mirror of
http://git.haproxy.org/git/haproxy.git/
synced 2024-12-27 07:02:11 +00:00
c895c441c7
207 Commits
Author | SHA1 | Message | Date | |
---|---|---|---|---|
Willy Tarreau
|
252412316e |
MEDIUM: proxy: remove long-broken 'option http_proxy'
This option had always been broken in HTX, which means that the first breakage appeared in 1.9, that it was broken by default in 2.0 and that no workaround existed starting with 2.1. The way this option works is praticularly unfit to the rest of the configuration and to the internal architecture. It had some uses when it was introduced 14 years ago but nowadays it's possible to do much better and more reliable using a set of "http-request set-dst" and "http-request set-uri" rules, which additionally are compatible with DNS resolution (via do-resolve) and are not exclusive to normal load balancing. The "option-http_proxy" example config file was updated to reflect this. The option is still parsed so that an error message gives hints about what to look for. |
||
Willy Tarreau
|
b63dbb7b2e |
MAJOR: config: remove parsing of the global "nbproc" directive
This one was deprecated in 2.3 and marked for removal in 2.5. It suffers too many limitations compared to threads, and prevents some improvements from being engaged. Instead of a bypassable startup error, there is now a hard error. The parsing code was removed, and very few obvious cases were as well. The code is deeply rooted at certain places (e.g. "for" loops iterating from 0 to nbproc) so it will not be that trivial to remove everywhere. The "bind" and "bind-process" parsers will have to be adjusted, though maybe not completely changed if we later want to support thread groups for large NUMA machines. Some stats socket restrictions were removed, and the doc was updated according to what was done. A few places in the doc still refer to nbproc and will have to be revisited. The master-worker code also refers to the process number to distinguish between master and workers and will have to be carefully adjusted. The MAX_PROCS macro was reset to 1, this will at least reduce the size of some remaining arrays. Two regtests were dependieng on this directive, one with an explicit "nbproc 1" and another one testing the master's CLI using nbproc 4. Both were adapted. |
||
Willy Tarreau
|
89da7cf5d5 |
EXAMPLES: add a trivial config for quick testing
This config was taken from the example provided in the dpbench project. It uses minimalistic keywords and is trivial to setup and adapt on any test machine for a quick test. It can be convenient when comparing different server platforms to pick the one delivering the best performance in various dimensions (conn rate, req rate, ssl rate, bit rate). It uses a single listener (optionally a second one with SSL), a single server, power-of-two-choices (random(2)) algorithm, and no privileged directive. |
||
Willy Tarreau
|
71c5f6d477 |
EXAMPLES: add a "basic-config-edge" example config
This config uses TLS, HSTS, redirects, cache, compression, stats, log to stderr, and simple load balancing in a simple and commented config which could be used as a starter for many other ones, especially in containers. |
||
Willy Tarreau
|
58000fe16d |
DOC: remove last occurrences of "HA-Proxy" syntax
There were only a few more used as output examples and comments in a few docs, it was the right moment to get rid of them. The file intro.txt which explains how to parse the version also got a hint about the possible presence of a hyphen in the name in older versions. |
||
Ilya Shipitsin
|
47d17182f4 |
CLEANUP: assorted typo fixes in the code and comments
This is 10th iteration of typo fixes |
||
Willy Tarreau
|
a8ee4b199f |
CLEANUP: removed obsolete examples an move a few to better places
The following example files awere removed as irrelevant by this time : auth.cfg check.conf ssl.cfg haproxy.spec The following scripts were removed as having been unused for more than a decade : debug2ansi debug2html debugfind check init.haproxy stats_haproxy.sh seemless_reload.txt was moved to doc/ where it's more suitable. haproxy.vim was moved to contrib/syntax-highlight/ scripts/create-release was updated not to try to update haproxy.spec anymore. |
||
Willy Tarreau
|
ca3551f005 |
[RELEASE] Released version 2.0-dev7
Released version 2.0-dev7 with the following main changes : - BUG/MEDIUM: mux-h2: make sure the connection timeout is always set - MINOR: tools: add new bitmap manipulation functions - MINOR: logs: use the new bitmap functions instead of fd_sets for encoding maps - MINOR: chunks: Make sure trash_size is only set once. - Revert "MINOR: chunks: Make sure trash_size is only set once." - MINOR: threads: serialize threads initialization - MINOR peers: data structure simplifications for server names dictionary cache. - DOC: peers: Update for dictionary cache entries for peers protocol. - MINOR: dict: Store the length of the dictionary entries. - MINOR: peers: A bit of optimization when encoding cached server names. - MINOR: peers: Optimization for dictionary cache lookup. - MEDIUM: tools: improve time format error detection - BUG/MEDIUM: H1: When upgrading, make sure we don't free the buffer too early. - BUG/MEDIUM: stream_interface: Make sure we call si_cs_process() if CS_FL_EOI. - MINOR: threads: avoid clearing harmless twice in thread_release() - MEDIUM: threads: add thread_sync_release() to synchronize steps - BUG/MEDIUM: init/threads: prevent initialized threads from starting before others - OPTIM/MINOR: init/threads: only call protocol_enable_all() on first thread - BUG/MINOR: dict: race condition fix when inserting dictionary entries. - MEDIUM: init/threads: don't use spinlocks during the init phase - BUG/MINOR: cache/htx: Fix the counting of data already sent by the cache applet - BUG/MEDIUM: compression/htx: Fix the adding of the last data block - MINOR: flt_trace: Don't scrash the original offset during the random forwarding - MAJOR: htx: Rework how free rooms are tracked in an HTX message - MINOR: htx: Add the function htx_move_blk_before() - Revert "BUG/MEDIUM: H1: When upgrading, make sure we don't free the buffer too early." - BUG/MINOR: http-rules: mention "deny_status" for "deny" in the error message - MINOR: http: turn default error files to HTTP/1.1 - BUG/MEDIUM: h1: Don't try to subscribe if we had a connection error. - BUG/MEDIUM: h1: Don't consider we're connected if the handshake isn't done. - MINOR: contrib/spoa_server: Upgrade SPOP to 2.0 - BUG/MEDIUM: contrib/spoa_server: Set FIN flag on agent frames - MINOR: contrib/spoa_server: Add random IP score - DOC/MINOR: contrib/spoa_server: Fix typo in README |
||
Willy Tarreau
|
b57f109966 |
[RELEASE] Released version 2.0-dev6
Released version 2.0-dev6 with the following main changes : - BUG/MEDIUM: connection: fix multiple handshake polling issues - MINOR: connection: also stop receiving after a SOCKS4 response - MINOR: mux-h1: don't try to recv() before the connection is ready - BUG/MEDIUM: mux-h1: only check input data for the current stream, not next one - MEDIUM: mux-h1: don't use CS_FL_REOS anymore - CLEANUP: connection: remove the now unused CS_FL_REOS flag - CONTRIB: debug: add 4 missing connection/conn_stream flags - MEDIUM: stream: make a full process_stream() loop when completing I/O on exit - MINOR: server: increase the default pool-purge-delay to 5 seconds - BUILD: tools: do not use the weak attribute for trace() on obsolete linkers - BUG/MEDIUM: vars: make sure the scope is always valid when accessing vars - BUG/MEDIUM: vars: make the tcp/http unset-var() action support conditions - BUILD: task: fix a build warning when threads are disabled - CLEANUP: peers: Remove tabs characters. - CLEANUP: peers: Replace hard-coded values by macros. - BUG/MINOR: peers: Wrong stick-table update message building. - MINOR: dict: Add dictionary new data structure. - MINOR: peers: Add a LRU cache implementation for dictionaries. - MINOR: stick-table: Add "server_name" new data type. - MINOR: cfgparse: Space allocation for "server_name" stick-table data type. - MINOR: proxy: Add a "server by name" tree to proxy. - MINOR: server: Add a dictionary for server names. - MINOR: stream: Stickiness server lookup by name. - MINOR: peers: Make peers protocol support new "server_name" data type. - MINOR: stick-table: Make the CLI stick-table handler support dictionary entry data type. - REGTEST: Add a basic server by name stickiness reg test. - MINOR: peers: Add dictionary cache information to "show peers" CLI command. - MINOR: peers: Replace hard-coded for peer protocol 64-bits value encoding by macros. - MINOR: peers: Replace hard-coded values for peer protocol messaging by macros. - CLEANUP: ssl: remove unneeded defined(OPENSSL_IS_BORINGSSL) - BUILD: travis-ci improvements - MINOR: SSL: add client/server random sample fetches - BUG/MINOR: channel/htx: Don't alter channel during forward for empty HTX message - BUG/MINOR: contrib/prometheus-exporter: Add HTX data block in one time - BUG/MINOR: mux-h1: errflag must be set on H1S and not H1M during output processing - MEDIUM: mux-h1: refactor output processing - MINOR: mux-h1: Add the flag HAVE_O_CONN on h1s - MINOR: mux-h1: Add h1_eval_htx_hdrs_size() to estimate size of the HTX headers - MINOR: mux-h1: Don't count the EOM in the estimated size of headers - MEDIUM: cache/htx: Always store info about HTX blocks in the cache - MEDIUM: htx: Add the parsing of trailers of chunked messages - MINOR: htx: Don't use end-of-data blocks anymore - BUG/MINOR: mux-h1: Don't send more data than expected - BUG/MINOR: flt_trace/htx: Only apply the random forwarding on the message body. - BUG/MINOR: peers: Wrong "server_name" decoding. - BUG/MEDIUM: servers: Don't attempt to destroy idle connections if disabled. - MEDIUM: checks: Make sure we unsubscribe before calling cs_destroy(). - MEDIUM: connections: Wake the upper layer even if sending/receiving is disabled. - MEDIUM: ssl: Handle subscribe by itself. - MINOR: ssl: Make ssl_sock_handshake() static. - MINOR: connections: Add a new xprt method, remove_xprt. - MINOR: connections: Add a new xprt method, add_xprt(). - MEDIUM: connections: Introduce a handshake pseudo-XPRT. - MEDIUM: connections: Remove CONN_FL_SOCK* - BUG/MEDIUM: ssl: Don't forget to initialize ctx->send_recv and ctx->recv_wait. - BUG/MINOR: peers: Wrong server name parsing. - MINOR: server: really increase the pool-purge-delay default to 5 seconds - BUG/MINOR: stream: don't emit a send-name-header in conn error or disconnect states - MINOR: stream-int: use bit fields to match multiple stream-int states at once - MEDIUM: stream-int: remove dangerous interval checks for stream-int states - MEDIUM: stream-int: introduce a new state SI_ST_RDY - MAJOR: stream-int: switch from SI_ST_CON to SI_ST_RDY on I/O - MEDIUM: stream-int: make idle-conns switch to ST_RDY - MEDIUM: stream: re-arrange the connection setup status reporting - MINOR: stream-int: split si_update() into si_update_rx() and si_update_tx() - MINOR: stream-int: make si_sync_send() from the send code of si_update_both() - MEDIUM: stream: rearrange the events to remove the loop - MEDIUM: stream: only loop on flags relevant to the analysers - MEDIUM: stream: don't abusively loop back on changes on CF_SHUT*_NOW - BUILD: stream-int: avoid a build warning in dev mode in si_state_bit() - BUILD: peers: fix a build warning about an incorrect intiialization - BUG/MINOR: time: make sure only one thread sets global_now at boot - BUG/MEDIUM: tcp: Make sure we keep the polling consistent in tcp_probe_connect. |
||
Willy Tarreau
|
abc874ea45 |
[RELEASE] Released version 2.0-dev5
Released version 2.0-dev5 with the following main changes : - BUILD: watchdog: use si_value.sival_int, not si_int for the timer's value - BUILD: signals: FreeBSD has SI_LWP instead of SI_TKILL - BUILD: watchdog: condition it to USE_RT - MINOR: raw_sock: report global traffic statistics - MINOR: stats: report the global output bit rate in human readable form - BUG/MINOR: proto-htx: Try to keep connections alive on redirect - BUG/MEDIUM: spoe: Don't use the SPOE applet after releasing it - BUG/MINOR: lua: Set right direction and flags on new HTTP objects - BUG/MINOR: mux-h2: Count EOM in bytes sent when a HEADERS frame is formatted - BUG/MINOR: mux-h1: Report EOI instead EOS on parsing error or H2 upgrade - BUG/MEDIUM: proto-htx: Not forward too much data when 1xx reponses are handled - BUG/MINOR: htx: Remove a forgotten while loop in htx_defrag() - DOC: fix typos - BUG/MINOR: ssl_sock: Fix memory leak when disabling compression - OPTIM: freq-ctr: don't take the date lock for most updates - MEDIUM: mux-h2: avoid doing expensive buffer realigns when not absolutely needed - CLEANUP: debug: remove the TRACE() macro - MINOR: buffer: introduce b_make() to make a buffer from its parameters - MINOR: buffer: add a new buffer ring API to manipulate rings of buffers - MEDIUM: mux-h2: replace all occurrences of mbuf with a buffer ring - MEDIUM: mux-h2: make the conditions to send based on mbuf, not just its tail - MINOR: mux-h2: introduce h2_release_mbuf() to release all buffers in the mbuf ring - MEDIUM: mux-h2: make the send() function iterate over all mux buffers - CLEANUP: mux-h2: consistently use a local variable for the mbuf - MINOR: mux-h2: report the mbuf's head and tail in "show fd" - MAJOR: mux-h2: switch to next mux buffer on buffer full condition. - BUILD: connections: shut up gcc about impossible out-of-bounds warning - BUILD: ssl: fix latest LibreSSL reg-test error - MINOR: cli/activity: remove "fd_del" and "fd_skip" from show activity - MINOR: cli/activity: add 3 general purpose counters in development mode - BUG/MAJOR: lb/threads: make sure the avoided server is not full on second pass - BUG/MEDIUM: queue: fix the tree walk in pendconn_redistribute. - BUG/MEDIUM: threads: fix double-word CAS on non-optimized 32-bit platforms - MEDIUM: config: now alert when two servers have the same name - MINOR: htx: Remove the macro IS_HTX_SMP() and always use IS_HTX_STRM() instead - MINOR: htx: Move the macro IS_HTX_STRM() in proto/stream.h - MINOR: htx: Store the head position instead of the wrap one - MINOR: htx: Store start-line block's position instead of address of its payload - MINOR: htx: Add functions to get the first block of an HTX message - MINOR: mux-h2/htx: Get the start-line from the head when HEADERS frame is built - MINOR: htx: Replace the function http_find_stline() by http_get_stline() - CLEANUP: htx: Remove unused function htx_get_stline() - MINOR: http/htx: Use sl_pos directly to replace the start-line - MEDIUM: http/htx: Perform analysis relatively to the first block - MINOR: channel/htx: Call channel_htx_recv_max() from channel_recv_max() - MINOR: htx: Add function htx_get_max_blksz() - BUG/MINOR: htx: Change htx_xfer_blk() to also count metadata - MEDIUM: mux-h1: Use the count value received from the SI in h1_rcv_buf() - MINOR: mux-h2: Use the count value received from the SI in h2_rcv_buf() - MINOR: stream-int: Don't use the flag CO_RFL_KEEP_RSV anymore in si_cs_recv() - MINOR: connection: Remove the unused flag CO_RFL_KEEP_RSV - MINOR: mux-h2/htx: Support zero-copy when possible in h2_rcv_buf() - MINOR: htx: Add a field to set the memory used by headers in the HTX start-line - MINOR: h2/htx: Set hdrs_bytes on the SL when an HTX message is produced - MINOR: mux-h1: Set hdrs_bytes on the SL when an HTX message is produced - MINOR: htx: Be sure to xfer all headers in one time in htx_xfer_blks() - MEDIUM: htx: 1xx messages are now part of the final reponses - MINOR: channel/htx: Add function to forward headers of an HTX message - MINOR: filters/htx: Use channel_htx_fwd_headers() after headers filtering - MINOR: proto-htx: Use channel_htx_fwd_headers() to forward 1xx responses - MEDIUM: htx: Store the first block position instead of the start-line one - MINOR: stats/htx: don't use the first block position but the head one - MINOR: channel/htx: Add functions to forward a part or all HTX payload - MINOR: proto-htx: Use channel_htx_fwd_all() when unfiltered body are forwarded - MEDIUM: filters/htx: Filter body relatively to the first block - MINOR: htx: Optimize htx_drain() when all data are drained - MINOR: htx: don't rely on htx_find_blk() anymore in the function htx_truncate() - MINOR: htx: remove the unused function htx_find_blk() - MINOR: htx: Remove support of pseudo headers because it is unused - BUG/MEDIUM: http: fix "http-request reject" when not final - MINOR: ssl: Make sure the underlying xprt's init method doesn't fail. - MINOR: ssl: Don't forget to call the close method of the underlying xprt. - MINOR: htx: rename htx_append_blk_value() to htx_add_data_atonce() - MINOR: htx: make htx_add_data() return the transmitted byte count - MEDIUM: htx: make htx_add_data() never defragment the buffer - MINOR: activity: write totals on the "show activity" output - MINOR: activity: report totals and average separately - MEDIUM: poller: separate the wait time from the wake events - MINOR: activity: report the number of failed pool/buffer allocations - MEDIUM: buffers: relax the buffer lock a little bit - MINOR: task: turn the WQ lock to an RW_LOCK - MEDIUM: task: don't grab the WR lock just to check the WQ - BUG/MEDIUM: mux-h1: Don't skip the TCP splicing when there is no more data to read - MEDIUM: sessions: Introduce session flags. - BUG/MEDIUM: h2: Don't forget to set h2s->cs to NULL after having free'd cs. - BUG/MEDIUM: mux-h2: fix the conditions to end the h2_send() loop - BUG/MEDIUM: mux-h2: don't refrain from offering oneself a used buffer - BUG/MEDIUM: connection: Use the session to get the origin address if needed. - MEDIUM: tasks: Get rid of active_tasks_mask. - MEDIUM: connection: Upstream SOCKS4 proxy support - BUILD: contrib/prometheus: fix build breakage caused by move of idle_pct - BUG/MINOR: deinit/threads: make hard-stop-after perform a clean exit |
||
Alexander Liu
|
2a54bb74cd |
MEDIUM: connection: Upstream SOCKS4 proxy support
Have "socks4" and "check-via-socks4" server keyword added. Implement handshake with SOCKS4 proxy server for tcp stream connection. See issue #82. I have the "SOCKS: A protocol for TCP proxy across firewalls" doc found at "https://www.openssh.com/txt/socks4.protocol". Please reference to it. [wt: for now connecting to the SOCKS4 proxy over unix sockets is not supported, and mixing IPv4/IPv6 is discouraged; indeed, the control layer is unique for a connection and will be used both for connecting and for target address manipulation. As such it may for example report incorrect destination addresses in logs if the proxy is reached over IPv6] |
||
Willy Tarreau
|
567406949b |
[RELEASE] Released version 2.0-dev4
Released version 2.0-dev4 with the following main changes : - BUILD: enable freebsd builds on cirrus-ci - BUG/MINOR: http_fetch: Rely on the smp direction for "cookie()" and "hdr()" - MEDIUM: Make 'option forceclose' actually warn - MEDIUM: Make 'resolution_pool_size' directive fatal - DOC: management: place "show activity" at the right place - MINOR: cli/activity: show the dumping thread ID starting at 1 - MINOR: task: export global_task_mask - MINOR: cli/debug: add a thread dump function - BUG/MEDIUM: streams: Don't use CF_EOI to decide if the request is complete. - BUG/MEDIUM: streams: Try to L7 retry before aborting the connection. - BUG/MINOR: debug: make ha_task_dump() always check the task before dumping it - BUG/MINOR: debug: make ha_task_dump() actually dump the requested task - MINOR: debug: make ha_thread_dump() and ha_task_dump() take a buffer - BUG/MINOR: debug: don't check the call date on tasklets - MINOR: thread: implement ha_thread_relax() - MINOR: task: put barriers after each write to curr_task - MINOR: task: always reset curr_task when freeing a task or tasklet - MINOR: stream: detach the stream from its own task on stream_free() - MEDIUM: debug/threads: implement an advanced thread dump system - REGTEST: extend the check duration on tls_health_checks and mark it slow - DOC: fix "successful" typo - MINOR: init: setenv HAPROXY_CFGFILES - MINOR: threads/init: synchronize the threads startup - MEDIUM: init/mworker: make the pipe register function a regular initcall - CLEANUP: memory: make the fault injection code use the OTHER_LOCK label - CLEANUP: threads: remove the now unused START_LOCK label - MINOR: init/threads: make the global threads an array of structs - MINOR: threads: add each thread's clockid into the global thread_info - CLEANUP: stream: remove an obsolete debugging test - MINOR: tools: add dump_hex() - MINOR: debug: implement ha_panic() - MINOR: debug/cli: add some debugging commands for developers - MINOR: tools: provide a may_access() function and make dump_hex() use it - MINOR: debug: make ha_panic() report threads starting at 1 - REORG: compat: move some integer limit definitions from standard.h to compat.h - REORG: threads: move the struct thread_info from global.h to hathreads.h - MINOR: compat: make sure to always define clockid_t - MINOR: threads: always place the clockid in the struct thread_info - MINOR: threads: add a thread-local thread_info pointer "ti" - MINOR: time: move the cpu, mono, and idle time to thread_info - MINOR: time: add a function to retrieve another thread's cputime - MINOR: debug: report each thread's cpu usage in "show thread" - BUILD: threads: only assign the clock_id when supported - BUILD: makefile: use USE_OBSOLETE_LINKER for solaris - BUILD: makefile: remove -fomit-frame-pointer optimisation (solaris) - MAJOR: polling: add event ports support (Solaris) - BUG/MEDIUM: streams: Don't switch from SI_ST_CON to SI_ST_DIS on read0. - CLEANUP: time: refine the test on _POSIX_TIMERS - MINOR: compat: define a new empty type empty_t for non-implemented fields - CLEANUP: time: switch clockid_t to empty_t when not available - BUG/MINOR: mworker: Fix memory leak of mworker_proc members - CLEANUP: objtype: make obj_type() and obj_type_name() take consts - MINOR: debug: switch to SIGURG for thread dumps - CLEANUP: threads: really move thread_info to hathreads.c - MINOR: threads: make threads_{harmless|want_rdv}_mask constant 0 without threads - CLEANUP: debug: always report harmless/want_rdv even without threads - MINOR: threads: implement ha_tkill() and ha_tkillall() - CLEANUP: debug: make use of ha_tkill() and remove ifdefs - MINOR: stream: introduce a stream_dump() function and use it in stream_dump_and_crash() - MINOR: debug: dump streams when an applet, iocb or stream is known - MINOR: threads: add a "stuck" flag to the thread_info struct - MINOR: threads: add a timer_t per thread in thread_info - MAJOR: watchdog: implement a thread lockup detection mechanism - MINOR: stream: remove the cpu time detection from process_stream() - MINOR: connection: report the mux names in "haproxy -vv" - CLEANUP: mux-h1: use "H1" and not "h1" as the mux's name - BUG/MEDIUM: WURFL: segfault in wurfl-get() with missing info. - MINOR: WURFL: call header_retireve_callback() in dummy library - MINOR: WURFL: fixed Engine load failed error when wurfl-information-list contains wurfl_root_id - MINOR: WURFL: shows log messages during module initialization - MINOR: WURFL: removes heading wurfl-information-separator from wurfl-get-all() and wurfl-get() results - MINOR: WURFL: wurfl_get() and wurfl_get_all() now return an empty string if device detection fails - MEDIUM: WURFL: HTX awareness. - MINOR: WURFL: module version bump to 2.0 - MINOR: WURFL: do not emit warnings when not configured - CONTRIB: wurfl: address 3 build issues in the wurfl dummy library - BUG/MEDIUM: init/threads: provide per-thread alloc/free function callbacks - BUILD: travis: add sanitizers to travis-ci builds - BUILD: time: remove the test on _POSIX_C_SOURCE - CLEANUP: build: rename some build macros to use the USE_* ones - CLEANUP: raw_sock: remove support for very old linux splice bug workaround - BUG/MEDIUM: dns: make the port numbers unsigned - MEDIUM: config: deprecate the antique req* and rsp* commands |
||
Tim Duesterhus
|
10c6c16cde |
MEDIUM: Make 'option forceclose' actually warn
It is deprecated since
|
||
Willy Tarreau
|
a257a9b015 |
[RELEASE] Released version 2.0-dev3
Released version 2.0-dev3 with the following main changes : - BUG/MINOR: peers: Really close the sessions with no heartbeat. - CLEANUP: peers: remove useless annoying tabulations. - CLEANUP: peers: replace timeout constants by macros. - REGTEST: Enable again reg tests with HEAD HTTP method usage. - DOC: The option httplog is no longer valid in a backend. - DOC: peers: Peers protocol documentation update. - REGTEST: remove unexpected "nbthread" statement from Lua test cases - BUILD: Makefile: remove 11-years old workarounds for deprecated options - BUILD: remove 10-years old error message for obsolete option USE_TCPSPLICE - BUILD: Makefile: remove outdated support for dlmalloc - BUILD: Makefile: consider a variable's origin and not its value for the options list - BUILD: Makefile: also report disabled options in the BUILD_OPTIONS variable - BUILD: Makefile: shorten default settings declaration - BUILD: Makefile: clean up the target declarations - BUILD: report the whole feature set with their status in haproxy -vv - BUILD: pass all "USE_*" variables as -DUSE_* to the compiler - REGTEST: script: make the script use the new features list - REGTEST: script: remove platform-specific assigments of OPTIONS - BUG/MINOR: peers: Missing initializations after peer session shutdown. - BUG/MINOR: contrib/prometheus-exporter: Fix applet accordingly to recent changes - BUILD/MINOR: listener: Silent a few signedness warnings. - BUG/MINOR: mux-h1: Only skip invalid C-L headers on output - BUG/MEDIUM: mworker: don't free the wrong child when not found - BUG/MEDIUM: checks: Don't bother subscribing if we have a connection error. - BUG/MAJOR: checks: segfault during tcpcheck_main - BUILD: makefile: work around an old bug in GNU make-3.80 - BUILD: makefile: work around another bug in make 3.80 - BUILD: http: properly mark some struct as extern - BUILD: chunk: properly declare pool_head_trash as extern - BUILD: cache: avoid a build warning with some compilers/linkers - MINOR: tools: make memvprintf() never pass a NULL target to vsnprintf() - MINOR: tools: add an unsetenv() implementation - BUILD: re-implement an initcall variant without using executable sections - BUILD: use inttypes.h instead of stdint.h - BUILD: connection: fix naming of ip_v field - BUILD: makefile: fix build of IPv6 header on aix51 - BUILD: makefile: add _LINUX_SOURCE_COMPAT to build on AIX-51 - BUILD: define unsetenv on AIX 5.1 - BUILD: Makefile: disable shared cache on AIX 5.1 - MINOR: ssl: Add aes_gcm_dec converter - REORG: mworker: move serializing functions to mworker.c - REORG: mworker: move signals functions to mworker.c - REORG: mworker: move IPC functions to mworker.c - REORG: mworker: move signal handlers and related functions - REORG: mworker: move mworker_cleanlisteners to mworker.c - MINOR: mworker: calloc mworker_proc structures - MINOR: mworker: don't use children variable anymore - MINOR: cli: export cli_parse_default() definition in cli.h - REORG: mworker/cli: move CLI functions to mworker.c - MEDIUM: mworker-prog: implement program for master-worker - MINOR: mworker/cli: show programs in 'show proc' - BUG/MINOR: cli: correctly handle abns in 'show cli sockets' - MINOR: cli: start addresses by a prefix in 'show cli sockets' - MINOR: cli: export HAPROXY_CLI environment variable - BUG/MINOR: htx: Preserve empty HTX messages with an unprocessed parsing error - BUG/MINOR: proto_htx: Reset to_forward value when a message is set to DONE - REGTEST: http-capture/h00000: Relax a regex matching the log message - REGTEST: http-messaging/h00000: Fix the test when the HTX is enabled - REGTEST: http-rules/h00003: Use a different client for requests expecting a 301 - REGTEST: log/b00000: Be sure the client always hits its timeout - REGTEST: lua/b00003: Relax the regex matching the log message - REGTEST: lua/b00003: Specify the HAProxy pid when the command ss is executed - BUG/MEDIUM: peers: fix a case where peer session is not cleanly reset on release. - BUG/MEDIUM: h2: Don't attempt to recv from h2_process_demux if we subscribed. - BUG/MEDIUM: htx: fix random premature abort of data transfers - BUG/MEDIUM: streams: Don't remove the SI_FL_ERR flag in si_update_both(). - BUG/MEDIUM: streams: Store prev_state before calling si_update_both(). - BUG/MEDIUM: stream: Don't clear the stream_interface flags in si_update_both. - MINOR: initcall: Don't forget to define the __start/stop_init_##stg symbols. - MINOR: threads: Implement thread_cpus_enabled() for FreeBSD. - BUG/MEDIUM: pattern: assign pattern IDs after checking the config validity - MINOR: skip get_gmtime where tm is unused - MINOR: ssl: Activate aes_gcm_dec converter for BoringSSL - BUG/MEDIUM: streams: Only re-run process_stream if we're in a connected state. - BUG/MEDIUM: stream_interface: Don't bother doing chk_rcv/snd if not connected. - BUG/MEDIUM: task/threads: address a fairness issue between local and global tasks - BUG/MINOR: tasks: make sure the first task to be queued keeps its nice value - BUG/MINOR: listener: renice the accept ring processing task - MINOR: cli/listener: report the number of accepts on "show activity" - MINOR: cli/activity: report the accept queue sizes in "show activity" - BUG/MEDIUM: spoe: Queue message only if no SPOE applet is attached to the stream - BUG/MEDIUM: spoe: Return an error if nothing is encoded for fragmented messages - BUG/MINOR: spoe: Be sure to set tv_request when each message fragment is encoded - BUG/MEDIUM: htx: Defrag if blocks position is changed and the payloads wrap - BUG/MEDIUM: htx: Don't crush blocks payload when append is done on a data block - MEDIUM: htx: Deprecate the option 'http-tunnel' and ignore it in HTX - MINOR: proto_htx: Don't adjust transaction mode anymore in HTX analyzers - BUG/MEDIUM: htx: Fix the process of HTTP CONNECT with h2 connections - MINOR: mux-h1: Simplify handling of 1xx responses - MINOR: stats/htx: Don't add "Connection: close" header anymore in stats responses - MEDIUM: h1: Add an option to sanitize connection headers during parsing - MEDIUM: mux-h1: Simplify the connection mode management by sanitizing headers - MINOR: mux-h1: Don't release the conn_stream anymore when h1s is destroyed - BUG/MINOR: mux-h1: Handle the flag CS_FL_KILL_CONN during a shutdown read/write - MINOR: mux-h2: Add a mux_ops dedicated to the HTX mode - MINOR: muxes: Add a flag to specify a multiplexer uses the HTX - MINOR: stream: Set a flag when the stream uses the HTX - MINOR: http: update the macro IS_HTX_STRM() to check the stream flag SF_HTX - MINOR: http_fetch/htx: Use stream flags instead of px mode in smp_prefetch_htx - MINOR: filters/htx: Use stream flags instead of px mode to instanciate a filter - MINOR: muxes: Rely on conn_is_back() during init to handle front/back conn - MEDIUM: muxes: Add an optional input buffer during mux initialization - MINOR: muxes: Pass the context of the mux to destroy() instead of the connection - MEDIUM: muxes: Be prepared to don't own connection during the release - MEDIUM: connection: Add conn_upgrade_mux_fe() to handle mux upgrades - MEDIUM: htx: Allow the option http-use-htx to be used on TCP proxies too - MAJOR: proxy/htx: Handle mux upgrades from TCP to HTTP in HTX mode - MAJOR: muxes/htx: Handle inplicit upgrades from h1 to h2 - MAJOR: htx: Enable the HTX mode by default for all proxies - REGTEST: Use HTX by default and add '--no-htx' option to disable it - BUG/MEDIUM: muxes: Don't dereference mux context if null in release functions - CLEANUP: task: do not export rq_next anymore - MEDIUM: tasks: improve fairness between the local and global queues - MEDIUM: tasks: only base the nice offset on the run queue depth - MINOR: tasks: restore the lower latency scheduling when niced tasks are present - BUG/MEDIUM: map: Fix memory leak in the map converter - BUG/MINOR: ssl: Fix 48 byte TLS ticket key rotation - BUILD: task/thread: fix single-threaded build of task.c - BUILD: cli/threads: fix build in single-threaded mode - BUG/MEDIUM: muxes: Make sure we unsubcribed when destroying mux ctx. - BUG/MEDIUM: h2: Make sure we're not already in the send_list in h2_subscribe(). - BUG/MEDIUM: h2: Revamp the way send subscriptions works. - MINOR: connections: Remove the SUB_CALL_UNSUBSCRIBE flag. - BUG/MEDIUM: Threads: Only use the gcc >= 4.7 builtins when using gcc >= 4.7. - BUILD: address a few cases of "static <type> inline foo()" - BUILD: do not specify "const" on functions returning structs or scalars - BUILD: htx: fix a used uninitialized warning on is_cookie2 - MINOR: peers: Add a new command to the CLI for peers. - DOC: update for "show peers" CLI command. - BUG/MAJOR: lb/threads: fix insufficient locking on round-robin LB - MEDIUM: mworker: store the leaving state of a process - MEDIUM: mworker-prog: implements 'option start-on-reload' - CLEANUP: mworker: remove the type field in mworker_proc - MEDIUM: mworker/cli: export the HAPROXY_MASTER_CLI variable - MINOR: cli: don't add a semicolon at the end of HAPROXY_CLI - MINOR: mworker: export HAPROXY_MWORKER=1 when running in mworker mode - MINOR: init: add a "set-dumpable" global directive to enable core dumps - BUG/MINOR: listener/mq: correctly scan all bound threads under low load - BUG/MINOR: mworker: mworker_kill should apply on every children - BUG/MINOR: mworker: don't exit with an ambiguous value - BUG/MINOR: mworker: ensure that we still quits with SIGINT - REGTESTS: exclude tests that require ssl, pcre if no such feature is enabled - BUG/MINOR: mux-h1: Process input even if the input buffer is empty - BUG/MINOR: mux-h1: Don't switch the parser in busy mode if other side has done - BUG/MEDIUM: mux-h1: Notify the stream waiting for TCP splicing if ibuf is empty - BUG/MEDIUM: mux-h1: Enable TCP splicing to exchange data only - MINOR: mux-h1: Handle read0 during TCP splicing - BUG/MEDIUM: htx: Don't return the start-line if the HTX message is empty - BUG/MAJOR: http_fetch: Get the channel depending on the keyword used - BUG/MINOR: http_fetch/htx: Allow permissive sample prefetch for the HTX - BUG/MINOR: http_fetch/htx: Use HTX versions if the proxy enables the HTX mode - BUG/MEDIUM: tasks: Make sure we set TASK_QUEUED before adding a task to the rq. - BUG/MEDIUM: tasks: Make sure we modify global_tasks_mask with the rq_lock. - MINOR: tasks: Don't consider we can wake task with tasklet_wakeup(). - MEDIUM: tasks: No longer use rq.node.leaf_p as a lock. - MINOR: tasks: Don't set the TASK_RUNNING flag when adding in the tasklet list. - BUG/MEDIUM: applets: Don't use task_in_rq(). - BUG/MAJOR: task: make sure never to delete a queued task - MINOR: task/thread: factor out a wake-up condition - CLEANUP: task: remain consistent when using the task's handler - MEDIUM: tasks: Merge task_delete() and task_free() into task_destroy(). - MEDIUM: tasks: Don't account a destroyed task as a runned task. - BUG/MINOR: contrib/prometheus-exporter: Fix a typo in the run-queue metric type - MINOR: contrib/prometheus-exporter: Remove usless rate metrics - MINOR: contrib/prometheus-exporter: Rename some metrics to be more usable - MINOR: contrib/prometheus-exporter: Follow best practices about metrics type - BUG/MINOR: mworker: disable busy polling in the master process - MEDIUM: tasks: Use __ha_barrier_store after modifying global_tasks_mask. - MEDIUM: ssl: Give ssl_sock its own context. - MEDIUM: connections: Move some fields from struct connection to ssl_sock_ctx. - MEDIUM: ssl: provide its own subscribe/unsubscribe function. - MEDIUM: connections: Provide a xprt_ctx for each xprt method. - MEDIUM: ssl: provide our own BIO. - BUILD/medium: ssl: Fix build with OpenSSL < 1.1.0 - MINOR: peers: adds counters on show peers about tasks calls. - MEDIUM: enable travis-ci builds - MINOR: fd: Add a counter of used fds. - MEDIUM: connections: Add a way to control the number of idling connections. - BUG/MEDIUM: maps: only try to parse the default value when it's present - BUG/MINOR: acl: properly detect pattern type SMP_T_ADDR - REGTEST: Missing REQUIRE_VERSION declarations. - MINOR: proto_tcp: tcp-request content: enable set-dst and set-dst-var - BUG/MEDIUM: h1: Don't parse chunks CRLF if not enough data are available - BUG/MEDIUM: thread/http: Add missing locks in set-map and add-acl HTTP rules - BUG/MEDIUM: stream: Don't request a server connection if a shutw was scheduled - BUG/MINOR: 51d: Get the request channel to call CHECK_HTTP_MESSAGE_FIRST() - BUG/MINOR: da: Get the request channel to call CHECK_HTTP_MESSAGE_FIRST() - MINOR: gcc: Fix a silly gcc warning in connect_server() - MINOR: ssl/cli: async fd io-handlers