mirror of
http://git.haproxy.org/git/haproxy.git/
synced 2024-12-23 21:22:17 +00:00
30a0e93fe6
Released version 3.1-dev8 with the following main changes : - DOC: configuration: place the HAPROXY_HTTP_LOG_FMT example on the correct line - MINOR: mux-h1: Set EOI on SE during demux when both side are in DONE state - BUG/MEDIUM: mux-h1/mux-h2: Reject upgrades with payload on H2 side only - REGTESTS: h1/h2: Update script testing H1/H2 protocol upgrades - BUG/MEDIUM: clock: detect and cover jumps during execution - BUG/MINOR: pattern: prevent const sample from being tampered in pat_match_beg() - BUG/MEDIUM: pattern: prevent uninitialized reads in pat_match_{str,beg} - BUG/MEDIUM: pattern: prevent UAF on reused pattern expr - MEDIUM: ssl/cli: "dump ssl cert" allow to dump a certificate in PEM format - BUG/MAJOR: mux-h1: Wake SC to perform 0-copy forwarding in CLOSING state - BUG/MINOR: h1-htx: Don't flag response as bodyless when a tunnel is established - REGTESTS: fix random failures with wrong_ip_port_logging.vtc under load - BUG/MINOR: pattern: do not leave a leading comma on "set" error messages - REGTESTS: shorten a bit the delay for the h1/h2 upgrade test - MINOR: server: allow init-state for dynamic servers - DOC: server: document what to check for when adding new server keywords - MEDIUM: h1: Accept invalid T-E values with accept-invalid-http-response option - BUG/MINOR: polling: fix time reporting when using busy polling - BUG/MINOR: clock: make time jump corrections a bit more accurate - BUG/MINOR: clock: validate that now_offset still applies to the current date - BUG/MEDIUM: queue: implement a flag to check for the dequeuing - OPTIM: sample: don't check casts for samples of same type - OPTIM: vars: remove the unneeded lock in vars_prune_* - OPTIM: vars: inline vars_prune() to avoid many calls - MINOR: vars: remove the emptiness tests in callers before pruning - IMPORT: import cebtree (compact elastic binary trees) - OPTIM: vars: use a cebtree instead of a list for variable names - OPTIM: vars: use multiple name heads in the vars struct - BUG/MINOR: peers: local entries updates may not be advertised after resync - DOC: config: Explicitly list relaxing rules for accept-invalid-http-* options - MINOR: proxy: Rename accept-invalid-http-* options - DOC: configuration: Remove dangerous directives from the proxy matrix - BUG/MEDIUM: sc_strm/applet: Wake applet after a successfull synchronous send - BUG/MEDIUM: cache/stats: Wait to have the request before sending the response - BUG/MEDIUM: promex: Wait to have the request before sending the response - MINOR: clock: test all clock_gettime() return values - MEDIUM: clock: collect the monotonic time in clock_local_update_date() - MEDIUM: clock: opportunistically use CLOCK_MONOTONIC for the internal time - MEDIUM: clock: use the monotonic clock for idle time calculation - MEDIUM: clock: don't compute before_poll when using monotonic clock - BUG/MINOR: fix missing "log-format overrides previous 'option tcplog clf'..." detection - BUG/MINOR: fix missing "'option httpslog' overrides previous 'option tcplog clf'..." detection - BUG/MINOR: cfgparse-listen: fix option httpslog override warning message - BUG/MINOR: cfgparse: detect incorrect overlap of same backend names - MEDIUM: cfgparse: warn about proxies having the same names - DOC: management: add init-state to add server keywords - BUG/MINOR: mux-quic: report glitches to session - BUILD: cebtree: silence a bogus gcc warning on impossible code paths - MEDIUM: cfgparse: warn about colliding names between defaults and proxies - MEDIUM: cfgparse: detect collisions between defaults and log-forward
23481 lines
1.5 MiB
23481 lines
1.5 MiB
ChangeLog :
|
|
===========
|
|
|
|
2024/09/18 : 3.1-dev8
|
|
- DOC: configuration: place the HAPROXY_HTTP_LOG_FMT example on the correct line
|
|
- MINOR: mux-h1: Set EOI on SE during demux when both side are in DONE state
|
|
- BUG/MEDIUM: mux-h1/mux-h2: Reject upgrades with payload on H2 side only
|
|
- REGTESTS: h1/h2: Update script testing H1/H2 protocol upgrades
|
|
- BUG/MEDIUM: clock: detect and cover jumps during execution
|
|
- BUG/MINOR: pattern: prevent const sample from being tampered in pat_match_beg()
|
|
- BUG/MEDIUM: pattern: prevent uninitialized reads in pat_match_{str,beg}
|
|
- BUG/MEDIUM: pattern: prevent UAF on reused pattern expr
|
|
- MEDIUM: ssl/cli: "dump ssl cert" allow to dump a certificate in PEM format
|
|
- BUG/MAJOR: mux-h1: Wake SC to perform 0-copy forwarding in CLOSING state
|
|
- BUG/MINOR: h1-htx: Don't flag response as bodyless when a tunnel is established
|
|
- REGTESTS: fix random failures with wrong_ip_port_logging.vtc under load
|
|
- BUG/MINOR: pattern: do not leave a leading comma on "set" error messages
|
|
- REGTESTS: shorten a bit the delay for the h1/h2 upgrade test
|
|
- MINOR: server: allow init-state for dynamic servers
|
|
- DOC: server: document what to check for when adding new server keywords
|
|
- MEDIUM: h1: Accept invalid T-E values with accept-invalid-http-response option
|
|
- BUG/MINOR: polling: fix time reporting when using busy polling
|
|
- BUG/MINOR: clock: make time jump corrections a bit more accurate
|
|
- BUG/MINOR: clock: validate that now_offset still applies to the current date
|
|
- BUG/MEDIUM: queue: implement a flag to check for the dequeuing
|
|
- OPTIM: sample: don't check casts for samples of same type
|
|
- OPTIM: vars: remove the unneeded lock in vars_prune_*
|
|
- OPTIM: vars: inline vars_prune() to avoid many calls
|
|
- MINOR: vars: remove the emptiness tests in callers before pruning
|
|
- IMPORT: import cebtree (compact elastic binary trees)
|
|
- OPTIM: vars: use a cebtree instead of a list for variable names
|
|
- OPTIM: vars: use multiple name heads in the vars struct
|
|
- BUG/MINOR: peers: local entries updates may not be advertised after resync
|
|
- DOC: config: Explicitly list relaxing rules for accept-invalid-http-* options
|
|
- MINOR: proxy: Rename accept-invalid-http-* options
|
|
- DOC: configuration: Remove dangerous directives from the proxy matrix
|
|
- BUG/MEDIUM: sc_strm/applet: Wake applet after a successfull synchronous send
|
|
- BUG/MEDIUM: cache/stats: Wait to have the request before sending the response
|
|
- BUG/MEDIUM: promex: Wait to have the request before sending the response
|
|
- MINOR: clock: test all clock_gettime() return values
|
|
- MEDIUM: clock: collect the monotonic time in clock_local_update_date()
|
|
- MEDIUM: clock: opportunistically use CLOCK_MONOTONIC for the internal time
|
|
- MEDIUM: clock: use the monotonic clock for idle time calculation
|
|
- MEDIUM: clock: don't compute before_poll when using monotonic clock
|
|
- BUG/MINOR: fix missing "log-format overrides previous 'option tcplog clf'..." detection
|
|
- BUG/MINOR: fix missing "'option httpslog' overrides previous 'option tcplog clf'..." detection
|
|
- BUG/MINOR: cfgparse-listen: fix option httpslog override warning message
|
|
- BUG/MINOR: cfgparse: detect incorrect overlap of same backend names
|
|
- MEDIUM: cfgparse: warn about proxies having the same names
|
|
- DOC: management: add init-state to add server keywords
|
|
- BUG/MINOR: mux-quic: report glitches to session
|
|
- BUILD: cebtree: silence a bogus gcc warning on impossible code paths
|
|
- MEDIUM: cfgparse: warn about colliding names between defaults and proxies
|
|
- MEDIUM: cfgparse: detect collisions between defaults and log-forward
|
|
|
|
2024/09/05 : 3.1-dev7
|
|
- MINOR: config: Created env variables for http and tcp clf formats
|
|
- MINOR: mux-quic: add buf_in_flight to QCC debug infos
|
|
- MINOR: mux-quic: correct qcc_bufwnd_full() documentation
|
|
- MINOR: tools: add helpers to backup/clean/restore env
|
|
- MINOR: mworker: restore initial env before wait mode
|
|
- BUG/MINOR: haproxy: free init_env in deinit only if allocated
|
|
- BUILD: tools: environ is not defined in OS X and BSD
|
|
- DEV: coccinelle: add a test to detect unchecked malloc()
|
|
- DEV: coccinelle: add a test to detect unchecked calloc()
|
|
- CI: QUIC Interop AWS-LC: enable ngtcp2 client
|
|
- CI: fix missing comma introduced in 956839c0f68a7722acc586ecd91ffefad2ccb303
|
|
- CI: QUIC Interop: do not run bandwidth measurement tests
|
|
- CI: QUIC Interop: use different artifact names for uploading logs
|
|
- BUILD: quic: 32bits build broken by wrong integer conversions for printf()
|
|
- CLEANUP: ssl: cleanup the clienthello capture
|
|
- MEDIUM: ssl: capture the supported_versions extension from Client Hello
|
|
- MEDIUM: ssl/sample: add ssl_fc_supported_versions_bin sample fetch
|
|
- MEDIUM: ssl: capture the signature_algorithms extension from Client Hello
|
|
- MEDIUM: ssl/sample: add ssl_fc_sigalgs_bin sample fetch
|
|
- MINOR: proxy: Add support of 429-Too-Many-Requests in retry-on status
|
|
- BUG/MEDIUM: mux-h2: Set ES flag when necessary on 0-copy data forwarding
|
|
- BUG/MEDIUM: stream: Prevent mux upgrades if client connection is no longer ready
|
|
- BUG/MINIR: proxy: Match on 429 status when trying to perform a L7 retry
|
|
- CLEANUP: haproxy: fix typos in code comment
|
|
- CLEANUP: mqtt: fix typo in MQTT_REMAINING_LENGHT_MAX_SIZE
|
|
- MINOR: tools: Implement ipaddrcpy().
|
|
- MINOR: quic: Implement quic_tls_derive_token_secret().
|
|
- MINOR: quic: Token for future connections implementation.
|
|
- BUG/MINOR: quic: Missing incrementation in NEW_TOKEN frame builder
|
|
- MINOR: quic: Modify NEW_TOKEN frame structure (qf_new_token struct)
|
|
- MINOR: quic: Implement qc_ssl_eary_data_accepted().
|
|
- MINOR: quic: Add trace for QUIC_EV_CONN_IO_CB event.
|
|
- BUG/MEDIUM: quic: always validate sender address on 0-RTT
|
|
- BUILD: quic: fix build errors on FreeBSD since recent GSO changes
|
|
- MINOR: tools: extend str2sa_range to add an alt parameter
|
|
- MINOR: server: add a alt_proto field for server
|
|
- MEDIUM: sock: use protocol when creating socket
|
|
- MEDIUM: protocol: add MPTCP per address support
|
|
- BUG/MINOR: quic: Crash from trace dumping SSL eary data status (AWS-LC)
|
|
- MEDIUM: stick-table: Add support of a factor for IN/OUT bytes rates
|
|
- MEDIUM: bwlim: Use a read-lock on the sticky session to apply a shared limit
|
|
- BUG/MEDIUM: mux-pt: Never fully close the connection on shutdown
|
|
- BUG/MEDIUM: cli: Always release back endpoint between two commands on the mcli
|
|
- BUG/MINOR: quic: unexploited retransmission cases for Initial pktns.
|
|
- BUG/MEDIUM: mux-h1: Properly handle empty message when an error is triggered
|
|
- MINOR: mux-h2: try to clear DEM_MROOM and MUX_MFULL at more places
|
|
- BUG/MAJOR: mux-h2: always clear MUX_MFULL and DEM_MROOM when clearing the mbuf
|
|
- BUG/MINOR: mux-spop: always clear MUX_MFULL and DEM_MROOM when clearing the mbuf
|
|
- BUG/MINOR: Crash on O-RTT RX packet after dropping Initial pktns
|
|
- BUG/MEDIUM: mux-pt: Fix condition to perform a shutdown for writes in mux_pt_shut()
|
|
- CLEANUP: assorted typo fixes in the code and comments
|
|
- DEV: patchbot: count the number of backported/non-backported patches
|
|
- DEV: patchbot: add direct links to show only specific categories
|
|
- DEV: patchbot: detect commit IDs starting with 7 chars
|
|
- BUG/MEDIUM: clock: also update the date offset on time jumps
|
|
- MEDIUM: server: add init-state
|
|
|
|
2024/08/21 : 3.1-dev6
|
|
- BUG/MINOR: proto_tcp: delete fd from fdtab if listen() fails
|
|
- BUG/MINOR: proto_tcp: keep error msg if listen() fails
|
|
- MINOR: proto_tcp: tcp_bind_listener: copy errno in errmsg
|
|
- MINOR: channel: implement ci_insert() function
|
|
- BUG/MEDIUM: mworker/cli: fix pipelined modes on master CLI
|
|
- REGTESTS: mcli: test the pipelined commands on master CLI
|
|
- MINOR: cfgparse: load_cfg_in_mem: fix null ptr dereference reported by coverity
|
|
- MINOR: startup: fix unused value reported by coverity
|
|
- BUG/MINOR: mux-quic: do not send too big MAX_STREAMS ID
|
|
- BUG/MINOR: proto_uxst: delete fd from fdtab if listen() fails
|
|
- BUG/MINOR: cfgparse: parse_cfg: fix null ptr dereference reported by coverity
|
|
- MINOR: proto_uxst: copy errno in errmsg for syscalls
|
|
- MINOR: mux-quic: do not trace error in qcc_send_frames() on empty list
|
|
- BUG/MINOR: h3: properly reject too long header responses
|
|
- CLEANUP: mworker/cli: clean up the mode handling
|
|
- BUG/MINOR: tools: make fgets_from_mem() stop at the end of the input
|
|
- BUG/MINOR: pattern: pat_ref_set: fix UAF reported by coverity
|
|
- BUG/MINOR: pattern: pat_ref_set: return 0 if err was found
|
|
- CI: keep logs for failed QIUC Interop jobs
|
|
- BUG/MINOR: release-estimator: fix relative scheme in CHANGELOG URL
|
|
- MINOR: release-estimator: add requirements.txt
|
|
- MINOR: release-estimator: add installation steps in README.md
|
|
- MINOR: release-estimator: fix the shebang of the python script
|
|
- DOC: config: correct the table for option tcplog
|
|
- MEDIUM: log: relax some checks and emit diag warnings instead in lf_expr_postcheck()
|
|
- MINOR: log: "drop" support for log-profile steps
|
|
- CI: QUIC Interop LibreSSL: document chacha20 test status
|
|
- CI: modernize codespell action, switch to node 16
|
|
- CI: QUIC Interop AWS-LC: enable chrome client
|
|
- DOC: lua: fix incorrect english in lua.txt
|
|
- MINOR: Implements new log format of option tcplog clf
|
|
- MINOR: cfgparse: limit file size loaded via /dev/stdin
|
|
- BUG/MINOR: stats: fix color of input elements in dark mode
|
|
- CLEANUP: stats: use modern DOCTYPE tag
|
|
- BUG/MINOR: stats: add lang attribute to html tag
|
|
- DOC: quic: fix default minimal value for max window size
|
|
- DOC: quic: document nocc debug congestion algorithm
|
|
- MINOR: quic: extract config window-size parsing
|
|
- MINOR: quic: define max-window-size config setting
|
|
- MINOR: quic: allocate stream txbuf via qc_stream_desc API
|
|
- MINOR: mux-quic: account stream txbuf in QCC
|
|
- MEDIUM: mux-quic: implement API to ignore txbuf limit for some streams
|
|
- MINOR: h3: mark control stream as metadata
|
|
- MINOR: mux-quic: define buf_in_flight
|
|
- MAJOR: mux-quic: allocate Tx buffers based on congestion window
|
|
- MINOR: quic/config: adapt settings to new conn buffer limit
|
|
- MINOR: quic: define sbuf pool
|
|
- MINOR: quic: support sbuf allocation in quic_stream
|
|
- MEDIUM: h3: allocate small buffers for headers frames
|
|
- MINOR: mux-quic: retry after small buf alloc failure
|
|
- BUG/MINOR: cfgparse-global: fix err msg in mworker keyword parser
|
|
- BUG/MINOR: cfgparse-global: clean common_kw_list
|
|
- BUG/MINOR: cfgparse-global: remove redundant goto
|
|
- MINOR: cfgparse-global: move 'pidfile' in global keywords list
|
|
- MINOR: cfgparse-global: move 'expose-*' in global keywords list
|
|
- MINOR: cfgparse-global: move tune options in global keywords list
|
|
- MINOR: cfgparse-global: move unsupported keywords in global list
|
|
- BUG/MINOR: cfgparse-global: remove tune.fast-forward from common_kw_list
|
|
- MINOR: quic: store the lost packets counter in the quic_cc_event element
|
|
- MINOR: quic: support a tolerance for spurious losses
|
|
- MINOR: protocol: properly assign the sock_domain and sock_family
|
|
- MINOR: protocol: add a family lookup
|
|
- MEDIUM: socket: always properly use the sock_domain for requested families
|
|
- MINOR: protocol: add the real address family to the protocol
|
|
- MINOR: socket: don't ban all custom families from reuseport
|
|
- MINOR: protocol: always initialize the receivers list on registration
|
|
- CLEANUP: protocol: no longer initialize .receivers nor .nb_receivers
|
|
|
|
2024/08/07 : 3.1-dev5
|
|
- BUG/MINOR: quic: Lack of precision when computing K (cubic only cc)
|
|
- MEDIUM: ssl/quic: implement quic crypto with EVP_AEAD
|
|
- MINOR: quic: rename confusing wording aes to hp
|
|
- MEDIUM: quic: add key argument to header protection crypto functions
|
|
- MEDIUM: quic: implement CHACHA20_POLY1305 for AWS-LC
|
|
- MEDIUM: sink: assume sft appctx stickiness
|
|
- MINOR: quic: delay Retry emission on quic-force-retry
|
|
- MEDIUM: quic: implement quic-initial rules
|
|
- MINOR: quic: support ACL for quic-initial rules
|
|
- MINOR: quic: pass quic_dgram as obj_type for quic-initial rules
|
|
- MINOR: quic: implement reject quic-initial action
|
|
- MINOR: quic: implement send-retry quic-initial rules
|
|
- BUG/MEDIUM: quic: fix invalid conn reject with CONNECTION_REFUSED
|
|
- MEDIUM: h1: allow to preserve keep-alive on T-E + C-L
|
|
- MINOR: quic: Add information to "show quic" for CUBIC cc.
|
|
- MINOR: quic: Dump TX in flight bytes vs window values ratio.
|
|
- BUG/MEDIUM: jwt: Clear SSL error queue on error when checking the signature
|
|
- BUILD: cfgparse-quic: fix build error on Solaris due to missing netinet/in.h
|
|
- MINOR: queue: add a function to check for TOCTOU after queueing
|
|
- BUG/MEDIUM: queue: deal with a rare TOCTOU in assign_server_and_queue()
|
|
- DOC: config: Add documentation about spop mode for backends
|
|
- BUG/MEDIUM: stconn: Report error on SC on send if a previous SE error was set
|
|
- BUG/MEDIUM: mux-pt/mux-h1: Release the pipe on connection error on sending path
|
|
- BUILD: mux-pt: Use the right name for the sedesc variable
|
|
- BUG/MINOR: stconn: bs.id and fs.id had their dependencies incorrect
|
|
- BUG/MEDIUM: ssl: reactivate 0-RTT for AWS-LC
|
|
- BUG/MEDIUM: ssl: 0-RTT initialized at the wrong place for AWS-LC
|
|
- BUILD: ssl: replace USE_OPENSSL_AWSLC by OPENSSL_IS_AWSLC
|
|
- BUG/MEDIUM: quic: prevent conn freeze on 0RTT undeciphered content
|
|
- MINOR: tcp_sample: Move TCP low level sample fetch function to control layer
|
|
- MINOR: quic: Define ->get_info() control layer callback for QUIC
|
|
- MINOR: flags/mux-quic: decode qcc and qcs flags
|
|
- BUG/MINOR: quic: fix fc_rtt/srtt values
|
|
- BUG/MIONR: quic: fix fc_lost
|
|
- BUG/MINOR: h1: do not forward h2c upgrade header token
|
|
- BUG/MINOR: h2: reject extended connect for h2c protocol
|
|
- BUG/MEDIUM: http-ana: Report error on write error waiting for the response
|
|
- BUG/MEDIUM: h2: Only report early HTX EOM for tunneled streams
|
|
- BUG/MEDIUM: mux-h2: Propagate term flags to SE on error in h2s_wake_one_stream
|
|
- BUG/MEDIUM: peer: Notify the applet won't consume data when it waits for sync
|
|
- BUG/MINOR: quic: Too shord datagram during O-RTT handshakes (aws-lc only)
|
|
- CI: add weekly QUIC Interop regression against AWS-LC
|
|
- CI: harden NetBSD builds by ERR=1
|
|
- BUG/MINOR: quic: Too short datagram during packet building failures (aws-lc only)
|
|
- DEV: coccinelle: add a test to detect unchecked strdup()
|
|
- BUG/MINOR: fcgi-app: handle a possible strdup() failure
|
|
- BUG/MEDIUM: server/addr: fix tune.events.max-events-at-once event miss and leak
|
|
- MINOR: quic: convert qc_stream_desc release field to flags
|
|
- MINOR: quic: implement function to check if STREAM is fully acked
|
|
- BUG/MEDIUM: quic: handle retransmit for standalone FIN STREAM
|
|
- MINOR: quic: enforce ACK reception is handled in order
|
|
- DOC: configuration: fix alphabetical ordering of {bs,fs}.aborted
|
|
- MINOR: stconn: add a new pair of sf functions {bs,fs}.debug_str
|
|
- MINOR: mux-h2: implement the debug string for logs
|
|
- MINOR: mux-quic: define dump functions for QCC and QCS
|
|
- MINOR: mux-quic: implement debug string for logs
|
|
- MINOR: quic: dump quic_conn debug string for logs
|
|
- MINOR: time: define tot_time structure
|
|
- MINOR: mux-quic: measure QCS lifetime and its blocking state
|
|
- BUG/MINOR: trace/quic: enable conn/session pointer recovery from quic_conn
|
|
- BUG/MINOR: trace/quic: permit to lock on frontend/connect/session etc
|
|
- BUG/MEDIUM: trace: fix null deref in lockon mechanism since TRACE_ENABLED()
|
|
- BUG/MINOR: trace: automatically start in waiting mode with "start <evt>"
|
|
- BUG/MINOR: trace/quic: make "qconn" selectable as a lockon criterion
|
|
- BUG/MINOR: quic/trace: make quic_conn_enc_level_init() emit NEW not CLOSE
|
|
- MINOR: trace: support setting the sink and level for all sources at once
|
|
- MINOR: session/trace: enable very minimal session tracing
|
|
- MEDIUM: trace: implement a "follow" mechanism
|
|
- MINOR: trace: move the known trace context into a dedicated struct
|
|
- MINOR: trace: add a per-source helper to pre-fill the context
|
|
- MINOR: mux-h2: add a trace context filling helper
|
|
- MINOR: mux-h1: add a trace context filling helper
|
|
- MINOR: mux-quic: don't leave dangling pointer after freeing qcs->sd
|
|
- MINOR: mux-quic: add a trace context filling helper
|
|
- MINOR: mux-h1/trace: add a state trace on stream creation/upgrade
|
|
- MINOR: mux-h2/trace: add a state trace on stream creation/destruction
|
|
- MINOR: mux-h3/trace: add a state trace on stream creation/destruction
|
|
- BUG/MINOR: quic: prevent freeze after early QCS closure
|
|
- MINOR: server: ensure max_events_at_once > 0 in server_atomic_sync()
|
|
- MINOR: cfgparse: add struct cfgfile to represent config in memory
|
|
- REORG: tools: move list_append_word to cfgparse
|
|
- MINOR: startup: adapt list_append_word to use cfgfile
|
|
- MINOR: cfgparse: add load_cfg_in_mem
|
|
- MINOR: cfgparse: load_cfg_in_mem: take in account file size
|
|
- MINOR: tools: add fgets_from_mem
|
|
- MEDIUM: startup: make read_cfg() return immediately on ENOMEM
|
|
- MEDIUM: startup: load and parse configs from memory
|
|
- MINOR: startup: rename readcfgfile in parse_cfg
|
|
|
|
2024/07/24 : 3.1-dev4
|
|
- MINOR: limits: prepare to keep limits in one place
|
|
- REORG: fd: move raise_rlim_nofile to limits
|
|
- CLEANUP: fd: rm struct rlimit definition
|
|
- REORG: global: move rlim_fd_*_at_boot in limits
|
|
- MINOR: haproxy: prepare to move limits-related code
|
|
- REORG: haproxy: move limits handlers to limits
|
|
- MINOR: limits: add is_any_limit_configured
|
|
- CLEANUP: quic: remove obsolete comment on send
|
|
- MINOR: quic: extend detection of UDP API OS features
|
|
- MINOR: quic: activate UDP GSO for QUIC if supported
|
|
- MINOR: quic: define quic_cc_path MTU as constant
|
|
- MINOR: quic: add GSO parameter on quic_sock send API
|
|
- MAJOR: quic: support GSO when encoding datagrams
|
|
- MEDIUM: quic: implement GSO fallback mechanism
|
|
- MINOR: quic: add counters of sent bytes with and without GSO
|
|
- BUG/MEDIUM: bwlim: Be sure to never set the analyze expiration date in past
|
|
- CLEANUP: proto: rename TID affinity callbacks
|
|
- CLEANUP: quic: rename TID affinity elements
|
|
- BUG/MINOR: limits: fix license type in limits.h
|
|
- BUG/MINOR: session: Eval L4/L5 rules defined in the default section
|
|
- CLEANUP: stconn: Fix a typo in comments for SE_ABRT_SRC_*
|
|
- MEDIUM: spoe: Remove fragmentation support
|
|
- MEDIUM: spoe: Remove async mode support
|
|
- MINOR: spoe: Use only a global engine-id per agent
|
|
- MINOR: spoe: Remove debugging
|
|
- MAJOR: spoe: Remove idle applets and pipelining support
|
|
- MINOR: spoe: Remove the dedicated SPOE applet task
|
|
- MEDIUM: proxy/spoe: Add a SPOP mode
|
|
- MEDIUM: applet: Add a .shut callback function for applets
|
|
- MINOR: connection: No longer include stconn type header in connection-t.h
|
|
- MINOR: stconn: Use a dedicated function to get the opposite sedesc
|
|
- MINOR: spoe: Rename some flags and constant to use SPOP prefix
|
|
- MINOR: spoe: Dynamically alloc the message list per event of an agent
|
|
- MINOR: spoe: Move all stuff regarding the filter/applet in the C file
|
|
- MINOR: spoe: Move spoe_str_to_vsn() into the header file
|
|
- MEDIUM: mux-spop: Introduce the SPOP multiplexer
|
|
- MEDIUM: check/spoe: Use SPOP multiplexer to perform SPOP health-checks
|
|
- MAJOR: spoe: Rewrite SPOE applet to use the SPOP mux
|
|
- CLEANUP: spoe: Uniformize function definitions
|
|
- MINOR: spoe: Add internal sample fetch to retrieve the SPOE engine ID
|
|
- MEDIUM: spoe: Set a specific name for the connection pool of SPOP servers
|
|
- MINOR: backend: Remove test on HTX streams to reuse idle connections on connect
|
|
- MEDIUM: spoe: Force the reuse 'always' mode for SPOP backends
|
|
- MINOR: mux-spop: Use a dedicated function to update the SPOP connection timeout
|
|
- MAJOR: mux-spop: Make the SPOP connections reusable
|
|
- MINOR: stats-html: Display reuse ratio for spop connections
|
|
- MEDIUM: spoe: Directly xfer NOTIFY frame when SPOE applet is created
|
|
- MEDIUM: spoe: Directly receive ACK frame in the SPOE context buffer
|
|
- MEDIUM: mux-spop/spoe: Save negociated max-frame-size value in the mux
|
|
- MINOR: spoe: Remove the spop version from the SPOE appctx context
|
|
- MEDIUM: mux-spop: Add checks on received frames
|
|
- MEDIUM: mux-spop: Announce the pipeling support if possible
|
|
- MEDIUM: spoe: Forward SPOE context error to the SPOE applet
|
|
- MEDIUM: spoe: Make the SPOE applet use its own buffers
|
|
- DOC: spoe: Update SPOE documentation to reflect recent refactoring
|
|
- BUILD: mux-spop: fix build failure on gcc 4-10 and clang
|
|
- MINOR: fd: don't scan the full fdtab on all threads
|
|
- MINOR: server: better mt_list usage for node migration (prev_deleted handling)
|
|
- BUG/MINOR: do not close uninit FD in quic_test_socketops()
|
|
- BUG/MEDIUM: debug/cli: fix "show threads" crashing with low thread counts
|
|
- MINOR: debug: prepare feed_post_mortem_late
|
|
- CLEANUP: debug: fix indents in debug_parse_cli_show_dev
|
|
- MINOR: debug: store runtime uid/gid in postmortem
|
|
- MINOR: debug: keep runtime capabilities in post_mortem
|
|
- MINOR: debug: use LIM2A to show limits
|
|
- MINOR: debug: prepare to show runtime limits
|
|
- MINOR: debug: keep runtime limits in postmortem
|
|
- DOC: install: don't reference removed CPU arg
|
|
- BUG/MEDIUM: ssl_sock: fix deadlock in ssl_sock_load_ocsp() on error path
|
|
- BUG/MAJOR: mux-h2: force a hard error upon short read with pending error
|
|
- MEDIUM: sink: start applets asynchronously
|
|
- OPTIM: sink: balance applets accross threads
|
|
- MEDIUM: ocsp: fix ocsp when the chain is loaded from 'issuers-chain-path'
|
|
- MEDIUM: ssl: add extra_chain to ckch_data
|
|
- MINOR: ssl: change issuers-chain for show_cert_detail()
|
|
- REGTESTS: ssl: test the issuers-chain-path keyword
|
|
- DOC: configuration: issuers-chain-path not compatible with OCSP
|
|
- DOC: configuration: issuers-chain-path is compatible with OCSP
|
|
- BUG/MEDIUM: startup: fix zero-warning mode
|
|
- BUILD: tree-wide: cast arguments to tolower/toupper to unsigned char (2)
|
|
- MINOR: cfgparse-global: move mode's keywords in cfg_kw_list
|
|
- MINOR: cfgparse-global: move no<poller_name> in cfg_kw_list
|
|
- DOC: config: improve the http-keep-alive section
|
|
- BUG/MINOR: stick-table: fix crash for src_inc_gpc() without stkcounter
|
|
- BUG/MINOR: server: Don't warn fallback IP is used during init-addr resolution
|
|
- BUG/MINOR: cli: Atomically inc the global request counter between CLI commands
|
|
- MINOR: stream: Add a pointer to set the parent stream
|
|
- MINOR: vars: Fill a description instead of hash and scope when a name is parsed
|
|
- MINOR: vars: Use a description to set/unset a variable instead of its hash and scope
|
|
- MEDIUM: vars: Be able to parse parent scopes for variables
|
|
- MINOR: vars: Use a variable description to get variables of a specific scope
|
|
- MEDIUM: vars: Be able to retrieve variable of the parent stream, if any
|
|
- MEDIUM: spoe: Set the parent stream for SPOE streams
|
|
- BUG/MINOR: quic: Non optimal first datagram.
