mirror of
http://git.haproxy.org/git/haproxy.git/
synced 2024-12-28 07:32:15 +00:00
a40782bb24
154 Commits
Author | SHA1 | Message | Date | |
---|---|---|---|---|
Willy Tarreau
|
0b936ad946 |
[RELEASE] Released version 1.9-dev8
Released version 1.9-dev8 with the following main changes : - REORG: config: extract the global section parser into cfgparse-global - REORG: config: extract the proxy parser into cfgparse-listen.c - BUILD: update the list of supported targets and compilers in makefile and readme - BUILD: reorder the objects in the makefile - BUILD: Makefile: make "V=1" show some of the commands that are executed - BUILD: Makefile: add the quiet mode to a few more targets - BUILD: Makefile: add "$(Q)" to clean, tags and cscope targets - BUILD: Makefile: switch to quiet mode by default for CC/LD/AR - MINOR: cli: format `show proc` to be more readable - MINOR: cli: displays uptime in `show proc` - MINOR: cli: show master information in 'show proc' - BUG/MEDIUM: hpack: fix encoding of "accept-ranges" field - MAJOR: mux-h1: Remove the rxbuf and decode HTTP messages in channel's buffer - BUG/MINOR: mux-h1: Enable keep-alive on server side - BUG/MEDIUM: mux-h1: Fix freeze when the kernel splicing is used - BUG/MEDIUM: mux-h1: Don't set the flag CS_FL_RCV_MORE when nothing was parsed - BUG/MINOR: stats/htx: Remove channel's output when the request is eaten - BUG/MINOR: proto_htx: Fix request/response synchronisation on error - MINOR: stream-int: Notify caller when an error is reported after a rcv_pipe() - MINOR: stream-int: Notify caller when an error is reported after a rcv_buf() - BUG/MINOR: stream-int: Don't call snd_buf() if there are still data in the pipe - MINOR: stream-int: remove useless checks on CS and conn flags in si_cs_send() - BUG/MINOR: config: Be aware of the HTX during the check of mux protocols - BUG/MINOR: mux-htx: Fix bad test on h1c flags in h1_recv_allowed() - MEDIUM: mworker: wait mode use standard init code path - MINOR: log: introduce ha_notice() - MINOR: mworker: use ha_notice to announce a new worker - BUG/MEDIUM: http_fetch: Make sure name is initialized before http_find_header. - MINOR: cli: add mworker_accept_wrapper to 'show fd' - MEDIUM: signal: signal_unregister() removes every handlers - BUG/MEDIUM: mworker: unregister the signals of main() - MINOR: cli: add a few missing includes in proto/cli.h - REORG: time/activity: move activity measurements to activity.{c,h} - MINOR: activity: report the average loop time in "show activity" - MINOR: activity: add configuration and CLI support for "profiling.tasks" - MEDIUM: tasks: collect per-task CPU time and latency - MINOR: sample: add cpu_calls, cpu_ns_avg, cpu_ns_tot, lat_ns_avg, lat_ns_tot - MINOR: cli/activity: rename the stolen CPU time fields to mention milliseconds - BUG/MINOR: cli: Fix memory leak - BUG/MINOR: mworker: fix FD leak and memory leak in error path - MINOR: poller: move the call of tv_update_date() back to the pollers - MINOR: polling: add an option to support busy polling - MINOR: server: Add "alpn" and "npn" keywords. - MEDIUM: connection: Don't bother reactivating polling after connection retry. - MAJOR: connections: Defer mux creation for outgoing connection if alpn is set. - MEDIUM: ssl: Add ssl_bc_alpn and ssl_bc_npn sample fetches. - MINOR: servers: Free [idle|safe|priv]_conns on exit. - REGTEST: add the option to test only a specific set of files - REGTEST: add a test for connections to a "dispatch" address - BUG/MEDIUM: connections: Don't reset the conn flags in *connect_server(). - MINOR: server: Only defined conn_complete_server if USE_OPENSSL is set. - BUG/MEDIUM: servers: Don't check if we have a conn_stream too soon. - BUG/MEDIUM: sessions: Set sess->origin to NULL if the origin was destroyed. - MEDIUM: servers: Store the connection in the SI until we have a mux. - BUG/MEDIUM: h2: wake the processing task up after demuxing - BUG/MEDIUM: h2: restart demuxing after releasing buffer space |
||
Willy Tarreau
|
5c0e41b7cb |
[RELEASE] Released version 1.9-dev7
Released version 1.9-dev7 with the following main changes : - BUILD: cache: fix a build warning regarding too large an integer for the age - CLEANUP: fix typos in the comments of the Makefile - CLEANUP: fix a typo in a comment for the contrib/halog subsystem - CLEANUP: fix typos in comments for the contrib/modsecurity subsystem - CLEANUP: fix typos in comments for contrib/spoa_example - CLEANUP: fix typos in comments for contrib/wireshark-dissectors - DOC: Fix typos in README and CONTRIBUTING - MINOR: log: slightly improve error message syntax on log failure - DOC: logs: the format directive was missing from the second log part - MINOR: log: report the number of dropped logs in the stats - MEDIUM: log: add support for logging to existing file descriptors - MEDIUM: log: support a new "short" format - MEDIUM: log: add a new "raw" format - BUG/MEDIUM: stream-int: change the way buffer room is requested by a stream-int - BUG/MEDIUM: stream-int: convert some co_data() checks to channel_is_empty() - MINOR: namespaces: don't build namespace.c if disabled - BUILD/MEDIUM: threads/affinity: DragonFly build fix - MINOR: http: Add new "early-hint" http-request action. - MINOR: http: Make new "early-hint" http-request action really be parsed. - MINOR: http: Implement "early-hint" http request rules. - MINOR: doc: Add information about "early-hint" http-request action. - DOC: early-hints: fix truncated line. - MINOR: mworker: only close std{in,out,err} in daemon mode - BUG/MEDIUM: log: don't CLOEXEC the inherited FDs - BUG/MEDIUM: Make sure stksess is properly aligned. - BUG/MEDIUM: stream-int: make failed splice_in always subscribe to recv - BUG/MEDIUM: stream-int: clear CO_FL_WAIT_ROOM after splicing data in - BUG/MINOR: stream-int: make sure not to go through the rcv_buf path after splice() - CONTRIB: debug: fix build related to conn_stream flags change - REGTEST: fix scripts 1 and 3 to accept development version - BUG/MINOR: http_fetch: Remove the version part when capturing the request uri - MINOR: http: Regroup return statements of http_req_get_intercept_rule at the end - MINOR: http: Regroup return statements of http_res_get_intercept_rule at the end - BUG/MINOR: http: Be sure to sent fully formed HTTP 103 responses - MEDIUM: jobs: support unstoppable jobs for soft stop - MEDIUM: listeners: support unstoppable listener - MEDIUM: cli: worker socketpair is unstoppable - BUG/MINOR: stream-int: set SI_FL_WANT_PUT in sess_establish() - MINOR: stream: move the conn_stream specific calls to the stream-int - BUG/MINOR: config: Copy default error messages when parsing of a backend starts - CLEANUP: h2: minimum documentation for recent API changes - MINOR: mux: implement a get_first_cs() method - MINOR: stream-int: make conn_si_send_proxy() use cs_get_first() - MINOR: stream-int: relax the forwarding rules in stream_int_notify() - MINOR: stream-int: expand the flags to 32-bit - MINOR: stream-int: rename SI_FL_WAIT_ROOM to SI_FL_RXBLK_ROOM - MINOR: stream-int: introduce new SI_FL_RXBLK flags - MINOR: stream-int: add new functions si_{rx,tx}_{blocked,endp_ready}() - MINOR: stream-int: replace SI_FL_WANT_PUT with !SI_FL_RX_WAIT_EP - MINOR: stream-int: use si_rx_blocked()/si_tx_blocked() to check readiness - MEDIUM: stream-int: use si_rx_buff_{rdy,blk} to report buffer readiness - MINOR: stream-int: replace si_{want,stop}_put() with si_rx_endp_{more,done}() - MEDIUM: stream-int: update the endp polling status only at the end of si_cs_recv() - MINOR: stream-int: make si_sync_recv() simply check ENDP before si_cs_recv() - MINOR: stream-int: automatically mark applets as ready if they block on the channel - MEDIUM: stream-int: fix the si_cant_put() calls used for end point readiness - MEDIUM: stream-int: fix the si_cant_put() calls used for buffer readiness - MEDIUM: stream-int: use si_rx_shut_blk() to indicate the SI is closed - MEDIUM: stream-int: unconditionally call si_chk_rcv() in update and notify - MEDIUM: stream-int: make use of si_rx_chan_{rdy,blk} to control the stream-int from the channel - MINOR: stream-int: replace si_cant_put() with si_rx_room_{blk,rdy}() - MEDIUM: connections: Wait until the connection is established to try to recv. - MEDIUM: mux: Teach the mux_pt how to deal with idle connections. - MINOR: mux: Add a new "avail_streams" method. - MINOR: mux: Add a destroy() method. - MINOR: sessions: Start to store the outgoing connection in sessions. - MAJOR: connections: Detach connections from streams. - MINOR: conn_stream: Add a flag to notify the mux it should flush its buffers - MINOR: htx: Add proto_htx.c file - MINOR: conn_stream: Add a flag to notify the mux it must respect the reserve - MINOR: http: Add standalone functions to parse a start-line or a header - MINOR: http: Call http_send_name_header with the stream instead of the txn - MINOR: conn_stream: Add a flag to notify the SI some data were received - MINOR: http: Add macros to check if a stream uses the HTX representation - MEDIUM: proto_htx: Add HTX analyzers and use it when the mux H1 is used - MEDIUM: mux-h1: Add dummy mux to handle HTTP/1.1 connections - MEDIUM: mux-h1: Add parsing of incoming and ougoing HTTP messages - MAJOR: mux-h1/proto_htx: Handle keep-alive connections in the mux - MEDIUM: mux-h1: Add support of the kernel TCP splicing to forward data - MEDIUM: htx: Add API to deal with the internal representation of HTTP messages - MINOR: http_htx: Add functions to manipulate HTX messages in http_htx.c - MINOR: proto_htx: Add some functions to handle HTX messages - MAJOR: mux-h1/proto_htx: Switch mux-h1 and HTX analyzers on the HTX representation - MINOR: http_htx: Add functions to replace part of the start-line - MINOR: http_htx: Add functions to retrieve a specific occurrence of a header - MINOR: proto_htx: Rewrite htx_apply_redirect_rule to handle HTX messages - MINOR: proto_htx: Add the internal function htx_del_hdr_value - MINOR: proto_htx: Add the internal function htx_fmt_res_line - MINOR: proto_htx: Add functions htx_transform_header and htx_transform_header_str - MINOR: proto_htx: Add functions htx_req_replace_stline and htx_res_set_status - MINOR: proto_htx: Add function to build and send HTTP 103 responses - MINOR: proto_htx: Add functions htx_req_get_intercept_rule and htx_res_get_intercept_rule - MINOR: proto_htx: Add functions to apply req* and rsp* rules on HTX messages - MINOR: proto_htx: Add functions to manage cookies on HTX messages - MINOR: proto_htx: Add functions to check the cacheability of HTX messages - MINOR: proto_htx: Add functions htx_send_name_header - MINOR: proto_htx: Add functions htx_perform_server_redirect - MINOR: proto_htx: Add functions to handle the stats applet - MEDIUM: proto_htx: Adapt htx_process_req_common to handle HTX messages - MEDIUM: proto_htx: Adapt htx_process_request to handle HTX messages - MINOR: proto_htx: Adapt htx_process_tarpit to handle HTX messages - MEDIUM: proto_htx: Adapt htx_wait_for_request_body to handle HTX messages - MEDIUM: proto_htx: Adapt htx_process_res_common to handle HTX messages - MINOR: http_fetch: Add smp_prefetch_htx - MEDIUM: http_fetch: Adapt all fetches to handle HTX messages - MEDIUM: mux-h1: Wait for connection establishment before consuming channel's data - MINOR: stats/htx: Adapt the stats applet to handle HTX messages - MINOR: stream: Don't reset sov value with HTX messages - MEDIUM: mux-h1: Handle errors and timeouts in the stream - MINOR: filters/htx: Forbid filters when the HTX is enabled on a proxy - MINOR: lua/htx: Forbid lua usage when the HTX is enabled on a proxy - CLEANUP: Fix some typos in the haproxy subsystem - CLEANUP: Fix typos in the dns subsystem - CLEANUP: Fix typos in the pattern subsystem - CLEANUP: fix 2 typos in the xxhash subsystem - CLEANUP: fix a few typos in the comments of the server subsystem - CLEANUP: fix a misspell in tests/filltab25.c - CLEANUP: fix a typo found in the stream subsystem - CLEANUP: fix typos in comments in ebtree - CLEANUP: fix typos in reg-tests - CLEANUP: fix typos in the comments of the vars subsystem - CLEANUP: fix typos in the hlua_fcn subsystem - CLEANUP: fix typos in the proto_http subsystem - CLEANUP: fix typos in the proxy subsystem - CLEANUP: fix typos in the ssl_sock subsystem - DOC: Fix typos in different subsections of the documentation - DOC: fix a few typos in the documentation - MINOR: Fix an error message thrown when we run out of memory - MINOR: Fix typos in error messages in the proxy subsystem - MINOR: fix typos in the examples files - CLEANUP: Fix a typo in the stats subsystem - CLEANUP: Fix typos in the acl subsystem - CLEANUP: Fix typos in the cache subsystem - CLEANUP: Fix typos in the cfgparse subsystem - CLEANUP: Fix typos in the filters subsystem - CLEANUP: Fix typos in the http subsystem - CLEANUP: Fix typos in the log subsystem - CLEANUP: Fix typos in the peers subsystem - CLEANUP: Fix typos in the regex subsystem - CLEANUP: Fix typos in the sample subsystem - CLEANUP: Fix typos in the spoe subsystem - CLEANUP: Fix typos in the standard subsystem - CLEANUP: Fix typos in the stick_table subsystem - CLEANUP: Fix typos in the task subsystem - MINOR: Fix typo in error message in the standard subsystem - CLEANUP: fix typos in the comments of hlua - MINOR: Fix typo in the error 500 output of hlua - MINOR: Fix a typo in a warning message in the spoe subsystem |
||
Willy Tarreau
|
96079492e0 |
[RELEASE] Released version 1.9-dev6
Released version 1.9-dev6 with the following main changes : - BUG/MEDIUM: tools: fix direction of my_ffsl() - BUG/MINOR: cli: forward the whole command on master CLI - BUG/MEDIUM: auth/threads: use of crypt() is not thread-safe - MINOR: compat: automatically detect support for crypt_r() - MEDIUM: auth/threads: make use of crypt_r() on systems supporting it - DOC: split the http-request actions in their own section - DOC: split the http-response actions in their own section - BUG/MAJOR: stream-int: don't call si_cs_recv() in stream_int_chk_rcv_conn() - BUG/MINOR: tasks: make sure wakeup events are properly reported to subscribers - MINOR: stats: report the number of active jobs and listeners in "show info" - MINOR: stats: report the number of active peers in "show info" - MINOR: stats: report the number of currently connected peers - MINOR: cli: show the number of reload in 'show proc' - MINOR: cli: can't connect to the target CLI - MEDIUM: mworker: does not create the CLI proxy when no listener - MINOR: mworker: displays more information when leaving - MEDIUM: mworker: exit with the incriminated exit code - MINOR: mworker: displays a message when a worker is forked - MEDIUM: mworker: leave when the master die - CLEANUP: stream-int: retro-document si_cs_io_cb() - BUG/MEDIUM: mworker: does not abort() in mworker_pipe_register() - BUG/MEDIUM: stream-int: don't wake up for nothing during SI_ST_CON - BUG/MEDIUM: cli: crash when trying to access a worker - DOC: restore note about "independant" typo - MEDIUM: stream: implement stream_buf_available() - MEDIUM: appctx: check for allocation attempts in buffer allocation callbacks - MINOR: stream-int: rename si_applet_{want|stop|cant}_{get|put} - MINOR: stream-int: add si_done_{get,put} to indicate that we won't do it anymore - MINOR: stream-int: use si_cant_put() instead of setting SI_FL_WAIT_ROOM - MINOR: stream-int: make use of si_done_{get,put}() in shut{w,r} - MINOR: stream-int: make it clear that si_ops cannot be null - MEDIUM: stream-int: temporarily make si_chk_rcv() take care of SI_FL_WAIT_ROOM - MINOR: stream-int: factor the SI_ST_EST state test into si_chk_rcv() - MEDIUM: stream-int: make SI_FL_WANT_PUT reflect CF_DONT_READ - MEDIUM: stream-int: always call si_chk_rcv() when we make room in the buffer - MEDIUM: stream-int: make si_chk_rcv() check that SI_FL_WAIT_ROOM is cleared - MINOR: stream-int: replace si_update() with si_update_both() - MEDIUM: stream-int: make stream_int_update() aware of the lower layers - CLEANUP: stream-int: remove the now unused si->update() function - MEDIUM: stream-int: Rely only on SI_FL_WAIT_ROOM to stop data receipt - MEDIUM: stream-int: Try to read data even if channel's buffer seems to be full - BUG/MINOR: config: better detect the presence of the h2 pattern in npn/alpn |
||
Willy Tarreau
|
bddf292cbd |
[RELEASE] Released version 1.9-dev5
Released version 1.9-dev5 with the following main changes : - BUILD: Makefile: add the new ERR variable to force -Werror - MINOR: freq_ctr: add swrate_add_scaled() to work with large samples - MINOR: stream_interface: Avoid calling si_cs_send/recv if not needed. - CLEANUP: http: Remove the unused function http_find_header - MINOR: h1: Export some functions parsing the value of some HTTP headers - BUG/MEDIUM: stream-int: don't set SI_FL_WAIT_ROOM on CF_READ_DONTWAIT - MINOR: proxy: add a new option "http-use-htx" - BUG/MEDIUM: pools: fix the minimum allocation size - MINOR: shctx: Shared objects block by block allocation. - MINOR: cache: Larger HTTP objects caching. - MINOR: shctx: Add a maximum object size parameter. - MINOR: cache: Add "max-object-size" option. - DOC: Update about the cache support for big objects. - BUG/MINOR: cache: Crashes with "total-max-size" > 2047(MB). - BUG/MINOR: cache: Wrong usage of shctx_init(). - BUG/MINOR: ssl: Wrong usage of shctx_init(). - MINOR: cache: Avoid usage of atoi() when parsing "max-object-size". - MINOR: shctx: Change max. object size type to unsigned int. - DOC: cache: Missing information about "total-max-size" and "max-object-size" - CLEANUP: tools: fix misleading comment above function LIM2A - MEDIUM: channel: merge back flags CF_WRITE_PARTIAL and CF_WRITE_EVENT - BUG/MINOR: only mark connections private if NTLM is detected - BUG/MINOR: only auto-prefer last server if lb-alg is non-deterministic - MINOR: stream: don't prune variables if the list is empty - MINOR: stream-int: add si_alloc_ibuf() to ease input buffer allocation - MEDIUM: stream-int: replace channel_alloc_buffer() with si_alloc_ibuf() everywhere - MEDIUM: stream: always call si_cs_recv() after a failed buffer allocation - MEDIUM: stream: don't try to send first in process_stream() - MEDIUM: stream-int: make si_update() synchronize flag changes before the I/O - MEDIUM: stream-int: call si_cs_process() in stream_int_update_conn - MINOR: stream-int: don't needlessly call tasklet_wakeup() in stream_int_chk_snd_conn() - MINOR: stream-int: make stream_int_notify() not wake the tasklet up - MINOR: stream-int: don't needlessly call si_cs_send() in si_cs_process() - MINOR: mworker: number of reload in the life of a worker - MEDIUM: mworker: each worker socketpair is a CLI listener - REORG: mworker: move struct mworker_proc to global.h - MINOR: server: export new_server() function - MEDIUM: mworker: move proc_list gen before proxies startup - MEDIUM: mworker: add proc_list in global.h - MEDIUM: mworker: proxy for the master CLI - MEDIUM: mworker: create CLI listeners from argv[] - MEDIUM: cli: disable some keywords in the master - MEDIUM: mworker: find the server ptr using a CLI prefix - MEDIUM: cli: 'show proc' displays processus - MEDIUM: cli: implement 'mode cli' proxy analyzers - MINOR: cli: displays sockpair@ in "show cli sockets" - MEDIUM: cli: enable "show cli sockets" for the master - MINOR: cli: put @master @<relative pid> @!<pid> in the help - MEDIUM: listeners: set O_CLOEXEC on the accepted FDs - MEDIUM: mworker: stop the master proxy in the workers - MEDIUM: channel: reorder the channel analyzers for the cli - MEDIUM: cli: write a prompt for the CLI proxy of the master - MINOR: cli: helper to write an response message and close - MINOR: cache: Add "Age" header. - REGTEST: make the IP+port logging test more reliable - BUG/MINOR: memory: make the thread-local cache allocator set the debugging link - BUG/MAJOR: http: http_txn_get_path() may deference an inexisting buffer - BUG/MINOR: backend: assign the wait list after the error check |
||
Willy Tarreau
|
01fbe74516 |
[RELEASE] Released version 1.9-dev4
Released version 1.9-dev4 with the following main changes : - BUILD: Allow configuration of pcre-config path - DOC: clarify force-private-cache is an option - BUG/MINOR: connection: avoid null pointer dereference in send-proxy-v2 - REORG: http: move the code to different files - REORG: http: move HTTP rules parsing to http_rules.c - CLEANUP: http: remove some leftovers from recent cleanups - BUILD: Makefile: add a "make opts" target to simply show the build options - BUILD: Makefile: speed up compiler options detection - BUG/MINOR: backend: check that the mux installed properly - BUG/MEDIUM: h2: check that the connection is still valid at the end of init() - BUG/MEDIUM: h2: make h2_stream_new() return an error on memory allocation failure - REGTEST/MINOR: compatibility: use unix@ instead of abns@ sockets - MINOR: ssl: cleanup old openssl API call - MINOR: ssl: generate-certificates for BoringSSL - BUG/MEDIUM: buffers: Make sure we don't wrap in ci_insert_line2/b_rep_blk. - MEDIUM: ssl: add support for ciphersuites option for TLSv1.3 - CLEANUP: haproxy: Remove unused variable - CLEANUP: h1: Fix debug warnings for h1 headers - CLEANUP: stick-tables: Remove unneeded double (()) around conditional clause - MEDIUM: task: perform a single tree lookup per run queue batch - BUG/MEDIUM: Cur/CumSslConns counters not threadsafe. - BUG/MINOR: threads: move declaration of capabilities to config.h - OPTIM: tools: optimize my_ffsl() for x86_64 - BUG/MINOR: h2: null-deref - BUG/MINOR: checks: queues null-deref - MINOR: connections: Introduce an unsubscribe method. - MEDIUM: connections: Change struct wait_list to wait_event. - BUG/MEDIUM: h2: Make sure we're not in the send list on flow control. - BUG/MEDIUM: mworker: segfault receiving SIGUSR1 followed by SIGTERM. - BUG/MEDIUM: stream: Make sure to unsubscribe before si_release_endpoint. - MINOR: http: Move comment about some HTTP macros in the right header file - MINOR: stats: Add missing include - MINOR: http: Export some functions and do cleanup to prepare HTTP refactoring - MEDIUM: http: Ignore http-pretend-keepalive option on frontend - MEDIUM: http: Ignore http-tunnel option on backend - MINOR: http: Use same flag for httpclose and forceclose options - MINOR: h1: Add EOH marker during headers parsing - MINOR: conn-stream: Add CL_FL_NOT_FIRST flag - MINOR: h1: Change the union h1_sl to use indirect strings to store infos - MINOR: h1: Add the flag H1_MF_NO_PHDR to not add pseudo-headers during parsing - MINOR: log: make sess_log() support sess=NULL - MINOR: chunk: add chunk_cpy() and chunk_cat() - MEDIUM: h2: stop relying on H2_SS_IDLE / H2_SS_CLOSED - CLEANUP: h2: rename h2c_snd_settings() to h2c_send_settings() - MINOR: h2: don't try to send data before preface - MINOR: h2: unify the mux init function - MINOR: h2: retrieve the front proxy from the caller instead of the session - MINOR: h2: split h2c_stream_new() into h2s_new() + h2c_frt_stream_new() - MINOR: h2: add a new flag to quickly distinguish front vs back connection - BUG/MEDIUM: mworker: don't poll on LI_O_INHERITED listeners - BUG/MEDIUM: stream: don't crash on out-of-memory - BUILD: compiler: add a new statement "__unreachable()" - BUILD: lua: silence some compiler warnings about potential null derefs - BUILD: ssl: fix null-deref warning in ssl_fc_cipherlist_str sample fetch - BUILD: ssl: fix another null-deref warning in ssl_sock_switchctx_cbk() - BUILD: stick-table: make sure not to fail on task_new() during initialization - BUILD: peers: check allocation error during peers_init_sync() - MINOR: tools: add a new function atleast2() to test masks for more than 1 bit - MINOR: config: use atleast2() instead of my_popcountl() where relevant - MEDIUM: fd/threads: only grab the fd's lock if the FD has more than one thread - MAJOR: tasks: create per-thread wait queues - OPTIM: tasks: group all tree roots per cache line - DOC: Fix a few typos - MINOR: pools: allocate most memory pools from an array - MINOR: pools: split pool_free() in the lockfree variant - MEDIUM: pools: implement a thread-local cache for pool entries - BUG/MEDIUM: threads: fix thread_release() at the end of the rendez-vous point - Revert "BUILD: lua: silence some compiler warnings about potential null derefs" - BUILD: lua: silence some compiler warnings about potential null derefs (#2) - MINOR: lua: all functions calling lua_yieldk() may return - BUILD: lua: silence some compiler warnings after WILL_LJMP - BUILD: Makefile: silence an option conflict warning with clang - MINOR: server: Use memcpy() instead of strncpy(). - CLEANUP: state-file: make the path concatenation code a bit more consistent - MINOR: build: Disable -Wstringop-overflow. - MINOR: cfgparse: Write 130 as 128 as 0x82 and 0x80. - MINOR: peers: use defines instead of enums to appease clang. - DOC: fix reference to map files in MAINTAINERS - MINOR: fd: centralize poll timeout computation in compute_poll_timeout() - MINOR: poller: move time and date computation out of the pollers - BUILD: memory: fix pointer declaration for atomic CAS - BUILD: Makefile: add USE_RT to pass -lrt for clock_gettime() and friends - MINOR: time: add now_mono_time() and now_cpu_time() - MEDIUM: time: measure the time stolen by other threads - BUILD: memory: fix free_list pointer declaration again for atomic CAS - BUILD: compiler: rename __unreachable() to my_unreachable() - BUG/MEDIUM: pools: Fix the usage of mmap()) with DEBUG_UAF. - BUILD: memory: fix free_list pointer declaration again for atomic CAS - BUG/MEDIUM: h2: Close connection if no stream is left an GOAWAY was sent. - BUG/MEDIUM: connections: Remove subscription if going in idle mode. - BUG/MEDIUM: stream: Make sure polling is right on retry. - MINOR: h2: Make sure to return 1 in h2_recv() when needed. - MEDIUM: connections: Don't directly mess with the polling from the upper layers. - MINOR: streams: Call tasklet_free() after si_release_endpoint(). - MINOR: connection: Add a SUB_CALL_UNSUBSCRIBE event. - MINOR: h2: Don't run tasks that are waiting to send if mux in full. - MINOR: ebtree: save 8 bytes in struct eb32sc_node |
||
Willy Tarreau
|
27010f098d |
[RELEASE] Released version 1.9-dev3
Released version 1.9-dev3 with the following main changes : - BUG/MINOR: h1: don't consider the status for each header - MINOR: h1: report in the h1m struct if the HTTP version is 1.1 or above - MINOR: h1: parse the Connection header field - DOC: Fix typos in lua documentation - MINOR: h1: Add H1_MF_XFER_LEN flag - MINOR: http: add http_hdr_del() to remove a header from a list - MINOR: h1: add headers to the list after controls, not before - MEDIUM: h1: better handle transfer-encoding vs content-length - MEDIUM: h1: deduplicate the content-length header - BUG/MEDIUM: patterns: fix possible double free when reloading a pattern list - BUG/MEDIUM: h1: Really skip all updates when incomplete messages are parsed - CLEANUP/CONTRIB: hpack: remove some h1 build warnings - BUG/MINOR: tools: fix set_net_port() / set_host_port() on IPv4 - BUG/MINOR: cli: make sure the "getsock" command is only called on connections - MINOR: stktable: provide an unchecked version of stktable_data_ptr() - MINOR: stream-int: make si_appctx() never fail - BUILD: ssl_sock: remove build warnings on potential null-derefs - BUILD: stats: remove build warnings on potential null-derefs - BUILD: stream: address null-deref build warnings at -Wextra - BUILD: http: address a couple of null-deref warnings at -Wextra - BUILD: log: silent build warnings due to unchecked __objt_{server,applet} - BUILD: dns: fix null-deref build warning at -Wextra - BUILD: checks: silence a null-deref build warning at -Wextra - BUILD: connection: silence a couple of null-deref build warnings at -Wextra - BUILD: backend: fix 3 build warnings related to null-deref at -Wextra - BUILD: sockpair: silence a build warning at -Wextra - BUILD: build with -Wextra and sort out certain warnings - BUG/CRITICAL: hpack: fix improper sign check on the header index value - BUG/MEDIUM: http: Don't parse chunked body if there is no input data - DOC: Update configuration doc about the maximum number of stick counters. - BUG/MEDIUM: process_stream: Don't use si_cs_io_cb() in process_stream(). - MINOR: h2/stream_interface: Reintroduce te wake() method. - BUG/MEDIUM: h2: Wake the task instead of calling h2_recv()/h2_process(). - BUG/MEDIUM: process_stream(): Don't wake the task if no new data was received. - MEDIUM: lua: Add stick table support for Lua. |
||
Willy Tarreau
|
253006deed |
[RELEASE] Released version 1.9-dev2
Released version 1.9-dev2 with the following main changes : - BUG/MINOR: buffers: Fix b_slow_realign when a buffer is realign without output - BUG/MEDIUM: threads: fix the no-thread case after the change to the sync point - BUG/MEDIUM: servers: check the queues once enabling a server - BUG/MEDIUM: queue: prevent a backup server from draining the proxy's connections - MEDIUM: mux: Remove const on the buffer in mux->snd_buf() - CLEANUP: backend: Move mux install to call it at only one place - MINOR: conn_stream: add an tx buffer to the conn_stream - MINOR: conn_stream: add cs_send() as a default snd_buf() function - MINOR: backend: Try to find the best mux for outgoing connections - MEDIUM: backend: don't rely on mux_pt_ops in connect_server() - MINOR: mux: Add info about the supported side in alpn_mux_list structure - MINOR: mux: Unlink ALPN and multiplexers to rather speak of mux protocols - MINOR: mux: Print the list of existing mux protocols during HA startup - MEDIUM: checks: use the new rendez-vous point to spread check result - MEDIUM: haproxy: don't use sync_poll_loop() anymore in the main loop - MINOR: threads: remove the previous synchronization point - MAJOR: server: make server state changes synchronous again - CLEANUP: server: remove the update list and the update lock - BUG/MINOR: threads: Remove the unexisting lock label "UPDATED_SERVERS_LOCK" - BUG/MEDIUM: stream_int: Don't check CO_FL_SOCK_RD_SH flag to trigger cs receive - MINOR: mux: Change get_mux_proto to get an ist as parameter - MINOR: mux: Improve the message with the list of existing mux protocols - MINOR: mux/frontend: Add 'proto' keyword to force the mux protocol - MINOR: mux/server: Add 'proto' keyword to force the multiplexer's protocol - MEDIUM: mux: Use the mux protocol specified on bind/server lines - BUG/MEDIUM: connection/mux: take care of serverless proxies - MINOR: queue: make sure the pendconn is released before logging - MINOR: stream: rename {srv,prx}_queue_size to *_queue_pos - MINOR: queue: store the queue index in the stream when enqueuing - MINOR: queue: replace the linked list with a tree - MEDIUM: add set-priority-class and set-priority-offset - MEDIUM: queue: adjust position based on priority-class and priority-offset - DOC: update the roadmap about priority queues - BUG/MINOR: ssl: empty connections reported as errors. - MINOR: connections: Make rcv_buf mandatory and nuke cs_recv(). - MINOR: connections: Move rxbuf from the conn_stream to the h2s. - MINOR: connections: Get rid of txbuf. - MINOR: tasks: Allow tasklet_wakeup() to wakeup a task. - MINOR: connections/mux: Add the wait reason(s) to wait_list. - MINOR: stream_interface: Don't use si_cs_send() as a task handler. - MINOR: stream_interface: Give stream_interface its own wait_list. - MINOR: mux_h2: Don't use h2_send() as a callback. - MINOR: checks: Add event_srv_chk_io(). - BUG/MEDIUM: tasks: Don't insert in the global rqueue if nbthread == 1 - BUG/MEDIUM: sessions: Don't use t->state. - BUG/MEDIUM: ssl: fix missing error loading a keytype cert from a bundle. - BUG/MEDIUM: ssl: loading dh param from certifile causes unpredictable error. - BUG/MINOR: map: fix map_regm with backref - DOC: dns: explain set server ... fqdn requires resolver - DOC: add documentation for prio_class and prio_offset sample fetches. - DOC: ssl: Use consistent naming for TLS protocols - DOC: update the layering design notes - MINOR: tasks: Don't special-case when nbthreads == 1 - MINOR: fd cache: And the thread_mask with all_threads_mask. - BUG/MEDIUM: lua: socket timeouts are not applied - BUG/MINOR: lua: fix extra 500ms added to socket timeouts - BUG/MEDIUM: server: update our local state before propagating changes - BUG/MEDIUM: cli/threads: protect all "proxy" commands against concurrent updates - DOC: server/threads: document which functions need to be called with/without locks - BUG/MEDIUM: cli/threads: protect some server commands against concurrent operations - BUG/MEDIUM: streams: Don't forget to remove the si from the wait list. - BUG/MEDIUM: tasklets: Add the thread as active when waking a tasklet. - BUG/MEDIUM: stream-int: Check if the conn_stream exist in si_cs_io_cb. - BUG/MEDIUM: H2: Activate polling after successful h2_snd_buf(). - BUG/MEDIUM: stream_interface: Call the wake callback after sending. - BUG/MAJOR: queue/threads: make pendconn_redistribute not lock the server - BUG/MEDIUM: connection: don't forget to always delete the list's head - BUG/MEDIUM: lb/threads: always properly lock LB algorithms on maintenance operations - BUG/MEDIUM: check/threads: do not involve the rendez-vous point for status updates - BUG/MINOR: chunks: do not store -1 into chunk_printf() in case of error - BUG/MEDIUM: http: don't store exp_replace() result in the trash's length - BUG/MEDIUM: http: don't store url_decode() result in the samples's length - BUG/MEDIUM: dns: don't store dns_build_query() result in the trash's length - BUG/MEDIUM: map: don't store exp_replace() result in the trash's length - BUG/MEDIUM: connection: don't store recv() result into trash.data - BUG/MEDIUM: cli/ssl: don't store base64dec() result in the trash's length - MINOR: chunk: remove impossible tests on negative chunk->data - MINOR: sample: remove impossible tests on negative smp->data.u.str.data - DOC: Fix spelling error in configuration doc - REGTEST/MINOR: Missing mandatory "ignore_unknown_macro". - REGTEST/MINOR: Add a new class of regression testing files. - BUG/MEDIUM: unix: provide a ->drain() function - MINOR: connection: make conn_sock_drain() work for all socket families - BUG/MINOR: lua: Bad HTTP client request duration. - REGEST/MINOR: Add reg testing files. - BUG/MEDIUM: mux_pt: dereference the connection with care in mux_pt_wake() - REGTEST/MINOR: Add a reg testing file for |
||
Willy Tarreau
|
65e94d1ce9 |
[RELEASE] Released version 1.9-dev1