printable on show fd - Revert "CLEANUP: wurfl: remove dead, broken and unmaintained code" - BUILD: add USE_WURFL to the list of known build options - MINOR: wurfl: indicate in haproxy -vv the wurfl version in use - BUILD: wurfl: build fix for 1.9/2.0 code base - CLEANUP: wurfl: removed deprecated methods - DOC: wurfl: added point of contact in MAINTAINERS file - MINOR: wurfl: enabled multithreading mode - MINOR: contrib: dummy wurfl library - MINOR: dns: dns_requester structures are now in a memory pool - MINOR: dns: move callback affection in dns_link_resolution() - MINOR: obj_type: new object type for struct stream - MINOR: action: new '(http-request|tcp-request content) do-resolve' action - MINOR: log: Extract some code to send syslog messages. - REGTEST: replace LEVEL option by a more human readable one. - REGTEST: rename the reg test files. - REGTEST: adapt some reg tests after renaming. - REGTEST: make the "run-regtests" script search for tests in reg-tests by default - BUG/MAJOR: stream: Missing DNS context initializations. - BUG/MEDIUM: stream: Fix the way early aborts on the client side are handled - BUG/MINOR: spoe: Don't systematically wakeup SPOE stream in the applet handler - BUG/MEDIUM: ssl: Return -1 on recv/send if we got EAGAIN. - BUG/MAJOR: lb/threads: fix AB/BA locking issue in round-robin LB - BUG/MAJOR: muxes: Use the HTX mode to find the best mux for HTTP proxies only - BUG/MINOR: htx: Exclude TCP proxies when the HTX mode is handled during startup - CLEANUP: task: report calls as unsigned in show sess - MINOR: tasks/activity: report the context switch and task wakeup rates - MINOR: stream: measure and report a stream's call rate in "show sess" - MINOR: applet: measure and report an appctx's call rate in "show sess" - BUILD: extend Travis CI config to support more platforms - REGTEST: exclude osx and generic targets for 40be_2srv_odd_health_checks - REGTEST: relax the IPv6 address format checks in converters_ipmask_concat_strcmp_field_word - REGTEST: exclude OSX and generic targets from abns_socket.vtc - BUILD: travis: remove the "allow_failures" entry - BUG/MINOR: activity: always initialize the profiling variable - MINOR: activity: make the profiling status per thread and not global - MINOR: activity: enable automatic profiling turn on/off - CLEANUP: standard: use proper const to addr_to_str() and port_to_str() - BUG/MINOR: proto_http: properly reset the stream's call rate on keep-alive - MINOR: connection: make the debugging helper functions safer - MINOR: stream/debug: make a stream dump and crash function - MEDIUM: appctx/debug: force a crash if an appctx spins over itself forever - MEDIUM: stream/debug: force a crash if a stream spins over itself forever - MEDIUM: streams: measure processing time and abort when detecting bugs - BUILD/MEDIUM: contrib: Dummy DeviceAtlas API. - MEDIUM: da: HTX mode support. - BUG/MEDIUM: mux-h2: properly deal with too large headers frames - BUG/MINOR: http: Call stream_inc_be_http_req_ctr() only one time per request - BUG/MEDIUM: spoe: arg len encoded in previous frag frame but len changed - MINOR: spoe: Use the sample context to pass frag_ctx info during encoding - DOC: contrib/modsecurity: Typos and fix the reject example - BUG/MEDIUM: contrib/modsecurity: If host header is NULL, don't try to strdup it - MINOR: log: Add "sample" new keyword to "log" lines. - MINOR: log: Enable the log sampling and load-balancing feature. - DOC: log: Document the sampling and load-balancing logging feature. - REGTEST: Add a new reg test for log load-balancing feature. - BUG/MAJOR: map/acl: real fix segfault during show map/acl on CLI - REGTEST: Make this reg test be Linux specific. - CLEANUP: task: move the task_per_thread definition to task.h - MINOR: activity: report context switch counts instead of rates - MINOR: threads: Implement HA_ATOMIC_LOAD(). - BUG/MEDIUM: port_range: Make the ring buffer lock-free. - BUG/MEDIUM: listener: Fix how unlimited number of consecutive accepts is handled - MINOR: config: Test validity of tune.maxaccept during the config parsing - CLEANUP: config: Don't alter listener->maxaccept when nbproc is set to 1 - BUG/MEDIUM: servers: fix typo "src" instead of "srv" - BUG/MEDIUM: ssl: Don't pretend we can retry a recv/send if we got a shutr/w. - BUG/MINOR: haproxy: fix rule->file memory leak - BUG/MINOR: log: properly free memory on logformat parse error and deinit() - BUG/MINOR: checks: free memory allocated for tasklets - BUG/MEDIUM: pattern: fix memory leak in regex pattern functions - BUG/MEDIUM: channels: Don't forget to reset output in channel_erase(). - BUG/MEDIUM: connections: Make sure we remove CO_FL_SESS_IDLE on disown. - MINOR: threads: flatten the per-thread cpu-map - MINOR: init/threads: remove the useless tids[] array - MINOR: init/threads: make the threads array global - BUG/MEDIUM: ssl: Use the early_data API the right way. - BUG/MEDIUM: streams: Don't add CF_WRITE_ERROR if early data were rejected. - MEDIUM: streams: Add the ability to retry a request on L7 failure. - MEDIUM: streams: Add a way to replay failed 0rtt requests. - MEDIUM: streams: Add a new keyword for retry-on, "junk-response" - BUG/MINOR: stream: also increment the retry stats counter on L7 retries - BUG/MEDIUM: checks: make sure the warmup task takes the server lock - BUG/MINOR: logs/threads: properly split the log area upon startup - BUILD: extend travis-ci matrix - CLEANUP: Remove appsession documentation - DOC: Fix typo in keyword matrix - BUILD: remove "build_libressl" duplicate declaration - BUILD: travis-ci: get back to osx without openssl support - BUILD: enable several LibreSSL hacks, including - BUILD: temporarily mark LibreSSL builds as allowed to fail - BUILD: travis: TMPDIR replacement. - BUG/MEDIUM: ssl: Don't attempt to use early data with libressl. - MINOR: doc: Document allow-0rtt on the server line. - MINOR: doc: Document the interaction of allow-0rtt and retry-on 0rtt-rejected. - MEDIUM: proto: Change the prototype of the connect() method. - MEDIUM: tcp: add the "tfo" option to support TCP fastopen on the server - MINOR: config: Extract the code of "stick-table" line parsing. - BUILD/MINOR: stick-table: Compilation fix. - MEDIUM: stick-table: Stop handling stick-tables as proxies. - MINOR: stick-tables: Add peers process binding computing. - MINOR: stick-table: Add prefixes to stick-table names. - MINOR: peers: Do not emit global stick-table names. - DOC: Update for "table" lines in "peers" section. - REGTEST: Add reg tests for "table" lines in "peers" sections. - MEDIUM: regex: modify regex_comp() to atomically allocate/free the my_regex struct - REGTEST: make the tls_health_checks test much faster - REGTEST: make the "table in peers" test require v2.0 - BUG/MINOR: mux-h2: rely on trailers output not input to turn them to empty data - BUG/MEDIUM: h2/htx: always fail on too large trailers - MEDIUM: mux-h2: discard contents that are to be sent after a shutdown - BUG/MEDIUM: mux-h2/htx: never wait for EOM when processing trailers - BUG/MEDIUM: h2/htx: never leave a trailers block alone with no EOM block - REGTEST: Flag some slow reg tests. - REGTEST: Reg tests file renaming. - REGTEST: Wrong renaming for one reg test. - REGTEST: Wrong assumption in IP:port logging test. - BUG/MINOR: mworker/ssl: close OpenSSL FDs on reload - MINOR: systemd: Use the variables from /etc/default/haproxy - MINOR: systemd: Make use of master socket in systemd unit - MINOR: systemd: support /etc/sysconfig/ for redhat based distrib - BUG/MEDIUM: stick-table: fix regression caused by a change in proxy struct - BUG/MEDIUM: tasks: fix possible segfault on task_destroy() - CLEANUP: task: remove unneeded tests before task_destroy() - MINOR: mworker: support a configurable maximum number of reloads - BUG/MINOR: mux-h2: fix the condition to close a cs-less h2s on the backend - BUG/MEDIUM: spoe: Be sure the sample is found before setting its context - BUG/MINOR: mux-h1: Fix the parsing of trailers - BUG/MINOR: htx: Never transfer more than expected in htx_xfer_blks() - MINOR: htx: Split on DATA blocks only when blocks are moved to an HTX message - MINOR: htx: Don't try to append a trailer block with the previous one - MINOR: htx: Remove support for unused OOB HTX blocks - BUILD: travis-ci bugfixes and improvements - BUG/MEDIUM: servers: Don't use the same srv flag for cookie-set and TFO. - BUG/MEDIUM: h2: Make sure we set send_list to NULL in h2_detach(). - BUILD: ssl: fix again a libressl build failure after the openssl FD leak fix - CLEANUP: ssl-sock: use HA_OPENSSL_VERSION_NUMBER instead of OPENSSL_VERSION_NUMBER - BUILD: ssl: make libressl use its own version numbers - CLEANUP: ssl: remove 57 occurrences of useless tests on LIBRESSL_VERSION_NUMBER - MINOR: ssl: enable aes_gcm_dec on LibreSSL - BUILD: ssl: fix libressl build again after aes-gcm-enc - REORG: ssl: move openssl-compat from proto to common - REORG: ssl: move some OpenSSL defines from ssl_sock to openssl-compat - CLEANUP: ssl: never include openssl/*.h outside of openssl-compat.h anymore - CLEANUP: ssl: make inclusion of openssl headers safe - BUILD: add BoringSSL to travis-ci build matrix - BUILD: threads: Add __ha_cas_dw fallback for single threaded builds - BUG/MINOR: stream: Attach the read side on the response as soon as possible - BUG/MEDIUM: http: Use pointer to the begining of input to parse message headers - BUG/MEDIUM: h2: Don't check send_wait to know if we're in the send_list. - BUG/MEDIUM: streams: Make sur SI_FL_L7_RETRY is set before attempting a retry. - MEDIUM: streams: Add a new http action, disable-l7-retry. - MINOR: streams: Introduce a new retry-on keyword, all-retryable-errors. - BUG/MINOR: vars: Fix memory leak in vars_check_arg - BUILD: travis-ci: make TMPDIR global variable in travis-ci - CLEANUP: ssl: move the SSL_OP_* and SSL_MODE_* definitions to openssl-compat - CLEANUP: ssl: remove ifdef around SSL_CTX_get_extra_chain_certs() - CLEANUP: ssl: move all BIO_* definitions to openssl-compat - BUILD: threads: fix again the __ha_cas_dw() definition - BUG/MAJOR: mux-h2: do not add a stream twice to the send list - Revert "BUG/MINOR: vars: Fix memory leak in vars_check_arg" - BUG/MINOR: peers: Fix memory leak in cfg_parse_peers - BUG/MINOR: htx: make sure to always initialize the HTTP method when parsing a buffer - REGTEST: fix tls_health_checks random failures on MacOS in Travis-CI - MINOR: spoe: Set the argument chunk size to 0 when SPOE variables are checked - BUG/MINOR: vars: Fix memory leak in vars_check_arg - BUG/MAJOR: ssl: segfault upon an heartbeat request - MINOR: spoa-server: Clone the v1.7 spoa-example project - MINOR: spoa-server: move some definition from spoa_server.c to spoa_server.h - MINOR: spoa-server: Externalise debug functions - MINOR: spoe-server: rename "worker" functions - MINOR: spoa-server: Replace the thread init system by processes - MINOR: spoa-server: With debug mode, start only one process - MINOR: spoa-server: Allow registering external processes - MINOR: spoa-server: Allow registering message processors - MINOR: spoa-server: Load files - MINOR: spoa-server: Prepare responses - MINOR: spoa-server: Execute registered callbacks - MINOR: spoa-server: Add Lua processing - MINOR: spoa-server: Add python - MINOR/DOC: spoe-server: Add documentation - BUG/MEDIUM: connections: Don't forget to set xprt_ctx to NULL on close. - MINOR: lists: add LIST_ADDED() to check if an element belongs to a list - CLEANUP: mux-h2: use LIST_ADDED() instead of LIST_ISEMPTY() where relevant - MINOR: mux-h2: add two H2S flags to report the need for shutr/shutw - CLEANUP: mux-h2: simply use h2s->flags instead of ret in h2_deferred_shut() - CLEANUP: connection: remove the handle field from the wait_event struct - BUG/MINOR: log: Wrong log format initialization. - BUG/MINOR: mux-h2: make the do_shut{r,w} functions more robust against retries - BUG/MINOR: mworker: use after free when the PID not assigned - MINOR: mux-h2: remove useless test on stream ID vs last in wake function - MINOR: mux-h2: make h2_wake_some_streams() not depend on the CS flags - MINOR: mux-h2: make h2s_wake_one_stream() the only function to deal with CS - MINOR: mux-h2: make h2s_wake_one_stream() not depend on temporary CS flags - BUG/MINOR: mux-h2: make sure to honor KILL_CONN in do_shut{r,w} - CLEANUP: mux-h2: don't test for impossible CS_FL_REOS conditions - MINOR: mux-h2: add macros to check multiple stream states at once - MINOR: mux-h2: stop relying on CS_FL_REOS - BUG/MEDIUM: mux-h2: Set EOI on the conn_stream during h2_rcv_buf() - BUILD: debug: make gcc not complain on the ABORT_NOW() macro - MINOR: debug: add a new BUG_ON macro - MINOR: h2: Use BUG_ON() to enforce rules in subscribe/unsubscribe. - MINOR: h1: Use BUG_ON() to enforce rules in subscribe/unsubscribe. - MINOR: connections: Use BUG_ON() to enforce rules in subscribe/unsubscribe. - BUILD: ist: turn the lower/upper case tables to literal on obsolete linkers |
||
paulborile
|
bad132c384 |
CLEANUP: wurfl: removed deprecated methods
last 2 major releases of libwurfl included a complete review of engine options with the result of deprecating many features. The patch removes unecessary code and fixes the documentation. Can be backported on any version of haproxy. [wt: must not be backported since it removes config keywords and would thus break existing configurations] Signed-off-by: Willy Tarreau <w@1wt.eu> |
||
Willy Tarreau
|
b3cc9f2887 |
Revert "CLEANUP: wurfl: remove dead, broken and unmaintained code"
This reverts commit
|
||
Willy Tarreau
|
6e893b9931 |
[RELEASE] Released version 2.0-dev2
Released version 2.0-dev2 with the following main changes : - CLEANUP: http: Remove unreachable code in parse_http_req_capture - CLEANUP: stream: Remove bogus loop in conn_si_send_proxy - MINOR: lists: Implement locked variations. - MEDIUM: servers: Used a locked list for idle_orphan_conns. - MEDIUM: servers: Reorganize the way idle connections are cleaned. - BUG/MEDIUM: lists: Properly handle the case we're removing the first elt. - MINOR: cfgparse: Add a cast to make gcc happier. - BUG/MEDIUM: standard: Wrong reallocation size. - BUG/MINOR: listener: keep accept rate counters accurate under saturation - DOC: fix alphabetic ordering for "tune.fail-alloc" setting - MAJOR: config: disable support for nbproc and nbthread in parallel - MEDIUM: listener: keep a single thread-mask and warn on "process" misuse - MAJOR: listener: do not hold the listener lock in listener_accept() - MINOR: listener: maintain a per-thread count of the number of connections on a listener - MINOR: tools: implement functions to look up the nth bit set in a mask - MINOR: listener: pre-compute some thread counts per bind_conf - MINOR: listener: implement multi-queue accept for threads - MAJOR: listener: use the multi-queue for multi-thread listeners - MINOR: activity: add accept queue counters for pushed and overflows - MINOR: config: add global tune.listener.multi-queue setting - MAJOR: threads: enable one thread per CPU by default - DOC: update management.txt to reflect that threads are used by default - BUG/MINOR: config: don't over-count the global maxsock value - BUG/MEDIUM: list: fix the rollback on addq in the locked liss - BUG/MEDIUM: list: fix LIST_POP_LOCKED's removal of the last pointer - BUG/MEDIUM: list: add missing store barriers when updating elements and head - MINOR: list: make the delete and pop operations idempotent - MINOR: server: remove a few unneeded LIST_INIT calls after LIST_DEL_LOCKED - BUG/MEDIUM: listener: use a self-locked list for the dequeue lists - BUG/MEDIUM: listener: make sure the listener never accepts too many conns - BUG/MEDIUM: list: correct fix for LIST_POP_LOCKED's removal of last element - MINOR: listener: introduce listener_backlog() to report the backlog value - MINOR: listener: do not needlessly set l->maxconn - MINOR: proxy: do not change the listeners' maxconn when updating the frontend's - MEDIUM: config: don't enforce a low frontend maxconn value anymore - MINOR: peers: Add a message for heartbeat. - MINOR: global: keep a copy of the initial rlim_fd_cur and rlim_fd_max values - BUG/MINOR: init: never lower rlim_fd_max - BUG/MINOR: checks: make external-checks restore the original rlim_fd_cur/max - BUG/MINOR: mworker: be careful to restore the original rlim_fd_cur/max on reload - MINOR: init: make the maxpipe computation more accurate - MINOR: init: move some maxsock updates earlier - MEDIUM: init: make the global maxconn default to what rlim_fd_cur permits - REGTEST: fix a spurious "nbthread 4" in the connection test - DOC: update the text related to the global maxconn value - BUG/MAJOR: mux-h2: fix race condition between close on both ends - MINOR: sample: Replace "req.ungrpc" smp fetch by a "ungrpc" converter. - BUG/MEDIUM: list: fix again LIST_ADDQ_LOCKED - MINOR: htx: unconditionally handle parsing errors in requests or responses - MINOR: mux-h2: always pass HTX_FL_PARSING_ERROR between h2s and buf on RX - BUG/MEDIUM: h2/htx: verify that :path doesn't contain invalid chars - MINOR: sample: Code factorization "ungrpc" converter. - MINOR: sample: Rework gRPC converter code. - CLEANUP: wurfl: remove dead, broken and unmaintained code - MINOR: config: relax the range checks on cpu-map - BUG/MINOR: ssl: fix warning about ssl-min/max-ver support - MINOR: sample: Extract some protocol buffers specific code. - DOC: Remove tabs and fixed punctuation. - MINOR: sample: Add a protocol buffers specific converter. - REGTEST: Peers reg tests. - REGTEST: Enable reg tests with HEAD HTTP method usage. - MINOR: lists: add a LIST_DEL_INIT() macro - MINOR: task: use LIST_DEL_INIT() to remove a task from the queue - MINOR: listener: improve incoming traffic distribution - MINOR: tools: implement my_flsl() - MEDIUM: listener: change the LB algorithm again to use two round robins instead - CLEANUP: listener: remove old thread bit mapping - MINOR: listener: move thr_idx from the bind_conf to the listener - BUG/MEDIUM: logs: Only attempt to free startup_logs once. - BUG/MAJOR: config: Wrong maxconn adjustment. - BUG/MEDIUM: 51d: fix possible segfault on deinit_51degrees() - OPTIM: task: limit the impact of memory barriers in taks_remove_from_task_list() - MINOR: fd: Remove debugging code. - BUG/MEDIUM: listeners: Don't call fd_stop_recv() if fd_updt is NULL. - MINOR: threads: Implement __ha_barrier_atomic*. - MEDIUM: threads: Use __ATOMIC_SEQ_CST when using the newer atomic API. - MINOR: threads: Add macros to do atomic operation with no memory barrier. - MEDIUM: various: Use __ha_barrier_atomic* when relevant. - MEDIUM: applets: Use the new _HA_ATOMIC_* macros. - MEDIUM: xref: Use the new _HA_ATOMIC_* macros. - MEDIUM: fd: Use the new _HA_ATOMIC_* macros. - MEDIUM: freq_ctr: Use the new _HA_ATOMIC_* macros. - MEDIUM: proxy: Use the new _HA_ATOMIC_* macros. - MEDIUM: server: Use the new _HA_ATOMIC_* macros. - MEDIUM: task: Use the new _HA_ATOMIC_* macros. - MEDIUM: activity: Use the new _HA_ATOMIC_* macros. - MEDIUM: backend: Use the new _HA_ATOMIC_* macros. - MEDIUM: cache: Use the new _HA_ATOMIC_* macros. - MEDIUM: checks: Use the new _HA_ATOMIC_* macros. - MEDIUM: pollers: Use the new _HA_ATOMIC_* macros. - MEDIUM: compression: Use the new _HA_ATOMIC_* macros. - MEDIUM: spoe: Use the new _HA_ATOMIC_* macros. - MEDIUM: threads: Use the new _HA_ATOMIC_* macros. - MEDIUM: http: Use the new _HA_ATOMIC_* macros. - MEDIUM: lb/threads: Use the new _HA_ATOMIC_* macros. - MEDIUM: listeners: Use the new _HA_ATOMIC_* macros. - MEDIUM: logs: Use the new _HA_ATOMIC_* macros. - MEDIUM: memory: Use the new _HA_ATOMIC_* macros. - MEDIUM: peers: Use the new _HA_ATOMIC_* macros. - MEDIUM: proto_tcp: Use the new _HA_ATOMIC_* macros. - MEDIUM: queues: Use the new _HA_ATOMIC_* macros. - MEDIUM: sessions: Use the new _HA_ATOMIC_* macros. - MEDIUM: ssl: Use the new _HA_ATOMIC_* macros. - MEDIUM: stream: Use the new _HA_ATOMIC_* macros. - MEDIUM: tcp_rules: Use the new _HA_ATOMIC_* macros. - MEDIUM: time: Use the new _HA_ATOMIC_* macros. - MEDIUM: vars: Use the new _HA_ATOMIC_* macros. - MINOR: config: remove obsolete use of DEFAULT_MAXCONN at various places - MINOR: config: continue to rely on DEFAULT_MAXCONN to set the minimum maxconn - BUG/MEDIUM: list: fix incorrect pointer unlocking in LIST_DEL_LOCKED() - BUG/MEDIUM: listener: make sure we don't pick stopped threads - MEDIUM: list: Remove useless barriers. - MEDIUM: list: Use _HA_ATOMIC_* - MEDIUM: connections: Use _HA_ATOMIC_* - BUG/MAJOR: tasks: Use the TASK_GLOBAL flag to know if we're in the global rq. - BUG/MEDIUM: threads/fd: do not forget to take into account epoll_fd/pipes - BUG/MEDIUM: init/threads: consider epoll_fd/pipes for automatic maxconn calculation - BUG/MEDIUM: tasks: Make sure we wake sleeping threads if needed. - BUG/MINOR: mux-h1: Don't report an error on EOS if no message was received - BUG/MINOR: stats/htx: Call channel_add_input() when response headers are sent - BUG/MINOR: lua/htx: Use channel_add_input() when response data are added - BUG/MINOR: lua/htx: Don't forget to call htx_to_buf() when appropriate - MINOR: stats: Add the status code STAT_STATUS_IVAL to handle invalid requests - MINOR: stats: Move stuff about the stats status codes in stats files - BUG/MINOR: stats: Be more strict on what is a valid request to the stats applet - Revert "REGTEST: Enable reg tests with HEAD HTTP method usage." - BUILD: listener: shut up a build warning when threads are disabled - BUILD: Makefile: allow the reg-tests target to be verbose - BUILD: Makefile: resolve LEVEL before calling run-regtests - BUG/MAJOR: spoe: Fix initialization of thread-dependent fields - BUG/MAJOR: stats: Fix how huge POST data are read from the channel - BUG/MINOR: http/counters: fix missing increment of fe->srv_aborts - BUG/MEDIUM: mux-h2: Always wakeup streams with no id to avoid frozen streams - MINOR: mux-h2: Set REFUSED_STREAM error to reset a stream if no data was never sent - MINOR: muxes: Report the Last read with a dedicated flag - MINOR: proto-http/proto-htx: Make error handling clearer during data forwarding - BUILD: tools: fix a build warning on some 32-bit archs - MINOR: init: report the list of optionally available services - MEDIUM: proto_htx: Switch to infinite forwarding if there is no data filter - BUG/MINOR: cache: Fully consume large requests in the cache applet - BUG/MINOR: stats: Fully consume large requests in the stats applet - BUG/MEDIUM: lua: Fully consume large requests when an HTTP applet ends - MINOR: proto_http: Add function to handle the header "Expect: 100-continue" - MINOR: proto_htx: Add function to handle the header "Expect: 100-continue" - MINOR: stats/cache: Handle the header Expect when applets are registered - MINOR: http/applets: Handle all applets intercepting HTTP requests the same way - CLEANUP: cache: don't export http_cache_applet anymore - MINOR: lua: Don't handle the header Expect in lua HTTP applets anymore - BUG/MINOR: doc: Be accurate on the behavior on pool-purge-delay. - Revert "MEDIUM: proto_htx: Switch to infinite forwarding if there is no data filter" - BUG/MEDIUM: mux-h2: Make sure we destroyed the h2s once shutr/shutw is done. - BUG/MEDIUM: mux-h2: Don't bother keeping the h2s if detaching and nothing to send. - BUG/MEDIUM: mux-h2: Use the right list in h2_stop_senders(). - MINOR: mux-h2: copy small data blocks more often and reduce the number of pauses - CLEANUP: mux-h2: add some comments to help understand the code - BUG/MEDIUM: ssl: ability to set TLS 1.3 ciphers using ssl-default-server-ciphersuites - BUG/MINOR: log: properly format IPv6 address when LOG_OPT_HEXA modifier is used. - BUG/MEDIUM: h2: Try to be fair when sending data. - BUG/MINOR: proto-http: Don't forward request body anymore on error - MINOR: mux-h2: Remove useless test on ES flag in h2_frt_transfer_data() - MINOR: connection: and new flag to mark end of input (EOI) - MINOR: channel: Report EOI on the input channel if it was reached in the mux - MEDIUM: mux-h2: Don't mix the end of the message with the end of stream - MINOR: mux-h1: Set CS_FL_EOI the end of the message is reached - BUG/MEDIUM: http/htx: Fix handling of the option abortonclose - CLEANUP: muxes/stream-int: Remove flags CS_FL_READ_NULL and SI_FL_READ_NULL - MEDIUM: proto_htx: Reintroduce the infinite forwarding on data - BUG/MEDIUM: h2: only destroy the h2s if h2s->cs is NULL. - BUG/MEDIUM: h2: Use the new sending_list in h2s_notify_send(). - BUG/MEDIUM: h2: Follow the same logic in h2_deferred_shut than in h2_snd_buf. - BUG/MEDIUM: h2: Remove the tasklet from the task list if unsubscribing. - BUG/MEDIUM: task/h2: add an idempotent task removal fucntion - CLEANUP: task: only perform a LIST_DEL() when the list is not empty - BUG/MEDIUM: mux-h2: make sure to always notify streams of EOS condition - CONTRIB: debug: report the CS and CF's EOI flags - MINOR: channel: don't unset CF_SHUTR_NOW after shutting down. |
||
Willy Tarreau
|
8e5e1e7bf0 |
CLEANUP: wurfl: remove dead, broken and unmaintained code
Since the "wurfl" device detection engine was merged slightly more than two years ago (2016-11-04), it never received a single fix nor update. For almost two years it didn't receive even the minimal review or changes needed to be compatible with threads, and it's remained build-broken for about the last 9 months, consecutive to the last buffer API changes, without anyone ever noticing! When asked on the list, nobody confirmed using it : https://www.mail-archive.com/haproxy@formilux.org/msg32516.html And obviously nobody even cared to verify that it did still build. So we are left with this broken code with no user and no maintainer. It might even suffer from remotely exploitable vulnerabilities without anyone being able to check if it presents any risk. It's a pain to update each time there is an API change because it doesn't build as it depends on external libraries that are not publicly accessible, leading to careful blind changes. It slows down the whole project. This situation is not acceptable at all. It's time to cure the problem where it is. This patch removes all this dead, non-buildable, non-working code. If anyone ever decides to use it, which I seriously doubt based on history, it could be reintegrated, but this time the following guarantees will be required : - someone has to step up as a maintainer and have his name listed in the MAINTAINERS file (I should have been more careful last time). This person will take the sole blame for all issues and will be responsible for fixing the bugs and incompatibilities affecting this code, and for making it evolve to follow regular internal API updates. - support building on a standard distro with automated tools (i.e. no more "click on this site, register your e-mail and download an archive then figure how to place this into your build system"). Dummy libs are OK though as long as they allow the mainline code to build and start. - multi-threaded support must be fixed. I mean seriously, not worked around with a check saying "please disable threads, we've been busy fishing for the last two years". This may be backported to 1.9 given that the code has never worked there either, thus at least we're certain nobody will miss it. |
||
Willy Tarreau
|
6c1b667e57 |
[RELEASE] Released version 2.0-dev1
Released version 2.0-dev1 with the following main changes : - MINOR: mux-h2: only increase the connection window with the first update - REGTESTS: remove the expected window updates from H2 handshakes - BUG/MINOR: mux-h2: make empty HEADERS frame return a connection error - BUG/MEDIUM: mux-h2: mark that we have too many CS once we have more than the max - MEDIUM: mux-h2: remove padlen during headers phase - MINOR: h2: add a bit-based frame type representation - MINOR: mux-h2: remove useless check for empty frame length in h2s_decode_headers() - MEDIUM: mux-h2: decode HEADERS frames before allocating the stream - MINOR: mux-h2: make h2c_send_rst_stream() use the dummy stream's error code - MINOR: mux-h2: add a new dummy stream for the REFUSED_STREAM error code - MINOR: mux-h2: fail stream creation more cleanly using RST_STREAM - MINOR: buffers: add a new b_move() function - MINOR: mux-h2: make h2_peek_frame_hdr() support an offset - MEDIUM: mux-h2: handle decoding of CONTINUATION frames - CLEANUP: mux-h2: remove misleading comments about CONTINUATION - BUG/MEDIUM: servers: Don't try to reuse connection if we switched server. - BUG/MEDIUM: tasks: Decrement tasks_run_queue in tasklet_free(). - BUG/MINOR: htx: send the proper authenticate header when using http-request auth - BUG/MEDIUM: mux_h2: Don't add to the idle list if we're full. - BUG/MEDIUM: servers: Fail if we fail to allocate a conn_stream. - BUG/MAJOR: servers: Use the list api correctly to avoid crashes. - BUG/MAJOR: servers: Correctly use LIST_ELEM(). - BUG/MAJOR: sessions: Use an unlimited number of servers for the conn list. - BUG/MEDIUM: servers: Flag the stream_interface on handshake error. - MEDIUM: servers: Be smarter when switching connections. - MEDIUM: sessions: Keep track of which connections are idle. - MINOR: payload: add sample fetch for TLS ALPN - BUG/MEDIUM: log: don't mark log FDs as non-blocking on terminals - MINOR: channel: Add the function channel_add_input - MINOR: stats/htx: Call channel_add_input instead of updating channel state by hand - BUG/MEDIUM: cache: Be sure to end the forwarding when XFER length is unknown - BUG/MAJOR: htx: Return the good block address after a defrag - MINOR: lb: allow redispatch when using consistent hash - CLEANUP: mux-h2: fix end-of-stream flag name when processing headers - BUG/MEDIUM: mux-h2: always restart reading if data are available - BUG/MINOR: mux-h2: set the stream-full flag when leaving h2c_decode_headers() - BUG/MINOR: mux-h2: don't check the CS count in h2c_bck_handle_headers() - BUG/MINOR: mux-h2: mark end-of-stream after processing response HEADERS, not before - BUG/MINOR: mux-h2: only update rxbuf's length for H1 headers - BUG/MEDIUM: mux-h1: use per-direction flags to indicate transitions - BUG/MEDIUM: mux-h1: make HTX chunking consistent with H2 - BUG/MAJOR: stream-int: Update the stream expiration date in stream_int_notify() - BUG/MEDIUM: proto-htx: Set SI_FL_NOHALF on server side when request is done - BUG/MEDIUM: mux-h1: Add a task to handle connection timeouts - MINOR: mux-h2: make h2c_decode_headers() return a status, not a count - MINOR: mux-h2: add a new dummy stream : h2_error_stream - MEDIUM: mux-h2: make h2c_decode_headers() support recoverable errors - BUG/MINOR: mux-h2: detect when the HTX EOM block cannot be added after headers - MINOR: mux-h2: remove a misleading and impossible test - CLEANUP: mux-h2: clean the stream error path on HEADERS frame processing - MINOR: mux-h2: check for too many streams only for idle streams - MINOR: mux-h2: set H2_SF_HEADERS_RCVD when a HEADERS frame was decoded - BUG/MEDIUM: mux-h2: decode trailers in HEADERS frames - MINOR: h2: add h2_make_h1_trailers to turn H2 headers to H1 trailers - MEDIUM: mux-h2: pass trailers to H1 (legacy mode) - MINOR: htx: add a new function to add a block without filling it - MINOR: h2: add h2_make_htx_trailers to turn H2 headers to HTX trailers - MEDIUM: mux-h2: pass trailers to HTX - MINOR: mux-h1: parse the content-length header on output and set H1_MF_CLEN - BUG/MEDIUM: mux-h1: don't enforce chunked encoding on requests - MINOR: mux-h2: make HTX_BLK_EOM processing idempotent - MINOR: h1: make the H1 headers block parser able to parse headers only - MEDIUM: mux-h2: emit HEADERS frames when facing HTX trailers blocks - MINOR: stream/htx: Add info about the HTX structs in "show sess all" command - MINOR: stream: Add the subscription events of SIs in "show sess all" command - MINOR: mux-h1: Add the subscription events in "show fd" command - BUG/MEDIUM: h1: Get the h1m state when restarting the headers parsing - BUG/MINOR: cache/htx: Be sure to count partial trailers - BUG/MEDIUM: h1: In h1_init(), wake the tasklet instead of calling h1_recv(). - BUG/MEDIUM: server: Defer the mux init until after xprt has been initialized. - MINOR: connections: Remove a stall comment. - BUG/MEDIUM: cli: make "show sess" really thread-safe - BUILD: add a new file "version.c" to carry version updates - MINOR: stream/htx: add the HTX flags output in "show sess all" - MINOR: stream/cli: fix the location of the waiting flag in "show sess all" - MINOR: stream/cli: report more info about the HTTP messages on "show sess all" - BUG/MINOR: lua: bad args are returned for Lua actions - BUG/MEDIUM: lua: dead lock when Lua tasks are trigerred - MINOR: htx: Add an helper function to get the max space usable for a block - MINOR: channel/htx: Add HTX version for some helper functions - BUG/MEDIUM: cache/htx: Respect the reserve when cached objects are served - BUG/MINOR: stats/htx: Respect the reserve when the stats page is dumped - DOC: regtest: make it clearer what the purpose of the "broken" series is - REGTEST: mailers: add new test for 'mailers' section - REGTEST: Add a reg test for health-checks over SSL/TLS. - BUG/MINOR: mux-h1: Close connection on shutr only when shutw was really done - MEDIUM: mux-h1: Clarify how shutr/shutw are handled - BUG/MINOR: compression: Disable it if another one is already in progress - BUG/MINOR: filters: Detect cache+compression config on legacy HTTP streams - BUG/MINOR: cache: Disable the cache if any compression filter precedes it - REGTEST: Add some informatoin to test results. - MINOR: htx: Add a function to truncate all blocks after a specific offset - MINOR: channel/htx: Add the HTX version of channel_truncate/erase - BUG/MINOR: proto_htx: Use HTX versions to truncate or erase a buffer - BUG/CRITICAL: mux-h2: re-check the frame length when PRIORITY is used - DOC: Fix typo in req.ssl_alpn example (commit 4afdd138424ab...) - DOC: http-request cache-use / http-response cache-store expects cache name - REGTEST: "capture (request|response)" regtest. - BUG/MINOR: lua/htx: Respect the reserve when data are send from an HTX applet - REGTEST: filters: add compression test - BUG/MEDIUM: init: Initialize idle_orphan_conns for first server in server-template - BUG/MEDIUM: ssl: Disable anti-replay protection and set max data with 0RTT. - DOC: Be a bit more explicit about allow-0rtt security implications. - MINOR: mux-h1: make the mux_h1_ops struct static - BUILD: makefile: add an EXTRA_OBJS variable to help build optional code - BUG/MEDIUM: connection: properly unregister the mux on failed initialization - BUG/MAJOR: cache: fix confusion between zero and uninitialized cache key - REGTESTS: test case for map_regm commit 271022150d - REGTESTS: Basic tests for concat,strcmp,word,field,ipmask converters - REGTESTS: Basic tests for using maps to redirect requests / select backend - DOC: REGTESTS README varnishtest -Dno-htx= define. - MINOR: spoe: Make the SPOE filter compatible with HTX proxies - MINOR: checks: Store the proxy in checks. - BUG/MEDIUM: checks: Avoid having an associated server for email checks. - REGTEST: Switch to vtest. - REGTEST: Adapt reg test doc files to vtest. - BUG/MEDIUM: h1: Make sure we destroy an inactive connectin that did shutw. - BUG/MINOR: base64: dec func ignores padding for output size checking - BUG/MEDIUM: ssl: missing allocation failure checks loading tls key file - MINOR: ssl: add support of aes256 bits ticket keys on file and cli. - BUG/MINOR: backend: don't use url_param_name as a hint for BE_LB_ALGO_PH - BUG/MINOR: backend: balance uri specific options were lost across defaults - BUG/MINOR: backend: BE_LB_LKUP_CHTREE is a value, not a bit - MINOR: backend: move url_param_name/len to lbprm.arg_str/len - MINOR: backend: make headers and RDP cookie also use arg_str/len - MINOR: backend: add new fields in lbprm to store more LB options - MINOR: backend: make the header hash use arg_opt1 for use_domain_only - MINOR: backend: remap the balance uri settings to lbprm.arg_opt{1,2,3} - MINOR: backend: move hash_balance_factor out of chash - MEDIUM: backend: move all LB algo parameters into an union - MINOR: backend: make the random algorithm support a number of draws - BUILD/MEDIUM: da: Necessary code changes for new buffer API. - BUG/MINOR: stick_table: Prevent conn_cur from underflowing - BUG: 51d: Changes to the buffer API in 1.9 were not applied to the 51Degrees code. - BUG/MEDIUM: stats: Get the right scope pointer depending on HTX is used or not - DOC: add a missing space in the documentation for bc_http_major - REGTEST: checks basic stats webpage functionality - BUG/MEDIUM: servers: Make assign_tproxy_address work when ALPN is set. - BUG/MEDIUM: connections: Add the CO_FL_CONNECTED flag if a send succeeded. - DOC: add github issue templates - MINOR: cfgparse: Extract