Commit Graph

111 Commits

Author SHA1 Message Date
Willy Tarreau
71f95fa20e [RELEASE] Released version 2.2-dev1
Released version 2.2-dev1 with the following main changes :
    - DOC: this is development again
    - MINOR: version: this is development again, update the status
    - SCRIPTS: update create-release to fix the changelog on new branches
    - CLEANUP: ssl: Clean up error handling
    - BUG/MINOR: contrib/prometheus-exporter: decode parameter and value only
    - BUG/MINOR: h1: Don't test the host header during response parsing
    - BUILD/MINOR: trace: fix use of long type in a few printf format strings
    - DOC: Clarify behavior of server maxconn in HTTP mode
    - MINOR: ssl: deduplicate ca-file
    - MINOR: ssl: compute ca-list from deduplicate ca-file
    - MINOR: ssl: deduplicate crl-file
    - CLEANUP: dns: resolution can never be null
    - BUG/MINOR: http-htx: Don't make http_find_header() fail if the value is empty
    - DOC: ssl/cli: set/commit/abort ssl cert
    - BUG/MINOR: ssl: fix SSL_CTX_set1_chain compatibility for openssl < 1.0.2
    - BUG/MINOR: fcgi-app: Make the directive pass-header case insensitive
    - BUG/MINOR: stats: Fix HTML output for the frontends heading
    - BUG/MINOR: ssl: fix X509 compatibility for openssl < 1.1.0
    - DOC: clarify matching strings on binary fetches
    - DOC: Fix ordered list in summary
    - DOC: move the "group" keyword at the right place
    - MEDIUM: init: prevent process and thread creation at runtime
    - BUG/MINOR: ssl/cli: 'ssl cert' cmd only usable w/ admin rights
    - BUG/MEDIUM: stream-int: don't subscribed for recv when we're trying to flush data
    - BUG/MINOR: stream-int: avoid calling rcv_buf() when splicing is still possible
    - BUG/MINOR: ssl/cli: don't overwrite the filters variable
    - BUG/MEDIUM: listener/thread: fix a race when pausing a listener
    - BUG/MINOR: ssl: certificate choice can be unexpected with openssl >= 1.1.1
    - BUG/MEDIUM: mux-h1: Never reuse H1 connection if a shutw is pending
    - BUG/MINOR: mux-h1: Don't rely on CO_FL_SOCK_RD_SH to set H1C_F_CS_SHUTDOWN
    - BUG/MINOR: mux-h1: Fix conditions to know whether or not we may receive data
    - BUG/MEDIUM: tasks: Make sure we switch wait queues in task_set_affinity().
    - BUG/MEDIUM: checks: Make sure we set the task affinity just before connecting.
    - MINOR: debug: replace popen() with pipe+fork() in "debug dev exec"
    - MEDIUM: init: set NO_NEW_PRIVS by default when supported
    - BUG/MINOR: mux-h1: Be sure to set CS_FL_WANT_ROOM when EOM can't be added
    - BUG/MEDIUM: mux-fcgi: Handle cases where the HTX EOM block cannot be inserted
    - BUG/MINOR: proxy: make soft_stop() also close FDs in LI_PAUSED state
    - BUG/MINOR: listener/threads: always use atomic ops to clear the FD events
    - BUG/MINOR: listener: also clear the error flag on a paused listener
    - BUG/MEDIUM: listener/threads: fix a remaining race in the listener's accept()
    - MINOR: listener: make the wait paths cleaner and more reliable
    - MINOR: listener: split dequeue_all_listener() in two
    - REORG: listener: move the global listener queue code to listener.c
    - DOC: document the listener state transitions
    - BUG/MEDIUM: kqueue: Make sure we report read events even when no data.
    - BUG/MAJOR: dns: add minimalist error processing on the Rx path
    - BUG/MEDIUM: proto_udp/threads: recv() and send() must not be exclusive.
    - DOC: listeners: add a few missing transitions
    - BUG/MINOR: tasks: only requeue a task if it was already in the queue
    - MINOR: tasks: split wake_expired_tasks() in two parts to avoid useless wakeups
    - DOC: proxies: HAProxy only supports 3 connection modes
    - DOC: remove references to the outdated architecture.txt
    - BUG/MINOR: log: fix minor resource leaks on logformat error path
    - BUG/MINOR: mworker: properly pass SIGTTOU/SIGTTIN to workers
    - BUG/MINOR: listener: do not immediately resume on transient error
    - BUG/MINOR: server: make "agent-addr" work on default-server line
    - BUG/MINOR: listener: fix off-by-one in state name check
    - BUILD/MINOR: unix sockets: silence an absurd gcc warning about strncpy()
    - MEDIUM: h1-htx: Add HTX EOM block when the message is in H1_MSG_DONE state
    - MINOR: http-htx: Add some htx sample fetches for debugging purpose
    - REGTEST: Add an HTX reg-test to check an edge case
    - DOC: clarify the fact that replace-uri works on a full URI
    - BUG/MINOR: sample: fix the closing bracket and LF in the debug converter
    - BUG/MINOR: sample: always check converters' arguments
    - MINOR: sample: Validate the number of bits for the sha2 converter
    - BUG/MEDIUM: ssl: Don't set the max early data we can receive too early.
    - MINOR: ssl/cli: 'show ssl cert' give information on the certificates
    - BUG/MINOR: ssl/cli: fix build for openssl < 1.0.2
    - MINOR: debug: support logging to various sinks
    - MINOR: http: add a new "replace-path" action
    - REGTEST: ssl: test the "set ssl cert" CLI command
    - REGTEST: run-regtests: implement #REQUIRE_BINARIES
    - MINOR: task: only check TASK_WOKEN_ANY to decide to requeue a task
    - BUG/MAJOR: task: add a new TASK_SHARED_WQ flag to fix foreing requeuing
    - BUG/MEDIUM: ssl: Revamp the way early data are handled.
    - MINOR: fd/threads: make _GET_NEXT()/_GET_PREV() use the volatile attribute
    - BUG/MEDIUM: fd/threads: fix a concurrency issue between add and rm on the same fd
    - REGTEST: make the "set ssl cert" require version 2.1
    - BUG/MINOR: ssl: openssl-compat: Fix getm_ defines
    - BUG/MEDIUM: state-file: do not allocate a full buffer for each server entry
    - BUG/MINOR: state-file: do not store duplicates in the global tree
    - BUG/MINOR: state-file: do not leak memory on parse errors
    - BUG/MAJOR: mux-h1: Don't pretend the input channel's buffer is full if empty
    - BUG/MEDIUM: stream: Be sure to never assign a TCP backend to an HTX stream
    - BUILD: ssl: improve SSL_CTX_set_ecdh_auto compatibility
    - BUILD: travis-ci: link with ssl libraries using rpath instead of LD_LIBRARY_PATH/DYLD_LIBRARY_PATH
    - BUILD: travis-ci: reenable address sanitizer for clang builds
    - BUG/MINOR: checks: refine which errno values are really errors.
    - BUG/MINOR: connection: only wake send/recv callbacks if the FD is active
    - CLEANUP: connection: conn->xprt is never NULL
    - MINOR: pollers: add a new flag to indicate pollers reporting ERR & HUP
    - MEDIUM: tcp: make tcp_connect_probe() consider ERR/HUP
    - REORG: connection: move tcp_connect_probe() to conn_fd_check()
    - MINOR: connection: check for connection validation earlier
    - MINOR: connection: remove the double test on xprt_done_cb()
    - CLEANUP: connection: merge CO_FL_NOTIFY_DATA and CO_FL_NOTIFY_DONE
    - MINOR: poller: do not call the IO handler if the FD is not active
    - OPTIM: epoll: always poll for recv if neither active nor ready
    - OPTIM: polling: do not create update entries for FD removal
    - BUG/MEDIUM: checks: Only attempt to do handshakes if the connection is ready.
    - BUG/MEDIUM: connections: Hold the lock when wanting to kill a connection.
    - BUILD: CI: modernize cirrus-ci
    - MINOR: config: disable busy polling on old processes
    - MINOR: ssl: Remove unused variable "need_out".
    - BUG/MINOR: h1: Report the right error position when a header value is invalid
    - BUG/MINOR: proxy: Fix input data copy when an error is captured
    - BUG/MEDIUM: http-ana: Truncate the response when a redirect rule is applied
    - BUG/MINOR: channel: inject output data at the end of output
    - BUG/MEDIUM: session: do not report a failure when rejecting a session
    - MEDIUM: dns: implement synchronous send
    - MINOR: raw_sock: make sure to disable polling once everything is sent
    - MINOR: http: Add 410 to http-request deny
    - MINOR: http: Add 404 to http-request deny
    - CLEANUP: mux-h2: remove unused goto "out_free_h2s"
    - BUILD: cirrus-ci: choose proper openssl package name
    - BUG/MAJOR: listener: do not schedule a task-less proxy
    - CLEANUP: server: remove unused err section in server_finalize_init
    - REGTEST: set_ssl_cert.vtc: replace "echo" with "printf"
    - BUG/MINOR: stream-int: Don't trigger L7 retry if max retries is already reached
    - BUG/MEDIUM: tasks: Use the MT macros in tasklet_free().
    - BUG/MINOR: mux-h2: use a safe list_for_each_entry in h2_send()
    - BUG/MEDIUM: mux-h2: fix missing test on sending_list in previous patch
    - CLEANUP: ssl: remove opendir call in ssl_sock_load_cert
    - MEDIUM: lua: don't call the GC as often when dealing with outgoing connections
    - BUG/MEDIUM: mux-h2: don't stop sending when crossing a buffer boundary
    - BUG/MINOR: cli/mworker: can't start haproxy with 2 programs
    - REGTEST: mcli/mcli_start_progs: start 2 programs
    - BUG/MEDIUM: mworker: remain in mworker mode during reload
    - DOC: clarify crt-base usage
    - CLEANUP: compression: remove unused deinit_comp_ctx section
    - BUG/MEDIUM: mux_h1: Don't call h1_send if we subscribed().
    - BUG/MEDIUM: raw_sock: Make sur the fd and conn are sync.
    - CLEANUP: proxy: simplify proxy_parse_rate_limit proxy checks
    - BUG/MAJOR: hashes: fix the signedness of the hash inputs
    - REGTEST: add sample_fetches/hashes.vtc to validate hashes
    - BUG/MEDIUM: cli: _getsocks must send the peers sockets
    - CLEANUP: cli: deduplicate the code in _getsocks
    - BUG/MINOR: stream: don't mistake match rules for store-request rules
    - BUG/MEDIUM: connection: add a mux flag to indicate splice usability
    - BUG/MINOR: pattern: handle errors from fgets when trying to load patterns
    - MINOR: connection: move the CO_FL_WAIT_ROOM cleanup to the reader only
    - MINOR: stream-int: remove dependency on CO_FL_WAIT_ROOM for rcv_buf()
    - MEDIUM: connection: get rid of CO_FL_CURR_* flags
    - BUILD: pattern: include errno.h
    - MEDIUM: mux-h2: do not try to stop sending streams on blocked mux
    - MEDIUM: mux-fcgi: do not try to stop sending streams on blocked mux
    - MEDIUM: mux-h2: do not make an h2s subscribe to itself on deferred shut
    - MEDIUM: mux-fcgi: do not make an fstrm subscribe to itself on deferred shut
    - REORG: stream/backend: move backend-specific stuff to backend.c
    - MEDIUM: backend: move the connection finalization step to back_handle_st_con()
    - MEDIUM: connection: merge the send_wait and recv_wait entries
    - MEDIUM: xprt: merge recv_wait and send_wait in xprt_handshake
    - MEDIUM: ssl: merge recv_wait and send_wait in ssl_sock
    - MEDIUM: mux-h1: merge recv_wait and send_wait
    - MEDIUM: mux-h2: merge recv_wait and send_wait event notifications
    - MEDIUM: mux-fcgi: merge recv_wait and send_wait event notifications
    - MINOR: connection: make the last arg of subscribe() a struct wait_event*
    - MINOR: ssl: Add support for returning the dn samples from ssl_(c|f)_(i|s)_dn in LDAP v3 (RFC2253) format.
    - DOC: Fix copy and paste mistake in http-response replace-value doc
    - BUG/MINOR: cache: Fix leak of cache name in error path
    - BUG/MINOR: dns: Make dns_query_id_seed unsigned
    - BUG/MINOR: 51d: Fix bug when HTX is enabled
    - MINOR: http-htx: Move htx sample fetches in the scope "internal"
    - MINOR: http-htx: Rename 'internal.htx_blk.val' to 'internal.htx_blk.data'
    - MINOR: http-htx: Make 'internal.htx_blk_data' return a binary string
    - DOC: Add a section to document the internal sample fetches
    - MINOR: mux-h1: Inherit send flags from the upper layer
    - MINOR: contrib/prometheus-exporter: Add heathcheck status/code in server metrics
    - BUG/MINOR: http-ana/filters: Wait end of the http_end callback for all filters
    - BUG/MINOR: http-rules: Remove buggy deinit functions for HTTP rules
    - BUG/MINOR: stick-table: Use MAX_SESS_STKCTR as the max track ID during parsing
    - MEDIUM: http-rules: Register an action keyword for all http rules
    - MINOR: tcp-rules: Always set from which ruleset a rule comes from
    - MINOR: actions: Use ACT_RET_CONT code to ignore an error from a custom action
    - MINOR: tcp-rules: Kill connections when custom actions return ACT_RET_ERR
    - MINOR: http-rules: Return an error when custom actions return ACT_RET_ERR
    - MINOR: counters: Add a counter to report internal processing errors
    - MEDIUM: http-ana: Properly handle internal processing errors
    - MINOR: http-rules: Add a rule result to report internal error
    - MINOR: http-rules: Handle internal errors during HTTP rules evaluation
    - MINOR: http-rules: Add more return codes to let custom actions act as normal ones
    - MINOR: tcp-rules: Handle denied/aborted/invalid connections from TCP rules
    - MINOR: http-rules: Handle denied/aborted/invalid connections from HTTP rules
    - MINOR: stats: Report internal errors in the proxies/listeners/servers stats
    - MINOR: contrib/prometheus-exporter: Export internal errors per proxy/server
    - MINOR: counters: Remove failed_secu counter and use denied_resp instead
    - MINOR: counters: Review conditions to increment counters from analysers
    - MINOR: http-ana: Add a txn flag to support soft/strict message rewrites
    - MINOR: http-rules: Handle all message rewrites the same way
    - MINOR: http-rules: Add a rule to enable or disable the strict rewriting mode
    - MEDIUM: http-rules: Enable the strict rewriting mode by default
    - REGTEST: Fix format of set-uri HTTP request rule in h1or2_to_h1c.vtc
    - MINOR: actions: Add a function pointer to release args used by actions
    - MINOR: actions: Regroup some info about HTTP rules in the same struct
    - MINOR: http-rules/tcp-rules: Call the defined action function first if defined
    - MINOR: actions: Rename the act_flag enum into act_opt
    - MINOR: actions: Add flags to configure the action behaviour
    - MINOR: actions: Use an integer to set the action type
    - MINOR: http-rules: Use a specific action type for some custom HTTP actions
    - MINOR: http-rules: Make replace-header and replace-value custom actions
    - MINOR: http-rules: Make set-header and add-header custom actions
    - MINOR: http-rules: Make set/del-map and add/del-acl custom actions
    - MINOR: http-rules: Group all processing of early-hint rule in its case clause
    - MEDIUM: http-rules: Make early-hint custom actions
    - MINOR: http-rule/tcp-rules: Make track-sc* custom actions
    - MINOR: tcp-rules: Make tcp-request capture a custom action
    - MINOR: http-rules: Add release functions for existing HTTP actions
    - BUG/MINOR: http-rules: Fix memory releases on error path during action parsing
    - MINOR: tcp-rules: Add release functions for existing TCP actions
    - BUG/MINOR: tcp-rules: Fix memory releases on error path during action parsing
    - MINOR: http-htx: Add functions to read a raw error file and convert it in HTX
    - MINOR: http-htx: Add functions to create HTX redirect message
    - MINOR: config: Use dedicated function to parse proxy's errorfiles
    - MINOR: config: Use dedicated function to parse proxy's errorloc
    - MEDIUM: http-htx/proxy: Use a global and centralized storage for HTTP error messages
    - MINOR: proxy: Register keywords to parse errorfile and errorloc directives
    - MINOR: http-htx: Add a new section to create groups of custom HTTP errors
    - MEDIUM: proxy: Add a directive to reference an http-errors section in a proxy
    - MINOR: http-rules: Update txn flags and status when a deny rule is executed
    - MINOR: http-rules: Support an optional status on deny rules for http reponses
    - MINOR: http-rules: Use same function to parse request and response deny actions
    - MINOR: http-ana: Add an error message in the txn and send it when defined
    - MEDIUM: http-rules: Support an optional error message in http deny rules
    - REGTEST: Add a strict rewriting mode reg test
    - REGEST: Add reg tests about error files
    - MINOR: ssl: accept 'verify' bind option with 'set ssl cert'
    - BUG/MINOR: ssl: ssl_sock_load_ocsp_response_from_file memory leak
    - BUG/MINOR: ssl: ssl_sock_load_issuer_file_into_ckch memory leak
    - BUG/MINOR: ssl: ssl_sock_load_sctl_from_file memory leak
    - BUG/MINOR: http_htx: Fix some leaks on error path when error files are loaded
    - CLEANUP: http-ana: Remove useless test on txn when the error message is retrieved
    - BUILD: CI: introduce ARM64 builds
    - BUILD: ssl: more elegant anti-replay feature presence check
    - MINOR: proxy/http-ana: Add support of extra attributes for the cookie directive
    - MEDIUM: dns: use Additional records from SRV responses
    - CLEANUP: Consistently `unsigned int` for bitfields
    - CLEANUP: pattern: remove the pat_time definition
    - BUG/MINOR: http_act: don't check capture id in backend
    - BUG/MINOR: ssl: fix build on development versions of openssl-1.1.x
2020-01-22 10:34:58 +01:00
Willy Tarreau
2e077f8d53 [RELEASE] Released version 2.2-dev0
Released version 2.2-dev0 with the following main changes :
    - exact copy of 2.1.0
2019-11-25 20:36:16 +01:00
Willy Tarreau
e54b43af1e [RELEASE] Released version 2.1.0
Released version 2.1.0 with the following main changes :
    - BUG/MINOR: init: fix set-dumpable when using uid/gid
    - MINOR: init: avoid code duplication while setting identify
    - BUG/MINOR: ssl: ssl_pkey_info_index ex_data can store a dereferenced pointer
    - BUG/MINOR: ssl: fix crt-list neg filter for openssl < 1.1.1
    - MINOR: peers: Alway show the table info for disconnected peers.
    - MINOR: peers: Add TX/RX heartbeat counters.
    - MINOR: peers: Add debugging information to "show peers".
    - BUG/MINOR: peers: Wrong null "server_name" data field handling.
    - MINOR: ssl/cli: 'abort ssl cert' deletes an on-going transaction
    - BUG/MEDIUM: mworker: don't fill the -sf argument with -1 during the reexec
    - BUG/MINOR: peers: "peer alive" flag not reset when deconnecting.
    - BUILD/MINOR: ssl: fix compiler warning about useless statement
    - BUG/MEDIUM: stream-int: Don't loose events on the CS when an EOS is reported
    - MINOR: contrib/prometheus-exporter: filter exported metrics by scope
    - MINOR: contrib/prometheus-exporter: Add a param to ignore servers in maintenance
    - BUILD: debug: Avoid warnings in dev mode with -02 because of some BUG_ON tests
    - BUG/MINOR: mux-h1: Fix tunnel mode detection on the response path
    - BUG/MINOR: http-ana: Properly catch aborts during the payload forwarding
    - DOC: Update http-buffer-request description to remove the part about chunks
    - BUG/MINOR: stream-int: Fix si_cs_recv() return value
    - DOC: internal: document the init calls
    - MEDIUM: dns: Add resolve-opts "ignore-weight"
    - MINOR: ssl: ssl_sock_prepare_ctx() return an error code
    - MEDIUM: ssl/cli: apply SSL configuration on SSL_CTX during commit
    - MINOR: ssl/cli: display warning during 'commit ssl cert'
    - MINOR: version: report the version status in "haproxy -v"
    - MINOR: version: emit the link to the known bugs in output of "haproxy -v"
    - DOC: Add documentation about the use-service action
    - MINOR: ssl: fix possible null dereference in error handling
    - BUG/MINOR: ssl: fix curve setup with LibreSSL
    - BUG/MINOR: ssl: Stop passing dynamic strings as format arguments
    - CLEANUP: ssl: check if a transaction exists once before setting it
    - BUG/MINOR: cli: fix out of bounds in -S parser
    - MINOR: ist: add ist_find_ctl()
    - BUG/MAJOR: h2: reject header values containing invalid chars
    - BUG/MAJOR: h2: make header field name filtering stronger
    - BUG/MAJOR: mux-h2: don't try to decode a response HEADERS frame in idle state
    - MINOR: h2: add a function to report H2 error codes as strings
    - MINOR: mux-h2/trace: report the connection and/or stream error code
    - SCRIPTS: create-release: show the correct origin name in suggested commands
    - SCRIPTS: git-show-backports: add "-s" to proposed cherry-pick commands
    - BUG/MEDIUM: trace: fix a typo causing an incorrect startup error
    - BUILD: reorder the objects in the makefile
    - DOC: mention in INSTALL haproxy 2.1 is a stable stable version
    - MINOR: version: indicate that this version is stable
2019-11-25 19:47:40 +01:00
Willy Tarreau
846813260d [RELEASE] Released version 2.1-dev5
Released version 2.1-dev5 with the following main changes :
    - BUG/MEDIUM: ssl/cli: don't alloc path when cert not found
    - BUG/MINOR: ssl/cli: unable to update a certificate without bundle extension
    - BUG/MINOR: ssl/cli: fix an error when a file is not found
    - MINOR: ssl/cli: replace the default_ctx during 'commit ssl cert'
    - DOC: fix date and http_date keywords syntax
    - MINOR: peers: Add "log" directive to "peers" section.
    - BUG/MEDIUM: mux-h1: Disable splicing for chunked messages
    - BUG/MEDIUM: stream: Be sure to support splicing at the mux level to enable it
    - MINOR: flt_trace: Rename macros to print trace messages
    - MINOR: trace: Add a set of macros to trace events if HA is compiled with debug
    - MEDIUM: stream/trace: Register a new trace source with its events
    - MINOR: doc: http-reuse connection pool fix
    - BUG/MEDIUM: stream: Be sure to release allocated captures for TCP streams
    - MINOR: http-ana: Remove the unused function http_reset_txn()
    - BUG/MINOR: action: do-resolve now use cached response
    - BUG: dns: timeout resolve not applied for valid resolutions
    - DOC: management: fix typo on "cache_lookups" stats output
    - BUG/MINOR: stream: init variables when the list is empty
    - BUG/MEDIUM: tasks: Make tasklet_remove_from_tasklet_list() no matter the tasklet.
    - BUG/MINOR: queue/threads: make the queue unlinking atomic
    - BUG/MEDIUM: Make sure we leave the session list in session_free().
    - CLEANUP: session: slightly simplify idle connection cleanup logic
    - MINOR: memory: also poison the area on freeing
    - CLEANUP: cli: use srv_shutdown_streams() instead of open-coding it
    - CLEANUP: stats: use srv_shutdown_streams() instead of open-coding it
    - BUG/MEDIUM: listeners: always pause a listener on out-of-resource condition
    - BUILD: contrib/da: remove an "unused" warning
    - BUG/MEDIUM: filters: Don't call TCP callbacks for HTX streams
    - MEDIUM: filters: Adapt filters API to allow again TCP filtering on HTX streams
    - MINOR: freq_ctr: Make the sliding window sums thread-safe
    - MINOR: stream: Remove the lock on the proxy to update time stats
    - MINOR: counters: Add fields to store the max observed for {q,c,d,t}_time
    - MINOR: stats: Report max times in addition of the averages for sessions
    - MINOR: contrib/prometheus-exporter: Report metrics about max times for sessions
    - BUG/MINOR: contrib/prometheus-exporter: Rename some metrics
    - MINOR: contrib/prometheus-exporter: report the number of idle conns per server
    - DOC: Add missing stats fields in the management manual
    - BUG/MINOR: mux-h1: Properly catch parsing errors on payload and trailers
    - BUG/MINOR: mux-h1: Don't set CS_FL_EOS on a read0 when receiving data to pipe
    - MINOR: mux-h1: Set EOI on the conn-stream when EOS is reported in TUNNEL state
    - MINOR: sink: Set the default max length for a message to BUFSIZE
    - MINOR: ring: make the parse function automatically set the handler/release
    - BUG/MINOR: log: make "show startup-log" use a ring buffer instead
    - MINOR: stick-table: allow sc-set-gpt0 to set value from an expression
2019-11-15 18:49:37 +01:00
Willy Tarreau
1753cb544d [RELEASE] Released version 2.1-dev4
Released version 2.1-dev4 with the following main changes :
    - BUG/MINOR: cli: don't call the kw->io_release if kw->parse failed
    - BUG/MINOR: mux-h2: Don't pretend mux buffers aren't full anymore if nothing sent
    - BUG/MAJOR: stream-int: Don't receive data from mux until SI_ST_EST is reached
    - DOC: remove obsolete section about header manipulation
    - BUG/MINOR: ssl/cli: cleanup on cli_parse_set_cert error
    - MINOR: ssl/cli: rework the 'set ssl cert' IO handler
    - BUILD: CI: comment out cygwin build, upgrade various ssl libraries
    - DOC: Improve documentation of http-re(quest|sponse) replace-(header|value|uri)
    - BUILD/MINOR: tools: shut up the format truncation warning in get_gmt_offset()
    - BUG/MINOR: spoe: fix off-by-one length in UUID format string
    - BUILD/MINOR: ssl: shut up a build warning about format truncation
    - BUILD: do not disable -Wformat-truncation anymore
    - MINOR: chunk: add chunk_istcat() to concatenate an ist after a chunk
    - Revert "MINOR: istbuf: add b_fromist() to make a buffer from an ist"
    - MINOR: mux: Add a new method to get informations about a mux.
    - BUG/MEDIUM: stream_interface: Only use SI_ST_RDY when the mux is ready.
    - BUG/MEDIUM: servers: Only set SF_SRV_REUSED if the connection if fully ready.
    - MINOR: doc: fix busy-polling performance reference
    - MINOR: config: allow no set-dumpable config option
    - MINOR: init: always fail when setrlimit fails
    - MINOR: ssl/cli: rework 'set ssl cert' as 'set/commit'
    - CLEANUP: ssl/cli: remove leftovers of bundle/certs (it < 2)
    - REGTEST: vtest can now enable mcli with its own flag
    - BUG/MINOR: config: Update cookie domain warn to RFC6265
    - MINOR: sample: add us/ms support to date/http_date
    - BUG/MINOR: ssl/cli: check trash allocation in cli_io_handler_commit_cert()
    - BUG/MEDIUM: mux-h2: report no available stream on a connection having errors
    - BUG/MEDIUM: mux-h2: immediately remove a failed connection from the idle list
    - BUG/MEDIUM: mux-h2: immediately report connection errors on streams
    - BUG/MINOR: stats: properly check the path and not the whole URI
    - BUG/MINOR: ssl: segfault in cli_parse_set_cert with old openssl/boringssl
    - BUG/MINOR: ssl: ckch->chain must be initialized
    - BUG/MINOR: ssl: double free on error for ckch->{key,cert}
    - MINOR: ssl: BoringSSL ocsp_response does not need issuer
    - BUG/MEDIUM: ssl/cli: fix dot research in cli_parse_set_cert
    - MINOR: backend: Add srv_name sample fetche
    - DOC: Add GitHub issue config.yml
2019-11-03 15:43:10 +01:00
Willy Tarreau
c70df53250 [RELEASE] Released version 2.1-dev3
Released version 2.1-dev3 with the following main changes :
    - MINOR: mux-h2/trace: missing conn pointer in demux full message
    - MINOR: mux-h2: add a per-connection list of blocked streams
    - BUILD: ebtree: make eb_is_empty() and eb_is_dup() take a const
    - BUG/MEDIUM: mux-h2: do not enforce timeout on long connections
    - BUG/MEDIUM: tasks: Don't forget to decrement tasks_run_queue.
    - BUG/MINOR: peers: crash on reload without local peer.
    - BUG/MINOR: mux-h2/trace: Fix traces on h2c initialization
    - MINOR: h1-htx: Update h1_copy_msg_data() to ease the traces in the mux-h1
    - MINOR: htx: Adapt htx_dump() to be used from traces
    - MINOR: mux-h1/trace: register a new trace source with its events
    - MINOR: proxy: Store http-send-name-header in lower case
    - MINOR: http: Remove headers matching the name of http-send-name-header option
    - BUG/MINOR: mux-h1: Adjust header case when the server name is add to a request
    - BUG/MINOR: mux-h1: Adjust header case when chunked encoding is add to a message
    - MINOR: mux-h1: Try to wakeup the stream on output buffer allocation
    - MINOR: fcgi: Add function to get the string representation of a record type
    - MINOR: mux-fcgi/trace: Register a new trace source with its events
    - BUG/MEDIUM: cache: make sure not to cache requests with absolute-uri
    - DOC: clarify some points around http-send-name-header's behavior
    - MEDIUM: mux-h2: support emitting CONTINUATION frames after HEADERS
    - BUG/MINOR: mux-h1/mux-fcgi/trace: Fix position of the 4th arg in some traces
    - DOC: fix typo in Prometheus exporter doc
    - MINOR: h2: clarify the rules for how to convert an H2 request to HTX
    - MINOR: htx: Add 2 flags on the start-line to have more info about the uri
    - MINOR: http: Add a function to get the authority into a URI
    - MINOR: h1-htx: Set the flag HTX_SL_F_HAS_AUTHORITY during the request parsing
    - MEDIUM: http-htx: Keep the Host header and the request start-line synchronized
    - MINOR: h1-htx: Only use the path of a normalized URI to format a request line
    - MEDIUM: h2: make the request parser rebuild a complete URI
    - MINOR: h2: report in the HTX flags when the request has an authority
    - MEDIUM: mux-h2: do not map Host to :authority on output
    - MEDIUM: h2: use the normalized URI encoding for absolute form requests
    - MINOR: stats: mention in the help message support for "json" and "typed"
    - MINOR: stats: get rid of the ST_CONVDONE flag
    - MINOR: stats: replace the ST_* uri_auth flags with STAT_*
    - MINOR: stats: always merge the uri_auth flags into the appctx flags
    - MINOR: stats: set the appctx flags when initializing the applet only
    - MINOR: stats: get rid of the STAT_SHOWADMIN flag
    - MINOR: stats: make stats_dump_fields_json() directly take flags
    - MINOR: stats: uniformize the calling convention of the dump functions
    - MINOR: stats: support the "desc" output format modifier for info and stat
    - MINOR: stats: prepare to add a description with each stat/info field
    - MINOR: stats: make "show stat" and "show info"
    - MINOR: stats: fill all the descriptions for "show info" and "show stat"
    - BUG/MEDIUM: applet: always check a fast running applet's activity before killing
    - BUILD: stats: fix missing '=' sign in array declaration
    - MINOR: lists: add new macro LIST_SPLICE_END_DETACHED
    - MINOR: list: add new macro MT_LIST_BEHEAD
    - MEDIUM: task: Split the tasklet list into two lists.
    - MINOR: h2: Document traps to be avoided on multithread.
    - MINOR: lists: Try to use local variables instead of macro arguments.
    - MINOR: lists: Fix alignement of \ when relevant.
    - MINOR: mux-h2: also support emitting CONTINUATION on trailers
    - MINOR: ssl: crt-list do ckchn_lookup
    - REORG: ssl: rename ckch_node to ckch_store
    - REORG: ssl: move structures to ssl_sock.h
    - MINOR: ssl: initialize the sni_keytypes_map as EB_ROOT
    - MINOR: ssl: initialize explicitly the sni_ctx trees
    - BUG/MINOR: ssl: abort on sni allocation failure
    - BUG/MINOR: ssl: free the sni_keytype nodes
    - BUG/MINOR: ssl: abort on sni_keytypes allocation failure
    - MEDIUM: ssl: introduce the ckch instance structure
    - MEDIUM: ssl: split ssl_sock_add_cert_sni()
    - MINOR: ssl: ssl_sock_load_ckchn() can properly fail
    - MINOR: ssl: ssl_sock_load_multi_ckchs() can properly fail
    - MEDIUM: ssl: ssl_sock_load_ckchs() alloc a ckch_inst
    - MINOR: ssl: ssl_sock_load_crt_file_into_ckch() is filling from a BIO
    - MEDIUM: ssl/cli: 'set ssl cert' updates a certificate from the CLI
    - MINOR: ssl: load the sctl in/from the ckch
    - MINOR: ssl: load the ocsp in/from the ckch
    - BUG/MEDIUM: ssl: NULL dereference in ssl_sock_load_cert_sni()
    - BUG/MINOR: ssl: fix build without SSL
    - BUG/MINOR: ssl: fix build without multi-cert bundles
    - BUILD: ssl: wrong #ifdef for SSL engines code
    - BUG/MINOR: ssl: fix OCSP build with BoringSSL
    - BUG/MEDIUM: htx: Catch chunk_memcat() failures when HTX data are formatted to h1
    - BUG/MINOR: chunk: Fix tests on the chunk size in functions copying data
    - BUG/MINOR: mux-h1: Mark the output buffer as full when the xfer is interrupted
    - MINOR: mux-h1: Xfer as much payload data as possible during output processing
    - CLEANUP: h1-htx: Move htx-to-h1 formatting functions from htx.c to h1_htx.c
    - BUG/MINOR: mux-h1: Capture ignored parsing errors
    - MINOR: h1: Reject requests with different occurrences of the header host
    - MINOR: h1: Reject requests if the authority does not match the header host
    - REGTESTS: Send valid URIs in peers reg-tests and fix HA config to avoid warnings
    - REGTESTS: Adapt proxy_protocol_random_fail.vtc to match normalized URI too
    - BUG/MINOR: WURFL: fix send_log() function arguments
    - BUG/MINOR: ssl: fix error messages for OCSP loading
    - BUG/MINOR: ssl: can't load ocsp files
    - MINOR: version: make the version strings variables, not constants
    - BUG/MINOR: http-htx: Properly set htx flags on error files to support keep-alive
    - MINOR: htx: Add a flag on HTX to known when a response was generated by HAProxy
    - MINOR: mux-h1: Force close mode for proxy responses with an unfinished request
    - BUILD: travis-ci: limit build to branches "master" and "next"
    - BUILD/MEDIUM: threads: rename thread_info struct to ha_thread_info
    - BUILD/SMALL: threads: enable threads on osx
    - BUILD/MEDIUM: threads: enable cpu_affinity on osx
    - MINOR: istbuf: add b_fromist() to make a buffer from an ist
    - BUG/MINOR: cache: also cache absolute URIs
    - BUG/MINOR: mworker/ssl: close openssl FDs unconditionally
    - BUG/MINOR: tcp: Don't alter counters returned by tcp info fetchers
    - BUG/MEDIUM: lists: Handle 1-element-lists in MT_LIST_BEHEAD().
    - BUG/MEDIUM: mux_pt: Make sure we don't have a conn_stream before freeing.
    - BUG/MEDIUM: tasklet: properly compute the sleeping threads mask in tasklet_wakeup()
    - BUG/MAJOR: idle conns: schedule the cleanup task on the correct threads
    - BUG/MEDIUM: task: make tasklets either local or shared but not both at once
    - Revert e8826ded5f.
    - BUG/MEDIUM: mux_pt: Don't destroy the connection if we have a stream attached.
    - BUG/MEDIUM: mux_pt: Only call the wake emthod if nobody subscribed to receive.
    - REGTEST: mcli/mcli_show_info: launch a 'show info' on the master CLI
    - CLEANUP: ssl: make ssl_sock_load_cert*() return real error codes
    - CLEANUP: ssl: make ssl_sock_load_ckchs() return a set of ERR_*
    - CLEANUP: ssl: make cli_parse_set_cert handle errcode and warnings.
    - CLEANUP: ssl: make ckch_inst_new_load_(multi_)store handle errcode/warn
    - CLEANUP: ssl: make ssl_sock_put_ckch_into_ctx handle errcode/warn
    - CLEANUP: ssl: make ssl_sock_load_dh_params handle errcode/warn
    - CLEANUP: bind: handle warning label on bind keywords parsing.
    - BUG/MEDIUM: ssl: 'tune.ssl.default-dh-param' value ignored with openssl > 1.1.1
    - BUG/MINOR: mworker/cli: reload fail with inherited FD
    - BUG/MINOR: ssl: Fix fd leak on error path when a TLS ticket keys file is parsed
    - BUG/MINOR: stick-table: Never exceed (MAX_SESS_STKCTR-1) when fetching a stkctr
    - BUG/MINOR: cache: alloc shctx after check config
    - BUG/MINOR: sample: Make the `field` converter compatible with `-m found`
    - BUG/MINOR: server: check return value of fopen() in apply_server_state()
    - REGTESTS: make seamless-reload depend on 1.9 and above
    - REGTESTS: server/cli_set_fqdn requires version 1.8 minimum
    - BUG/MINOR: dns: allow srv record weight set to 0
    - BUG/MINOR: ssl: fix memcpy overlap without consequences.
    - BUG/MINOR: stick-table: fix an incorrect 32 to 64 bit key conversion
    - BUG/MEDIUM: pattern: make the pattern LRU cache thread-local and lockless
    - BUG/MINOR: mux-h2: do not emit logs on backend connections
    - CLEANUP: ssl: remove old TODO commentary
    - CLEANUP: ssl: fix SNI/CKCH lock labels
    - MINOR: ssl: OCSP functions can load from file or buffer
    - MINOR: ssl: load sctl from buf OR from a file
    - MINOR: ssl: load issuer from file or from buffer
    - MINOR: ssl: split ssl_sock_load_crt_file_into_ckch()
    - BUG/MINOR: ssl/cli: fix looking up for a bundle
    - MINOR: ssl/cli: update ocsp/issuer/sctl file from the CLI
    - MINOR: ssl: update ssl_sock_free_cert_key_and_chain_contents
    - MINOR: ssl: copy a ckch from src to dst
    - MINOR: ssl: new functions duplicate and free a ckch_store
    - MINOR: ssl/cli: assignate a new ckch_store
    - MEDIUM: cli/ssl: handle the creation of SSL_CTX in an IO handler
    - BUG/MINOR: ssl/cli: fix build of SCTL and OCSP
    - BUG/MINOR: ssl/cli: out of bounds when built without ocsp/sctl
    - BUG/MINOR: ssl: fix build with openssl < 1.1.0
    - BUG/MINOR: ssl: fix build of X509_chain_up_ref() w/ libreSSL
    - MINOR: tcp: avoid confusion in time parsing init
    - MINOR: debug: add a new "debug dev stream" command
    - MINOR: cli/debug: validate addresses using may_access() in "debug dev stream"
    - REORG: move CLI access level definitions to cli.h
    - MINOR: cli: add an expert mode to hide dangerous commands
    - MINOR: debug: make most debug CLI commands accessible in expert mode
    - MINOR: stats/debug: maintain a counter of debug commands issued
    - BUG/MEDIUM: debug: address a possible null pointer dereference in "debug dev stream"
2019-10-25 15:48:53 +02:00
Willy Tarreau
cb8f03fc46 [RELEASE] Released version 2.1-dev2
Released version 2.1-dev2 with the following main changes :
    - DOC: management: document reuse and connect counters in the CSV format
    - DOC: management: document cache_hits and cache_lookups in the CSV format
    - BUG/MINOR: dns: remove irrelevant dependency on a client connection
    - MINOR: applet: make appctx use their own pool
    - BUG/MEDIUM: checks: Don't attempt to receive data if we already subscribed.
    - BUG/MEDIUM: http/htx: unbreak option http_proxy
    - BUG/MINOR: backend: do not try to install a mux when the connection failed
    - MINOR: mux-h2: Don't adjust anymore the amount of data sent in h2_snd_buf()
    - BUG/MINOR: http_fetch: Fix http_auth/http_auth_group when called from TCP rules
    - BUG/MINOR: http_htx: Initialize HTX error messages for TCP proxies
    - BUG/MINOR: cache/htx: Make maxage calculation HTX aware
    - BUG/MINOR: hlua: Make the function txn:done() HTX aware
    - MINOR: proto_htx: Directly call htx_check_response_for_cacheability()
    - MINOR: proto_htx: Rely on the HTX function to apply a redirect rules
    - MINOR: proto_htx: Add the function htx_return_srv_error()
    - MINOR: backend/htx: Don't rewind output data to set the sni on a srv connection
    - MINOR: proto_htx: Don't stop forwarding when there is a post-connect processing
    - DOC: htx: Update comments in HTX files
    - CLEANUP: htx: Remove the unsued function htx_add_blk_type_size()
    - MINOR: htx: Deduce the number of used blocks from tail and head values
    - MINOR: htx: Use an array of char to store HTX blocks
    - MINOR: htx: Slightly update htx_dump() to report better messages
    - DOC: htx: Add internal documentation about the HTX
    - MAJOR: http: Deprecate and ignore the option "http-use-htx"
    - MEDIUM: mux-h2: Remove support of the legacy HTTP mode
    - CLEANUP: h2: Remove functions converting h2 requests to raw HTTP/1.1 ones
    - MINOR: connection: Remove the multiplexer protocol PROTO_MODE_HTX
    - MINOR: stream: Rely on HTX analyzers instead of legacy HTTP ones
    - MEDIUM: http_fetch: Remove code relying on HTTP legacy mode
    - MINOR: config: Remove tests on the option 'http-use-htx'
    - MINOR: stream: Remove tests on the option 'http-use-htx' in stream_new()
    - MINOR: proxy: Remove tests on the option 'http-use-htx' during H1 upgrade
    - MINOR: hlua: Remove tests on the option 'http-use-htx' to reject TCP applets
    - MINOR: cache: Remove tests on the option 'http-use-htx'
    - MINOR: contrib/prometheus-exporter: Remove tests on the option 'http-use-htx'
    - CLEANUP: proxy: Remove the flag PR_O2_USE_HTX
    - MINOR: proxy: Don't adjust connection mode of HTTP proxies anymore
    - MEDIUM: backend: Remove code relying on the HTTP legacy mode
    - MEDIUM: hlua: Remove code relying on the legacy HTTP mode
    - MINOR: http_act: Remove code relying on the legacy HTTP mode
    - MEDIUM: cache: Remove code relying on the legacy HTTP mode
    - MEDIUM: compression: Remove code relying on the legacy HTTP mode
    - MINOR: flt_trace: Remove code relying on the legacy HTTP mode
    - MINOR: stats: Remove code relying on the legacy HTTP mode
    - MAJOR: filters: Remove code relying on the legacy HTTP mode
    - MINOR: stream: Remove code relying on the legacy HTTP mode
    - MAJOR: http: Remove the HTTP legacy code
    - MINOR: hlua: Remove useless test on TX_CON_WANT_* flags
    - MINOR: proto_http: Remove unused http txn flags
    - MINOR: proto_http: Remove the unused flag HTTP_MSGF_WAIT_CONN
    - CLEANUP: proto_http: Group remaining flags of the HTTP transaction
    - CLEANUP: channel: Remove the unused flag CF_WAKE_CONNECT
    - CLEANUP: proto_http: Remove unecessary includes and comments
    - CLEANUP: proto_http: Move remaining code from proto_http.c to proto_htx.c
    - REORG: proto_htx: Move HTX analyzers & co to http_ana.{c,h} files
    - BUG/MINOR: debug: Remove flags CO_FL_SOCK_WR_ENA/CO_FL_SOCK_RD_ENA
    - MINOR: proxy: Remove support of the option 'http-tunnel'
    - DOC: config: Update as a result of the legacy HTTP removal
    - MEDIUM: config: Remove parsing of req* and rsp* directives
    - MINOR: proxy: Remove the unused list of block rules
    - MINOR: proxy/http_ana: Remove unused req_exp/rsp_exp and req_add/rsp_add lists
    - DOC: config: Remove unsupported req* and rsp* keywords
    - MINOR: global: Preset tune.max_http_hdr to its default value
    - MINOR: http: Don't store raw HTTP errors in chunks anymore
    - BUG/MINOR: session: Emit an HTTP error if accept fails only for H1 connection
    - BUG/MINOR: session: Send a default HTTP error if accept fails for a H1 socket
    - CLEANUP: mux-h2: Remove unused flags H2_SF_CHNK_*
    - BUG/MINOR: checks: do not exit tcp-checks from the middle of the loop
    - MINOR: config: Warn only if the option http-use-htx is used with "no" prefix
    - BUG/MEDIUM: mux-h1: Trim excess server data at the end of a transaction
    - MINOR: connection: add conn_get_src() and conn_get_dst()
    - MINOR: frontend: switch to conn_get_{src,dst}() for logging and debugging
    - MINOR: backend: switch to conn_get_{src,dst}() for port and address mapping
    - MINOR: ssl: switch to conn_get_dst() to retrieve the destination address
    - MINOR: tcp: replace various calls to conn_get_{from,to}_addr with conn_get_{src,dst}
    - MINOR: stream-int: use conn_get_{src,dst} in conn_si_send_proxy()
    - MINOR: stream/cli: use conn_get_{src,dst} in "show sess" and "show peers" output
    - MINOR: log: use conn_get_{dst,src}() to retrieve the cli/frt/bck/srv/ addresses
    - MINOR: http/htx: use conn_get_dst() to retrieve the destination address
    - MINOR: lua: use conn_get_{src,dst} to retrieve connection addresses
    - MINOR: http: check the source address via conn_get_src() in sample fetch functions
    - CLEANUP: connection: remove the now unused conn_get_{from,to}_addr()
    - MINOR: connection: add new src and dst fields
    - MINOR: connection: use conn->{src,dst} instead of &conn->addr.{from,to}
    - MINOR: ssl-sock: use conn->dst instead of &conn->addr.to
    - MINOR: lua: switch to conn->dst for a connection's target address
    - MINOR: peers: use conn->dst for the peer's target address
    - MINOR: htx: switch from conn->addr.{from,to} to conn->{src,dst}
    - MINOR: stream: switch from conn->addr.{from,to} to conn->{src,dst}
    - MINOR: proxy: switch to conn->src in error snapshots
    - MINOR: session: use conn->src instead of conn->addr.from
    - MINOR: tcp: replace conn->addr.{from,to} with conn->{src,dst}
    - MINOR: unix: use conn->dst for the target address in ->connect()
    - MINOR: sockpair: use conn->dst for the target address in ->connect()
    - MINOR: log: use conn->{src,dst} instead of conn->addr.{from,to}
    - MINOR: checks: replace conn->addr.to with conn->dst
    - MINOR: frontend: switch from conn->addr.{from,to} to conn->{src,dst}
    - MINOR: http: convert conn->addr.from to conn->src in sample fetches
    - MEDIUM: backend: turn all conn->addr.{from,to} to conn->{src,dst}
    - MINOR: connection: create a new pool for struct sockaddr_storage
    - MEDIUM: connection: make sure all address producers allocate their address
    - MAJOR: connection: remove the addr field
    - MINOR: connection: don't use clear_addr() anymore, just release the address
    - MINOR: stream: add a new target_addr entry in the stream structure
    - MAJOR: stream: store the target address into s->target_addr
    - MINOR: peers: now remove the remote connection setup code
    - MEDIUM: lua: do not allocate the remote connection anymore
    - MEDIUM: backend: always release any existing prior connection in connect_server()
    - MEDIUM: backend: remove impossible cases from connect_server()
    - BUG/MINOR: mux-h1: Close server connection if input data remains in h1_detach()
    - BUG/MEDIUM: tcp-checks: do not dereference inexisting conn_stream
    - BUG/MINOR: http_ana: Be sure to have an allocated buffer to generate an error
    - BUG/MINOR: http_htx: Support empty errorfiles
    - BUG/CRITICAL: http_ana: Fix parsing of malformed cookies which start by a delimiter
    - BUG/MEDIUM: protocols: add a global lock for the init/deinit stuff
    - BUG/MINOR: proxy: always lock stop_proxy()
    - MEDIUM: mux-h1: Add the support of headers adjustment for bogus HTTP/1 apps
    - BUILD: threads: add the definition of PROTO_LOCK
    - BUG/MEDIUM: lb-chash: Fix the realloc() when the number of nodes is increased
    - BUG/MEDIUM: streams: Don't switch the SI to SI_ST_DIS if we have data to send.
    - BUG/MINOR: log: make sure writev() is not interrupted on a file output
    - DOC: improve the wording in CONTRIBUTING about how to document a bug fix
    - MEDIUM: h1: Don't try to subscribe if we managed to read data.
    - MEDIUM: h1: Don't wake the H1 tasklet if we got the whole request.
    - REGTESTS: checks: exclude freebsd target for tcp-check_multiple_ports.vtc
    - BUG/MINOR: hlua/htx: Reset channels analyzers when txn:done() is called
    - BUG/MEDIUM: hlua: Check the calling direction in lua functions of the HTTP class
    - MINOR: hlua: Don't set request analyzers on response channel for lua actions
    - MINOR: hlua: Add a flag on the lua txn to know in which context it can be used
    - BUG/MINOR: hlua: Only execute functions of HTTP class if the txn is HTTP ready
    - BUG/MINOR: htx: Fix free space addresses calculation during a block expansion
    - MINOR: ssl: merge ssl_sock_load_cert_file() and ssl_sock_load_cert_chain_file()
    - MEDIUM: ssl: use cert_key_and_chain struct in ssl_sock_load_cert_file()
    - MEDIUM: ssl: split the loading of the certificates
    - MEDIUM: ssl: lookup and store in a ckch_node tree
    - MEDIUM: ssl: load DH param in struct cert_key_and_chain
    - BUG/MAJOR: queue/threads: avoid an AB/BA locking issue in process_srv_queue()
    - MINOR: ssl: use STACK_OF for chain certs
    - MINOR: ssl: add extra chain compatibility
    - MINOR: ssl: check private key consistency in loading
    - MINOR: ssl: do not look at DHparam with OPENSSL_NO_DH
    - CLEANUP: ssl: ssl_sock_load_crt_file_into_ckch
    - MINOR: ssl: clean ret variable in ssl_sock_load_ckchn
    - MAJOR: fd: Get rid of the fd cache.
    - MEDIUM: pollers: Remember the state for read and write for each threads.
    - MEDIUM: mux-h2: don't try to read more than needed
    - BUG/BUILD: ssl: fix build with openssl < 1.0.2
    - BUG/MEDIUM: ssl: does not try to free a DH in a ckch
    - BUG/MINOR: debug: fix a small race in the thread dumping code
    - MINOR: wdt: also consider that waiting in the thread dumper is normal
    - REGTESTS: checks: make 4be_1srv_health_checks more reliable
    - BUILD: ssl: BoringSSL add EVP_PKEY_base_id
    - BUG/MEDIUM: ssl: don't free the ckch in multi-cert bundle
    - BUG/MINOR: ssl: fix ressource leaks on error
    - BUG/MEDIUM: lb-chash: Ensure the tree integrity when server weight is increased
    - BUG/MAJOR: http/sample: use a static buffer for raw -> htx conversion
    - BUG/MINOR: stream-int: make sure to always release empty buffers after sending
    - BUG/MEDIUM: ssl: open the right path for multi-cert bundle
    - BUG/MINOR: stream-int: also update analysers timeouts on activity
    - BUG/MEDIUM: mux-h2: unbreak receipt of large DATA frames
    - BUG/MEDIUM: mux-h2: split the stream's and connection's window sizes
    - BUG/MEDIUM: proxy: Make sure to destroy the stream on upgrade from TCP to H2
    - DOC: Add 'Question.md' issue template, discouraging asking questions
    - BUG/MEDIUM: fd: Always reset the polled_mask bits in fd_dodelete().
    - BUG/MEDIUM: pollers: Clear the poll_send bits as well.
    - BUILD: travis-ci: enable daily Coverity scan
    - BUG/MINOR: mux-h2: don't refrain from sending an RST_STREAM after another one
    - BUG/MINOR: mux-h2: use CANCEL, not STREAM_CLOSED in h2c_frt_handle_data()
    - BUG/MINOR: mux-h2: do not send REFUSED_STREAM on aborted uploads
    - BUG/MEDIUM: mux-h2: do not recheck a frame type after a state transition
    - BUG/MINOR: mux-h2: always send stream window update before connection's
    - BUG/MINOR: mux-h2: always reset rcvd_s when switching to a new frame
    - BUG/MEDIUM: checks: make sure to close nicely when we're the last to speak
    - BUG/MEDIUM: stick-table: Wrong stick-table backends parsing.
    - CLEANUP: mux-h2: move the demuxed frame check code in its own function
    - MINOR: cache: add method to cache hash
    - MINOR: cache: allow caching of OPTIONS request
    - BUG/MINOR: ssl: fix 0-RTT for BoringSSL
    - MINOR: ssl: ssl_fc_has_early should work for BoringSSL
    - BUG/MINOR: pools: don't mark the thread harmless if already isolated
    - BUG/MINOR: buffers/threads: always clear a buffer's head before releasing it
    - CLEANUP: buffer: replace b_drop() with b_free()
    - CLEANUP: task: move the cpu_time field to the task-only part
    - MINOR: cli: add two new states to print messages on the CLI
    - MINOR: cli: add cli_msg(), cli_err(), cli_dynmsg(), cli_dynerr()
    - CLEANUP: cli: replace all occurrences of manual handling of return messages
    - BUG/MEDIUM: proxy: Don't forget the SF_HTX flag when upgrading TCP=>H1+HTX.
    - BUG/MEDIUM: proxy: Don't use cs_destroy() when freeing the conn_stream.
    - BUG/MINOR: lua: fix setting netfilter mark
    - BUG/MINOR: Fix prometheus '# TYPE' and '# HELP' headers
    - BUG/MEDIUM: lua: Fix test on the direction to set the channel exp timeout
    - BUG/MINOR: stats: Wait the body before processing POST requests
    - MINOR: fd: make sure to mark the thread as not stuck in fd_update_events()
    - BUG/MEDIUM: mux_pt: Don't call unsubscribe if we did not subscribe.
    - BUILD: travis-ci: trigger non-mainstream configurations only on daily builds.
    - MINOR: debug: indicate the applet name when the task is task_run_applet()
    - MINOR: tools: add append_prefixed_str()
    - MINOR: lua: export applet and task handlers
    - MEDIUM: debug: make the thread dump code show Lua backtraces
    - BUG/MEDIUM: h1: Always try to receive more in h1_rcv_buf().
