stream-int: always clear CS_FL_WANT_ROOM before receiving - BUG/MEDIUM: mux-h2: also restart demuxing when data are pending in demux - BUG/MEDIUM: mux-h2: restart demuxing as soon as demux data are available - BUG/MEDIUM: h2: fix aggregated cookie length computation in HTX mode - MINOR: mux-h2: report more h2c, last h2s and cs information on "show fd" - CONTRIB: debug: report stream-int's flag SI_FL_CLEAN_ABRT - MINOR: cli/stream: add the conn_stream in "show sess" output - BUG/MINOR: mux-h2: don't report a fantom h2s in "show fd" - BUG/MINOR: cli/fd: don't isolate the thread for each individual fd - MINOR: objtype: report a few missing types in names and base pointers - BUG/MEDIUM: mux-h2: make sure to report synchronous errors after EOS - BUG/MEDIUM: mux-h2: report asynchronous errors in h2_wake_some_streams() - BUG/MEDIUM: mux-h2: make sure the demux also wakes streams up on errors - BUG/MINOR: mux-h1: report the correct frontend in error captures - BUG/MEDIUM: stream-int: also wake the stream up on end of transfer - MEDIUM: h2: properly check and deduplicate the content-length header in HTX - BUG/MEDIUM: stream: Forward the right amount of data before infinite forwarding - BUG/MINOR: proto_htx: Call the HTX version of the function managing client cookies - BUG/MEDIUM: lua/htx: Handle EOM in receive/get_line calls in HTTP applets - BUG/MINOR: lua: Return an error if a legacy HTTP applet doesn't send anything - MINOR: compression: Remove the thread_local variable buf_output - CLEANUP: connection: rename subscription events values and event field - CLEANUP: connection: rename conn->mux_ctx to conn->ctx - MINOR: connection: remove an unwelcome dependency on struct stream - CLEANUP: stream-int: consistently call the si/stream_int functions - BUG/MEDIUM: h1: Don't shutw/shutr the connection if we have keepalive. - BUG/MEDIUM: H2: Make sure htx is set even on empty frames. - BUG/MEDIUM: mux-h2: pass CS_FL_ERR_PENDING to h2_wake_some_streams() - MEDIUM: stream-int: always consider all CS errors on the send side - BUG/MEDIUM: h2: Make sure we don't set CS_FL_ERROR if there's still data. - CLEANUP: mux-h2: implement h2s_notify_{send,recv} to report events to subscribers - MINOR: mux-h2: add a new function h2s_alert() to call the data layer - BUG/MEDIUM: mux-h2: make use of h2s_alert() to report aborts - MINOR: connection: add cs_set_error() to set the error bits - CLEANUP: mux-h2: make use of cs_set_error() - BUG/MINOR: mux-h2: make sure we check the conn_stream in early data - BUG/MEDIUM: h2: Don't wait for flow control if the connection had a shutr. - MINOR: cli/show_fd: report that a connection is back or not - SCRIPTS: add the slack channel URL to the announce script - CLEANUP: remove my name and address from the copyright banner - DOC: mention in the readme that 1.9 is a stable version now |
||
Willy Tarreau
|
2a7d6502bf |
[RELEASE] Released version 1.9-dev11
Released version 1.9-dev11 with the following main changes : - BUG/MEDIUM: connection: Don't use the provided conn_stream if it was tried. - REGTEST/MINOR: remove double body specification for server txresp - BUG/MEDIUM: connections: Remove error flags when retrying. - REGTEST/MINOR: skip seamless-reload test with abns socket on freebsd - REGTEST/MINOR: remove health-check that can make the test fail - DOC: clarify that check-sni needs an argument. - DOC: refer to check-sni in the documentation of sni - BUG/MEDIUM: mux-h2: fix encoding of non-GET/POST methods - BUG/MINOR: mux-h1: Fix conn_mode processing for headerless outgoing messages - BUG/MEDIUM: mux-h1: Add a BUSY mode to not loop on pipelinned requests - BUG/MEDIUM: mux-h1: Don't loop on the headers parsing if the read0 was received - BUG/MEDIUM: htx: Always do a defrag if a block value is replace by a bigger one - BUG/MEDIUM: mux-h2: Don't forget to set the CS_FL_EOS flag with htx. - BUG/MINOR: hpack: fix off-by-one in header name encoding length calculation - CLEANUP: hpack: no need to include chunk.h, only include buf.h - MINOR: hpack: simplify the len to bytes conversion - MINOR: hpack: use ist2bin() to copy header names in hpack_encode_header() - MINOR: hpack: optimize header encoding for short names - CONTRIB: hpack: add a compressed stream generator for the encoder - MEDIUM: hpack: make it possible to encode any static header name - MINOR: hpack: move the length computation and encoding functions to .h - MINOR: hpack: provide a function to encode a short indexed header - MINOR: hpack: provide a function to encode a long indexed header - MINOR: hpack: provide new functions to encode the ":status" header - MEDIUM: mux-h2: make use of standard HPACK encoding functions for the status - MINOR: hpack: provide a function to encode an HTTP method - MEDIUM: mux-h2: make use of hpack_encode_method() to encode the method - MINOR: hpack: provide a function to encode an HTTP scheme - MEDIUM: mux-h2: make use of hpack_encode_scheme() to encode the scheme - MINOR: hpack: provide a function to encode an HTTP path - MEDIUM: mux-h2: make use of hpack_encode_path() to encode the path - REGTEST: add the HTTP rules test involving HTX processing - REORG: connection: centralize the conn_set_{tos,mark,quickack} functions - MEDIUM: cli: rework the CLI proxy parser - MINOR: cli: parse prompt command in the CLI proxy - MINOR: cli: implements 'quit' in the CLI proxy - BUG/MINOR: cli: wait for payload data even without prompt - MEDIUM: cli: handle payload in CLI proxy - MINOR: cli: use pcli_flags for prompt activation - MINOR: compression: Rename the function check_legacy_http_comp_flt() - MINOR: cache/htx: Don't use the same cache on HTX and legacy HTTP proxies - MINOR: cache: Register the cache as a data filter only if response is cacheable - MEDIUM: cache/htx: Add the HTX support into the cache - MINOR: cache: Improve and simplify the cache configuration check - MINOR: filters: Export the name of known filters - MEDIUM: cache/compression: Add a way to safely combined compression and cache - MEDIUM: cache: Require an explicit filter declaration if other filters are used - REORG: htx: merge types+proto into common/htx.h - REORG: http: create http_msg.c to place there some legacy HTTP parts - REORG: h1: move legacy http functions to http_msg.c - REORG: h1: move the h1_state definition to proto_http - CLEANUP: h1: remove some occurrences of unneeded h1.h inclusions - REORG: h1: merge types+proto into common/h1.h - CLEANUP: stream: remove SF_TUNNEL, SF_INITIALIZED, SF_CONN_TAR - MEDIUM: mux-h1: implement true zero-copy of DATA blocks - MINOR: config: round up global.tune.bufsize to the next multiple of 2 void* - BUG/MINOR: mux-h2: refrain from muxing during the preface - BUG/MINOR: mux-h2: advertise a larger connection window size - DOC: master CLI documentation in management.txt - MINOR: mux-h2: avoid copying large blocks into full buffers - MEDIUM: mux-h2: implement true zero-copy send of large HTX DATA blocks - MINOR: mux-h2: force reads to be HTX-aligned in HTX mode - MINOR: cli: change 'show proc' output of old processes - BUG/MEDIUM: mux-h1: Fix the zero-copy on output for chunked messages - BUG: dns: Prevent stack-exhaustion via recursion loop in dns_read_name - BUG: dns: Prevent out-of-bounds read in dns_read_name() - BUG: dns: Prevent out-of-bounds read in dns_validate_dns_response() - BUG: dns: Fix out-of-bounds read via signedness error in dns_validate_dns_response() - BUG: dns: Fix off-by-one write in dns_validate_dns_response() - REGTEST: the cache regtest requires haproxy 1.9 - MEDIUM: cli: store CLI level in the appctx - MEDIUM: cli: show and change CLI permissions - CLEANUP: cli: use dedicated define instead of appctx ones - MEDIUM: cli: handle CLI level from the master CLI - BUG/MEDIUM: cli: handle correctly prefix and payload - BUILD: Makefile: Implements the help target - REGTESTS: adjust the http-rules regtest to support window updates - BUG/MEDIUM: connections: Remove CS_FL_EOS | CS_FL_REOS on retry. - BUG/MEDIUM: stream_interface: Don't report read0 if we were not connected. - BUG/MEDIUM: connection: Just make sure we closed the fd on connection failure. - MEDIUM: mux: Add an optional "reset" method. - BUG/MEDIUM: mux-h1: Fix loop if server closes its connection with unparsed data - MINOR: mux-h1: Add helper functions to wake a stream from recv or send - BUG/MEDIUM: mux-h1: Wake the stream for send once the connection is established - BUG/MEDIUM: connections: Don't attempt to reuse an unusable connection. - MEDIUM: htx: Try to take a connection over if it has no owner. - REGTEST: Reg testing improvements. - REGTEST: Add a first test for health-checks. - REGTEST: Reg test for "check" health-check option. - REGTEST: level 1 health-check test 2. - REGTEST: Add miscellaneous reg tests for health-checks. - REGTEST: add a few HTTP messaging tests - MINOR: lb: make the leastconn algorithm more accurate - REGTEST: fix missing space in checks/s00001 - REGTEST: http-messaging: add "option http-buffer-request" for H2 tests - BUG/MEDIUM: cache: fix random crash on filter parser's error path - MINOR: connection: realign empty buffers in muxes, not transport layers - MINOR: mux_h1/h2: simplify the zero-copy Rx alignment - MINOR: backend: count the number of connect and reuse per server and per backend - BUG/MINOR: stats: fix inversion of failed header rewrites and other statuses - MINOR: tools: increase the number of ITOA strings to 16 - MINOR: cache: report the number of cache lookups and cache hits - MEDIUM: tasks: check the global task mask instead of the thread number - MINOR: mworker: set all_threads_mask and pid_bit to 1 - BUG/MINOR: proto_htx: Fix htx_res_set_status to also set the reason - BUG/MINOR: stats: Parse post data for HTX streams - MINOR: payload/htx: Adapt smp_fetch_len to be HTX aware - MINOR: http_fecth: Implement body_len and body_size sample fetches for the HTX - MAJOR: lua: Forbid calls to Channel functions for LUA scripts in HTTP proxies - MEDIUM: lua/htx: Adapt functions of the HTTP to be compatible with HTX - MINOR: lua/htx: Adapt the functions get_in_length and is_full to be HTX aware - MAJOR: lua/htx: Adapt HTTP applets to support HTX messages - MINOR: lua: Remove useless check on the messages state in HTTP functions - BUG/MEDIUM: htx: When performing zero-copy, start from the right offset. - BUG/MINOR: mworker: don't use unitialized mworker_proc struct - MINOR: mworker/cli: indicate in the master prompt when a reload failed - MINOR: cli: implements 'reload' on master CLI - BUG/MEDIUM: log: Don't call sample_fetch_as_type if we don't have a stream. - BUG/MEDIUM: mux-h1: make sure we always have at least one HTX block to send - BUG/MAJOR: backend: only update server's counters when the server exists - MINOR: tools: preset the port of fd-based "sockets" to zero - BUG/MINOR: log: fix logging to both FD and IP - REGTEST: Add a reg test for HTTP cookies. - BUILD: ssl: Fix compilation without deprecated OpenSSL 1.1 APIs - BUILD: thread: properly report multi-thread support - BUG/MINOR: logs: leave startup-logs global and not per-thread - BUG/MEDIUM: threads: don't close the thread waker pipe if not init - BUG/MAJOR: compression/cache: Make it really works with these both filters - BUG/MEDIUM: h2: Don't forget to destroy the h2s after deferred shut. - MEDIUM: proxy: Set http-reuse safe as default. - MEDIUM: servers: Add a command to limit the number of idling connections. - MEDIUM: servers: Replace