some code to be re-used. - CLEANUP: cfgparse: Return asap from cfg_parse_peers(). - CLEANUP: cfgparse: Code reindentation. - MINOR: cfgparse: Useless frontend initialization in "peers" sections. - MINOR: cfgparse: Rework peers frontend init. - MINOR: cfgparse: Simplication. - MINOR: cfgparse: Make "peer" lines be parsed as "server" lines. - MINOR: peers: Make outgoing connection to SSL/TLS peers work. - MINOR: cfgparse: SSL/TLS binding in "peers" sections. - DOC: peers: SSL/TLS documentation for "peers" - BUG/MINOR: startup: certain goto paths in init_pollers fail to free - BUG/MEDIUM: checks: fix recent regression on agent-check making it crash - BUG/MINOR: server: don't always trust srv_check_health when loading a server state - BUG/MINOR: check: Wake the check task if the check is finished in wake_srv_chk() - BUG/MEDIUM: ssl: Fix handling of TLS 1.3 KeyUpdate messages - DOC: mention the effect of nf_conntrack_tcp_loose on src/dst - BUG/MINOR: proto-htx: Return an error if all headers cannot be received at once - BUG/MEDIUM: mux-h2/htx: Respect the channel's reserve - BUG/MINOR: mux-h1: Apply the reserve on the channel's buffer only - BUG/MINOR: mux-h1: avoid copying output over itself in zero-copy - BUG/MAJOR: mux-h2: don't destroy the stream on failed allocation in h2_snd_buf() - BUG/MEDIUM: backend: also remove from idle list muxes that have no more room - BUG/MEDIUM: mux-h2: properly abort on trailers decoding errors - MINOR: h2: declare new sets of frame types - BUG/MINOR: mux-h2: CONTINUATION in closed state must always return GOAWAY - BUG/MINOR: mux-h2: headers-type frames in HREM are always a connection error - BUG/MINOR: mux-h2: make it possible to set the error code on an already closed stream - BUG/MINOR: hpack: return a compression error on invalid table size updates - MINOR: server: make sure pool-max-conn is >= -1 - BUG/MINOR: stream: take care of synchronous errors when trying to send - CLEANUP: server: fix indentation mess on idle connections - BUG/MINOR: mux-h2: always check the stream ID limit in h2_avail_streams() - BUG/MINOR: mux-h2: refuse to allocate a stream with too high an ID - BUG/MEDIUM: backend: never try to attach to a mux having no more stream available - MINOR: server: add a max-reuse parameter - MINOR: mux-h2: always consider a server's max-reuse parameter - MEDIUM: stream-int: always mark pending outgoing SI_ST_CON - MINOR: stream: don't wait before retrying after a failed connection reuse - MEDIUM: h2: always parse and deduplicate the content-length header - BUG/MINOR: mux-h2: always compare content-length to the sum of DATA frames - CLEANUP: h2: Remove debug printf in mux_h2.c - MINOR: cfgparse: make the process/thread parser support a maximum value - MINOR: threads: make MAX_THREADS configurable at build time - DOC: nbthread is no longer experimental. - BUG/MINOR: listener: always fill the source address for accepted socketpairs - BUG/MINOR: mux-h2: do not report available outgoing streams after GOAWAY - BUG/MINOR: spoe: corrected fragmentation string size - BUG/MINOR: task: fix possibly missed event in inter-thread wakeups - BUG/MEDIUM: servers: Attempt to reuse an unfinished connection on retry. - BUG/MEDIUM: backend: always call si_detach_endpoint() on async connection failure - SCRIPTS: add the issue tracker URL to the announce script - MINOR: peers: Extract some code to be reused. - CLEANUP: peers: Indentation fixes. - MINOR: peers: send code factorization. - MINOR: peers: Add new functions to send code and reduce the I/O handler. - MEDIUM: peers: synchronizaiton code factorization to reduce the size of the I/O handler. - MINOR: peers: Move update receive code to reduce the size of the I/O handler. - MINOR: peers: Move ack, switch and definition receive code to reduce the size of the I/O handler. - MINOR: peers: Move high level receive code to reduce the size of I/O handler. - CLEANUP: peers: Be more generic. - MINOR: peers: move error handling to reduce the size of the I/O handler. - MINOR: peers: move messages treatment code to reduce the size of the I/O handler. - MINOR: peers: move send code to reduce the size of the I/O handler. - CLEANUP: peers: Remove useless statements. - MINOR: peers: move "hello" message treatment code to reduce the size of the I/O handler. - MINOR: peers: move peer initializations code to reduce the size of the I/O handler. - CLEANUP: peers: factor the error handling code in peer_treet_updatemsg() - CLEANUP: peers: factor error handling in peer_treat_definedmsg() - BUILD/MINOR: peers: shut up a build warning introduced during last cleanup - BUG/MEDIUM: mux-h2: only close connection on request frames on closed streams - CLEANUP: mux-h2: remove two useless but misleading assignments - BUG/MEDIUM: checks: Check that conn_install_mux succeeded. - BUG/MEDIUM: servers: Only destroy a conn_stream we just allocated. - BUG/MEDIUM: servers: Don't add an incomplete conn to the server idle list. - BUG/MEDIUM: checks: Don't try to set ALPN if connection failed. - BUG/MEDIUM: h2: In h2_send(), stop the loop if we failed to alloc a buf. - BUG/MEDIUM: peers: Handle mux creation failure. - BUG/MEDIUM: servers: Close the connection if we failed to install the mux. - BUG/MEDIUM: compression: Rewrite strong ETags - BUG/MINOR: deinit: tcp_rep.inspect_rules not deinit, add to deinit - CLEANUP: mux-h2: remove misleading leftover test on h2s' nullity - BUG/MEDIUM: mux-h2: wake up flow-controlled streams on initial window update - BUG/MEDIUM: mux-h2: fix two half-closed to closed transitions - BUG/MEDIUM: mux-h2: make sure never to send GOAWAY on too old streams - BUG/MEDIUM: mux-h2: do not abort HEADERS frame before decoding them - BUG/MINOR: mux-h2: make sure response HEADERS are not received in other states than OPEN and HLOC - MINOR: h2: add a generic frame checker - MEDIUM: mux-h2: check the frame validity before considering the stream state - CLEANUP: mux-h2: remove stream ID and frame length checks from the frame parsers - BUG/MINOR: mux-h2: make sure request trailers on aborted streams don't break the connection - DOC: compression: Update the reasons for disabled compression - BUG/MEDIUM: buffer: Make sure b_is_null handles buffers waiting for allocation. - DOC: htx: make it clear that htxbuf() and htx_from_buf() always return valid pointers - MINOR: htx: never check for null htx pointer in htx_is_{,not_}empty() - MINOR: mux-h2: consistently rely on the htx variable to detect the mode - BUG/MEDIUM: peers: Peer addresses parsing broken. - BUG/MEDIUM: mux-h1: Don't add "transfer-encoding" if message-body is forbidden - BUG/MEDIUM: connections: Don't forget to remove CO_FL_SESS_IDLE. - BUG/MINOR: stream: don't close the front connection when facing a backend error - BUG/MEDIUM: mux-h2: wait for the mux buffer to be empty before closing the connection - MINOR: stream-int: add a new flag to mention that we want the connection to be killed - MINOR: connstream: have a new flag CS_FL_KILL_CONN to kill a connection - BUG/MEDIUM: mux-h2: do not close the connection on aborted streams - BUG/MINOR: server: fix logic flaw in idle connection list management - MINOR: mux-h2: max-concurrent-streams should be unsigned - MINOR: mux-h2: make sure to only check concurrency limit on the frontend - MINOR: mux-h2: learn and store the peer's advertised MAX_CONCURRENT_STREAMS setting - BUG/MEDIUM: mux-h2: properly consider the peer's advertised max-concurrent-streams - MINOR: xref: Add missing barriers. - MINOR: muxes: Don't bother to LIST_DEL(&conn->list) before calling conn_free(). - MINOR: debug: Add an option that causes random allocation failures. - BUG/MEDIUM: backend: always release the previous connection into its own target srv_list - BUG/MEDIUM: htx: check the HTX compatibility in dynamic use-backend rules - BUG/MINOR: tune.fail-alloc: Don't forget to initialize ret. - BUG/MINOR: backend: check srv_conn before dereferencing it - BUG/MEDIUM: mux-h2: always omit :scheme and :path for the CONNECT method - BUG/MEDIUM: mux-h2: always set :authority on request output - BUG/MEDIUM: stream: Don't forget to free s->unique_id in stream_free(). - BUG/MINOR: threads: fix the process range of thread masks - BUG/MINOR: config: fix bind line thread mask validation - CLEANUP: threads: fix misleading comment about all_threads_mask - CLEANUP: threads: use nbits to calculate the thread mask - OPTIM: listener: optimize cache-line packing for struct listener - MINOR: tools: improve the popcount() operation - MINOR: config: keep an all_proc_mask like we have all_threads_mask - MINOR: global: add proc_mask() and thread_mask() - MINOR: config: simplify bind_proc processing using proc_mask() - MINOR: threads: make use of thread_mask() to simplify some thread calculations - BUG/MINOR: compression: properly report compression stats in HTX mode - BUG/MINOR: task: close a tiny race in the inter-thread wakeup - BUG/MAJOR: config: verify that targets of track-sc and stick rules are present - BUG/MAJOR: spoe: verify that backends used by SPOE cover all their callers' processes - BUG/MAJOR: htx/backend: Make all tests on HTTP messages compatible with HTX - BUG/MINOR: config: make sure to count the error on incorrect track-sc/stick rules - DOC: ssl: Clarify when pre TLSv1.3 cipher can be used - DOC: ssl: Stop documenting ciphers example to use - BUG/MINOR: spoe: do not assume agent->rt is valid on exit - BUG/MINOR: lua: initialize the correct idle conn lists for the SSL sockets - BUG/MEDIUM: spoe: initialization depending on nbthread must be done last - BUG/MEDIUM: server: initialize the idle conns list after parsing the config - BUG/MEDIUM: server: initialize the orphaned conns lists and tasks at the end - MINOR: config: make MAX_PROCS configurable at build time - BUG/MAJOR: spoe: Don't try to get agent config during SPOP healthcheck - BUG/MINOR: config: Reinforce validity check when a process number is parsed - BUG/MEDIUM: peers: check that p->srv actually exists before using p->srv->use_ssl - CONTRIB: contrib/prometheus-exporter: Add a Prometheus exporter for HAProxy - BUG/MINOR: mux-h1: verify the request's version before dropping connection: keep-alive - BUG: 51d: In Hash Trie, multi header matching was affected by the header names stored globaly. - MEDIUM: 51d: Enabled multi threaded operation in the 51Degrees module. - BUG/MAJOR: stream: avoid double free on unique_id - BUILD/MINOR: stream: avoid a build warning with threads disabled - BUILD/MINOR: tools: fix build warning in the date conversion functions - BUILD/MINOR: peers: remove an impossible null test in intencode() - BUILD/MINOR: htx: fix some potential null-deref warnings with http_find_stline - BUG/MEDIUM: peers: Missing peer initializations. - BUG/MEDIUM: http_fetch: fix the "base" and "base32" fetch methods in HTX mode - BUG/MEDIUM: proto_htx: Fix data size update if end of the cookie is removed - BUG/MEDIUM: http_fetch: fix "req.body_len" and "req.body_size" fetch methods in HTX mode - BUILD/MEDIUM: initcall: Fix build on MacOS. - BUG/MEDIUM: mux-h2/htx: Always set CS flags before exiting h2_rcv_buf() - MINOR: h2/htx: Set the flag HTX_SL_F_BODYLESS for messages without body - BUG/MINOR: mux-h1: Add "transfer-encoding" header on outgoing requests if needed - BUG/MINOR: mux-h2: Don't add ":status" pseudo-header on trailers - BUG/MINOR: proto-htx: Consider a XFER_LEN message as chunked by default - BUG/MEDIUM: h2/htx: Correctly handle interim responses when HTX is enabled - MINOR: mux-h2: Set HTX extra value when possible - BUG/MEDIUM: htx: count the amount of copied data towards the final count - MINOR: mux-h2: make the H2 MAX_FRAME_SIZE setting configurable - BUG/MEDIUM: mux-h2/htx: send an empty DATA frame on empty HTX trailers - BUG/MEDIUM: servers: Use atomic operations when handling curr_idle_conns. - BUG/MEDIUM: servers: Add a per-thread counter of idle connections. - MINOR: fd: add a new my_closefrom() function to close all FDs - MINOR: checks: use my_closefrom() to close all FDs - MINOR: fd: implement an optimised my_closefrom() function - BUG/MINOR: fd: make sure my_closefrom() doesn't miss some FDs - BUG/MAJOR: fd/threads, task/threads: ensure all spin locks are unlocked - BUG/MAJOR: listener: Make sure the listener exist before using it. - MINOR: fd: Use closefrom() as my_closefrom() if supported. - BUG/MEDIUM: mux-h1: Report the right amount of data xferred in h1_rcv_buf() - BUG/MINOR: channel: Set CF_WROTE_DATA when outgoing data are skipped - MINOR: htx: Add function to drain data from an HTX message - MINOR: channel/htx: Add function to skips output bytes from an HTX channel - BUG/MAJOR: cache/htx: Set the start-line offset when a cached object is served - BUG/MEDIUM: cache: Get objects from the cache only for GET and HEAD requests - BUG/MINOR: cache/htx: Return only the headers of cached objects to HEAD requests - BUG/MINOR: mux-h1: Always initilize h1m variable in h1_process_input() - BUG/MEDIUM: proto_htx: Fix functions applying regex filters on HTX messages - BUG/MEDIUM: h2: advertise to servers that we don't support push - MINOR: standard: Add a function to parse uints (dotted notation). - MINOR: arg: Add support for ARGT_PBUF_FNUM arg type. - MINOR: http_fetch: add "req.ungrpc" sample fetch for gRPC. - MINOR: sample: Add two sample converters for protocol buffers. - DOC: sample: Add gRPC related documentation. |
||
Willy Tarreau
|
fba74ea7b0 |
[RELEASE] Released version 2.0-dev0
Released version 2.0-dev0 with the following main changes : - BUG/MAJOR: connections: Close the connection before freeing it. - REGTEST: Require the option LUA to run lua tests - REGTEST: script: Process script arguments before everything else - REGTEST: script: Evaluate the varnishtest command to allow quoted parameters - REGTEST: script: Add the option --clean to remove previous log direcotries - REGTEST: script: Add the option --debug to show logs on standard ouput - REGTEST: script: Add the option --keep-logs to keep all log directories - REGTEST: script: Add the option --use-htx to enable the HTX in regtests - REGTEST: script: Print only errors in the results report - REGTEST: Add option to use HTX prefixed by the macro 'no-htx' - REGTEST: Make reg-tests target support argument. - REGTEST: Fix a typo about barrier type. - REGTEST: Be less Linux specific with a syslog regex. - REGTEST: Missing enclosing quotes for ${tmpdir} macro. - REGTEST: Exclude freebsd target for some reg tests. - BUG/MEDIUM: h2: Don't forget to quit the sending_list if SUB_CALL_UNSUBSCRIBE. - BUG/MEDIUM: mux-h2: Don't forget to quit the send list on error reports - BUG/MEDIUM: dns: Don't prevent reading the last byte of the payload in dns_validate_response() - BUG/MEDIUM: dns: overflowed dns name start position causing invalid dns error - BUG/MINOR: compression/htx: Don't compress responses with unknown body length - BUG/MINOR: compression/htx: Don't add the last block of data if it is empty - MEDIUM: mux_h1: Implement h1_show_fd. - REGTEST: script: Add support of alternatives in requited options list - REGTEST: Add a basic test for the compression - BUG/MEDIUM: mux-h2: don't needlessly wake up the demux on short frames - REGTEST: A basic test for "http-buffer-request" - BUG/MEDIUM: server: Also copy "check-sni" for server templates. - MINOR: ssl: Add ssl_sock_set_alpn(). - MEDIUM: checks: Add check-alpn. |
||
Willy Tarreau
|
822305067b |
[RELEASE] Released version 1.9.0
Released version 1.9.0 with the following main changes : - BUG/MEDIUM: compression: Use the right buffer pointers to compress input data - BUG/MINOR: mux_pt: Set CS_FL_WANT_ROOM when count is zero in rcv_buf() callback - BUG/MEDIUM: connection: Add a new CS_FL_ERR_PENDING flag to conn_streams. - CONTRIB: debug: teach the "flags" utility about new conn_stream flags - BUG/MEDIUM: stream-int: always clear CS_FL_WANT_ROOM before receiving - BUG/MEDIUM: mux-h2: also restart demuxing when data are pending in demux - BUG/MEDIUM: mux-h2: restart demuxing as soon as demux data are available - BUG/MEDIUM: h2: fix aggregated cookie length computation in HTX mode - MINOR: mux-h2: report more h2c, last h2s and cs information on "show fd" - CONTRIB: debug: report stream-int's flag SI_FL_CLEAN_ABRT - MINOR: cli/stream: add the conn_stream in "show sess" output - BUG/MINOR: mux-h2: don't report a fantom h2s in "show fd" - BUG/MINOR: cli/fd: don't isolate the thread for each individual fd - MINOR: objtype: report a few missing types in names and base pointers - BUG/MEDIUM: mux-h2: make sure to report synchronous errors after EOS - BUG/MEDIUM: mux-h2: report asynchronous errors in h2_wake_some_streams() - BUG/MEDIUM: mux-h2: make sure the demux also wakes streams up on errors - BUG/MINOR: mux-h1: report the correct frontend in error captures - BUG/MEDIUM: stream-int: also wake the stream up on end of transfer - MEDIUM: h2: properly check and deduplicate the content-length header in HTX - BUG/MEDIUM: stream: Forward the right amount of data before infinite forwarding - BUG/MINOR: proto_htx: Call the HTX version of the function managing client cookies - BUG/MEDIUM: lua/htx: Handle EOM in receive/get_line calls in HTTP applets - BUG/MINOR: lua: Return an error if a legacy HTTP applet doesn't send anything - MINOR: compression: Remove the thread_local variable buf_output - CLEANUP: connection: rename subscription events values and event field - CLEANUP: connection: rename conn->mux_ctx to conn->ctx - MINOR: connection: remove an unwelcome dependency on struct stream - CLEANUP: stream-int: consistently call the si/stream_int functions - BUG/MEDIUM: h1: Don't shutw/shutr the connection if we have keepalive. - BUG/MEDIUM: H2: Make sure htx is set even on empty frames. - BUG/MEDIUM: mux-h2: pass CS_FL_ERR_PENDING to h2_wake_some_streams() - MEDIUM: stream-int: always consider all CS errors on the send side - BUG/MEDIUM: h2: Make sure we don't set CS_FL_ERROR if there's still data. - CLEANUP: mux-h2: implement h2s_notify_{send,recv} to report events to subscribers - MINOR: mux-h2: add a new function h2s_alert() to call the data layer - BUG/MEDIUM: mux-h2: make use of h2s_alert() to report aborts - MINOR: connection: add cs_set_error() to set the error bits - CLEANUP: mux-h2: make use of cs_set_error() - BUG/MINOR: mux-h2: make sure we check the conn_stream in early data - BUG/MEDIUM: h2: Don't wait for flow control if the connection had a shutr. - MINOR: cli/show_fd: report that a connection is back or not - SCRIPTS: add the slack channel URL to the announce script - CLEANUP: remove my name and address from the copyright banner - DOC: mention in the readme that 1.9 is a stable version now |
||
Willy Tarreau
|
2a7d6502bf |
[RELEASE] Released version 1.9-dev11
Released version 1.9-dev11 with the following main changes : - BUG/MEDIUM: connection: Don't use the provided conn_stream if it was tried. - REGTEST/MINOR: remove double body specification for server txresp - BUG/MEDIUM: connections: Remove error flags when retrying. - REGTEST/MINOR: skip seamless-reload test with abns socket on freebsd - REGTEST/MINOR: remove health-check that can make the test fail - DOC: clarify that check-sni needs an argument. - DOC: refer to check-sni in the documentation of sni - BUG/MEDIUM: mux-h2: fix encoding of non-GET/POST methods - BUG/MINOR: mux-h1: Fix conn_mode processing for headerless outgoing messages - BUG/MEDIUM: mux-h1: Add a BUSY mode to not loop on pipelinned requests - BUG/MEDIUM: mux-h1: Don't loop on the headers parsing if the read0 was received - BUG/MEDIUM: htx: Always do a defrag if a block value is replace by a bigger one - BUG/MEDIUM: mux-h2: Don't forget to set the CS_FL_EOS flag with htx. - BUG/MINOR: hpack: fix off-by-one in header name encoding length calculation - CLEANUP: hpack: no need to include chunk.h, only include buf.h - MINOR: hpack: simplify the len to bytes conversion - MINOR: hpack: use ist2bin() to copy header names in hpack_encode_header() - MINOR: hpack: optimize header encoding for short names - CONTRIB: hpack: add a compressed stream generator for the encoder - MEDIUM: hpack: make it possible to encode any static header name - MINOR: hpack: move the length computation and encoding functions to .h - MINOR: hpack: provide a function to encode a short indexed header - MINOR: hpack: provide a function to encode a long indexed header - MINOR: hpack: provide new functions to encode the ":status" header - MEDIUM: mux-h2: make use of standard HPACK encoding functions for the status - MINOR: hpack: provide a function to encode an HTTP method - MEDIUM: mux-h2: make use of hpack_encode_method() to encode the method - MINOR: hpack: provide a function to encode an HTTP scheme - MEDIUM: mux-h2: make use of hpack_encode_scheme() to encode the scheme - MINOR: hpack: provide a function to encode an HTTP path - MEDIUM: mux-h2: make use of hpack_encode_path() to encode the path - REGTEST: add the HTTP rules test involving HTX processing - REORG: connection: centralize the conn_set_{tos,mark,quickack} functions - MEDIUM: cli: rework the CLI proxy parser - MINOR: cli: parse prompt command in the CLI proxy - MINOR: cli: implements 'quit' in the CLI proxy - BUG/MINOR: cli: wait for payload data even without prompt - MEDIUM: cli: handle payload in CLI proxy - MINOR: cli: use pcli_flags for prompt activation - MINOR: compression: Rename the function check_legacy_http_comp_flt() - MINOR: cache/htx: Don't use the same cache on HTX and legacy HTTP proxies - MINOR: cache: Register the cache as a data filter only if response is cacheable - MEDIUM: cache/htx: Add the HTX support into the cache - MINOR: cache: Improve and simplify the cache configuration check - MINOR: filters: Export the name of known filters - MEDIUM: cache/compression: Add a way to safely combined compression and cache - MEDIUM: cache: Require an explicit filter declaration if other filters are used - REORG: htx: merge types+proto into common/htx.h - REORG: http: create http_msg.c to place there some legacy HTTP parts - REORG: h1: move legacy http functions to http_msg.c - REORG: h1: move the h1_state definition to proto_http - CLEANUP: h1: remove some occurrences of unneeded h1.h inclusions - REORG: h1: merge types+proto into common/h1.h - CLEANUP: stream: remove SF_TUNNEL, SF_INITIALIZED, SF_CONN_TAR - MEDIUM: mux-h1: implement true zero-copy of DATA blocks - MINOR: config: round up global.tune.bufsize to the next multiple of 2 void* - BUG/MINOR: mux-h2: refrain from muxing during the preface - BUG/MINOR: mux-h2: advertise a larger connection window size - DOC: master CLI documentation in management.txt - MINOR: mux-h2: avoid copying large blocks into full buffers - MEDIUM: mux-h2: implement true zero-copy send of large HTX DATA blocks - MINOR: mux-h2: force reads to be HTX-aligned in HTX mode - MINOR: cli: change 'show proc' output of old processes - BUG/MEDIUM: mux-h1: Fix the zero-copy on output for chunked messages - BUG: dns: Prevent stack-exhaustion via recursion loop in dns_read_name - BUG: dns: Prevent out-of-bounds read in dns_read_name() - BUG: dns: Prevent out-of-bounds read in dns_validate_dns_response() - BUG: dns: Fix out-of-bounds read via signedness error in dns_validate_dns_response() - BUG: dns: Fix off-by-one write in dns_validate_dns_response() - REGTEST: the cache regtest requires haproxy 1.9 - MEDIUM: cli: store CLI level in the appctx - MEDIUM: cli: show and change CLI permissions - CLEANUP: cli: use dedicated define instead of appctx ones - MEDIUM: cli: handle CLI level from the master CLI - BUG/MEDIUM: cli: handle correctly prefix and payload - BUILD: Makefile: Implements the help target - REGTESTS: adjust the http-rules regtest to support window updates - BUG/MEDIUM: connections: Remove CS_FL_EOS | CS_FL_REOS on retry. - BUG/MEDIUM: stream_interface: Don't report read0 if we were not connected. - BUG/MEDIUM: connection: Just make sure we closed the fd on connection failure. - MEDIUM: mux: Add an optional "reset" method. - BUG/MEDIUM: mux-h1: Fix loop if server closes its connection with unparsed data - MINOR: mux-h1: Add helper functions to wake a stream from recv or send - BUG/MEDIUM: mux-h1: Wake the stream for send once the connection is established - BUG/MEDIUM: connections: Don't attempt to reuse an unusable connection. - MEDIUM: htx: Try to take a connection over if it has no owner. - REGTEST: Reg testing improvements. - REGTEST: Add a first test for health-checks. - REGTEST: Reg test for "check" health-check option. - REGTEST: level 1 health-check test 2. - REGTEST: Add miscellaneous reg tests for health-checks. - REGTEST: add a few HTTP messaging tests - MINOR: lb: make the leastconn algorithm more accurate - REGTEST: fix missing space in checks/s00001 - REGTEST: http-messaging: add "option http-buffer-request" for H2 tests - BUG/MEDIUM: cache: fix random crash on filter parser's error path - MINOR: connection: realign empty buffers in muxes, not transport layers - MINOR: mux_h1/h2: simplify the zero-copy Rx alignment - MINOR: backend: count the number of connect and reuse per server and per backend - BUG/MINOR: stats: fix inversion of failed header rewrites and other statuses - MINOR: tools: increase the number of ITOA strings to 16 - MINOR: cache: report the number of cache lookups and cache hits - MEDIUM: tasks: check the global task mask instead of the thread number - MINOR: mworker: set all_threads_mask and pid_bit to 1 - BUG/MINOR: proto_htx: Fix htx_res_set_status to also set the reason - BUG/MINOR: stats: Parse post data for HTX streams - MINOR: payload/htx: Adapt smp_fetch_len to be HTX aware - MINOR: http_fecth: Implement body_len and body_size sample fetches for the HTX - MAJOR: lua: Forbid calls to Channel functions for LUA scripts in HTTP proxies - MEDIUM: lua/htx: Adapt functions of the HTTP to be compatible with HTX - MINOR: lua/htx: Adapt the functions get_in_length and is_full to be HTX aware - MAJOR: lua/htx: Adapt HTTP applets to support HTX messages - MINOR: lua: Remove useless check on the messages state in HTTP functions - BUG/MEDIUM: htx: When performing zero-copy, start from the right offset. - BUG/MINOR: mworker: don't use unitialized mworker_proc struct - MINOR: mworker/cli: indicate in the master prompt when a reload failed - MINOR: cli: implements 'reload' on master CLI - BUG/MEDIUM: log: Don't call sample_fetch_as_type if we don't have a stream. - BUG/MEDIUM: mux-h1: make sure we always have at least one HTX block to send - BUG/MAJOR: backend: only update server's counters when the server exists - MINOR: tools: preset the port of fd-based "sockets" to zero - BUG/MINOR: log: fix logging to both FD and IP - REGTEST: Add a reg test for HTTP cookies. - BUILD: ssl: Fix compilation without deprecated OpenSSL 1.1 APIs - BUILD: thread: properly report multi-thread support - BUG/MINOR: logs: leave startup-logs global and not per-thread - BUG/MEDIUM: threads: don't close the thread waker pipe if not init - BUG/MAJOR: compression/cache: Make it really works with these both filters - BUG/MEDIUM: h2: Don't forget to destroy the h2s after deferred shut. - MEDIUM: proxy: Set http-reuse safe as default. - MEDIUM: servers: Add a command to limit the number of idling connections. - MEDIUM: servers: Replace idle-timeout with pool-purge-delay. - MEDIUM: mux: Destroy the stream before trying to add the conn to the idle list. - MEDIUM: mux: provide the session to the init() and attach() method. - MEDIUM: sessions: Don't keep an infinite number of idling connections. - MEDIUM: servers: Be more agressive when adding H2 connection to idle lists. - MEDIUM: mux_h2: Always set CS_FL_NOT_FIRST for new conn_streams. - BUG/MEDIUM: htx/cache: use the correct class of error codes on abort - BUG/MINOR: cache: also consider CF_SHUTR to abort delivery - MINOR: pools: Cast to volatile int * instead of int *. - MINOR: debug: make the ABORT_NOW macro use a volatile int - BUG/MEDIUM: h2: Don't destroy the h2s if it still has a cs attached. - BUG/MEDIUM: mux-h1: don't try to process an empty input buffer - DOC: clarify the agent-check status line syntax - BUG/MAJOR: hpack: fix length check for short names encoding - DOC: split the README into README + INSTALL |
||
Willy Tarreau
|
72e9227385 |
[RELEASE] Released version 1.9-dev10
Released version 1.9-dev10 with the following main changes : - MINOR: htx: Rename functions htx_*_to_str() to be H1 specific - BUG/MINOR: htx: Force HTTP/1.1 on H1 formatting when version is 1.1 or above - BUG/MINOR: fix ssl_fc_alpn and actually add ssl_bc_alpn - BUG/MEDIUM: mworker: stop proxies which have no listener in the master - BUG/MEDIUM: h1: Destroy a connection after detach if it has no owner. - BUG/MEDIUM: h2: Don't forget to wake the tasklet after shutr/shutw. - BUG/MINOR: flt_trace/compression: Use the right flag to add the HTX support - BUG/MEDIUM: stream_interface: Make REALLY sure we read all the data. - MEDIUM: mux-h1: Revamp the way subscriptions are handled. - BUG/MEDIUM: mux-h1: Always set CS_FL_RCV_MORE when data are received in h1_recv() - MINOR: mux-h1: Make sure to return 1 in h1_recv() when needed - BUG/MEDIUM: mux-h1: Release the mux H1 in h1_process() if there is no h1s - BUG/MINOR: proto_htx: Truncate the request when an error is detected - BUG/MEDIUM: h2: When sending in HTX, make sure the caller knows we sent all. - BUG/MEDIUM: mux-h2: properly update the window size in HTX mode - BUG/MEDIUM: mux-h2: make sure to always report HTX EOM when consumed by headers - BUG/MEDIUM: mux-h2: stop sending HTX once the mux is blocked - BUG/MEDIUM: mux-h2: don't send more HTX data than requested - MINOR: mux-h2: stop on non-DATA and non-EOM HTX blocks - BUG/MEDIUM: h1: Correctly report used data with no len. - MEDIUM: h1: Realign the ibuf before calling rcv_buf if needed. - BUG/MEDIUM: mux_pt: Always set CS_FL_RCV_MORE. - MINOR: htx: make htx_from_buf() adjust the size only on new buffers - MINOR: htx: add buf_room_for_htx_data() to help optimize buffer transfers - MEDIUM: mux-h1: make use of buf_room_for_htx_data() instead of b_room() - MEDIUM: mux-h1: attempt to zero-copy Rx DATA transfers - MEDIUM: mux-h1: avoid a double copy on the Tx path whenever possible - BUG/MEDIUM: stream-int: don't mark as blocked an empty buffer on Rx - BUG/MINOR: mux-h1: Check h1m flags to set the server conn_mode on request path - MEDIUM: htx: Rework conversion from a buffer to an htx structure - MEDIUM: channel/htx: Add functions for forward HTX data - MINOR: mux-h1: Don't adjust anymore the amount of data sent in h1_snd_buf() - CLEANUP: htx: Fix indentation here and there in HTX files - MINOR: mux-h1: Allow partial data consumption during outgoing data processing - BUG/MEDIUM: mux-h2: use the correct offset for the HTX start line - BUG/MEDIUM: mux-h2: stop sending using HTX on errors - MINOR: mux-h1: Drain obuf if the output is closed after sending data - BUG/MEDIUM: mworker: stop every tasks in the master - BUG/MEDIUM: htx: Set the right start-line offset after a defrag - BUG/MEDIUM: stream: Don't dereference s->txn when it is not there yet. - BUG/MEDIUM: connections: Reuse an already attached conn_stream. - MINOR: stream-int: add a new blocking condition on the remote connection - BUG/MEDIUM: stream-int: don't attempt to receive if the connection is not established - BUG/MEDIUM: lua: block on remote connection establishment - BUG/MEDIUM: mworker: fix several typos in mworker_cleantasks() - SCRIPTS/REGTEST: merge grep+sed into sed in run-regtests - BUG/MEDIUM: connections: Split CS_FL_RCV_MORE into 2 flags. - BUG/MEDIUM: h1: Don't free the connection if it's an outgoing connection. - BUG/MEDIUM: h1: Set CS_FL_REOS if we had a read0. - BUG/MEDIUM: mux-h1: Be sure to have a conn_stream to set CS_FL_REOS in h1_recv - REGTEST: Move LUA reg test 4 to level 1. - MINOR: ist: add functions to copy/uppercase/lowercase into a buffer or string - MEDIUM: ist: always turn header names to lower case - MINOR: h2: don't turn HTX header names to lower case anymore - MEDIUM: ist: use local conversion arrays to case conversion - MINOR: htx: switch to case sensitive search of lower case header names - MINOR: mux-h1: Set CS_FL_EOS when read0 is detected and no data are pending - BUG/MINOR: stream-int: Process read0 even if no data was received in si_cs_recv - REGTEST: fix the Lua test file name in test lua/h00002 :-) - REGTEST: add a basic test for HTTP rules manipulating headers - BUG/MEDIUM: sample: Don't treat SMP_T_METH as SMP_T_STR. - MINOR: sample: add bc_http_major - BUG/MEDIUM: htx: fix typo in htx_replace_stline() making it fail all the time - REGTEST: make the HTTP rules test compatible with HTTP/2 as well - BUG/MEDIUM: h2: Don't try to chunk data when using HTX. - MINOR: compiler: add a new macro ALREADY_CHECKED() - BUILD: h2: mark the start line already checked to avoid warnings - BUG/MINOR: mux-h1: Remove the connection header when it is useless |
||
Willy Tarreau
|
da7e3be36f |
[RELEASE] Released version 1.9-dev9