    - MINOR: list: add LIST_SPLICE() to merge one list into another
    - MINOR: tools: add a DEFNULL() macro to use NULL for empty args
    - REORG: trace: rename trace.c to calltrace.c and mention it's not thread-safe
    - MINOR: sink: create definitions a minimal code for event sinks
    - MINOR: sink: add a support for file descriptors
    - MINOR: trace: start to create a new trace subsystem
    - MINOR: trace: add allocation of buffer-sized trace buffers
    - MINOR: trace/cli: register the "trace" CLI keyword to list the sources
    - MINOR: trace/cli: parse the "level" argument to configure the trace verbosity
    - MINOR: trace/cli: add "show trace" to report trace state and statistics
    - MINOR: trace: implement a very basic trace() function
    - MINOR: trace: add the file name and line number in the prefix
    - MINOR: trace: make trace() now also take a level in argument
    - MINOR: trace: implement a call to a decode function
    - MINOR: trace: add per-level macros to produce traces
    - MINOR: trace: add a definition of typed arguments to trace()
    - MINOR: trace: make sure to always stop the locking when stopping or pausing
    - MINOR: trace: add the possibility to lock on some arguments
    - MINOR: trace: parse the "lock" argument to trace
    - MINOR: trace: retrieve useful pointers and enforce lock-on
    - DOC: management: document the "trace" and "show trace" commands
    - BUILD: trace: make the lockon_ptr const to silence a warning without threads
    - BUG/MEDIUM: mux-h1: do not truncate trailing 0CRLF on buffer boundary
    - BUG/MEDIUM: mux-h1: do not report errors on transfers ending on buffer full
    - DOC: fixed typo in management.txt
    - BUG/MINOR: mworker: disable SIGPROF on re-exec
    - BUG/MEDIUM: listener/threads: fix an AB/BA locking issue in delete_listener()
    - BUG/MEDIUM: url32 does not take the path part into account in the returned hash.
    - MINOR: backend: Add srv_queue converter
    - MINOR: sink: set the fd-type sinks to non-blocking
    - MINOR: tools: add a function varint_bytes() to report the size of a varint
    - MINOR: buffer: add functions to read/write varints from/to buffers
    - MINOR: fd: add fd_write_frag_line() to send a fragmented line to an fd
    - MINOR: sink: now call the generic fd write function
    - MINOR: ring: add a new mechanism for retrieving/storing ring data in buffers
    - MINOR: ring: add a ring_write() function
    - MINOR: ring: add a generic CLI io_handler to dump a ring buffer
    - MINOR: sink: add support for ring buffers
    - MINOR: sink: implement "show events" to show supported sinks and dump the rings
    - MINOR: sink: now report the number of dropped events on output
    - MINOR: trace: support a default callback for the source
    - MINOR: trace: extend the source location to 13 chars
    - MINOR: trace: show thread number and source name in the trace
    - MINOR: trace: change the TRACE() calling convention to put the args and cb last
    - MINOR: connection: add the fc_pp_authority fetch -- authority TLV, from PROXYv2
    - MINOR: tools: add a generic struct "name_desc" for name-description pairs
    - MINOR: trace: replace struct trace_lockon_args with struct name_desc
    - MINOR: trace: change the "payload" level to "data" and move it
    - MINOR: trace: prepend the function name for developer level traces
    - MINOR: trace: also report the trace level in the output
    - MINOR: trace: change the detail_level to per-source verbosity
    - MINOR: mux-h2/trace: register a new trace source with its events
    - MINOR: mux-h2/trace: add the default decoding callback
    - MEDIUM: mux-h2/trace: add lots of traces all over the code
    - MINOR: mux-h2: add functions to convert an h2c/h2s state to a string
    - MINOR: mux-h2/trace: add a new verbosity level "clean"
    - MINOR: mux-h2/trace: only decode the start-line at verbosity other than "minimal"
    - MINOR: mux-h2/trace: always report the h2c/h2s state and flags
    - MINOR: mux-h2/trace: report h2s->id before h2c->dsi for the stream ID
    - CLEANUP: mux-h2/trace: reformat the "received" messages for better alignment
    - CLEANUP: mux-h2/trace: lower-case event names
    - MINOR: trace: extend default event names to 12 chars
    - BUG/MINOR: ring: fix the way watchers are counted
    - MINOR: cli: extend the CLI context with a list and two offsets
    - MINOR: mux-h2/trace: report the connection pointer and state before FRAME_H
    - MEDIUM: ring: implement a wait mode for watchers
    - BUG/MEDIUM: mux-h2/trace: do not dereference h2c->conn after failed idle
    - BUG/MEDIUM: mux-h2/trace: fix missing braces added with traces
    - BUG/MINOR: ring: b_peek_varint() returns a uint64_t, not a size_t
    - CLEANUP: fd: remove leftovers of the fdcache
    - MINOR: fd: add a new "initialized" bit in the fdtab struct
    - MINOR: fd/log/sink: make the non-blocking initialization depend on the initialized bit
    - MEDIUM: log: use the new generic fd_write_frag_line() function
    - MINOR: log: add a target type instead of hacking the address family
    - MEDIUM: log: add support for logging to a ring buffer
    - MINOR: send-proxy-v2: sends authority TLV according to TLV received
    - MINOR: build: add linux-glibc-legacy build TARGET
    - BUG/MEDIUM: peers: local peer socket not bound.
    - BUILD: connection: silence gcc warning with extra parentheses
    - BUG/MINOR: http-ana: Reset response flags when 1xx messages are handled
    - BUG/MINOR: h1: Properly reset h1m when parsing is restarted
    - BUG/MINOR: mux-h1: Fix size evaluation of HTX messages after headers parsing
    - BUG/MINOR: mux-h1: Don't stop anymore input processing when the max is reached
    - BUG/MINOR: mux-h1: Be sure to update the count before adding EOM after trailers
    - BUG/MEDIUM: cache: Properly copy headers splitted on several shctx blocks
    - BUG/MEDIUM: cache: Don't cache objects if the size of headers is too big
    - BUG/MINOR: mux-h1: Fix a possible null pointer dereference in h1_subscribe()
    - MEDIUM: fd: remove the FD_EV_POLLED status bit
    - MEDIUM: fd: simplify the fd_*_{recv,send} functions using BTS/BTR
    - MINOR: fd: make updt_fd_polling() a normal function
    - CONTRIB: debug: add new program "poll" to test poll() events
    - BUG/MINOR: checks: stop polling for write when we have nothing left to send
    - BUG/MINOR: checks: start sending the request right after connect()
    - BUG/MINOR: checks: make __event_chk_srv_r() report success before closing
    - BUG/MINOR: checks: do not uselessly poll for reads before the connection is up
    - BUG/MINOR: mux-h1: Fix a UAF in cfg_h1_headers_case_adjust_postparser()
    - BUILD: CI: add basic CentOS 6 cirrus build
    - MINOR: contrib/prometheus-exporter: Report DRAIN/MAINT/NOLB status for servers
    - BUG/MINOR: lb/leastconn: ignore the server weights for empty servers
    - BUG/MAJOR: ssl: ssl_sock was not fully initialized.
    - MEDIUM: fd: mark the FD as ready when it's inserted
    - MINOR: fd: add two new calls fd_cond_{recv,send}()
    - MEDIUM: connection: enable reading only once the connection is confirmed
    - MINOR: fd: add two flags ERR and SHUT to describe FD states
    - MEDIUM: fd: do not use the FD_POLL_* flags in the pollers anymore
    - BUG/MEDIUM: connection: don't keep more idle connections than ever needed
    - MINOR: stats: report the number of idle connections for each server
    - BUILD: CI: skip reg-tests/connection/proxy_protocol_random_fail.vtc on CentOS 6
    - BUILD/MINOR: auth: enabling for osx
    - BUG/MINOR: listener: Fix a possible null pointer dereference
    - BUG/MINOR: ssl: always check for ssl connection before getting its XPRT context
    - MINOR: stats: Add JSON export from the stats page
    - BUG/MINOR: filters: Properly set the HTTP status code on analysis error
    - MINOR: sample: Add UUID-fetch
    - CLEANUP: mux-h2: Remove unused flag H2_SF_DATA_CHNK
    - BUG/MINOR: acl: Fix memory leaks when an ACL expression is parsed
    - BUG/MINOR: backend: Fix a possible null pointer dereference
    - BUG/MINOR: Missing stat_field_names (since f21d17bb)
    - BUG/MEDIUM: stick-table: Properly handle "show table" with a data type argument
    - BUILD: CI: temporarily disable ASAN
    - MINOR: htx: Add a flag on HTX message to report processing errors
    - MINOR: mux-h1: Report a processing error during output processing
    - MINOR: http-ana: Handle HTX errors first during message analysis
    - MINOR: http-ana: Remove err_state field from http_msg
    - MINOR: config: Support per-proxy and per-server deinit functions callbacks
    - MINOR: config: Support per-proxy and per-server post-check functions callbacks
    - MINOR: http_fetch: Add sample fetches to get auth method/user/pass
    - MINOR: istbuf: Add the function b_isteqi()
    - MINOR: log: Provide a function to emit a log for an application
    - MINOR: http: Add function to parse value of the header Status
    - MEDIUM: mux-h1/h1-htx: move HTX convertion of H1 messages in dedicated file
    - MINOR: h1-htx: Use the same function to copy message payload in all cases
    - MINOR: muxes/htx: Ignore pseudo header during message formatting
    - MINOR: fcgi: Add code related to FCGI protocol
    - MEDIUM: fcgi-app: Add FCGI application and filter
    - MEDIUM: mux-fcgi: Add the FCGI multiplexer
    - MINOR: doc: Add documentation about the FastCGI support
    - BUG/MINOR: build: Fix compilation of mux_fcgi.c when compiled without SSL
    - BUILD: CI: install golang-1.13 when building BoringSSL
    - BUG/MINOR: mux-h2: Be sure to have a connection to unsubcribe
    - BUG/MINOR: mux-fcgi: Be sure to have a connection to unsubcribe
    - CLEANUP: fcgi-app: Remove useless test on fcgi_conf pointer
    - BUG/MINOR: mux-fcgi: Don't compare the filter name in its parsing callback
    - BUG/MAJOR: mux-h2: Handle HEADERS frames received after a RST_STREAM frame
    - BUG/MEDIUM: check/threads: make external checks run exclusively on thread 1
    - MEDIUM: list: Separate "locked" list from regular list.
    - MINOR: mt_lists: Add new macroes.
    - MEDIUM: servers: Use LIST_DEL_INIT() instead of LIST_DEL().
    - MINOR: mt_lists: Do nothing in MT_LIST_ADD/MT_LIST_ADDQ if already in list.
    - MINOR: mt_lists: Give MT_LIST_ADD, MT_LIST_ADDQ and MT_LIST_DEL a return value.
    - MEDIUM: tasklets: Make the tasklet list a struct mt_list.
    - TESTS: Add a stress-test for mt_lists.
    - BUILD: travis-ci: add PCRE2, SLZ build
    - BUG/MINOR: build: fix event ports (Solaris)
    - BUG/MEDIUM: namespace: fix fd leak in master-worker mode
    - OPTIM: listeners: use tasklets for the multi-queue rings
    - BUILD: makefile: work around yet another GCC fantasy (-Wstring-plus-int)
    - BUG/MINOR: stream-int: Process connection/CS errors first in si_cs_send()
    - BUG/MEDIUM: stream-int: Process connection/CS errors during synchronous sends
    - BUG/MEDIUM: checks: make sure the connection is ready before trying to recv
    - CLEANUP: task: remove impossible test
    - CLEANUP: task: cache the task_per_thread pointer
    - MINOR: task: split the tasklet vs task code in process_runnable_tasks()
    - MINOR: task: introduce a thread-local "sched" variable for local scheduler stuff
    - CLEANUP: mux-fcgi: Remove the unused function fcgi_strm_id()
    - BUG/MINOR: mux-fcgi: Use a literal string as format in app_log()
    - BUG/MEDIUM: tasklets: Make sure we're waking the target thread if it sleeps.
    - MINOR: h2/trace: indicate 'F' or 'B' to locate the side of an h2c in traces
    - MINOR: h2/trace: report the frame type when known
    - BUG/MINOR: mux-h2: do not wake up blocked streams before the mux is ready
    - BUG/MEDIUM: namespace: close open namespaces during soft shutdown
    - MINOR: time: add timeofday_as_iso_us() to return instant time as ISO
    - MINOR: sink: finally implement support for SINK_FMT_{TIMED,ISO}
    - MINOR: sink: change ring buffer "buf0"'s format to "timed"
    - BUG/MEDIUM: mux-h2: don't reject valid frames on closed streams
    - BUG/MINOR: mux-fcgi: silence a gcc warning about null dereference
    - BUG/MINOR: mux-h2: Fix missing braces because of traces in h2_detach()
    - BUG/MINOR: mux-h2: Use the dummy error when decoding headers for a closed stream
    - BUG/MAJOR: mux_h2: Don't consume more payload than received for skipped frames
    - BUG/MINOR: mux-h1: Do h2 upgrade only on the first request
    - BUG/MEDIUM: spoe: Use a different engine-id per process
    - MINOR: spoe: Improve generation of the engine-id
    - MINOR: spoe: Support the async mode with several threads
    - MINOR: http: Add server name header from HTTP multiplexers
    - CLEANUP: http-ana: Remove the unused function http_send_name_header()
    - MINOR: stats: Add the support of float fields in stats
    - BUG/MINOR: contrib/prometheus-exporter: Return the time averages in seconds
    - DOC: Fix documentation about the cli command to get resolver stats
    - BUG/MEDIUM: fcgi: fix missing list tail in sample fetch registration
    - BUG/MINOR: stats: Add a missing break in a switch statement
    - BUG/MINOR: lua: Properly initialize the buffer's fields for string samples in hlua_lua2(smp|arg)
    - CLEANUP: lua: Get rid of obsolete (size_t *) cast in hlua_lua2(smp|arg)
    - BUG/MEDIUM: lua: Store stick tables into the sample's `t` field
    - CLEANUP: proxy: Remove `proxy_tbl_by_name`
    - BUILD: ssl: fix a warning when built with openssl < 1.0.2
    - DOC: replace utf-8 quotes by ascii ones
    - BUG/MEDIUM: fd: HUP is an error only when write is active
    - BUG/MINOR: action: do-resolve does not yield on requests with body
    - Revert "MINOR: cache: allow caching of OPTIONS request"
2019-10-01 18:13:09 +02:00
Willy Tarreau
db5140741d [RELEASE] Released version 2.1-dev1
Released version 2.1-dev1 with the following main changes :
    - BUG/MEDIUM: h2/htx: Update data length of the HTX when the cookie list is built
    - DOC: this is a development branch again.
    - MEDIUM: Make 'block' directive fatal
    - MEDIUM: Make 'redispatch' directive fatal
    - MEDIUM: Make '(cli|con|srv)timeout' directive fatal
    - MEDIUM: Remove 'option independant-streams'
    - MINOR: sample: Add sha2([<bits>]) converter
    - MEDIUM: server: server-state global file stored in a tree
    - BUG/MINOR: lua/htx: Make txn.req_req_* and txn.res_rep_* HTX aware
    - BUG/MINOR: mux-h1: Add the header connection in lower case in outgoing messages
    - BUG/MEDIUM: compression: Set Vary: Accept-Encoding for compressed responses
    - MINOR: htx: Add the function htx_change_blk_value_len()
    - BUG/MEDIUM: htx: Fully update HTX message when the block value is changed
    - BUG/MEDIUM: mux-h2: Reset padlen when several frames are demux
    - BUG/MEDIUM: mux-h2: Remove the padding length when a DATA frame size is checked
    - BUG/MEDIUM: lb_fwlc: Don't test the server's lb_tree from outside the lock
    - BUG/MAJOR: sample: Wrong stick-table name parsing in "if/unless" ACL condition.
    - BUILD: mworker: silence two printf format warnings around getpid()
    - BUILD: makefile: use :space: instead of digits to count commits
    - BUILD: makefile: adjust the sed expression of "make help" for solaris
    - BUILD: makefile: do not rely on shell substitutions to determine git version
    - BUG/MINOR: mworker-prog: Fix segmentation fault during cfgparse
    - BUG/MINOR: spoe: Fix memory leak if failing to allocate memory
    - BUG/MEDIUM: mworker: don't call the thread and fdtab deinit
    - BUG/MEDIUM: stream_interface: Don't add SI_FL_ERR the state is < SI_ST_CON.
    - BUG/MEDIUM: connections: Always add the xprt handshake if needed.
    - BUG/MEDIUM: ssl: Don't do anything in ssl_subscribe if we have no ctx.
    - BUG/MEDIUM: mworker/cli: command pipelining doesn't work anymore
    - BUG/MINOR: htx: Save hdrs_bytes when the HTX start-line is replaced
    - BUG/MAJOR: mux-h1: Don't crush trash chunk area when outgoing message is formatted
    - BUG/MINOR: memory: Set objects size for pools in the per-thread cache
    - BUG/MINOR: log: Detect missing sampling ranges in config
    - BUG/MEDIUM: proto_htx: Don't add EOM on 1xx informational messages
    - BUG/MEDIUM: mux-h1: Use buf_room_for_htx_data() to detect too large messages
    - BUG/MINOR: mux-h1: Make format errors during output formatting fatal
    - BUG/MEDIUM: ssl: Don't attempt to set alpn if we're not using SSL.
    - BUG/MEDIUM: mux-h1: Always release H1C if a shutdown for writes was reported
    - BUG/MINOR: mworker/cli: don't output a \n before the response
    - BUG/MEDIUM: checks: unblock signals in external checks
    - BUG/MINOR: mux-h1: Skip trailers for non-chunked outgoing messages
    - BUG/MINOR: mux-h1: Don't return the empty chunk on HEAD responses
    - BUG/MEDIUM: connections: Always call shutdown, with no linger.
    - BUG/MEDIUM: checks: Make sure the tasklet won't run if the connection is closed.
    - BUG/MINOR: contrib/prometheus-exporter: Don't use channel_htx_recv_max()
    - BUG/MINOR: hlua: Don't use channel_htx_recv_max()
    - BUG/MEDIUM: channel/htx: Use the total HTX size in channel_htx_recv_limit()
    - BUG/MINOR: hlua/htx: Respect the reserve when HTX data are sent
    - BUG/MINOR: contrib/prometheus-exporter: Respect the reserve when data are sent
    - BUG/MEDIUM: connections: Make sure we're unsubscribe before upgrading the mux.
    - BUG/MEDIUM: servers: Authorize tfo in default-server.
    - BUG/MEDIUM: sessions: Don't keep an extra idle connection in sessions.
    - MINOR: server: Add "no-tfo" option.
    - BUG/MINOR: contrib/prometheus-exporter: Don't try to add empty data blocks
    - MINOR: action: Add the return code ACT_RET_DONE for actions
    - BUG/MEDIUM: http/applet: Finish request processing when a service is registered
    - BUG/MEDIUM: lb_fas: Don't test the server's lb_tree from outside the lock
    - BUG/MEDIUM: mux-h1: Handle TUNNEL state when outgoing messages are formatted
    - BUG/MINOR: mux-h1: Don't process input or ouput if an error occurred
    - MINOR: stream-int: Factorize processing done after sending data in si_cs_send()
    - BUG/MEDIUM: stream-int: Don't rely on CF_WRITE_PARTIAL to unblock opposite si
    - DOC: contrib: spoa_server Add some hints for building spoa_server
    - DOC: Fix typo in intro.txt
    - BUG/MEDIUM: servers: Don't forget to set srv_cs to NULL if we can't reuse it.
    - BUG/MINOR: ssl: revert empty handshake detection in OpenSSL <= 1.0.2
    - MINOR: pools: release the pool's lock during the malloc/free calls
    - MINOR: pools: always pre-initialize allocated memory outside of the lock
    - MINOR: pools: make the thread harmless during the mmap/munmap syscalls
    - BUG/MEDIUM: fd/threads: fix excessive CPU usage on multi-thread accept
    - BUG/MINOR: server: Be really able to keep "pool-max-conn" idle connections
    - BUG/MEDIUM: checks: Don't attempt to read if we destroyed the connection.
    - BUG/MEDIUM: da: cast the chunk to string.
    - DOC: Fix typos and grammer in configuration.txt
    - CLEANUP: proto_tcp: Remove useless header inclusions.
    - BUG/MEDIUM: servers: Fix a race condition with idle connections.
    - MINOR: task: introduce work lists
    - BUG/MAJOR: listener: fix thread safety in resume_listener()
    - BUG/MEDIUM: mux-h1: Don't release h1 connection if there is still data to send
    - BUG/MINOR: mux-h1: Correctly report Ti timer when HTX and keepalives are used
    - BUG/MEDIUM: streams: Don't give up if we couldn't send the request.
    - BUG/MEDIUM: streams: Don't redispatch with L7 retries if redispatch isn't set.
    - BUG/MINOR: mux-pt: do not pretend there's more data after a read0
    - BUG/MEDIUM: tcp-check: unbreak multiple connect rules again
    - MEDIUM: mworker-prog: Add user/group options to program section
    - REGTESTS: checks: tcp-check connect to multiple ports
    - BUG/MEDIUM: threads: cpu-map designating a single thread/process are ignored
2019-07-16 19:15:28 +02:00
Willy Tarreau
9dc6b97429 [RELEASE] Released version 2.1-dev0
Released version 2.1-dev0 with the following main changes :
    - exact copy of 2.0.0
2019-06-16 21:49:47 +02:00
Willy Tarreau
ba23630ad0 [RELEASE] Released version 2.0.0
Released version 2.0.0 with the following main changes :
    - MINOR: fd: Don't use atomic operations when it's not needed.
    - DOC: mworker-prog: documentation for the program section
    - MINOR: http: add a new "http-request replace-uri" action
    - BUG/MINOR: 51d/htx: The _51d_fetch method, and the methods it calls are now HTX aware.
    - MINOR: 51d: Added dummy libraries for the 51Degrees module for testing.
    - MINOR: mworker: change formatting in uptime field of "show proc"
    - MINOR: mworker: add the HAProxy version in "show proc"
    - MINOR: doc: Remove -Ds option in man page
    - MINOR: doc: add master-worker in the man page
    - MINOR: doc: mention HAPROXY_LOCALPEER in the man
    - BUILD: Silence gcc warning about unused return value
    - CLEANUP: 51d: move the 51d dummy lib to contrib/51d/src to match the real lib
    - BUILD: travis-ci: add 51Degree device detection, update openssl to 1.1.1c
    - MINOR: doc: update the manpage and usage message about -S
    - BUILD/MINOR: 51d: Updated build registration output to indicate thatif the library is a dummy one or not.
    - BUG/MEDIUM: h1: Don't wait for handshake if we had an error.
    - BUG/MEDIUM: h1: Wait for the connection if the handshake didn't complete.
    - BUG/MINOR: task: prevent schedulable tasks from starving under high I/O activity
    - BUG/MINOR: fl_trace/htx: Be sure to always forward trailers and EOM
    - BUG/MINOR: channel/htx: Call channel_htx_full() from channel_full()
    - BUG/MINOR: http: Use the global value to limit the number of parsed headers
    - BUG/MINOR: htx: Detect when tail_addr meet end_addr to maximize free rooms
    - BUG/MEDIUM: htx: Don't change position of the first block during HTX analysis
    - CLEANUP: channel: Remove channel_htx_fwd_payload() and channel_htx_fwd_all()
    - BUG/MEDIUM: proto_htx: Introduce the state ENDING during forwarding
    - MINOR: htx: Add 3 flags on the start-line to deal with the request schemes
    - MINOR: h2: Set flags about the request's scheme on the start-line
    - MINOR: mux-h1: Set flags about the request's scheme on the start-line
    - MINOR: mux-h2: Forward clients scheme to servers checking start-line flags
    - MEDIUM: server: server-state only rely on server name
    - CLEANUP: connection: rename the wait_event.task field to .tasklet
    - CLEANUP: tasks: rename task_remove_from_tasklet_list() to tasklet_remove_*
    - BUG/MEDIUM: connections: Don't call shutdown() if we want to disable linger.
    - DOC: add some environment variables in section 2.3
    - BUILD: makefile: clarify the "help" output and list options
    - BUG/MINOR: mux-h1: Wake busy mux for I/O when message is fully sent
    - BUG: tasks: fix bug introduced by latest scheduler cleanup
    - BUG/MEDIUM: mux-h2: fix early close with option abortonclose
    - BUG/MEDIUM: connections: Don't use ALPN to pick mux when in mode TCP.
    - BUG/MEDIUM: connections: Don't try to send early data if we have no mux.
    - BUG/MEDIUM: mux-h2: properly account for the appended data in HTX
    - BUILD: makefile: further clarify the "help" output and list targets
    - BUILD: makefile: rename "linux2628" to "linux-glibc" and remove older targets
    - BUILD: travis-ci: switch to linux-glibc instead of linux2628
    - DOC: update few references to the linux* targets and change them to linux-glibc
    - BUILD: makefile: detect and reject recently removed linux targets
    - BUILD: makefile: enable linux namespaces by default on linux
    - BUILD: makefile: enable TFO on linux platforms
    - BUILD: makefile: enable getaddrinfo on the linux-glibc target
    - DOC: small updates to the CONTRIBUTING file
    - BUG/MEDIUM: ssl: Make sure we initiate the handshake after using early data.
    - CLEANUP: removed obsolete examples an move a few to better places
    - DOC: Fix typos in CONTRIBUTING
    - DOC: update the outdated ROADMAP file
    - DOC: create a BRANCHES file to explain the life cycle
    - DOC: mention in INSTALL haproxy 2.0 is a long-term supported stable version
    - BUILD: travis-ci: TFO and GETADDRINFO are now enabled by default
    - BUILD: makefile: make the obsolete target detection compatible with make-3.80
    - BUILD: tools: work around an internal compiler bug in gcc-3.4
    - BUILD: pattern: work around an internal compiler bug in gcc-3.4
    - BUILD: makefile: enable USE_RT on Solaris
    - BUILD: makefile: do not use echo -n
    - DOC: mention a few common build errors in the INSTALL file
2019-06-16 20:00:26 +02:00
Willy Tarreau
ca3551f005 [RELEASE] Released version 2.0-dev7
Released version 2.0-dev7 with the following main changes :
    - BUG/MEDIUM: mux-h2: make sure the connection timeout is always set
    - MINOR: tools: add new bitmap manipulation functions
    - MINOR: logs: use the new bitmap functions instead of fd_sets for encoding maps
    - MINOR: chunks: Make sure trash_size is only set once.
    - Revert "MINOR: chunks: Make sure trash_size is only set once."
    - MINOR: threads: serialize threads initialization
    - MINOR peers: data structure simplifications for server names dictionary cache.
    - DOC: peers: Update for dictionary cache entries for peers protocol.
    - MINOR: dict: Store the length of the dictionary entries.
    - MINOR: peers: A bit of optimization when encoding cached server names.
    - MINOR: peers: Optimization for dictionary cache lookup.
    - MEDIUM: tools: improve time format error detection
    - BUG/MEDIUM: H1: When upgrading, make sure we don't free the buffer too early.
    - BUG/MEDIUM: stream_interface: Make sure we call si_cs_process() if CS_FL_EOI.
    - MINOR: threads: avoid clearing harmless twice in thread_release()
    - MEDIUM: threads: add thread_sync_release() to synchronize steps
    - BUG/MEDIUM: init/threads: prevent initialized threads from starting before others
    - OPTIM/MINOR: init/threads: only call protocol_enable_all() on first thread
    - BUG/MINOR: dict: race condition fix when inserting dictionary entries.
    - MEDIUM: init/threads: don't use spinlocks during the init phase
    - BUG/MINOR: cache/htx: Fix the counting of data already sent by the cache applet
    - BUG/MEDIUM: compression/htx: Fix the adding of the last data block
    - MINOR: flt_trace: Don't scrash the original offset during the random forwarding
    - MAJOR: htx: Rework how free rooms are tracked in an HTX message
    - MINOR: htx: Add the function htx_move_blk_before()
    - Revert "BUG/MEDIUM: H1: When upgrading, make sure we don't free the buffer too early."
    - BUG/MINOR: http-rules: mention "deny_status" for "deny" in the error message
    - MINOR: http: turn default error files to HTTP/1.1
    - BUG/MEDIUM: h1: Don't try to subscribe if we had a connection error.
    - BUG/MEDIUM: h1: Don't consider we're connected if the handshake isn't done.
    - MINOR: contrib/spoa_server: Upgrade SPOP to 2.0
    - BUG/MEDIUM: contrib/spoa_server: Set FIN flag on agent frames
    - MINOR: contrib/spoa_server: Add random IP score
    - DOC/MINOR: contrib/spoa_server: Fix typo in README
2019-06-11 19:28:00 +02:00
Willy Tarreau
b57f109966 [RELEASE] Released version 2.0-dev6
Released version 2.0-dev6 with the following main changes :
    - BUG/MEDIUM: connection: fix multiple handshake polling issues
    - MINOR: connection: also stop receiving after a SOCKS4 response
    - MINOR: mux-h1: don't try to recv() before the connection is ready
    - BUG/MEDIUM: mux-h1: only check input data for the current stream, not next one
    - MEDIUM: mux-h1: don't use CS_FL_REOS anymore
    - CLEANUP: connection: remove the now unused CS_FL_REOS flag
    - CONTRIB: debug: add 4 missing connection/conn_stream flags
    - MEDIUM: stream: make a full process_stream() loop when completing I/O on exit
    - MINOR: server: increase the default pool-purge-delay to 5 seconds
    - BUILD: tools: do not use the weak attribute for trace() on obsolete linkers
    - BUG/MEDIUM: vars: make sure the scope is always valid when accessing vars
    - BUG/MEDIUM: vars: make the tcp/http unset-var() action support conditions
    - BUILD: task: fix a build warning when threads are disabled
    - CLEANUP: peers: Remove tabs characters.
    - CLEANUP: peers: Replace hard-coded values by macros.
    - BUG/MINOR: peers: Wrong stick-table update message building.
    - MINOR: dict: Add dictionary new data structure.
    - MINOR: peers: Add a LRU cache implementation for dictionaries.
    - MINOR: stick-table: Add "server_name" new data type.
    - MINOR: cfgparse: Space allocation for "server_name" stick-table data type.
    - MINOR: proxy: Add a "server by name" tree to proxy.
    - MINOR: server: Add a dictionary for server names.
    - MINOR: stream: Stickiness server lookup by name.
    - MINOR: peers: Make peers protocol support new "server_name" data type.
    - MINOR: stick-table: Make the CLI stick-table handler support dictionary entry data type.
    - REGTEST: Add a basic server by name stickiness reg test.
    - MINOR: peers: Add dictionary cache information to "show peers" CLI command.
    - MINOR: peers: Replace hard-coded for peer protocol 64-bits value encoding by macros.
    - MINOR: peers: Replace hard-coded values for peer protocol messaging by macros.
    - CLEANUP: ssl: remove unneeded defined(OPENSSL_IS_BORINGSSL)
    - BUILD: travis-ci improvements
    - MINOR: SSL: add client/server random sample fetches
    - BUG/MINOR: channel/htx: Don't alter channel during forward for empty HTX message
    - BUG/MINOR: contrib/prometheus-exporter: Add HTX data block in one time
    - BUG/MINOR: mux-h1: errflag must be set on H1S and not H1M during output processing
    - MEDIUM: mux-h1: refactor output processing
    - MINOR: mux-h1: Add the flag HAVE_O_CONN on h1s
    - MINOR: mux-h1: Add h1_eval_htx_hdrs_size() to estimate size of the HTX headers
    - MINOR: mux-h1: Don't count the EOM in the estimated size of headers
    - MEDIUM: cache/htx: Always store info about HTX blocks in the cache
    - MEDIUM: htx: Add the parsing of trailers of chunked messages
    - MINOR: htx: Don't use end-of-data blocks anymore
    - BUG/MINOR: mux-h1: Don't send more data than expected
    - BUG/MINOR: flt_trace/htx: Only apply the random forwarding on the message body.
    - BUG/MINOR: peers: Wrong "server_name" decoding.
    - BUG/MEDIUM: servers: Don't attempt to destroy idle connections if disabled.
    - MEDIUM: checks: Make sure we unsubscribe before calling cs_destroy().
    - MEDIUM: connections: Wake the upper layer even if sending/receiving is disabled.
    - MEDIUM: ssl: Handle subscribe by itself.
    - MINOR: ssl: Make ssl_sock_handshake() static.
    - MINOR: connections: Add a new xprt method, remove_xprt.
    - MINOR: connections: Add a new xprt method, add_xprt().
    - MEDIUM: connections: Introduce a handshake pseudo-XPRT.
    - MEDIUM: connections: Remove CONN_FL_SOCK*
    - BUG/MEDIUM: ssl: Don't forget to initialize ctx->send_recv and ctx->recv_wait.
    - BUG/MINOR: peers: Wrong server name parsing.
    - MINOR: server: really increase the pool-purge-delay default to 5 seconds
    - BUG/MINOR: stream: don't emit a send-name-header in conn error or disconnect states
    - MINOR: stream-int: use bit fields to match multiple stream-int states at once
    - MEDIUM: stream-int: remove dangerous interval checks for stream-int states
    - MEDIUM: stream-int: introduce a new state SI_ST_RDY
    - MAJOR: stream-int: switch from SI_ST_CON to SI_ST_RDY on I/O
    - MEDIUM: stream-int: make idle-conns switch to ST_RDY
    - MEDIUM: stream: re-arrange the connection setup status reporting
    - MINOR: stream-int: split si_update() into si_update_rx() and si_update_tx()
    - MINOR: stream-int: make si_sync_send() from the send code of si_update_both()
    - MEDIUM: stream: rearrange the events to remove the loop
    - MEDIUM: stream: only loop on flags relevant to the analysers
    - MEDIUM: stream: don't abusively loop back on changes on CF_SHUT*_NOW
    - BUILD: stream-int: avoid a build warning in dev mode in si_state_bit()
    - BUILD: peers: fix a build warning about an incorrect intiialization
    - BUG/MINOR: time: make sure only one thread sets global_now at boot
    - BUG/MEDIUM: tcp: Make sure we keep the polling consistent in tcp_probe_connect.
2019-06-07 06:12:59 +02:00
Willy Tarreau
abc874ea45 [RELEASE] Released version 2.0-dev5
Released version 2.0-dev5 with the following main changes :
    - BUILD: watchdog: use si_value.sival_int, not si_int for the timer's value
    - BUILD: signals: FreeBSD has SI_LWP instead of SI_TKILL
    - BUILD: watchdog: condition it to USE_RT
    - MINOR: raw_sock: report global traffic statistics
    - MINOR: stats: report the global output bit rate in human readable form
    - BUG/MINOR: proto-htx: Try to keep connections alive on redirect
    - BUG/MEDIUM: spoe: Don't use the SPOE applet after releasing it
    - BUG/MINOR: lua: Set right direction and flags on new HTTP objects
    - BUG/MINOR: mux-h2: Count EOM in bytes sent when a HEADERS frame is formatted
    - BUG/MINOR: mux-h1: Report EOI instead EOS on parsing error or H2 upgrade
    - BUG/MEDIUM: proto-htx: Not forward too much data when 1xx reponses are handled
    - BUG/MINOR: htx: Remove a forgotten while loop in htx_defrag()
    - DOC: fix typos
    - BUG/MINOR: ssl_sock: Fix memory leak when disabling compression
    - OPTIM: freq-ctr: don't take the date lock for most updates
    - MEDIUM: mux-h2: avoid doing expensive buffer realigns when not absolutely needed
    - CLEANUP: debug: remove the TRACE() macro
    - MINOR: buffer: introduce b_make() to make a buffer from its parameters
    - MINOR: buffer: add a new buffer ring API to manipulate rings of buffers
    - MEDIUM: mux-h2: replace all occurrences of mbuf with a buffer ring
    - MEDIUM: mux-h2: make the conditions to send based on mbuf, not just its tail
    - MINOR: mux-h2: introduce h2_release_mbuf() to release all buffers in the mbuf ring
    - MEDIUM: mux-h2: make the send() function iterate over all mux buffers
    - CLEANUP: mux-h2: consistently use a local variable for the mbuf
    - MINOR: mux-h2: report the mbuf's head and tail in "show fd"
    - MAJOR: mux-h2: switch to next mux buffer on buffer full condition.
    - BUILD: connections: shut up gcc about impossible out-of-bounds warning
    - BUILD: ssl: fix latest LibreSSL reg-test error
    - MINOR: cli/activity: remove "fd_del" and "fd_skip" from show activity
    - MINOR: cli/activity: add 3 general purpose counters in development mode
    - BUG/MAJOR: lb/threads: make sure the avoided server is not full on second pass
    - BUG/MEDIUM: queue: fix the tree walk in pendconn_redistribute.
    - BUG/MEDIUM: threads: fix double-word CAS on non-optimized 32-bit platforms
    - MEDIUM: config: now alert when two servers have the same name
    - MINOR: htx: Remove the macro IS_HTX_SMP() and always use IS_HTX_STRM() instead
    - MINOR: htx: Move the macro IS_HTX_STRM() in proto/stream.h
    - MINOR: htx: Store the head position instead of the wrap one
    - MINOR: htx: Store start-line block's position instead of address of its payload
    - MINOR: htx: Add functions to get the first block of an HTX message
    - MINOR: mux-h2/htx: Get the start-line from the head when HEADERS frame is built
    - MINOR: htx: Replace the function http_find_stline() by http_get_stline()
    - CLEANUP: htx: Remove unused function htx_get_stline()
    - MINOR: http/htx: Use sl_pos directly to replace the start-line
    - MEDIUM: http/htx: Perform analysis relatively to the first block
    - MINOR: channel/htx: Call channel_htx_recv_max() from channel_recv_max()
    - MINOR: htx: Add function htx_get_max_blksz()
    - BUG/MINOR: htx: Change htx_xfer_blk() to also count metadata
    - MEDIUM: mux-h1: Use the count value received from the SI in h1_rcv_buf()
    - MINOR: mux-h2: Use the count value received from the SI in h2_rcv_buf()
    - MINOR: stream-int: Don't use the flag CO_RFL_KEEP_RSV anymore in si_cs_recv()
    - MINOR: connection: Remove the unused flag CO_RFL_KEEP_RSV
    - MINOR: mux-h2/htx: Support zero-copy when possible in h2_rcv_buf()
    - MINOR: htx: Add a field to set the memory used by headers in the HTX start-line
    - MINOR: h2/htx: Set hdrs_bytes on the SL when an HTX message is produced
    - MINOR: mux-h1: Set hdrs_bytes on the SL when an HTX message is produced
    - MINOR: htx: Be sure to xfer all headers in one time in htx_xfer_blks()
    - MEDIUM: htx: 1xx messages are now part of the final reponses
    - MINOR: channel/htx: Add function to forward headers of an HTX message
    - MINOR: filters/htx: Use channel_htx_fwd_headers() after headers filtering
    - MINOR: proto-htx: Use channel_htx_fwd_headers() to forward 1xx responses
    - MEDIUM: htx: Store the first block position instead of the start-line one
    - MINOR: stats/htx: don't use the first block position but the head one
    - MINOR: channel/htx: Add functions to forward a part or all HTX payload
    - MINOR: proto-htx: Use channel_htx_fwd_all() when unfiltered body are forwarded
    - MEDIUM: filters/htx: Filter body relatively to the first block
    - MINOR: htx: Optimize htx_drain() when all data are drained
    - MINOR: htx: don't rely on htx_find_blk() anymore in the function htx_truncate()
    - MINOR: htx: remove the unused function htx_find_blk()
    - MINOR: htx: Remove support of pseudo headers because it is unused
    - BUG/MEDIUM: http: fix "http-request reject" when not final
    - MINOR: ssl: Make sure the underlying xprt's init method doesn't fail.
    - MINOR: ssl: Don't forget to call the close method of the underlying xprt.
    - MINOR: htx: rename htx_append_blk_value() to htx_add_data_atonce()
    - MINOR: htx: make htx_add_data() return the transmitted byte count
    - MEDIUM: htx: make htx_add_data() never defragment the buffer
    - MINOR: activity: write totals on the "show activity" output
    - MINOR: activity: report totals and average separately
    - MEDIUM: poller: separate the wait time from the wake events
    - MINOR: activity: report the number of failed pool/buffer allocations
    - MEDIUM: buffers: relax the buffer lock a little bit
    - MINOR: task: turn the WQ lock to an RW_LOCK
    - MEDIUM: task: don't grab the WR lock just to check the WQ
    - BUG/MEDIUM: mux-h1: Don't skip the TCP splicing when there is no more data to read
    - MEDIUM: sessions: Introduce session flags.
    - BUG/MEDIUM: h2: Don't forget to set h2s->cs to NULL after having free'd cs.
    - BUG/MEDIUM: mux-h2: fix the conditions to end the h2_send() loop
    - BUG/MEDIUM: mux-h2: don't refrain from offering oneself a used buffer
    - BUG/MEDIUM: connection: Use the session to get the origin address if needed.
    - MEDIUM: tasks: Get rid of active_tasks_mask.
    - MEDIUM: connection: Upstream SOCKS4 proxy support
    - BUILD: contrib/prometheus: fix build breakage caused by move of idle_pct
    - BUG/MINOR: deinit/threads: make hard-stop-after perform a clean exit
2019-06-02 12:06:08 +02:00
Willy Tarreau
567406949b [RELEASE] Released version 2.0-dev4
Released version 2.0-dev4 with the following main changes :
    - BUILD: enable freebsd builds on cirrus-ci
    - BUG/MINOR: http_fetch: Rely on the smp direction for "cookie()" and "hdr()"
    - MEDIUM: Make 'option forceclose' actually warn
    - MEDIUM: Make 'resolution_pool_size' directive fatal
    - DOC: management: place "show activity" at the right place
    - MINOR: cli/activity: show the dumping thread ID starting at 1
    - MINOR: task: export global_task_mask
    - MINOR: cli/debug: add a thread dump function
    - BUG/MEDIUM: streams: Don't use CF_EOI to decide if the request is complete.
    - BUG/MEDIUM: streams: Try to L7 retry before aborting the connection.
    - BUG/MINOR: debug: make ha_task_dump() always check the task before dumping it
    - BUG/MINOR: debug: make ha_task_dump() actually dump the requested task
    - MINOR: debug: make ha_thread_dump() and ha_task_dump() take a buffer
    - BUG/MINOR: debug: don't check the call date on tasklets
    - MINOR: thread: implement ha_thread_relax()
    - MINOR: task: put barriers after each write to curr_task
    - MINOR: task: always reset curr_task when freeing a task or tasklet
    - MINOR: stream: detach the stream from its own task on stream_free()
    - MEDIUM: debug/threads: implement an advanced thread dump system
    - REGTEST: extend the check duration on tls_health_checks and mark it slow
    - DOC: fix "successful" typo
    - MINOR: init: setenv HAPROXY_CFGFILES
    - MINOR: threads/init: synchronize the threads startup
    - MEDIUM: init/mworker: make the pipe register function a regular initcall
    - CLEANUP: memory: make the fault injection code use the OTHER_LOCK label
    - CLEANUP: threads: remove the now unused START_LOCK label
    - MINOR: init/threads: make the global threads an array of structs
    - MINOR: threads: add each thread's clockid into the global thread_info
    - CLEANUP: stream: remove an obsolete debugging test
    - MINOR: tools: add dump_hex()
    - MINOR: debug: implement ha_panic()
    - MINOR: debug/cli: add some debugging commands for developers
    - MINOR: tools: provide a may_access() function and make dump_hex() use it
    - MINOR: debug: make ha_panic() report threads starting at 1
    - REORG: compat: move some integer limit definitions from standard.h to compat.h
    - REORG: threads: move the struct thread_info from global.h to hathreads.h
    - MINOR: compat: make sure to always define clockid_t
    - MINOR: threads: always place the clockid in the struct thread_info
    - MINOR: threads: add a thread-local thread_info pointer "ti"
    - MINOR: time: move the cpu, mono, and idle time to thread_info
    - MINOR: time: add a function to retrieve another thread's cputime
    - MINOR: debug: report each thread's cpu usage in "show thread"
    - BUILD: threads: only assign the clock_id when supported
    - BUILD: makefile: use USE_OBSOLETE_LINKER for solaris
    - BUILD: makefile: remove -fomit-frame-pointer optimisation (solaris)
    - MAJOR: polling: add event ports support (Solaris)
    - BUG/MEDIUM: streams: Don't switch from SI_ST_CON to SI_ST_DIS on read0.
    - CLEANUP: time: refine the test on _POSIX_TIMERS
    - MINOR: compat: define a new empty type empty_t for non-implemented fields
    - CLEANUP: time: switch clockid_t to empty_t when not available
    - BUG/MINOR: mworker: Fix memory leak of mworker_proc members
    - CLEANUP: objtype: make obj_type() and obj_type_name() take consts
    - MINOR: debug: switch to SIGURG for thread dumps
    - CLEANUP: threads: really move thread_info to hathreads.c
    - MINOR: threads: make threads_{harmless|want_rdv}_mask constant 0 without threads
    - CLEANUP: debug: always report harmless/want_rdv even without threads
    - MINOR: threads: implement ha_tkill() and ha_tkillall()
    - CLEANUP: debug: make use of ha_tkill() and remove ifdefs
    - MINOR: stream: introduce a stream_dump() function and use it in stream_dump_and_crash()
    - MINOR: debug: dump streams when an applet, iocb or stream is known
    - MINOR: threads: add a "stuck" flag to the thread_info struct
    - MINOR: threads: add a timer_t per thread in thread_info
    - MAJOR: watchdog: implement a thread lockup detection mechanism
    - MINOR: stream: remove the cpu time detection from process_stream()
    - MINOR: connection: report the mux names in "haproxy -vv"
    - CLEANUP: mux-h1: use "H1" and not "h1" as the mux's name
    - BUG/MEDIUM: WURFL: segfault in wurfl-get() with missing info.
    - MINOR: WURFL: call header_retireve_callback() in dummy library
    - MINOR: WURFL: fixed Engine load failed error when wurfl-information-list contains wurfl_root_id
    - MINOR: WURFL: shows log messages during module initialization
    - MINOR: WURFL: removes heading wurfl-information-separator from wurfl-get-all() and wurfl-get() results
    - MINOR: WURFL: wurfl_get() and wurfl_get_all() now return an empty string if device detection fails
    - MEDIUM: WURFL: HTX awareness.
    - MINOR: WURFL: module version bump to 2.0
    - MINOR: WURFL: do not emit warnings when not configured
    - CONTRIB: wurfl: address 3 build issues in the wurfl dummy library
    - BUG/MEDIUM: init/threads: provide per-thread alloc/free function callbacks
    - BUILD: travis: add sanitizers to travis-ci builds
    - BUILD: time: remove the test on _POSIX_C_SOURCE
    - CLEANUP: build: rename some build macros to use the USE_* ones
    - CLEANUP: raw_sock: remove support for very old linux splice bug workaround
    - BUG/MEDIUM: dns: make the port numbers unsigned
    - MEDIUM: config: deprecate the antique req* and rsp* commands
2019-05-22 20:48:33 +02:00
Willy Tarreau
a257a9b015 [RELEASE] Released version 2.0-dev3
Released version 2.0-dev3 with the following main changes :
    - BUG/MINOR: peers: Really close the sessions with no heartbeat.
    - CLEANUP: peers: remove useless annoying tabulations.
    - CLEANUP: peers: replace timeout constants by macros.
    - REGTEST: Enable again reg tests with HEAD HTTP method usage.
    - DOC: The option httplog is no longer valid in a backend.
    - DOC: peers: Peers protocol documentation update.
    - REGTEST: remove unexpected "nbthread" statement from Lua test cases
    - BUILD: Makefile: remove 11-years old workarounds for deprecated options
    - BUILD: remove 10-years old error message for obsolete option USE_TCPSPLICE
    - BUILD: Makefile: remove outdated support for dlmalloc
    - BUILD: Makefile: consider a variable's origin and not its value for the options list
    - BUILD: Makefile: also report disabled options in the BUILD_OPTIONS variable
    - BUILD: Makefile: shorten default settings declaration
    - BUILD: Makefile: clean up the target declarations
    - BUILD: report the whole feature set with their status in haproxy -vv
    - BUILD: pass all "USE_*" variables as -DUSE_* to the compiler
    - REGTEST: script: make the script use the new features list
    - REGTEST: script: remove platform-specific assigments of OPTIONS
    - BUG/MINOR: peers: Missing initializations after peer session shutdown.
    - BUG/MINOR: contrib/prometheus-exporter: Fix applet accordingly to recent changes
    - BUILD/MINOR: listener: Silent a few signedness warnings.
    - BUG/MINOR: mux-h1: Only skip invalid C-L headers on output
    - BUG/MEDIUM: mworker: don't free the wrong child when not found
    - BUG/MEDIUM: checks: Don't bother subscribing if we have a connection error.
    - BUG/MAJOR: checks: segfault during tcpcheck_main
    - BUILD: makefile: work around an old bug in GNU make-3.80
    - BUILD: makefile: work around another bug in make 3.80
    - BUILD: http: properly mark some struct as extern
    - BUILD: chunk: properly declare pool_head_trash as extern
    - BUILD: cache: avoid a build warning with some compilers/linkers
    - MINOR: tools: make memvprintf() never pass a NULL target to vsnprintf()
    - MINOR: tools: add an unsetenv() implementation
    - BUILD: re-implement an initcall variant without using executable sections
    - BUILD: use inttypes.h instead of stdint.h
    - BUILD: connection: fix naming of ip_v field
    - BUILD: makefile: fix build of IPv6 header on aix51
    - BUILD: makefile: add _LINUX_SOURCE_COMPAT to build on AIX-51
    - BUILD: define unsetenv on AIX 5.1
    - BUILD: Makefile: disable shared cache on AIX 5.1
    - MINOR: ssl: Add aes_gcm_dec converter
    - REORG: mworker: move serializing functions to mworker.c
    - REORG: mworker: move signals functions to mworker.c
    - REORG: mworker: move IPC functions to mworker.c
    - REORG: mworker: move signal handlers and related functions
    - REORG: mworker: move mworker_cleanlisteners to mworker.c
    - MINOR: mworker: calloc mworker_proc structures
    - MINOR: mworker: don't use children variable anymore
    - MINOR: cli: export cli_parse_default() definition in cli.h
    - REORG: mworker/cli: move CLI functions to mworker.c
    - MEDIUM: mworker-prog: implement program for master-worker
    - MINOR: mworker/cli: show programs in 'show proc'
    - BUG/MINOR: cli: correctly handle abns in 'show cli sockets'
    - MINOR: cli: start addresses by a prefix in 'show cli sockets'
    - MINOR: cli: export HAPROXY_CLI environment variable
    - BUG/MINOR: htx: Preserve empty HTX messages with an unprocessed parsing error
    - BUG/MINOR: proto_htx: Reset to_forward value when a message is set to DONE
    - REGTEST: http-capture/h00000: Relax a regex matching the log message
    - REGTEST: http-messaging/h00000: Fix the test when the HTX is enabled
    - REGTEST: http-rules/h00003: Use a different client for requests expecting a 301
    - REGTEST: log/b00000: Be sure the client always hits its timeout
    - REGTEST: lua/b00003: Relax the regex matching the log message
    - REGTEST: lua/b00003: Specify the HAProxy pid when the command ss is executed
    - BUG/MEDIUM: peers: fix a case where peer session is not cleanly reset on release.
    - BUG/MEDIUM: h2: Don't attempt to recv from h2_process_demux if we subscribed.
    - BUG/MEDIUM: htx: fix random premature abort of data transfers
    - BUG/MEDIUM: streams: Don't remove the SI_FL_ERR flag in si_update_both().
    - BUG/MEDIUM: streams: Store prev_state before calling si_update_both().
    - BUG/MEDIUM: stream: Don't clear the stream_interface flags in si_update_both.
    - MINOR: initcall: Don't forget to define the __start/stop_init_##stg symbols.
    - MINOR: threads: Implement thread_cpus_enabled() for FreeBSD.
    - BUG/MEDIUM: pattern: assign pattern IDs after checking the config validity
    - MINOR: skip get_gmtime where tm is unused
    - MINOR: ssl: Activate aes_gcm_dec converter for BoringSSL
    - BUG/MEDIUM: streams: Only re-run process_stream if we're in a connected state.
    - BUG/MEDIUM: stream_interface: Don't bother doing chk_rcv/snd if not connected.
    - BUG/MEDIUM: task/threads: address a fairness issue between local and global tasks
    - BUG/MINOR: tasks: make sure the first task to be queued keeps its nice value
    - BUG/MINOR: listener: renice the accept ring processing task
    - MINOR: cli/listener: report the number of accepts on "show activity"
    - MINOR: cli/activity: report the accept queue sizes in "show activity"
    - BUG/MEDIUM: spoe: Queue message only if no SPOE applet is attached to the stream
    - BUG/MEDIUM: spoe: Return an error if nothing is encoded for fragmented messages
    - BUG/MINOR: spoe: Be sure to set tv_request when each message fragment is encoded
    - BUG/MEDIUM: htx: Defrag if blocks position is changed and the payloads wrap
    - BUG/MEDIUM: htx: Don't crush blocks payload when append is done on a data block
    - MEDIUM: htx: Deprecate the option 'http-tunnel' and ignore it in HTX
    - MINOR: proto_htx: Don't adjust transaction mode anymore in HTX analyzers
    - BUG/MEDIUM: htx: Fix the process of HTTP CONNECT with h2 connections
    - MINOR: mux-h1: Simplify handling of 1xx responses
    - MINOR: stats/htx: Don't add "Connection: close" header anymore in stats responses
    - MEDIUM: h1: Add an option to sanitize connection headers during parsing
    - MEDIUM: mux-h1: Simplify the connection mode management by sanitizing headers
    - MINOR: mux-h1: Don't release the conn_stream anymore when h1s is destroyed
    - BUG/MINOR: mux-h1: Handle the flag CS_FL_KILL_CONN during a shutdown read/write
    - MINOR: mux-h2: Add a mux_ops dedicated to the HTX mode
    - MINOR: muxes: Add a flag to specify a multiplexer uses the HTX
    - MINOR: stream: Set a flag when the stream uses the HTX
    - MINOR: http: update the macro IS_HTX_STRM() to check the stream flag SF_HTX
    - MINOR: http_fetch/htx: Use stream flags instead of px mode in smp_prefetch_htx
    - MINOR: filters/htx: Use stream flags instead of px mode to instanciate a filter
    - MINOR: muxes: Rely on conn_is_back() during init to handle front/back conn
    - MEDIUM: muxes: Add an optional input buffer during mux initialization
    - MINOR: muxes: Pass the context of the mux to destroy() instead of the connection
    - MEDIUM: muxes: Be prepared to don't own connection during the release
    - MEDIUM: connection: Add conn_upgrade_mux_fe() to handle mux upgrades
    - MEDIUM: htx: Allow the option http-use-htx to be used on TCP proxies too
    - MAJOR: proxy/htx: Handle mux upgrades from TCP to HTTP in HTX mode
    - MAJOR: muxes/htx: Handle inplicit upgrades from h1 to h2
    - MAJOR: htx: Enable the HTX mode by default for all proxies
    - REGTEST: Use HTX by default and add '--no-htx' option to disable it
    - BUG/MEDIUM: muxes: Don't dereference mux context if null in release functions
    - CLEANUP: task: do not export rq_next anymore
    - MEDIUM: tasks: improve fairness between the local and global queues
    - MEDIUM: tasks: only base the nice offset on the run queue depth
    - MINOR: tasks: restore the lower latency scheduling when niced tasks are present
    - BUG/MEDIUM: map: Fix memory leak in the map converter
    - BUG/MINOR: ssl: Fix 48 byte TLS ticket key rotation
    - BUILD: task/thread: fix single-threaded build of task.c
    - BUILD: cli/threads: fix build in single-threaded mode
    - BUG/MEDIUM: muxes: Make sure we unsubcribed when destroying mux ctx.