idle-timeout with pool-purge-delay. - MEDIUM: mux: Destroy the stream before trying to add the conn to the idle list. - MEDIUM: mux: provide the session to the init() and attach() method. - MEDIUM: sessions: Don't keep an infinite number of idling connections. - MEDIUM: servers: Be more agressive when adding H2 connection to idle lists. - MEDIUM: mux_h2: Always set CS_FL_NOT_FIRST for new conn_streams. - BUG/MEDIUM: htx/cache: use the correct class of error codes on abort - BUG/MINOR: cache: also consider CF_SHUTR to abort delivery - MINOR: pools: Cast to volatile int * instead of int *. - MINOR: debug: make the ABORT_NOW macro use a volatile int - BUG/MEDIUM: h2: Don't destroy the h2s if it still has a cs attached. - BUG/MEDIUM: mux-h1: don't try to process an empty input buffer - DOC: clarify the agent-check status line syntax - BUG/MAJOR: hpack: fix length check for short names encoding - DOC: split the README into README + INSTALL |
||
Willy Tarreau
|
72e9227385 |
[RELEASE] Released version 1.9-dev10
Released version 1.9-dev10 with the following main changes : - MINOR: htx: Rename functions htx_*_to_str() to be H1 specific - BUG/MINOR: htx: Force HTTP/1.1 on H1 formatting when version is 1.1 or above - BUG/MINOR: fix ssl_fc_alpn and actually add ssl_bc_alpn - BUG/MEDIUM: mworker: stop proxies which have no listener in the master - BUG/MEDIUM: h1: Destroy a connection after detach if it has no owner. - BUG/MEDIUM: h2: Don't forget to wake the tasklet after shutr/shutw. - BUG/MINOR: flt_trace/compression: Use the right flag to add the HTX support - BUG/MEDIUM: stream_interface: Make REALLY sure we read all the data. - MEDIUM: mux-h1: Revamp the way subscriptions are handled. - BUG/MEDIUM: mux-h1: Always set CS_FL_RCV_MORE when data are received in h1_recv() - MINOR: mux-h1: Make sure to return 1 in h1_recv() when needed - BUG/MEDIUM: mux-h1: Release the mux H1 in h1_process() if there is no h1s - BUG/MINOR: proto_htx: Truncate the request when an error is detected - BUG/MEDIUM: h2: When sending in HTX, make sure the caller knows we sent all. - BUG/MEDIUM: mux-h2: properly update the window size in HTX mode - BUG/MEDIUM: mux-h2: make sure to always report HTX EOM when consumed by headers - BUG/MEDIUM: mux-h2: stop sending HTX once the mux is blocked - BUG/MEDIUM: mux-h2: don't send more HTX data than requested - MINOR: mux-h2: stop on non-DATA and non-EOM HTX blocks - BUG/MEDIUM: h1: Correctly report used data with no len. - MEDIUM: h1: Realign the ibuf before calling rcv_buf if needed. - BUG/MEDIUM: mux_pt: Always set CS_FL_RCV_MORE. - MINOR: htx: make htx_from_buf() adjust the size only on new buffers - MINOR: htx: add buf_room_for_htx_data() to help optimize buffer transfers - MEDIUM: mux-h1: make use of buf_room_for_htx_data() instead of b_room() - MEDIUM: mux-h1: attempt to zero-copy Rx DATA transfers - MEDIUM: mux-h1: avoid a double copy on the Tx path whenever possible - BUG/MEDIUM: stream-int: don't mark as blocked an empty buffer on Rx - BUG/MINOR: mux-h1: Check h1m flags to set the server conn_mode on request path - MEDIUM: htx: Rework conversion from a buffer to an htx structure - MEDIUM: channel/htx: Add functions for forward HTX data - MINOR: mux-h1: Don't adjust anymore the amount of data sent in h1_snd_buf() - CLEANUP: htx: Fix indentation here and there in HTX files - MINOR: mux-h1: Allow partial data consumption during outgoing data processing - BUG/MEDIUM: mux-h2: use the correct offset for the HTX start line - BUG/MEDIUM: mux-h2: stop sending using HTX on errors - MINOR: mux-h1: Drain obuf if the output is closed after sending data - BUG/MEDIUM: mworker: stop every tasks in the master - BUG/MEDIUM: htx: Set the right start-line offset after a defrag - BUG/MEDIUM: stream: Don't dereference s->txn when it is not there