|
|
- DOC: config: Add a dedicated section about variables
|
|
- DOC: config: Add info about variable scopes referencing the parent stream
|
|
- DOC: config: Explicitly state the SPOE streams have a usable parent stream
|
|
- MINOR: quic: Avoid cc priv buffer overflow.
|
|
- MINOR: spoe: Add a function to validate a version is supported
|
|
- MINOR: spoe: export the list of SPOP error reasons
|
|
- MEDIUM: spoe/tcpcheck: Reintroduce SPOP check as a customized tcp-check
|
|
- REGTESTS: check/spoe: Re-enable the script performing SPOP health-checks
|
|
- BUG/MEDIUM: sink: properly init applet under sft lock
|
|
- MINOR: sink: unify and sink_forward_io_handler() and sink_forward_oc_io_handler()
|
|
- MINOR: sink: Remove useless test on SE_FL_SHR/SHW flags
|
|
- MINOR: sink: merge sink_forward_io_handler() with sink_forward_oc_io_handler()
|
|
- MINOR: sink: add some comments about sft->appctx usage in applet handlers
|
|
- MINOR: sink: distinguish between hard and soft close in _sink_forward_io_handler()
|
|
- MEDIUM: sink: don't set NOLINGER flag on the outgoing stream interface
|
|
- MINOR: ring: count processed messages in ring_dispatch_messages()
|
|
- MINOR: sink: add processed events counter in sft
|
|
- MEDIUM: sink: "max-reuse" support for sink servers
|
|
- OPTIM: sink: consider threads' current load when rebalancing applets
|
|
|
|
2024/07/10 : 3.1-dev3
|
|
- BUG/MINOR: quic: Wrong datagram building when probing.
|
|
- BUG/MEDIUM: quic: fix possible exit from qc_check_dcid() without unlocking
|
|
- BUG/MINOR: promex: Remove Help prefix repeated twice for each metric
|
|
- DOC: configuration: add details about crt-store in bind "crt" keyword
|
|
- BUG/MEDIUM: hlua/cli: Fix lua CLI commands to work with applet's buffers
|
|
- DOC: configuration: more details about the master-worker mode
|
|
- BUG/MEDIUM: server: fix race on server_atomic_sync()
|
|
- BUG/MINOR: jwt: don't try to load files with HMAC algorithm
|
|
- CLEANUP: quic: cleanup prototypes related to CIDs handling
|
|
- CLEANUP: quic: remove non-existing quic_cid_tree definition
|
|
- MINOR: quic: remove access to CID global tree outside of quic_cid module
|
|
- REORG: quic: remove quic_cid_trees reference from proto_quic
|
|
- MINOR: quic: add 2 BUG_ON() on datagram dispatch
|
|
- MINOR: quic: ensure quic_conn is never removed on thread affinity rebind
|
|
- MEDIUM: init: set default for fd_hard_limit via DEFAULT_MAXFD
|
|
- DOC: configuration: update maxconn description
|
|
- MINOR: proto: extend connection thread rebind API
|
|
- BUG/MEDIUM: quic: prevent crash on accept queue full
|
|
- BUG/MEDIUM: peers: Fix crash when syncing learn state of a peer without appctx
|
|
- CI: add weekly QUIC Interop regression against LibreSSL
|
|
- DEV: flags/quic: decode quic_conn flags
|
|
- MINOR: quic: rename "ssl error" trace
|
|
- BUG/MEDIUM: init: fix fd_hard_limit default in compute_ideal_maxconn
|
|
- BUG/MINOR: jwt: fix variable initialisation
|
|
- MINOR: ssl/sample: ssl_c_san returns a comma separated list of SAN
|
|
- OPTIM: pool: improve needed_avg cache line access pattern
|
|
- MAJOR: import: update mt_list to support exponential back-off (try #2)
|
|
- CI: weekly QUIC Interop: try to fix private image
|
|
- BUG/MINOR: h1: Fail to parse empty transfer coding names
|
|
- BUG/MINOR: h1: Reject empty coding name as last transfer-encoding value
|
|
- BUG/MEDIUM: h1: Reject empty Transfer-encoding header
|
|
- BUG/MEDIUM: spoe: Be sure to create a SPOE applet if none on the current thread
|
|
- BUILD: listener: silence a build warning about unused value without threads
|
|
- DOC: architecture: remove the totally outdated architecture manual
|
|
- SCRIPTS: create-release: no more need to skip architecture.txt
|
|
|
|
2024/06/29 : 3.1-dev2
|
|
- BUG/MINOR: log: fix broken '+bin' logformat node option
|
|
- DEBUG: hlua: distinguish burst timeout errors from exec timeout errors
|
|
- REGTESTS: ssl: fix some regtests 'feature cmd' start condition
|
|
- BUG/MEDIUM: ssl: AWS-LC + TLSv1.3 won't do ECDSA in RSA+ECDSA configuration
|
|
- MINOR: ssl: activate sigalgs feature for AWS-LC
|
|
- REGTESTS: ssl: activate new SSL reg-tests with AWS-LC
|
|
- BUG/MEDIUM: proxy: fix email-alert invalid free
|
|
- REORG: mailers: move free_email_alert() to mailers.c
|
|
- BUG/MINOR: proxy: fix email-alert leak on deinit() (2nd try)
|
|
- DOC: configuration: fix alphabetical order of bind options
|
|
- DOC: management: document ptr lookup for table commands
|
|
- BUG/MAJOR: quic: fix padding with short packets
|
|
- BUG/MAJOR: quic: do not loop on emission on closing/draining state
|
|
- MINOR: sample: date converter takes HTTP date and output an UNIX timestamp
|
|
- SCRIPTS: git-show-backports: do not truncate git-show output
|
|
- DOC: api/event_hdl: small updates, fix an example and add some precisions
|
|
- BUG/MINOR: h3: fix crash on STOP_SENDING receive after GOAWAY emission
|
|
- BUG/MINOR: mux-quic: fix crash on qcs SD alloc failure
|
|
- BUG/MINOR: h3: fix BUG_ON() crash on control stream alloc failure
|
|
- BUG/MINOR: quic: fix BUG_ON() on Tx pkt alloc failure
|
|
- DEV: flags/show-fd-to-flags: adapt to recent versions
|
|
- MINOR: capabilities: export capget and __user_cap_header_struct
|
|
- MINOR: capabilities: prepare support for version 3
|
|
- MINOR: capabilities: use _LINUX_CAPABILITY_VERSION_3
|
|
- MINOR: cli/debug: show dev: add cmdline and version
|
|
- MINOR: cli/debug: show dev: show capabilities
|
|
- MINOR: debug: print gdb hints when crashing
|
|
- BUILD: debug: also declare strlen() in __ABORT_NOW()
|
|
- BUILD: Missing inclusion header for ssize_t type
|
|
- BUG/MINOR: hlua: report proper context upon error in hlua_cli_io_handler_fct()
|
|
- MINOR: cfgparse/log: remove leftover dead code
|
|
- BUG/MEDIUM: stick-table: Decrement the ref count inside lock to kill a session
|
|
- MINOR: stick-table: Always decrement ref count before killing a session
|
|
- REORG: init: do MODE_CHECK_CONDITION logic first
|
|
- REORG: init: encapsulate CHECK_CONDITION logic in a func
|
|
- REORG: init: encapsulate 'reload' sockpair and master CLI listeners creation
|
|
- REORG: init: encapsulate code that reads cfg files
|
|
- BUG/MINOR: server: fix first server template name lookup UAF
|
|
- MINOR: activity: make the memory profiling hash size configurable at build time
|
|
- BUG/MEDIUM: server/dns: prevent DOWN/UP flap upon resolution timeout or error
|
|
- BUG/MEDIUM: h3: ensure the ":method" pseudo header is totally valid
|
|
- BUG/MEDIUM: h3: ensure the ":scheme" pseudo header is totally valid
|
|
- BUG/MEDIUM: quic: fix race-condition in quic_get_cid_tid()
|
|
- BUG/MINOR: quic: fix race condition in qc_check_dcid()
|
|
- BUG/MINOR: quic: fix race-condition on trace for CID retrieval
|
|
|
|
2024/06/14 : 3.1-dev1
|
|
- REGTESTS: Remove REQUIRE_VERSION=2.1 from all tests
|
|
- REGTESTS: Remove REQUIRE_VERSION=2.2 from all tests
|
|
- CI: use "--no-install-recommends" for apt-get
|
|
- CI: switch to lua 5.4
|
|
- CI: use USE_PCRE2 instead of USE_PCRE
|
|
- DOC: replace the README by a markdown version
|
|
- CI: VTest: accelerate package install a bit
|
|
- ADMIN: acme.sh: remove the old acme.sh code
|
|
- BUG/MINOR: cfgparse: remove the correct option on httpcheck send-state warning
|
|
- BUG/MINOR: tcpcheck: report correct error in tcp-check rule parser
|
|
- BUG/MINOR: tools: fix possible null-deref in env_expand() on out-of-memory
|
|
- DOC: configuration: add an example for keywords from crt-store
|
|
- CI: speedup apt package install
|
|
- DOC: add the FreeBSD status badge to README.md
|
|
- DOC: change the link to the FreeBSD CI in README.md
|
|
- MINOR: stktable: avoid ambiguous stktable_data_ptr() usage in cli_io_handler_table()
|
|
- BUG/MINOR: hlua: use CertCache.set() from various hlua contexts
|
|
- CLEANUP: hlua: fix CertCache class comment
|
|
- CI: FreeBSD: upgrade image, packages
|
|
- BUG/MEDIUM: h1-htx: Don't state interim responses are bodyless
|
|
- MEDIUM: stconn: Be able to unblock zero-copy data forwarding from done_fastfwd
|
|
- BUG/MEDIUM: mux-quic: Unblock zero-copy forwarding if the txbuf can be released
|
|
- BUG/MINOR: quic: prevent crash on qc_kill_conn()
|
|
- CLEANUP: hlua: use hlua_pusherror() where relevant
|
|
- BUG/MINOR: hlua: don't use lua_pushfstring() when we don't expect LJMP
|
|
- BUG/MINOR: hlua: fix unsafe hlua_pusherror() usage
|
|
- BUG/MINOR: hlua: prevent LJMP in hlua_traceback()
|
|
- CLEANUP: hlua: get rid of hlua_traceback() security checks
|
|
- BUG/MINOR: hlua: fix leak in hlua_ckch_set() error path
|
|
- CLEANUP: hlua: simplify ambiguous lua_insert() usage in hlua_ctx_resume()
|
|
- BUG/MEDIUM: mux-quic: Don't unblock zero-copy fwding if blocked during nego
|
|
- MINOR: mux-quic: Don't send an emtpy H3 DATA frame during zero-copy forwarding
|
|
- BUG/MEDIUM: ssl: wrong priority whem limiting ECDSA ciphers in ECDSA+RSA configuration
|
|
- BUG/MEDIUM: ssl: bad auth selection with TLS1.2 and WolfSSL
|
|
- BUG/MINOR: quic: fix computed length of emitted STREAM frames
|
|
- BUG/MINOR: quic: ensure Tx buf is always purged
|
|
- BUG/MEDIUM: stconn/mux-h1: Fix suspect change causing timeouts
|
|
- BUG/MAJOR: mux-h1: Properly copy chunked input data during zero-copy nego
|
|
- BUG/MINOR: mux-h1: Use the right variable to set NEGO_FF_FL_EXACT_SIZE flag
|
|
- DOC: install: remove boringssl from the list of supported libraries
|
|
- MINOR: log: fix "http-send-name-header" ignore warning message
|
|
- BUG/MINOR: proxy: fix server_id_hdr_name leak on deinit()
|
|
- BUG/MINOR: proxy: fix log_tag leak on deinit()
|
|
- BUG/MINOR: proxy: fix email-alert leak on deinit()
|
|
- BUG/MINOR: proxy: fix check_{command,path} leak on deinit()
|
|
- BUG/MINOR: proxy: fix dyncookie_key leak on deinit()
|
|
- BUG/MINOR: proxy: fix source interface and usesrc leaks on deinit()
|
|
- BUG/MINOR: proxy: fix header_unique_id leak on deinit()
|
|
- MINOR: proxy: add proxy_free_common() helper function
|
|
- BUG/MEDIUM: proxy: fix UAF with {tcp,http}checks logformat expressions
|
|
- MINOR: log: change wording in lf_expr_postcheck() error message
|
|
- BUG/MEDIUM: log: fix lf_expr_postcheck() behavior with default section
|
|
- CLEANUP: log/proxy: fix comment in proxy_free_common()
|
|
- DOC: config: move "hash-key" from proxy to server options
|
|
- DOC: config: add missing section hint for "guid" proxy keyword
|
|
- DOC: config: add missing context hint for new server and proxy keywords
|
|
- BUG/MINOR: promex: Skip resolvers metrics when there is no resolver section
|
|
- DOC: internals: add a documentation about the master worker
|
|
- BUG/MAJOR: mux-h1: Prevent any UAF on H1 connection after draining a request
|
|
- BUG/MINOR: quic: fix padding of INITIAL packets
|
|
- OPTIM: quic: fill whole Tx buffer if needed
|
|
- MINOR: quic: refactor qc_build_pkt() error handling
|
|
- MINOR: quic: use global datagram headlen definition
|
|
- MINOR: quic: refactor qc_prep_pkts() loop
|
|
- DOC/MINOR: management: add missed -dR and -dv options
|
|
- DOC/MINOR: management: add -dZ option
|
|
- DOC: management: rename show stats domain cli "dns" to "resolvers"
|
|
- REORG: log: reorder send log helpers by dependency order
|
|
- MINOR: session: expose session_embryonic_build_legacy_err() function
|
|
- MEDIUM: log/session: handle embryonic session log within sess_log()
|
|
- MINOR: log: provide sending log context to process_send_log() when available
|
|
- MINOR: log: add log_orig_to_str() function
|
|
- MINOR: log: provide log origin in logformat expressions using '%OG'
|
|
- CLEANUP: log: remove ambiguous legacy comment for resolve_logger()
|
|
- MINOR: log/backend: always free parsing hints in resolve_logger()
|
|
- MINOR: log: make resolve_logger() static
|
|
- MINOR: log: provide proxy context to resolve_logger()
|
|
- MINOR: log: add __send_log_set_metadata_sd helper
|
|
- MINOR: log: add logger flags
|
|
- MINOR: log: add log-profile parsing logic
|
|
- MINOR: log: add log profile buildlines
|
|
- MEDIUM: log: handle log-profile in process_send_log()
|
|
- DOC: config: add documentation for log profiles
|
|
- REGTESTS: log: add a test for log-profile
|
|
- MINOR: ssl: add ssl_sock_bind_verifycbk() in ssl_sock.h
|
|
- REORG: ssl: move the SNI selection code in ssl_clienthello.c
|
|
- BUILD: ssl: fix build with wolfSSL
|
|
- CI: github: upgrade aws-lc to 1.29.0
|
|
- Revert "CI: github: upgrade aws-lc to 1.29.0"
|
|
- MEDIUM: ssl: support for ECDA+RSA certificate selection with AWS-LC
|
|
- BUILD: ssl: disable deprecated functions for AWS-LC 1.29.0
|
|
- MINOR: ssl: relax the 'ssl.default-dh-param' keyword parsing
|
|
- CI: github: upgrade aws-lc to 1.29.0
|
|
- DOC: INSTALL: minimum AWS-LC version is v1.22.0
|
|
- CI: github: do the AWS-LC weekly build with ERR=1
|
|
|
|
2024/05/29 : 3.1-dev0
|
|
- MINOR: version: mention that it's development again
|
|
|
|
2024/05/29 : 3.0.0
|
|
- MINOR: sample: implement the uptime sample fetch
|
|
- CI: scripts: fix build of vtest regarding option -C
|
|
- CI: scripts: build vtest using multiple CPUs
|
|
- MINOR: log: rename 'log-format tag' to 'log-format alias'
|
|
- DOC: config: document logformat item naming and typecasting features
|
|
- BUILD: makefile: yearly reordering of objects by build time
|
|
- BUILD: fd: errno is also needed without poll()
|
|
- DOC: config: fix two typos "RST_STEAM" vs "RST_STREAM"
|
|
- DOC: config: refer to the non-deprecated keywords in ocsp-update on/off
|
|
- DOC: streamline http-reuse and connection naming definition
|
|
- REGTESTS: complete http-reuse test with pool-conn-name
|
|
- DOC: config: add %ID logformat alias alternative
|
|
- CLEANUP: ssl/ocsp: readable ifdef in ssl_sock_load_ocsp
|
|
- BUG/MINOR: ssl/ocsp: init callback func ptr as NULL
|
|
- CLEANUP: ssl_sock: move dirty openssl-1.0.2 wrapper to openssl-compat
|
|
- BUG/MINOR: activity: fix Delta_calls and Delta_bytes count
|
|
- CI: github: upgrade the WolfSSL job to 5.7.0
|
|
- DOC: install: update quick build reminders with some missing options
|
|
- DOC: install: update the range of tested openssl version to cover 3.3
|
|
- DEV: patchbot: prepare for new version 3.1-dev
|
|
- MINOR: version: mention that it's 3.0 LTS now.
|
|
|
|
2024/05/24 : 3.0-dev13
|
|
- CLEANUP: ssl/cli: remove unused code in dump_crtlist_conf
|
|
- MINOR: ssl: check parameter in ckch_conf_cmp()
|
|
- BUG/MINOR: ring: free ring's allocated area not ring's usable area when using maps
|
|
- DOC: configuration: rework the crt-store load documentation
|
|
- DEBUG: tools: add vma_set_name() helper
|
|
- DEBUG: shctx: name shared memory using vma_set_name()
|
|
- DEBUG: sink: add name hint for memory area used by memory-backed sinks
|
|
- DEBUG: pollers: add name hint for large memory areas used by pollers
|
|
- DEBUG: errors: add name hint for startup-logs memory area
|
|
- DEBUG: fd: add name hint for large memory areas
|
|
- MEDIUM: ssl: don't load file by discovering them in crt-store
|
|
- DOC: configuration: update the crt-list documentation
|
|
- DOC: configuration: add the supported crt-store options in crt-list
|
|
- BUG/MEDIUM: proto: fix fd leak in <proto>_connect_server
|
|
- MINOR: sock: set conn->err_code in case of EPERM
|
|
- BUG/MINOR: http-ana: Don't crush stream termination condition on internal error
|
|
- MAJOR: spoe: Let the SPOE back into the game
|
|
- BUG/MINOR: connection: parse PROXY TLV for LOCAL mode
|
|
- BUG/MINOR: server: free PROXY v2 TLVs on srv drop
|
|
- MINOR: rhttp: add log on connection allocation failure
|
|
- BUG/MEDIUM: rhttp: fix preconnect on single-thread
|
|
- BUG/MINOR: rhttp: prevent listener suspend
|
|
- BUG/MINOR: rhttp: fix task_wakeup state
|
|
- MINOR: session: define flag to explicitely release listener on free
|
|
- MEDIUM: rhttp: create session for active preconnect
|
|
- MINOR: rhttp: support PROXY emission on preconnect
|
|
- MINOR: connection: support PROXY v2 TLV emission without stream
|
|
- MINOR: traces: enumerate the list of levels/verbosities when not found
|
|
- BUG/MINOR: sock: fix sock_create_server_socket
|
|
- MINOR: proto: fix coding style
|
|
- BUG/MAJOR: quic: Crash with TLS_AES_128_CCM_SHA256 (libressl only)
|
|
- REGTESTS: scripts: allow to change the vtest timeout
|
|
- BUG/MEDIUM: quic_tls: prevent LibreSSL < 4.0 from negotiating CHACHA20_POLY1305
|
|
- CI: scripts/build-ssl.sh: loudly fail on unsupported platforms
|
|
- BUG/MEDIUM: mux-quic: Create sedesc in same time of the QUIC stream
|
|
- MINOR: mux-quic: Set abort info for SC-less QCS on STOP_SENDING frame
|
|
- CI: scripts/build-ssl: add a DESTDIR and TMPDIR variable
|
|
- CI: scripts/buil-ssl: cleanup the boringssl and quictls build
|
|
- MINOR: config: add thread-hard-limit to set an upper bound to nbthread
|
|
- BUILD: quic: fix unused variable warning when threads are disabled
|
|
- BUG/MEDIUM: stick-tables: Fix race with peers when trashing oldest entries
|
|
- BUG/MEDIUM: stick-tables: Fix race with peers when killing a sticky session
|
|
- BUG/MEDIUM: stick-tables: make sure never to create two same remote entries
|
|
- CLEANUP: stick-tables: remove a few unneeded tests for use_wrlock
|
|
- MINOR: stick-tables: remove the uneeded read lock in stksess_free()
|
|
- CLEANUP: tools: fix vma_set_name() function comment
|
|
- DEBUG: tools: add vma_set_name_id() helper
|
|
- DEBUG: pollers/fd: add thread id suffix to per-thread memory areas name hints
|
|
- DOC: config: fix aes_gcm_enc() description text
|
|
- BUILD: trace: fix warning on null dereference
|
|
- MEDIUM: config: prevent communication with privileged ports
|
|
- MAJOR: config: prevent QUIC with clients privileged port by default
|
|
- BUG/MINOR: quic: adjust restriction for stateless reset emission
|
|
- MINOR: quic: clarify doc for quic_recv()
|
|
- MINOR: server: generalize sni expr parsing
|
|
- MINOR: server: define pool-conn-name keyword
|
|
- MEDIUM: connection: use pool-conn-name instead of sni on reuse
|
|
- BUG/MINOR: rhttp: initialize session origin after preconnect reversal
|
|
- BUG/MEDIUM: server/dns: preserve server's port upon resolution timeout or error
|
|
- BUG/MINOR: http-htx: Support default path during scheme based normalization
|
|
- BUG/MINOR: server: Don't reset resolver options on a new default-server line
|
|
- DOC: quic: specify that connection migration is not supported
|
|
- DOC: config: fix incorrect section reference about custom log format
|
|
- DOC: config: uniformize the naming and description of custom log format args
|
|
- DOC: config: clarify the fact that custom log format is not just for logging
|
|
- REGTESTS: acl_cli_spaces: avoid a warning caused by undefined logs
|
|
|
|
2024/05/18 : 3.0-dev12
|
|
- CI: drop asan.log umbrella completely
|
|
- BUG/MINOR: log: fix leak in add_sample_to_logformat_list() error path
|
|
- BUG/MINOR: log: smp_rgs array issues with inherited global log directives
|
|
- MINOR: rhttp: Don't require SSL when attach-srv name parsing
|
|
- REGTESTS: ssl: be more verbose with ocsp_compat_check.vtc
|
|
- DOC: Update UUID references to RFC 9562
|
|
- MINOR: hlua: add hlua_nb_instruction getter
|
|
- MEDIUM: hlua: take nbthread into account in hlua_get_nb_instruction()
|
|
- BUG/MEDIUM: server: clear purgeable conns before server deletion
|
|
- BUG/MINOR: mux-quic: fix error code on shutdown for non HTTP/3
|
|
- BUG/MINOR: qpack: fix error code reported on QPACK decoding failure
|
|
- BUG/MEDIUM: htx: mark htx_sl as packed since it may be realigned
|
|
- BUG/MEDIUM: stick-tables: properly mark stktable_data as packed
|
|
- SCRIPTS: run-regtests: fix a few occurrences of extended regexes
|
|
- BUG/MINOR: ssl_sock: fix xprt_set_used() to properly clear the TASK_F_USR1 bit
|
|
- MINOR: dynbuf: provide a b_dequeue() variant for multi-thread
|
|
- BUG/MEDIUM: muxes: enforce buf_wait check in takeover()
|
|
- BUG/MINOR: h1: Check authority for non-CONNECT methods only if a scheme is found
|
|
- BUG/MEDIUM: h1: Reject CONNECT request if the target has a scheme
|
|
- BUG/MAJOR: h1: Be stricter on request target validation during message parsing
|
|
- MINOR: qpack: prepare error renaming
|
|
- MINOR: h3/qpack: adjust naming for errors
|
|
- MINOR: h3: adjust error reporting on sending
|
|
- MINOR: h3: adjust error reporting on receive
|
|
- MINOR: mux-quic: support glitches
|
|
- MINOR: h3: report glitch on RFC violation
|
|
- BUILD: stick-tables: better mark the stktable_data as 32-bit aligned
|
|
- MINOR: ssl: rename tune.ssl.ocsp-update.mode in ocsp-update.mode
|
|
- REGTESTS: update the ocsp-update tests
|
|
- BUILD: stats: remove non portable getline() usage
|
|
- MEDIUM: ssl: add ocsp-update.mindelay and ocsp-update.maxdelay
|
|
- BUILD: log: get rid of non-portable strnlen() func
|
|
- BUG/MEDIUM: fd: prevent memory waste in fdtab array
|
|
- CLEANUP: compat: make the MIN/MAX macros more reliable
|
|
- Revert: MEDIUM: evports: permit to report multiple events at once"
|
|
- BUG/MINOR: stats: Don't state the 303 redirect response is chunked
|
|
- MINOR: mux-h1: Add a flag to ignore the request payload
|
|
- REORG: mux-h1: Group H1S_F_BODYLESS_* flags
|
|
- CLEANUP: mux-h1: Remove unused H1S_F_ERROR_MASK mask value
|
|
- MEDIUM: mux-h1: Support C-L/T-E header suppressions when sending messages
|
|
- MINOR: ssl: ckch_store_new_load_files_conf() loads filenames from ckch_conf
|
|
- MEDIUM: ssl/crtlist: loading crt-store keywords from a crt-list
|
|
- CLEANUP: ssl/ocsp: remove the deprecated parsing code for "ocsp-update"
|
|
- MINOR: ssl: pass ckch_store instead of ckch_data to ssl_sock_load_ocsp()
|
|
- MEDIUM: ssl: ckch_conf_parse() uses -1/0/1 for off/default/on
|
|
- MINOR: ssl: handle PARSE_TYPE_INT and PARSE_TYPE_ONOFF in ckch_store_load_files()
|
|
- MINOR: ssl/ocsp: use 'ocsp-update' in crt-store
|
|
- MINOR: ssl: ckch_conf_clean() utility function for ckch_conf
|
|
- MEDIUM: ssl: add ocsp-update.disable global option
|
|
- MEDIUM: ssl/cli: handle crt-store keywords in crt-list over the CLI
|
|
- MINOR: ssl: ckch_conf_cmp() compare multiple ckch_conf structures
|
|
- MEDIUM: ssl: temporarily load files by detecting their presence in crt-store
|
|
- REGTESTS: ocsp-update: change the reg-test to support the new crt-store mode
|
|
- DOC: capabilities: fix chapter header rendering
|
|
|
|
2024/05/10 : 3.0-dev11
|
|
- BUILD: clock: improve check for pthread_getcpuclockid()
|
|
- CI: add Illumos scheduled workflow
|
|
- CI: netbsd: limit scheduled workflow to parent repo only
|
|
- OPTIM: log: resolve logformat options during postparsing
|
|
- BUG/MINOR: haproxy: only tid 0 must not sleep if got signal
|
|
- REGTEST: add tests for acl() sample fetch
|
|
- BUG/MINOR: acl: support built-in ACLs with acl() sample
|
|
- BUG/MINOR: cfgparse: use curproxy global var from config post validation
|
|
- MEDIUM: stconn/muxes: Add an abort reason for SE shutdowns on muxes
|
|
- MINOR: mux-h2: Set the SE abort reason when a RST_STREAM frame is received
|
|
- MEDIUM: mux-h2: Forward h2 client cancellations to h2 servers
|
|
- MINOR: mux-quic: Set tha SE abort reason when a STOP_SENDING frame is received
|
|
- MINOR: stconn: Add samples to retrieve about stream aborts
|
|
- MINOR: mux-quic: Add .ctl callback function to get info about a mux connection
|
|
- MINOR: muxes: Add ctl commands to get info on streams for a connection
|
|
- MINOR: connection: Add samples to retrieve info on streams for a connection
|
|
- BUG/MEDIUM: log/ring: broken syslog octet counting
|
|
- BUG/MEDIUM: mux-quic: fix crash on STOP_SENDING received without SD
|
|
- DOC: lua: fix filters.txt file location
|
|
- MINOR: dynbuf: pass a criticality argument to b_alloc()
|
|
- MINOR: dynbuf: add functions to help queue/requeue buffer_wait fields
|
|
- MINOR: dynbuf: use the b_queue()/b_requeue() functions everywhere
|
|
- MEDIUM: dynbuf: make the buffer_wq an array of list heads
|
|
- CLEANUP: tinfo: better align fields in thread_ctx
|
|
- MINOR: dynbuf: provide a b_dequeue() function to detach a bw from the queue
|
|
- MEDIUM: dynbuf: generalize the use of b_dequeue() to detach buffer_wait
|
|
- MEDIUM: dynbuf/stream: re-enable queueing upon failed buffer allocation
|
|
- MEDIUM: dynbuf/stream: do not allocate the buffers in the callback
|
|
- MEDIUM: applet: make appctx_buf_available() only wake the applet up, not allocate
|
|
- MINOR: applet: set the blocking flag in the buffer allocation function
|
|
- MINOR: applet: adjust the allocation criticity based on the requested buffer
|
|
- MINOR: dynbuf/mux-h1: use different criticalities for buffer allocations
|
|
- MEDIUM: dynbuf/mux-h1: do not allocate the buffers in the callback
|
|
- MEDIUM: dynbuf: refrain from offering a buffer if more critical ones are waiting
|
|
- MINOR: stconn: report that a buffer allocation succeeded
|
|
- MINOR: stream: report that a buffer allocation succeeded
|
|
- MINOR: applet: report about buffer allocation success
|
|
- MINOR: mux-h1: report that a buffer allocation succeeded
|
|
- MEDIUM: stream: allocate without queuing when retrying
|
|
- MEDIUM: channel: allocate without queuing when retrying
|
|
- MEDIUM: mux-h1: allocate without queuing when retrying
|
|
- MEDIUM: dynbuf: implement emergency buffers
|
|
- MEDIUM: dynbuf: use emergency buffers upon failed memory allocations
|
|
|
|
2024/05/04 : 3.0-dev10
|
|
- BUG/MEDIUM: cache: Vary not working properly on anything other than accept-encoding
|
|
- REGTESTS: cache: Add test on 'vary' other than accept-encoding
|
|
- BUG/MINOR: stats: replace objt_* by __objt_* macros
|
|
- CLEANUP: tools/cbor: rename cbor_encode_ctx struct members
|
|
- MINOR: log/cbor: _lf_cbor_encode_byte() explicitly requires non-NULL ctx
|
|
- BUG/MINOR: log: fix global lf_expr node options behavior
|
|
- CLEANUP: log: add a macro to know if a lf_node is configurable
|
|
- MINOR: httpclient: allow to use absolute URI with new flag HC_F_HTTPROXY
|
|
- MINOR: ssl: introduce ocsp_update.http_proxy for ocsp-update keyword
|
|
- BUG/MINOR: log/encode: consider global options for key encoding
|
|
- BUG/MINOR: log/encode: fix potential NULL-dereference in LOGCHAR()
|
|
- BUG/MINOR: log: fix global lf_expr node options behavior (2nd try)
|
|
- MINOR: log/cbor: _lf_cbor_encode_byte() explicitly requires non-NULL ctx (again)
|
|
- BUG/MEDIUM: log: don't ignore disabled node's options
|
|
- BUG/MINOR: stconn: don't wake up an applet waiting on buffer allocation
|
|
- MINOR: sock: rename sock to sock_fd in sock_create_server_socket
|
|
- MEDIUM: proto_uxst: take in account server namespace
|
|
- MEIDUM: unix sock: use my_socketat to create bind socket
|
|
- MINOR: sock_set_mark: take sock family in account
|
|
- MEDIUM: proto: make common fd checks in sock_create_server_socket
|
|
- MINOR: sock: add EPERM case in sock_handle_system_err
|
|
- MINOR: capabilities: add cap_sys_admin support
|
|
- CLEANUP: ssl: clean the includes in ssl_ocsp.c
|
|
- CLEANUP: ssl: move the global ocsp-update options parsing to ssl_ocsp.c
|
|
- MINOR: stats: fix visual alignment for stat_cols_px definition
|
|
- MINOR: stats: convert req_tot as generic column
|
|
- MINOR: stats: prepare stats-file support for values other than FN_COUNTER
|
|
- MINOR: counters: move freq-ctr from proxy/server into counters struct
|
|
- MINOR: stats: support rate in stats-file
|
|
- MINOR: stats: convert rate as generic column for proxy stats
|
|
- MINOR: counters: move last_change into counters struct
|
|
- MINOR: stats: support age in stats-file
|
|
- MINOR: stats: convert age as generic column for proxy stat
|
|
- CLEANUP: ssl: rename new_ckch_store_load_files_path() to ckch_store_new_load_files_path()
|
|
- MINOR: ssl: rename ocsp_update.http_proxy into ocsp-update.httpproxy
|
|
- REORG: stats: define stats-proxy source module
|
|
- MINOR: stats: extract proxy clear-counter in a dedicated function
|
|
- REGTESTS: stats: add test stats-file counters preload
|
|
- CI: netbsd: adjust packages after NetBSD-10 released
|
|
- CLEANUP: assorted typo fixes in the code and comments
|
|
- REGTESTS: replace REQUIRE_VERSION by version_atleast
|
|
- MEDIUM: log: optimizing tmp->type handling in sess_build_logline()
|
|
- BUG/MINOR: log: prevent double spaces emission in sess_build_logline()
|
|
- OPTIM: log: declare empty buffer as global variable
|
|
- OPTIM: log: use thread local lf_buildctx to stop pushing it on the stack
|
|
- OPTIM: log: use lf_buildctx's buffer instead of temporary stack buffers
|
|
- OPTIM: log: speedup date printing in sess_build_logline() when no encoding is used
|
|
|
|
2024/04/27 : 3.0-dev9
|
|
- BUILD: ssl: use %zd for sizeof() in ssl_ckch.c
|
|
- MINOR: backend: use be_counters for health down accounting
|
|
- BUG/MINOR: backend: use cum_sess counters instead of cum_conn
|
|
- BUG/MINOR: stats: fix stot metric for listeners
|
|
- REGTESTS: use -dI for insecure fork by default in the regtest scripts
|
|
- MINOR: stats: rename proxy stats
|
|
- MINOR: stats: rename ambiguous stat_l and stat_count
|
|
- MINOR: stats: rename info stats
|
|