Released version 1.9-dev9 with the following main changes : - BUILD/MINOR: ssl: fix build with non-alpn/non-npn libssl - BUG/MINOR: mworker: Do not attempt to close(2) fd -1 - BUILD: compression: fix build error with DEFAULT_MAXZLIBMEM - MINOR: compression: always create the compression pool - BUG/MEDIUM: mworker: fix FD leak upon reload - BUILD: htx: fix fprintf format inconsistency on 32-bit platforms - BUILD: buffers: buf.h requires unistd to get ssize_t on libmusl - MINOR: initcall: introduce a way to register init functions to call at boot - MINOR: init: process all initcalls in order at boot time - MEDIUM: init: convert all trivial registration calls to initcalls - MINOR: thread: provide a set of lock initialisers - MINOR: threads: add new macros to declare self-initializing locks - MEDIUM: init: use self-initializing spinlocks and rwlocks - MINOR: initcall: apply initcall to all register_build_opts() calls - MINOR: initcall: use initcalls for most post_{check,deinit} and per_thread* - MINOR: initcall: use initcalls for section parsers - MINOR: memory: add a callback function to create a pool - MEDIUM: init: use initcall for all fixed size pool creations - MEDIUM: memory: use pool_destroy_all() to destroy all pools on deinit() - MEDIUM: initcall: use initcalls for a few initialization functions - MEDIUM: memory: make the pool cache an array and not a thread_local - MINOR: ssl: free ctx when libssl doesn't support NPN - BUG/MINOR: proto_htx: only mark connections private if NTLM is detected - MINOR: h2: make struct h2_ops static - BUG/MEDIUM: mworker: avoid leak of client socket - REORG: mworker: declare master variable in global.h - BUG/MEDIUM: listeners: CLOEXEC flag is not correctly set - CLEANUP: http: Fix typo in init_http's comment - BUILD: Makefile: Disable -Wcast-function-type if it exists. - BUG/MEDIUM: h2: Don't bogusly error if the previous stream was closed. - REGTEST/MINOR: script: add run-regtests.sh script - REGTEST: Add a basic test for the cache. - BUG/MEDIUM: mux_pt: Don't forget to unsubscribe() on attach. - BUG/MINOR: ssl: ssl_sock_parse_clienthello ignores session id - BUG/MEDIUM: connections: Wake the stream once the mux is chosen. - BUG/MEDIUM: connections: Don't forget to detach the connection from the SI. - BUG/MEDIUM: stream_interface: Don't check if the handshake is done. - BUG/MEDIUM: stream_interface: Make sure we read all the data available. - BUG/MEDIUM: h2: Call h2_process() if there's an error on the connection. - REGTEST: Fix several issues. - REGTEST: lua: check socket functionality from a lua-task - BUG/MEDIUM: session: Remove the session from the session_list in session_free. - BUG/MEDIUM: streams: Don't assume we have a CS in sess_update_st_con_tcp. - BUG/MEDIUM: connections: Don't assume we have a mux in connect_server(). - BUG/MEDIUM: connections: Remove the connection from the idle list before destroy. - BUG/MEDIUM: session: properly clean the outgoing connection before freeing. - BUG/MEDIUM: mux_pt: Don't try to send if handshake is not done. - MEDIUM: connections: Put H2 connections in the idle list if http-reuse always. - MEDIUM: h2: Destroy a connection with no stream if it has no owner. - MAJOR: sessions: Store multiple outgoing connections in the session. - MEDIUM: session: Steal owner-less connections on end of transaction. - MEDIUM: server: Be smarter about deciding to reuse the last server. - BUG/MEDIUM: Special-case http_proxy when dealing with outgoing connections. - BUG/MINOR: cfgparse: Fix transition between 2 sections with the same name - BUG/MINOR: http: Use out buffer instead of trash to display error snapshot - BUG/MINOR: htx: Fix block size calculation when a start-line is added/replaced - BUG/MINOR: mux-h1: Fix processing of "Connection: " header on outgoing messages - BUG/MEDIUM: mux-h1: Reset the H1 parser when an outgoing message is processed - BUG/MINOR: proto_htx: Send outgoing data to client to start response processing - BUG/MINOR: htx: Stop a header or a start line lookup on the first EOH or EOM - BUG/MINOR: connection: report mux modes when HTX is supported - MINOR: htx: add a function to cut the beginning of a DATA block - MEDIUM: conn_stream: Add a way to get mux's info on a CS from the upper layer - MINOR: mux-h1: Implement get_cs_info() callback - MINOR: stream: Rely on CS's info if it exists and fallback on session's ones - MINOR: proto_htx: Use conn_stream's info to set t_idle duration when possible - MINOR: mux-h1: Don't rely on the stream anymore in h1_set_srv_conn_mode() - MINOR: mux-h1: Write last chunk and trailers if not found in the HTX message - MINOR: mux-h1: Be prepare to fail when EOM is added during trailers parsing - MINOR: mux-h1: Subscribe to send in h1_snd_buf() when not all data have been sent - MINOR: mux-h1: Consume channel's data in a loop in h1_snd_buf() - MEDIUM: mux-h1: Add keep-alive outgoing connections in connections list - MINOR: htx: Add function to add an HTX block just before another one - MINOR: htx: Add function to iterate on an HTX message using HTX blocks - MINOR: htx: Add a function to find the HTX block corresponding to a data offset - MINOR: stats: Don't add end-of-data marker and trailers in the HTX response - MEDIUM: htx: Change htx_sl to be a struct instead of an union - MINOR: htx: Add the start-line offset for the HTX message in the HTX structure - MEDIUM: htx: Don't rely on h1_sl anymore except during H1 header parsing - MINOR: proto-htx: Use the start-line flags to set the HTTP messsage ones - MINOR: htx: Add BODYLESS flags on the HTX start-line and the HTTP message - MINOR: proto_htx: Use full HTX messages to send 100-Continue responses - MINOR: proto_htx: Use full HTX messages to send 103-Early-Hints responses - MINOR: proto_htx: Use full HTX messages to send 401 and 407 responses - MINOR: proto_htx: Send valid HTX message when redir mode is enabled on a server - MINOR: proto_htx: Send valid HTX message to send 30x responses - MEDIUM: proto_htx: Convert all HTTP error messages into HTX - MINOR: mux-h1: Process conn_mode on the EOH when no connection header is found - MINOR: mux-h1: Change client conn_mode on an explicit close for the response - MINOR: mux-h1: Capture bad H1 messages - MAJOR: filters: Adapt filters API to be compatible with the HTX represenation - MEDIUM: proto_htx/filters: Add data filtering during the forwarding - MINOR: flt_trace: Adapt to be compatible with the HTX representation - MEDIUM: compression: Adapt to be compatible with the HTX representation - MINOR: h2: implement H2->HTX request header frame transcoding - MEDIUM: mux-h2: register mux for both HTTP and HTX modes - MEDIUM: mux-h2: make h2_rcv_buf() support HTX transfers - MEDIUM: mux-h2: make h2_snd_buf() HTX-aware - MEDIUM: mux-h2: add basic H2->HTX transcoding support for headers - MEDIUM: mux-h2: implement emission of H2 headers frames from HTX blocks - MEDIUM: mux-h2: implement the emission of DATA frames from HTX DATA blocks - MEDIUM: mux-h2: support passing H2 DATA frames to HTX blocks - BUG/MINOR: cfgparse: Fix the call to post parser of the last sections parsed - BUG/MEDIUM: mux-h2: don't lose the first response header in HTX mode - BUG/MEDIUM: mux-h2: remove the HTX EOM block on H2 response headers - MINOR: listener: the mux_proto entry in the bind_conf is const - MINOR: connection: create conn_get_best_mux_entry() - MINOR: server: the mux_proto entry in the server is const - MINOR: config: make sure to associate the proper mux to bind and servers - MINOR: hpack: add ":path" to the list of common header fields - MINOR: h2: add new functions to produce an HTX message from an H2 response - MINOR: mux-h2: mention that the mux is compatible with both sides - MINOR: mux-h2: implement an outgoing stream allocator : h2c_bck_stream_new() - MEDIUM: mux-h2: start to create the outgoing mux - MEDIUM: mux-h2: implement encoding of H2 request on the backend side - MEDIUM: mux-h2: make h2_frt_decode_headers() direction-agnostic - MEDIUM: mux-h2: make h2_process_demux() capable of processing responses as well - MEDIUM: mux-h2: Implement h2_attach(). - MEDIUM: mux-h2: Don't bother flagging outgoing connections as TOOMANY. - REGTEST: Fix LEVEL 4 script 0 of "connection" module. - MINOR: connection: Fix a comment. - MINOR: mux: add a "max_streams" method. - MEDIUM: servers: Add a way to keep idle connections alive. - CLEANUP: fix typos in the htx subsystem - CLEANUP: Fix typo in the chunk headers file - CLEANUP: Fix typos in the h1 subsystem - CLEANUP: Fix typos in the h2 subsystem - CLEANUP: Fix a typo in the mini-clist header - CLEANUP: Fix a typo in the proto_htx subsystem - CLEANUP: Fix typos in the proto_tcp subsystem - CLEANUP: Fix a typo in the signal subsystem - CLEANUP: Fix a typo in the session subsystem - CLEANUP: Fix a typo in the queue subsystem - CLEANUP: Fix typos in the shctx subsystem - CLEANUP: Fix typos in the socket pair protocol subsystem - CLEANUP: Fix typos in the map management functions - CLEANUP: Fix typo in the fwrr subsystem - CLEANUP: Fix typos in the cli subsystem - CLEANUP: Fix typo in the 51d subsystem - CLEANUP: Fix a typo in the base64 subsystem - CLEANUP: Fix a typo in the connection subsystem - CLEANUP: Fix a typo in the protocol header file - CLEANUP: Fix a typo in the checks header file - CLEANUP: Fix typos in the file descriptor subsystem - CLEANUP: Fix a typo in the listener subsystem - BUG/MINOR: lb-map: fix unprotected update to server's score - BUILD: threads: fix minor build warnings when threads are disabled |
||
Willy Tarreau
|
0b936ad946 |
[RELEASE] Released version 1.9-dev8
Released version 1.9-dev8 with the following main changes : - REORG: config: extract the global section parser into cfgparse-global - REORG: config: extract the proxy parser into cfgparse-listen.c - BUILD: update the list of supported targets and compilers in makefile and readme - BUILD: reorder the objects in the makefile - BUILD: Makefile: make "V=1" show some of the commands that are executed - BUILD: Makefile: add the quiet mode to a few more targets - BUILD: Makefile: add "$(Q)" to clean, tags and cscope targets - BUILD: Makefile: switch to quiet mode by default for CC/LD/AR - MINOR: cli: format `show proc` to be more readable - MINOR: cli: displays uptime in `show proc` - MINOR: cli: show master information in 'show proc' - BUG/MEDIUM: hpack: fix encoding of "accept-ranges" field - MAJOR: mux-h1: Remove the rxbuf and decode HTTP messages in channel's buffer - BUG/MINOR: mux-h1: Enable keep-alive on server side - BUG/MEDIUM: mux-h1: Fix freeze when the kernel splicing is used - BUG/MEDIUM: mux-h1: Don't set the flag CS_FL_RCV_MORE when nothing was parsed - BUG/MINOR: stats/htx: Remove channel's output when the request is eaten - BUG/MINOR: proto_htx: Fix request/response synchronisation on error - MINOR: stream-int: Notify caller when an error is reported after a rcv_pipe() - MINOR: stream-int: Notify caller when an error is reported after a rcv_buf() - BUG/MINOR: stream-int: Don't call snd_buf() if there are still data in the pipe - MINOR: stream-int: remove useless checks on CS and conn flags in si_cs_send() - BUG/MINOR: config: Be aware of the HTX during the check of mux protocols - BUG/MINOR: mux-htx: Fix bad test on h1c flags in h1_recv_allowed() - MEDIUM: mworker: wait mode use standard init code path - MINOR: log: introduce ha_notice() - MINOR: mworker: use ha_notice to announce a new worker - BUG/MEDIUM: http_fetch: Make sure name is initialized before http_find_header. - MINOR: cli: add mworker_accept_wrapper to 'show fd' - MEDIUM: signal: signal_unregister() removes every handlers - BUG/MEDIUM: mworker: unregister the signals of main() - MINOR: cli: add a few missing includes in proto/cli.h - REORG: time/activity: move activity measurements to activity.{c,h} - MINOR: activity: report the average loop time in "show activity" - MINOR: activity: add configuration and CLI support for "profiling.tasks" - MEDIUM: tasks: collect per-task CPU time and latency - MINOR: sample: add cpu_calls, cpu_ns_avg, cpu_ns_tot, lat_ns_avg, lat_ns_tot - MINOR: cli/activity: rename the stolen CPU time fields to mention milliseconds - BUG/MINOR: cli: Fix memory leak - BUG/MINOR: mworker: fix FD leak and memory leak in error path - MINOR: poller: move the call of tv_update_date() back to the pollers - MINOR: polling: add an option to support busy polling - MINOR: server: Add "alpn" and "npn" keywords. - MEDIUM: connection: Don't bother reactivating polling after connection retry. - MAJOR: connections: Defer mux creation for outgoing connection if alpn is set. - MEDIUM: ssl: Add ssl_bc_alpn and ssl_bc_npn sample fetches. - MINOR: servers: Free [idle|safe|priv]_conns on exit. - REGTEST: add the option to test only a specific set of files - REGTEST: add a test for connections to a "dispatch" address - BUG/MEDIUM: connections: Don't reset the conn flags in *connect_server(). - MINOR: server: Only defined conn_complete_server if USE_OPENSSL is set. - BUG/MEDIUM: servers: Don't check if we have a conn_stream too soon. - BUG/MEDIUM: sessions: Set sess->origin to NULL if the origin was destroyed. - MEDIUM: servers: Store the connection in the SI until we have a mux. - BUG/MEDIUM: h2: wake the processing task up after demuxing - BUG/MEDIUM: h2: restart demuxing after releasing buffer space |
||
Willy Tarreau
|
5c0e41b7cb |
[RELEASE] Released version 1.9-dev7
Released version 1.9-dev7 with the following main changes : - BUILD: cache: fix a build warning regarding too large an integer for the age - CLEANUP: fix typos in the comments of the Makefile - CLEANUP: fix a typo in a comment for the contrib/halog subsystem - CLEANUP: fix typos in comments for the contrib/modsecurity subsystem - CLEANUP: fix typos in comments for contrib/spoa_example - CLEANUP: fix typos in comments for contrib/wireshark-dissectors - DOC: Fix typos in README and CONTRIBUTING - MINOR: log: slightly improve error message syntax on log failure - DOC: logs: the format directive was missing from the second log part - MINOR: log: report the number of dropped logs in the stats - MEDIUM: log: add support for logging to existing file descriptors - MEDIUM: log: support a new "short" format - MEDIUM: log: add a new "raw" format - BUG/MEDIUM: stream-int: change the way buffer room is requested by a stream-int - BUG/MEDIUM: stream-int: convert some co_data() checks to channel_is_empty() - MINOR: namespaces: don't build namespace.c if disabled - BUILD/MEDIUM: threads/affinity: DragonFly build fix - MINOR: http: Add new "early-hint" http-request action. - MINOR: http: Make new "early-hint" http-request action really be parsed. - MINOR: http: Implement "early-hint" http request rules. - MINOR: doc: Add information about "early-hint" http-request action. - DOC: early-hints: fix truncated line. - MINOR: mworker: only close std{in,out,err} in daemon mode - BUG/MEDIUM: log: don't CLOEXEC the inherited FDs - BUG/MEDIUM: Make sure stksess is properly aligned. - BUG/MEDIUM: stream-int: make failed splice_in always subscribe to recv - BUG/MEDIUM: stream-int: clear CO_FL_WAIT_ROOM after splicing data in - BUG/MINOR: stream-int: make sure not to go through the rcv_buf path after splice() - CONTRIB: debug: fix build related to conn_stream flags change - REGTEST: fix scripts 1 and 3 to accept development version - BUG/MINOR: http_fetch: Remove the version part when capturing the request uri - MINOR: http: Regroup return statements of http_req_get_intercept_rule at the end - MINOR: http: Regroup return statements of http_res_get_intercept_rule at the end - BUG/MINOR: http: Be sure to sent fully formed HTTP 103 responses - MEDIUM: jobs: support unstoppable jobs for soft stop - MEDIUM: listeners: support unstoppable listener - MEDIUM: cli: worker socketpair is unstoppable - BUG/MINOR: stream-int: set SI_FL_WANT_PUT in sess_establish() - MINOR: stream: move the conn_stream specific calls to the stream-int - BUG/MINOR: config: Copy default error messages when parsing of a backend starts - CLEANUP: h2: minimum documentation for recent API changes - MINOR: mux: implement a get_first_cs() method - MINOR: stream-int: make conn_si_send_proxy() use cs_get_first() - MINOR: stream-int: relax the forwarding rules in stream_int_notify() - MINOR: stream-int: expand the flags to 32-bit - MINOR: stream-int: rename SI_FL_WAIT_ROOM to SI_FL_RXBLK_ROOM - MINOR: stream-int: introduce new SI_FL_RXBLK flags - MINOR: stream-int: add new functions si_{rx,tx}_{blocked,endp_ready}() - MINOR: stream-int: replace SI_FL_WANT_PUT with !SI_FL_RX_WAIT_EP - MINOR: stream-int: use si_rx_blocked()/si_tx_blocked() to check readiness - MEDIUM: stream-int: use si_rx_buff_{rdy,blk} to report buffer readiness - MINOR: stream-int: replace si_{want,stop}_put() with si_rx_endp_{more,done}() - MEDIUM: stream-int: update the endp polling status only at the end of si_cs_recv() - MINOR: stream-int: make si_sync_recv() simply check ENDP before si_cs_recv() - MINOR: stream-int: automatically mark applets as ready if they block on the channel - MEDIUM: stream-int: fix the si_cant_put() calls used for end point readiness - MEDIUM: stream-int: fix the si_cant_put() calls used for buffer readiness - MEDIUM: stream-int: use si_rx_shut_blk() to indicate the SI is closed - MEDIUM: stream-int: unconditionally call si_chk_rcv() in update and notify - MEDIUM: stream-int: make use of si_rx_chan_{rdy,blk} to control the stream-int from the channel - MINOR: stream-int: replace si_cant_put() with si_rx_room_{blk,rdy}() - MEDIUM: connections: Wait until the connection is established to try to recv. - MEDIUM: mux: Teach the mux_pt how to deal with idle connections. - MINOR: mux: Add a new "avail_streams" method. - MINOR: mux: Add a destroy() method. - MINOR: sessions: Start to store the outgoing connection in sessions. - MAJOR: connections: Detach connections from streams. - MINOR: conn_stream: Add a flag to notify the mux it should flush its buffers - MINOR: htx: Add proto_htx.c file - MINOR: conn_stream: Add a flag to notify the mux it must respect the reserve - MINOR: http: Add standalone functions to parse a start-line or a header - MINOR: http: Call http_send_name_header with the stream instead of the txn - MINOR: conn_stream: Add a flag to notify the SI some data were received - MINOR: http: Add macros to check if a stream uses the HTX representation - MEDIUM: proto_htx: Add HTX analyzers and use it when the mux H1 is used - MEDIUM: mux-h1: Add dummy mux to handle HTTP/1.1 connections - MEDIUM: mux-h1: Add parsing of incoming and ougoing HTTP messages - MAJOR: mux-h1/proto_htx: Handle keep-alive connections in the mux - MEDIUM: mux-h1: Add support of the kernel TCP splicing to forward data - MEDIUM: htx: Add API to deal with the internal representation of HTTP messages - MINOR: http_htx: Add functions to manipulate HTX messages in http_htx.c - MINOR: proto_htx: Add some functions to handle HTX messages - MAJOR: mux-h1/proto_htx: Switch mux-h1 and HTX analyzers on the HTX representation - MINOR: http_htx: Add functions to replace part of the start-line - MINOR: http_htx: Add functions to retrieve a specific occurrence of a header - MINOR: proto_htx: Rewrite htx_apply_redirect_rule to handle HTX messages - MINOR: proto_htx: Add the internal function htx_del_hdr_value - MINOR: proto_htx: Add the internal function htx_fmt_res_line - MINOR: proto_htx: Add functions htx_transform_header and htx_transform_header_str - MINOR: proto_htx: Add functions htx_req_replace_stline and htx_res_set_status - MINOR: proto_htx: Add function to build and send HTTP 103 responses - MINOR: proto_htx: Add functions htx_req_get_intercept_rule and htx_res_get_intercept_rule - MINOR: proto_htx: Add functions to apply req* and rsp* rules on HTX messages - MINOR: proto_htx: Add functions to manage cookies on HTX messages - MINOR: proto_htx: Add functions to check the cacheability of HTX messages - MINOR: proto_htx: Add functions htx_send_name_header - MINOR: proto_htx: Add functions htx_perform_server_redirect - MINOR: proto_htx: Add functions to handle the stats applet - MEDIUM: proto_htx: Adapt htx_process_req_common to handle HTX messages - MEDIUM: proto_htx: Adapt htx_process_request to handle HTX messages - MINOR: proto_htx: Adapt htx_process_tarpit to handle HTX messages - MEDIUM: proto_htx: Adapt htx_wait_for_request_body to handle HTX messages - MEDIUM: proto_htx: Adapt htx_process_res_common to handle HTX messages - MINOR: http_fetch: Add smp_prefetch_htx - MEDIUM: http_fetch: Adapt all fetches to handle HTX messages - MEDIUM: mux-h1: Wait for connection establishment before consuming channel's data - MINOR: stats/htx: Adapt the stats applet to handle HTX messages - MINOR: stream: Don't reset sov value with HTX messages - MEDIUM: mux-h1: Handle errors and timeouts in the stream - MINOR: filters/htx: Forbid filters when the HTX is enabled on a proxy - MINOR: lua/htx: Forbid lua usage when the HTX is enabled on a proxy - CLEANUP: Fix some typos in the haproxy subsystem - CLEANUP: Fix typos in the dns subsystem - CLEANUP: Fix typos in the pattern subsystem - CLEANUP: fix 2 typos in the xxhash subsystem - CLEANUP: fix a few typos in the comments of the server subsystem - CLEANUP: fix a misspell in tests/filltab25.c - CLEANUP: fix a typo found in the stream subsystem - CLEANUP: fix typos in comments in ebtree - CLEANUP: fix typos in reg-tests - CLEANUP: fix typos in the comments of the vars subsystem - CLEANUP: fix typos in the hlua_fcn subsystem - CLEANUP: fix typos in the proto_http subsystem - CLEANUP: fix typos in the proxy subsystem - CLEANUP: fix typos in the ssl_sock subsystem - DOC: Fix typos in different subsections of the documentation - DOC: fix a few typos in the documentation - MINOR: Fix an error message thrown when we run out of memory - MINOR: Fix typos in error messages in the proxy subsystem - MINOR: fix typos in the examples files - CLEANUP: Fix a typo in the stats subsystem - CLEANUP: Fix typos in the acl subsystem - CLEANUP: Fix typos in the cache subsystem - CLEANUP: Fix typos in the cfgparse subsystem - CLEANUP: Fix typos in the filters subsystem - CLEANUP: Fix typos in the http subsystem - CLEANUP: Fix typos in the log subsystem - CLEANUP: Fix typos in the peers subsystem - CLEANUP: Fix typos in the regex subsystem - CLEANUP: Fix typos in the sample subsystem - CLEANUP: Fix typos in the spoe subsystem - CLEANUP: Fix typos in the standard subsystem - CLEANUP: Fix typos in the stick_table subsystem - CLEANUP: Fix typos in the task subsystem - MINOR: Fix typo in error message in the standard subsystem - CLEANUP: fix typos in the comments of hlua - MINOR: Fix typo in the error 500 output of hlua - MINOR: Fix a typo in a warning message in the spoe subsystem |
||
Joseph Herlant
|
63c23f305b |
MINOR: fix typos in the examples files
To be more specific the error 500 example page and the transparent_proxy.cfg page. For the later, it is all in the comments but still user-visible as those are examples. |
||
Willy Tarreau
|
96079492e0 |
[RELEASE] Released version 1.9-dev6
Released version 1.9-dev6 with the following main changes : - BUG/MEDIUM: tools: fix direction of my_ffsl() - BUG/MINOR: cli: forward the whole command on master CLI - BUG/MEDIUM: auth/threads: use of crypt() is not thread-safe - MINOR: compat: automatically detect support for crypt_r() - MEDIUM: auth/threads: make use of crypt_r() on systems supporting it - DOC: split the http-request actions in their own section - DOC: split the http-response actions in their own section - BUG/MAJOR: stream-int: don't call si_cs_recv() in stream_int_chk_rcv_conn() - BUG/MINOR: tasks: make sure wakeup events are properly reported to subscribers - MINOR: stats: report the number of active jobs and listeners in "show info" - MINOR: stats: report the number of active peers in "show info" - MINOR: stats: report the number of currently connected peers - MINOR: cli: show the number of reload in 'show proc' - MINOR: cli: can't connect to the target CLI - MEDIUM: mworker: does not create the CLI proxy when no listener - MINOR: mworker: displays more information when leaving - MEDIUM: mworker: exit with the incriminated exit code - MINOR: mworker: displays a message when a worker is forked - MEDIUM: mworker: leave when the master die - CLEANUP: stream-int: retro-document si_cs_io_cb() - BUG/MEDIUM: mworker: does not abort() in mworker_pipe_register() - BUG/MEDIUM: stream-int: don't wake up for nothing during SI_ST_CON - BUG/MEDIUM: cli: crash when trying to access a worker - DOC: restore note about "independant" typo - MEDIUM: stream: implement stream_buf_available() - MEDIUM: appctx: check for allocation attempts in buffer allocation callbacks - MINOR: stream-int: rename si_applet_{want|stop|cant}_{get|put} - MINOR: stream-int: add si_done_{get,put} to indicate that we won't do it anymore - MINOR: stream-int: use si_cant_put() instead of setting SI_FL_WAIT_ROOM - MINOR: stream-int: make use of si_done_{get,put}() in shut{w,r} - MINOR: stream-int: make it clear that si_ops cannot be null - MEDIUM: stream-int: temporarily make si_chk_rcv() take care of SI_FL_WAIT_ROOM - MINOR: stream-int: factor the SI_ST_EST state test into si_chk_rcv() - MEDIUM: stream-int: make SI_FL_WANT_PUT reflect CF_DONT_READ - MEDIUM: stream-int: always call si_chk_rcv() when we make room in the buffer - MEDIUM: stream-int: make si_chk_rcv() check that SI_FL_WAIT_ROOM is cleared - MINOR: stream-int: replace si_update() with si_update_both() - MEDIUM: stream-int: make stream_int_update() aware of the lower layers - CLEANUP: stream-int: remove the now unused si->update() function - MEDIUM: stream-int: Rely only on SI_FL_WAIT_ROOM to stop data receipt - MEDIUM: stream-int: Try to read data even if channel's buffer seems to be full - BUG/MINOR: config: better detect the presence of the h2 pattern in npn/alpn |
||
Willy Tarreau
|
bddf292cbd |
[RELEASE] Released version 1.9-dev5
Released version 1.9-dev5 with the following main changes : - BUILD: Makefile: add the new ERR variable to force -Werror - MINOR: freq_ctr: add swrate_add_scaled() to work with large samples - MINOR: stream_interface: Avoid calling si_cs_send/recv if not needed. - CLEANUP: http: Remove the unused function http_find_header - MINOR: h1: Export some functions parsing the value of some HTTP headers - BUG/MEDIUM: stream-int: don't set SI_FL_WAIT_ROOM on CF_READ_DONTWAIT - MINOR: proxy: add a new option "http-use-htx" - BUG/MEDIUM: pools: fix the minimum allocation size - MINOR: shctx: Shared objects block by block allocation. - MINOR: cache: Larger HTTP objects caching. - MINOR: shctx: Add a maximum object size parameter. - MINOR: cache: Add "max-object-size" option. - DOC: Update about the cache support for big objects. - BUG/MINOR: cache: Crashes with "total-max-size" > 2047(MB). - BUG/MINOR: cache: Wrong usage of shctx_init(). - BUG/MINOR: ssl: Wrong usage of shctx_init(). - MINOR: cache: Avoid usage of atoi() when parsing "max-object-size". - MINOR: shctx: Change max. object size type to unsigned int. - DOC: cache: Missing information about "total-max-size" and "max-object-size" - CLEANUP: tools: fix misleading comment above function LIM2A - MEDIUM: channel: merge back flags CF_WRITE_PARTIAL and CF_WRITE_EVENT - BUG/MINOR: only mark connections private if NTLM is detected - BUG/MINOR: only auto-prefer last server if lb-alg is non-deterministic - MINOR: stream: don't prune variables if the list is empty - MINOR: stream-int: add si_alloc_ibuf() to ease input buffer allocation - MEDIUM: stream-int: replace channel_alloc_buffer() with si_alloc_ibuf() everywhere - MEDIUM: stream: always call si_cs_recv() after a failed buffer allocation - MEDIUM: stream: don't try to send first in process_stream() - MEDIUM: stream-int: make si_update() synchronize flag changes before the I/O - MEDIUM: stream-int: call si_cs_process() in stream_int_update_conn - MINOR: stream-int: don't needlessly call tasklet_wakeup() in stream_int_chk_snd_conn() - MINOR: stream-int: make stream_int_notify() not wake the tasklet up - MINOR: stream-int: don't needlessly call si_cs_send() in si_cs_process() - MINOR: mworker: number of reload in the life of a worker - MEDIUM: mworker: each worker socketpair is a CLI listener - REORG: mworker: move struct mworker_proc to global.h - MINOR: server: export new_server() function - MEDIUM: mworker: move proc_list gen before proxies startup - MEDIUM: mworker: add proc_list in global.h - MEDIUM: mworker: proxy for the master CLI - MEDIUM: mworker: create CLI listeners from argv[] - MEDIUM: cli: disable some keywords in the master - MEDIUM: mworker: find the server ptr using a CLI prefix - MEDIUM: cli: 'show proc' displays processus - MEDIUM: cli: implement 'mode cli' proxy analyzers - MINOR: cli: displays sockpair@ in "show cli sockets" - MEDIUM: cli: enable "show cli sockets" for the master - MINOR: cli: put @master @<relative pid> @!<pid> in the help - MEDIUM: listeners: set O_CLOEXEC on the accepted FDs - MEDIUM: mworker: stop the master proxy in the workers - MEDIUM: channel: reorder the channel analyzers for the cli - MEDIUM: cli: write a prompt for the CLI proxy of the master - MINOR: cli: helper to write an response message and close - MINOR: cache: Add "Age" header. - REGTEST: make the IP+port logging test more reliable - BUG/MINOR: memory: make the thread-local cache allocator set the debugging link - BUG/MAJOR: http: http_txn_get_path() may deference an inexisting buffer - BUG/MINOR: backend: assign the wait list after the error check |
||
Willy Tarreau
|
01fbe74516 |
[RELEASE] Released version 1.9-dev4
Released version 1.9-dev4 with the following main changes : - BUILD: Allow configuration of pcre-config path - DOC: clarify force-private-cache is an option - BUG/MINOR: connection: avoid null pointer dereference in send-proxy-v2 - REORG: http: move the code to different files - REORG: http: move HTTP rules parsing to http_rules.c - CLEANUP: http: remove some leftovers from recent cleanups - BUILD: Makefile: add a "make opts" target to simply show the build options - BUILD: Makefile: speed up compiler options detection - BUG/MINOR: backend: check that the mux installed properly - BUG/MEDIUM: h2: check that the connection is still valid at the end of init() - BUG/MEDIUM: h2: make h2_stream_new() return an error on memory allocation failure - REGTEST/MINOR: compatibility: use unix@ instead of abns@ sockets - MINOR: ssl: cleanup old openssl API call - MINOR: ssl: generate-certificates for BoringSSL - BUG/MEDIUM: buffers: Make sure we don't wrap in ci_insert_line2/b_rep_blk. - MEDIUM: ssl: add support for ciphersuites option for TLSv1.3 - CLEANUP: haproxy: Remove unused variable - CLEANUP: h1: Fix debug warnings for h1 headers - CLEANUP: stick-tables: Remove unneeded double (()) around conditional clause - MEDIUM: task: perform a single tree lookup per run queue batch - BUG/MEDIUM: Cur/CumSslConns counters not threadsafe. - BUG/MINOR: threads: move declaration of capabilities to config.h - OPTIM: tools: optimize my_ffsl() for x86_64 - BUG/MINOR: h2: null-deref - BUG/MINOR: checks: queues null-deref - MINOR: connections: Introduce an unsubscribe method. - MEDIUM: connections: Change struct wait_list to wait_event. - BUG/MEDIUM: h2: Make sure we're not in the send list on flow control. - BUG/MEDIUM: mworker: segfault receiving SIGUSR1 followed by SIGTERM. - BUG/MEDIUM: stream: Make sure to unsubscribe before si_release_endpoint. - MINOR: http: Move comment about some HTTP macros in the right header file - MINOR: stats: Add missing include - MINOR: http: Export some functions and do cleanup to prepare HTTP refactoring - MEDIUM: http: Ignore http-pretend-keepalive option on frontend - MEDIUM: http: Ignore http-tunnel option on backend - MINOR: http: Use same flag for httpclose and forceclose options - MINOR: h1: Add EOH marker during headers parsing - MINOR: conn-stream: Add CL_FL_NOT_FIRST flag - MINOR: h1: Change the union h1_sl to use indirect strings to store infos - MINOR: h1: Add the flag H1_MF_NO_PHDR to not add pseudo-headers during parsing - MINOR: log: make sess_log() support sess=NULL - MINOR: chunk: add chunk_cpy() and chunk_cat() - MEDIUM: h2: stop relying on H2_SS_IDLE / H2_SS_CLOSED - CLEANUP: h2: rename h2c_snd_settings() to h2c_send_settings() - MINOR: h2: don't try to send data before preface - MINOR: h2: unify the mux init function - MINOR: h2: retrieve the front proxy from the caller instead of the session - MINOR: h2: split h2c_stream_new() into h2s_new() + h2c_frt_stream_new() - MINOR: h2: add a new flag to quickly distinguish front vs back connection - BUG/MEDIUM: mworker: don't poll on LI_O_INHERITED listeners - BUG/MEDIUM: stream: don't crash on out-of-memory - BUILD: compiler: add a new statement "__unreachable()" - BUILD: lua: silence some compiler warnings about potential null derefs - BUILD: ssl: fix null-deref warning in ssl_fc_cipherlist_str sample fetch - BUILD: ssl: fix another null-deref warning in ssl_sock_switchctx_cbk() - BUILD: stick-table: make sure not to fail on task_new() during initialization - BUILD: peers: check allocation error during peers_init_sync() - MINOR: tools: add a new function atleast2() to test masks for more than 1 bit - MINOR: config: use atleast2() instead of my_popcountl() where relevant - MEDIUM: fd/threads: only grab the fd's lock if the FD has more than one thread - MAJOR: tasks: create per-thread wait queues - OPTIM: tasks: group all tree roots per cache line - DOC: Fix a few typos - MINOR: pools: allocate most memory pools from an array - MINOR: pools: split pool_free() in the lockfree variant - MEDIUM: pools: implement a thread-local cache for pool entries - BUG/MEDIUM: threads: fix thread_release() at the end of the rendez-vous point - Revert "BUILD: lua: silence some compiler warnings about potential null derefs" - BUILD: lua: silence some compiler warnings about potential null derefs (#2) - MINOR: lua: all functions calling lua_yieldk() may return - BUILD: lua: silence some compiler warnings after WILL_LJMP - BUILD: Makefile: silence an option conflict warning with clang - MINOR: server: Use memcpy() instead of strncpy(). - CLEANUP: state-file: make the path concatenation code a bit more consistent - MINOR: build: Disable -Wstringop-overflow. - MINOR: cfgparse: Write 130 as 128 as 0x82 and 0x80. - MINOR: peers: use defines instead of enums to appease clang. - DOC: fix reference to map files in MAINTAINERS - MINOR: fd: centralize poll timeout computation in compute_poll_timeout() - MINOR: poller: move time and date computation out of the pollers - BUILD: memory: fix pointer declaration for atomic CAS - BUILD: Makefile: add USE_RT to pass -lrt for clock_gettime() and friends - MINOR: time: add now_mono_time() and now_cpu_time() - MEDIUM: time: measure the time stolen by other threads - BUILD: memory: fix free_list pointer declaration again for atomic CAS - BUILD: compiler: rename __unreachable() to my_unreachable() - BUG/MEDIUM: pools: Fix the usage of mmap()) with DEBUG_UAF. - BUILD: memory: fix free_list pointer declaration again for atomic CAS - BUG/MEDIUM: h2: Close connection if no stream is left an GOAWAY was sent. - BUG/MEDIUM: connections: Remove subscription if going in idle mode. - BUG/MEDIUM: stream: Make sure polling is right on retry. - MINOR: h2: Make sure to return 1 in h2_recv() when needed. - MEDIUM: connections: Don't directly mess with the polling from the upper layers. - MINOR: streams: Call tasklet_free() after si_release_endpoint(). - MINOR: connection: Add a SUB_CALL_UNSUBSCRIBE event. - MINOR: h2: Don't run tasks that are waiting to send if mux in full. - MINOR: ebtree: save 8 bytes in struct eb32sc_node |
||
Willy Tarreau
|
27010f098d |
[RELEASE] Released version 1.9-dev3
Released version 1.9-dev3 with the following main changes : - BUG/MINOR: h1: don't consider the status for each header - MINOR: h1: report in the h1m struct if the HTTP version is 1.1 or above - MINOR: h1: parse the Connection header field - DOC: Fix typos in lua documentation - MINOR: h1: Add H1_MF_XFER_LEN flag - MINOR: http: add http_hdr_del() to remove a header from a list - MINOR: h1: add headers to the list after controls, not before - MEDIUM: h1: better handle transfer-encoding vs content-length - MEDIUM: h1: deduplicate the content-length header - BUG/MEDIUM: patterns: fix possible double free when reloading a pattern list - BUG/MEDIUM: h1: Really skip all updates when incomplete messages are parsed - CLEANUP/CONTRIB: hpack: remove some h1 build warnings - BUG/MINOR: tools: fix set_net_port() / set_host_port() on IPv4 - BUG/MINOR: cli: make sure the "getsock" command is only called on connections - MINOR: stktable: provide an unchecked version of stktable_data_ptr() - MINOR: stream-int: make si_appctx() never fail - BUILD: ssl_sock: remove build warnings on potential null-derefs - BUILD: stats: remove build warnings on potential null-derefs - BUILD: stream: address null-deref build warnings at -Wextra - BUILD: http: address a couple of null-deref warnings at -Wextra - BUILD: log: silent build warnings due to unchecked __objt_{server,applet} - BUILD: dns: fix null-deref build warning at -Wextra - BUILD: checks: silence a null-deref build warning at -Wextra - BUILD: connection: silence a couple of null-deref build warnings at -Wextra - BUILD: backend: fix 3 build warnings related to null-deref at -Wextra - BUILD: sockpair: silence a build warning at -Wextra - BUILD: build with -Wextra and sort out certain warnings - BUG/CRITICAL: hpack: fix improper sign check on the header index value - BUG/MEDIUM: http: Don't parse chunked body if there is no input data - DOC: Update configuration doc about the maximum number of stick counters. - BUG/MEDIUM: process_stream: Don't use si_cs_io_cb() in process_stream(). - MINOR: h2/stream_interface: Reintroduce te wake() method. - BUG/MEDIUM: h2: Wake the task instead of calling h2_recv()/h2_process(). - BUG/MEDIUM: process_stream(): Don't wake the task if no new data was received. - MEDIUM: lua: Add stick table support for Lua. |
||
Willy Tarreau
|
253006deed |
[RELEASE] Released version 1.9-dev2