Released version 1.9-dev1 with the following main changes : - BUG/MEDIUM: kqueue: Don't bother closing the kqueue after fork. - DOC: cache: update sections and fix some typos - BUILD/MINOR: deviceatlas: enable thread support - BUG/MEDIUM: tcp-check: Don't lock the server in tcpcheck_main - BUG/MEDIUM: ssl: don't allocate shctx several time - BUG/MEDIUM: cache: bad computation of the remaining size - BUILD: checks: don't include server.h - BUG/MEDIUM: stream: fix session leak on applet-initiated connections - BUILD/MINOR: haproxy : FreeBSD/cpu affinity needs pthread_np header - BUILD/MINOR: Makefile : enabling USE_CPU_AFFINITY - BUG/MINOR: ssl: CO_FL_EARLY_DATA removal is managed by stream - BUG/MEDIUM: threads/peers: decrement, not increment jobs on quitting - BUG/MEDIUM: h2: don't report an error after parsing a 100-continue response - BUG/MEDIUM: peers: fix some track counter rules dont register entries for sync. - BUG/MAJOR: thread/peers: fix deadlock on peers sync. - BUILD/MINOR: haproxy: compiling config cpu parsing handling when needed - MINOR: config: report when "monitor fail" rules are misplaced - BUG/MINOR: mworker: fix validity check for the pipe FDs - BUG/MINOR: mworker: detach from tty when in daemon mode - MINOR: threads: Fix pthread_setaffinity_np on FreeBSD. - BUG/MAJOR: thread: Be sure to request a sync between threads only once at a time - BUILD: Fix LDFLAGS vs. LIBS re linking order in various makefiles - BUG/MEDIUM: checks: Be sure we have a mux if we created a cs. - BUG/MINOR: hpack: fix debugging output of pseudo header names - BUG/MINOR: hpack: must reject huffman literals padded with more than 7 bits - BUG/MINOR: hpack: reject invalid header index - BUG/MINOR: hpack: dynamic table size updates are only allowed before headers - BUG/MAJOR: h2: correctly check the request length when building an H1 request - BUG/MINOR: h2: immediately close if receiving GOAWAY after the last stream - BUG/MINOR: h2: try to abort closed streams as soon as possible - BUG/MINOR: h2: ":path" must not be empty - BUG/MINOR: h2: fix a typo causing PING/ACK to be responded to - BUG/MINOR: h2: the TE header if present may only contain trailers - BUG/MEDIUM: h2: enforce the per-connection stream limit - BUG/MINOR: h2: do not accept SETTINGS_ENABLE_PUSH other than 0 or 1 - BUG/MINOR: h2: reject incorrect stream dependencies on HEADERS frame - BUG/MINOR: h2: properly check PRIORITY frames - BUG/MINOR: h2: reject response pseudo-headers from requests - BUG/MEDIUM: h2: remove connection-specific headers from request - BUG/MEDIUM: h2: do not accept upper case letters in request header names - BUG/MINOR: h2: use the H2_F_DATA_* macros for DATA frames - BUG/MINOR: action: Don't check http capture rules when no id is defined - BUG/MAJOR: hpack: don't pretend large headers fit in empty table - BUG/MINOR: ssl: support tune.ssl.cachesize 0 again - BUG/MEDIUM: mworker: also close peers sockets in the master - BUG/MEDIUM: ssl engines: Fix async engines fds were not considered to fix fd limit automatically. - BUG/MEDIUM: checks: a down server going to maint remains definitely stucked on down state. - BUG/MEDIUM: peers: set NOLINGER on the outgoing stream interface - BUG/MEDIUM: h2: fix handling of end of stream again - MINOR: mworker: Update messages referencing exit-on-failure - MINOR: mworker: Improve wording in `void mworker_wait()` - CONTRIB: halog: Add help text for -s switch in halog program - BUG/MEDIUM: email-alert: don't set server check status from a email-alert task - BUG/MEDIUM: threads/vars: Fix deadlock in register_name - MINOR: systemd: remove comment about HAPROXY_STATS_SOCKET - DOC: notifications: add precisions about thread usage - BUG/MEDIUM: lua/notification: memory leak - MINOR: conn_stream: add new flag CS_FL_RCV_MORE to indicate pending data - BUG/MEDIUM: stream-int: always set SI_FL_WAIT_ROOM on CS_FL_RCV_MORE - BUG/MEDIUM: h2: automatically set CS_FL_RCV_MORE when the output buffer is full - BUG/MEDIUM: h2: enable recv polling whenever demuxing is possible - BUG/MEDIUM: h2: work around a connection API limitation - BUG/MEDIUM: h2: debug incoming traffic in h2_wake() - MINOR: h2: store the demux padding length in the h2c struct - BUG/MEDIUM: h2: support uploading partial DATA frames - MINOR: h2: don't demand that a DATA frame is complete before processing it - BUG/MEDIUM: h2: don't switch the state to HREM before end of DATA frame - BUG/MEDIUM: h2: don't close after the first DATA frame on tunnelled responses - BUG/MEDIUM: http: don't disable lingering on requests with tunnelled responses - BUG/MEDIUM: h2: fix stream limit enforcement - BUG/MINOR: stream-int: don't try to receive again after receiving an EOS - MINOR: sample: add len converter - BUG: MAJOR: lb_map: server map calculation broken - BUG: MINOR: http: don't check http-request capture id when len is provided - MINOR: sample: rename the "len" converter to "length" - BUG/MEDIUM: mworker: Set FD_CLOEXEC flag on log fd - DOC/MINOR: intro: typo, wording, formatting fixes - MINOR: netscaler: respect syntax - MINOR: netscaler: remove the use of cip_magic only used once - MINOR: netscaler: rename cip_len to clarify its uage - BUG/MEDIUM: netscaler: use the appropriate IPv6 header size - BUG/MAJOR: netscaler: address truncated CIP header detection - MINOR: netscaler: check in one-shot if buffer is large enough for IP and TCP header - MEDIUM: netscaler: do not analyze original IP packet size - MEDIUM: netscaler: add support for standard NetScaler CIP protocol - MINOR: spoe: add force-set-var option in spoe-agent configuration - CONTRIB: iprange: Fix compiler warning in iprange.c - CONTRIB: halog: Fix compiler warnings in halog.c - BUG/MINOR: h2: properly report a stream error on RST_STREAM - MINOR: mux: add flags to describe a mux's capabilities - MINOR: stream-int: set flag SI_FL_CLEAN_ABRT when mux supports clean aborts - BUG/MEDIUM: stream: don't consider abortonclose on muxes which close cleanly - BUG/MEDIUM: checks: a server passed in maint state was not forced down. - BUG/MEDIUM: lua: fix crash when using bogus mode in register_service() - MINOR: http: adjust the list of supposedly cacheable methods - MINOR: http: update the list of cacheable status codes as per RFC7231 - MINOR: http: start to compute the transaction's cacheability from the request - BUG/MINOR: http: do not ignore cache-control: public - BUG/MINOR: http: properly detect max-age=0 and s-maxage=0 in responses - BUG/MINOR: cache: do not force the TX_CACHEABLE flag before checking cacheability - MINOR: http: add a function to check request's cache-control header field - BUG/MEDIUM: cache: do not try to retrieve host-less requests from the cache - BUG/MEDIUM: cache: replace old object on store - BUG/MEDIUM: cache: respect the request cache-control header - BUG/MEDIUM: cache: don't cache the response on no-cache="set-cookie" - BUG/MAJOR: connection: refine the situations where we don't send shutw() - BUG/MEDIUM: checks: properly set servers to stopping state on 404 - BUG/MEDIUM: h2: properly handle and report some stream errors - BUG/MEDIUM: h2: improve handling of frames received on closed streams - DOC/MINOR: configuration: typo, formatting fixes - BUG/MEDIUM: h2: ensure we always know the stream before sending a reset - BUG/MEDIUM: mworker: don't close stdio several time - MINOR: don't close stdio anymore - BUG/MEDIUM: http: don't automatically forward request close - BUG/MAJOR: hpack: don't return direct references to the dynamic headers table - MINOR: h2: add a function to report pseudo-header names - DEBUG: hpack: make hpack_dht_dump() expose the output file - DEBUG: hpack: add more traces to the hpack decoder - CONTRIB: hpack: add an hpack decoder - MEDIUM: h2: prepare a graceful shutdown when the frontend is stopped - BUG/MEDIUM: h2: properly handle the END_STREAM flag on empty DATA frames - BUILD: ssl: silence a warning when building without NPN nor ALPN support - CLEANUP: rbtree: remove - BUG/MEDIUM: ssl: cache doesn't release shctx blocks - BUG/MINOR: lua: Fix default value for pattern in Socket.receive - DOC: lua: Fix typos in comments of hlua_socket_receive - BUG/MEDIUM: lua: Fix IPv6 with separate port support for Socket.connect - BUG/MINOR: lua: Fix return value of Socket.settimeout - MINOR: dns: Handle SRV record weight correctly. - BUG/MEDIUM: mworker: execvp failure depending on argv[0] - MINOR: hathreads: add support for gcc < 4.7 - BUILD/MINOR: ancient gcc versions atomic fix - BUG/MEDIUM: stream: properly handle client aborts during redispatch - MINOR: spoe: add register-var-names directive in spoe-agent configuration - MINOR: spoe: Don't queue a SPOE context if nothing is sent - DOC: clarify the scope of ssl_fc_is_resumed - CONTRIB: debug: fix a few flags definitions - BUG/MINOR: poll: too large size allocation for FD events - MINOR: sample: add date_us sample - BUG/MEDIUM: peers: fix expire date wasn't updated if entry is modified remotely. - MINOR: servers: Don't report duplicate dyncookies for disabled servers. - MINOR: global/threads: move cpu_map at the end of the global struct - MINOR: threads: add a MAX_THREADS define instead of LONGBITS - MINOR: global: add some global activity counters to help debugging - MINOR: threads/fd: Use a bitfield to know if there are FDs for a thread in the FD cache - BUG/MEDIUM: threads/polling: Use fd_cache_mask instead of fd_cache_num - BUG/MEDIUM: fd: maintain a per-thread update mask - MINOR: fd: add a bitmask to indicate that an FD is known by the poller - BUG/MEDIUM: epoll/threads: use one epoll_fd per thread - BUG/MEDIUM: kqueue/threads: use one kqueue_fd per thread - BUG/MEDIUM: threads/mworker: fix a race on startup - BUG/MINOR: mworker: only write to pidfile if it exists - MINOR: threads: Fix build when we're not compiling with threads. - BUG/MINOR: threads: always set an owner to the thread_sync pipe - BUG/MEDIUM: threads/server: Fix deadlock in srv_set_stopping/srv_set_admin_flag - BUG/MEDIUM: checks: Don't try to release undefined conn_stream when a check is freed - BUG/MINOR: kqueue/threads: Don't forget to close kqueue_fd[tid] on each thread - MINOR: threads: Use __decl_hathreads instead of #ifdef/#endif - BUILD: epoll/threads: Add test on MAX_THREADS to avoid warnings when complied without threads - BUILD: kqueue/threads: Add test on MAX_THREADS to avoid warnings when complied without threads - CLEANUP: sample: Fix comment encoding of sample.c - CLEANUP: sample: Fix outdated comment about sample casts functions - BUG/MINOR: sample: Fix output type of c_ipv62ip - CLEANUP: Fix typo in ARGT_MSK6 comment - CLEANUP: standard: Use len2mask4 in str2mask - MINOR: standard: Add str2mask6 function - MINOR: config: Add support for ARGT_MSK6 - MEDIUM: sample: Add IPv6 support to the ipmask converter - MINOR: config: Enable tracking of up to MAX_SESS_STKCTR stick counters. - BUG/MINOR: cli: use global.maxsock and not maxfd to list all FDs - MINOR: polling: make epoll and kqueue not depend on maxfd anymore - MINOR: fd: don't report maxfd in alert messages - MEDIUM: polling: start to move maxfd computation to the pollers - CLEANUP: fd/threads: remove the now unused fdtab_lock - MINOR: poll: more accurately compute the new maxfd in the loop - CLEANUP: fd: remove the unused "new" field - MINOR: fd: move the hap_fd_{clr,set,isset} functions to fd.h - MEDIUM: select: make use of hap_fd_* functions - MEDIUM: fd: use atomic ops for hap_fd_{clr,set} and remove poll_lock - MEDIUM: select: don't use the old FD state anymore - MEDIUM: poll: don't use the old FD state anymore - MINOR: fd: pass the iocb and owner to fd_insert() - BUG/MINOR: threads: Update labels array because of changes in lock_label enum - MINOR: stick-tables: Adds support for new "gpc1" and "gpc1_rate" counters. - BUG/MINOR: epoll/threads: only call epoll_ctl(DEL) on polled FDs - DOC: don't suggest using http-server-close - MINOR: introduce proxy-v2-options for send-proxy-v2 - BUG/MEDIUM: spoe: Always try to receive or send the frame to detect shutdowns - BUG/MEDIUM: spoe: Allow producer to read and to forward shutdown on request side - MINOR: spoe: Remove check on min_applets number when a SPOE context is queued - MINOR: spoe: Always link a SPOE context with the applet processing it - MINOR: spoe: Replace sending_rate by a frequency counter - MINOR: spoe: Count the number of frames waiting for an ack for each applet - MEDIUM: spoe: Use an ebtree to manage idle applets - MINOR: spoa_example: Count the number of frames processed by each worker - MINOR: spoe: Add max-waiting-frames directive in spoe-agent configuration - MINOR: init: make stdout unbuffered - MINOR: early data: Don't rely on CO_FL_EARLY_DATA to wake up streams. - MINOR: early data: Never remove the CO_FL_EARLY_DATA flag. - MINOR: compiler: introduce offsetoff(). - MINOR: threads: Introduce double-width CAS on x86_64 and arm. - MINOR: threads: add test and set/reset operations - MINOR: pools/threads: Implement lockless memory pools. - MAJOR: fd/threads: Make the fdcache mostly lockless. - MEDIUM: fd/threads: Make sure we don't miss a fd cache entry. - MAJOR: fd: compute the new fd polling state out of the fd lock - MINOR: epoll: get rid of the now useless fd_compute_new_polled_status() - MINOR: kqueue: get rid of the now useless fd_compute_new_polled_status() - MINOR: poll: get rid of the now useless fd_compute_new_polled_status() - MINOR: select: get rid of the now useless fd_compute_new_polled_status() - CLEANUP: fd: remove the now unused fd_compute_new_polled_status() function - MEDIUM: fd: make updt_fd_polling() use atomics - MEDIUM: poller: use atomic ops to update the fdtab mask - MINOR: fd: move the fd_{add_to,rm_from}_fdlist functions to fd.c - BUG/MINOR: fd/threads: properly dereference fdcache as volatile - MINOR: fd: remove the unneeded last CAS when adding an fd to the list - MINOR: fd: reorder fd_add_to_fd_list() - BUG/MINOR: time/threads: ensure the adjusted time is always correct - BUG/MEDIUM: standard: Fix memory leak in str2ip2() - MINOR: init: emit warning when -sf/-sd cannot parse argument - BUILD: fd/threads: fix breakage build breakage without threads - DOC: Describe routing impact of using interface keyword on bind lines - DOC: Mention -Ws in the list of available options - BUG/MINOR: config: don't emit a warning when global stats is incompletely configured - BUG/MINOR: fd/threads: properly lock the FD before adding it to the fd cache. - BUG/MEDIUM: threads: fix the double CAS implementation for ARMv7 - BUG/MEDIUM: ssl: Don't always treat SSL_ERROR_SYSCALL as unrecovarable. - BUILD/MINOR: memory: stdint is needed for uintptr_t - BUG/MINOR: init: Add missing brackets in the code parsing -sf/-st - DOC: lua: new prototype for function "register_action()" - DOC: cfgparse: Warn on option (tcp|http)log in backend - BUG/MINOR: ssl/threads: Make management of the TLS ticket keys files thread-safe - MINOR: sample: add a new "concat" converter - BUG/MEDIUM: ssl: Shutdown the connection for reading on SSL_ERROR_SYSCALL - BUG/MEDIUM: http: Switch the HTTP response in tunnel mode as earlier as possible - BUG/MEDIUM: ssl/sample: ssl_bc_* fetch keywords are broken. - MINOR: ssl/sample: adds ssl_bc_is_resumed fetch keyword. - CLEANUP: cfgparse: Remove unused label end - CLEANUP: spoe: Remove unused label retry - CLEANUP: h2: Remove unused labels from mux_h2.c - CLEANUP: pools: Remove unused end label in memory.h - CLEANUP: standard: Fix typo in IPv6 mask example - BUG/MINOR: pools/threads: don't ignore DEBUG_UAF on double-word CAS capable archs - BUG/MINOR: debug/pools: properly handle out-of-memory when building with DEBUG_UAF - MINOR: debug/pools: make DEBUG_UAF also detect underflows - MINOR: stats: display the number of threads in the statistics. - BUG/MINOR: h2: Set the target of dbuf_wait to h2c - BUG/MEDIUM: h2: always consume any trailing data after end of output buffers - BUG/MEDIUM: buffer: Fix the wrapping case in bo_putblk - BUG/MEDIUM: buffer: Fix the wrapping case in bi_putblk - BUG/MEDIUM: spoe: Remove idle applets from idle list when HAProxy is stopping - Revert "BUG/MINOR: send-proxy-v2: string size must include ('\0')" - MINOR: ssl: extract full pkey info in load_certificate - MINOR: ssl: add ssl_sock_get_pkey_algo function - MINOR: ssl: add ssl_sock_get_cert_sig function - MINOR: connection: add proxy-v2-options ssl-cipher,cert-sig,cert-key - MINOR: connection: add proxy-v2-options authority - MINOR: systemd: Add section for SystemD sandboxing to unit file - MINOR: systemd: Add SystemD's Protect*= options to the unit file - MINOR: systemd: Add SystemD's SystemCallFilter option to the unit file - CLEANUP: h2: rename misleading h2c_stream_close() to h2s_close() - MINOR: h2: provide and use h2s_detach() and h2s_free() - MEDIUM: h2: use a single buffer allocator - MINOR/BUILD: fix Lua build on Mac OS X - BUILD/MINOR: fix Lua build on Mac OS X (again) - BUG/MINOR: session: Fix tcp-request session failure if handshake. - CLEANUP: .gitignore: Ignore binaries from the contrib directory - BUG/MINOR: unix: Don't mess up when removing the socket from the xfer_sock_list. - DOC: buffers: clarify the purpose of the <from> pointer in offer_buffers() - BUG/MEDIUM: h2: also arm the h2 timeout when sending - BUG/MINOR: cli: Fix a crash when passing a negative or too large value to "show fd" - CLEANUP: ssl: Remove a duplicated #include - CLEANUP: cli: Remove a leftover debug message - BUG/MINOR: cli: Fix a typo in the 'set rate-limit' usage - BUG/MEDIUM: fix a 100% cpu usage with cpu-map and nbthread/nbproc - BUG/MINOR: force-persist and ignore-persist only apply to backends - BUG/MEDIUM: threads/unix: Fix a deadlock when a listener is temporarily disabled - BUG/MAJOR: threads/queue: Fix thread-safety issues on the queues management - BUG/MINOR: dns: don't downgrade DNS accepted payload size automatically - TESTS: Add a testcase for multi-port + multi-server listener issue - CLEANUP: dns: remove duplicate code in src/dns.c - BUG/MINOR: seemless reload: Fix crash when an interface is specified. - BUG/MINOR: cli: Ensure all command outputs end with a LF - BUG/MINOR: cli: Fix a crash when sending a command with too many arguments - BUILD: ssl: Fix build with OpenSSL without NPN capability - BUG/MINOR: spoa-example: unexpected behavior for more than 127 args - BUG/MINOR: lua: return bad error messages - CLEANUP: lua/syntax: lua is a name and not an acronym - BUG/MEDIUM: tcp-check: single connect rule can't detect DOWN servers - BUG/MINOR: tcp-check: use the server's service port as a fallback - BUG/MEDIUM: threads/queue: wake up other threads upon dequeue - MINOR: log: stop emitting alerts when it's not possible to write on the socket - BUILD/BUG: enable -fno-strict-overflow by default - BUG/MEDIUM: fd/threads: ensure the fdcache_mask always reflects the cache contents - DOC: log: more than 2 log servers are allowed - MINOR: hash: add new function hash_crc32c - MINOR: proxy-v2-options: add crc32c - MINOR: accept-proxy: support proxy protocol v2 CRC32c checksum - REORG: compact "struct server" - MINOR: samples: add crc32c converter - BUG/MEDIUM: h2: properly account for DATA padding in flow control - BUG/MINOR: h2: ensure we can never send an RST_STREAM in response to an RST_STREAM - BUG/MINOR: listener: Don't decrease actconn twice when a new session is rejected - CLEANUP: map, stream: remove duplicate code in src/map.c, src/stream.c - BUG/MINOR: lua: the function returns anything - BUG/MINOR: lua funtion hlua_socket_settimeout don't check negative values - CLEANUP: lua: typo fix in comments - BUILD/MINOR: fix build when USE_THREAD is not defined - MINOR: lua: allow socket api settimeout to accept integers, float, and doubles - BUG/MINOR: hpack: fix harmless use of uninitialized value in hpack_dht_insert - MINOR: cli/threads: make "show fd" report thread_sync_io_handler instead of "unknown" - MINOR: cli: make "show fd" report the mux and mux_ctx pointers when available - BUILD/MINOR: cli: fix a build warning introduced by last commit - BUG/MAJOR: h2: remove orphaned streams from the send list before closing - MINOR: h2: always call h2s_detach() in h2_detach() - MINOR: h2: fuse h2s_detach() and h2s_free() into h2s_destroy() - BUG/MEDIUM: h2/threads: never release the task outside of the task handler - BUG/MEDIUM: h2: don't consider pending data on detach if connection is in error - BUILD/MINOR: threads: always export thread_sync_io_handler() - MINOR: mux: add a "show_fd" function to dump debugging information for "show fd" - MINOR: h2: implement a basic "show_fd" function - MINOR: cli: report cache indexes in "show fd" - BUG/MINOR: h2: remove accidental debug code introduced with show_fd function - BUG/MEDIUM: h2: always add a stream to the send or fctl list when blocked - BUG/MINOR: checks: check the conn_stream's readiness and not the connection - BUG/MINOR: fd: Don't clear the update_mask in fd_insert. - BUG/MINOR: email-alert: Set the mailer port during alert initialization - BUG/MINOR: cache: fix "show cache" output - BUG/MAJOR: cache: fix random crashes caused by incorrect delete() on non-first blocks - BUG/MINOR: spoe: Initialize variables used during conf parsing before any check - BUG/MINOR: spoe: Don't release the context buffer in .check_timeouts callbaclk - BUG/MINOR: spoe: Register the variable to set when an error occurred - BUG/MINOR: spoe: Don't forget to decrement fpa when a processing is interrupted - MINOR: spoe: Add metrics in to know time spent in the SPOE - MINOR: spoe: Add options to store processing times in variables - MINOR: log: move 'log' keyword parsing in dedicated function - MINOR: log: Keep the ref when a log server is copied to avoid duplicate entries - MINOR: spoe: Add loggers dedicated to the SPOE agent - MINOR: spoe: Add support for option dontlog-normal in the SPOE agent section - MINOR: spoe: use agent's logger to log SPOE messages - MINOR: spoe: Add counters to log info about SPOE agents - BUG/MAJOR: cache: always initialize newly created objects - MINOR: servers: Support alphanumeric characters for the server templates names - BUG/MEDIUM: threads: Fix the max/min calculation because of name clashes - BUG/MEDIUM: connection: Make sure we have a mux before calling detach(). - BUG/MINOR: http: Return an error in proxy mode when url2sa fails - MINOR: proxy: Add fe_defbe fetcher - MINOR: config: Warn if resolvers has no nameservers - BUG/MINOR: cli: Guard against NULL messages when using CLI_ST_PRINT_FREE - MINOR: cli: Ensure the CLI always outputs an error when it should - MEDIUM: sample: Extend functionality for field/word converters - MINOR: export localpeer as an environment variable - BUG/MEDIUM: kqueue: When adding new events, provide an output to get errors. - BUILD: sample: avoid build warning in sample.c - BUG/CRITICAL: h2: fix incorrect frame length check - DOC: lua: update the links to the config and Lua API - BUG/MINOR: pattern: Add a missing HA_SPIN_INIT() in pat_ref_newid() - BUG/MAJOR: channel: Fix crash when trying to read from a closed socket - BUG/MINOR: log: t_idle (%Ti) is not set for some requests - BUG/MEDIUM: lua: Fix segmentation fault if a Lua task exits - MINOR: h2: detect presence of CONNECT and/or content-length - BUG/MEDIUM: h2: implement missing support for chunked encoded uploads - BUG/MINOR: spoe: Fix counters update when processing is interrupted - BUG/MINOR: spoe: Fix parsing of dontlog-normal option - MEDIUM: cli: Add payload support - MINOR: map: Add payload support to "add map" - MINOR: ssl: Add payload support to "set ssl ocsp-response" - BUG/MINOR: lua/threads: Make lua's tasks sticky to the current thread - MINOR: sample: Add strcmp sample converter - MINOR: http: Add support for 421 Misdirected Request - BUG/MINOR: config: disable http-reuse on TCP proxies - MINOR: ssl: disable SSL sample fetches when unsupported - MINOR: ssl: add fetch 'ssl_fc_session_key' and 'ssl_bc_session_key' - BUG/MINOR: checks: Fix check->health computation for flapping servers - BUG/MEDIUM: threads: Fix the sync point for more than 32 threads - BUG/MINOR, BUG/MINOR: lua: Put tasks to sleep when waiting for data - MINOR: backend: implement random-based load balancing - DOC/MINOR: clean up LUA documentation re: servers & array/table. - MINOR: lua: Add server name & puid to LUA Server class. - MINOR: lua: add get_maxconn and set_maxconn to LUA Server class. - BUG/MINOR: map: correctly track reference to the last ref_elt being dumped - BUG/MEDIUM: task: Don't free a task that is about to be run. - MINOR: fd: Make the lockless fd list work with multiple lists. - BUG/MEDIUM: pollers: Use a global list for fd shared between threads. - MINOR: pollers: move polled_mask outside of struct fdtab. - BUG/MINOR: lua: schedule socket task upon lua connect() - BUG/MINOR: lua: ensure large proxy IDs can be represented - BUG/MEDIUM: pollers/kqueue: use incremented position in event list - BUG/MINOR: cli: don't stop cli_gen_usage_msg() when kw->usage == NULL - BUG/MEDIUM: http: don't always abort transfers on CF_SHUTR - BUG/MEDIUM: ssl: properly protect SSL cert generation - BUG/MINOR: lua: Socket.send threw runtime error: 'close' needs 1 arguments. - BUG/MINOR: spoe: Mistake in error message about SPOE configuration - BUG/MEDIUM: spoe: Flags are not encoded in network order - CLEANUP: spoe: Remove unused variables the agent structure - DOC: spoe: fix a typo - BUG/MEDIUM: contrib/mod_defender: Use network order to encode/decode flags - BUG/MEDIUM: contrib/modsecurity: Use network order to encode/decode flags - DOC: add some description of the pending rework of the buffer structure - BUG/MINOR: ssl/lua: prevent lua from affecting automatic maxconn computation - MINOR: lua: Improve error message - BUG/MEDIUM: cache: don't cache when an Authorization header is present - MINOR: ssl: set SSL_OP_PRIORITIZE_CHACHA - BUG/MEDIUM: dns: Delay the attempt to run a DNS resolution on check failure. - BUG/BUILD: threads: unbreak build without threads - BUG/MEDIUM: servers: Add srv_addr default placeholder to the state file - BUG/MEDIUM: lua/socket: Length required read doesn't work - MINOR: tasks: Change the task API so that the callback takes 3 arguments. - MAJOR: tasks: Create a per-thread runqueue. - MAJOR: tasks: Introduce tasklets. - MINOR: tasks: Make the number of tasks to run at once configurable. - MAJOR: applets: Use tasks, instead of rolling our own scheduler. - BUG/MEDIUM: stick-tables: Decrement ref_cnt in table_* converters - MINOR: http: Log warning if (add|set)-header fails - DOC: management: add the new wrew stats column - MINOR: stats: also report the failed header rewrites warnings on the stats page - BUG/MEDIUM: tasks: Don't forget to increase/decrease tasks_run_queue. - BUG/MEDIUM: task: Don't forget to decrement max_processed after each task. - MINOR: task: Also consider the task list size when getting global tasks. - MINOR: dns: Implement `parse-resolv-conf` directive - BUG/MEDIUM: spoe: Return an error when the wrong ACK is received in sync mode - MINOR: task/notification: Is notifications registered ? - BUG/MEDIUM: lua/socket: wrong scheduling for sockets - BUG/MAJOR: lua: Dead lock with sockets - BUG/MEDIUM: lua/socket: Notification error - BUG/MEDIUM: lua/socket: Sheduling error on write: may dead-lock - BUG/MEDIUM: lua/socket: Buffer error, may segfault - DOC: contrib/modsecurity: few typo fixes - DOC: SPOE.txt: fix a typo - MAJOR: spoe: upgrade the SPOP version to 2.0 and remove the support for 1.0 - BUG/MINOR: contrib/spoa_example: Don't reset the status code during disconnect - BUG/MINOR: contrib/mod_defender: Don't reset the status code during disconnect - BUG/MINOR: contrib/modsecurity: Don't reset the status code during disconnect - BUG/MINOR: contrib/mod_defender: update pointer on the end of the frame - BUG/MINOR: contrib/modsecurity: update pointer on the end of the frame - MINOR: task: Fix a compiler warning by adding a cast. - MINOR: stats: also report the nice and number of calls for applets - MINOR: applet: assign the same nice value to a new appctx as its owner task - MINOR: task: Fix compiler warning. - BUG/MEDIUM: tasks: Use the local runqueue when building without threads. - MINOR: tasks: Don't define rqueue if we're building without threads. - BUG/MINOR: unix: Make sure we can transfer abns sockets on seamless reload. - MINOR: lua: Increase debug information - BUG/MEDIUM: threads: handle signal queue only in thread 0 - BUG/MINOR: don't ignore SIG{BUS,FPE,ILL,SEGV} during signal processing - BUG/MINOR: signals: ha_sigmask macro for multithreading - BUG/MAJOR: map: fix a segfault when using http-request set-map - DOC: regression testing: Add a short starting guide. - MINOR: tasks: Make sure we correctly init and deinit a tasklet. - BUG/MINOR: tasklets: Just make sure we don't pass a tasklet to the handler. - BUG/MINOR: lua: Segfaults with wrong usage of types. - BUG/MAJOR: ssl: Random crash with cipherlist capture - BUG/MAJOR: ssl: OpenSSL context is stored in non-reserved memory slot - BUG/MEDIUM: ssl: do not store pkinfo with SSL_set_ex_data - MINOR: tests: First regression testing file. - MINOR: reg-tests: Add reg-tests/README file. - MINOR: reg-tests: Add a few regression testing files. - DOC: Add new REGTEST tag info about reg testing. - BUG/MEDIUM: fd: Don't modify the update_mask in fd_dodelete(). - MINOR: Some spelling cleanup in the comments. - BUG/MEDIUM: threads: Use the sync point to check active jobs and exit - MINOR: threads: Be sure to remove threads from all_threads_mask on exit - REGTEST/MINOR: Wrong URI in a reg test for SSL/TLS. - REGTEST/MINOR: Set HAPROXY_PROGRAM default value. - REGTEST/MINOR: Add levels to reg-tests target. - BUG/MAJOR: Stick-tables crash with segfault when the key is not in the stick-table - BUG/BUILD: threads: unbreak build without threads - BUG/MAJOR: stick_table: Complete incomplete SEGV fix - MINOR: stick-tables: make stktable_release() do nothing on NULL - BUG/MEDIUM: lua: possible CLOSE-WAIT state with '\n' headers - MINOR: startup: change session/process group settings - MINOR: systemd: consider exit status 143 as successful - REGTEST/MINOR: Wrong URI syntax. - CLEANUP: dns: remove obsolete macro DNS_MAX_IP_REC - CLEANUP: dns: inacurate comment about prefered IP score - MINOR: dns: fix wrong score computation in dns_get_ip_from_response - MINOR: dns: new DNS options to allow/prevent IP address duplication - REGTEST/MINOR: Unexpected curl URL globling. - BUG/MINOR: ssl: properly ref-count the tls_keys entries - MINOR: h2: keep a count of the number of conn_streams attached to the mux - BUG/MEDIUM: h2: don't accept new streams if conn_streams are still in excess - MINOR: h2: add the mux and demux buffer lengths on "show fd" - BUG/MEDIUM: h2: never leave pending data in the output buffer on close - BUG/MEDIUM: h2: make sure the last stream closes the connection after a timeout - MINOR: tasklet: Set process to NULL. - MINOR: buffer: implement a new file for low-level buffer manipulation functions - MINOR: buffer: switch buffer sizes and offsets to size_t - MINOR: buffer: add a few basic functions for the new API - MINOR: buffer: Introduce b_sub(), b_add(), and bo_add() - MINOR: buffer: Add b_set_data(). - MINOR: buffer: introduce b_realign_if_empty() - MINOR: compression: pass the channel to http_compression_buffer_end() - MINOR: channel: add a few basic functions for the new buffer API - MINOR: channel/buffer: use c_realign_if_empty() instead of buffer_realign() - MINOR: channel/buffer: replace buffer_slow_realign() with channel_slow_realign() and b_slow_realign() - MEDIUM: channel: make channel_slow_realign() take a swap buffer - MINOR: h2: use b_slow_realign() with the trash as a swap buffer - MINOR: buffer: remove buffer_slow_realign() and the swap_buffer allocation code - MINOR: channel/buffer: replace b_{adv,rew} with c_{adv,rew} - MINOR: buffer: replace calls to buffer_space_wraps() with b_space_wraps() - MINOR: buffer: remove bi_getblk() and bi_getblk_nc() - MINOR: buffer: split bi_contig_data() into ci_contig_data and b_config_data() - MINOR: buffer: remove bi_ptr() - MINOR: buffer: remove bo_ptr() - MINOR: buffer: remove bo_end() - MINOR: buffer: remove bi_end() - MINOR: buffer: remove bo_contig_data() - MINOR: buffer: merge b{i,o}_contig_space() - MINOR: buffer: replace bo_getblk() with direction agnostic b_getblk() - MINOR: buffer: replace bo_getblk_nc() with b_getblk_nc() which takes an offset - MINOR: buffer: replace bi_del() and bo_del() with b_del() - MINOR: buffer: convert most b_ptr() calls to c_ptr() - MINOR: h1: make h1_measure_trailers() take the byte count in argument - MINOR: h2: clarify the fact that the send functions are unsigned - MEDIUM: h2: prevent the various mux encoders from modifying the buffer - MINOR: h1: make h1_skip_chunk_crlf() not depend on b_ptr() anymore - MINOR: h1: make h1_parse_chunk_size() not depend on b_ptr() anymore - MINOR: h1: make h1_measure_trailers() use an offset and a count - MEDIUM: h2: do not use buf->o anymore inside h2_snd_buf's loop - MEDIUM: h2: don't use b_ptr() nor b_end() anymore - MINOR: buffer: get rid of b_end() and b_to_end() - MINOR: buffer: make b_getblk_nc() take const pointers - MINOR: buffer: make b_getblk_nc() take size_t for the block sizes - MEDIUM: connection: make xprt->snd_buf() take the byte count in argument - MEDIUM: mux: make mux->snd_buf() take the byte count in argument - MEDIUM: connection: make xprt->rcv_buf() use size_t for the count - MEDIUM: mux: make mux->rcv_buf() take a size_t for the count - MINOR: connection: add a flags argument to rcv_buf() - MINOR: connection: add a new receive flag : CO_RFL_BUF_WET - MINOR: buffer: get rid of b_ptr() and convert its last users - MINOR: buffer: use b_room() to determine available space in a buffer - MINOR: buffer: replace buffer_not_empty() with b_data() or c_data() - MINOR: buffer: replace buffer_empty() with b_empty() or c_empty() - MINOR: buffer: make bo_putchar() use b_tail() - MINOR: buffer: replace buffer_full() with channel_full() - MINOR: buffer: replace bi_space_for_replace() with ci_space_for_replace() - MINOR: buffer: replace buffer_pending() with ci_data() - MINOR: buffer: replace buffer_flush() with c_adv(chn, ci_data(chn)) - MINOR: buffer: use c_head() instead of buffer_wrap_sub(c->buf, p-o) - MINOR: buffer: use b_orig() to replace most references to b->data - MINOR: buffer: Use b_add()/bo_add() instead of accessing b->i/b->o. - MINOR: channel: remove almost all references to buf->i and buf->o - MINOR: channel: Add co_set_data(). - MEDIUM: channel: adapt to the new buffer API - MINOR: checks: adapt to the new buffer API - MEDIUM: h2: update to the new buffer API - MINOR: buffer: remove unused bo_add() - MEDIUM: spoe: use the new buffer API for the SPOE buffer - MINOR: stats: adapt to the new buffers API - MINOR: cli: use the new buffer API - MINOR: cache: use the new buffer API - MINOR: stream-int: use the new buffer API - MINOR: stream: use wrappers instead of directly manipulating buffers - MINOR: backend: use new buffer API - MEDIUM: http: use wrappers instead of directly manipulating buffers states - MINOR: filters: convert to the new buffer API - MINOR: payload: convert to the new buffer API - MEDIUM: h1: port to new buffer API. - MINOR: flt_trace: adapt to the new buffer API - MEDIUM: compression: start to move to the new buffer API - MINOR: lua: use the wrappers instead of directly manipulating buffer states - MINOR: buffer: convert part bo_putblk() and bi_putblk() to the new API - MINOR: buffer: adapt buffer_slow_realign() and buffer_dump() to the new API - MAJOR: start to change buffer API - MINOR: buffer: remove the check for output on b_del() - MINOR: buffer: b_set_data() doesn't truncate output data anymore - MINOR: buffer: rename the "data" field to "area" - MEDIUM: buffers: move "output" from struct buffer to struct channel - MINOR: buffer: replace bi_fast_delete() with b_del() - MINOR: buffer: replace b{i,o}_put* with b_put* - MINOR: buffer: add a new file for ist + buffer manipulation functions - MINOR: checks: use b_putist() instead of b_putstr() - MINOR: buffers: remove b_putstr() - CLEANUP: buffer: minor cleanups to buffer.h - MINOR: buffers/channel: replace buffer_insert_line2() with ci_insert_line2() - MINOR: buffer: replace buffer_replace2() with b_rep_blk() - MINOR: buffer: rename the data length member to '->data' - MAJOR: buffer: finalize buffer detachment - MEDIUM: chunks: make the chunk struct's fields match the buffer struct - MAJOR: chunks: replace struct chunk with struct buffer - DOC: buffers: document the new buffers API - DOC: buffers: remove obsolete docs about buffers - MINOR: tasklets: Don't attempt to add a tasklet in the list twice. - MINOR: connections/mux: Add a new "subscribe" method. - MEDIUM: connections/mux: Revamp the send direction. - MINOR: connection: simplify subscription by adding a registration function - BUG/MINOR: http: Set brackets for the unlikely macro at the right place - BUG/MINOR: build: Fix compilation with debug mode enabled - BUILD: Generate sha256 checksums in publish-release - MINOR: debug: Add check for CO_FL_WILL_UPDATE - MINOR: debug: Add checks for conn_stream flags - MINOR: ist: Add the function isteqi - BUG/MEDIUM: threads: Fix the exit condition of the thread barrier - BUG/MEDIUM: mux_h2: Call h2_send() before updating polling. - MINOR: buffers: simplify b_contig_space() - MINOR: buffers: split b_putblk() into __b_putblk() - MINOR: buffers: add b_xfer() to transfer data between buffers - DOC: add some design notes about the new layering model - MINOR: conn_stream: add a new CS_FL_REOS flag - MINOR: conn_stream: add an rx buffer to the conn_stream - MEDIUM: conn_stream: add cs_recv() as a default rcv_buf() function - MEDIUM: stream-int: automatically call si_cs_recv_cb() if the cs has data on wake() - MINOR: h2: make each H2 stream support an intermediary input buffer - MEDIUM: h2: make h2_frt_decode_headers() use an intermediary buffer - MEDIUM: h2: make h2_frt_transfer_data() copy via an intermediary buffer - MEDIUM: h2: centralize transfer of decoded frames in h2_rcv_buf() - MEDIUM: h2: move headers and data frame decoding to their respective parsers - MEDIUM: buffers: make b_xfer() automatically swap buffers when possible - MEDIUM: h2: perform a single call to the data layer in demux() - MEDIUM: h2: don't call data_cb->recv() anymore - MINOR: h2: make use of CS_FL_REOS to indicate that end of stream was seen - MEDIUM: h2: use the default conn_stream's receive function - DOC: add more design feedback on the new layering model - MINOR: h2: add the error code and the max/last stream IDs to "show fd" - BUG/MEDIUM: stream-int: don't immediately enable reading when the buffer was reportedly full - BUG/MEDIUM: stats: don't ask for more data as long as we're responding - BUG/MINOR: servers: Don't make "server" in a frontend fatal. - BUG/MEDIUM: tasks: make sure we pick all tasks in the run queue - BUG/MEDIUM: tasks: Decrement rqueue_size at the right time. - BUG/MEDIUM: tasks: use atomic ops for active_tasks_mask - BUG/MEDIUM: tasks: Make sure there's no task left before considering inactive. - MINOR: signal: don't pass the signal number anymore as the wakeup reason - MINOR: tasks: extend the state bits from 8 to 16 and remove the reason - MINOR: tasks: Add a flag that tells if we're in the global runqueue. - BUG/MEDIUM: tasks: make __task_unlink_rq responsible for the rqueue size. - MINOR: queue: centralize dequeuing code a bit better - MEDIUM: queue: make pendconn_free() work on the stream instead - DOC: queue: document the expected locking model for the server's queue - MINOR: queue: make sure pendconn->strm->pend_pos is always valid - MINOR: queue: use a distinct variable for the assigned server and the queue - MINOR: queue: implement pendconn queue locking functions - MEDIUM: queue: get rid of the pendconn lock - MINOR: tasks: Make active_tasks_mask volatile. - MINOR: tasks: Make global_tasks_mask volatile. - MINOR: pollers: Add a way to wake a thread sleeping in the poller. - MINOR: threads/queue: Get rid of THREAD_WANT_SYNC in the queue code. - BUG/MEDIUM: threads/sync: use sched_yield when available - MINOR: ssl: BoringSSL matches OpenSSL 1.1.0 - BUG/MEDIUM: h2: prevent orphaned streams from blocking a connection forever - BUG/MINOR: config: stick-table is not supported in defaults section - BUILD/MINOR: threads: unbreak build with threads disabled - BUG/MINOR: threads: Handle nbthread == MAX_THREADS. - BUG/MEDIUM: threads: properly fix nbthreads == MAX_THREADS - MINOR: threads: move "nbthread" parsing to hathreads.c - BUG/MEDIUM: threads: unbreak "bind" referencing an incorrect thread number - MEDIUM: proxy_protocol: Convert IPs to v6 when protocols are mixed - BUILD/MINOR: compiler: fix offsetof() on older compilers - SCRIPTS: git-show-backports: add missing quotes to "echo" - MINOR: threads: add more consistency between certain variables in no-thread case - MEDIUM: hathreads: implement a more flexible rendez-vous point - BUG/MEDIUM: cli: make "show fd" thread-safe |
||
Willy Tarreau
|
b306650c2a |
[RELEASE] Released version 1.9-dev0
Released version 1.9-dev0 with the following main changes : - BUG/MEDIUM: stream: don't automatically forward connect nor close - BUG/MAJOR: stream: ensure analysers are always called upon close - BUG/MINOR: stream-int: don't try to read again when CF_READ_DONTWAIT is set - MEDIUM: mworker: Add systemd `Type=notify` support - BUG/MEDIUM: cache: free callback to remove from tree - CLEANUP: cache: remove unused struct - MEDIUM: cache: enable the HTTP analysers - CLEANUP: cache: remove wrong comment - MINOR: threads/atomic: rename local variables in macros to avoid conflicts - MINOR: threads/plock: rename local variables in macros to avoid conflicts - MINOR: threads/atomic: implement pl_mb() in asm on x86 - MINOR: threads/atomic: implement pl_bts() on non-x86 - MINOR: threads/build: atomic: replace the few inlines with macros - BUILD: threads/plock: fix a build issue on Clang without optimization - BUILD: ebtree: don't redefine types u32/s32 in scope-aware trees - BUILD: compiler: add a new type modifier __maybe_unused - BUILD: h2: mark some inlined functions "unused" - BUILD: server: check->desc always exists - BUG/MEDIUM: h2: properly report connection errors in headers and data handlers - MEDIUM: h2: add a function to emit an HTTP/1 request from a headers list - MEDIUM: h2: change hpack_decode_headers() to only provide a list of headers - BUG/MEDIUM: h2: always reassemble the Cookie request header field - BUG/MINOR: systemd: ignore daemon mode - CONTRIB: spoa_example: allow to compile outside HAProxy. - CONTRIB: spoa_example: remove bref, wordlist, cond_wordlist - CONTRIB: spoa_example: remove last dependencies on type "sample" - CONTRIB: spoa_example: remove SPOE enums that are useless for clients - CLEANUP: cache: reorder includes - MEDIUM: shctx: use unsigned int for len and block_count - MEDIUM: cache: "show cache" on the cli - BUG/MEDIUM: cache: use key=0 as a condition for freeing - BUG/MEDIUM: cache: refcount forbids to free the objects - BUG/MEDIUM: cache fix cli_kws structure - BUG/MEDIUM: deinit: correctly deinitialize the proxy and global listener tasks - BUG/MINOR: ssl: Always start the handshake if we can't send early data. - MINOR: ssl: Don't disable early data handling if we could not write. - MINOR: pools: prepare functions to override malloc/free in pools - MINOR: pools: implement DEBUG_UAF to detect use after free - BUG/MEDIUM: threads/time: fix time drift correction - BUG/MEDIUM: threads/time: maintain a common time reference between all threads - MINOR: sample: Add "thread" sample fetch - BUG/MINOR: Use crt_base instead of ca_base when crt is parsed on a server line - BUG/MINOR: stream: fix tv_request calculation for applets - BUG/MAJOR: h2: always remove a stream from the send list before freeing it - BUG/MAJOR: threads/task: dequeue expired tasks under the WQ lock - MINOR: ssl: Handle reading early data after writing better. - MINOR: mux: Make sure every string is woken up after the handshake. - MEDIUM: cache: store sha1 for hashing the cache key - MINOR: http: implement the "http-request reject" rule - MINOR: h2: send RST_STREAM before GOAWAY on reject - MEDIUM: h2: don't gracefully close the connection anymore on Connection: close - MINOR: h2: make use of client-fin timeout after GOAWAY - MEDIUM: config: ensure that tune.bufsize is at least 16384 when using HTTP/2 - MINOR: ssl: Handle early data with BoringSSL - BUG/MEDIUM: stream: always release the stream-interface on abort - BUG/MEDIUM: cache: free ressources in chn_end_analyze - MINOR: cache: move the refcount decrease in the applet release - BUG/MINOR: listener: Allow multiple "process" options on "bind" lines - MINOR: config: Support a range to specify processes in "cpu-map" parameter - MINOR: config: Slightly change how parse_process_number works - MINOR: config: Export parse_process_number and use it wherever it's applicable - MINOR: standard: Add my_ffsl function to get the position of the bit set to one - MINOR: config: Add auto-increment feature for cpu-map - MINOR: config: Support partial ranges in cpu-map directive - MINOR:: config: Remove thread-map directive - MINOR: config: Add the threads support in cpu-map directive - MINOR: config: Add threads support for "process" option on "bind" lines - MEDIUM: listener: Bind listeners on a thread subset if specified - CLEANUP: debug: Use DPRINTF instead of fprintf into #ifdef DEBUG_FULL/#endif - CLEANUP: log: Rename Alert/Warning in ha_alert/ha_warning - MINOR/CLEANUP: proxy: rename "proxy" to "proxies_list" - CLEANUP: pools: rename all pool functions and pointers to remove this "2" - DOC: update the roadmap file with the latest changes merged in 1.8 - DOC: fix mangled version in peers protocol documentation - DOC: add initial peers protovol v2.0 documentation. - DOC: mention William as maintainer of the cache and master-worker - DOC: add Christopher and Emeric as maintainers of the threads - MINOR: cache: replace a fprint() by an abort() - MEDIUM: cache: max-age configuration keyword - DOC: explain HTTP2 timeout behavior - DOC: cache: configuration and management - MAJOR: mworker: exits the master on failure - BUG/MINOR: threads: don't drop "extern" on the lock in include files - MINOR: task: keep a pointer to the currently running task - MINOR: task: align the rq and wq locks - MINOR: fd: cache-align fdtab and fdcache locks - MINOR: buffers: cache-align buffer_wq_lock - CLEANUP: server: reorder some fields in struct server to save 40 bytes - CLEANUP: proxy: slightly reorder the struct proxy to reduce holes - CLEANUP: checks: remove 16 bytes of holes in struct check - CLEANUP: cache: more efficiently pack the struct cache - CLEANUP: fd: place the lock at the beginning of struct fdtab - CLEANUP: pools: align pools on a cache line - DOC: config: add a few bits about how to configure HTTP/2 - BUG/MAJOR: threads/queue: avoid recursive locking in pendconn_get_next_strm() - BUILD: Makefile: reorder object files by size |