    - BUG/MEDIUM: h2: Make sure we're not already in the send_list in h2_subscribe().
    - BUG/MEDIUM: h2: Revamp the way send subscriptions works.
    - MINOR: connections: Remove the SUB_CALL_UNSUBSCRIBE flag.
    - BUG/MEDIUM: Threads: Only use the gcc >= 4.7 builtins when using gcc >= 4.7.
    - BUILD: address a few cases of "static <type> inline foo()"
    - BUILD: do not specify "const" on functions returning structs or scalars
    - BUILD: htx: fix a used uninitialized warning on is_cookie2
    - MINOR: peers: Add a new command to the CLI for peers.
    - DOC: update for "show peers" CLI command.
    - BUG/MAJOR: lb/threads: fix insufficient locking on round-robin LB
    - MEDIUM: mworker: store the leaving state of a process
    - MEDIUM: mworker-prog: implements 'option start-on-reload'
    - CLEANUP: mworker: remove the type field in mworker_proc
    - MEDIUM: mworker/cli: export the HAPROXY_MASTER_CLI variable
    - MINOR: cli: don't add a semicolon at the end of HAPROXY_CLI
    - MINOR: mworker: export HAPROXY_MWORKER=1 when running in mworker mode
    - MINOR: init: add a "set-dumpable" global directive to enable core dumps
    - BUG/MINOR: listener/mq: correctly scan all bound threads under low load
    - BUG/MINOR: mworker: mworker_kill should apply on every children
    - BUG/MINOR: mworker: don't exit with an ambiguous value
    - BUG/MINOR: mworker: ensure that we still quits with SIGINT
    - REGTESTS: exclude tests that require ssl, pcre if no such feature is enabled
    - BUG/MINOR: mux-h1: Process input even if the input buffer is empty
    - BUG/MINOR: mux-h1: Don't switch the parser in busy mode if other side has done
    - BUG/MEDIUM: mux-h1: Notify the stream waiting for TCP splicing if ibuf is empty
    - BUG/MEDIUM: mux-h1: Enable TCP splicing to exchange data only
    - MINOR: mux-h1: Handle read0 during TCP splicing
    - BUG/MEDIUM: htx: Don't return the start-line if the HTX message is empty
    - BUG/MAJOR: http_fetch: Get the channel depending on the keyword used
    - BUG/MINOR: http_fetch/htx: Allow permissive sample prefetch for the HTX
    - BUG/MINOR: http_fetch/htx: Use HTX versions if the proxy enables the HTX mode
    - BUG/MEDIUM: tasks: Make sure we set TASK_QUEUED before adding a task to the rq.
    - BUG/MEDIUM: tasks: Make sure we modify global_tasks_mask with the rq_lock.
    - MINOR: tasks: Don't consider we can wake task with tasklet_wakeup().
    - MEDIUM: tasks: No longer use rq.node.leaf_p as a lock.
    - MINOR: tasks: Don't set the TASK_RUNNING flag when adding in the tasklet list.
    - BUG/MEDIUM: applets: Don't use task_in_rq().
    - BUG/MAJOR: task: make sure never to delete a queued task
    - MINOR: task/thread: factor out a wake-up condition
    - CLEANUP: task: remain consistent when using the task's handler
    - MEDIUM: tasks: Merge task_delete() and task_free() into task_destroy().
    - MEDIUM: tasks: Don't account a destroyed task as a runned task.
    - BUG/MINOR: contrib/prometheus-exporter: Fix a typo in the run-queue metric type
    - MINOR: contrib/prometheus-exporter: Remove usless rate metrics
    - MINOR: contrib/prometheus-exporter: Rename some metrics to be more usable
    - MINOR: contrib/prometheus-exporter: Follow best practices about metrics type
    - BUG/MINOR: mworker: disable busy polling in the master process
    - MEDIUM: tasks: Use __ha_barrier_store after modifying global_tasks_mask.
    - MEDIUM: ssl: Give ssl_sock its own context.
    - MEDIUM: connections: Move some fields from struct connection to ssl_sock_ctx.
    - MEDIUM: ssl: provide its own subscribe/unsubscribe function.
    - MEDIUM: connections: Provide a xprt_ctx for each xprt method.
    - MEDIUM: ssl: provide our own BIO.
    - BUILD/medium: ssl: Fix build with OpenSSL < 1.1.0
    - MINOR: peers: adds counters on show peers about tasks calls.
    - MEDIUM: enable travis-ci builds
    - MINOR: fd: Add a counter of used fds.
    - MEDIUM: connections: Add a way to control the number of idling connections.
    - BUG/MEDIUM: maps: only try to parse the default value when it's present
    - BUG/MINOR: acl: properly detect pattern type SMP_T_ADDR
    - REGTEST: Missing REQUIRE_VERSION declarations.
    - MINOR: proto_tcp: tcp-request content: enable set-dst and set-dst-var
    - BUG/MEDIUM: h1: Don't parse chunks CRLF if not enough data are available
    - BUG/MEDIUM: thread/http: Add missing locks in set-map and add-acl HTTP rules
    - BUG/MEDIUM: stream: Don't request a server connection if a shutw was scheduled
    - BUG/MINOR: 51d: Get the request channel to call CHECK_HTTP_MESSAGE_FIRST()
    - BUG/MINOR: da: Get the request channel to call CHECK_HTTP_MESSAGE_FIRST()
    - MINOR: gcc: Fix a silly gcc warning in connect_server()
    - MINOR: ssl/cli: async fd io-handlers printable on show fd
    - Revert "CLEANUP: wurfl: remove dead, broken and unmaintained code"
    - BUILD: add USE_WURFL to the list of known build options
    - MINOR: wurfl: indicate in haproxy -vv the wurfl version in use
    - BUILD: wurfl: build fix for 1.9/2.0 code base
    - CLEANUP: wurfl: removed deprecated methods
    - DOC: wurfl: added point of contact in MAINTAINERS file
    - MINOR: wurfl: enabled multithreading mode
    - MINOR: contrib: dummy wurfl library
    - MINOR: dns: dns_requester structures are now in a memory pool
    - MINOR: dns: move callback affection in dns_link_resolution()
    - MINOR: obj_type: new object type for struct stream
    - MINOR: action: new '(http-request|tcp-request content) do-resolve' action
    - MINOR: log: Extract some code to send syslog messages.
    - REGTEST: replace LEVEL option by a more human readable one.
    - REGTEST: rename the reg test files.
    - REGTEST: adapt some reg tests after renaming.
    - REGTEST: make the "run-regtests" script search for tests in reg-tests by default
    - BUG/MAJOR: stream: Missing DNS context initializations.
    - BUG/MEDIUM: stream: Fix the way early aborts on the client side are handled
    - BUG/MINOR: spoe: Don't systematically wakeup SPOE stream in the applet handler
    - BUG/MEDIUM: ssl: Return -1 on recv/send if we got EAGAIN.
    - BUG/MAJOR: lb/threads: fix AB/BA locking issue in round-robin LB
    - BUG/MAJOR: muxes: Use the HTX mode to find the best mux for HTTP proxies only
    - BUG/MINOR: htx: Exclude TCP proxies when the HTX mode is handled during startup
    - CLEANUP: task: report calls as unsigned in show sess
    - MINOR: tasks/activity: report the context switch and task wakeup rates
    - MINOR: stream: measure and report a stream's call rate in "show sess"
    - MINOR: applet: measure and report an appctx's call rate in "show sess"
    - BUILD: extend Travis CI config to support more platforms
    - REGTEST: exclude osx and generic targets for 40be_2srv_odd_health_checks
    - REGTEST: relax the IPv6 address format checks in converters_ipmask_concat_strcmp_field_word
    - REGTEST: exclude OSX and generic targets from abns_socket.vtc
    - BUILD: travis: remove the "allow_failures" entry
    - BUG/MINOR: activity: always initialize the profiling variable
    - MINOR: activity: make the profiling status per thread and not global
    - MINOR: activity: enable automatic profiling turn on/off
    - CLEANUP: standard: use proper const to addr_to_str() and port_to_str()
    - BUG/MINOR: proto_http: properly reset the stream's call rate on keep-alive
    - MINOR: connection: make the debugging helper functions safer
    - MINOR: stream/debug: make a stream dump and crash function
    - MEDIUM: appctx/debug: force a crash if an appctx spins over itself forever
    - MEDIUM: stream/debug: force a crash if a stream spins over itself forever
    - MEDIUM: streams: measure processing time and abort when detecting bugs
    - BUILD/MEDIUM: contrib: Dummy DeviceAtlas API.
    - MEDIUM: da: HTX mode support.
    - BUG/MEDIUM: mux-h2: properly deal with too large headers frames
    - BUG/MINOR: http: Call stream_inc_be_http_req_ctr() only one time per request
    - BUG/MEDIUM: spoe: arg len encoded in previous frag frame but len changed
    - MINOR: spoe: Use the sample context to pass frag_ctx info during encoding
    - DOC: contrib/modsecurity: Typos and fix the reject example
    - BUG/MEDIUM: contrib/modsecurity: If host header is NULL, don't try to strdup it
    - MINOR: log: Add "sample" new keyword to "log" lines.
    - MINOR: log: Enable the log sampling and load-balancing feature.
    - DOC: log: Document the sampling and load-balancing logging feature.
    - REGTEST: Add a new reg test for log load-balancing feature.
    - BUG/MAJOR: map/acl: real fix segfault during show map/acl on CLI
    - REGTEST: Make this reg test be Linux specific.
    - CLEANUP: task: move the task_per_thread definition to task.h
    - MINOR: activity: report context switch counts instead of rates
    - MINOR: threads: Implement HA_ATOMIC_LOAD().
    - BUG/MEDIUM: port_range: Make the ring buffer lock-free.
    - BUG/MEDIUM: listener: Fix how unlimited number of consecutive accepts is handled
    - MINOR: config: Test validity of tune.maxaccept during the config parsing
    - CLEANUP: config: Don't alter listener->maxaccept when nbproc is set to 1
    - BUG/MEDIUM: servers: fix typo "src" instead of "srv"
    - BUG/MEDIUM: ssl: Don't pretend we can retry a recv/send if we got a shutr/w.
    - BUG/MINOR: haproxy: fix rule->file memory leak
    - BUG/MINOR: log: properly free memory on logformat parse error and deinit()
    - BUG/MINOR: checks: free memory allocated for tasklets
    - BUG/MEDIUM: pattern: fix memory leak in regex pattern functions
    - BUG/MEDIUM: channels: Don't forget to reset output in channel_erase().
    - BUG/MEDIUM: connections: Make sure we remove CO_FL_SESS_IDLE on disown.
    - MINOR: threads: flatten the per-thread cpu-map
    - MINOR: init/threads: remove the useless tids[] array
    - MINOR: init/threads: make the threads array global
    - BUG/MEDIUM: ssl: Use the early_data API the right way.
    - BUG/MEDIUM: streams: Don't add CF_WRITE_ERROR if early data were rejected.
    - MEDIUM: streams: Add the ability to retry a request on L7 failure.
    - MEDIUM: streams: Add a way to replay failed 0rtt requests.
    - MEDIUM: streams: Add a new keyword for retry-on, "junk-response"
    - BUG/MINOR: stream: also increment the retry stats counter on L7 retries
    - BUG/MEDIUM: checks: make sure the warmup task takes the server lock
    - BUG/MINOR: logs/threads: properly split the log area upon startup
    - BUILD: extend travis-ci matrix
    - CLEANUP: Remove appsession documentation
    - DOC: Fix typo in keyword matrix
    - BUILD: remove "build_libressl" duplicate declaration
    - BUILD: travis-ci: get back to osx without openssl support
    - BUILD: enable several LibreSSL hacks, including
    - BUILD: temporarily mark LibreSSL builds as allowed to fail
    - BUILD: travis: TMPDIR replacement.
    - BUG/MEDIUM: ssl: Don't attempt to use early data with libressl.
    - MINOR: doc: Document allow-0rtt on the server line.
    - MINOR: doc: Document the interaction of allow-0rtt and retry-on 0rtt-rejected.
    - MEDIUM: proto: Change the prototype of the connect() method.
    - MEDIUM: tcp: add the "tfo" option to support TCP fastopen on the server
    - MINOR: config: Extract the code of "stick-table" line parsing.
    - BUILD/MINOR: stick-table: Compilation fix.
    - MEDIUM: stick-table: Stop handling stick-tables as proxies.
    - MINOR: stick-tables: Add peers process binding computing.
    - MINOR: stick-table: Add prefixes to stick-table names.
    - MINOR: peers: Do not emit global stick-table names.
    - DOC: Update for "table" lines in "peers" section.
    - REGTEST: Add reg tests for "table" lines in "peers" sections.
    - MEDIUM: regex: modify regex_comp() to atomically allocate/free the my_regex struct
    - REGTEST: make the tls_health_checks test much faster
    - REGTEST: make the "table in peers" test require v2.0
    - BUG/MINOR: mux-h2: rely on trailers output not input to turn them to empty data
    - BUG/MEDIUM: h2/htx: always fail on too large trailers
    - MEDIUM: mux-h2: discard contents that are to be sent after a shutdown
    - BUG/MEDIUM: mux-h2/htx: never wait for EOM when processing trailers
    - BUG/MEDIUM: h2/htx: never leave a trailers block alone with no EOM block
    - REGTEST: Flag some slow reg tests.
    - REGTEST: Reg tests file renaming.
    - REGTEST: Wrong renaming for one reg test.
    - REGTEST: Wrong assumption in IP:port logging test.
    - BUG/MINOR: mworker/ssl: close OpenSSL FDs on reload
    - MINOR: systemd: Use the variables from /etc/default/haproxy
    - MINOR: systemd: Make use of master socket in systemd unit
    - MINOR: systemd: support /etc/sysconfig/ for redhat based distrib
    - BUG/MEDIUM: stick-table: fix regression caused by a change in proxy struct
    - BUG/MEDIUM: tasks: fix possible segfault on task_destroy()
    - CLEANUP: task: remove unneeded tests before task_destroy()
    - MINOR: mworker: support a configurable maximum number of reloads
    - BUG/MINOR: mux-h2: fix the condition to close a cs-less h2s on the backend
    - BUG/MEDIUM: spoe: Be sure the sample is found before setting its context
    - BUG/MINOR: mux-h1: Fix the parsing of trailers
    - BUG/MINOR: htx: Never transfer more than expected in htx_xfer_blks()
    - MINOR: htx: Split on DATA blocks only when blocks are moved to an HTX message
    - MINOR: htx: Don't try to append a trailer block with the previous one
    - MINOR: htx: Remove support for unused OOB HTX blocks
    - BUILD: travis-ci bugfixes and improvements
    - BUG/MEDIUM: servers: Don't use the same srv flag for cookie-set and TFO.
    - BUG/MEDIUM: h2: Make sure we set send_list to NULL in h2_detach().
    - BUILD: ssl: fix again a libressl build failure after the openssl FD leak fix
    - CLEANUP: ssl-sock: use HA_OPENSSL_VERSION_NUMBER instead of OPENSSL_VERSION_NUMBER
    - BUILD: ssl: make libressl use its own version numbers
    - CLEANUP: ssl: remove 57 occurrences of useless tests on LIBRESSL_VERSION_NUMBER
    - MINOR: ssl: enable aes_gcm_dec on LibreSSL
    - BUILD: ssl: fix libressl build again after aes-gcm-enc
    - REORG: ssl: move openssl-compat from proto to common
    - REORG: ssl: move some OpenSSL defines from ssl_sock to openssl-compat
    - CLEANUP: ssl: never include openssl/*.h outside of openssl-compat.h anymore
    - CLEANUP: ssl: make inclusion of openssl headers safe
    - BUILD: add BoringSSL to travis-ci build matrix
    - BUILD: threads: Add __ha_cas_dw fallback for single threaded builds
    - BUG/MINOR: stream: Attach the read side on the response as soon as possible
    - BUG/MEDIUM: http: Use pointer to the begining of input to parse message headers
    - BUG/MEDIUM: h2: Don't check send_wait to know if we're in the send_list.
    - BUG/MEDIUM: streams: Make sur SI_FL_L7_RETRY is set before attempting a retry.
    - MEDIUM: streams: Add a new http action, disable-l7-retry.
    - MINOR: streams: Introduce a new retry-on keyword, all-retryable-errors.
    - BUG/MINOR: vars: Fix memory leak in vars_check_arg
    - BUILD: travis-ci: make TMPDIR global variable in travis-ci
    - CLEANUP: ssl: move the SSL_OP_* and SSL_MODE_* definitions to openssl-compat
    - CLEANUP: ssl: remove ifdef around SSL_CTX_get_extra_chain_certs()
    - CLEANUP: ssl: move all BIO_* definitions to openssl-compat
    - BUILD: threads: fix again the __ha_cas_dw() definition
    - BUG/MAJOR: mux-h2: do not add a stream twice to the send list
    - Revert "BUG/MINOR: vars: Fix memory leak in vars_check_arg"
    - BUG/MINOR: peers: Fix memory leak in cfg_parse_peers
    - BUG/MINOR: htx: make sure to always initialize the HTTP method when parsing a buffer
    - REGTEST: fix tls_health_checks random failures on MacOS in Travis-CI
    - MINOR: spoe: Set the argument chunk size to 0 when SPOE variables are checked
    - BUG/MINOR: vars: Fix memory leak in vars_check_arg
    - BUG/MAJOR: ssl: segfault upon an heartbeat request
    - MINOR: spoa-server: Clone the v1.7 spoa-example project
    - MINOR: spoa-server: move some definition from spoa_server.c to spoa_server.h
    - MINOR: spoa-server: Externalise debug functions
    - MINOR: spoe-server: rename "worker" functions
    - MINOR: spoa-server: Replace the thread init system by processes
    - MINOR: spoa-server: With debug mode, start only one process
    - MINOR: spoa-server: Allow registering external processes
    - MINOR: spoa-server: Allow registering message processors
    - MINOR: spoa-server: Load files
    - MINOR: spoa-server: Prepare responses
    - MINOR: spoa-server: Execute registered callbacks
    - MINOR: spoa-server: Add Lua processing
    - MINOR: spoa-server: Add python
    - MINOR/DOC: spoe-server: Add documentation
    - BUG/MEDIUM: connections: Don't forget to set xprt_ctx to NULL on close.
    - MINOR: lists: add LIST_ADDED() to check if an element belongs to a list
    - CLEANUP: mux-h2: use LIST_ADDED() instead of LIST_ISEMPTY() where relevant
    - MINOR: mux-h2: add two H2S flags to report the need for shutr/shutw
    - CLEANUP: mux-h2: simply use h2s->flags instead of ret in h2_deferred_shut()
    - CLEANUP: connection: remove the handle field from the wait_event struct
    - BUG/MINOR: log: Wrong log format initialization.
    - BUG/MINOR: mux-h2: make the do_shut{r,w} functions more robust against retries
    - BUG/MINOR: mworker: use after free when the PID not assigned
    - MINOR: mux-h2: remove useless test on stream ID vs last in wake function
    - MINOR: mux-h2: make h2_wake_some_streams() not depend on the CS flags
    - MINOR: mux-h2: make h2s_wake_one_stream() the only function to deal with CS
    - MINOR: mux-h2: make h2s_wake_one_stream() not depend on temporary CS flags
    - BUG/MINOR: mux-h2: make sure to honor KILL_CONN in do_shut{r,w}
    - CLEANUP: mux-h2: don't test for impossible CS_FL_REOS conditions
    - MINOR: mux-h2: add macros to check multiple stream states at once
    - MINOR: mux-h2: stop relying on CS_FL_REOS
    - BUG/MEDIUM: mux-h2: Set EOI on the conn_stream during h2_rcv_buf()
    - BUILD: debug: make gcc not complain on the ABORT_NOW() macro
    - MINOR: debug: add a new BUG_ON macro
    - MINOR: h2: Use BUG_ON() to enforce rules in subscribe/unsubscribe.
    - MINOR: h1: Use BUG_ON() to enforce rules in subscribe/unsubscribe.
    - MINOR: connections: Use BUG_ON() to enforce rules in subscribe/unsubscribe.
    - BUILD: ist: turn the lower/upper case tables to literal on obsolete linkers
2019-05-15 16:51:48 +02:00
Willy Tarreau
6e893b9931 [RELEASE] Released version 2.0-dev2
Released version 2.0-dev2 with the following main changes :
    - CLEANUP: http: Remove unreachable code in parse_http_req_capture
    - CLEANUP: stream: Remove bogus loop in conn_si_send_proxy
    - MINOR: lists: Implement locked variations.
    - MEDIUM: servers: Used a locked list for idle_orphan_conns.
    - MEDIUM: servers: Reorganize the way idle connections are cleaned.
    - BUG/MEDIUM: lists: Properly handle the case we're removing the first elt.
    - MINOR: cfgparse: Add a cast to make gcc happier.
    - BUG/MEDIUM: standard: Wrong reallocation size.
    - BUG/MINOR: listener: keep accept rate counters accurate under saturation
    - DOC: fix alphabetic ordering for "tune.fail-alloc" setting
    - MAJOR: config: disable support for nbproc and nbthread in parallel
    - MEDIUM: listener: keep a single thread-mask and warn on "process" misuse
    - MAJOR: listener: do not hold the listener lock in listener_accept()
    - MINOR: listener: maintain a per-thread count of the number of connections on a listener
    - MINOR: tools: implement functions to look up the nth bit set in a mask
    - MINOR: listener: pre-compute some thread counts per bind_conf
    - MINOR: listener: implement multi-queue accept for threads
    - MAJOR: listener: use the multi-queue for multi-thread listeners
    - MINOR: activity: add accept queue counters for pushed and overflows
    - MINOR: config: add global tune.listener.multi-queue setting
    - MAJOR: threads: enable one thread per CPU by default
    - DOC: update management.txt to reflect that threads are used by default
    - BUG/MINOR: config: don't over-count the global maxsock value
    - BUG/MEDIUM: list: fix the rollback on addq in the locked liss
    - BUG/MEDIUM: list: fix LIST_POP_LOCKED's removal of the last pointer
    - BUG/MEDIUM: list: add missing store barriers when updating elements and head
    - MINOR: list: make the delete and pop operations idempotent
    - MINOR: server: remove a few unneeded LIST_INIT calls after LIST_DEL_LOCKED
    - BUG/MEDIUM: listener: use a self-locked list for the dequeue lists
    - BUG/MEDIUM: listener: make sure the listener never accepts too many conns
    - BUG/MEDIUM: list: correct fix for LIST_POP_LOCKED's removal of last element
    - MINOR: listener: introduce listener_backlog() to report the backlog value
    - MINOR: listener: do not needlessly set l->maxconn
    - MINOR: proxy: do not change the listeners' maxconn when updating the frontend's
    - MEDIUM: config: don't enforce a low frontend maxconn value anymore
    - MINOR: peers: Add a message for heartbeat.
    - MINOR: global: keep a copy of the initial rlim_fd_cur and rlim_fd_max values
    - BUG/MINOR: init: never lower rlim_fd_max
    - BUG/MINOR: checks: make external-checks restore the original rlim_fd_cur/max
    - BUG/MINOR: mworker: be careful to restore the original rlim_fd_cur/max on reload
    - MINOR: init: make the maxpipe computation more accurate
    - MINOR: init: move some maxsock updates earlier
    - MEDIUM: init: make the global maxconn default to what rlim_fd_cur permits
    - REGTEST: fix a spurious "nbthread 4" in the connection test
    - DOC: update the text related to the global maxconn value
    - BUG/MAJOR: mux-h2: fix race condition between close on both ends
    - MINOR: sample: Replace "req.ungrpc" smp fetch by a "ungrpc" converter.
    - BUG/MEDIUM: list: fix again LIST_ADDQ_LOCKED
    - MINOR: htx: unconditionally handle parsing errors in requests or responses
    - MINOR: mux-h2: always pass HTX_FL_PARSING_ERROR between h2s and buf on RX
    - BUG/MEDIUM: h2/htx: verify that :path doesn't contain invalid chars
    - MINOR: sample: Code factorization "ungrpc" converter.
    - MINOR: sample: Rework gRPC converter code.
    - CLEANUP: wurfl: remove dead, broken and unmaintained code
    - MINOR: config: relax the range checks on cpu-map
    - BUG/MINOR: ssl: fix warning about ssl-min/max-ver support
    - MINOR: sample: Extract some protocol buffers specific code.
    - DOC: Remove tabs and fixed punctuation.
    - MINOR: sample: Add a protocol buffers specific converter.
    - REGTEST: Peers reg tests.
    - REGTEST: Enable reg tests with HEAD HTTP method usage.
    - MINOR: lists: add a LIST_DEL_INIT() macro
    - MINOR: task: use LIST_DEL_INIT() to remove a task from the queue
    - MINOR: listener: improve incoming traffic distribution
    - MINOR: tools: implement my_flsl()
    - MEDIUM: listener: change the LB algorithm again to use two round robins instead
    - CLEANUP: listener: remove old thread bit mapping
    - MINOR: listener: move thr_idx from the bind_conf to the listener
    - BUG/MEDIUM: logs: Only attempt to free startup_logs once.
    - BUG/MAJOR: config: Wrong maxconn adjustment.
    - BUG/MEDIUM: 51d: fix possible segfault on deinit_51degrees()
    - OPTIM: task: limit the impact of memory barriers in taks_remove_from_task_list()
    - MINOR: fd: Remove debugging code.
    - BUG/MEDIUM: listeners: Don't call fd_stop_recv() if fd_updt is NULL.
    - MINOR: threads: Implement __ha_barrier_atomic*.
    - MEDIUM: threads: Use __ATOMIC_SEQ_CST when using the newer atomic API.
    - MINOR: threads: Add macros to do atomic operation with no memory barrier.
    - MEDIUM: various: Use __ha_barrier_atomic* when relevant.
    - MEDIUM: applets: Use the new _HA_ATOMIC_* macros.
    - MEDIUM: xref: Use the new _HA_ATOMIC_* macros.
    - MEDIUM: fd: Use the new _HA_ATOMIC_* macros.
    - MEDIUM: freq_ctr: Use the new _HA_ATOMIC_* macros.
    - MEDIUM: proxy: Use the new _HA_ATOMIC_* macros.
    - MEDIUM: server: Use the new _HA_ATOMIC_* macros.
    - MEDIUM: task: Use the new _HA_ATOMIC_* macros.
    - MEDIUM: activity: Use the new _HA_ATOMIC_* macros.
    - MEDIUM: backend: Use the new _HA_ATOMIC_* macros.
    - MEDIUM: cache: Use the new _HA_ATOMIC_* macros.
    - MEDIUM: checks: Use the new _HA_ATOMIC_* macros.
    - MEDIUM: pollers: Use the new _HA_ATOMIC_* macros.
    - MEDIUM: compression: Use the new _HA_ATOMIC_* macros.
    - MEDIUM: spoe: Use the new _HA_ATOMIC_* macros.
    - MEDIUM: threads: Use the new _HA_ATOMIC_* macros.
    - MEDIUM: http: Use the new _HA_ATOMIC_* macros.
    - MEDIUM: lb/threads: Use the new _HA_ATOMIC_* macros.
    - MEDIUM: listeners: Use the new _HA_ATOMIC_* macros.
    - MEDIUM: logs: Use the new _HA_ATOMIC_* macros.
    - MEDIUM: memory: Use the new _HA_ATOMIC_* macros.
    - MEDIUM: peers: Use the new _HA_ATOMIC_* macros.
    - MEDIUM: proto_tcp: Use the new _HA_ATOMIC_* macros.
    - MEDIUM: queues: Use the new _HA_ATOMIC_* macros.
    - MEDIUM: sessions: Use the new _HA_ATOMIC_* macros.
    - MEDIUM: ssl: Use the new _HA_ATOMIC_* macros.
    - MEDIUM: stream: Use the new _HA_ATOMIC_* macros.
    - MEDIUM: tcp_rules: Use the new _HA_ATOMIC_* macros.
    - MEDIUM: time: Use the new _HA_ATOMIC_* macros.
    - MEDIUM: vars: Use the new _HA_ATOMIC_* macros.
    - MINOR: config: remove obsolete use of DEFAULT_MAXCONN at various places
    - MINOR: config: continue to rely on DEFAULT_MAXCONN to set the minimum maxconn
    - BUG/MEDIUM: list: fix incorrect pointer unlocking in LIST_DEL_LOCKED()
    - BUG/MEDIUM: listener: make sure we don't pick stopped threads
    - MEDIUM: list: Remove useless barriers.
    - MEDIUM: list: Use _HA_ATOMIC_*
    - MEDIUM: connections: Use _HA_ATOMIC_*
    - BUG/MAJOR: tasks: Use the TASK_GLOBAL flag to know if we're in the global rq.
    - BUG/MEDIUM: threads/fd: do not forget to take into account epoll_fd/pipes
    - BUG/MEDIUM: init/threads: consider epoll_fd/pipes for automatic maxconn calculation
    - BUG/MEDIUM: tasks: Make sure we wake sleeping threads if needed.
    - BUG/MINOR: mux-h1: Don't report an error on EOS if no message was received
    - BUG/MINOR: stats/htx: Call channel_add_input() when response headers are sent
    - BUG/MINOR: lua/htx: Use channel_add_input() when response data are added
    - BUG/MINOR: lua/htx: Don't forget to call htx_to_buf() when appropriate
    - MINOR: stats: Add the status code STAT_STATUS_IVAL to handle invalid requests
    - MINOR: stats: Move stuff about the stats status codes in stats files
    - BUG/MINOR: stats: Be more strict on what is a valid request to the stats applet
    - Revert "REGTEST: Enable reg tests with HEAD HTTP method usage."
    - BUILD: listener: shut up a build warning when threads are disabled
    - BUILD: Makefile: allow the reg-tests target to be verbose
    - BUILD: Makefile: resolve LEVEL before calling run-regtests
    - BUG/MAJOR: spoe: Fix initialization of thread-dependent fields
    - BUG/MAJOR: stats: Fix how huge POST data are read from the channel
    - BUG/MINOR: http/counters: fix missing increment of fe->srv_aborts
    - BUG/MEDIUM: mux-h2: Always wakeup streams with no id to avoid frozen streams
    - MINOR: mux-h2: Set REFUSED_STREAM error to reset a stream if no data was never sent
    - MINOR: muxes: Report the Last read with a dedicated flag
    - MINOR: proto-http/proto-htx: Make error handling clearer during data forwarding
    - BUILD: tools: fix a build warning on some 32-bit archs
    - MINOR: init: report the list of optionally available services
    - MEDIUM: proto_htx: Switch to infinite forwarding if there is no data filter
    - BUG/MINOR: cache: Fully consume large requests in the cache applet
    - BUG/MINOR: stats: Fully consume large requests in the stats applet
    - BUG/MEDIUM: lua: Fully consume large requests when an HTTP applet ends
    - MINOR: proto_http: Add function to handle the header "Expect: 100-continue"
    - MINOR: proto_htx: Add function to handle the header "Expect: 100-continue"
    - MINOR: stats/cache: Handle the header Expect when applets are registered
    - MINOR: http/applets: Handle all applets intercepting HTTP requests the same way
    - CLEANUP: cache: don't export http_cache_applet anymore
    - MINOR: lua: Don't handle the header Expect in lua HTTP applets anymore
    - BUG/MINOR: doc: Be accurate on the behavior on pool-purge-delay.
    - Revert "MEDIUM: proto_htx: Switch to infinite forwarding if there is no data filter"
    - BUG/MEDIUM: mux-h2: Make sure we destroyed the h2s once shutr/shutw is done.
    - BUG/MEDIUM: mux-h2: Don't bother keeping the h2s if detaching and nothing to send.
    - BUG/MEDIUM: mux-h2: Use the right list in h2_stop_senders().
    - MINOR: mux-h2: copy small data blocks more often and reduce the number of pauses
    - CLEANUP: mux-h2: add some comments to help understand the code
    - BUG/MEDIUM: ssl: ability to set TLS 1.3 ciphers using ssl-default-server-ciphersuites
    - BUG/MINOR: log: properly format IPv6 address when LOG_OPT_HEXA modifier is used.
    - BUG/MEDIUM: h2: Try to be fair when sending data.
    - BUG/MINOR: proto-http: Don't forward request body anymore on error
    - MINOR: mux-h2: Remove useless test on ES flag in h2_frt_transfer_data()
    - MINOR: connection: and new flag to mark end of input (EOI)
    - MINOR: channel: Report EOI on the input channel if it was reached in the mux
    - MEDIUM: mux-h2: Don't mix the end of the message with the end of stream
    - MINOR: mux-h1: Set CS_FL_EOI the end of the message is reached
    - BUG/MEDIUM: http/htx: Fix handling of the option abortonclose
    - CLEANUP: muxes/stream-int: Remove flags CS_FL_READ_NULL and SI_FL_READ_NULL
    - MEDIUM: proto_htx: Reintroduce the infinite forwarding on data
    - BUG/MEDIUM: h2: only destroy the h2s if h2s->cs is NULL.
    - BUG/MEDIUM: h2: Use the new sending_list in h2s_notify_send().
    - BUG/MEDIUM: h2: Follow the same logic in h2_deferred_shut than in h2_snd_buf.
    - BUG/MEDIUM: h2: Remove the tasklet from the task list if unsubscribing.
    - BUG/MEDIUM: task/h2: add an idempotent task removal fucntion
    - CLEANUP: task: only perform a LIST_DEL() when the list is not empty
    - BUG/MEDIUM: mux-h2: make sure to always notify streams of EOS condition
    - CONTRIB: debug: report the CS and CF's EOI flags
    - MINOR: channel: don't unset CF_SHUTR_NOW after shutting down.
2019-03-26 05:40:51 +01:00
Willy Tarreau
6c1b667e57 [RELEASE] Released version 2.0-dev1
Released version 2.0-dev1 with the following main changes :
    - MINOR: mux-h2: only increase the connection window with the first update
    - REGTESTS: remove the expected window updates from H2 handshakes
    - BUG/MINOR: mux-h2: make empty HEADERS frame return a connection error
    - BUG/MEDIUM: mux-h2: mark that we have too many CS once we have more than the max
    - MEDIUM: mux-h2: remove padlen during headers phase
    - MINOR: h2: add a bit-based frame type representation
    - MINOR: mux-h2: remove useless check for empty frame length in h2s_decode_headers()
    - MEDIUM: mux-h2: decode HEADERS frames before allocating the stream
    - MINOR: mux-h2: make h2c_send_rst_stream() use the dummy stream's error code
    - MINOR: mux-h2: add a new dummy stream for the REFUSED_STREAM error code
    - MINOR: mux-h2: fail stream creation more cleanly using RST_STREAM
    - MINOR: buffers: add a new b_move() function
    - MINOR: mux-h2: make h2_peek_frame_hdr() support an offset
    - MEDIUM: mux-h2: handle decoding of CONTINUATION frames
    - CLEANUP: mux-h2: remove misleading comments about CONTINUATION
    - BUG/MEDIUM: servers: Don't try to reuse connection if we switched server.
    - BUG/MEDIUM: tasks: Decrement tasks_run_queue in tasklet_free().
    - BUG/MINOR: htx: send the proper authenticate header when using http-request auth
    - BUG/MEDIUM: mux_h2: Don't add to the idle list if we're full.
    - BUG/MEDIUM: servers: Fail if we fail to allocate a conn_stream.
    - BUG/MAJOR: servers: Use the list api correctly to avoid crashes.
    - BUG/MAJOR: servers: Correctly use LIST_ELEM().
    - BUG/MAJOR: sessions: Use an unlimited number of servers for the conn list.
    - BUG/MEDIUM: servers: Flag the stream_interface on handshake error.
    - MEDIUM: servers: Be smarter when switching connections.
    - MEDIUM: sessions: Keep track of which connections are idle.
    - MINOR: payload: add sample fetch for TLS ALPN
    - BUG/MEDIUM: log: don't mark log FDs as non-blocking on terminals
    - MINOR: channel: Add the function channel_add_input
    - MINOR: stats/htx: Call channel_add_input instead of updating channel state by hand
    - BUG/MEDIUM: cache: Be sure to end the forwarding when XFER length is unknown
    - BUG/MAJOR: htx: Return the good block address after a defrag
    - MINOR: lb: allow redispatch when using consistent hash
    - CLEANUP: mux-h2: fix end-of-stream flag name when processing headers
    - BUG/MEDIUM: mux-h2: always restart reading if data are available
    - BUG/MINOR: mux-h2: set the stream-full flag when leaving h2c_decode_headers()
    - BUG/MINOR: mux-h2: don't check the CS count in h2c_bck_handle_headers()
    - BUG/MINOR: mux-h2: mark end-of-stream after processing response HEADERS, not before
    - BUG/MINOR: mux-h2: only update rxbuf's length for H1 headers
    - BUG/MEDIUM: mux-h1: use per-direction flags to indicate transitions
    - BUG/MEDIUM: mux-h1: make HTX chunking consistent with H2
    - BUG/MAJOR: stream-int: Update the stream expiration date in stream_int_notify()
    - BUG/MEDIUM: proto-htx: Set SI_FL_NOHALF on server side when request is done
    - BUG/MEDIUM: mux-h1: Add a task to handle connection timeouts
    - MINOR: mux-h2: make h2c_decode_headers() return a status, not a count
    - MINOR: mux-h2: add a new dummy stream : h2_error_stream
    - MEDIUM: mux-h2: make h2c_decode_headers() support recoverable errors
    - BUG/MINOR: mux-h2: detect when the HTX EOM block cannot be added after headers
    - MINOR: mux-h2: remove a misleading and impossible test
    - CLEANUP: mux-h2: clean the stream error path on HEADERS frame processing
    - MINOR: mux-h2: check for too many streams only for idle streams
    - MINOR: mux-h2: set H2_SF_HEADERS_RCVD when a HEADERS frame was decoded
    - BUG/MEDIUM: mux-h2: decode trailers in HEADERS frames
    - MINOR: h2: add h2_make_h1_trailers to turn H2 headers to H1 trailers
    - MEDIUM: mux-h2: pass trailers to H1 (legacy mode)
    - MINOR: htx: add a new function to add a block without filling it
    - MINOR: h2: add h2_make_htx_trailers to turn H2 headers to HTX trailers
    - MEDIUM: mux-h2: pass trailers to HTX
    - MINOR: mux-h1: parse the content-length header on output and set H1_MF_CLEN
    - BUG/MEDIUM: mux-h1: don't enforce chunked encoding on requests
    - MINOR: mux-h2: make HTX_BLK_EOM processing idempotent
    - MINOR: h1: make the H1 headers block parser able to parse headers only
    - MEDIUM: mux-h2: emit HEADERS frames when facing HTX trailers blocks
    - MINOR: stream/htx: Add info about the HTX structs in "show sess all" command
    - MINOR: stream: Add the subscription events of SIs in "show sess all" command
    - MINOR: mux-h1: Add the subscription events in "show fd" command
    - BUG/MEDIUM: h1: Get the h1m state when restarting the headers parsing
    - BUG/MINOR: cache/htx: Be sure to count partial trailers
    - BUG/MEDIUM: h1: In h1_init(), wake the tasklet instead of calling h1_recv().
    - BUG/MEDIUM: server: Defer the mux init until after xprt has been initialized.
    - MINOR: connections: Remove a stall comment.
    - BUG/MEDIUM: cli: make "show sess" really thread-safe
    - BUILD: add a new file "version.c" to carry version updates
    - MINOR: stream/htx: add the HTX flags output in "show sess all"
    - MINOR: stream/cli: fix the location of the waiting flag in "show sess all"
    - MINOR: stream/cli: report more info about the HTTP messages on "show sess all"
    - BUG/MINOR: lua: bad args are returned for Lua actions
    - BUG/MEDIUM: lua: dead lock when Lua tasks are trigerred
    - MINOR: htx: Add an helper function to get the max space usable for a block
    - MINOR: channel/htx: Add HTX version for some helper functions
    - BUG/MEDIUM: cache/htx: Respect the reserve when cached objects are served
    - BUG/MINOR: stats/htx: Respect the reserve when the stats page is dumped
    - DOC: regtest: make it clearer what the purpose of the "broken" series is
    - REGTEST: mailers: add new test for 'mailers' section
    - REGTEST: Add a reg test for health-checks over SSL/TLS.
    - BUG/MINOR: mux-h1: Close connection on shutr only when shutw was really done
    - MEDIUM: mux-h1: Clarify how shutr/shutw are handled
    - BUG/MINOR: compression: Disable it if another one is already in progress
    - BUG/MINOR: filters: Detect cache+compression config on legacy HTTP streams
    - BUG/MINOR: cache: Disable the cache if any compression filter precedes it
    - REGTEST: Add some informatoin to test results.
    - MINOR: htx: Add a function to truncate all blocks after a specific offset
    - MINOR: channel/htx: Add the HTX version of channel_truncate/erase
    - BUG/MINOR: proto_htx: Use HTX versions to truncate or erase a buffer
    - BUG/CRITICAL: mux-h2: re-check the frame length when PRIORITY is used
    - DOC: Fix typo in req.ssl_alpn example (commit 4afdd138424ab...)
    - DOC: http-request cache-use / http-response cache-store expects cache name
    - REGTEST: "capture (request|response)" regtest.
    - BUG/MINOR: lua/htx: Respect the reserve when data are send from an HTX applet
    - REGTEST: filters: add compression test
    - BUG/MEDIUM: init: Initialize idle_orphan_conns for first server in server-template
    - BUG/MEDIUM: ssl: Disable anti-replay protection and set max data with 0RTT.
    - DOC: Be a bit more explicit about allow-0rtt security implications.
    - MINOR: mux-h1: make the mux_h1_ops struct static
    - BUILD: makefile: add an EXTRA_OBJS variable to help build optional code
    - BUG/MEDIUM: connection: properly unregister the mux on failed initialization
    - BUG/MAJOR: cache: fix confusion between zero and uninitialized cache key
    - REGTESTS: test case for map_regm commit 271022150d
    - REGTESTS: Basic tests for concat,strcmp,word,field,ipmask converters
    - REGTESTS: Basic tests for using maps to redirect requests / select backend
    - DOC: REGTESTS README varnishtest -Dno-htx= define.
    - MINOR: spoe: Make the SPOE filter compatible with HTX proxies
    - MINOR: checks: Store the proxy in checks.
    - BUG/MEDIUM: checks: Avoid having an associated server for email checks.
    - REGTEST: Switch to vtest.
    - REGTEST: Adapt reg test doc files to vtest.
    - BUG/MEDIUM: h1: Make sure we destroy an inactive connectin that did shutw.
    - BUG/MINOR: base64: dec func ignores padding for output size checking
    - BUG/MEDIUM: ssl: missing allocation failure checks loading tls key file
    - MINOR: ssl: add support of aes256 bits ticket keys on file and cli.
    - BUG/MINOR: backend: don't use url_param_name as a hint for BE_LB_ALGO_PH
    - BUG/MINOR: backend: balance uri specific options were lost across defaults
    - BUG/MINOR: backend: BE_LB_LKUP_CHTREE is a value, not a bit
    - MINOR: backend: move url_param_name/len to lbprm.arg_str/len
    - MINOR: backend: make headers and RDP cookie also use arg_str/len
    - MINOR: backend: add new fields in lbprm to store more LB options
    - MINOR: backend: make the header hash use arg_opt1 for use_domain_only
    - MINOR: backend: remap the balance uri settings to lbprm.arg_opt{1,2,3}
    - MINOR: backend: move hash_balance_factor out of chash
    - MEDIUM: backend: move all LB algo parameters into an union
    - MINOR: backend: make the random algorithm support a number of draws
    - BUILD/MEDIUM: da: Necessary code changes for new buffer API.
    - BUG/MINOR: stick_table: Prevent conn_cur from underflowing
    - BUG: 51d: Changes to the buffer API in 1.9 were not applied to the 51Degrees code.
    - BUG/MEDIUM: stats: Get the right scope pointer depending on HTX is used or not
    - DOC: add a missing space in the documentation for bc_http_major
    - REGTEST: checks basic stats webpage functionality
    - BUG/MEDIUM: servers: Make assign_tproxy_address work when ALPN is set.
    - BUG/MEDIUM: connections: Add the CO_FL_CONNECTED flag if a send succeeded.
    - DOC: add github issue templates
    - MINOR: cfgparse: Extract some code to be re-used.
    - CLEANUP: cfgparse: Return asap from cfg_parse_peers().
    - CLEANUP: cfgparse: Code reindentation.
    - MINOR: cfgparse: Useless frontend initialization in "peers" sections.
    - MINOR: cfgparse: Rework peers frontend init.
    - MINOR: cfgparse: Simplication.
    - MINOR: cfgparse: Make "peer" lines be parsed as "server" lines.
    - MINOR: peers: Make outgoing connection to SSL/TLS peers work.
    - MINOR: cfgparse: SSL/TLS binding in "peers" sections.
    - DOC: peers: SSL/TLS documentation for "peers"
    - BUG/MINOR: startup: certain goto paths in init_pollers fail to free
    - BUG/MEDIUM: checks: fix recent regression on agent-check making it crash
    - BUG/MINOR: server: don't always trust srv_check_health when loading a server state
    - BUG/MINOR: check: Wake the check task if the check is finished in wake_srv_chk()
    - BUG/MEDIUM: ssl: Fix handling of TLS 1.3 KeyUpdate messages
    - DOC: mention the effect of nf_conntrack_tcp_loose on src/dst
    - BUG/MINOR: proto-htx: Return an error if all headers cannot be received at once
    - BUG/MEDIUM: mux-h2/htx: Respect the channel's reserve
    - BUG/MINOR: mux-h1: Apply the reserve on the channel's buffer only
    - BUG/MINOR: mux-h1: avoid copying output over itself in zero-copy
    - BUG/MAJOR: mux-h2: don't destroy the stream on failed allocation in h2_snd_buf()
    - BUG/MEDIUM: backend: also remove from idle list muxes that have no more room
    - BUG/MEDIUM: mux-h2: properly abort on trailers decoding errors
    - MINOR: h2: declare new sets of frame types
    - BUG/MINOR: mux-h2: CONTINUATION in closed state must always return GOAWAY
    - BUG/MINOR: mux-h2: headers-type frames in HREM are always a connection error
    - BUG/MINOR: mux-h2: make it possible to set the error code on an already closed stream
    - BUG/MINOR: hpack: return a compression error on invalid table size updates
    - MINOR: server: make sure pool-max-conn is >= -1
    - BUG/MINOR: stream: take care of synchronous errors when trying to send
    - CLEANUP: server: fix indentation mess on idle connections
    - BUG/MINOR: mux-h2: always check the stream ID limit in h2_avail_streams()
    - BUG/MINOR: mux-h2: refuse to allocate a stream with too high an ID
    - BUG/MEDIUM: backend: never try to attach to a mux having no more stream available
    - MINOR: server: add a max-reuse parameter
    - MINOR: mux-h2: always consider a server's max-reuse parameter
    - MEDIUM: stream-int: always mark pending outgoing SI_ST_CON
    - MINOR: stream: don't wait before retrying after a failed connection reuse
    - MEDIUM: h2: always parse and deduplicate the content-length header
    - BUG/MINOR: mux-h2: always compare content-length to the sum of DATA frames
    - CLEANUP: h2: Remove debug printf in mux_h2.c
    - MINOR: cfgparse: make the process/thread parser support a maximum value
    - MINOR: threads: make MAX_THREADS configurable at build time
    - DOC: nbthread is no longer experimental.
    - BUG/MINOR: listener: always fill the source address for accepted socketpairs
    - BUG/MINOR: mux-h2: do not report available outgoing streams after GOAWAY
    - BUG/MINOR: spoe: corrected fragmentation string size
    - BUG/MINOR: task: fix possibly missed event in inter-thread wakeups
    - BUG/MEDIUM: servers: Attempt to reuse an unfinished connection on retry.
    - BUG/MEDIUM: backend: always call si_detach_endpoint() on async connection failure
    - SCRIPTS: add the issue tracker URL to the announce script
    - MINOR: peers: Extract some code to be reused.
    - CLEANUP: peers: Indentation fixes.
    - MINOR: peers: send code factorization.
    - MINOR: peers: Add new functions to send code and reduce the I/O handler.
    - MEDIUM: peers: synchronizaiton code factorization to reduce the size of the I/O handler.
    - MINOR: peers: Move update receive code to reduce the size of the I/O handler.
    - MINOR: peers: Move ack, switch and definition receive code to reduce the size of the I/O handler.
    - MINOR: peers: Move high level receive code to reduce the size of I/O handler.
    - CLEANUP: peers: Be more generic.
    - MINOR: peers: move error handling to reduce the size of the I/O handler.
    - MINOR: peers: move messages treatment code to reduce the size of the I/O handler.
    - MINOR: peers: move send code to reduce the size of the I/O handler.
    - CLEANUP: peers: Remove useless statements.
    - MINOR: peers: move "hello" message treatment code to reduce the size of the I/O handler.
    - MINOR: peers: move peer initializations code to reduce the size of the I/O handler.
    - CLEANUP: peers: factor the error handling code in peer_treet_updatemsg()
    - CLEANUP: peers: factor error handling in peer_treat_definedmsg()
    - BUILD/MINOR: peers: shut up a build warning introduced during last cleanup
    - BUG/MEDIUM: mux-h2: only close connection on request frames on closed streams
    - CLEANUP: mux-h2: remove two useless but misleading assignments
    - BUG/MEDIUM: checks: Check that conn_install_mux succeeded.
    - BUG/MEDIUM: servers: Only destroy a conn_stream we just allocated.
    - BUG/MEDIUM: servers: Don't add an incomplete conn to the server idle list.
    - BUG/MEDIUM: checks: Don't try to set ALPN if connection failed.
    - BUG/MEDIUM: h2: In h2_send(), stop the loop if we failed to alloc a buf.
    - BUG/MEDIUM: peers: Handle mux creation failure.
    - BUG/MEDIUM: servers: Close the connection if we failed to install the mux.
    - BUG/MEDIUM: compression: Rewrite strong ETags
    - BUG/MINOR: deinit: tcp_rep.inspect_rules not deinit, add to deinit
    - CLEANUP: mux-h2: remove misleading leftover test on h2s' nullity
    - BUG/MEDIUM: mux-h2: wake up flow-controlled streams on initial window update
    - BUG/MEDIUM: mux-h2: fix two half-closed to closed transitions
    - BUG/MEDIUM: mux-h2: make sure never to send GOAWAY on too old streams
    - BUG/MEDIUM: mux-h2: do not abort HEADERS frame before decoding them
    - BUG/MINOR: mux-h2: make sure response HEADERS are not received in other states than OPEN and HLOC
    - MINOR: h2: add a generic frame checker
    - MEDIUM: mux-h2: check the frame validity before considering the stream state
    - CLEANUP: mux-h2: remove stream ID and frame length checks from the frame parsers
    - BUG/MINOR: mux-h2: make sure request trailers on aborted streams don't break the connection
    - DOC: compression: Update the reasons for disabled compression
    - BUG/MEDIUM: buffer: Make sure b_is_null handles buffers waiting for allocation.
    - DOC: htx: make it clear that htxbuf() and htx_from_buf() always return valid pointers
    - MINOR: htx: never check for null htx pointer in htx_is_{,not_}empty()
    - MINOR: mux-h2: consistently rely on the htx variable to detect the mode
    - BUG/MEDIUM: peers: Peer addresses parsing broken.
    - BUG/MEDIUM: mux-h1: Don't add "transfer-encoding" if message-body is forbidden
    - BUG/MEDIUM: connections: Don't forget to remove CO_FL_SESS_IDLE.
    - BUG/MINOR: stream: don't close the front connection when facing a backend error
    - BUG/MEDIUM: mux-h2: wait for the mux buffer to be empty before closing the connection
    - MINOR: stream-int: add a new flag to mention that we want the connection to be killed
    - MINOR: connstream: have a new flag CS_FL_KILL_CONN to kill a connection
    - BUG/MEDIUM: mux-h2: do not close the connection on aborted streams
    - BUG/MINOR: server: fix logic flaw in idle connection list management
    - MINOR: mux-h2: max-concurrent-streams should be unsigned
    - MINOR: mux-h2: make sure to only check concurrency limit on the frontend
    - MINOR: mux-h2: learn and store the peer's advertised MAX_CONCURRENT_STREAMS setting
    - BUG/MEDIUM: mux-h2: properly consider the peer's advertised max-concurrent-streams
    - MINOR: xref: Add missing barriers.
    - MINOR: muxes: Don't bother to LIST_DEL(&conn->list) before calling conn_free().
    - MINOR: debug: Add an option that causes random allocation failures.
    - BUG/MEDIUM: backend: always release the previous connection into its own target srv_list
    - BUG/MEDIUM: htx: check the HTX compatibility in dynamic use-backend rules
    - BUG/MINOR: tune.fail-alloc: Don't forget to initialize ret.
    - BUG/MINOR: backend: check srv_conn before dereferencing it
    - BUG/MEDIUM: mux-h2: always omit :scheme and :path for the CONNECT method
    - BUG/MEDIUM: mux-h2: always set :authority on request output
    - BUG/MEDIUM: stream: Don't forget to free s->unique_id in stream_free().