Released version 1.9-dev2 with the following main changes : - BUG/MINOR: buffers: Fix b_slow_realign when a buffer is realign without output - BUG/MEDIUM: threads: fix the no-thread case after the change to the sync point - BUG/MEDIUM: servers: check the queues once enabling a server - BUG/MEDIUM: queue: prevent a backup server from draining the proxy's connections - MEDIUM: mux: Remove const on the buffer in mux->snd_buf() - CLEANUP: backend: Move mux install to call it at only one place - MINOR: conn_stream: add an tx buffer to the conn_stream - MINOR: conn_stream: add cs_send() as a default snd_buf() function - MINOR: backend: Try to find the best mux for outgoing connections - MEDIUM: backend: don't rely on mux_pt_ops in connect_server() - MINOR: mux: Add info about the supported side in alpn_mux_list structure - MINOR: mux: Unlink ALPN and multiplexers to rather speak of mux protocols - MINOR: mux: Print the list of existing mux protocols during HA startup - MEDIUM: checks: use the new rendez-vous point to spread check result - MEDIUM: haproxy: don't use sync_poll_loop() anymore in the main loop - MINOR: threads: remove the previous synchronization point - MAJOR: server: make server state changes synchronous again - CLEANUP: server: remove the update list and the update lock - BUG/MINOR: threads: Remove the unexisting lock label "UPDATED_SERVERS_LOCK" - BUG/MEDIUM: stream_int: Don't check CO_FL_SOCK_RD_SH flag to trigger cs receive - MINOR: mux: Change get_mux_proto to get an ist as parameter - MINOR: mux: Improve the message with the list of existing mux protocols - MINOR: mux/frontend: Add 'proto' keyword to force the mux protocol - MINOR: mux/server: Add 'proto' keyword to force the multiplexer's protocol - MEDIUM: mux: Use the mux protocol specified on bind/server lines - BUG/MEDIUM: connection/mux: take care of serverless proxies - MINOR: queue: make sure the pendconn is released before logging - MINOR: stream: rename {srv,prx}_queue_size to *_queue_pos - MINOR: queue: store the queue index in the stream when enqueuing - MINOR: queue: replace the linked list with a tree - MEDIUM: add set-priority-class and set-priority-offset - MEDIUM: queue: adjust position based on priority-class and priority-offset - DOC: update the roadmap about priority queues - BUG/MINOR: ssl: empty connections reported as errors. - MINOR: connections: Make rcv_buf mandatory and nuke cs_recv(). - MINOR: connections: Move rxbuf from the conn_stream to the h2s. - MINOR: connections: Get rid of txbuf. - MINOR: tasks: Allow tasklet_wakeup() to wakeup a task. - MINOR: connections/mux: Add the wait reason(s) to wait_list. - MINOR: stream_interface: Don't use si_cs_send() as a task handler. - MINOR: stream_interface: Give stream_interface its own wait_list. - MINOR: mux_h2: Don't use h2_send() as a callback. - MINOR: checks: Add event_srv_chk_io(). - BUG/MEDIUM: tasks: Don't insert in the global rqueue if nbthread == 1 - BUG/MEDIUM: sessions: Don't use t->state. - BUG/MEDIUM: ssl: fix missing error loading a keytype cert from a bundle. - BUG/MEDIUM: ssl: loading dh param from certifile causes unpredictable error. - BUG/MINOR: map: fix map_regm with backref - DOC: dns: explain set server ... fqdn requires resolver - DOC: add documentation for prio_class and prio_offset sample fetches. - DOC: ssl: Use consistent naming for TLS protocols - DOC: update the layering design notes - MINOR: tasks: Don't special-case when nbthreads == 1 - MINOR: fd cache: And the thread_mask with all_threads_mask. - BUG/MEDIUM: lua: socket timeouts are not applied - BUG/MINOR: lua: fix extra 500ms added to socket timeouts - BUG/MEDIUM: server: update our local state before propagating changes - BUG/MEDIUM: cli/threads: protect all "proxy" commands against concurrent updates - DOC: server/threads: document which functions need to be called with/without locks - BUG/MEDIUM: cli/threads: protect some server commands against concurrent operations - BUG/MEDIUM: streams: Don't forget to remove the si from the wait list. - BUG/MEDIUM: tasklets: Add the thread as active when waking a tasklet. - BUG/MEDIUM: stream-int: Check if the conn_stream exist in si_cs_io_cb. - BUG/MEDIUM: H2: Activate polling after successful h2_snd_buf(). - BUG/MEDIUM: stream_interface: Call the wake callback after sending. - BUG/MAJOR: queue/threads: make pendconn_redistribute not lock the server - BUG/MEDIUM: connection: don't forget to always delete the list's head - BUG/MEDIUM: lb/threads: always properly lock LB algorithms on maintenance operations - BUG/MEDIUM: check/threads: do not involve the rendez-vous point for status updates - BUG/MINOR: chunks: do not store -1 into chunk_printf() in case of error - BUG/MEDIUM: http: don't store exp_replace() result in the trash's length - BUG/MEDIUM: http: don't store url_decode() result in the samples's length - BUG/MEDIUM: dns: don't store dns_build_query() result in the trash's length - BUG/MEDIUM: map: don't store exp_replace() result in the trash's length - BUG/MEDIUM: connection: don't store recv() result into trash.data - BUG/MEDIUM: cli/ssl: don't store base64dec() result in the trash's length - MINOR: chunk: remove impossible tests on negative chunk->data - MINOR: sample: remove impossible tests on negative smp->data.u.str.data - DOC: Fix spelling error in configuration doc - REGTEST/MINOR: Missing mandatory "ignore_unknown_macro". - REGTEST/MINOR: Add a new class of regression testing files. - BUG/MEDIUM: unix: provide a ->drain() function - MINOR: connection: make conn_sock_drain() work for all socket families - BUG/MINOR: lua: Bad HTTP client request duration. - REGEST/MINOR: Add reg testing files. - BUG/MEDIUM: mux_pt: dereference the connection with care in mux_pt_wake() - REGTEST/MINOR: Add a reg testing file for |
||
Willy Tarreau
|
65e94d1ce9 |
[RELEASE] Released version 1.9-dev1
Released version 1.9-dev1 with the following main changes : - BUG/MEDIUM: kqueue: Don't bother closing the kqueue after fork. - DOC: cache: update sections and fix some typos - BUILD/MINOR: deviceatlas: enable thread support - BUG/MEDIUM: tcp-check: Don't lock the server in tcpcheck_main - BUG/MEDIUM: ssl: don't allocate shctx several time - BUG/MEDIUM: cache: bad computation of the remaining size - BUILD: checks: don't include server.h - BUG/MEDIUM: stream: fix session leak on applet-initiated connections - BUILD/MINOR: haproxy : FreeBSD/cpu affinity needs pthread_np header - BUILD/MINOR: Makefile : enabling USE_CPU_AFFINITY - BUG/MINOR: ssl: CO_FL_EARLY_DATA removal is managed by stream - BUG/MEDIUM: threads/peers: decrement, not increment jobs on quitting - BUG/MEDIUM: h2: don't report an error after parsing a 100-continue response - BUG/MEDIUM: peers: fix some track counter rules dont register entries for sync. - BUG/MAJOR: thread/peers: fix deadlock on peers sync. - BUILD/MINOR: haproxy: compiling config cpu parsing handling when needed - MINOR: config: report when "monitor fail" rules are misplaced - BUG/MINOR: mworker: fix validity check for the pipe FDs - BUG/MINOR: mworker: detach from tty when in daemon mode - MINOR: threads: Fix pthread_setaffinity_np on FreeBSD. - BUG/MAJOR: thread: Be sure to request a sync between threads only once at a time - BUILD: Fix LDFLAGS vs. LIBS re linking order in various makefiles - BUG/MEDIUM: checks: Be sure we have a mux if we created a cs. - BUG/MINOR: hpack: fix debugging output of pseudo header names - BUG/MINOR: hpack: must reject huffman literals padded with more than 7 bits - BUG/MINOR: hpack: reject invalid header index - BUG/MINOR: hpack: dynamic table size updates are only allowed before headers - BUG/MAJOR: h2: correctly check the request length when building an H1 request - BUG/MINOR: h2: immediately close if receiving GOAWAY after the last stream - BUG/MINOR: h2: try to abort closed streams as soon as possible - BUG/MINOR: h2: ":path" must not be empty - BUG/MINOR: h2: fix a typo causing PING/ACK to be responded to - BUG/MINOR: h2: the TE header if present may only contain trailers - BUG/MEDIUM: h2: enforce the per-connection stream limit - BUG/MINOR: h2: do not accept SETTINGS_ENABLE_PUSH other than 0 or 1 - BUG/MINOR: h2: reject incorrect stream dependencies on HEADERS frame - BUG/MINOR: h2: properly check PRIORITY frames - BUG/MINOR: h2: reject response pseudo-headers from requests - BUG/MEDIUM: h2: remove connection-specific headers from request - BUG/MEDIUM: h2: do not accept upper case letters in request header names - BUG/MINOR: h2: use the H2_F_DATA_* macros for DATA frames - BUG/MINOR: action: Don't check http capture rules when no id is defined - BUG/MAJOR: hpack: don't pretend large headers fit in empty table - BUG/MINOR: ssl: support tune.ssl.cachesize 0 again - BUG/MEDIUM: mworker: also close peers sockets in the master - BUG/MEDIUM: ssl engines: Fix async engines fds were not considered to fix fd limit automatically. - BUG/MEDIUM: checks: a down server going to maint remains definitely stucked on down state. - BUG/MEDIUM: peers: set NOLINGER on the outgoing stream interface - BUG/MEDIUM: h2: fix handling of end of stream again - MINOR: mworker: Update messages referencing exit-on-failure - MINOR: mworker: Improve wording in `void mworker_wait()` - CONTRIB: halog: Add help text for -s switch in halog program - BUG/MEDIUM: email-alert: don't set server check status from a email-alert task - BUG/MEDIUM: threads/vars: Fix deadlock in register_name - MINOR: systemd: remove comment about HAPROXY_STATS_SOCKET - DOC: notifications: add precisions about thread usage - BUG/MEDIUM: lua/notification: memory leak - MINOR: conn_stream: add new flag CS_FL_RCV_MORE to indicate pending data - BUG/MEDIUM: stream-int: always set SI_FL_WAIT_ROOM on CS_FL_RCV_MORE - BUG/MEDIUM: h2: automatically set CS_FL_RCV_MORE when the output buffer is full - BUG/MEDIUM: h2: enable recv polling whenever demuxing is possible - BUG/MEDIUM: h2: work around a connection API limitation - BUG/MEDIUM: h2: debug incoming traffic in h2_wake() - MINOR: h2: store the demux padding length in the h2c struct - BUG/MEDIUM: h2: support uploading partial DATA frames - MINOR: h2: don't demand that a DATA frame is complete before processing it - BUG/MEDIUM: h2: don't switch the state to HREM before end of DATA frame - BUG/MEDIUM: h2: don't close after the first DATA frame on tunnelled responses - BUG/MEDIUM: http: don't disable lingering on requests with tunnelled responses - BUG/MEDIUM: h2: fix stream limit enforcement - BUG/MINOR: stream-int: don't try to receive again after receiving an EOS - MINOR: sample: add len converter - BUG: MAJOR: lb_map: server map calculation broken - BUG: MINOR: http: don't check http-request capture id when len is provided - MINOR: sample: rename the "len" converter to "length" - BUG/MEDIUM: mworker: Set FD_CLOEXEC flag on log fd - DOC/MINOR: intro: typo, wording, formatting fixes - MINOR: netscaler: respect syntax - MINOR: netscaler: remove the use of cip_magic only used once - MINOR: netscaler: rename cip_len to clarify its uage - BUG/MEDIUM: netscaler: use the appropriate IPv6 header size - BUG/MAJOR: netscaler: address truncated CIP header detection - MINOR: netscaler: check in one-shot if buffer is large enough for IP and TCP header - MEDIUM: netscaler: do not analyze original IP packet size - MEDIUM: netscaler: add support for standard NetScaler CIP protocol - MINOR: spoe: add force-set-var option in spoe-agent configuration - CONTRIB: iprange: Fix compiler warning in iprange.c - CONTRIB: halog: Fix compiler warnings in halog.c - BUG/MINOR: h2: properly report a stream error on RST_STREAM - MINOR: mux: add flags to describe a mux's capabilities - MINOR: stream-int: set flag SI_FL_CLEAN_ABRT when mux supports clean aborts - BUG/MEDIUM: stream: don't consider abortonclose on muxes which close cleanly - BUG/MEDIUM: checks: a server passed in maint state was not forced down. - BUG/MEDIUM: lua: fix crash when using bogus mode in register_service() - MINOR: http: adjust the list of supposedly cacheable methods - MINOR: http: update the list of cacheable status codes as per RFC7231 - MINOR: http: start to compute the transaction's cacheability from the request - BUG/MINOR: http: do not ignore cache-control: public - BUG/MINOR: http: properly detect max-age=0 and s-maxage=0 in responses - BUG/MINOR: cache: do not force the TX_CACHEABLE flag before checking cacheability - MINOR: http: add a function to check request's cache-control header field - BUG/MEDIUM: cache: do not try to retrieve host-less requests from the cache - BUG/MEDIUM: cache: replace old object on store - BUG/MEDIUM: cache: respect the request cache-control header - BUG/MEDIUM: cache: don't cache the response on no-cache="set-cookie" - BUG/MAJOR: connection: refine the situations where we don't send shutw() - BUG/MEDIUM: checks: properly set servers to stopping state on 404 - BUG/MEDIUM: h2: properly handle and report some stream errors - BUG/MEDIUM: h2: improve handling of frames received on closed streams - DOC/MINOR: configuration: typo, formatting fixes - BUG/MEDIUM: h2: ensure we always know the stream before sending a reset - BUG/MEDIUM: mworker: don't close stdio several time - MINOR: don't close stdio anymore - BUG/MEDIUM: http: don't automatically forward request close - BUG/MAJOR: hpack: don't return direct references to the dynamic headers table - MINOR: h2: add a function to report pseudo-header names - DEBUG: hpack: make hpack_dht_dump() expose the output file - DEBUG: hpack: add more traces to the hpack decoder - CONTRIB: hpack: add an hpack decoder - MEDIUM: h2: prepare a graceful shutdown when the frontend is stopped - BUG/MEDIUM: h2: properly handle the END_STREAM flag on empty DATA frames - BUILD: ssl: silence a warning when building without NPN nor ALPN support - CLEANUP: rbtree: remove - BUG/MEDIUM: ssl: cache doesn't release shctx blocks - BUG/MINOR: lua: Fix default value for pattern in Socket.receive - DOC: lua: Fix typos in comments of hlua_socket_receive - BUG/MEDIUM: lua: Fix IPv6 with separate port support for Socket.connect - BUG/MINOR: lua: Fix return value of Socket.settimeout - MINOR: dns: Handle SRV record weight correctly. - BUG/MEDIUM: mworker: execvp failure depending on argv[0] - MINOR: hathreads: add support for gcc < 4.7 - BUILD/MINOR: ancient gcc versions atomic fix - BUG/MEDIUM: stream: properly handle client aborts during redispatch - MINOR: spoe: add register-var-names directive in spoe-agent configuration - MINOR: spoe: Don't queue a SPOE context if nothing is sent - DOC: clarify the scope of ssl_fc_is_resumed - CONTRIB: debug: fix a few flags definitions - BUG/MINOR: poll: too large size allocation for FD events - MINOR: sample: add date_us sample - BUG/MEDIUM: peers: fix expire date wasn't updated if entry is modified remotely. - MINOR: servers: Don't report duplicate dyncookies for disabled servers. - MINOR: global/threads: move cpu_map at the end of the global struct - MINOR: threads: add a MAX_THREADS define instead of LONGBITS - MINOR: global: add some global activity counters to help debugging - MINOR: threads/fd: Use a bitfield to know if there are FDs for a thread in the FD cache - BUG/MEDIUM: threads/polling: Use fd_cache_mask instead of fd_cache_num - BUG/MEDIUM: fd: maintain a per-thread update mask - MINOR: fd: add a bitmask to indicate that an FD is known by the poller - BUG/MEDIUM: epoll/threads: use one epoll_fd per thread - BUG/MEDIUM: kqueue/threads: use one kqueue_fd per thread - BUG/MEDIUM: threads/mworker: fix a race on startup - BUG/MINOR: mworker: only write to pidfile if it exists - MINOR: threads: Fix build when we're not compiling with threads. - BUG/MINOR: threads: always set an owner to the thread_sync pipe - BUG/MEDIUM: threads/server: Fix deadlock in srv_set_stopping/srv_set_admin_flag - BUG/MEDIUM: checks: Don't try to release undefined conn_stream when a check is freed - BUG/MINOR: kqueue/threads: Don't forget to close kqueue_fd[tid] on each thread - MINOR: threads: Use __decl_hathreads instead of #ifdef/#endif - BUILD: epoll/threads: Add test on MAX_THREADS to avoid warnings when complied without threads - BUILD: kqueue/threads: Add test on MAX_THREADS to avoid warnings when complied without threads - CLEANUP: sample: Fix comment encoding of sample.c - CLEANUP: sample: Fix outdated comment about sample casts functions - BUG/MINOR: sample: Fix output type of c_ipv62ip - CLEANUP: Fix typo in ARGT_MSK6 comment - CLEANUP: standard: Use len2mask4 in str2mask - MINOR: standard: Add str2mask6 function - MINOR: config: Add support for ARGT_MSK6 - MEDIUM: sample: Add IPv6 support to the ipmask converter - MINOR: config: Enable tracking of up to MAX_SESS_STKCTR stick counters. - BUG/MINOR: cli: use global.maxsock and not maxfd to list all FDs - MINOR: polling: make epoll and kqueue not depend on maxfd anymore - MINOR: fd: don't report maxfd in alert messages - MEDIUM: polling: start to move maxfd computation to the pollers - CLEANUP: fd/threads: remove the now unused fdtab_lock - MINOR: poll: more accurately compute the new maxfd in the loop - CLEANUP: fd: remove the unused "new" field - MINOR: fd: move the hap_fd_{clr,set,isset} functions to fd.h - MEDIUM: select: make use of hap_fd_* functions - MEDIUM: fd: use atomic ops for hap_fd_{clr,set} and remove poll_lock - MEDIUM: select: don't use the old FD state anymore - MEDIUM: poll: don't use the old FD state anymore - MINOR: fd: pass the iocb and owner to fd_insert() - BUG/MINOR: threads: Update labels array because of changes in lock_label enum - MINOR: stick-tables: Adds support for new "gpc1" and "gpc1_rate" counters. - BUG/MINOR: epoll/threads: only call epoll_ctl(DEL) on polled FDs - DOC: don't suggest using http-server-close - MINOR: introduce proxy-v2-options for send-proxy-v2 - BUG/MEDIUM: spoe: Always try to receive or send the frame to detect shutdowns - BUG/MEDIUM: spoe: Allow producer to read and to forward shutdown on request side - MINOR: spoe: Remove check on min_applets number when a SPOE context is queued - MINOR: spoe: Always link a SPOE context with the applet processing it - MINOR: spoe: Replace sending_rate by a frequency counter - MINOR: spoe: Count the number of frames waiting for an ack for each applet - MEDIUM: spoe: Use an ebtree to manage idle applets - MINOR: spoa_example: Count the number of frames processed by each worker - MINOR: spoe: Add max-waiting-frames directive in spoe-agent configuration - MINOR: init: make stdout unbuffered - MINOR: early data: Don't rely on CO_FL_EARLY_DATA to wake up streams. - MINOR: early data: Never remove the CO_FL_EARLY_DATA flag. - MINOR: compiler: introduce offsetoff(). - MINOR: threads: Introduce double-width CAS on x86_64 and arm. - MINOR: threads: add test and set/reset operations - MINOR: pools/threads: Implement lockless memory pools. - MAJOR: fd/threads: Make the fdcache mostly lockless. - MEDIUM: fd/threads: Make sure we don't miss a fd cache entry. - MAJOR: fd: compute the new fd polling state out of the fd lock - MINOR: epoll: get rid of the now useless fd_compute_new_polled_status() - MINOR: kqueue: get rid of the now useless fd_compute_new_polled_status() - MINOR: poll: get rid of the now useless fd_compute_new_polled_status() - MINOR: select: get rid of the now useless fd_compute_new_polled_status() - CLEANUP: fd: remove the now unused fd_compute_new_polled_status() function - MEDIUM: fd: make updt_fd_polling() use atomics - MEDIUM: poller: use atomic ops to update the fdtab mask - MINOR: fd: move the fd_{add_to,rm_from}_fdlist functions to fd.c - BUG/MINOR: fd/threads: properly dereference fdcache as volatile - MINOR: fd: remove the unneeded last CAS when adding an fd to the list - MINOR: fd: reorder fd_add_to_fd_list() - BUG/MINOR: time/threads: ensure the adjusted time is always correct - BUG/MEDIUM: standard: Fix memory leak in str2ip2() - MINOR: init: emit warning when -sf/-sd cannot parse argument - BUILD: fd/threads: fix breakage build breakage without threads - DOC: Describe routing impact of using interface keyword on bind lines - DOC: Mention -Ws in the list of available options - BUG/MINOR: config: don't emit a warning when global stats is incompletely configured - BUG/MINOR: fd/threads: properly lock the FD before adding it to the fd cache. - BUG/MEDIUM: threads: fix the double CAS implementation for ARMv7 - BUG/MEDIUM: ssl: Don't always treat SSL_ERROR_SYSCALL as unrecovarable. - BUILD/MINOR: memory: stdint is needed for uintptr_t - BUG/MINOR: init: Add missing brackets in the code parsing -sf/-st - DOC: lua: new prototype for function "register_action()" - DOC: cfgparse: Warn on option (tcp|http)log in backend - BUG/MINOR: ssl/threads: Make management of the TLS ticket keys files thread-safe - MINOR: sample: add a new "concat" converter - BUG/MEDIUM: ssl: Shutdown the connection for reading on SSL_ERROR_SYSCALL - BUG/MEDIUM: http: Switch the HTTP response in tunnel mode as earlier as possible - BUG/MEDIUM: ssl/sample: ssl_bc_* fetch keywords are broken. - MINOR: ssl/sample: adds ssl_bc_is_resumed fetch keyword. - CLEANUP: cfgparse: Remove unused label end - CLEANUP: spoe: Remove unused label retry - CLEANUP: h2: Remove unused labels from mux_h2.c - CLEANUP: pools: Remove unused end label in memory.h - CLEANUP: standard: Fix typo in IPv6 mask example - BUG/MINOR: pools/threads: don't ignore DEBUG_UAF on double-word CAS capable archs - BUG/MINOR: debug/pools: properly handle out-of-memory when building with DEBUG_UAF - MINOR: debug/pools: make DEBUG_UAF also detect underflows - MINOR: stats: display the number of threads in the statistics. - BUG/MINOR: h2: Set the target of dbuf_wait to h2c - BUG/MEDIUM: h2: always consume any trailing data after end of output buffers - BUG/MEDIUM: buffer: Fix the wrapping case in bo_putblk - BUG/MEDIUM: buffer: Fix the wrapping case in bi_putblk - BUG/MEDIUM: spoe: Remove idle applets from idle list when HAProxy is stopping - Revert "BUG/MINOR: send-proxy-v2: string size must include ('\0')" - MINOR: ssl: extract full pkey info in load_certificate - MINOR: ssl: add ssl_sock_get_pkey_algo function - MINOR: ssl: add ssl_sock_get_cert_sig function - MINOR: connection: add proxy-v2-options ssl-cipher,cert-sig,cert-key - MINOR: connection: add proxy-v2-options authority - MINOR: systemd: Add section for SystemD sandboxing to unit file - MINOR: systemd: Add SystemD's Protect*= options to the unit file - MINOR: systemd: Add SystemD's SystemCallFilter option to the unit file - CLEANUP: h2: rename misleading h2c_stream_close() to h2s_close() - MINOR: h2: provide and use h2s_detach() and h2s_free() - MEDIUM: h2: use a single buffer allocator - MINOR/BUILD: fix Lua build on Mac OS X - BUILD/MINOR: fix Lua build on Mac OS X (again) - BUG/MINOR: session: Fix tcp-request session failure if handshake. - CLEANUP: .gitignore: Ignore binaries from the contrib directory - BUG/MINOR: unix: Don't mess up when removing the socket from the xfer_sock_list. - DOC: buffers: clarify the purpose of the <from> pointer in offer_buffers() - BUG/MEDIUM: h2: also arm the h2 timeout when sending - BUG/MINOR: cli: Fix a crash when passing a negative or too large value to "show fd" - CLEANUP: ssl: Remove a duplicated #include - CLEANUP: cli: Remove a leftover debug message - BUG/MINOR: cli: Fix a typo in the 'set rate-limit' usage - BUG/MEDIUM: fix a 100% cpu usage with cpu-map and nbthread/nbproc - BUG/MINOR: force-persist and ignore-persist only apply to backends - BUG/MEDIUM: threads/unix: Fix a deadlock when a listener is temporarily disabled - BUG/MAJOR: threads/queue: Fix thread-safety issues on the queues management - BUG/MINOR: dns: don't downgrade DNS accepted payload size automatically - TESTS: Add a testcase for multi-port + multi-server listener issue - CLEANUP: dns: remove duplicate code in src/dns.c - BUG/MINOR: seemless reload: Fix crash when an interface is specified. - BUG/MINOR: cli: Ensure all command outputs end with a LF - BUG/MINOR: cli: Fix a crash when sending a command with too many arguments - BUILD: ssl: Fix build with OpenSSL without NPN capability - BUG/MINOR: spoa-example: unexpected behavior for more than 127 args - BUG/MINOR: lua: return bad error messages - CLEANUP: lua/syntax: lua is a name and not an acronym - BUG/MEDIUM: tcp-check: single connect rule can't detect DOWN servers - BUG/MINOR: tcp-check: use the server's service port as a fallback - BUG/MEDIUM: threads/queue: wake up other threads upon dequeue - MINOR: log: stop emitting alerts when it's not possible to write on the socket - BUILD/BUG: enable -fno-strict-overflow by default - BUG/MEDIUM: fd/threads: ensure the fdcache_mask always reflects the cache contents - DOC: log: more than 2 log servers are allowed - MINOR: hash: add new function hash_crc32c - MINOR: proxy-v2-options: add crc32c - MINOR: accept-proxy: support proxy protocol v2 CRC32c checksum - REORG: compact "struct server" - MINOR: samples: add crc32c converter - BUG/MEDIUM: h2: properly account for DATA padding in flow control - BUG/MINOR: h2: ensure we can never send an RST_STREAM in response to an RST_STREAM - BUG/MINOR: listener: Don't decrease actconn twice when a new session is rejected - CLEANUP: map, stream: remove duplicate code in src/map.c, src/stream.c - BUG/MINOR: lua: the function returns anything - BUG/MINOR: lua funtion hlua_socket_settimeout don't check negative values - CLEANUP: lua: typo fix in comments - BUILD/MINOR: fix build when USE_THREAD is not defined - MINOR: lua: allow socket api settimeout to accept integers, float, and doubles - BUG/MINOR: hpack: fix harmless use of uninitialized value in hpack_dht_insert - MINOR: cli/threads: make "show fd" report thread_sync_io_handler instead of "unknown" - MINOR: cli: make "show fd" report the mux and mux_ctx pointers when available - BUILD/MINOR: cli: fix a build warning introduced by last commit - BUG/MAJOR: h2: remove orphaned streams from the send list before closing - MINOR: h2: always call h2s_detach() in h2_detach() - MINOR: h2: fuse h2s_detach() and h2s_free() into h2s_destroy() - BUG/MEDIUM: h2/threads: never release the task outside of the task handler - BUG/MEDIUM: h2: don't consider pending data on detach if connection is in error - BUILD/MINOR: threads: always export thread_sync_io_handler() - MINOR: mux: add a "show_fd" function to dump debugging information for "show fd" - MINOR: h2: implement a basic "show_fd" function - MINOR: cli: report cache indexes in "show fd" - BUG/MINOR: h2: remove accidental debug code introduced with show_fd function - BUG/MEDIUM: h2: always add a stream to the send or fctl list when blocked - BUG/MINOR: checks: check the conn_stream's readiness and not the connection - BUG/MINOR: fd: Don't clear the update_mask in fd_insert. - BUG/MINOR: email-alert: Set the mailer port during alert initialization - BUG/MINOR: cache: fix "show cache" output - BUG/MAJOR: cache: fix random crashes caused by incorrect delete() on non-first blocks - BUG/MINOR: spoe: Initialize variables used during conf parsing before any check - BUG/MINOR: spoe: Don't release the context buffer in .check_timeouts callbaclk - BUG/MINOR: spoe: Register the variable to set when an error occurred - BUG/MINOR: spoe: Don't forget to decrement fpa when a processing is interrupted - MINOR: spoe: Add metrics in to know time spent in the SPOE - MINOR: spoe: Add options to store processing times in variables - MINOR: log: move 'log' keyword parsing in dedicated function - MINOR: log: Keep the ref when a log server is copied to avoid duplicate entries - MINOR: spoe: Add loggers dedicated to the SPOE agent - MINOR: spoe: Add support for option dontlog-normal in the SPOE agent section - MINOR: spoe: use agent's logger to log SPOE messages - MINOR: spoe: Add counters to log info about SPOE agents - BUG/MAJOR: cache: always initialize newly created objects - MINOR: servers: Support alphanumeric characters for the server templates names - BUG/MEDIUM: threads: Fix the max/min calculation because of name clashes - BUG/MEDIUM: connection: Make sure we have a mux before calling detach(). - BUG/MINOR: http: Return an error in proxy mode when url2sa fails - MINOR: proxy: Add fe_defbe fetcher - MINOR: config: Warn if resolvers has no nameservers - BUG/MINOR: cli: Guard against NULL messages when using CLI_ST_PRINT_FREE - MINOR: cli: Ensure the CLI always outputs an error when it should - MEDIUM: sample: Extend functionality for field/word converters - MINOR: export localpeer as an environment variable - BUG/MEDIUM: kqueue: When adding new events, provide an output to get errors. - BUILD: sample: avoid build warning in sample.c - BUG/CRITICAL: h2: fix incorrect frame length check - DOC: lua: update the links to the config and Lua API - BUG/MINOR: pattern: Add a missing HA_SPIN_INIT() in pat_ref_newid() - BUG/MAJOR: channel: Fix crash when trying to read from a closed socket - BUG/MINOR: log: t_idle (%Ti) is not set for some requests - BUG/MEDIUM: lua: Fix segmentation fault if a Lua task exits - MINOR: h2: detect presence of CONNECT and/or content-length - BUG/MEDIUM: h2: implement missing support for chunked encoded uploads - BUG/MINOR: spoe: Fix counters update when processing is interrupted - BUG/MINOR: spoe: Fix parsing of dontlog-normal option - MEDIUM: cli: Add payload support - MINOR: map: Add payload support to "add map" - MINOR: ssl: Add payload support to "set ssl ocsp-response" - BUG/MINOR: lua/threads: Make lua's tasks sticky to the current thread - MINOR: sample: Add strcmp sample converter - MINOR: http: Add support for 421 Misdirected Request - BUG/MINOR: config: disable http-reuse on TCP proxies - MINOR: ssl: disable SSL sample fetches when unsupported - MINOR: ssl: add fetch 'ssl_fc_session_key' and 'ssl_bc_session_key' - BUG/MINOR: checks: Fix check->health computation for flapping servers - BUG/MEDIUM: threads: Fix the sync point for more than 32 threads - BUG/MINOR, BUG/MINOR: lua: Put tasks to sleep when waiting for data - MINOR: backend: implement random-based load balancing - DOC/MINOR: clean up LUA documentation re: servers & array/table. - MINOR: lua: Add server name & puid to LUA Server class. - MINOR: lua: add get_maxconn and set_maxconn to LUA Server class. - BUG/MINOR: map: correctly track reference to the last ref_elt being dumped - BUG/MEDIUM: task: Don't free a task that is about to be run. - MINOR: fd: Make the lockless fd list work with multiple lists. - BUG/MEDIUM: pollers: Use a global list for fd shared between threads. - MINOR: pollers: move polled_mask outside of struct fdtab. - BUG/MINOR: lua: schedule socket task upon lua connect() - BUG/MINOR: lua: ensure large proxy IDs can be represented - BUG/MEDIUM: pollers/kqueue: use incremented position in event list - BUG/MINOR: cli: don't stop cli_gen_usage_msg() when kw->usage == NULL - BUG/MEDIUM: http: don't always abort transfers on CF_SHUTR - BUG/MEDIUM: ssl: properly protect SSL cert generation - BUG/MINOR: lua: Socket.send threw runtime error: 'close' needs 1 arguments. - BUG/MINOR: spoe: Mistake in error message about SPOE configuration - BUG/MEDIUM: spoe: Flags are not encoded in network order - CLEANUP: spoe: Remove unused variables the agent structure - DOC: spoe: fix a typo - BUG/MEDIUM: contrib/mod_defender: Use network order to encode/decode flags - BUG/MEDIUM: contrib/modsecurity: Use network order to encode/decode flags - DOC: add some description of the pending rework of the buffer structure - BUG/MINOR: ssl/lua: prevent lua from affecting automatic maxconn computation - MINOR: lua: Improve error message - BUG/MEDIUM: cache: don't cache when an Authorization header is present - MINOR: ssl: set SSL_OP_PRIORITIZE_CHACHA - BUG/MEDIUM: dns: Delay the attempt to run a DNS resolution on check failure. - BUG/BUILD: threads: unbreak build without threads - BUG/MEDIUM: servers: Add srv_addr default placeholder to the state file - BUG/MEDIUM: lua/socket: Length required read doesn't work - MINOR: tasks: Change the task API so that the callback takes 3 arguments. - MAJOR: tasks: Create a per-thread runqueue. - MAJOR: tasks: Introduce tasklets. - MINOR: tasks: Make the number of tasks to run at once configurable. - MAJOR: applets: Use tasks, instead of rolling our own scheduler. - BUG/MEDIUM: stick-tables: Decrement ref_cnt in table_* converters - MINOR: http: Log warning if (add|set)-header fails - DOC: management: add the new wrew stats column - MINOR: stats: also report the failed header rewrites warnings on the stats page - BUG/MEDIUM: tasks: Don't forget to increase/decrease tasks_run_queue. - BUG/MEDIUM: task: Don't forget to decrement max_processed after each task. - MINOR: task: Also consider the task list size when getting global tasks. - MINOR: dns: Implement `parse-resolv-conf` directive - BUG/MEDIUM: spoe: Return an error when the wrong ACK is received in sync mode - MINOR: task/notification: Is notifications registered ? - BUG/MEDIUM: lua/socket: wrong scheduling for sockets - BUG/MAJOR: lua: Dead lock with sockets - BUG/MEDIUM: lua/socket: Notification error - BUG/MEDIUM: lua/socket: Sheduling error on write: may dead-lock - BUG/MEDIUM: lua/socket: Buffer error, may segfault - DOC: contrib/modsecurity: few typo fixes - DOC: SPOE.txt: fix a typo - MAJOR: spoe: upgrade the SPOP version to 2.0 and remove the support for 1.0 - BUG/MINOR: contrib/spoa_example: Don't reset the status code during disconnect - BUG/MINOR: contrib/mod_defender: Don't reset the status code during disconnect - BUG/MINOR: contrib/modsecurity: Don't reset the status code during disconnect - BUG/MINOR: contrib/mod_defender: update pointer on the end of the frame - BUG/MINOR: contrib/modsecurity: update pointer on the end of the frame - MINOR: task: Fix a compiler warning by adding a cast. - MINOR: stats: also report the nice and number of calls for applets - MINOR: applet: assign the same nice value to a new appctx as its owner task - MINOR: task: Fix compiler warning. - BUG/MEDIUM: tasks: Use the local runqueue when building without threads. - MINOR: tasks: Don't define rqueue if we're building without threads. - BUG/MINOR: unix: Make sure we can transfer abns sockets on seamless reload. - MINOR: lua: Increase debug information - BUG/MEDIUM: threads: handle signal queue only in thread 0 - BUG/MINOR: don't ignore SIG{BUS,FPE,ILL,SEGV} during signal processing - BUG/MINOR: signals: ha_sigmask macro for multithreading - BUG/MAJOR: map: fix a segfault when using http-request set-map - DOC: regression testing: Add a short starting guide. - MINOR: tasks: Make sure we correctly init and deinit a tasklet. - BUG/MINOR: tasklets: Just make sure we don't pass a tasklet to the handler. - BUG/MINOR: lua: Segfaults with wrong usage of types. - BUG/MAJOR: ssl: Random crash with cipherlist capture - BUG/MAJOR: ssl: OpenSSL context is stored in non-reserved memory slot - BUG/MEDIUM: ssl: do not store pkinfo with SSL_set_ex_data - MINOR: tests: First regression testing file. - MINOR: reg-tests: Add reg-tests/README file. - MINOR: reg-tests: Add a few regression testing files. - DOC: Add new REGTEST tag info about reg testing. - BUG/MEDIUM: fd: Don't modify the update_mask in fd_dodelete(). - MINOR: Some spelling cleanup in the comments. - BUG/MEDIUM: threads: Use the sync point to check active jobs and exit - MINOR: threads: Be sure to remove threads from all_threads_mask on exit - REGTEST/MINOR: Wrong URI in a reg test for SSL/TLS. - REGTEST/MINOR: Set HAPROXY_PROGRAM default value. - REGTEST/MINOR: Add levels to reg-tests target. - BUG/MAJOR: Stick-tables crash with segfault when the key is not in the stick-table - BUG/BUILD: threads: unbreak build without threads - BUG/MAJOR: stick_table: Complete incomplete SEGV fix - MINOR: stick-tables: make stktable_release() do nothing on NULL - BUG/MEDIUM: lua: possible CLOSE-WAIT state with '\n' headers - MINOR: startup: change session/process group settings - MINOR: systemd: consider exit status 143 as successful - REGTEST/MINOR: Wrong URI syntax. - CLEANUP: dns: remove obsolete macro DNS_MAX_IP_REC - CLEANUP: dns: inacurate comment about prefered IP score - MINOR: dns: fix wrong score computation in dns_get_ip_from_response - MINOR: dns: new DNS options to allow/prevent IP address duplication - REGTEST/MINOR: Unexpected curl URL globling. - BUG/MINOR: ssl: properly ref-count the tls_keys entries - MINOR: h2: keep a count of the number of conn_streams attached to the mux - BUG/MEDIUM: h2: don't accept new streams if conn_streams are still in excess - MINOR: h2: add the mux and demux buffer lengths on "show fd" - BUG/MEDIUM: h2: never leave pending data in the output buffer on close - BUG/MEDIUM: h2: make sure the last stream closes the connection after a timeout - MINOR: tasklet: Set process to NULL. - MINOR: buffer: implement a new file for low-level buffer manipulation functions - MINOR: buffer: switch buffer sizes and offsets to size_t - MINOR: buffer: add a few basic functions for the new API - MINOR: buffer: Introduce b_sub(), b_add(), and bo_add() - MINOR: buffer: Add b_set_data(). - MINOR: buffer: introduce b_realign_if_empty() - MINOR: compression: pass the channel to http_compression_buffer_end() - MINOR: channel: add a few basic functions for the new buffer API - MINOR: channel/buffer: use c_realign_if_empty() instead of buffer_realign() - MINOR: channel/buffer: replace buffer_slow_realign() with channel_slow_realign() and b_slow_realign() - MEDIUM: channel: make channel_slow_realign() take a swap buffer - MINOR: h2: use b_slow_realign() with the trash as a swap buffer - MINOR: buffer: remove buffer_slow_realign() and the swap_buffer allocation code - MINOR: channel/buffer: replace b_{adv,rew} with c_{adv,rew} - MINOR: buffer: replace calls to buffer_space_wraps() with b_space_wraps() - MINOR: buffer: remove bi_getblk() and bi_getblk_nc() - MINOR: buffer: split bi_contig_data() into ci_contig_data and b_config_data() - MINOR: buffer: remove bi_ptr() - MINOR: buffer: remove bo_ptr() - MINOR: buffer: remove bo_end() - MINOR: buffer: remove bi_end() - MINOR: buffer: remove bo_contig_data() - MINOR: buffer: merge b{i,o}_contig_space() - MINOR: buffer: replace bo_getblk() with direction agnostic b_getblk() - MINOR: buffer: replace bo_getblk_nc() with b_getblk_nc() which takes an offset - MINOR: buffer: replace bi_del() and bo_del() with b_del() - MINOR: buffer: convert most b_ptr() calls to c_ptr() - MINOR: h1: make h1_measure_trailers() take the byte count in argument - MINOR: h2: clarify the fact that the send functions are unsigned - MEDIUM: h2: prevent the various mux encoders from modifying the buffer - MINOR: h1: make h1_skip_chunk_crlf() not depend on b_ptr() anymore - MINOR: h1: make h1_parse_chunk_size() not depend on b_ptr() anymore - MINOR: h1: make h1_measure_trailers() use an offset and a count - MEDIUM: h2: do not use buf->o anymore inside h2_snd_buf's loop - MEDIUM: h2: don't use b_ptr() nor b_end() anymore - MINOR: buffer: get rid of b_end() and b_to_end() - MINOR: buffer: make b_getblk_nc() take const pointers - MINOR: buffer: make b_getblk_nc() take size_t for the block sizes - MEDIUM: connection: make xprt->snd_buf() take the byte count in argument - MEDIUM: mux: make mux->snd_buf() take the byte