||
Willy Tarreau
|
0b78792bbe |
[RELEASE] Released version 1.8.0
Released version 1.8.0 with the following main changes : - BUG/MEDIUM: stream: don't automatically forward connect nor close - BUG/MAJOR: stream: ensure analysers are always called upon close - BUG/MINOR: stream-int: don't try to read again when CF_READ_DONTWAIT is set - MEDIUM: mworker: Add systemd `Type=notify` support - BUG/MEDIUM: cache: free callback to remove from tree - CLEANUP: cache: remove unused struct - MEDIUM: cache: enable the HTTP analysers - CLEANUP: cache: remove wrong comment - MINOR: threads/atomic: rename local variables in macros to avoid conflicts - MINOR: threads/plock: rename local variables in macros to avoid conflicts - MINOR: threads/atomic: implement pl_mb() in asm on x86 - MINOR: threads/atomic: implement pl_bts() on non-x86 - MINOR: threads/build: atomic: replace the few inlines with macros - BUILD: threads/plock: fix a build issue on Clang without optimization - BUILD: ebtree: don't redefine types u32/s32 in scope-aware trees - BUILD: compiler: add a new type modifier __maybe_unused - BUILD: h2: mark some inlined functions "unused" - BUILD: server: check->desc always exists - BUG/MEDIUM: h2: properly report connection errors in headers and data handlers - MEDIUM: h2: add a function to emit an HTTP/1 request from a headers list - MEDIUM: h2: change hpack_decode_headers() to only provide a list of headers - BUG/MEDIUM: h2: always reassemble the Cookie request header field - BUG/MINOR: systemd: ignore daemon mode - CONTRIB: spoa_example: allow to compile outside HAProxy. - CONTRIB: spoa_example: remove bref, wordlist, cond_wordlist - CONTRIB: spoa_example: remove last dependencies on type "sample" - CONTRIB: spoa_example: remove SPOE enums that are useless for clients - CLEANUP: cache: reorder includes - MEDIUM: shctx: use unsigned int for len and block_count - MEDIUM: cache: "show cache" on the cli - BUG/MEDIUM: cache: use key=0 as a condition for freeing - BUG/MEDIUM: cache: refcount forbids to free the objects - BUG/MEDIUM: cache fix cli_kws structure - BUG/MEDIUM: deinit: correctly deinitialize the proxy and global listener tasks - BUG/MINOR: ssl: Always start the handshake if we can't send early data. - MINOR: ssl: Don't disable early data handling if we could not write. - MINOR: pools: prepare functions to override malloc/free in pools - MINOR: pools: implement DEBUG_UAF to detect use after free - BUG/MEDIUM: threads/time: fix time drift correction - BUG/MEDIUM: threads/time: maintain a common time reference between all threads - MINOR: sample: Add "thread" sample fetch - BUG/MINOR: Use crt_base instead of ca_base when crt is parsed on a server line - BUG/MINOR: stream: fix tv_request calculation for applets - BUG/MAJOR: h2: always remove a stream from the send list before freeing it - BUG/MAJOR: threads/task: dequeue expired tasks under the WQ lock - MINOR: ssl: Handle reading early data after writing better. - MINOR: mux: Make sure every string is woken up after the handshake. - MEDIUM: cache: store sha1 for hashing the cache key - MINOR: http: implement the "http-request reject" rule - MINOR: h2: send RST_STREAM before GOAWAY on reject - MEDIUM: h2: don't gracefully close the connection anymore on Connection: close - MINOR: h2: make use of client-fin timeout after GOAWAY - MEDIUM: config: ensure that tune.bufsize is at least 16384 when using HTTP/2 - MINOR: ssl: Handle early data with BoringSSL - BUG/MEDIUM: stream: always release the stream-interface on abort - BUG/MEDIUM: cache: free ressources in chn_end_analyze - MINOR: cache: move the refcount decrease in the applet release - BUG/MINOR: listener: Allow multiple "process" options on "bind" lines - MINOR: config: Support a range to specify processes in "cpu-map" parameter - MINOR: config: Slightly change how parse_process_number works - MINOR: config: Export parse_process_number and use it wherever it's applicable - MINOR: standard: Add my_ffsl function to get the position of the bit set to one - MINOR: config: Add auto-increment feature for cpu-map - MINOR: config: Support partial ranges in cpu-map directive - MINOR:: config: Remove thread-map directive - MINOR: config: Add the threads support in cpu-map directive - MINOR: config: Add threads support for "process" option on "bind" lines - MEDIUM: listener: Bind listeners on a thread subset if specified - CLEANUP: debug: Use DPRINTF instead of fprintf into #ifdef DEBUG_FULL/#endif - CLEANUP: log: Rename Alert/Warning in ha_alert/ha_warning - MINOR/CLEANUP: proxy: rename "proxy" to "proxies_list" - CLEANUP: pools: rename all pool functions and pointers to remove this "2" - DOC: update the roadmap file with the latest changes merged in 1.8 - DOC: fix mangled version in peers protocol documentation - DOC: add initial peers protovol v2.0 documentation. - DOC: mention William as maintainer of the cache and master-worker - DOC: add Christopher and Emeric as maintainers of the threads - MINOR: cache: replace a fprint() by an abort() - MEDIUM: cache: max-age configuration keyword - DOC: explain HTTP2 timeout behavior - DOC: cache: configuration and management - MAJOR: mworker: exits the master on failure - BUG/MINOR: threads: don't drop "extern" on the lock in include files - MINOR: task: keep a pointer to the currently running task - MINOR: task: align the rq and wq locks - MINOR: fd: cache-align fdtab and fdcache locks - MINOR: buffers: cache-align buffer_wq_lock - CLEANUP: server: reorder some fields in struct server to save 40 bytes - CLEANUP: proxy: slightly reorder the struct proxy to reduce holes - CLEANUP: checks: remove 16 bytes of holes in struct check - CLEANUP: cache: more efficiently pack the struct cache - CLEANUP: fd: place the lock at the beginning of struct fdtab - CLEANUP: pools: align pools on a cache line - DOC: config: add a few bits about how to configure HTTP/2 - BUG/MAJOR: threads/queue: avoid recursive locking in pendconn_get_next_strm() - BUILD: Makefile: reorder object files by size |
||
Willy Tarreau
|
cfe14669f7 |
[RELEASE] Released version 1.8-rc4
Released version 1.8-rc4 with the following main changes : - BUG/MEDIUM: cache: does not cache if no Content-Length - BUILD: thread/pipe: fix build without threads - BUG/MINOR: spoe: check buffer size before acquiring or releasing it - MINOR: debug/flags: Add missing flags - MINOR: threads: Use __decl_hathreads to declare locks - BUG/MINOR: buffers: Fix b_alloc_margin to be "fonctionnaly" thread-safe - BUG/MAJOR: ebtree/scope: fix insertion and removal of duplicates in scope-aware trees - BUG/MAJOR: ebtree/scope: fix lookup of next node in scope-aware trees - MINOR: ebtree/scope: add a function to find next node from a parent - MINOR: ebtree/scope: simplify the lookup functions by using eb32sc_next_with_parent() - BUG/MEDIUM: mworker: Fix re-exec when haproxy is started from PATH - BUG/MEDIUM: cache: use msg->sov to forward header - MINOR: cache: forward data with headers - MINOR: cache: disable cache if shctx_row_data_append fail - BUG/MINOR: threads: tid_bit must be a unsigned long - CLEANUP: tasks: Remove useless double test on rq_next - BUG/MEDIUM: standard: itao_str/idx and quote_str/idx must be thread-local - MINOR: tools: add a function to dump a scope-aware tree to a file - MINOR: tools: improve the DOT dump of the ebtree - MINOR: tools: emphasize the node being worked on in the tree dump - BUG/MAJOR: ebtree/scope: properly tag upper nodes during insertion - DOC: peers: Add a first version of peers protocol v2.1. - CONTRIB: Wireshark dissector for HAProxy Peer Protocol. - MINOR: mworker: display an accurate error when the reexec fail - BUG/MEDIUM: mworker: wait again for signals when execvp fail - BUG/MEDIUM: mworker: does not deinit anymore - BUG/MEDIUM: mworker: does not close inherited FD - MINOR: tests: add a python wrapper to test inherited fd - BUG/MINOR: Allocate the log buffers before the proxies startup - MINOR: tasks: Use a bitfield to track tasks activity per-thread - MAJOR: polling: Use active_tasks_mask instead of tasks_run_queue - MINOR: applets: Use a bitfield to track applets activity per-thread - MAJOR: polling: Use active_appels_mask instead of applets_active_queue - MEDIUM: applets: Don't process more than 200 active applets at once - MINOR: stream: Add thread-mask of tasks/FDs/applets in "show sess all" command - MINOR: SSL: Store the ASN1 representation of client sessions. - MINOR: ssl: Make sure we don't shutw the connection before the handshake. - BUG/MEDIUM: deviceatlas: ignore not valuable HTTP request data |
||
Willy Tarreau
|
34650d5a7b |
[RELEASE] Released version 1.8-rc3
Released version 1.8-rc3 with the following main changes : - BUILD: use MAXPATHLEN instead of NAME_MAX. - BUG/MAJOR: threads/checks: add 4 missing spin_unlock() in various functions - BUG/MAJOR: threads/server: missing unlock in CLI fqdn parser - BUG/MINOR: cli: do not perform an invalid action on "set server check-port" - BUG/MAJOR: threads/checks: wrong use of SPIN_LOCK instead of SPIN_UNLOCK - CLEANUP: checks: remove return statements in locked functions - BUG/MINOR: cli: add severity in "set server addr" parser - CLEANUP: server: get rid of return statements in the CLI parser - BUG/MAJOR: cli/streams: missing unlock on exit "show sess" - BUG/MAJOR: threads/dns: add missing unlock on allocation failure path - BUG/MAJOR: threads/lb: fix missing unlock on consistent hash LB - BUG/MAJOR: threads/lb: fix missing unlock on map-based hash LB - BUG/MEDIUM: threads/stick-tables: close a race condition on stktable_trash_expired() - BUG/MAJOR: h2: set the connection's task to NULL when no client timeout is set - BUG/MAJOR: thread/listeners: enable_listener must not call unbind_listener() - BUG/MEDIUM: threads: don't try to free build option message on exit - MINOR: applets: no need to check for runqueue's emptiness in appctx_res_wakeup() - MINOR: add master-worker in the warning about nbproc - MINOR: mworker: allow pidfile in mworker + foreground - MINOR: mworker: write parent pid in the pidfile - MINOR: mworker: do not store child pid anymore in the pidfile - MINOR: ebtree: implement the scope-aware functions for eb32 - MEDIUM: ebtree: specify the scope of every node inserted via eb32sc - MINOR: ebtree: update the eb32sc parent node's scope on delete - MEDIUM: ebtree: only consider the branches matching the scope in lookups - MINOR: ebtree: implement eb32sc_lookup_ge_or_first() - MAJOR: task: make use of the scope-aware ebtree functions - MINOR: task: simplify wake_expired_tasks() to avoid unlocking in the loop - MEDIUM: task: change the construction of the loop in process_runnable_tasks() - MINOR: threads: use faster locks for the spin locks - MINOR: tasks: only visit filled task slots after processing them - MEDIUM: tasks: implement a lockless scheduler for single-thread usage - BUG/MINOR: dns: Don't try to get the server lock if it's already held. - BUG/MINOR: dns: Don't lock the server lock in snr_check_ip_callback(). - DOC: Add note about encrypted password CPU usage - BUG/MINOR: h2: set the "HEADERS_SENT" flag on stream, not connection - BUG/MEDIUM: h2: properly send an RST_STREAM on mux stream error - BUG/MEDIUM: h2: properly send the GOAWAY frame in the mux - BUG/MEDIUM: h2: don't try (and fail) to send non-existing data in the mux - MEDIUM: h2: remove the H2_SS_RESET intermediate state - BUG/MEDIUM: h2: fix some wrong error codes on connections - BUILD: threads: Rename SPIN/RWLOCK macros using HA_ prefix - BUILD: enable USE_THREAD for Solaris build. - BUG/MEDIUM: h2: don't close the connection is there are data left - MINOR: h2: don't re-enable the connection's task when we're closing - BUG/MEDIUM: h2: properly set H2_SF_ES_SENT when sending the final frame - BUG/MINOR: h2: correctly check for H2_SF_ES_SENT before closing - MINOR: h2: add new stream flag H2_SF_OUTGOING_DATA - BUG/MINOR: h2: don't send GOAWAY on failed response - BUG/MEDIUM: splice/threads: pipe reuse list was not protected. - BUG/MINOR: comp: fix compilation warning compiling without compression. - BUG/MINOR: stream-int: don't set MSG_MORE on closed request path - BUG/MAJOR: threads/tasks: fix the scheduler again - BUG/MINOR; ssl: Don't assume we have a ssl_bind_conf because a SNI is matched. - MINOR: ssl: Handle session resumption with TLS 1.3 - MINOR: ssl: Spell 0x10101000L correctly. - MINOR: ssl: Handle sending early data to server. - BUILD: ssl: fix build of backend without ssl - BUILD: shctx: do not depend on openssl anymore - BUG/MINOR: h1: the HTTP/1 make status code parser check for digits - BUG/MEDIUM: h2: reject non-3-digit status codes - BUG/MEDIUM: stream-int: Don't loss write's notifs when a stream is woken up - BUG/MINOR: pattern: Rely on the sample type to copy it in pattern_exec_match - BUG/MEDIUM: h2: split the function to send RST_STREAM - BUG/MEDIUM: h1: ensure the chunk size parser can deal with full buffers - MINOR: tools: don't use unlikely() in hex2i() - BUG/MEDIUM: h2: support orphaned streams - BUG/MEDIUM: threads/cli: fix "show sess" locking on release - CLEANUP: mux: remove the unused "release()" function - MINOR: cli: make "show fd" report the fd's thread mask - BUG/MEDIUM: stream: don't ignore res.analyse_exp anymore - CLEANUP: global: introduce variable pid_bit to avoid shifts with relative_pid - MEDIUM: http: always reject the "PRI" method |
||
Willy Tarreau
|
a8d8d6e8f6 |
[RELEASE] Released version 1.8-rc2
Released version 1.8-rc2 with the following main changes : - BUG/MINOR: send-proxy-v2: fix dest_len in make_tlv call - BUG/MINOR: send-proxy-v2: string size must include ('\0') - MINOR: mux: Only define pipe functions on linux. - MINOR: cache: Remove useless test for nonzero. - MINOR: cache: Don't confuse act_return and act_parse_ret. - BUG/MEDIUM: h2: don't try to parse incomplete H1 responses - BUG/MEDIUM: checks/mux: always enable send-polling after connecting - BUG/MAJOR: fix deadlock on healthchecks. - BUG/MINOR: thread: fix a typo in the debug code - BUILD: shctx: allow to be built without openssl - BUG/MEDIUM: cache: don't try to resolve wrong filters - BUG/MAJOR: buffers: fix get_buffer_nc() for data at end of buffer - BUG/MINOR: freq: fix infinite loop on freq_ctr_period. - BUG/MINOR: stdarg.h inclusion - BUG/MINOR: dns: fix missing lock protection on server. - BUG/MINOR: lua: fix missing lock protection on server. - BUILD: enable USE_THREAD for OpenBSD build. - BUG/MAJOR: mux_pt: don't dereference a connstream after ->wake() - MINOR: thread: report multi-thread support in haproxy -vv |
||
Willy Tarreau
|
901f75c4a6 |
[RELEASE] Released version 1.8-rc1
Released version 1.8-rc1 with the following main changes : - BUG/MEDIUM: server: Allocate tmptrash before using it. - CONTRIB: trace: add the possibility to place trace calls in the code - CONTRIB: trace: try to display the function's return value on exit - CONTRIB: trace: report the base name only for file names - BUILD: ssl: support OPENSSL_NO_ASYNC #define - MINOR: ssl: build with recent BoringSSL library - BUG/MINOR: ssl: OCSP_single_get0_status can return -1 - BUG/MINOR: cli: restore "set ssl tls-key" command - CLEANUP: cli: remove undocumented "set ssl tls-keys" command - IMPORT: sha1: import SHA1 functions - MINOR: sample: add the sha1 converter - MINOR: sample: add the hex2i converter - MINOR: stream-int: stop checking for useless connection flags in chk_snd_conn - MINOR: ssl: don't abort after sending 16kB - MINOR: connection: move the cleanup of flag CO_FL_WAIT_ROOM - MINOR: connection: add flag CO_FL_WILL_UPDATE to indicate when updates are granted - MEDIUM: connection: make use of CO_FL_WILL_UPDATE in conn_sock_shutw() - MINOR: raw_sock: make use of CO_FL_WILL_UPDATE - MINOR: ssl_sock: make use of CO_FL_WILL_UPDATE - BUG/MINOR: checks: Don't forget to release the connection on error case. - MINOR: buffer: add the buffer input manipulation functions - BUG/MEDIUM: prevent buffers being overwritten during build_logline() execution - MEDIUM: cfgparse: post section callback - MEDIUM: cfgparse: post parsing registration - MINOR: lua: add uuid to the Class Proxy - MINOR: hlua: Add regex class - MINOR: http: Mark the 425 code as "Too Early". - MEDIUM: ssl: convert CBS (BoringSSL api) usage to neutral code - MINOR: ssl: support Openssl 1.1.1 early callback for switchctx - MINOR: ssl: generated certificate is missing in switchctx early callback - MEDIUM: ssl: Handle early data with OpenSSL 1.1.1 - BUILD: Makefile: disable -Wunused-label - MINOR: ssl/proto_http: Add keywords to take care of early data. - BUG/MINOR: lua: const attribute of a string is overridden - MINOR: ssl: Don't abuse ssl_options. - MINOR: update proxy-protocol-v2 #define - MINOR: merge ssl_sock_get calls for log and ppv2 - MINOR: add ALPN information to send-proxy-v2 - MEDIUM: h1: ensure that 1xx, 204 and 304 don't have a payload body - CLEANUP: shctx: get ride of the shsess_packet{_hdr} structures - MEDIUM: lists: list_for_each_entry{_safe}_from functions - REORG: shctx: move lock functions and struct - MEDIUM: shctx: allow the use of multiple shctx - REORG: shctx: move ssl functions to ssl_sock.c - MEDIUM: shctx: separate ssl and shctx - MINOR: shctx: rename lock functions - MINOR: h1: store the status code in the H1 message - BUG/MINOR: spoe: Don't compare engine name and SPOE scope when both are NULL - BUG/MINOR: spoa: Update pointer on the end of the frame when a reply is encoded - MINOR: action: Add trk_idx inline function - MINOR: action: Use trk_idx instead of tcp/http_trk_idx - MINOR: action: Add a function pointer in act_rule struct to check its validity - MINOR: action: Add function to check rules using an action ACT_ACTION_TRK_* - MINOR: action: Add a functions to check http capture rules - MINOR: action: Factorize checks on rules calling check_ptr if defined - MINOR: acl: Pass the ACLs as an explicit parameter of build_acl_cond - MEDIUM: spoe: Add support of ACLS to enable or disable sending of SPOE messages - MINOR: spoe: Check uniqness of SPOE engine names during config parsing - MEDIUM: spoe: Parse new "spoe-group" section in SPOE config file - MEDIUM: spoe/rules: Add "send-spoe-group" action for tcp/http rules - MINOR: spoe: Move message encoding in its own function - MINOR: spoe: Add a type to qualify the message list during encoding - MINOR: spoe: Add a generic function to encode a list of SPOE message - MEDIUM: spoe/rules: Process "send-spoe-group" action - BUG/MINOR: dns: Fix CLI keyword declaration - MAJOR: dns: Refactor the DNS code - BUG/MINOR: mailers: Fix a memory leak when email alerts are released - MEDIUM: mailers: Init alerts during conf parsing and refactor their processing - MINOR: mailers: Use pools to allocate email alerts and its tcpcheck_rules - MINOR: standard: Add memvprintf function - MINOR: log: Save alerts and warnings emitted during HAProxy startup - MINOR: cli: Add "show startup-logs" command - MINOR: startup: Extend the scope the MODE_STARTING flag - MINOR: threads: Prepare makefile to link with pthread - MINOR: threads: Add THREAD_LOCAL macro - MINOR: threads: Add atomic-ops and plock includes in import dir - MEDIUM: threads: Add hathreads header file - MINOR: threads: Add mechanism to register per-thread init/deinit functions - MINOR: threads: Add nbthread parameter - MEDIUM: threads: Adds a set of functions to handle sync-point - MAJOR: threads: Start threads to experiment multithreading - MINOR: threads: Define the sync-point inside run_poll_loop - MEDIUM: threads/buffers: Define and register per-thread init/deinit functions - MEDIUM: threads/chunks: Transform trash chunks in thread-local variables - MEDIUM: threads/time: Many global variables from time.h are now thread-local - MEDIUM: threads/logs: Make logs thread-safe - MEDIUM: threads/pool: Make pool thread-safe by locking all access to a pool - MAJOR: threads/fd: Make fd stuffs thread-safe - MINOR: threads/fd: Add a mask of threads allowed to process on each fd in fdtab array - MEDIUM: threads/fd: Initialize the process mask during the call to fd_insert - MINOR: threads/fd: Process cached events of FDs depending on the process mask - MINOR: threads/polling: pollers now handle FDs depending on the process mask - WIP: SQUASH WITH SYNC POINT - MAJOR: threads/task: handle multithread on task scheduler - MEDIUM: threads/signal: Add a lock to make signals thread-safe - MEDIUM: threads/listeners: Make listeners thread-safe - MEDIUM: threads/proxy: Add a lock per proxy and atomically update proxy vars - MEDIUM: threads/server: Make connection list (priv/idle/safe) thread-safe - MEDIUM: threads/server: Add a lock per server and atomically update server vars - MINOR: threads/server: Add a lock to deal with insert in updates_servers list - MEDIUM: threads/lb: Make LB algorithms (lb_*.c) thread-safe - MEDIUM: threads/stick-tables: handle multithreads on stick tables - MINOR: threads/sample: Change temp_smp into a thread local variable - MEDIUM: threads/http: Make http_capture_bad_message thread-safe - MINOR: threads/regex: Change Regex trash buffer into a thread local variable - MAJOR: threads/applet: Handle multithreading for applets - MAJOR: threads/peers: Make peers thread safe - MAJOR: threads/buffer: Make buffer wait queue thread safe - MEDIUM: threads/stream: Make streams list thread safe - MAJOR: threads/ssl: Make SSL part thread-safe - MEDIUM: threads/queue: Make queues thread-safe - MAJOR: threads/map: Make acls/maps thread safe - MEDIUM: threads/freq_ctr: Make the frequency counters thread-safe - MEDIUM: thread/vars: Make vars thread-safe - MEDIUM: threads/filters: Add init/deinit callback per thread - MINOR: threads/filters: Update trace filter to add _per_thread callbacks - MEDIUM: threads/compression: Make HTTP compression thread-safe - MEDIUM: threads/lua: Makes the jmpbuf and some other buffers local to the current thread. - MEDIUM: threads/lua: Add locks around the Lua execution parts. - MEDIUM: threads/lua: Ensure that the launched tasks runs on the same threads than me - MEDIUM: threads/lua: Cannot acces to the socket if we try to access from another thread. - MEDIUM: threads/xref: Convert xref function to a thread safe model - MEDIUM: threads/tasks: Add lock around notifications - MEDIUM: thread/spoe: Make the SPOE thread-safe - MEDIUM: thread/dns: Make DNS thread-safe - MINOR: threads: Add thread-map config parameter in the global section - MINOR: threads/checks: Add a lock to protect the pid list used by external checks - MINOR: threads/checks: Set the task process_mask when a check is executed - MINOR: threads/mailers: Add a lock to protect queues of email alerts - MEDIUM: threads/server: Use the server lock to protect health check and cli concurrency - MINOR: threads: Don't start when device a detection module is used - BUG/MEDIUM: threads: Run the poll loop on the main thread too - BUG/MINOR: threads: Add missing THREAD_LOCAL on static here and there - MAJOR: threads: Offically enable the threads support in HAProxy - BUG/MAJOR: threads/freq_ctr: fix lock on freq counters. - BUG/MAJOR: threads/time: Store the time deviation in an 64-bits integer - BUILD: stick-tables: silence an uninitialized variable warning - BUG/MINOR: dns: Fix SRV records with the new thread code. - MINOR: ssl: Remove the global allow-0rtt option. - CLEANUP: threads: replace the last few 1UL<<tid with tid_bit - CLEANUP: threads: rename process_mask to thread_mask - MINOR: h1: add a function to measure the trailers length - MINOR: threads: add a portable barrier for threads and non-threads - BUG/MAJOR: threads/freq_ctr: use a memory barrier to detect changes - BUG/MEDIUM: threads: Initialize the sync-point - MEDIUM: connection: start to introduce a mux layer between xprt and data - MINOR: connection: implement alpn registration of muxes - MINOR: mux: register the pass-through mux for any ALPN string - MEDIUM: session: use the ALPN token and proxy mode to select the mux - MINOR: connection: report the major HTTP version from the MUX for logging (fc_http_major) - MINOR: connection: introduce conn_stream - MINOR: mux: add more methods to mux_ops - MINOR: connection: introduce the conn_stream manipulation functions - MINOR: mux_pt: implement remaining mux_ops methods - MAJOR: connection : Split struct connection into struct connection and struct conn_stream. - MINOR: connection: make conn_stream users also check for per-stream error flag - MINOR: conn_stream: new shutr/w status flags - MINOR: conn_stream: modify cs_shut{r,w} API to pass the desired mode - MEDIUM: connection: make conn_sock_shutw() aware of lingering - MINOR: connection: add cs_close() to close a conn_stream - MEDIUM: mux_pt: make cs_shutr() / cs_shutw() properly close the connection - MEDIUM: connection: replace conn_full_close() with cs_close() - MEDIUM: connection: make mux->detach() release the connection - MEDIUM: stream: do not forcefully close the client connection anymore - MEDIUM: checks: exclusively use cs_destroy() to release a connection - MEDIUM: connection: add a destroy callback - MINOR: session: release the listener with the session, not the stream - MEDIUM: session: make use of the connection's destroy callback - CONTRIB: hpack: implement a reverse huffman table generator for hpack - MINOR: hpack: implement the HPACK Huffman table decoder - MINOR: hpack: implement the header tables management - MINOR: hpack: implement the decoder - MEDIUM: hpack: implement basic hpack encoding - MINOR: h2: centralize all HTTP/2 protocol elements and constants - MINOR: h2: create a very minimalistic h2 mux - MINOR: h2: expose tune.h2.header-table-size to configure the table size - MINOR: h2: expose tune.h2.initial-window-size to configure the window size - MINOR: h2: expose tune.h2.max-concurrent-streams to limit the number of streams - MINOR: h2: create the h2c struct and allocate its pool - MINOR: h2: create the h2s struct and the associated pool - MINOR: h2: handle two extra stream states for errors - MINOR: h2: add a frame header descriptor for incoming frames - MEDIUM: h2: allocate and release the h2c context on connection init/end - MEDIUM: h2: implement basic recv/send/wake functions - MEDIUM: h2: dynamically allocate the demux buffer on Rx - MEDIUM: h2: implement the mux buffer allocator - MINOR: h2: add the connection and stream flags listing the causes for blocking - MINOR: h2: add function h2s_id() to report a stream's ID - MINOR: h2: small function to know when the mux is busy - MINOR: h2: new function h2c_error to mark an error on the connection - MINOR: h2: new function h2s_error() to mark an error on a stream - MINOR: h2: add h2_set_frame_size() to update the size in a binary frame - MINOR: h2: new function h2_peek_frame_hdr() to retrieve a new frame header - MINOR: h2: add a few functions to retrieve contents from a wrapping buffer - MINOR: h2: add stream lookup function based on the stream ID - MINOR: h2: create dummy idle and closed streams - MINOR: h2: add the function to create a new stream - MINOR: h2: update the {MUX,DEM}_{M,D}ALLOC flags on buffer availability - MEDIUM: h2: start to consider the H2_CF_{MUX,DEM}_* flags for polling - MINOR: h2: also terminate the connection on shutr - MEDIUM: h2: properly consider all conditions for end of connection - MEDIUM: h2: wake the connection up for send on pending streams - MEDIUM: h2: start to implement the frames processing loop - MINOR: h2: add a function to send a GOAWAY error frame - MINOR: h2: match the H2 connection preface on init - MEDIUM: h2: enable connection polling for send when a cs wants to emit - MEDIUM: h2: enable reading again on the connection if it was blocked on stream buffer full - MEDIUM: h2: process streams pending for sending - MINOR: h2: send a real SETTINGS frame based on the configuration - MEDIUM: h2: detect the presence of the first settings frame - MINOR: h2: create a stream parser for the demuxer - MINOR: h2: implement PING frames - MEDIUM: h2: decode SETTINGS frames and extract relevant settings - MINOR: h2: lookup the stream during demuxing - MEDIUM: h2: honor WINDOW_UPDATE frames - MINOR: h2: implement h2_send_rst_stream() to send RST_STREAM frames - MINOR: h2: handle CONTINUATION frames - MEDIUM: h2: partial implementation of h2_detach() - MEDIUM: h2: unblock a connection when its current stream detaches - MEDIUM: h2: basic processing of HEADERS frame - MEDIUM: h2: don't use trash to decode headers! - MEDIUM: h2: implement the response HEADERS frame to encode the H1 response - MEDIUM: h2: send the H1 response body as DATA frames - MEDIUM: h2: skip the response trailers if any - MEDIUM: h2: properly continue to parse header block when facing a 1xx response - MEDIUM: h2: send WINDOW_UPDATE frames for connection - MEDIUM: h2: handle request body in DATA frames - MINOR: h2: handle RST_STREAM frames - MEDIUM: h2: send DATA+ES or RST_STREAM on shutw/shutr - MINOR: h2: use a common function to signal some and all streams. - MEDIUM: h2: handle GOAWAY frames - MINOR: h2: centralize the check for the idle streams - MINOR: h2: centralize the check for the half-closed(remote) streams - MEDIUM: h2: silently ignore frames higher than last_id after GOAWAY - MINOR: h2: properly reject PUSH_PROMISE frames coming from the client - MEDIUM: h2: perform a graceful shutdown on "Connection: close" - MEDIUM: h2: send a GOAWAY frame when dealing with an empty response - MEDIUM: h2: apply a timeout to h2 connections - BUG/MEDIUM: h2: fix incorrect timeout handling on the connection - MEDIUM: shctx: forbid shctx to read more than expected - MEDIUM: cache: configuration parsing and initialization - MEDIUM: cache: store objects in cache - MEDIUM: cache: deliver objects from cache |
||
Willy Tarreau
|
f08137c434 |
[RELEASE] Released version 1.8-dev3
Released version 1.8-dev3 with the following main changes : - REORG: ssl: move defines and methodVersions table upper - MEDIUM: ssl: ctx_set_version/ssl_set_version func for methodVersions table - MINOR: ssl: support ssl-min-ver and ssl-max-ver with crt-list - MEDIUM: ssl: disable SSLv3 per default for bind - BUG/MAJOR: ssl: fix segfault on connection close using async engines. - BUG/MAJOR: ssl: buffer overflow using offloaded ciphering on async engine - BUG/MINOR: ssl: do not call directly the conn_fd_handler from async_fd_handler - BUG/MINOR: haproxy/cli : fix for solaris/illumos distros for CMSG* macros - BUG/MEDIUM: build without openssl broken - BUG/MINOR: warning: need_resend may be used uninitialized - BUG/MEDIUM: misplaced exit and wrong exit code - BUG/MINOR: Makefile: fix compile error with USE_LUA=1 in ubuntu16.04 - BUILD: scripts: make publish-release support bare repositories - BUILD: scripts: add an automatic mode for publish-release - BUILD: scripts: add a "quiet" mode to publish-release - BUG/MAJOR: http: call manage_client_side_cookies() before erasing the buffer - BUG/MINOR: buffers: Fix bi/bo_contig_space to handle full buffers - CONTRIB: plug qdiscs: Plug queuing disciplines mini HOWTO. - BUG/MINOR: acls: Set the right refflag when patterns are loaded from a map - BUG/MINOR: ssl: Be sure that SSLv3 connection methods exist for openssl < 1.1.0 - BUG/MINOR: http/filters: Be sure to wait if a filter loops in HTTP_MSG_ENDING - BUG/MEDIUM: peers: Peers CLOSE_WAIT issue. - BUG/MAJOR: server: Segfault after parsing server state file. - BUG/MEDIUM: unix: never unlink a unix socket from the file system - scripts: create-release pass -n to tail - SCRIPTS: create-release: enforce GIT_COMMITTER_{NAME|EMAIL} validity - BUG/MEDIUM: fix segfault when no argument to -x option - MINOR: warning on multiple -x - MINOR: mworker: don't copy -x argument anymore in copy_argv() - BUG/MEDIUM: mworker: don't reuse PIDs passed to the master - BUG/MINOR: Wrong peer task expiration handling during synchronization processing. - BUG/MINOR: cfgparse: Check if tune.http.maxhdr is in the range 1..32767 - BUG/MINOR: log: pin the front connection when front ip/ports are logged - DOC: fix references to the section about the unix socket - BUG/MINOR: stream: flag TASK_WOKEN_RES not set if task in runqueue - MAJOR: task: task scheduler rework. - MINOR: task/stream: tasks related to a stream must be init by the caller. - MINOR: queue: Change pendconn_get_next_strm into private function - MINOR: backends: Change get_server_sh/get_server_uh into private function - MINOR: queue: Change pendconn_from_srv/pendconn_from_px into private functions - MEDIUM: stream: make stream_new() always set the target and analysers - MINOR: frontend: initialize HTTP layer after the debugging code - MINOR: connection: add a .get_alpn() method to xprt_ops - MINOR: ssl: add a get_alpn() method to ssl_sock - MINOR: frontend: retrieve the ALPN name when available - MINOR: frontend: report the connection's ALPN in the debug output - MINOR: stream: don't set backend's nor response analysers on SF_TUNNEL - MINOR: connection: send data before receiving - MAJOR: applet: applet scheduler rework. - BUG/MAJOR: frontend: don't dereference a null conn on outgoing connections - BUG/MAJOR: cli: fix custom io_release was crushed by NULL. - BUG/MAJOR: map: fix segfault during 'show map/acl' on cli. - BUG/MAJOR: compression: Be sure to release the compression state in all cases - MINOR: compression: Use a memory pool to allocate compression states - BUG/MAJOR: applet: fix a freeze if data is immedately forwarded. - DOC: fix references to the section about time format. - BUG/MEDIUM: map/acl: fix unwanted flags inheritance. - BUG/MAJOR: http: fix buffer overflow on loguri buffer. - MINOR: ssl: compare server certificate names to the SNI on outgoing connections - BUG/MINOR: stream: Don't forget to remove CF_WAKE_ONCE flag on response channel - BUG/MINOR: http: Don't reset the transaction if there are still data to send - BUG/MEDIUM: filters: Be sure to call flt_end_analyze for both channels - MINOR: peers: Add additional information to stick-table definition messages. - BUG/MINOR: http: properly handle all 1xx informational responses - OPTIM: ssl: don't consider a small ssl_read() as an indication of end of buffer - BUG/MINOR: peers: peer synchronization issue (with several peers sections). - CLEANUP: hdr_idx: make some function arguments const where possible - BUG/MINOR: Prevent a use-after-free on error scenario on option "-x". - BUG/MINOR: lua: In error case, the safe mode is not removed - BUG/MINOR: lua: executes the function destroying the Lua session in safe mode - BUG/MAJOR: lua/socket: resources not detroyed when the socket is aborted - BUG/MEDIUM: lua: bad memory access - BUG/MINOR: Lua: variable already initialized - DOC: update CONTRIBUTING regarding optional parts and message format - DOC: update the list of OpenSSL versions in the README - BUG/MINOR: http: Set the response error state in http_sync_res_state - MINOR: http: Reorder/rewrite checks in http_resync_states - MINOR: http: Switch requests/responses in TUNNEL mode only by checking txn flags - BUG/MEDIUM: http: Switch HTTP responses in TUNNEL mode when body length is undefined - MINOR: http: Rely on analyzers mask to end processing in forward_body functions - BUG/MINOR: http: Fix bug introduced in previous patch in http_resync_states - BUG/MINOR: contrib/modsecurity: BSD build fix - BUG/MINOR: contrib/mod_defender: build fix - BUG/MINOR: ssl: remove haproxy SSLv3 support when ssl lib have no SSLv3 - MINOR: ssl: remove an unecessary SSL_OP_NO_* dependancy - BUILD: ssl: fix compatibility with openssl without TLSEXT_signature_* - MINOR: tools: add a portable timegm() alternative - BUILD: lua: replace timegm() with my_timegm() to fix build on Solaris 10 - DOC: Updated 51Degrees git URL to point to a stable version. - BUG/MAJOR: http: Fix possible infinity loop in http_sync_(req|res)_state - MINOR: memory: remove macros - BUG/MINOR: lua: Fix Server.get_addr() port values - BUG/MINOR: lua: Correctly use INET6_ADDRSTRLEN in Server.get_addr() - MINOR: samples: Handle the type SMP_T_METH when we duplicate a sample in smp_dup - MINOR: samples: Handle the type SMP_T_METH in smp_is_safe and smp_is_rw - MINOR: samples: Don't allocate memory for SMP_T_METH sample when method is known - BUG/MINOR: lua: always detach the tcp/http tasks before freeing them - MINOR: task: always preinitialize the task's timeout in task_init() - CLEANUP: task: remove all initializations to TICK_ETERNITY after task_new() - BUG/MAJOR: lua: properly dequeue hlua_applet_wakeup() for new scheduler - MINOR: lua: Add proxy as member of proxy object. - DOC: lua: Proxy class doc update - MINOR: lua: Add lists of frontends and backends - BUG/MINOR: ssl: Fix check against SNI during server certificate verification - BUG/MINOR: ssl: make use of the name in SNI before verifyhost - MINOR: ssl: add a new error codes for wrong server certificates - BUG/MEDIUM: stream: don't retry SSL connections which fail the SNI name check - MINOR: ssl: add "no-ca-names" parameter for bind - BUG/MINOR: lua: Fix bitwise logic for hlua_server_check_* functions. - DOC: fix alphabetical order of "show commands" in