    - BUG/MINOR: threads: fix the process range of thread masks
    - BUG/MINOR: config: fix bind line thread mask validation
    - CLEANUP: threads: fix misleading comment about all_threads_mask
    - CLEANUP: threads: use nbits to calculate the thread mask
    - OPTIM: listener: optimize cache-line packing for struct listener
    - MINOR: tools: improve the popcount() operation
    - MINOR: config: keep an all_proc_mask like we have all_threads_mask
    - MINOR: global: add proc_mask() and thread_mask()
    - MINOR: config: simplify bind_proc processing using proc_mask()
    - MINOR: threads: make use of thread_mask() to simplify some thread calculations
    - BUG/MINOR: compression: properly report compression stats in HTX mode
    - BUG/MINOR: task: close a tiny race in the inter-thread wakeup
    - BUG/MAJOR: config: verify that targets of track-sc and stick rules are present
    - BUG/MAJOR: spoe: verify that backends used by SPOE cover all their callers' processes
    - BUG/MAJOR: htx/backend: Make all tests on HTTP messages compatible with HTX
    - BUG/MINOR: config: make sure to count the error on incorrect track-sc/stick rules
    - DOC: ssl: Clarify when pre TLSv1.3 cipher can be used
    - DOC: ssl: Stop documenting ciphers example to use
    - BUG/MINOR: spoe: do not assume agent->rt is valid on exit
    - BUG/MINOR: lua: initialize the correct idle conn lists for the SSL sockets
    - BUG/MEDIUM: spoe: initialization depending on nbthread must be done last
    - BUG/MEDIUM: server: initialize the idle conns list after parsing the config
    - BUG/MEDIUM: server: initialize the orphaned conns lists and tasks at the end
    - MINOR: config: make MAX_PROCS configurable at build time
    - BUG/MAJOR: spoe: Don't try to get agent config during SPOP healthcheck
    - BUG/MINOR: config: Reinforce validity check when a process number is parsed
    - BUG/MEDIUM: peers: check that p->srv actually exists before using p->srv->use_ssl
    - CONTRIB: contrib/prometheus-exporter: Add a Prometheus exporter for HAProxy
    - BUG/MINOR: mux-h1: verify the request's version before dropping connection: keep-alive
    - BUG: 51d: In Hash Trie, multi header matching was affected by the header names stored globaly.
    - MEDIUM: 51d: Enabled multi threaded operation in the 51Degrees module.
    - BUG/MAJOR: stream: avoid double free on unique_id
    - BUILD/MINOR: stream: avoid a build warning with threads disabled
    - BUILD/MINOR: tools: fix build warning in the date conversion functions
    - BUILD/MINOR: peers: remove an impossible null test in intencode()
    - BUILD/MINOR: htx: fix some potential null-deref warnings with http_find_stline
    - BUG/MEDIUM: peers: Missing peer initializations.
    - BUG/MEDIUM: http_fetch: fix the "base" and "base32" fetch methods in HTX mode
    - BUG/MEDIUM: proto_htx: Fix data size update if end of the cookie is removed
    - BUG/MEDIUM: http_fetch: fix "req.body_len" and "req.body_size" fetch methods in HTX mode
    - BUILD/MEDIUM: initcall: Fix build on MacOS.
    - BUG/MEDIUM: mux-h2/htx: Always set CS flags before exiting h2_rcv_buf()
    - MINOR: h2/htx: Set the flag HTX_SL_F_BODYLESS for messages without body
    - BUG/MINOR: mux-h1: Add "transfer-encoding" header on outgoing requests if needed
    - BUG/MINOR: mux-h2: Don't add ":status" pseudo-header on trailers
    - BUG/MINOR: proto-htx: Consider a XFER_LEN message as chunked by default
    - BUG/MEDIUM: h2/htx: Correctly handle interim responses when HTX is enabled
    - MINOR: mux-h2: Set HTX extra value when possible
    - BUG/MEDIUM: htx: count the amount of copied data towards the final count
    - MINOR: mux-h2: make the H2 MAX_FRAME_SIZE setting configurable
    - BUG/MEDIUM: mux-h2/htx: send an empty DATA frame on empty HTX trailers
    - BUG/MEDIUM: servers: Use atomic operations when handling curr_idle_conns.
    - BUG/MEDIUM: servers: Add a per-thread counter of idle connections.
    - MINOR: fd: add a new my_closefrom() function to close all FDs
    - MINOR: checks: use my_closefrom() to close all FDs
    - MINOR: fd: implement an optimised my_closefrom() function
    - BUG/MINOR: fd: make sure my_closefrom() doesn't miss some FDs
    - BUG/MAJOR: fd/threads, task/threads: ensure all spin locks are unlocked
    - BUG/MAJOR: listener: Make sure the listener exist before using it.
    - MINOR: fd: Use closefrom() as my_closefrom() if supported.
    - BUG/MEDIUM: mux-h1: Report the right amount of data xferred in h1_rcv_buf()
    - BUG/MINOR: channel: Set CF_WROTE_DATA when outgoing data are skipped
    - MINOR: htx: Add function to drain data from an HTX message
    - MINOR: channel/htx: Add function to skips output bytes from an HTX channel
    - BUG/MAJOR: cache/htx: Set the start-line offset when a cached object is served
    - BUG/MEDIUM: cache: Get objects from the cache only for GET and HEAD requests
    - BUG/MINOR: cache/htx: Return only the headers of cached objects to HEAD requests
    - BUG/MINOR: mux-h1: Always initilize h1m variable in h1_process_input()
    - BUG/MEDIUM: proto_htx: Fix functions applying regex filters on HTX messages
    - BUG/MEDIUM: h2: advertise to servers that we don't support push
    - MINOR: standard: Add a function to parse uints (dotted notation).
    - MINOR: arg: Add support for ARGT_PBUF_FNUM arg type.
    - MINOR: http_fetch: add "req.ungrpc" sample fetch for gRPC.
    - MINOR: sample: Add two sample converters for protocol buffers.
    - DOC: sample: Add gRPC related documentation.
2019-02-26 16:43:49 +01:00
Willy Tarreau
fba74ea7b0 [RELEASE] Released version 2.0-dev0
Released version 2.0-dev0 with the following main changes :
    - BUG/MAJOR: connections: Close the connection before freeing it.
    - REGTEST: Require the option LUA to run lua tests
    - REGTEST: script: Process script arguments before everything else
    - REGTEST: script: Evaluate the varnishtest command to allow quoted parameters
    - REGTEST: script: Add the option --clean to remove previous log direcotries
    - REGTEST: script: Add the option --debug to show logs on standard ouput
    - REGTEST: script: Add the option --keep-logs to keep all log directories
    - REGTEST: script: Add the option --use-htx to enable the HTX in regtests
    - REGTEST: script: Print only errors in the results report
    - REGTEST: Add option to use HTX prefixed by the macro 'no-htx'
    - REGTEST: Make reg-tests target support argument.
    - REGTEST: Fix a typo about barrier type.
    - REGTEST: Be less Linux specific with a syslog regex.
    - REGTEST: Missing enclosing quotes for ${tmpdir} macro.
    - REGTEST: Exclude freebsd target for some reg tests.
    - BUG/MEDIUM: h2: Don't forget to quit the sending_list if SUB_CALL_UNSUBSCRIBE.
    - BUG/MEDIUM: mux-h2: Don't forget to quit the send list on error reports
    - BUG/MEDIUM: dns: Don't prevent reading the last byte of the payload in dns_validate_response()
    - BUG/MEDIUM: dns: overflowed dns name start position causing invalid dns error
    - BUG/MINOR: compression/htx: Don't compress responses with unknown body length
    - BUG/MINOR: compression/htx: Don't add the last block of data if it is empty
    - MEDIUM: mux_h1: Implement h1_show_fd.
    - REGTEST: script: Add support of alternatives in requited options list
    - REGTEST: Add a basic test for the compression
    - BUG/MEDIUM: mux-h2: don't needlessly wake up the demux on short frames
    - REGTEST: A basic test for "http-buffer-request"
    - BUG/MEDIUM: server: Also copy "check-sni" for server templates.
    - MINOR: ssl: Add ssl_sock_set_alpn().
    - MEDIUM: checks: Add check-alpn.
2018-12-22 11:20:35 +01:00
Willy Tarreau
822305067b [RELEASE] Released version 1.9.0
Released version 1.9.0 with the following main changes :
    - BUG/MEDIUM: compression: Use the right buffer pointers to compress input data
    - BUG/MINOR: mux_pt: Set CS_FL_WANT_ROOM when count is zero in rcv_buf() callback
    - BUG/MEDIUM: connection: Add a new CS_FL_ERR_PENDING flag to conn_streams.
    - CONTRIB: debug: teach the "flags" utility about new conn_stream flags
    - BUG/MEDIUM: stream-int: always clear CS_FL_WANT_ROOM before receiving
    - BUG/MEDIUM: mux-h2: also restart demuxing when data are pending in demux
    - BUG/MEDIUM: mux-h2: restart demuxing as soon as demux data are available
    - BUG/MEDIUM: h2: fix aggregated cookie length computation in HTX mode
    - MINOR: mux-h2: report more h2c, last h2s and cs information on "show fd"
    - CONTRIB: debug: report stream-int's flag SI_FL_CLEAN_ABRT
    - MINOR: cli/stream: add the conn_stream in "show sess" output
    - BUG/MINOR: mux-h2: don't report a fantom h2s in "show fd"
    - BUG/MINOR: cli/fd: don't isolate the thread for each individual fd
    - MINOR: objtype: report a few missing types in names and base pointers
    - BUG/MEDIUM: mux-h2: make sure to report synchronous errors after EOS
    - BUG/MEDIUM: mux-h2: report asynchronous errors in h2_wake_some_streams()
    - BUG/MEDIUM: mux-h2: make sure the demux also wakes streams up on errors
    - BUG/MINOR: mux-h1: report the correct frontend in error captures
    - BUG/MEDIUM: stream-int: also wake the stream up on end of transfer
    - MEDIUM: h2: properly check and deduplicate the content-length header in HTX
    - BUG/MEDIUM: stream: Forward the right amount of data before infinite forwarding
    - BUG/MINOR: proto_htx: Call the HTX version of the function managing client cookies
    - BUG/MEDIUM: lua/htx: Handle EOM in receive/get_line calls in HTTP applets
    - BUG/MINOR: lua: Return an error if a legacy HTTP applet doesn't send anything
    - MINOR: compression: Remove the thread_local variable buf_output
    - CLEANUP: connection: rename subscription events values and event field
    - CLEANUP: connection: rename conn->mux_ctx to conn->ctx
    - MINOR: connection: remove an unwelcome dependency on struct stream
    - CLEANUP: stream-int: consistently call the si/stream_int functions
    - BUG/MEDIUM: h1: Don't shutw/shutr the connection if we have keepalive.
    - BUG/MEDIUM: H2: Make sure htx is set even on empty frames.
    - BUG/MEDIUM: mux-h2: pass CS_FL_ERR_PENDING to h2_wake_some_streams()
    - MEDIUM: stream-int: always consider all CS errors on the send side
    - BUG/MEDIUM: h2: Make sure we don't set CS_FL_ERROR if there's still data.
    - CLEANUP: mux-h2: implement h2s_notify_{send,recv} to report events to subscribers
    - MINOR: mux-h2: add a new function h2s_alert() to call the data layer
    - BUG/MEDIUM: mux-h2: make use of h2s_alert() to report aborts
    - MINOR: connection: add cs_set_error() to set the error bits
    - CLEANUP: mux-h2: make use of cs_set_error()
    - BUG/MINOR: mux-h2: make sure we check the conn_stream in early data
    - BUG/MEDIUM: h2: Don't wait for flow control if the connection had a shutr.
    - MINOR: cli/show_fd: report that a connection is back or not
    - SCRIPTS: add the slack channel URL to the announce script
    - CLEANUP: remove my name and address from the copyright banner
    - DOC: mention in the readme that 1.9 is a stable version now
2018-12-19 19:13:17 +01:00
Willy Tarreau
2a7d6502bf [RELEASE] Released version 1.9-dev11
Released version 1.9-dev11 with the following main changes :
    - BUG/MEDIUM: connection: Don't use the provided conn_stream if it was tried.
    - REGTEST/MINOR: remove double body specification for server txresp
    - BUG/MEDIUM: connections: Remove error flags when retrying.
    - REGTEST/MINOR: skip seamless-reload test with abns socket on freebsd
    - REGTEST/MINOR: remove health-check that can make the test fail
    - DOC: clarify that check-sni needs an argument.
    - DOC: refer to check-sni in the documentation of sni
    - BUG/MEDIUM: mux-h2: fix encoding of non-GET/POST methods
    - BUG/MINOR: mux-h1: Fix conn_mode processing for headerless outgoing messages
    - BUG/MEDIUM: mux-h1: Add a BUSY mode to not loop on pipelinned requests
    - BUG/MEDIUM: mux-h1: Don't loop on the headers parsing if the read0 was received
    - BUG/MEDIUM: htx: Always do a defrag if a block value is replace by a bigger one
    - BUG/MEDIUM: mux-h2: Don't forget to set the CS_FL_EOS flag with htx.
    - BUG/MINOR: hpack: fix off-by-one in header name encoding length calculation
    - CLEANUP: hpack: no need to include chunk.h, only include buf.h
    - MINOR: hpack: simplify the len to bytes conversion
    - MINOR: hpack: use ist2bin() to copy header names in hpack_encode_header()
    - MINOR: hpack: optimize header encoding for short names
    - CONTRIB: hpack: add a compressed stream generator for the encoder
    - MEDIUM: hpack: make it possible to encode any static header name
    - MINOR: hpack: move the length computation and encoding functions to .h
    - MINOR: hpack: provide a function to encode a short indexed header
    - MINOR: hpack: provide a function to encode a long indexed header
    - MINOR: hpack: provide new functions to encode the ":status" header
    - MEDIUM: mux-h2: make use of standard HPACK encoding functions for the status
    - MINOR: hpack: provide a function to encode an HTTP method
    - MEDIUM: mux-h2: make use of hpack_encode_method() to encode the method
    - MINOR: hpack: provide a function to encode an HTTP scheme
    - MEDIUM: mux-h2: make use of hpack_encode_scheme() to encode the scheme
    - MINOR: hpack: provide a function to encode an HTTP path
    - MEDIUM: mux-h2: make use of hpack_encode_path() to encode the path
    - REGTEST: add the HTTP rules test involving HTX processing
    - REORG: connection: centralize the conn_set_{tos,mark,quickack} functions
    - MEDIUM: cli: rework the CLI proxy parser
    - MINOR: cli: parse prompt command in the CLI proxy
    - MINOR: cli: implements 'quit' in the CLI proxy
    - BUG/MINOR: cli: wait for payload data even without prompt
    - MEDIUM: cli: handle payload in CLI proxy
    - MINOR: cli: use pcli_flags for prompt activation
    - MINOR: compression: Rename the function check_legacy_http_comp_flt()
    - MINOR: cache/htx: Don't use the same cache on HTX and legacy HTTP proxies
    - MINOR: cache: Register the cache as a data filter only if response is cacheable
    - MEDIUM: cache/htx: Add the HTX support into the cache
    - MINOR: cache: Improve and simplify the cache configuration check
    - MINOR: filters: Export the name of known filters
    - MEDIUM: cache/compression: Add a way to safely combined compression and cache
    - MEDIUM: cache: Require an explicit filter declaration if other filters are used
    - REORG: htx: merge types+proto into common/htx.h
    - REORG: http: create http_msg.c to place there some legacy HTTP parts
    - REORG: h1: move legacy http functions to http_msg.c
    - REORG: h1: move the h1_state definition to proto_http
    - CLEANUP: h1: remove some occurrences of unneeded h1.h inclusions
    - REORG: h1: merge types+proto into common/h1.h
    - CLEANUP: stream: remove SF_TUNNEL, SF_INITIALIZED, SF_CONN_TAR
    - MEDIUM: mux-h1: implement true zero-copy of DATA blocks
    - MINOR: config: round up global.tune.bufsize to the next multiple of 2 void*
    - BUG/MINOR: mux-h2: refrain from muxing during the preface
    - BUG/MINOR: mux-h2: advertise a larger connection window size
    - DOC: master CLI documentation in management.txt
    - MINOR: mux-h2: avoid copying large blocks into full buffers
    - MEDIUM: mux-h2: implement true zero-copy send of large HTX DATA blocks
    - MINOR: mux-h2: force reads to be HTX-aligned in HTX mode
    - MINOR: cli: change 'show proc' output of old processes
    - BUG/MEDIUM: mux-h1: Fix the zero-copy on output for chunked messages
    - BUG: dns: Prevent stack-exhaustion via recursion loop in dns_read_name
    - BUG: dns: Prevent out-of-bounds read in dns_read_name()
    - BUG: dns: Prevent out-of-bounds read in dns_validate_dns_response()
    - BUG: dns: Fix out-of-bounds read via signedness error in dns_validate_dns_response()
    - BUG: dns: Fix off-by-one write in dns_validate_dns_response()
    - REGTEST: the cache regtest requires haproxy 1.9
    - MEDIUM: cli: store CLI level in the appctx
    - MEDIUM: cli: show and change CLI permissions
    - CLEANUP: cli: use dedicated define instead of appctx ones
    - MEDIUM: cli: handle CLI level from the master CLI
    - BUG/MEDIUM: cli: handle correctly prefix and payload
    - BUILD: Makefile: Implements the help target
    - REGTESTS: adjust the http-rules regtest to support window updates
    - BUG/MEDIUM: connections: Remove CS_FL_EOS | CS_FL_REOS on retry.
    - BUG/MEDIUM: stream_interface: Don't report read0 if we were not connected.
    - BUG/MEDIUM: connection: Just make sure we closed the fd on connection failure.
    - MEDIUM: mux: Add an optional "reset" method.
    - BUG/MEDIUM: mux-h1: Fix loop if server closes its connection with unparsed data
    - MINOR: mux-h1: Add helper functions to wake a stream from recv or send
    - BUG/MEDIUM: mux-h1: Wake the stream for send once the connection is established
    - BUG/MEDIUM: connections: Don't attempt to reuse an unusable connection.
    - MEDIUM: htx: Try to take a connection over if it has no owner.
    - REGTEST: Reg testing improvements.
    - REGTEST: Add a first test for health-checks.
    - REGTEST: Reg test for "check" health-check option.
    - REGTEST: level 1 health-check test 2.
    - REGTEST: Add miscellaneous reg tests for health-checks.
    - REGTEST: add a few HTTP messaging tests
    - MINOR: lb: make the leastconn algorithm more accurate
    - REGTEST: fix missing space in checks/s00001
    - REGTEST: http-messaging: add "option http-buffer-request" for H2 tests
    - BUG/MEDIUM: cache: fix random crash on filter parser's error path
    - MINOR: connection: realign empty buffers in muxes, not transport layers
    - MINOR: mux_h1/h2: simplify the zero-copy Rx alignment
    - MINOR: backend: count the number of connect and reuse per server and per backend
    - BUG/MINOR: stats: fix inversion of failed header rewrites and other statuses
    - MINOR: tools: increase the number of ITOA strings to 16
    - MINOR: cache: report the number of cache lookups and cache hits
    - MEDIUM: tasks: check the global task mask instead of the thread number
    - MINOR: mworker: set all_threads_mask and pid_bit to 1
    - BUG/MINOR: proto_htx: Fix htx_res_set_status to also set the reason
    - BUG/MINOR: stats: Parse post data for HTX streams
    - MINOR: payload/htx: Adapt smp_fetch_len to be HTX aware
    - MINOR: http_fecth: Implement body_len and body_size sample fetches for the HTX
    - MAJOR: lua: Forbid calls to Channel functions for LUA scripts in HTTP proxies
    - MEDIUM: lua/htx: Adapt functions of the HTTP to be compatible with HTX
    - MINOR: lua/htx: Adapt the functions get_in_length and is_full to be HTX aware
    - MAJOR: lua/htx: Adapt HTTP applets to support HTX messages
    - MINOR: lua: Remove useless check on the messages state in HTTP functions
    - BUG/MEDIUM: htx: When performing zero-copy, start from the right offset.
    - BUG/MINOR: mworker: don't use unitialized mworker_proc struct
    - MINOR: mworker/cli: indicate in the master prompt when a reload failed
    - MINOR: cli: implements 'reload' on master CLI
    - BUG/MEDIUM: log: Don't call sample_fetch_as_type if we don't have a stream.
    - BUG/MEDIUM: mux-h1: make sure we always have at least one HTX block to send
    - BUG/MAJOR: backend: only update server's counters when the server exists
    - MINOR: tools: preset the port of fd-based "sockets" to zero
    - BUG/MINOR: log: fix logging to both FD and IP
    - REGTEST: Add a reg test for HTTP cookies.
    - BUILD: ssl: Fix compilation without deprecated OpenSSL 1.1 APIs
    - BUILD: thread: properly report multi-thread support
    - BUG/MINOR: logs: leave startup-logs global and not per-thread
    - BUG/MEDIUM: threads: don't close the thread waker pipe if not init
    - BUG/MAJOR: compression/cache: Make it really works with these both filters
    - BUG/MEDIUM: h2: Don't forget to destroy the h2s after deferred shut.
    - MEDIUM: proxy: Set http-reuse safe as default.
    - MEDIUM: servers: Add a command to limit the number of idling connections.
    - MEDIUM: servers: Replace idle-timeout with pool-purge-delay.
    - MEDIUM: mux: Destroy the stream before trying to add the conn to the idle list.
    - MEDIUM: mux: provide the session to the init() and attach() method.
    - MEDIUM: sessions: Don't keep an infinite number of idling connections.
    - MEDIUM: servers: Be more agressive when adding H2 connection to idle lists.
    - MEDIUM: mux_h2: Always set CS_FL_NOT_FIRST for new conn_streams.
    - BUG/MEDIUM: htx/cache: use the correct class of error codes on abort
    - BUG/MINOR: cache: also consider CF_SHUTR to abort delivery
    - MINOR: pools: Cast to volatile int * instead of int *.
    - MINOR: debug: make the ABORT_NOW macro use a volatile int
    - BUG/MEDIUM: h2: Don't destroy the h2s if it still has a cs attached.
    - BUG/MEDIUM: mux-h1: don't try to process an empty input buffer
    - DOC: clarify the agent-check status line syntax
    - BUG/MAJOR: hpack: fix length check for short names encoding
    - DOC: split the README into README + INSTALL
2018-12-16 22:35:06 +01:00
Willy Tarreau
72e9227385 [RELEASE] Released version 1.9-dev10
Released version 1.9-dev10 with the following main changes :
    - MINOR: htx: Rename functions htx_*_to_str() to be H1 specific
    - BUG/MINOR: htx: Force HTTP/1.1 on H1 formatting when version is 1.1 or above
    - BUG/MINOR: fix ssl_fc_alpn and actually add ssl_bc_alpn
    - BUG/MEDIUM: mworker: stop proxies which have no listener in the master
    - BUG/MEDIUM: h1: Destroy a connection after detach if it has no owner.
    - BUG/MEDIUM: h2: Don't forget to wake the tasklet after shutr/shutw.
    - BUG/MINOR: flt_trace/compression: Use the right flag to add the HTX support
    - BUG/MEDIUM: stream_interface: Make REALLY sure we read all the data.
    - MEDIUM: mux-h1: Revamp the way subscriptions are handled.
    - BUG/MEDIUM: mux-h1: Always set CS_FL_RCV_MORE when data are received in h1_recv()
    - MINOR: mux-h1: Make sure to return 1 in h1_recv() when needed
    - BUG/MEDIUM: mux-h1: Release the mux H1 in h1_process() if there is no h1s
    - BUG/MINOR: proto_htx: Truncate the request when an error is detected
    - BUG/MEDIUM: h2: When sending in HTX, make sure the caller knows we sent all.
    - BUG/MEDIUM: mux-h2: properly update the window size in HTX mode
    - BUG/MEDIUM: mux-h2: make sure to always report HTX EOM when consumed by headers
    - BUG/MEDIUM: mux-h2: stop sending HTX once the mux is blocked
    - BUG/MEDIUM: mux-h2: don't send more HTX data than requested
    - MINOR: mux-h2: stop on non-DATA and non-EOM HTX blocks
    - BUG/MEDIUM: h1: Correctly report used data with no len.
    - MEDIUM: h1: Realign the ibuf before calling rcv_buf if needed.
    - BUG/MEDIUM: mux_pt: Always set CS_FL_RCV_MORE.
    - MINOR: htx: make htx_from_buf() adjust the size only on new buffers
    - MINOR: htx: add buf_room_for_htx_data() to help optimize buffer transfers
    - MEDIUM: mux-h1: make use of buf_room_for_htx_data() instead of b_room()
    - MEDIUM: mux-h1: attempt to zero-copy Rx DATA transfers
    - MEDIUM: mux-h1: avoid a double copy on the Tx path whenever possible
    - BUG/MEDIUM: stream-int: don't mark as blocked an empty buffer on Rx
    - BUG/MINOR: mux-h1: Check h1m flags to set the server conn_mode on request path
    - MEDIUM: htx: Rework conversion from a buffer to an htx structure
    - MEDIUM: channel/htx: Add functions for forward HTX data
    - MINOR: mux-h1: Don't adjust anymore the amount of data sent in h1_snd_buf()
    - CLEANUP: htx: Fix indentation here and there in HTX files
    - MINOR: mux-h1: Allow partial data consumption during outgoing data processing
    - BUG/MEDIUM: mux-h2: use the correct offset for the HTX start line
    - BUG/MEDIUM: mux-h2: stop sending using HTX on errors
    - MINOR: mux-h1: Drain obuf if the output is closed after sending data
    - BUG/MEDIUM: mworker: stop every tasks in the master
    - BUG/MEDIUM: htx: Set the right start-line offset after a defrag
    - BUG/MEDIUM: stream: Don't dereference s->txn when it is not there yet.
    - BUG/MEDIUM: connections: Reuse an already attached conn_stream.
    - MINOR: stream-int: add a new blocking condition on the remote connection
    - BUG/MEDIUM: stream-int: don't attempt to receive if the connection is not established
    - BUG/MEDIUM: lua: block on remote connection establishment
    - BUG/MEDIUM: mworker: fix several typos in mworker_cleantasks()
    - SCRIPTS/REGTEST: merge grep+sed into sed in run-regtests
    - BUG/MEDIUM: connections: Split CS_FL_RCV_MORE into 2 flags.
    - BUG/MEDIUM: h1: Don't free the connection if it's an outgoing connection.
    - BUG/MEDIUM: h1: Set CS_FL_REOS if we had a read0.
    - BUG/MEDIUM: mux-h1: Be sure to have a conn_stream to set CS_FL_REOS in h1_recv
    - REGTEST: Move LUA reg test 4 to level 1.
    - MINOR: ist: add functions to copy/uppercase/lowercase into a buffer or string
    - MEDIUM: ist: always turn header names to lower case
    - MINOR: h2: don't turn HTX header names to lower case anymore
    - MEDIUM: ist: use local conversion arrays to case conversion
    - MINOR: htx: switch to case sensitive search of lower case header names
    - MINOR: mux-h1: Set CS_FL_EOS when read0 is detected and no data are pending
    - BUG/MINOR: stream-int: Process read0 even if no data was received in si_cs_recv
    - REGTEST: fix the Lua test file name in test lua/h00002 :-)
    - REGTEST: add a basic test for HTTP rules manipulating headers
    - BUG/MEDIUM: sample: Don't treat SMP_T_METH as SMP_T_STR.
    - MINOR: sample: add bc_http_major
    - BUG/MEDIUM: htx: fix typo in htx_replace_stline() making it fail all the time
    - REGTEST: make the HTTP rules test compatible with HTTP/2 as well
    - BUG/MEDIUM: h2: Don't try to chunk data when using HTX.
    - MINOR: compiler: add a new macro ALREADY_CHECKED()
    - BUILD: h2: mark the start line already checked to avoid warnings
    - BUG/MINOR: mux-h1: Remove the connection header when it is useless
2018-12-08 16:20:55 +01:00
Willy Tarreau
da7e3be36f [RELEASE] Released version 1.9-dev9
Released version 1.9-dev9 with the following main changes :
    - BUILD/MINOR: ssl: fix build with non-alpn/non-npn libssl
    - BUG/MINOR: mworker: Do not attempt to close(2) fd -1
    - BUILD: compression: fix build error with DEFAULT_MAXZLIBMEM
    - MINOR: compression: always create the compression pool
    - BUG/MEDIUM: mworker: fix FD leak upon reload
    - BUILD: htx: fix fprintf format inconsistency on 32-bit platforms
    - BUILD: buffers: buf.h requires unistd to get ssize_t on libmusl
    - MINOR: initcall: introduce a way to register init functions to call at boot
    - MINOR: init: process all initcalls in order at boot time
    - MEDIUM: init: convert all trivial registration calls to initcalls
    - MINOR: thread: provide a set of lock initialisers
    - MINOR: threads: add new macros to declare self-initializing locks
    - MEDIUM: init: use self-initializing spinlocks and rwlocks
    - MINOR: initcall: apply initcall to all register_build_opts() calls
    - MINOR: initcall: use initcalls for most post_{check,deinit} and per_thread*
    - MINOR: initcall: use initcalls for section parsers
    - MINOR: memory: add a callback function to create a pool
    - MEDIUM: init: use initcall for all fixed size pool creations
    - MEDIUM: memory: use pool_destroy_all() to destroy all pools on deinit()
    - MEDIUM: initcall: use initcalls for a few initialization functions
    - MEDIUM: memory: make the pool cache an array and not a thread_local
    - MINOR: ssl: free ctx when libssl doesn't support NPN
    - BUG/MINOR: proto_htx: only mark connections private if NTLM is detected
    - MINOR: h2: make struct h2_ops static
    - BUG/MEDIUM: mworker: avoid leak of client socket
    - REORG: mworker: declare master variable in global.h
    - BUG/MEDIUM: listeners: CLOEXEC flag is not correctly set
    - CLEANUP: http: Fix typo in init_http's comment
    - BUILD: Makefile: Disable -Wcast-function-type if it exists.
    - BUG/MEDIUM: h2: Don't bogusly error if the previous stream was closed.
    - REGTEST/MINOR: script: add run-regtests.sh script
    - REGTEST: Add a basic test for the cache.
    - BUG/MEDIUM: mux_pt: Don't forget to unsubscribe() on attach.
    - BUG/MINOR: ssl: ssl_sock_parse_clienthello ignores session id
    - BUG/MEDIUM: connections: Wake the stream once the mux is chosen.
    - BUG/MEDIUM: connections: Don't forget to detach the connection from the SI.
    - BUG/MEDIUM: stream_interface: Don't check if the handshake is done.
    - BUG/MEDIUM: stream_interface: Make sure we read all the data available.
    - BUG/MEDIUM: h2: Call h2_process() if there's an error on the connection.
    - REGTEST: Fix several issues.
    - REGTEST: lua: check socket functionality from a lua-task
    - BUG/MEDIUM: session: Remove the session from the session_list in session_free.
    - BUG/MEDIUM: streams: Don't assume we have a CS in sess_update_st_con_tcp.
    - BUG/MEDIUM: connections: Don't assume we have a mux in connect_server().
    - BUG/MEDIUM: connections: Remove the connection from the idle list before destroy.
    - BUG/MEDIUM: session: properly clean the outgoing connection before freeing.
    - BUG/MEDIUM: mux_pt: Don't try to send if handshake is not done.
    - MEDIUM: connections: Put H2 connections in the idle list if http-reuse always.
    - MEDIUM: h2: Destroy a connection with no stream if it has no owner.
    - MAJOR: sessions: Store multiple outgoing connections in the session.
    - MEDIUM: session: Steal owner-less connections on end of transaction.
    - MEDIUM: server: Be smarter about deciding to reuse the last server.
    - BUG/MEDIUM: Special-case http_proxy when dealing with outgoing connections.
    - BUG/MINOR: cfgparse: Fix transition between 2 sections with the same name
    - BUG/MINOR: http: Use out buffer instead of trash to display error snapshot
    - BUG/MINOR: htx: Fix block size calculation when a start-line is added/replaced
    - BUG/MINOR: mux-h1: Fix processing of "Connection: " header on outgoing messages
    - BUG/MEDIUM: mux-h1: Reset the H1 parser when an outgoing message is processed
    - BUG/MINOR: proto_htx: Send outgoing data to client to start response processing
    - BUG/MINOR: htx: Stop a header or a start line lookup on the first EOH or EOM
    - BUG/MINOR: connection: report mux modes when HTX is supported
    - MINOR: htx: add a function to cut the beginning of a DATA block
    - MEDIUM: conn_stream: Add a way to get mux's info on a CS from the upper layer
    - MINOR: mux-h1: Implement get_cs_info() callback
    - MINOR: stream: Rely on CS's info if it exists and fallback on session's ones
    - MINOR: proto_htx: Use conn_stream's info to set t_idle duration when possible
    - MINOR: mux-h1: Don't rely on the stream anymore in h1_set_srv_conn_mode()
    - MINOR: mux-h1: Write last chunk and trailers if not found in the HTX message
    - MINOR: mux-h1: Be prepare to fail when EOM is added during trailers parsing
    - MINOR: mux-h1: Subscribe to send in h1_snd_buf() when not all data have been sent
    - MINOR: mux-h1: Consume channel's data in a loop in h1_snd_buf()
    - MEDIUM: mux-h1: Add keep-alive outgoing connections in connections list
    - MINOR: htx: Add function to add an HTX block just before another one
    - MINOR: htx: Add function to iterate on an HTX message using HTX blocks
    - MINOR: htx: Add a function to find the HTX block corresponding to a data offset
    - MINOR: stats: Don't add end-of-data marker and trailers in the HTX response
    - MEDIUM: htx: Change htx_sl to be a struct instead of an union
    - MINOR: htx: Add the start-line offset for the HTX message in the HTX structure
    - MEDIUM: htx: Don't rely on h1_sl anymore except during H1 header parsing
    - MINOR: proto-htx: Use the start-line flags to set the HTTP messsage ones
    - MINOR: htx: Add BODYLESS flags on the HTX start-line and the HTTP message
    - MINOR: proto_htx: Use full HTX messages to send 100-Continue responses
    - MINOR: proto_htx: Use full HTX messages to send 103-Early-Hints responses
    - MINOR: proto_htx: Use full HTX messages to send 401 and 407 responses
    - MINOR: proto_htx: Send valid HTX message when redir mode is enabled on a server
    - MINOR: proto_htx: Send valid HTX message to send 30x responses
    - MEDIUM: proto_htx: Convert all HTTP error messages into HTX
    - MINOR: mux-h1: Process conn_mode on the EOH when no connection header is found
    - MINOR: mux-h1: Change client conn_mode on an explicit close for the response
    - MINOR: mux-h1: Capture bad H1 messages
    - MAJOR: filters: Adapt filters API to be compatible with the HTX represenation
    - MEDIUM: proto_htx/filters: Add data filtering during the forwarding
    - MINOR: flt_trace: Adapt to be compatible with the HTX representation
    - MEDIUM: compression: Adapt to be compatible with the HTX representation
    - MINOR: h2: implement H2->HTX request header frame transcoding
    - MEDIUM: mux-h2: register mux for both HTTP and HTX modes
    - MEDIUM: mux-h2: make h2_rcv_buf() support HTX transfers
    - MEDIUM: mux-h2: make h2_snd_buf() HTX-aware
    - MEDIUM: mux-h2: add basic H2->HTX transcoding support for headers
    - MEDIUM: mux-h2: implement emission of H2 headers frames from HTX blocks
    - MEDIUM: mux-h2: implement the emission of DATA frames from HTX DATA blocks
    - MEDIUM: mux-h2: support passing H2 DATA frames to HTX blocks
    - BUG/MINOR: cfgparse: Fix the call to post parser of the last sections parsed
    - BUG/MEDIUM: mux-h2: don't lose the first response header in HTX mode
    - BUG/MEDIUM: mux-h2: remove the HTX EOM block on H2 response headers
    - MINOR: listener: the mux_proto entry in the bind_conf is const
    - MINOR: connection: create conn_get_best_mux_entry()
    - MINOR: server: the mux_proto entry in the server is const
    - MINOR: config: make sure to associate the proper mux to bind and servers
    - MINOR: hpack: add ":path" to the list of common header fields
    - MINOR: h2: add new functions to produce an HTX message from an H2 response
    - MINOR: mux-h2: mention that the mux is compatible with both sides
    - MINOR: mux-h2: implement an outgoing stream allocator : h2c_bck_stream_new()
    - MEDIUM: mux-h2: start to create the outgoing mux
    - MEDIUM: mux-h2: implement encoding of H2 request on the backend side
    - MEDIUM: mux-h2: make h2_frt_decode_headers() direction-agnostic
    - MEDIUM: mux-h2: make h2_process_demux() capable of processing responses as well
    - MEDIUM: mux-h2: Implement h2_attach().
    - MEDIUM: mux-h2: Don't bother flagging outgoing connections as TOOMANY.
    - REGTEST: Fix LEVEL 4 script 0 of "connection" module.
    - MINOR: connection: Fix a comment.
    - MINOR: mux: add a "max_streams" method.
    - MEDIUM: servers: Add a way to keep idle connections alive.
    - CLEANUP: fix typos in the htx subsystem
    - CLEANUP: Fix typo in the chunk headers file
    - CLEANUP: Fix typos in the h1 subsystem
    - CLEANUP: Fix typos in the h2 subsystem
    - CLEANUP: Fix a typo in the mini-clist header
    - CLEANUP: Fix a typo in the proto_htx subsystem
    - CLEANUP: Fix typos in the proto_tcp subsystem
    - CLEANUP: Fix a typo in the signal subsystem
    - CLEANUP: Fix a typo in the session subsystem
    - CLEANUP: Fix a typo in the queue subsystem
    - CLEANUP: Fix typos in the shctx subsystem
    - CLEANUP: Fix typos in the socket pair protocol subsystem
    - CLEANUP: Fix typos in the map management functions
    - CLEANUP: Fix typo in the fwrr subsystem
    - CLEANUP: Fix typos in the cli subsystem
    - CLEANUP: Fix typo in the 51d subsystem
    - CLEANUP: Fix a typo in the base64 subsystem
    - CLEANUP: Fix a typo in the connection subsystem
    - CLEANUP: Fix a typo in the protocol header file
    - CLEANUP: Fix a typo in the checks header file
    - CLEANUP: Fix typos in the file descriptor subsystem
    - CLEANUP: Fix a typo in the listener subsystem
    - BUG/MINOR: lb-map: fix unprotected update to server's score
    - BUILD: threads: fix minor build warnings when threads are disabled
2018-12-02 19:31:37 +01:00
Willy Tarreau
0b936ad946 [RELEASE] Released version 1.9-dev8
Released version 1.9-dev8 with the following main changes :
    - REORG: config: extract the global section parser into cfgparse-global
    - REORG: config: extract the proxy parser into cfgparse-listen.c
    - BUILD: update the list of supported targets and compilers in makefile and readme
    - BUILD: reorder the objects in the makefile
    - BUILD: Makefile: make "V=1" show some of the commands that are executed
    - BUILD: Makefile: add the quiet mode to a few more targets
    - BUILD: Makefile: add "$(Q)" to clean, tags and cscope targets
    - BUILD: Makefile: switch to quiet mode by default for CC/LD/AR
    - MINOR: cli: format `show proc` to be more readable
    - MINOR: cli: displays uptime in `show proc`
    - MINOR: cli: show master information in 'show proc'
    - BUG/MEDIUM: hpack: fix encoding of "accept-ranges" field
    - MAJOR: mux-h1: Remove the rxbuf and decode HTTP messages in channel's buffer
    - BUG/MINOR: mux-h1: Enable keep-alive on server side
    - BUG/MEDIUM: mux-h1: Fix freeze when the kernel splicing is used
    - BUG/MEDIUM: mux-h1: Don't set the flag CS_FL_RCV_MORE when nothing was parsed
    - BUG/MINOR: stats/htx: Remove channel's output when the request is eaten
    - BUG/MINOR: proto_htx: Fix request/response synchronisation on error
    - MINOR: stream-int: Notify caller when an error is reported after a rcv_pipe()
    - MINOR: stream-int: Notify caller when an error is reported after a rcv_buf()
    - BUG/MINOR: stream-int: Don't call snd_buf() if there are still data in the pipe
    - MINOR: stream-int: remove useless checks on CS and conn flags in si_cs_send()
    - BUG/MINOR: config: Be aware of the HTX during the check of mux protocols
    - BUG/MINOR: mux-htx: Fix bad test on h1c flags in h1_recv_allowed()
    - MEDIUM: mworker: wait mode use standard init code path
    - MINOR: log: introduce ha_notice()
    - MINOR: mworker: use ha_notice to announce a new worker
    - BUG/MEDIUM: http_fetch: Make sure name is initialized before http_find_header.
    - MINOR: cli: add mworker_accept_wrapper to 'show fd'
    - MEDIUM: signal: signal_unregister() removes every handlers
    - BUG/MEDIUM: mworker: unregister the signals of main()
    - MINOR: cli: add a few missing includes in proto/cli.h
    - REORG: time/activity: move activity measurements to activity.{c,h}
    - MINOR: activity: report the average loop time in "show activity"
    - MINOR: activity: add configuration and CLI support for "profiling.tasks"
    - MEDIUM: tasks: collect per-task CPU time and latency
    - MINOR: sample: add cpu_calls, cpu_ns_avg, cpu_ns_tot, lat_ns_avg, lat_ns_tot
    - MINOR: cli/activity: rename the stolen CPU time fields to mention milliseconds
    - BUG/MINOR: cli: Fix memory leak
    - BUG/MINOR: mworker: fix FD leak and memory leak in error path
    - MINOR: poller: move the call of tv_update_date() back to the pollers
    - MINOR: polling: add an option to support busy polling
    - MINOR: server: Add "alpn" and "npn" keywords.
    - MEDIUM: connection: Don't bother reactivating polling after connection retry.
    - MAJOR: connections: Defer mux creation for outgoing connection if alpn is set.
    - MEDIUM: ssl: Add ssl_bc_alpn and ssl_bc_npn sample fetches.
    - MINOR: servers: Free [idle|safe|priv]_conns on exit.
    - REGTEST: add the option to test only a specific set of files
    - REGTEST: add a test for connections to a "dispatch" address
    - BUG/MEDIUM: connections: Don't reset the conn flags in *connect_server().
    - MINOR: server: Only defined conn_complete_server if USE_OPENSSL is set.
    - BUG/MEDIUM: servers: Don't check if we have a conn_stream too soon.
    - BUG/MEDIUM: sessions: Set sess->origin to NULL if the origin was destroyed.
    - MEDIUM: servers: Store the connection in the SI until we have a mux.
    - BUG/MEDIUM: h2: wake the processing task up after demuxing
    - BUG/MEDIUM: h2: restart demuxing after releasing buffer space
2018-11-25 09:16:46 +01:00
Willy Tarreau
5c0e41b7cb [RELEASE] Released version 1.9-dev7
Released version 1.9-dev7 with the following main changes :
    - BUILD: cache: fix a build warning regarding too large an integer for the age
    - CLEANUP: fix typos in the comments of the Makefile
    - CLEANUP: fix a typo in a comment for the contrib/halog subsystem
    - CLEANUP: fix typos in comments for the contrib/modsecurity subsystem
    - CLEANUP: fix typos in comments for contrib/spoa_example
    - CLEANUP: fix typos in comments for contrib/wireshark-dissectors
    - DOC: Fix typos in README and CONTRIBUTING
    - MINOR: log: slightly improve error message syntax on log failure
    - DOC: logs: the format directive was missing from the second log part
    - MINOR: log: report the number of dropped logs in the stats
    - MEDIUM: log: add support for logging to existing file descriptors
    - MEDIUM: log: support a new "short" format
    - MEDIUM: log: add a new "raw" format
    - BUG/MEDIUM: stream-int: change the way buffer room is requested by a stream-int
    - BUG/MEDIUM: stream-int: convert some co_data() checks to channel_is_empty()
    - MINOR: namespaces: don't build namespace.c if disabled
    - BUILD/MEDIUM: threads/affinity: DragonFly build fix
    - MINOR: http: Add new "early-hint" http-request action.
    - MINOR: http: Make new "early-hint" http-request action really be parsed.
    - MINOR: http: Implement "early-hint" http request rules.
    - MINOR: doc: Add information about "early-hint" http-request action.
    - DOC: early-hints: fix truncated line.
    - MINOR: mworker: only close std{in,out,err} in daemon mode
    - BUG/MEDIUM: log: don't CLOEXEC the inherited FDs
    - BUG/MEDIUM: Make sure stksess is properly aligned.
    - BUG/MEDIUM: stream-int: make failed splice_in always subscribe to recv
    - BUG/MEDIUM: stream-int: clear CO_FL_WAIT_ROOM after splicing data in
    - BUG/MINOR: stream-int: make sure not to go through the rcv_buf path after splice()
    - CONTRIB: debug: fix build related to conn_stream flags change
    - REGTEST: fix scripts 1 and 3 to accept development version
    - BUG/MINOR: http_fetch: Remove the version part when capturing the request uri
    - MINOR: http: Regroup return statements of http_req_get_intercept_rule at the end
    - MINOR: http: Regroup return statements of http_res_get_intercept_rule at the end
    - BUG/MINOR: http: Be sure to sent fully formed HTTP 103 responses
    - MEDIUM: jobs: support unstoppable jobs for soft stop
    - MEDIUM: listeners: support unstoppable listener
    - MEDIUM: cli: worker socketpair is unstoppable
    - BUG/MINOR: stream-int: set SI_FL_WANT_PUT in sess_establish()
    - MINOR: stream: move the conn_stream specific calls to the stream-int
    - BUG/MINOR: config: Copy default error messages when parsing of a backend starts
    - CLEANUP: h2: minimum documentation for recent API changes
    - MINOR: mux: implement a get_first_cs() method
    - MINOR: stream-int: make conn_si_send_proxy() use cs_get_first()
    - MINOR: stream-int: relax the forwarding rules in stream_int_notify()
    - MINOR: stream-int: expand the flags to 32-bit
    - MINOR: stream-int: rename SI_FL_WAIT_ROOM to SI_FL_RXBLK_ROOM
    - MINOR: stream-int: introduce new SI_FL_RXBLK flags
    - MINOR: stream-int: add new functions si_{rx,tx}_{blocked,endp_ready}()
    - MINOR: stream-int: replace SI_FL_WANT_PUT with !SI_FL_RX_WAIT_EP
    - MINOR: stream-int: use si_rx_blocked()/si_tx_blocked() to check readiness
    - MEDIUM: stream-int: use si_rx_buff_{rdy,blk} to report buffer readiness
    - MINOR: stream-int: replace si_{want,stop}_put() with si_rx_endp_{more,done}()
    - MEDIUM: stream-int: update the endp polling status only at the end of si_cs_recv()
    - MINOR: stream-int: make si_sync_recv() simply check ENDP before si_cs_recv()
    - MINOR: stream-int: automatically mark applets as ready if they block on the channel
    - MEDIUM: stream-int: fix the si_cant_put() calls used for end point readiness
    - MEDIUM: stream-int: fix the si_cant_put() calls used for buffer readiness
    - MEDIUM: stream-int: use si_rx_shut_blk() to indicate the SI is closed
    - MEDIUM: stream-int: unconditionally call si_chk_rcv() in update and notify
    - MEDIUM: stream-int: make use of si_rx_chan_{rdy,blk} to control the stream-int from the channel
    - MINOR: stream-int: replace si_cant_put() with si_rx_room_{blk,rdy}()
    - MEDIUM: connections: Wait until the connection is established to try to recv.
    - MEDIUM: mux: Teach the mux_pt how to deal with idle connections.
    - MINOR: mux: Add a new "avail_streams" method.
    - MINOR: mux: Add a destroy() method.
    - MINOR: sessions: Start to store the outgoing connection in sessions.
    - MAJOR: connections: Detach connections from streams.
    - MINOR: conn_stream: Add a flag to notify the mux it should flush its buffers
    - MINOR: htx: Add proto_htx.c file
    - MINOR: conn_stream: Add a flag to notify the mux it must respect the reserve
    - MINOR: http: Add standalone functions to parse a start-line or a header
    - MINOR: http: Call http_send_name_header with the stream instead of the txn
    - MINOR: conn_stream: Add a flag to notify the SI some data were received
    - MINOR: http: Add macros to check if a stream uses the HTX representation
    - MEDIUM: proto_htx: Add HTX analyzers and use it when the mux H1 is used
    - MEDIUM: mux-h1: Add dummy mux to handle HTTP/1.1 connections
    - MEDIUM: mux-h1: Add parsing of incoming and ougoing HTTP messages
    - MAJOR: mux-h1/proto_htx: Handle keep-alive connections in the mux
    - MEDIUM: mux-h1: Add support of the kernel TCP splicing to forward data
    - MEDIUM: htx: Add API to deal with the internal representation of HTTP messages
    - MINOR: http_htx: Add functions to manipulate HTX messages in http_htx.c
    - MINOR: proto_htx: Add some functions to handle HTX messages
    - MAJOR: mux-h1/proto_htx: Switch mux-h1 and HTX analyzers on the HTX representation
    - MINOR: http_htx: Add functions to replace part of the start-line
    - MINOR: http_htx: Add functions to retrieve a specific occurrence of a header
    - MINOR: proto_htx: Rewrite htx_apply_redirect_rule to handle HTX messages
    - MINOR: proto_htx: Add the internal function htx_del_hdr_value
    - MINOR: proto_htx: Add the internal function htx_fmt_res_line
    - MINOR: proto_htx: Add functions htx_transform_header and htx_transform_header_str
    - MINOR: proto_htx: Add functions htx_req_replace_stline and htx_res_set_status
    - MINOR: proto_htx: Add function to build and send HTTP 103 responses
    - MINOR: proto_htx: Add functions htx_req_get_intercept_rule and htx_res_get_intercept_rule
    - MINOR: proto_htx: Add functions to apply req* and rsp* rules on HTX messages
    - MINOR: proto_htx: Add functions to manage cookies on HTX messages
    - MINOR: proto_htx: Add functions to check the cacheability of HTX messages
    - MINOR: proto_htx: Add functions htx_send_name_header
    - MINOR: proto_htx: Add functions htx_perform_server_redirect
    - MINOR: proto_htx: Add functions to handle the stats applet
    - MEDIUM: proto_htx: Adapt htx_process_req_common to handle HTX messages
    - MEDIUM: proto_htx: Adapt htx_process_request to handle HTX messages
    - MINOR: proto_htx: Adapt htx_process_tarpit to handle HTX messages
    - MEDIUM: proto_htx: Adapt htx_wait_for_request_body to handle HTX messages
    - MEDIUM: proto_htx: Adapt htx_process_res_common to handle HTX messages
    - MINOR: http_fetch: Add smp_prefetch_htx
    - MEDIUM: http_fetch: Adapt all fetches to handle HTX messages
    - MEDIUM: mux-h1: Wait for connection establishment before consuming channel's data
    - MINOR: stats/htx: Adapt the stats applet to handle HTX messages
    - MINOR: stream: Don't reset sov value with HTX messages
    - MEDIUM: mux-h1: Handle errors and timeouts in the stream
    - MINOR: filters/htx: Forbid filters when the HTX is enabled on a proxy
    - MINOR: lua/htx: Forbid lua usage when the HTX is enabled on a proxy
    - CLEANUP: Fix some typos in the haproxy subsystem
    - CLEANUP: Fix typos in the dns subsystem
    - CLEANUP: Fix typos in the pattern subsystem
    - CLEANUP: fix 2 typos in the xxhash subsystem
    - CLEANUP: fix a few typos in the comments of the server subsystem
    - CLEANUP: fix a misspell in tests/filltab25.c
    - CLEANUP: fix a typo found in the stream subsystem
    - CLEANUP: fix typos in comments in ebtree
    - CLEANUP: fix typos in reg-tests
    - CLEANUP: fix typos in the comments of the vars subsystem
    - CLEANUP: fix typos in the hlua_fcn subsystem
    - CLEANUP: fix typos in the proto_http subsystem
    - CLEANUP: fix typos in the proxy subsystem
    - CLEANUP: fix typos in the ssl_sock subsystem
    - DOC: Fix typos in different subsections of the documentation
    - DOC: fix a few typos in the documentation
    - MINOR: Fix an error message thrown when we run out of memory
    - MINOR: Fix typos in error messages in the proxy subsystem
    - MINOR: fix typos in the examples files
    - CLEANUP: Fix a typo in the stats subsystem
    - CLEANUP: Fix typos in the acl subsystem
    - CLEANUP: Fix typos in the cache subsystem
    - CLEANUP: Fix typos in the cfgparse subsystem
    - CLEANUP: Fix typos in the filters subsystem
    - CLEANUP: Fix typos in the http subsystem
    - CLEANUP: Fix typos in the log subsystem
    - CLEANUP: Fix typos in the peers subsystem
    - CLEANUP: Fix typos in the regex subsystem
    - CLEANUP: Fix typos in the sample subsystem
    - CLEANUP: Fix typos in the spoe subsystem
    - CLEANUP: Fix typos in the standard subsystem
    - CLEANUP: Fix typos in the stick_table subsystem
    - CLEANUP: Fix typos in the task subsystem
    - MINOR: Fix typo in error message in the standard subsystem
    - CLEANUP: fix typos in the comments of hlua
    - MINOR: Fix typo in the error 500 output of hlua
    - MINOR: Fix a typo in a warning message in the spoe subsystem
2018-11-18 22:33:00 +01:00
Willy Tarreau
96079492e0 [RELEASE] Released version 1.9-dev6
Released version 1.9-dev6 with the following main changes :
    - BUG/MEDIUM: tools: fix direction of my_ffsl()
    - BUG/MINOR: cli: forward the whole command on master CLI
    - BUG/MEDIUM: auth/threads: use of crypt() is not thread-safe
    - MINOR: compat: automatically detect support for crypt_r()
    - MEDIUM: auth/threads: make use of crypt_r() on systems supporting it
    - DOC: split the http-request actions in their own section
    - DOC: split the http-response actions in their own section
    - BUG/MAJOR: stream-int: don't call si_cs_recv() in stream_int_chk_rcv_conn()
    - BUG/MINOR: tasks: make sure wakeup events are properly reported to subscribers
    - MINOR: stats: report the number of active jobs and listeners in "show info"
    - MINOR: stats: report the number of active peers in "show info"
    - MINOR: stats: report the number of currently connected peers
    - MINOR: cli: show the number of reload in 'show proc'
    - MINOR: cli: can't connect to the target CLI
    - MEDIUM: mworker: does not create the CLI proxy when no listener
    - MINOR: mworker: displays more information when leaving
    - MEDIUM: mworker: exit with the incriminated exit code
    - MINOR: mworker: displays a message when a worker is forked
    - MEDIUM: mworker: leave when the master die
    - CLEANUP: stream-int: retro-document si_cs_io_cb()
    - BUG/MEDIUM: mworker: does not abort() in mworker_pipe_register()
    - BUG/MEDIUM: stream-int: don't wake up for nothing during SI_ST_CON
    - BUG/MEDIUM: cli: crash when trying to access a worker
    - DOC: restore note about "independant" typo
    - MEDIUM: stream: implement stream_buf_available()
    - MEDIUM: appctx: check for allocation attempts in buffer allocation callbacks
    - MINOR: stream-int: rename si_applet_{want|stop|cant}_{get|put}
    - MINOR: stream-int: add si_done_{get,put} to indicate that we won't do it anymore
    - MINOR: stream-int: use si_cant_put() instead of setting SI_FL_WAIT_ROOM
    - MINOR: stream-int: make use of si_done_{get,put}() in shut{w,r}
    - MINOR: stream-int: make it clear that si_ops cannot be null
    - MEDIUM: stream-int: temporarily make si_chk_rcv() take care of SI_FL_WAIT_ROOM
    - MINOR: stream-int: factor the SI_ST_EST state test into si_chk_rcv()
    - MEDIUM: stream-int: make SI_FL_WANT_PUT reflect CF_DONT_READ
    - MEDIUM: stream-int: always call si_chk_rcv() when we make room in the buffer
    - MEDIUM: stream-int: make si_chk_rcv() check that SI_FL_WAIT_ROOM is cleared
    - MINOR: stream-int: replace si_update() with si_update_both()
    - MEDIUM: stream-int: make stream_int_update() aware of the lower layers
    - CLEANUP: stream-int: remove the now unused si->update() function
    - MEDIUM: stream-int: Rely only on SI_FL_WAIT_ROOM to stop data receipt
    - MEDIUM: stream-int: Try to read data even if channel's buffer seems to be full
    - BUG/MINOR: config: better detect the presence of the h2 pattern in npn/alpn
2018-11-11 10:43:39 +01:00
Willy Tarreau
bddf292cbd [RELEASE] Released version 1.9-dev5
Released version 1.9-dev5 with the following main changes :
    - BUILD: Makefile: add the new ERR variable to force -Werror
    - MINOR: freq_ctr: add swrate_add_scaled() to work with large samples
    - MINOR: stream_interface: Avoid calling si_cs_send/recv if not needed.