- MINOR: stats: use stricter naming stats/field/line
|
|
- MINOR: stats: use STAT_F_* prefix for flags
|
|
- BUG/MEDIUM: applet: Let's applets decide if they have more data to deliver
|
|
- BUILD: stick-tables: silence build warnings when threads are disabled
|
|
- MINOR: tools: Rename `ha_generate_uuid` to `ha_generate_uuid_v4`
|
|
- MINOR: Add `ha_generate_uuid_v7`
|
|
- MINOR: Add support for UUIDv7 to the `uuid` sample fetch
|
|
- MEDIUM: shctx: Naming shared memory context
|
|
- BUG/MINOR: h1: fix detection of upper bytes in the URI
|
|
- MINOR: intops: add a pair of functions to check multi-byte ranges
|
|
- TESTS: add a unit test for the multi-byte range checks
|
|
- CLEANUP: h1: make use of the multi-byte matching functions
|
|
- REGTESTS: ssl: Remove "sleep" calls from ocsp auto update test
|
|
- BUG/MEDIUM: peers: Automatically start to learn on local peer
|
|
- BUG/MEDIUM: peers: Reprocess peer state after all session shutdowns
|
|
- MINOR: peers: Remove unused PEERS_F_RESYNC_REQUESTED flag
|
|
- MINOR: peers: Don't set TEACH flags on a peer from the sync task
|
|
- MINOR: peers: Use a peer flag to block the applet waiting ack of the sync task
|
|
- BUG/MEDIUM: peers: Wait for sync task ack when a resynchro is finished
|
|
- MINOR: peers: Remove unused PEERS_F_RESYNC_PROCESS flag
|
|
- MINOR: applet: Add a function to know the side where an applet was created
|
|
- MEDIUM: peers: Simplify the peer flags dealing with the connection state
|
|
- MEDIUM: peers: Use true states for the peer applets as seen from outside
|
|
- MEDIUM: peers: Use true states for the learn state of a peer
|
|
- MINOR: peers: Start learning for local peer before receiving messages
|
|
- MINOR: peers: Rename PEERS_F_TEACH_COMPLETE to PEERS_F_LOCAL_TEACH_COMPLETE
|
|
- MINOR: peers: Reorder and slightly rename PEER flags
|
|
- MINOR: peers: Reorder and rename PEERS flags
|
|
- REORG: peers: Move peer and peers flags in the corresponding header file
|
|
- DEV: flags/peers: Decode PEER and PEERS flags
|
|
- MINOR: peers: Add comment on processing functions of the sync task
|
|
- MINOR: peers: Use a static variable to wait a resync on reload
|
|
- BUG/MEDIUM: peers: Use atomic operations on peers flags when necessary
|
|
- REORG: peers: Rename all occurrences to 'ps' variable
|
|
- BUG/MINOR: peers: Don't wait for a remote resync if there no remote peer
|
|
- MINOR: stats: update ambiguous "metrics" naming to "stat_cols"
|
|
- MINOR: stats: introduce a more expressive stat definition method
|
|
- MINOR: stats: implement automatic metric generation from stat_col
|
|
- MINOR: stats: hide some columns in output
|
|
- MEDIUM: stats: convert counters to new column definition
|
|
- MINOR: stats: define stats-file output format support
|
|
- MEDIUM: stats: implement dump stats-file CLI
|
|
- MINOR: ist: define iststrip() new function
|
|
- MINOR: guid: define guid_is_valid_fmt()
|
|
- MINOR: stats: apply stats-file on process startup
|
|
- MINOR: stats: parse header lines from stats-file
|
|
- MINOR: stats: parse values from stats-file
|
|
- MEDIUM: stats: define stats-file keyword
|
|
- BUG/MINOR: mworker: reintroduce way to disable seamless reload with -x /dev/null
|
|
- CLEANUP: log: remove unused checks for encode_{chunk,string}
|
|
- MINOR: log: store lf_expr nodes inside substruct
|
|
- MINOR: log: global lf_expr node options
|
|
- CLEANUP: log: simplify complex values usages in sess_build_logline()
|
|
- MINOR: log: skip custom logformat_node name if empty
|
|
- MINOR: log: add lf_int() wrapper to print integers
|
|
- MINOR: log: add lf_rawtext{_len}() functions
|
|
- MEDIUM: log: pass date strings to lf_rawtext()
|
|
- MEDIUM: log: write raw strings using lf_rawtext()
|
|
- MEDIUM: log: use lf_rawtext for lf_ip() and lf_port() hex strings
|
|
- MINOR: log: explicitly handle %ts and %tsc as text strings
|
|
- MINOR: log: use LOG_VARTEXT_{START,END} to enclose text strings
|
|
- MINOR: log: make all lf_* sess build helper static
|
|
- MINOR: log: merge lf_encode_string() and lf_encode_chunk() logic
|
|
- MEDIUM: log: lf_* build helpers now take a ctx argument
|
|
- MINOR: log: expose node typecast in lf_buildctx struct
|
|
- MINOR: log: postpone conversion for sample expressions in sess_build_logline()
|
|
- MINOR: log: add LOG_OPT_NONE flag
|
|
- MINOR: log: add no_escape_map to bypass escape with _lf_encode_bytes()
|
|
- MINOR: log: add +bin logformat node option
|
|
- MINOR: log: add +json encoding option
|
|
- MINOR: tools: add cbor encode helpers
|
|
- MINOR: log: add +cbor encoding option
|
|
- MINOR: log: support true cbor binary encoding
|
|
- CLEANUP: dynbuf: move the reserve and limit parsers to dynbuf.c
|
|
- MINOR: list: add a macro to detect that a list contains at most one element
|
|
- MINOR: cli/wait: rename the condition "srv-unused" to "srv-removable"
|
|
|
|
2024/04/19 : 3.0-dev8
|
|
- BUG/MINOR: cli: Don't warn about a too big command for incomplete commands
|
|
- BUG/MINOR: listener: always assign distinct IDs to shards
|
|
- BUG/MINOR: log: fix lf_text_len() truncate inconsistency
|
|
- BUG/MINOR: tools/log: invalid encode_{chunk,string} usage
|
|
- BUG/MINOR: log: invalid snprintf() usage in sess_build_logline()
|
|
- CLEANUP: log: lf_text_len() returns a pointer not an integer
|
|
- MINOR: quic: simplify qc_send_hdshk_pkts() return
|
|
- MINOR: quic: uniformize sending methods for handshake
|
|
- MINOR: quic: improve sending API on retransmit
|
|
- MINOR: quic: use qc_send_hdshk_pkts() in handshake IO cb
|
|
- MEDIUM: quic: remove duplicate hdshk/app send functions
|
|
- OPTIM: quic: do not call qc_send() if nothing to emit
|
|
- OPTIM: quic: do not call qc_prep_pkts() if everything sent
|
|
- BUG/MEDIUM: http-ana: Deliver 502 on keep-alive for fressh server connection
|
|
- BUG/MINOR: http-ana: Fix TX_L7_RETRY and TX_D_L7_RETRY values
|
|
- BUILD: makefile: warn about unknown USE_* variables
|
|
- BUILD: makefile: support USE_xxx=0 as well
|
|
- BUG/MINOR: guid: fix crash on invalid guid name
|
|
- BUILD: atomic: fix peers build regression on gcc < 4.7 after recent changes
|
|
- BUG/MINOR: debug: make sure DEBUG_STRICT=0 does work as documented
|
|
- BUILD: cache: fix non-inline vs inline declaration mismatch to silence a warning
|
|
- BUILD: debug: make DEBUG_STRICT=1 the default
|
|
- BUILD: pools: make DEBUG_MEMORY_POOLS=1 the default option
|
|
- CI: update the build options to get rid of unneeded DEBUG options
|
|
- BUILD: makefile: get rid of the config CFLAGS variable
|
|
- BUILD: makefile: allow to use CFLAGS to append build options
|
|
- BUILD: makefile: drop the SMALL_OPTS settings
|
|
- BUILD: makefile: move -O2 from CPU_CFLAGS to OPT_CFLAGS
|
|
- BUILD: makefile: get rid of the CPU variable
|
|
- BUILD: makefile: drop the ARCH variable and better document ARCH_FLAGS
|
|
- BUILD: makefile: extract ARCH_FLAGS out of LDFLAGS
|
|
- BUILD: makefile: move the fwrapv option to STD_CFLAGS
|
|
- BUILD: makefile: make the ERR variable also support 0
|
|
- BUILD: makefile: add FAILFAST to select the -Wfatal-errors behavior
|
|
- BUILD: makefile: extract -Werror/-Wfatal-errors from automatic CFLAGS
|
|
- BUILD: makefile: split WARN_CFLAGS from SPEC_CFLAGS
|
|
- BUILD: makefile: rename SPEC_CFLAGS to NOWARN_CFLAGS
|
|
- BUILD: makefile: do not pass warnings to VERBOSE_CFLAGS
|
|
- BUILD: makefile: also drop DEBUG_CFLAGS
|
|
- CLEANUP: makefile: make the output of the "opts" target more readable
|
|
- DOC: install: clarify the build process by splitting it into subsections
|
|
- BUG/MINOR: server: fix slowstart behavior
|
|
- BUG/MEDIUM: cache/stats: Handle inbuf allocation failure in the I/O handler
|
|
- MINOR: ssl: add the section parser for 'crt-store'
|
|
- DOC: configuration: Add 3.12 Certificate Storage
|
|
- REGTESTS: ssl: test simple case of crt-store
|
|
- MINOR: ssl: rename ckchs_load_cert_file to new_ckch_store_load_files_path
|
|
- MINOR: ssl/crtlist: alloc ssl_conf only when a valid keyword is found
|
|
- BUG/MEDIUM: stick-tables: fix the task's next expiration date
|
|
- CLEANUP: stick-tables: always respect the to_batch limit when trashing
|
|
- BUG/MEDIUM: peers/trace: fix crash when listing event types
|
|
- BUG/MAJOR: stick-tables: fix race with peers in entry expiration
|
|
- DEBUG: pool: improve decoding of corrupted pools
|
|
- REORG: pool: move the area dump with symbol resolution to tools.c
|
|
- DEBUG: pools: report the data around the offending area in case of mismatch
|
|
- MINOR: listener/protocol: add proto name in alerts
|
|
- MINOR: proto_quic: add proto name in alert
|
|
- BUG/MINOR: lru: fix the standalone test case for invalid revision
|
|
- DOC: management: fix typos
|
|
- CI: revert kernel addr randomization introduced in 3a0fc864
|
|
- MINOR: ring: clarify the usage of ring_size() and add ring_allocated_size()
|
|
- BUG/MAJOR: ring: use the correct size to reallocate startup_logs
|
|
- MINOR: ring: always check that the old ring fits in the new one in ring_dup()
|
|
- CLEANUP: ssl: remove dead code in cfg_parse_crtstore()
|
|
- MINOR: ssl: supports crt-base in crt-store
|
|
- MINOR: ssl: 'key-base' allows to load a 'key' from a specific path
|
|
- MINOR: net_helper: Add support for floats/doubles.
|
|
- BUG/MEDIUM: grpc: Fix several unaligned 32/64 bits accesses
|
|
- MINOR: peers: Split resync process function to separate running/stopping states
|
|
- MINOR: peers: Add 2 peer flags about the peer learn status
|
|
- MINOR: peers: Add flags to report the peer state to the resync task
|
|
- MINOR: peers: sligthly adapt part processing the stopping signal
|
|
- MINOR: peers: Add functions to commit peer changes from the resync task
|
|
- BUG/MINOR: peers: Report a resync was explicitly requested from a thread-safe manner
|
|
- BUG/MAJOR: peers: Update peers section state from a thread-safe manner
|
|
- MEDIUM: peers: Only lock one peer at a time in the sync process function
|
|
- MINOR: peer: Restore previous peer flags value to ease debugging
|
|
- BUG/MEDIUM: stconn: Don't forward channel data if input data must be filtered
|
|
- BUILD: cache: fix a build warning with gcc < 7
|
|
- BUILD: xxhash: silence a build warning on Solaris + gcc-5.5
|
|
- CI: reduce ASAN log redirection umbrella size
|
|
- CLEANUP: assorted typo fixes in the code and comments
|
|
- BUG/MEDIUM: evports: do not clear returned events list on signal
|
|
- MEDIUM: evports: permit to report multiple events at once
|
|
- MEDIUM: ssl: support aliases in crt-store
|
|
- BUG/MINOR: ssl: check on forbidden character on wrong value
|
|
- BUG/MINOR: ssl: fix crt-store load parsing
|
|
- BUG/MEDIUM: applet: Fix applet API to put input data in a buffer
|
|
- BUG/MEDIUM: spoe: Always retry when an applet fails to send a frame
|
|
- BUG/MEDIUM: peers: Fix exit condition when max-updates-at-once is reached
|
|
- BUILD: linuxcap: Properly declare prepare_caps_from_permitted_set()
|
|
- BUG/MEDIUM: peers: fix localpeer regression with 'bind+server' config style
|
|
- MINOR: peers: stop relying on srv->addr to find peer port
|
|
- MEDIUM: ssl: support a named crt-store section
|
|
- MINOR: stats: remove implicit static trash_chunk usage
|
|
- REORG: stats: extract HTML related functions
|
|
- REORG: stats: extract JSON related functions
|
|
- MEDIUM: ssl: crt-base and key-base local keywords for crt-store
|
|
- MINOR: stats: Get the right prototype for stats_dump_html_end().
|
|
- MAJOR: ssl: use the msg callback mecanism for backend connections
|
|
- MINOR: ssl: implement keylog fetches for backend connections
|
|
- BUG/MINOR: stconn: Fix sc_mux_strm() return value
|
|
- MINOR: mux-pt: Test conn flags instead of sedesc ones to perform a full close
|
|
- MINOR: stconn/connection: Move shut modes at the SE descriptor level
|
|
- MINOR: stconn: Rewrite shutdown functions to simplify the switch statements
|
|
- MEDIUM: stconn: Use only one SC function to shut connection endpoints
|
|
- MEDIUM: stconn: Explicitly pass shut modes to shut applet endpoints
|
|
- MEDIUM: stconn: Use one function to shut connection and applet endpoints
|
|
- MEDIUM: muxes: Use one callback function to shut a mux stream
|
|
- BUG/MINOR: sock: handle a weird condition with connect()
|
|
- BUG/MINOR: fd: my_closefrom() on Linux could skip contiguous series of sockets
|
|
- BUG/MEDIUM: peers: Don't set PEERS_F_RESYNC_PROCESS flag on a peer
|
|
- BUG/MEDIUM: peers: Fix state transitions of a peer
|
|
- MINOR: init: use RLIMIT_DATA instead of RLIMIT_AS
|
|
- CI: modernize macos matrix
|
|
|
|
2024/04/06 : 3.0-dev7
|
|
- BUG/MINOR: ssl: Wrong ocsp-update "incompatibility" error message
|
|
- BUG/MINOR: ssl: Detect more 'ocsp-update' incompatibilities
|
|
- MEDIUM: ssl: Add 'tune.ssl.ocsp-update.mode' global option
|
|
- REGTESTS: ssl: Add OCSP update compatibility tests
|
|
- REGTESTS: ssl: Add functional test for global ocsp-update option
|
|
- BUG/MINOR: server: reject enabled for dynamic server
|
|
- BUG/MINOR: server: fix persistence cookie for dynamic servers
|
|
- MINOR: server: allow cookie for dynamic servers
|
|
- REGTESTS: Fix script about OCSP update compatibility tests
|
|
- BUG/MINOR: cli: Report an error to user if command or payload is too big
|
|
- MINOR: sc_strm: Add generic version to perform sync receives and sends
|
|
- MEDIUM: stream: Use generic version to perform sync receives and sends
|
|
- MEDIUM: buf: Add b_getline() and b_getdelim() functions
|
|
- MEDIUM: applet: Handle applets with their own buffers in put functions
|
|
- MEDIUM: cli/applet: Stop to test opposite SC in I/O handler of CLI commands
|
|
- MINOR: applet: Always use applet API to set appctx flags
|
|
- BUG/MEDIUM: applet: State appctx have more data if its EOI/EOS/ERROR flag is set
|
|
- MAJOR: cli: Update the CLI applet to handle its own buffers
|
|
- MINOR: applet: Let's applets .snd_buf function deal with full input buffers
|
|
- MINOR: stconn: Add a connection flag to notify sending data are the last ones
|
|
- MAJOR: cli: Use a custom .snd_buf function to only copy the current command
|
|
- DOC: config: balance 'first' not usable in LOG mode
|
|
- BUG/MINOR: log/balance: detect if user tries to use unsupported algo
|
|
- MINOR: lbprm: implement true "sticky" balance algo
|
|
- MEDIUM: log/balance: leverage lbprm api for log load-balancing
|
|
- BUG/BUILD: debug: fix unused variable error
|
|
- MEDIUM: lb-chash: Deterministic node hashes based on server address
|
|
- BUG/MEDIUM: stick-tables: fix a small remaining race in expiration task
|
|
- REGTESTS: Do not use REQUIRE_VERSION for HAProxy 2.5+ (4)
|
|
- REGTESTS: Remove REQUIRE_VERSION=1.9 from all tests (2)
|
|
- CLEANUP: Reapply ist.cocci (3)
|
|
- CLEANUP: Reapply strcmp.cocci (2)
|
|
- CLEANUP: Reapply xalloc_cast.cocci
|
|
- CLEANUP: Reapply ha_free.cocci
|
|
- CI: vtest: show coredumps if any
|
|
- REGTESTS: ssl: disable ssl/ocsp_auto_update.vtc
|
|
- BUG/MINOR: backend: properly handle redispatch 0
|
|
- MINOR: quic: HyStart++ implementation (RFC 9406)
|
|
- BUG/MEDIUM: stconn: Don't forward shutdown to SE if iobuf is not empty
|
|
- BUG/MEDIUM: stick-table: use the update lock when reading tables from peers
|
|
- BUG/MAJOR: applet: fix a MIN vs MAX usage in appctx_raw_rcv_buf()
|
|
- OPTIM: peers: avoid the locking dance around peer_send_teach_process_msgs()
|
|
- BUILD: quic: 32 bits compilation issue (QUIC_MIN() usage)
|
|
- BUG/MEDIUM: server/lbprm: fix crash in _srv_set_inetaddr_port()
|
|
- MEDIUM: mworker: get rid of libsystemd
|
|
- BUILD: systemd: fix build error on non-systemd systems with USE_SYSTEMD=1
|
|
- BUG/MINOR: bwlim/config: fix missing '\n' after error messages
|
|
- MINOR: stick-tables: mark the seen stksess with a flag "seen"
|
|
- OPTIM: stick-tables: check the stksess without taking the read lock
|
|
- MAJOR: stktable: split the keys across multiple shards to reduce contention
|
|
- CI: extend Fedora Rawhide, add m32 mode
|
|
- BUG/MINOR: stick-tables: Missing stick-table key nullity check
|
|
- BUILD: systemd: enable USE_SYSTEMD by default with TARGET=linux-glibc
|
|
- MINOR: systemd: Include MONOTONIC_USEC field in RELOADING=1 message
|
|
- BUG/MINOR: proxy: fix logformat expression leak in use_backend rules
|
|
- MEDIUM: log: rename logformat var to logformat tag
|
|
- MINOR: log: expose logformat_tag struct
|
|
- MEDIUM: log: carry tag context in logformat node
|
|
- MEDIUM: tree-wide: add logformat expressions wrapper
|
|
- MINOR: proxy: add PR_FL_CHECKED flag
|
|
- MAJOR: log: implement proper postparsing for logformat expressions
|
|
- MEDIUM: log: add compiling logic to logformat expressions
|
|
- MEDIUM: proxy/log: leverage lf_expr API for logformat preparsing
|
|
- MINOR: guid: introduce global UID module
|
|
- MINOR: guid: restrict guid format
|
|
- MINOR: proxy: implement GUID support
|
|
- MINOR: server: implement GUID support
|
|
- MINOR: listener: implement GUID support
|
|
- DOC: configuration: grammar fixes for strict-sni
|
|
- BUG/MINOR: init: relax LSTCHK_NETADM checks for non root
|
|
- MEDIUM: capabilities: check process capabilities sets
|
|
- CLEANUP: global: remove LSTCHK_CAP_BIND
|
|
- BUG/MEDIUM: quic: don't blindly rely on unaligned accesses
|
|
|
|
2024/03/26 : 3.0-dev6
|
|
- MINOR: mux-h2: always use h2c_report_glitch()
|
|
- MEDIUM: mux-h2: allow to set the glitches threshold to kill a connection
|
|
- MINOR: quic: simplify rescheduling for handshake
|
|
- MINOR: quic: remove qc_treat_rx_crypto_frms()
|
|
- DOC: configuration: clarify ciphersuites usage (V2)
|
|
- MINOR: tools: use public interface for FreeBSD get_exec_path()
|
|
- BUG/MINOR: ssl: fix possible ctx memory leak in sample_conv_aes_gcm()
|
|
- BUG/MINOR: ssl: do not set the aead_tag flags in sample_conv_aes_gcm()
|
|
- BUG/MINOR: server: fix first server template not being indexed
|
|
- MEDIUM: ssl: initialize the SSL stack explicitely
|
|
- MEDIUM: ssl: allow to change the OpenSSL security level from global section
|
|
- CLEANUP: ssl: remove useless #ifdef in openssl-compat.h
|
|
- CI: github: add -DDEBUG_LIST to the default builds
|
|
- BUG/MINOR: hlua: segfault when loading the same filter from different contexts
|
|
- BUG/MINOR: hlua: missing lock in hlua_filter_new()
|
|
- BUG/MINOR: hlua: fix missing lock in hlua_filter_delete()
|
|
- DEBUG: lua: precisely identify if stream is stuck inside lua or not
|
|
- MINOR: hlua: use accessors for stream hlua ctx
|
|
- BUG/MEDIUM: hlua: streams don't support mixing lua-load with lua-load-per-thread (2nd try)
|
|
- MINOR: debug: enable insecure fork on the command line
|
|
- CI: github: add -dI to haproxy arguments
|
|
- BUG/MINOR: listener: Wake proxy's mngmt task up if necessary on session release
|
|
- BUG/MINOR: listener: Don't schedule frontend without task in listener_release()
|
|
- MINOR: session: rename private conns elements
|
|
- BUG/MAJOR: server: do not delete srv referenced by session
|
|
- BUG/MEDIUM: spoe: Don't rely on stream's expiration to detect processing timeout
|
|
- BUG/MINOR: spoe: Be sure to be able to quickly close IDLE applets on soft-stop
|
|
- MAJOR: spoe: Deprecate the SPOE filter
|
|
- MINOR: cfgparse: Add a global option to expose deprecated directives
|
|
- MINOR: spoe: Add SPOE filters in the exposed deprecated directives
|
|
- CLEANUP: assorted typo fixes in the code and comments
|
|
- CI: temporarily adjust kernel entropy to work with ASAN/clang
|
|
- BUG/MEDIUM: spoe: Return an invalid frame on recv if size is too small
|
|
- BUG/MINOR: session: ensure conn owner is set after insert into session
|
|
- BUG/MEDIUM: http_ana: ignore NTLM for reuse aggressive/always and no H1
|
|
- BUG/MAJOR: connection: fix server used_conns with H2 + reuse safe
|
|
- BUG/MAJOR: ocsp: Separate refcount per instance and per store
|
|
- REGTESTS: ssl: Add OCSP related tests
|
|
- BUG/MEDIUM: ssl: Fix crash when calling "update ssl ocsp-response" when an update is ongoing
|
|
- BUG/MEDIUM: ssl: Fix crash in ocsp-update log function
|
|
- MEDIUM: ssl: Change output of ocsp-update log
|
|
- MINOR: ssl: Change level of ocsp-update logs
|
|
- CLEANUP: ssl: Remove undocumented ocsp fetches
|
|
- REGTESTS: ssl: Add checks on ocsp-update log format
|
|
- MINOR: connection: implement conn_release()
|
|
- MINOR: connection: extend takeover with release option
|
|
- MEDIUM: server: close idle conn on server deletion
|
|
- MEDIUM: mux: prepare for takeover on private connections
|
|
- MEDIUM: server: close private idle connection before server deletion
|
|
- BUG/MINOR: mux-quic: close all QCS before freeing QCC tasklet
|
|
- BUG/MEDIUM: mux-fcgi: Properly handle EOM flag on end-of-trailers HTX block
|
|
- BUILD: server: fix build regression on old compilers (<= gcc-4.4)
|
|
- OPTIM: http_ext: avoid useless copy in http_7239_extract_{ipv4,ipv6}
|
|
- MINOR: debug: add "debug dev trace" to flood with traces
|
|
- MINOR: atomic: add a read-specific variant of __ha_cpu_relax()
|
|
- MINOR: applet: add new function applet_append_line()
|
|
- MINOR: log/applet: add new function syslog_applet_append_event()
|
|
- MEDIUM: ring/sink: use applet_append_line()/syslog_applet_append_event() for readers
|
|
- REORG: dns/ring: split the ring between the generic one and the DNS one
|
|
- MEDIUM: ring: move the ring reader code to ring_dispatch_messages()
|
|
- MEDIUM: sink: move the generic ring forwarder code use ring_dispatch_messages()
|
|
- MEDIUM: log/sink: make the log forwarder code use ring_dispatch_messages()
|
|
- MINOR: buf: add b_add_ofs() to add a count to an absolute position
|
|
- MINOR: buf: add b_rel_ofs() to turn an absolute offset into a relative one
|
|
- MINOR: buf: add b_putblk_ofs() to copy a block at a specific position
|
|
- MINOR: buf: add b_getblk_ofs() that works relative to area and not head
|
|
- MINOR: ring: make the ring reader use only absolute offsets
|
|
- MINOR: ring: reserve one special value for the readers count
|
|
- MINOR: vecpair: add new vector pair based data manipulation mechanisms
|
|
- MINOR: vecpair: add necessary functions to use vecpairss from/to ring APIs
|
|
- MINOR: ring: rename totlen vs msglen in ring_write()
|
|
- MINOR: ring: add ring_data() to report the amount of data in a ring
|
|
- MINOR: ring: add ring_size() to return the ring's size
|
|
- MINOR: ring: add ring_dup() to copy a ring into another one
|
|
- MINOR: ring: also add ring_area(), ring_head(), ring_tail()
|
|
- MINOR: ring: make callers use ring_data() and ring_size(), not ring->buf
|
|
- MINOR: errors: use ring_dup() to duplicate the startup_logs
|
|
- MINOR: ring: use ring_size(), ring_area(), ring_head() and ring_tail()
|
|
- MINOR: ring: add a flag to indicate a mapped file
|
|
- MAJOR: ring: insert an intermediary ring_storage level
|
|
- MINOR: ring: resize only under thread isolation
|
|
- MINOR: ring: allow to reduce a ring size
|
|
- MEDIUM: ring: replace the buffer API in ring_write() with the vec<->ring API
|
|
- MEDIUM: ring: change the ring reader to use the new vector-based API now
|
|
- MEDIUM: ring: remove the struct buffer from the ring
|
|
- MEDIUM: ring: align the head and tail fields in the ring_storage structure
|
|
- MINOR: ring: make the reader check the readers count before inc/dec
|
|
- MEDIUM: ring: lock the tail's readers counters before proceeding with the changes
|
|
- MEDIUM: ring: protect the reader's positions against writers
|
|
- MEDIUM: ring: use the topmost bit of the tail as a lock
|
|
- MEDIUM: move the ring's lock to only protect the readers list
|
|
- MEDIUM: ring: unlock the ring's tail earlier
|
|
- MINOR: ring: don't take the readers lock if there are no readers
|
|
- MEDIUM: ring/applet: turn the wait_entry list to an mt_list instead
|
|
- MEDIUM: ring: protect the initialization of the initial reader offset
|
|
- MINOR: ring: make sure ring_dispatch waits when facing a changing message
|
|
- MAJOR: ring: drop the now unneeded lock
|
|
- OPTIM: ring: don't even try to update offset when failed to read
|
|
- OPTIM: ring: have only one thread at a time wake up all readers
|
|
- MINOR: ring: keep a few frequently used pointers in the local stack
|
|
- MINOR: ring: add the definition of a ring waiting cell
|
|
- MINOR: ring: make the number of queues configurable
|
|
- MAJOR: ring: implement a waiting queue in front of the ring
|
|
- MEDIUM: ring: significant boost in the loop by checking the ring queue ptr first
|
|
- MEDIUM: ring: improve speed in the queue waiting loop on x86_64
|
|
- MINOR: ring: simplify the write loop a little bit
|
|
- CLEANUP: ring: further simplify the write loop
|
|
- MINOR: ring: it's not x86 but all non-ARMv8.1 which needs the read before OR
|
|
- MINOR: ring: avoid writes to cells during copy
|
|
- OPTIM: ring: use relaxed stores to release the threads
|
|
- CLEANUP: ring: use only curr_cell and not next_cell in the main write loop
|
|
- BUILD: ssl: fix build error on older compilers with openssl-3.2
|
|
- BUG/MINOR: server: 'source' interface ignored from 'default-server' directive
|
|
- BUG/MAJOR: ring: free the ring storage not the ring itself when using maps
|
|
|
|
2024/03/09 : 3.0-dev5
|
|
- BUG/MEDIUM: applet: Fix HTX .rcv_buf callback function to release outbuf buffer
|
|
- BUG/MAJOR: ssl/ocsp: crash with ocsp when old process exit or using ocsp CLI
|
|
- BUG/MEDIUM: server: fix dynamic servers initial settings
|
|
- BUG/MINOR: ssl/cli: duplicate cleaning code in cli_parse_del_crtlist
|
|
- LICENSE: event_hdl: fix GPL license version
|
|
- LICENSE: http_ext: fix GPL license version
|
|
- BUG/MEDIUM: mux-h1: Fix again 0-copy forwarding of chunks with an unknown size
|
|
- BUG/MINOR: mux-h1: Properly report when mux is blocked during a nego
|
|
- MINOR: mux-h1: Move checks performed before a shutdown in a dedicated function
|
|
- MINOR: mux-h1: Move all stuff to detach a stream in an internal function
|
|
- MAJOR: mux-h1: Drain requests on client side before shut a stream down
|
|
- MEDIUM: htx/http-ana: No longer close connection on early HAProxy response
|
|
- MINOR: quic: filter show quic by address
|
|
- MINOR: quic: specify show quic output fields
|
|
- MINOR: quic: add MUX output for show quic
|
|
- CLEANUP: mux-h2: Fix h2s_make_data() comment about the return value
|
|
- DOC: configuration: clarify ciphersuites usage
|
|
- BUG/MINOR: config/quic: Alert about PROXY protocol use on a QUIC listener
|
|
- BUG/MINOR: hlua: Fix log level to the right value when set via TXN:set_loglevel
|
|
- MINOR: hlua: Be able to disable logging from lua
|
|
- BUG/MINOR: tools: seed the statistical PRNG slightly better
|
|
- BUG/MINOR: hlua: fix unsafe lua_tostring() usage with empty stack
|
|
- BUG/MINOR: hlua: don't use lua_tostring() from unprotected contexts
|
|
- BUG/MINOR: hlua: fix possible crash in hlua_filter_new() under load
|
|
- BUG/MINOR: hlua: improper lock usage in hlua_filter_callback()
|
|
- BUG/MINOR: hlua: improper lock usage in hlua_filter_new()
|
|
- BUG/MEDIUM: hlua: improper lock usage with SET_SAFE_LJMP()
|
|
- BUG/MAJOR: hlua: improper lock usage with hlua_ctx_resume()
|
|
- BUG/MINOR: hlua: don't call ha_alert() in hlua_event_subscribe()
|
|
- MINOR: hlua: use SEND_ERR to report errors in hlua_event_runner()
|
|
- CLEANUP: hlua: txn class functions may LJMP
|
|
- BUG/MINOR: sink: fix a race condition in the TCP log forwarding code
|
|
- BUILD: thread: move lock label definitions to thread-t.h
|
|
- BUILD: tree-wide: fix a few missing includes in a few files
|
|
- BUILD: buf: make b_ncat() take a const for the source
|
|
- CLEANUP: assorted typo fixes in the code and comments
|
|
- CLEANUP: fix typo in naming for variable "unused"
|
|
- CI: run more smoke tests on config syntax to check memory related issues
|
|
- CI: enable monthly build only test on netbsd-9.3
|
|
- CI: skip scheduled builds on forks
|
|
- BUG/MINOR: ssl/cli: typo in new ssl crl-file CLI description
|
|
- BUG/MEDIUM: quic: fix connection freeze on post handshake
|
|
- BUG/MINOR: mux-quic: fix crash on aborting uni remote stream
|
|
- CLEANUP: log: fix obsolete comment for add_sample_to_logformat_list()
|
|
- CLEANUP: tree-wide: use proper ERR_* return values for PRE_CHECK fcts
|
|
- BUG/MINOR: cfgparse: report proper location for log-format-sd errors
|
|
- MINOR: vars: export var_set and var_unset functions
|
|
- MINOR: Add aes_gcm_enc converter
|
|
- BUG/MEDIUM: quic: fix handshake freeze under high traffic
|
|
- MINOR: quic: always use ncbuf for rx CRYPTO
|
|
- BUILD: ssl: define EVP_CTRL_AEAD_GET_TAG for older versions
|
|
- DOC: design: write first notes about ring-v2
|
|
- OPTIM: sink: try to merge "dropped" messages faster
|
|
- OPTIM: sink: drop the sink lock used to count drops
|
|
- DEV: haring: make haring not depend on the struct ring itself
|
|
- DEV: haring: split the code between ring and buffer
|
|
- DEV: haring: automatically use the advertised ring header size
|
|
- BUILD: solaris: fix compilation errors
|
|
|
|
2024/02/23 : 3.0-dev4
|
|
- BUG/MEDIUM: ssl: Fix crash when calling "update ssl ocsp-response" when an update is ongoing
|
|
- BUG/MEDIUM: quic: Wrong K CUBIC calculation.