management.txt - MINOR: listener: add a function to return a listener's state as a string - MINOR: cli: add a new "show fd" command - BUG/MEDIUM: ssl: Fix regression about certificates generation - MINOR: Add server port field to server state file. - MINOR: ssl: allow to start without certificate if strict-sni is set - MINOR: dns: Cache previous DNS answers. - MINOR: obj: Add a new type of object, OBJ_TYPE_SRVRQ. - Add a few functions to do unaligned access. - MINOR: dns: Handle SRV records. - MINOR: check: Fix checks when using SRV records. - MINOR: doc: Document SRV label usage. - BUILD/MINOR: cli: shut a minor gcc warning in "show fd" - BUILD: ssl: replace SSL_CTX_get0_privatekey for openssl < 1.0.2 - BUILD/MINOR: build without openssl still broken - BUG/MAJOR: stream: in stream_free(), close the front endpoint and not the origin - CLEANUP: raw_sock: Use a better name for the constructor than __ssl_sock_deinit() - MINOR: init: Fix CPU affinity setting on FreeBSD. - MINOR: dns: Update analysis of TRUNCATED response for SRV records - MINOR: dns: update record dname matching for SRV query types - MINOR: dns: update dns response buffer reading pointer due to SRV record - MINOR: dns: duplicate entries in resolution wait queue for SRV records - MINOR: dns: make debugging function dump_dns_config() compatible with SRV records - MINOR: dns: ability to use a SRV resolution for multiple backends - MINOR: dns: enable caching of responses for server set by a SRV record - MINOR: dns: new dns record type (RTYPE) for OPT - MINOR: dns: enabled edns0 extension and make accpeted payload size tunable - MINOR: dns: default "hold obsolete" timeout set to 0 - MINOR: chunks: add chunk_memcpy() and chunk_memcat() - MINOR: session: add a streams field to the session struct - MINOR: stream: link the stream to its session - MEDIUM: session: do not free a session until no stream references it - MINOR: ist: implement very simple indirect strings - TESTS: ist: add a test file for the functions - MINOR: http: export some of the HTTP parser macros - BUG/MINOR: Wrong type used as argument for spoe_decode_buffer(). - BUG/MINOR: dns: server set by SRV records stay in "no resolution" status - MINOR: dns: Maximum DNS udp payload set to 8192 - MINOR: dns: automatic reduction of DNS accpeted payload size - MINOR: dns: make SRV record processing more verbose - CLEANUP: dns: remove duplicated code in dns_resolve_recv() - CLEANUP: dns: remove duplicated code in dns_validate_dns_response() - BUG/MINOR: dns: wrong resolution interval lead to 100% CPU - BUG/MEDIUM: dns: fix accepted_payload_size parser to avoid integer overflow - BUG/MAJOR: lua: fix the impact of the scheduler changes again - BUG/MEDIUM: lua: HTTP services must take care of body-less status codes - MINOR: lua: properly process the contents of the content-length field - BUG/MEDIUM: stream: properly set the required HTTP analysers on use-service - OPTIM: lua: don't use expensive functions to parse headers in the HTTP applet - OPTIM: lua: don't add "Connection: close" on the response - REORG/MEDIUM: connection: introduce the notion of connection handle - BUG/MINOR: stream-int: don't check the CO_FL_CURR_WR_ENA flag - MEDIUM: connection: get rid of data->init() which was not for data - MEDIUM: stream: make stream_new() allocate its own task - CLEANUP: listener: remove the unused handler field - MEDIUM: session: add a pointer to a struct task in the session - MINOR: stream: provide a new stream creation function for connections - MEDIUM: connection: remove useless flag CO_FL_DATA_RD_SH - CLEANUP: connection: remove the unused conn_sock_shutw_pending() - MEDIUM: connection: remove useless flag CO_FL_DATA_WR_SH - DOC: add CLI info on privilege levels - DOC: Refer to Mozilla TLS info / config generator - MINOR: ssl: remove duplicate ssl_methods in struct bind_conf - BUG/MEDIUM: http: Fix a regression bug when a HTTP response is in TUNNEL mode - DOC: Add note about "* " prefix in CSV stats - CLEANUP: memory: Remove unused function pool_destroy - MINOR: listeners: Change listener_full and limit_listener into private functions - MINOR: listeners: Change enable_listener and disable_listener into private functions - MINOR: fd: Don't forget to reset fdtab[fd].update when a fd is added/removed - MINOR: fd: Set owner and iocb field before inserting a new fd in the fdtab - MINOR: backends: Make get_server_* functions explicitly static - MINOR: applet: Check applets_active_queue before processing applets queue - MINOR: chunks: Use dedicated function to init/deinit trash buffers - MEDIUM: chunks: Realloc trash buffers only after the config is parsed and checked - MINOR: logs: Use dedicated function to init/deinit log buffers - MINOR: logs: Realloc log buffers only after the config is parsed and checked - MINOR: buffers: Move swap_buffer into buffer.c and add deinit_buffer function - MINOR: stick-tables: Make static_table_key a struct variable instead of a pointer - MINOR: http: Use a trash chunk to store decoded string of the HTTP auth header - MINOR: fd: Add fd_active function - MINOR: fd: Use inlined functions to check fd state in fd_*_send/recv functions - MINOR: fd: Move (de)allocation of fdtab and fdinfo in (de)init_pollers - MINOR: freq_ctr: Return the new value after an update - MEDIUM: check: server states and weight propagation re-work - BUG/MEDIUM: epoll: ensure we always consider HUP and ERR - MINOR: fd: Add fd_update_events function - MINOR: polling: Use fd_update_events to update events seen for a fd - BUG/MINOR: server: Remove FQDN requirement for using init-addr and state file - Revert "BUG/MINOR: server: Remove FQDN requirement for using init-addr and state file" - MINOR: ssl: rework smp_fetch_ssl_fc_cl_str without internal ssl use - BUG/MEDIUM: http: Close streams for connections closed before a redirect - BUG/MINOR: Lua: The socket may be destroyed when we try to access. - MINOR: xref: Add a new xref system - MEDIUM: xref/lua: Use xref for referencing cosocket relation between stream and lua - MINOR: tasks: Move Lua notification from Lua to tasks - MINOR: net_helper: Inline functions meant to be inlined. - MINOR: cli: add socket commands and config to prepend informational messages with severity - MINOR: add severity information to cli feedback messages - BUILD: Makefile: add a function to detect support by the compiler of certain options - BUILD: Makefile: shut certain gcc/clang stupid warnings - BUILD: Makefile: improve detection of support for compiler warnings - MINOR: peers: don't reference the incoming listener on outgoing connections - MINOR: frontend: don't retrieve ALPN on the critical path - MINOR: protocols: always pass a "port" argument to the listener creation - MINOR: protocols: register the ->add function and stop calling them directly - MINOR: unix: remove the now unused proto_uxst.h file - MINOR: listeners: new function create_listeners - MINOR: listeners: make listeners count consistent with reality - MEDIUM: session: take care of incrementing/decrementing jobs - MINOR: listener: new function listener_release - MINOR: session: small cleanup of conn_complete_session() - MEDIUM: session: factor out duplicated code for conn_complete_session - MEDIUM: session: count the frontend's connections at a single place - BUG/MEDIUM: compression: Fix check on txn in smp_fetch_res_comp_algo - BUG/MINOR: compression: Check response headers before http-response rules eval - BUG/MINOR: spoe: Don't rely on SPOE ctx in debug message when its creation failed - BUG/MINOR: dns: Fix check on nameserver in snr_resolution_cb - MINOR: ssl: Remove useless checks on bind_conf or bind_conf->is_ssl - BUG/MINOR: contrib/mod_defender: close the va_list argp before return - BUG/MINOR: contrib/modsecurity: close the va_list ap before return - MINOR: tools: make my_htonll() more efficient on x86_64 - MINOR: buffer: add b_del() to delete a number of characters - MINOR: buffer: add b_end() and b_to_end() - MINOR: net_helper: add functions to read from vectors - MINOR: net_helper: add write functions - MINOR: net_helper: add 64-bit read/write functions - MINOR: connection: adjust CO_FL_NOTIFY_DATA after removal of flags - MINOR: ist: add a macro to ease const array initialization - BUG/MEDIUM: server: unwanted behavior leaving maintenance mode on tracked stopping server - BUG/MEDIUM: server: unwanted behavior leaving maintenance mode on tracked stopping server (take2) - BUG/MINOR: log: fixing small memory leak in error code path. - BUG/MINOR: contrib/halog: fixing small memory leak - BUG/MEDIUM: tcp/http: set-dst-port action broken - CLEANUUP: checks: don't set conn->handle.fd to -1 - BUG/MEDIUM: tcp-check: properly indicate polling state before performing I/O - BUG/MINOR: tcp-check: don't quit with pending data in the send buffer - BUG/MEDIUM: tcp-check: don't call tcpcheck_main() from the I/O handlers! - BUG/MINOR: unix: properly check for octal digits in the "mode" argument - MINOR: checks: make chk_report_conn_err() take a check, not a connection - CLEANUP: checks: remove misleading comments and statuses for external process - CLEANUP: checks: don't report report the fork() error twice - CLEANUP: checks: do not allocate a connection for process checks - TESTS: checks: add a simple test config for external checks - BUG/MINOR: tcp-check: don't initialize then break a connection starting with a comment - TESTS: checks: add a simple test config for tcp-checks - MINOR: tcp-check: make tcpcheck_main() take a check, not a connection - MINOR: checks: don't create then kill a dummy connection before tcp-checks - MEDIUM: checks: make tcpcheck_main() indicate if it recycled a connection - MEDIUM: checks: do not allocate a permanent connection anymore - BUG/MEDIUM: cli: fix "show fd" crash when dumping closed FDs - BUG/MEDIUM: http: Return an error when url_dec sample converter failed - BUG/MAJOR: stream-int: don't re-arm recv if send fails - BUILD/MINOR: 51d: fix warning when building with 51Degrees release version 3.2.12.12 - DOC: 51d: add 51Degrees git URL that points to release version 3.2.12.12 - DOC: 51d: Updated git URL and instructions for getting Hash Trie data files. - MINOR: compiler: restore the likely() wrapper for gcc 5.x - MINOR: session: remove the list of streams from struct session - DOC: fix some typos - MINOR: server: add the srv_queue() sample fetch method - MINOR: payload: add new sample fetch functions to process distcc protocol - MAJOR: servers: propagate server status changes asynchronously. - BUG/MEDIUM: ssl: fix OCSP expiry calculation - BUG/MINOR: stream-int: don't set MSG_MORE on SHUTW_NOW without AUTO_CLOSE - MINOR: server: Handle weight increase in consistent hash. - MINOR: checks: Add a new keyword to specify a SNI when doing SSL checks. - BUG/MINOR: tools: fix my_htonll() on x86_64 - BUG/MINOR: stats: Clear a bit more counters with in cli_parse_clear_counters(). - BUG/MAJOR: lua: scheduled task is freezing. - MINOR: buffer: add bo_del() to delete a number of characters from output - MINOR: buffer: add a function to match against string patterns - MINOR: buffer: add two functions to inject data into buffers - MINOR: buffer: add buffer_space_wraps() - REORG: channel: finally rename the last bi_* / bo_* functions - MINOR: buffer: add bo_getblk() and bo_getblk_nc() - MINOR: channel: make use of bo_getblk{,_nc} for their channel equivalents - MINOR: channel: make the channel be a const in all {ci,co}_get* functions - MINOR: ist: add ist0() to add a trailing zero to a string. - BUG/MEDIUM: log: check result details truncated. - MINOR: buffer: make bo_getblk_nc() not return 2 for a full buffer - REORG: http: move some very http1-specific parts to h1.{c,h} - REORG: http: move the HTTP/1 chunk parser to h1.{c,h} - REORG: http: move the HTTP/1 header block parser to h1.c - MEDIUM: http: make the chunk size parser only depend on the buffer - MEDIUM: http: make the chunk crlf parser only depend on the buffer - MINOR: h1: add struct h1m for basic HTTP/1 messages - MINOR: http: add very simple header management based on double strings - MEDIUM: h1: reimplement the http/1 response parser for the gateway - REORG: connection: rename CO_FL_DATA_* -> CO_FL_XPRT_* - MEDIUM: connection: make conn_sock_shutw() aware of lingering - MINOR: connection: ensure conn_ctrl_close() also resets the fd - MINOR: connection: add conn_stop_tracking() to disable tracking - MINOR: tcp: use conn_full_close() instead of conn_force_close() - MINOR: unix: use conn_full_close() instead of conn_force_close() - MINOR: checks: use conn_full_close() instead of conn_force_close() - MINOR: session: use conn_full_close() instead of conn_force_close() - MINOR: stream: use conn_full_close() instead of conn_force_close() - MINOR: stream: use conn_full_close() instead of conn_force_close() - MINOR: backend: use conn_full_close() instead of conn_force_close() - MINOR: stream-int: use conn_full_close() instead of conn_force_close() - MINOR: connection: remove conn_force_close() - BUG/MINOR: ssl: ocsp response with 'revoked' status is correct |
||
Willy Tarreau
|
f57a29a1cd |
[RELEASE] Released version 1.8-dev2
Released version 1.8-dev2 with the following main changes : - CLEANUP: server: moving netinet/tcp.h inclusion - DOC: changed "block"(deprecated) examples to http-request deny - DOC: add few comments to examples. - DOC: update sample code for PROXY protocol - DOC: mention lighttpd 1.4.46 implements PROXY - MINOR server: Restrict dynamic cookie check to the same proxy. - DOC: stick-table is available in frontend sections - BUG/MINOR: server : no transparent proxy for DragonflyBSD - BUILD/MINOR: stats: remove unexpected argument to stats_dump_json_header() - BUILD/MINOR: tools: fix build warning in debug_hexdump() - BUG/MINOR: dns: Wrong address family used when creating IPv6 sockets. - BUG/MINOR: config: missing goto out after parsing an incorrect ACL character - BUG/MINOR: arg: don't try to add an argument on failed memory allocation - MEDIUM: server: Inherit CLI weight changes and agent-check weight responses - BUG/MEDIUM: arg: ensure that we properly unlink unresolved arguments on error - BUG/MEDIUM: acl: don't free unresolved args in prune_acl_expr() - BUG/MEDIUM: servers: unbreak server weight propagation - MINOR: lua: ensure the memory allocator is used all the time - MINOR: cli: Add a command to send listening sockets. - MINOR: global: Add an option to get the old listening sockets. - MINOR: tcp: When binding socket, attempt to reuse one from the old proc. - MINOR: doc: document the -x flag - MINOR: proxy: Don't close FDs if not our proxy. - MINOR: socket transfer: Set a timeout on the socket. - MINOR: systemd wrapper: add support for passing the -x option. - BUG/MINOR: server: Fix a wrong error message during 'usesrc' keyword parsing. - BUG/MAJOR: Broken parsing for valid keywords provided after 'source' setting. - CLEANUP: logs: typo: simgle => single - BUG/MEDIUM: acl: proprely release unused args in prune_acl_expr() - MEDIUM: config: don't check config validity when there are fatal errors - BUG/MAJOR: Use -fwrapv. - BUG/MINOR: server: don't use "proxy" when px is really meant. - BUG/MEDIUM: http: Drop the connection establishment when a redirect is performed - BUG/MINOR: server: missing default server 'resolvers' setting duplication. - MINOR: server: Extract the code responsible of copying default-server settings. - MINOR: server: Extract the code which finalizes server initializations after 'server' lines parsing. - MINOR: server: Add 'server-template' new keyword supported in backend sections. - MINOR: server: Add server_template_init() function to initialize servers from a templates. - DOC: Add documentation for new "server-template" keyword. - DOC: add layer 4 links/cross reference to "block" keyword. - DOC: errloc/errorloc302/errorloc303 missing status codes. - BUG/MEDIUM: lua: memory leak - CLEANUP: lua: remove test - BUG/MINOR: hash-balance-factor isn't effective in certain circumstances - BUG/MINOR: change header-declared function to static inline - REORG: spoe: move spoe_encode_varint / spoe_decode_varint from spoe to common - MINOR: Add binary encoding request header sample fetch - MINOR: proto-http: Add sample fetch wich returns all HTTP headers - MINOR: Add ModSecurity wrapper as contrib - BUG/MINOR: ssl: fix warnings about methods for opensslv1.1. - DOC: update RFC references - CONTRIB: tcploop: add action "X" to execute a command - MINOR: server: cli: Add server FQDNs to server-state file and stats socket. - BUG/MINOR: contrib/mod_security: fix build on FreeBSD - BUG/MINOR: checks: don't send proxy protocol with agent checks - MINOR: ssl: add prefer-client-ciphers - MEDIUM: ssl: revert ssl/tls version settings relative to default-server. - MEDIUM: ssl: ssl_methods implementation is reworked and factored for min/max tlsxx - MEDIUM: ssl: calculate the real min/max TLS version and find holes - MINOR: ssl: support TLSv1.3 for bind and server - MINOR: ssl: show methods supported by openssl - MEDIUM: ssl: add ssl-min-ver and ssl-max-ver parameters for bind and server - MEDIUM: ssl: ssl-min-ver and ssl-max-ver compatibility. - CLEANUP: retire obsoleted USE_GETSOCKNAME build option - BUG/MAJOR: dns: Broken kqueue events handling (BSD systems). - MINOR: sample: Add b64dec sample converter - BUG/MEDIUM: lua: segfault if a converter or a sample doesn't return anything - MINOR: cli: add ACCESS_LVL_MASK to store the access level - MINOR: cli: add 'expose-fd listeners' to pass listeners FDs - MEDIUM: proxy: zombify proxies only when the expose-fd socket is bound - MEDIUM: ssl: add basic support for OpenSSL crypto engine - MAJOR: ssl: add openssl async mode support - MEDIUM: ssl: handle multiple async engines - MINOR: boringssl: basic support for OCSP Stapling - MEDIUM: mworker: replace systemd mode by master worker mode - MEDIUM: mworker: handle reload and signals - MEDIUM: mworker: wait mode on reload failure - MEDIUM: mworker: try to guess the next stats socket to use with -x - MEDIUM: mworker: exit-on-failure option - MEDIUM: mworker: workers exit when the master leaves - DOC: add documentation for the master-worker mode - MEDIUM: systemd: Type=forking in unit file - MAJOR: systemd-wrapper: get rid of the wrapper - MINOR: log: Add logurilen tunable. - CLEANUP: server.c: missing prototype of srv_free_dns_resolution - MINOR: dns: smallest DNS fqdn size - MINOR: dns: functions to manage memory for a DNS resolution structure - MINOR: dns: parse_server() now uses srv_alloc_dns_resolution() - REORG: dns: dns_option structure, storage of hostname_dn - MINOR: dns: new snr_check_ip_callback function - MAJOR: dns: save a copy of the DNS response in struct resolution - MINOR: dns: implement a LRU cache for DNS resolutions - MINOR: dns: make 'ancount' field to match the number of saved records - MINOR: dns: introduce roundrobin into the internal cache (WIP) - MAJOR/REORG: dns: DNS resolution task and requester queues - BUILD: ssl: fix build with OPENSSL_NO_ENGINE - MINOR: Add Mod Defender integration as contrib - CLEANUP: str2mask return code comment: non-zero -> zero. - MINOR: tools: make debug_hexdump() use a const char for the string - MINOR: tools: make debug_hexdump() take a string prefix - CLEANUP: connection: remove unused CO_FL_WAIT_DATA |
||
Willy Tarreau
|
7b677265fd |
[RELEASE] Released version 1.8-dev1
Released version 1.8-dev1 with the following main changes : - BUG/MEDIUM: proxy: return "none" and "unknown" for unknown LB algos - BUG/MINOR: stats: make field_str() return an empty string on NULL - DOC: Spelling fixes - BUG/MEDIUM: http: Fix tunnel mode when the CONNECT method is used - BUG/MINOR: http: Keep the same behavior between 1.6 and 1.7 for tunneled txn - BUG/MINOR: filters: Protect args in macros HAS_DATA_FILTERS and IS_DATA_FILTER - BUG/MINOR: filters: Invert evaluation order of HTTP_XFER_BODY and XFER_DATA analyzers - BUG/MINOR: http: Call XFER_DATA analyzer when HTTP txn is switched in tunnel mode - BUG/MAJOR: stream: fix session abort on resource shortage - OPTIM: stream-int: don't disable polling anymore on DONT_READ - BUG/MINOR: cli: allow the backslash to be escaped on the CLI - BUG/MEDIUM: cli: fix "show stat resolvers" and "show tls-keys" - DOC: Fix map table's format - DOC: Added 51Degrees conv and fetch functions to documentation. - BUG/MINOR: http: don't send an extra CRLF after a Set-Cookie in a redirect - DOC: mention that req_tot is for both frontends and backends - BUG/MEDIUM: variables: some variable name can hide another ones - MINOR: lua: Allow argument for actions - BUILD: rearrange target files by build time - CLEANUP: hlua: just indent functions - MINOR: lua: give HAProxy variable access to the applets - BUG/MINOR: stats: fix be/sessions/max output in html stats - MINOR: proxy: Add fe_name/be_name fetchers next to existing fe_id/be_id - DOC: lua: Documentation about some entry missing - DOC: lua: Add documentation about variable manipulation from applet - MINOR: Do not forward the header "Expect: 100-continue" when the option http-buffer-request is set - DOC: Add undocumented argument of the trace filter - DOC: Fix some typo in SPOE documentation - MINOR: cli: Remove useless call to bi_putchk - BUG/MINOR: cli: be sure to always warn the cli applet when input buffer is full - MINOR: applet: Count number of (active) applets - MINOR: task: Rename run_queue and run_queue_cur counters - BUG/MEDIUM: stream: Save unprocessed events for a stream - BUG/MAJOR: Fix how the list of entities waiting for a buffer is handled - BUILD/MEDIUM: Fixing the build using LibreSSL - BUG/MEDIUM: lua: In some case, the return of sample-fetches is ignored (2) - SCRIPTS: git-show-backports: fix a harmless typo - SCRIPTS: git-show-backports: add -H to use the hash of the commit message - BUG/MINOR: stream-int: automatically release SI_FL_WAIT_DATA on SHUTW_NOW - CLEANUP: applet/lua: create a dedicated ->fcn entry in hlua_cli context - CLEANUP: applet/table: add an "action" entry in ->table context - CLEANUP: applet: remove the now unused appctx->private field - DOC: lua: documentation about time parser functions - DOC: lua: improve links - DOC: lua: section declared twice - MEDIUM: cli: 'show cli sockets' list the CLI sockets - BUG/MINOR: cli: "show cli sockets" wouldn't list all processes - BUG/MINOR: cli: "show cli sockets" would always report process 64 - CLEANUP: lua: rename one of the lua appctx union - BUG/MINOR: lua/cli: bad error message - MEDIUM: lua: use memory pool for hlua struct in applets - MINOR: lua/signals: Remove Lua part from signals. - DOC: cli: show cli sockets - MINOR: cli: automatically enable a CLI I/O handler when there's no parser - CLEANUP: memory: remove the now unused cli_parse_show_pools() function - CLEANUP: applet: group all CLI contexts together - CLEANUP: stats: move a misplaced stats context initialization - MINOR: cli: add two general purpose pointers and integers in the CLI struct - MINOR: appctx/cli: remove the cli_socket entry from the appctx union - MINOR: appctx/cli: remove the env entry from the appctx union - MINOR: appctx/cli: remove the "be" entry from the appctx union - MINOR: appctx/cli: remove the "dns" entry from the appctx union - MINOR: appctx/cli: remove the "server_state" entry from the appctx union - MINOR: appctx/cli: remove the "tlskeys" entry from the appctx union - CONTRIB: tcploop: add limits.h to fix build issue with some compilers - MINOR/DOC: lua: just precise one thing - DOC: fix small typo in fe_id (backend instead of frontend) - BUG/MINOR: Fix the sending function in Lua's cosocket - BUG/MINOR: lua: memory leak executing tasks - BUG/MINOR: lua: bad return code - BUG/MINOR: lua: memleak when Lua/cli fails - MEDIUM: lua: remove Lua struct from session, and allocate it with memory pools - CLEANUP: haproxy: statify unexported functions - MINOR: haproxy: add a registration for build options - CLEANUP: wurfl: use the build options list to report it - CLEANUP: 51d: use the build options list to report it - CLEANUP: da: use the build options list to report it - CLEANUP: namespaces: use the build options list to report it - CLEANUP: tcp: use the build options list to report transparent modes - CLEANUP: lua: use the build options list to report it - CLEANUP: regex: use the build options list to report the regex type - CLEANUP: ssl: use the build options list to report the SSL details - CLEANUP: compression: use the build options list to report the algos - CLEANUP: auth: use the build options list to report its support - MINOR: haproxy: add a registration for post-check functions - CLEANUP: checks: make use of the post-init registration to start checks - CLEANUP: filters: use the function registration to initialize all proxies - CLEANUP: wurfl: make use of the late init registration - CLEANUP: 51d: make use of the late init registration - CLEANUP: da: make use of the late init registration code - MINOR: haproxy: add a registration for post-deinit functions - CLEANUP: wurfl: register the deinit function via the dedicated list - CLEANUP: 51d: register the deinitialization function - CLEANUP: da: register the deinitialization function - CLEANUP: wurfl: move global settings out of the global section - CLEANUP: 51d: move global settings out of the global section - CLEANUP: da: move global settings out of the global section - MINOR: cfgparse: add two new functions to check arguments count - MINOR: cfgparse: move parsing of "ca-base" and "crt-base" to ssl_sock - MEDIUM: cfgparse: move all tune.ssl.* keywords to ssl_sock - MEDIUM: cfgparse: move maxsslconn parsing to ssl_sock - MINOR: cfgparse: move parsing of ssl-default-{bind,server}-ciphers to ssl_sock - MEDIUM: cfgparse: move ssl-dh-param-file parsing to ssl_sock - MEDIUM: compression: move the zlib-specific stuff from global.h to compression.c - BUG/MEDIUM: ssl: properly reset the reused_sess during a forced handshake - BUG/MEDIUM: ssl: avoid double free when releasing bind_confs - BUG/MINOR: stats: fix be/sessions/current out in typed stats - MINOR: tcp-rules: check that the listener exists before updating its counters - MEDIUM: spoe: don't create a dummy listener for outgoing connections - MINOR: listener: move the transport layer pointer to the bind_conf - MEDIUM: move listener->frontend to bind_conf->frontend - MEDIUM: ssl: remote the proxy argument from most functions - MINOR: connection: add a new prepare_bind_conf() entry to xprt_ops - MEDIUM: ssl_sock: implement ssl_sock_prepare_bind_conf() - MINOR: connection: add a new destroy_bind_conf() entry to xprt_ops - MINOR: ssl_sock: implement ssl_sock_destroy_bind_conf() - MINOR: server: move the use_ssl field out of the ifdef USE_OPENSSL - MINOR: connection: add a minimal transport layer registration system - CLEANUP: connection: remove all direct references to raw_sock and ssl_sock - CLEANUP: connection: unexport raw_sock and ssl_sock - MINOR: connection: add new prepare_srv()/destroy_srv() entries to xprt_ops - MINOR: ssl_sock: implement and use prepare_srv()/destroy_srv() - CLEANUP: ssl: move tlskeys_finalize_config() to a post_check callback - CLEANUP: ssl: move most ssl-specific global settings to ssl_sock.c - BUG/MINOR: backend: nbsrv() should return 0 if backend is disabled - BUG/MEDIUM: ssl: for a handshake when server-side SNI changes - BUG/MINOR: systemd: potential zombie processes - DOC: Add timings events schemas - BUILD: lua: build failed on FreeBSD. - MINOR: samples: add xx-hash functions - MEDIUM: regex: pcre2 support - BUG/MINOR: option prefer-last-server must be ignored in some case - MINOR: stats: Support "select all" for backend actions - BUG/MINOR: sample-fetches/stick-tables: bad type for the sample fetches sc*_get_gpt0 - BUG/MAJOR: channel: Fix the definition order of channel analyzers - BUG/MINOR: http: report real parser state in error captures - BUILD: scripts: automatically update the branch in version.h when releasing - MINOR: tools: add a generic hexdump function for debugging - BUG/MAJOR: http: fix risk of getting invalid reports of bad requests - MINOR: http: custom status reason. - MINOR: connection: add sample fetch "fc_rcvd_proxy" - BUG/MINOR: config: emit a warning if http-reuse is enabled with incompatible options - BUG/MINOR: tools: fix off-by-one in port size check - BUG/MEDIUM: server: consider AF_UNSPEC as a valid address family - MEDIUM: server: split the address and the port into two different fields - MINOR: tools: make str2sa_range() return the port in a separate argument - MINOR: server: take the destination port from the port field, not the addr - MEDIUM: server: disable protocol validations when the server doesn't resolve - BUG/MEDIUM: tools: do not force an unresolved address to AF_INET:0.0.0.0 - BUG/MINOR: ssl: EVP_PKEY must be freed after X509_get_pubkey usage - BUG/MINOR: ssl: assert on SSL_set_shutdown with BoringSSL - MINOR: Use "500 Internal Server Error" for 500 error/status code message. - MINOR: proto_http.c 502 error txt typo. - DOC: add deprecation notice to "block" - MINOR: compression: fix -vv output without zlib/slz - BUG/MINOR: Reset errno variable before calling strtol(3) - MINOR: ssl: don't show prefer-server-ciphers output - OPTIM/MINOR: config: Optimize fullconn automatic computation loading configuration - BUG/MINOR: stream: Fix how backend-specific analyzers are set on a stream - MAJOR: ssl: bind configuration per certificat - MINOR: ssl: add curve suite for ECDHE negotiation - MINOR: checks: Add agent-addr config directive - MINOR: cli: Add possiblity to change agent config via CLI/socket - MINOR: doc: Add docs for agent-addr configuration variable - MINOR: doc: Add docs for agent-addr and agent-send CLI commands - BUILD: ssl: fix to build (again) with boringssl - BUILD: ssl: fix build on OpenSSL 1.0.0 - BUILD: ssl: silence a warning reported for ERR_remove_state() - BUILD: ssl: eliminate warning with OpenSSL 1.1.0 regarding RAND_pseudo_bytes() - BUILD: ssl: kill a build warning introduced by BoringSSL compatibility - BUG/MEDIUM: tcp: don't poll for write when connect() succeeds - BUG/MINOR: unix: fix connect's polling in case no data are scheduled - MINOR: server: extend the flags to 32 bits - BUG/MINOR: lua: Map.end are not reliable because "end" is a reserved keyword - MINOR: dns: give ability to dns_init_resolvers() to close a socket when requested - BUG/MAJOR: dns: restart sockets after fork() - MINOR: chunks: implement a simple dynamic allocator for trash buffers - BUG/MEDIUM: http: prevent redirect from overwriting a buffer - BUG/MEDIUM: filters: Do not truncate HTTP response when body length is undefined - BUG/MEDIUM: http: Prevent replace-header from overwriting a buffer - BUG/MINOR: http: Return an error when a replace-header rule failed on the response - BUG/MINOR: sendmail: The return of vsnprintf is not cleanly tested - BUG/MAJOR: ssl: fix a regression in ssl_sock_shutw() - BUG/MAJOR: lua segmentation fault when the request is like 'GET ?arg=val HTTP/1.1' - BUG/MEDIUM: config: reject anything but "if" or "unless" after a use-backend rule - MINOR: http: don't close when redirect location doesn't start with "/" - MEDIUM: boringssl: support native multi-cert selection without bundling - BUG/MEDIUM: ssl: fix verify/ca-file per certificate - BUG/MEDIUM: ssl: switchctx should not return SSL_TLSEXT_ERR_ALERT_WARNING - MINOR: ssl: removes SSL_CTX_set_ssl_version call and cleanup CTX creation. - BUILD: ssl: fix build with -DOPENSSL_NO_DH - MEDIUM: ssl: add new sample-fetch which captures the cipherlist - MEDIUM: ssl: remove ssl-options from crt-list - BUG/MEDIUM: ssl: in bind line, ssl-options after 'crt' are ignored. - BUG/MINOR: ssl: fix cipherlist captures with sustainable SSL calls - MINOR: ssl: improved cipherlist captures - BUG/MINOR: spoe: Fix soft stop handler using a specific id for spoe filters - BUG/MINOR: spoe: Fix parsing of arguments in spoe-message section - MAJOR: spoe: Add support of pipelined and asynchronous exchanges with agents - MINOR: spoe: Add support for pipelining/async capabilities in the SPOA example - MINOR: spoe: Remove SPOE details from the appctx structure - MINOR: spoe: Add status code in error variable instead of hardcoded value - MINOR: spoe: Send a log message when an error occurred during event processing - MINOR: spoe: Check the scope of sample fetches used in SPOE messages - MEDIUM: spoe: Be sure to wakeup the good entity waiting for a buffer - MINOR: spoe: Use the min of all known max_frame_size to encode messages - MAJOR: spoe: Add support of payload fragmentation in NOTIFY frames - MINOR: spoe: Add support for fragmentation capability in the SPOA example - MAJOR: spoe: refactor the filter to clean up the code - MINOR: spoe: Handle NOTIFY frames cancellation using ABORT bit in ACK frames - REORG: spoe: Move struct and enum definitions in dedicated header file - REORG: spoe: Move low-level encoding/decoding functions in dedicated header file - MINOR: spoe: Improve implementation of the payload fragmentation - MINOR: spoe: Add support of negation for options in SPOE configuration file - MINOR: spoe: Add "pipelining" and "async" options in spoe-agent section - MINOR: spoe: Rely on alertif_too_many_arg during configuration parsing - MINOR: spoe: Add "send-frag-payload" option in spoe-agent section - MINOR: spoe: Add "max-frame-size" statement in spoe-agent section - DOC: spoe: Update SPOE documentation to reflect recent changes - MINOR: config: warn when some HTTP rules are used in a TCP proxy - BUG/MEDIUM: ssl: Clear OpenSSL error stack after trying to parse OCSP file - BUG/MEDIUM: cli: Prevent double free in CLI ACL lookup - BUG/MINOR: Fix "get map <map> <value>" CLI command - MINOR: Add nbsrv sample converter - CLEANUP: Replace repeated code to count usable servers with be_usable_srv() - MINOR: Add hostname sample fetch - CLEANUP: Remove comment that's no longer valid - MEDIUM: http_error_message: txn->status / http_get_status_idx. - MINOR: http-request tarpit deny_status. - CLEANUP: http: make http_server_error() not set the status anymore - MEDIUM: stats: Add JSON output option to show (info|stat) - MEDIUM: stats: Add show json schema - BUG/MAJOR: connection: update CO_FL_CONNECTED before calling the data layer - MINOR: server: Add dynamic session cookies. - MINOR: cli: Let configure the dynamic cookies from the cli. - BUG/MINOR: checks: attempt clean shutw for SSL check - CONTRIB: tcploop: make it build on FreeBSD - CONTRIB: tcploop: fix time format to silence build warnings - CONTRIB: tcploop: report action 'K' (kill) in usage message - CONTRIB: tcploop: fix connect's address length - CONTRIB: tcploop: use the trash instead of NULL for recv() - BUG/MEDIUM: listener: do not try to rebind another process' socket - BUG/MEDIUM server: Fix crash when dynamic is defined, but not key is provided. - CLEANUP: config: Typo in comment. - BUG/MEDIUM: filters: Fix channels synchronization in flt_end_analyze - TESTS: add a test configuration to stress handshake combinations - BUG/MAJOR: stream-int: do not depend on connection flags to detect connection - BUG/MEDIUM: connection: ensure to always report the end of handshakes - MEDIUM: connection: don't test for CO_FL_WAKE_DATA - CLEANUP: connection: completely remove CO_FL_WAKE_DATA - BUG: payload: fix payload not retrieving arbitrary lengths - BUILD: ssl: simplify SSL_CTX_set_ecdh_auto compatibility - BUILD: ssl: fix OPENSSL_NO_SSL_TRACE for boringssl and libressl - BUG/MAJOR: http: fix typo in http_apply_redirect_rule - MINOR: doc: 2.4. Examples should be 2.5. Examples - BUG/MEDIUM: stream: fix client-fin/server-fin handling - MINOR: fd: add a new flag HAP_POLL_F_RDHUP to struct poller - BUG/MINOR: raw_sock: always perfom the last recv if RDHUP is not available - OPTIM: poll: enable support for POLLRDHUP - MINOR: kqueue: exclusively rely on the kqueue returned status - MEDIUM: kqueue: take care of EV_EOF to improve polling status accuracy - MEDIUM: kqueue: only set FD_POLL_IN when there are pending data - DOC/MINOR: Fix typos in proxy protocol doc - DOC: Protocol doc: add checksum, TLV type ranges - DOC: Protocol doc: add SSL TLVs, rename CHECKSUM - DOC: Protocol doc: add noop TLV - MEDIUM: global: add a 'hard-stop-after' option to cap the soft-stop time - MINOR: dns: improve DNS response parsing to use as many available records as possible - BUG/MINOR: cfgparse: loop in tracked servers lists not detected by check_config_validity(). - MINOR: server: irrelevant error message with 'default-server' config file keyword. - MINOR: server: Make 'default-server' support 'backup' keyword. - MINOR: server: Make 'default-server' support 'check-send-proxy' keyword. - CLEANUP: server: code alignement. - MINOR: server: Make 'default-server' support 'non-stick' keyword. - MINOR: server: Make 'default-server' support 'send-proxy' and 'send-proxy-v2 keywords. - MINOR: server: Make 'default-server' support 'check-ssl' keyword. - MINOR: server: Make 'default-server' support 'force-sslv3' and 'force-tlsv1[0-2]' keywords. - CLEANUP: server: code alignement. - MINOR: server: Make 'default-server' support 'no-ssl*' and 'no-tlsv*' keywords. - MINOR: server: Make 'default-server' support 'ssl' keyword. - MINOR: server: Make 'default-server' support 'send-proxy-v2-ssl*' keywords. - CLEANUP: server: code alignement. - MINOR: server: Make 'default-server' support 'verify' keyword. - MINOR: server: Make 'default-server' support 'verifyhost' setting. - MINOR: server: Make 'default-server' support 'check' keyword. - MINOR: server: Make 'default-server' support 'track' setting. - MINOR: server: Make 'default-server' support 'ca-file', 'crl-file' and 'crt' settings. - MINOR: server: Make 'default-server' support 'redir' keyword. - MINOR: server: Make 'default-server' support 'observe' keyword. - MINOR: server: Make 'default-server' support 'cookie' keyword. - MINOR: server: Make 'default-server' support 'ciphers' keyword. - MINOR: server: Make 'default-server' support 'tcp-ut' keyword. - MINOR: server: Make 'default-server' support 'namespace' keyword. - MINOR: server: Make 'default-server' support 'source' keyword. - MINOR: server: Make 'default-server' support 'sni' keyword. - MINOR: server: Make 'default-server' support 'addr' keyword. - MINOR: server: Make 'default-server' support 'disabled' keyword. - MINOR: server: Add 'no-agent-check' server keyword. - DOC: server: Add docs for "server" and "default-server" new "no-*" and other settings. - MINOR: doc: fix use-server example (imap vs mail) - BUG/MEDIUM: tcp: don't require privileges to bind to device - BUILD: make the release script use shortlog for the final changelog - BUILD: scripts: fix typo in announce-release error message - CLEANUP: time: curr_sec_ms doesn't need to be exported - BUG/MEDIUM: server: Wrong server default CRT filenames initialization. - BUG/MEDIUM: peers: fix buffer overflow control in intdecode. - BUG/MEDIUM: buffers: Fix how input/output data are injected into buffers - BUG/MINOR: http: Fix conditions to clean up a txn and to handle the next request - CLEANUP: http: Remove channel_congested function - CLEANUP: buffers: Remove buffer_bounce_realign function - CLEANUP: buffers: Remove buffer_contig_area and buffer_work_area functions - MINOR: http: remove useless check on HTTP_MSGF_XFER_LEN for the request - MINOR: http: Add debug messages when HTTP body analyzers are called - BUG/MEDIUM: http: Fix blocked HTTP/1.0 responses when compression is enabled - BUG/MINOR: filters: Don't force the stream's wakeup when we wait in flt_end_analyze - DOC: fix parenthesis and add missing "Example" tags - DOC: update the contributing file - DOC: log-format/tcplog/httplog update - MINOR: config parsing: add warning when log-format/tcplog/httplog is overriden in "defaults" sections |