    - CLEANUP: http: Remove the unused function http_find_header
    - MINOR: h1: Export some functions parsing the value of some HTTP headers
    - BUG/MEDIUM: stream-int: don't set SI_FL_WAIT_ROOM on CF_READ_DONTWAIT
    - MINOR: proxy: add a new option "http-use-htx"
    - BUG/MEDIUM: pools: fix the minimum allocation size
    - MINOR: shctx: Shared objects block by block allocation.
    - MINOR: cache: Larger HTTP objects caching.
    - MINOR: shctx: Add a maximum object size parameter.
    - MINOR: cache: Add "max-object-size" option.
    - DOC: Update about the cache support for big objects.
    - BUG/MINOR: cache: Crashes with "total-max-size" > 2047(MB).
    - BUG/MINOR: cache: Wrong usage of shctx_init().
    - BUG/MINOR: ssl: Wrong usage of shctx_init().
    - MINOR: cache: Avoid usage of atoi() when parsing "max-object-size".
    - MINOR: shctx: Change max. object size type to unsigned int.
    - DOC: cache: Missing information about "total-max-size" and "max-object-size"
    - CLEANUP: tools: fix misleading comment above function LIM2A
    - MEDIUM: channel: merge back flags CF_WRITE_PARTIAL and CF_WRITE_EVENT
    - BUG/MINOR: only mark connections private if NTLM is detected
    - BUG/MINOR: only auto-prefer last server if lb-alg is non-deterministic
    - MINOR: stream: don't prune variables if the list is empty
    - MINOR: stream-int: add si_alloc_ibuf() to ease input buffer allocation
    - MEDIUM: stream-int: replace channel_alloc_buffer() with si_alloc_ibuf() everywhere
    - MEDIUM: stream: always call si_cs_recv() after a failed buffer allocation
    - MEDIUM: stream: don't try to send first in process_stream()
    - MEDIUM: stream-int: make si_update() synchronize flag changes before the I/O
    - MEDIUM: stream-int: call si_cs_process() in stream_int_update_conn
    - MINOR: stream-int: don't needlessly call tasklet_wakeup() in stream_int_chk_snd_conn()
    - MINOR: stream-int: make stream_int_notify() not wake the tasklet up
    - MINOR: stream-int: don't needlessly call si_cs_send() in si_cs_process()
    - MINOR: mworker: number of reload in the life of a worker
    - MEDIUM: mworker: each worker socketpair is a CLI listener
    - REORG: mworker: move struct mworker_proc to global.h
    - MINOR: server: export new_server() function
    - MEDIUM: mworker: move proc_list gen before proxies startup
    - MEDIUM: mworker: add proc_list in global.h
    - MEDIUM: mworker: proxy for the master CLI
    - MEDIUM: mworker: create CLI listeners from argv[]
    - MEDIUM: cli: disable some keywords in the master
    - MEDIUM: mworker: find the server ptr using a CLI prefix
    - MEDIUM: cli: 'show proc' displays processus
    - MEDIUM: cli: implement 'mode cli' proxy analyzers
    - MINOR: cli: displays sockpair@ in "show cli sockets"
    - MEDIUM: cli: enable "show cli sockets" for the master
    - MINOR: cli: put @master @<relative pid> @!<pid> in the help
    - MEDIUM: listeners: set O_CLOEXEC on the accepted FDs
    - MEDIUM: mworker: stop the master proxy in the workers
    - MEDIUM: channel: reorder the channel analyzers for the cli
    - MEDIUM: cli: write a prompt for the CLI proxy of the master
    - MINOR: cli: helper to write an response message and close
    - MINOR: cache: Add "Age" header.
    - REGTEST: make the IP+port logging test more reliable
    - BUG/MINOR: memory: make the thread-local cache allocator set the debugging link
    - BUG/MAJOR: http: http_txn_get_path() may deference an inexisting buffer
    - BUG/MINOR: backend: assign the wait list after the error check
2018-10-28 20:39:31 +01:00
Willy Tarreau
01fbe74516 [RELEASE] Released version 1.9-dev4
Released version 1.9-dev4 with the following main changes :
    - BUILD: Allow configuration of pcre-config path
    - DOC: clarify force-private-cache is an option
    - BUG/MINOR: connection: avoid null pointer dereference in send-proxy-v2
    - REORG: http: move the code to different files
    - REORG: http: move HTTP rules parsing to http_rules.c
    - CLEANUP: http: remove some leftovers from recent cleanups
    - BUILD: Makefile: add a "make opts" target to simply show the build options
    - BUILD: Makefile: speed up compiler options detection
    - BUG/MINOR: backend: check that the mux installed properly
    - BUG/MEDIUM: h2: check that the connection is still valid at the end of init()
    - BUG/MEDIUM: h2: make h2_stream_new() return an error on memory allocation failure
    - REGTEST/MINOR: compatibility: use unix@ instead of abns@ sockets
    - MINOR: ssl: cleanup old openssl API call
    - MINOR: ssl: generate-certificates for BoringSSL
    - BUG/MEDIUM: buffers: Make sure we don't wrap in ci_insert_line2/b_rep_blk.
    - MEDIUM: ssl: add support for ciphersuites option for TLSv1.3
    - CLEANUP: haproxy: Remove unused variable
    - CLEANUP: h1: Fix debug warnings for h1 headers
    - CLEANUP: stick-tables: Remove unneeded double (()) around conditional clause
    - MEDIUM: task: perform a single tree lookup per run queue batch
    - BUG/MEDIUM: Cur/CumSslConns counters not threadsafe.
    - BUG/MINOR: threads: move declaration of capabilities to config.h
    - OPTIM: tools: optimize my_ffsl() for x86_64
    - BUG/MINOR: h2: null-deref
    - BUG/MINOR: checks: queues null-deref
    - MINOR: connections: Introduce an unsubscribe method.
    - MEDIUM: connections: Change struct wait_list to wait_event.
    - BUG/MEDIUM: h2: Make sure we're not in the send list on flow control.
    - BUG/MEDIUM: mworker: segfault receiving SIGUSR1 followed by SIGTERM.
    - BUG/MEDIUM: stream: Make sure to unsubscribe before si_release_endpoint.
    - MINOR: http: Move comment about some HTTP macros in the right header file
    - MINOR: stats: Add missing include
    - MINOR: http: Export some functions and do cleanup to prepare HTTP refactoring
    - MEDIUM: http: Ignore http-pretend-keepalive option on frontend
    - MEDIUM: http: Ignore http-tunnel option on backend
    - MINOR: http: Use same flag for httpclose and forceclose options
    - MINOR: h1: Add EOH marker during headers parsing
    - MINOR: conn-stream: Add CL_FL_NOT_FIRST flag
    - MINOR: h1: Change the union h1_sl to use indirect strings to store infos
    - MINOR: h1: Add the flag H1_MF_NO_PHDR to not add pseudo-headers during parsing
    - MINOR: log: make sess_log() support sess=NULL
    - MINOR: chunk: add chunk_cpy() and chunk_cat()
    - MEDIUM: h2: stop relying on H2_SS_IDLE / H2_SS_CLOSED
    - CLEANUP: h2: rename h2c_snd_settings() to h2c_send_settings()
    - MINOR: h2: don't try to send data before preface
    - MINOR: h2: unify the mux init function
    - MINOR: h2: retrieve the front proxy from the caller instead of the session
    - MINOR: h2: split h2c_stream_new() into h2s_new() + h2c_frt_stream_new()
    - MINOR: h2: add a new flag to quickly distinguish front vs back connection
    - BUG/MEDIUM: mworker: don't poll on LI_O_INHERITED listeners
    - BUG/MEDIUM: stream: don't crash on out-of-memory
    - BUILD: compiler: add a new statement "__unreachable()"
    - BUILD: lua: silence some compiler warnings about potential null derefs
    - BUILD: ssl: fix null-deref warning in ssl_fc_cipherlist_str sample fetch
    - BUILD: ssl: fix another null-deref warning in ssl_sock_switchctx_cbk()
    - BUILD: stick-table: make sure not to fail on task_new() during initialization
    - BUILD: peers: check allocation error during peers_init_sync()
    - MINOR: tools: add a new function atleast2() to test masks for more than 1 bit
    - MINOR: config: use atleast2() instead of my_popcountl() where relevant
    - MEDIUM: fd/threads: only grab the fd's lock if the FD has more than one thread
    - MAJOR: tasks: create per-thread wait queues
    - OPTIM: tasks: group all tree roots per cache line
    - DOC: Fix a few typos
    - MINOR: pools: allocate most memory pools from an array
    - MINOR: pools: split pool_free() in the lockfree variant
    - MEDIUM: pools: implement a thread-local cache for pool entries
    - BUG/MEDIUM: threads: fix thread_release() at the end of the rendez-vous point
    - Revert "BUILD: lua: silence some compiler warnings about potential null derefs"
    - BUILD: lua: silence some compiler warnings about potential null derefs (#2)
    - MINOR: lua: all functions calling lua_yieldk() may return
    - BUILD: lua: silence some compiler warnings after WILL_LJMP
    - BUILD: Makefile: silence an option conflict warning with clang
    - MINOR: server: Use memcpy() instead of strncpy().
    - CLEANUP: state-file: make the path concatenation code a bit more consistent
    - MINOR: build: Disable -Wstringop-overflow.
    - MINOR: cfgparse: Write 130 as 128 as 0x82 and 0x80.
    - MINOR: peers: use defines instead of enums to appease clang.
    - DOC: fix reference to map files in MAINTAINERS
    - MINOR: fd: centralize poll timeout computation in compute_poll_timeout()
    - MINOR: poller: move time and date computation out of the pollers
    - BUILD: memory: fix pointer declaration for atomic CAS
    - BUILD: Makefile: add USE_RT to pass -lrt for clock_gettime() and friends
    - MINOR: time: add now_mono_time() and now_cpu_time()
    - MEDIUM: time: measure the time stolen by other threads
    - BUILD: memory: fix free_list pointer declaration again for atomic CAS
    - BUILD: compiler: rename __unreachable() to my_unreachable()
    - BUG/MEDIUM: pools: Fix the usage of mmap()) with DEBUG_UAF.
    - BUILD: memory: fix free_list pointer declaration again for atomic CAS
    - BUG/MEDIUM: h2: Close connection if no stream is left an GOAWAY was sent.
    - BUG/MEDIUM: connections: Remove subscription if going in idle mode.
    - BUG/MEDIUM: stream: Make sure polling is right on retry.
    - MINOR: h2: Make sure to return 1 in h2_recv() when needed.
    - MEDIUM: connections: Don't directly mess with the polling from the upper layers.
    - MINOR: streams: Call tasklet_free() after si_release_endpoint().
    - MINOR: connection: Add a SUB_CALL_UNSUBSCRIBE event.
    - MINOR: h2: Don't run tasks that are waiting to send if mux in full.
    - MINOR: ebtree: save 8 bytes in struct eb32sc_node
2018-10-21 20:28:30 +02:00
Willy Tarreau
27010f098d [RELEASE] Released version 1.9-dev3
Released version 1.9-dev3 with the following main changes :
    - BUG/MINOR: h1: don't consider the status for each header
    - MINOR: h1: report in the h1m struct if the HTTP version is 1.1 or above
    - MINOR: h1: parse the Connection header field
    - DOC: Fix typos in lua documentation
    - MINOR: h1: Add H1_MF_XFER_LEN flag
    - MINOR: http: add http_hdr_del() to remove a header from a list
    - MINOR: h1: add headers to the list after controls, not before
    - MEDIUM: h1: better handle transfer-encoding vs content-length
    - MEDIUM: h1: deduplicate the content-length header
    - BUG/MEDIUM: patterns: fix possible double free when reloading a pattern list
    - BUG/MEDIUM: h1: Really skip all updates when incomplete messages are parsed
    - CLEANUP/CONTRIB: hpack: remove some h1 build warnings
    - BUG/MINOR: tools: fix set_net_port() / set_host_port() on IPv4
    - BUG/MINOR: cli: make sure the "getsock" command is only called on connections
    - MINOR: stktable: provide an unchecked version of stktable_data_ptr()
    - MINOR: stream-int: make si_appctx() never fail
    - BUILD: ssl_sock: remove build warnings on potential null-derefs
    - BUILD: stats: remove build warnings on potential null-derefs
    - BUILD: stream: address null-deref build warnings at -Wextra
    - BUILD: http: address a couple of null-deref warnings at -Wextra
    - BUILD: log: silent build warnings due to unchecked __objt_{server,applet}
    - BUILD: dns: fix null-deref build warning at -Wextra
    - BUILD: checks: silence a null-deref build warning at -Wextra
    - BUILD: connection: silence a couple of null-deref build warnings at -Wextra
    - BUILD: backend: fix 3 build warnings related to null-deref at -Wextra
    - BUILD: sockpair: silence a build warning at -Wextra
    - BUILD: build with -Wextra and sort out certain warnings
    - BUG/CRITICAL: hpack: fix improper sign check on the header index value
    - BUG/MEDIUM: http: Don't parse chunked body if there is no input data
    - DOC: Update configuration doc about the maximum number of stick counters.
    - BUG/MEDIUM: process_stream: Don't use si_cs_io_cb() in process_stream().
    - MINOR: h2/stream_interface: Reintroduce te wake() method.
    - BUG/MEDIUM: h2: Wake the task instead of calling h2_recv()/h2_process().
    - BUG/MEDIUM: process_stream(): Don't wake the task if no new data was received.
    - MEDIUM: lua: Add stick table support for Lua.
2018-09-29 20:17:33 +02:00
Willy Tarreau
253006deed [RELEASE] Released version 1.9-dev2
Released version 1.9-dev2 with the following main changes :
    - BUG/MINOR: buffers: Fix b_slow_realign when a buffer is realign without output
    - BUG/MEDIUM: threads: fix the no-thread case after the change to the sync point
    - BUG/MEDIUM: servers: check the queues once enabling a server
    - BUG/MEDIUM: queue: prevent a backup server from draining the proxy's connections
    - MEDIUM: mux: Remove const on the buffer in mux->snd_buf()
    - CLEANUP: backend: Move mux install to call it at only one place
    - MINOR: conn_stream: add an tx buffer to the conn_stream
    - MINOR: conn_stream: add cs_send() as a default snd_buf() function
    - MINOR: backend: Try to find the best mux for outgoing connections
    - MEDIUM: backend: don't rely on mux_pt_ops in connect_server()
    - MINOR: mux: Add info about the supported side in alpn_mux_list structure
    - MINOR: mux: Unlink ALPN and multiplexers to rather speak of mux protocols
    - MINOR: mux: Print the list of existing mux protocols during HA startup
    - MEDIUM: checks: use the new rendez-vous point to spread check result
    - MEDIUM: haproxy: don't use sync_poll_loop() anymore in the main loop
    - MINOR: threads: remove the previous synchronization point
    - MAJOR: server: make server state changes synchronous again
    - CLEANUP: server: remove the update list and the update lock
    - BUG/MINOR: threads: Remove the unexisting lock label "UPDATED_SERVERS_LOCK"
    - BUG/MEDIUM: stream_int: Don't check CO_FL_SOCK_RD_SH flag to trigger cs receive
    - MINOR: mux: Change get_mux_proto to get an ist as parameter
    - MINOR: mux: Improve the message with the list of existing mux protocols
    - MINOR: mux/frontend: Add 'proto' keyword to force the mux protocol
    - MINOR: mux/server: Add 'proto' keyword to force the multiplexer's protocol
    - MEDIUM: mux: Use the mux protocol specified on bind/server lines
    - BUG/MEDIUM: connection/mux: take care of serverless proxies
    - MINOR: queue: make sure the pendconn is released before logging
    - MINOR: stream: rename {srv,prx}_queue_size to *_queue_pos
    - MINOR: queue: store the queue index in the stream when enqueuing
    - MINOR: queue: replace the linked list with a tree
    - MEDIUM: add set-priority-class and set-priority-offset
    - MEDIUM: queue: adjust position based on priority-class and priority-offset
    - DOC: update the roadmap about priority queues
    - BUG/MINOR: ssl: empty connections reported as errors.
    - MINOR: connections: Make rcv_buf mandatory and nuke cs_recv().
    - MINOR: connections: Move rxbuf from the conn_stream to the h2s.
    - MINOR: connections: Get rid of txbuf.
    - MINOR: tasks: Allow tasklet_wakeup() to wakeup a task.
    - MINOR: connections/mux: Add the wait reason(s) to wait_list.
    - MINOR: stream_interface: Don't use si_cs_send() as a task handler.
    - MINOR: stream_interface: Give stream_interface its own wait_list.
    - MINOR: mux_h2: Don't use h2_send() as a callback.
    - MINOR: checks: Add event_srv_chk_io().
    - BUG/MEDIUM: tasks: Don't insert in the global rqueue if nbthread == 1
    - BUG/MEDIUM: sessions: Don't use t->state.
    - BUG/MEDIUM: ssl: fix missing error loading a keytype cert from a bundle.
    - BUG/MEDIUM: ssl: loading dh param from certifile causes unpredictable error.
    - BUG/MINOR: map: fix map_regm with backref
    - DOC: dns: explain set server ... fqdn requires resolver
    - DOC: add documentation for prio_class and prio_offset sample fetches.
    - DOC: ssl: Use consistent naming for TLS protocols
    - DOC: update the layering design notes
    - MINOR: tasks: Don't special-case when nbthreads == 1
    - MINOR: fd cache: And the thread_mask with all_threads_mask.
    - BUG/MEDIUM: lua: socket timeouts are not applied
    - BUG/MINOR: lua: fix extra 500ms added to socket timeouts
    - BUG/MEDIUM: server: update our local state before propagating changes
    - BUG/MEDIUM: cli/threads: protect all "proxy" commands against concurrent updates
    - DOC: server/threads: document which functions need to be called with/without locks
    - BUG/MEDIUM: cli/threads: protect some server commands against concurrent operations
    - BUG/MEDIUM: streams: Don't forget to remove the si from the wait list.
    - BUG/MEDIUM: tasklets: Add the thread as active when waking a tasklet.
    - BUG/MEDIUM: stream-int: Check if the conn_stream exist in si_cs_io_cb.
    - BUG/MEDIUM: H2: Activate polling after successful h2_snd_buf().
    - BUG/MEDIUM: stream_interface: Call the wake callback after sending.
    - BUG/MAJOR: queue/threads: make pendconn_redistribute not lock the server
    - BUG/MEDIUM: connection: don't forget to always delete the list's head
    - BUG/MEDIUM: lb/threads: always properly lock LB algorithms on maintenance operations
    - BUG/MEDIUM: check/threads: do not involve the rendez-vous point for status updates
    - BUG/MINOR: chunks: do not store -1 into chunk_printf() in case of error
    - BUG/MEDIUM: http: don't store exp_replace() result in the trash's length
    - BUG/MEDIUM: http: don't store url_decode() result in the samples's length
    - BUG/MEDIUM: dns: don't store dns_build_query() result in the trash's length
    - BUG/MEDIUM: map: don't store exp_replace() result in the trash's length
    - BUG/MEDIUM: connection: don't store recv() result into trash.data
    - BUG/MEDIUM: cli/ssl: don't store base64dec() result in the trash's length
    - MINOR: chunk: remove impossible tests on negative chunk->data
    - MINOR: sample: remove impossible tests on negative smp->data.u.str.data
    - DOC: Fix spelling error in configuration doc
    - REGTEST/MINOR: Missing mandatory "ignore_unknown_macro".
    - REGTEST/MINOR: Add a new class of regression testing files.
    - BUG/MEDIUM: unix: provide a ->drain() function
    - MINOR: connection: make conn_sock_drain() work for all socket families
    - BUG/MINOR: lua: Bad HTTP client request duration.
    - REGEST/MINOR: Add reg testing files.
    - BUG/MEDIUM: mux_pt: dereference the connection with care in mux_pt_wake()
    - REGTEST/MINOR: Add a reg testing file for b406b87 commit.
    - BUG/MEDIUM: lua: reset lua transaction between http requests
    - MINOR: add be_conn_free sample fetch
    - MINOR: Add srv_conn_free sample fetch
    - BUG/MEDIUM: hlua: Make sure we drain the output buffer when done.
    - MINOR: checks: Call wake_srv_chk() when we can finally send data.
    - BUG/MEDIUM: stream_interface: try to call si_cs_send() earlier.
    - BUG/MAJOR: thread: lua: Wrong SSL context initialization.
    - REGTEST/MINOR: Add a reg testing file for 3e60b11.
    - BUG/MEDIUM: hlua: Don't call RESET_SAFE_LJMP if SET_SAFE_LJMP returns 0.
    - REGTEST/MINOR: lua: Add reg testing files for 70d318c.
    - BUG/MEDIUM: dns/server: fix incomatibility between SRV resolution and server state file
    - BUG/MEDIUM: ECC cert should work with TLS < v1.2 and openssl >= 1.1.1
    - MINOR: tools: make date2str_log() take some consts
    - MINOR: thread: implement HA_ATOMIC_XADD()
    - BUG/MINOR: stream: use atomic increments for the request counter
    - BUG/MEDIUM: session: fix reporting of handshake processing time in the logs
    - BUG/MEDIUM: h2: fix risk of memory leak on malformated wrapped frames
    - BUG/MAJOR: buffer: fix incorrect check in __b_putblk()
    - MINOR: log: move the log code to sess_build_logline() to add extra arguments
    - MINOR: log: make the backend fall back to the frontend when there's no stream
    - MINOR: log: make sess_build_logline() not dereference a NULL stream for txn
    - MINOR: log: don't unconditionally pick log info from s->logs
    - CLEANUP: log: make the low_level lf_{ip,port,text,text_len} functions take consts
    - MINOR: log: keep a copy of the backend connection early in sess_build_logline()
    - MINOR: log: do not dereference a null stream to access captures
    - MINOR: log: be sure not to dereference a null stream for a target
    - MINOR: log: don't check the stream-int's conn_retries if the stream is NULL
    - MINOR: log: use NULL for the unique_id if there is no stream
    - MINOR: log: keep a copy of s->flags early to avoid a dereference
    - MINOR: log: use zero as the request counter if there is no stream
    - MEDIUM: log: make sess_build_logline() support being called with no stream
    - MINOR: log: provide a function to emit a log for a session
    - MEDIUM: h2: produce some logs on early errors that prevent streams from being created
    - BUG/MINOR: h1: fix buffer shift after realignment
    - MINOR: connection: make the initialization more consistent
    - MINOR: connection: add new function conn_get_proxy()
    - MINOR: connection: add new function conn_is_back()
    - MINOR: log: One const should be enough.
    - BUG/MINOR: dns: check and link servers' resolvers right after config parsing
    - BUG/MINOR: http/threads: atomically increment the error snapshot ID
    - MINOR: snapshot: restart on the event ID and not the stream ID
    - MINOR: snapshot: split the error snapshots into common and proto-specific parts
    - MEDIUM: snapshot: start to reorder the HTTP snapshot output a little bit
    - MEDIUM: snapshot: implement a show() callback and use it for HTTP
    - MINOR: proxy: add a new generic proxy_capture_error()
    - MINOR: http: make the HTTP error capture rely on the generic proxy code
    - MINOR: http: remove the pointer to the error snapshot in http_capture_bad_message()
    - REORG: cli: move the "show errors" handler from http to proxy
    - BUG/MEDIUM: snapshot: take the proxy's lock while dumping errors
    - MEDIUM: snapshots: dynamically allocate the snapshots
    - MEDIUM: snapshot: merge the captured data after the descriptor
    - MEDIUM: mworker: remove register/unregister signal functions
    - MEDIUM: mworker: use the haproxy poll loop
    - BUG/MINOR: mworker: no need to stop peers for each proxy
    - MINOR: mworker: mworker_cleanlisteners() delete the listeners
    - MEDIUM: mworker: block SIGCHLD until the master is ready
    - MEDIUM: mworker: never block SIG{TERM,INT} during reload
    - MEDIUM: startup: unify signal init between daemon and mworker mode
    - MINOR: mworker: don't deinit the poller fd when in wait mode
    - MEDIUM: mworker: master wait mode use its own initialization
    - MEDIUM: mworker: replace the master pipe by socketpairs
    - MINOR: mworker: keep and clean the listeners
    - MEDIUM: threads: close the thread-waker pipe during deinit
    - MEDIUM: mworker: call per_thread deinit in mworker_reload()
    - REORG: http: move the HTTP semantics definitions to http.h/http.c
    - REORG: http: move http_get_path() to http.c
    - REORG: http: move error codes production and processing to http.c
    - REORG: http: move the log encoding tables to log.c
    - REORG: http: move some header value processing functions to http.c
    - BUG/MAJOR: kqueue: Don't reset the changes number by accident.
    - MEDIUM: protocol: use a custom AF_MAX to help protocol parser
    - MEDIUM: protocol: sockpair protocol
    - TESTS: add a python wrapper for sockpair@
    - BUG/MINOR: server: Crash when setting FQDN via CLI.
    - BUG/MINOR: h2: report asynchronous end of stream on closed connections
    - BUILD: fix build without thread
    - BUG/MEDIUM: tasks: Don't forget to decrement task_list_size in tasklet_free().
    - MEDIUM: connections: Don't reset the polling flags in conn_fd_handler().
    - MEDIUM: connections/mux: Add a recv and a send+recv wait list.
    - MEDIUM: connections: Get rid of the recv() method.
    - MINOR: h2: Let user of h2_recv() and h2_send() know xfer has been done.
    - MEDIUM: h2: always subscribe to receive if allowed.
    - MEDIUM: h2: Don't use a wake() method anymore.
    - MEDIUM: stream_interface: Make recv() subscribe when more data is needed.
    - MINOR: connections: Add a "handle" field to wait_list.
    - MEDIUM: mux_h2: Revamp the send path when blocking.
    - MEDIUM: stream_interfaces: Starts receiving from the upper layers.
    - MINOR: checks: Give checks their own wait_list.
    - MINOR: conn_streams: Remove wait_list from conn_streams.
    - REORG: h1: create a new h1m_state
    - MINOR: h1: add the restart offsets into struct h1m
    - MINOR: h1: remove the unused states from h1m_state
    - MINOR: h1: provide a distinct init() function for request and response
    - MINOR: h1: add a message flag to indicate that a message carries a response
    - MINOR: h2: make sure h1m->err_pos field is correct on chunk error
    - MINOR: h1: properly pre-initialize err_pos to -2
    - MINOR: mux_h2: replace the req,res h1 messages with a single h1 message
    - MINOR: h2: pre-initialize h1m->err_pos to -1 on the output path
    - MEDIUM: h1: consider err_pos before deciding to accept a header name or not
    - MEDIUM: h1: make the parser support a pointer to a start line
    - MEDIUM: h1: let the caller pass the initial parser's state
    - MINOR: h1: make the message parser support a null <hdr> argument
    - MEDIUM: h1: support partial message parsing
    - MEDIUM: h1: remove the useless H1_MSG_BODY state
    - MINOR: h2: store the HTTP status into the H2S, not the H1M
    - MINOR: h1: remove the HTTP status from the H1M struct
    - MEDIUM: h1: implement the request parser as well
    - MINOR: h1: add H1_MF_TOLOWER to decide when to turn header names to lower case
    - MINOR: connection: pass the proxy when creating a connection
    - BUG/MEDIUM: h2: Don't forget to empty the wait lists on destroy.
    - BUG/MEDIUM: h2: Don't forget to set recv_wait_list to NULL in h2_detach.
    - BUG/MAJOR: h2: reset the parser's state on mux buffer full
2018-09-12 18:59:48 +02:00
Willy Tarreau
65e94d1ce9 [RELEASE] Released version 1.9-dev1
Released version 1.9-dev1 with the following main changes :
    - BUG/MEDIUM: kqueue: Don't bother closing the kqueue after fork.
    - DOC: cache: update sections and fix some typos
    - BUILD/MINOR: deviceatlas: enable thread support
    - BUG/MEDIUM: tcp-check: Don't lock the server in tcpcheck_main
    - BUG/MEDIUM: ssl: don't allocate shctx several time
    - BUG/MEDIUM: cache: bad computation of the remaining size
    - BUILD: checks: don't include server.h
    - BUG/MEDIUM: stream: fix session leak on applet-initiated connections
    - BUILD/MINOR: haproxy : FreeBSD/cpu affinity needs pthread_np header
    - BUILD/MINOR: Makefile : enabling USE_CPU_AFFINITY
    - BUG/MINOR: ssl: CO_FL_EARLY_DATA removal is managed by stream
    - BUG/MEDIUM: threads/peers: decrement, not increment jobs on quitting
    - BUG/MEDIUM: h2: don't report an error after parsing a 100-continue response
    - BUG/MEDIUM: peers: fix some track counter rules dont register entries for sync.
    - BUG/MAJOR: thread/peers: fix deadlock on peers sync.
    - BUILD/MINOR: haproxy: compiling config cpu parsing handling when needed
    - MINOR: config: report when "monitor fail" rules are misplaced
    - BUG/MINOR: mworker: fix validity check for the pipe FDs
    - BUG/MINOR: mworker: detach from tty when in daemon mode
    - MINOR: threads: Fix pthread_setaffinity_np on FreeBSD.
    - BUG/MAJOR: thread: Be sure to request a sync between threads only once at a time
    - BUILD: Fix LDFLAGS vs. LIBS re linking order in various makefiles
    - BUG/MEDIUM: checks: Be sure we have a mux if we created a cs.
    - BUG/MINOR: hpack: fix debugging output of pseudo header names
    - BUG/MINOR: hpack: must reject huffman literals padded with more than 7 bits
    - BUG/MINOR: hpack: reject invalid header index
    - BUG/MINOR: hpack: dynamic table size updates are only allowed before headers
    - BUG/MAJOR: h2: correctly check the request length when building an H1 request
    - BUG/MINOR: h2: immediately close if receiving GOAWAY after the last stream
    - BUG/MINOR: h2: try to abort closed streams as soon as possible
    - BUG/MINOR: h2: ":path" must not be empty
    - BUG/MINOR: h2: fix a typo causing PING/ACK to be responded to
    - BUG/MINOR: h2: the TE header if present may only contain trailers
    - BUG/MEDIUM: h2: enforce the per-connection stream limit
    - BUG/MINOR: h2: do not accept SETTINGS_ENABLE_PUSH other than 0 or 1
    - BUG/MINOR: h2: reject incorrect stream dependencies on HEADERS frame
    - BUG/MINOR: h2: properly check PRIORITY frames
    - BUG/MINOR: h2: reject response pseudo-headers from requests
    - BUG/MEDIUM: h2: remove connection-specific headers from request
    - BUG/MEDIUM: h2: do not accept upper case letters in request header names
    - BUG/MINOR: h2: use the H2_F_DATA_* macros for DATA frames
    - BUG/MINOR: action: Don't check http capture rules when no id is defined
    - BUG/MAJOR: hpack: don't pretend large headers fit in empty table
    - BUG/MINOR: ssl: support tune.ssl.cachesize 0 again
    - BUG/MEDIUM: mworker: also close peers sockets in the master
    - BUG/MEDIUM: ssl engines: Fix async engines fds were not considered to fix fd limit automatically.
    - BUG/MEDIUM: checks: a down server going to maint remains definitely stucked on down state.
    - BUG/MEDIUM: peers: set NOLINGER on the outgoing stream interface
    - BUG/MEDIUM: h2: fix handling of end of stream again
    - MINOR: mworker: Update messages referencing exit-on-failure
    - MINOR: mworker: Improve wording in `void mworker_wait()`
    - CONTRIB: halog: Add help text for -s switch in halog program
    - BUG/MEDIUM: email-alert: don't set server check status from a email-alert task
    - BUG/MEDIUM: threads/vars: Fix deadlock in register_name
    - MINOR: systemd: remove comment about HAPROXY_STATS_SOCKET
    - DOC: notifications: add precisions about thread usage
    - BUG/MEDIUM: lua/notification: memory leak
    - MINOR: conn_stream: add new flag CS_FL_RCV_MORE to indicate pending data
    - BUG/MEDIUM: stream-int: always set SI_FL_WAIT_ROOM on CS_FL_RCV_MORE
    - BUG/MEDIUM: h2: automatically set CS_FL_RCV_MORE when the output buffer is full
    - BUG/MEDIUM: h2: enable recv polling whenever demuxing is possible
    - BUG/MEDIUM: h2: work around a connection API limitation
    - BUG/MEDIUM: h2: debug incoming traffic in h2_wake()
    - MINOR: h2: store the demux padding length in the h2c struct
    - BUG/MEDIUM: h2: support uploading partial DATA frames
    - MINOR: h2: don't demand that a DATA frame is complete before processing it
    - BUG/MEDIUM: h2: don't switch the state to HREM before end of DATA frame
    - BUG/MEDIUM: h2: don't close after the first DATA frame on tunnelled responses
    - BUG/MEDIUM: http: don't disable lingering on requests with tunnelled responses
    - BUG/MEDIUM: h2: fix stream limit enforcement
    - BUG/MINOR: stream-int: don't try to receive again after receiving an EOS
    - MINOR: sample: add len converter
    - BUG: MAJOR: lb_map: server map calculation broken
    - BUG: MINOR: http: don't check http-request capture id when len is provided
    - MINOR: sample: rename the "len" converter to "length"
    - BUG/MEDIUM: mworker: Set FD_CLOEXEC flag on log fd
    - DOC/MINOR: intro: typo, wording, formatting fixes
    - MINOR: netscaler: respect syntax
    - MINOR: netscaler: remove the use of cip_magic only used once
    - MINOR: netscaler: rename cip_len to clarify its uage
    - BUG/MEDIUM: netscaler: use the appropriate IPv6 header size
    - BUG/MAJOR: netscaler: address truncated CIP header detection
    - MINOR: netscaler: check in one-shot if buffer is large enough for IP and TCP header
    - MEDIUM: netscaler: do not analyze original IP packet size
    - MEDIUM: netscaler: add support for standard NetScaler CIP protocol
    - MINOR: spoe: add force-set-var option in spoe-agent configuration
    - CONTRIB: iprange: Fix compiler warning in iprange.c
    - CONTRIB: halog: Fix compiler warnings in halog.c
    - BUG/MINOR: h2: properly report a stream error on RST_STREAM
    - MINOR: mux: add flags to describe a mux's capabilities
    - MINOR: stream-int: set flag SI_FL_CLEAN_ABRT when mux supports clean aborts
    - BUG/MEDIUM: stream: don't consider abortonclose on muxes which close cleanly
    - BUG/MEDIUM: checks: a server passed in maint state was not forced down.
    - BUG/MEDIUM: lua: fix crash when using bogus mode in register_service()
    - MINOR: http: adjust the list of supposedly cacheable methods
    - MINOR: http: update the list of cacheable status codes as per RFC7231
    - MINOR: http: start to compute the transaction's cacheability from the request
    - BUG/MINOR: http: do not ignore cache-control: public
    - BUG/MINOR: http: properly detect max-age=0 and s-maxage=0 in responses
    - BUG/MINOR: cache: do not force the TX_CACHEABLE flag before checking cacheability
    - MINOR: http: add a function to check request's cache-control header field
    - BUG/MEDIUM: cache: do not try to retrieve host-less requests from the cache
    - BUG/MEDIUM: cache: replace old object on store
    - BUG/MEDIUM: cache: respect the request cache-control header
    - BUG/MEDIUM: cache: don't cache the response on no-cache="set-cookie"
    - BUG/MAJOR: connection: refine the situations where we don't send shutw()
    - BUG/MEDIUM: checks: properly set servers to stopping state on 404
    - BUG/MEDIUM: h2: properly handle and report some stream errors
    - BUG/MEDIUM: h2: improve handling of frames received on closed streams
    - DOC/MINOR: configuration: typo, formatting fixes
    - BUG/MEDIUM: h2: ensure we always know the stream before sending a reset
    - BUG/MEDIUM: mworker: don't close stdio several time
    - MINOR: don't close stdio anymore
    - BUG/MEDIUM: http: don't automatically forward request close
    - BUG/MAJOR: hpack: don't return direct references to the dynamic headers table
    - MINOR: h2: add a function to report pseudo-header names
    - DEBUG: hpack: make hpack_dht_dump() expose the output file
    - DEBUG: hpack: add more traces to the hpack decoder
    - CONTRIB: hpack: add an hpack decoder
    - MEDIUM: h2: prepare a graceful shutdown when the frontend is stopped
    - BUG/MEDIUM: h2: properly handle the END_STREAM flag on empty DATA frames
    - BUILD: ssl: silence a warning when building without NPN nor ALPN support
    - CLEANUP: rbtree: remove
    - BUG/MEDIUM: ssl: cache doesn't release shctx blocks
    - BUG/MINOR: lua: Fix default value for pattern in Socket.receive
    - DOC: lua: Fix typos in comments of hlua_socket_receive
    - BUG/MEDIUM: lua: Fix IPv6 with separate port support for Socket.connect
    - BUG/MINOR: lua: Fix return value of Socket.settimeout
    - MINOR: dns: Handle SRV record weight correctly.
    - BUG/MEDIUM: mworker: execvp failure depending on argv[0]
    - MINOR: hathreads: add support for gcc < 4.7
    - BUILD/MINOR: ancient gcc versions atomic fix
    - BUG/MEDIUM: stream: properly handle client aborts during redispatch
    - MINOR: spoe: add register-var-names directive in spoe-agent configuration
    - MINOR: spoe: Don't queue a SPOE context if nothing is sent
    - DOC: clarify the scope of ssl_fc_is_resumed
    - CONTRIB: debug: fix a few flags definitions
    - BUG/MINOR: poll: too large size allocation for FD events
    - MINOR: sample: add date_us sample
    - BUG/MEDIUM: peers: fix expire date wasn't updated if entry is modified remotely.
    - MINOR: servers: Don't report duplicate dyncookies for disabled servers.
    - MINOR: global/threads: move cpu_map at the end of the global struct
    - MINOR: threads: add a MAX_THREADS define instead of LONGBITS
    - MINOR: global: add some global activity counters to help debugging
    - MINOR: threads/fd: Use a bitfield to know if there are FDs for a thread in the FD cache
    - BUG/MEDIUM: threads/polling: Use fd_cache_mask instead of fd_cache_num
    - BUG/MEDIUM: fd: maintain a per-thread update mask
    - MINOR: fd: add a bitmask to indicate that an FD is known by the poller
    - BUG/MEDIUM: epoll/threads: use one epoll_fd per thread
    - BUG/MEDIUM: kqueue/threads: use one kqueue_fd per thread
    - BUG/MEDIUM: threads/mworker: fix a race on startup
    - BUG/MINOR: mworker: only write to pidfile if it exists
    - MINOR: threads: Fix build when we're not compiling with threads.
    - BUG/MINOR: threads: always set an owner to the thread_sync pipe
    - BUG/MEDIUM: threads/server: Fix deadlock in srv_set_stopping/srv_set_admin_flag
    - BUG/MEDIUM: checks: Don't try to release undefined conn_stream when a check is freed
    - BUG/MINOR: kqueue/threads: Don't forget to close kqueue_fd[tid] on each thread
    - MINOR: threads: Use __decl_hathreads instead of #ifdef/#endif
    - BUILD: epoll/threads: Add test on MAX_THREADS to avoid warnings when complied without threads
    - BUILD: kqueue/threads: Add test on MAX_THREADS to avoid warnings when complied without threads
    - CLEANUP: sample: Fix comment encoding of sample.c
    - CLEANUP: sample: Fix outdated comment about sample casts functions
    - BUG/MINOR: sample: Fix output type of c_ipv62ip
    - CLEANUP: Fix typo in ARGT_MSK6 comment
    - CLEANUP: standard: Use len2mask4 in str2mask
    - MINOR: standard: Add str2mask6 function
    - MINOR: config: Add support for ARGT_MSK6
    - MEDIUM: sample: Add IPv6 support to the ipmask converter
    - MINOR: config: Enable tracking of up to MAX_SESS_STKCTR stick counters.
    - BUG/MINOR: cli: use global.maxsock and not maxfd to list all FDs
    - MINOR: polling: make epoll and kqueue not depend on maxfd anymore
    - MINOR: fd: don't report maxfd in alert messages
    - MEDIUM: polling: start to move maxfd computation to the pollers
    - CLEANUP: fd/threads: remove the now unused fdtab_lock
    - MINOR: poll: more accurately compute the new maxfd in the loop
    - CLEANUP: fd: remove the unused "new" field
    - MINOR: fd: move the hap_fd_{clr,set,isset} functions to fd.h
    - MEDIUM: select: make use of hap_fd_* functions
    - MEDIUM: fd: use atomic ops for hap_fd_{clr,set} and remove poll_lock
    - MEDIUM: select: don't use the old FD state anymore
    - MEDIUM: poll: don't use the old FD state anymore
    - MINOR: fd: pass the iocb and owner to fd_insert()
    - BUG/MINOR: threads: Update labels array because of changes in lock_label enum
    - MINOR: stick-tables: Adds support for new "gpc1" and "gpc1_rate" counters.
    - BUG/MINOR: epoll/threads: only call epoll_ctl(DEL) on polled FDs
    - DOC: don't suggest using http-server-close
    - MINOR: introduce proxy-v2-options for send-proxy-v2
    - BUG/MEDIUM: spoe: Always try to receive or send the frame to detect shutdowns
    - BUG/MEDIUM: spoe: Allow producer to read and to forward shutdown on request side
    - MINOR: spoe: Remove check on min_applets number when a SPOE context is queued
    - MINOR: spoe: Always link a SPOE context with the applet processing it
    - MINOR: spoe: Replace sending_rate by a frequency counter
    - MINOR: spoe: Count the number of frames waiting for an ack for each applet
    - MEDIUM: spoe: Use an ebtree to manage idle applets
    - MINOR: spoa_example: Count the number of frames processed by each worker
    - MINOR: spoe: Add max-waiting-frames directive in spoe-agent configuration
    - MINOR: init: make stdout unbuffered
    - MINOR: early data: Don't rely on CO_FL_EARLY_DATA to wake up streams.
    - MINOR: early data: Never remove the CO_FL_EARLY_DATA flag.
    - MINOR: compiler: introduce offsetoff().
    - MINOR: threads: Introduce double-width CAS on x86_64 and arm.
    - MINOR: threads: add test and set/reset operations
    - MINOR: pools/threads: Implement lockless memory pools.
    - MAJOR: fd/threads: Make the fdcache mostly lockless.
    - MEDIUM: fd/threads: Make sure we don't miss a fd cache entry.
    - MAJOR: fd: compute the new fd polling state out of the fd lock
    - MINOR: epoll: get rid of the now useless fd_compute_new_polled_status()
    - MINOR: kqueue: get rid of the now useless fd_compute_new_polled_status()
    - MINOR: poll: get rid of the now useless fd_compute_new_polled_status()
    - MINOR: select: get rid of the now useless fd_compute_new_polled_status()
    - CLEANUP: fd: remove the now unused fd_compute_new_polled_status() function
    - MEDIUM: fd: make updt_fd_polling() use atomics
    - MEDIUM: poller: use atomic ops to update the fdtab mask
    - MINOR: fd: move the fd_{add_to,rm_from}_fdlist functions to fd.c
    - BUG/MINOR: fd/threads: properly dereference fdcache as volatile
    - MINOR: fd: remove the unneeded last CAS when adding an fd to the list
    - MINOR: fd: reorder fd_add_to_fd_list()
    - BUG/MINOR: time/threads: ensure the adjusted time is always correct
    - BUG/MEDIUM: standard: Fix memory leak in str2ip2()
    - MINOR: init: emit warning when -sf/-sd cannot parse argument
    - BUILD: fd/threads: fix breakage build breakage without threads
    - DOC: Describe routing impact of using interface keyword on bind lines
    - DOC: Mention -Ws in the list of available options
    - BUG/MINOR: config: don't emit a warning when global stats is incompletely configured
    - BUG/MINOR: fd/threads: properly lock the FD before adding it to the fd cache.
    - BUG/MEDIUM: threads: fix the double CAS implementation for ARMv7
    - BUG/MEDIUM: ssl: Don't always treat SSL_ERROR_SYSCALL as unrecovarable.
    - BUILD/MINOR: memory: stdint is needed for uintptr_t
    - BUG/MINOR: init: Add missing brackets in the code parsing -sf/-st
    - DOC: lua: new prototype for function "register_action()"
    - DOC: cfgparse: Warn on option (tcp|http)log in backend
    - BUG/MINOR: ssl/threads: Make management of the TLS ticket keys files thread-safe
    - MINOR: sample: add a new "concat" converter
    - BUG/MEDIUM: ssl: Shutdown the connection for reading on SSL_ERROR_SYSCALL
    - BUG/MEDIUM: http: Switch the HTTP response in tunnel mode as earlier as possible
    - BUG/MEDIUM: ssl/sample: ssl_bc_* fetch keywords are broken.
    - MINOR: ssl/sample: adds ssl_bc_is_resumed fetch keyword.
    - CLEANUP: cfgparse: Remove unused label end
    - CLEANUP: spoe: Remove unused label retry
    - CLEANUP: h2: Remove unused labels from mux_h2.c
    - CLEANUP: pools: Remove unused end label in memory.h
    - CLEANUP: standard: Fix typo in IPv6 mask example
    - BUG/MINOR: pools/threads: don't ignore DEBUG_UAF on double-word CAS capable archs
    - BUG/MINOR: debug/pools: properly handle out-of-memory when building with DEBUG_UAF
    - MINOR: debug/pools: make DEBUG_UAF also detect underflows
    - MINOR: stats: display the number of threads in the statistics.
    - BUG/MINOR: h2: Set the target of dbuf_wait to h2c
    - BUG/MEDIUM: h2: always consume any trailing data after end of output buffers
    - BUG/MEDIUM: buffer: Fix the wrapping case in bo_putblk
    - BUG/MEDIUM: buffer: Fix the wrapping case in bi_putblk
    - BUG/MEDIUM: spoe: Remove idle applets from idle list when HAProxy is stopping
    - Revert "BUG/MINOR: send-proxy-v2: string size must include ('\0')"
    - MINOR: ssl: extract full pkey info in load_certificate
    - MINOR: ssl: add ssl_sock_get_pkey_algo function
    - MINOR: ssl: add ssl_sock_get_cert_sig function
    - MINOR: connection: add proxy-v2-options ssl-cipher,cert-sig,cert-key
    - MINOR: connection: add proxy-v2-options authority
    - MINOR: systemd: Add section for SystemD sandboxing to unit file
    - MINOR: systemd: Add SystemD's Protect*= options to the unit file
    - MINOR: systemd: Add SystemD's SystemCallFilter option to the unit file
    - CLEANUP: h2: rename misleading h2c_stream_close() to h2s_close()
    - MINOR: h2: provide and use h2s_detach() and h2s_free()
    - MEDIUM: h2: use a single buffer allocator
    - MINOR/BUILD: fix Lua build on Mac OS X
    - BUILD/MINOR: fix Lua build on Mac OS X (again)
    - BUG/MINOR: session: Fix tcp-request session failure if handshake.
    - CLEANUP: .gitignore: Ignore binaries from the contrib directory
    - BUG/MINOR: unix: Don't mess up when removing the socket from the xfer_sock_list.
    - DOC: buffers: clarify the purpose of the <from> pointer in offer_buffers()
    - BUG/MEDIUM: h2: also arm the h2 timeout when sending
    - BUG/MINOR: cli: Fix a crash when passing a negative or too large value to "show fd"
    - CLEANUP: ssl: Remove a duplicated #include
    - CLEANUP: cli: Remove a leftover debug message
    - BUG/MINOR: cli: Fix a typo in the 'set rate-limit' usage
    - BUG/MEDIUM: fix a 100% cpu usage with cpu-map and nbthread/nbproc
    - BUG/MINOR: force-persist and ignore-persist only apply to backends
    - BUG/MEDIUM: threads/unix: Fix a deadlock when a listener is temporarily disabled
    - BUG/MAJOR: threads/queue: Fix thread-safety issues on the queues management
    - BUG/MINOR: dns: don't downgrade DNS accepted payload size automatically
    - TESTS: Add a testcase for multi-port + multi-server listener issue
    - CLEANUP: dns: remove duplicate code in src/dns.c
    - BUG/MINOR: seemless reload: Fix crash when an interface is specified.
    - BUG/MINOR: cli: Ensure all command outputs end with a LF
    - BUG/MINOR: cli: Fix a crash when sending a command with too many arguments
    - BUILD: ssl: Fix build with OpenSSL without NPN capability
    - BUG/MINOR: spoa-example: unexpected behavior for more than 127 args
    - BUG/MINOR: lua: return bad error messages
    - CLEANUP: lua/syntax: lua is a name and not an acronym
    - BUG/MEDIUM: tcp-check: single connect rule can't detect DOWN servers
    - BUG/MINOR: tcp-check: use the server's service port as a fallback
    - BUG/MEDIUM: threads/queue: wake up other threads upon dequeue
    - MINOR: log: stop emitting alerts when it's not possible to write on the socket
    - BUILD/BUG: enable -fno-strict-overflow by default
    - BUG/MEDIUM: fd/threads: ensure the fdcache_mask always reflects the cache contents
    - DOC: log: more than 2 log servers are allowed
    - MINOR: hash: add new function hash_crc32c
    - MINOR: proxy-v2-options: add crc32c
    - MINOR: accept-proxy: support proxy protocol v2 CRC32c checksum
    - REORG: compact "struct server"
    - MINOR: samples: add crc32c converter
    - BUG/MEDIUM: h2: properly account for DATA padding in flow control
    - BUG/MINOR: h2: ensure we can never send an RST_STREAM in response to an RST_STREAM
    - BUG/MINOR: listener: Don't decrease actconn twice when a new session is rejected
    - CLEANUP: map, stream: remove duplicate code in src/map.c, src/stream.c
    - BUG/MINOR: lua: the function returns anything
    - BUG/MINOR: lua funtion hlua_socket_settimeout don't check negative values
    - CLEANUP: lua: typo fix in comments
    - BUILD/MINOR: fix build when USE_THREAD is not defined
    - MINOR: lua: allow socket api settimeout to accept integers, float, and doubles
    - BUG/MINOR: hpack: fix harmless use of uninitialized value in hpack_dht_insert
    - MINOR: cli/threads: make "show fd" report thread_sync_io_handler instead of "unknown"
    - MINOR: cli: make "show fd" report the mux and mux_ctx pointers when available
    - BUILD/MINOR: cli: fix a build warning introduced by last commit
    - BUG/MAJOR: h2: remove orphaned streams from the send list before closing
    - MINOR: h2: always call h2s_detach() in h2_detach()
    - MINOR: h2: fuse h2s_detach() and h2s_free() into h2s_destroy()
    - BUG/MEDIUM: h2/threads: never release the task outside of the task handler
    - BUG/MEDIUM: h2: don't consider pending data on detach if connection is in error
    - BUILD/MINOR: threads: always export thread_sync_io_handler()
    - MINOR: mux: add a "show_fd" function to dump debugging information for "show fd"
    - MINOR: h2: implement a basic "show_fd" function
    - MINOR: cli: report cache indexes in "show fd"
    - BUG/MINOR: h2: remove accidental debug code introduced with show_fd function
    - BUG/MEDIUM: h2: always add a stream to the send or fctl list when blocked
    - BUG/MINOR: checks: check the conn_stream's readiness and not the connection
    - BUG/MINOR: fd: Don't clear the update_mask in fd_insert.
    - BUG/MINOR: email-alert: Set the mailer port during alert initialization
    - BUG/MINOR: cache: fix "show cache" output
    - BUG/MAJOR: cache: fix random crashes caused by incorrect delete() on non-first blocks
    - BUG/MINOR: spoe: Initialize variables used during conf parsing before any check
    - BUG/MINOR: spoe: Don't release the context buffer in .check_timeouts callbaclk
    - BUG/MINOR: spoe: Register the variable to set when an error occurred
    - BUG/MINOR: spoe: Don't forget to decrement fpa when a processing is interrupted
    - MINOR: spoe: Add metrics in to know time spent in the SPOE
    - MINOR: spoe: Add options to store processing times in variables
    - MINOR: log: move 'log' keyword parsing in dedicated function
    - MINOR: log: Keep the ref when a log server is copied to avoid duplicate entries
    - MINOR: spoe: Add loggers dedicated to the SPOE agent
    - MINOR: spoe: Add support for option dontlog-normal in the SPOE agent section
    - MINOR: spoe: use agent's logger to log SPOE messages
    - MINOR: spoe: Add counters to log info about SPOE agents
    - BUG/MAJOR: cache: always initialize newly created objects
    - MINOR: servers: Support alphanumeric characters for the server templates names
    - BUG/MEDIUM: threads: Fix the max/min calculation because of name clashes
    - BUG/MEDIUM: connection: Make sure we have a mux before calling detach().
    - BUG/MINOR: http: Return an error in proxy mode when url2sa fails
    - MINOR: proxy: Add fe_defbe fetcher
    - MINOR: config: Warn if resolvers has no nameservers
    - BUG/MINOR: cli: Guard against NULL messages when using CLI_ST_PRINT_FREE
    - MINOR: cli: Ensure the CLI always outputs an error when it should
    - MEDIUM: sample: Extend functionality for field/word converters
    - MINOR: export localpeer as an environment variable
    - BUG/MEDIUM: kqueue: When adding new events, provide an output to get errors.