count in argument - MEDIUM: connection: make xprt->rcv_buf() use size_t for the count - MEDIUM: mux: make mux->rcv_buf() take a size_t for the count - MINOR: connection: add a flags argument to rcv_buf() - MINOR: connection: add a new receive flag : CO_RFL_BUF_WET - MINOR: buffer: get rid of b_ptr() and convert its last users - MINOR: buffer: use b_room() to determine available space in a buffer - MINOR: buffer: replace buffer_not_empty() with b_data() or c_data() - MINOR: buffer: replace buffer_empty() with b_empty() or c_empty() - MINOR: buffer: make bo_putchar() use b_tail() - MINOR: buffer: replace buffer_full() with channel_full() - MINOR: buffer: replace bi_space_for_replace() with ci_space_for_replace() - MINOR: buffer: replace buffer_pending() with ci_data() - MINOR: buffer: replace buffer_flush() with c_adv(chn, ci_data(chn)) - MINOR: buffer: use c_head() instead of buffer_wrap_sub(c->buf, p-o) - MINOR: buffer: use b_orig() to replace most references to b->data - MINOR: buffer: Use b_add()/bo_add() instead of accessing b->i/b->o. - MINOR: channel: remove almost all references to buf->i and buf->o - MINOR: channel: Add co_set_data(). - MEDIUM: channel: adapt to the new buffer API - MINOR: checks: adapt to the new buffer API - MEDIUM: h2: update to the new buffer API - MINOR: buffer: remove unused bo_add() - MEDIUM: spoe: use the new buffer API for the SPOE buffer - MINOR: stats: adapt to the new buffers API - MINOR: cli: use the new buffer API - MINOR: cache: use the new buffer API - MINOR: stream-int: use the new buffer API - MINOR: stream: use wrappers instead of directly manipulating buffers - MINOR: backend: use new buffer API - MEDIUM: http: use wrappers instead of directly manipulating buffers states - MINOR: filters: convert to the new buffer API - MINOR: payload: convert to the new buffer API - MEDIUM: h1: port to new buffer API. - MINOR: flt_trace: adapt to the new buffer API - MEDIUM: compression: start to move to the new buffer API - MINOR: lua: use the wrappers instead of directly manipulating buffer states - MINOR: buffer: convert part bo_putblk() and bi_putblk() to the new API - MINOR: buffer: adapt buffer_slow_realign() and buffer_dump() to the new API - MAJOR: start to change buffer API - MINOR: buffer: remove the check for output on b_del() - MINOR: buffer: b_set_data() doesn't truncate output data anymore - MINOR: buffer: rename the "data" field to "area" - MEDIUM: buffers: move "output" from struct buffer to struct channel - MINOR: buffer: replace bi_fast_delete() with b_del() - MINOR: buffer: replace b{i,o}_put* with b_put* - MINOR: buffer: add a new file for ist + buffer manipulation functions - MINOR: checks: use b_putist() instead of b_putstr() - MINOR: buffers: remove b_putstr() - CLEANUP: buffer: minor cleanups to buffer.h - MINOR: buffers/channel: replace buffer_insert_line2() with ci_insert_line2() - MINOR: buffer: replace buffer_replace2() with b_rep_blk() - MINOR: buffer: rename the data length member to '->data' - MAJOR: buffer: finalize buffer detachment - MEDIUM: chunks: make the chunk struct's fields match the buffer struct - MAJOR: chunks: replace struct chunk with struct buffer - DOC: buffers: document the new buffers API - DOC: buffers: remove obsolete docs about buffers - MINOR: tasklets: Don't attempt to add a tasklet in the list twice. - MINOR: connections/mux: Add a new "subscribe" method. - MEDIUM: connections/mux: Revamp the send direction. - MINOR: connection: simplify subscription by adding a registration function - BUG/MINOR: http: Set brackets for the unlikely macro at the right place - BUG/MINOR: build: Fix compilation with debug mode enabled - BUILD: Generate sha256 checksums in publish-release - MINOR: debug: Add check for CO_FL_WILL_UPDATE - MINOR: debug: Add checks for conn_stream flags - MINOR: ist: Add the function isteqi - BUG/MEDIUM: threads: Fix the exit condition of the thread barrier - BUG/MEDIUM: mux_h2: Call h2_send() before updating polling. - MINOR: buffers: simplify b_contig_space() - MINOR: buffers: split b_putblk() into __b_putblk() - MINOR: buffers: add b_xfer() to transfer data between buffers - DOC: add some design notes about the new layering model - MINOR: conn_stream: add a new CS_FL_REOS flag - MINOR: conn_stream: add an rx buffer to the conn_stream - MEDIUM: conn_stream: add cs_recv() as a default rcv_buf() function - MEDIUM: stream-int: automatically call si_cs_recv_cb() if the cs has data on wake() - MINOR: h2: make each H2 stream support an intermediary input buffer - MEDIUM: h2: make h2_frt_decode_headers() use an intermediary buffer - MEDIUM: h2: make h2_frt_transfer_data() copy via an intermediary buffer - MEDIUM: h2: centralize transfer of decoded frames in h2_rcv_buf() - MEDIUM: h2: move headers and data frame decoding to their respective parsers - MEDIUM: buffers: make b_xfer() automatically swap buffers when possible - MEDIUM: h2: perform a single call to the data layer in demux() - MEDIUM: h2: don't call data_cb->recv() anymore - MINOR: h2: make use of CS_FL_REOS to indicate that end of stream was seen - MEDIUM: h2: use the default conn_stream's receive function - DOC: add more design feedback on the new layering model - MINOR: h2: add the error code and the max/last stream IDs to "show fd" - BUG/MEDIUM: stream-int: don't immediately enable reading when the buffer was reportedly full - BUG/MEDIUM: stats: don't ask for more data as long as we're responding - BUG/MINOR: servers: Don't make "server" in a frontend fatal. - BUG/MEDIUM: tasks: make sure we pick all tasks in the run queue - BUG/MEDIUM: tasks: Decrement rqueue_size at the right time. - BUG/MEDIUM: tasks: use atomic ops for active_tasks_mask - BUG/MEDIUM: tasks: Make sure there's no task left before considering inactive. - MINOR: signal: don't pass the signal number anymore as the wakeup reason - MINOR: tasks: extend the state bits from 8 to 16 and remove the reason - MINOR: tasks: Add a flag that tells if we're in the global runqueue. - BUG/MEDIUM: tasks: make __task_unlink_rq responsible for the rqueue size. - MINOR: queue: centralize dequeuing code a bit better - MEDIUM: queue: make pendconn_free() work on the stream instead - DOC: queue: document the expected locking model for the server's queue - MINOR: queue: make sure pendconn->strm->pend_pos is always valid - MINOR: queue: use a distinct variable for the assigned server and the queue - MINOR: queue: implement pendconn queue locking functions - MEDIUM: queue: get rid of the pendconn lock - MINOR: tasks: Make active_tasks_mask volatile. - MINOR: tasks: Make global_tasks_mask volatile. - MINOR: pollers: Add a way to wake a thread sleeping in the poller. - MINOR: threads/queue: Get rid of THREAD_WANT_SYNC in the queue code. - BUG/MEDIUM: threads/sync: use sched_yield when available - MINOR: ssl: BoringSSL matches OpenSSL 1.1.0 - BUG/MEDIUM: h2: prevent orphaned streams from blocking a connection forever - BUG/MINOR: config: stick-table is not supported in defaults section - BUILD/MINOR: threads: unbreak build with threads disabled - BUG/MINOR: threads: Handle nbthread == MAX_THREADS. - BUG/MEDIUM: threads: properly fix nbthreads == MAX_THREADS - MINOR: threads: move "nbthread" parsing to hathreads.c - BUG/MEDIUM: threads: unbreak "bind" referencing an incorrect thread number - MEDIUM: proxy_protocol: Convert IPs to v6 when protocols are mixed - BUILD/MINOR: compiler: fix offsetof() on older compilers - SCRIPTS: git-show-backports: add missing quotes to "echo" - MINOR: threads: add more consistency between certain variables in no-thread case - MEDIUM: hathreads: implement a more flexible rendez-vous point - BUG/MEDIUM: cli: make "show fd" thread-safe |
||
Willy Tarreau
|
b306650c2a |
[RELEASE] Released version 1.9-dev0
Released version 1.9-dev0 with the following main changes : - BUG/MEDIUM: stream: don't automatically forward connect nor close - BUG/MAJOR: stream: ensure analysers are always called upon close - BUG/MINOR: stream-int: don't try to read again when CF_READ_DONTWAIT is set - MEDIUM: mworker: Add systemd `Type=notify` support - BUG/MEDIUM: cache: free callback to remove from tree - CLEANUP: cache: remove unused struct - MEDIUM: cache: enable the HTTP analysers - CLEANUP: cache: remove wrong comment - MINOR: threads/atomic: rename local variables in macros to avoid conflicts - MINOR: threads/plock: rename local variables in macros to avoid conflicts - MINOR: threads/atomic: implement pl_mb() in asm on x86 - MINOR: threads/atomic: implement pl_bts() on non-x86 - MINOR: threads/build: atomic: replace the few inlines with macros - BUILD: threads/plock: fix a build issue on Clang without optimization - BUILD: ebtree: don't redefine types u32/s32 in scope-aware trees - BUILD: compiler: add a new type modifier __maybe_unused - BUILD: h2: mark some inlined functions "unused" - BUILD: server: check->desc always exists - BUG/MEDIUM: h2: properly report connection errors in headers and data handlers - MEDIUM: h2: add a function to emit an HTTP/1 request from a headers list - MEDIUM: h2: change hpack_decode_headers() to only provide a list of headers - BUG/MEDIUM: h2: always reassemble the Cookie request header field - BUG/MINOR: systemd: ignore daemon mode - CONTRIB: spoa_example: allow to compile outside HAProxy. - CONTRIB: spoa_example: remove bref, wordlist, cond_wordlist - CONTRIB: spoa_example: remove last dependencies on type "sample" - CONTRIB: spoa_example: remove SPOE enums that are useless for clients - CLEANUP: cache: reorder includes - MEDIUM: shctx: use unsigned int for len and block_count - MEDIUM: cache: "show cache" on the cli - BUG/MEDIUM: cache: use key=0 as a condition for freeing - BUG/MEDIUM: cache: refcount forbids to free the objects - BUG/MEDIUM: cache fix cli_kws structure - BUG/MEDIUM: deinit: correctly deinitialize the proxy and global listener tasks - BUG/MINOR: ssl: Always start the handshake if we can't send early data. - MINOR: ssl: Don't disable early data handling if we could not write. - MINOR: pools: prepare functions to override malloc/free in pools - MINOR: pools: implement DEBUG_UAF to detect use after free - BUG/MEDIUM: threads/time: fix time drift correction - BUG/MEDIUM: threads/time: maintain a common time reference between all threads - MINOR: sample: Add "thread" sample fetch - BUG/MINOR: Use crt_base instead of ca_base when crt is parsed on a server line - BUG/MINOR: stream: fix tv_request calculation for applets - BUG/MAJOR: h2: always remove a stream from the send list before freeing it - BUG/MAJOR: threads/task: dequeue expired tasks under the WQ lock - MINOR: ssl: Handle reading early data after writing better. - MINOR: mux: Make sure every string is woken up after the handshake. - MEDIUM: cache: store sha1 for hashing the cache key - MINOR: http: implement the "http-request reject" rule - MINOR: h2: send RST_STREAM before GOAWAY on reject - MEDIUM: h2: don't gracefully close the connection anymore on Connection: close - MINOR: h2: make use of client-fin timeout after GOAWAY - MEDIUM: config: ensure that tune.bufsize is at least 16384 when using HTTP/2 - MINOR: ssl: Handle early data with BoringSSL - BUG/MEDIUM: stream: always release the stream-interface on abort - BUG/MEDIUM: cache: free ressources in chn_end_analyze - MINOR: cache: move the refcount decrease in the applet release - BUG/MINOR: listener: Allow multiple "process" options on "bind" lines - MINOR: config: Support a range to specify processes in "cpu-map" parameter - MINOR: config: Slightly change how parse_process_number works - MINOR: config: Export parse_process_number and use it wherever it's applicable - MINOR: standard: Add my_ffsl function to get the position of the bit set to one - MINOR: config: Add auto-increment feature for cpu-map - MINOR: config: Support partial ranges in cpu-map directive - MINOR:: config: Remove thread-map directive - MINOR: config: Add the threads support in cpu-map directive - MINOR: config: Add threads support for "process" option on "bind" lines - MEDIUM: listener: Bind listeners on a thread subset if specified - CLEANUP: debug: Use DPRINTF instead of fprintf into #ifdef DEBUG_FULL/#endif - CLEANUP: log: Rename Alert/Warning in ha_alert/ha_warning - MINOR/CLEANUP: proxy: rename "proxy" to "proxies_list" - CLEANUP: pools: rename all pool functions and pointers to remove this "2" - DOC: update the roadmap file with the latest changes merged in 1.8 - DOC: fix mangled version in peers protocol documentation - DOC: add initial peers protovol v2.0 documentation. - DOC: mention William as maintainer of the cache and master-worker - DOC: add Christopher and Emeric as maintainers of the threads - MINOR: cache: replace a fprint() by an abort() - MEDIUM: cache: max-age configuration keyword - DOC: explain HTTP2 timeout behavior - DOC: cache: configuration and management - MAJOR: mworker: exits the master on failure - BUG/MINOR: threads: don't drop "extern" on the lock in include files - MINOR: task: keep a pointer to the currently running task - MINOR: task: align the rq and wq locks - MINOR: fd: cache-align fdtab and fdcache locks - MINOR: buffers: cache-align buffer_wq_lock - CLEANUP: server: reorder some fields in struct server to save 40 bytes - CLEANUP: proxy: slightly reorder the struct proxy to reduce holes - CLEANUP: checks: remove 16 bytes of holes in struct check - CLEANUP: cache: more efficiently pack the struct cache - CLEANUP: fd: place the lock at the beginning of struct fdtab - CLEANUP: pools: align pools on a cache line - DOC: config: add a few bits about how to configure HTTP/2 - BUG/MAJOR: threads/queue: avoid recursive locking in pendconn_get_next_strm() - BUILD: Makefile: reorder object files by size |
||
Willy Tarreau
|
0b78792bbe |
[RELEASE] Released version 1.8.0
Released version 1.8.0 with the following main changes : - BUG/MEDIUM: stream: don't automatically forward connect nor close - BUG/MAJOR: stream: ensure analysers are always called upon close - BUG/MINOR: stream-int: don't try to read again when CF_READ_DONTWAIT is set - MEDIUM: mworker: Add systemd `Type=notify` support - BUG/MEDIUM: cache: free callback to remove from tree - CLEANUP: cache: remove unused struct - MEDIUM: cache: enable the HTTP analysers - CLEANUP: cache: remove wrong comment - MINOR: threads/atomic: rename local variables in macros to avoid conflicts - MINOR: threads/plock: rename local variables in macros to avoid conflicts - MINOR: threads/atomic: implement pl_mb() in asm on x86 - MINOR: threads/atomic: implement pl_bts() on non-x86 - MINOR: threads/build: atomic: replace the few inlines with macros - BUILD: threads/plock: fix a build issue on Clang without optimization - BUILD: ebtree: don't redefine types u32/s32 in scope-aware trees - BUILD: compiler: add a new type modifier __maybe_unused - BUILD: h2: mark some inlined functions "unused" - BUILD: server: check->desc always exists - BUG/MEDIUM: h2: properly report connection errors in headers and data handlers - MEDIUM: h2: add a function to emit an HTTP/1 request from a headers list - MEDIUM: h2: change hpack_decode_headers() to only provide a list of headers - BUG/MEDIUM: h2: always reassemble the Cookie request header field - BUG/MINOR: systemd: ignore daemon mode - CONTRIB: spoa_example: allow to compile outside HAProxy. - CONTRIB: spoa_example: remove bref, wordlist, cond_wordlist - CONTRIB: spoa_example: remove last dependencies on type "sample" - CONTRIB: spoa_example: remove SPOE enums that are useless for clients - CLEANUP: cache: reorder includes - MEDIUM: shctx: use unsigned int for len and block_count - MEDIUM: cache: "show cache" on the cli - BUG/MEDIUM: cache: use key=0 as a condition for freeing - BUG/MEDIUM: cache: refcount forbids to free the objects - BUG/MEDIUM: cache fix cli_kws structure - BUG/MEDIUM: deinit: correctly deinitialize the proxy and global listener tasks - BUG/MINOR: ssl: Always start the handshake if we can't send early data. - MINOR: ssl: Don't disable early data handling if we could not write. - MINOR: pools: prepare functions to override malloc/free in pools - MINOR: pools: implement DEBUG_UAF to detect use after free - BUG/MEDIUM: threads/time: fix time drift correction - BUG/MEDIUM: threads/time: maintain a common time reference between all threads - MINOR: sample: Add "thread" sample fetch - BUG/MINOR: Use crt_base instead of ca_base when crt is parsed on a server line - BUG/MINOR: stream: fix tv_request calculation for applets - BUG/MAJOR: h2: always remove a stream from the send list before freeing it - BUG/MAJOR: threads/task: dequeue expired tasks under the WQ lock - MINOR: ssl: Handle reading early data after writing better. - MINOR: mux: Make sure every string is woken up after the handshake. - MEDIUM: cache: store sha1 for hashing the cache key - MINOR: http: implement the "http-request reject" rule - MINOR: h2: send RST_STREAM before GOAWAY on reject - MEDIUM: h2: don't gracefully close the connection anymore on Connection: close - MINOR: h2: make use of client-fin timeout after GOAWAY - MEDIUM: config: ensure that tune.bufsize is at least 16384 when using HTTP/2 - MINOR: ssl: Handle early data with BoringSSL - BUG/MEDIUM: stream: always release the stream-interface on abort - BUG/MEDIUM: cache: free ressources in chn_end_analyze - MINOR: cache: move the refcount decrease in the applet release - BUG/MINOR: listener: Allow multiple "process" options on "bind" lines - MINOR: config: Support a range to specify processes in "cpu-map" parameter - MINOR: config: Slightly change how parse_process_number works - MINOR: config: Export parse_process_number and use it wherever it's applicable - MINOR: standard: Add my_ffsl function to get the position of the bit set to one - MINOR: config: Add auto-increment feature for cpu-map - MINOR: config: Support partial ranges in cpu-map directive - MINOR:: config: Remove thread-map directive - MINOR: config: Add the threads support in cpu-map directive - MINOR: config: Add threads support for "process" option on "bind" lines - MEDIUM: listener: Bind listeners on a thread subset if specified - CLEANUP: debug: Use DPRINTF instead of fprintf into #ifdef DEBUG_FULL/#endif - CLEANUP: log: Rename Alert/Warning in ha_alert/ha_warning - MINOR/CLEANUP: proxy: rename "proxy" to "proxies_list" - CLEANUP: pools: rename all pool functions and pointers to remove this "2" - DOC: update the roadmap file with the latest changes merged in 1.8 - DOC: fix mangled version in peers protocol documentation - DOC: add initial peers protovol v2.0 documentation. - DOC: mention William as maintainer of the cache and master-worker - DOC: add Christopher and Emeric as maintainers of the threads - MINOR: cache: replace a fprint() by an abort() - MEDIUM: cache: max-age configuration keyword - DOC: explain HTTP2 timeout behavior - DOC: cache: configuration and management - MAJOR: mworker: exits the master on failure - BUG/MINOR: threads: don't drop "extern" on the lock in include files - MINOR: task: keep a pointer to the currently running task - MINOR: task: align the rq and wq locks - MINOR: fd: cache-align fdtab and fdcache locks - MINOR: buffers: cache-align buffer_wq_lock - CLEANUP: server: reorder some fields in struct server to save 40 bytes - CLEANUP: proxy: slightly reorder the struct proxy to reduce holes - CLEANUP: checks: remove 16 bytes of holes in struct check - CLEANUP: cache: more efficiently pack the struct cache - CLEANUP: fd: place the lock at the beginning of struct fdtab - CLEANUP: pools: align pools on a cache line - DOC: config: add a few bits about how to configure HTTP/2 - BUG/MAJOR: threads/queue: avoid recursive locking in pendconn_get_next_strm() - BUILD: Makefile: reorder object files by size |
||
Willy Tarreau
|
cfe14669f7 |
[RELEASE] Released version 1.8-rc4
Released version 1.8-rc4 with the following main changes : - BUG/MEDIUM: cache: does not cache if no Content-Length - BUILD: thread/pipe: fix build without threads - BUG/MINOR: spoe: check buffer size before acquiring or releasing it - MINOR: debug/flags: Add missing flags - MINOR: threads: Use __decl_hathreads to declare locks - BUG/MINOR: buffers: Fix b_alloc_margin to be "fonctionnaly" thread-safe - BUG/MAJOR: ebtree/scope: fix insertion and removal of duplicates in scope-aware trees - BUG/MAJOR: ebtree/scope: fix lookup of next node in scope-aware trees - MINOR: ebtree/scope: add a function to find next node from a parent - MINOR: ebtree/scope: simplify the lookup functions by using eb32sc_next_with_parent() - BUG/MEDIUM: mworker: Fix re-exec when haproxy is started from PATH - BUG/MEDIUM: cache: use msg->sov to forward header - MINOR: cache: forward data with headers - MINOR: cache: disable cache if shctx_row_data_append fail - BUG/MINOR: threads: tid_bit must be a unsigned long - CLEANUP: tasks: Remove useless double test on rq_next - BUG/MEDIUM: standard: itao_str/idx and quote_str/idx must be thread-local - MINOR: tools: add a function to dump a scope-aware tree to a file - MINOR: tools: improve the DOT dump of the ebtree - MINOR: tools: emphasize the node being worked on in the tree dump - BUG/MAJOR: ebtree/scope: properly tag upper nodes during insertion - DOC: peers: Add a first version of peers protocol v2.1. - CONTRIB: Wireshark dissector for HAProxy Peer Protocol. - MINOR: mworker: display an accurate error when the reexec fail - BUG/MEDIUM: mworker: wait again for signals when execvp fail - BUG/MEDIUM: mworker: does not deinit anymore - BUG/MEDIUM: mworker: does not close inherited FD - MINOR: tests: add a python wrapper to test inherited fd - BUG/MINOR: Allocate the log buffers before the proxies startup - MINOR: tasks: Use a bitfield to track tasks activity per-thread - MAJOR: polling: Use active_tasks_mask instead of tasks_run_queue - MINOR: applets: Use a bitfield to track applets activity per-thread - MAJOR: polling: Use active_appels_mask instead of applets_active_queue - MEDIUM: applets: Don't process more than 200 active applets at once - MINOR: stream: Add thread-mask of tasks/FDs/applets in "show sess all" command - MINOR: SSL: Store the ASN1 representation of client sessions. - MINOR: ssl: Make sure we don't shutw the connection before the handshake. - BUG/MEDIUM: deviceatlas: ignore not valuable HTTP request data |
||
Willy Tarreau
|
34650d5a7b |
[RELEASE] Released version 1.8-rc3
Released version 1.8-rc3 with the following main changes : - BUILD: use MAXPATHLEN instead of NAME_MAX. - BUG/MAJOR: threads/checks: add 4 missing spin_unlock() in various functions - BUG/MAJOR: threads/server: missing unlock in CLI fqdn parser - BUG/MINOR: cli: do not perform an invalid action on "set server check-port" - BUG/MAJOR: threads/checks: wrong use of SPIN_LOCK instead of SPIN_UNLOCK - CLEANUP: checks: remove return statements in locked functions - BUG/MINOR: cli: add severity in "set server addr" parser - CLEANUP: server: get rid of return statements in the CLI parser - BUG/MAJOR: cli/streams: missing unlock on exit "show sess" - BUG/MAJOR: threads/dns: add missing unlock on allocation failure path - BUG/MAJOR: threads/lb: fix missing unlock on consistent hash LB - BUG/MAJOR: threads/lb: fix missing unlock on map-based hash LB - BUG/MEDIUM: threads/stick-tables: close a race condition on stktable_trash_expired() - BUG/MAJOR: h2: set the connection's task to NULL when no client timeout is set - BUG/MAJOR: thread/listeners: enable_listener must not call unbind_listener() - BUG/MEDIUM: threads: don't try to free build option message on exit - MINOR: applets: no need to check for runqueue's emptiness in appctx_res_wakeup() - MINOR: add master-worker in the warning about nbproc - MINOR: mworker: allow pidfile in mworker + foreground - MINOR: mworker: write parent pid in the pidfile - MINOR: mworker: do not store child pid anymore in the pidfile - MINOR: ebtree: implement the scope-aware functions for eb32 - MEDIUM: ebtree: specify the scope of every node inserted via eb32sc - MINOR: ebtree: update the eb32sc parent node's scope on delete - MEDIUM: ebtree: only consider the branches matching the scope in lookups - MINOR: ebtree: implement eb32sc_lookup_ge_or_first() - MAJOR: task: make use of the scope-aware ebtree functions - MINOR: task: simplify wake_expired_tasks() to avoid unlocking in the loop - MEDIUM: task: change the construction of the loop in process_runnable_tasks() - MINOR: threads: use faster locks for the spin locks - MINOR: tasks: only visit filled task slots after processing them - MEDIUM: tasks: implement a lockless scheduler for single-thread usage - BUG/MINOR: dns: Don't try to get the server lock if it's already held. - BUG/MINOR: dns: Don't lock the server lock in snr_check_ip_callback(). - DOC: Add note about encrypted password CPU usage - BUG/MINOR: h2: set the "HEADERS_SENT" flag on stream, not connection - BUG/MEDIUM: h2: properly send an RST_STREAM on mux stream error - BUG/MEDIUM: h2: properly send the GOAWAY frame in the mux - BUG/MEDIUM: h2: don't try (and fail) to send non-existing data in the mux - MEDIUM: h2: remove the H2_SS_RESET intermediate state - BUG/MEDIUM: h2: fix some wrong error codes on connections - BUILD: threads: Rename SPIN/RWLOCK macros using HA_ prefix - BUILD: enable USE_THREAD for Solaris build. - BUG/MEDIUM: h2: don't close the connection is there are data left - MINOR: h2: don't re-enable the connection's task when we're closing - BUG/MEDIUM: h2: properly set H2_SF_ES_SENT when sending the final frame - BUG/MINOR: h2: correctly check for H2_SF_ES_SENT before closing - MINOR: h2: add new stream flag H2_SF_OUTGOING_DATA - BUG/MINOR: h2: don't send GOAWAY on failed response - BUG/MEDIUM: splice/threads: pipe reuse list was not protected. - BUG/MINOR: comp: fix compilation warning compiling without compression. - BUG/MINOR: stream-int: don't set MSG_MORE on closed request path - BUG/MAJOR: threads/tasks: fix the scheduler again - BUG/MINOR; ssl: Don't assume we have a ssl_bind_conf because a SNI is matched. - MINOR: ssl: Handle session resumption with TLS 1.3 - MINOR: ssl: Spell 0x10101000L correctly. - MINOR: ssl: Handle sending early data to server. - BUILD: ssl: fix build of backend without ssl - BUILD: shctx: do not depend on openssl anymore - BUG/MINOR: h1: the HTTP/1 make status code parser check for digits - BUG/MEDIUM: h2: reject non-3-digit status codes - BUG/MEDIUM: stream-int: Don't loss write's notifs when a stream is woken up - BUG/MINOR: pattern: Rely on the sample type to copy it in pattern_exec_match - BUG/MEDIUM: h2: split the function to send RST_STREAM - BUG/MEDIUM: h1: ensure the chunk size parser can deal with full buffers - MINOR: tools: don't use unlikely() in hex2i() - BUG/MEDIUM: h2: support orphaned streams - BUG/MEDIUM: threads/cli: fix "show sess" locking on release - CLEANUP: mux: remove the unused "release()" function - MINOR: cli: make "show fd" report the fd's thread mask - BUG/MEDIUM: stream: don't ignore res.analyse_exp anymore - CLEANUP: global: introduce variable pid_bit to avoid shifts with relative_pid - MEDIUM: http: always reject the "PRI" method |
||
Willy Tarreau
|
a8d8d6e8f6 |
[RELEASE] Released version 1.8-rc2
Released version 1.8-rc2 with the following main changes : - BUG/MINOR: send-proxy-v2: fix dest_len in make_tlv call - BUG/MINOR: send-proxy-v2: string size must include ('\0') - MINOR: mux: Only define pipe functions on linux. - MINOR: cache: Remove useless test for nonzero. - MINOR: cache: Don't confuse act_return and act_parse_ret. - BUG/MEDIUM: h2: don't try to parse incomplete H1 responses - BUG/MEDIUM: checks/mux: always enable send-polling after connecting - BUG/MAJOR: fix deadlock on healthchecks. - BUG/MINOR: thread: fix a typo in the debug code - BUILD: shctx: allow to be built without openssl - BUG/MEDIUM: cache: don't try to resolve wrong filters - BUG/MAJOR: buffers: fix get_buffer_nc() for data at end of buffer - BUG/MINOR: freq: fix infinite loop on freq_ctr_period. - BUG/MINOR: stdarg.h inclusion - BUG/MINOR: dns: fix missing lock protection on server. - BUG/MINOR: lua: fix missing lock protection on server. - BUILD: enable USE_THREAD for OpenBSD build. - BUG/MAJOR: mux_pt: don't dereference a connstream after ->wake() - MINOR: thread: report multi-thread support in haproxy -vv |
||
Willy Tarreau
|
901f75c4a6 |
[RELEASE] Released version 1.8-rc1
Released version 1.8-rc1 with the following main changes : - BUG/MEDIUM: server: Allocate tmptrash before using it. - CONTRIB: trace: add the possibility to place trace calls in the code - CONTRIB: trace: try to display the function's return value on exit - CONTRIB: trace: report the base name only for file names - BUILD: ssl: support OPENSSL_NO_ASYNC #define - MINOR: ssl: build with recent BoringSSL library - BUG/MINOR: ssl: OCSP_single_get0_status can return -1 - BUG/MINOR: cli: restore "set ssl tls-key" command - CLEANUP: cli: remove undocumented "set ssl tls-keys" command - IMPORT: sha1: import SHA1 functions - MINOR: sample: add the sha1 converter - MINOR: sample: add the hex2i converter - MINOR: stream-int: stop checking for useless connection flags in chk_snd_conn - MINOR: ssl: don't abort after sending 16kB - MINOR: connection: move the cleanup of flag CO_FL_WAIT_ROOM - MINOR: connection: add flag CO_FL_WILL_UPDATE to indicate when updates are granted - MEDIUM: connection: make use of CO_FL_WILL_UPDATE in conn_sock_shutw() - MINOR: raw_sock: make use of CO_FL_WILL_UPDATE - MINOR: ssl_sock: make use of CO_FL_WILL_UPDATE - BUG/MINOR: checks: Don't forget to release the connection on error case. - MINOR: buffer: add the buffer input manipulation functions - BUG/MEDIUM: prevent buffers being overwritten during build_logline() execution - MEDIUM: cfgparse: post section callback - MEDIUM: cfgparse: post parsing registration - MINOR: lua: add uuid to the Class Proxy - MINOR: hlua: Add regex class - MINOR: http: Mark the 425 code as "Too Early". - MEDIUM: ssl: convert CBS (BoringSSL api) usage to neutral code - MINOR: ssl: support Openssl 1.1.1 early callback for switchctx - MINOR: ssl: generated certificate is missing in switchctx early callback - MEDIUM: ssl: Handle early data with OpenSSL 1.1.1 - BUILD: Makefile: disable -Wunused-label - MINOR: ssl/proto_http: Add keywords to take care of early data. - BUG/MINOR: lua: const attribute of a string is overridden - MINOR: ssl: Don't abuse ssl_options. - MINOR: update proxy-protocol-v2 #define - MINOR: merge ssl_sock_get calls for log and ppv2 - MINOR: add ALPN information to send-proxy-v2 - MEDIUM: h1: ensure that 1xx, 204 and 304 don't have a payload body - CLEANUP: shctx: get ride of the shsess_packet{_hdr} structures - MEDIUM: lists: list_for_each_entry{_safe}_from functions - REORG: shctx: move lock functions and struct - MEDIUM: shctx: allow the use of multiple shctx - REORG: shctx: move ssl functions to ssl_sock.c - MEDIUM: shctx: separate ssl and shctx - MINOR: shctx: rename lock functions - MINOR: h1: store the status code in the H1 message - BUG/MINOR: spoe: Don't compare engine name and SPOE scope when both are NULL - BUG/MINOR: spoa: Update pointer on the end of the frame when a reply is encoded - MINOR: action: Add trk_idx inline function - MINOR: action: Use trk_idx instead of tcp/http_trk_idx - MINOR: action: Add a function pointer in act_rule struct to check its validity - MINOR: action: Add function to check rules using an action ACT_ACTION_TRK_* - MINOR: action: Add a functions to check http capture rules - MINOR: action: Factorize checks on rules calling check_ptr if defined - MINOR: acl: Pass the ACLs as an explicit parameter of build_acl_cond - MEDIUM: spoe: Add support of ACLS to enable or disable sending of SPOE messages - MINOR: spoe: Check uniqness of SPOE engine names during config parsing - MEDIUM: spoe: Parse new "spoe-group" section in SPOE config file - MEDIUM: spoe/rules: Add "send-spoe-group" action for tcp/http rules - MINOR: spoe: Move message encoding in its own function - MINOR: spoe: Add a type to qualify the message list during encoding - MINOR: spoe: Add a generic function to encode a list of SPOE message - MEDIUM: spoe/rules: Process "send-spoe-group" action - BUG/MINOR: dns: Fix CLI keyword declaration - MAJOR: dns: Refactor the DNS code - BUG/MINOR: mailers: Fix a memory leak when email alerts are released - MEDIUM: mailers: Init alerts during conf parsing and refactor their processing - MINOR: mailers: Use pools to allocate email alerts and its tcpcheck_rules - MINOR: standard: Add memvprintf function - MINOR: log: Save alerts and warnings emitted during HAProxy startup - MINOR: cli: Add "show startup-logs" command - MINOR: startup: Extend the scope the MODE_STARTING flag - MINOR: threads: Prepare makefile to link with pthread - MINOR: threads: Add THREAD_LOCAL macro - MINOR: threads: Add atomic-ops and plock includes in import dir - MEDIUM: threads: Add hathreads header file - MINOR: threads: Add mechanism to register per-thread init/deinit functions - MINOR: threads: Add nbthread parameter - MEDIUM: threads: Adds a set of functions to handle sync-point - MAJOR: threads: Start threads to experiment multithreading - MINOR: threads: Define the sync-point inside run_poll_loop - MEDIUM: threads/buffers: Define and register per-thread init/deinit functions - MEDIUM: threads/chunks: Transform trash chunks in thread-local variables - MEDIUM: threads/time: Many global variables from time.h are now thread-local - MEDIUM: threads/logs: Make logs thread-safe - MEDIUM: threads/pool: Make pool thread-safe by locking all access to a pool - MAJOR: threads/fd: Make fd stuffs thread-safe - MINOR: threads/fd: Add a mask of threads allowed to process on each fd in fdtab array - MEDIUM: threads/fd: Initialize the process mask during the call to fd_insert - MINOR: threads/fd: Process cached events of FDs depending on the process mask - MINOR: threads/polling: pollers now handle FDs depending on the process mask - WIP: SQUASH WITH SYNC POINT - MAJOR: threads/task: handle multithread on task scheduler - MEDIUM: threads/signal: Add a lock to make signals thread-safe - MEDIUM: threads/listeners: Make listeners thread-safe - MEDIUM: threads/proxy: Add a lock per proxy and atomically update proxy vars - MEDIUM: threads/server: Make connection list (priv/idle/safe) thread-safe - MEDIUM: threads/server: Add a lock per server and atomically update server vars - MINOR: threads/server: Add a lock to deal with insert in updates_servers list - MEDIUM: threads/lb: Make LB algorithms (lb_*.c) thread-safe - MEDIUM: threads/stick-tables: handle multithreads on stick tables - MINOR: threads/sample: Change temp_smp into a thread local variable - MEDIUM: threads/http: Make http_capture_bad_message thread-safe - MINOR: threads/regex: Change Regex trash buffer into a thread local variable - MAJOR: threads/applet: Handle multithreading for applets - MAJOR: threads/peers: Make peers thread safe - MAJOR: threads/buffer: Make buffer wait queue thread safe - MEDIUM: threads/stream: Make streams list thread safe - MAJOR: threads/ssl: Make SSL part thread-safe - MEDIUM: threads/queue: Make queues thread-safe - MAJOR: threads/map: Make acls/maps thread safe - MEDIUM: threads/freq_ctr: Make the frequency counters thread-safe - MEDIUM: thread/vars: Make vars thread-safe - MEDIUM: threads/filters: Add init/deinit callback per thread - MINOR: threads/filters: Update trace filter to add _per_thread callbacks - MEDIUM: threads/compression: Make HTTP compression thread-safe - MEDIUM: threads/lua: Makes the jmpbuf and some other buffers local to the current thread. - MEDIUM: threads/lua: Add locks around the Lua execution parts. - MEDIUM: threads/lua: Ensure that the launched tasks runs on the same threads than me - MEDIUM: threads/lua: Cannot acces to the socket if we try to access from another thread. - MEDIUM: threads/xref: Convert xref function to a thread safe model - MEDIUM: threads/tasks: Add lock around notifications - MEDIUM: thread/spoe: Make the SPOE thread-safe - MEDIUM: thread/dns: Make DNS thread-safe - MINOR: threads: Add thread-map config parameter in the global section - MINOR: threads/checks: Add a lock to protect the pid list used by external checks - MINOR: threads/checks: Set the task process_mask when a check is executed - MINOR: threads/mailers: Add a lock to protect queues of email alerts - MEDIUM: threads/server: Use the server lock to protect health check and cli concurrency - MINOR: threads: Don't start when device a detection module is used - BUG/MEDIUM: threads: Run the poll loop on the main thread too - BUG/MINOR: threads: Add missing THREAD_LOCAL on static here and there - MAJOR: threads: Offically enable the threads support in HAProxy - BUG/MAJOR: threads/freq_ctr: fix lock on freq counters. - BUG/MAJOR: threads/time: Store