yet. - BUG/MEDIUM: connections: Reuse an already attached conn_stream. - MINOR: stream-int: add a new blocking condition on the remote connection - BUG/MEDIUM: stream-int: don't attempt to receive if the connection is not established - BUG/MEDIUM: lua: block on remote connection establishment - BUG/MEDIUM: mworker: fix several typos in mworker_cleantasks() - SCRIPTS/REGTEST: merge grep+sed into sed in run-regtests - BUG/MEDIUM: connections: Split CS_FL_RCV_MORE into 2 flags. - BUG/MEDIUM: h1: Don't free the connection if it's an outgoing connection. - BUG/MEDIUM: h1: Set CS_FL_REOS if we had a read0. - BUG/MEDIUM: mux-h1: Be sure to have a conn_stream to set CS_FL_REOS in h1_recv - REGTEST: Move LUA reg test 4 to level 1. - MINOR: ist: add functions to copy/uppercase/lowercase into a buffer or string - MEDIUM: ist: always turn header names to lower case - MINOR: h2: don't turn HTX header names to lower case anymore - MEDIUM: ist: use local conversion arrays to case conversion - MINOR: htx: switch to case sensitive search of lower case header names - MINOR: mux-h1: Set CS_FL_EOS when read0 is detected and no data are pending - BUG/MINOR: stream-int: Process read0 even if no data was received in si_cs_recv - REGTEST: fix the Lua test file name in test lua/h00002 :-) - REGTEST: add a basic test for HTTP rules manipulating headers - BUG/MEDIUM: sample: Don't treat SMP_T_METH as SMP_T_STR. - MINOR: sample: add bc_http_major - BUG/MEDIUM: htx: fix typo in htx_replace_stline() making it fail all the time - REGTEST: make the HTTP rules test compatible with HTTP/2 as well - BUG/MEDIUM: h2: Don't try to chunk data when using HTX. - MINOR: compiler: add a new macro ALREADY_CHECKED() - BUILD: h2: mark the start line already checked to avoid warnings - BUG/MINOR: mux-h1: Remove the connection header when it is useless |
||
Willy Tarreau
|
da7e3be36f |
[RELEASE] Released version 1.9-dev9
Released version 1.9-dev9 with the following main changes : - BUILD/MINOR: ssl: fix build with non-alpn/non-npn libssl - BUG/MINOR: mworker: Do not attempt to close(2) fd -1 - BUILD: compression: fix build error with DEFAULT_MAXZLIBMEM - MINOR: compression: always create the compression pool - BUG/MEDIUM: mworker: fix FD leak upon reload - BUILD: htx: fix fprintf format inconsistency on 32-bit platforms - BUILD: buffers: buf.h requires unistd to get ssize_t on libmusl - MINOR: initcall: introduce a way to register init functions to call at boot - MINOR: init: process all initcalls in order at boot time - MEDIUM: init: convert all trivial registration calls to initcalls - MINOR: thread: provide a set of lock initialisers - MINOR: threads: add new macros to declare self-initializing locks - MEDIUM: init: use self-initializing spinlocks and rwlocks - MINOR: initcall: apply initcall to all register_build_opts() calls - MINOR: initcall: use initcalls for most post_{check,deinit} and per_thread* - MINOR: initcall: use initcalls for section parsers - MINOR: memory: add a callback function to create a pool - MEDIUM: init: use initcall for all fixed size pool creations - MEDIUM: memory: use pool_destroy_all() to destroy all pools on deinit() - MEDIUM: initcall: use initcalls for a few initialization functions - MEDIUM: memory: make the pool cache an array and not a thread_local - MINOR: ssl: free ctx when libssl doesn't support NPN - BUG/MINOR: proto_htx: only mark connections private if NTLM is detected - MINOR: h2: make struct h2_ops static - BUG/MEDIUM: mworker: avoid leak of client socket - REORG: mworker: declare master variable in global.h - BUG/MEDIUM: listeners: CLOEXEC flag is not correctly set - CLEANUP: http: Fix typo in init_http's comment - BUILD: Makefile: Disable -Wcast-function-type if it exists. - BUG/MEDIUM: h2: Don't bogusly error if the previous stream was