    - BUILD: sample: avoid build warning in sample.c
    - BUG/CRITICAL: h2: fix incorrect frame length check
    - DOC: lua: update the links to the config and Lua API
    - BUG/MINOR: pattern: Add a missing HA_SPIN_INIT() in pat_ref_newid()
    - BUG/MAJOR: channel: Fix crash when trying to read from a closed socket
    - BUG/MINOR: log: t_idle (%Ti) is not set for some requests
    - BUG/MEDIUM: lua: Fix segmentation fault if a Lua task exits
    - MINOR: h2: detect presence of CONNECT and/or content-length
    - BUG/MEDIUM: h2: implement missing support for chunked encoded uploads
    - BUG/MINOR: spoe: Fix counters update when processing is interrupted
    - BUG/MINOR: spoe: Fix parsing of dontlog-normal option
    - MEDIUM: cli: Add payload support
    - MINOR: map: Add payload support to "add map"
    - MINOR: ssl: Add payload support to "set ssl ocsp-response"
    - BUG/MINOR: lua/threads: Make lua's tasks sticky to the current thread
    - MINOR: sample: Add strcmp sample converter
    - MINOR: http: Add support for 421 Misdirected Request
    - BUG/MINOR: config: disable http-reuse on TCP proxies
    - MINOR: ssl: disable SSL sample fetches when unsupported
    - MINOR: ssl: add fetch 'ssl_fc_session_key' and 'ssl_bc_session_key'
    - BUG/MINOR: checks: Fix check->health computation for flapping servers
    - BUG/MEDIUM: threads: Fix the sync point for more than 32 threads
    - BUG/MINOR, BUG/MINOR: lua: Put tasks to sleep when waiting for data
    - MINOR: backend: implement random-based load balancing
    - DOC/MINOR: clean up LUA documentation re: servers & array/table.
    - MINOR: lua: Add server name & puid to LUA Server class.
    - MINOR: lua: add get_maxconn and set_maxconn to LUA Server class.
    - BUG/MINOR: map: correctly track reference to the last ref_elt being dumped
    - BUG/MEDIUM: task: Don't free a task that is about to be run.
    - MINOR: fd: Make the lockless fd list work with multiple lists.
    - BUG/MEDIUM: pollers: Use a global list for fd shared between threads.
    - MINOR: pollers: move polled_mask outside of struct fdtab.
    - BUG/MINOR: lua: schedule socket task upon lua connect()
    - BUG/MINOR: lua: ensure large proxy IDs can be represented
    - BUG/MEDIUM: pollers/kqueue: use incremented position in event list
    - BUG/MINOR: cli: don't stop cli_gen_usage_msg() when kw->usage == NULL
    - BUG/MEDIUM: http: don't always abort transfers on CF_SHUTR
    - BUG/MEDIUM: ssl: properly protect SSL cert generation
    - BUG/MINOR: lua: Socket.send threw runtime error: 'close' needs 1 arguments.
    - BUG/MINOR: spoe: Mistake in error message about SPOE configuration
    - BUG/MEDIUM: spoe: Flags are not encoded in network order
    - CLEANUP: spoe: Remove unused variables the agent structure
    - DOC: spoe: fix a typo
    - BUG/MEDIUM: contrib/mod_defender: Use network order to encode/decode flags
    - BUG/MEDIUM: contrib/modsecurity: Use network order to encode/decode flags
    - DOC: add some description of the pending rework of the buffer structure
    - BUG/MINOR: ssl/lua: prevent lua from affecting automatic maxconn computation
    - MINOR: lua: Improve error message
    - BUG/MEDIUM: cache: don't cache when an Authorization header is present
    - MINOR: ssl: set SSL_OP_PRIORITIZE_CHACHA
    - BUG/MEDIUM: dns: Delay the attempt to run a DNS resolution on check failure.
    - BUG/BUILD: threads: unbreak build without threads
    - BUG/MEDIUM: servers: Add srv_addr default placeholder to the state file
    - BUG/MEDIUM: lua/socket: Length required read doesn't work
    - MINOR: tasks: Change the task API so that the callback takes 3 arguments.
    - MAJOR: tasks: Create a per-thread runqueue.
    - MAJOR: tasks: Introduce tasklets.
    - MINOR: tasks: Make the number of tasks to run at once configurable.
    - MAJOR: applets: Use tasks, instead of rolling our own scheduler.
    - BUG/MEDIUM: stick-tables: Decrement ref_cnt in table_* converters
    - MINOR: http: Log warning if (add|set)-header fails
    - DOC: management: add the new wrew stats column
    - MINOR: stats: also report the failed header rewrites warnings on the stats page
    - BUG/MEDIUM: tasks: Don't forget to increase/decrease tasks_run_queue.
    - BUG/MEDIUM: task: Don't forget to decrement max_processed after each task.
    - MINOR: task: Also consider the task list size when getting global tasks.
    - MINOR: dns: Implement `parse-resolv-conf` directive
    - BUG/MEDIUM: spoe: Return an error when the wrong ACK is received in sync mode
    - MINOR: task/notification: Is notifications registered ?
    - BUG/MEDIUM: lua/socket: wrong scheduling for sockets
    - BUG/MAJOR: lua: Dead lock with sockets
    - BUG/MEDIUM: lua/socket: Notification error
    - BUG/MEDIUM: lua/socket: Sheduling error on write: may dead-lock
    - BUG/MEDIUM: lua/socket: Buffer error, may segfault
    - DOC: contrib/modsecurity: few typo fixes
    - DOC: SPOE.txt: fix a typo
    - MAJOR: spoe: upgrade the SPOP version to 2.0 and remove the support for 1.0
    - BUG/MINOR: contrib/spoa_example: Don't reset the status code during disconnect
    - BUG/MINOR: contrib/mod_defender: Don't reset the status code during disconnect
    - BUG/MINOR: contrib/modsecurity: Don't reset the status code during disconnect
    - BUG/MINOR: contrib/mod_defender: update pointer on the end of the frame
    - BUG/MINOR: contrib/modsecurity: update pointer on the end of the frame
    - MINOR: task: Fix a compiler warning by adding a cast.
    - MINOR: stats: also report the nice and number of calls for applets
    - MINOR: applet: assign the same nice value to a new appctx as its owner task
    - MINOR: task: Fix compiler warning.
    - BUG/MEDIUM: tasks: Use the local runqueue when building without threads.
    - MINOR: tasks: Don't define rqueue if we're building without threads.
    - BUG/MINOR: unix: Make sure we can transfer abns sockets on seamless reload.
    - MINOR: lua: Increase debug information
    - BUG/MEDIUM: threads: handle signal queue only in thread 0
    - BUG/MINOR: don't ignore SIG{BUS,FPE,ILL,SEGV} during signal processing
    - BUG/MINOR: signals: ha_sigmask macro for multithreading
    - BUG/MAJOR: map: fix a segfault when using http-request set-map
    - DOC: regression testing: Add a short starting guide.
    - MINOR: tasks: Make sure we correctly init and deinit a tasklet.
    - BUG/MINOR: tasklets: Just make sure we don't pass a tasklet to the handler.
    - BUG/MINOR: lua: Segfaults with wrong usage of types.
    - BUG/MAJOR: ssl: Random crash with cipherlist capture
    - BUG/MAJOR: ssl: OpenSSL context is stored in non-reserved memory slot
    - BUG/MEDIUM: ssl: do not store pkinfo with SSL_set_ex_data
    - MINOR: tests: First regression testing file.
    - MINOR: reg-tests: Add reg-tests/README file.
    - MINOR: reg-tests: Add a few regression testing files.
    - DOC: Add new REGTEST tag info about reg testing.
    - BUG/MEDIUM: fd: Don't modify the update_mask in fd_dodelete().
    - MINOR: Some spelling cleanup in the comments.
    - BUG/MEDIUM: threads: Use the sync point to check active jobs and exit
    - MINOR: threads: Be sure to remove threads from all_threads_mask on exit
    - REGTEST/MINOR: Wrong URI in a reg test for SSL/TLS.
    - REGTEST/MINOR: Set HAPROXY_PROGRAM default value.
    - REGTEST/MINOR: Add levels to reg-tests target.
    - BUG/MAJOR: Stick-tables crash with segfault when the key is not in the stick-table
    - BUG/BUILD: threads: unbreak build without threads
    - BUG/MAJOR: stick_table: Complete incomplete SEGV fix
    - MINOR: stick-tables: make stktable_release() do nothing on NULL
    - BUG/MEDIUM: lua: possible CLOSE-WAIT state with '\n' headers
    - MINOR: startup: change session/process group settings
    - MINOR: systemd: consider exit status 143 as successful
    - REGTEST/MINOR: Wrong URI syntax.
    - CLEANUP: dns: remove obsolete macro DNS_MAX_IP_REC
    - CLEANUP: dns: inacurate comment about prefered IP score
    - MINOR: dns: fix wrong score computation in dns_get_ip_from_response
    - MINOR: dns: new DNS options to allow/prevent IP address duplication
    - REGTEST/MINOR: Unexpected curl URL globling.
    - BUG/MINOR: ssl: properly ref-count the tls_keys entries
    - MINOR: h2: keep a count of the number of conn_streams attached to the mux
    - BUG/MEDIUM: h2: don't accept new streams if conn_streams are still in excess
    - MINOR: h2: add the mux and demux buffer lengths on "show fd"
    - BUG/MEDIUM: h2: never leave pending data in the output buffer on close
    - BUG/MEDIUM: h2: make sure the last stream closes the connection after a timeout
    - MINOR: tasklet: Set process to NULL.
    - MINOR: buffer: implement a new file for low-level buffer manipulation functions
    - MINOR: buffer: switch buffer sizes and offsets to size_t
    - MINOR: buffer: add a few basic functions for the new API
    - MINOR: buffer: Introduce b_sub(), b_add(), and bo_add()
    - MINOR: buffer: Add b_set_data().
    - MINOR: buffer: introduce b_realign_if_empty()
    - MINOR: compression: pass the channel to http_compression_buffer_end()
    - MINOR: channel: add a few basic functions for the new buffer API
    - MINOR: channel/buffer: use c_realign_if_empty() instead of buffer_realign()
    - MINOR: channel/buffer: replace buffer_slow_realign() with channel_slow_realign() and b_slow_realign()
    - MEDIUM: channel: make channel_slow_realign() take a swap buffer
    - MINOR: h2: use b_slow_realign() with the trash as a swap buffer
    - MINOR: buffer: remove buffer_slow_realign() and the swap_buffer allocation code
    - MINOR: channel/buffer: replace b_{adv,rew} with c_{adv,rew}
    - MINOR: buffer: replace calls to buffer_space_wraps() with b_space_wraps()
    - MINOR: buffer: remove bi_getblk() and bi_getblk_nc()
    - MINOR: buffer: split bi_contig_data() into ci_contig_data and b_config_data()
    - MINOR: buffer: remove bi_ptr()
    - MINOR: buffer: remove bo_ptr()
    - MINOR: buffer: remove bo_end()
    - MINOR: buffer: remove bi_end()
    - MINOR: buffer: remove bo_contig_data()
    - MINOR: buffer: merge b{i,o}_contig_space()
    - MINOR: buffer: replace bo_getblk() with direction agnostic b_getblk()
    - MINOR: buffer: replace bo_getblk_nc() with b_getblk_nc() which takes an offset
    - MINOR: buffer: replace bi_del() and bo_del() with b_del()
    - MINOR: buffer: convert most b_ptr() calls to c_ptr()
    - MINOR: h1: make h1_measure_trailers() take the byte count in argument
    - MINOR: h2: clarify the fact that the send functions are unsigned
    - MEDIUM: h2: prevent the various mux encoders from modifying the buffer
    - MINOR: h1: make h1_skip_chunk_crlf() not depend on b_ptr() anymore
    - MINOR: h1: make h1_parse_chunk_size() not depend on b_ptr() anymore
    - MINOR: h1: make h1_measure_trailers() use an offset and a count
    - MEDIUM: h2: do not use buf->o anymore inside h2_snd_buf's loop
    - MEDIUM: h2: don't use b_ptr() nor b_end() anymore
    - MINOR: buffer: get rid of b_end() and b_to_end()
    - MINOR: buffer: make b_getblk_nc() take const pointers
    - MINOR: buffer: make b_getblk_nc() take size_t for the block sizes
    - MEDIUM: connection: make xprt->snd_buf() take the byte count in argument
    - MEDIUM: mux: make mux->snd_buf() take the byte count in argument
    - MEDIUM: connection: make xprt->rcv_buf() use size_t for the count
    - MEDIUM: mux: make mux->rcv_buf() take a size_t for the count
    - MINOR: connection: add a flags argument to rcv_buf()
    - MINOR: connection: add a new receive flag : CO_RFL_BUF_WET
    - MINOR: buffer: get rid of b_ptr() and convert its last users
    - MINOR: buffer: use b_room() to determine available space in a buffer
    - MINOR: buffer: replace buffer_not_empty() with b_data() or c_data()
    - MINOR: buffer: replace buffer_empty() with b_empty() or c_empty()
    - MINOR: buffer: make bo_putchar() use b_tail()
    - MINOR: buffer: replace buffer_full() with channel_full()
    - MINOR: buffer: replace bi_space_for_replace() with ci_space_for_replace()
    - MINOR: buffer: replace buffer_pending() with ci_data()
    - MINOR: buffer: replace buffer_flush() with c_adv(chn, ci_data(chn))
    - MINOR: buffer: use c_head() instead of buffer_wrap_sub(c->buf, p-o)
    - MINOR: buffer: use b_orig() to replace most references to b->data
    - MINOR: buffer: Use b_add()/bo_add() instead of accessing b->i/b->o.
    - MINOR: channel: remove almost all references to buf->i and buf->o
    - MINOR: channel: Add co_set_data().
    - MEDIUM: channel: adapt to the new buffer API
    - MINOR: checks: adapt to the new buffer API
    - MEDIUM: h2: update to the new buffer API
    - MINOR: buffer: remove unused bo_add()
    - MEDIUM: spoe: use the new buffer API for the SPOE buffer
    - MINOR: stats: adapt to the new buffers API
    - MINOR: cli: use the new buffer API
    - MINOR: cache: use the new buffer API
    - MINOR: stream-int: use the new buffer API
    - MINOR: stream: use wrappers instead of directly manipulating buffers
    - MINOR: backend: use new buffer API
    - MEDIUM: http: use wrappers instead of directly manipulating buffers states
    - MINOR: filters: convert to the new buffer API
    - MINOR: payload: convert to the new buffer API
    - MEDIUM: h1: port to new buffer API.
    - MINOR: flt_trace: adapt to the new buffer API
    - MEDIUM: compression: start to move to the new buffer API
    - MINOR: lua: use the wrappers instead of directly manipulating buffer states
    - MINOR: buffer: convert part bo_putblk() and bi_putblk() to the new API
    - MINOR: buffer: adapt buffer_slow_realign() and buffer_dump() to the new API
    - MAJOR: start to change buffer API
    - MINOR: buffer: remove the check for output on b_del()
    - MINOR: buffer: b_set_data() doesn't truncate output data anymore
    - MINOR: buffer: rename the "data" field to "area"
    - MEDIUM: buffers: move "output" from struct buffer to struct channel
    - MINOR: buffer: replace bi_fast_delete() with b_del()
    - MINOR: buffer: replace b{i,o}_put* with b_put*
    - MINOR: buffer: add a new file for ist + buffer manipulation functions
    - MINOR: checks: use b_putist() instead of b_putstr()
    - MINOR: buffers: remove b_putstr()
    - CLEANUP: buffer: minor cleanups to buffer.h
    - MINOR: buffers/channel: replace buffer_insert_line2() with ci_insert_line2()
    - MINOR: buffer: replace buffer_replace2() with b_rep_blk()
    - MINOR: buffer: rename the data length member to '->data'
    - MAJOR: buffer: finalize buffer detachment
    - MEDIUM: chunks: make the chunk struct's fields match the buffer struct
    - MAJOR: chunks: replace struct chunk with struct buffer
    - DOC: buffers: document the new buffers API
    - DOC: buffers: remove obsolete docs about buffers
    - MINOR: tasklets: Don't attempt to add a tasklet in the list twice.
    - MINOR: connections/mux: Add a new "subscribe" method.
    - MEDIUM: connections/mux: Revamp the send direction.
    - MINOR: connection: simplify subscription by adding a registration function
    - BUG/MINOR: http: Set brackets for the unlikely macro at the right place
    - BUG/MINOR: build: Fix compilation with debug mode enabled
    - BUILD: Generate sha256 checksums in publish-release
    - MINOR: debug: Add check for CO_FL_WILL_UPDATE
    - MINOR: debug: Add checks for conn_stream flags
    - MINOR: ist: Add the function isteqi
    - BUG/MEDIUM: threads: Fix the exit condition of the thread barrier
    - BUG/MEDIUM: mux_h2: Call h2_send() before updating polling.
    - MINOR: buffers: simplify b_contig_space()
    - MINOR: buffers: split b_putblk() into __b_putblk()
    - MINOR: buffers: add b_xfer() to transfer data between buffers
    - DOC: add some design notes about the new layering model
    - MINOR: conn_stream: add a new CS_FL_REOS flag
    - MINOR: conn_stream: add an rx buffer to the conn_stream
    - MEDIUM: conn_stream: add cs_recv() as a default rcv_buf() function
    - MEDIUM: stream-int: automatically call si_cs_recv_cb() if the cs has data on wake()
    - MINOR: h2: make each H2 stream support an intermediary input buffer
    - MEDIUM: h2: make h2_frt_decode_headers() use an intermediary buffer
    - MEDIUM: h2: make h2_frt_transfer_data() copy via an intermediary buffer
    - MEDIUM: h2: centralize transfer of decoded frames in h2_rcv_buf()
    - MEDIUM: h2: move headers and data frame decoding to their respective parsers
    - MEDIUM: buffers: make b_xfer() automatically swap buffers when possible
    - MEDIUM: h2: perform a single call to the data layer in demux()
    - MEDIUM: h2: don't call data_cb->recv() anymore
    - MINOR: h2: make use of CS_FL_REOS to indicate that end of stream was seen
    - MEDIUM: h2: use the default conn_stream's receive function
    - DOC: add more design feedback on the new layering model
    - MINOR: h2: add the error code and the max/last stream IDs to "show fd"
    - BUG/MEDIUM: stream-int: don't immediately enable reading when the buffer was reportedly full
    - BUG/MEDIUM: stats: don't ask for more data as long as we're responding
    - BUG/MINOR: servers: Don't make "server" in a frontend fatal.
    - BUG/MEDIUM: tasks: make sure we pick all tasks in the run queue
    - BUG/MEDIUM: tasks: Decrement rqueue_size at the right time.
    - BUG/MEDIUM: tasks: use atomic ops for active_tasks_mask
    - BUG/MEDIUM: tasks: Make sure there's no task left before considering inactive.
    - MINOR: signal: don't pass the signal number anymore as the wakeup reason
    - MINOR: tasks: extend the state bits from 8 to 16 and remove the reason
    - MINOR: tasks: Add a flag that tells if we're in the global runqueue.
    - BUG/MEDIUM: tasks: make __task_unlink_rq responsible for the rqueue size.
    - MINOR: queue: centralize dequeuing code a bit better
    - MEDIUM: queue: make pendconn_free() work on the stream instead
    - DOC: queue: document the expected locking model for the server's queue
    - MINOR: queue: make sure pendconn->strm->pend_pos is always valid
    - MINOR: queue: use a distinct variable for the assigned server and the queue
    - MINOR: queue: implement pendconn queue locking functions
    - MEDIUM: queue: get rid of the pendconn lock
    - MINOR: tasks: Make active_tasks_mask volatile.
    - MINOR: tasks: Make global_tasks_mask volatile.
    - MINOR: pollers: Add a way to wake a thread sleeping in the poller.
    - MINOR: threads/queue: Get rid of THREAD_WANT_SYNC in the queue code.
    - BUG/MEDIUM: threads/sync: use sched_yield when available
    - MINOR: ssl: BoringSSL matches OpenSSL 1.1.0
    - BUG/MEDIUM: h2: prevent orphaned streams from blocking a connection forever
    - BUG/MINOR: config: stick-table is not supported in defaults section
    - BUILD/MINOR: threads: unbreak build with threads disabled
    - BUG/MINOR: threads: Handle nbthread == MAX_THREADS.
    - BUG/MEDIUM: threads: properly fix nbthreads == MAX_THREADS
    - MINOR: threads: move "nbthread" parsing to hathreads.c
    - BUG/MEDIUM: threads: unbreak "bind" referencing an incorrect thread number
    - MEDIUM: proxy_protocol: Convert IPs to v6 when protocols are mixed
    - BUILD/MINOR: compiler: fix offsetof() on older compilers
    - SCRIPTS: git-show-backports: add missing quotes to "echo"
    - MINOR: threads: add more consistency between certain variables in no-thread case
    - MEDIUM: hathreads: implement a more flexible rendez-vous point
    - BUG/MEDIUM: cli: make "show fd" thread-safe
2018-08-02 18:12:50 +02:00
Willy Tarreau
b306650c2a [RELEASE] Released version 1.9-dev0
Released version 1.9-dev0 with the following main changes :
    - BUG/MEDIUM: stream: don't automatically forward connect nor close
    - BUG/MAJOR: stream: ensure analysers are always called upon close
    - BUG/MINOR: stream-int: don't try to read again when CF_READ_DONTWAIT is set
    - MEDIUM: mworker: Add systemd `Type=notify` support
    - BUG/MEDIUM: cache: free callback to remove from tree
    - CLEANUP: cache: remove unused struct
    - MEDIUM: cache: enable the HTTP analysers
    - CLEANUP: cache: remove wrong comment
    - MINOR: threads/atomic: rename local variables in macros to avoid conflicts
    - MINOR: threads/plock: rename local variables in macros to avoid conflicts
    - MINOR: threads/atomic: implement pl_mb() in asm on x86
    - MINOR: threads/atomic: implement pl_bts() on non-x86
    - MINOR: threads/build: atomic: replace the few inlines with macros
    - BUILD: threads/plock: fix a build issue on Clang without optimization
    - BUILD: ebtree: don't redefine types u32/s32 in scope-aware trees
    - BUILD: compiler: add a new type modifier __maybe_unused
    - BUILD: h2: mark some inlined functions "unused"
    - BUILD: server: check->desc always exists
    - BUG/MEDIUM: h2: properly report connection errors in headers and data handlers
    - MEDIUM: h2: add a function to emit an HTTP/1 request from a headers list
    - MEDIUM: h2: change hpack_decode_headers() to only provide a list of headers
    - BUG/MEDIUM: h2: always reassemble the Cookie request header field
    - BUG/MINOR: systemd: ignore daemon mode
    - CONTRIB: spoa_example: allow to compile outside HAProxy.
    - CONTRIB: spoa_example: remove bref, wordlist, cond_wordlist
    - CONTRIB: spoa_example: remove last dependencies on type "sample"
    - CONTRIB: spoa_example: remove SPOE enums that are useless for clients
    - CLEANUP: cache: reorder includes
    - MEDIUM: shctx: use unsigned int for len and block_count
    - MEDIUM: cache: "show cache" on the cli
    - BUG/MEDIUM: cache: use key=0 as a condition for freeing
    - BUG/MEDIUM: cache: refcount forbids to free the objects
    - BUG/MEDIUM: cache fix cli_kws structure
    - BUG/MEDIUM: deinit: correctly deinitialize the proxy and global listener tasks
    - BUG/MINOR: ssl: Always start the handshake if we can't send early data.
    - MINOR: ssl: Don't disable early data handling if we could not write.
    - MINOR: pools: prepare functions to override malloc/free in pools
    - MINOR: pools: implement DEBUG_UAF to detect use after free
    - BUG/MEDIUM: threads/time: fix time drift correction
    - BUG/MEDIUM: threads/time: maintain a common time reference between all threads
    - MINOR: sample: Add "thread" sample fetch
    - BUG/MINOR: Use crt_base instead of ca_base when crt is parsed on a server line
    - BUG/MINOR: stream: fix tv_request calculation for applets
    - BUG/MAJOR: h2: always remove a stream from the send list before freeing it
    - BUG/MAJOR: threads/task: dequeue expired tasks under the WQ lock
    - MINOR: ssl: Handle reading early data after writing better.
    - MINOR: mux: Make sure every string is woken up after the handshake.
    - MEDIUM: cache: store sha1 for hashing the cache key
    - MINOR: http: implement the "http-request reject" rule
    - MINOR: h2: send RST_STREAM before GOAWAY on reject
    - MEDIUM: h2: don't gracefully close the connection anymore on Connection: close
    - MINOR: h2: make use of client-fin timeout after GOAWAY
    - MEDIUM: config: ensure that tune.bufsize is at least 16384 when using HTTP/2
    - MINOR: ssl: Handle early data with BoringSSL
    - BUG/MEDIUM: stream: always release the stream-interface on abort
    - BUG/MEDIUM: cache: free ressources in chn_end_analyze
    - MINOR: cache: move the refcount decrease in the applet release
    - BUG/MINOR: listener: Allow multiple "process" options on "bind" lines
    - MINOR: config: Support a range to specify processes in "cpu-map" parameter
    - MINOR: config: Slightly change how parse_process_number works
    - MINOR: config: Export parse_process_number and use it wherever it's applicable
    - MINOR: standard: Add my_ffsl function to get the position of the bit set to one
    - MINOR: config: Add auto-increment feature for cpu-map
    - MINOR: config: Support partial ranges in cpu-map directive
    - MINOR:: config: Remove thread-map directive
    - MINOR: config: Add the threads support in cpu-map directive
    - MINOR: config: Add threads support for "process" option on "bind" lines
    - MEDIUM: listener: Bind listeners on a thread subset if specified
    - CLEANUP: debug: Use DPRINTF instead of fprintf into #ifdef DEBUG_FULL/#endif
    - CLEANUP: log: Rename Alert/Warning in ha_alert/ha_warning
    - MINOR/CLEANUP: proxy: rename "proxy" to "proxies_list"
    - CLEANUP: pools: rename all pool functions and pointers to remove this "2"
    - DOC: update the roadmap file with the latest changes merged in 1.8
    - DOC: fix mangled version in peers protocol documentation
    - DOC: add initial peers protovol v2.0 documentation.
    - DOC: mention William as maintainer of the cache and master-worker
    - DOC: add Christopher and Emeric as maintainers of the threads
    - MINOR: cache: replace a fprint() by an abort()
    - MEDIUM: cache: max-age configuration keyword
    - DOC: explain HTTP2 timeout behavior
    - DOC: cache: configuration and management
    - MAJOR: mworker: exits the master on failure
    - BUG/MINOR: threads: don't drop "extern" on the lock in include files
    - MINOR: task: keep a pointer to the currently running task
    - MINOR: task: align the rq and wq locks
    - MINOR: fd: cache-align fdtab and fdcache locks
    - MINOR: buffers: cache-align buffer_wq_lock
    - CLEANUP: server: reorder some fields in struct server to save 40 bytes
    - CLEANUP: proxy: slightly reorder the struct proxy to reduce holes
    - CLEANUP: checks: remove 16 bytes of holes in struct check
    - CLEANUP: cache: more efficiently pack the struct cache
    - CLEANUP: fd: place the lock at the beginning of struct fdtab
    - CLEANUP: pools: align pools on a cache line
    - DOC: config: add a few bits about how to configure HTTP/2
    - BUG/MAJOR: threads/queue: avoid recursive locking in pendconn_get_next_strm()
    - BUILD: Makefile: reorder object files by size
2017-11-26 19:50:17 +01:00
Willy Tarreau
0b78792bbe [RELEASE] Released version 1.8.0
Released version 1.8.0 with the following main changes :
    - BUG/MEDIUM: stream: don't automatically forward connect nor close
    - BUG/MAJOR: stream: ensure analysers are always called upon close
    - BUG/MINOR: stream-int: don't try to read again when CF_READ_DONTWAIT is set
    - MEDIUM: mworker: Add systemd `Type=notify` support
    - BUG/MEDIUM: cache: free callback to remove from tree
    - CLEANUP: cache: remove unused struct
    - MEDIUM: cache: enable the HTTP analysers
    - CLEANUP: cache: remove wrong comment
    - MINOR: threads/atomic: rename local variables in macros to avoid conflicts
    - MINOR: threads/plock: rename local variables in macros to avoid conflicts
    - MINOR: threads/atomic: implement pl_mb() in asm on x86
    - MINOR: threads/atomic: implement pl_bts() on non-x86
    - MINOR: threads/build: atomic: replace the few inlines with macros
    - BUILD: threads/plock: fix a build issue on Clang without optimization
    - BUILD: ebtree: don't redefine types u32/s32 in scope-aware trees
    - BUILD: compiler: add a new type modifier __maybe_unused
    - BUILD: h2: mark some inlined functions "unused"
    - BUILD: server: check->desc always exists
    - BUG/MEDIUM: h2: properly report connection errors in headers and data handlers
    - MEDIUM: h2: add a function to emit an HTTP/1 request from a headers list
    - MEDIUM: h2: change hpack_decode_headers() to only provide a list of headers
    - BUG/MEDIUM: h2: always reassemble the Cookie request header field
    - BUG/MINOR: systemd: ignore daemon mode
    - CONTRIB: spoa_example: allow to compile outside HAProxy.
    - CONTRIB: spoa_example: remove bref, wordlist, cond_wordlist
    - CONTRIB: spoa_example: remove last dependencies on type "sample"
    - CONTRIB: spoa_example: remove SPOE enums that are useless for clients
    - CLEANUP: cache: reorder includes
    - MEDIUM: shctx: use unsigned int for len and block_count
    - MEDIUM: cache: "show cache" on the cli
    - BUG/MEDIUM: cache: use key=0 as a condition for freeing
    - BUG/MEDIUM: cache: refcount forbids to free the objects
    - BUG/MEDIUM: cache fix cli_kws structure
    - BUG/MEDIUM: deinit: correctly deinitialize the proxy and global listener tasks
    - BUG/MINOR: ssl: Always start the handshake if we can't send early data.
    - MINOR: ssl: Don't disable early data handling if we could not write.
    - MINOR: pools: prepare functions to override malloc/free in pools
    - MINOR: pools: implement DEBUG_UAF to detect use after free
    - BUG/MEDIUM: threads/time: fix time drift correction
    - BUG/MEDIUM: threads/time: maintain a common time reference between all threads
    - MINOR: sample: Add "thread" sample fetch
    - BUG/MINOR: Use crt_base instead of ca_base when crt is parsed on a server line
    - BUG/MINOR: stream: fix tv_request calculation for applets
    - BUG/MAJOR: h2: always remove a stream from the send list before freeing it
    - BUG/MAJOR: threads/task: dequeue expired tasks under the WQ lock
    - MINOR: ssl: Handle reading early data after writing better.
    - MINOR: mux: Make sure every string is woken up after the handshake.
    - MEDIUM: cache: store sha1 for hashing the cache key
    - MINOR: http: implement the "http-request reject" rule
    - MINOR: h2: send RST_STREAM before GOAWAY on reject
    - MEDIUM: h2: don't gracefully close the connection anymore on Connection: close
    - MINOR: h2: make use of client-fin timeout after GOAWAY
    - MEDIUM: config: ensure that tune.bufsize is at least 16384 when using HTTP/2
    - MINOR: ssl: Handle early data with BoringSSL
    - BUG/MEDIUM: stream: always release the stream-interface on abort
    - BUG/MEDIUM: cache: free ressources in chn_end_analyze
    - MINOR: cache: move the refcount decrease in the applet release
    - BUG/MINOR: listener: Allow multiple "process" options on "bind" lines
    - MINOR: config: Support a range to specify processes in "cpu-map" parameter
    - MINOR: config: Slightly change how parse_process_number works
    - MINOR: config: Export parse_process_number and use it wherever it's applicable
    - MINOR: standard: Add my_ffsl function to get the position of the bit set to one
    - MINOR: config: Add auto-increment feature for cpu-map
    - MINOR: config: Support partial ranges in cpu-map directive
    - MINOR:: config: Remove thread-map directive
    - MINOR: config: Add the threads support in cpu-map directive
    - MINOR: config: Add threads support for "process" option on "bind" lines
    - MEDIUM: listener: Bind listeners on a thread subset if specified
    - CLEANUP: debug: Use DPRINTF instead of fprintf into #ifdef DEBUG_FULL/#endif
    - CLEANUP: log: Rename Alert/Warning in ha_alert/ha_warning
    - MINOR/CLEANUP: proxy: rename "proxy" to "proxies_list"
    - CLEANUP: pools: rename all pool functions and pointers to remove this "2"
    - DOC: update the roadmap file with the latest changes merged in 1.8
    - DOC: fix mangled version in peers protocol documentation
    - DOC: add initial peers protovol v2.0 documentation.
    - DOC: mention William as maintainer of the cache and master-worker
    - DOC: add Christopher and Emeric as maintainers of the threads
    - MINOR: cache: replace a fprint() by an abort()
    - MEDIUM: cache: max-age configuration keyword
    - DOC: explain HTTP2 timeout behavior
    - DOC: cache: configuration and management
    - MAJOR: mworker: exits the master on failure
    - BUG/MINOR: threads: don't drop "extern" on the lock in include files
    - MINOR: task: keep a pointer to the currently running task
    - MINOR: task: align the rq and wq locks
    - MINOR: fd: cache-align fdtab and fdcache locks
    - MINOR: buffers: cache-align buffer_wq_lock
    - CLEANUP: server: reorder some fields in struct server to save 40 bytes
    - CLEANUP: proxy: slightly reorder the struct proxy to reduce holes
    - CLEANUP: checks: remove 16 bytes of holes in struct check
    - CLEANUP: cache: more efficiently pack the struct cache
    - CLEANUP: fd: place the lock at the beginning of struct fdtab
    - CLEANUP: pools: align pools on a cache line
    - DOC: config: add a few bits about how to configure HTTP/2
    - BUG/MAJOR: threads/queue: avoid recursive locking in pendconn_get_next_strm()
    - BUILD: Makefile: reorder object files by size
2017-11-26 19:25:23 +01:00
Willy Tarreau
cfe14669f7 [RELEASE] Released version 1.8-rc4
Released version 1.8-rc4 with the following main changes :
    - BUG/MEDIUM: cache: does not cache if no Content-Length
    - BUILD: thread/pipe: fix build without threads
    - BUG/MINOR: spoe: check buffer size before acquiring or releasing it
    - MINOR: debug/flags: Add missing flags
    - MINOR: threads: Use __decl_hathreads to declare locks
    - BUG/MINOR: buffers: Fix b_alloc_margin to be "fonctionnaly" thread-safe
    - BUG/MAJOR: ebtree/scope: fix insertion and removal of duplicates in scope-aware trees
    - BUG/MAJOR: ebtree/scope: fix lookup of next node in scope-aware trees
    - MINOR: ebtree/scope: add a function to find next node from a parent
    - MINOR: ebtree/scope: simplify the lookup functions by using eb32sc_next_with_parent()
    - BUG/MEDIUM: mworker: Fix re-exec when haproxy is started from PATH
    - BUG/MEDIUM: cache: use msg->sov to forward header
    - MINOR: cache: forward data with headers
    - MINOR: cache: disable cache if shctx_row_data_append fail
    - BUG/MINOR: threads: tid_bit must be a unsigned long
    - CLEANUP: tasks: Remove useless double test on rq_next
    - BUG/MEDIUM: standard: itao_str/idx and quote_str/idx must be thread-local
    - MINOR: tools: add a function to dump a scope-aware tree to a file
    - MINOR: tools: improve the DOT dump of the ebtree
    - MINOR: tools: emphasize the node being worked on in the tree dump
    - BUG/MAJOR: ebtree/scope: properly tag upper nodes during insertion
    - DOC: peers: Add a first version of peers protocol v2.1.
    - CONTRIB: Wireshark dissector for HAProxy Peer Protocol.
    - MINOR: mworker: display an accurate error when the reexec fail
    - BUG/MEDIUM: mworker: wait again for signals when execvp fail
    - BUG/MEDIUM: mworker: does not deinit anymore
    - BUG/MEDIUM: mworker: does not close inherited FD
    - MINOR: tests: add a python wrapper to test inherited fd
    - BUG/MINOR: Allocate the log buffers before the proxies startup
    - MINOR: tasks: Use a bitfield to track tasks activity per-thread
    - MAJOR: polling: Use active_tasks_mask instead of tasks_run_queue
    - MINOR: applets: Use a bitfield to track applets activity per-thread
    - MAJOR: polling: Use active_appels_mask instead of applets_active_queue
    - MEDIUM: applets: Don't process more than 200 active applets at once
    - MINOR: stream: Add thread-mask of tasks/FDs/applets in "show sess all" command
    - MINOR: SSL: Store the ASN1 representation of client sessions.
    - MINOR: ssl: Make sure we don't shutw the connection before the handshake.
    - BUG/MEDIUM: deviceatlas: ignore not valuable HTTP request data
2017-11-19 09:55:29 +01:00
Willy Tarreau
34650d5a7b [RELEASE] Released version 1.8-rc3
Released version 1.8-rc3 with the following main changes :
    - BUILD: use MAXPATHLEN instead of NAME_MAX.
    - BUG/MAJOR: threads/checks: add 4 missing spin_unlock() in various functions
    - BUG/MAJOR: threads/server: missing unlock in CLI fqdn parser
    - BUG/MINOR: cli: do not perform an invalid action on "set server check-port"
    - BUG/MAJOR: threads/checks: wrong use of SPIN_LOCK instead of SPIN_UNLOCK
    - CLEANUP: checks: remove return statements in locked functions
    - BUG/MINOR: cli: add severity in "set server addr" parser
    - CLEANUP: server: get rid of return statements in the CLI parser
    - BUG/MAJOR: cli/streams: missing unlock on exit "show sess"
    - BUG/MAJOR: threads/dns: add missing unlock on allocation failure path
    - BUG/MAJOR: threads/lb: fix missing unlock on consistent hash LB
    - BUG/MAJOR: threads/lb: fix missing unlock on map-based hash LB
    - BUG/MEDIUM: threads/stick-tables: close a race condition on stktable_trash_expired()
    - BUG/MAJOR: h2: set the connection's task to NULL when no client timeout is set
    - BUG/MAJOR: thread/listeners: enable_listener must not call unbind_listener()
    - BUG/MEDIUM: threads: don't try to free build option message on exit
    - MINOR: applets: no need to check for runqueue's emptiness in appctx_res_wakeup()
    - MINOR: add master-worker in the warning about nbproc
    - MINOR: mworker: allow pidfile in mworker + foreground
    - MINOR: mworker: write parent pid in the pidfile
    - MINOR: mworker: do not store child pid anymore in the pidfile
    - MINOR: ebtree: implement the scope-aware functions for eb32
    - MEDIUM: ebtree: specify the scope of every node inserted via eb32sc
    - MINOR: ebtree: update the eb32sc parent node's scope on delete
    - MEDIUM: ebtree: only consider the branches matching the scope in lookups
    - MINOR: ebtree: implement eb32sc_lookup_ge_or_first()
    - MAJOR: task: make use of the scope-aware ebtree functions
    - MINOR: task: simplify wake_expired_tasks() to avoid unlocking in the loop
    - MEDIUM: task: change the construction of the loop in process_runnable_tasks()
    - MINOR: threads: use faster locks for the spin locks
    - MINOR: tasks: only visit filled task slots after processing them
    - MEDIUM: tasks: implement a lockless scheduler for single-thread usage
    - BUG/MINOR: dns: Don't try to get the server lock if it's already held.
    - BUG/MINOR: dns: Don't lock the server lock in snr_check_ip_callback().
    - DOC: Add note about encrypted password CPU usage
    - BUG/MINOR: h2: set the "HEADERS_SENT" flag on stream, not connection
    - BUG/MEDIUM: h2: properly send an RST_STREAM on mux stream error
    - BUG/MEDIUM: h2: properly send the GOAWAY frame in the mux
    - BUG/MEDIUM: h2: don't try (and fail) to send non-existing data in the mux
    - MEDIUM: h2: remove the H2_SS_RESET intermediate state
    - BUG/MEDIUM: h2: fix some wrong error codes on connections
    - BUILD: threads: Rename SPIN/RWLOCK macros using HA_ prefix
    - BUILD: enable USE_THREAD for Solaris build.
    - BUG/MEDIUM: h2: don't close the connection is there are data left
    - MINOR: h2: don't re-enable the connection's task when we're closing
    - BUG/MEDIUM: h2: properly set H2_SF_ES_SENT when sending the final frame
    - BUG/MINOR: h2: correctly check for H2_SF_ES_SENT before closing
    - MINOR: h2: add new stream flag H2_SF_OUTGOING_DATA
    - BUG/MINOR: h2: don't send GOAWAY on failed response
    - BUG/MEDIUM: splice/threads: pipe reuse list was not protected.
    - BUG/MINOR: comp: fix compilation warning compiling without compression.
    - BUG/MINOR: stream-int: don't set MSG_MORE on closed request path
    - BUG/MAJOR: threads/tasks: fix the scheduler again
    - BUG/MINOR; ssl: Don't assume we have a ssl_bind_conf because a SNI is matched.
    - MINOR: ssl: Handle session resumption with TLS 1.3
    - MINOR: ssl: Spell 0x10101000L correctly.
    - MINOR: ssl: Handle sending early data to server.
    - BUILD: ssl: fix build of backend without ssl
    - BUILD: shctx: do not depend on openssl anymore
    - BUG/MINOR: h1: the HTTP/1 make status code parser check for digits
    - BUG/MEDIUM: h2: reject non-3-digit status codes
    - BUG/MEDIUM: stream-int: Don't loss write's notifs when a stream is woken up
    - BUG/MINOR: pattern: Rely on the sample type to copy it in pattern_exec_match
    - BUG/MEDIUM: h2: split the function to send RST_STREAM
    - BUG/MEDIUM: h1: ensure the chunk size parser can deal with full buffers
    - MINOR: tools: don't use unlikely() in hex2i()
    - BUG/MEDIUM: h2: support orphaned streams
    - BUG/MEDIUM: threads/cli: fix "show sess" locking on release
    - CLEANUP: mux: remove the unused "release()" function
    - MINOR: cli: make "show fd" report the fd's thread mask
    - BUG/MEDIUM: stream: don't ignore res.analyse_exp anymore
    - CLEANUP: global: introduce variable pid_bit to avoid shifts with relative_pid
    - MEDIUM: http: always reject the "PRI" method
2017-11-11 09:06:48 +01:00
Willy Tarreau
a8d8d6e8f6 [RELEASE] Released version 1.8-rc2
Released version 1.8-rc2 with the following main changes :
    - BUG/MINOR: send-proxy-v2: fix dest_len in make_tlv call
    - BUG/MINOR: send-proxy-v2: string size must include ('\0')
    - MINOR: mux: Only define pipe functions on linux.
    - MINOR: cache: Remove useless test for nonzero.
    - MINOR: cache: Don't confuse act_return and act_parse_ret.
    - BUG/MEDIUM: h2: don't try to parse incomplete H1 responses
    - BUG/MEDIUM: checks/mux: always enable send-polling after connecting
    - BUG/MAJOR: fix deadlock on healthchecks.
    - BUG/MINOR: thread: fix a typo in the debug code
    - BUILD: shctx: allow to be built without openssl
    - BUG/MEDIUM: cache: don't try to resolve wrong filters
    - BUG/MAJOR: buffers: fix get_buffer_nc() for data at end of buffer
    - BUG/MINOR: freq: fix infinite loop on freq_ctr_period.
    - BUG/MINOR: stdarg.h inclusion
    - BUG/MINOR: dns: fix missing lock protection on server.
    - BUG/MINOR: lua: fix missing lock protection on server.
    - BUILD: enable USE_THREAD for OpenBSD build.
    - BUG/MAJOR: mux_pt: don't dereference a connstream after ->wake()
    - MINOR: thread: report multi-thread support in haproxy -vv
2017-11-03 23:52:47 +01:00
Willy Tarreau
901f75c4a6 [RELEASE] Released version 1.8-rc1
Released version 1.8-rc1 with the following main changes :
    - BUG/MEDIUM: server: Allocate tmptrash before using it.
    - CONTRIB: trace: add the possibility to place trace calls in the code
    - CONTRIB: trace: try to display the function's return value on exit
    - CONTRIB: trace: report the base name only for file names
    - BUILD: ssl: support OPENSSL_NO_ASYNC #define
    - MINOR: ssl: build with recent BoringSSL library
    - BUG/MINOR: ssl: OCSP_single_get0_status can return -1
    - BUG/MINOR: cli: restore "set ssl tls-key" command
    - CLEANUP: cli: remove undocumented "set ssl tls-keys" command
    - IMPORT: sha1: import SHA1 functions
    - MINOR: sample: add the sha1 converter
    - MINOR: sample: add the hex2i converter
    - MINOR: stream-int: stop checking for useless connection flags in chk_snd_conn
    - MINOR: ssl: don't abort after sending 16kB
    - MINOR: connection: move the cleanup of flag CO_FL_WAIT_ROOM
    - MINOR: connection: add flag CO_FL_WILL_UPDATE to indicate when updates are granted
    - MEDIUM: connection: make use of CO_FL_WILL_UPDATE in conn_sock_shutw()
    - MINOR: raw_sock: make use of CO_FL_WILL_UPDATE
    - MINOR: ssl_sock: make use of CO_FL_WILL_UPDATE
    - BUG/MINOR: checks: Don't forget to release the connection on error case.
    - MINOR: buffer: add the buffer input manipulation functions
    - BUG/MEDIUM: prevent buffers being overwritten during build_logline() execution
    - MEDIUM: cfgparse: post section callback
    - MEDIUM: cfgparse: post parsing registration
    - MINOR: lua: add uuid to the Class Proxy
    - MINOR: hlua: Add regex class
    - MINOR: http: Mark the 425 code as "Too Early".
    - MEDIUM: ssl: convert CBS (BoringSSL api) usage to neutral code
    - MINOR: ssl: support Openssl 1.1.1 early callback for switchctx
    - MINOR: ssl: generated certificate is missing in switchctx early callback
    - MEDIUM: ssl: Handle early data with OpenSSL 1.1.1
    - BUILD: Makefile: disable -Wunused-label
    - MINOR: ssl/proto_http: Add keywords to take care of early data.
    - BUG/MINOR: lua: const attribute of a string is overridden
    - MINOR: ssl: Don't abuse ssl_options.
    - MINOR: update proxy-protocol-v2 #define
    - MINOR: merge ssl_sock_get calls for log and ppv2
    - MINOR: add ALPN information to send-proxy-v2
    - MEDIUM: h1: ensure that 1xx, 204 and 304 don't have a payload body
    - CLEANUP: shctx: get ride of the shsess_packet{_hdr} structures
    - MEDIUM: lists: list_for_each_entry{_safe}_from functions
    - REORG: shctx: move lock functions and struct
    - MEDIUM: shctx: allow the use of multiple shctx
    - REORG: shctx: move ssl functions to ssl_sock.c
    - MEDIUM: shctx: separate ssl and shctx
    - MINOR: shctx: rename lock functions
    - MINOR: h1: store the status code in the H1 message
    - BUG/MINOR: spoe: Don't compare engine name and SPOE scope when both are NULL
    - BUG/MINOR: spoa: Update pointer on the end of the frame when a reply is encoded
    - MINOR: action: Add trk_idx inline function
    - MINOR: action: Use trk_idx instead of tcp/http_trk_idx
    - MINOR: action: Add a function pointer in act_rule struct to check its validity
    - MINOR: action: Add function to check rules using an action ACT_ACTION_TRK_*
    - MINOR: action: Add a functions to check http capture rules
    - MINOR: action: Factorize checks on rules calling check_ptr if defined
    - MINOR: acl: Pass the ACLs as an explicit parameter of build_acl_cond
    - MEDIUM: spoe: Add support of ACLS to enable or disable sending of SPOE messages
    - MINOR: spoe: Check uniqness of SPOE engine names during config parsing
    - MEDIUM: spoe: Parse new "spoe-group" section in SPOE config file
    - MEDIUM: spoe/rules: Add "send-spoe-group" action for tcp/http rules
    - MINOR: spoe: Move message encoding in its own function
    - MINOR: spoe: Add a type to qualify the message list during encoding
    - MINOR: spoe: Add a generic function to encode a list of SPOE message
    - MEDIUM: spoe/rules: Process "send-spoe-group" action
    - BUG/MINOR: dns: Fix CLI keyword declaration
    - MAJOR: dns: Refactor the DNS code
    - BUG/MINOR: mailers: Fix a memory leak when email alerts are released
    - MEDIUM: mailers: Init alerts during conf parsing and refactor their processing
    - MINOR: mailers: Use pools to allocate email alerts and its tcpcheck_rules
    - MINOR: standard: Add memvprintf function
    - MINOR: log: Save alerts and warnings emitted during HAProxy startup
    - MINOR: cli: Add "show startup-logs" command
    - MINOR: startup: Extend the scope the MODE_STARTING flag
    - MINOR: threads: Prepare makefile to link with pthread
    - MINOR: threads: Add THREAD_LOCAL macro
    - MINOR: threads: Add atomic-ops and plock includes in import dir
    - MEDIUM: threads: Add hathreads header file
    - MINOR: threads: Add mechanism to register per-thread init/deinit functions
    - MINOR: threads: Add nbthread parameter
    - MEDIUM: threads: Adds a set of functions to handle sync-point
    - MAJOR: threads: Start threads to experiment multithreading
    - MINOR: threads: Define the sync-point inside run_poll_loop
    - MEDIUM: threads/buffers: Define and register per-thread init/deinit functions
    - MEDIUM: threads/chunks: Transform trash chunks in thread-local variables
    - MEDIUM: threads/time: Many global variables from time.h are now thread-local
    - MEDIUM: threads/logs: Make logs thread-safe
    - MEDIUM: threads/pool: Make pool thread-safe by locking all access to a pool
    - MAJOR: threads/fd: Make fd stuffs thread-safe
    - MINOR: threads/fd: Add a mask of threads allowed to process on each fd in fdtab array
    - MEDIUM: threads/fd: Initialize the process mask during the call to fd_insert
    - MINOR: threads/fd: Process cached events of FDs depending on the process mask
    - MINOR: threads/polling: pollers now handle FDs depending on the process mask
    - WIP: SQUASH WITH SYNC POINT
    - MAJOR: threads/task: handle multithread on task scheduler
    - MEDIUM: threads/signal: Add a lock to make signals thread-safe
    - MEDIUM: threads/listeners: Make listeners thread-safe
    - MEDIUM: threads/proxy: Add a lock per proxy and atomically update proxy vars
    - MEDIUM: threads/server: Make connection list (priv/idle/safe) thread-safe
    - MEDIUM: threads/server: Add a lock per server and atomically update server vars
    - MINOR: threads/server: Add a lock to deal with insert in updates_servers list
    - MEDIUM: threads/lb: Make LB algorithms (lb_*.c) thread-safe
    - MEDIUM: threads/stick-tables: handle multithreads on stick tables
    - MINOR: threads/sample: Change temp_smp into a thread local variable
    - MEDIUM: threads/http: Make http_capture_bad_message thread-safe
    - MINOR: threads/regex: Change Regex trash buffer into a thread local variable
    - MAJOR: threads/applet: Handle multithreading for applets
    - MAJOR: threads/peers: Make peers thread safe
    - MAJOR: threads/buffer: Make buffer wait queue thread safe
    - MEDIUM: threads/stream: Make streams list thread safe
    - MAJOR: threads/ssl: Make SSL part thread-safe
    - MEDIUM: threads/queue: Make queues thread-safe
    - MAJOR: threads/map: Make acls/maps thread safe
    - MEDIUM: threads/freq_ctr: Make the frequency counters thread-safe
    - MEDIUM: thread/vars: Make vars thread-safe
    - MEDIUM: threads/filters: Add init/deinit callback per thread
    - MINOR: threads/filters: Update trace filter to add _per_thread callbacks
    - MEDIUM: threads/compression: Make HTTP compression thread-safe
    - MEDIUM: threads/lua: Makes the jmpbuf and some other buffers local to the current thread.
    - MEDIUM: threads/lua: Add locks around the Lua execution parts.
    - MEDIUM: threads/lua: Ensure that the launched tasks runs on the same threads than me
    - MEDIUM: threads/lua: Cannot acces to the socket if we try to access from another thread.
    - MEDIUM: threads/xref: Convert xref function to a thread safe model
    - MEDIUM: threads/tasks: Add lock around notifications
    - MEDIUM: thread/spoe: Make the SPOE thread-safe
    - MEDIUM: thread/dns: Make DNS thread-safe
    - MINOR: threads: Add thread-map config parameter in the global section
    - MINOR: threads/checks: Add a lock to protect the pid list used by external checks
    - MINOR: threads/checks: Set the task process_mask when a check is executed
    - MINOR: threads/mailers: Add a lock to protect queues of email alerts
    - MEDIUM: threads/server: Use the server lock to protect health check and cli concurrency
    - MINOR: threads: Don't start when device a detection module is used
    - BUG/MEDIUM: threads: Run the poll loop on the main thread too
    - BUG/MINOR: threads: Add missing THREAD_LOCAL on static here and there
    - MAJOR: threads: Offically enable the threads support in HAProxy
    - BUG/MAJOR: threads/freq_ctr: fix lock on freq counters.
    - BUG/MAJOR: threads/time: Store the time deviation in an 64-bits integer
    - BUILD: stick-tables: silence an uninitialized variable warning
    - BUG/MINOR: dns: Fix SRV records with the new thread code.
    - MINOR: ssl: Remove the global allow-0rtt option.
    - CLEANUP: threads: replace the last few 1UL<<tid with tid_bit
    - CLEANUP: threads: rename process_mask to thread_mask
    - MINOR: h1: add a function to measure the trailers length
    - MINOR: threads: add a portable barrier for threads and non-threads
    - BUG/MAJOR: threads/freq_ctr: use a memory barrier to detect changes
    - BUG/MEDIUM: threads: Initialize the sync-point
    - MEDIUM: connection: start to introduce a mux layer between xprt and data
    - MINOR: connection: implement alpn registration of muxes
    - MINOR: mux: register the pass-through mux for any ALPN string
    - MEDIUM: session: use the ALPN token and proxy mode to select the mux
    - MINOR: connection: report the major HTTP version from the MUX for logging (fc_http_major)
    - MINOR: connection: introduce conn_stream
    - MINOR: mux: add more methods to mux_ops
    - MINOR: connection: introduce the conn_stream manipulation functions
    - MINOR: mux_pt: implement remaining mux_ops methods
    - MAJOR: connection : Split struct connection into struct connection and struct conn_stream.