||
Willy Tarreau
|
0e658fb051 |
[RELEASE] Released version 1.8-dev0
Released version 1.8-dev0 with the following main changes : - exact copy of 1.7.0 |
||
Willy Tarreau
|
e59fcdd25e |
[RELEASE] Released version 1.7.0
Released version 1.7.0 with the following main changes : - SCRIPTS: make publish-release also copy the new SPOE doc - BUILD: http: include types/sample.h in proto_http.h - BUILD: debug/flags: remove test for SF_COMP_READY - CONTRIB: debug/flags: add check for SF_ERR_CHK_PORT - MINOR: lua: add function which return true if the channel is full. - MINOR: lua: add ip addresses and network manipulation function - CONTRIB: tcploop: scriptable TCP I/O for debugging purposes - CONTRIB: tcploop: implement fork() - CONTRIB: tcploop: implement logging when called with -v - CONTRIB: tcploop: update the usage output - CONTRIB: tcploop: support sending plain strings - CONTRIB: tcploop: don't report failed send() or recv() - CONTRIB: tcploop: add basic loops via a jump instruction - BUG/MEDIUM: channel: bad unlikely macro - CLEANUP: lua: move comment - CLEANUP: lua: control executed twice - BUG/MEDIUM: ssl: Store certificate filename in a variable - BUG/MINOR: ssl: Print correct filename when error occurs reading OCSP - CLEANUP: ssl: Remove goto after return dead code - CLEANUP: ssl: Fix bind keywords name in comments - DOC: ssl: Use correct wording for ca-sign-pass - CLEANUP: lua: avoid directly calling getsockname/getpeername() - BUG/MINOR: stick-table: handle out-of-memory condition gracefully - MINOR: cli: add private pointer and release function - MEDIUM: lua: Add cli handler for Lua - BUG/MEDIUM: connection: check the control layer before stopping polling - DEBUG: connection: mark the closed FDs with a value that is easier to detect - BUG/MEDIUM: stick-table: fix regression caused by recent fix for out-of-memory - BUG/MINOR: cli: properly decrement ref count on tables during failed dumps - BUG/MEDIUM: lua: In some case, the return of sample-fetche is ignored - MINOR: filters: Add check_timeouts callback to handle timers expiration on streams - MINOR: spoe: Add 'timeout processing' option to limit time to process an event - MINOR: spoe: Remove useless 'timeout ack' option - MINOR: spoe: Add 'option continue-on-error' statement in spoe-agent section - MINOR: spoe: Add "maxconnrate" and "maxerrrate" statements - MINOR: spoe: Add "option set-on-error" statement - MINOR: stats: correct documentation of process ID for typed output - BUILD: contrib: fix ip6range build on Centos 7 - BUILD: fix build on Solaris 10/11 - BUG/MINOR: cli: fix pointer size when reporting data/transport layer name - BUG/MINOR: cli: dequeue from the proxy when changing a maxconn - BUG/MINOR: cli: wake up the CLI's task after a timeout update - MINOR: connection: add a few functions to report the data and xprt layers' names - MINOR: connection: add names for transport and data layers - REORG: cli: split dumpstats.c in src/cli.c and src/stats.c - REORG: cli: split dumpstats.h in stats.h and cli.h - REORG: cli: move ssl CLI functions to ssl_sock.c - REORG: cli: move map and acl code to map.c - REORG: cli: move show stat resolvers to dns.c - MINOR: cli: create new function cli_has_level() to validate permissions - MINOR: server: create new function cli_find_server() to find a server - MINOR: proxy: create new function cli_find_frontend() to find a frontend - REORG: cli: move 'set server' to server.c - REORG: cli: move 'show pools' to memory.c - REORG: cli: move 'show servers' to proxy.c - REORG: cli: move 'show sess' to stream.c - REORG: cli: move 'show backend' to proxy.c - REORG: cli: move get/set weight to server.c - REORG: cli: move "show stat" to stats.c - REORG: cli: move "show info" to stats.c - REORG: cli: move dump_text(), dump_text_line(), and dump_binary() to standard.c - REORG: cli: move table dump/clear/set to stick_table.c - REORG: cli: move "show errors" out of cli.c - REORG: cli: make "show env" also use the generic keyword registration - REORG: cli: move "set timeout" to its own handler - REORG: cli: move "clear counters" to stats.c - REORG: cli: move "set maxconn global" to its own handler - REORG: cli: move "set maxconn server" to server.c - REORG: cli: move "set maxconn frontend" to proxy.c - REORG: cli: move "shutdown sessions server" to stream.c - REORG: cli: move "shutdown session" to stream.c - REORG: cli: move "shutdown frontend" to proxy.c - REORG: cli: move "{enable|disable} frontend" to proxy.c - REORG: cli: move "{enable|disable} server" to server.c - REORG: cli: move "{enable|disable} health" to server.c - REORG: cli: move "{enable|disable} agent" to server.c - REORG: cli: move the "set rate-limit" functions to their own parser - CLEANUP: cli: rename STAT_CLI_* to CLI_ST_* - CLEANUP: cli: simplify the request parser a little bit - CLEANUP: cli: remove assignments to st0 and st2 in keyword parsers - BUILD: server: remove a build warning introduced by latest series - BUG/MINOR: log-format: uncatched memory allocation functions - CLEANUP: log-format: useless file and line in json converter - CLEANUP/MINOR: log-format: unexport functions parse_logformat_var_args() and parse_logformat_var() - CLEANUP: log-format: fix return code of the function parse_logformat_var() - CLEANUP: log-format: fix return code of function parse_logformat_var_args() - CLEANUP: log-format: remove unused arguments - MEDIUM: log-format: strict parsing and enable fail - MEDIUM: log-format/conf: take into account the parse_logformat_string() return code - BUILD: ssl: make the SSL layer build again with openssl 0.9.8 - BUILD: vars: remove a build warning on vars.c - MINOR: lua: add utility function for check boolean argument - MINOR: lua: Add tokenize function. - BUG/MINOR: conf: calloc untested - MINOR: http/conf: store the use_backend configuration file and line for logs - MEDIUM: log-format: Use standard HAProxy log system to report errors - CLEANUP: sample: report "converter" instead of "conv method" in error messages - BUG: spoe: Fix parsing of SPOE actions in ACK frames - MINOR: cli: make "show stat" support a proxy name - MINOR: cli: make "show errors" support a proxy name - MINOR: cli: make "show errors" capable of dumping only request or response - BUG/MINOR: freq-ctr: make swrate_add() support larger values - CLEANUP: counters: move from 3 types to 2 types - CLEANUP: cfgparse: cascade the warnif_misplaced_* rules - REORG: tcp-rules: move tcp rules processing to their own file - REORG: stkctr: move all the stick counters processing to stick-tables.c - DOC: update the roadmap file with the latest changes |
||
Willy Tarreau
|
d5d890be21 |
[RELEASE] Released version 1.7-dev6
Released version 1.7-dev6 with the following main changes : - DOC: fix the entry for hash-balance-factor config option - DOC: Fix typo in description of `-st` parameter in man page - CLEANUP: cfgparse: Very minor spelling correction - MINOR: examples: Update haproxy.spec URLs to haproxy.org - BUG/MEDIUM: peers: on shutdown, wake up the appctx, not the stream - BUG/MEDIUM: peers: fix use after free in peer_session_create() - MINOR: peers: make peer_session_forceshutdown() use the appctx and not the stream - MINOR: peers: remove the pointer to the stream - BUG/MEDIUM: systemd-wrapper: return correct exit codes - DOC: stats: provide state details for show servers state - MEDIUM: tools: make str2ip2() preserve existing ports - CLEANUP: tools: make ipcpy() preserve the original port - OPTIM: http: move all http character classs tables into a single one - OPTIM: http: improve parsing performance of long header lines - OPTIM: http: improve parsing performance of long URIs - OPTIM: http: optimize lookup of comma and quote in header values - BUG/MEDIUM: srv-state: properly restore the DRAIN state - BUG/MINOR: srv-state: allow to have both CMAINT and FDRAIN flags - MINOR: server: do not emit warnings/logs/alerts on server state changes at boot - BUG/MEDIUM: servers: properly propagate the maintenance states during startup - MEDIUM: wurfl: add Scientiamobile WURFL device detection module - DOC: move the device detection modules documentation to their own files - CLEANUP: wurfl: reduce exposure in the rest of the code - MEDIUM: ssl: Add support for OpenSSL 1.1.0 - MINOR: stream: make option contstats usable again - MEDIUM: tools: make str2sa_range() return the FQDN even when not resolving - MINOR: init: move apply_server_state in haproxy.c before MODE_CHECK - MAJOR: server: postpone address resolution - MINOR: new srv_admin flag: SRV_ADMF_RMAINT - MINOR: server: indicate in the logs when RMAINT is cleared - MINOR: stats: indicate it when a server is down due to resolution - MINOR: server: make srv_set_admin_state() capable of telling why this happens - MINOR: dns: implement extra 'hold' timers. - MAJOR: dns: runtime resolution can change server admin state - MEDIUM: cli: leave the RMAINT state when setting an IP address on the CLI - MEDIUM: server: add a new init-addr server line setting - MEDIUM: server: make use of init-addr - MINOR: server: implement init-addr none - MEDIUM: server: make libc resolution failure non-fatal - MINOR: server: add support for explicit numeric address in init-addr - DOC: add some documentation for the "init-addr" server keyword - MINOR: init: add -dr to ignore server address resolution failures - MEDIUM: server: do not restrict anymore usage of IP address from the state file - BUG: vars: Fix 'set-var' converter because of a typo - CLEANUP: remove last references to 'ruleset' section - MEDIUM: filters: Add attch/detach and stream_set_backend callbacks - MINOR: filters: Update filters documentation accordingly to recent changes - MINOR: filters: Call stream_set_backend callbacks before updating backend stats - MINOR: filters: Remove backend filters attached to a stream only for HTTP streams - MINOR: flt_trace: Add hexdump option to dump forwarded data - MINOR: cfgparse: Add functions to backup and restore registered sections - MINOR: cfgparse: Parse scope lines and save the last one parsed - REORG: sample: move code to release a sample expression in sample.c - MINOR: vars: Allow '.' in variable names - MINOR: vars: Add vars_set_by_name_ifexist function - MEDIUM: vars: Add a per-process scope for variables - MINOR: vars: Add 'unset-var' action/converter - MAJOR: spoe: Add an experimental Stream Processing Offload Engine - MINOR: spoe: add random ip-reputation service as SPOA example - MINOR: spoe/checks: Add support for SPOP health checks - DOC: update ROADMAP file |
||
Willy Tarreau
|
608efa173c |
[RELEASE] Released version 1.7-dev5
Released version 1.7-dev5 with the following main changes : - MINOR: cfgparse: few memory leaks fixes. - MEDIUM: log: Decompose %Tq in %Th %Ti %TR - CLEANUP: logs: remove unused log format field definitions - BUILD/MAJOR:updated 51d Trie implementation to incorperate latest update to 51Degrees.c - BUG/MAJOR: stream: properly mark the server address as unset on connect retry - CLEANUP: proto_http: Removing useless variable assignation - CLEANUP: dumpstats: Removing useless variables allocation - CLEANUP: dns: Removing usless variable & assignation - BUG/MINOR: payload: fix SSLv2 version parser - MINOR: cli: allow the semi-colon to be escaped on the CLI - MINOR: cli: change a server health check port through the stats socket - BUG/MINOR: Fix OSX compilation errors - MAJOR: check: find out which port to use for health check at run time - MINOR: server: introduction of 3 new server flags - MINOR: new update_server_addr_port() function to change both server's ADDR and service PORT - MINOR: cli: ability to change a server's port - CLEANUP/MINOR dns: comment do not follow up code update - MINOR: chunk: new strncat function - MINOR: dns: wrong DNS_MAX_UDP_MESSAGE value - MINOR: dns: new MAX values - MINOR: dns: new macro to compute DNS header size - MINOR: dns: new DNS structures to store received packets - MEDIUM: dns: new DNS response parser - MINOR: dns: query type change when last record is a CNAME - MINOR: dns: proper domain name validation when receiving DNS response - MINOR: dns: comments in types/dns.h about structures endianness - BUG/MINOR: displayed PCRE version is running release - MINOR: show Built with PCRE version - MINOR: show Running on zlib version - MEDIUM: make SO_REUSEPORT configurable - MINOR: enable IP_BIND_ADDRESS_NO_PORT on backend connections - BUG/MEDIUM: http/compression: Fix how chunked data are copied during the HTTP body parsing - BUG/MINOR: stats: report the correct conn_time in backend's html output - BUG/MEDIUM: dns: don't randomly crash on out-of-memory - MINOR: Add fe_req_rate sample fetch - MEDIUM: peers: Fix a peer stick-tables synchronization issue. - MEDIUM: cli: register CLI keywords with cli_register_kw() - BUILD: Make use of accept4() on OpenBSD. - MINOR: tcp: make set-src/set-src-port and set-dst/set-dst-port commutative - DOC: fix missed entry for "set-{src,dst}{,-port}" - BUG/MINOR: vars: use sess and not s->sess in action_store() - BUG/MINOR: vars: make smp_fetch_var() more robust against misuses - BUG/MINOR: vars: smp_fetch_var() doesn't depend on HTTP but on the session - MINOR: stats: output dcon - CLEANUP: tcp rules: mention everywhere that tcp-conn rules are L4 - MINOR: counters: add new fields for denied_sess - MEDIUM: tcp: add registration and processing of TCP L5 rules - MINOR: stats: emit dses - DOC: document tcp-request session - MINOR: ssl: add debug traces - BUILD/CLEANUP: ssl: Check BIO_reset() return code - BUG/MINOR: ssl: Check malloc return code - BUG/MINOR: ssl: prevent multiple entries for the same certificate - BUG/MINOR: systemd: make the wrapper return a non-null status code on error - BUG/MINOR: systemd: always restore signals before execve() - BUG/MINOR: systemd: check return value of calloc() - MINOR: systemd: report it when execve() fails - BUG/MEDIUM: systemd: let the wrapper know that haproxy has completed or failed - MINOR: proxy: add 'served' field to proxy, equal to total of all servers' - MINOR: backend: add hash-balance-factor option for hash-type consistent - MINOR: server: compute a "cumulative weight" to allow chash balancing to hit its target - MEDIUM: server: Implement bounded-load hash algorithm - SCRIPTS: make git-show-backports also dump a "git show" command - MINOR: build: Allow linking to device-atlas library file - MINOR: stats: Escape equals sign on socket dump |
||
Willy Tarreau
|
41d5e3a610 |
[RELEASE] Released version 1.7-dev4
Released version 1.7-dev4 with the following main changes :
- MINOR: add list_append_word function
- MEDIUM: init: use list_append_word in haproxy.c
- MEDIUM: init: allow directory as argument of -f
- CLEANUP: config: detect double registration of a config section
- MINOR: log: add the %Td log-format specifier
- MEDIUM: filters: Move HTTP headers filtering in its own callback
- MINOR: filters: Simplify calls to analyzers using 2 new macros
- MEDIUM: filters: Add pre and post analyzer callbacks
- DOC: filters: Update the filters documentation accordingly to recent changes
- BUG/MEDIUM: init: don't use environment locale
- SCRIPTS: teach git-show-backports how to report upstream commits
- SCRIPTS: make git-show-backports capable of limiting its history
- BUG/MAJOR: fix listening IP address storage for frontends
- BUG/MINOR: fix listening IP address storage for frontends (cont)
- DOC: Fix typo so fetch is properly parsed by Cyril's converter
- BUG/MAJOR: http: fix breakage of "reqdeny" causing random crashes
- BUG/MEDIUM: stick-tables: fix breakage in table converters
- MINOR: stick-table: change all stick-table converters' inputs to SMP_T_ANY
- BUG/MEDIUM: dns: unbreak DNS resolver after header fix
- BUILD: fix build on Solaris 11
- BUG/MEDIUM: config: fix multiple declaration of section parsers
- BUG/MEDIUM: stats: show servers state may show an servers from another backend
- BUG/MEDIUM: fix risk of segfault with "show tls-keys"
- MEDIUM: dumpstats: 'show tls-keys' is now able to show secrets
- DOC: update doc about tls-tickets-keys dump
- MEDIUM: tcp: add 'set-src' to 'tcp-request connection'
- MINOR: set the CO_FL_ADDR_FROM_SET flags with 'set-src'
- MEDIUM: tcp/http: add 'set-src-port' action
- MEDIUM: tcp/http: new set-dst/set-dst-port actions
- BUG/MEDIUM: sticktables: segfault in some configuration error cases
- BUILD/MEDIUM: rebuild everything when an include file is changed
- BUILD/MEDIUM: force a full rebuild if some build options change
- BUG/MEDIUM: lua: converters doesn't work
- BUG/MINOR: http: add-header: header name copied twice
- BUG/MEDIUM: http: add-header: buffer overwritten
- BUG/MINOR: ssl: fix potential memory leak in ssl_sock_load_dh_params()
- MINOR: stream: export the function 'smp_create_src_stkctr'
- BUG/MEDIUM: dumpstats: undefined behavior in stats_tlskeys_list()
- MEDIUM: dumpstats: make stats_tlskeys_list() yield-aware during tls-keys dump
- BUG/MINOR: http: url32+src should use the big endian version of url32
- BUG/MINOR: http: url32+src should check cli_conn before using it
- DOC: http: add documentation for url32 and url32+src
- BUG/MINOR: fix http-response set-log-level parsing error
- MINOR: systemd: Use variable for config and pidfile paths
- MINOR: systemd: Perform sanity check on config before reload
- MEDIUM: ssl: support SNI filters with multicerts
- MINOR: ssl: crt-list parsing factor
- BUILD: ssl: fix typo causing a build failure in the multicert patch
- MINOR: listener: add the "accept-netscaler-cip" option to the "bind" keyword
- MINOR: tcp: add "tcp-request connection expect-netscaler-cip layer4"
- BUG/MINOR: init: always ensure that global.rlimit_nofile matches actual limits
- BUG/MINOR: init: ensure that FD limit is raised to the max allowed
- BUG/MEDIUM: external-checks: close all FDs right after the fork()
- BUG/MAJOR: external-checks: use asynchronous signal delivery
- BUG/MINOR: external-checks: do not unblock undesired signals
- CLEANUP: external-check: don't block/unblock SIGCHLD when manipulating the list
- BUG/MEDIUM: filters: Fix data filtering when data are modified
- BUG/MINOR: filters: Fix HTTP parsing when a filter loops on data forwarding
- BUG/MINOR: srv-state: fix incorrect output of state file
- BUG/MINOR: ssl: close ssl key file on error
- BUG/MINOR: http: fix misleading error message for response captures
- BUG/BUILD: don't automatically run "make" on "make install"
- DOC: add missing doc for http-request deny [deny_status <status>]
- CLEANUP: dumpstats: u64 field is an unsigned type.
- BUG/MEDIUM: http: unbreak uri/header/url_param hashing
- BUG/MINOR: Rework slightly commit
|
||
Willy Tarreau
|
7d1b48fae0 |
[RELEASE] Released version 1.7-dev3
Released version 1.7-dev3 with the following main changes : - MINOR: sample: Moves ARGS underlying type from 32 to 64 bits. - BUG/MINOR: log: Don't use strftime() which can clobber timezone if chrooted - BUILD: namespaces: fix a potential build warning in namespaces.c - MINOR: da: Using ARG12 macro for the sample fetch and the convertor. - DOC: add encoding to json converter example - BUG/MINOR: conf: "listener id" expects integer, but its not checked - DOC: Clarify tunes.vars.xxx-max-size settings - CLEANUP: chunk: adding NULL check to chunk_dup allocation. - CLEANUP: connection: fix double negation on memcmp() - BUG/MEDIUM: peers: fix incorrect age in frequency counters - BUG/MEDIUM: Fix RFC5077 resumption when more than TLS_TICKETS_NO are present - BUG/MAJOR: Fix crash in http_get_fhdr with exactly MAX_HDR_HISTORY headers - BUG/MINOR: lua: can't load external libraries - BUG/MINOR: prevent the dump of uninitialized vars - CLEANUP: map: it seems that the map were planed to be chained - MINOR: lua: move class registration facilities - MINOR: lua: remove some useless checks - CLEANUP: lua: Remove two same functions - MINOR: lua: refactor the Lua object registration - MINOR: lua: precise message when a critical error is catched - MINOR: lua: post initialization - MINOR: lua: Add internal function which strip spaces - MINOR: lua: convert field to lua type - DOC: "addr" parameter applies to both health and agent checks - DOC: timeout client: pointers to timeout http-request - DOC: typo on stick-store response - DOC: stick-table: amend paragraph blaming the loss of table upon reload - DOC: typo: ACL subdir match - DOC: typo: maxconn paragraph is wrong due to a wrong buffer size - DOC: regsub: parser limitation about the inability to use closing square brackets - DOC: typo: req.uri is now replaced by capture.req.uri - DOC: name set-gpt0 mismatch with the expected keyword - MINOR: http: sample fetch which returns unique-id - MINOR: dumpstats: extract stats fields enum and names - MINOR: dumpstats: split stats_dump_info_to_buffer() in two parts - MINOR: dumpstats: split stats_dump_fe_stats() in two parts - MINOR: dumpstats: split stats_dump_li_stats() in two parts - MINOR: dumpstats: split stats_dump_sv_stats() in two parts - MINOR: dumpstats: split stats_dump_be_stats() in two parts - MINOR: lua: dump general info - MINOR: lua: add class proxy - MINOR: lua: add class server - MINOR: lua: add class listener - BUG/MEDIUM: stick-tables: some sample-fetch doesn't work in the connection state. - MEDIUM: proxy: use dynamic allocation for error dumps - CLEANUP: remove unneeded casts - CLEANUP: uniformize last argument of malloc/calloc - DOC: fix "needed" typo - BUG/MINOR: dumpstats: fix write to global chunk - BUG/MINOR: dns: inapropriate way out after a resolution timeout - BUG/MINOR: dns: trigger a DNS query type change on resolution timeout - CLEANUP: proto_http: few corrections for gcc warnings. - BUG/MINOR: DNS: resolution structure change - BUG/MINOR : allow to log cookie for tarpit and denied request - BUG/MEDIUM: ssl: rewind the BIO when reading certificates - OPTIM/MINOR: session: abort if possible before connecting to the backend - DOC: http: rename the unique-id sample and add the documentation - BUG/MEDIUM: trace.c: rdtsc() is defined in two files - BUG/MEDIUM: channel: fix miscalculation of available buffer space (2nd try) - BUG/MINOR: server: risk of over reading the pref_net array. - BUG/MINOR: cfgparse: couple of small memory leaks. - BUG/MEDIUM: sample: initialize the pointer before parse_binary call. - DOC: fix discrepancy in the example for http-request redirect - MINOR: acl: Add predefined METH_DELETE, METH_PUT - CLEANUP: .gitignore cleanup - DOC: Clarify IPv4 address / mask notation rules - CLEANUP: fix inconsistency between fd->iocb, proto->accept and accept() - BUG/MEDIUM: fix maxaccept computation on per-process listeners - BUG/MINOR: listener: stop unbound listeners on startup - BUG/MINOR: fix maxaccept computation according to the frontend process range - TESTS: add blocksig.c to run tests with all signals blocked - MEDIUM: unblock signals on startup. - MINOR: filters: Print the list of existing filters during HA startup - MINOR: filters: Typo in an error message - MINOR: filters: Filters must define the callbacks struct during config parsing - DOC: filters: Add filters documentation - BUG/MEDIUM: channel: don't allow to overwrite the reserve until connected - BUG/MEDIUM: channel: incorrect polling condition may delay event delivery - BUG/MEDIUM: channel: fix miscalculation of available buffer space (3rd try) - BUG/MEDIUM: log: fix risk of segfault when logging HTTP fields in TCP mode - MINOR: Add ability for agent-check to set server maxconn - CLEANUP: Use server_parse_maxconn_change_request for maxconn CLI updates - MINOR: filters: add opaque data - BUG/MEDIUM: lua: protects the upper boundary of the argument list for converters/fetches. - MINOR: lua: migrate the argument mask to 64 bits type. - BUG/MINOR: dumpstats: Fix the "Total bytes saved" counter in backends stats - BUG/MINOR: log: fix a typo that would cause %HP to log <BADREQ> - BUG/MEDIUM: http: fix incorrect reporting of server errors - MINOR: channel: add new function channel_congested() - BUG/MEDIUM: http: fix risk of CPU spikes with pipelined requests from dead client - BUG/MAJOR: channel: fix miscalculation of available buffer space (4th try) - BUG/MEDIUM: stream: ensure the SI_FL_DONT_WAKE flag is properly cleared - BUG/MEDIUM: channel: fix inconsistent handling of 4GB-1 transfers - BUG/MEDIUM: stats: show servers state may show an empty or incomplete result - BUG/MEDIUM: stats: show backend may show an empty or incomplete result - MINOR: stats: fix typo in help messages - MINOR: stats: show stat resolvers missing in the help message - BUG/MINOR: dns: fix DNS header definition - BUG/MEDIUM: dns: fix alignment issue when building DNS queries - CLEANUP: don't ignore scripts in .gitignore - BUILD: add a few release and backport scripts in scripts/ |
||
Willy Tarreau
|
8234f6dae8 |
[RELEASE] Released version 1.7-dev2
Released version 1.7-dev2 with the following main changes : - DOC: lua: fix lua API - DOC: mailers: typo in 'hostname' description - DOC: compression: missing mention of libslz for compression algorithm - BUILD/MINOR: regex: missing header - BUG/MINOR: stream: bad return code - DOC: lua: fix somme errors and add implicit types - MINOR: lua: add set/get priv for applets - BUG/MINOR: http: fix several off-by-one errors in the url_param parser - BUG/MINOR: http: Be sure to process all the data received from a server - MINOR: filters/http: Use a wrapper function instead of stream_int_retnclose - BUG/MINOR: chunk: make chunk_dup() always check and set dst->size - DOC: ssl: fixed some formatting errors in crt tag - MINOR: chunks: ensure that chunk_strcpy() adds a trailing zero - MINOR: chunks: add chunk_strcat() and chunk_newstr() - MINOR: chunk: make chunk_initstr() take a const string - MEDIUM: tools: add csv_enc_append() to preserve the original chunk - MINOR: tools: make csv_enc_append() always start at the first byte of the chunk - MINOR: lru: new function to delete <nb> least recently used keys - DOC: add Ben Shillito as the maintainer of 51d - BUG/MINOR: 51d: Ensures a unique domain for each configuration - BUG/MINOR: 51d: Aligns Pattern cache implementation with HAProxy best practices. - BUG/MINOR: 51d: Releases workset back to pool. - BUG/MINOR: 51d: Aligned const pointers to changes in 51Degrees. - CLEANUP: 51d: Aligned if statements with HAProxy best practices and removed casts from malloc. - MINOR: rename master process name in -Ds (systemd mode) - DOC: fix a few spelling mistakes - DOC: fix "workaround" spelling - BUG/MINOR: examples: Fixing haproxy.spec to remove references to .cfg files - MINOR: fix the return type for dns_response_get_query_id() function - MINOR: server state: missing LF (\n) on error message printed when parsing server state file - BUG/MEDIUM: dns: no DNS resolution happens if no ports provided to the nameserver - BUG/MAJOR: servers state: server port is erased when dns resolution is enabled on a server - BUG/MEDIUM: servers state: server port is used uninitialized - BUG/MEDIUM: config: Adding validation to stick-table expire value. - BUG/MEDIUM: sample: http_date() doesn't provide the right day of the week - BUG/MEDIUM: channel: fix miscalculation of available buffer space. - MEDIUM: pools: add a new flag to avoid rounding pool size up - BUG/MEDIUM: buffers: do not round up buffer size during allocation - BUG/MINOR: stream: don't force retries if the server is DOWN - BUG/MINOR: counters: make the sc-inc-gpc0 and sc-set-gpt0 touch the table - MINOR: unix: don't mention free ports on EAGAIN - BUG/CLEANUP: CLI: report the proper field states in "show sess" - MINOR: stats: send content-length with the redirect to allow keep-alive - BUG: stream_interface: Reuse connection even if the output channel is empty - DOC: remove old tunnel mode assumptions - BUG/MAJOR: http-reuse: fix risk of orphaned connections - BUG/MEDIUM: http-reuse: do not share private connections across backends - BUG/MINOR: ssl: Be sure to use unique serial for regenerated certificates - BUG/MINOR: stats: fix missing comma in stats on agent drain - MAJOR: filters: Add filters support - MINOR: filters: Do not reset stream analyzers if the client is gone - REORG: filters: Prepare creation of the HTTP compression filter - MAJOR: filters/http: Rewrite the HTTP compression as a filter - MEDIUM: filters: Use macros to call filters callbacks to speed-up processing - MEDIUM: filters: remove http_start_chunk, http_last_chunk and http_chunk_end - MEDIUM: filters: Replace filter_http_headers callback by an analyzer - MEDIUM: filters/http: Move body parsing of HTTP messages in dedicated functions - MINOR: filters: Add stream_filters structure to hide filters info - MAJOR: filters: Require explicit registration to filter HTTP body and TCP data - MINOR: filters: Remove unused or useless stuff and do small optimizations - MEDIUM: filters: Optimize the HTTP compression for chunk encoded response - MINOR: filters/http: Slightly update the parsing of chunks - MINOR: filters/http: Forward remaining data when a channel has no "data" filters - MINOR: filters: Add an filter example - MINOR: filters: Extract proxy stuff from the struct filter - MINOR: map: Add regex matching replacement - BUG/MINOR: lua: unsafe initialization - DOC: lua: fix somme errors - MINOR: lua: file dedicated to unsafe functions - MINOR: lua: add "now" time function - MINOR: standard: add RFC HTTP date parser - MINOR: lua: Add date functions - MINOR: lua: move common function - MINOR: lua: merge function - MINOR: lua: Add concat class - MINOR: standard: add function "escape_chunk" - MEDIUM: log: add a new log format flag "E" - DOC: add server name at rate-limit sessions example - BUG/MEDIUM: ssl: fix off-by-one in ALPN list allocation - BUG/MEDIUM: ssl: fix off-by-one in NPN list allocation - DOC: LUA: fix some typos and syntax errors - MINOR: cli: add a new "show env" command - MEDIUM: config: allow to manipulate environment variables in the global section - MEDIUM: cfgparse: reject incorrect 'timeout retry' keyword spelling in resolvers - MINOR: mailers: increase default timeout to 10 seconds - MINOR: mailers: use <CRLF> for all line endings - BUG/MAJOR: lua: segfault using Concat object - DOC: lua: copyrights - MINOR: common: mask conversion - MEDIUM: dns: extract options - MEDIUM: dns: add a "resolve-net" option which allow to prefer an ip in a network - MINOR: mailers: make it possible to configure the connection timeout - BUG/MAJOR: lua: applets can't sleep. - BUG/MINOR: server: some prototypes are renamed - BUG/MINOR: lua: Useless copy - BUG/MEDIUM: stats: stats bind-process doesn't propagate the process mask correctly - BUG/MINOR: server: fix the format of the warning on address change - CLEANUP: server: add "const" to some message strings - MINOR: server: generalize the "updater" source - BUG/MEDIUM: chunks: always reject negative-length chunks - BUG/MINOR: systemd: ensure we don't miss signals - BUG/MINOR: systemd: report the correct signal in debug message output - BUG/MINOR: systemd: propagate the correct signal to haproxy - MINOR: systemd: ensure a reload doesn't mask a stop - BUG/MEDIUM: cfgparse: wrong argument offset after parsing server "sni" keyword - CLEANUP: stats: Avoid computation with uninitialized bits. - CLEANUP: pattern: Ignore unknown samples in pat_match_ip(). - CLEANUP: map: Avoid memory leak in out-of-memory condition. - BUG/MINOR: tcpcheck: fix incorrect list usage resulting in failure to load certain configs - BUG/MAJOR: samples: check smp->strm before using it - MINOR: sample: add a new helper to initialize the owner of a sample - MINOR: sample: always set a new sample's owner before evaluating it - BUG/MAJOR: vars: always retrieve the stream and session from the sample - CLEANUP: payload: remove useless and confusing nullity checks for channel buffer - BUG/MINOR: ssl: fix usage of the various sample fetch functions - MINOR: stats: create fields types suitable for all CSV output data - MINOR: stats: add all the "show info" fields in a table - MEDIUM: stats: fill all the show info elements prior to displaying them - MINOR: stats: add a function to emit fields into a chunk - MINOR: stats: add stats_dump_info_fields() to dump one field per line - MEDIUM: stats: make use of stats_dump_info_fields() for "show info" - MINOR: stats: add a declaration of all stats fields - MINOR: stats: don't hard-code the CSV fields list anymore - MINOR: stats: create stats fields storage and CSV dump function - MEDIUM: stats: convert stats_dump_fe_stats() to use stats_dump_fields_csv() - MEDIUM: stats: make stats_dump_fe_stats() use stats fields for HTML dump - MEDIUM: stats: convert stats_dump_li_stats() to use stats_dump_fields_csv() - MEDIUM: stats: make stats_dump_li_stats() use stats fields for HTML dump - MEDIUM: stats: convert stats_dump_be_stats() to use stats_dump_fields_csv() - MEDIUM: stats: make stats_dump_be_stats() use stats fields for HTML dump - MEDIUM: stats: convert stats_dump_sv_stats() to use stats_dump_fields_csv() - MEDIUM: stats: make stats_dump_sv_stats() use the stats field for HTML - MEDIUM: stats: move the server state coloring logic to the server dump function - MINOR: stats: do not use srv->admin & STATS_ADMF_MAINT in HTML dumps - MINOR: stats: do not check srv->state for SRV_ST_STOPPED in HTML dumps - MINOR: stats: make CSV report server check status only when enabled - MINOR: stats: only report backend's down time if it has servers - MINOR: stats: prepend '*' in front of the check status when in progress - MINOR: stats: make HTML stats dump rely on the table for the check status - MINOR: stats: add agent_status, agent_code, agent_duration to output - MINOR: stats: add check_desc and agent_desc to the output fields - MINOR: stats: add check and agent's health values in the output - MEDIUM: stats: make the HTML server state dump use the CSV states - MEDIUM: stats: only report observe errors when observe is set - MEDIUM: stats: expose the same flags for CLI and HTTP accesses - MEDIUM: stats: report server's address in the CSV output - MEDIUM: stats: report the cookie value in the server & backend CSV dumps - MEDIUM: stats: compute the color code only in the HTML form - MEDIUM: stats: report the listeners' address in the CSV output - MEDIUM: stats: make it possible to report the WAITING state for listeners - REORG: stats: dump the frontend's HTML stats via a generic function - REORG: stats: dump the socket stats via the generic function - REORG: stats: dump the server stats via the generic function - REORG: stats: dump the backend stats via the generic function - MEDIUM: stats: add a new "mode" column to report the proxy mode - MINOR: stats: report the load balancing algorithm in CSV output - MINOR: stats: add 3 fields to report the frontend-specific connection stats - MINOR: stats: report number of intercepted requests for frontend and backends - MINOR: stats: introduce stats_dump_one_line() to dump one stats line - CLEANUP: stats: make stats_dump_fields_html() not rely on proxy anymore - MINOR: stats: add ST_SHOWADMIN to pass the admin info in the regular flags - MINOR: stats: make stats_dump_fields_html() not use &trash by default - MINOR: stats: add functions to emit typed fields into a chunk - MEDIUM: stats: support "show info typed" on the CLI - MEDIUM: stats: implement a typed output format for stats - DOC: document the "show info typed" and "show stat typed" output formats - MINOR: cfgparse: warn when uid parameter is not a number - MINOR: cfgparse: warn when gid parameter is not a number - BUG/MINOR: standard: Avoid free of non-allocated pointer - BUG/MINOR: pattern: Avoid memory leak on out-of-memory condition - CLEANUP: http: fix a build warning introduced by a recent fix - BUG/MINOR: log: GMT offset not updated when entering/leaving DST |
||
Willy Tarreau
|
cb92825af9 |
[RELEASE] Released version 1.7-dev1
Released version 1.7-dev1 with the following main changes : - DOC: specify that stats socket doc (section 9.2) is in management - BUILD: install only relevant and existing documentation - CLEANUP: don't ignore debian/ directory if present - BUG/MINOR: dns: parsing error of some DNS response - BUG/MEDIUM: namespaces: don't fail if no namespace is used - BUG/MAJOR: ssl: free the generated SSL_CTX if the LRU cache is disabled - MEDIUM: dns: Don't use the ANY query type - BUILD: ssl: fix build error introduced in commit 7969a3 with OpenSSL < 1.0.0 - DOC: fix a typo for a "deviceatlas" keyword - FIX: small typo in an example using the "Referer" header - MINOR: cli: ability to set per-server maxconn - DEBUG/MINOR: memory: add a build option to disable memory pools sharing - DEBUG/MEDIUM: memory: optionally protect free data in pools - DEBUG/MEDIUM: memory: add optional control pool memory operations - MEDIUM: memory: add accounting for failed allocations - BUG/MEDIUM: config: count memory limits on 64 bits, not 32 - BUG/MAJOR: dns: first DNS response packet not matching queried hostname may lead to a loop - BUG/MINOR: dns: unable to parse CNAMEs response - BUG/MINOR: examples/haproxy.init: missing brace in quiet_check() - DOC: deviceatlas: more example use cases. - MINOR: config: allow IPv6 bracketed literals - BUG/BUILD: replace haproxy-systemd-wrapper with $(EXTRA) in install-bin. - BUILD: add Haiku as supported target. - BUG/MAJOR: http: don't requeue an idle connection that is already queued - DOC: typo on capture.res.hdr and capture.req.hdr - BUG/MINOR: dns: check for duplicate nameserver id in a resolvers section was missing - CLEANUP: use direction names in place of numeric values - BUG/MEDIUM: lua: sample fetches based on response doesn't work - MINOR: check: add agent-send server parameter - BUG/MINOR: http rule: http capture 'id' rule points to a non existing id - BUG/MINOR: server: check return value of fgets() in apply_server_state() - BUG/MINOR: acl: don't use record layer in req_ssl_ver - BUILD: freebsd: double declaration - BUG/MEDIUM: lua: clean output buffer - BUILD: check for libressl to be able to build against it - DOC: lua-api/index.rst small example fixes, spelling correction. - DOC: lua: architecture and first steps - DOC: relation between timeout http-request and option http-buffer-request - BUILD: Make deviceatlas require PCRE - BUG: http: do not abort keep-alive connections on server timeout - BUG/MEDIUM: http: switch the request channel to no-delay once done. - BUG/MINOR: lua: don't force-sslv3 LUA's SSL socket - BUILD/MINOR: http: proto_http.h needs sample.h - BUG/MEDIUM: http: don't enable auto-close on the response side - BUG/MEDIUM: stream: fix half-closed timeout handling - CLEANUP: compression: don't allocate DEFAULT_MAXZLIBMEM without USE_ZLIB - BUG/MEDIUM: cli: changing compression rate-limiting must require admin level - BUG/MEDIUM: sample: urlp can't match an empty value - BUILD: dumpstats: silencing warning for printf format specifier / time_t - CLEANUP: proxy: calloc call inverted arguments - MINOR: da: silent logging by default and displaying DeviceAtlas support if built. - BUG/MEDIUM: da: stop DeviceAtlas processing in the convertor if there is no input. - DOC: Edited 51Degrees section of README/ - BUG/MEDIUM: checks: email-alert not working when declared in defaults - BUG/MINOR: checks: email-alert causes a segfault when an unknown mailers section is configured - BUG/MINOR: checks: typo in an email-alert error message - BUG/MINOR: tcpcheck: conf parsing error when no port configured on server and last rule is a CONNECT with no port - BUG/MINOR: tcpcheck: conf parsing error when no port configured on server and first rule(s) is (are) COMMENT - BUG/MEDIUM: http: fix http-reuse when frontend and backend differ - DOC: prefer using http-request/response over reqXXX/rspXXX directives - CLEANUP: haproxy: using _GNU_SOURCE instead of __USE_GNU macro. - MINOR: ssl: Added cert_key_and_chain struct - MEDIUM: ssl: Added support for creating SSL_CTX with multiple certs - MINOR: ssl: Added multi cert support for crt-list config keyword - MEDIUM: ssl: Added multi cert support for loading crt directories - MEDIUM: ssl: Added support for Multi-Cert OCSP Stapling - BUILD: ssl: set SSL_SOCK_NUM_KEYTYPES with openssl < 1.0.2 - MINOR: config: make tune.recv_enough configurable - BUG/MEDIUM: config: properly adjust maxconn with nbproc when memmax is forced - DOC: ssl: Adding docs for Multi-Cert bundling - BUG/MEDIUM: peers: table entries learned from a remote are pushed to others after a random delay. - BUG/MEDIUM: peers: old stick table updates could be repushed. - MINOR: lua: service/applet can have access to the HTTP headers when a POST is received - REORG/MINOR: lua: convert boolean "int" to bitfield - BUG/MEDIUM: lua: Lua applets must not fetch samples using http_txn - BUG/MINOR: lua: Lua applets must not use http_txn - BUG/MEDIUM: lua: Forbid HTTP applets from being called from tcp rulesets - BUG/MAJOR: lua: Do not force the HTTP analysers in use-services - CLEANUP: lua: bad error messages - CONTRIB: initiate a debugging suite to make debugging easier |