closed. - REGTEST/MINOR: script: add run-regtests.sh script - REGTEST: Add a basic test for the cache. - BUG/MEDIUM: mux_pt: Don't forget to unsubscribe() on attach. - BUG/MINOR: ssl: ssl_sock_parse_clienthello ignores session id - BUG/MEDIUM: connections: Wake the stream once the mux is chosen. - BUG/MEDIUM: connections: Don't forget to detach the connection from the SI. - BUG/MEDIUM: stream_interface: Don't check if the handshake is done. - BUG/MEDIUM: stream_interface: Make sure we read all the data available. - BUG/MEDIUM: h2: Call h2_process() if there's an error on the connection. - REGTEST: Fix several issues. - REGTEST: lua: check socket functionality from a lua-task - BUG/MEDIUM: session: Remove the session from the session_list in session_free. - BUG/MEDIUM: streams: Don't assume we have a CS in sess_update_st_con_tcp. - BUG/MEDIUM: connections: Don't assume we have a mux in connect_server(). - BUG/MEDIUM: connections: Remove the connection from the idle list before destroy. - BUG/MEDIUM: session: properly clean the outgoing connection before freeing. - BUG/MEDIUM: mux_pt: Don't try to send if handshake is not done. - MEDIUM: connections: Put H2 connections in the idle list if http-reuse always. - MEDIUM: h2: Destroy a connection with no stream if it has no owner. - MAJOR: sessions: Store multiple outgoing connections in the session. - MEDIUM: session: Steal owner-less connections on end of transaction. - MEDIUM: server: Be smarter about deciding to reuse the last server. - BUG/MEDIUM: Special-case http_proxy when dealing with outgoing connections. - BUG/MINOR: cfgparse: Fix transition between 2 sections with the same name - BUG/MINOR: http: Use out buffer instead of trash to display error snapshot - BUG/MINOR: htx: Fix block size calculation when a start-line is added/replaced - BUG/MINOR: mux-h1: Fix processing of "Connection: " header on outgoing messages - BUG/MEDIUM: mux-h1: Reset the H1 parser when an outgoing message is processed - BUG/MINOR: proto_htx: Send outgoing data to client to start response processing - BUG/MINOR: htx: Stop a header or a start line lookup on the first EOH or EOM - BUG/MINOR: connection: report mux modes when HTX is supported - MINOR: htx: add a function to cut the beginning of a DATA block - MEDIUM: conn_stream: Add a way to get mux's info on a CS from the upper layer - MINOR: mux-h1: Implement get_cs_info() callback - MINOR: stream: Rely on CS's info if it exists and fallback on session's ones - MINOR: proto_htx: Use conn_stream's info to set t_idle duration when possible - MINOR: mux-h1: Don't rely on the stream anymore in h1_set_srv_conn_mode() - MINOR: mux-h1: Write last chunk and trailers if not found in the HTX message - MINOR: mux-h1: Be prepare to fail when EOM is added during trailers parsing - MINOR: mux-h1: Subscribe to send in h1_snd_buf() when not all data have been sent - MINOR: mux-h1: Consume channel's data in a loop in h1_snd_buf() - MEDIUM: mux-h1: Add keep-alive outgoing connections in connections list - MINOR: htx: Add function to add an HTX block just before another one - MINOR: htx: Add function to iterate on an HTX message using HTX blocks - MINOR: htx: Add a function to find the HTX block corresponding to a data offset - MINOR: stats: Don't add end-of-data marker and trailers in the HTX response - MEDIUM: htx: Change htx_sl to be a struct instead of an union - MINOR: htx: Add the start-line offset for the HTX message in the HTX structure - MEDIUM: htx: Don't rely on h1_sl anymore except during H1 header parsing - MINOR: proto-htx: Use the start-line flags to set the HTTP messsage ones - MINOR: htx: Add BODYLESS flags on the HTX start-line and the HTTP message - MINOR: proto_htx: Use full HTX messages to send 100-Continue responses - MINOR: proto_htx: Use full HTX messages to send 