|
|
- MINOR: quic: Update K CUBIC calculation (RFC 9438)
|
|
- MINOR: quic: Dynamic packet reordering threshold
|
|
- MINOR: quic: Add a counter for reordered packets
|
|
- BUG/MAJOR: mux-h1: Fix zero-copy forwarding when sending chunks of unknown size
|
|
- MINOR: stats: Use a dedicated function to check if output is almost full
|
|
- BUG/MEDIUM: applet: Add a flag to state an applet is using zero-copy forwarding
|
|
- BUG/MEDIUM: stconn/applet: Block 0-copy forwarding if producer needs more room
|
|
- MINOR: applet: Remove uselelss test on SE_FL_SHR/SHW flags
|
|
- MEDIUM: applet: Add notion of shutdown for write for applets
|
|
- MINOR: cli: No longer check SC for shutdown to interrupt wait command
|
|
- BUG/MEDIUM: stconn: Allow expiration update when READ/WRITE event is pending
|
|
- BUG/MEDIUM: stconn: Don't check pending shutdown to wake an applet up
|
|
- CLEANUP: stconn: Move SE flags set by app layer at the end of the bitfield
|
|
- MINOR: stconn: Rename SE_FL_MAY_FASTFWD and reorder bitfield
|
|
- MINOR: stconn: Add SE flag to announce zero-copy forwarding on consumer side
|
|
- MINOR: muxes: Announce support for zero-copy forwarding on consumer side
|
|
- BUG/MAJOR: stconn: Check support for zero-copy forwarding on both sides
|
|
- MINOR: muxes/applet: Simplify checks on options to disable zero-copy forwarding
|
|
- BUG/MINOR: quic: reject unknown frame type
|
|
- MINOR: quic: handle all frame types on reception
|
|
- BUG/MINOR: quic: reject HANDSHAKE_DONE as server
|
|
- BUG/MINOR: qpack: reject invalid increment count decoding
|
|
- BUG/MINOR: qpack: reject invalid dynamic table capacity
|
|
- DOC/MINOR: userlists: mention solutions to high cpu with hashes
|
|
- DOC: quic: Missing tuning setting in "Global parameters"
|
|
- BUG/MEDIUM: applet: Immediately free appctx on early error
|
|
- BUG/MEDIUM: hlua: Be able to garbage collect uninitialized lua sockets
|
|
- BUG/MEDIUM: hlua: Don't loop if a lua socket does not consume received data
|
|
- BUG/MEDIUM: quic: fix transient send error with listener socket
|
|
- MINOR: log: custom name for logformat node
|
|
- MINOR: sample: add type_to_smp() helper function
|
|
- MINOR: log: explicit typecasting for logformat nodes
|
|
- MINOR: log: simplify last_isspace in sess_build_logline()
|
|
- MINOR: log: simplify quotes handling in sess_build_logline()
|
|
- MINOR: log: print metadata prefixes separately in sess_build_logline()
|
|
- MINOR: log: automate string array construction in sess_build_logline()
|
|
- DOC: quic: fix recommandation for bind on multiple address
|
|
- MINOR: quic: warn on bind on multiple addresses if no IP_PKTINFO support
|
|
- OPTIM: quic: improve slightly qc_snd_buf() internal
|
|
- MINOR: quic: move IP_PKTINFO on send on a dedicated function
|
|
- MINOR: quic: remove sendto() usage variant
|
|
- MINOR: quic: only use sendmsg() syscall variant
|
|
- BUILD: applet: fix build on some 32-bit archs
|
|
- BUG/MINOR: quic: initialize msg_flags before sendmsg
|
|
- BUG/MEDIUM: mux-h1: Don't emit 0-CRLF chunk in h1_done_ff() when iobuf is empty
|
|
- CLEANUP: proxy/log: remove unused proxy flag
|
|
- CLEANUP: log: fix process_send_log() indentation
|
|
- CLEANUP: log: use free_logformat_list() in parse_logformat_string()
|
|
- MINOR: log: add free_logformat_node() helper function
|
|
- BUG/MINOR: log: fix potential lf->name memory leak
|
|
- BUG/MINOR: ist: allocate nul byte on istdup
|
|
- BUG/MINOR: stats: drop srv refcount on early release
|
|
- BUG/MAJOR: promex: fix crash on deleted server
|
|
- BUG/MAJOR: server: fix stream crash due to deleted server
|
|
- BUG/MEDIUM: mux-quic: do not crash on qcs_destroy for connection error
|
|
- MINOR: cli: Remove useless loop on commands to find unescaped semi-colon
|
|
- BUG/MEDIUM: cli: Warn if pipelined commands are delimited by a \n
|
|
- BUG/MAJOR: cli: Restore non-interactive mode behavior with pipelined commands
|
|
- BUG/MINOR: quic: fix output of show quic
|
|
- MINOR: ssl: Call callback function after loading SSL CRL data
|
|
- BUG/MINOR: ist: only store NUL byte on succeeded alloc
|
|
|
|
2024/02/10 : 3.0-dev3
|
|
- DOC: configuration: clarify http-request wait-for-body
|
|
- BUG/MAJOR: ssl_sock: Always clear retry flags in read/write functions
|
|
- MINOR: h3: add traces for stream sending function
|
|
- BUG/MEDIUM: h3: do not crash on invalid response status code
|
|
- BUG/MEDIUM: qpack: allow 6xx..9xx status codes
|
|
- BUG/MEDIUM: quic: fix crash on invalid qc_stream_buf_free() BUG_ON
|
|
- CLEANUP: log: deinitialization of the log buffer in one function
|
|
- BUG/MINOR: h1: Don't support LF only at the end of chunks
|
|
- BUG/MEDIUM: h1: Don't support LF only to mark the end of a chunk size
|
|
- MINOR: ssl: add HAVE_SSL_0RTT constant
|
|
- MINOR: ssl: rename HA_OPENSSL_HAVE_0RTT_SUPPORT constant to HAVE_SSL_0RTT_QUIC
|
|
- MEDIUM: ssl/quic: always compile the ssl_conf.early_data test
|
|
- DOC: httpclient: add dedicated httpclient section
|
|
- BUG/MINOR: h1-htx: properly initialize the err_pos field
|
|
- BUG/MEDIUM: h1: always reject the NUL character in header values
|
|
- CLEANUP: h1: remove unused function h1_measure_trailers()
|
|
- BUG/MINOR: ssl/quic: fix 0RTT define
|
|
- MINOR: mux-quic: prepare for earlier flow control update
|
|
- MINOR: mux-quic: define a flow control related type
|
|
- MEDIUM: mux-quic: limit stream flow control on snd_buf
|
|
- MEDIUM: mux-quic: limit conn flow control on snd_buf
|
|
- MINOR: mux-quic: remove unneeded sent-offset fields
|
|
- MINOR: mux-quic: check fctl during STREAM frame build
|
|
- MAJOR: mux-quic: remove intermediary Tx buffer
|
|
- MEDIUM: mux-quic: simplify sending API
|
|
- MEDIUM: mux-quic: release Tx buf on too small room
|
|
- MEDIUM: mux-quic: properly handle conn Tx buf exhaustion
|
|
- MINOR: mux-quic: realign Tx buffer if possible
|
|
- CLEANUP: connection: remove obsolete comment in header file
|
|
- OPTIM: connection: progressive hash for conn_calculate_hash()
|
|
- MINOR: tcp_act: fix alphabetical ordering of tcp request content actions
|
|
- MINOR: tcp-act: Rename "set-{mark,tos}" to "set-fc-{mark,tos}"
|
|
- MINOR: hlua: Rename set_{tos, mark} to set_fc_{tos, mark}
|
|
- MEDIUM: tcp-act: <expr> support for set-fc-{mark,tos} actions
|
|
- MEDIUM: tcp-act/backend: support for set-bc-{mark,tos} actions
|
|
- MINOR: stats: Be able to access to registered stats modules from anywhere
|
|
- MEDIUM: stats: Be able to access a specific field into a stats module
|
|
- MINOR: promex: Add a param to override the description when a metric is dumped
|
|
- MINOR: promex: Add info in the promex context to dump extra counters
|
|
- MEDIUM: promex: Dump frontends extra counters if requested
|
|
- MEDIUM: promex: Dump backends extra counters if requested
|
|
- MEDIUM: promex: Dump servers extra counters if requested
|
|
- MEDIUM: promex: Dump listeners extra counters if requested
|
|
- DOC: promex: Add documentation about extra-counters
|
|
- MINOR: promex: Always limit the number of labels dumped for each metric
|
|
- MEDIUM: promex: Simplify the context using generic pointers for restart points
|
|
- MINOR: promex: Remove unsued htx parameter when a metric is dumped
|
|
- MEDIUM: promex: Add a registration mechanism to support modules
|
|
- MEDIUM: promex: Dump metrics of registered modules with a way to filter them
|
|
- MEDIUM: promex/stick-table: Dump stick-table metrics via a promex module
|
|
- MEDIUM: promex/resolvers: Dump resolvers metrics via a promex module
|
|
- MINOR: promex: Rename dump functions to use the right wording
|
|
- MINOR: promex: Always pass the final name and description to promex_dmp_ts()
|
|
- MEDIUM: promex: Add support for filters on metric names
|
|
- REGTESTS: promex: Adapt script to be less verbose
|
|
- MINOR: compiler: add a new DO_NOT_FOLD() macro to prevent code folding
|
|
- MINOR: debug: make sure calls to ha_crash_now() are never merged
|
|
- MINOR: debug: make ABORT_NOW() store the caller's line number when using abort
|
|
- BUG/MINOR: diag: always show the version before dumping a diag warning
|
|
- BUG/MINOR: diag: run the final diags before quitting when using -c
|
|
- MINOR: acl: add extra diagnostics about suspicious string patterns
|
|
- BUG/MINOR: quic: Wrong ack ranges handling when reaching the limit.
|
|
- BUILD: quic: Variable name typo inside a BUG_ON().
|
|
- DOC: config: fix typo for '%ms' log format alternative
|
|
- DOC: config: fix ordering for "txn.*" fetches
|
|
- MINOR: stream: add "txn.redispatch" fetch
|
|
- BUILD: debug: remove leftover parentheses in ABORT_NOW()
|
|
- MINOR: debug: make BUG_ON() catch build errors even without DEBUG_STRICT
|
|
- BUG/MINOR: ssl: Fix error message after ssl_sock_load_ocsp call
|
|
- MINOR: debug: support passing an optional message in ABORT_NOW()
|
|
- MINOR: debug: add an optional message argument to the BUG_ON() family
|
|
- DEBUG: make the "debug dev {debug|warn|check}" command print a message
|
|
- CLEANUP: quic: Code clarifications for QUIC CUBIC (RFC 9438)
|
|
- BUG/MINOR: quic: fix possible integer wrap around in cubic window calculation
|
|
- MINOR: quic: Stop using 1024th of a second.
|
|
- CI: github: abandon asan matrix.py helper
|
|
- CI: ssl: add yet another OpenSSL download fallback
|
|
- DOC: install: clarify WolfSSL chroot requirements
|
|
- MINOR: task: Move wait_event in the task header file
|
|
- MINOR: stconn: Be able to detect applets using HTX
|
|
- MINOR: stconn: Explicitly use an appctx to attach a stconn on it
|
|
- MINOR: stconn: Be prepared to handle error when a SC is attached to an applet
|
|
- MINOR: applet: Add dedicated IN/OUT buffers for appctx
|
|
- MINOR: applet: Add traces to debug receive/send and block/wake events
|
|
- MINOR: applet: Add support for callback functions to exchange data with channels
|
|
- MINOR: applet: Implement default functions to exchange data with channels
|
|
- MEDIUM: stconn: Add functions to handle applets I/O from the SC layer
|
|
- MEDIM: applet: Add the applet handler based on IN/OUT buffers
|
|
- MINOR: applet: Show IN/OUT buffers in trace messages when used
|
|
- MINOR: applet: Add flags on the appctx and stop abusing its state
|
|
- MINIOR: applet: Add flags to deal with ends of input, ends of stream and errors
|
|
- MINOR: applet: Remove appctx state field to only used the flags
|
|
- MINOR: applet: Add an appctx flag to report shutdown to applets
|
|
- MEDIUM: applet: Use appctx flags to report EOS/EOI/ERROR to SE
|
|
- MINOR: applet: Add callback function to deal with zero-copy forwarding
|
|
- MEDIUM: applet: Add support for zero-copy forwarding from an applet
|
|
- MINOR: applet: Automatically handle applets having more data for the stream
|
|
- MEDIUM: stats: Don't interrupt processing on partial post
|
|
- MAJOR: stats: Update HTTP stats applet to handle its own buffers
|
|
- MEDIUM: cache: Temporarily remove zero-copy forwarding support
|
|
- MAJOR: cache: Update HTTP cache applet to handle its own buffers
|
|
- MAJOR: cache: Send cached objects using zero-copy forwarding
|
|
- MINOR: stconn: Add support for flags during zero-copy forwarding negotiation
|
|
- MINOR: mux-h1: Be able to define the length of a chunk size when it is prepended
|
|
- MEDIUM: stconn: Nofify requested size during zero-copy forwarding nego is exact
|
|
- MINOR: mux-h1: Stop zero-copy forwarding during nego for too big requested size
|
|
- MEDIUM: mux-h1: Support zero-copy forwarding for chunks with an unknown size
|
|
- MAJOR: stats: Send stats dump over HTTP using zero-copy forwarding
|
|
- MEDIUM: applet: Simplify a bit API to exchange data with applets
|
|
- MINOR: cache: Remove unsed .data_sent field from the cache applet context
|
|
- MINOR: applet: Use an option to disable zero-copy forwarding for all applets
|
|
- MINOR: applet: Identify applets using their own buffers via a flag
|
|
- BUG/MINOR: ssl: Duplicate ocsp update mode when dup'ing ckch
|
|
- MINOR: ssl: Use OCSP_CERTID instead of ckch_store in ckch_store_build_certid
|
|
- BUG/MINOR: ssl: Clear the ckch instance when deleting a crt-list line
|
|
- BUG/MEDIUM: ocsp: Separate refcount per instance and per store
|
|
- BUG/MINOR: ssl: Destroy ckch instances before the store during deinit
|
|
- BUG/MINOR: ssl: Reenable ocsp auto-update after an "add ssl crt-list"
|
|
- REGTESTS: ssl: Add OCSP related tests
|
|
- REGTESTS: ssl: Fix empty line in cli command input
|
|
- DOC: install: recommend pcre2
|
|
- DOC: config: fix misplaced "txn.conn_retries"
|
|
- DOC: config: fix typos for "bytes_{in,out}"
|
|
- DOC: config: fix misplaced "bytes_{in,out}"
|
|
- DOC: config: add more custom log format table alternatives
|
|
- MINOR: stream: rename "txn.redispatch" to "txn.redispatched"
|
|
- MINOR: sample: implement bc_{be,srv}_queue samples
|
|
- BUG/MINOR: mux-h2: count rejected DATA frames against the connection's flow control
|
|
- MINOR: mux-h2: count excess of CONTINUATION frames as a glitch
|
|
- MINOR: mux-h2: count late reduction of INITIAL_WINDOW_SIZE as a glitch
|
|
- DOC: internal: update missing data types in peers-v2.0.txt
|
|
- MEDIUM: stick-tables: add a new stored type for glitch_cnt and glitch_rate
|
|
- MINOR: session: add the necessary functions to update the per-session glitches
|
|
- MEDIUM: mux-h2: update session trackers with number of glitches
|
|
- BUG/MINOR: server/cli: add missing LF at the end of certain notice/error lines
|
|
- BUG/MINOR: vars/cli: fix missing LF after "get var" output
|
|
- BUG/MEDIUM: cli: fix once for all the problem of missing trailing LFs
|
|
- MINOR: cli: make sure to always print a pending message after release()
|
|
- MINOR: cli: always reset the applet task's timeout
|
|
- MINOR: cli: add a new "wait" command to wait for a certain delay
|
|
- BUG/MINOR: applet: Always release empty appctx buffers after processing
|
|
- MINOR: server: split the server deletion code in two parts
|
|
- MINOR: cli/wait: make the wait command support a more detailed help message
|
|
- MINOR: cli/wait: also support an unrecoverable failure status
|
|
- MINOR: cli/wait: also pass up to 4 arguments to the external conditions
|
|
- MINOR: cli/wait: add a condition to wait on a server to become unused
|
|
- CI: Update to actions/cache@v4
|
|
- BUILD: address a few remaining calloc(size, n) cases
|
|
- BUG/MEDIUM: pool: fix rare risk of deadlock in pool_flush()
|
|
|
|
2024/01/26 : 3.0-dev2
|
|
- MINOR: ot: logsrv struct becomes logger
|
|
- MINOR: ssl: Update ssl_fc_curve/ssl_bc_curve to use SSL_get0_group_name
|
|
- CLEANUP: ssl: fix indentation in smp_fetch_ssl_fc_ec()
|
|
- DEV: patchbot: produce a verdict for too long commit messages
|
|
- CLEANUP: ssl: fix indentation in smp_fetch_ssl_fc_ec() (part 2)
|
|
- CLEANUP: quic: Double quic_dgram_parse() prototype declaration.
|
|
- BUG/MINOR: map: list-based matching potential ordering regression
|
|
- REGTESTS: add a test to ensure map-ordering is preserved
|
|
- DOC: config: fix typo about map_*_key converters
|
|
- DOC: configuration: corrected description of keyword tune.ssl.ocsp-update.mindelay
|
|
- MINOR: map: mapfile ordering also matters for tree-based match types
|
|
- DEV: phash: add a trivial perfect hash generator for integers
|
|
- OPTIM: http: simplify http_get_status_idx() using a hash
|
|
- CLEANUP: http: avoid duplicating literals in find_http_meth()
|
|
- MINOR: http: add infrastructure to choose status codes for err / fail
|
|
- MEDIUM: http_act: check status codes against the bit fields for err/fail
|
|
- MEDIUM: http: add the ability to redefine http-err-codes and http-fail-codes
|
|
- CI: codespell: ignore some words in URLs
|
|
- CI: codespell: add more words to whitelist
|
|
- CLEANUP: fix spelling of "occured" in src/h3.c
|
|
- BUILD: quic: missing include for quic_tp
|
|
- BUG/MINOR: mux-quic: do not prevent non-STREAM sending on flow control
|
|
- MEDIUM: ssl: allow multiple fallback certificate to allow ECDSA/RSA selection
|
|
- MEDIUM: ssl: generate '*' SNI filters for default certificates
|
|
- MEDIUM: ssl: does not use default_ctx for 'generate-certificate' option
|
|
- REORG: ssl: move 'generate-certificates' code to ssl_gencert.c
|
|
- DOC: configuration: update configuration on how to have multiple default certs
|
|
- MEDIUM: ssl: implements 'default-crt' keyword for bind Lines
|
|
- CI: github: update wolfSSL to 5.6.6
|
|
- DOC: INSTALL: require at least WolfSSL 5.6.6
|
|
- DEV: h2: add support for multiple flags in mkhdr
|
|
- DEV: h2: support hex-encoded data sequences in mkhdr
|
|
- BUG/MINOR: mux-h2: also count streams for refused ones
|
|
- BUG/MEDIUM: quic: keylog callback not called (USE_OPENSSL_COMPAT)
|
|
- MINOR: vars: fix indentation in var_clear_buffer()
|
|
- DOC: configuration: fix set-dst in actions keywords matrix
|
|
- BUG/MEDIUM: mux-h2: refine connection vs stream error on headers
|
|
- MINOR: mux-h2/traces: add a missing trace on connection WU with negative inc
|
|
- MINOR: mux-h2: add a counter of "glitches" on a connection
|
|
- MINOR: connection: add a new mux_ctl to report number of connection glitches
|
|
- MINOR: mux-h2: implement MUX_CTL_GET_GLITCHES
|
|
- MINOR: connection: add sample fetches to report per-connection glitches
|
|
- BUILD: stick-table: fix build error on 32-bit platforms
|
|
- MINOR: quic: Transport parameters encoding without version_information
|
|
- MINOR: quic: Enable early data at SSL session level (aws-lc)
|
|
- MINOR: ssl_sock: Early data disabled during SSL_CTX switching (aws-lc)
|
|
- MINOR: quic: Correctly wait for the completion of handshakes with early data (aws-lc)
|
|
- BUG/MEDIUM: cli: some err/warn msg dumps add LR into CSV output on stat's CLI
|
|
- BUG/MINOR: jwt: fix jwt_verify crash on 32-bit archs
|
|
- BUILD: quic: fix build error when using the compatibility layer
|
|
- BUILD: quic: Fix build error when building QUIC against wolfssl.
|
|
- BUILD: quic: Fix build error when building QUIC against libressl.
|
|
- BUG/MINOR: hlua: fix uninitialized var in hlua_core_get_var()
|
|
- CLEANUP: hlua: fix indent, remove extra return in hlua_core_get_var()
|
|
- BUG/MEDIUM: cache: Fix crash when deleting secondary entry
|
|
- BUG/MINOR: quic: newreno QUIC congestion control algorithm no more available
|
|
- CLEANUP: quic: Remove unused CUBIC_BETA_SCALE_FACTOR_SHIFT macro.
|
|
- MINOR: quic: Stop hardcoding a scale shifting value (CUBIC_BETA_SCALE_FACTOR_SHIFT)
|
|
- MINOR: quic: extract qc_stream_buf free in a dedicated function
|
|
- BUG/MEDIUM: quic: remove unsent data from qc_stream_desc buf
|
|
- CLEANUP: fix spelling of "elemt"
|
|
- CI: extend spell check white list
|
|
- CI: enable spell check on git push
|
|
- BUILD: makefile: also define cmd_CXX to pretty-print C++ build commands
|
|
- BUILD/MEDIUM: deviceatlas: addon build rework.
|
|
- DOC: deviceatlas: update to be in line with the v3 api.
|
|
- BUILD/MEDIUM: deviceatlas: updating the addon part.
|
|
- BUILD: deviceatlas: remove unneeded depenency on libcurl / libzip
|
|
- BUILD: deviceatlas: fix empty "-I" left on CFLAGS
|
|
- Revert "CI: enable spell check on git push"
|
|
|
|
2024/01/06 : 3.0-dev1
|
|
- MINOR: channel: Use dedicated functions to deal with STREAMER flags
|
|
- MEDIUM: applet: Handle channel's STREAMER flags on applets size
|
|
- MINOR: applets: Use channel's field to compute amount of data received
|
|
- MEDIUM: cache: Save body size of cached objects and track it on delivery
|
|
- MEDIUM: cache: Add support for endp-to-endp fast-forwarding
|
|
- MINOR: cache: Add global option to enable/disable zero-copy forwarding
|
|
- MINOR: pattern: Use reference name as filename to read patterns from a file
|
|
- MEDIUM: pattern: Add support for virtual and optional files for patterns
|
|
- DOC: config: Add section about name format for maps and ACLs
|
|
- DOC: management/lua: Update commands about map and acl
|
|
- MINOR: promex: Add support for specialized front/back/li/srv metric names
|
|
- MINOR: promex: Export active/backup metrics per-server
|
|
- BUG/MINOR: ssl: Double free of OCSP Certificate ID
|
|
- MINOR: ssl/cli: Add ha_(warning|alert) msgs to CLI ckch callback
|
|
- BUG/MINOR: ssl: Wrong OCSP CID after modifying an SSL certficate
|
|
- BUG/MINOR: lua: Wrong OCSP CID after modifying an SSL certficate (LUA)
|
|
- DOC: configuration: typo req.ssl_hello_type
|
|
- MINOR: hq-interop: add fastfwd support
|
|
- CLEANUP: mux_quic: rename ffwd function with prefix qmux_strm_
|
|
- MINOR: mux-quic: add traces for 0-copy/fast-forward
|
|
- BUG/MINOR: mworker/cli: fix set severity-output support
|
|
- CLEANUP: mworker/cli: add comments about pcli_find_and_exec_kw()
|
|
- BUG/MEDIUM: quic: Possible buffer overflow when building TLS records
|
|
- BUILD: ssl: update types in wolfssl cert selection callback
|
|
- MINOR: ssl: activate the certificate selection callback for WolfSSL
|
|
- CI: github: switch to wolfssl git-c4b77ad for new PR
|
|
- BUG/MEDIUM: map/acl: pat_ref_{set,delete}_by_id regressions
|
|
- BUG/MINOR: ext-check: cannot use without preserve-env
|
|
- CLEANUP: mux-quic: remove unused prototype
|
|
- MINOR: mux-quic: clean up qcs Rx buffer allocation API
|
|
- MINOR: mux-quic: clean up qcs Tx buffer allocation API
|
|
- CLEANUP: mux-quic: clean up app ops callback definitions
|
|
- MINOR: mux-quic: factorize QC_SF_UNKNOWN_PL_LENGTH set
|
|
- MINOR: h3: complete traces for sending
|
|
- MINOR: h3: adjust zero-copy sending related code
|
|
- MINOR: hq-interop: use zero-copy to transfer single HTX data block
|
|
- BUG/MEDIUM: quic: QUIC CID removed from tree without locking
|
|
- BUG/MEDIUM: stconn: Block zero-copy forwarding if EOS/ERROR on consumer side
|
|
- BUG/MEDIUM: mux-h1: Cound data from input buf during zero-copy forwarding
|
|
- BUG/MEDIUM: mux-h1: Explicitly skip request's C-L header if not set originally
|
|
- CLEANUP: mux-h1: Fix a trace message about C-L header addition
|
|
- BUG/MEDIUM: mux-h2: Report too large HEADERS frame only when rxbuf is empty
|
|
- BUG/MEDIUM: mux-quic: report early error on stream
|
|
- DOC: config: add arguments to sample fetch methods in the table
|
|
- DOC: config: also add arguments to the converters in the table
|
|
- BUG/MINOR: resolvers: default resolvers fails when network not configured
|
|
- SCRIPTS: mk-patch-list: produce a list of patches
|
|
- DEV: patchbot: add the AI-based bot to pre-select candidate patches to backport
|
|
- BUG/MEDIUM: mux-h2: Switch pending error to error if demux buffer is empty
|
|
- BUG/MEDIUM: mux-h2: Only Report H2C error on read error if demux buffer is empty
|
|
- BUG/MEDIUM: mux-h2: Don't report error on SE if error is only pending on H2C
|
|
- BUG/MEDIUM: mux-h2: Don't report error on SE for closed H2 streams
|
|
- DOC: config: Update documentation about local haproxy response
|
|
- DEV: patchbot: use checked buttons as reference instead of internal table
|
|
- DEV: patchbot: allow to show/hide backported patches
|
|
- MINOR: h3: remove quic_conn only reference
|
|
- BUG/MINOR: server: Use the configured address family for the initial resolution
|
|
- MINOR: mux-quic: remove qcc_shutdown() from qcc_release()
|
|
- MINOR: mux-quic: use qcc_release in case of init failure
|
|
- MINOR: mux-quic: adjust error code in init failure
|
|
- MINOR: h3: add traces for connection init stage
|
|
- BUG/MINOR: h3: properly handle alloc failure on finalize
|
|
- MINOR: h3: use INTERNAL_ERROR code for init failure
|
|
- BUG/MAJOR: stconn: Disable zero-copy forwarding if consumer is shut or in error
|
|
- MINOR: stats: store the parent proxy in stats ctx (http)
|
|
- BUG/MEDIUM: stats: unhandled switching rules with TCP frontend
|
|
- MEDIUM: proxy: set PR_O_HTTP_UPG on implicit upgrades
|
|
- MINOR: proxy: monitor-uri works with tcp->http upgrades
|
|
- OPTIM: server: eb lookup for server_find_by_name()
|
|
- OPTIM: server: ebtree lookups for findserver_unique_* functions
|
|
- MINOR: server/event_hdl: add server_inetaddr struct to facilitate event data usage
|
|
- MINOR: server/event_hdl: update _srv_event_hdl_prepare_inetaddr prototype
|
|
- BUG/MINOR: server/event_hdl: propagate map port info through inetaddr event
|
|
- MINOR: server: ensure connection cleanup on server addr changes
|
|
- CLEANUP: server/event_hdl: remove purge_conn hint in INETADDR event
|
|
- MEDIUM: server: merge srv_update_addr() and srv_update_addr_port() logic
|
|
- CLEANUP: server: remove unused server_parse_addr_change_request() function
|
|
- CLEANUP: resolvers: remove duplicate func prototype
|
|
- MINOR: resolvers: add unique numeric id to nameservers
|
|
- MEDIUM: server: make server_set_inetaddr() updater serializable
|
|
- MINOR: server/event_hdl: expose updater info through INETADDR event
|
|
- MINOR: server: add dns hint in server_inetaddr_updater struct
|
|
- MEDIUM: server/dns: clear RMAINT when addr resolves again
|
|
- BUG/MINOR: server/dns: use server_set_inetaddr() to unset srv addr from DNS
|
|
- BUG/MEDIUM: server/dns: perform svc_port updates atomically from SRV records
|
|
- MEDIUM: peers: use server as stream target
|
|
- CLEANUP: peers: remove unused sock_init_arg struct member
|
|
- CLEANUP: peers: remove unused "proto" and "xprt" struct members
|
|
- MINOR: peers: rely on srv->addr and remove peer->addr
|
|
- DOC: config: add context hint for server keywords
|
|
- MINOR: stktable: add table_process_entry helper function
|
|
- MINOR: stktable: use {show,set,clear} table with ptr
|
|
- MINOR: map: add map_*_key converters to provide the matching key
|
|
- DOC: fix typo for fastfwd QUIC option
|
|
- BUG/MINOR: mux-quic: always report error to SC on RESET_STREAM emission
|
|
- MEDIUM: mux-quic: add BUG_ON if sending on locally closed QCS
|
|
- BUG/MINOR: mux-quic: disable fast-fwd if connection on error
|
|
- BUG/MINOR: quic: Wrong keylog callback setting.