    - MINOR: connection: make conn_stream users also check for per-stream error flag
    - MINOR: conn_stream: new shutr/w status flags
    - MINOR: conn_stream: modify cs_shut{r,w} API to pass the desired mode
    - MEDIUM: connection: make conn_sock_shutw() aware of lingering
    - MINOR: connection: add cs_close() to close a conn_stream
    - MEDIUM: mux_pt: make cs_shutr() / cs_shutw() properly close the connection
    - MEDIUM: connection: replace conn_full_close() with cs_close()
    - MEDIUM: connection: make mux->detach() release the connection
    - MEDIUM: stream: do not forcefully close the client connection anymore
    - MEDIUM: checks: exclusively use cs_destroy() to release a connection
    - MEDIUM: connection: add a destroy callback
    - MINOR: session: release the listener with the session, not the stream
    - MEDIUM: session: make use of the connection's destroy callback
    - CONTRIB: hpack: implement a reverse huffman table generator for hpack
    - MINOR: hpack: implement the HPACK Huffman table decoder
    - MINOR: hpack: implement the header tables management
    - MINOR: hpack: implement the decoder
    - MEDIUM: hpack: implement basic hpack encoding
    - MINOR: h2: centralize all HTTP/2 protocol elements and constants
    - MINOR: h2: create a very minimalistic h2 mux
    - MINOR: h2: expose tune.h2.header-table-size to configure the table size
    - MINOR: h2: expose tune.h2.initial-window-size to configure the window size
    - MINOR: h2: expose tune.h2.max-concurrent-streams to limit the number of streams
    - MINOR: h2: create the h2c struct and allocate its pool
    - MINOR: h2: create the h2s struct and the associated pool
    - MINOR: h2: handle two extra stream states for errors
    - MINOR: h2: add a frame header descriptor for incoming frames
    - MEDIUM: h2: allocate and release the h2c context on connection init/end
    - MEDIUM: h2: implement basic recv/send/wake functions
    - MEDIUM: h2: dynamically allocate the demux buffer on Rx
    - MEDIUM: h2: implement the mux buffer allocator
    - MINOR: h2: add the connection and stream flags listing the causes for blocking
    - MINOR: h2: add function h2s_id() to report a stream's ID
    - MINOR: h2: small function to know when the mux is busy
    - MINOR: h2: new function h2c_error to mark an error on the connection
    - MINOR: h2: new function h2s_error() to mark an error on a stream
    - MINOR: h2: add h2_set_frame_size() to update the size in a binary frame
    - MINOR: h2: new function h2_peek_frame_hdr() to retrieve a new frame header
    - MINOR: h2: add a few functions to retrieve contents from a wrapping buffer
    - MINOR: h2: add stream lookup function based on the stream ID
    - MINOR: h2: create dummy idle and closed streams
    - MINOR: h2: add the function to create a new stream
    - MINOR: h2: update the {MUX,DEM}_{M,D}ALLOC flags on buffer availability
    - MEDIUM: h2: start to consider the H2_CF_{MUX,DEM}_* flags for polling
    - MINOR: h2: also terminate the connection on shutr
    - MEDIUM: h2: properly consider all conditions for end of connection
    - MEDIUM: h2: wake the connection up for send on pending streams
    - MEDIUM: h2: start to implement the frames processing loop
    - MINOR: h2: add a function to send a GOAWAY error frame
    - MINOR: h2: match the H2 connection preface on init
    - MEDIUM: h2: enable connection polling for send when a cs wants to emit
    - MEDIUM: h2: enable reading again on the connection if it was blocked on stream buffer full
    - MEDIUM: h2: process streams pending for sending
    - MINOR: h2: send a real SETTINGS frame based on the configuration
    - MEDIUM: h2: detect the presence of the first settings frame
    - MINOR: h2: create a stream parser for the demuxer
    - MINOR: h2: implement PING frames
    - MEDIUM: h2: decode SETTINGS frames and extract relevant settings
    - MINOR: h2: lookup the stream during demuxing
    - MEDIUM: h2: honor WINDOW_UPDATE frames
    - MINOR: h2: implement h2_send_rst_stream() to send RST_STREAM frames
    - MINOR: h2: handle CONTINUATION frames
    - MEDIUM: h2: partial implementation of h2_detach()
    - MEDIUM: h2: unblock a connection when its current stream detaches
    - MEDIUM: h2: basic processing of HEADERS frame
    - MEDIUM: h2: don't use trash to decode headers!
    - MEDIUM: h2: implement the response HEADERS frame to encode the H1 response
    - MEDIUM: h2: send the H1 response body as DATA frames
    - MEDIUM: h2: skip the response trailers if any
    - MEDIUM: h2: properly continue to parse header block when facing a 1xx response
    - MEDIUM: h2: send WINDOW_UPDATE frames for connection
    - MEDIUM: h2: handle request body in DATA frames
    - MINOR: h2: handle RST_STREAM frames
    - MEDIUM: h2: send DATA+ES or RST_STREAM on shutw/shutr
    - MINOR: h2: use a common function to signal some and all streams.
    - MEDIUM: h2: handle GOAWAY frames
    - MINOR: h2: centralize the check for the idle streams
    - MINOR: h2: centralize the check for the half-closed(remote) streams
    - MEDIUM: h2: silently ignore frames higher than last_id after GOAWAY
    - MINOR: h2: properly reject PUSH_PROMISE frames coming from the client
    - MEDIUM: h2: perform a graceful shutdown on "Connection: close"
    - MEDIUM: h2: send a GOAWAY frame when dealing with an empty response
    - MEDIUM: h2: apply a timeout to h2 connections
    - BUG/MEDIUM: h2: fix incorrect timeout handling on the connection
    - MEDIUM: shctx: forbid shctx to read more than expected
    - MEDIUM: cache: configuration parsing and initialization
    - MEDIUM: cache: store objects in cache
    - MEDIUM: cache: deliver objects from cache
2017-10-31 23:18:29 +01:00
Willy Tarreau
f08137c434 [RELEASE] Released version 1.8-dev3
Released version 1.8-dev3 with the following main changes :
    - REORG: ssl: move defines and methodVersions table upper
    - MEDIUM: ssl: ctx_set_version/ssl_set_version func for methodVersions table
    - MINOR: ssl: support ssl-min-ver and ssl-max-ver with crt-list
    - MEDIUM: ssl: disable SSLv3 per default for bind
    - BUG/MAJOR: ssl: fix segfault on connection close using async engines.
    - BUG/MAJOR: ssl: buffer overflow using offloaded ciphering on async engine
    - BUG/MINOR: ssl: do not call directly the conn_fd_handler from async_fd_handler
    - BUG/MINOR: haproxy/cli : fix for solaris/illumos distros for CMSG* macros
    - BUG/MEDIUM: build without openssl broken
    - BUG/MINOR: warning: need_resend may be used uninitialized
    - BUG/MEDIUM: misplaced exit and wrong exit code
    - BUG/MINOR: Makefile: fix compile error with USE_LUA=1 in ubuntu16.04
    - BUILD: scripts: make publish-release support bare repositories
    - BUILD: scripts: add an automatic mode for publish-release
    - BUILD: scripts: add a "quiet" mode to publish-release
    - BUG/MAJOR: http: call manage_client_side_cookies() before erasing the buffer
    - BUG/MINOR: buffers: Fix bi/bo_contig_space to handle full buffers
    - CONTRIB: plug qdiscs: Plug queuing disciplines mini HOWTO.
    - BUG/MINOR: acls: Set the right refflag when patterns are loaded from a map
    - BUG/MINOR: ssl: Be sure that SSLv3 connection methods exist for openssl < 1.1.0
    - BUG/MINOR: http/filters: Be sure to wait if a filter loops in HTTP_MSG_ENDING
    - BUG/MEDIUM: peers: Peers CLOSE_WAIT issue.
    - BUG/MAJOR: server: Segfault after parsing server state file.
    - BUG/MEDIUM: unix: never unlink a unix socket from the file system
    - scripts: create-release pass -n to tail
    - SCRIPTS: create-release: enforce GIT_COMMITTER_{NAME|EMAIL} validity
    - BUG/MEDIUM: fix segfault when no argument to -x option
    - MINOR: warning on multiple -x
    - MINOR: mworker: don't copy -x argument anymore in copy_argv()
    - BUG/MEDIUM: mworker: don't reuse PIDs passed to the master
    - BUG/MINOR: Wrong peer task expiration handling during synchronization processing.
    - BUG/MINOR: cfgparse: Check if tune.http.maxhdr is in the range 1..32767
    - BUG/MINOR: log: pin the front connection when front ip/ports are logged
    - DOC: fix references to the section about the unix socket
    - BUG/MINOR: stream: flag TASK_WOKEN_RES not set if task in runqueue
    - MAJOR: task: task scheduler rework.
    - MINOR: task/stream: tasks related to a stream must be init by the caller.
    - MINOR: queue: Change pendconn_get_next_strm into private function
    - MINOR: backends: Change get_server_sh/get_server_uh into private function
    - MINOR: queue: Change pendconn_from_srv/pendconn_from_px into private functions
    - MEDIUM: stream: make stream_new() always set the target and analysers
    - MINOR: frontend: initialize HTTP layer after the debugging code
    - MINOR: connection: add a .get_alpn() method to xprt_ops
    - MINOR: ssl: add a get_alpn() method to ssl_sock
    - MINOR: frontend: retrieve the ALPN name when available
    - MINOR: frontend: report the connection's ALPN in the debug output
    - MINOR: stream: don't set backend's nor response analysers on SF_TUNNEL
    - MINOR: connection: send data before receiving
    - MAJOR: applet: applet scheduler rework.
    - BUG/MAJOR: frontend: don't dereference a null conn on outgoing connections
    - BUG/MAJOR: cli: fix custom io_release was crushed by NULL.
    - BUG/MAJOR: map: fix segfault during 'show map/acl' on cli.
    - BUG/MAJOR: compression: Be sure to release the compression state in all cases
    - MINOR: compression: Use a memory pool to allocate compression states
    - BUG/MAJOR: applet: fix a freeze if data is immedately forwarded.
    - DOC: fix references to the section about time format.
    - BUG/MEDIUM: map/acl: fix unwanted flags inheritance.
    - BUG/MAJOR: http: fix buffer overflow on loguri buffer.
    - MINOR: ssl: compare server certificate names to the SNI on outgoing connections
    - BUG/MINOR: stream: Don't forget to remove CF_WAKE_ONCE flag on response channel
    - BUG/MINOR: http: Don't reset the transaction if there are still data to send
    - BUG/MEDIUM: filters: Be sure to call flt_end_analyze for both channels
    - MINOR: peers: Add additional information to stick-table definition messages.
    - BUG/MINOR: http: properly handle all 1xx informational responses
    - OPTIM: ssl: don't consider a small ssl_read() as an indication of end of buffer
    - BUG/MINOR: peers: peer synchronization issue (with several peers sections).
    - CLEANUP: hdr_idx: make some function arguments const where possible
    - BUG/MINOR: Prevent a use-after-free on error scenario on option "-x".
    - BUG/MINOR: lua: In error case, the safe mode is not removed
    - BUG/MINOR: lua: executes the function destroying the Lua session in safe mode
    - BUG/MAJOR: lua/socket: resources not detroyed when the socket is aborted
    - BUG/MEDIUM: lua: bad memory access
    - BUG/MINOR: Lua: variable already initialized
    - DOC: update CONTRIBUTING regarding optional parts and message format
    - DOC: update the list of OpenSSL versions in the README
    - BUG/MINOR: http: Set the response error state in http_sync_res_state
    - MINOR: http: Reorder/rewrite checks in http_resync_states
    - MINOR: http: Switch requests/responses in TUNNEL mode only by checking txn flags
    - BUG/MEDIUM: http: Switch HTTP responses in TUNNEL mode when body length is undefined
    - MINOR: http: Rely on analyzers mask to end processing in forward_body functions
    - BUG/MINOR: http: Fix bug introduced in previous patch in http_resync_states
    - BUG/MINOR: contrib/modsecurity: BSD build fix
    - BUG/MINOR: contrib/mod_defender: build fix
    - BUG/MINOR: ssl: remove haproxy SSLv3 support when ssl lib have no SSLv3
    - MINOR: ssl: remove an unecessary SSL_OP_NO_* dependancy
    - BUILD: ssl: fix compatibility with openssl without TLSEXT_signature_*
    - MINOR: tools: add a portable timegm() alternative
    - BUILD: lua: replace timegm() with my_timegm() to fix build on Solaris 10
    - DOC: Updated 51Degrees git URL to point to a stable version.
    - BUG/MAJOR: http: Fix possible infinity loop in http_sync_(req|res)_state
    - MINOR: memory: remove macros
    - BUG/MINOR: lua: Fix Server.get_addr() port values
    - BUG/MINOR: lua: Correctly use INET6_ADDRSTRLEN in Server.get_addr()
    - MINOR: samples: Handle the type SMP_T_METH when we duplicate a sample in smp_dup
    - MINOR: samples: Handle the type SMP_T_METH in smp_is_safe and smp_is_rw
    - MINOR: samples: Don't allocate memory for SMP_T_METH sample when method is known
    - BUG/MINOR: lua: always detach the tcp/http tasks before freeing them
    - MINOR: task: always preinitialize the task's timeout in task_init()
    - CLEANUP: task: remove all initializations to TICK_ETERNITY after task_new()
    - BUG/MAJOR: lua: properly dequeue hlua_applet_wakeup() for new scheduler
    - MINOR: lua: Add proxy as member of proxy object.
    - DOC: lua: Proxy class doc update
    - MINOR: lua: Add lists of frontends and backends
    - BUG/MINOR: ssl: Fix check against SNI during server certificate verification
    - BUG/MINOR: ssl: make use of the name in SNI before verifyhost
    - MINOR: ssl: add a new error codes for wrong server certificates
    - BUG/MEDIUM: stream: don't retry SSL connections which fail the SNI name check
    - MINOR: ssl: add "no-ca-names" parameter for bind
    - BUG/MINOR: lua: Fix bitwise logic for hlua_server_check_* functions.
    - DOC: fix alphabetical order of "show commands" in management.txt
    - MINOR: listener: add a function to return a listener's state as a string
    - MINOR: cli: add a new "show fd" command
    - BUG/MEDIUM: ssl: Fix regression about certificates generation
    - MINOR: Add server port field to server state file.
    - MINOR: ssl: allow to start without certificate if strict-sni is set
    - MINOR: dns: Cache previous DNS answers.
    - MINOR: obj: Add a new type of object, OBJ_TYPE_SRVRQ.
    - Add a few functions to do unaligned access.
    - MINOR: dns: Handle SRV records.
    - MINOR: check: Fix checks when using SRV records.
    - MINOR: doc: Document SRV label usage.
    - BUILD/MINOR: cli: shut a minor gcc warning in "show fd"
    - BUILD: ssl: replace SSL_CTX_get0_privatekey for openssl < 1.0.2
    - BUILD/MINOR: build without openssl still broken
    - BUG/MAJOR: stream: in stream_free(), close the front endpoint and not the origin
    - CLEANUP: raw_sock: Use a better name for the constructor than __ssl_sock_deinit()
    - MINOR: init: Fix CPU affinity setting on FreeBSD.
    - MINOR: dns: Update analysis of TRUNCATED response for SRV records
    - MINOR: dns: update record dname matching for SRV query types
    - MINOR: dns: update dns response buffer reading pointer due to SRV record
    - MINOR: dns: duplicate entries in resolution wait queue for SRV records
    - MINOR: dns: make debugging function dump_dns_config() compatible with SRV records
    - MINOR: dns: ability to use a SRV resolution for multiple backends
    - MINOR: dns: enable caching of responses for server set by a SRV record
    - MINOR: dns: new dns record type (RTYPE) for OPT
    - MINOR: dns: enabled edns0 extension and make accpeted payload size tunable
    - MINOR: dns: default "hold obsolete" timeout set to 0
    - MINOR: chunks: add chunk_memcpy() and chunk_memcat()
    - MINOR: session: add a streams field to the session struct
    - MINOR: stream: link the stream to its session
    - MEDIUM: session: do not free a session until no stream references it
    - MINOR: ist: implement very simple indirect strings
    - TESTS: ist: add a test file for the functions
    - MINOR: http: export some of the HTTP parser macros
    - BUG/MINOR: Wrong type used as argument for spoe_decode_buffer().
    - BUG/MINOR: dns: server set by SRV records stay in "no resolution" status
    - MINOR: dns: Maximum DNS udp payload set to 8192
    - MINOR: dns: automatic reduction of DNS accpeted payload size
    - MINOR: dns: make SRV record processing more verbose
    - CLEANUP: dns: remove duplicated code in dns_resolve_recv()
    - CLEANUP: dns: remove duplicated code in dns_validate_dns_response()
    - BUG/MINOR: dns: wrong resolution interval lead to 100% CPU
    - BUG/MEDIUM: dns: fix accepted_payload_size parser to avoid integer overflow
    - BUG/MAJOR: lua: fix the impact of the scheduler changes again
    - BUG/MEDIUM: lua: HTTP services must take care of body-less status codes
    - MINOR: lua: properly process the contents of the content-length field
    - BUG/MEDIUM: stream: properly set the required HTTP analysers on use-service
    - OPTIM: lua: don't use expensive functions to parse headers in the HTTP applet
    - OPTIM: lua: don't add "Connection: close" on the response
    - REORG/MEDIUM: connection: introduce the notion of connection handle
    - BUG/MINOR: stream-int: don't check the CO_FL_CURR_WR_ENA flag
    - MEDIUM: connection: get rid of data->init() which was not for data
    - MEDIUM: stream: make stream_new() allocate its own task
    - CLEANUP: listener: remove the unused handler field
    - MEDIUM: session: add a pointer to a struct task in the session
    - MINOR: stream: provide a new stream creation function for connections
    - MEDIUM: connection: remove useless flag CO_FL_DATA_RD_SH
    - CLEANUP: connection: remove the unused conn_sock_shutw_pending()
    - MEDIUM: connection: remove useless flag CO_FL_DATA_WR_SH
    - DOC: add CLI info on privilege levels
    - DOC: Refer to Mozilla TLS info / config generator
    - MINOR: ssl: remove duplicate ssl_methods in struct bind_conf
    - BUG/MEDIUM: http: Fix a regression bug when a HTTP response is in TUNNEL mode
    - DOC: Add note about "* " prefix in CSV stats
    - CLEANUP: memory: Remove unused function pool_destroy
    - MINOR: listeners: Change listener_full and limit_listener into private functions
    - MINOR: listeners: Change enable_listener and disable_listener into private functions
    - MINOR: fd: Don't forget to reset fdtab[fd].update when a fd is added/removed
    - MINOR: fd: Set owner and iocb field before inserting a new fd in the fdtab
    - MINOR: backends: Make get_server_* functions explicitly static
    - MINOR: applet: Check applets_active_queue before processing applets queue
    - MINOR: chunks: Use dedicated function to init/deinit trash buffers
    - MEDIUM: chunks: Realloc trash buffers only after the config is parsed and checked
    - MINOR: logs: Use dedicated function to init/deinit log buffers
    - MINOR: logs: Realloc log buffers only after the config is parsed and checked
    - MINOR: buffers: Move swap_buffer into buffer.c and add deinit_buffer function
    - MINOR: stick-tables: Make static_table_key a struct variable instead of a pointer
    - MINOR: http: Use a trash chunk to store decoded string of the HTTP auth header
    - MINOR: fd: Add fd_active function
    - MINOR: fd: Use inlined functions to check fd state in fd_*_send/recv functions
    - MINOR: fd: Move (de)allocation of fdtab and fdinfo in (de)init_pollers
    - MINOR: freq_ctr: Return the new value after an update
    - MEDIUM: check: server states and weight propagation re-work
    - BUG/MEDIUM: epoll: ensure we always consider HUP and ERR
    - MINOR: fd: Add fd_update_events function
    - MINOR: polling: Use fd_update_events to update events seen for a fd
    - BUG/MINOR: server: Remove FQDN requirement for using init-addr and state file
    - Revert "BUG/MINOR: server: Remove FQDN requirement for using init-addr and state file"
    - MINOR: ssl: rework smp_fetch_ssl_fc_cl_str without internal ssl use
    - BUG/MEDIUM: http: Close streams for connections closed before a redirect
    - BUG/MINOR: Lua: The socket may be destroyed when we try to access.
    - MINOR: xref: Add a new xref system
    - MEDIUM: xref/lua: Use xref for referencing cosocket relation between stream and lua
    - MINOR: tasks: Move Lua notification from Lua to tasks
    - MINOR: net_helper: Inline functions meant to be inlined.
    - MINOR: cli: add socket commands and config to prepend informational messages with severity
    - MINOR: add severity information to cli feedback messages
    - BUILD: Makefile: add a function to detect support by the compiler of certain options
    - BUILD: Makefile: shut certain gcc/clang stupid warnings
    - BUILD: Makefile: improve detection of support for compiler warnings
    - MINOR: peers: don't reference the incoming listener on outgoing connections
    - MINOR: frontend: don't retrieve ALPN on the critical path
    - MINOR: protocols: always pass a "port" argument to the listener creation
    - MINOR: protocols: register the ->add function and stop calling them directly
    - MINOR: unix: remove the now unused proto_uxst.h file
    - MINOR: listeners: new function create_listeners
    - MINOR: listeners: make listeners count consistent with reality
    - MEDIUM: session: take care of incrementing/decrementing jobs
    - MINOR: listener: new function listener_release
    - MINOR: session: small cleanup of conn_complete_session()
    - MEDIUM: session: factor out duplicated code for conn_complete_session
    - MEDIUM: session: count the frontend's connections at a single place
    - BUG/MEDIUM: compression: Fix check on txn in smp_fetch_res_comp_algo
    - BUG/MINOR: compression: Check response headers before http-response rules eval
    - BUG/MINOR: spoe: Don't rely on SPOE ctx in debug message when its creation failed
    - BUG/MINOR: dns: Fix check on nameserver in snr_resolution_cb
    - MINOR: ssl: Remove useless checks on bind_conf or bind_conf->is_ssl
    - BUG/MINOR: contrib/mod_defender: close the va_list argp before return
    - BUG/MINOR: contrib/modsecurity: close the va_list ap before return
    - MINOR: tools: make my_htonll() more efficient on x86_64
    - MINOR: buffer: add b_del() to delete a number of characters
    - MINOR: buffer: add b_end() and b_to_end()
    - MINOR: net_helper: add functions to read from vectors
    - MINOR: net_helper: add write functions
    - MINOR: net_helper: add 64-bit read/write functions
    - MINOR: connection: adjust CO_FL_NOTIFY_DATA after removal of flags
    - MINOR: ist: add a macro to ease const array initialization
    - BUG/MEDIUM: server: unwanted behavior leaving maintenance mode on tracked stopping server
    - BUG/MEDIUM: server: unwanted behavior leaving maintenance mode on tracked stopping server (take2)
    - BUG/MINOR: log: fixing small memory leak in error code path.
    - BUG/MINOR: contrib/halog: fixing small memory leak
    - BUG/MEDIUM: tcp/http: set-dst-port action broken
    - CLEANUUP: checks: don't set conn->handle.fd to -1
    - BUG/MEDIUM: tcp-check: properly indicate polling state before performing I/O
    - BUG/MINOR: tcp-check: don't quit with pending data in the send buffer
    - BUG/MEDIUM: tcp-check: don't call tcpcheck_main() from the I/O handlers!
    - BUG/MINOR: unix: properly check for octal digits in the "mode" argument
    - MINOR: checks: make chk_report_conn_err() take a check, not a connection
    - CLEANUP: checks: remove misleading comments and statuses for external process
    - CLEANUP: checks: don't report report the fork() error twice
    - CLEANUP: checks: do not allocate a connection for process checks
    - TESTS: checks: add a simple test config for external checks
    - BUG/MINOR: tcp-check: don't initialize then break a connection starting with a comment
    - TESTS: checks: add a simple test config for tcp-checks
    - MINOR: tcp-check: make tcpcheck_main() take a check, not a connection
    - MINOR: checks: don't create then kill a dummy connection before tcp-checks
    - MEDIUM: checks: make tcpcheck_main() indicate if it recycled a connection
    - MEDIUM: checks: do not allocate a permanent connection anymore
    - BUG/MEDIUM: cli: fix "show fd" crash when dumping closed FDs
    - BUG/MEDIUM: http: Return an error when url_dec sample converter failed
    - BUG/MAJOR: stream-int: don't re-arm recv if send fails
    - BUILD/MINOR: 51d: fix warning when building with 51Degrees release version 3.2.12.12
    - DOC: 51d: add 51Degrees git URL that points to release version 3.2.12.12
    - DOC: 51d: Updated git URL and instructions for getting Hash Trie data files.
    - MINOR: compiler: restore the likely() wrapper for gcc 5.x
    - MINOR: session: remove the list of streams from struct session
    - DOC: fix some typos
    - MINOR: server: add the srv_queue() sample fetch method
    - MINOR: payload: add new sample fetch functions to process distcc protocol
    - MAJOR: servers: propagate server status changes asynchronously.
    - BUG/MEDIUM: ssl: fix OCSP expiry calculation
    - BUG/MINOR: stream-int: don't set MSG_MORE on SHUTW_NOW without AUTO_CLOSE
    - MINOR: server: Handle weight increase in consistent hash.
    - MINOR: checks: Add a new keyword to specify a SNI when doing SSL checks.
    - BUG/MINOR: tools: fix my_htonll() on x86_64
    - BUG/MINOR: stats: Clear a bit more counters with in cli_parse_clear_counters().
    - BUG/MAJOR: lua: scheduled task is freezing.
    - MINOR: buffer: add bo_del() to delete a number of characters from output
    - MINOR: buffer: add a function to match against string patterns
    - MINOR: buffer: add two functions to inject data into buffers
    - MINOR: buffer: add buffer_space_wraps()
    - REORG: channel: finally rename the last bi_* / bo_* functions
    - MINOR: buffer: add bo_getblk() and bo_getblk_nc()
    - MINOR: channel: make use of bo_getblk{,_nc} for their channel equivalents
    - MINOR: channel: make the channel be a const in all {ci,co}_get* functions
    - MINOR: ist: add ist0() to add a trailing zero to a string.
    - BUG/MEDIUM: log: check result details truncated.
    - MINOR: buffer: make bo_getblk_nc() not return 2 for a full buffer
    - REORG: http: move some very http1-specific parts to h1.{c,h}
    - REORG: http: move the HTTP/1 chunk parser to h1.{c,h}
    - REORG: http: move the HTTP/1 header block parser to h1.c
    - MEDIUM: http: make the chunk size parser only depend on the buffer
    - MEDIUM: http: make the chunk crlf parser only depend on the buffer
    - MINOR: h1: add struct h1m for basic HTTP/1 messages
    - MINOR: http: add very simple header management based on double strings
    - MEDIUM: h1: reimplement the http/1 response parser for the gateway
    - REORG: connection: rename CO_FL_DATA_* -> CO_FL_XPRT_*
    - MEDIUM: connection: make conn_sock_shutw() aware of lingering
    - MINOR: connection: ensure conn_ctrl_close() also resets the fd
    - MINOR: connection: add conn_stop_tracking() to disable tracking
    - MINOR: tcp: use conn_full_close() instead of conn_force_close()
    - MINOR: unix: use conn_full_close() instead of conn_force_close()
    - MINOR: checks: use conn_full_close() instead of conn_force_close()
    - MINOR: session: use conn_full_close() instead of conn_force_close()
    - MINOR: stream: use conn_full_close() instead of conn_force_close()
    - MINOR: stream: use conn_full_close() instead of conn_force_close()
    - MINOR: backend: use conn_full_close() instead of conn_force_close()
    - MINOR: stream-int: use conn_full_close() instead of conn_force_close()
    - MINOR: connection: remove conn_force_close()
    - BUG/MINOR: ssl: ocsp response with 'revoked' status is correct
2017-10-22 10:13:45 +02:00
Willy Tarreau
f57a29a1cd [RELEASE] Released version 1.8-dev2
Released version 1.8-dev2 with the following main changes :
    - CLEANUP: server: moving netinet/tcp.h inclusion
    - DOC: changed "block"(deprecated) examples to http-request deny
    - DOC: add few comments to examples.
    - DOC: update sample code for PROXY protocol
    - DOC: mention lighttpd 1.4.46 implements PROXY
    - MINOR server: Restrict dynamic cookie check to the same proxy.
    - DOC: stick-table is available in frontend sections
    - BUG/MINOR: server : no transparent proxy for DragonflyBSD
    - BUILD/MINOR: stats: remove unexpected argument to stats_dump_json_header()
    - BUILD/MINOR: tools: fix build warning in debug_hexdump()
    - BUG/MINOR: dns: Wrong address family used when creating IPv6 sockets.
    - BUG/MINOR: config: missing goto out after parsing an incorrect ACL character
    - BUG/MINOR: arg: don't try to add an argument on failed memory allocation
    - MEDIUM: server: Inherit CLI weight changes and agent-check weight responses
    - BUG/MEDIUM: arg: ensure that we properly unlink unresolved arguments on error
    - BUG/MEDIUM: acl: don't free unresolved args in prune_acl_expr()
    - BUG/MEDIUM: servers: unbreak server weight propagation
    - MINOR: lua: ensure the memory allocator is used all the time
    - MINOR: cli: Add a command to send listening sockets.
    - MINOR: global: Add an option to get the old listening sockets.
    - MINOR: tcp: When binding socket, attempt to reuse one from the old proc.
    - MINOR: doc: document the -x flag
    - MINOR: proxy: Don't close FDs if not our proxy.
    - MINOR: socket transfer: Set a timeout on the socket.
    - MINOR: systemd wrapper: add support for passing the -x option.
    - BUG/MINOR: server: Fix a wrong error message during 'usesrc' keyword parsing.
    - BUG/MAJOR: Broken parsing for valid keywords provided after 'source' setting.
    - CLEANUP: logs: typo: simgle => single
    - BUG/MEDIUM: acl: proprely release unused args in prune_acl_expr()
    - MEDIUM: config: don't check config validity when there are fatal errors
    - BUG/MAJOR: Use -fwrapv.
    - BUG/MINOR: server: don't use "proxy" when px is really meant.
    - BUG/MEDIUM: http: Drop the connection establishment when a redirect is performed
    - BUG/MINOR: server: missing default server 'resolvers' setting duplication.
    - MINOR: server: Extract the code responsible of copying default-server settings.
    - MINOR: server: Extract the code which finalizes server initializations after 'server' lines parsing.
    - MINOR: server: Add 'server-template' new keyword supported in backend sections.
    - MINOR: server: Add server_template_init() function to initialize servers from a templates.
    - DOC: Add documentation for new "server-template" keyword.
    - DOC: add layer 4 links/cross reference to "block" keyword.
    - DOC: errloc/errorloc302/errorloc303 missing status codes.
    - BUG/MEDIUM: lua: memory leak
    - CLEANUP: lua: remove test
    - BUG/MINOR: hash-balance-factor isn't effective in certain circumstances
    - BUG/MINOR: change header-declared function to static inline
    - REORG: spoe: move spoe_encode_varint / spoe_decode_varint from spoe to common
    - MINOR: Add binary encoding request header sample fetch
    - MINOR: proto-http: Add sample fetch wich returns all HTTP headers
    - MINOR: Add ModSecurity wrapper as contrib
    - BUG/MINOR: ssl: fix warnings about methods for opensslv1.1.
    - DOC: update RFC references
    - CONTRIB: tcploop: add action "X" to execute a command
    - MINOR: server: cli: Add server FQDNs to server-state file and stats socket.
    - BUG/MINOR: contrib/mod_security: fix build on FreeBSD
    - BUG/MINOR: checks: don't send proxy protocol with agent checks
    - MINOR: ssl: add prefer-client-ciphers
    - MEDIUM: ssl: revert ssl/tls version settings relative to default-server.
    - MEDIUM: ssl: ssl_methods implementation is reworked and factored for min/max tlsxx
    - MEDIUM: ssl: calculate the real min/max TLS version and find holes
    - MINOR: ssl: support TLSv1.3 for bind and server
    - MINOR: ssl: show methods supported by openssl
    - MEDIUM: ssl: add ssl-min-ver and ssl-max-ver parameters for bind and server
    - MEDIUM: ssl: ssl-min-ver and ssl-max-ver compatibility.
    - CLEANUP: retire obsoleted USE_GETSOCKNAME build option
    - BUG/MAJOR: dns: Broken kqueue events handling (BSD systems).
    - MINOR: sample: Add b64dec sample converter
    - BUG/MEDIUM: lua: segfault if a converter or a sample doesn't return anything
    - MINOR: cli: add ACCESS_LVL_MASK to store the access level
    - MINOR: cli: add 'expose-fd listeners' to pass listeners FDs
    - MEDIUM: proxy: zombify proxies only when the expose-fd socket is bound
    - MEDIUM: ssl: add basic support for OpenSSL crypto engine
    - MAJOR: ssl: add openssl async mode support
    - MEDIUM: ssl: handle multiple async engines
    - MINOR: boringssl: basic support for OCSP Stapling
    - MEDIUM: mworker: replace systemd mode by master worker mode
    - MEDIUM: mworker: handle reload and signals
    - MEDIUM: mworker: wait mode on reload failure
    - MEDIUM: mworker: try to guess the next stats socket to use with -x
    - MEDIUM: mworker: exit-on-failure option
    - MEDIUM: mworker: workers exit when the master leaves
    - DOC: add documentation for the master-worker mode
    - MEDIUM: systemd: Type=forking in unit file
    - MAJOR: systemd-wrapper: get rid of the wrapper
    - MINOR: log: Add logurilen tunable.
    - CLEANUP: server.c: missing prototype of srv_free_dns_resolution
    - MINOR: dns: smallest DNS fqdn size
    - MINOR: dns: functions to manage memory for a DNS resolution structure
    - MINOR: dns: parse_server() now uses srv_alloc_dns_resolution()
    - REORG: dns: dns_option structure, storage of hostname_dn
    - MINOR: dns: new snr_check_ip_callback function
    - MAJOR: dns: save a copy of the DNS response in struct resolution
    - MINOR: dns: implement a LRU cache for DNS resolutions
    - MINOR: dns: make 'ancount' field to match the number of saved records
    - MINOR: dns: introduce roundrobin into the internal cache (WIP)
    - MAJOR/REORG: dns: DNS resolution task and requester queues
    - BUILD: ssl: fix build with OPENSSL_NO_ENGINE
    - MINOR: Add Mod Defender integration as contrib
    - CLEANUP: str2mask return code comment: non-zero -> zero.
    - MINOR: tools: make debug_hexdump() use a const char for the string
    - MINOR: tools: make debug_hexdump() take a string prefix
    - CLEANUP: connection: remove unused CO_FL_WAIT_DATA
2017-06-02 15:59:51 +02:00
Willy Tarreau
7b677265fd [RELEASE] Released version 1.8-dev1
Released version 1.8-dev1 with the following main changes :
    - BUG/MEDIUM: proxy: return "none" and "unknown" for unknown LB algos
    - BUG/MINOR: stats: make field_str() return an empty string on NULL
    - DOC: Spelling fixes
    - BUG/MEDIUM: http: Fix tunnel mode when the CONNECT method is used
    - BUG/MINOR: http: Keep the same behavior between 1.6 and 1.7 for tunneled txn
    - BUG/MINOR: filters: Protect args in macros HAS_DATA_FILTERS and IS_DATA_FILTER
    - BUG/MINOR: filters: Invert evaluation order of HTTP_XFER_BODY and XFER_DATA analyzers
    - BUG/MINOR: http: Call XFER_DATA analyzer when HTTP txn is switched in tunnel mode
    - BUG/MAJOR: stream: fix session abort on resource shortage
    - OPTIM: stream-int: don't disable polling anymore on DONT_READ
    - BUG/MINOR: cli: allow the backslash to be escaped on the CLI
    - BUG/MEDIUM: cli: fix "show stat resolvers" and "show tls-keys"
    - DOC: Fix map table's format
    - DOC: Added 51Degrees conv and fetch functions to documentation.
    - BUG/MINOR: http: don't send an extra CRLF after a Set-Cookie in a redirect
    - DOC: mention that req_tot is for both frontends and backends
    - BUG/MEDIUM: variables: some variable name can hide another ones
    - MINOR: lua: Allow argument for actions
    - BUILD: rearrange target files by build time
    - CLEANUP: hlua: just indent functions
    - MINOR: lua: give HAProxy variable access to the applets
    - BUG/MINOR: stats: fix be/sessions/max output in html stats
    - MINOR: proxy: Add fe_name/be_name fetchers next to existing fe_id/be_id
    - DOC: lua: Documentation about some entry missing
    - DOC: lua: Add documentation about variable manipulation from applet
    - MINOR: Do not forward the header "Expect: 100-continue" when the option http-buffer-request is set
    - DOC: Add undocumented argument of the trace filter
    - DOC: Fix some typo in SPOE documentation
    - MINOR: cli: Remove useless call to bi_putchk
    - BUG/MINOR: cli: be sure to always warn the cli applet when input buffer is full
    - MINOR: applet: Count number of (active) applets
    - MINOR: task: Rename run_queue and run_queue_cur counters
    - BUG/MEDIUM: stream: Save unprocessed events for a stream
    - BUG/MAJOR: Fix how the list of entities waiting for a buffer is handled
    - BUILD/MEDIUM: Fixing the build using LibreSSL
    - BUG/MEDIUM: lua: In some case, the return of sample-fetches is ignored (2)
    - SCRIPTS: git-show-backports: fix a harmless typo
    - SCRIPTS: git-show-backports: add -H to use the hash of the commit message
    - BUG/MINOR: stream-int: automatically release SI_FL_WAIT_DATA on SHUTW_NOW
    - CLEANUP: applet/lua: create a dedicated ->fcn entry in hlua_cli context
    - CLEANUP: applet/table: add an "action" entry in ->table context
    - CLEANUP: applet: remove the now unused appctx->private field
    - DOC: lua: documentation about time parser functions
    - DOC: lua: improve links
    - DOC: lua: section declared twice
    - MEDIUM: cli: 'show cli sockets' list the CLI sockets
    - BUG/MINOR: cli: "show cli sockets" wouldn't list all processes
    - BUG/MINOR: cli: "show cli sockets" would always report process 64
    - CLEANUP: lua: rename one of the lua appctx union
    - BUG/MINOR: lua/cli: bad error message
    - MEDIUM: lua: use memory pool for hlua struct in applets
    - MINOR: lua/signals: Remove Lua part from signals.
    - DOC: cli: show cli sockets
    - MINOR: cli: automatically enable a CLI I/O handler when there's no parser
    - CLEANUP: memory: remove the now unused cli_parse_show_pools() function
    - CLEANUP: applet: group all CLI contexts together
    - CLEANUP: stats: move a misplaced stats context initialization
    - MINOR: cli: add two general purpose pointers and integers in the CLI struct
    - MINOR: appctx/cli: remove the cli_socket entry from the appctx union
    - MINOR: appctx/cli: remove the env entry from the appctx union
    - MINOR: appctx/cli: remove the "be" entry from the appctx union
    - MINOR: appctx/cli: remove the "dns" entry from the appctx union
    - MINOR: appctx/cli: remove the "server_state" entry from the appctx union
    - MINOR: appctx/cli: remove the "tlskeys" entry from the appctx union
    - CONTRIB: tcploop: add limits.h to fix build issue with some compilers
    - MINOR/DOC: lua: just precise one thing
    - DOC: fix small typo in fe_id (backend instead of frontend)
    - BUG/MINOR: Fix the sending function in Lua's cosocket
    - BUG/MINOR: lua: memory leak executing tasks
    - BUG/MINOR: lua: bad return code
    - BUG/MINOR: lua: memleak when Lua/cli fails
    - MEDIUM: lua: remove Lua struct from session, and allocate it with memory pools
    - CLEANUP: haproxy: statify unexported functions
    - MINOR: haproxy: add a registration for build options
    - CLEANUP: wurfl: use the build options list to report it
    - CLEANUP: 51d: use the build options list to report it
    - CLEANUP: da: use the build options list to report it
    - CLEANUP: namespaces: use the build options list to report it
    - CLEANUP: tcp: use the build options list to report transparent modes
    - CLEANUP: lua: use the build options list to report it
    - CLEANUP: regex: use the build options list to report the regex type
    - CLEANUP: ssl: use the build options list to report the SSL details
    - CLEANUP: compression: use the build options list to report the algos
    - CLEANUP: auth: use the build options list to report its support
    - MINOR: haproxy: add a registration for post-check functions
    - CLEANUP: checks: make use of the post-init registration to start checks
    - CLEANUP: filters: use the function registration to initialize all proxies
    - CLEANUP: wurfl: make use of the late init registration
    - CLEANUP: 51d: make use of the late init registration
    - CLEANUP: da: make use of the late init registration code
    - MINOR: haproxy: add a registration for post-deinit functions
    - CLEANUP: wurfl: register the deinit function via the dedicated list
    - CLEANUP: 51d: register the deinitialization function
    - CLEANUP: da: register the deinitialization function
    - CLEANUP: wurfl: move global settings out of the global section
    - CLEANUP: 51d: move global settings out of the global section
    - CLEANUP: da: move global settings out of the global section
    - MINOR: cfgparse: add two new functions to check arguments count
    - MINOR: cfgparse: move parsing of "ca-base" and "crt-base" to ssl_sock
    - MEDIUM: cfgparse: move all tune.ssl.* keywords to ssl_sock
    - MEDIUM: cfgparse: move maxsslconn parsing to ssl_sock
    - MINOR: cfgparse: move parsing of ssl-default-{bind,server}-ciphers to ssl_sock
    - MEDIUM: cfgparse: move ssl-dh-param-file parsing to ssl_sock
    - MEDIUM: compression: move the zlib-specific stuff from global.h to compression.c
    - BUG/MEDIUM: ssl: properly reset the reused_sess during a forced handshake
    - BUG/MEDIUM: ssl: avoid double free when releasing bind_confs
    - BUG/MINOR: stats: fix be/sessions/current out in typed stats
    - MINOR: tcp-rules: check that the listener exists before updating its counters
    - MEDIUM: spoe: don't create a dummy listener for outgoing connections
    - MINOR: listener: move the transport layer pointer to the bind_conf
    - MEDIUM: move listener->frontend to bind_conf->frontend
    - MEDIUM: ssl: remote the proxy argument from most functions
    - MINOR: connection: add a new prepare_bind_conf() entry to xprt_ops
    - MEDIUM: ssl_sock: implement ssl_sock_prepare_bind_conf()
    - MINOR: connection: add a new destroy_bind_conf() entry to xprt_ops
    - MINOR: ssl_sock: implement ssl_sock_destroy_bind_conf()
    - MINOR: server: move the use_ssl field out of the ifdef USE_OPENSSL
    - MINOR: connection: add a minimal transport layer registration system
    - CLEANUP: connection: remove all direct references to raw_sock and ssl_sock
    - CLEANUP: connection: unexport raw_sock and ssl_sock
    - MINOR: connection: add new prepare_srv()/destroy_srv() entries to xprt_ops
    - MINOR: ssl_sock: implement and use prepare_srv()/destroy_srv()
    - CLEANUP: ssl: move tlskeys_finalize_config() to a post_check callback
    - CLEANUP: ssl: move most ssl-specific global settings to ssl_sock.c
    - BUG/MINOR: backend: nbsrv() should return 0 if backend is disabled
    - BUG/MEDIUM: ssl: for a handshake when server-side SNI changes
    - BUG/MINOR: systemd: potential zombie processes
    - DOC: Add timings events schemas
    - BUILD: lua: build failed on FreeBSD.
    - MINOR: samples: add xx-hash functions
    - MEDIUM: regex: pcre2 support
    - BUG/MINOR: option prefer-last-server must be ignored in some case
    - MINOR: stats: Support "select all" for backend actions
    - BUG/MINOR: sample-fetches/stick-tables: bad type for the sample fetches sc*_get_gpt0
    - BUG/MAJOR: channel: Fix the definition order of channel analyzers
    - BUG/MINOR: http: report real parser state in error captures
    - BUILD: scripts: automatically update the branch in version.h when releasing
    - MINOR: tools: add a generic hexdump function for debugging
    - BUG/MAJOR: http: fix risk of getting invalid reports of bad requests
    - MINOR: http: custom status reason.
    - MINOR: connection: add sample fetch "fc_rcvd_proxy"
    - BUG/MINOR: config: emit a warning if http-reuse is enabled with incompatible options
    - BUG/MINOR: tools: fix off-by-one in port size check
    - BUG/MEDIUM: server: consider AF_UNSPEC as a valid address family
    - MEDIUM: server: split the address and the port into two different fields
    - MINOR: tools: make str2sa_range() return the port in a separate argument
    - MINOR: server: take the destination port from the port field, not the addr
    - MEDIUM: server: disable protocol validations when the server doesn't resolve
    - BUG/MEDIUM: tools: do not force an unresolved address to AF_INET:0.0.0.0
    - BUG/MINOR: ssl: EVP_PKEY must be freed after X509_get_pubkey usage
    - BUG/MINOR: ssl: assert on SSL_set_shutdown with BoringSSL
    - MINOR: Use "500 Internal Server Error" for 500 error/status code message.
    - MINOR: proto_http.c 502 error txt typo.
    - DOC: add deprecation notice to "block"
    - MINOR: compression: fix -vv output without zlib/slz
    - BUG/MINOR: Reset errno variable before calling strtol(3)
    - MINOR: ssl: don't show prefer-server-ciphers output
    - OPTIM/MINOR: config: Optimize fullconn automatic computation loading configuration
    - BUG/MINOR: stream: Fix how backend-specific analyzers are set on a stream
    - MAJOR: ssl: bind configuration per certificat
    - MINOR: ssl: add curve suite for ECDHE negotiation
    - MINOR: checks: Add agent-addr config directive
    - MINOR: cli: Add possiblity to change agent config via CLI/socket
    - MINOR: doc: Add docs for agent-addr configuration variable
    - MINOR: doc: Add docs for agent-addr and agent-send CLI commands
    - BUILD: ssl: fix to build (again) with boringssl
    - BUILD: ssl: fix build on OpenSSL 1.0.0
    - BUILD: ssl: silence a warning reported for ERR_remove_state()
    - BUILD: ssl: eliminate warning with OpenSSL 1.1.0 regarding RAND_pseudo_bytes()
    - BUILD: ssl: kill a build warning introduced by BoringSSL compatibility
    - BUG/MEDIUM: tcp: don't poll for write when connect() succeeds
    - BUG/MINOR: unix: fix connect's polling in case no data are scheduled
    - MINOR: server: extend the flags to 32 bits
    - BUG/MINOR: lua: Map.end are not reliable because "end" is a reserved keyword
    - MINOR: dns: give ability to dns_init_resolvers() to close a socket when requested
    - BUG/MAJOR: dns: restart sockets after fork()
    - MINOR: chunks: implement a simple dynamic allocator for trash buffers
    - BUG/MEDIUM: http: prevent redirect from overwriting a buffer
    - BUG/MEDIUM: filters: Do not truncate HTTP response when body length is undefined
    - BUG/MEDIUM: http: Prevent replace-header from overwriting a buffer
    - BUG/MINOR: http: Return an error when a replace-header rule failed on the response
    - BUG/MINOR: sendmail: The return of vsnprintf is not cleanly tested
    - BUG/MAJOR: ssl: fix a regression in ssl_sock_shutw()
    - BUG/MAJOR: lua segmentation fault when the request is like 'GET ?arg=val HTTP/1.1'
    - BUG/MEDIUM: config: reject anything but "if" or "unless" after a use-backend rule
    - MINOR: http: don't close when redirect location doesn't start with "/"
    - MEDIUM: boringssl: support native multi-cert selection without bundling
    - BUG/MEDIUM: ssl: fix verify/ca-file per certificate
    - BUG/MEDIUM: ssl: switchctx should not return SSL_TLSEXT_ERR_ALERT_WARNING
    - MINOR: ssl: removes SSL_CTX_set_ssl_version call and cleanup CTX creation.
    - BUILD: ssl: fix build with -DOPENSSL_NO_DH
    - MEDIUM: ssl: add new sample-fetch which captures the cipherlist
    - MEDIUM: ssl: remove ssl-options from crt-list
    - BUG/MEDIUM: ssl: in bind line, ssl-options after 'crt' are ignored.
    - BUG/MINOR: ssl: fix cipherlist captures with sustainable SSL calls
    - MINOR: ssl: improved cipherlist captures
    - BUG/MINOR: spoe: Fix soft stop handler using a specific id for spoe filters
    - BUG/MINOR: spoe: Fix parsing of arguments in spoe-message section
    - MAJOR: spoe: Add support of pipelined and asynchronous exchanges with agents
    - MINOR: spoe: Add support for pipelining/async capabilities in the SPOA example
    - MINOR: spoe: Remove SPOE details from the appctx structure
    - MINOR: spoe: Add status code in error variable instead of hardcoded value
    - MINOR: spoe: Send a log message when an error occurred during event processing
    - MINOR: spoe: Check the scope of sample fetches used in SPOE messages
    - MEDIUM: spoe: Be sure to wakeup the good entity waiting for a buffer
    - MINOR: spoe: Use the min of all known max_frame_size to encode messages
    - MAJOR: spoe: Add support of payload fragmentation in NOTIFY frames
    - MINOR: spoe: Add support for fragmentation capability in the SPOA example
    - MAJOR: spoe: refactor the filter to clean up the code
    - MINOR: spoe: Handle NOTIFY frames cancellation using ABORT bit in ACK frames
    - REORG: spoe: Move struct and enum definitions in dedicated header file
    - REORG: spoe: Move low-level encoding/decoding functions in dedicated header file
    - MINOR: spoe: Improve implementation of the payload fragmentation
    - MINOR: spoe: Add support of negation for options in SPOE configuration file
    - MINOR: spoe: Add "pipelining" and "async" options in spoe-agent section
    - MINOR: spoe: Rely on alertif_too_many_arg during configuration parsing
    - MINOR: spoe: Add "send-frag-payload" option in spoe-agent section
    - MINOR: spoe: Add "max-frame-size" statement in spoe-agent section
    - DOC: spoe: Update SPOE documentation to reflect recent changes
    - MINOR: config: warn when some HTTP rules are used in a TCP proxy
    - BUG/MEDIUM: ssl: Clear OpenSSL error stack after trying to parse OCSP file
    - BUG/MEDIUM: cli: Prevent double free in CLI ACL lookup
    - BUG/MINOR: Fix "get map <map> <value>" CLI command
    - MINOR: Add nbsrv sample converter
    - CLEANUP: Replace repeated code to count usable servers with be_usable_srv()
    - MINOR: Add hostname sample fetch
    - CLEANUP: Remove comment that's no longer valid
    - MEDIUM: http_error_message: txn->status / http_get_status_idx.
    - MINOR: http-request tarpit deny_status.
    - CLEANUP: http: make http_server_error() not set the status anymore
    - MEDIUM: stats: Add JSON output option to show (info|stat)
    - MEDIUM: stats: Add show json schema
    - BUG/MAJOR: connection: update CO_FL_CONNECTED before calling the data layer
    - MINOR: server: Add dynamic session cookies.
    - MINOR: cli: Let configure the dynamic cookies from the cli.
    - BUG/MINOR: checks: attempt clean shutw for SSL check
    - CONTRIB: tcploop: make it build on FreeBSD
    - CONTRIB: tcploop: fix time format to silence build warnings
    - CONTRIB: tcploop: report action 'K' (kill) in usage message
    - CONTRIB: tcploop: fix connect's address length
    - CONTRIB: tcploop: use the trash instead of NULL for recv()
    - BUG/MEDIUM: listener: do not try to rebind another process' socket
    - BUG/MEDIUM server: Fix crash when dynamic is defined, but not key is provided.
    - CLEANUP: config: Typo in comment.
    - BUG/MEDIUM: filters: Fix channels synchronization in flt_end_analyze
    - TESTS: add a test configuration to stress handshake combinations
    - BUG/MAJOR: stream-int: do not depend on connection flags to detect connection
    - BUG/MEDIUM: connection: ensure to always report the end of handshakes
    - MEDIUM: connection: don't test for CO_FL_WAKE_DATA
    - CLEANUP: connection: completely remove CO_FL_WAKE_DATA
    - BUG: payload: fix payload not retrieving arbitrary lengths
    - BUILD: ssl: simplify SSL_CTX_set_ecdh_auto compatibility
    - BUILD: ssl: fix OPENSSL_NO_SSL_TRACE for boringssl and libressl
    - BUG/MAJOR: http: fix typo in http_apply_redirect_rule
    - MINOR: doc: 2.4. Examples should be 2.5. Examples
    - BUG/MEDIUM: stream: fix client-fin/server-fin handling
    - MINOR: fd: add a new flag HAP_POLL_F_RDHUP to struct poller
    - BUG/MINOR: raw_sock: always perfom the last recv if RDHUP is not available
    - OPTIM: poll: enable support for POLLRDHUP
    - MINOR: kqueue: exclusively rely on the kqueue returned status
    - MEDIUM: kqueue: take care of EV_EOF to improve polling status accuracy
    - MEDIUM: kqueue: only set FD_POLL_IN when there are pending data
    - DOC/MINOR: Fix typos in proxy protocol doc
    - DOC: Protocol doc: add checksum, TLV type ranges
    - DOC: Protocol doc: add SSL TLVs, rename CHECKSUM
    - DOC: Protocol doc: add noop TLV
    - MEDIUM: global: add a 'hard-stop-after' option to cap the soft-stop time
    - MINOR: dns: improve DNS response parsing to use as many available records as possible
    - BUG/MINOR: cfgparse: loop in tracked servers lists not detected by check_config_validity().
    - MINOR: server: irrelevant error message with 'default-server' config file keyword.
    - MINOR: server: Make 'default-server' support 'backup' keyword.
    - MINOR: server: Make 'default-server' support 'check-send-proxy' keyword.
    - CLEANUP: server: code alignement.
    - MINOR: server: Make 'default-server' support 'non-stick' keyword.
    - MINOR: server: Make 'default-server' support 'send-proxy' and 'send-proxy-v2 keywords.
    - MINOR: server: Make 'default-server' support 'check-ssl' keyword.
    - MINOR: server: Make 'default-server' support 'force-sslv3' and 'force-tlsv1[0-2]' keywords.
    - CLEANUP: server: code alignement.
    - MINOR: server: Make 'default-server' support 'no-ssl*' and 'no-tlsv*' keywords.
    - MINOR: server: Make 'default-server' support 'ssl' keyword.
    - MINOR: server: Make 'default-server' support 'send-proxy-v2-ssl*' keywords.
    - CLEANUP: server: code alignement.
    - MINOR: server: Make 'default-server' support 'verify' keyword.