103-Early-Hints responses - MINOR: proto_htx: Use full HTX messages to send 401 and 407 responses - MINOR: proto_htx: Send valid HTX message when redir mode is enabled on a server - MINOR: proto_htx: Send valid HTX message to send 30x responses - MEDIUM: proto_htx: Convert all HTTP error messages into HTX - MINOR: mux-h1: Process conn_mode on the EOH when no connection header is found - MINOR: mux-h1: Change client conn_mode on an explicit close for the response - MINOR: mux-h1: Capture bad H1 messages - MAJOR: filters: Adapt filters API to be compatible with the HTX represenation - MEDIUM: proto_htx/filters: Add data filtering during the forwarding - MINOR: flt_trace: Adapt to be compatible with the HTX representation - MEDIUM: compression: Adapt to be compatible with the HTX representation - MINOR: h2: implement H2->HTX request header frame transcoding - MEDIUM: mux-h2: register mux for both HTTP and HTX modes - MEDIUM: mux-h2: make h2_rcv_buf() support HTX transfers - MEDIUM: mux-h2: make h2_snd_buf() HTX-aware - MEDIUM: mux-h2: add basic H2->HTX transcoding support for headers - MEDIUM: mux-h2: implement emission of H2 headers frames from HTX blocks - MEDIUM: mux-h2: implement the emission of DATA frames from HTX DATA blocks - MEDIUM: mux-h2: support passing H2 DATA frames to HTX blocks - BUG/MINOR: cfgparse: Fix the call to post parser of the last sections parsed - BUG/MEDIUM: mux-h2: don't lose the first response header in HTX mode - BUG/MEDIUM: mux-h2: remove the HTX EOM block on H2 response headers - MINOR: listener: the mux_proto entry in the bind_conf is const - MINOR: connection: create conn_get_best_mux_entry() - MINOR: server: the mux_proto entry in the server is const - MINOR: config: make sure to associate the proper mux to bind and servers - MINOR: hpack: add ":path" to the list of common header fields - MINOR: h2: add new functions to produce an HTX message from an H2 response - MINOR: mux-h2: mention that the mux is compatible with both sides - MINOR: mux-h2: implement an outgoing stream allocator : h2c_bck_stream_new() - MEDIUM: mux-h2: start to create the outgoing mux - MEDIUM: mux-h2: implement encoding of H2 request on the backend side - MEDIUM: mux-h2: make h2_frt_decode_headers() direction-agnostic - MEDIUM: mux-h2: make h2_process_demux() capable of processing responses as well - MEDIUM: mux-h2: Implement h2_attach(). - MEDIUM: mux-h2: Don't bother flagging outgoing connections as TOOMANY. - REGTEST: Fix LEVEL 4 script 0 of "connection" module. - MINOR: connection: Fix a comment. - MINOR: mux: add a "max_streams" method. - MEDIUM: servers: Add a way to keep idle connections alive. - CLEANUP: fix typos in the htx subsystem - CLEANUP: Fix typo in the chunk headers file - CLEANUP: Fix typos in the h1 subsystem - CLEANUP: Fix typos in the h2 subsystem - CLEANUP: Fix a typo in the mini-clist header - CLEANUP: Fix a typo in the proto_htx subsystem - CLEANUP: Fix typos in the proto_tcp subsystem - CLEANUP: Fix a typo in the signal subsystem - CLEANUP: Fix a typo in the session subsystem - CLEANUP: Fix a typo in the queue subsystem - CLEANUP: Fix typos in the shctx subsystem - CLEANUP: Fix typos in the socket pair protocol subsystem - CLEANUP: Fix typos in the map management functions - CLEANUP: Fix typo in the fwrr subsystem - CLEANUP: Fix typos in the cli subsystem - CLEANUP: Fix typo in the 51d subsystem - CLEANUP: Fix a typo in the base64 subsystem - CLEANUP: Fix a typo in the connection subsystem - CLEANUP: Fix a typo in the protocol header file - CLEANUP: Fix a typo in the checks header file - CLEANUP: Fix typos in the file descriptor subsystem - CLEANUP: Fix a typo in the listener subsystem - BUG/MINOR: lb-map: fix unprotected update to server's score - BUILD: threads: fix minor build warnings when threads are disabled |