|
|
- BUG/MINOR: quic: Missing call to TLS message callbacks
|
|
- MINOR: h3: check connection error during sending
|
|
- BUG/MINOR: h3: close connection on header list too big
|
|
- BUG/MINOR: h3: close connection on sending alloc errors
|
|
- BUG/MINOR: h3: disable fast-forward on buffer alloc failure
|
|
- Revert "MINOR: mux-quic: Disable zero-copy forwarding for send by default"
|
|
- MINOR: stktable: stktable_data_ptr() cannot fail in table_process_entry()
|
|
- CLEANUP: assorted typo fixes in the code and comments
|
|
- CI: use semantic version compare for determing "latest" OpenSSL
|
|
- CLEANUP: server: remove ambiguous check in srv_update_addr_port()
|
|
- CLEANUP: resolvers: remove unused RSLV_UPD_OBSOLETE_IP flag
|
|
- CLEANUP: resolvers: remove some more unused RSLV_UDP flags
|
|
- MEDIUM: server: simplify snr_set_srv_down() to prevent confusions
|
|
- MINOR: backend: export get_server_*() functions
|
|
- MINOR: tcpcheck: export proxy_parse_tcpcheck()
|
|
- MEDIUM: udp: allow to retrieve the frontend destination address
|
|
- MINOR: global: export a way to list build options
|
|
- MINOR: debug: add features and build options to "show dev"
|
|
- BUG/MINOR: server: fix server_find_by_name() usage during parsing
|
|
- REGTESTS: check attach-srv out of order declaration
|
|
- CLEANUP: quic: Remaining useless code into server part
|
|
- BUILD: quic: Missing quic_ssl.h header protection
|
|
- BUG/MEDIUM: h3: fix incorrect snd_buf return value
|
|
- MINOR: h3: do not consider missing buf room as error on trailers
|
|
- BUG/MEDIUM: stconn: Forward shutdown on write timeout only if it is forwardable
|
|
- BUG/MEDIUM: stconn: Set fsb date if zero-copy forwarding is blocked during nego
|
|
- BUG/MEDIUM: spoe: Never create new spoe applet if there is no server up
|
|
- MINOR: mux-h2: support limiting the total number of H2 streams per connection
|
|
- CLEANUP: mux-h2: remove the printfs from previous commit on h2 streams limit.
|
|
- DEV: h2: add the ability to emit literals in mkhdr
|
|
- DEV: h2: add the preface as well in supported output types
|
|
- DEV: h2: support passing raw data for a frame
|
|
- IMPORT: ebtree: implement and use flsnz_long() to count bits
|
|
- IMPORT: ebtree: switch the sizes and offsets to size_t and ssize_t
|
|
- IMPORT: ebtree: rework the fls macros to better deal with arch-specific ones
|
|
- IMPORT: ebtree: make string_equal_bits turn back to unsigned char
|
|
- IMPORT: ebtree: use unsigned ints for flznz()
|
|
- IMPORT: ebtree: make string_equal_bits() return an unsigned
|
|
|
|
2023/12/05 : 3.0-dev0
|
|
- exact copy of 2.9.0
|
|
|
|
2023/12/05 : 2.9.0
|
|
- DOC: config: add missing colon to "bytes_out" sample fetch keyword (2)
|
|
- BUG/MINOR: cfgparse-listen: fix warning being reported as an alert
|
|
- DOC: config: add matrix entry for "max-session-srv-conns"
|
|
- DOC: config: fix monitor-fail typo
|
|
- DOC: config: add context hint for proxy keywords
|
|
- DEBUG: stream: Report lra/fsb values for front end back SC in stream dump
|
|
- REGTESTS: sample: Test the behavior of consecutive delimiters for the field converter
|
|
- BUG/MINOR: sample: Make the `word` converter compatible with `-m found`
|
|
- DOC: Clarify the differences between field() and word()
|
|
- BUG/MINOR: server/event_hdl: properly handle AF_UNSPEC for INETADDR event
|
|
- BUILD: http_htx: silence uninitialized warning on some gcc versions
|
|
- MINOR: acme.sh: don't use '*' in the filename for wildcard domain
|
|
- MINOR: global: Use a dedicated bitfield to customize zero-copy fast-forwarding
|
|
- MINOR: mux-pt: Add global option to enable/disable zero-copy forwarding
|
|
- MINOR: mux-h1: Add global option to enable/disable zero-copy forwarding
|
|
- MINOR: mux-h2: Add global option to enable/disable zero-copy forwarding
|
|
- MINOR: mux-quic: Add global option to enable/disable zero-copy forwarding
|
|
- MINOR: mux-quic: Disable zero-copy forwarding for send by default
|
|
- DOC: config: update the reminder on the HTTP model and add some terminology
|
|
- DOC: config: add a few more differences between HTTP/1 and 2+
|
|
- DOC: config: clarify session vs stream
|
|
- DOC: config: fix typo abandonned -> abandoned
|
|
- DOC: management: fix two latest typos (optionally, exception)
|
|
- BUG/MEDIUM: peers: fix partial message decoding
|
|
- DOC: management: update stream vs session
|
|
|
|
2023/11/30 : 2.9-dev12
|
|
- BUG/MINOR: global: Fix tune.disable-(fast-forward/zero-copy-forwarding) options
|
|
- DOC: config: removing "log-balance" references
|
|
- MINOR: server/event_hdl: add SERVER_INETADDR event
|
|
- MINOR: tools: use const for read only pointers in ip{cmp,cpy}
|
|
- MINOR: server/ip: centralize server ip updates
|
|
- MINOR: backend: remove invalid mode test for "hash-balance-factor"
|
|
- Revert "MINOR: cfgparse-listen: warn when use-server rules is used in wrong mode"
|
|
- MINOR: proxy: add free_logformat_list() helper function
|
|
- MINOR: proxy: add free_server_rules() helper function
|
|
- MINOR: log/backend: prevent "use-server" rules use with LOG mode
|
|
- MINOR: log/balance: set lbprm tot_weight on server on queue/dequeue
|
|
- DOC: config: specify supported sections for "max-session-srv-conns"
|
|
- DOC: config: fix timeout check inheritance restrictions
|
|
- REGTESTS: connection: disable http_reuse_be_transparent.vtc if !TPROXY
|
|
- DOC: lua: add sticktable class reference from Proxy.stktable
|
|
- DOC: lua: fix Proxy.get_mode() output
|
|
- DOC: lua: add "syslog" to Proxy.get_mode() output
|
|
- MEDIUM: ssl: implement rsa/ecdsa selection with WolfSSL
|
|
- MINOR: ssl: replace 'trash.area' by 'servername' in ssl_sock_switchctx_cbk()
|
|
- MINOR: ssl: move certificate selection in a dedicate function
|
|
- MEDIUM: ssl: use ssl_sock_chose_sni_ctx() in the clienthello callback
|
|
- MINOR: mworker/cli: implement hard-reload over the master CLI
|
|
- BUG/MEDIUM: mux-h1: Properly ignore trailers when a content-length is announced
|
|
- MINOR: task/profiling: do not record task_drop_running() as a caller
|
|
- OPTIM: pattern: save memory and time using ebst instead of ebis
|
|
- BUILD: map: fix build warning
|
|
- MINOR: trace: define simple -dt argument
|
|
- MINOR: trace: parse level in a function
|
|
- MINOR: trace: parse verbosity in a function
|
|
- MINOR: trace: support -dt optional format
|
|
- OPTIM: mux-h2/zero-copy: don't allocate more buffers per connections than streams
|
|
- BUG/MINOR: quic: fix CONNECTION_CLOSE_APP encoding
|
|
- BUG/MEDIUM: stconn: Don't perform zero-copy FF if opposite SC is blocked
|
|
- BUG/MEDIUM: mux-h2: Remove H2_SF_NOTIFIED flag for H2S blocked on fast-forward
|
|
- CLEANUP: quic: Remove dead definitions/declarations
|
|
- REORG: quic: Move some QUIC CLI code to its C file
|
|
- REORG: quic: Add a new module to handle QUIC connection IDs
|
|
- REORG: quic: QUIC connection types header cleaning
|
|
- BUILD: quic: Missing RX header inclusions
|
|
- REORG: quic: Move CRYPTO data buffer defintions to QUIC TLS module
|
|
- REORG: quic: Move QUIC CRYPTO stream definitions/declarations to QUIC TLS
|
|
- REORG: quic: Move several inlined functions from quic_conn.h
|
|
- REORG: quic: Move QUIC SSL BIO method related functions to quic_ssl.c
|
|
- REORG: quic: Move the QUIC DCID parser to quic_sock.c
|
|
- REORG: quic: Rename some functions used upon ACK receipt
|
|
- REORG: quic: Move QUIC path definitions/declarations to quic_cc module
|
|
- REORG: quic: Move qc_handle_conn_migration() to quic_conn.c
|
|
- REORG: quic: Move quic_build_post_handshake_frames() to quic_conn module
|
|
- REORG: quic: Move qc_may_probe_ipktns() to quic_tls.h
|
|
- REORG: quic: Move qc_pkt_long() to quic_rx.h
|
|
- REORG: quic: Rename some (quic|qc)_conn* objects to quic_conn_closed
|
|
- REORG: quic: Move NEW_CONNECTION_ID frame builder to quic_cid
|
|
- REORG: quic: Move ncbuf related function from quic_rx to quic_conn
|
|
- REORG: quic: Add a new module for QUIC retry
|
|
- BUILD: quic: Several compiler warns fixes after retry module creation
|
|
- REORG: quic: Move qc_notify_send() to quic_conn
|
|
- REORG: quic: Add a new module for retransmissions
|
|
- REORG: quic: Remove qc_pkt_insert() implementation
|
|
- REORG: quic: Move quic_increment_curr_handshake() to quic_sock
|
|
- BUG/MINOR: cache: Remove incomplete entries from the cache when stream is closed
|
|
- MEDIUM: cli: allow custom pattern for payload
|
|
- CLEANUP: mworker/cli: use a label to return errors
|
|
- MINOR: mworker/cli: implements the customized payload pattern for master CLI
|
|
- DOC: management: add documentation about customized payload pattern
|
|
- BUG/MEDIUM: server/event_hdl: memory overrun in _srv_event_hdl_prepare_inetaddr()
|
|
- MINOR: event_hdl: add global tunables
|
|
- BUG/MAJOR: server/addr: fix a race during server addr:svc_port updates
|
|
- MEDIUM: log/balance: support FQDN for UDP log servers
|
|
- BUG/MINOR: compression: possible NULL dereferences in comp_prepare_compress_request()
|
|
- BUG/MEDIUM: master/cli: Properly pin the master CLI on thread 1 / group 1
|
|
- BUG/MEDIUM: mux-quic: Stop zero-copy FF during nego if input is not empty
|
|
- CLEANUP: log: Fix %rc comment in sess_build_logline()
|
|
- BUG/MINOR: h3: fix TRAILERS encoding
|
|
- BUG/MINOR: h3: always reject PUSH_PROMISE
|
|
- MINOR: h3: use correct error code for missing SETTINGS
|
|
- MINOR: http-fetch: Add a sample to retrieve the server status code
|
|
- DOC: config: Improve 'status' sample documentation
|
|
- MINOR: http-fetch: Add a sample to get the transaction status code
|
|
- MEDIUM: http-ana: Set termination state before returning haproxy response
|
|
- MINOR: stream: Expose session terminate state via a new sample fetch
|
|
- MINOR: stream: add a sample fetch to get the number of connection retries
|
|
- MINOR: stream: Expose the stream's uniq_id via a new sample fetch
|
|
- MINOR: muxes: Rename mux_ctl_type values to use MUX_CTL_ prefix
|
|
- MINOR: muxes: Add a callback function to send commands to mux streams
|
|
- MINOR: muxes: Implement ->sctl() callback for muxes and return the stream id
|
|
- MINOR: Add sample fetches to get the frontend and backend stream ID
|
|
- BUG/MEDIUM: cli: Don't look for payload pattern on empty commands
|
|
- DOC: config: Add argument for tune.lua.maxmem
|
|
- DOC: config: fix mention of request slot in http-response capture
|
|
- DOC: config: fix remaining mention of @reverse for attach-srv action
|
|
- DOC: config: fix missing characters in set-spoe-group action
|
|
- DOC: config: reorganize actions into their own section
|
|
- BUG/MINOR: acme.sh: update the deploy script
|
|
- MINOR: rhttp: mark reverse HTTP as experimental
|
|
- CLEANUP: quic_cid: remove unused listener arg
|
|
- BUG/MINOR: quic_tp: fix preferred_address decoding
|
|
- MINOR: quic_tp: use in_addr/in6_addr for preferred_address
|
|
- MINOR: acme.sh: use the master CLI for hot update
|
|
- DOC: config: move the cache-use and cache-store actions to the proper section
|
|
- DOC: config: fix alphabetical ordering of converter keywords
|
|
- DOC: config: add missing colon to "bytes_out" sample fetch keyword
|
|
- DOC: config: add an index of converter keywords
|
|
- DOC: config: add an index of sample fetch keywords
|
|
- BUG/MINOR: config: Stopped parsing upon unmatched environment variables
|
|
- DEBUG: unstatify a few functions that are often present in backtraces
|
|
- BUILD: server: shut a bogus gcc warning on certain ubuntu
|
|
|
|
2023/11/24 : 2.9-dev11
|
|
- BUG/MINOR: startup: set GTUNE_SOCKET_TRANSFER correctly
|
|
- BUG/MINOR: sock: mark abns sockets as non-suspendable and always unbind them
|
|
- BUILD: cache: fix build error on older compilers
|
|
- BUG/MAJOR: quic: complete thread migration before tcp-rules
|
|
- BUG/MEDIUM: quic: Possible crash for connections to be killed
|
|
- MINOR: quic: remove unneeded QUIC specific stopping function
|
|
- MINOR: acl: define explicit HTTP_3.0
|
|
- DEBUG: connection/flags: update flags for reverse HTTP
|
|
- BUILD: log: silence a build warning when threads are disabled
|
|
- MINOR: quic: Add traces to debug frames handling during retransmissions
|
|
- BUG/MEDIUM: quic: Possible crash during retransmissions and heavy load
|
|
- BUG/MINOR: quic: Possible leak of TX packets under heavy load
|
|
- BUG/MINOR: quic: Possible RX packet memory leak under heavy load
|
|
- BUG/MINOR: server: do not leak default-server in defaults sections
|
|
- DEBUG: tinfo: store the pthread ID and the stack pointer in tinfo
|
|
- MINOR: debug: start to create a new struct post_mortem
|
|
- MINOR: debug: add OS/hardware info to the post_mortem struct
|
|
- MINOR: debug: report in port_mortem whether a container was detected
|
|
- MINOR: debug: report in post_mortem if the container techno used is docker
|
|
- MINOR: debug: detect CPU model and store it in post_mortem
|
|
- MINOR: debug: report any detected hypervisor in post_mortem
|
|
- MINOR: debug: collect some boot-time info related to the process
|
|
- MINOR: debug: copy the thread info into the post_mortem struct
|
|
- MINOR: debug: dump the mapping of the libs into post_mortem
|
|
- MINOR: debug: add the ability to enter components in the post_mortem struct
|
|
- MINOR: init: add info about the main program to the post_mortem struct
|
|
- DOC: management: document "show dev"
|
|
- CLEANUP: assorted typo fixes in the code and comments
|
|
- CI: limit codespell checks to main repo, not forks
|
|
- DOC: 51d: updated 51Degrees repo URL for v3.2.10
|
|
- DOC: install: update the list of openssl versions
|
|
- MINOR: ext-check: add an option to preserve environment variables
|
|
- BUG/MEDIUM: mux-h1: Don't set CO_SFL_MSG_MORE flag on last fast-forward send
|
|
- MINOR: rhttp: rename proto_reverse_connect
|
|
- MINOR: rhttp: large renaming to use rhttp prefix
|
|
- MINOR: rhttp: add count of active conns per thread
|
|
- MEDIUM: rhttp: support multi-thread active connect
|
|
- MINOR: listener: allow thread kw for rhttp bind
|
|
- DOC: rhttp: replace maxconn by nbconn
|
|
- MINOR: log/balance: rename "log-sticky" to "sticky"
|
|
- MEDIUM: mux-quic: Add consumer-side fast-forwarding support
|
|
- MAJOR: h3: Implement zero-copy support to send DATA frame
|
|
|
|
2023/11/18 : 2.9-dev10
|
|
- CLEANUP: Re-apply xalloc_size.cocci (3)
|
|
- BUG/MEDIUM: stconn: Report send activity during mux-to-mux fast-forward
|
|
- BUG/MEDIUM: stconn: Don't report rcv/snd expiration date if SC cannot epxire
|
|
- MINOR: stconn: Don't queue stream task in past in sc_notify()
|
|
- BUG/MEDIUM: Don't apply a max value on room_needed in sc_need_room()
|
|
- BUG/MINOR: stconn: Sanitize report for read activity
|
|
- CLEANUP: htx: Properly indent htx_reserve_max_data() function
|
|
- DOC: stconn: Improve comments about lra and fsb usage
|
|
- BUG/MEDIUM: quic: fix actconn on quic_conn alloc failure
|
|
- BUG/MEDIUM: quic: fix sslconns on quic_conn alloc failure
|
|
- BUG/MEDIUM: mux-h1: Be sure xprt support splicing to use it during fast-forward
|
|
- MINOR: proto_reverse_connect: use connect timeout
|
|
- BUG/MINOR: mux-h1: Release empty ibuf during data fast-forwarding
|
|
- BUG/MINOR: stick-table/cli: Check for invalid ipv4 key
|
|
- MEDIUM: stktable/cli: simplify entry key handling
|
|
- MINOR: stktable/cli: support v6tov4 and v4tov6 conversions
|
|
- BUG/MINOR: mux-h1: Properly handle http-request and http-keep-alive timeouts
|
|
- BUG/MEDIUM: freq-ctr: Don't report overshoot for long inactivity period
|
|
- BUG/MEDIUM: pool: fix releasable pool calculation when overloaded
|
|
- BUG/MINOR: pool: check one other random bucket on alloc conflict
|
|
- BUG/MEDIUM: pool: try once to allocate from another bucket if empty
|
|
- MEDIUM: stconn/muxes: Loop on data fast-forwarding to forward at least a buffer
|
|
- MINOR: stconn/mux-h2: Use a iobuf flag to report EOI to consumer side during FF
|
|
- MEDIUM: quic: Heavy task mode during handshake
|
|
- MEDIUM: quic: Heavy task mode with non contiguously bufferized CRYPTO data
|
|
- MINOR: quic: release the TLS context asap from quic_conn_release()
|
|
- MINOR: quic: Add idle timer task pointer to traces
|
|
- BUG/MINOR: quic: idle timer task requeued in the past
|
|
- CLEANUP: quic: Indentation fix in qc_do_build_pkt()
|
|
- MINOR: quic: Avoid zeroing frame structures
|
|
- BUG/MEDIUM: quic: Too short Initial packet sent (enc. level allocation failed)
|
|
- BUG/MEDIUM: quic: Avoid trying to send ACK frames from an empty ack ranges tree
|
|
- BUG/MEDIUM: quic: Possible crashes when sending too short Initial packets
|
|
- BUG/MEDIUM: quic: Avoid some crashes upon TX packet allocation failures
|
|
- BUG/MEDIUM: quic: Possible crashes during secrets allocations (heavy load)
|
|
- BUG/MEDIUM: stconn: Don't update stream expiration date if already expired
|
|
- MINOR: errors: ha_alert() and ha_warning() uses warn_exec_path()
|
|
- MINOR: errors: does not check MODE_STARTING for log emission
|
|
- MEDIUM: errors: move the MODE_QUIET test in print_message()
|
|
- DOC: management: -q is quiet all the time
|
|
- MEDIUM: mworker: -W is mandatory when using -S
|
|
- BUG/MEDIUM: mux-h1: Exit early if fast-forward is not supported by opposite SC
|
|
- MEDIUM: quic: adjust address validation
|
|
- MINOR: quic: reduce half open counters scope
|
|
- MEDIUM: quic: limit handshake per listener
|
|
- MEDIUM: quic: define an accept queue limit
|
|
- BUG/MINOR: quic: fix retry token check inconsistency
|
|
- MINOR: task/debug: explicitly support passing a null caller to wakeup functions
|
|
- MINOR: task/debug: make task_queue() and task_schedule() possible callers
|
|
- OPTIM: mux-h2: don't allocate more buffers per connections than streams
|
|
- BUG/MINOR: quic: remove dead code in error path
|
|
- MEDIUM: quic: respect closing state even on soft-stop
|
|
- MEDIUM: quic: release conn socket before using quic_cc_conn
|
|
- DOC: config: use the word 'backend' instead of 'proxy' in 'track' description
|
|
- BUG/MEDIUM: applet: Remove appctx from buffer wait list on release
|
|
- MINOR: tools: make str2sa_range() directly return type hints
|
|
- BUG/MEDIUM: server: invalid address (post)parsing checks
|
|
- BUG/MINOR: sink: don't learn srv port from srv addr
|
|
- CLEANUP: sink: bad indent in sink_new_from_logger()
|
|
- CLEANUP: sink: useless leftover in sink_add_srv()
|
|
- BUG/MINOR: quic: Useless use of non-contiguous buffer for in order CRYPTO data
|
|
- MINOR: server: always initialize pp_tlvs for default servers
|
|
- BUG/MEDIUM: proxy: always initialize the default settings after init
|
|
- MEDIUM: startup: 'haproxy -c' is quiet when valid
|
|
- BUG/MINOR: sample: Fix bytes converter if offset is bigger than sample length
|
|
- BUG/MINOR: log: keep the ref in dup_logger()
|
|
- BUG/MINOR: quic: fix crash on qc_new_conn alloc failure
|
|
- BUG/MINOR: quic: fix decrement of half_open counter on qc alloc failure
|
|
- BUG/MEDIUM: quic: fix FD for quic_cc_conn
|
|
- DOC: config: Fix name for tune.disable-zero-copy-forwarding global param
|
|
- REGTESTS: startup: -conf-OK requires -V with current VTest
|
|
- BUG/MEDIUM: quic: Non initialized CRYPTO data stream deferencing
|
|
- MINOR: quic: Add a max window parameter to congestion control algorithms
|
|
- MINOR: quic: Maximum congestion control window for each algo
|
|
- DOC: quic: Wrong syntax for "quic-cc-algo" keyword.
|
|
- DOC: quic: Maximum congestion control window configuration
|
|
- BUG/MINOR: quic: maximum window limits do not match the doc
|
|
- BUG/MEDIUM: connection: report connection errors even when no mux is installed
|
|
- BUG/MINOR: stconn: Handle abortonclose if backend connection was already set up
|
|
- MINOR: connection: Add a CTL flag to notify mux it should wait for reads again
|
|
- MEDIUM: mux-h1: Handle MUX_SUBS_RECV flag in h1_ctl() and susbscribe for reads
|
|
- BUG/MEDIUM: stream: Properly handle abortonclose when set on backend only
|
|
- MINOR: stconn: Use SC to detect frontend connections in sc_conn_recv()
|
|
- REGTESTS: http: Improve script testing abortonclose option
|
|
- MINOR: activity: report profiling duration and age in "show profiling"
|
|
- BUG/MEDIUM: mworker: set the master variable earlier
|
|
- BUG/MEDIUM: stream: Don't call mux .ctl() callback if not implemented
|
|
- MINOR: connection: update rhttp flags usage
|
|
- BUG/MINOR: mux_h2: reject passive reverse conn if error on add to idle
|
|
- MINOR: server: force add to idle on reverse
|
|
- MINOR: shctx: Set last_append to NULL when reserving block in hot list
|
|
- MEDIUM: shctx: Move list between hot and avail list in O(1)
|
|
- MEDIUM: shctx: Simplify shctx_row_reserve_hot loop
|
|
- MINOR: shctx: Remove explicit 'from' param from shctx_row_data_append
|
|
- MEDIUM: cache: Use dedicated cache tree lock alongside shctx lock
|
|
- MINOR: cache: Remove expired entry delete in "show cache" command
|
|
- MINOR: cache: Add option to avoid removing expired entries in lookup function
|
|
- MEDIUM: cache: Use rdlock on cache in cache_use
|
|
- MEDIUM: shctx: Remove 'hot' list from shared_context
|
|
- MINOR: cache: Use dedicated trash for "show cache" cli command
|
|
- MEDIUM: cache: Switch shctx spinlock to rwlock and restrict its scope
|
|
- MEDIUM: cache: Add refcount on cache_entry
|
|
- MEDIUM: shctx: Descend shctx_lock calls into the shctx_row_reserve_hot
|
|
- MINOR: shctx: Add new reserve_finish callback call to shctx_row_reserve_hot
|
|
- MAJOR: cache: Delay cache entry delete in reserve_hot function
|
|
- MINOR: shctx: Remove redundant arg from free_block callback
|
|
- MINOR: shctx: Remove 'use_shared_mem' variable
|
|
- DOC: cache: Specify when function expects a cache lock
|
|
- BUG/MEDIUM: stconn: Update fsb date on partial sends
|
|
- MINOR: htx: Use a macro for overhead induced by HTX
|
|
- MINOR: channel: Add functions to get info on buffers and deal with HTX streams
|
|
- BUG/MINOR: stconn: Fix streamer detection for HTX streams
|
|
- BUG/MINOR: stconn: Use HTX-aware channel's functions to get info on buffer
|
|
- BUG/MINOR: stconn/applet: Report send activity only if there was output data
|
|
- BUG/MINOR: stconn: Report read activity on non-indep streams for partial sends
|
|
- BUG/MINOR: shctx: Remove old HA_SPIN_INIT
|
|
- REGTESTS: try to activate again the seamless reload test with the master CLI
|
|
- MINOR: proxy: Add "handshake" new timeout (frontend side)
|
|
- MEDIUM: quic: Add support for "handshake" timeout setting.
|
|
- MINOR: quic: Dump the expiration date of the idle timer task
|
|
- BUG/MINOR: quic: Malformed CONNECTION_CLOSE frame
|
|
- MEDIUM: session: handshake timeout (TCP)
|
|
- DOC: proxy: Add "handshake" timeout documentation.