the time deviation in an 64-bits integer - BUILD: stick-tables: silence an uninitialized variable warning - BUG/MINOR: dns: Fix SRV records with the new thread code. - MINOR: ssl: Remove the global allow-0rtt option. - CLEANUP: threads: replace the last few 1UL<<tid with tid_bit - CLEANUP: threads: rename process_mask to thread_mask - MINOR: h1: add a function to measure the trailers length - MINOR: threads: add a portable barrier for threads and non-threads - BUG/MAJOR: threads/freq_ctr: use a memory barrier to detect changes - BUG/MEDIUM: threads: Initialize the sync-point - MEDIUM: connection: start to introduce a mux layer between xprt and data - MINOR: connection: implement alpn registration of muxes - MINOR: mux: register the pass-through mux for any ALPN string - MEDIUM: session: use the ALPN token and proxy mode to select the mux - MINOR: connection: report the major HTTP version from the MUX for logging (fc_http_major) - MINOR: connection: introduce conn_stream - MINOR: mux: add more methods to mux_ops - MINOR: connection: introduce the conn_stream manipulation functions - MINOR: mux_pt: implement remaining mux_ops methods - MAJOR: connection : Split struct connection into struct connection and struct conn_stream. - MINOR: connection: make conn_stream users also check for per-stream error flag - MINOR: conn_stream: new shutr/w status flags - MINOR: conn_stream: modify cs_shut{r,w} API to pass the desired mode - MEDIUM: connection: make conn_sock_shutw() aware of lingering - MINOR: connection: add cs_close() to close a conn_stream - MEDIUM: mux_pt: make cs_shutr() / cs_shutw() properly close the connection - MEDIUM: connection: replace conn_full_close() with cs_close() - MEDIUM: connection: make mux->detach() release the connection - MEDIUM: stream: do not forcefully close the client connection anymore - MEDIUM: checks: exclusively use cs_destroy() to release a connection - MEDIUM: connection: add a destroy callback - MINOR: session: release the listener with the session, not the stream - MEDIUM: session: make use of the connection's destroy callback - CONTRIB: hpack: implement a reverse huffman table generator for hpack - MINOR: hpack: implement the HPACK Huffman table decoder - MINOR: hpack: implement the header tables management - MINOR: hpack: implement the decoder - MEDIUM: hpack: implement basic hpack encoding - MINOR: h2: centralize all HTTP/2 protocol elements and constants - MINOR: h2: create a very minimalistic h2 mux - MINOR: h2: expose tune.h2.header-table-size to configure the table size - MINOR: h2: expose tune.h2.initial-window-size to configure the window size - MINOR: h2: expose tune.h2.max-concurrent-streams to limit the number of streams - MINOR: h2: create the h2c struct and allocate its pool - MINOR: h2: create the h2s struct and the associated pool - MINOR: h2: handle two extra stream states for errors - MINOR: h2: add a frame header descriptor for incoming frames - MEDIUM: h2: allocate and release the h2c context on connection init/end - MEDIUM: h2: implement basic recv/send/wake functions - MEDIUM: h2: dynamically allocate the demux buffer on Rx - MEDIUM: h2: implement the mux buffer allocator - MINOR: h2: add the connection and stream flags listing the causes for blocking - MINOR: h2: add function h2s_id() to report a stream's ID - MINOR: h2: small function to know when the mux is busy - MINOR: h2: new function h2c_error to mark an error on the connection - MINOR: h2: new function h2s_error() to mark an error on a stream - MINOR: h2: add h2_set_frame_size() to update the size in a binary frame - MINOR: h2: new function h2_peek_frame_hdr() to retrieve a new frame header - MINOR: h2: add a few functions to retrieve contents from a wrapping buffer - MINOR: h2: add stream lookup function based on the stream ID - MINOR: h2: create dummy idle and closed streams - MINOR: h2: add the function to create a new stream - MINOR: h2: update the {MUX,DEM}_{M,D}ALLOC flags on buffer availability - MEDIUM: h2: start to consider the H2_CF_{MUX,DEM}_* flags for polling - MINOR: h2: also terminate the connection on shutr - MEDIUM: h2: properly consider all conditions for end of connection - MEDIUM: h2: wake the connection up for send on pending streams - MEDIUM: h2: start to implement the frames processing loop - MINOR: h2: add a function to send a GOAWAY error frame - MINOR: h2: match the H2 connection preface on init - MEDIUM: h2: enable connection polling for send when a cs wants to emit - MEDIUM: h2: enable reading again on the connection if it was blocked on stream buffer full - MEDIUM: h2: process streams pending for sending - MINOR: h2: send a real SETTINGS frame based on the configuration - MEDIUM: h2: detect the presence of the first settings frame - MINOR: h2: create a stream parser for the demuxer - MINOR: h2: implement PING frames - MEDIUM: h2: decode SETTINGS frames and extract relevant settings - MINOR: h2: lookup the stream during demuxing - MEDIUM: h2: honor WINDOW_UPDATE frames - MINOR: h2: implement h2_send_rst_stream() to send RST_STREAM frames - MINOR: h2: handle CONTINUATION frames - MEDIUM: h2: partial implementation of h2_detach() - MEDIUM: h2: unblock a connection when its current stream detaches - MEDIUM: h2: basic processing of HEADERS frame - MEDIUM: h2: don't use trash to decode headers! - MEDIUM: h2: implement the response HEADERS frame to encode the H1 response - MEDIUM: h2: send the H1 response body as DATA frames - MEDIUM: h2: skip the response trailers if any - MEDIUM: h2: properly continue to parse header block when facing a 1xx response - MEDIUM: h2: send WINDOW_UPDATE frames for connection - MEDIUM: h2: handle request body in DATA frames - MINOR: h2: handle RST_STREAM frames - MEDIUM: h2: send DATA+ES or RST_STREAM on shutw/shutr - MINOR: h2: use a common function to signal some and all streams. - MEDIUM: h2: handle GOAWAY frames - MINOR: h2: centralize the check for the idle streams - MINOR: h2: centralize the check for the half-closed(remote) streams - MEDIUM: h2: silently ignore frames higher than last_id after GOAWAY - MINOR: h2: properly reject PUSH_PROMISE frames coming from the client - MEDIUM: h2: perform a graceful shutdown on "Connection: close" - MEDIUM: h2: send a GOAWAY frame when dealing with an empty response - MEDIUM: h2: apply a timeout to h2 connections - BUG/MEDIUM: h2: fix incorrect timeout handling on the connection - MEDIUM: shctx: forbid shctx to read more than expected - MEDIUM: cache: configuration parsing and initialization - MEDIUM: cache: store objects in cache - MEDIUM: cache: deliver objects from cache |
||
Willy Tarreau
|
f08137c434 |
[RELEASE] Released version 1.8-dev3
Released version 1.8-dev3 with the following main changes : - REORG: ssl: move defines and methodVersions table upper - MEDIUM: ssl: ctx_set_version/ssl_set_version func for methodVersions table - MINOR: ssl: support ssl-min-ver and ssl-max-ver with crt-list - MEDIUM: ssl: disable SSLv3 per default for bind - BUG/MAJOR: ssl: fix segfault on connection close using async engines. - BUG/MAJOR: ssl: buffer overflow using offloaded ciphering on async engine - BUG/MINOR: ssl: do not call directly the conn_fd_handler from async_fd_handler - BUG/MINOR: haproxy/cli : fix for solaris/illumos distros for CMSG* macros - BUG/MEDIUM: build without openssl broken - BUG/MINOR: warning: need_resend may be used uninitialized - BUG/MEDIUM: misplaced exit and wrong exit code - BUG/MINOR: Makefile: fix compile error with USE_LUA=1 in ubuntu16.04 - BUILD: scripts: make publish-release support bare repositories - BUILD: scripts: add an automatic mode for publish-release - BUILD: scripts: add a "quiet" mode to publish-release - BUG/MAJOR: http: call manage_client_side_cookies() before erasing the buffer - BUG/MINOR: buffers: Fix bi/bo_contig_space to handle full buffers - CONTRIB: plug qdiscs: Plug queuing disciplines mini HOWTO. - BUG/MINOR: acls: Set the right refflag when patterns are loaded from a map - BUG/MINOR: ssl: Be sure that SSLv3 connection methods exist for openssl < 1.1.0 - BUG/MINOR: http/filters: Be sure to wait if a filter loops in HTTP_MSG_ENDING - BUG/MEDIUM: peers: Peers CLOSE_WAIT issue. - BUG/MAJOR: server: Segfault after parsing server state file. - BUG/MEDIUM: unix: never unlink a unix socket from the file system - scripts: create-release pass -n to tail - SCRIPTS: create-release: enforce GIT_COMMITTER_{NAME|EMAIL} validity - BUG/MEDIUM: fix segfault when no argument to -x option - MINOR: warning on multiple -x - MINOR: mworker: don't copy -x argument anymore in copy_argv() - BUG/MEDIUM: mworker: don't reuse PIDs passed to the master - BUG/MINOR: Wrong peer task expiration handling during synchronization processing. - BUG/MINOR: cfgparse: Check if tune.http.maxhdr is in the range 1..32767 - BUG/MINOR: log: pin the front connection when front ip/ports are logged - DOC: fix references to the section about the unix socket - BUG/MINOR: stream: flag TASK_WOKEN_RES not set if task in runqueue - MAJOR: task: task scheduler rework. - MINOR: task/stream: tasks related to a stream must be init by the caller. - MINOR: queue: Change pendconn_get_next_strm into private function - MINOR: backends: Change get_server_sh/get_server_uh into private function - MINOR: queue: Change pendconn_from_srv/pendconn_from_px into private functions - MEDIUM: stream: make stream_new() always set the target and analysers - MINOR: frontend: initialize HTTP layer after the debugging code - MINOR: connection: add a .get_alpn() method to xprt_ops - MINOR: ssl: add a get_alpn() method to ssl_sock - MINOR: frontend: retrieve the ALPN name when available - MINOR: frontend: report the connection's ALPN in the debug output - MINOR: stream: don't set backend's nor response analysers on SF_TUNNEL - MINOR: connection: send data before receiving - MAJOR: applet: applet scheduler rework. - BUG/MAJOR: frontend: don't dereference a null conn on outgoing connections - BUG/MAJOR: cli: fix custom io_release was crushed by NULL. - BUG/MAJOR: map: fix segfault during 'show map/acl' on cli. - BUG/MAJOR: compression: Be sure to release the compression state in all cases - MINOR: compression: Use a memory pool to allocate compression states - BUG/MAJOR: applet: fix a freeze if data is immedately forwarded. - DOC: fix references to the section about time format. - BUG/MEDIUM: map/acl: fix unwanted flags inheritance. - BUG/MAJOR: http: fix buffer overflow on loguri buffer. - MINOR: ssl: compare server certificate names to the SNI on outgoing connections - BUG/MINOR: stream: Don't forget to remove CF_WAKE_ONCE flag on response channel - BUG/MINOR: http: Don't reset the transaction if there are still data to send - BUG/MEDIUM: filters: Be sure to call flt_end_analyze for both channels - MINOR: peers: Add additional information to stick-table definition messages. - BUG/MINOR: http: properly handle all 1xx informational responses - OPTIM: ssl: don't consider a small ssl_read() as an indication of end of buffer - BUG/MINOR: peers: peer synchronization issue (with several peers sections). - CLEANUP: hdr_idx: make some function arguments const where possible - BUG/MINOR: Prevent a use-after-free on error scenario on option "-x". - BUG/MINOR: lua: In error case, the safe mode is not removed - BUG/MINOR: lua: executes the function destroying the Lua session in safe mode - BUG/MAJOR: lua/socket: resources not detroyed when the socket is aborted - BUG/MEDIUM: lua: bad memory access - BUG/MINOR: Lua: variable already initialized - DOC: update CONTRIBUTING regarding optional parts and message format - DOC: update the list of OpenSSL versions in the README - BUG/MINOR: http: Set the response error state in http_sync_res_state - MINOR: http: Reorder/rewrite checks in http_resync_states - MINOR: http: Switch requests/responses in TUNNEL mode only by checking txn flags - BUG/MEDIUM: http: Switch HTTP responses in TUNNEL mode when body length is undefined - MINOR: http: Rely on analyzers mask to end processing in forward_body functions - BUG/MINOR: http: Fix bug introduced in previous patch in http_resync_states - BUG/MINOR: contrib/modsecurity: BSD build fix - BUG/MINOR: contrib/mod_defender: build fix - BUG/MINOR: ssl: remove haproxy SSLv3 support when ssl lib have no SSLv3 - MINOR: ssl: remove an unecessary SSL_OP_NO_* dependancy - BUILD: ssl: fix compatibility with openssl without TLSEXT_signature_* - MINOR: tools: add a portable timegm() alternative - BUILD: lua: replace timegm() with my_timegm() to fix build on Solaris 10 - DOC: Updated 51Degrees git URL to point to a stable version. - BUG/MAJOR: http: Fix possible infinity loop in http_sync_(req|res)_state - MINOR: memory: remove macros - BUG/MINOR: lua: Fix Server.get_addr() port values - BUG/MINOR: lua: Correctly use INET6_ADDRSTRLEN in Server.get_addr() - MINOR: samples: Handle the type SMP_T_METH when we duplicate a sample in smp_dup - MINOR: samples: Handle the type SMP_T_METH in smp_is_safe and smp_is_rw - MINOR: samples: Don't allocate memory for SMP_T_METH sample when method is known - BUG/MINOR: lua: always detach the tcp/http tasks before freeing them - MINOR: task: always preinitialize the task's timeout in task_init() - CLEANUP: task: remove all initializations to TICK_ETERNITY after task_new() - BUG/MAJOR: lua: properly dequeue hlua_applet_wakeup() for new scheduler - MINOR: lua: Add proxy as member of proxy object. - DOC: lua: Proxy class doc update - MINOR: lua: Add lists of frontends and backends - BUG/MINOR: ssl: Fix check against SNI during server certificate verification - BUG/MINOR: ssl: make use of the name in SNI before verifyhost - MINOR: ssl: add a new error codes for wrong server certificates - BUG/MEDIUM: stream: don't retry SSL connections which fail the SNI name check - MINOR: ssl: add "no-ca-names" parameter for bind - BUG/MINOR: lua: Fix bitwise logic for hlua_server_check_* functions. - DOC: fix alphabetical order of "show commands" in management.txt - MINOR: listener: add a function to return a listener's state as a string - MINOR: cli: add a new "show fd" command - BUG/MEDIUM: ssl: Fix regression about certificates generation - MINOR: Add server port field to server state file. - MINOR: ssl: allow to start without certificate if strict-sni is set - MINOR: dns: Cache previous DNS answers. - MINOR: obj: Add a new type of object, OBJ_TYPE_SRVRQ. - Add a few functions to do unaligned access. - MINOR: dns: Handle SRV records. - MINOR: check: Fix checks when using SRV records. - MINOR: doc: Document SRV label usage. - BUILD/MINOR: cli: shut a minor gcc warning in "show fd" - BUILD: ssl: replace SSL_CTX_get0_privatekey for openssl < 1.0.2 - BUILD/MINOR: build without openssl still broken - BUG/MAJOR: stream: in stream_free(), close the front endpoint and not the origin - CLEANUP: raw_sock: Use a better name for the constructor than __ssl_sock_deinit() - MINOR: init: Fix CPU affinity setting on FreeBSD. - MINOR: dns: Update analysis of TRUNCATED response for SRV records - MINOR: dns: update record dname matching for SRV query types - MINOR: dns: update dns response buffer reading pointer due to SRV record - MINOR: dns: duplicate entries in resolution wait queue for SRV records - MINOR: dns: make debugging function dump_dns_config() compatible with SRV records - MINOR: dns: ability to use a SRV resolution for multiple backends - MINOR: dns: enable caching of responses for server set by a SRV record - MINOR: dns: new dns record type (RTYPE) for OPT - MINOR: dns: enabled edns0 extension and make accpeted payload size tunable - MINOR: dns: default "hold obsolete" timeout set to 0 - MINOR: chunks: add chunk_memcpy() and chunk_memcat() - MINOR: session: add a streams field to the session struct - MINOR: stream: link the stream to its session - MEDIUM: session: do not free a session until no stream references it - MINOR: ist: implement very simple indirect strings - TESTS: ist: add a test file for the functions - MINOR: http: export some of the HTTP parser macros - BUG/MINOR: Wrong type used as argument for spoe_decode_buffer(). - BUG/MINOR: dns: server set by SRV records stay in "no resolution" status - MINOR: dns: Maximum DNS udp payload set to 8192 - MINOR: dns: automatic reduction of DNS accpeted payload size - MINOR: dns: make SRV record processing more verbose - CLEANUP: dns: remove duplicated code in dns_resolve_recv() - CLEANUP: dns: remove duplicated code in dns_validate_dns_response() - BUG/MINOR: dns: wrong resolution interval lead to 100% CPU - BUG/MEDIUM: dns: fix accepted_payload_size parser to avoid integer overflow - BUG/MAJOR: lua: fix the impact of the scheduler changes again - BUG/MEDIUM: lua: HTTP services must take care of body-less status codes - MINOR: lua: properly process the contents of the content-length field - BUG/MEDIUM: stream: properly set the required HTTP analysers on use-service - OPTIM: lua: don't use expensive functions to parse headers in the HTTP applet - OPTIM: lua: don't add "Connection: close" on the response - REORG/MEDIUM: connection: introduce the notion of connection handle - BUG/MINOR: stream-int: don't check the CO_FL_CURR_WR_ENA flag - MEDIUM: connection: get rid of data->init() which was not for data - MEDIUM: stream: make stream_new() allocate its own task - CLEANUP: listener: remove the unused handler field - MEDIUM: session: add a pointer to a struct task in the session - MINOR: stream: provide a new stream creation function for connections - MEDIUM: connection: remove useless flag CO_FL_DATA_RD_SH - CLEANUP: connection: remove the unused conn_sock_shutw_pending() - MEDIUM: connection: remove useless flag CO_FL_DATA_WR_SH - DOC: add CLI info on privilege levels - DOC: Refer to Mozilla TLS info / config generator - MINOR: ssl: remove duplicate ssl_methods in struct bind_conf - BUG/MEDIUM: http: Fix a regression bug when a HTTP response is in TUNNEL mode - DOC: Add note about "* " prefix in CSV stats - CLEANUP: memory: Remove unused function pool_destroy - MINOR: listeners: Change listener_full and limit_listener into private functions - MINOR: listeners: Change enable_listener and disable_listener into private functions - MINOR: fd: Don't forget to reset fdtab[fd].update when a fd is added/removed - MINOR: fd: Set owner and iocb field before inserting a new fd in the fdtab - MINOR: backends: Make get_server_* functions explicitly static - MINOR: applet: Check applets_active_queue before processing applets queue - MINOR: chunks: Use dedicated function to init/deinit trash buffers - MEDIUM: chunks: Realloc trash buffers only after the config is parsed and checked - MINOR: logs: Use dedicated function to init/deinit log buffers - MINOR: logs: Realloc log buffers only after the config is parsed and checked - MINOR: buffers: Move swap_buffer into buffer.c and add deinit_buffer function - MINOR: stick-tables: Make static_table_key a struct variable instead of a pointer - MINOR: http: Use a trash chunk to store decoded string of the HTTP auth header - MINOR: fd: Add fd_active function - MINOR: fd: Use inlined functions to check fd state in fd_*_send/recv functions - MINOR: fd: Move (de)allocation of fdtab and fdinfo in (de)init_pollers - MINOR: freq_ctr: Return the new value after an update - MEDIUM: check: server states and weight propagation re-work - BUG/MEDIUM: epoll: ensure we always consider HUP and ERR - MINOR: fd: Add fd_update_events function - MINOR: polling: Use fd_update_events to update events seen for a fd - BUG/MINOR: server: Remove FQDN requirement for using init-addr and state file - Revert "BUG/MINOR: server: Remove FQDN requirement for using init-addr and state file" - MINOR: ssl: rework smp_fetch_ssl_fc_cl_str without internal ssl use - BUG/MEDIUM: http: Close streams for connections closed before a redirect - BUG/MINOR: Lua: The socket may be destroyed when we try to access. - MINOR: xref: Add a new xref system - MEDIUM: xref/lua: Use xref for referencing cosocket relation between stream and lua - MINOR: tasks: Move Lua notification from Lua to tasks - MINOR: net_helper: Inline functions meant to be inlined. - MINOR: cli: add socket commands and config to prepend informational messages with severity - MINOR: add severity information to cli feedback messages - BUILD: Makefile: add a function to detect support by the compiler of certain options - BUILD: Makefile: shut certain gcc/clang stupid warnings - BUILD: Makefile: improve detection of support for compiler warnings - MINOR: peers: don't reference the incoming listener on outgoing connections - MINOR: frontend: don't retrieve ALPN on the critical path - MINOR: protocols: always pass a "port" argument to the listener creation - MINOR: protocols: register the ->add function and stop calling them directly - MINOR: unix: remove the now unused proto_uxst.h file - MINOR: listeners: new function create_listeners - MINOR: listeners: make listeners count consistent with reality - MEDIUM: session: take care of incrementing/decrementing jobs - MINOR: listener: new function listener_release - MINOR: session: small cleanup of conn_complete_session() - MEDIUM: session: factor out duplicated code for conn_complete_session - MEDIUM: session: count the frontend's connections at a single place - BUG/MEDIUM: compression: Fix check on txn in smp_fetch_res_comp_algo - BUG/MINOR: compression: Check response headers before http-response rules eval - BUG/MINOR: spoe: Don't rely on SPOE ctx in debug message when its creation failed - BUG/MINOR: dns: Fix check on nameserver in snr_resolution_cb - MINOR: ssl: Remove useless checks on bind_conf or bind_conf->is_ssl - BUG/MINOR: contrib/mod_defender: close the va_list argp before return - BUG/MINOR: contrib/modsecurity: close the va_list ap before return - MINOR: tools: make my_htonll() more efficient on x86_64 - MINOR: buffer: add b_del() to delete a number of characters - MINOR: buffer: add b_end() and b_to_end() - MINOR: net_helper: add functions to read from vectors - MINOR: net_helper: add write functions - MINOR: net_helper: add 64-bit read/write functions - MINOR: connection: adjust CO_FL_NOTIFY_DATA after removal of flags - MINOR: ist: add a macro to ease const array initialization - BUG/MEDIUM: server: unwanted behavior leaving maintenance mode on tracked stopping server - BUG/MEDIUM: server: unwanted behavior leaving maintenance mode on tracked stopping server (take2) - BUG/MINOR: log: fixing small memory leak in error code path. - BUG/MINOR: contrib/halog: fixing small memory leak - BUG/MEDIUM: tcp/http: set-dst-port action broken - CLEANUUP: checks: don't set conn->handle.fd to -1 - BUG/MEDIUM: tcp-check: properly indicate polling state before performing I/O - BUG/MINOR: tcp-check: don't quit with pending data in the send buffer - BUG/MEDIUM: tcp-check: don't call tcpcheck_main() from the I/O handlers! - BUG/MINOR: unix: properly check for octal digits in the "mode" argument - MINOR: checks: make chk_report_conn_err() take a check, not a connection - CLEANUP: checks: remove misleading comments and statuses for external process - CLEANUP: checks: don't report report the fork() error twice - CLEANUP: checks: do not allocate a connection for process checks - TESTS: checks: add a simple test config for external checks - BUG/MINOR: tcp-check: don't initialize then break a connection starting with a comment - TESTS: checks: add a simple test config for tcp-checks - MINOR: tcp-check: make tcpcheck_main() take a check, not a connection - MINOR: checks: don't create then kill a dummy connection before tcp-checks - MEDIUM: checks: make tcpcheck_main() indicate if it recycled a connection - MEDIUM: checks: do not allocate a permanent connection anymore - BUG/MEDIUM: cli: fix "show fd" crash when dumping closed FDs - BUG/MEDIUM: http: Return an error when url_dec sample converter failed - BUG/MAJOR: stream-int: don't re-arm recv if send fails - BUILD/MINOR: 51d: fix warning when building with 51Degrees release version 3.2.12.12 - DOC: 51d: add 51Degrees git URL that points to release version 3.2.12.12 - DOC: 51d: Updated git URL and instructions for getting Hash Trie data files. - MINOR: compiler: restore the likely() wrapper for gcc 5.x - MINOR: session: remove the list of streams from struct session - DOC: fix some typos - MINOR: server: add the srv_queue() sample fetch method - MINOR: payload: add new sample fetch functions to process distcc protocol - MAJOR: servers: propagate server status changes asynchronously. - BUG/MEDIUM: ssl: fix OCSP expiry calculation - BUG/MINOR: stream-int: don't set MSG_MORE on SHUTW_NOW without AUTO_CLOSE - MINOR: server: Handle weight increase in consistent hash. - MINOR: checks: Add a new keyword to specify a SNI when doing SSL checks. - BUG/MINOR: tools: fix my_htonll() on x86_64 - BUG/MINOR: stats: Clear a bit more counters with in cli_parse_clear_counters(). - BUG/MAJOR: lua: scheduled task is freezing. - MINOR: buffer: add bo_del() to delete a number of characters from output - MINOR: buffer: add a function to match against string patterns - MINOR: buffer: add two functions to inject data into buffers - MINOR: buffer: add buffer_space_wraps() - REORG: channel: finally rename the last bi_* / bo_* functions - MINOR: buffer: add bo_getblk() and bo_getblk_nc() - MINOR: channel: make use of bo_getblk{,_nc} for their channel equivalents - MINOR: channel: make the channel be a const in all {ci,co}_get* functions - MINOR: ist: add ist0() to add a trailing zero to a string. - BUG/MEDIUM: log: check result details truncated. - MINOR: buffer: make bo_getblk_nc() not return 2 for a full buffer - REORG: http: move some very http1-specific parts to h1.{c,h} - REORG: http: move the HTTP/1 chunk parser to h1.{c,h} - REORG: http: move the HTTP/1 header block parser to h1.c - MEDIUM: http: make the chunk size parser only depend on the buffer - MEDIUM: http: make the chunk crlf parser only depend on the buffer - MINOR: h1: add struct h1m for basic HTTP/1 messages - MINOR: http: add very simple header management based on double strings - MEDIUM: h1: reimplement the http/1 response parser for the gateway - REORG: connection: rename CO_FL_DATA_* -> CO_FL_XPRT_* - MEDIUM: connection: make conn_sock_shutw() aware of lingering - MINOR: connection: ensure conn_ctrl_close() also resets the fd - MINOR: connection: add conn_stop_tracking() to disable tracking - MINOR: tcp: use conn_full_close() instead of conn_force_close() - MINOR: unix: use conn_full_close() instead of conn_force_close() - MINOR: checks: use conn_full_close() instead of conn_force_close() - MINOR: session: use conn_full_close() instead of conn_force_close() - MINOR: stream: use conn_full_close() instead of conn_force_close() - MINOR: stream: use conn_full_close() instead of conn_force_close() - MINOR: backend: use conn_full_close() instead of conn_force_close() - MINOR: stream-int: use conn_full_close() instead of conn_force_close() - MINOR: connection: remove conn_force_close() - BUG/MINOR: ssl: ocsp response with 'revoked' status is correct |
||
Willy Tarreau
|
f57a29a1cd |
[RELEASE] Released version 1.8-dev2
Released version 1.8-dev2 with the following main changes : - CLEANUP: server: moving netinet/tcp.h inclusion - DOC: changed "block"(deprecated) examples to http-request deny - DOC: add few comments to examples. - DOC: update sample code for PROXY protocol - DOC: mention lighttpd 1.4.46 implements PROXY - MINOR server: Restrict dynamic cookie check to the same proxy. - DOC: stick-table is available in frontend sections - BUG/MINOR: server : no transparent proxy for DragonflyBSD - BUILD/MINOR: stats: remove unexpected argument to stats_dump_json_header() - BUILD/MINOR: tools: fix build warning in debug_hexdump() - BUG/MINOR: dns: Wrong address family used when creating IPv6 sockets. - BUG/MINOR: config: missing goto out after parsing an incorrect ACL character - BUG/MINOR: arg: don't try to add an argument on failed memory allocation - MEDIUM: server: Inherit CLI weight changes and agent-check weight responses - BUG/MEDIUM: arg: ensure that we properly unlink unresolved arguments on error - BUG/MEDIUM: acl: don't free unresolved args in prune_acl_expr() - BUG/MEDIUM: servers: unbreak server weight propagation - MINOR: lua: ensure the memory allocator is used all the time - MINOR: cli: Add a command to send listening sockets. - MINOR: global: Add an option to get the old listening sockets. - MINOR: tcp: When binding socket, attempt to reuse one from the old proc. - MINOR: doc: document the -x flag - MINOR: proxy: Don't close FDs if not our proxy. - MINOR: socket transfer: Set a timeout on the socket. - MINOR: systemd wrapper: add support for passing the -x option. - BUG/MINOR: server: Fix a wrong error message during 'usesrc' keyword parsing. - BUG/MAJOR: Broken parsing for valid keywords provided after 'source' setting. - CLEANUP: logs: typo: simgle => single - BUG/MEDIUM: acl: proprely release unused args in prune_acl_expr() - MEDIUM: config: don't check config validity when there are fatal errors - BUG/MAJOR: Use -fwrapv. - BUG/MINOR: server: don't use "proxy" when px is really meant. - BUG/MEDIUM: http: Drop the connection establishment when a redirect is performed - BUG/MINOR: server: missing default server 'resolvers' setting duplication. - MINOR: server: Extract the code responsible of copying default-server settings. - MINOR: server: Extract the code which finalizes server initializations after 'server' lines parsing. - MINOR: server: Add 'server-template' new keyword supported in backend sections. - MINOR: server: Add server_template_init() function to initialize servers from a templates. - DOC: Add documentation for new "server-template" keyword. - DOC: add layer 4 links/cross reference to "block" keyword. - DOC: errloc/errorloc302/errorloc303 missing status codes. - BUG/MEDIUM: lua: memory leak - CLEANUP: lua: remove test - BUG/MINOR: hash-balance-factor isn't effective in certain circumstances - BUG/MINOR: change header-declared function to static inline - REORG: spoe: move spoe_encode_varint / spoe_decode_varint from spoe to common - MINOR: Add binary encoding request header sample fetch - MINOR: proto-http: Add sample fetch wich returns all HTTP headers - MINOR: Add ModSecurity wrapper as contrib - BUG/MINOR: ssl: fix warnings about methods for opensslv1.1. - DOC: update RFC references - CONTRIB: tcploop: add action "X" to execute a command - MINOR: server: cli: Add server FQDNs to server-state file and stats socket. - BUG/MINOR: contrib/mod_security: fix build on FreeBSD - BUG/MINOR: checks: don't send proxy protocol with agent checks - MINOR: ssl: add prefer-client-ciphers - MEDIUM: ssl: revert ssl/tls version settings relative to default-server. - MEDIUM: ssl: ssl_methods implementation is reworked and factored for min/max tlsxx - MEDIUM: ssl: calculate the real min/max TLS version and find holes - MINOR: ssl: support TLSv1.3 for bind and server - MINOR: ssl: show methods supported by openssl - MEDIUM: ssl: add ssl-min-ver and ssl-max-ver parameters for bind and server - MEDIUM: ssl: ssl-min-ver and ssl-max-ver compatibility. - CLEANUP: retire obsoleted USE_GETSOCKNAME build option - BUG/MAJOR: dns: Broken kqueue events handling (BSD systems). - MINOR: sample: Add b64dec sample converter - BUG/MEDIUM: lua: segfault if a converter or a sample doesn't return anything - MINOR: cli: add ACCESS_LVL_MASK to store the access level - MINOR: cli: add 'expose-fd listeners' to pass listeners FDs - MEDIUM: proxy: zombify proxies only when the expose-fd socket is bound - MEDIUM: ssl: add basic support for OpenSSL crypto engine - MAJOR: ssl: add openssl async mode support - MEDIUM: ssl: handle multiple async engines - MINOR: boringssl: basic support for OCSP Stapling - MEDIUM: mworker: replace systemd mode by master worker mode - MEDIUM: mworker: handle reload and signals - MEDIUM: mworker: wait mode on reload failure - MEDIUM: mworker: try to guess the next stats socket to use with -x - MEDIUM: mworker: exit-on-failure option - MEDIUM: mworker: workers exit when the master leaves - DOC: add documentation for the master-worker mode - MEDIUM: systemd: Type=forking in unit file - MAJOR: systemd-wrapper: get rid of the wrapper - MINOR: log: Add logurilen tunable. - CLEANUP: server.c: missing prototype of srv_free_dns_resolution - MINOR: dns: smallest DNS fqdn size - MINOR: dns: functions to manage memory for a DNS resolution structure - MINOR: dns: parse_server() now uses srv_alloc_dns_resolution() - REORG: dns: dns_option structure, storage of hostname_dn - MINOR: dns: new snr_check_ip_callback function - MAJOR: dns: save a copy of the DNS response in struct resolution - MINOR: dns: implement a LRU cache for DNS resolutions - MINOR: dns: make 'ancount' field to match the number of saved records - MINOR: dns: introduce roundrobin into the internal cache (WIP) - MAJOR/REORG: dns: DNS resolution task and requester queues - BUILD: ssl: fix build with OPENSSL_NO_ENGINE - MINOR: Add Mod Defender integration as contrib - CLEANUP: str2mask return code comment: non-zero -> zero. - MINOR: tools: make debug_hexdump() use a const char for the string - MINOR: tools: make debug_hexdump() take a string prefix - CLEANUP: connection: remove unused CO_FL_WAIT_DATA |
||
Willy Tarreau
|
7b677265fd |
[RELEASE] Released version 1.8-dev1