||
Willy Tarreau
|
991b47831a |
[RELEASE] Released version 1.7-dev0
Released version 1.7-dev0 with the following main changes : - exact copy of 1.6.0 |
||
Willy Tarreau
|
844028bb11 |
[RELEASE] Released version 1.6.0
Released version 1.6.0 with the following main changes : - BUG/MINOR: Handle interactive mode in cli handler - DOC: global section missing parameters - DOC: backend section missing parameters - DOC: stats paramaters available in frontend - MINOR: lru: do not allocate useless memory in lru64_lookup - BUG/MINOR: http: Add OPTIONS in supported http methods (found by find_http_meth) - BUG/MINOR: ssl: fix management of the cache where forged certificates are stored - MINOR: ssl: Release Servers SSL context when HAProxy is shut down - MINOR: ssl: Read the file used to generate certificates in any order - MINOR: ssl: Add support for EC for the CA used to sign generated certificates - MINOR: ssl: Add callbacks to set DH/ECDH params for generated certificates - BUG/MEDIUM: logs: fix time zone offset format in RFC5424 - BUILD: Fix the build on OSX (htonll/ntohll) - BUILD: enable build on Linux/s390x - BUG/MEDIUM: lua: direction test failed - MINOR: lua: fix a spelling error in some error messages - CLEANUP: cli: ensure we can never double-free error messages - BUG/MEDIUM: lua: force server-close mode on Lua services - MEDIUM: init: support more command line arguments after pid list - MEDIUM: init: support a list of files on the command line - MINOR: debug: enable memory poisonning to use byte 0 - BUILD: ssl: fix build error introduced by recent commit - BUG/MINOR: config: make the stats socket pass the correct proxy to the parsers - MEDIUM: server: implement TCP_USER_TIMEOUT on the server - DOC: mention the "namespace" options for bind and server lines - DOC: add the "management" documentation - DOC: move the stats socket documentation from config to management - MINOR: examples: update haproxy.spec to mention new docs - DOC: mention management.txt in README - DOC: remove haproxy-{en,fr}.txt - BUILD: properly report when USE_ZLIB and USE_SLZ are used together - MINOR: init: report use of libslz instead of "no compression" - CLEANUP: examples: remove some obsolete and confusing files - CLEANUP: examples: remove obsolete configuration file samples - CLEANUP: examples: fix the example file content-sw-sample.cfg - CLEANUP: examples: update sample file option-http_proxy.cfg - CLEANUP: examples: update sample file ssl.cfg - CLEANUP: tests: move a test file from examples/ to tests/ - CLEANUP: examples: shut up warnings in transparent proxy example - CLEANUP: tests: removed completely obsolete test files - DOC: update ROADMAP to remove what was done in 1.6 - BUG/MEDIUM: pattern: fixup use_after_free in the pat_ref_delete_by_id |
||
Willy Tarreau
|
8c1ad716df |
[RELEASE] Released version 1.6-dev7
Released version 1.6-dev7 with the following main changes : - MINOR: cli: Dump all resolvers stats if no resolver section is given - BUG: config: external-check command validation is checking for incorrect arguments. - DOC: documentation format cleanups - DOC: lua: few typos. - BUG/MEDIUM: str2ip: make getaddrinfo() consider local address selection policy - BUG/MEDIUM: logs: segfault writing to log from Lua - DOC: fix lua use-service example - MINOR: payload: add support for tls session ticket ext - MINOR: lua: remove the run flag - MEDIUM: lua: change the timeout execution - MINOR: lua: rename the tune.lua.applet-timeout - DOC: lua: update Lua doc - DOC: lua: update doc according with the last Lua changes - MINOR: http/tcp: fill the avalaible actions - DOC: reorder misplaced res.ssl_hello_type in the doc - BUG/MINOR: tcp: make silent-drop always force a TCP reset - CLEANUP: tcp: silent-drop: only drain the connection when quick-ack is disabled - BUILD: tcp: use IPPROTO_IP when SOL_IP is not available - BUILD: server: fix build warnings introduced by load-server-state - BUG/MEDIUM: server: fix misuse of format string in load-server-state's warnings |
||
Willy Tarreau
|
e7ae656cf7 |
[RELEASE] Released version 1.6-dev6
Released version 1.6-dev6 with the following main changes : - BUG/MAJOR: can't enable a server through the stat socket - MINOR: server: Macro definition for server-state - MINOR: cli: new stats socket command: show servers state - DOC: stats socket command: show servers state - MINOR: config: new global directive server-state-base - DOC: global directive server-state-base - MINOR: config: new global section directive: server-state-file - DOC: new global directive: server-state-file - MINOR: config: new backend directives: load-server-state-from-file and server-state-file-name - DOC: load-server-state-from-file - MINOR: init: server state loaded from file - MINOR: server: startup slowstart task when using seamless reload of HAProxy - MINOR: cli: new stats socket command: show backend - DOC: servers state seamless reload example - BUG: dns: can't connect UDP socket on FreeBSD - MINOR: cfgparse: New function cfg_unregister_sections() - MINOR: chunk: New function free_trash_buffers() - BUG/MEDIUM: main: Freeing a bunch of static pointers - MINOR: proto_http: Externalisation of previously internal functions - MINOR: global: Few new struct fields for da module - MAJOR: da: Update of the DeviceAtlas API module - DOC: DeviceAtlas new keywords - DOC: README: DeviceAtlas sample configuration updates - MEDIUM: log: replace sendto() with sendmsg() in __send_log() - MEDIUM: log: use a separate buffer for the header and for the message - MEDIUM: logs: remove the hostname, tag and pid part from the logheader - MEDIUM: logs: add support for RFC5424 header format per logger - MEDIUM: logs: add a new RFC5424 log-format for the structured-data - DOC: mention support for the RFC5424 syslog message format - MEDIUM: logs: have global.log_send_hostname not contain the trailing space - MEDIUM: logs: pass the trailing "\n" as an iovec - BUG/MEDIUM: peers: some table updates are randomly not pushed. - BUG/MEDIUM: peers: same table updates re-pushed after a re-connect - BUG/MINOR: fct peer_prepare_ackmsg should not use trash. - MINOR: http: made CHECK_HTTP_MESSAGE_FIRST accessible to other functions - MINOR: global: Added new fields for 51Degrees device detection - DOC: Added more explanation for 51Degrees V3.2 - BUILD: Changed 51Degrees option to support V3.2 - MAJOR: 51d: Upgraded to support 51Degrees V3.2 and new features - MINOR: 51d: Improved string handling for LRU cache - DOC: add references to rise/fall for the fastinter explanation - MINOR: support cpu-map feature through the compile option USE_CPU_AFFINITY on FreeBSD - BUG/MAJOR: lua: potential unexpected aborts() - BUG/MINOR: lua: breaks the log message if his size exceed one buffer - MINOR: action: add private configuration - MINOR: action: add reference to the original keywork matched for the called parser. - MINOR: lua: change actions registration - MEDIUM: proto_http: smp_prefetch_http initialize txn - MINOR: channel: rename function chn_sess to chn_strm - CLEANUP: lua: align defines - MINOR: http: export http_get_path() function - MINOR: http: export the get_reason() function - MINOR: http: export function http_msg_analyzer() - MINOR: http: split initialization - MINOR: lua: reset pointer after use - MINOR: lua: identify userdata objects - MEDIUM: lua: use the function lua_rawset in place of lua_settable - BUG/MAJOR: lua: segfault after the channel data is modified by some Lua action. - CLEANUP: lua: use calloc in place of malloc - BUG/MEDIUM: lua: longjmp function must be unregistered - BUG/MEDIUM: lua: forces a garbage collection - BUG/MEDIUM: lua: wakeup task on bad conditions - MINOR: standard: avoid DNS resolution from the function str2sa_range() - MINOR: lua: extend socket address to support non-IP families - MINOR: lua/applet: the cosocket applet should use appctx_wakeup in place of task_wakeup - BUG/MEDIUM: lua: socket destroy before reading pending data - MEDIUM: lua: change the GC policy - OPTIM/MEDIUM: lua: executes the garbage collector only when using cosocket - BUG/MEDIUM: lua: don't reset undesired flags in hlua_ctx_resume - MINOR: applet: add init function - MINOR: applet: add an execution timeout - MINOR: stream/applet: add use-service action - MINOR: lua: add AppletTCP class and service - MINOR: lua: add AppletHTTP class and service - DOC: lua: some documentation update - DOC: add the documentation about internal circular lists - DOC: add a CONTRIBUTING file - DOC: add a MAINTAINERS file - BUG/MAJOR: peers: fix a crash when stopping peers on unbound processes - DOC: update coding-style to reference checkpatch.pl - BUG/MEDIUM: stick-tables: fix double-decrement of tracked entries - BUG/MINOR: args: add name for ARGT_VAR - DOC: add more entries to MAINTAINERS - DOC: add more entries to MAINTAINERS - CLEANUP: stream-int: remove obsolete function si_applet_call() - BUG/MAJOR: cli: do not dereference strm_li()->proto->name - BUG/MEDIUM: http: do not dereference strm_li(stream) - BUG/MEDIUM: proxy: do not dereference strm_li(stream) - BUG/MEDIUM: stream: do not dereference strm_li(stream) - MINOR: stream-int: use si_release_endpoint() to close idle conns - BUG/MEDIUM: payload: make req.payload and payload_lv aware of dynamic buffers - BUG/MEDIUM: acl: always accept match "found" - MINOR: applet: rename applet_runq to applet_active_queue - BUG/MAJOR: applet: use a separate run queue to maintain list integrity - MEDIUM: stream-int: split stream_int_update_conn() into si- and conn-specific parts - MINOR: stream-int: implement a new stream_int_update() function - MEDIUM: stream-int: factor out the stream update functions - MEDIUM: stream-int: call stream_int_update() from si_update() - MINOR: stream-int: export stream_int_update_* - MINOR: stream-int: move the applet_pause call out of the stream updates - MEDIUM: stream-int: clean up the conditions to enable reading in si_conn_wake_cb - MINOR: stream-int: implement the stream_int_notify() function - MEDIUM: stream-int: use the same stream notification function for applets and conns - MEDIUM: stream-int: completely remove stream_int_update_embedded() - MINOR: stream-int: rename si_applet_done() to si_applet_wake_cb() - BUG/MEDIUM: applet: fix reporting of broken write situation - BUG/MINOR: stats: do not call cli_release_handler 3 times - BUG/MEDIUM: cli: properly handle closed output - MINOR: cli: do not call the release handler on internal error. - BUG/MEDIUM: stream-int: avoid double-call to applet->release - DEBUG: add p_malloc() to return a poisonned memory area - CLEANUP: lua: remove unneeded memset(0) after calloc() - MINOR: lua: use the proper applet wakeup mechanism - BUG/MEDIUM: lua: better fix for the protocol check - BUG/MEDIUM: lua: properly set the target on the connection - MEDIUM: actions: pass a new "flags" argument to custom actions - MEDIUM: actions: add new flag ACT_FLAG_FINAL to notify about last call - MEDIUM: http: pass ACT_FLAG_FINAL to custom actions - MEDIUM: lua: only allow actions to yield if not in a final call - DOC: clarify how to make use of abstract sockets in socat - CLEANUP: config: make the errorloc/errorfile messages less confusing - MEDIUM: action: add a new flag ACT_FLAG_FIRST - BUG/MINOR: config: check that tune.bufsize is always positive - MEDIUM: config: set tune.maxrewrite to 1024 by default - DOC: add David Carlier as maintainer of da.c - DOC: fix some broken unexpected unicode chars in the Lua doc. - BUG/MEDIUM: proxy: ignore stopped peers - BUG/MEDIUM: proxy: do not wake stopped proxies' tasks during soft_stop() - MEDIUM: init: completely deallocate unused peers - BUG/MEDIUM: tcp: fix inverted condition to call custom actions - DOC: remove outdated actions lists on tcp-request/response - MEDIUM: tcp: add new tcp action "silent-drop" - DOC: add URLs to optional libraries in the README |
||
Willy Tarreau
|
a02e8a6cdf |
[RELEASE] Released version 1.6-dev5
Released version 1.6-dev5 with the following main changes : - MINOR: dns: dns_resolution structure update: time_t to unsigned int - BUG/MEDIUM: dns: DNS resolution doesn't start - BUG/MAJOR: dns: dns client resolution infinite loop - MINOR: dns: coding style update - MINOR: dns: new bitmasks to use against DNS flags - MINOR: dns: dns_nameserver structure update: new counter for truncated response - MINOR: dns: New DNS response analysis code: DNS_RESP_TRUNCATED - MEDIUM: dns: handling of truncated response - MINOR: DNS client query type failover management - MINOR: dns: no expected DNS record type found - MINOR: dns: new flag to report that no IP can be found in a DNS response packet - BUG/MINOR: DNS request retry counter used for retry only - DOC: DNS documentation updated - MEDIUM: actions: remove ACTION_STOP - BUG/MEDIUM: lua: outgoing connection was broken since 1.6-dev2 (bis) - BUG/MINOR: lua: last log character truncated. - CLEANUP: typo: bad indent - CLEANUP: actions: missplaced includes - MINOR: build: missing header - CLEANUP: lua: Merge log functions - BUG/MAJOR: http: don't manipulate the server connection if it's killed - BUG/MINOR: http: remove stupid HTTP_METH_NONE entry - BUG/MAJOR: http: don't call http_send_name_header() after an error - MEDIUM: tools: make str2sa_range() optionally return the FQDN - BUG/MINOR: tools: make str2sa_range() report unresolvable addresses - BUG/MEDIUM: dns: use the correct server hostname when resolving |
||
Willy Tarreau
|
61d301fbfb |
[RELEASE] Released version 1.6-dev4
Released version 1.6-dev4 with the following main changes : - MINOR: log: Add log-format variable %HQ, to log HTTP query strings - DOC: typo in 'redirect', 302 code meaning - DOC: typos in tcp-check expect examples - DOC: resolve-prefer default value and default-server update - MINOR: DNS counters: increment valid counter - BUG/MEDIUM: DNS resolution response parsing broken - MINOR: server: add new SRV_ADMF_CMAINT flag - MINOR: server SRV_ADMF_CMAINT flag doesn't imply SRV_ADMF_FMAINT - BUG/MEDIUM: dns: wrong first time DNS resolution - BUG/MEDIUM: lua: Lua tasks fail to start. - BUILD: add USE_LUA to BUILD_OPTIONS when it's used - DOC/MINOR: fix OpenBSD versions where haproxy works - MINOR: 51d: unable to start haproxy without "51degrees-data-file" - BUG/MEDIUM: peers: fix wrong message id on stick table updates acknowledgement. - BUG/MAJOR: peers: fix current table pointer not re-initialized on session release. - BUILD: ssl: Allow building against libssl without SSLv3. - DOC: clarify some points about SSL and the proxy protocol - DOC: mention support for RFC 5077 TLS Ticket extension in starter guide - BUG/MEDIUM: mailer: DATA part must be terminated with <CRLF>.<CRLF> - DOC: match several lua configuration option names to those implemented in code - MINOR cfgparse: Correct the mailer warning text to show the right names to the user - BUG/MINOR: ssl: TLS Ticket Key rotation broken via socket command - MINOR: stream: initialize the current_rule field to NULL on stream init - BUG/MEDIUM: lua: timeout error with converters, wrapper and actions. - CLEANUP: proto_http: remove useless initialisation - CLEANUP: http/tcp actions: remove the scope member - BUG/MINOR: proto_tcp: custom action continue is ignored - MINOR: proto_tcp: add session in the action prototype - MINOR: vars: reduce the code size of some wrappers - MINOR: Move http method enum from proto_http to sample - MINOR: sample: Add ipv6 to ipv4 and sint to ipv6 casts - MINOR: sample/proto_tcp: export "smp_fetch_src" - MEDIUM: cli: rely on the map's output type instead of the sample type - BUG/MEDIUM: stream: The stream doen't inherit SC from the session - BUG/MEDIUM: vars: segfault during the configuration parsing - BUG/MEDIUM: stick-tables: refcount error after copying SC for the session to the stream - BUG/MEDIUM: lua: bad error processing - MINOR: samples: rename a struct from sample_storage to sample_data - MINOR: samples: rename some struct member from "smp" to "data" - MEDIUM: samples: Use the "struct sample_data" in the "struct sample" - MINOR: samples: extract the anonymous union and create the union sample_value - MINOR: samples: rename union from "data" to "u" - MEDIUM: 51degrees: Adapt the 51Degrees library - MINOR: samples: data assignation simplification - MEDIUM: pattern/map: Maps can returns various types - MINOR: map: The map can return IPv4 and IPv6 - MEDIUM: actions: Merge (http|tcp)-(request|reponse) action structs - MINOR: actions: Remove the data opaque pointer - MINOR: lua: use the hlua_rule type in place of opaque type - MINOR: vars: use the vars types as argument in place of opaque type - MINOR: proto_http: use an "expr" type in place of generic opaque type. - MINOR: proto_http: replace generic opaque types by real used types for the actions on thr request line - MINOR: proto_http: replace generic opaque types by real used types in "http_capture" - MINOR: proto_http: replace generic opaque types by real used types in "http_capture" by id - MEDIUM: track-sc: Move the track-sc configuration storage in the union - MEDIUM: capture: Move the capture configuration storage in the union - MINOR: actions: add "from" information - MINOR: actions: remove the mark indicating the last entry in enum - MINOR: actions: Declare all the embedded actions in the same header file - MINOR: actions: change actions names - MEDIUM: actions: Add standard return code for the action API - MEDIUM: actions: Merge (http|tcp)-(request|reponse) keywords structs - MINOR: proto_tcp: proto_tcp.h is now useles - MINOR: actions: mutualise the action keyword lookup - MEDIUM: actions: Normalize the return code of the configuration parsers - MINOR: actions: Remove wrappers - MAJOR: stick-tables: use sample types in place of dedicated types - MEDIUM: stick-tables: use the sample type names - MAJOR: stick-tables: remove key storage from the key struct - MEDIUM: stick-tables: Add GPT0 in the stick tables - MINOR: stick-tables: Add GPT0 access - MINOR: stick-tables: Add GPC0 actions - BUG/MEDIUM: lua: the lua fucntion Channel:close() causes a segfault - DOC: ssl: missing LF - MINOR: lua: add core.done() function - DOC: fix function name - BUG/MINOR: lua: in some case a sample may remain undefined - DOC: fix "http_action_set_req_line()" comments - MINOR: http: Action for manipulating the returned status code. - MEDIUM: lua: turns txn:close into txn:done - BUG/MEDIUM: lua: cannot process more Lua hooks after a "done()" function call - BUILD: link with libdl if needed for Lua support - CLEANUP: backend: factor out objt_server() in connect_server() - MEDIUM: backend: don't call si_alloc_conn() when we reuse a valid connection - MEDIUM: stream-int: simplify si_alloc_conn() - MINOR: stream-int: add new function si_detach_endpoint() - MINOR: server: add a list of private idle connections - MINOR: connection: add a new list member in the connection struct - MEDIUM: stream-int: queue idle connections at the server - MINOR: stream-int: make si_idle_conn() only accept valid connections - MINOR: server: add a list of already used idle connections - MINOR: connection: add a new flag CO_FL_PRIVATE - MINOR: config: add new setting "http-reuse" - MAJOR: backend: initial work towards connection reuse - MAJOR: backend: improve the connection reuse mechanism - MEDIUM: backend: implement "http-reuse safe" - MINOR: server: add a list of safe, already reused idle connections - MEDIUM: backend: add the "http-reuse aggressive" strategy - DOC: document the new http-reuse directive - DOC: internals: document next steps for HTTP connection reuse - DOC: mention that %ms is left-padded with zeroes. - MINOR: init: indicate to check 'bind' lines when no listeners were found. - MAJOR: http: remove references to appsession - CLEANUP: config: remove appsession initialization - CLEANUP: appsession: remove appsession.c and sessionhash.c - CLEANUP: tests: remove sessionhash_test.c and test-cookie-appsess.cfg - CLEANUP: proxy: remove last references to appsession - CLEANUP: appsession: remove the last include files - DOC: remove documentation about appsession - CLEANUP: .gitignore: ignore more test files - CLEANUP: .gitignore: finally ignore everything but what is known. - MEDIUM: config: emit a warning on a frontend without listener - DOC: add doc/internals/entities-v2.txt - DOC: add doc/linux-syn-cookies.txt - DOC: add design thoughts on HTTP/2 - DOC: add some thoughts on connection sharing for HTTP/2 - DOC: add design thoughts on dynamic buffer allocation - BUG/MEDIUM: counters: ensure that src_{inc,clr}_gpc0 creates a missing entry - DOC: add new file intro.txt - MAJOR: tproxy: remove support for cttproxy - BUG/MEDIUM: lua: outgoing connection was broken since 1.6-dev2 - DOC: lua: replace txn:close with txn:done in lua-api - DOC: intro: minor updates and fixes - DOC: intro: fix too long line. - DOC: fix example of http-request using ssl_fc_session_id - BUG/MEDIUM: lua: txn:done() still causes a segfault in TCP mode - CLEANUP: lua: fix some indent issues - BUG/MEDIUM: lua: fix a segfault in txn:done() if called twice - DOC: lua: mention than txn:close was renamed txn:done. |
||
Willy Tarreau
|
50bdda6e51 |
[RELEASE] Released version 1.6-dev3
Released version 1.6-dev3 with the following main changes : - CLEANUP: sample: generalize sample_fetch_string() as sample_fetch_as_type() - MEDIUM: http: Add new 'set-src' option to http-request - DOC usesrc root privileges requirments - BUG/MINOR: dns: wrong time unit for some DNS default parameters - MINOR: proxy: bit field for proxy_find_best_match diff status - MINOR: server: new server flag: SRV_F_FORCED_ID - MINOR: server: server_find functions: id, name, best_match - DOC: dns: fix chapters syntax - BUILD/MINOR: tools: rename popcount to my_popcountl - BUILD: add netbsd TARGET - MEDIUM: 51Degrees code refactoring and cleanup - MEDIUM: 51d: add LRU-based cache on User-Agent string detection - DOC: add notes about the "51degrees-cache-size" parameter - BUG/MEDIUM: 51d: possible incorrect operations on smp->data.str.str - BUG/MAJOR: connection: fix TLV offset calculation for proxy protocol v2 parsing - MINOR: Add sample fetch to detect Supported Elliptic Curves Extension - BUG/MINOR: payload: Add volatile flag to smp_fetch_req_ssl_ec_ext - BUG/MINOR: lua: type error in the arguments wrapper - CLEANUP: vars: remove unused struct - BUG/MINOR: http/sample: gmtime/localtime can fail - MINOR: standard: add 64 bits conversion functions - MAJOR: sample: converts uint and sint in 64 bits signed integer - MAJOR: arg: converts uint and sint in sint - MEDIUM: sample: switch to saturated arithmetic - MINOR: vars: returns variable content - MEDIUM: vars/sample: operators can use variables as parameter - BUG/MINOR: ssl: fix smp_fetch_ssl_fc_session_id - BUILD/MINOR: lua: fix a harmless build warning - BUILD/MINOR: stats: fix build warning due to condition always true - BUG/MAJOR: lru: fix unconditional call to free due to unexpected semi-colon - BUG/MEDIUM: logs: fix improper systematic use of quotes with a few tags - BUILD/MINOR: lua: ensure that hlua_ctx_destroy is properly defined - BUG/MEDIUM: lru: fix possible memory leak when ->free() is used - MINOR: vars: make the accounting not depend on the stream - MEDIUM: vars: move the session variables to the session, not the stream - BUG/MEDIUM: vars: do not freeze the connection when the expression cannot be fetched - BUG/MAJOR: buffers: make the buffer_slow_realign() function respect output data - BUG/MAJOR: tcp: tcp rulesets were still broken - MINOR: stats: improve compression stats reporting - MINOR: ssl: make self-generated certs also work with raw IPv6 addresses - CLEANUP: ssl: make ssl_sock_generated_cert_serial() take a const - CLEANUP: ssl: make ssl_sock_generate_certificate() use ssl_sock_generated_cert_serial() - BUG/MINOR: log: missing some ARGC_* entries in fmt_directives() - MINOR: args: add new context for servers - MINOR: stream: maintain consistence between channel_forward and HTTP forward - MINOR: ssl: provide ia function to set the SNI extension on a connection - MEDIUM: ssl: add sni support on the server lines - CLEANUP: stream: remove a useless call to si_detach() - CLEANUP: stream-int: fix a few outdated comments about stream_int_register_handler() - CLEANUP: stream-int: remove stream_int_unregister_handler() and si_detach() - MINOR: stream-int: only use si_release_endpoint() to release a connection - MINOR: standard: provide htonll() and ntohll() - CLEANUP/MINOR: dns: dns_str_to_dn_label() only needs a const char - BUG/MAJOR: dns: fix the length of the string to be copied |
||
Willy Tarreau
|
ad90f0d1aa |
[RELEASE] Released version 1.6-dev2
Released version 1.6-dev2 with the following main changes :
- BUG/MINOR: ssl: Display correct filename in error message
- MEDIUM: logs: Add HTTP request-line log format directives
- BUG/MEDIUM: check: tcpcheck regression introduced by
|
||
Willy Tarreau
|
8747b6dbc8 |
[RELEASE] Released version 1.6-dev1
Released version 1.6-dev1 with the following main changes : - CLEANUP: extract temporary $CFG to eliminate duplication - CLEANUP: extract temporary $BIN to eliminate duplication - CLEANUP: extract temporary $PIDFILE to eliminate duplication - CLEANUP: extract temporary $LOCKFILE to eliminate duplication - CLEANUP: extract quiet_check() to avoid duplication - BUG/MINOR: don't start haproxy on reload - DOC: Address issue where documentation is excluded due to a gitignore rule. - BUG/MEDIUM: systemd: set KillMode to 'mixed' - BUILD: fix "make install" to support spaces in the install dirs - BUG/MINOR: config: http-request replace-header arg typo - BUG: config: error in http-response replace-header number of arguments - DOC: missing track-sc* in http-request rules - BUILD: lua: missing ifdef related to SSL when enabling LUA - BUG/MEDIUM: regex: fix pcre_study error handling - MEDIUM: regex: Use pcre_study always when PCRE is used, regardless of JIT - BUG/MINOR: Fix search for -p argument in systemd wrapper. - MEDIUM: Improve signal handling in systemd wrapper. - DOC: fix typo in Unix Socket commands - BUG/MEDIUM: checks: external checks can't change server status to UP - BUG/MEDIUM: checks: segfault with external checks in a backend section - BUG/MINOR: checks: external checks shouldn't wait for timeout to return the result - BUG/MEDIUM: auth: fix segfault with http-auth and a configuration with an unknown encryption algorithm - BUG/MEDIUM: config: userlists should ensure that encrypted passwords are supported - BUG/MINOR: config: don't propagate process binding for dynamic use_backend - BUG/MINOR: log: fix request flags when keep-alive is enabled - BUG/MEDIUM: checks: fix conflicts between agent checks and ssl healthchecks - MINOR: checks: allow external checks in backend sections - MEDIUM: checks: provide environment variables to the external checks - MINOR: checks: update dynamic environment variables in external checks - DOC: checks: environment variables used by "external-check command" - BUG/MEDIUM: backend: correctly detect the domain when use_domain_only is used - MINOR: ssl: load certificates in alphabetical order - BUG/MINOR: checks: prevent http keep-alive with http-check expect - MINOR: lua: typo in an error message - MINOR: report the Lua version in -vv - MINOR: lua: add a compilation error message when compiled with an incompatible version - BUG/MEDIUM: lua: segfault when calling haproxy sample fetches from lua - BUILD: try to automatically detect the Lua library name - BUILD/CLEANUP: systemd: avoid a warning due to mixed code and declaration - BUG/MEDIUM: backend: Update hash to use unsigned int throughout - BUG/MEDIUM: connection: fix memory corruption when building a proxy v2 header - MEDIUM: connection: add new bit in Proxy Protocol V2 - BUG/MINOR: ssl: rejects OCSP response without nextupdate. - BUG/MEDIUM: ssl: Fix to not serve expired OCSP responses. - BUG/MINOR: ssl: Fix OCSP resp update fails with the same certificate configured twice. - BUG/MINOR: ssl: Fix external function in order not to return a pointer on an internal trash buffer. - MINOR: add fetchs 'ssl_c_der' and 'ssl_f_der' to return DER formatted certs - MINOR: ssl: add statement to force some ssl options in global. - BUG/MINOR: ssl: correctly initialize ssl ctx for invalid certificates - BUG/MEDIUM: ssl: fix bad ssl context init can cause segfault in case of OOM. - BUG/MINOR: samples: fix unnecessary memcopy converting binary to string. - MINOR: samples: adds the bytes converter. - MINOR: samples: adds the field converter. - MINOR: samples: add the word converter. - BUG/MINOR: server: move the directive #endif to the end of file - BUG/MAJOR: buffer: check the space left is enough or not when input data in a buffer is wrapped - DOC: fix a few typos - CLEANUP: epoll: epoll_events should be allocated according to global.tune.maxpollevents - BUG/MINOR: http: fix typo: "401 Unauthorized" => "407 Unauthorized" - BUG/MINOR: parse: refer curproxy instead of proxy - BUG/MINOR: parse: check the validity of size string in a more strict way - BUILD: add new target 'make uninstall' to support uninstalling haproxy from OS - DOC: expand the docs for the provided stats. - BUG/MEDIUM: unix: do not unlink() abstract namespace sockets upon failure. - MEDIUM: ssl: Certificate Transparency support - MEDIUM: stats: proxied stats admin forms fix - MEDIUM: http: Compress HTTP responses with status codes 201,202,203 in addition to 200 - BUG/MEDIUM: connection: sanitize PPv2 header length before parsing address information - MAJOR: namespace: add Linux network namespace support - MINOR: systemd: Check configuration before start - BUILD: ssl: handle boringssl in openssl version detection - BUILD: ssl: disable OCSP when using boringssl - BUILD: ssl: don't call get_rfc2409_prime when using boringssl - MINOR: ssl: don't use boringssl's cipher_list - BUILD: ssl: use OPENSSL_NO_OCSP to detect OCSP support - MINOR: stats: fix minor typo in HTML page - MINOR: Also accept SIGHUP/SIGTERM in systemd-wrapper - MEDIUM: Add support for configurable TLS ticket keys - DOC: Document the new tls-ticket-keys bind keyword - DOC: clearly state that the "show sess" output format is not fixed - MINOR: stats: fix minor typo fix in stats_dump_errors_to_buffer() - DOC: httplog does not support 'no' - BUG/MEDIUM: ssl: Fix a memory leak in DHE key exchange - MINOR: ssl: use SSL_get_ciphers() instead of directly accessing the cipher list. - BUG/MEDIUM: Consistently use 'check' in process_chk - MEDIUM: Add external check - BUG/MEDIUM: Do not set agent health to zero if server is disabled in config - MEDIUM/BUG: Only explicitly report "DOWN (agent)" if the agent health is zero - MEDIUM: Remove connect_chk - MEDIUM: Refactor init_check and move to checks.c - MEDIUM: Add free_check() helper - MEDIUM: Move proto and addr fields struct check - MEDIUM: Attach tcpcheck_rules to check - MEDIUM: Add parsing of mailers section - MEDIUM: Allow configuration of email alerts - MEDIUM: Support sending email alerts - DOC: Document email alerts - MINOR: Remove trailing '.' from email alert messages - MEDIUM: Allow suppression of email alerts by log level - BUG/MEDIUM: Do not consider an agent check as failed on L7 error - MINOR: deinit: fix memory leak - MINOR: http: export the function 'smp_fetch_base32' - BUG/MEDIUM: http: tarpit timeout is reset - MINOR: sample: add "json" converter - BUG/MEDIUM: pattern: don't load more than once a pattern list. - MINOR: map/acl/dumpstats: remove the "Done." message - BUG/MAJOR: ns: HAProxy segfault if the cli_conn is not from a network connection - BUG/MINOR: pattern: error message missing - BUG/MEDIUM: pattern: some entries are not deleted with case insensitive match - BUG/MINOR: ARG6 and ARG7 don't fit in a 32 bits word - MAJOR: poll: only rely on wake_expired_tasks() to compute the wait delay - MEDIUM: task: call session analyzers if the task is woken by a message. - MEDIUM: protocol: automatically pick the proto associated to the connection. - MEDIUM: channel: wake up any request analyzer on response activity - MINOR: converters: add a "void *private" argument to converters - MINOR: converters: give the session pointer as converter argument - MINOR: sample: add private argument to the struct sample_fetch - MINOR: global: export function and permits to not resolve DNS names - MINOR: sample: add function for browsing samples. - MINOR: global: export many symbols. - MINOR: includes: fix a lot of missing or useless includes - MEDIUM: tcp: add register keyword system. - MEDIUM: buffer: make bo_putblk/bo_putstr/bo_putchk return the number of bytes copied. - MEDIUM: http: change the code returned by the response processing rule functions - MEDIUM: http/tcp: permit to resume http and tcp custom actions - MINOR: channel: functions to get data from a buffer without copy - MEDIUM: lua: lua integration in the build and init system. - MINOR: lua: add ease functions - MINOR: lua: add runtime execution context - MEDIUM: lua: "com" signals - MINOR: lua: add the configuration directive "lua-load" - MINOR: lua: core: create "core" class and object - MINOR: lua: post initialisation bindings - MEDIUM: lua: add coroutine as tasks. - MINOR: lua: add sample and args type converters - MINOR: lua: txn: create class TXN associated with the transaction. - MINOR: lua: add shared context in the lua stack - MINOR: lua: txn: import existing sample-fetches in the class TXN - MINOR: lua: txn: add lua function in TXN that returns an array of http headers - MINOR: lua: register and execute sample-fetches in LUA - MINOR: lua: register and execute converters in LUA - MINOR: lua: add bindings for tcp and http actions - MINOR: lua: core: add sleep functions - MEDIUM: lua: socket: add "socket" class for TCP I/O - MINOR: lua: core: pattern and acl manipulation - MINOR: lua: channel: add "channel" class - MINOR: lua: txn: object "txn" provides two objects "channel" - MINOR: lua: core: can set the nice of the current task - MINOR: lua: core: can yield an execution stack - MINOR: lua: txn: add binding for closing the client connection. - MEDIUM: lua: Lua initialisation "on demand" - BUG/MAJOR: lua: send function fails and return bad bytes - MINOR: remove unused declaration. - MINOR: lua: remove some #define - MINOR: lua: use bitfield and macro in place of integer and enum - MINOR: lua: set skeleton for Lua execution expiration - MEDIUM: lua: each yielding function returns a wake up time. - MINOR: lua: adds "forced yield" flag - MEDIUM: lua: interrupt the Lua execution for running other process - MEDIUM: lua: change the sleep function core - BUG/MEDIUM: lua: the execution timeout is ignored in yield case - DOC: lua: Lua configuration documentation - MINOR: lua: add the struct session in the lua channel struct - BUG/MINOR: lua: set buffer if it is nnot avalaible. - BUG/MEDIUM: lua: reset flags before resuming execution - BUG/MEDIUM: lua: fix infinite loop about channel - BUG/MEDIUM: lua: the Lua process is not waked up after sending data on requests side - BUG/MEDIUM: lua: many errors when we try to send data with the channel API - MEDIUM: lua: use the Lua-5.3 version of the library - BUG/MAJOR: lua: some function are not yieldable, the forced yield causes errors - BUG/MEDIUM: lua: can't handle the response bytes - BUG/MEDIUM: lua: segfault with buffer_replace2 - BUG/MINOR: lua: check buffers before initializing socket - BUG/MINOR: log: segfault if there are no proxy reference - BUG/MEDIUM: lua: sockets don't have buffer to write data - BUG/MEDIUM: lua: cannot connect socket - BUG/MINOR: lua: sockets receive behavior doesn't follows the specs - BUG/BUILD: lua: The strict Lua 5.3 version check is not done. - BUG/MEDIUM: buffer: one byte miss in buffer free space check - MEDIUM: lua: make the functions hlua_gethlua() and hlua_sethlua() faster - MINOR: replace the Core object by a simple model. - MEDIUM: lua: change the objects configuration - MEDIUM: lua: create a namespace for the fetches - MINOR: converters: add function to browse converters - MINOR: lua: wrapper for converters - MINOR: lua: replace function (req|get)_channel by a variable - MINOR: lua: fetches and converters can return an empty string in place of nil - DOC: lua api - BUG/MEDIUM: sample: fix random number upper-bound - BUG/MINOR: stats:Fix incorrect printf type. - BUG/MAJOR: session: revert all the crappy client-side timeout changes - BUG/MINOR: logs: properly initialize and count log sockets - BUG/MEDIUM: http: fetch "base" is not compatible with set-header - BUG/MINOR: counters: do not untrack counters before logging - BUG/MAJOR: sample: correctly reinitialize sample fetch context before calling sample_process() - MINOR: stick-table: make stktable_fetch_key() indicate why it failed - BUG/MEDIUM: counters: fix track-sc* to wait on unstable contents - BUILD: remove TODO from the spec file and add README - MINOR: log: make MAX_SYSLOG_LEN overridable at build time - MEDIUM: log: support a user-configurable max log line length - DOC: provide an example of how to use ssl_c_sha1 - BUILD: checks: external checker needs signal.h - BUILD: checks: kill a minor warning on Solaris in external checks - BUILD: http: fix isdigit & isspace warnings on Solaris - BUG/MINOR: listener: set the listener's fd to -1 after deletion - BUG/MEDIUM: unix: failed abstract socket binding is retryable - MEDIUM: listener: implement a per-protocol pause() function - MEDIUM: listener: support rebinding during resume() - BUG/MEDIUM: unix: completely unbind abstract sockets during a pause() - DOC: explicitly mention the limits of abstract namespace sockets - DOC: minor fix on {sc,src}_kbytes_{in,out} - DOC: fix alphabetical sort of converters - MEDIUM: stick-table: implement lookup from a sample fetch - MEDIUM: stick-table: add new converters to fetch table data - MINOR: samples: add two converters for the date format - BUG/MAJOR: http: correctly