|
|
- MINOR: quic: Rename "handshake" timeout to "client-hs"
|
|
- CLEANUP: haproxy: remove old comment from 1.1 from the file header
|
|
- BUG/MEDIUM: mux-h2: fail earlier on malloc in takeover()
|
|
- BUG/MEDIUM: mux-h1: fail earlier on malloc in takeover()
|
|
- BUG/MEDIUM: mux-fcgi: fail earlier on malloc in takeover()
|
|
- MINOR: rhttp: remove the unused outgoing connect() function
|
|
- MINOR: backend: without ->connect(), allow to pick another thread's connection
|
|
- BUG/MINOR: stream/cli: report correct stream age in "show sess"
|
|
- MINOR: stream/cli: add an optional "older" filter for "show sess"
|
|
- MINOR: stream/cli: add another filter "susp" to "show sess"
|
|
- MINOR: stktable: add stktable_deinit function
|
|
- BUG/MINOR: proxy/stktable: missing frees on proxy cleanup
|
|
- CLEANUP: backend: removing unused LB param
|
|
- MEDIUM: lbprm: store algo params on 32bits
|
|
- MEDIUM: log/balance: merge tcp/http algo with log ones
|
|
- Revert "MINOR: proxy: report a warning for max_ka_queue in proxy_cfg_ensure_no_http()"
|
|
- Revert "MINOR: tcp_rules: tcp-{request,response} requires TCP or HTTP mode"
|
|
- Revert "MINOR: stktable: "stick" requires TCP or HTTP mode"
|
|
- Revert "MINOR: cfgparse-listen: "http-send-name-header" requires TCP or HTTP mode"
|
|
- Revert "MINOR: cfgparse-listen: "dynamic-cookie-key" requires TCP or HTTP mode"
|
|
- Revert "MINOR: cfgparse-listen: "http-reuse" requires TCP or HTTP mode"
|
|
- Revert "MINOR: fcgi-app: "use-fcgi-app" requires TCP or HTTP mode"
|
|
- Revert "MINOR: http_htx/errors: prevent the use of some keywords when not in tcp/http mode"
|
|
- Revert "MINOR: flt_http_comp: "compression" requires TCP or HTTP mode"
|
|
- Revert "MINOR: filter: "filter" requires TCP or HTTP mode"
|
|
- MINOR: log/backend: ensure log exclusive params are not used in other modes
|
|
- MINOR: log/backend: prevent tcp-{request,response} use with LOG mode
|
|
- MINOR: log/backend: prevent stick table and stick rules with LOG mode
|
|
- MINOR: log/backend: prevent "http-send-name-header" use with LOG mode
|
|
- MINOR: log/backend: prevent "dynamic-cookie-key" use with LOG mode
|
|
- REGTESTS: http: add a test to validate chunked responses delivery
|
|
|
|
2023/11/04 : 2.9-dev9
|
|
- DOC: internal: filters: fix reference to entities.pdf
|
|
- BUG/MINOR: ssl: load correctly @system-ca when ca-base is define
|
|
- MINOR: lua: Add flags to configure logging behaviour
|
|
- MINOR: lua: change tune.lua.log.stderr default from 'on' to 'auto'
|
|
- BUG/MINOR: backend: fix wrong BUG_ON for avail conn
|
|
- BUG/MAJOR: backend: fix idle conn crash under low FD
|
|
- MINOR: backend: refactor insertion in avail conns tree
|
|
- DEBUG: mux-h2/flags: fix list of h2c flags used by the flags decoder
|
|
- BUG/MEDIUM: server/log: "mode log" after server keyword causes crash
|
|
- MINOR: connection: add conn_pr_mode_to_proto_mode() helper func
|
|
- BUG/MEDIUM: server: "proto" not working for dynamic servers
|
|
- MINOR: server: add helper function to detach server from proxy list
|
|
- DEBUG: add a tainted flag when ha_panic() is called
|
|
- DEBUG: lua: add tainted flags for stuck Lua contexts
|
|
- DEBUG: pools: detect that malloc_trim() is in progress
|
|
- BUG/MINOR: quic: do not consider idle timeout on CLOSING state
|
|
- MINOR: frontend: implement a dedicated actconn increment function
|
|
- BUG/MINOR: ssl: use a thread-safe sslconns increment
|
|
- MEDIUM: quic: count quic_conn instance for maxconn
|
|
- MEDIUM: quic: count quic_conn for global sslconns
|
|
- BUG/MINOR: ssl: suboptimal certificate selection with TLSv1.3 and dual ECDSA/RSA
|
|
- REGTESTS: ssl: update the filters test for TLSv1.3 and sigalgs
|
|
- BUG/MINOR: mux-quic: fix early close if unset client timeout
|
|
- BUG/MEDIUM: ssl: segfault when cipher is NULL
|
|
- BUG/MINOR: tcpcheck: Report hexstring instead of binary one on check failure
|
|
- MEDIUM: systemd: be more verbose about the reload
|
|
- MINOR: sample: Add fetcher for getting all cookie names
|
|
- BUG/MINOR: proto_reverse_connect: support SNI on active connect
|
|
- MINOR: proxy/stktable: add resolve_stick_rule helper function
|
|
- BUG/MINOR: stktable: missing free in parse_stick_table()
|
|
- BUG/MINOR: cfgparse/stktable: fix error message on stktable_init() failure
|
|
- MINOR: stktable: stktable_init() sets err_msg on error
|
|
- MINOR: stktable: check if a type should be used as-is
|
|
- MEDIUM: stktable/peers: "write-to" local table on peer updates
|
|
- CI: github: update wolfSSL to 5.6.4
|
|
- DOC: install: update the wolfSSL required version
|
|
- MINOR: server: Add parser support for set-proxy-v2-tlv-fmt
|
|
- MINOR: connection: Send out generic, user-defined server TLVs
|
|
- BUG/MEDIUM: pattern: don't trim pools under lock in pat_ref_purge_range()
|
|
- MINOR: mux-h2: always use h2_send() in h2_done_ff(), not h2_process()
|
|
- OPTIM: mux-h2: call h2_send() directly from h2_snd_buf()
|
|
- BUG/MINOR: server: remove some incorrect free() calls on null elements
|
|
|
|
2023/10/20 : 2.9-dev8
|
|
- MINOR: ssl: add an explicit error when 'ciphersuites' are not supported
|
|
- BUILD: ssl: enable 'ciphersuites' for WolfSSL
|
|
- BUILD: ssl: add 'ssl_c_r_dn' fetch for WolfSSL
|
|
- BUILD: ssl: add 'secure_memcmp' converter for WolfSSL and awslc
|
|
- BUILD: ssl: enable keylog for awslc
|
|
- CLEANUP: ssl: remove compat functions for openssl < 1.0.0
|
|
- BUILD: ssl: enable keylog for WolfSSL
|
|
- REGTESTS: pki: add a pki for SSL tests
|
|
- REGTESTS: ssl: update common.pem with the new pki
|
|
- REGTESTS: ssl: disable ssl_dh.vtc for WolfSSL
|
|
- REGTESTS: wolfssl: temporarly disable some failing reg-tests
|
|
- CI: ssl: add wolfssl to build-ssl.sh
|
|
- CI: ssl: add git id support for wolfssl download
|
|
- CI: github: add a wolfssl entry to the CI
|
|
- CI: github: update wolfssl to git revision d83f2fa
|
|
- CI: github: add awslc 1.16.0 to the push CI
|
|
- BUG/MINOR: quic: Avoid crashing with unsupported cryptographic algos
|
|
- REORG: quic: cleanup traces definition
|
|
- BUG/MINOR: quic: reject packet with no frame
|
|
- BUG/MEDIUM: mux-quic: fix RESET_STREAM on send-only stream
|
|
- BUG/MINOR: mux-quic: support initial 0 max-stream-data
|
|
- BUG/MINOR: h3: strengthen host/authority header parsing
|
|
- CLEANUP: connection: drop an uneeded leftover cast
|
|
- BUG/MAJOR: connection: make sure to always remove a connection from the tree
|
|
- BUG/MINOR: quic: fix qc.cids access on quic-conn fail alloc
|
|
- BUG/MINOR: quic: fix free on quic-conn fail alloc
|
|
- BUG/MINOR: mux-quic: fix free on qcs-new fail alloc
|
|
- BUG/MEDIUM: quic-conn: free unsent frames on retransmit to prevent crash
|
|
- MEDIUM: tree-wide: logsrv struct becomes logger
|
|
- MEDIUM: log: introduce log target
|
|
- DOC: config: log <address> becomes log <target> in "log" related doc
|
|
- MEDIUM: sink/log: stop relying on AF_UNSPEC for rings
|
|
- MINOR: log: support explicit log target as argument in __do_send_log()
|
|
- MINOR: log: remove the logger dependency in do_send_log()
|
|
- MEDIUM: log/sink: simplify log header handling
|
|
- MEDIUM: sink: inherit from caller fmt in ring_write() when rings didn't set one
|
|
- MINOR: sink: add sink_new_from_srv() function
|
|
- MAJOR: log: introduce log backends
|
|
- MINOR: log/balance: support for the "sticky" lb algorithm
|
|
- MINOR: log/balance: support for the "random" lb algorithm
|
|
- MINOR: lbprm: support for the "none" hash-type function
|
|
- MINOR: lbprm: compute the hash avalanche in gen_hash()
|
|
- MINOR: sample: add sample_process_cnv() function
|
|
- MEDIUM: log/balance: support for the "hash" lb algorithm
|
|
- REGTEST: add a test for log-backend used as a log target
|
|
- MINOR: server: introduce "log-bufsize" kw
|
|
- BUG/MEDIUM: stconn: Report a send activity everytime data were sent
|
|
- BUG/MEDIUM: applet: Report a send activity everytime data were sent
|
|
- BUG/MINOR: mux-h1: Send a 400-bad-request on shutdown before the first request
|
|
- MINOR: support for http-response set-timeout
|
|
- BUG/MINOR: mux-h2: make up other blocked streams upon removal from list
|
|
- DEBUG: pool: store the memprof bin on alloc() and update it on free()
|
|
- BUG/MEDIUM: quic_conn: let the scheduler kill the task when needed
|
|
- CLEANUP: hlua: Remove dead-code on error path in hlua_socket_new()
|
|
- BUG/MEDIUM: mux-h1: do not forget TLR/EOT even when no data is sent
|
|
- BUG/MINOR: htpp-ana/stats: Specify that HTX redirect messages have a C-L header
|
|
- BUG/MEDIUM: mux-h2: Don't report an error on shutr if a shutw is pending
|
|
- MEDIUM: stconn/channel: Move pipes used for the splicing in the SE descriptors
|
|
- MINOR: stconn: Start to introduce mux-to-mux fast-forwarding notion
|
|
- MINOR: stconn: Extend iobuf to handle a buffer in addition to a pipe
|
|
- MINOR: connection: Add new mux callbacks to perform data fast-forwarding
|
|
- MINOR: stconn: Temporarily remove kernel splicing support
|
|
- MINOR: mux-pt: Temporarily remove splicing support
|
|
- MINOR: mux-h1: Temporarily remove splicing support
|
|
- MINOR: connection: Remove mux callbacks about splicing
|
|
- MEDIUM: stconn: Add mux-to-mux fast-forward support
|
|
- MINOR: mux-h1: Use HTX extra field only for responses with known length
|
|
- MEDIUM: mux-h1: Properly handle state transitions of chunked outgoing messages
|
|
- MEDIUM: raw-sock: Specifiy amount of data to send via snd_pipe callback
|
|
- MINOR: mux-h1: Add function to add size of a chunk to an outgoind message
|
|
- MEDIUM: mux-h1: Simplify zero-copy on sending path
|
|
- MEDIUM: mux-h1: Simplify payload formatting based on HTX blocks on sending path
|
|
- MEDIUM: mux-h1: Add fast-forwarding support
|
|
- MINOR: h2: Set the BODYLESS_RESP flag on the HTX start-line if necessary
|
|
- MEDIUM: mux-h2: Add consumer-side fast-forwarding support
|
|
- MEDIUM: channel: don't look at iobuf to report an empty channel
|
|
- MINOR: tree-wide: Only rely on co_data() to check channel emptyness
|
|
- REGTESTS: Reenable HTTP tests about splicing
|
|
- CLEAN: mux-h1: Remove useless __maybe_unused attribute on h1_make_chunk()
|
|
- MEDIUM: mux-pt: Add fast-forwarding support
|
|
- MINOR: global: Add an option to disable the zero-copy forwarding
|
|
- BUILD: mux-h1: Fix build without kernel splicing support
|
|
- REORG: stconn/muxes: Rename init step in fast-forwarding
|
|
- MINOR: dgram: allow to set rcv/sndbuf for dgram sockets as well
|
|
- BUG/MINOR: mux-h2: fix http-request and http-keep-alive timeouts again
|
|
- BUG/MINOR: trace: fix trace parser error reporting
|
|
- BUG/MEDIUM: peers: Be sure to always refresh recconnect timer in sync task
|
|
- BUG/MEDIUM: peers: Fix synchro for huge number of tables
|
|
- MINOR: cfgparse: forbid mixing reverse and standard listeners
|
|
- MINOR: listener: add nbconn kw for reverse connect
|
|
- MINOR: server: convert @reverse to rev@ standard format
|
|
- MINOR: cfgparse: rename "rev@" prefix to "rhttp@"
|
|
- REGTESTS: remove maxconn from rhttp bind line
|
|
- MINOR: listener: forbid most keywords for reverse HTTP bind
|
|
- MINOR: sample: Added support for Arrays in sample_conv_json_query in sample.c
|
|
- MINOR: mux-h2/traces: explicitly show the error/refused stream states
|
|
- MINOR: mux-h2/traces: clarify the "rejected H2 request" event
|
|
- BUG/MINOR: mux-h2: commit the current stream ID even on reject
|
|
- BUG/MINOR: mux-h2: update tracked counters with req cnt/req err
|
|
|
|
2023/10/06 : 2.9-dev7
|
|
- MINOR: support for http-request set-timeout client
|
|
- BUG/MINOR: mux-quic: remove full demux flag on ncbuf release
|
|
- CLEANUP: freq_ctr: make all freq_ctr readers take a const
|
|
- CLEANUP: stream: make the dump code not depend on the CLI appctx
|
|
- MINOR: stream: split stats_dump_full_strm_to_buffer() in two
|
|
- CLEANUP: stream: use const filters in the dump function
|
|
- CLEANUP: stream: make strm_dump_to_buffer() take a const stream
|
|
- MINOR: stream: make strm_dump_to_buffer() take an arbitrary buffer
|
|
- MINOR: stream: make strm_dump_to_buffer() show the list of filters
|
|
- MINOR: stream: make stream_dump() always multi-line
|
|
- MINOR: streams: add support for line prefixes to strm_dump_to_buffer()
|
|
- MEDIUM: stream: now provide full stream dumps in case of loops
|
|
- MINOR: debug: use the more detailed stream dump in panics
|
|
- CLEANUP: stream: remove the now unused stream_dump() function
|
|
- Revert "BUG/MEDIUM: quic: missing check of dcid for init pkt including a token"
|
|
- MINOR: stream: fix output alignment of stuck thread dumps
|
|
- BUG/MINOR: proto_reverse_connect: fix FD leak on connection error
|
|
- BUG/MINOR: tcp_act: fix attach-srv rule ACL parsing
|
|
- MINOR: connection: define error for reverse connect
|
|
- MINOR: connection: define mux flag for reverse support
|
|
- MINOR: tcp_act: remove limitation on protocol for attach-srv
|
|
- BUG/MINOR: proto_reverse_connect: fix FD leak upon connect
|
|
- BUG/MAJOR: plock: fix major bug in pl_take_w() introduced with EBO
|
|
- Revert "MEDIUM: sample: Small fix in function check_operator for eror reporting"
|
|
- DOC: sample: Add a comment in 'check_operator' to explain why 'vars_check_arg' should ignore the 'err' buffer
|
|
- DEV: sslkeylogger: handle file opening error
|
|
- MINOR: quic: define quic-socket bind setting
|
|
- MINOR: quic: handle perm error on bind during runtime
|
|
- MINOR: backend: refactor specific source address allocation
|
|
- MINOR: proto_reverse_connect: support source address setting
|
|
- BUILD: pool: Fix GCC error about potential null pointer dereference
|
|
- MINOR: hlua: Set context's appctx when the lua socket is created
|
|
- MINOR: hlua: Don't preform operations on a not connected socket
|
|
- MINOR: hlua: Save the lua socket's timeout in its context
|
|
- MINOR: hlua: Save the lua socket's server in its context
|
|
- MINOR: hlua: Test the hlua struct first when the lua socket is connecting
|
|
- BUG/MEDIUM: hlua: Initialize appctx used by a lua socket on connect only
|
|
- DEBUG: mux-h1: Fix event label from trace messages about payload formatting
|
|
- BUG/MINOR: mux-h1: Handle read0 in rcv_pipe() only when data receipt was tried
|
|
- BUG/MINOR: mux-h1: Ignore C-L when sending H1 messages if T-E is also set
|
|
- BUG/MEDIUM: h1: Ignore C-L value in the H1 parser if T-E is also set
|
|
- REGTESTS: filters: Don't set C-L header in the successful response to CONNECT
|
|
- MINOR: mux-h1: Add flags if outgoing msg contains a header about its payload
|
|
- MINOR: mux-h1: Rely on H1S_F_HAVE_CHNK to add T-E in outgoing messages
|
|
- BUG/MEDIUM: mux-h1: Add C-L header in outgoing message if it was removed
|
|
- BUG/MEDIUM: mux-h1; Ignore headers modifications about payload representation
|
|
- BUG/MINOR: h1-htx: Keep flags about C-L/T-E during HEAD response parsing
|
|
- MINOR: h1-htx: Declare successful tunnel establishment as bodyless
|
|
- BUILD: quic: allow USE_QUIC to work with AWSLC
|
|
- CI: github: add USE_QUIC=1 to aws-lc build
|
|
- BUG/MINOR: hq-interop: simplify parser requirement
|
|
- MEDIUM: cache: Add "Origin" header to secondary cache key
|
|
- MINOR: haproxy: permit to register features during boot
|
|
- MINOR: tcp_rules: tcp-{request,response} requires TCP or HTTP mode
|
|
- MINOR: stktable: "stick" requires TCP or HTTP mode
|
|
- MINOR: filter: "filter" requires TCP or HTTP mode
|
|
- MINOR: backend/balance: "balance" requires TCP or HTTP mode
|
|
- MINOR: flt_http_comp: "compression" requires TCP or HTTP mode
|
|
- MINOR: http_htx/errors: prevent the use of some keywords when not in tcp/http mode
|
|
- MINOR: fcgi-app: "use-fcgi-app" requires TCP or HTTP mode
|
|
- MINOR: cfgparse-listen: "http-send-name-header" requires TCP or HTTP mode
|
|
- MINOR: cfgparse-listen: "dynamic-cookie-key" requires TCP or HTTP mode
|
|
- MINOR: proxy: dynamic-cookie CLIs require TCP or HTTP mode
|
|
- MINOR: cfgparse-listen: "http-reuse" requires TCP or HTTP mode
|
|
- MINOR: proxy: report a warning for max_ka_queue in proxy_cfg_ensure_no_http()
|
|
- MINOR: cfgparse-listen: warn when use-server rules is used in wrong mode
|
|
- DOC: config: unify "log" directive doc
|
|
- MINOR: sink/log: fix some typos around postparsing logic
|
|
- MINOR: sink: remove useless check after sink creation
|
|
- MINOR: sink: don't rely on p->parent in sink appctx
|
|
- MINOR: sink: don't rely on forward_px to init sink forwarding
|
|
- MINOR: sink: refine forward_px usage
|
|
- MINOR: sink: function to add new sink servers
|
|
- BUG/MEDIUM: stconn: Fix comparison sign in sc_need_room()
|
|
- BUG/MEDIUM: actions: always apply a longest match on prefix lookup
|
|
|
|
2023/09/22 : 2.9-dev6
|
|
- BUG/MINOR: quic: fdtab array underflow access
|
|
- DEBUG: pools: always record the caller for uncached allocs as well
|
|
- DEBUG: pools: pass the caller pointer to the check functions and macros
|
|
- DEBUG: pools: make pool_check_pattern() take a pointer to the pool
|
|
- DEBUG: pools: inspect pools on fatal error and dump information found
|
|
- BUG/MEDIUM: quic: quic_cc_conn ->cntrs counters unreachable
|
|
- DEBUG: pools: also print the item's pointer when crashing
|
|
- DEBUG: pools: also print the value of the tag when it doesn't match
|
|
- DEBUG: pools: print the contents surrounding the expected tag location
|
|
- MEDIUM: pools: refine pool size rounding
|
|
- BUG/MEDIUM: hlua: don't pass stale nargs argument to lua_resume()
|
|
- BUG/MINOR: hlua/init: coroutine may not resume itself
|
|
- BUG/MEDIUM: mux-fcgi: Don't swap trash and dbuf when handling STDERR records
|
|
- BUG/MINOR: promex: fix backend_agg_check_status
|
|
- BUG/MEDIUM: master/cli: Pin the master CLI on the first thread of the group 1
|
|
- MAJOR: import: update mt_list to support exponential back-off
|
|
- CLEANUP: pools: simplify the pool expression when no pool was matched in dump
|
|
- MINOR: samples: implement bytes_in and bytes_out samples
|
|
- DOC: configuration: add %[req.ver] sample to %HV
|
|
- BUG/MINOR: quic: Leak of frames to send.
|
|
- DOC: configuration: add %[query] to %HQ
|
|
- BUG/MINOR: freq_ctr: fix possible negative rate with the scaled API
|
|
- BUG/MAJOR: mux-h2: Report a protocol error for any DATA frame before headers
|
|
- BUILD: quic: fix build on centos 8 and USE_QUIC_OPENSSL_COMPAT
|
|
- Revert "MAJOR: import: update mt_list to support exponential back-off"
|
|
- BUG/MINOR: server: add missing free for server->rdr_pfx
|
|
- REGTESTS: ssl: skip OCSP test w/ WolfSSL
|
|
- REGTESTS: ssl: skip generate-certificates test w/ wolfSSL
|
|
- MINOR: logs: clarify the check of the log range
|
|
- MINOR: log: remove the unused curr_idx in struct smp_log_range
|
|
- CLEANUP: logs: rename a confusing local variable "curr_rg" to "smp_rg"
|
|
- MINOR: logs: use a single index to store the current range and index
|
|
- MEDIUM: logs: atomically check and update the log sample index
|
|
- CLEANUP: ring: rename the ring lock "RING_LOCK" instead of "LOGSRV_LOCK"
|
|
- BUG/MEDIUM: http-ana: Try to handle response before handling server abort
|
|
- MEDIUM: tools/ip: v4tov6() and v6tov4() rework
|
|
- MINOR: pattern/ip: offload ip conversion logic to helper functions
|
|
- MINOR: pattern: fix pat_{parse,match}_ip() function comments
|
|
- MINOR: pattern/ip: simplify pat_match_ip() function
|
|
- BUG/MEDIUM: server/cli: don't delete a dynamic server that has streams
|
|
- MINOR: hlua: Add support for the "http-after-res" action
|
|
- BUG/MINOR: proto_reverse_connect: fix preconnect with startup name resolution
|
|
- MINOR: proto_reverse_connect: prevent transparent server for pre-connect
|
|
- CI: cirrus-ci: display gdb bt if any
|
|
- MEDIUM: sample: Enhances converter "bytes" to take variable names as arguments
|
|
- MEDIUM: sample: Small fix in function check_operator for eror reporting
|
|
- MINOR: quic: handle external extra CIDs generator.
|
|
- BUG/MINOR: proto_reverse_connect: set default maxconn
|
|
- MINOR: proto_reverse_connect: refactor preconnect failure
|
|
- MINOR: proto_reverse_connect: remove unneeded wakeup
|
|
- MINOR: proto_reverse_connect: emit log for preconnect
|
|
|
|
2023/09/08 : 2.9-dev5
|
|
- BUG/MEDIUM: mux-h2: fix crash when checking for reverse connection after error
|
|
- BUILD: import: guard plock.h against multiple inclusion
|
|
- BUILD: pools: import plock.h to build even without thread support
|
|
- BUG/MINOR: ssl/cli: can't find ".crt" files when replacing a certificate
|
|
- BUG/MINOR: stream: protect stream_dump() against incomplete streams
|
|
- DOC: config: mention uid dependency on the tune.quic.socket-owner option
|
|
- MEDIUM: capabilities: enable support for Linux capabilities
|
|
- CLEANUP/MINOR: connection: Improve consistency of PPv2 related constants
|
|
- MEDIUM: connection: Generic, list-based allocation and look-up of PPv2 TLVs
|
|
- MEDIUM: sample: Add fetch for arbitrary TLVs
|
|
- MINOR: sample: Refactor fc_pp_authority by wrapping the generic TLV fetch
|
|
- MINOR: sample: Refactor fc_pp_unique_id by wrapping the generic TLV fetch
|
|
- MINOR: sample: Add common TLV types as constants for fc_pp_tlv
|
|
- MINOR: ssl_sock: avoid iterating realloc(+1) on stored context
|
|
- DOC: ssl: add some comments about the non-obvious session allocation stuff
|
|
- CLEANUP: ssl: keep a pointer to the server in ssl_sock_init()
|
|
- MEDIUM: ssl_sock: always use the SSL's server name, not the one from the tid
|
|
- MEDIUM: server/ssl: place an rwlock in the per-thread ssl server session
|
|
- MINOR: server/ssl: maintain an index of the last known valid SSL session
|
|
- MINOR: server/ssl: clear the shared good session index on failure
|
|
- MEDIUM: server/ssl: pick another thread's session when we have none yet
|
|
- MINOR: activity: report the current run queue size
|
|
- BUG/MINOR: checks: do not queue/wake a bounced check
|
|
- MINOR: checks: start the checks in sleeping state
|
|
- MINOR: checks: pin the check to its thread upon wakeup
|
|
- MINOR: check: remember when we migrate a check
|
|
- MINOR: check/activity: collect some per-thread check activity stats
|
|
- MINOR: checks: maintain counters of active checks per thread
|
|
- MINOR: check: also consider the random other thread's active checks
|
|
- MEDIUM: checks: search more aggressively for another thread on overload
|
|
- MEDIUM: checks: implement a queue in order to limit concurrent checks
|
|
- MINOR: checks: also consider the thread's queue for rebalancing
|
|
- DEBUG: applet: Properly report opposite SC expiration dates in traces
|
|
- BUG/MEDIUM: stconn: Update stream expiration date on blocked sends
|
|
- BUG/MINOR: stconn: Don't report blocked sends during connection establishment
|
|
- BUG/MEDIUM: stconn: Wake applets on sending path if there is a pending shutdown
|
|
- BUG/MEDIUM: stconn: Don't block sends if there is a pending shutdown
|
|
- BUG/MINOR: quic: Possible skipped RTT sampling
|
|
- MINOR: quic: Add a trace to quic_release_frm()
|
|
- BUG/MAJOR: quic: Really ignore malformed ACK frames.
|
|
- BUG/MINOR: quic: Unchecked pointer to packet number space dereferenced
|
|
- BUG/MEDIUM: connection: fix pool free regression with recent ppv2 TLV patches
|
|
- BUG/MEDIUM: h1-htx: Ensure chunked parsing with full output buffer
|
|
- BUG/MINOR: stream: further protect stream_dump() against incomplete sessions
|
|
- DOC: configuration: update examples for req.ver
|
|
- MINOR: properly mark the end of the CLI command in error messages
|
|
- BUILD: ssl: Build with new cryptographic library AWS-LC
|
|
- REGTESTS: ssl: skip ssl_dh test with AWS-LC
|
|
- BUILD: bug: make BUG_ON() void to avoid a rare warning
|
|
- BUILD: checks: shut up yet another stupid gcc warning
|
|
- MINOR: cpuset: add ha_cpuset_isset() to check for the presence of a CPU in a set
|
|
- MINOR: cpuset: add ha_cpuset_or() to bitwise-OR two CPU sets
|
|
- MINOR: cpuset: centralize a reliable bound cpu detection
|
|
- MEDIUM: threads: detect incomplete CPU bindings
|
|
- MEDIUM: threads: detect excessive thread counts vs cpu-map
|
|
- BUILD: quic: Compilation issue on 32-bits systems with quic_may_send_bytes()
|
|
- BUG/MINOR: quic: Unchecked pointer to Handshake packet number space
|
|
- MINOR: global: export the display_version() symbol
|
|
- MEDIUM: mworker: display a more accessible message when a worker crash
|
|
- MINOR: httpclient: allow to configure the retries
|
|
- MINOR: httpclient: allow to configure the timeout.connect
|
|
- BUG/MINOR: quic: Wrong RTT adjusments
|
|
- BUG/MINOR: quic: Wrong RTT computation (srtt and rrt_var)
|
|
- BUG/MINOR: stconn: Don't inhibit shutdown on connection on error
|
|
- BUG/MEDIUM: applet: Fix API for function to push new data in channels buffer
|
|
- BUG/MEDIUM: stconn: Report read activity when a stream is attached to front SC
|
|
- BUG/MEDIUM: applet: Report an error if applet request more room on aborted SC
|
|
- BUG/MEDIUM: stconn/stream: Forward shutdown on write timeout
|
|
- NUG/MEDIUM: stconn: Always update stream's expiration date after I/O
|
|
- BUG/MINOR: applet: Always expect data when CLI is waiting for a new command
|
|
- BUG/MINOR: ring/cli: Don't expect input data when showing events
|
|
- BUG/MINOR: quic: Dereferenced unchecked pointer to Handshke packet number space
|
|
- BUG/MINOR: hlua/action: incorrect message on E_YIELD error
|
|
- MINOR: http_ana: position the FINAL flag for http_after_res execution
|
|
- CI: scripts: add support to build-ssl.sh to download and build AWS-LC
|
|
- CI: add support to matrix.py to determine the latest AWS-LC release
|
|
- CI: Update matrix.py so all code is contained in functions.
|
|
- CI: github: Add a weekly CI run building with AWS-LC
|
|
- MINOR: ring: add a function to compute max ring payload
|
|
- BUG/MEDIUM: ring: adjust maxlen consistency check
|
|
- MINOR: sink: simplify post_sink_resolve function
|
|
- MINOR: log/sink: detect when log maxlen exceeds sink size
|
|
- MINOR: sink: inform the user when logs will be implicitly truncated
|
|
- MEDIUM: sink: don't perform implicit truncations when maxlen is not set
|
|
- MINOR: log: move log-forwarders cleanup in log.c
|
|
- MEDIUM: httpclient/logs: rely on per-proxy post-check instead of global one
|
|
- MINOR: log: add dup_logsrv() helper function
|
|
- MEDIUM: log/sink: make logsrv postparsing more generic
|
|
- MEDIUM: fcgi-app: properly postresolve logsrvs
|
|
- MEDIUM: spoe-agent: properly postresolve log rings
|
|
- MINOR: sink: add helper function to deallocate sink struct
|
|
- MEDIUM: sink/ring: introduce high level ring creation helper function
|
|
- MEDIUM: sink: add sink_finalize() function
|
|
- CLEANUP: log: remove unnecessary trim in __do_send_log
|
|
- MINOR: cache: Change hash function in default normalizer used in case of "vary"
|
|
- MINOR: tasks/stats: report the number of niced tasks in "show info"
|
|
- CI: Update to actions/checkout@v4
|
|
- MINOR: ssl: add support for 'curves' keyword on server lines
|
|
- BUG/MINOR: quic: Wrong cluster secret initialization
|
|
- CLEANUP: quic: Remove useless free_quic_tx_pkts() function.