Released version 1.8-dev1 with the following main changes : - BUG/MEDIUM: proxy: return "none" and "unknown" for unknown LB algos - BUG/MINOR: stats: make field_str() return an empty string on NULL - DOC: Spelling fixes - BUG/MEDIUM: http: Fix tunnel mode when the CONNECT method is used - BUG/MINOR: http: Keep the same behavior between 1.6 and 1.7 for tunneled txn - BUG/MINOR: filters: Protect args in macros HAS_DATA_FILTERS and IS_DATA_FILTER - BUG/MINOR: filters: Invert evaluation order of HTTP_XFER_BODY and XFER_DATA analyzers - BUG/MINOR: http: Call XFER_DATA analyzer when HTTP txn is switched in tunnel mode - BUG/MAJOR: stream: fix session abort on resource shortage - OPTIM: stream-int: don't disable polling anymore on DONT_READ - BUG/MINOR: cli: allow the backslash to be escaped on the CLI - BUG/MEDIUM: cli: fix "show stat resolvers" and "show tls-keys" - DOC: Fix map table's format - DOC: Added 51Degrees conv and fetch functions to documentation. - BUG/MINOR: http: don't send an extra CRLF after a Set-Cookie in a redirect - DOC: mention that req_tot is for both frontends and backends - BUG/MEDIUM: variables: some variable name can hide another ones - MINOR: lua: Allow argument for actions - BUILD: rearrange target files by build time - CLEANUP: hlua: just indent functions - MINOR: lua: give HAProxy variable access to the applets - BUG/MINOR: stats: fix be/sessions/max output in html stats - MINOR: proxy: Add fe_name/be_name fetchers next to existing fe_id/be_id - DOC: lua: Documentation about some entry missing - DOC: lua: Add documentation about variable manipulation from applet - MINOR: Do not forward the header "Expect: 100-continue" when the option http-buffer-request is set - DOC: Add undocumented argument of the trace filter - DOC: Fix some typo in SPOE documentation - MINOR: cli: Remove useless call to bi_putchk - BUG/MINOR: cli: be sure to always warn the cli applet when input buffer is full - MINOR: applet: Count number of (active) applets - MINOR: task: Rename run_queue and run_queue_cur counters - BUG/MEDIUM: stream: Save unprocessed events for a stream - BUG/MAJOR: Fix how the list of entities waiting for a buffer is handled - BUILD/MEDIUM: Fixing the build using LibreSSL - BUG/MEDIUM: lua: In some case, the return of sample-fetches is ignored (2) - SCRIPTS: git-show-backports: fix a harmless typo - SCRIPTS: git-show-backports: add -H to use the hash of the commit message - BUG/MINOR: stream-int: automatically release SI_FL_WAIT_DATA on SHUTW_NOW - CLEANUP: applet/lua: create a dedicated ->fcn entry in hlua_cli context - CLEANUP: applet/table: add an "action" entry in ->table context - CLEANUP: applet: remove the now unused appctx->private field - DOC: lua: documentation about time parser functions - DOC: lua: improve links - DOC: lua: section declared twice - MEDIUM: cli: 'show cli sockets' list the CLI sockets - BUG/MINOR: cli: "show cli sockets" wouldn't list all processes - BUG/MINOR: cli: "show cli sockets" would always report process 64 - CLEANUP: lua: rename one of the lua appctx union - BUG/MINOR: lua/cli: bad error message - MEDIUM: lua: use memory pool for hlua struct in applets - MINOR: lua/signals: Remove Lua part from signals. - DOC: cli: show cli sockets - MINOR: cli: automatically enable a CLI I/O handler when there's no parser - CLEANUP: memory: remove the now unused cli_parse_show_pools() function - CLEANUP: applet: group all CLI contexts together - CLEANUP: stats: move a misplaced stats context initialization - MINOR: cli: add two general purpose pointers and integers in the CLI struct - MINOR: appctx/cli: remove the cli_socket entry from the appctx union - MINOR: appctx/cli: remove the env entry from the appctx union - MINOR: appctx/cli: remove the "be" entry from the appctx union - MINOR: appctx/cli: remove the "dns" entry from the appctx union - MINOR: appctx/cli: remove the "server_state" entry from the appctx union - MINOR: appctx/cli: remove the "tlskeys" entry from the appctx union - CONTRIB: tcploop: add limits.h to fix build issue with some compilers - MINOR/DOC: lua: just precise one thing - DOC: fix small typo in fe_id (backend instead of frontend) - BUG/MINOR: Fix the sending function in Lua's cosocket - BUG/MINOR: lua: memory leak executing tasks - BUG/MINOR: lua: bad return code - BUG/MINOR: lua: memleak when Lua/cli fails - MEDIUM: lua: remove Lua struct from session, and allocate it with memory pools - CLEANUP: haproxy: statify unexported functions - MINOR: haproxy: add a registration for build options - CLEANUP: wurfl: use the build options list to report it - CLEANUP: 51d: use the build options list to report it - CLEANUP: da: use the build options list to report it - CLEANUP: namespaces: use the build options list to report it - CLEANUP: tcp: use the build options list to report transparent modes - CLEANUP: lua: use the build options list to report it - CLEANUP: regex: use the build options list to report the regex type - CLEANUP: ssl: use the build options list to report the SSL details - CLEANUP: compression: use the build options list to report the algos - CLEANUP: auth: use the build options list to report its support - MINOR: haproxy: add a registration for post-check functions - CLEANUP: checks: make use of the post-init registration to start checks - CLEANUP: filters: use the function registration to initialize all proxies - CLEANUP: wurfl: make use of the late init registration - CLEANUP: 51d: make use of the late init registration - CLEANUP: da: make use of the late init registration code - MINOR: haproxy: add a registration for post-deinit functions - CLEANUP: wurfl: register the deinit function via the dedicated list - CLEANUP: 51d: register the deinitialization function - CLEANUP: da: register the deinitialization function - CLEANUP: wurfl: move global settings out of the global section - CLEANUP: 51d: move global settings out of the global section - CLEANUP: da: move global settings out of the global section - MINOR: cfgparse: add two new functions to check arguments count - MINOR: cfgparse: move parsing of "ca-base" and "crt-base" to ssl_sock - MEDIUM: cfgparse: move all tune.ssl.* keywords to ssl_sock - MEDIUM: cfgparse: move maxsslconn parsing to ssl_sock - MINOR: cfgparse: move parsing of ssl-default-{bind,server}-ciphers to ssl_sock - MEDIUM: cfgparse: move ssl-dh-param-file parsing to ssl_sock - MEDIUM: compression: move the zlib-specific stuff from global.h to compression.c - BUG/MEDIUM: ssl: properly reset the reused_sess during a forced handshake - BUG/MEDIUM: ssl: avoid double free when releasing bind_confs - BUG/MINOR: stats: fix be/sessions/current out in typed stats - MINOR: tcp-rules: check that the listener exists before updating its counters - MEDIUM: spoe: don't create a dummy listener for outgoing connections - MINOR: listener: move the transport layer pointer to the bind_conf - MEDIUM: move listener->frontend to bind_conf->frontend - MEDIUM: ssl: remote the proxy argument from most functions - MINOR: connection: add a new prepare_bind_conf() entry to xprt_ops - MEDIUM: ssl_sock: implement ssl_sock_prepare_bind_conf() - MINOR: connection: add a new destroy_bind_conf() entry to xprt_ops - MINOR: ssl_sock: implement ssl_sock_destroy_bind_conf() - MINOR: server: move the use_ssl field out of the ifdef USE_OPENSSL - MINOR: connection: add a minimal transport layer registration system - CLEANUP: connection: remove all direct references to raw_sock and ssl_sock - CLEANUP: connection: unexport raw_sock and ssl_sock - MINOR: connection: add new prepare_srv()/destroy_srv() entries to xprt_ops - MINOR: ssl_sock: implement and use prepare_srv()/destroy_srv() - CLEANUP: ssl: move tlskeys_finalize_config() to a post_check callback - CLEANUP: ssl: move most ssl-specific global settings to ssl_sock.c - BUG/MINOR: backend: nbsrv() should return 0 if backend is disabled - BUG/MEDIUM: ssl: for a handshake when server-side SNI changes - BUG/MINOR: systemd: potential zombie processes - DOC: Add timings events schemas - BUILD: lua: build failed on FreeBSD. - MINOR: samples: add xx-hash functions - MEDIUM: regex: pcre2 support - BUG/MINOR: option prefer-last-server must be ignored in some case - MINOR: stats: Support "select all" for backend actions - BUG/MINOR: sample-fetches/stick-tables: bad type for the sample fetches sc*_get_gpt0 - BUG/MAJOR: channel: Fix the definition order of channel analyzers - BUG/MINOR: http: report real parser state in error captures - BUILD: scripts: automatically update the branch in version.h when releasing - MINOR: tools: add a generic hexdump function for debugging - BUG/MAJOR: http: fix risk of getting invalid reports of bad requests - MINOR: http: custom status reason. - MINOR: connection: add sample fetch "fc_rcvd_proxy" - BUG/MINOR: config: emit a warning if http-reuse is enabled with incompatible options - BUG/MINOR: tools: fix off-by-one in port size check - BUG/MEDIUM: server: consider AF_UNSPEC as a valid address family - MEDIUM: server: split the address and the port into two different fields - MINOR: tools: make str2sa_range() return the port in a separate argument - MINOR: server: take the destination port from the port field, not the addr - MEDIUM: server: disable protocol validations when the server doesn't resolve - BUG/MEDIUM: tools: do not force an unresolved address to AF_INET:0.0.0.0 - BUG/MINOR: ssl: EVP_PKEY must be freed after X509_get_pubkey usage - BUG/MINOR: ssl: assert on SSL_set_shutdown with BoringSSL - MINOR: Use "500 Internal Server Error" for 500 error/status code message. - MINOR: proto_http.c 502 error txt typo. - DOC: add deprecation notice to "block" - MINOR: compression: fix -vv output without zlib/slz - BUG/MINOR: Reset errno variable before calling strtol(3) - MINOR: ssl: don't show prefer-server-ciphers output - OPTIM/MINOR: config: Optimize fullconn automatic computation loading configuration - BUG/MINOR: stream: Fix how backend-specific analyzers are set on a stream - MAJOR: ssl: bind configuration per certificat - MINOR: ssl: add curve suite for ECDHE negotiation - MINOR: checks: Add agent-addr config directive - MINOR: cli: Add possiblity to change agent config via CLI/socket - MINOR: doc: Add docs for agent-addr configuration variable - MINOR: doc: Add docs for agent-addr and agent-send CLI commands - BUILD: ssl: fix to build (again) with boringssl - BUILD: ssl: fix build on OpenSSL 1.0.0 - BUILD: ssl: silence a warning reported for ERR_remove_state() - BUILD: ssl: eliminate warning with OpenSSL 1.1.0 regarding RAND_pseudo_bytes() - BUILD: ssl: kill a build warning introduced by BoringSSL compatibility - BUG/MEDIUM: tcp: don't poll for write when connect() succeeds - BUG/MINOR: unix: fix connect's polling in case no data are scheduled - MINOR: server: extend the flags to 32 bits - BUG/MINOR: lua: Map.end are not reliable because "end" is a reserved keyword - MINOR: dns: give ability to dns_init_resolvers() to close a socket when requested - BUG/MAJOR: dns: restart sockets after fork() - MINOR: chunks: implement a simple dynamic allocator for trash buffers - BUG/MEDIUM: http: prevent redirect from overwriting a buffer - BUG/MEDIUM: filters: Do not truncate HTTP response when body length is undefined - BUG/MEDIUM: http: Prevent replace-header from overwriting a buffer - BUG/MINOR: http: Return an error when a replace-header rule failed on the response - BUG/MINOR: sendmail: The return of vsnprintf is not cleanly tested - BUG/MAJOR: ssl: fix a regression in ssl_sock_shutw() - BUG/MAJOR: lua segmentation fault when the request is like 'GET ?arg=val HTTP/1.1' - BUG/MEDIUM: config: reject anything but "if" or "unless" after a use-backend rule - MINOR: http: don't close when redirect location doesn't start with "/" - MEDIUM: boringssl: support native multi-cert selection without bundling - BUG/MEDIUM: ssl: fix verify/ca-file per certificate - BUG/MEDIUM: ssl: switchctx should not return SSL_TLSEXT_ERR_ALERT_WARNING - MINOR: ssl: removes SSL_CTX_set_ssl_version call and cleanup CTX creation. - BUILD: ssl: fix build with -DOPENSSL_NO_DH - MEDIUM: ssl: add new sample-fetch which captures the cipherlist - MEDIUM: ssl: remove ssl-options from crt-list - BUG/MEDIUM: ssl: in bind line, ssl-options after 'crt' are ignored. - BUG/MINOR: ssl: fix cipherlist captures with sustainable SSL calls - MINOR: ssl: improved cipherlist captures - BUG/MINOR: spoe: Fix soft stop handler using a specific id for spoe filters - BUG/MINOR: spoe: Fix parsing of arguments in spoe-message section - MAJOR: spoe: Add support of pipelined and asynchronous exchanges with agents - MINOR: spoe: Add support for pipelining/async capabilities in the SPOA example - MINOR: spoe: Remove SPOE details from the appctx structure - MINOR: spoe: Add status code in error variable instead of hardcoded value - MINOR: spoe: Send a log message when an error occurred during event processing - MINOR: spoe: Check the scope of sample fetches used in SPOE messages - MEDIUM: spoe: Be sure to wakeup the good entity waiting for a buffer - MINOR: spoe: Use the min of all known max_frame_size to encode messages - MAJOR: spoe: Add support of payload fragmentation in NOTIFY frames - MINOR: spoe: Add support for fragmentation capability in the SPOA example - MAJOR: spoe: refactor the filter to clean up the code - MINOR: spoe: Handle NOTIFY frames cancellation using ABORT bit in ACK frames - REORG: spoe: Move struct and enum definitions in dedicated header file - REORG: spoe: Move low-level encoding/decoding functions in dedicated header file - MINOR: spoe: Improve implementation of the payload fragmentation - MINOR: spoe: Add support of negation for options in SPOE configuration file - MINOR: spoe: Add "pipelining" and "async" options in spoe-agent section - MINOR: spoe: Rely on alertif_too_many_arg during configuration parsing - MINOR: spoe: Add "send-frag-payload" option in spoe-agent section - MINOR: spoe: Add "max-frame-size" statement in spoe-agent section - DOC: spoe: Update SPOE documentation to reflect recent changes - MINOR: config: warn when some HTTP rules are used in a TCP proxy - BUG/MEDIUM: ssl: Clear OpenSSL error stack after trying to parse OCSP file - BUG/MEDIUM: cli: Prevent double free in CLI ACL lookup - BUG/MINOR: Fix "get map <map> <value>" CLI command - MINOR: Add nbsrv sample converter - CLEANUP: Replace repeated code to count usable servers with be_usable_srv() - MINOR: Add hostname sample fetch - CLEANUP: Remove comment that's no longer valid - MEDIUM: http_error_message: txn->status / http_get_status_idx. - MINOR: http-request tarpit deny_status. - CLEANUP: http: make http_server_error() not set the status anymore - MEDIUM: stats: Add JSON output option to show (info|stat) - MEDIUM: stats: Add show json schema - BUG/MAJOR: connection: update CO_FL_CONNECTED before calling the data layer - MINOR: server: Add dynamic session cookies. - MINOR: cli: Let configure the dynamic cookies from the cli. - BUG/MINOR: checks: attempt clean shutw for SSL check - CONTRIB: tcploop: make it build on FreeBSD - CONTRIB: tcploop: fix time format to silence build warnings - CONTRIB: tcploop: report action 'K' (kill) in usage message - CONTRIB: tcploop: fix connect's address length - CONTRIB: tcploop: use the trash instead of NULL for recv() - BUG/MEDIUM: listener: do not try to rebind another process' socket - BUG/MEDIUM server: Fix crash when dynamic is defined, but not key is provided. - CLEANUP: config: Typo in comment. - BUG/MEDIUM: filters: Fix channels synchronization in flt_end_analyze - TESTS: add a test configuration to stress handshake combinations - BUG/MAJOR: stream-int: do not depend on connection flags to detect connection - BUG/MEDIUM: connection: ensure to always report the end of handshakes - MEDIUM: connection: don't test for CO_FL_WAKE_DATA - CLEANUP: connection: completely remove CO_FL_WAKE_DATA - BUG: payload: fix payload not retrieving arbitrary lengths - BUILD: ssl: simplify SSL_CTX_set_ecdh_auto compatibility - BUILD: ssl: fix OPENSSL_NO_SSL_TRACE for boringssl and libressl - BUG/MAJOR: http: fix typo in http_apply_redirect_rule - MINOR: doc: 2.4. Examples should be 2.5. Examples - BUG/MEDIUM: stream: fix client-fin/server-fin handling - MINOR: fd: add a new flag HAP_POLL_F_RDHUP to struct poller - BUG/MINOR: raw_sock: always perfom the last recv if RDHUP is not available - OPTIM: poll: enable support for POLLRDHUP - MINOR: kqueue: exclusively rely on the kqueue returned status - MEDIUM: kqueue: take care of EV_EOF to improve polling status accuracy - MEDIUM: kqueue: only set FD_POLL_IN when there are pending data - DOC/MINOR: Fix typos in proxy protocol doc - DOC: Protocol doc: add checksum, TLV type ranges - DOC: Protocol doc: add SSL TLVs, rename CHECKSUM - DOC: Protocol doc: add noop TLV - MEDIUM: global: add a 'hard-stop-after' option to cap the soft-stop time - MINOR: dns: improve DNS response parsing to use as many available records as possible - BUG/MINOR: cfgparse: loop in tracked servers lists not detected by check_config_validity(). - MINOR: server: irrelevant error message with 'default-server' config file keyword. - MINOR: server: Make 'default-server' support 'backup' keyword. - MINOR: server: Make 'default-server' support 'check-send-proxy' keyword. - CLEANUP: server: code alignement. - MINOR: server: Make 'default-server' support 'non-stick' keyword. - MINOR: server: Make 'default-server' support 'send-proxy' and 'send-proxy-v2 keywords. - MINOR: server: Make 'default-server' support 'check-ssl' keyword. - MINOR: server: Make 'default-server' support 'force-sslv3' and 'force-tlsv1[0-2]' keywords. - CLEANUP: server: code alignement. - MINOR: server: Make 'default-server' support 'no-ssl*' and 'no-tlsv*' keywords. - MINOR: server: Make 'default-server' support 'ssl' keyword. - MINOR: server: Make 'default-server' support 'send-proxy-v2-ssl*' keywords. - CLEANUP: server: code alignement. - MINOR: server: Make 'default-server' support 'verify' keyword. - MINOR: server: Make 'default-server' support 'verifyhost' setting. - MINOR: server: Make 'default-server' support 'check' keyword. - MINOR: server: Make 'default-server' support 'track' setting. - MINOR: server: Make 'default-server' support 'ca-file', 'crl-file' and 'crt' settings. - MINOR: server: Make 'default-server' support 'redir' keyword. - MINOR: server: Make 'default-server' support 'observe' keyword. - MINOR: server: Make 'default-server' support 'cookie' keyword. - MINOR: server: Make 'default-server' support 'ciphers' keyword. - MINOR: server: Make 'default-server' support 'tcp-ut' keyword. - MINOR: server: Make 'default-server' support 'namespace' keyword. - MINOR: server: Make 'default-server' support 'source' keyword. - MINOR: server: Make 'default-server' support 'sni' keyword. - MINOR: server: Make 'default-server' support 'addr' keyword. - MINOR: server: Make 'default-server' support 'disabled' keyword. - MINOR: server: Add 'no-agent-check' server keyword. - DOC: server: Add docs for "server" and "default-server" new "no-*" and other settings. - MINOR: doc: fix use-server example (imap vs mail) - BUG/MEDIUM: tcp: don't require privileges to bind to device - BUILD: make the release script use shortlog for the final changelog - BUILD: scripts: fix typo in announce-release error message - CLEANUP: time: curr_sec_ms doesn't need to be exported - BUG/MEDIUM: server: Wrong server default CRT filenames initialization. - BUG/MEDIUM: peers: fix buffer overflow control in intdecode. - BUG/MEDIUM: buffers: Fix how input/output data are injected into buffers - BUG/MINOR: http: Fix conditions to clean up a txn and to handle the next request - CLEANUP: http: Remove channel_congested function - CLEANUP: buffers: Remove buffer_bounce_realign function - CLEANUP: buffers: Remove buffer_contig_area and buffer_work_area functions - MINOR: http: remove useless check on HTTP_MSGF_XFER_LEN for the request - MINOR: http: Add debug messages when HTTP body analyzers are called - BUG/MEDIUM: http: Fix blocked HTTP/1.0 responses when compression is enabled - BUG/MINOR: filters: Don't force the stream's wakeup when we wait in flt_end_analyze - DOC: fix parenthesis and add missing "Example" tags - DOC: update the contributing file - DOC: log-format/tcplog/httplog update - MINOR: config parsing: add warning when log-format/tcplog/httplog is overriden in "defaults" sections |
||
Jarno Huuskonen
|
16ad94adf6 |
MINOR: Use "500 Internal Server Error" for 500 error/status code message.
Internal Server Error is what is in RFC 2616/7231. |
||
Willy Tarreau
|
0e658fb051 |
[RELEASE] Released version 1.8-dev0
Released version 1.8-dev0 with the following main changes : - exact copy of 1.7.0 |
||
Willy Tarreau
|
e59fcdd25e |
[RELEASE] Released version 1.7.0
Released version 1.7.0 with the following main changes : - SCRIPTS: make publish-release also copy the new SPOE doc - BUILD: http: include types/sample.h in proto_http.h - BUILD: debug/flags: remove test for SF_COMP_READY - CONTRIB: debug/flags: add check for SF_ERR_CHK_PORT - MINOR: lua: add function which return true if the channel is full. - MINOR: lua: add ip addresses and network manipulation function - CONTRIB: tcploop: scriptable TCP I/O for debugging purposes - CONTRIB: tcploop: implement fork() - CONTRIB: tcploop: implement logging when called with -v - CONTRIB: tcploop: update the usage output - CONTRIB: tcploop: support sending plain strings - CONTRIB: tcploop: don't report failed send() or recv() - CONTRIB: tcploop: add basic loops via a jump instruction - BUG/MEDIUM: channel: bad unlikely macro - CLEANUP: lua: move comment - CLEANUP: lua: control executed twice - BUG/MEDIUM: ssl: Store certificate filename in a variable - BUG/MINOR: ssl: Print correct filename when error occurs reading OCSP - CLEANUP: ssl: Remove goto after return dead code - CLEANUP: ssl: Fix bind keywords name in comments - DOC: ssl: Use correct wording for ca-sign-pass - CLEANUP: lua: avoid directly calling getsockname/getpeername() - BUG/MINOR: stick-table: handle out-of-memory condition gracefully - MINOR: cli: add private pointer and release function - MEDIUM: lua: Add cli handler for Lua - BUG/MEDIUM: connection: check the control layer before stopping polling - DEBUG: connection: mark the closed FDs with a value that is easier to detect - BUG/MEDIUM: stick-table: fix regression caused by recent fix for out-of-memory - BUG/MINOR: cli: properly decrement ref count on tables during failed dumps - BUG/MEDIUM: lua: In some case, the return of sample-fetche is ignored - MINOR: filters: Add check_timeouts callback to handle timers expiration on streams - MINOR: spoe: Add 'timeout processing' option to limit time to process an event - MINOR: spoe: Remove useless 'timeout ack' option - MINOR: spoe: Add 'option continue-on-error' statement in spoe-agent section - MINOR: spoe: Add "maxconnrate" and "maxerrrate" statements - MINOR: spoe: Add "option set-on-error" statement - MINOR: stats: correct documentation of process ID for typed output - BUILD: contrib: fix ip6range build on Centos 7 - BUILD: fix build on Solaris 10/11 - BUG/MINOR: cli: fix pointer size when reporting data/transport layer name - BUG/MINOR: cli: dequeue from the proxy when changing a maxconn - BUG/MINOR: cli: wake up the CLI's task after a timeout update - MINOR: connection: add a few functions to report the data and xprt layers' names - MINOR: connection: add names for transport and data layers - REORG: cli: split dumpstats.c in src/cli.c and src/stats.c - REORG: cli: split dumpstats.h in stats.h and cli.h - REORG: cli: move ssl CLI functions to ssl_sock.c - REORG: cli: move map and acl code to map.c - REORG: cli: move show stat resolvers to dns.c - MINOR: cli: create new function cli_has_level() to validate permissions - MINOR: server: create new function cli_find_server() to find a server - MINOR: proxy: create new function cli_find_frontend() to find a frontend - REORG: cli: move 'set server' to server.c - REORG: cli: move 'show pools' to memory.c - REORG: cli: move 'show servers' to proxy.c - REORG: cli: move 'show sess' to stream.c - REORG: cli: move 'show backend' to proxy.c - REORG: cli: move get/set weight to server.c - REORG: cli: move "show stat" to stats.c - REORG: cli: move "show info" to stats.c - REORG: cli: move dump_text(), dump_text_line(), and dump_binary() to standard.c - REORG: cli: move table dump/clear/set to stick_table.c - REORG: cli: move "show errors" out of cli.c - REORG: cli: make "show env" also use the generic keyword registration - REORG: cli: move "set timeout" to its own handler - REORG: cli: move "clear counters" to stats.c - REORG: cli: move "set maxconn global" to its own handler - REORG: cli: move "set maxconn server" to server.c - REORG: cli: move "set maxconn frontend" to proxy.c - REORG: cli: move "shutdown sessions server" to stream.c - REORG: cli: move "shutdown session" to stream.c - REORG: cli: move "shutdown frontend" to proxy.c - REORG: cli: move "{enable|disable} frontend" to proxy.c - REORG: cli: move "{enable|disable} server" to server.c - REORG: cli: move "{enable|disable} health" to server.c - REORG: cli: move "{enable|disable} agent" to server.c - REORG: cli: move the "set rate-limit" functions to their own parser - CLEANUP: cli: rename STAT_CLI_* to CLI_ST_* - CLEANUP: cli: simplify the request parser a little bit - CLEANUP: cli: remove assignments to st0 and st2 in keyword parsers - BUILD: server: remove a build warning introduced by latest series - BUG/MINOR: log-format: uncatched memory allocation functions - CLEANUP: log-format: useless file and line in json converter - CLEANUP/MINOR: log-format: unexport functions parse_logformat_var_args() and parse_logformat_var() - CLEANUP: log-format: fix return code of the function parse_logformat_var() - CLEANUP: log-format: fix return code of function parse_logformat_var_args() - CLEANUP: log-format: remove unused arguments - MEDIUM: log-format: strict parsing and enable fail - MEDIUM: log-format/conf: take into account the parse_logformat_string() return code - BUILD: ssl: make the SSL layer build again with openssl 0.9.8 - BUILD: vars: remove a build warning on vars.c - MINOR: lua: add utility function for check boolean argument - MINOR: lua: Add tokenize function. - BUG/MINOR: conf: calloc untested - MINOR: http/conf: store the use_backend configuration file and line for logs - MEDIUM: log-format: Use standard HAProxy log system to report errors - CLEANUP: sample: report "converter" instead of "conv method" in error messages - BUG: spoe: Fix parsing of SPOE actions in ACK frames - MINOR: cli: make "show stat" support a proxy name - MINOR: cli: make "show errors" support a proxy name - MINOR: cli: make "show errors" capable of dumping only request or response - BUG/MINOR: freq-ctr: make swrate_add() support larger values - CLEANUP: counters: move from 3 types to 2 types - CLEANUP: cfgparse: cascade the warnif_misplaced_* rules - REORG: tcp-rules: move tcp rules processing to their own file - REORG: stkctr: move all the stick counters processing to stick-tables.c - DOC: update the roadmap file with the latest changes |
||
Willy Tarreau
|
d5d890be21 |
[RELEASE] Released version 1.7-dev6
Released version 1.7-dev6 with the following main changes : - DOC: fix the entry for hash-balance-factor config option - DOC: Fix typo in description of `-st` parameter in man page - CLEANUP: cfgparse: Very minor spelling correction - MINOR: examples: Update haproxy.spec URLs to haproxy.org - BUG/MEDIUM: peers: on shutdown, wake up the appctx, not the stream - BUG/MEDIUM: peers: fix use after free in peer_session_create() - MINOR: peers: make peer_session_forceshutdown() use the appctx and not the stream - MINOR: peers: remove the pointer to the stream - BUG/MEDIUM: systemd-wrapper: return correct exit codes - DOC: stats: provide state details for show servers state - MEDIUM: tools: make str2ip2() preserve existing ports - CLEANUP: tools: make ipcpy() preserve the original port - OPTIM: http: move all http character classs tables into a single one - OPTIM: http: improve parsing performance of long header lines - OPTIM: http: improve parsing performance of long URIs - OPTIM: http: optimize lookup of comma and quote in header values - BUG/MEDIUM: srv-state: properly restore the DRAIN state - BUG/MINOR: srv-state: allow to have both CMAINT and FDRAIN flags - MINOR: server: do not emit warnings/logs/alerts on server state changes at boot - BUG/MEDIUM: servers: properly propagate the maintenance states during startup - MEDIUM: wurfl: add Scientiamobile WURFL device detection module - DOC: move the device detection modules documentation to their own files - CLEANUP: wurfl: reduce exposure in the rest of the code - MEDIUM: ssl: Add support for OpenSSL 1.1.0 - MINOR: stream: make option contstats usable again - MEDIUM: tools: make str2sa_range() return the FQDN even when not resolving - MINOR: init: move apply_server_state in haproxy.c before MODE_CHECK - MAJOR: server: postpone address resolution - MINOR: new srv_admin flag: SRV_ADMF_RMAINT - MINOR: server: indicate in the logs when RMAINT is cleared - MINOR: stats: indicate it when a server is down due to resolution - MINOR: server: make srv_set_admin_state() capable of telling why this happens - MINOR: dns: implement extra 'hold' timers. - MAJOR: dns: runtime resolution can change server admin state - MEDIUM: cli: leave the RMAINT state when setting an IP address on the CLI - MEDIUM: server: add a new init-addr server line setting - MEDIUM: server: make use of init-addr - MINOR: server: implement init-addr none - MEDIUM: server: make libc resolution failure non-fatal - MINOR: server: add support for explicit numeric address in init-addr - DOC: add some documentation for the "init-addr" server keyword - MINOR: init: add -dr to ignore server address resolution failures - MEDIUM: server: do not restrict anymore usage of IP address from the state file - BUG: vars: Fix 'set-var' converter because of a typo - CLEANUP: remove last references to 'ruleset' section - MEDIUM: filters: Add attch/detach and stream_set_backend callbacks - MINOR: filters: Update filters documentation accordingly to recent changes - MINOR: filters: Call stream_set_backend callbacks before updating backend stats - MINOR: filters: Remove backend filters attached to a stream only for HTTP streams - MINOR: flt_trace: Add hexdump option to dump forwarded data - MINOR: cfgparse: Add functions to backup and restore registered sections - MINOR: cfgparse: Parse scope lines and save the last one parsed - REORG: sample: move code to release a sample expression in sample.c - MINOR: vars: Allow '.' in variable names - MINOR: vars: Add vars_set_by_name_ifexist function - MEDIUM: vars: Add a per-process scope for variables - MINOR: vars: Add 'unset-var' action/converter - MAJOR: spoe: Add an experimental Stream Processing Offload Engine - MINOR: spoe: add random ip-reputation service as SPOA example - MINOR: spoe/checks: Add support for SPOP health checks - DOC: update ROADMAP file |
||
scientiamobile
|
d0027ed5b1 |
MEDIUM: wurfl: add Scientiamobile WURFL device detection module
WURFL is a high-performance and low-memory footprint mobile device detection software component that can quickly and accurately detect over 500 capabilities of visiting devices. It can differentiate between portable mobile devices, desktop devices, SmartTVs and any other types of devices on which a web browser can be installed. In order to add WURFL device detection support, you would need to download Scientiamobile InFuze C API and install it on your system. Refer to www.scientiamobile.com to obtain a valid InFuze license. Any useful information on how to configure HAProxy working with WURFL may be found in: doc/WURFL-device-detection.txt doc/configuration.txt examples/wurfl-example.cfg Please find more information about WURFL device detection API detection at https://docs.scientiamobile.com/documentation/infuze/infuze-c-api-user-guide |
||
Grant
|
7c2be1f34a |
MINOR: examples: Update haproxy.spec URLs to haproxy.org
also update version. [wt: should be backported to 1.6] |
||
Willy Tarreau
|
608efa173c |
[RELEASE] Released version 1.7-dev5
Released version 1.7-dev5 with the following main changes : - MINOR: cfgparse: few memory leaks fixes. - MEDIUM: log: Decompose %Tq in %Th %Ti %TR - CLEANUP: logs: remove unused log format field definitions - BUILD/MAJOR:updated 51d Trie implementation to incorperate latest update to 51Degrees.c - BUG/MAJOR: stream: properly mark the server address as unset on connect retry - CLEANUP: proto_http: Removing useless variable assignation - CLEANUP: dumpstats: Removing useless variables allocation - CLEANUP: dns: Removing usless variable & assignation - BUG/MINOR: payload: fix SSLv2 version parser - MINOR: cli: allow the semi-colon to be escaped on the CLI - MINOR: cli: change a server health check port through the stats socket - BUG/MINOR: Fix OSX compilation errors - MAJOR: check: find out which port to use for health check at run time - MINOR: server: introduction of 3 new server flags - MINOR: new update_server_addr_port() function to change both server's ADDR and service PORT - MINOR: cli: ability to change a server's port - CLEANUP/MINOR dns: comment do not follow up code update - MINOR: chunk: new strncat function - MINOR: dns: wrong DNS_MAX_UDP_MESSAGE value - MINOR: dns: new MAX values - MINOR: dns: new macro to compute DNS header size - MINOR: dns: new DNS structures to store received packets - MEDIUM: dns: new DNS response parser - MINOR: dns: query type change when last record is a CNAME - MINOR: dns: proper domain name validation when receiving DNS response - MINOR: dns: comments in types/dns.h about structures endianness - BUG/MINOR: displayed PCRE version is running release - MINOR: show Built with PCRE version - MINOR: show Running on zlib version - MEDIUM: make SO_REUSEPORT configurable - MINOR: enable IP_BIND_ADDRESS_NO_PORT on backend connections - BUG/MEDIUM: http/compression: Fix how chunked data are copied during the HTTP body parsing - BUG/MINOR: stats: report the correct conn_time in backend's html output - BUG/MEDIUM: dns: don't randomly crash on out-of-memory - MINOR: Add fe_req_rate sample fetch - MEDIUM: peers: Fix a peer stick-tables synchronization issue. - MEDIUM: cli: register CLI keywords with cli_register_kw() - BUILD: Make use of accept4() on OpenBSD. - MINOR: tcp: make set-src/set-src-port and set-dst/set-dst-port commutative - DOC: fix missed entry for "set-{src,dst}{,-port}" - BUG/MINOR: vars: use sess and not s->sess in action_store() - BUG/MINOR: vars: make smp_fetch_var() more robust against misuses - BUG/MINOR: vars: smp_fetch_var() doesn't depend on HTTP but on the session - MINOR: stats: output dcon - CLEANUP: tcp rules: mention everywhere that tcp-conn rules are L4 - MINOR: counters: add new fields for denied_sess - MEDIUM: tcp: add registration and processing of TCP L5 rules - MINOR: stats: emit dses - DOC: document tcp-request session - MINOR: ssl: add debug traces - BUILD/CLEANUP: ssl: Check BIO_reset() return code - BUG/MINOR: ssl: Check malloc return code - BUG/MINOR: ssl: prevent multiple entries for the same certificate - BUG/MINOR: systemd: make the wrapper return a non-null status code on error - BUG/MINOR: systemd: always restore signals before execve() - BUG/MINOR: systemd: check return value of calloc() - MINOR: systemd: report it when execve() fails - BUG/MEDIUM: systemd: let the wrapper know that haproxy has completed or failed - MINOR: proxy: add 'served' field to proxy, equal to total of all servers' - MINOR: backend: add hash-balance-factor option for hash-type consistent - MINOR: server: compute a "cumulative weight" to allow chash balancing to hit its target - MEDIUM: server: Implement bounded-load hash algorithm - SCRIPTS: make git-show-backports also dump a "git show" command - MINOR: build: Allow linking to device-atlas library file - MINOR: stats: Escape equals sign on socket dump |
||
Willy Tarreau
|
41d5e3a610 |
[RELEASE] Released version 1.7-dev4
Released version 1.7-dev4 with the following main changes :
- MINOR: add list_append_word function
- MEDIUM: init: use list_append_word in haproxy.c
- MEDIUM: init: allow directory as argument of -f
- CLEANUP: config: detect double registration of a config section
- MINOR: log: add the %Td log-format specifier
- MEDIUM: filters: Move HTTP headers filtering in its own callback
- MINOR: filters: Simplify calls to analyzers using 2 new macros
- MEDIUM: filters: Add pre and post analyzer callbacks
- DOC: filters: Update the filters documentation accordingly to recent changes
- BUG/MEDIUM: init: don't use environment locale
- SCRIPTS: teach git-show-backports how to report upstream commits
- SCRIPTS: make git-show-backports capable of limiting its history
- BUG/MAJOR: fix listening IP address storage for frontends
- BUG/MINOR: fix listening IP address storage for frontends (cont)
- DOC: Fix typo so fetch is properly parsed by Cyril's converter
- BUG/MAJOR: http: fix breakage of "reqdeny" causing random crashes
- BUG/MEDIUM: stick-tables: fix breakage in table converters
- MINOR: stick-table: change all stick-table converters' inputs to SMP_T_ANY
- BUG/MEDIUM: dns: unbreak DNS resolver after header fix
- BUILD: fix build on Solaris 11
- BUG/MEDIUM: config: fix multiple declaration of section parsers
- BUG/MEDIUM: stats: show servers state may show an servers from another backend
- BUG/MEDIUM: fix risk of segfault with "show tls-keys"
- MEDIUM: dumpstats: 'show tls-keys' is now able to show secrets
- DOC: update doc about tls-tickets-keys dump
- MEDIUM: tcp: add 'set-src' to 'tcp-request connection'
- MINOR: set the CO_FL_ADDR_FROM_SET flags with 'set-src'
- MEDIUM: tcp/http: add 'set-src-port' action
- MEDIUM: tcp/http: new set-dst/set-dst-port actions
- BUG/MEDIUM: sticktables: segfault in some configuration error cases
- BUILD/MEDIUM: rebuild everything when an include file is changed
- BUILD/MEDIUM: force a full rebuild if some build options change
- BUG/MEDIUM: lua: converters doesn't work
- BUG/MINOR: http: add-header: header name copied twice
- BUG/MEDIUM: http: add-header: buffer overwritten
- BUG/MINOR: ssl: fix potential memory leak in ssl_sock_load_dh_params()
- MINOR: stream: export the function 'smp_create_src_stkctr'
- BUG/MEDIUM: dumpstats: undefined behavior in stats_tlskeys_list()
- MEDIUM: dumpstats: make stats_tlskeys_list() yield-aware during tls-keys dump
- BUG/MINOR: http: url32+src should use the big endian version of url32
- BUG/MINOR: http: url32+src should check cli_conn before using it
- DOC: http: add documentation for url32 and url32+src
- BUG/MINOR: fix http-response set-log-level parsing error
- MINOR: systemd: Use variable for config and pidfile paths
- MINOR: systemd: Perform sanity check on config before reload
- MEDIUM: ssl: support SNI filters with multicerts
- MINOR: ssl: crt-list parsing factor
- BUILD: ssl: fix typo causing a build failure in the multicert patch
- MINOR: listener: add the "accept-netscaler-cip" option to the "bind" keyword
- MINOR: tcp: add "tcp-request connection expect-netscaler-cip layer4"
- BUG/MINOR: init: always ensure that global.rlimit_nofile matches actual limits
- BUG/MINOR: init: ensure that FD limit is raised to the max allowed
- BUG/MEDIUM: external-checks: close all FDs right after the fork()
- BUG/MAJOR: external-checks: use asynchronous signal delivery
- BUG/MINOR: external-checks: do not unblock undesired signals
- CLEANUP: external-check: don't block/unblock SIGCHLD when manipulating the list
- BUG/MEDIUM: filters: Fix data filtering when data are modified
- BUG/MINOR: filters: Fix HTTP parsing when a filter loops on data forwarding
- BUG/MINOR: srv-state: fix incorrect output of state file
- BUG/MINOR: ssl: close ssl key file on error
- BUG/MINOR: http: fix misleading error message for response captures
- BUG/BUILD: don't automatically run "make" on "make install"
- DOC: add missing doc for http-request deny [deny_status <status>]
- CLEANUP: dumpstats: u64 field is an unsigned type.
- BUG/MEDIUM: http: unbreak uri/header/url_param hashing
- BUG/MINOR: Rework slightly commit
|