||
Willy Tarreau
|
0b936ad946 |
[RELEASE] Released version 1.9-dev8
Released version 1.9-dev8 with the following main changes : - REORG: config: extract the global section parser into cfgparse-global - REORG: config: extract the proxy parser into cfgparse-listen.c - BUILD: update the list of supported targets and compilers in makefile and readme - BUILD: reorder the objects in the makefile - BUILD: Makefile: make "V=1" show some of the commands that are executed - BUILD: Makefile: add the quiet mode to a few more targets - BUILD: Makefile: add "$(Q)" to clean, tags and cscope targets - BUILD: Makefile: switch to quiet mode by default for CC/LD/AR - MINOR: cli: format `show proc` to be more readable - MINOR: cli: displays uptime in `show proc` - MINOR: cli: show master information in 'show proc' - BUG/MEDIUM: hpack: fix encoding of "accept-ranges" field - MAJOR: mux-h1: Remove the rxbuf and decode HTTP messages in channel's buffer - BUG/MINOR: mux-h1: Enable keep-alive on server side - BUG/MEDIUM: mux-h1: Fix freeze when the kernel splicing is used - BUG/MEDIUM: mux-h1: Don't set the flag CS_FL_RCV_MORE when nothing was parsed - BUG/MINOR: stats/htx: Remove channel's output when the request is eaten - BUG/MINOR: proto_htx: Fix request/response synchronisation on error - MINOR: stream-int: Notify caller when an error is reported after a rcv_pipe() - MINOR: stream-int: Notify caller when an error is reported after a rcv_buf() - BUG/MINOR: stream-int: Don't call snd_buf() if there are still data in the pipe - MINOR: stream-int: remove useless checks on CS and conn flags in si_cs_send() - BUG/MINOR: config: Be aware of the HTX during the check of mux protocols - BUG/MINOR: mux-htx: Fix bad test on h1c flags in h1_recv_allowed() - MEDIUM: mworker: wait mode use standard init code path - MINOR: log: introduce ha_notice() - MINOR: mworker: use ha_notice to announce a new worker - BUG/MEDIUM: http_fetch: Make sure name is initialized before http_find_header. - MINOR: cli: add mworker_accept_wrapper to 'show fd' - MEDIUM: signal: signal_unregister() removes every handlers - BUG/MEDIUM: mworker: unregister the signals of main() - MINOR: cli: add a few missing includes in proto/cli.h - REORG: time/activity: move activity measurements to activity.{c,h} - MINOR: activity: report the average loop time in "show activity" - MINOR: activity: add configuration and CLI support for "profiling.tasks" - MEDIUM: tasks: collect per-task CPU time and latency - MINOR: sample: add cpu_calls, cpu_ns_avg, cpu_ns_tot, lat_ns_avg, lat_ns_tot - MINOR: cli/activity: rename the stolen CPU time fields to mention milliseconds - BUG/MINOR: cli: Fix memory leak - BUG/MINOR: mworker: fix FD leak and memory leak in error path - MINOR: poller: move the call of tv_update_date() back to the pollers - MINOR: polling: add an option to support busy polling - MINOR: server: Add "alpn" and "npn" keywords. - MEDIUM: connection: Don't bother reactivating polling after connection retry. - MAJOR: connections: Defer mux creation for outgoing connection if alpn is set. - MEDIUM: ssl: Add ssl_bc_alpn and ssl_bc_npn sample fetches. - MINOR: servers: Free [idle|safe|priv]_conns on exit. - REGTEST: add the option to test only a specific set of files - REGTEST: add a test for connections to a "dispatch" address - BUG/MEDIUM: connections: Don't reset the conn flags in *connect_server(). - MINOR: server: Only defined conn_complete_server if USE_OPENSSL is set. - BUG/MEDIUM: servers: Don't check if we have a conn_stream too soon. - BUG/MEDIUM: sessions: Set sess->origin to NULL if the origin was destroyed. - MEDIUM: servers: Store the connection in the SI until we have a mux. - BUG/MEDIUM: h2: wake the processing task up after demuxing - BUG/MEDIUM: h2: restart demuxing after releasing buffer space |