|
|
- MEDIUM: init: initialize the trash earlier
|
|
- MINOR: tools: add function read_line_to_trash() to read a line of a file
|
|
- MINOR: cfgparse: use read_line_from_trash() to read from /sys
|
|
- MEDIUM: cfgparse: assign NUMA affinity to cpu-maps
|
|
- MINOR: cpuset: dynamically allocate cpu_map
|
|
- REORG: cpuset: move parse_cpu_set() and parse_cpumap() to cpuset.c
|
|
- CI: musl: highlight section if there are coredumps
|
|
- CI: musl: drop shopt in workflow invocation
|
|
|
|
2023/08/25 : 2.9-dev4
|
|
- DEV: flags/show-sess-to-flags: properly decode fd.state
|
|
- BUG/MINOR: stktable: allow sc-set-gpt(0) from tcp-request connection
|
|
- BUG/MINOR: stktable: allow sc-add-gpc from tcp-request connection
|
|
- DOC: typo: fix sc-set-gpt references
|
|
- SCRIPTS: git-show-backports: automatic ref and base detection with -m
|
|
- REGTESTS: Do not use REQUIRE_VERSION for HAProxy 2.5+ (3)
|
|
- DOC: jwt: Add explicit list of supported algorithms
|
|
- BUILD: Makefile: add the USE_QUIC option to make help
|
|
- BUILD: Makefile: add USE_QUIC_OPENSSL_COMPAT to make help
|
|
- BUILD: Makefile: realigned USE_* options in make help
|
|
- DEV: makefile: fix POSIX compatibility for "range" target
|
|
- IMPORT: plock: also support inlining the int code
|
|
- IMPORT: plock: always expose the inline version of the lock wait function
|
|
- IMPORT: lorw: support inlining the wait call
|
|
- MINOR: threads: inline the wait function for pthread_rwlock emulation
|
|
- MINOR: atomic: make sure to always relax after a failed CAS
|
|
- MINOR: pools: use EBO to wait for unlock during pool_flush()
|
|
- BUILD/IMPORT: fix compilation with PLOCK_DISABLE_EBO=1
|
|
- MINOR: quic+openssl_compat: Do not start without "limited-quic"
|
|
- MINOR: quic+openssl_compat: Emit an alert for "allow-0rtt" option
|
|
- BUG/MINOR: quic: allow-0rtt warning must only be emitted with quic bind
|
|
- BUG/MINOR: quic: ssl_quic_initial_ctx() uses error count not error code
|
|
- MINOR: pattern: do not needlessly lookup the LRU cache for empty lists
|
|
- IMPORT: xxhash: update xxHash to version 0.8.2
|
|
- MINOR: proxy: simplify parsing 'backend/server'
|
|
- MINOR: connection: centralize init/deinit of backend elements
|
|
- MEDIUM: connection: implement passive reverse
|
|
- MEDIUM: h2: reverse connection after SETTINGS reception
|
|
- MINOR: server: define reverse-connect server
|
|
- MINOR: backend: only allow reuse for reverse server
|
|
- MINOR: tcp-act: parse 'tcp-request attach-srv' session rule
|
|
- REGTESTS: provide a reverse-server test
|
|
- MINOR: tcp-act: define optional arg name for attach-srv
|
|
- MINOR: connection: use attach-srv name as SNI reuse parameter on reverse
|
|
- REGTESTS: provide a reverse-server test with name argument
|
|
- MINOR: proto: define dedicated protocol for active reverse connect
|
|
- MINOR: connection: extend conn_reverse() for active reverse
|
|
- MINOR: proto_reverse_connect: parse rev@ addresses for bind
|
|
- MINOR: connection: prepare init code paths for active reverse
|
|
- MEDIUM: proto_reverse_connect: bootstrap active reverse connection
|
|
- MINOR: proto_reverse_connect: handle early error before reversal
|
|
- MEDIUM: h2: implement active connection reversal
|
|
- MEDIUM: h2: prevent stream opening before connection reverse completed
|
|
- REGTESTS: write a full reverse regtest
|
|
- BUG/MINOR: h2: fix reverse if no timeout defined
|
|
- CI: fedora: fix "dnf" invocation syntax
|
|
- BUG/MINOR: hlua_fcn: potentially unsafe stktable_data_ptr usage
|
|
- DOC: lua: fix Sphinx warning from core.get_var()
|
|
- DOC: lua: fix core.register_action typo
|
|
- BUG/MINOR: ssl_sock: fix possible memory leak on OOM
|
|
- MEDIUM: map/acl: Improve pat_ref_set() efficiency (for "set-map", "add-acl" action perfs)
|
|
- MEDIUM: map/acl: Improve pat_ref_set_elt() efficiency (for "set-map", "add-acl"action perfs)
|
|
- MEDIUM: map/acl: Accelerate several functions using pat_ref_elt struct ->head list
|
|
- MEDIUM: map/acl: Replace map/acl spin lock by a read/write lock.
|
|
- DOC: map/acl: Remove the comments about map/acl performance issue
|
|
- DOC: Explanation of be_name and be_id fetches
|
|
- MINOR: connection: simplify removal of idle conns from their trees
|
|
- MINOR: server: move idle tree insert in a dedicated function
|
|
- MAJOR: connection: purge idle conn by last usage
|
|
|
|
2023/08/12 : 2.9-dev3
|
|
- BUG/MINOR: ssl: OCSP callback only registered for first SSL_CTX
|
|
- BUG/MEDIUM: h3: Properly report a C-L header was found to the HTX start-line
|
|
- MINOR: sample: add pid sample
|
|
- MINOR: sample: implement act_conn sample fetch
|
|
- MINOR: sample: accept_date / request_date return %Ts / %tr timestamp values
|
|
- MEDIUM: sample: implement us and ms variant of utime and ltime
|
|
- BUG/MINOR: sample: check alloc_trash_chunk() in conv_time_common()
|
|
- DOC: configuration: describe Td in Timing events
|
|
- MINOR: sample: implement the T* timer tags from the log-format as fetches
|
|
- DOC: configuration: add sample fetches for timing events
|
|
- BUG/MINOR: quic: Possible crash when acknowledging Initial v2 packets
|
|
- MINOR: quic: Export QUIC traces code from quic_conn.c
|
|
- MINOR: quic: Export QUIC CLI code from quic_conn.c
|
|
- MINOR: quic: Move TLS related code to quic_tls.c
|
|
- MINOR: quic: Add new "QUIC over SSL" C module.
|
|
- MINOR: quic: Add a new quic_ack.c C module for QUIC acknowledgements
|
|
- CLEANUP: quic: Defined but no more used function (quic_get_tls_enc_levels())
|
|
- MINOR: quic: Split QUIC connection code into three parts
|
|
- CLEANUP: quic: quic_conn struct cleanup
|
|
- MINOR: quic; Move the QUIC frame pool to its proper location
|
|
- BUG/MINOR: chunk: fix chunk_appendf() to not write a zero if buffer is full
|
|
- BUG/MEDIUM: h3: Be sure to handle fin bit on the last DATA frame
|
|
- DOC: configuration: rework the custom log format table
|
|
- BUG/MINOR: quic+openssl_compat: Non initialized TLS encryption levels
|
|
- CLEANUP: acl: remove cache_idx from acl struct
|
|
- REORG: cfgparse: extract curproxy as a global variable
|
|
- MINOR: acl: add acl() sample fetch
|
|
- BUILD: cfgparse: keep a single "curproxy"
|
|
- BUG/MEDIUM: bwlim: Reset analyse expiration date when then channel analyse ends
|
|
- MEDIUM: stream: Reset response analyse expiration date if there is no analyzer
|
|
- BUG/MINOR: htx/mux-h1: Properly handle bodyless responses when splicing is used
|
|
- BUG/MEDIUM: quic: consume contig space on requeue datagram
|
|
- BUG/MINOR: http-client: Don't forget to commit changes on HTX message
|
|
- CLEANUP: stconn: Move comment about sedesc fields on the field line
|
|
- REGTESTS: http: Create a dedicated script to test spliced bodyless responses
|
|
- REGTESTS: Test SPLICE feature is enabled to execute script about splicing
|
|
- BUG/MINOR: quic: reappend rxbuf buffer on fake dgram alloc error
|
|
- BUILD: quic: fix wrong potential NULL dereference
|
|
- MINOR: h3: abort request if not completed before full response
|
|
- BUG/MAJOR: http-ana: Get a fresh trash buffer for each header value replacement
|
|
- CLEANUP: quic: Remove quic_path_room().
|
|
- MINOR: quic: Amplification limit handling sanitization.
|
|
- MINOR: quic: Move some counters from [rt]x quic_conn anonymous struct
|
|
- MEDIUM: quic: Send CONNECTION_CLOSE packets from a dedicated buffer.
|
|
- MINOR: quic: Use a pool for the connection ID tree.
|
|
- MEDIUM: quic: Allow the quic_conn memory to be asap released.
|
|
- MINOR: quic: Release asap quic_conn memory (application level)
|
|
- MINOR: quic: Release asap quic_conn memory from ->close() xprt callback.
|
|
- MINOR: quic: Warning for OpenSSL wrapper QUIC bindings without "limited-quic"
|
|
- REORG: http: move has_forbidden_char() from h2.c to http.h
|
|
- BUG/MAJOR: h3: reject header values containing invalid chars
|
|
- MINOR: mux-h2/traces: also suggest invalid header upon parsing error
|
|
- MINOR: ist: add new function ist_find_range() to find a character range
|
|
- MINOR: http: add new function http_path_has_forbidden_char()
|
|
- MINOR: h2: pass accept-invalid-http-request down the request parser
|
|
- REGTESTS: http-rules: add accept-invalid-http-request for normalize-uri tests
|
|
- BUG/MINOR: h1: do not accept '#' as part of the URI component
|
|
- BUG/MINOR: h2: reject more chars from the :path pseudo header
|
|
- BUG/MINOR: h3: reject more chars from the :path pseudo header
|
|
- REGTESTS: http-rules: verify that we block '#' by default for normalize-uri
|
|
- DOC: clarify the handling of URL fragments in requests
|
|
- BUG/MAJOR: http: reject any empty content-length header value
|
|
- BUG/MINOR: http: skip leading zeroes in content-length values
|
|
- BUG/MEDIUM: mux-h1: fix incorrect state checking in h1_process_mux()
|
|
- BUG/MEDIUM: mux-h1: do not forget EOH even when no header is sent
|
|
- BUILD: mux-h1: shut a build warning on clang from previous commit
|
|
- DEV: makefile: add a new "range" target to iteratively build all commits
|
|
- CI: do not use "groupinstall" for Fedora Rawhide builds
|
|
- CI: get rid of travis-ci wrapper for Coverity scan
|
|
- BUG/MINOR: quic: mux started when releasing quic_conn
|
|
- BUG/MINOR: quic: Possible crash in quic_cc_conn_io_cb() traces.
|
|
- MINOR: quic: Add a trace for QUIC conn fd ready for receive
|
|
- BUG/MINOR: quic: Possible crash when issuing "show fd/sess" CLI commands
|
|
- BUG/MINOR: quic: Missing tasklet (quic_cc_conn_io_cb) memory release (leak)
|
|
- BUG/MEDIUM: quic: fix tasklet_wakeup loop on connection closing
|
|
- BUG/MINOR: hlua: fix invalid use of lua_pop on error paths
|
|
- MINOR: hlua: add hlua_stream_ctx_prepare helper function
|
|
- BUG/MEDIUM: hlua: streams don't support mixing lua-load with lua-load-per-thread
|
|
- MAJOR: threads/plock: update the embedded library again
|
|
- MINOR: stick-table: move the task_queue() call outside of the lock
|
|
- MINOR: stick-table: move the task_wakeup() call outside of the lock
|
|
- MEDIUM: stick-table: change the ref_cnt atomically
|
|
- MINOR: stick-table: better organize the struct stktable
|
|
- MEDIUM: peers: update ->commitupdate out of the lock using a CAS
|
|
- MEDIUM: peers: drop then re-acquire the wrlock in peer_send_teachmsgs()
|
|
- MEDIUM: peers: only read-lock peer_send_teachmsgs()
|
|
- MEDIUM: stick-table: use a distinct lock for the updates tree
|
|
- MEDIUM: stick-table: touch updates under an upgradable read lock
|
|
- MEDIUM: peers: drop the stick-table lock before entering peer_send_teachmsgs()
|
|
- MINOR: stick-table: move the update lock into its own cache line
|
|
- CLEANUP: stick-table: slightly reorder the stktable struct
|
|
- BUILD: defaults: use __WORDSIZE not LONGBITS for MAX_THREADS_PER_GROUP
|
|
- MINOR: tools: make ptr_hash() support 0-bit outputs
|
|
- MINOR: tools: improve ptr hash distribution on 64 bits
|
|
- OPTIM: tools: improve hash distribution using a better prime seed
|
|
- OPTIM: pools: use exponential back-off on shared pool allocation/release
|
|
- OPTIM: pools: make pool_get_from_os() / pool_put_to_os() not update ->allocated
|
|
- MINOR: pools: introduce the use of multiple buckets
|
|
- MEDIUM: pools: spread the allocated counter over a few buckets
|
|
- MEDIUM: pools: move the used counter over a few buckets
|
|
- MEDIUM: pools: move the needed_avg counter over a few buckets
|
|
- MINOR: pools: move the failed allocation counter over a few buckets
|
|
- MAJOR: pools: move the shared pool's free_list over multiple buckets
|
|
- MINOR: pools: make pool_evict_last_items() use pool_put_to_os_no_dec()
|
|
- BUILD: pools: fix build error on clang with inline vs forceinline
|
|
|
|
2023/07/21 : 2.9-dev2
|
|
- BUG/MINOR: quic: Possible leak when allocating an encryption level
|
|
- BUG/MINOR: quic: Missing QUIC connection path member initialization
|
|
- BUILD: quic: Compilation fixes for some gcc warnings with -O1
|
|
- DOC: ssl: Fix typo in 'ocsp-update' option
|
|
- DOC: ssl: Add ocsp-update troubleshooting clues and emphasize on crt-list only aspect
|
|
- BUG/MINOR: tcp_sample: bc_{dst,src} return IP not INT
|
|
- MEDIUM: acl/sample: unify sample conv parsing in a single function
|
|
- MINOR: sample: introduce c_pseudo() conv function
|
|
- MEDIUM: sample: add missing ADDR=>? compatibility matrix entries
|
|
- MINOR: sample: fix ipmask sample definition
|
|
- MEDIUM: tree-wide: fetches that may return IPV4+IPV6 now return ADDR
|
|
- MEDIUM: sample: introduce 'same' output type
|
|
- BUG/MINOR: quic: Possible crash in "show quic" dumping packet number spaces
|
|
- BUG/MINOR: cache: A 'max-age=0' cache-control directive can be overriden by a s-maxage
|
|
- BUG/MEDIUM: sink: invalid server list in sink_new_from_logsrv()
|
|
- BUG/MINOR: http_ext: unhandled ERR_ABORT in proxy_http_parse_7239()
|
|
- BUG/MINOR: sink: missing sft free in sink_deinit()
|
|
- BUG/MINOR: ring: size warning incorrectly reported as fatal error
|
|
- BUG/MINOR: ring: maxlen warning reported as alert
|
|
- BUG/MINOR: log: LF upsets maxlen for UDP targets
|
|
- MINOR: sink/api: pass explicit maxlen parameter to sink_write()
|
|
- BUG/MEDIUM: log: improper use of logsrv->maxlen for buffer targets
|
|
- BUG/MINOR: log: fix missing name error message in cfg_parse_log_forward()
|
|
- BUG/MINOR: log: fix multiple error paths in cfg_parse_log_forward()
|
|
- BUG/MINOR: log: free errmsg on error in cfg_parse_log_forward()
|
|
- BUG/MINOR: sink: invalid sft free in sink_deinit()
|
|
- BUG/MINOR: sink: fix errors handling in cfg_post_parse_ring()
|
|
- BUG/MINOR: server: set rid default value in new_server()
|
|
- MINOR: hlua_fcn/mailers: handle timeout mail from mailers section
|
|
- BUG/MINOR: sink/log: properly deinit srv in sink_new_from_logsrv()
|
|
- EXAMPLES: maintain haproxy 2.8 retrocompatibility for lua mailers script
|
|
- BUG/MINOR: hlua_fcn/queue: use atomic load to fetch queue size
|
|
- BUG/MINOR: config: Remove final '\n' in error messages
|
|
- BUG/MINOR: config: Lenient port configuration parsing
|
|
- BUG/MEDIUM: quic: token IV was not computed using a strong secret
|
|
- BUG/MINOR: quic: retry token remove one useless intermediate expand
|
|
- BUG/MEDIUM: quic: missing check of dcid for init pkt including a token
|
|
- BUG/MEDIUM: quic: timestamp shared in token was using internal time clock
|
|
- CLEANUP: quic: remove useless parameter 'key' from quic_packet_encrypt
|
|
- BUG/MINOR: hlua: hlua_yieldk ctx argument should support pointers
|
|
- BUG/MEDIUM: hlua_fcn/queue: bad pop_wait sequencing
|
|
- DOC: config: Fix fc_src description to state the source address is returned
|
|
- BUG/MINOR: sample: Fix wrong overflow detection in add/sub conveters
|
|
- BUG/MINOR: http: Return the right reason for 302
|
|
- MEDIUM: ssl: new sample fetch method to get curve name
|
|
- CI: add naming convention documentation
|
|
- CI: explicitely highlight VTest result section if there's something
|
|
- BUG/MINOR: quic: Unckecked encryption levels availability
|
|
- BUILD: quic: fix warning during compilation using gcc-6.5
|
|
- BUG/MINOR: hlua: add check for lua_newstate
|
|
- BUG/MINOR: h1-htx: Return the right reason for 302 FCGI responses
|
|
- MINOR: lua: Allow reading "proc." scoped vars from LUA core.
|
|
- MINOR: cpuset: add cpu_map_configured() to know if a cpu-map was found
|
|
- BUG/MINOR: config: do not detect NUMA topology when cpu-map is configured
|
|
- BUG/MINOR: cpuset: remove the bogus "proc" from the cpu_map struct
|
|
- BUG/MINOR: init: set process' affinity even in foreground
|
|
- CLEANUP: cpuset: remove the unused proc_t1 field in cpu_map
|
|
- CLEANUP: config: make parse_cpu_set() return documented values
|
|
- BUG/MINOR: server: Don't warn on server resolution failure with init-addr none
|
|
- MINOR: peers: add peers keyword registration
|
|
- MINOR: quic: Stop storing the TX encoded transport parameters
|
|
- MINOR: quic: Dynamic allocation for negotiated Initial TLS cipher context.
|
|
- MINOR: quic: Release asap the negotiated Initial TLS context.
|
|
- MINOR: quic: Add traces to qc_may_build_pkt()
|
|
- MEDIUM: quic: Packet building rework.
|
|
- CLEANUP: quic: Remove a useless TLS related variable from quic_conn_io_cb().
|
|
- MEDIUM: quic: Handshake I/O handler rework.
|
|
- MINOR: quic: Add traces for qc_frm_free()
|
|
- MINOR: quic: add trace about pktns packet/frames releasing
|
|
- BUG/MINOR: quic: Missing parentheses around PTO probe variable.
|
|
- MINOR: quic: Ping from Initial pktns before reaching anti-amplification limit
|
|
- BUG/MINOR: server-state: Ignore empty files
|
|
- BUG/MINOR: server-state: Avoid warning on 'file not found'
|
|
- BUG/MEDIUM: listener: Acquire proxy's lock in relax_listener() if necessary
|
|
- MINOR: quic: QUIC openssl wrapper implementation
|
|
- MINOR: quic: Include QUIC opensssl wrapper header from TLS stacks compatibility header
|
|
- MINOR: quic: Do not enable O-RTT with USE_QUIC_OPENSSL_COMPAT
|
|
- MINOR: quic: Set the QUIC connection as extra data before calling SSL_set_quic_method()
|
|
- MINOR: quic: Do not enable 0RTT with SSL_set_quic_early_data_enabled()
|
|
- MINOR: quic: Add a compilation option for the QUIC OpenSSL wrapper
|
|
- MINOR: quic: Export some KDF functions (QUIC-TLS)
|
|
- MINOR: quic: Make ->set_encryption_secrets() be callable two times
|
|
- MINOR: quic: Initialize TLS contexts for QUIC openssl wrapper
|
|
- MINOR: quic: Call the keylog callback for QUIC openssl wrapper from SSL_CTX_keylog()
|
|
- MINOR: quic: Add a quic_openssl_compat struct to quic_conn struct
|
|
- MINOR: quic: Useless call to SSL_CTX_set_quic_method()
|
|
- MINOR: quic: SSL context initialization with QUIC OpenSSL wrapper.
|
|
- MINOR: quic: Missing encoded transport parameters for QUIC OpenSSL wrapper
|
|
- MINOR: quic: Add "limited-quic" new tuning setting
|
|
- DOC: quic: Add "limited-quic" new tuning setting
|
|
- DOC: install: Document how to build a limited support for QUIC
|
|
|
|
2023/07/02 : 2.9-dev1
|
|
- BUG/MINOR: stats: Fix Lua's `get_stats` function
|
|
- MINOR: stats: protect against future stats fields omissions
|
|
- BUG/MINOR: stream: do not use client-fin/server-fin with HTX
|
|
- BUG/MINOR: quic: Possible crash when SSL session init fails
|
|
- CONTRIB: Add vi file extensions to .gitignore
|
|
- BUG/MINOR: spoe: Only skip sending new frame after a receive attempt
|
|
- BUG/MINOR: peers: Improve detection of config errors in peers sections
|
|
- REG-TESTS: stickiness: Delay haproxys start to properly resolv variables
|
|
- DOC: quic: fix misspelled tune.quic.socket-owner
|
|
- DOC: config: fix jwt_verify() example using var()
|
|
- DOC: config: fix rfc7239 converter examples (again)
|
|
- BUG/MINOR: cfgparse-tcp: leak when re-declaring interface from bind line
|
|
- BUG/MINOR: proxy: add missing interface bind free in free_proxy
|
|
- BUG/MINOR: proxy/server: free default-server on deinit
|
|
- BUG/MEDIUM: hlua: Use front SC to detect EOI in HTTP applets' receive functions
|
|
- BUG/MINOR: ssl: log message non thread safe in SSL Hanshake failure
|
|
- BUG/MINOR: quic: Wrong encryption level flags checking
|
|
- BUG/MINOR: quic: Address inversion in "show quic full"
|
|
- BUG/MINOR: server: inherit from netns in srv_settings_cpy()
|
|
- BUG/MINOR: namespace: missing free in netns_sig_stop()
|
|
- BUG/MINOR: quic: Missing initialization (packet number space probing)
|
|
- BUG/MINOR: quic: Possible crash in quic_conn_prx_cntrs_update()
|
|
- BUG/MINOR: quic: Possible endless loop in quic_lstnr_dghdlr()
|
|
- MINOR: quic: Remove pool_zalloc() from qc_new_conn()
|
|
- MINOR: quic: Remove pool_zalloc() from qc_conn_alloc_ssl_ctx()
|
|
- MINOR: quic: Remove pool_zalloc() from quic_dgram_parse()
|
|
- BUG/MINOR: quic: Missing transport parameters initializations
|
|
- BUG/MEDIUM: mworker: increase maxsock with each new worker
|
|
- BUG/MINOR: quic: ticks comparison without ticks API use
|
|
- BUG/MINOR: quic: Missing TLS secret context initialization
|
|
- DOC: Add tune.h2.be.* and tune.h2.fe.* options to table of contents
|
|
- DOC: Add tune.h2.max-frame-size option to table of contents
|
|
- DOC: Attempt to fix dconv parsing error for tune.h2.fe.initial-window-size
|
|
- REGTESTS: h1_host_normalization : Add a barrier to not mix up log messages
|
|
- MEDIUM: mux-h1: Split h1_process_mux() to make code more readable
|
|
- REORG: mux-h1: Rename functions to emit chunk size/crlf in the output buffer
|
|
- MINOR: mux-h1: Add function to append the chunk size to the output buffer
|
|
- MINOR: mux-h1: Add function to prepend the chunk crlf to the output buffer
|
|
- MEDIUM: filters/htx: Don't rely on HTX extra field if payload is filtered
|
|
- MEDIIM: mux-h1: Add splicing support for chunked messages
|
|
- REGTESTS: Add a script to test the kernel splicing with chunked messages
|
|
- CLEANUP: mux-h1: Remove useless __maybe_unused statement
|
|
- BUG/MINOR: http_ext: fix if-none regression in forwardfor option
|
|
- REGTEST: add an extra testcase for ifnone-forwardfor
|
|
- BUG/MINOR: mworker: leak of a socketpair during startup failure
|
|
- BUG/MINOR: quic: Prevent deadlock with CID tree lock
|
|
- MEDIUM: ssl: handle the SSL_ERROR_ZERO_RETURN during the handshake
|
|
- BUG/MINOR: ssl: SSL_ERROR_ZERO_RETURN returns CO_ER_SSL_EMPTY
|
|
- BUILD: mux-h1: silence a harmless fallthrough warning
|
|
- BUG/MEDIUM: quic: error checking buffer large enought to receive the retry tag
|
|
- MINOR: ssl: allow to change the server signature algorithm on server lines
|
|
- MINOR: ssl: allow to change the client-sigalgs on server lines
|
|
- BUG/MINOR: config: fix stick table duplicate name check
|
|
- BUG/MINOR: quic: Missing random bits in Retry packet header
|
|
- BUG/MINOR: quic: Wrong Retry paquet version field endianess
|
|
- BUG/MINOR: quic: Wrong endianess for version field in Retry token
|
|
- IMPORT: slz: implement a synchronous flush() operation
|
|
- MINOR: compression/slz: add support for a pure flush of pending bytes
|
|
- MINOR: quic: Move QUIC TLS encryption level related code (quic_conn_enc_level_init())
|
|
- MINOR: quic: Move QUIC encryption level structure definition
|
|
- MINOR: quic: Implement a packet number space identification function
|
|
- MINOR: quic: Move packet number space related functions
|
|
- MEDIUM: quic: Dynamic allocations of packet number spaces
|
|
- CLEANUP: quic: Remove qc_list_all_rx_pkts() defined but not used
|
|
- MINOR: quic: Add a pool for the QUIC TLS encryption levels
|
|
- MEDIUM: quic: Dynamic allocations of QUIC TLS encryption levels
|
|
- MINOR: quic: Reduce the maximum length of TLS secrets
|
|
- CLEANUP: quic: Remove two useless pools a low QUIC connection level
|
|
- MEDIUM: quic: Handle the RX in one pass
|
|
- MINOR: quic: Remove call to qc_rm_hp_pkts() from I/O callback
|
|
- CLEANUP: quic: Remove server specific about Initial packet number space
|
|
- MEDIUM: quic: Release encryption levels and packet number spaces asap
|
|
- CLEANUP: quic: Remove a useless test about discarded pktns (qc_handle_crypto_frm())
|
|
- MINOR: quic: Move the packet number space status at quic_conn level
|
|
- MINOR: quic: Drop packet with type for discarded packet number space.
|
|
- BUILD: quic: Add a DISGUISE() to please some compiler to qc_prep_hpkts() 1st parameter
|
|
- BUILD: debug: avoid a build warning related to epoll_wait() in debug code
|
|
|
|
2023/05/31 : 2.9-dev0
|
|
- MINOR: version: mention that it's development again
|
|
|
|
2023/05/31 : 2.8.0
|
|
- MINOR: compression: Improve the way Vary header is added
|
|
- BUILD: makefile: search for SSL_INC/wolfssl before SSL_INC
|
|
- MINOR: init: pre-allocate kernel data structures on init
|
|
- DOC: install: add details about WolfSSL
|
|
- BUG/MINOR: ssl_sock: add check for ha_meth
|
|
- BUG/MINOR: thread: add a check for pthread_create
|
|
- BUILD: init: print rlim_cur as regular integer
|
|
- DOC: install: specify the minimum openssl version recommended
|
|
- CLEANUP: mux-quic: remove unneeded fields in qcc
|
|
- MINOR: mux-quic: remove nb_streams from qcc
|
|
- MINOR: quic: fix stats naming for flow control BLOCKED frames
|
|
- BUG/MEDIUM: mux-quic: only set EOI on FIN
|
|
- BUG/MEDIUM: threads: fix a tiny race in thread_isolate()
|
|
- DOC: config: fix rfc7239 converter examples
|
|
- DOC: quic: remove experimental status for QUIC
|
|
- CLEANUP: mux-quic: rename functions for mux_ops
|
|
- CLEANUP: mux-quic: rename internal functions
|
|
- BUG/MINOR: mux-h2: refresh the idle_timer when the mux is empty
|
|
- DOC: config: Fix bind/server/peer documentation in the peers section
|
|
- BUILD: Makefile: use -pthread not -lpthread when threads are enabled
|
|
- CLEANUP: doc: remove 21 totally obsolete docs
|
|
- DOC: install: mention the common strict-aliasing warning on older compilers
|
|
- DOC: install: clarify a few points on the wolfSSL build method
|
|
- MINOR: quic: Add QUIC connection statistical counters values to "show quic"
|
|
- EXAMPLES: update the basic-config-edge file for 2.8
|
|
- MINOR: quic/cli: clarify the "show quic" help message
|
|
- MINOR: version: mention that it's LTS now.