rewind the request body after start of forwarding - DOC: remove references to CPU=native in the README - DOC: mention that "compression offload" is ignored in defaults section - DOC: mention that Squid correctly responds 400 to PPv2 header - BUILD: fix dependencies between config and compat.h - MINOR: session: export the function 'smp_fetch_sc_stkctr' - MEDIUM: stick-table: make it easier to register extra data types - BUG/MINOR: http: base32+src should use the big endian version of base32 - MINOR: sample: allow IP address to cast to binary - MINOR: sample: add new converters to hash input - MINOR: sample: allow integers to cast to binary - BUILD: report commit ID in git versions as well - CLEANUP: session: move the stick counters declarations to stick_table.h - MEDIUM: http: add the track-sc* actions to http-request rules - BUG/MEDIUM: connection: fix proxy v2 header again! - BUG/MAJOR: tcp: fix a possible busy spinning loop in content track-sc* - OPTIM/MINOR: proxy: reduce struct proxy by 48 bytes on 64-bit archs - MINOR: log: add a new field "%lc" to implement a per-frontend log counter - BUG/MEDIUM: http: fix inverted condition in pat_match_meth() - BUG/MEDIUM: http: fix improper parsing of HTTP methods for use with ACLs - BUG/MINOR: pattern: remove useless allocation of unused trash in pat_parse_reg() - BUG/MEDIUM: acl: correctly compute the output type when a converter is used - CLEANUP: acl: cleanup some of the redundancy and spaghetti after last fix - BUG/CRITICAL: http: don't update msg->sov once data start to leave the buffer - MEDIUM: http: enable header manipulation for 101 responses - BUG/MEDIUM: config: propagate frontend to backend process binding again. - MEDIUM: config: properly propagate process binding between proxies - MEDIUM: config: make the frontends automatically bind to the listeners' processes - MEDIUM: config: compute the exact bind-process before listener's maxaccept - MEDIUM: config: only warn if stats are attached to multi-process bind directives - MEDIUM: config: report it when tcp-request rules are misplaced - DOC: indicate in the doc that track-sc* can wait if data are missing - MINOR: config: detect the case where a tcp-request content rule has no inspect-delay - MEDIUM: systemd-wrapper: support multiple executable versions and names - BUG/MEDIUM: remove debugging code from systemd-wrapper - BUG/MEDIUM: http: adjust close mode when switching to backend - BUG/MINOR: config: don't propagate process binding on fatal errors. - BUG/MEDIUM: check: rule-less tcp-check must detect connect failures - BUG/MINOR: tcp-check: report the correct failed step in the status - DOC: indicate that weight zero is reported as DRAIN - BUG/MEDIUM: config: avoid skipping disabled proxies - BUG/MINOR: config: do not accept more track-sc than configured - BUG/MEDIUM: backend: fix URI hash when a query string is present - BUG/MEDIUM: http: don't dump debug headers on MSG_ERROR - BUG/MAJOR: cli: explicitly call cli_release_handler() upon error - BUG/MEDIUM: tcp: fix outgoing polling based on proxy protocol - BUILD/MINOR: ssl: de-constify "ciphers" to avoid a warning on openssl-0.9.8 - BUG/MEDIUM: tcp: don't use SO_ORIGINAL_DST on non-AF_INET sockets - BUG/BUILD: revert accidental change in the makefile from latest SSL fix - BUG/MEDIUM: ssl: force a full GC in case of memory shortage - MEDIUM: ssl: add support for smaller SSL records - MINOR: session: release a few other pools when stopping - MINOR: task: release the task pool when stopping - BUG/MINOR: config: don't inherit the default balance algorithm in frontends - BUG/MAJOR: frontend: initialize capture pointers earlier - BUG/MINOR: stats: correctly set the request/response analysers - MAJOR: polling: centralize calls to I/O callbacks - DOC: fix typo in the body parser documentation for msg.sov - BUG/MINOR: peers: the buffer size is global.tune.bufsize, not trash.size - MINOR: sample: add a few basic internal fetches (nbproc, proc, stopping) - DEBUG: pools: apply poisonning on every allocated pool - BUG/MAJOR: sessions: unlink session from list on out of memory - BUG/MEDIUM: patterns: previous fix was incomplete - BUG/MEDIUM: payload: ensure that a request channel is available - BUG/MINOR: tcp-check: don't condition data polling on check type - BUG/MEDIUM: tcp-check: don't rely on random memory contents - BUG/MEDIUM: tcp-checks: disable quick-ack unless next rule is an expect - BUG/MINOR: config: fix typo in condition when propagating process binding - BUG/MEDIUM: config: do not propagate processes between stopped processes - BUG/MAJOR: stream-int: properly check the memory allocation return - BUG/MEDIUM: memory: fix freeing logic in pool_gc2() - BUG/MAJOR: namespaces: conn->target is not necessarily a server - BUG/MEDIUM: compression: correctly report zlib_mem - CLEANUP: lists: remove dead code - CLEANUP: memory: remove dead code - CLEANUP: memory: replace macros pool_alloc2/pool_free2 with functions - MINOR: memory: cut pool allocator in 3 layers - MEDIUM: memory: improve pool_refill_alloc() to pass a refill count - MINOR: stream-int: retrieve session pointer from stream-int - MINOR: buffer: reset a buffer in b_reset() and not channel_init() - MEDIUM: buffer: use b_alloc() to allocate and initialize a buffer - MINOR: buffer: move buffer initialization after channel initialization - MINOR: buffer: only use b_free to release buffers - MEDIUM: buffer: always assign a dummy empty buffer to channels - MEDIUM: buffer: add a new buf_wanted dummy buffer to report failed allocations - MEDIUM: channel: do not report full when buf_empty is present on a channel - MINOR: session: group buffer allocations together - MINOR: buffer: implement b_alloc_fast() - MEDIUM: buffer: implement b_alloc_margin() - MEDIUM: session: implement a basic atomic buffer allocator - MAJOR: session: implement a wait-queue for sessions who need a buffer - MAJOR: session: only allocate buffers when needed - MINOR: stats: report a "waiting" flags for sessions - MAJOR: session: only wake up as many sessions as available buffers permit - MINOR: config: implement global setting tune.buffers.reserve - MINOR: config: implement global setting tune.buffers.limit - MEDIUM: channel: implement a zero-copy buffer transfer - MEDIUM: stream-int: support splicing from applets - OPTIM: stream-int: try to send pending spliced data - CLEANUP: session: remove session_from_task() - DOC: add missing entry for log-format and clarify the text - MINOR: logs: add a new per-proxy "log-tag" directive - BUG/MEDIUM: http: fix header removal when previous header ends with pure LF - MINOR: config: extend the default max hostname length to 64 and beyond - BUG/MEDIUM: channel: fix possible integer overflow on reserved size computation - BUG/MINOR: channel: compare to_forward with buf->i, not buf->size - MINOR: channel: add channel_in_transit() - MEDIUM: channel: make buffer_reserved() use channel_in_transit() - MEDIUM: channel: make bi_avail() use channel_in_transit() - BUG/MEDIUM: channel: don't schedule data in transit for leaving until connected - CLEANUP: channel: rename channel_reserved -> channel_is_rewritable - MINOR: channel: rename channel_full() to !channel_may_recv() - MINOR: channel: rename buffer_reserved() to channel_reserved() - MINOR: channel: rename buffer_max_len() to channel_recv_limit() - MINOR: channel: rename bi_avail() to channel_recv_max() - MINOR: channel: rename bi_erase() to channel_truncate() - BUG/MAJOR: log: don't try to emit a log if no logger is set - MINOR: tools: add new round_2dig() function to round integers - MINOR: global: always export some SSL-specific metrics - MINOR: global: report information about the cost of SSL connections - MAJOR: init: automatically set maxconn and/or maxsslconn when possible - MINOR: http: add a new fetch "query" to extract the request's query string - MINOR: hash: add new function hash_crc32 - MINOR: samples: provide a "crc32" converter - MEDIUM: backend: add the crc32 hash algorithm for load balancing - BUG/MINOR: args: add missing entry for ARGT_MAP in arg_type_names - BUG/MEDIUM: http: make http-request set-header compute the string before removal - MEDIUM: args: use #define to specify the number of bits used by arg types and counts - MEDIUM: args: increase arg type to 5 bits and limit arg count to 5 - MINOR: args: add type-specific flags for each arg in a list - MINOR: args: implement a new arg type for regex : ARGT_REG - MEDIUM: regex: add support for passing regex flags to regex_exec_match() - MEDIUM: samples: add a regsub converter to perform regex-based transformations - BUG/MINOR: sample: fix case sensitivity for the regsub converter - MEDIUM: http: implement http-request set-{method,path,query,uri} - DOC: fix missing closing brackend on regsub - MEDIUM: samples: provide basic arithmetic and bitwise operators - MEDIUM: init: continue to enforce SYSTEM_MAXCONN with auto settings if set - BUG/MINOR: http: fix incorrect header value offset in replace-hdr/replace-value - BUG/MINOR: http: abort request processing on filter failure - MEDIUM: tcp: implement tcp-ut bind option to set TCP_USER_TIMEOUT - MINOR: ssl/server: add the "no-ssl-reuse" server option - BUG/MAJOR: peers: initialize s->buffer_wait when creating the session - MINOR: http: add a new function to iterate over each header line - MINOR: http: add the new sample fetches req.hdr_names and res.hdr_names - MEDIUM: task: always ensure that the run queue is consistent - BUILD: Makefile: add -Wdeclaration-after-statement - BUILD/CLEANUP: ssl: avoid a warning due to mixed code and declaration - BUILD/CLEANUP: config: silent 3 warnings about mixed declarations with code - MEDIUM: protocol: use a family array to index the protocol handlers - BUILD: lua: cleanup many mixed occurrences declarations & code - BUG/MEDIUM: task: fix recently introduced scheduler skew - BUG/MINOR: lua: report the correct function name in an error message - BUG/MAJOR: http: fix stats regression consecutive to HTTP_RULE_RES_YIELD - Revert "BUG/MEDIUM: lua: can't handle the response bytes" - MINOR: lua: convert IP addresses to type string - CLEANUP: lua: use the same function names in C and Lua - REORG/MAJOR: move session's req and resp channels back into the session - CLEANUP: remove now unused channel pool - REORG/MEDIUM: stream-int: introduce si_ic/si_oc to access channels - MEDIUM: stream-int: add a flag indicating which side the SI is on - MAJOR: stream-int: only rely on SI_FL_ISBACK to find the requested channel - MEDIUM: stream-interface: remove now unused pointers to channels - MEDIUM: stream-int: make si_sess() use the stream int's side - MEDIUM: stream-int: use si_task() to retrieve the task from the stream int - MEDIUM: stream-int: remove any reference to the owner - CLEANUP: stream-int: add si_ib/si_ob to dereference the buffers - CLEANUP: stream-int: add si_opposite() to find the other stream interface - REORG/MEDIUM: channel: only use chn_prod / chn_cons to find stream-interfaces - MEDIUM: channel: add a new flag "CF_ISRESP" for the response channel - MAJOR: channel: only rely on the new CF_ISRESP flag to find the SI - MEDIUM: channel: remove now unused ->prod and ->cons pointers - CLEANUP: session: simplify references to chn_{prod,cons}(&s->{req,res}) - CLEANUP: session: use local variables to access channels / stream ints - CLEANUP: session: don't needlessly pass a pointer to the stream-int - CLEANUP: session: don't use si_{ic,oc} when we know the session. - CLEANUP: stream-int: limit usage of si_ic/si_oc - CLEANUP: lua: limit usage of si_ic/si_oc - MINOR: channel: add chn_sess() helper to retrieve session from channel - MEDIUM: session: simplify receive buffer allocator to only use the channel - MEDIUM: lua: use CF_ISRESP to detect the channel's side - CLEANUP: lua: remove the session pointer from hlua_channel - CLEANUP: lua: hlua_channel_new() doesn't need the pointer to the session anymore - MEDIUM: lua: remove struct hlua_channel - MEDIUM: lua: remove hlua_sample_fetch |
||
Willy Tarreau
|
15480d7250 |
[DEV] open new 1.6 development branch
This new branch is based on 1.5.0, which 1.6-dev0 is 100% equivalent to. The README has been updated to mention that it is a development branch. Released version 1.6-dev0 with the following main changes : - exact copy of 1.5.0 |
||
Willy Tarreau
|
9229f1248f |
[RELEASE] Released version 1.5.0
Released version 1.5.0 with the following main changes : - MEDIUM: ssl: ignored file names ending as '.issuer' or '.ocsp'. - MEDIUM: ssl: basic OCSP stapling support. - MINOR: ssl/cli: Fix unapropriate comment in code on 'set ssl ocsp-response' - MEDIUM: ssl: add 300s supported time skew on OCSP response update. - MINOR: checks: mysql-check: Add support for v4.1+ authentication - MEDIUM: ssl: Add the option to use standardized DH parameters >= 1024 bits - MEDIUM: ssl: fix detection of ephemeral diffie-hellman key exchange by using the cipher description. - MEDIUM: http: add actions "replace-header" and "replace-values" in http-req/resp - MEDIUM: Break out check establishment into connect_chk() - MEDIUM: Add port_to_str helper - BUG/MEDIUM: fix ignored values for half-closed timeouts (client-fin and server-fin) in defaults section. - BUG/MEDIUM: Fix unhandled connections problem with systemd daemon mode and SO_REUSEPORT. - MINOR: regex: fix a little configuration memory leak. - MINOR: regex: Create JIT compatible function that return match strings - MEDIUM: regex: replace all standard regex function by own functions - MEDIUM: regex: Remove null terminated strings. - MINOR: regex: Use native PCRE API. - MINOR: missing regex.h include - DOC: Add Exim as Proxy Protocol implementer. - BUILD: don't use type "uint" which is not portable - BUILD: stats: workaround stupid and bogus -Werror=format-security behaviour - BUG/MEDIUM: http: clear CF_READ_NOEXP when preparing a new transaction - CLEANUP: http: don't clear CF_READ_NOEXP twice - DOC: fix proxy protocol v2 decoder example - DOC: fix remaining occurrences of "pattern extraction" - MINOR: log: allow the HTTP status code to be logged even in TCP frontends - MINOR: logs: don't limit HTTP header captures to HTTP frontends - MINOR: sample: improve sample_fetch_string() to report partial contents - MINOR: capture: extend the captures to support non-header keys - MINOR: tcp: prepare support for the "capture" action - MEDIUM: tcp: add a new tcp-request capture directive - MEDIUM: session: allow shorter retry delay if timeout connect is small - MEDIUM: session: don't apply the retry delay when redispatching - MEDIUM: session: redispatch earlier when possible - MINOR: config: warn when tcp-check rules are used without option tcp-check - BUG/MINOR: connection: make proxy protocol v1 support the UNKNOWN protocol - DOC: proxy protocol example parser was still wrong - DOC: minor updates to the proxy protocol doc - CLEANUP: connection: merge proxy proto v2 header and address block - MEDIUM: connection: add support for proxy protocol v2 in accept-proxy - MINOR: tools: add new functions to quote-encode strings - DOC: clarify the CSV format - MEDIUM: stats: report the last check and last agent's output on the CSV status - MINOR: freq_ctr: introduce a new averaging method - MEDIUM: session: maintain per-backend and per-server time statistics - MEDIUM: stats: report per-backend and per-server time stats in HTML and CSV outputs - BUG/MINOR: http: fix typos in previous patch - DOC: remove the ultra-obsolete TODO file - DOC: update roadmap - DOC: minor updates to the README - DOC: mention the maxconn limitations with the select poller - DOC: commit a few old design thoughts files |
||
Willy Tarreau
|
2e85840266 |
[RELEASE] Released version 1.5-dev26
Released version 1.5-dev26 with the following main changes : - BUG/MEDIUM: polling: fix possible CPU hogging of worker processes after receiving SIGUSR1. - BUG/MINOR: stats: fix a typo on a closing tag for a server tracking another one - OPTIM: stats: avoid the calculation of a useless link on tracking servers in maintenance - MINOR: fix a few memory usage errors - CONTRIB: halog: Filter input lines by date and time through timestamp - MINOR: ssl: SSL_CTX_set_options() and SSL_CTX_set_mode() take a long, not an int - BUG/MEDIUM: regex: fix risk of buffer overrun in exp_replace() - MINOR: acl: set "str" as default match for strings - DOC: Add some precisions about acl default matching method - MEDIUM: acl: strenghten the option parser to report invalid options - BUG/MEDIUM: config: a stats-less config crashes in 1.5-dev25 - BUG/MINOR: checks: tcp-check must not stop on '\0' for binary checks - MINOR: stats: improve alignment of color codes to save one line of header - MINOR: checks: simplify and improve reporting of state changes when using log-health-checks - MINOR: server: remove the SRV_DRAIN flag which can always be deduced - MINOR: server: use functions to detect state changes and to update them - MINOR: server: create srv_was_usable() from srv_is_usable() and use a pointer - BUG/MINOR: stats: do not report "100%" in the thottle column when server is draining - BUG/MAJOR: config: don't free valid regex memory - BUG/MEDIUM: session: don't clear CF_READ_NOEXP if analysers are not called - BUG/MINOR: stats: tracking servers may incorrectly report an inherited DRAIN status - MEDIUM: proxy: make timeout parser a bit stricter - REORG/MEDIUM: server: split server state and flags in two different variables - REORG/MEDIUM: server: move the maintenance bits out of the server state - MAJOR: server: use states instead of flags to store the server state - REORG: checks: put the functions in the appropriate files ! - MEDIUM: server: properly support and propagate the maintenance status - MEDIUM: server: allow multi-level server tracking - CLEANUP: checks: rename the server_status_printf function - MEDIUM: checks: simplify server up/down/nolb transitions - MAJOR: checks: move health checks changes to set_server_check_status() - MINOR: server: make the status reporting function support a reason - MINOR: checks: simplify health check reporting functions - MINOR: server: implement srv_set_stopped() - MINOR: server: implement srv_set_running() - MINOR: server: implement srv_set_stopping() - MEDIUM: checks: simplify failure notification using srv_set_stopped() - MEDIUM: checks: simplify success notification using srv_set_running() - MEDIUM: checks: simplify stopping mode notification using srv_set_stopping() - MEDIUM: stats: report a server's own state instead of the tracked one's - MINOR: server: make use of srv_is_usable() instead of checking eweight - MAJOR: checks: add support for a new "drain" administrative mode - MINOR: stats: use the admin flags for soft enable/disable/stop/start on the web page - MEDIUM: stats: introduce new actions to simplify admin status management - MINOR: cli: introduce a new "set server" command - MINOR: stats: report a distinct output for DOWN caused by agent - MINOR: checks: support specific check reporting for the agent - MINOR: checks: support a neutral check result - BUG/MINOR: cli: "agent" was missing from the "enable"/"disable" help message - MEDIUM: cli: add support for enabling/disabling health checks. - MEDIUM: stats: report down caused by agent prior to reporting up - MAJOR: agent: rework the response processing and support additional actions - MINOR: stats: improve the stats web page to support more actions - CONTRIB: halog: avoid calling time/localtime/mktime for each line - DOC: document the workarouds for Google Chrome's bogus pre-connect - MINOR: stats: report SSL key computations per second - MINOR: stats: add counters for SSL cache lookups and misses |
||
Willy Tarreau
|
a3393955da |
[RELEASE] Released version 1.5-dev25
Released version 1.5-dev25 with the following main changes : - MEDIUM: connection: Implement and extented PROXY Protocol V2 - MINOR: ssl: clean unused ACLs declarations - MINOR: ssl: adds fetchs and ACLs for ssl back connection. - MINOR: ssl: merge client's and frontend's certificate functions. - MINOR: ssl: adds ssl_f_sha1 fetch to return frontend's certificate fingerprint - MINOR: ssl: adds sample converter base64 for binary type. - MINOR: ssl: convert to binary ssl_fc_unique_id and ssl_bc_unique_id. - BUG/MAJOR: ssl: Fallback to private session cache if current lock mode is not supported. - MAJOR: ssl: Change default locks on ssl session cache. - BUG/MINOR: chunk: Fix function chunk_strcmp and chunk_strcasecmp match a substring. - MINOR: ssl: add global statement tune.ssl.force-private-cache. - MINOR: ssl: remove fallback to SSL session private cache if lock init fails. - BUG/MEDIUM: patterns: last fix was still not enough - MINOR: http: export the smp_fetch_cookie function - MINOR: http: generic pointer to rule argument - BUG/MEDIUM: pattern: a typo breaks automatic acl/map numbering - BUG/MAJOR: patterns: -i and -n are ignored for inlined patterns - BUG/MINOR: proxy: unsafe initialization of HTTP transaction when switching from TCP frontend - BUG/MINOR: http: log 407 in case of proxy auth - MINOR: http: rely on the message body parser to send 100-continue - MEDIUM: http: move reqadd after execution of http_request redirect - MEDIUM: http: jump to dedicated labels after http-request processing - BUG/MINOR: http: block rules forgot to increment the denied_req counter - BUG/MINOR: http: block rules forgot to increment the session's request counter - MEDIUM: http: move Connection header processing earlier - MEDIUM: http: remove even more of the spaghetti in the request path - MINOR: http: silently support the "block" action for http-request - CLEANUP: proxy: rename "block_cond" to "block_rules" - MEDIUM: http: emulate "block" rules using "http-request" rules - MINOR: http: remove the now unused loop over "block" rules - MEDIUM: http: factorize the "auth" action of http-request and stats - MEDIUM: http: make http-request rules processing return a verdict instead of a rule - MINOR: config: add minimum support for emitting warnings only once - MEDIUM: config: inform the user about the deprecatedness of "block" rules - MEDIUM: config: inform the user that "reqsetbe" is deprecated - MEDIUM: config: inform the user only once that "redispatch" is deprecated - MEDIUM: config: warn that '{cli,con,srv}timeout' are deprecated - BUG/MINOR: auth: fix wrong return type in pat_match_auth() - BUILD: config: remove a warning with clang - BUG/MAJOR: http: connection setup may stall on balance url_param - BUG/MEDIUM: http/session: disable client-side expiration only after body - BUG/MEDIUM: http: correctly report request body timeouts - BUG/MEDIUM: http: disable server-side expiration until client has sent the body - MEDIUM: listener: make the accept function more robust against pauses - BUILD: syscalls: remove improper inline statement in front of syscalls - BUILD: ssl: SSL_CTX_set_msg_callback() needs openssl >= 0.9.7 - BUG/MAJOR: session: recover the correct connection pointer in half-initialized sessions - DOC: add some explanation on the shared cache build options in the readme. - MEDIUM: proxy: only adjust the backend's bind-process when already set - MEDIUM: config: limit nbproc to the machine's word size - MEDIUM: config: check the bind-process settings according to nbproc - MEDIUM: listener: parse the new "process" bind keyword - MEDIUM: listener: inherit the process mask from the proxy - MAJOR: listener: only start listeners bound to the same processes - MINOR: config: only report a warning when stats sockets are bound to more than 1 process - CLEANUP: config: set the maxaccept value for peers listeners earlier - BUG/MINOR: backend: only match IPv4 addresses with RDP cookies - BUG/MINOR: checks: correctly configure the address family and protocol - MINOR: tools: split is_addr() and is_inet_addr() - MINOR: protocols: use is_inet_addr() when only INET addresses are desired - MEDIUM: unix: add preliminary support for connecting to servers over UNIX sockets - MEDIUM: checks: only complain about the missing port when the check uses TCP - MEDIUM: unix: implement support for Linux abstract namespace sockets - DOC: map_beg was missing from the table of map_* converters - DOC: ebtree: indicate that prefix insertion/lookup may be used with strings - MEDIUM: pattern: use ebtree's longest match to index/lookup string beginning - BUILD: remove the obsolete BSD and OSX makefiles - MEDIUM: unix: avoid a double connect probe when no data are sent - DOC: stop referencing the slow git repository in the README - BUILD: only build the systemd wrapper on Linux 2.6 and above - DOC: update roadmap with completed tasks - MEDIUM: session: implement half-closed timeouts (client-fin and server-fin) |
||
Willy Tarreau
|
8860dcd70a |
[RELEASE] Released version 1.5-dev24
Released version 1.5-dev24 with the following main changes : - MINOR: pattern: find element in a reference - MEDIUM: http: ACL and MAP updates through http-(request|response) rules - MEDIUM: ssl: explicitly log failed handshakes after a heartbeat - DOC: Full section dedicated to the converters - MEDIUM: http: register http-request and http-response keywords - BUG/MINOR: compression: correctly report incoming byte count - BUG/MINOR: http: don't report server aborts as client aborts - BUG/MEDIUM: channel: bi_putblk() must not wrap before the end of buffer - CLEANUP: buffers: remove unused function buffer_contig_space_with_res() - MEDIUM: stats: reimplement HTTP keep-alive on the stats page - BUG/MAJOR: http: fix timeouts during data forwarding - BUG/MEDIUM: http: 100-continue responses must process the next part immediately - MEDIUM: http: move skipping of 100-continue earlier - BUILD: stats: let gcc know that last_fwd cannot be used uninitialized... - CLEANUP: general: get rid of all old occurrences of "session *t" - CLEANUP: http: remove the useless "if (1)" inherited from version 1.4 - BUG/MEDIUM: stats: mismatch between behaviour and doc about front/back - MEDIUM: http: enable analysers to have keep-alive on stats - REORG: http: move HTTP Connection response header parsing earlier - MINOR: stats: always emit HTTP/1.1 in responses - MINOR: http: add capture.req.ver and capture.res.ver - MINOR: checks: add a new global max-spread-checks directive - BUG/MAJOR: http: fix the 'next' pointer when performing a redirect - MINOR: http: implement the max-keep-alive-queue setting - DOC: fix alphabetic order of tcp-check - MINOR: connection: add a new error code for SSL with heartbeat - MEDIUM: ssl: implement a workaround for the OpenSSL heartbleed attack - BUG/MEDIUM: Revert "MEDIUM: ssl: Add standardized DH parameters >= 1024 bits" - BUILD: http: remove a warning on strndup - BUILD: ssl: avoid a warning about conn not used with OpenSSL < 1.0.1 - BUG/MINOR: ssl: really block OpenSSL's response to heartbleed attack - MINOR: ssl: finally catch the heartbeats missing the padding |
||
Willy Tarreau
|
8317b283fb |
[RELEASE] Released version 1.5-dev23
Released version 1.5-dev23 with the following main changes : - BUG/MINOR: reject malformed HTTP/0.9 requests - MINOR: systemd wrapper: re-execute on SIGUSR2 - MINOR: systemd wrapper: improve logging - MINOR: systemd wrapper: propagate exit status - BUG/MINOR: tcpcheck connect wrong behavior - MEDIUM: proxy: support use_backend with dynamic names - MINOR: stats: Enhancement to stats page to provide information of last session time. - BUG/MEDIUM: peers: fix key consistency for integer stick tables - DOC: fix a typo on http-server-close and encapsulate options with double-quotes - DOC: fix fetching samples syntax - MINOR: ssl: add ssl_fc_unique_id to fetch TLS Unique ID - MEDIUM: ssl: Use ALPN support as it will be available in OpenSSL 1.0.2 - DOC: fix typo - CLEANUP: code style: use tabs to indent codes instead of spaces - DOC: fix a few config typos. - BUG/MINOR: raw_sock: also consider ENOTCONN in addition to EAGAIN for recv() - DOC: lowercase format string in unique-id - MINOR: set IP_FREEBIND on IPv6 sockets in transparent mode - BUG/MINOR: acl: req_ssl_sni fails with SSLv3 record version - BUG/MINOR: build: add missing objects in osx and bsd Makefiles - BUG/MINOR: build: handle whitespaces in wc -l output - BUG/MINOR: Fix name lookup ordering when compiled with USE_GETADDRINFO - MEDIUM: ssl: Add standardized DH parameters >= 1024 bits - BUG/MEDIUM: map: The map parser includes blank lines. - BUG/MINOR: log: The log of quotted capture header has been terminated by 2 quotes. - MINOR: standard: add function "encode_chunk" - BUG/MINOR: http: fix encoding of samples used in http headers - MINOR: sample: add hex converter - MEDIUM: sample: change the behavior of the bin2str cast - MAJOR: auth: Change the internal authentication system. - MEDIUM: acl/pattern: standardisation "of pat_parse_int()" and "pat_parse_dotted_ver()" - MEDIUM: pattern: The pattern parser no more uses <opaque> and just takes one string. - MEDIUM: pattern: Change the prototype of the function pattern_register(). - CONTRIB: ip6range: add a network IPv6 range to mask converter - MINOR: pattern: separe list element from the data part. - MEDIUM: pattern: add indexation function. - MEDIUM: pattern: The parse functions just return "struct pattern" without memory allocation - MINOR: pattern: Rename "pat_idx_elt" to "pattern_tree" - MINOR: sample: dont call the sample cast function "c_none" - MINOR: standard: Add function for converting cidr to network mask. - MEDIUM: sample: Remove types SMP_T_CSTR and SMP_T_CBIN, replace it by SMP_F_CONST flags - MEDIUM: sample/http_proto: Add new type called method - MINOR: dumpstats: Group map inline help - MEDIUM: pattern: The function pattern_exec_match() returns "struct pattern" if the patten match. - MINOR: dumpstats: change map inline sentences - MINOR: dumpstats: change the "get map" display management - MINOR: map/dumpstats: The cli cmd "get map ..." display the "int" format. - MEDIUM: pattern: The match function browse itself the list or the tree. - MEDIUM: pattern: Index IPv6 addresses in a tree. - MEDIUM: pattern: add delete functions - MEDIUM: pattern: add prune function - MEDIUM: pattern: add sample lookup function. - MEDIUM: pattern/dumpstats: The function pattern_lookup() is no longer used - MINOR: map/pattern: The sample parser is stored in the pattern - MAJOR: pattern/map: Extends the map edition system in the patterns - MEDIUM: pattern: merge same pattern - MEDIUM: pattern: The expected type is stored in the pattern head, and conversion is executed once. - MINOR: pattern: Each pattern is identified by unique id. - MINOR: pattern/acl: Each pattern of each acl can be load with specified id - MINOR: pattern: The function "pattern_register()" is no longer used. - MINOR: pattern: Merge function pattern_add() with pat_ref_push(). - MINOR: pattern: store configuration reference for each acl or map pattern. - MINOR: pattern: Each pattern expression element store the reference struct. - MINOR: dumpstats: display the reference for th key/pattern and value. - MEDIUM: pattern: delete() function uses the pat_ref_elt to find the element to be removed - MEDIUM: pattern_find_smp: functions find_smp uses the pat_ref_elt to find the element to be removed - MEDIUM: dumpstats/pattern: display and use each pointer of each pattern dumped - MINOR: pattern/map/acl: Centralization of the file parsers - MINOR: pattern: Check if the file reference is not used with acl and map - MINOR: acl/pattern: Acl "-M" option force to load file as map file with two columns - MEDIUM: dumpstats: Display error message during add of values. - MINOR: pattern: The function pat_ref_set() have now atomic behavior - MINOR: regex: The pointer regstr in the struc regex is no longer used. - MINOR: cli: Block the usage of the command "acl add" in many cases. - MINOR: doc: Update the documentation about the map and acl - MINOR: pattern: index duplicates - MINOR: configuration: File and line propagation - MINOR: dumpstat/conf: display all the configuration lines that using pattern reference - MINOR: standard: Disable ip resolution during the runtime - MINOR: pattern: Remove the flag "PAT_F_FROM_FILE". - MINOR: pattern: forbid dns resolutions - DOC: document "get map" / "get acl" on the CLI - MEDIUM: acl: Change the acl register struct - BUG/MEDIUM: acl: boolean only matches were broken by recent changes - DOC: pattern: pattern organisation schematics - MINOR: pattern/cli: Update used terms in documentation and cli - MINOR: cli: remove information about acl or map owner. - MINOR: session: don't always assume there's a listener - MINOR: pattern: Add function to prune and reload pattern list. - MINOR: standard: Add ipv6 support in the function url2sa(). - MEDIUM: config: Dynamic sections. - BUG/MEDIUM: stick-table: fix IPv4-to-IPv6 conversion in src_* fetches - MINOR: http: Add the "language" converter to for use with accept-language - BUG/MINOR: log: Don't dump empty unique-id - BUG/MAJOR: session: fix a possible crash with src_tracked - DOC: Update "language" documentation - MINOR: http: add the function "del-header" to the directives http-request and http-response - DOC: add some information on capture.(req|res).hdr - MINOR: http: capture.req.method and capture.req.uri - MINOR: http: optimize capture.req.method and capture.req.uri - MINOR: session: clean up the connection free code - BUG/MEDIUM: checks: immediately report a connection success - MEDIUM: connection: don't use real send() flags in snd_buf() - OPTIM: ssl: implement dynamic record size adjustment - MINOR: stats: report exact last session time in backend too - BUG/MEDIUM: stats: the "lastsess" field must appear last in the CSV. - BUG/MAJOR: check: fix memory leak in "tcp-check connect" over SSL - BUG/MINOR: channel: initialize xfer_small/xfer_large on new buffers - MINOR: channel: add the date of last read in the channel - MEDIUM: stream-int: automatically disable CF_STREAMER flags after idle - MINOR: ssl: add DEFAULT_SSL_MAX_RECORD to set the record size at build time - MINOR: config: make the stream interface idle timer user-configurable - MINOR: config: add global directives to set default SSL ciphers - MINOR: sample: add a rand() sample fetch to return a sample. - BUG/MEDIUM: config: immediately abort if peers section has no name - BUG/MINOR: ssl: fix syntax in config error message - BUG/MEDIUM: ssl: always send a full buffer after EAGAIN - BUG/MINOR: config: server on-marked-* statement is ignored in default-server - BUG/MEDIUM: backend: prefer-last-server breaks redispatch - BUG/MEDIUM: http: continue to emit 503 on keep-alive to different server - MEDIUM: acl: fix pattern type for payload / payload_lv - BUG/MINOR: config: fix a crash on startup when a disabled backend references a peer - BUG/MEDIUM: compression: fix the output type of the compressor name - BUG/MEDIUM: http: don't start to forward request data before the connect - MINOR: http: release compression context only in http_end_txn() - MINOR: protect ebimtree/ebistree against multiple inclusions - MEDIUM: proxy: create a tree to store proxies by name - MEDIUM: proxy: make findproxy() use trees to look up proxies - MEDIUM: proxy: make get_backend_server() use findproxy() to lookup proxies - MEDIUM: stick-table: lookup table names using trees. - MEDIUM: config: faster lookup for duplicated proxy name - CLEANUP: acl: remove obsolete test in parse_acl_expr() - MINOR: sample: move smp_to_type to sample.c - MEDIUM: compression: consider the "q=" attribute in Accept-Encoding - REORG: cfgparse: move server keyword parsing to server.c - BUILD: adjust makefile for AIX 5.1 - BUG/MEDIUM: pattern: fix wrong definition of the pat_prune_fcts array - CLEANUP: pattern: move array definitions to proto/ and not types/ - BUG/MAJOR: counters: check for null-deref when looking up an alternate table - BUILD: ssl: previous patch failed - BUILD/MEDIUM: standard: get rid of the last strcpy() - BUILD/MEDIUM: standard: get rid of sprintf() - BUILD/MEDIUM: cfgparse: get rid of sprintf() - BUILD/MEDIUM: checks: get rid of sprintf() - BUILD/MEDIUM: http: remove calls to sprintf() - BUG/MEDIUM: systemd-wrapper: fix locating of haproxy binary - BUILD/MINOR: ssl: remove one call to sprintf() - MEDIUM: http: don't reject anymore message bodies not containing the url param - MEDIUM: http: wait for the first chunk or message body length in http_process_body - CLEANUP: http: rename http_process_request_body() - CLEANUP: http: prepare dedicated processing for chunked encoded message bodies - MINOR: http: make msg->eol carry the last CRLF length - MAJOR: http: do not use msg->sol while processing messages or forwarding data - MEDIUM: http: http_parse_chunk_crlf() must not advance the buffer pointer - MAJOR: http: don't update msg->sov anymore while processing the body - MINOR: http: add a small helper to compute the amount of body bytes present - MEDIUM: http: add a small helper to compute how far to rewind to find headers - MINOR: http: add a small helper to compute how far to rewind to find URI - MEDIUM: http: small helpers to compute how far to rewind to find BODY and DATA - MAJOR: http: reset msg->sov after headers are forwarded - MEDIUM: http: forward headers again while waiting for connection to complete - BUG/MINOR: http: deinitialize compression after a parsing error - BUG/MINOR: http: deinitialize compression after a compression error - MEDIUM: http: headers must be forwarded even if data was already inspected - MAJOR: http: re-enable compression on chunked encoding - MAJOR: http/compression: fix chunked-encoded response processing - MEDIUM: http: cleanup: centralize a little bit HTTP compression end - MEDIUM: http: start to centralize the forwarding code - MINOR: http: further cleanups of response forwarding function - MEDIUM: http: only allocate the temporary compression buffer when needed - MAJOR: http: centralize data forwarding in the request path - CLEANUP: http: document the response forwarding states - CLEANUP: http: remove all calls to http_silent_debug() - DOC: internal: add some reminders about HTTP parsing and pointer states - BUG/MAJOR: http: fix bug in parse_qvalue() when selecting compression algo - BUG/MINOR: stats: last session was not always set - DOC: add pointer to the Cyril's HTML doc in the README - MEDIUM: config: relax use_backend check to make the condition optional - MEDIUM: config: report misplaced http-request rules - MEDIUM: config: report misplaced use-server rules - DOC: update roadmap with what was done. |
||
Willy Tarreau
|
1a34d57d26 |
[RELEASE] Released version 1.5-dev22
Released version 1.5-dev22 with the following main changes :
- MEDIUM: tcp-check new feature: connect
- MEDIUM: ssl: Set verify 'required' as global default for servers side.
- MINOR: ssl: handshake optim for long certificate chains.
- BUG/MINOR: pattern: pattern comparison executed twice
- BUG/MEDIUM: map: segmentation fault with the stats's socket command "set map ..."
- BUG/MEDIUM: pattern: Segfault in binary parser
- MINOR: pattern: move functions for grouping pat_match_* and pat_parse_* and add documentation.
- MINOR: standard: The parse_binary() returns the length consumed and his documentation is updated
- BUG/MINOR: payload: the patterns of the acl "req.ssl_ver" are no parsed with the good function.
- BUG/MEDIUM: pattern: "pat_parse_dotted_ver()" set bad expect_type.
- BUG/MINOR: sample: The c_str2int converter does not fail if the entry is not an integer
- BUG/MEDIUM: http/auth: Sometimes the authentication credentials can be mix between two requests
- MINOR: doc: Bad cli function name.