    - MINOR: server: Make 'default-server' support 'verifyhost' setting.
    - MINOR: server: Make 'default-server' support 'check' keyword.
    - MINOR: server: Make 'default-server' support 'track' setting.
    - MINOR: server: Make 'default-server' support 'ca-file', 'crl-file' and 'crt' settings.
    - MINOR: server: Make 'default-server' support 'redir' keyword.
    - MINOR: server: Make 'default-server' support 'observe' keyword.
    - MINOR: server: Make 'default-server' support 'cookie' keyword.
    - MINOR: server: Make 'default-server' support 'ciphers' keyword.
    - MINOR: server: Make 'default-server' support 'tcp-ut' keyword.
    - MINOR: server: Make 'default-server' support 'namespace' keyword.
    - MINOR: server: Make 'default-server' support 'source' keyword.
    - MINOR: server: Make 'default-server' support 'sni' keyword.
    - MINOR: server: Make 'default-server' support 'addr' keyword.
    - MINOR: server: Make 'default-server' support 'disabled' keyword.
    - MINOR: server: Add 'no-agent-check' server keyword.
    - DOC: server: Add docs for "server" and "default-server" new "no-*" and other settings.
    - MINOR: doc: fix use-server example (imap vs mail)
    - BUG/MEDIUM: tcp: don't require privileges to bind to device
    - BUILD: make the release script use shortlog for the final changelog
    - BUILD: scripts: fix typo in announce-release error message
    - CLEANUP: time: curr_sec_ms doesn't need to be exported
    - BUG/MEDIUM: server: Wrong server default CRT filenames initialization.
    - BUG/MEDIUM: peers: fix buffer overflow control in intdecode.
    - BUG/MEDIUM: buffers: Fix how input/output data are injected into buffers
    - BUG/MINOR: http: Fix conditions to clean up a txn and to handle the next request
    - CLEANUP: http: Remove channel_congested function
    - CLEANUP: buffers: Remove buffer_bounce_realign function
    - CLEANUP: buffers: Remove buffer_contig_area and buffer_work_area functions
    - MINOR: http: remove useless check on HTTP_MSGF_XFER_LEN for the request
    - MINOR: http: Add debug messages when HTTP body analyzers are called
    - BUG/MEDIUM: http: Fix blocked HTTP/1.0 responses when compression is enabled
    - BUG/MINOR: filters: Don't force the stream's wakeup when we wait in flt_end_analyze
    - DOC: fix parenthesis and add missing "Example" tags
    - DOC: update the contributing file
    - DOC: log-format/tcplog/httplog update
    - MINOR: config parsing: add warning when log-format/tcplog/httplog is overriden in "defaults" sections
2017-04-03 09:27:49 +02:00
Willy Tarreau
0e658fb051 [RELEASE] Released version 1.8-dev0
Released version 1.8-dev0 with the following main changes :
    - exact copy of 1.7.0
2016-11-25 16:58:52 +01:00
Willy Tarreau
e59fcdd25e [RELEASE] Released version 1.7.0
Released version 1.7.0 with the following main changes :
    - SCRIPTS: make publish-release also copy the new SPOE doc
    - BUILD: http: include types/sample.h in proto_http.h
    - BUILD: debug/flags: remove test for SF_COMP_READY
    - CONTRIB: debug/flags: add check for SF_ERR_CHK_PORT
    - MINOR: lua: add function which return true if the channel is full.
    - MINOR: lua: add ip addresses and network manipulation function
    - CONTRIB: tcploop: scriptable TCP I/O for debugging purposes
    - CONTRIB: tcploop: implement fork()
    - CONTRIB: tcploop: implement logging when called with -v
    - CONTRIB: tcploop: update the usage output
    - CONTRIB: tcploop: support sending plain strings
    - CONTRIB: tcploop: don't report failed send() or recv()
    - CONTRIB: tcploop: add basic loops via a jump instruction
    - BUG/MEDIUM: channel: bad unlikely macro
    - CLEANUP: lua: move comment
    - CLEANUP: lua: control executed twice
    - BUG/MEDIUM: ssl: Store certificate filename in a variable
    - BUG/MINOR: ssl: Print correct filename when error occurs reading OCSP
    - CLEANUP: ssl: Remove goto after return dead code
    - CLEANUP: ssl: Fix bind keywords name in comments
    - DOC: ssl: Use correct wording for ca-sign-pass
    - CLEANUP: lua: avoid directly calling getsockname/getpeername()
    - BUG/MINOR: stick-table: handle out-of-memory condition gracefully
    - MINOR: cli: add private pointer and release function
    - MEDIUM: lua: Add cli handler for Lua
    - BUG/MEDIUM: connection: check the control layer before stopping polling
    - DEBUG: connection: mark the closed FDs with a value that is easier to detect
    - BUG/MEDIUM: stick-table: fix regression caused by recent fix for out-of-memory
    - BUG/MINOR: cli: properly decrement ref count on tables during failed dumps
    - BUG/MEDIUM: lua: In some case, the return of sample-fetche is ignored
    - MINOR: filters: Add check_timeouts callback to handle timers expiration on streams
    - MINOR: spoe: Add 'timeout processing' option to limit time to process an event
    - MINOR: spoe: Remove useless 'timeout ack' option
    - MINOR: spoe: Add 'option continue-on-error' statement in spoe-agent section
    - MINOR: spoe: Add "maxconnrate" and "maxerrrate" statements
    - MINOR: spoe: Add "option set-on-error" statement
    - MINOR: stats: correct documentation of process ID for typed output
    - BUILD: contrib: fix ip6range build on Centos 7
    - BUILD: fix build on Solaris 10/11
    - BUG/MINOR: cli: fix pointer size when reporting data/transport layer name
    - BUG/MINOR: cli: dequeue from the proxy when changing a maxconn
    - BUG/MINOR: cli: wake up the CLI's task after a timeout update
    - MINOR: connection: add a few functions to report the data and xprt layers' names
    - MINOR: connection: add names for transport and data layers
    - REORG: cli: split dumpstats.c in src/cli.c and src/stats.c
    - REORG: cli: split dumpstats.h in stats.h and cli.h
    - REORG: cli: move ssl CLI functions to ssl_sock.c
    - REORG: cli: move map and acl code to map.c
    - REORG: cli: move show stat resolvers to dns.c
    - MINOR: cli: create new function cli_has_level() to validate permissions
    - MINOR: server: create new function cli_find_server() to find a server
    - MINOR: proxy: create new function cli_find_frontend() to find a frontend
    - REORG: cli: move 'set server' to server.c
    - REORG: cli: move 'show pools' to memory.c
    - REORG: cli: move 'show servers' to proxy.c
    - REORG: cli: move 'show sess' to stream.c
    - REORG: cli: move 'show backend' to proxy.c
    - REORG: cli: move get/set weight to server.c
    - REORG: cli: move "show stat" to stats.c
    - REORG: cli: move "show info" to stats.c
    - REORG: cli: move dump_text(), dump_text_line(), and dump_binary() to standard.c
    - REORG: cli: move table dump/clear/set to stick_table.c
    - REORG: cli: move "show errors" out of cli.c
    - REORG: cli: make "show env" also use the generic keyword registration
    - REORG: cli: move "set timeout" to its own handler
    - REORG: cli: move "clear counters" to stats.c
    - REORG: cli: move "set maxconn global" to its own handler
    - REORG: cli: move "set maxconn server" to server.c
    - REORG: cli: move "set maxconn frontend" to proxy.c
    - REORG: cli: move "shutdown sessions server" to stream.c
    - REORG: cli: move "shutdown session" to stream.c
    - REORG: cli: move "shutdown frontend" to proxy.c
    - REORG: cli: move "{enable|disable} frontend" to proxy.c
    - REORG: cli: move "{enable|disable} server" to server.c
    - REORG: cli: move "{enable|disable} health" to server.c
    - REORG: cli: move "{enable|disable} agent" to server.c
    - REORG: cli: move the "set rate-limit" functions to their own parser
    - CLEANUP: cli: rename STAT_CLI_* to CLI_ST_*
    - CLEANUP: cli: simplify the request parser a little bit
    - CLEANUP: cli: remove assignments to st0 and st2 in keyword parsers
    - BUILD: server: remove a build warning introduced by latest series
    - BUG/MINOR: log-format: uncatched memory allocation functions
    - CLEANUP: log-format: useless file and line in json converter
    - CLEANUP/MINOR: log-format: unexport functions parse_logformat_var_args() and parse_logformat_var()
    - CLEANUP: log-format: fix return code of the function parse_logformat_var()
    - CLEANUP: log-format: fix return code of function parse_logformat_var_args()
    - CLEANUP: log-format: remove unused arguments
    - MEDIUM: log-format: strict parsing and enable fail
    - MEDIUM: log-format/conf: take into account the parse_logformat_string() return code
    - BUILD: ssl: make the SSL layer build again with openssl 0.9.8
    - BUILD: vars: remove a build warning on vars.c
    - MINOR: lua: add utility function for check boolean argument
    - MINOR: lua: Add tokenize function.
    - BUG/MINOR: conf: calloc untested
    - MINOR: http/conf: store the use_backend configuration file and line for logs
    - MEDIUM: log-format: Use standard HAProxy log system to report errors
    - CLEANUP: sample: report "converter" instead of "conv method" in error messages
    - BUG: spoe: Fix parsing of SPOE actions in ACK frames
    - MINOR: cli: make "show stat" support a proxy name
    - MINOR: cli: make "show errors" support a proxy name
    - MINOR: cli: make "show errors" capable of dumping only request or response
    - BUG/MINOR: freq-ctr: make swrate_add() support larger values
    - CLEANUP: counters: move from 3 types to 2 types
    - CLEANUP: cfgparse: cascade the warnif_misplaced_* rules
    - REORG: tcp-rules: move tcp rules processing to their own file
    - REORG: stkctr: move all the stick counters processing to stick-tables.c
    - DOC: update the roadmap file with the latest changes
2016-11-25 16:39:17 +01:00
Willy Tarreau
d5d890be21 [RELEASE] Released version 1.7-dev6
Released version 1.7-dev6 with the following main changes :
    - DOC: fix the entry for hash-balance-factor config option
    - DOC: Fix typo in description of `-st` parameter in man page
    - CLEANUP: cfgparse: Very minor spelling correction
    - MINOR: examples: Update haproxy.spec URLs to haproxy.org
    - BUG/MEDIUM: peers: on shutdown, wake up the appctx, not the stream
    - BUG/MEDIUM: peers: fix use after free in peer_session_create()
    - MINOR: peers: make peer_session_forceshutdown() use the appctx and not the stream
    - MINOR: peers: remove the pointer to the stream
    - BUG/MEDIUM: systemd-wrapper: return correct exit codes
    - DOC: stats: provide state details for show servers state
    - MEDIUM: tools: make str2ip2() preserve existing ports
    - CLEANUP: tools: make ipcpy() preserve the original port
    - OPTIM: http: move all http character classs tables into a single one
    - OPTIM: http: improve parsing performance of long header lines
    - OPTIM: http: improve parsing performance of long URIs
    - OPTIM: http: optimize lookup of comma and quote in header values
    - BUG/MEDIUM: srv-state: properly restore the DRAIN state
    - BUG/MINOR: srv-state: allow to have both CMAINT and FDRAIN flags
    - MINOR: server: do not emit warnings/logs/alerts on server state changes at boot
    - BUG/MEDIUM: servers: properly propagate the maintenance states during startup
    - MEDIUM: wurfl: add Scientiamobile WURFL device detection module
    - DOC: move the device detection modules documentation to their own files
    - CLEANUP: wurfl: reduce exposure in the rest of the code
    - MEDIUM: ssl: Add support for OpenSSL 1.1.0
    - MINOR: stream: make option contstats usable again
    - MEDIUM: tools: make str2sa_range() return the FQDN even when not resolving
    - MINOR: init: move apply_server_state in haproxy.c before MODE_CHECK
    - MAJOR: server: postpone address resolution
    - MINOR: new srv_admin flag: SRV_ADMF_RMAINT
    - MINOR: server: indicate in the logs when RMAINT is cleared
    - MINOR: stats: indicate it when a server is down due to resolution
    - MINOR: server: make srv_set_admin_state() capable of telling why this happens
    - MINOR: dns: implement extra 'hold' timers.
    - MAJOR: dns: runtime resolution can change server admin state
    - MEDIUM: cli: leave the RMAINT state when setting an IP address on the CLI
    - MEDIUM: server: add a new init-addr server line setting
    - MEDIUM: server: make use of init-addr
    - MINOR: server: implement init-addr none
    - MEDIUM: server: make libc resolution failure non-fatal
    - MINOR: server: add support for explicit numeric address in init-addr
    - DOC: add some documentation for the "init-addr" server keyword
    - MINOR: init: add -dr to ignore server address resolution failures
    - MEDIUM: server: do not restrict anymore usage of IP address from the state file
    - BUG: vars: Fix 'set-var' converter because of a typo
    - CLEANUP: remove last references to 'ruleset' section
    - MEDIUM: filters: Add attch/detach and stream_set_backend callbacks
    - MINOR: filters: Update filters documentation accordingly to recent changes
    - MINOR: filters: Call stream_set_backend callbacks before updating backend stats
    - MINOR: filters: Remove backend filters attached to a stream only for HTTP streams
    - MINOR: flt_trace: Add hexdump option to dump forwarded data
    - MINOR: cfgparse: Add functions to backup and restore registered sections
    - MINOR: cfgparse: Parse scope lines and save the last one parsed
    - REORG: sample: move code to release a sample expression in sample.c
    - MINOR: vars: Allow '.' in variable names
    - MINOR: vars: Add vars_set_by_name_ifexist function
    - MEDIUM: vars: Add a per-process scope for variables
    - MINOR: vars: Add 'unset-var' action/converter
    - MAJOR: spoe: Add an experimental Stream Processing Offload Engine
    - MINOR: spoe: add random ip-reputation service as SPOA example
    - MINOR: spoe/checks: Add support for SPOP health checks
    - DOC: update ROADMAP file
2016-11-09 23:18:17 +01:00
Willy Tarreau
608efa173c [RELEASE] Released version 1.7-dev5
Released version 1.7-dev5 with the following main changes :
    - MINOR: cfgparse: few memory leaks fixes.
    - MEDIUM: log: Decompose %Tq in %Th %Ti %TR
    - CLEANUP: logs: remove unused log format field definitions
    - BUILD/MAJOR:updated 51d Trie implementation to incorperate latest update to 51Degrees.c
    - BUG/MAJOR: stream: properly mark the server address as unset on connect retry
    - CLEANUP: proto_http: Removing useless variable assignation
    - CLEANUP: dumpstats: Removing useless variables allocation
    - CLEANUP: dns: Removing usless variable & assignation
    - BUG/MINOR: payload: fix SSLv2 version parser
    - MINOR: cli: allow the semi-colon to be escaped on the CLI
    - MINOR: cli: change a server health check port through the stats socket
    - BUG/MINOR: Fix OSX compilation errors
    - MAJOR: check: find out which port to use for health check at run time
    - MINOR: server: introduction of 3 new server flags
    - MINOR: new update_server_addr_port() function to change both server's ADDR and service PORT
    - MINOR: cli: ability to change a server's port
    - CLEANUP/MINOR dns: comment do not follow up code update
    - MINOR: chunk: new strncat function
    - MINOR: dns: wrong DNS_MAX_UDP_MESSAGE value
    - MINOR: dns: new MAX values
    - MINOR: dns: new macro to compute DNS header size
    - MINOR: dns: new DNS structures to store received packets
    - MEDIUM: dns: new DNS response parser
    - MINOR: dns: query type change when last record is a CNAME
    - MINOR: dns: proper domain name validation when receiving DNS response
    - MINOR: dns: comments in types/dns.h about structures endianness
    - BUG/MINOR: displayed PCRE version is running release
    - MINOR: show Built with PCRE version
    - MINOR: show Running on zlib version
    - MEDIUM: make SO_REUSEPORT configurable
    - MINOR: enable IP_BIND_ADDRESS_NO_PORT on backend connections
    - BUG/MEDIUM: http/compression: Fix how chunked data are copied during the HTTP body parsing
    - BUG/MINOR: stats: report the correct conn_time in backend's html output
    - BUG/MEDIUM: dns: don't randomly crash on out-of-memory
    - MINOR: Add fe_req_rate sample fetch
    - MEDIUM: peers: Fix a peer stick-tables synchronization issue.
    - MEDIUM: cli: register CLI keywords with cli_register_kw()
    - BUILD: Make use of accept4() on OpenBSD.
    - MINOR: tcp: make set-src/set-src-port and set-dst/set-dst-port commutative
    - DOC: fix missed entry for "set-{src,dst}{,-port}"
    - BUG/MINOR: vars: use sess and not s->sess in action_store()
    - BUG/MINOR: vars: make smp_fetch_var() more robust against misuses
    - BUG/MINOR: vars: smp_fetch_var() doesn't depend on HTTP but on the session
    - MINOR: stats: output dcon
    - CLEANUP: tcp rules: mention everywhere that tcp-conn rules are L4
    - MINOR: counters: add new fields for denied_sess
    - MEDIUM: tcp: add registration and processing of TCP L5 rules
    - MINOR: stats: emit dses
    - DOC: document tcp-request session
    - MINOR: ssl: add debug traces
    - BUILD/CLEANUP: ssl: Check BIO_reset() return code
    - BUG/MINOR: ssl: Check malloc return code
    - BUG/MINOR: ssl: prevent multiple entries for the same certificate
    - BUG/MINOR: systemd: make the wrapper return a non-null status code on error
    - BUG/MINOR: systemd: always restore signals before execve()
    - BUG/MINOR: systemd: check return value of calloc()
    - MINOR: systemd: report it when execve() fails
    - BUG/MEDIUM: systemd: let the wrapper know that haproxy has completed or failed
    - MINOR: proxy: add 'served' field to proxy, equal to total of all servers'
    - MINOR: backend: add hash-balance-factor option for hash-type consistent
    - MINOR: server: compute a "cumulative weight" to allow chash balancing to hit its target
    - MEDIUM: server: Implement bounded-load hash algorithm
    - SCRIPTS: make git-show-backports also dump a "git show" command
    - MINOR: build: Allow linking to device-atlas library file
    - MINOR: stats: Escape equals sign on socket dump
2016-10-25 22:22:00 +02:00
Willy Tarreau
41d5e3a610 [RELEASE] Released version 1.7-dev4
Released version 1.7-dev4 with the following main changes :
    - MINOR: add list_append_word function
    - MEDIUM: init: use list_append_word in haproxy.c
    - MEDIUM: init: allow directory as argument of -f
    - CLEANUP: config: detect double registration of a config section
    - MINOR: log: add the %Td log-format specifier
    - MEDIUM: filters: Move HTTP headers filtering in its own callback
    - MINOR: filters: Simplify calls to analyzers using 2 new macros
    - MEDIUM: filters: Add pre and post analyzer callbacks
    - DOC: filters: Update the filters documentation accordingly to recent changes
    - BUG/MEDIUM: init: don't use environment locale
    - SCRIPTS: teach git-show-backports how to report upstream commits
    - SCRIPTS: make git-show-backports capable of limiting its history
    - BUG/MAJOR: fix listening IP address storage for frontends
    - BUG/MINOR: fix listening IP address storage for frontends (cont)
    - DOC: Fix typo so fetch is properly parsed by Cyril's converter
    - BUG/MAJOR: http: fix breakage of "reqdeny" causing random crashes
    - BUG/MEDIUM: stick-tables: fix breakage in table converters
    - MINOR: stick-table: change all stick-table converters' inputs to SMP_T_ANY
    - BUG/MEDIUM: dns: unbreak DNS resolver after header fix
    - BUILD: fix build on Solaris 11
    - BUG/MEDIUM: config: fix multiple declaration of section parsers
    - BUG/MEDIUM: stats: show servers state may show an servers from another backend
    - BUG/MEDIUM: fix risk of segfault with "show tls-keys"
    - MEDIUM: dumpstats: 'show tls-keys' is now able to show secrets
    - DOC: update doc about tls-tickets-keys dump
    - MEDIUM: tcp: add 'set-src' to 'tcp-request connection'
    - MINOR: set the CO_FL_ADDR_FROM_SET flags with 'set-src'
    - MEDIUM: tcp/http: add 'set-src-port' action
    - MEDIUM: tcp/http: new set-dst/set-dst-port actions
    - BUG/MEDIUM: sticktables: segfault in some configuration error cases
    - BUILD/MEDIUM: rebuild everything when an include file is changed
    - BUILD/MEDIUM: force a full rebuild if some build options change
    - BUG/MEDIUM: lua: converters doesn't work
    - BUG/MINOR: http: add-header: header name copied twice
    - BUG/MEDIUM: http: add-header: buffer overwritten
    - BUG/MINOR: ssl: fix potential memory leak in ssl_sock_load_dh_params()
    - MINOR: stream: export the function 'smp_create_src_stkctr'
    - BUG/MEDIUM: dumpstats: undefined behavior in stats_tlskeys_list()
    - MEDIUM: dumpstats: make stats_tlskeys_list() yield-aware during tls-keys dump
    - BUG/MINOR: http: url32+src should use the big endian version of url32
    - BUG/MINOR: http: url32+src should check cli_conn before using it
    - DOC: http: add documentation for url32 and url32+src
    - BUG/MINOR: fix http-response set-log-level parsing error
    - MINOR: systemd: Use variable for config and pidfile paths
    - MINOR: systemd: Perform sanity check on config before reload
    - MEDIUM: ssl: support SNI filters with multicerts
    - MINOR: ssl: crt-list parsing factor
    - BUILD: ssl: fix typo causing a build failure in the multicert patch
    - MINOR: listener: add the "accept-netscaler-cip" option to the "bind" keyword
    - MINOR: tcp: add "tcp-request connection expect-netscaler-cip layer4"
    - BUG/MINOR: init: always ensure that global.rlimit_nofile matches actual limits
    - BUG/MINOR: init: ensure that FD limit is raised to the max allowed
    - BUG/MEDIUM: external-checks: close all FDs right after the fork()
    - BUG/MAJOR: external-checks: use asynchronous signal delivery
    - BUG/MINOR: external-checks: do not unblock undesired signals
    - CLEANUP: external-check: don't block/unblock SIGCHLD when manipulating the list
    - BUG/MEDIUM: filters: Fix data filtering when data are modified
    - BUG/MINOR: filters: Fix HTTP parsing when a filter loops on data forwarding
    - BUG/MINOR: srv-state: fix incorrect output of state file
    - BUG/MINOR: ssl: close ssl key file on error
    - BUG/MINOR: http: fix misleading error message for response captures
    - BUG/BUILD: don't automatically run "make" on "make install"
    - DOC: add missing doc for http-request deny [deny_status <status>]
    - CLEANUP: dumpstats: u64 field is an unsigned type.
    - BUG/MEDIUM: http: unbreak uri/header/url_param hashing
    - BUG/MINOR: Rework slightly commit 9962f8fc to clean code and avoid mistakes
    - MINOR: new function my_realloc2 = realloc + free upon failure
    - CLEANUP: fixed some usages of realloc leading to memory leak
    - Revert "BUG/MINOR: ssl: fix potential memory leak in ssl_sock_load_dh_params()"
    - CLEANUP: connection: using internal struct to hold source and dest port.
    - DOC: spelling fixes
    - BUG/MINOR: ssl: fix potential memory leak in ssl_sock_load_dh_params()
    - BUG/MEDIUM: dns: fix alignment issues in the DNS response parser
    - BUG/MINOR: Fix endiness issue in DNS header creation code
    - BUG/MEDIUM: lua: the function txn_done() from sample fetches can crash
    - BUG/MEDIUM: lua: the function txn_done() from action wrapper can crash
    - MEDIUM: http: implement http-response track-sc* directive
    - BUG/MINOR: peers: Fix peers data decoding issue
    - BUG/MINOR: peers: don't count track-sc multiple times on errors
    - MINOR: standard: add function "escape_string"
    - BUG/MEDIUM: log: use function "escape_string" instead of "escape_chunk"
    - MINOR: tcp: Return TCP statistics like RTT and RTT variance
    - DOC: lua: remove old functions
    - BUG/MEDIUM: lua: somme HTTP manipulation functions are called without valid requests
    - DOC: fix json converter example and error message
    - BUG/MEDIUM: stream-int: completely detach connection on connect error
    - DOC: minor typo fixes to improve HTML parsing by haproxy-dconv
    - BUILD: make proto_tcp.c compatible with musl library
    - BUG/MAJOR: compression: initialize avail_in/next_in even during flush
    - BUG/MEDIUM: samples: make smp_dup() always duplicate the sample
    - MINOR: sample: implement smp_is_safe() and smp_make_safe()
    - MINOR: sample: provide smp_is_rw() and smp_make_rw()
    - BUG/MAJOR: server: the "sni" directive could randomly cause trouble
    - BUG/MEDIUM: stick-tables: do not fail on string keys with no allocated size
    - BUG/MEDIUM: stick-table: properly convert binary samples to keys
    - MINOR: sample: use smp_make_rw() in upper/lower converters
    - MINOR: tcp: add dst_is_local and src_is_local
    - BUG/MINOR: peers: some updates are pushed twice after a resync.
    - BUILD: protocol: fix some build errors on OpenBSD
    - BUILD: log: iovec requires to include sys/uio.h on OpenBSD
    - BUILD: tcp: do not include netinet/ip.h for IP_TTL
    - BUILD: connection: fix build breakage on openbsd due to missing in_systm.h
    - BUILD: checks: remove the last strcat and eliminate a warning on OpenBSD
    - BUILD: tcp: define SOL_TCP when only IPPROTO_TCP exists
    - BUILD: compression: remove a warning when no compression lib is used
    - BUILD: poll: remove unused hap_fd_isset() which causes a warning with clang
    - MINOR: tcp: add further tcp info fetchers
    - BUG/MINOR: peers: empty chunks after a resync.
    - BUG/MAJOR: stick-counters: possible crash when using sc_trackers with wrong table
    - MINOR: standard.c: ipcmp() function to compare 2 IP addresses stored in 2 struct sockaddr_storage
    - MINOR: standard.c: ipcpy() function to copy an IP address from a struct sockaddr_storage into an other one
    - MAJOR: listen section: don't use first bind port anymore when no server ports are provided
2016-08-14 12:25:21 +02:00
Willy Tarreau
7d1b48fae0 [RELEASE] Released version 1.7-dev3
Released version 1.7-dev3 with the following main changes :
    - MINOR: sample: Moves ARGS underlying type from 32 to 64 bits.
    - BUG/MINOR: log: Don't use strftime() which can clobber timezone if chrooted
    - BUILD: namespaces: fix a potential build warning in namespaces.c
    - MINOR: da: Using ARG12 macro for the sample fetch and the convertor.
    - DOC: add encoding to json converter example
    - BUG/MINOR: conf: "listener id" expects integer, but its not checked
    - DOC: Clarify tunes.vars.xxx-max-size settings
    - CLEANUP: chunk: adding NULL check to chunk_dup allocation.
    - CLEANUP: connection: fix double negation on memcmp()
    - BUG/MEDIUM: peers: fix incorrect age in frequency counters
    - BUG/MEDIUM: Fix RFC5077 resumption when more than TLS_TICKETS_NO are present
    - BUG/MAJOR: Fix crash in http_get_fhdr with exactly MAX_HDR_HISTORY headers
    - BUG/MINOR: lua: can't load external libraries
    - BUG/MINOR: prevent the dump of uninitialized vars
    - CLEANUP: map: it seems that the map were planed to be chained
    - MINOR: lua: move class registration facilities
    - MINOR: lua: remove some useless checks
    - CLEANUP: lua: Remove two same functions
    - MINOR: lua: refactor the Lua object registration
    - MINOR: lua: precise message when a critical error is catched
    - MINOR: lua: post initialization
    - MINOR: lua: Add internal function which strip spaces
    - MINOR: lua: convert field to lua type
    - DOC: "addr" parameter applies to both health and agent checks
    - DOC: timeout client: pointers to timeout http-request
    - DOC: typo on stick-store response
    - DOC: stick-table: amend paragraph blaming the loss of table upon reload
    - DOC: typo: ACL subdir match
    - DOC: typo: maxconn paragraph is wrong due to a wrong buffer size
    - DOC: regsub: parser limitation about the inability to use closing square brackets
    - DOC: typo: req.uri is now replaced by capture.req.uri
    - DOC: name set-gpt0 mismatch with the expected keyword
    - MINOR: http: sample fetch which returns unique-id
    - MINOR: dumpstats: extract stats fields enum and names
    - MINOR: dumpstats: split stats_dump_info_to_buffer() in two parts
    - MINOR: dumpstats: split stats_dump_fe_stats() in two parts
    - MINOR: dumpstats: split stats_dump_li_stats() in two parts
    - MINOR: dumpstats: split stats_dump_sv_stats() in two parts
    - MINOR: dumpstats: split stats_dump_be_stats() in two parts
    - MINOR: lua: dump general info
    - MINOR: lua: add class proxy
    - MINOR: lua: add class server
    - MINOR: lua: add class listener
    - BUG/MEDIUM: stick-tables: some sample-fetch doesn't work in the connection state.
    - MEDIUM: proxy: use dynamic allocation for error dumps
    - CLEANUP: remove unneeded casts
    - CLEANUP: uniformize last argument of malloc/calloc
    - DOC: fix "needed" typo
    - BUG/MINOR: dumpstats: fix write to global chunk
    - BUG/MINOR: dns: inapropriate way out after a resolution timeout
    - BUG/MINOR: dns: trigger a DNS query type change on resolution timeout
    - CLEANUP: proto_http: few corrections for gcc warnings.
    - BUG/MINOR: DNS: resolution structure change
    - BUG/MINOR : allow to log cookie for tarpit and denied request
    - BUG/MEDIUM: ssl: rewind the BIO when reading certificates
    - OPTIM/MINOR: session: abort if possible before connecting to the backend
    - DOC: http: rename the unique-id sample and add the documentation
    - BUG/MEDIUM: trace.c: rdtsc() is defined in two files
    - BUG/MEDIUM: channel: fix miscalculation of available buffer space (2nd try)
    - BUG/MINOR: server: risk of over reading the pref_net array.
    - BUG/MINOR: cfgparse: couple of small memory leaks.
    - BUG/MEDIUM: sample: initialize the pointer before parse_binary call.
    - DOC: fix discrepancy in the example for http-request redirect
    - MINOR: acl: Add predefined METH_DELETE, METH_PUT
    - CLEANUP: .gitignore cleanup
    - DOC: Clarify IPv4 address / mask notation rules
    - CLEANUP: fix inconsistency between fd->iocb, proto->accept and accept()
    - BUG/MEDIUM: fix maxaccept computation on per-process listeners
    - BUG/MINOR: listener: stop unbound listeners on startup
    - BUG/MINOR: fix maxaccept computation according to the frontend process range
    - TESTS: add blocksig.c to run tests with all signals blocked
    - MEDIUM: unblock signals on startup.
    - MINOR: filters: Print the list of existing filters during HA startup
    - MINOR: filters: Typo in an error message
    - MINOR: filters: Filters must define the callbacks struct during config parsing
    - DOC: filters: Add filters documentation
    - BUG/MEDIUM: channel: don't allow to overwrite the reserve until connected
    - BUG/MEDIUM: channel: incorrect polling condition may delay event delivery
    - BUG/MEDIUM: channel: fix miscalculation of available buffer space (3rd try)
    - BUG/MEDIUM: log: fix risk of segfault when logging HTTP fields in TCP mode
    - MINOR: Add ability for agent-check to set server maxconn
    - CLEANUP: Use server_parse_maxconn_change_request for maxconn CLI updates
    - MINOR: filters: add opaque data
    - BUG/MEDIUM: lua: protects the upper boundary of the argument list for converters/fetches.
    - MINOR: lua: migrate the argument mask to 64 bits type.
    - BUG/MINOR: dumpstats: Fix the "Total bytes saved" counter in backends stats
    - BUG/MINOR: log: fix a typo that would cause %HP to log <BADREQ>
    - BUG/MEDIUM: http: fix incorrect reporting of server errors
    - MINOR: channel: add new function channel_congested()
    - BUG/MEDIUM: http: fix risk of CPU spikes with pipelined requests from dead client
    - BUG/MAJOR: channel: fix miscalculation of available buffer space (4th try)
    - BUG/MEDIUM: stream: ensure the SI_FL_DONT_WAKE flag is properly cleared
    - BUG/MEDIUM: channel: fix inconsistent handling of 4GB-1 transfers
    - BUG/MEDIUM: stats: show servers state may show an empty or incomplete result
    - BUG/MEDIUM: stats: show backend may show an empty or incomplete result
    - MINOR: stats: fix typo in help messages
    - MINOR: stats: show stat resolvers missing in the help message
    - BUG/MINOR: dns: fix DNS header definition
    - BUG/MEDIUM: dns: fix alignment issue when building DNS queries
    - CLEANUP: don't ignore scripts in .gitignore
    - BUILD: add a few release and backport scripts in scripts/
2016-05-10 15:36:58 +02:00
Willy Tarreau
8234f6dae8 [RELEASE] Released version 1.7-dev2
Released version 1.7-dev2 with the following main changes :
    - DOC: lua: fix lua API
    - DOC: mailers: typo in 'hostname' description
    - DOC: compression: missing mention of libslz for compression algorithm
    - BUILD/MINOR: regex: missing header
    - BUG/MINOR: stream: bad return code
    - DOC: lua: fix somme errors and add implicit types
    - MINOR: lua: add set/get priv for applets
    - BUG/MINOR: http: fix several off-by-one errors in the url_param parser
    - BUG/MINOR: http: Be sure to process all the data received from a server
    - MINOR: filters/http: Use a wrapper function instead of stream_int_retnclose
    - BUG/MINOR: chunk: make chunk_dup() always check and set dst->size
    - DOC: ssl: fixed some formatting errors in crt tag
    - MINOR: chunks: ensure that chunk_strcpy() adds a trailing zero
    - MINOR: chunks: add chunk_strcat() and chunk_newstr()
    - MINOR: chunk: make chunk_initstr() take a const string
    - MEDIUM: tools: add csv_enc_append() to preserve the original chunk
    - MINOR: tools: make csv_enc_append() always start at the first byte of the chunk
    - MINOR: lru: new function to delete <nb> least recently used keys
    - DOC: add Ben Shillito as the maintainer of 51d
    - BUG/MINOR: 51d: Ensures a unique domain for each configuration
    - BUG/MINOR: 51d: Aligns Pattern cache implementation with HAProxy best practices.
    - BUG/MINOR: 51d: Releases workset back to pool.
    - BUG/MINOR: 51d: Aligned const pointers to changes in 51Degrees.
    - CLEANUP: 51d: Aligned if statements with HAProxy best practices and removed casts from malloc.
    - MINOR: rename master process name in -Ds (systemd mode)
    - DOC: fix a few spelling mistakes
    - DOC: fix "workaround" spelling
    - BUG/MINOR: examples: Fixing haproxy.spec to remove references to .cfg files
    - MINOR: fix the return type for dns_response_get_query_id() function
    - MINOR: server state: missing LF (\n) on error message printed when parsing server state file
    - BUG/MEDIUM: dns: no DNS resolution happens if no ports provided to the nameserver
    - BUG/MAJOR: servers state: server port is erased when dns resolution is enabled on a server
    - BUG/MEDIUM: servers state: server port is used uninitialized
    - BUG/MEDIUM: config: Adding validation to stick-table expire value.
    - BUG/MEDIUM: sample: http_date() doesn't provide the right day of the week
    - BUG/MEDIUM: channel: fix miscalculation of available buffer space.
    - MEDIUM: pools: add a new flag to avoid rounding pool size up
    - BUG/MEDIUM: buffers: do not round up buffer size during allocation
    - BUG/MINOR: stream: don't force retries if the server is DOWN
    - BUG/MINOR: counters: make the sc-inc-gpc0 and sc-set-gpt0 touch the table
    - MINOR: unix: don't mention free ports on EAGAIN
    - BUG/CLEANUP: CLI: report the proper field states in "show sess"
    - MINOR: stats: send content-length with the redirect to allow keep-alive
    - BUG: stream_interface: Reuse connection even if the output channel is empty
    - DOC: remove old tunnel mode assumptions
    - BUG/MAJOR: http-reuse: fix risk of orphaned connections
    - BUG/MEDIUM: http-reuse: do not share private connections across backends
    - BUG/MINOR: ssl: Be sure to use unique serial for regenerated certificates
    - BUG/MINOR: stats: fix missing comma in stats on agent drain
    - MAJOR: filters: Add filters support
    - MINOR: filters: Do not reset stream analyzers if the client is gone
    - REORG: filters: Prepare creation of the HTTP compression filter
    - MAJOR: filters/http: Rewrite the HTTP compression as a filter
    - MEDIUM: filters: Use macros to call filters callbacks to speed-up processing
    - MEDIUM: filters: remove http_start_chunk, http_last_chunk and http_chunk_end
    - MEDIUM: filters: Replace filter_http_headers callback by an analyzer
    - MEDIUM: filters/http: Move body parsing of HTTP messages in dedicated functions
    - MINOR: filters: Add stream_filters structure to hide filters info
    - MAJOR: filters: Require explicit registration to filter HTTP body and TCP data
    - MINOR: filters: Remove unused or useless stuff and do small optimizations
    - MEDIUM: filters: Optimize the HTTP compression for chunk encoded response
    - MINOR: filters/http: Slightly update the parsing of chunks
    - MINOR: filters/http: Forward remaining data when a channel has no "data" filters
    - MINOR: filters: Add an filter example
    - MINOR: filters: Extract proxy stuff from the struct filter
    - MINOR: map: Add regex matching replacement
    - BUG/MINOR: lua: unsafe initialization
    - DOC: lua: fix somme errors
    - MINOR: lua: file dedicated to unsafe functions
    - MINOR: lua: add "now" time function
    - MINOR: standard: add RFC HTTP date parser
    - MINOR: lua: Add date functions
    - MINOR: lua: move common function
    - MINOR: lua: merge function
    - MINOR: lua: Add concat class
    - MINOR: standard: add function "escape_chunk"
    - MEDIUM: log: add a new log format flag "E"
    - DOC: add server name at rate-limit sessions example
    - BUG/MEDIUM: ssl: fix off-by-one in ALPN list allocation
    - BUG/MEDIUM: ssl: fix off-by-one in NPN list allocation
    - DOC: LUA: fix some typos and syntax errors
    - MINOR: cli: add a new "show env" command
    - MEDIUM: config: allow to manipulate environment variables in the global section
    - MEDIUM: cfgparse: reject incorrect 'timeout retry' keyword spelling in resolvers
    - MINOR: mailers: increase default timeout to 10 seconds
    - MINOR: mailers: use <CRLF> for all line endings
    - BUG/MAJOR: lua: segfault using Concat object
    - DOC: lua: copyrights
    - MINOR: common: mask conversion
    - MEDIUM: dns: extract options
    - MEDIUM: dns: add a "resolve-net" option which allow to prefer an ip in a network
    - MINOR: mailers: make it possible to configure the connection timeout
    - BUG/MAJOR: lua: applets can't sleep.
    - BUG/MINOR: server: some prototypes are renamed
    - BUG/MINOR: lua: Useless copy
    - BUG/MEDIUM: stats: stats bind-process doesn't propagate the process mask correctly
    - BUG/MINOR: server: fix the format of the warning on address change
    - CLEANUP: server: add "const" to some message strings
    - MINOR: server: generalize the "updater" source
    - BUG/MEDIUM: chunks: always reject negative-length chunks
    - BUG/MINOR: systemd: ensure we don't miss signals
    - BUG/MINOR: systemd: report the correct signal in debug message output
    - BUG/MINOR: systemd: propagate the correct signal to haproxy
    - MINOR: systemd: ensure a reload doesn't mask a stop
    - BUG/MEDIUM: cfgparse: wrong argument offset after parsing server "sni" keyword
    - CLEANUP: stats: Avoid computation with uninitialized bits.
    - CLEANUP: pattern: Ignore unknown samples in pat_match_ip().
    - CLEANUP: map: Avoid memory leak in out-of-memory condition.
    - BUG/MINOR: tcpcheck: fix incorrect list usage resulting in failure to load certain configs
    - BUG/MAJOR: samples: check smp->strm before using it
    - MINOR: sample: add a new helper to initialize the owner of a sample
    - MINOR: sample: always set a new sample's owner before evaluating it
    - BUG/MAJOR: vars: always retrieve the stream and session from the sample
    - CLEANUP: payload: remove useless and confusing nullity checks for channel buffer
    - BUG/MINOR: ssl: fix usage of the various sample fetch functions
    - MINOR: stats: create fields types suitable for all CSV output data
    - MINOR: stats: add all the "show info" fields in a table
    - MEDIUM: stats: fill all the show info elements prior to displaying them
    - MINOR: stats: add a function to emit fields into a chunk
    - MINOR: stats: add stats_dump_info_fields() to dump one field per line
    - MEDIUM: stats: make use of stats_dump_info_fields() for "show info"
    - MINOR: stats: add a declaration of all stats fields
    - MINOR: stats: don't hard-code the CSV fields list anymore
    - MINOR: stats: create stats fields storage and CSV dump function
    - MEDIUM: stats: convert stats_dump_fe_stats() to use stats_dump_fields_csv()
    - MEDIUM: stats: make stats_dump_fe_stats() use stats fields for HTML dump
    - MEDIUM: stats: convert stats_dump_li_stats() to use stats_dump_fields_csv()
    - MEDIUM: stats: make stats_dump_li_stats() use stats fields for HTML dump
    - MEDIUM: stats: convert stats_dump_be_stats() to use stats_dump_fields_csv()
    - MEDIUM: stats: make stats_dump_be_stats() use stats fields for HTML dump
    - MEDIUM: stats: convert stats_dump_sv_stats() to use stats_dump_fields_csv()
    - MEDIUM: stats: make stats_dump_sv_stats() use the stats field for HTML
    - MEDIUM: stats: move the server state coloring logic to the server dump function
    - MINOR: stats: do not use srv->admin & STATS_ADMF_MAINT in HTML dumps
    - MINOR: stats: do not check srv->state for SRV_ST_STOPPED in HTML dumps
    - MINOR: stats: make CSV report server check status only when enabled
    - MINOR: stats: only report backend's down time if it has servers
    - MINOR: stats: prepend '*' in front of the check status when in progress
    - MINOR: stats: make HTML stats dump rely on the table for the check status
    - MINOR: stats: add agent_status, agent_code, agent_duration to output
    - MINOR: stats: add check_desc and agent_desc to the output fields
    - MINOR: stats: add check and agent's health values in the output
    - MEDIUM: stats: make the HTML server state dump use the CSV states
    - MEDIUM: stats: only report observe errors when observe is set
    - MEDIUM: stats: expose the same flags for CLI and HTTP accesses
    - MEDIUM: stats: report server's address in the CSV output
    - MEDIUM: stats: report the cookie value in the server & backend CSV dumps
    - MEDIUM: stats: compute the color code only in the HTML form
    - MEDIUM: stats: report the listeners' address in the CSV output
    - MEDIUM: stats: make it possible to report the WAITING state for listeners
    - REORG: stats: dump the frontend's HTML stats via a generic function
    - REORG: stats: dump the socket stats via the generic function
    - REORG: stats: dump the server stats via the generic function
    - REORG: stats: dump the backend stats via the generic function
    - MEDIUM: stats: add a new "mode" column to report the proxy mode
    - MINOR: stats: report the load balancing algorithm in CSV output
    - MINOR: stats: add 3 fields to report the frontend-specific connection stats
    - MINOR: stats: report number of intercepted requests for frontend and backends
    - MINOR: stats: introduce stats_dump_one_line() to dump one stats line
    - CLEANUP: stats: make stats_dump_fields_html() not rely on proxy anymore
    - MINOR: stats: add ST_SHOWADMIN to pass the admin info in the regular flags
    - MINOR: stats: make stats_dump_fields_html() not use &trash by default
    - MINOR: stats: add functions to emit typed fields into a chunk
    - MEDIUM: stats: support "show info typed" on the CLI
    - MEDIUM: stats: implement a typed output format for stats
    - DOC: document the "show info typed" and "show stat typed" output formats
    - MINOR: cfgparse: warn when uid parameter is not a number
    - MINOR: cfgparse: warn when gid parameter is not a number
    - BUG/MINOR: standard: Avoid free of non-allocated pointer
    - BUG/MINOR: pattern: Avoid memory leak on out-of-memory condition
    - CLEANUP: http: fix a build warning introduced by a recent fix
    - BUG/MINOR: log: GMT offset not updated when entering/leaving DST
2016-03-14 00:10:05 +01:00
Willy Tarreau
cb92825af9 [RELEASE] Released version 1.7-dev1
Released version 1.7-dev1 with the following main changes :
    - DOC: specify that stats socket doc (section 9.2) is in management
    - BUILD: install only relevant and existing documentation
    - CLEANUP: don't ignore debian/ directory if present
    - BUG/MINOR: dns: parsing error of some DNS response
    - BUG/MEDIUM: namespaces: don't fail if no namespace is used
    - BUG/MAJOR: ssl: free the generated SSL_CTX if the LRU cache is disabled
    - MEDIUM: dns: Don't use the ANY query type
    - BUILD: ssl: fix build error introduced in commit 7969a3 with OpenSSL < 1.0.0
    - DOC: fix a typo for a "deviceatlas" keyword
    - FIX: small typo in an example using the "Referer" header
    - MINOR: cli: ability to set per-server maxconn
    - DEBUG/MINOR: memory: add a build option to disable memory pools sharing
    - DEBUG/MEDIUM: memory: optionally protect free data in pools
    - DEBUG/MEDIUM: memory: add optional control pool memory operations
    - MEDIUM: memory: add accounting for failed allocations
    - BUG/MEDIUM: config: count memory limits on 64 bits, not 32
    - BUG/MAJOR: dns: first DNS response packet not matching queried hostname may lead to a loop
    - BUG/MINOR: dns: unable to parse CNAMEs response
    - BUG/MINOR: examples/haproxy.init: missing brace in quiet_check()
    - DOC: deviceatlas: more example use cases.
    - MINOR: config: allow IPv6 bracketed literals
    - BUG/BUILD: replace haproxy-systemd-wrapper with $(EXTRA) in install-bin.
    - BUILD: add Haiku as supported target.
    - BUG/MAJOR: http: don't requeue an idle connection that is already queued
    - DOC: typo on capture.res.hdr and capture.req.hdr
    - BUG/MINOR: dns: check for duplicate nameserver id in a resolvers section was missing
    - CLEANUP: use direction names in place of numeric values
    - BUG/MEDIUM: lua: sample fetches based on response doesn't work
    - MINOR: check: add agent-send server parameter
    - BUG/MINOR: http rule: http capture 'id' rule points to a non existing id
    - BUG/MINOR: server: check return value of fgets() in apply_server_state()
    - BUG/MINOR: acl: don't use record layer in req_ssl_ver
    - BUILD: freebsd: double declaration
    - BUG/MEDIUM: lua: clean output buffer
    - BUILD: check for libressl to be able to build against it
    - DOC: lua-api/index.rst small example fixes, spelling correction.
    - DOC: lua: architecture and first steps
    - DOC: relation between timeout http-request and option http-buffer-request
    - BUILD: Make deviceatlas require PCRE
    - BUG: http: do not abort keep-alive connections on server timeout
    - BUG/MEDIUM: http: switch the request channel to no-delay once done.
    - BUG/MINOR: lua: don't force-sslv3 LUA's SSL socket
    - BUILD/MINOR: http: proto_http.h needs sample.h
    - BUG/MEDIUM: http: don't enable auto-close on the response side
    - BUG/MEDIUM: stream: fix half-closed timeout handling
    - CLEANUP: compression: don't allocate DEFAULT_MAXZLIBMEM without USE_ZLIB
    - BUG/MEDIUM: cli: changing compression rate-limiting must require admin level
    - BUG/MEDIUM: sample: urlp can't match an empty value
    - BUILD: dumpstats: silencing warning for printf format specifier / time_t
    - CLEANUP: proxy: calloc call inverted arguments
    - MINOR: da: silent logging by default and displaying DeviceAtlas support if built.
    - BUG/MEDIUM: da: stop DeviceAtlas processing in the convertor if there is no input.
    - DOC: Edited 51Degrees section of README/
    - BUG/MEDIUM: checks: email-alert not working when declared in defaults
    - BUG/MINOR: checks: email-alert causes a segfault when an unknown mailers section is configured
    - BUG/MINOR: checks: typo in an email-alert error message
    - BUG/MINOR: tcpcheck: conf parsing error when no port configured on server and last rule is a CONNECT with no port
    - BUG/MINOR: tcpcheck: conf parsing error when no port configured on server and first rule(s) is (are) COMMENT
    - BUG/MEDIUM: http: fix http-reuse when frontend and backend differ
    - DOC: prefer using http-request/response over reqXXX/rspXXX directives
    - CLEANUP: haproxy: using _GNU_SOURCE instead of __USE_GNU macro.
    - MINOR: ssl: Added cert_key_and_chain struct
    - MEDIUM: ssl: Added support for creating SSL_CTX with multiple certs
    - MINOR: ssl: Added multi cert support for crt-list config keyword
    - MEDIUM: ssl: Added multi cert support for loading crt directories
    - MEDIUM: ssl: Added support for Multi-Cert OCSP Stapling
    - BUILD: ssl: set SSL_SOCK_NUM_KEYTYPES with openssl < 1.0.2
    - MINOR: config: make tune.recv_enough configurable
    - BUG/MEDIUM: config: properly adjust maxconn with nbproc when memmax is forced
    - DOC: ssl: Adding docs for Multi-Cert bundling
    - BUG/MEDIUM: peers: table entries learned from a remote are pushed to others after a random delay.
    - BUG/MEDIUM: peers: old stick table updates could be repushed.
    - MINOR: lua: service/applet can have access to the HTTP headers when a POST is received
    - REORG/MINOR: lua: convert boolean "int" to bitfield
    - BUG/MEDIUM: lua: Lua applets must not fetch samples using http_txn
    - BUG/MINOR: lua: Lua applets must not use http_txn
    - BUG/MEDIUM: lua: Forbid HTTP applets from being called from tcp rulesets
    - BUG/MAJOR: lua: Do not force the HTTP analysers in use-services
    - CLEANUP: lua: bad error messages
    - CONTRIB: initiate a debugging suite to make debugging easier
2015-12-20 23:33:18 +01:00
Willy Tarreau
991b47831a [RELEASE] Released version 1.7-dev0
Released version 1.7-dev0 with the following main changes :
    - exact copy of 1.6.0
2015-10-13 21:48:10 +02:00
Willy Tarreau
844028bb11 [RELEASE] Released version 1.6.0
Released version 1.6.0 with the following main changes :
    - BUG/MINOR: Handle interactive mode in cli handler
    - DOC: global section missing parameters
    - DOC: backend section missing parameters
    - DOC: stats paramaters available in frontend
    - MINOR: lru: do not allocate useless memory in lru64_lookup
    - BUG/MINOR: http: Add OPTIONS in supported http methods (found by find_http_meth)
    - BUG/MINOR: ssl: fix management of the cache where forged certificates are stored
    - MINOR: ssl: Release Servers SSL context when HAProxy is shut down
    - MINOR: ssl: Read the file used to generate certificates in any order
    - MINOR: ssl: Add support for EC for the CA used to sign generated certificates
    - MINOR: ssl: Add callbacks to set DH/ECDH params for generated certificates
    - BUG/MEDIUM: logs: fix time zone offset format in RFC5424
    - BUILD: Fix the build on OSX (htonll/ntohll)
    - BUILD: enable build on Linux/s390x
    - BUG/MEDIUM: lua: direction test failed
    - MINOR: lua: fix a spelling error in some error messages
    - CLEANUP: cli: ensure we can never double-free error messages
    - BUG/MEDIUM: lua: force server-close mode on Lua services
    - MEDIUM: init: support more command line arguments after pid list
    - MEDIUM: init: support a list of files on the command line
    - MINOR: debug: enable memory poisonning to use byte 0
    - BUILD: ssl: fix build error introduced by recent commit
    - BUG/MINOR: config: make the stats socket pass the correct proxy to the parsers
    - MEDIUM: server: implement TCP_USER_TIMEOUT on the server
    - DOC: mention the "namespace" options for bind and server lines
    - DOC: add the "management" documentation
    - DOC: move the stats socket documentation from config to management
    - MINOR: examples: update haproxy.spec to mention new docs
    - DOC: mention management.txt in README
    - DOC: remove haproxy-{en,fr}.txt
    - BUILD: properly report when USE_ZLIB and USE_SLZ are used together
    - MINOR: init: report use of libslz instead of "no compression"
    - CLEANUP: examples: remove some obsolete and confusing files
    - CLEANUP: examples: remove obsolete configuration file samples
    - CLEANUP: examples: fix the example file content-sw-sample.cfg
    - CLEANUP: examples: update sample file option-http_proxy.cfg
    - CLEANUP: examples: update sample file ssl.cfg
    - CLEANUP: tests: move a test file from examples/ to tests/
    - CLEANUP: examples: shut up warnings in transparent proxy example
    - CLEANUP: tests: removed completely obsolete test files
    - DOC: update ROADMAP to remove what was done in 1.6
    - BUG/MEDIUM: pattern: fixup use_after_free in the pat_ref_delete_by_id
2015-10-13 18:52:22 +02:00
Willy Tarreau
8c1ad716df [RELEASE] Released version 1.6-dev7
Released version 1.6-dev7 with the following main changes :
    - MINOR: cli: Dump all resolvers stats if no resolver section is given
    - BUG: config: external-check command validation is checking for incorrect arguments.
    - DOC: documentation format cleanups
    - DOC: lua: few typos.
    - BUG/MEDIUM: str2ip: make getaddrinfo() consider local address selection policy
    - BUG/MEDIUM: logs: segfault writing to log from Lua
    - DOC: fix lua use-service example
    - MINOR: payload: add support for tls session ticket ext
    - MINOR: lua: remove the run flag
    - MEDIUM: lua: change the timeout execution
    - MINOR: lua: rename the tune.lua.applet-timeout
    - DOC: lua: update Lua doc
    - DOC: lua: update doc according with the last Lua changes
    - MINOR: http/tcp: fill the avalaible actions
    - DOC: reorder misplaced res.ssl_hello_type in the doc
    - BUG/MINOR: tcp: make silent-drop always force a TCP reset
    - CLEANUP: tcp: silent-drop: only drain the connection when quick-ack is disabled
    - BUILD: tcp: use IPPROTO_IP when SOL_IP is not available
    - BUILD: server: fix build warnings introduced by load-server-state
    - BUG/MEDIUM: server: fix misuse of format string in load-server-state's warnings
2015-10-06 12:13:56 +02:00