- MINOR: http: smp_fetch_capture_header_* fetch captured headers
- BUILD: last release inadvertently prepended a "+" in front of the date
- BUG/MEDIUM: stream-int: fix the keep-alive idle connection handler
- BUG/MEDIUM: backend: do not re-initialize the connection's context upon reuse
- BUG: Revert "OPTIM/MEDIUM: epoll: fuse active events into polled ones during polling changes"
- BUG/MINOR: checks: successful check completion must not re-enable MAINT servers
- MINOR: http: try to stick to same server after status 401/407
- BUG/MINOR: http: always disable compression on HTTP/1.0
- OPTIM: poll: restore polling after a poll/stop/want sequence
- OPTIM: http: don't stop polling for read on the client side after a request
- BUG/MEDIUM: checks: unchecked servers could not be enabled anymore
- BUG/MEDIUM: stats: the web interface must check the tracked servers before enabling
- BUG/MINOR: channel: CHN_INFINITE_FORWARD must be unsigned
- BUG/MINOR: stream-int: do not clear the owner upon unregister
- MEDIUM: stats: add support for HTTP keep-alive on the stats page
- BUG/MEDIUM: stats: fix HTTP/1.0 breakage introduced in previous patch
- Revert "MEDIUM: stats: add support for HTTP keep-alive on the stats page"
- MAJOR: channel: add a new flag CF_WAKE_WRITE to notify the task of writes
- OPTIM: session: set the READ_DONTWAIT flag when connecting
- BUG/MINOR: http: don't clear the SI_FL_DONT_WAKE flag between requests
- MINOR: session: factor out the connect time measurement
- MEDIUM: session: prepare to support earlier transitions to the established state
- MEDIUM: stream-int: make si_connect() return an established state when possible
- MINOR: checks: use an inline function for health_adjust()
- OPTIM: session: put unlikely() around the freewheeling code
- MEDIUM: config: report a warning when multiple servers have the same name
- BUG: Revert "OPTIM: poll: restore polling after a poll/stop/want sequence"
- BUILD/MINOR: listener: remove a glibc warning on accept4()
- BUG/MAJOR: connection: fix mismatch between rcv_buf's API and usage
- BUILD: listener: fix recent accept4() again
- BUG/MAJOR: ssl: fix breakage caused by recent fix
|
||
Willy Tarreau
|
6b07bf7598 |
[RELEASE] Released version 1.5-dev21
Released version 1.5-dev21 with the following main changes : - MINOR: stats: don't use a monospace font to report numbers - MINOR: session: remove debugging code - BUG/MAJOR: patterns: fix double free caused by loading strings from files - MEDIUM: http: make option http_proxy automatically rewrite the URL - BUG/MEDIUM: http: cook_cnt() forgets to set its output type - BUG/MINOR: stats: correctly report throttle rate of low weight servers - BUG/MEDIUM: checks: servers must not start in slowstart mode - BUG/MINOR: acl: parser must also stop at comma on ACL-only keywords - MEDIUM: stream-int: implement a very simplistic idle connection manager - DOC: update the ROADMAP file |
||
Willy Tarreau
|
11f64d65ff |
[RELEASE] Released version 1.5-dev20
Released version 1.5-dev20 with the following main changes : - DOC: add missing options to the manpage - DOC: add manpage references to all system calls - DOC: update manpage reference to haproxy-en.txt - DOC: remove -s and -l options from the manpage - DOC: missing information for the "description" keyword - DOC: missing http-send-name-header keyword in keyword table - MINOR: tools: function my_memmem() to lookup binary contents - MEDIUM: checks: add send/expect tcp based check - MEDIUM: backend: Enhance hash-type directive with an algorithm options - MEDIUM: backend: Implement avalanche as a modifier of the hashing functions. - DOC: Documentation for hashing function, with test results. - BUG/MEDIUM: ssl: potential memory leak using verifyhost - BUILD: ssl: compilation issue with openssl v0.9.6. - BUG/MINOR: ssl: potential memory leaks using ssl_c_key_alg or ssl_c_sig_alg. - MINOR: ssl: optimization of verifyhost on wildcard certificates. - BUG/MINOR: ssl: verifyhost does not match empty strings on wildcard. - MINOR: ssl: Add statement 'verifyhost' to "server" statements - CLEANUP: session: remove event_accept() which was not used anymore - BUG/MINOR: deinit: free fdinfo while doing cleanup - DOC: minor typo fix in documentation - BUG/MEDIUM: server: set the macro for server's max weight SRV_UWGHT_MAX to SRV_UWGHT_RANGE - BUG/MINOR: use the same check condition for server as other algorithms - DOC: fix typo in comments - BUG/MINOR: deinit: free server map which is allocated in init_server_map() - CLEANUP: stream_interface: cleanup loop information in si_conn_send_loop() - MINOR: buffer: align the last output line of buffer_dump() - MINOR: buffer: align the last output line if there are less than 8 characters left - DOC: stick-table: modify the description - OPTIM: stream_interface: return directly if the connection flag CO_FL_ERROR has been set - CLEANUP: code style: use tabs to indent codes - DOC: checkcache: block responses with cacheable cookies - BUG/MINOR: check_config_validity: check the returned value of stktable_init() - MEDIUM: haproxy-systemd-wrapper: Use haproxy in same directory - MEDIUM: systemd-wrapper: Kill child processes when interrupted - LOW: systemd-wrapper: Write debug information to stdout - BUG/MINOR: http: fix "set-tos" not working in certain configurations - MEDIUM: http: add IPv6 support for "set-tos" - DOC: ssl: update build instructions to use new SSL_* variables - BUILD/MINOR: systemd: fix compiler warning about unused result - url32+src - like base32+src but whole url including parameters - BUG/MINOR: fix forcing fastinter in "on-error" - CLEANUP: Make parameters of srv_downtime and srv_getinter const - CLEANUP: Remove unused 'last_slowstart_change' field from struct peer - MEDIUM: Split up struct server's check element - MEDIUM: Move result element to struct check - MEDIUM: Paramatise functions over the check of a server - MEDIUM: cfgparse: Factor out check initialisation - MEDIUM: Add state to struct check - MEDIUM: Move health element to struct check - MEDIUM: Add helper for task creation for checks - MEDIUM: Add helper function for failed checks - MEDIUM: Log agent fail, stopped or down as info - MEDIUM: Remove option lb-agent-chk - MEDIUM: checks: Add supplementary agent checks - MEDIUM: Do not mark a server as down if the agent is unavailable - MEDIUM: Set rise and fall of agent checks to 1 - MEDIUM: Add enable and disable agent unix socket commands - MEDIUM: Add DRAIN state and report it on the stats page - BUILD/MINOR: missing header file - CLEANUP: regex: Create regex_comp function that compiles regex using compilation options - CLEANUP: The function "regex_exec" needs the string length but in many case they expect null terminated char. - MINOR: http: some exported functions were not in the header file - MINOR: http: change url_decode to return the size of the decoded string. - BUILD/MINOR: missing header file - BUG/MEDIUM: sample: The function v4tov6 cannot support input and output overlap - BUG/MINOR: arg: fix error reporting for add-header/set-header sample fetch arguments - MINOR: sample: export the generic sample conversion parser - MINOR: sample: export sample_casts - MEDIUM: acl: use the fetch syntax 'fetch(args),conv(),conv()' into the ACL keyword - MINOR: stick-table: use smp_expr_output_type() to retrieve the output type of a "struct sample_expr" - MINOR: sample: provide the original sample_conv descriptor struct to the argument checker function. - MINOR: tools: Add a function to convert buffer to an ipv6 address - MINOR: acl: export acl arrays - MINOR: acl: Extract the pattern parsing and indexation from the "acl_read_patterns_from_file()" function - MINOR: acl: Extract the pattern matching function - MINOR: sample: Define new struct sample_storage - MEDIUM: acl: associate "struct sample_storage" to each "struct acl_pattern" - REORG: acl/pattern: extract pattern matching from the acl file and create pattern.c - MEDIUM: pattern: create pattern expression - MEDIUM: pattern: rename "acl" prefix to "pat" - MEDIUM: sample: let the cast functions set their output type - MINOR: sample: add a private field to the struct sample_conv - MINOR: map: Define map types - MEDIUM: sample: add the "map" converter - MEDIUM: http: The redirect strings follows the log format rules. - BUG/MINOR: acl: acl parser does not recognize empty converter list - BUG/MINOR: map: The map list was declared in the map.h file - MINOR: map: Cleanup the initialisation of map descriptors. - MEDIUM: map: merge identical maps - BUG/MEDIUM: pattern: Pattern node has type of "struct pat_idx_elt" in place of "struct eb_node" - BUG/MEDIUM: map: Bad map file parser - CLEANUP/MINOR: standard: use the system define INET6_ADDRSTRLEN in place of MAX_IP6_LEN - BUG/MEDIUM: sample: conversion from str to ipv6 may read data past end - MINOR: map: export map_get_reference() function - MINOR: pattern: Each pattern sets the expected input type - MEDIUM: acl: Last patch change the output type - MEDIUM: pattern: Extract the index process from the pat_parse_*() functions - MINOR: standard: The function parse_binary() can use preallocated buffer - MINOR: regex: Change the struct containing regex - MINOR: regex: Copy the original regex expression into string. - MINOR: pattern: add support for compiling patterns for lookups - MINOR: pattern: make the pattern matching function return a pointer to the matched element - MINOR: map: export parse output sample functions - MINOR: pattern: add function to lookup a specific entry in pattern list - MINOR: pattern/map: Each pattern must free the associated sample - MEDIUM: dumpstat: make the CLI parser understand the backslash as an escape char - MEDIUM: map: dynamic manipulation of maps - BUG/MEDIUM: unique_id: junk in log on empty unique_id - BUG/MINOR: log: junk at the end of syslog packet - MINOR: Makefile: provide cscope rule - DOC: compression: chunk are not compressed anymore - MEDIUM: session: disable lingering on the server when the client aborts - BUG/MEDIUM: prevent gcc from moving empty keywords lists into BSS - DOC: remove the comment saying that SSL certs are not checked on the server side - BUG: counters: third counter was not stored if others unset - BUG/MAJOR: http: don't emit the send-name-header when no server is available - BUG/MEDIUM: http: "option checkcache" fails with the no-cache header - BUG/MAJOR: http: sample prefetch code was not properly migrated - BUG/MEDIUM: splicing: fix abnormal CPU usage with splicing - BUG/MINOR: stream_interface: don't call chk_snd() on polled events - OPTIM: splicing: use splice() for the last block when relevant - MEDIUM: sample: handle comma-delimited converter list - MINOR: sample: fix sample_process handling of unstable data - CLEANUP: acl: move the 3 remaining sample fetches to samples.c - MINOR: sample: add a new "date" fetch to return the current date - MINOR: samples: add the http_date([<offset>]) sample converter. - DOC: minor improvements to the part on the stats socket. - MEDIUM: sample: systematically pass the keyword pointer to the keyword - MINOR: payload: split smp_fetch_rdp_cookie() - MINOR: counters: factor out smp_fetch_sc*_tracked - MINOR: counters: provide a generic function to retrieve a stkctr for sc* and src. - MEDIUM: counters: factor out smp_fetch_sc*_get_gpc0 - MEDIUM: counters: factor out smp_fetch_sc*_gpc0_rate - MEDIUM: counters: factor out smp_fetch_sc*_inc_gpc0 - MEDIUM: counters: factor out smp_fetch_sc*_clr_gpc0 - MEDIUM: counters: factor out smp_fetch_sc*_conn_cnt - MEDIUM: counters: factor out smp_fetch_sc*_conn_rate - MEDIUM: counters: factor out smp_fetch_sc*_conn_cur - MEDIUM: counters: factor out smp_fetch_sc*_sess_cnt - MEDIUM: counters: factor out smp_fetch_sc*_sess_rate - MEDIUM: counters: factor out smp_fetch_sc*_http_req_cnt - MEDIUM: counters: factor out smp_fetch_sc*_http_req_rate - MEDIUM: counters: factor out smp_fetch_sc*_http_err_cnt - MEDIUM: counters: factor out smp_fetch_sc*_http_err_rate - MEDIUM: counters: factor out smp_fetch_sc*_kbytes_in - MEDIUM: counters: factor out smp_fetch_sc*_bytes_in_rate - MEDIUM: counters: factor out smp_fetch_sc*_kbytes_out - MEDIUM: counters: factor out smp_fetch_sc*_bytes_out_rate - MEDIUM: counters: factor out smp_fetch_sc*_trackers - MINOR: session: make the number of stick counter entries more configurable - MEDIUM: counters: support passing the counter number as a fetch argument - MEDIUM: counters: support looking up a key in an alternate table - MEDIUM: cli: adjust the method for feeding frequency counters in tables - MINOR: cli: make it possible to enter multiple values at once with "set table" - MINOR: payload: allow the payload sample fetches to retrieve arbitrary lengths - BUG/MINOR: cli: "clear table" must not kill entries that don't match condition - MINOR: ssl: use MAXPATHLEN instead of PATH_MAX - MINOR: config: warn when a server with no specific port uses rdp-cookie - BUG/MEDIUM: unique_id: HTTP request counter must be unique! - DOC: add a mention about the limited chunk size - BUG/MEDIUM: fix broken send_proxy on FreeBSD - MEDIUM: stick-tables: flush old entries upon soft-stop - MINOR: tcp: add new "close" action for tcp-response - MINOR: payload: provide the "res.len" fetch method - BUILD: add SSL_INC/SSL_LIB variables to force the path to openssl - MINOR: http: compute response time before processing headers - BUG/MINOR: acl: fix improper string size assignment in proxy argument - BUG/MEDIUM: http: accept full buffers on smp_prefetch_http - BUG/MINOR: acl: implicit arguments of ACL keywords were not properly resolved - BUG/MEDIUM: session: risk of crash on out of memory conditions - BUG/MINOR: peers: set the accept date in outgoing connections - BUG/MEDIUM: tcp: do not skip tracking rules on second pass - BUG/MEDIUM: acl: do not evaluate next terms after a miss - MINOR: acl: add a warning when an ACL keyword is used without any value - MINOR: tcp: don't use tick_add_ifset() when timeout is known to be set - BUG/MINOR: acl: remove patterns from the tree before freeing them - MEDIUM: backend: add support for the wt6 hash - OPTIM/MEDIUM: epoll: fuse active events into polled ones during polling changes - OPTIM/MINOR: mark the source address as already known on accept() - BUG/MINOR: stats: don't count tarpitted connections twice - CLEANUP: http: homogenize processing of denied req counter - CLEANUP: http: merge error handling for req* and http-request * - BUG/MEDIUM: http: fix possible parser crash when parsing erroneous "http-request redirect" rules - BUG/MINOR: http: fix build warning introduced with url32/url32_src - BUG/MEDIUM: checks: fix slow start regression after fix attempt - BUG/MAJOR: server: weight calculation fails for map-based algorithms - MINOR: stats: report correct throttling percentage for servers in slowstart - OPTIM: connection: fold the error handling with handshake handling - MINOR: peers: accept to learn strings of different lengths - BUG/MAJOR: fix haproxy crash when using server tracking instead of checks - BUG/MAJOR: check: fix haproxy crash during soft-stop/soft-start - BUG/MINOR: stats: do not report "via" on tracking servers in maintenance - BUG/MINOR: connection: fix typo in error message report - BUG/MINOR: backend: fix target address retrieval in transparent mode - BUG/MINOR: config: report the correct track-sc number in tcp-rules - BUG/MINOR: log: fix log-format parsing errors - DOC: add some information about how to apply converters to samples - MINOR: acl/pattern: use types different from int to clarify who does what. - MINOR: pattern: import acl_find_match_name() into pattern.h - MEDIUM: stick-tables: support automatic conversion from ipv4<->ipv6 - MEDIUM: log-format: relax parsing of '%' followed by unsupported characters - BUG/MINOR: http: usual deinit stuff in last commit - BUILD: log: silent a warning about isblank() with latest patches - BUG/MEDIUM: checks: fix health check regression causing them to depend on declaration order - BUG/MEDIUM: checks: fix a long-standing issue with reporting connection errors - BUG/MINOR: checks: don't consider errno and use conn->err_code - BUG/MEDIUM: checks: also update the DRAIN state from the web interface - MINOR: stats: remove some confusion between the DRAIN state and NOLB - BUG/MINOR: tcp: check that no error is pending during a connect probe - BUG/MINOR: connection: check EINTR when sending a PROXY header - MEDIUM: connection: set the socket shutdown flags on socket errors - BUG/MEDIUM: acl: fix regression introduced by latest converters support - MINOR: connection: clear errno prior to checking for errors - BUG/MINOR: checks: do not trust errno in write event before any syscall - MEDIUM: checks: centralize error reporting - OPTIM: checks: don't poll on recv when using plain TCP connects - OPTIM: checks: avoid setting SO_LINGER twice - MINOR: tools: add a generic binary hex string parser - BUG/MEDIUM: checks: tcp-check: do not poll when there's nothing to send - BUG/MEDIUM: check: tcp-check might miss some outgoing data when socket buffers are full - BUG/MEDIUM: args: fix double free on error path in argument expression parser - BUG/MINOR: acl: fix sample expression error reporting - BUG/MINOR: checks: tcp-check actions are enums, not flags - MEDIUM: checks: make tcp-check perform multiple send() at once - BUG/MEDIUM: stick: completely remove the unused flag from the store entries - OPTIM: ebtree: pack the struct eb_node to avoid holes on 64-bit - BUG/MEDIUM: stick-tables: complete the latest fix about store-responses - CLEANUP: stream_interface: remove unused field err_loc - MEDIUM: stats: don't use conn->xprt_st anymore - MINOR: session: add a simple function to retrieve a session from a task - MEDIUM: stats: don't use conn->xprt_ctx anymore - MEDIUM: peers: don't rely on conn->xprt_ctx anymore - MINOR: http: prevent smp_fetch_url_{ip,port} from using si->conn - MINOR: connection: make it easier to emit proxy protocol for unknown addresses - MEDIUM: stats: prepare the HTTP stats I/O handler to support more states - MAJOR: stats: move the HTTP stats handling to its applet - MEDIUM: stats: move request argument processing to the final step - MEDIUM: session: detect applets from the session by using s->target - MAJOR: session: check for a connection to an applet in sess_prepare_conn_req() - MAJOR: session: pass applet return traffic through the response analysers - MEDIUM: stream-int: split the shutr/shutw functions between applet and conn - MINOR: stream-int: make the shutr/shutw functions void - MINOR: obj: provide a safe and an unsafe access to pointed objects - MINOR: connection: add a field to store an object type - MINOR: connection: always initialize conn->objt_type to OBJ_TYPE_CONN - MEDIUM: stream interface: move the peers' ptr into the applet context - MINOR: stream-interface: move the applet context to its own struct - MINOR: obj: introduce a new type appctx - MINOR: stream-int: rename ->applet to ->appctx - MINOR: stream-int: split si_prepare_embedded into si_prepare_none and si_prepare_applet - MINOR: stream-int: add a new pointer to the end point - MEDIUM: stream-interface: set the pointer to the applet into the applet context - MAJOR: stream interface: remove the ->release function pointer - MEDIUM: stream-int: make ->end point to the connection or the appctx - CLEANUP: stream-int: remove obsolete si_ctrl function - MAJOR: stream-int: stop using si->conn and use si->end instead - MEDIUM: stream-int: do not allocate a connection in parallel to applets - MEDIUM: session: attach incoming connection to target on embryonic sessions - MINOR: connection: add conn_init() to (re)initialize a connection - MINOR: checks: call conn_init() to properly initialize the connection. - MINOR: peers: make use of conn_init() to initialize the connection - MINOR: session: use conn_init() to initialize the connections - MINOR: http: use conn_init() to reinitialize the server connection - MEDIUM: connection: replace conn_prepare with conn_assign - MINOR: get rid of si_takeover_conn() - MINOR: connection: add conn_new() / conn_free() - MAJOR: connection: add two new flags to indicate readiness of control/transport - MINOR: stream-interface: introduce si_reset() and si_set_state() - MINOR: connection: reintroduce conn_prepare to set the protocol and transport - MINOR: connection: replace conn_assign with conn_attach - MEDIUM: stream-interface: introduce si_attach_conn to replace si_prepare_conn - MAJOR: stream interface: dynamically allocate the outgoing connection - MEDIUM: connection: move the send_proxy offset to the connection - MINOR: connection: check for send_proxy during the connect(), not the SI - MEDIUM: connection: merge the send_proxy and local_send_proxy calls - MEDIUM: stream-int: replace occurrences of si->appctx with si_appctx() - MEDIUM: stream-int: return the allocated appctx in stream_int_register_handler() - MAJOR: stream-interface: dynamically allocate the applet context - MEDIUM: session: automatically register the applet designated by the target - MEDIUM: stats: delay appctx initialization - CLEANUP: peers: use less confusing state/status code names - MEDIUM: peers: delay appctx initialization - MINOR: stats: provide some appctx information in "show sess all" - DIET/MINOR: obj: pack the obj_type enum to 8 bits - DIET/MINOR: connection: rearrange a few fields to save 8 bytes in the struct - DIET/MINOR: listener: rearrange a few fields in struct listener to save 16 bytes - DIET/MINOR: proxy: rearrange a few fields in struct proxy to save 16 bytes - DIET/MINOR: session: reduce the struct session size by 8 bytes - DIET/MINOR: stream-int: rearrange a few fields in struct stream_interface to save 8 bytes - DIET/MINOR: http: reduce the size of struct http_txn by 8 bytes - MINOR: http: switch the http state to an enum - MINOR: http: use an enum for the auth method in http_auth_data - DIET/MINOR: task: reduce struct task size by 8 bytes - MINOR: stream_interface: add reporting of ressouce allocation errors - MINOR: session: report lack of resources using the new stream-interface's error code - BUILD: simplify the date and version retrieval in the makefile - BUILD: prepare the makefile to skip format lines in SUBVERS and VERDATE - BUILD: use format tags in VERDATE and SUBVERS files - BUG/MEDIUM: channel: bo_getline() must wait for \n until buffer is full - CLEANUP: check: server port is unsigned - BUG/MEDIUM: checks: agent doesn't get the response if server does not closes - MINOR: tools: buf2ip6 must not modify output on failure - MINOR: pattern: do not assign SMP_TYPES by default to patterns - MINOR: sample: make sample_parse_expr() use memprintf() to report parse errors - MINOR: arg: improve wording on error reporting - BUG/MEDIUM: sample: simplify and fix the argument parsing - MEDIUM: acl: fix the argument parser to let the lower layer report detailed errors - MEDIUM: acl: fix the initialization order of the ACL expression - CLEANUP: acl: remove useless blind copy-paste from sample converters - TESTS: add regression tests for ACL and sample expression parsers - BUILD: time: adapt the type of TV_ETERNITY to the local system - MINOR: chunks: allocate the trash chunks before parsing the config - BUILD: definitely silence some stupid GCC warnings - MINOR: chunks: always initialize the output chunk in get_trash_chunk() - MINOR: checks: improve handling of the servers tracking chain - REORG: checks: retrieve the check-specific defines from server.h to checks.h - MINOR: checks: use an enum instead of flags to report a check result - MINOR: checks: rename the state flags - MINOR: checks: replace state DISABLED with CONFIGURED and ENABLED - MINOR: checks: use check->state instead of srv->state & SRV_CHECKED - MINOR: checks: fix agent check interval computation - MINOR: checks: add a PAUSED state for the checks - MINOR: checks: create the agent tasks even when no check is configured - MINOR: checks: add a flag to indicate what check is an agent - MEDIUM: checks: enable agent checks even if health checks are disabled - BUG/MEDIUM: checks: ensure we can enable a server after boot - BUG/MEDIUM: checks: tracking servers must not inherit the MAINT flag - BUG/MAJOR: session: repair tcp-request connection rules - BUILD: fix SUBVERS extraction in the Makefile - BUILD: pattern: silence a warning about uninitialized value - BUILD: log: fix build warning on Solaris - BUILD: dumpstats: fix build error on Solaris - DOC: move option pgsql-check to the correct place - DOC: move option tcp-check to the proper place - MINOR: connection: add simple functions to report connection readiness - MEDIUM: connection: centralize handling of nolinger in fd management - OPTIM: http: set CF_READ_DONTWAIT on response message - OPTIM: http: do not re-enable reading on client side while closing the server side - MINOR: config: add option http-keep-alive - MEDIUM: connection: inform si_alloc_conn() whether existing conn is OK or not - MAJOR: stream-int: handle the connection reuse in si_connect() - MAJOR: http: add the keep-alive transition on the server side - MAJOR: backend: enable connection reuse - MINOR: http: add option prefer-last-server - MEDIUM: http: do not report connection errors for second and further requests |
||
Willy Tarreau
|
eab1dc6234 |
[RELEASE] Released version 1.5-dev19
Released version 1.5-dev19 with the following main changes : - MINOR: stats: remove the autofocus on the scope input field - BUG/MEDIUM: Fix crt-list file parsing error: filtered name was ignored. - BUG/MEDIUM: ssl: EDH ciphers are not usable if no DH parameters present in pem file. - BUG/MEDIUM: shctx: makes the code independent on SSL runtime version. - MEDIUM: ssl: improve crt-list format to support negation - BUG: ssl: fix crt-list for clients not supporting SNI - MINOR: stats: show soft-stopped servers in different color - BUG/MINOR: config: "source" does not work in defaults section - BUG: regex: fix pcre compile error when using JIT - MINOR: ssl: add pattern fetch 'ssl_c_sha1' - BUG: ssl: send payload gets corrupted if tune.ssl.maxrecord is used - MINOR: show PCRE version and JIT status in -vv - BUG/MINOR: jit: don't rely on USE flag to detect support - DOC: readme: add suggestion to link against static openssl - DOC: examples: provide simplified ssl configuration - REORG: tproxy: prepare the transparent proxy defines for accepting other OSes - MINOR: tproxy: add support for FreeBSD - MINOR: tproxy: add support for OpenBSD - DOC: examples: provide an example of transparent proxy configuration for FreeBSD 8 - CLEANUP: fix minor typo in error message. - CLEANUP: fix missing include <string.h> in proto/listener.h - CLEANUP: protect checks.h from multiple inclusions - MINOR: compression: acl "res.comp" and fetch "res.comp_algo" - BUG/MINOR: http: add-header/set-header did not accept the ACL condition - BUILD: mention in the Makefile that USE_PCRE_JIT is for libpcre >= 8.32 - BUG/MEDIUM: splicing is broken since 1.5-dev12 - BUG/MAJOR: acl: add implicit arguments to the resolve list - BUG/MINOR: tcp: fix error reporting for TCP rules - CLEANUP: peers: remove a bit of spaghetti to prepare for the next bugfix - MINOR: stick-table: allow to allocate an entry without filling it - BUG/MAJOR: peers: fix an overflow when syncing strings larger than 16 bytes - MINOR: session: only call http_send_name_header() when changing the server - MINOR: tcp: report the erroneous word in tcp-request track* - BUG/MAJOR: backend: consistent hash can loop forever in certain circumstances - BUG/MEDIUM: log: fix regression on log-format handling - MEDIUM: log: report file name, line number, and directive name with log-format errors - BUG/MINOR: cli: "clear table" did not work anymore without a key - BUG/MINOR: cli: "clear table xx data.xx" does not work anymore - BUG/MAJOR: http: compression still has defects on chunked responses - BUG/MINOR: stats: fix confirmation links on the stats interface - BUG/MINOR: stats: the status bar does not appear anymore after a change - BUG/MEDIUM: stats: allocate the stats frontend also on "stats bind-process" - BUG/MEDIUM: stats: fix a regression when dealing with POST requests - BUG/MINOR: fix unterminated ACL array in compression - BUILD: last fix broke non-linux platforms - MINOR: init: indicate the SSL runtime version on -vv. - BUG/MEDIUM: compression: the deflate algorithm must use global settings as well - BUILD: stdbool is not portable (again) - DOC: readme: add a small reminder about restrictions to respect in the code - MINOR: ebtree: add new eb_next_dup/eb_prev_dup() functions to visit duplicates - BUG/MINOR: acl: fix a double free during exit when using PCRE_JIT - DOC: fix wrong copy-paste in the rspdel example - MINOR: counters: make it easier to extend the amount of tracked counters - MEDIUM: counters: add support for tracking a third counter - MEDIUM: counters: add a new "gpc0_rate" counter in stick-tables - BUG/MAJOR: http: always ensure response buffer has some room for a response - MINOR: counters: add fetch/acl sc*_tracked to indicate whether a counter is tracked - MINOR: defaults: allow REQURI_LEN and CAPTURE_LEN to be redefined - MINOR: log: add a new flag 'L' for locally processed requests - MINOR: http: add full-length header fetch methods - MEDIUM: protocol: implement a "drain" function in protocol layers - MEDIUM: http: add a new "http-response" ruleset - MEDIUM: http: add the "set-nice" action to http-request and http-response - MEDIUM: log: add a log level override value in struct session - MEDIUM: http: add support for action "set-log-level" in http-request/http-response - MEDIUM: http: add support for "set-tos" in http-request/http-response - MEDIUM: http: add the "set-mark" action on http-request/http-response rules - MEDIUM: tcp: add "tcp-request connection expect-proxy layer4" - MEDIUM: acl: automatically detect the type of certain fetches - MEDIUM: acl: remove a lot of useless ACLs that are equivalent to their fetches - MEDIUM: acl: remove 15 additional useless ACLs that are equivalent to their fetches - DOC: major reorg of ACL + sample fetch - CLEANUP: http: remove the bogus urlp_ip ACL match - MINOR: acl: add the new "env()" fetch method to retrieve an environment variable - BUG/MINOR: acl: correctly consider boolean fetches when doing casts - BUG/CRITICAL: fix a possible crash when using negative header occurrences - DOC: update ROADMAP file - MEDIUM: counters: use sc0/sc1/sc2 instead of sc1/sc2/sc3 - MEDIUM: stats: add proxy name filtering on the statistic page |
||
Willy Tarreau
|
289dd92a64 |
[RELEASE] Released version 1.5-dev18
Released version 1.5-dev18 with the following main changes : - DOCS: Add explanation of intermediate certs to crt paramater - DOC: typo and minor fixes in compression paragraph - MINOR: config: http-request configuration error message misses new keywords - DOC: minor typo fix in documentation - BUG/MEDIUM: ssl: ECDHE ciphers not usable without named curve configured. - MEDIUM: ssl: add bind-option "strict-sni" - MEDIUM: ssl: add mapping from SNI to cert file using "crt-list" - MEDIUM: regex: Use PCRE JIT in acl - DOC: simplify bind option "interface" explanation - DOC: tfo: bump required kernel to linux-3.7 - BUILD: add explicit support for TFO with USE_TFO - MEDIUM: New cli option -Ds for systemd compatibility - MEDIUM: add haproxy-systemd-wrapper - MEDIUM: add systemd service - BUG/MEDIUM: systemd-wrapper: don't leak zombie processes - BUG/MEDIUM: remove supplementary groups when changing gid - BUG/MEDIUM: config: fix parser crash with bad bind or server address - BUG/MINOR: Correct logic in cut_crlf() - CLEANUP: checks: Make desc argument to set_server_check_status const - CLEANUP: dumpstats: Make cli_release_handler() static - MEDIUM: server: Break out set weight processing code - MEDIUM: server: Allow relative weights greater than 100% - MEDIUM: server: Tighten up parsing of weight string - MEDIUM: checks: Add agent health check - BUG/MEDIUM: ssl: openssl 0.9.8 doesn't open /dev/random before chroot - BUG/MINOR: time: frequency counters are not totally accurate - BUG/MINOR: http: don't process abortonclose when request was sent - BUG/MEDIUM: stream_interface: don't close outgoing connections on shutw() - BUG/MEDIUM: checks: ignore late resets after valid responses - DOC: fix bogus recommendation on usage of gpc0 counter - BUG/MINOR: http-compression: lookup Cache-Control in the response, not the request - MINOR: signal: don't block SIGPROF by default - OPTIM: epoll: make use of EPOLLRDHUP - OPTIM: splice: detect shutdowns and avoid splice() == 0 - OPTIM: splice: assume by default that splice is working correctly - BUG/MINOR: log: temporary fix for lost SSL info in some situations - BUG/MEDIUM: peers: only the last peers section was used by tables - BUG/MEDIUM: config: verbosely reject peers sections with multiple local peers - BUG/MINOR: epoll: use a fix maxevents argument in epoll_wait() - BUG/MINOR: config: fix improper check for failed memory alloc in ACL parser - BUG/MINOR: config: free peer's address when exiting upon parsing error - BUG/MINOR: config: check the proper variable when parsing log minlvl - BUG/MEDIUM: checks: ensure the health_status is always within bounds - BUG/MINOR: cli: show sess should always validate s->listener - BUG/MINOR: log: improper NULL return check on utoa_pad() - CLEANUP: http: remove a useless null check - CLEANUP: tcp/unix: remove useless NULL check in {tcp,unix}_bind_listener() - BUG/MEDIUM: signal: signal handler does not properly check for signal bounds - BUG/MEDIUM: tools: off-by-one in quote_arg() - BUG/MEDIUM: uri_auth: missing NULL check and memory leak on memory shortage - BUG/MINOR: unix: remove the 'level' field from the ux struct - CLEANUP: http: don't try to deinitialize http compression if it fails before init - CLEANUP: config: slowstart is never negative - CLEANUP: config: maxcompcpuusage is never negative - BUG/MEDIUM: log: emit '-' for empty fields again - BUG/MEDIUM: checks: fix a race condition between checks and observe layer7 - BUILD: fix a warning emitted by isblank() on non-c99 compilers - BUILD: improve the makefile's support for libpcre - MEDIUM: halog: add support for counting per source address (-ic) - MEDIUM: tools: make str2sa_range support all address syntaxes - MEDIUM: config: make use of str2sa_range() instead of str2sa() - MEDIUM: config: use str2sa_range() to parse server addresses - MEDIUM: config: use str2sa_range() to parse peers addresses - MINOR: tests: add a config file to ease address parsing tests. - MINOR: ssl: add a global tunable for the max SSL/TLS record size - BUG/MINOR: syscall: fix NR_accept4 system call on sparc/linux - BUILD/MINOR: syscall: add definition of NR_accept4 for ARM - MINOR: config: report missing peers section name - BUG/MEDIUM: tools: fix bad character handling in str2sa_range() - BUG/MEDIUM: stats: never apply "unix-bind prefix" to the global stats socket - MINOR: tools: prepare str2sa_range() to return an error message - BUG/MEDIUM: checks: don't call connect() on unsupported address families - MINOR: tools: prepare str2sa_range() to accept a prefix - MEDIUM: tools: make str2sa_range() parse unix addresses too - MEDIUM: config: make str2listener() use str2sa_range() to parse unix addresses - MEDIUM: config: use a single str2sa_range() call to parse bind addresses - MEDIUM: config: use str2sa_range() to parse log addresses - CLEANUP: tools: remove str2sun() which is not used anymore. - MEDIUM: config: add complete support for str2sa_range() in dispatch - MEDIUM: config: add complete support for str2sa_range() in server addr - MEDIUM: config: add complete support for str2sa_range() in 'server' - MEDIUM: config: add complete support for str2sa_range() in 'peer' - MEDIUM: config: add complete support for str2sa_range() in 'source' and 'usesrc' - CLEANUP: minor cleanup in str2sa_range() and str2ip() - CLEANUP: config: do not use multiple errmsg at once - MEDIUM: tools: support specifying explicit address families in str2sa_range() - MAJOR: listener: support inheriting a listening fd from the parent - MAJOR: tools: support environment variables in addresses - BUG/MEDIUM: http: add-header should not emit "-" for empty fields - BUG/MEDIUM: config: ACL compatibility check on "redirect" was wrong - BUG/MEDIUM: http: fix another issue caused by http-send-name-header - DOC: mention the new HTTP 307 and 308 redirect statues - MEDIUM: poll: do not use FD_* macros anymore - BUG/MAJOR: ev_select: disable the select() poller if maxsock > FD_SETSIZE - BUG/MINOR: acl: ssl_fc_{alg,use}_keysize must parse integers, not strings - BUG/MINOR: acl: ssl_c_used, ssl_fc{,_has_crt,_has_sni} take no pattern - BUILD: fix usual isdigit() warning on solaris - BUG/MEDIUM: tools: vsnprintf() is not always reliable on Solaris - OPTIM: buffer: remove one jump in buffer_count() - OPTIM: http: improve branching in chunk size parser - OPTIM: http: optimize the response forward state machine - BUILD: enable poll() by default in the makefile - BUILD: add explicit support for Mac OS/X - BUG/MAJOR: http: use a static storage for sample fetch context - BUG/MEDIUM: ssl: improve error processing and reporting in ssl_sock_load_cert_list_file() - BUG/MAJOR: http: fix regression introduced by commit |
||
Willy Tarreau
|
a3ecbd9023 |
[RELEASE] Released version 1.5-dev17
Released version 1.5-dev17 with the following main changes :
- MINOR: ssl: Setting global tune.ssl.cachesize value to 0 disables SSL session cache.
- BUG/MEDIUM: stats: fix stats page regression introduced by commit
|
||
Willy Tarreau
|
69eda35acd |
[RELEASE] Released version 1.5-dev16
Released version 1.5-dev16 with the following main changes : - BUG/MEDIUM: ssl: Prevent ssl error from affecting other connections. - BUG/MINOR: ssl: error is not reported if it occurs simultaneously with peer close detection. - MINOR: ssl: add fetch and acl "ssl_c_used" to check if current SSL session uses a client certificate. - MINOR: contrib: make the iprange tool grep for addresses - CLEANUP: polling: gcc doesn't always optimize constants away - OPTIM: poll: optimize fd management functions for low register count CPUs - CLEANUP: poll: remove a useless double-check on fdtab[fd].owner - OPTIM: epoll: use a temp variable for intermediary flag computations - OPTIM: epoll: current fd does not count as a new one - BUG/MINOR: poll: the I/O handler was called twice for polled I/Os - MINOR: http: make resp_ver and status ACLs check for the presence of a response - BUG/MEDIUM: stream-interface: fix possible stalls during transfers - BUG/MINOR: stream_interface: don't return when the fd is already set - BUG/MEDIUM: connection: always update connection flags prior to computing polling - CLEANUP: buffer: use buffer_empty() instead of buffer_len()==0 - BUG/MAJOR: stream_interface: fix occasional data transfer freezes - BUG/MEDIUM: stream_interface: fix another case where the reader might not be woken up - BUG/MINOR: http: don't abort client connection on premature responses - BUILD: no need to clean up when making git-tar - MINOR: log: add a tag for amount of bytes uploaded from client to server - BUG/MEDIUM: log: fix possible segfault during config parsing - MEDIUM: log: change a few log tokens to make them easier to remember - BUG/MINOR: log: add_to_logformat_list() used the wrong constants - MEDIUM: log-format: make the format parser more robust and more extensible - MINOR: sample: support cast from bool to string - MINOR: samples: add a function to fetch and convert any sample to a string - MINOR: log: add lf_text_len - MEDIUM: log: add the ability to include samples in logs - REORG: stats: massive code reorg and cleanup - REORG: stats: move the HTTP header injection to proto_http - REORG: stats: functions are now HTTP/CLI agnostic - BUG/MINOR: log: fix regression introduced by commit 8a3f52 - MINOR: chunks: centralize the trash chunk allocation - MEDIUM: stats: use hover boxes instead of title to report details - MEDIUM: stats: use multi-line tips to display detailed counters - MINOR: tools: simplify the use of the int to ascii macros - MINOR: stats: replace STAT_FMT_CSV with STAT_FMT_HTML - MINOR: http: prepare to support more http-request actions - MINOR: log: make parse_logformat_string() take a const char * - MEDIUM: http: add http-request 'add-header' and 'set-header' to build headers |
||
Willy Tarreau
|
0cae4b3218 |
[RELEASE] Released version 1.5-dev15
Released version 1.5-dev15 with the following main changes : - DOC: add a few precisions on compression - BUG/MEDIUM: ssl: Fix handshake failure on session resumption with client cert. - BUG/MINOR: ssl: One free session in cache remains unused. - BUG/MEDIUM: ssl: first outgoing connection would fail with {ca,crt}-ignore-err - MEDIUM: ssl: manage shared cache by blocks for huge sessions. - MINOR: acl: add fetch for server session rate - BUG/MINOR: compression: Content-Type is case insensitive - MINOR: compression: disable on multipart or status != 200 - BUG/MINOR: http: don't report client aborts as server errors - MINOR: stats: compute the ratio of compressed response based on 2xx responses - MINOR: http: factor out the content-type checks - BUG/MAJOR: stats: correctly check for a possible divide error when showing compression ratios - BUILD: ssl: OpenSSL 0.9.6 has no renegociation - BUG/MINOR: http: disable compression when message has no body - MINOR: compression: make the stats a bit more robust - BUG/MEDIUM: comp: DEFAULT_MAXZLIBMEM was expressed in bytes and not megabytes - MINOR: connection: don't remove failed handshake flags - MEDIUM: connection: add an error code in connections - MEDIUM: connection: add minimal error reporting in logs for incomplete connections - MEDIUM: connection: add error reporting for the PROXY protocol header - MEDIUM: connection: add error reporting for the SSL - DOC: document the connection error format in logs - BUG/MINOR: http: don't log a 503 on client errors while waiting for requests - BUILD: stdbool is not portable - BUILD: ssl: NAME_MAX is not portable, use MAXPATHLEN instead - BUG/MAJOR: raw_sock: must check error code on hangup - BUG/MAJOR: polling: do not set speculative events on ERR nor HUP - BUG/MEDIUM: session: fix FD leak when transport layer logging is enabled - MINOR: stats: add a few more information on session dump - BUG/MINOR: tcp: set the ADDR_TO_SET flag on outgoing connections - CLEANUP: connection: remove unused server/proxy/task/si_applet declarations - BUG/MEDIUM: tcp: process could theorically crash on lack of source ports - MINOR: cfgparse: mention "interface" in the list of allowed "source" options - MEDIUM: connection: introduce "struct conn_src" for servers and proxies - CLEANUP: proto_tcp: use the same code to bind servers and backends - CLEANUP: backend: use the same tproxy address selection code for servers and backends - BUG/MEDIUM: stick-tables: conversions to strings were broken in dev13 - MEDIUM: proto_tcp: add support for tracking L7 information - MEDIUM: counters: add sc1_trackers/sc2_trackers - MINOR: http: add the "base32" pattern fetch function - MINOR: http: add the "base32+src" fetch method. - CLEANUP: session: use an array for the stick counters - BUG/MINOR: proto_tcp: fix parsing of "table" in track-sc1/2 - BUG/MINOR: proto_tcp: bidirectional fetches not supported anymore in track-sc1/2 - BUG/MAJOR: connection: always recompute polling status upon I/O - BUG/MINOR: connection: remove a few synchronous calls to polling updates - MINOR: config: improve error checking on TCP stick-table tracking - DOC: add some clarifications to the readme |
||
Willy Tarreau
|
fee48ce452 |
[RELEASE] Released version 1.5-dev14
Released version 1.5-dev14 with the following main changes : - DOC: fix minor typos - BUG/MEDIUM: compression: does not forward trailers - MINOR: buffer_dump with ASCII - BUG/MEDIUM: checks: mark the check as stopped after a connect error - BUG/MEDIUM: checks: ensure we completely disable polling upon success - BUG/MINOR: checks: don't mark the FD as closed before transport close - MEDIUM: checks: avoid accumulating TIME_WAITs during checks - MINOR: cli: report the msg state in full text in "show sess $PTR" - CLEANUP: checks: rename some server check flags - MAJOR: checks: rework completely bogus state machine - BUG/MINOR: checks: slightly clean the state machine up - MEDIUM: checks: avoid waking the application up for pure TCP checks - MEDIUM: checks: close the socket as soon as we have a response - BUG/MAJOR: checks: close FD on all timeouts - MINOR: checks: fix recv polling after connect() - MEDIUM: connection: provide a common conn_full_close() function - BUG/MEDIUM: checks: prevent TIME_WAITs from appearing also on timeouts - BUG/MAJOR: peers: the listener's maxaccept was not set and caused loops - MINOR: listeners: make the accept loop more robust when maxaccept==0 - BUG/MEDIUM: acl: correctly resolve all args, not just the first one - BUG/MEDIUM: acl: make prue_acl_expr() correctly free ACL expressions upon exit - BUG/MINOR: stats: fix inversion of the report of a check in progress - MEDIUM: tcp: add explicit support for delayed ACK in connect() - BUG/MEDIUM: connection: always disable polling upon error - MINOR: connection: abort earlier when errors are detected - BUG/MEDIUM: checks: report handshake failures - BUG/MEDIUM: connection: local_send_proxy must wait for connection to establish - MINOR: tcp: add support for the "v6only" bind option - MINOR: stats: also report the computed compression savings in html stats - MINOR: stats: report the total number of compressed responses per front/back - MINOR: tcp: add support for the "v4v6" bind option - DOC: stats: document the comp_rsp stats column - BUILD: buffer: fix another isprint() warning on solaris - MINOR: cli: add support for the "show sess all" command - BUG/MAJOR: cli: show sess <id> may randomly corrupt the back-ref list - MINOR: cli: improve output format for show sess $ptr |
||
Willy Tarreau
|
ad15d127a7 |
[RELEASE] Released version 1.5-dev13
Released version 1.5-dev13 with the following main changes : - BUILD: fix build issue without USE_OPENSSL - BUILD: fix compilation error with DEBUG_FULL - DOC: ssl: remove prefer-server-ciphers documentation - DOC: ssl: surround keywords with quotes - DOC: fix minor typo on http-send-name-header - BUG/MEDIUM: acls using IPv6 subnets patterns incorrectly match IPs - BUG/MAJOR: fix a segfault on option http_proxy and url_ip acl - MEDIUM: http: accept IPv6 values with (s)hdr_ip acl - BUILD: report zlib support in haproxy -vv - DOC: compression: add some details and clean up the formatting - DOC: Change is_ssl acl to ssl_fc acl in example - DOC: make it clear what the HTTP request size is - MINOR: ssl: try to load Diffie-Hellman parameters from cert file - DOC: ssl: update 'crt' statement on 'bind' about Diffie-Hellman parameters loading - MINOR: ssl: add elliptic curve Diffie-Hellman support for ssl key generation - DOC: ssl: add 'ecdhe' statement on 'bind' - MEDIUM: ssl: add client certificate authentication support - DOC: ssl: add 'verify', 'cafile' and 'crlfile' statements on 'bind' - MINOR: ssl: add fetch and ACL 'client_crt' to test a client cert is present - DOC: ssl: add fetch and ACL 'client_cert' - MINOR: ssl: add ignore verify errors options - DOC: ssl: add 'ca-ignore-err' and 'crt-ignore-err' statements on 'bind' - MINOR: ssl: add fetch and ACL 'ssl_verify_result' - DOC: ssl: add fetch and ACL 'ssl_verify_result' - MINOR: ssl: add fetches and ACLs to return verify errors - DOC: ssl: add fetches and ACLs 'ssl_verify_crterr', 'ssl_verify_caerr', and 'ssl_verify_crterr_depth' - MINOR: ssl: disable shared memory and locks on session cache if nbproc == 1 - MINOR: ssl: add build param USE_PRIVATE_CACHE to build cache without shared memory - MINOR: ssl : add statements 'notlsv11' and 'notlsv12' and rename 'notlsv1' to 'notlsv10'. - DOC: ssl : add statements 'notlsv11' and 'notlsv12' and rename 'notlsv1' to 'notlsv10'. - MEDIUM: config: authorize frontend and listen without bind. - MINOR: ssl: add statement 'no-tls-tickets' on bind to disable stateless session resumption - DOC: ssl: add 'no-tls-tickets' statement documentation. - BUG/MINOR: ssl: Fix CRL check was not enabled when crlfile was specified. - BUG/MINOR: build: Fix compilation issue on openssl 0.9.6 due to missing CRL feature. - BUG/MINOR: conf: Fix 'maxsslconn' statement error if built without OPENSSL. - BUG/MINOR: build: Fix failure with USE_OPENSSL=1 and USE_FUTEX=1 on archs i486 and i686. - MINOR: ssl: remove prefer-server-ciphers statement and set it as the default on ssl listeners. - BUG/MEDIUM: ssl: subsequent handshakes fail after server configuration changes - MINOR: ssl: add 'crt-base' and 'ca-base' global statements. - MEDIUM: conf: rename 'nosslv3' and 'notlsvXX' statements 'no-sslv3' and 'no-tlsvXX'. - MEDIUM: conf: rename 'cafile' and 'crlfile' statements 'ca-file' and 'crl-file' - MINOR: ssl: use bit fields to store ssl options instead of one int each - MINOR: ssl: add 'force-sslv3' and 'force-tlsvXX' statements on bind. - MINOR: ssl: add 'force-sslv3' and 'force-tlsvXX' statements on server - MINOR: ssl: add defines LISTEN_DEFAULT_CIPHERS and CONNECT_DEFAULT_CIPHERS. - BUG/MINOR: ssl: Fix issue on server statements 'no-tls*' and 'no-sslv3' - MINOR: ssl: move ssl context init for servers from cfgparse.c to ssl_sock.c - MEDIUM: ssl: reject ssl server keywords in default-server statement - MINOR: ssl: add statement 'no-tls-tickets' on server side. - MINOR: ssl: add statements 'verify', 'ca-file' and 'crl-file' on servers. - DOC: Fix rename of options cafile and crlfile to ca-file and crl-file. - MINOR: sample: manage binary to string type convertion in stick-table and samples. - MINOR: acl: add parse and match primitives to use binary type on ACLs - MINOR: sample: export 'sample_get_trash_chunk(void)' - MINOR: conf: rename all ssl modules fetches using prefix 'ssl_fc' and 'ssl_c' - MINOR: ssl: add pattern and ACLs fetches 'ssl_fc_protocol', 'ssl_fc_cipher', 'ssl_fc_use_keysize' and 'ssl_fc_alg_keysize' - MINOR: ssl: add pattern fetch 'ssl_fc_session_id' - MINOR: ssl: add pattern and ACLs fetches 'ssl_c_version' and 'ssl_f_version' - MINOR: ssl: add pattern and ACLs fetches 'ssl_c_s_dn', 'ssl_c_i_dn', 'ssl_f_s_dn' and 'ssl_c_i_dn' - MINOR: ssl: add pattern and ACLs 'ssl_c_sig_alg' and 'ssl_f_sig_alg' - MINOR: ssl: add pattern and ACLs fetches 'ssl_c_key_alg' and 'ssl_f_key_alg' - MINOR: ssl: add pattern and ACLs fetches 'ssl_c_notbefore', 'ssl_c_notafter', 'ssl_f_notbefore' and 'ssl_f_notafter' - MINOR: ssl: add 'crt' statement on server. - MINOR: ssl: checks the consistency of a private key with the corresponding certificate - BUG/MEDIUM: ssl: review polling on reneg. - BUG/MEDIUM: ssl: Fix some reneg cases not correctly handled. - BUG/MEDIUM: ssl: Fix sometimes reneg fails if requested by server. - MINOR: build: allow packagers to specify the ssl cache size - MINOR: conf: add warning if ssl is not enabled and a certificate is present on bind. - MINOR: ssl: Add tune.ssl.lifetime statement in global. - MINOR: compression: Enable compression for IE6 w/SP2, IE7 and IE8 - BUG: http: revert broken optimisation from |