|
|
|
|
2023/05/24 : 2.8-dev13
|
|
- DOC: add size format section to manual
|
|
- CLEANUP: mux-quic/h3: complete BUG_ON with comments
|
|
- MINOR: quic: remove return val of quic_aead_iv_build()
|
|
- MINOR: quic: use WARN_ON for encrypt failures
|
|
- BUG/MINOR: quic: handle Tx packet allocation failure properly
|
|
- MINOR: quic: fix alignment of oneline show quic
|
|
- MEDIUM: stconn/applet: Allow SF_SL_EOS flag alone
|
|
- MEDIUM: stconn: make the SE_FL_ERR_PENDING to ERROR transition systematic
|
|
- DOC: internal: add a bit of documentation for the stconn closing conditions
|
|
- DOC/MINOR: config: Fix typo in description for `ssl_bc` in configuration.txt
|
|
- BUILD: quic: re-enable chacha20_poly1305 for libressl
|
|
- MINOR: mux-quic: set both EOI EOS for stream fin
|
|
- MINOR: mux-quic: only set EOS on RESET_STREAM recv
|
|
- MINOR: mux-quic: report error on stream-endpoint earlier
|
|
- BUILD: makefile: fix build issue on GNU make < 3.82
|
|
- BUG/MINOR: mux-h2: Check H2_SF_BODY_TUNNEL on H2S flags and not demux frame ones
|
|
- MINOR: mux-h2: Set H2_SF_ES_RCVD flag when decoding the HEADERS frame
|
|
- MINOR: mux-h2: Add a function to propagate termination flags from h2s to SE
|
|
- BUG/MEDIUM: mux-h2: Propagate termination flags when frontend SC is created
|
|
- DEV: add a Lua helper script for SSL keys logging
|
|
- CLEANUP: makefile: don't display a dummy features list without a target
|
|
- BUILD: makefile: do not erase build options for some build options
|
|
- MINOR: quic: Add low level traces (addresses, DCID)
|
|
- BUG/MINOR: quic: Wrong token length check (quic_generate_retry_token())
|
|
- BUG/MINOR: quic: Missing Retry token length on receipt
|
|
- MINOR: quic: Align "show quic" command help information
|
|
- CLEANUP: quic: Indentation fix quic_rx_pkt_retrieve_conn()
|
|
- CLEANUP: quic: Useless tests in qc_rx_pkt_handle()
|
|
- MINOR: quic: Add some counters at QUIC connection level
|
|
- MINOR: quic: Add a counter for sent packets
|
|
- MINOR: hlua: hlua_smp2lua_str() may LJMP
|
|
- MINOR: hlua: hlua_smp2lua() may LJMP
|
|
- MINOR: hlua: hlua_arg2lua() may LJMP
|
|
- DOC: hlua: document hlua_lua2arg() function
|
|
- DOC: hlua: document hlua_lua2smp() function
|
|
- BUG/MINOR: hlua: unsafe hlua_lua2smp() usage
|
|
- BUILD: makefile: commit the tiny FreeBSD makefile stub
|
|
- BUILD: makefile: fix build options when building tools first
|
|
- BUILD: ist: do not put a cast in an array declaration
|
|
- BUILD: ist: use the literal declaration for ist_lc/ist_uc under TCC
|
|
- BUILD: compiler: systematically set USE_OBSOLETE_LINKER with TCC
|
|
- DOC: install: update reference to known supported versions
|
|
- SCRIPTS: publish-release: update the umask to keep group write access
|
|
|
|
2023/05/17 : 2.8-dev12
|
|
- BUILD: mjson: Fix warning about unused variables
|
|
- MINOR: spoe: Don't stop disabled proxies
|
|
- BUG/MEDIUM: filters: Don't deinit filters for disabled proxies during startup
|
|
- BUG/MINOR: hlua_fcn/queue: fix broken pop_wait()
|
|
- BUG/MINOR: hlua_fcn/queue: fix reference leak
|
|
- CLEANUP: hlua_fcn/queue: make queue:push() easier to read
|
|
- BUG/MINOR: quic: Buggy acknowlegments of acknowlegments function
|
|
- DEBUG: list: add DEBUG_LIST to purposely corrupt list heads after delete
|
|
- MINOR: stats: report the total number of warnings issued
|
|
- MINOR: stats: report the number of times the global maxconn was reached
|
|
- BUG/MINOR: mux-quic: do not prevent shutw on error
|
|
- BUG/MINOR: mux-quic: do not free frame already released by quic-conn
|
|
- BUG/MINOR: mux-quic: no need to subscribe for detach streams
|
|
- MINOR: mux-quic: add traces for stream wake
|
|
- MINOR: mux-quic: do not send STREAM frames if already subscribe
|
|
- MINOR: mux-quic: factorize send subscribing
|
|
- MINOR: mux-quic: simplify return path of qc_send()
|
|
- MEDIUM: quic: streamline error notification
|
|
- MEDIUM: mux-quic: adjust transport layer error handling
|
|
- MINOR: stats: report the listener's protocol along with the address in stats
|
|
- BUG/MEDIUM: mux-fcgi: Never set SE_FL_EOS without SE_FL_EOI or SE_FL_ERROR
|
|
- BUG/MEDIUM: mux-fcgi: Don't request more room if mux is waiting for more data
|
|
- MINOR: stconn: Add a cross-reference between SE descriptor
|
|
- BUG/MINOR: proxy: missing free in free_proxy for redirect rules
|
|
- MINOR: proxy: add http_free_redirect_rule() function
|
|
- BUG/MINOR: http_rules: fix errors paths in http_parse_redirect_rule()
|
|
- CLEANUP: http_act: use http_free_redirect_rule() to clean redirect act
|
|
- MINOR: tree-wide: use free_acl_cond() where relevant
|
|
- CLEANUP: acl: discard prune_acl_cond() function
|
|
- BUG/MINOR: cli: don't complain about empty command on empty lines
|
|
- MINOR: cli: add an option to display the uptime in the CLI's prompt
|
|
- MINOR: master/cli: also implement the timed prompt on the master CLI
|
|
- MINOR: cli: make "show fd" identify QUIC connections and listeners
|
|
- MINOR: httpclient: allow to disable the DNS resolvers of the httpclient
|
|
- BUILD: debug: fix build issue on 32-bit platforms in "debug dev task"
|
|
- MINOR: ncbuf: missing malloc checks in standalone code
|
|
- DOC: lua: fix core.{proxies,frontends,backends} visibility
|
|
- EXAMPLES: fix race condition in lua mailers script
|
|
- BUG/MINOR: errors: handle malloc failure in usermsgs_put()
|
|
- BUG/MINOR: log: fix memory error handling in parse_logsrv()
|
|
- BUG/MINOR: quic: Wrong redispatch for external data on connection socket
|
|
- MINOR: htx: add function to set EOM reliably
|
|
- MINOR: mux-quic: remove dedicated function to handle standalone FIN
|
|
- BUG/MINOR: mux-quic: properly handle buf alloc failure
|
|
- BUG/MINOR: mux-quic: handle properly recv ncbuf alloc failure
|
|
- BUG/MINOR: quic: do not alloc buf count on alloc failure
|
|
- BUG/MINOR: mux-quic: differentiate failure on qc_stream_desc alloc
|
|
- BUG/MINOR: mux-quic: free task on qc_init() app ops failure
|
|
- MEDIUM: session/ssl: return the SSL error string during a SSL handshake error
|
|
- CI: enable monthly Fedora Rawhide clang builds
|
|
- MEDIUM: mworker/cli: does not disconnect the master CLI upon error
|
|
- MINOR: stconn: Remove useless test on sedesc on detach to release the xref
|
|
- MEDIUM: proxy: stop emitting logs for internal proxies when stopping
|
|
- MINOR: ssl: add new sample ssl_c_r_dn
|
|
- BUG/MEDIUM: mux-h2: make sure control frames do not refresh the idle timeout
|
|
- BUILD: ssl: ssl_c_r_dn fetches uses functiosn only available since 1.1.1
|
|
- BUG/MINOR: mux-quic: handle properly Tx buf exhaustion
|
|
- BUG/MINOR: h3: missing goto on buf alloc failure
|
|
- BUILD: ssl: get0_verified chain is available on libreSSL
|
|
- BUG/MINOR: makefile: use USE_LIBATOMIC instead of USE_ATOMIC
|
|
- MINOR: mux-quic: add trace to stream rcv_buf operation
|
|
- MINOR: mux-quic: properly report end-of-stream on recv
|
|
- MINOR: mux-quic: uninline qc_attach_sc()
|
|
- BUG/MEDIUM: mux-quic: fix EOI for request without payload
|
|
- MINOR: checks: make sure spread-checks is used also at boot time
|
|
- BUG/MINOR: tcp-rules: Don't shortened the inspect-delay when EOI is set
|
|
- REGTESTS: log: Reduce response inspect-delay for last_rule.vtc
|
|
- DOC: config: Clarify conditions to shorten the inspect-delay for TCP rules
|
|
- CLEANUP: server: remove useless tmptrash assigments in srv_update_status()
|
|
- BUG/MINOR: server: memory leak in _srv_update_status_op() on server DOWN
|
|
- CLEANUP: check; Remove some useless assignments to NULL
|
|
- CLEANUP: stats: update the trash chunk where it's used
|
|
- MINOR: clock: measure the total boot time
|
|
- MINOR: stats: report the boot time in "show info"
|
|
- BUG/MINOR: checks: postpone the startup of health checks by the boot time
|
|
- MINOR: clock: provide a function to automatically adjust now_offset
|
|
- BUG/MINOR: clock: automatically adjust the internal clock with the boot time
|
|
- CLEANUP: fcgi-app; Remove useless assignment to NULL
|
|
- REGTESTS: log: Reduce again response inspect-delay for last_rule.vtc
|
|
- CI: drop Fedora m32 pipeline in favour of cross matrix
|
|
- MEDIUM: checks: Stop scheduling healthchecks during stopping stage
|
|
- MEDIUM: resolvers: Stop scheduling resolution during stopping stage
|
|
- BUG/MINOR: hlua: SET_SAFE_LJMP misuse in hlua_event_runner()
|
|
- BUG/MINOR: debug: fix pointer check in debug_parse_cli_task()
|
|
|
|
2023/05/11 : 2.8-dev11
|
|
- BUILD: debug: do not check the isolated_thread variable in non-threaded builds
|
|
- BUILD: quic: fix build warning when threads are disabled
|
|
- CI: more granular failure on generating build matrix
|
|
- CLEANUP: quic: No more used q_buf structure
|
|
- CLEANUP: quic: Rename several <buf> variables in quic_frame.(c|h)
|
|
- CLEANUP: quic: Typo fix for quic_connection_id pool
|
|
- BUG/MINOR: quic: Wrong key update cipher context initialization for encryption
|
|
- BUG/MEDIUM: cache: Don't request more room than the max allowed
|
|
- MEDIUM: stconn: Be sure to always be able to unblock a SC that needs room
|
|
- EXAMPLES: fix IPV6 support for lua mailers script
|
|
- BUILD: ssl: buggy -Werror=dangling-pointer since gcc 13.0
|
|
- DOC: stconn: Update comments about ABRT/SHUT for stconn structure
|
|
- BUG/MEDIUM: stats: Require more room if buffer is almost full
|
|
- DOC: configuration: add info about ssl-engine for 2.6
|
|
- BUG/MINOR: mux-quic: fix transport VS app CONNECTION_CLOSE
|
|
- BUG/MEDIUM: mux-quic: wakeup tasklet to close on error
|
|
- DEV: flags: add a script to decode most flags in the "show sess all" output
|
|
- BUG/MINOR: quic: Possible crash when dumping version information
|
|
- BUG/MINOR: config: make compression work again in defaults section
|
|
- BUG/MEDIUM: stream: Forward shutdowns when unhandled errors are caught
|
|
- MEDIUM: stream: Resync analyzers at the end of process_stream() on change
|
|
- DEV: flags: add missing stream flags to show-sess-to-flags
|
|
- DEV: flags/show-sess-to-flags: only retrieve hex digits from hex fields
|
|
- DEV: flags/show-sess-to-flags: add support for color output
|
|
- CLEANUP: src/listener.c: remove redundant NULL check
|
|
|
|
2023/05/07 : 2.8-dev10
|
|
- BUG/MINOR: stats: fix typo in `TotalSplicedBytesOut` field name
|
|
- REGTESTS: add success test, "set server" via fqdn
|
|
- MINOR: ssl: disable CRL checks with WolfSSL when no CRL file
|
|
- BUG/MINOR: stream/cli: fix stream age calculation in "show sess"
|
|
- MINOR: debug: clarify "debug dev stream" help message
|
|
- DEBUG: cli: add "debug dev task" to show/wake/expire/kill tasks and tasklets
|
|
- BUG/MINOR: ssl/sample: x509_v_err_str converter output when not found
|
|
- REGTESTS: ssl: simplify X509_V code check in ssl_client_auth.vtc
|
|
- BUILD: cli: fix build on Windows due to isalnum() implemented as a macro
|
|
- MINOR: activity: use a single macro to iterate over all fields
|
|
- MINOR: activity: show the line header inside the SHOW_VAL macro
|
|
- MINOR: activity: iterate over all fields in a main loop for dumping
|
|
- MINOR: activity: allow "show activity" to restart dumping on any line
|
|
- MINOR: activity: allow "show activity" to restart in the middle of a line
|
|
- DEV: haring: automatically disable DEBUG_STRICT
|
|
- DEV: haring: update readme to suggest using the same build options for haring
|
|
- BUG/MINOR: debug: fix incorrect profiling status reporting in show threads
|
|
- MINOR: debug: permit the "debug dev loop" to run under isolation
|
|
- BUG/MEDIUM: mux-h2: Properly handle end of request to expect data from server
|
|
- BUG/MINOR: mux-quic: prevent quic_conn error code to be overwritten
|
|
- MINOR: mux-quic: add trace event for local error
|
|
- MINOR: mux-quic: wake up after recv only if avail data
|
|
- MINOR: mux-quic: adjust local error API
|
|
- MINOR: mux-quic: report local error on stream endpoint asap
|
|
- MINOR: mux-quic: close connection asap on local error
|
|
- BUG/MINOR: debug: do not emit empty lines in thread dumps
|
|
- BUG/MINOR: mux-h2: Also expect data when waiting for a tunnel establishment
|
|
- BUG/MINOR: time: fix NS_TO_TV macro
|
|
- MEDIUM: debug: simplify the thread dump mechanism
|
|
- MINOR: debug: write panic dump to stderr one thread at a time
|
|
- MINOR: debug: make "show threads" properly iterate over all threads
|
|
- CLEANUP: debug: remove the now unused ha_thread_dump_all_to_trash()
|
|
- MINOR: ssl: allow to change the server signature algorithm
|
|
- MINOR: ssl: allow to change the signature algorithm for client authentication
|
|
- MINOR: cli: Use applet API to write output message
|
|
- MINOR: stats: Use the applet API to write data
|
|
- MINOR: peers: Use the applet API to send message
|
|
- MINOR: stconn: Add a field to specify the room needed by the SC to progress
|
|
- MEDIUM: tree-wide: Change sc API to specify required free space to progress
|
|
- BUG/MEDIUM: stconn: Unblock SC from stream if there is enough room to progrees
|
|
- MEDIUM: applet: Check room needed to unblock opposite SC when data was consumed
|
|
- MEDIUM: stconn: Check room needed to unblock SC on fast-forward
|
|
- MEDIUM: stconn: Check room needed to unblock opposite SC when data was sent
|
|
- MINOR: hlua_fcn: fix Server.is_draining() return type
|
|
- MINOR: hlua_fcn: add Server.is_backup()
|
|
- MINOR: hlua_fcn: add Server.is_dynamic()
|
|
- MINOR: hlua_fcn: add Server.tracking()
|
|
- MINOR: hlua_fcn: add Server.get_trackers()
|
|
- MINOR: hlua_fcn: add Server.get_proxy()
|
|
- MINOR: hlua_fcn: add Server.get_pend_conn() and Server.get_cur_sess()
|
|
- MINOR: hlua_fcn: add Proxy.get_srv_act() and Proxy.get_srv_bck()
|
|
- DOC: lua/event: add ServerEvent class header
|
|
- MINOR: server/event_hdl: publish macro helper
|
|
- MINOR: server/event_hdl: add SERVER_STATE event
|
|
- OPTIM: server: publish UP/DOWN events from STATE change
|
|
- MINOR: hlua: expose SERVER_STATE event
|
|
- MINOR: server/event_hdl: add SERVER_ADMIN event
|
|
- MINOR: hlua: expose SERVER_ADMIN event
|
|
- MINOR: checks/event_hdl: SERVER_CHECK event
|
|
- MINOR: hlua/event_hdl: expose SERVER_CHECK event
|
|
- MINOR: mailers/hlua: disable email sending from lua
|
|
- MINOR: hlua: expose proxy mailers
|
|
- EXAMPLES: add lua mailers script to replace tcpcheck mailers
|
|
- BUG/MINOR: hlua: spinning loop in hlua_socket_handler()
|
|
- MINOR: server: fix message report when IDRAIN is set and MAINT is cleared
|
|
- CLEANUP: hlua: hlua_register_task() may longjmp
|
|
- REGTESTS: use lua mailer script for mailers tests
|
|
- MINOR: hlua: declare hlua_{ref,pushref,unref} functions
|
|
- MINOR: hlua: declare hlua_gethlua() function
|
|
- MINOR: hlua: declare hlua_yieldk() function
|
|
- MINOR: hlua_fcn: add Queue class
|
|
- EXAMPLES: mailqueue for lua mailers script
|
|
- MINOR: quic: add format argument for "show quic"
|
|
- MINOR: quic: implement oneline format for "show quic"
|
|
- MINOR: config: allow cpu-map to take commas in lists of ranges
|
|
- CLEANUP: fix a few reported typos in code comments
|
|
- DOC: fix a few reported typos in the config and install doc
|
|
|
|
2023/04/28 : 2.8-dev9
|
|
- MINOR: quic: Move traces at proto level
|
|
- BUG/MINOR: quic: Possible memory leak from TX packets
|
|
- BUG/MINOR: quic: Possible leak during probing retransmissions
|
|
- BUG/MINOR: quic: Useless probing retransmission in draining or killing state
|
|
- BUG/MINOR: quic: Useless I/O handler task wakeups (draining, killing state)
|
|
- CLEANUP: quic: rename frame types with an explicit prefix
|
|
- CLEANUP: quic: rename frame variables
|
|
- CLEANUP: quic: Remove useless parameters passes to qc_purge_tx_buf()
|
|
- CLEANUP: quic: Rename <buf> variable to <token> in quic_generate_retry_token()
|
|
- CLEANUP: quic: Rename <buf> variable into quic_padding_check()
|
|
- CLEANUP: quic: Rename <buf> variable into quic_rx_pkt_parse()
|
|
- CLEANUP: quic: Rename <buf> variable for several low level functions
|
|
- CLEANUP: quic: Make qc_build_pkt() be more readable
|
|
- CLEANUP: quic: Rename quic_get_dgram_dcid() <buf> variable
|
|
- CLEANUP: quic: Rename several <buf> variables at low level
|
|
- CLEANUP: quic: Rename <buf> variable into quic_packet_read_long_header()
|
|
- CLEANUP: quic: Rename <buf> variable into qc_parse_hd_form()
|
|
- CLEANUP: quic: Rename several <buf> variables into quic_sock.c
|
|
- DEBUG: crash using an invalid opcode on x86/x86_64 instead of an invalid access
|
|
- DEBUG: crash using an invalid opcode on aarch64 instead of an invalid access
|
|
- DEV: h2: add a script "mkhdr" to build h2 frames from scratch
|
|
- DEV: h2: support reading frame payload from a file
|
|
- MINOR: acme.sh: add the deploy script for acme.sh in admin directory
|
|
- BUG/MEDIUM: mux-quic: do not emit RESET_STREAM for unknown length
|
|
- BUG/MEDIUM: mux-quic: improve streams fairness to prevent early timeout
|
|
- BUG/MINOR: quic: prevent buggy memcpy for empty STREAM
|
|
- MINOR: mux-quic: do not set buffer for empty STREAM frame
|
|
- MINOR: mux-quic: do not allocate Tx buf for empty STREAM frame
|
|
- MINOR: quic: finalize affinity change as soon as possible
|
|
- BUG/MINOR: quic: fix race on quic_conns list during affinity rebind
|
|
- CI: switch to Fastly CDN to download LibreSSL
|
|
- BUILD: ssl: switch LibreSSL to Fastly CDN
|
|
- BUG/MINOR: clock: fix a few occurrences of 'now' being used in place of 'date'
|
|
- BUG/MINOR: spoe: use "date" not "now" in debug messages
|
|
- BUG/MINOR: activity: show wall-clock date, not internal date in show activity
|
|
- BUG/MINOR: opentracing: use 'date' instead of 'now' in debug output
|
|
- Revert "BUG/MINOR: clock: fix a few occurrences of 'now' being used in place of 'date'"
|
|
- BUG/MINOR: calltrace: fix 'now' being used in place of 'date'
|
|
- BUG/MINOR: trace: show wall-clock date, not internal date in show activity
|
|
- BUG/MINOR: hlua: return wall-clock date, not internal date in core.now()
|
|
- BUG/MEDIUM: spoe: Don't start new applet if there are enough idle ones
|
|
- BUG/MINOR: stconn: Fix SC flags with same value
|
|
- BUG/MINOR: resolvers: Use sc_need_room() to wait more room when dumping stats
|
|
- BUG/MEDIUM: tcpcheck: Don't eval custom expect rule on an empty buffer
|
|
- BUG/MINOR: stats: report the correct start date in "show info"
|
|
- MINOR: time: add conversions to/from nanosecond timestamps
|
|
- MINOR: time: replace calls to tv_ms_elapsed() with a linear subtract
|
|
- MINOR: spoe: switch the timeval-based timestamps to nanosecond timestamps
|
|
- MEDIUM: tree-wide: replace timeval with nanoseconds in tv_accept and tv_request
|
|
- MINOR: stats: use nanoseconds, not timeval to compute uptime
|
|
- MINOR: activity: use nanoseconds, not timeval to compute uptime
|
|
- MINOR: checks: use a nanosecond counters instead of timeval for checks->start
|
|
- MINOR: clock: do not use now.tv_sec anymore
|
|
- MEDIUM: clock: replace timeval "now" with integer "now_ns"
|
|
- MINOR: clock: replace the timeval start_time with start_time_ns
|
|
- MINOR: sample: Add bc_rtt and bc_rttvar
|
|
- MINOR: quic: use real sending rate measurement
|
|
- MINOR: proxy: factorize send rate measurement
|
|
|
|
2023/04/23 : 2.8-dev8
|
|
- BUG/MEDIUM: cli: Set SE_FL_EOI flag for '_getsocks' and 'quit' commands
|
|
- BUG/MEDIUM: cli: Eat output data when waiting for appctx shutdown
|
|
- BUG/MEDIUM: http-client: Eat output data when waiting for appctx shutdown
|
|
- BUG/MEDIUM: stats: Eat output data when waiting for appctx shutdown
|
|
- BUG/MEDIUM: log: Eat output data when waiting for appctx shutdown
|
|
- BUG/MEDIUM: dns: Kill idle DNS sessions during stopping stage
|
|
- BUG/MINOR: resolvers: Wakeup DNS idle task on stopping
|
|
- BUG/MEDIUM: resolvers: Force the connect timeout for DNS resolutions
|
|
- MINOR: hlua: Stop to check the SC state when executing a hlua cli command
|
|
- BUG/MEDIUM: mux-h1: Report EOI when a TCP connection is upgraded to H2
|
|
- BUG/MEDIUM: mux-h2: Never set SE_FL_EOS without SE_FL_EOI or SE_FL_ERROR
|
|
- MINOR: quic: Trace fix in quic_pto_pktns() (handshaske status)
|
|
- BUG/MINOR: quic: Wrong packet number space probing before confirmed handshake
|
|
- MINOR: quic: Modify qc_try_rm_hp() traces
|
|
- MINOR: quic: Dump more information at proto level when building packets
|
|
- MINOR: quic: Add a trace for packet with an ACK frame
|
|
- MINOR: activity: add a line reporting the average CPU usage to "show activity"
|
|
- BUG/MINOR: stick_table: alert when type len has incorrect characters
|
|
- MINOR: thread: keep a bitmask of enabled groups in thread_set
|
|
- MINOR: fd: optimize fd_claim_tgid() for use in fd_insert()
|
|
- MINOR: fd: add a lock bit with the tgid
|
|
- MINOR: fd: implement fd_migrate_on() to migrate on a non-local thread
|
|
- MINOR: receiver: reserve special values for "shards"
|
|
- MINOR: bind-conf: support a new shards value: "by-group"
|
|
- BUG/MEDIUM: fd: don't wait for tmask to stabilize if we're not in it.
|
|
- MINOR: quic: Add packet loss and maximum cc window to "show quic"
|
|
- BUG/MINOR: quic: Ignored less than 1ms RTTs
|
|
- MINOR: quic: Add connection flags to traces
|
|
- BUG/MEDIUM: quic: Code sanitization about acknowledgements requirements
|
|
- BUG/MINOR: quic: Possible wrapped values used as ACK tree purging limit.
|
|
- BUG/MINOR: quic: SIGFPE in quic_cubic_update()
|
|
- MINOR: quic: Display the packet number space flags in traces
|
|
- MINOR: quic: Remove a useless test about probing in qc_prep_pkts()
|
|
- BUG/MINOR: quic: Wrong Application encryption level selection when probing
|
|
- CI: bump "actions/checkout" to v3 for cross zoo matrix
|
|
- CI: enable monthly test on Fedora Rawhide
|
|
- BUG/MINOR: stream: Fix test on SE_FL_ERROR on the wrong entity
|
|
- BUG/MEDIUM: stream: Report write timeouts before testing the flags
|
|
- BUG/MEDIUM: stconn: Do nothing in sc_conn_recv() when the SC needs more room
|
|
- MINOR: stream: Uninline and export sess_set_term_flags() function
|
|
- MINOR: filters: Review and simplify errors handling
|
|
- REGTESTS: fix the race conditions in log_uri.vtc
|
|
- MINOR: channel: Forwad close to other side on abort
|
|
- MINOR: stream: Introduce stream_abort() to abort on both sides in same time
|
|
- MINOR: stconn: Rename SC_FL_SHUTR_NOW in SC_FL_ABRT_WANTED
|
|
- MINOR: channel/stconn: Replace channel_shutr_now() by sc_schedule_abort()
|
|
- MINOR: stconn: Rename SC_FL_SHUTW_NOW in SC_FL_SHUT_WANTED
|
|
- MINOR: channel/stconn: Replace channel_shutw_now() by sc_schedule_shutdown()
|
|
- MINOR: stconn: Rename SC_FL_SHUTR in SC_FL_ABRT_DONE
|
|
- MINOR: channel/stconn: Replace sc_shutr() by sc_abort()
|
|
- MINOR: stconn: Rename SC_FL_SHUTW in SC_FL_SHUT_DONE
|
|
- MINOR: channel/stconn: Replace sc_shutw() by sc_shutdown()
|
|
- MINOR: tree-wide: Replace several chn_cons() by the corresponding SC
|
|
- MINOR: tree-wide: Replace several chn_prod() by the corresponding SC
|
|
- BUG/MINOR: cli: Don't close when SE_FL_ERR_PENDING is set in cli analyzer
|
|
- MINOR: stconn: Stop to set SE_FL_ERROR on sending path
|
|
- MEDIUM: stconn: Forbid applets with more to deliver if EOI was reached
|
|
- MINOR: stconn: Don't clear SE_FL_ERROR when endpoint is reset
|
|
- MINOR: stconn: Add a flag to ack endpoint errors at SC level
|
|
- MINOR: backend: Set SC_FL_ERROR on connection error
|
|
- MINOR: stream: Set SC_FL_ERROR on channels' buffer allocation error
|
|
- MINOR: tree-wide: Test SC_FL_ERROR with SE_FL_ERROR from upper layer
|
|
- MEDIUM: tree-wide: Stop to set SE_FL_ERROR from upper layer
|
|
- MEDIUM: backend: Stop to use SE flags to detect connection errors
|
|
- MEDIUM: stream: Stop to use SE flags to detect read errors from analyzers
|
|
- MEDIUM: stream: Stop to use SE flags to detect endpoint errors
|
|
- MEDIUM: stconn: Rely on SC flags to handle errors instead of SE flags
|
|
- BUG/MINOR: stconn: Don't set SE_FL_ERROR at the end of sc_conn_send()
|
|
- BUG/MINOR: quic: Do not use ack delay during the handshakes
|
|
- CLEANUP: use "offsetof" where appropriate
|
|
- MINOR: ssl: remove OpenSSL 1.0.2 mention into certificate loading error
|
|
- BUG/MEDIUM: http-ana: Properly switch the request in tunnel mode on upgrade
|
|
- BUG/MEDIUM: log: Properly handle client aborts in syslog applet
|
|
- MINOR: stconn: Add a flag to report EOS at the stream-connector level
|
|
- MINOR: stconn: Propagate EOS from a mux to the attached stream-connector
|
|
- MINOR: stconn: Propagate EOS from an applet to the attached stream-connector
|
|
- MINOR: mux-h2: make the initial window size configurable per side
|
|
- MINOR: mux-h2: make the max number of concurrent streams configurable per side
|
|
- BUG/MINOR: task: allow to use tasklet_wakeup_after with tid -1
|
|
- CLEANUP: quic: remove unused QUIC_LOCK label
|
|
- CLEANUP: quic: remove unused scid_node
|
|
- CLEANUP: quic: remove unused qc param on stateless reset token
|
|
- CLEANUP: quic: rename quic_connection_id vars
|
|
- MINOR: quic: remove uneeded tasklet_wakeup after accept
|
|
- MINOR: quic: adjust Rx packet type parsing
|
|
- MINOR: quic: adjust quic CID derive API
|
|
- MINOR: quic: remove TID ref from quic_conn
|
|
- MEDIUM: quic: use a global CID trees list
|
|
- MINOR: quic: remove TID encoding in CID
|
|
- MEDIUM: quic: handle conn bootstrap/handshake on a random thread
|
|
- MINOR: quic: do not proceed to accept for closing conn
|
|
- MINOR: protocol: define new callback set_affinity
|
|
- MINOR: quic: delay post handshake frames after accept
|
|
- MEDIUM: quic: implement thread affinity rebinding
|
|
- BUG/MINOR: quic: transform qc_set_timer() as a reentrant function
|
|
- MINOR: quic: properly finalize thread rebinding
|
|
- MAJOR: quic: support thread balancing on accept
|
|
- MINOR: listener: remove unneeded local accept flag
|
|
- BUG/MINOR: http-ana: Update analyzers on both sides when switching in TUNNEL mode
|
|
- CLEANUP: backend: Remove useless debug message in assign_server()
|
|
- CLEANUP: cli: Remove useless debug message in cli_io_handler()
|
|
- BUG/MEDIUM: stconn: Propagate error on the SC on sending path
|
|
- MINOR: config: add "no-alpn" support for bind lines
|
|
- REGTESTS: add a new "ssl_alpn" test to test ALPN negotiation
|
|
- DOC: add missing documentation for "no-alpn" on bind lines
|
|
- MINOR: ssl: do not set ALPN callback with the empty string
|
|
- MINOR: ssl_crtlist: dump "no-alpn" on "show crtlist" when "no-alpn" was set
|
|
- MEDIUM: config: set useful ALPN defaults for HTTPS and QUIC
|
|
- BUG/MEDIUM: quic: prevent crash on Retry sending
|
|
- BUG/MINOR: cfgparse: make sure to include openssl-compat
|
|
- MINOR: clock: add now_mono_time_fast() function
|
|
- MINOR: clock: add now_cpu_time_fast() function
|
|
- MEDIUM: hlua: reliable timeout detection
|
|
- MEDIUM: hlua: introduce tune.lua.burst-timeout
|
|
- CLEANUP: hlua: avoid confusion between internal timers and tick based timers
|
|
- MINOR: hlua: hook yield on known lua state
|
|
- MINOR: hlua: safe coroutine.create()
|
|
- BUG/MINOR: quic: Stop removing ACK ranges when building packets
|
|
- MINOR: quic: Do not allocate too much ack ranges
|
|
- BUG/MINOR: quic: Unchecked buffer length when building the token
|
|
- BUG/MINOR: quic: Wrong Retry token generation timestamp computing
|
|
- BUG/MINOR: mux-quic: fix crash with app ops install failure
|
|
- BUG/MINOR: mux-quic: properly handle STREAM frame alloc failure
|
|
- BUG/MINOR: h3: fix crash on h3s alloc failure
|
|
- BUG/MINOR: quic: prevent crash on qc_new_conn() failure
|
|
- BUG/MINOR: quic: consume Rx datagram even on error
|
|
- CLEANUP: errors: fix obsolete function comments
|
|
- CLEANUP: server: fix update_status() function comment
|
|
- MINOR: server/event_hdl: add proxy_uuid to event_hdl_cb_data_server
|
|
- MINOR: hlua/event_hdl: rely on proxy_uuid instead of proxy_name for lookups
|
|
- MINOR: hlua/event_hdl: expose proxy_uuid variable in server events
|
|
- MINOR: hlua/event_hdl: fix return type for hlua_event_hdl_cb_data_push_args
|
|
- MINOR: server/event_hdl: prepare for upcoming refactors
|
|
- BUG/MINOR: event_hdl: don't waste 1 event subtype slot
|
|
- CLEANUP: event_hdl: updating obsolete comment for EVENT_HDL_CB_DATA
|
|
- CLEANUP: event_hdl: fix comment typo about _sync assertion
|
|
- MINOR: event_hdl: dynamically allocated event data members
|
|
- MINOR: event_hdl: provide event->when for advanced handlers
|
|
- MINOR: hlua/event_hdl: timestamp for events
|
|
- DOC: lua: restore 80 char limitation
|
|
- BUG/MINOR: server: incorrect report for tracking servers leaving drain
|
|
- MINOR: server: explicitly commit state change in srv_update_status()
|
|
- BUG/MINOR: server: don't miss proxy stats update on server state transitions
|
|
- BUG/MINOR: server: don't miss server stats update on server state transitions
|
|
- BUG/MINOR: server: don't use date when restoring last_change from state file
|
|
- MINOR: server: central update for server counters on state change
|
|
- MINOR: server: propagate server state change to lb through single function
|
|
- MINOR: server: propagate lb changes through srv_lb_propagate()
|
|
- MINOR: server: change adm_st_chg_cause storage type
|
|
- MINOR: server: srv_append_status refacto
|
|
- MINOR: server: change srv_op_st_chg_cause storage type
|
|
- CLEANUP: server: remove unused variables in srv_update_status()
|
|
- CLEANUP: server: fix srv_set_{running, stopping, stopped} function comment
|
|
- MINOR: server: pass adm and op cause to srv_update_status()
|
|
- MEDIUM: server: split srv_update_status() in two functions
|
|
- MINOR: server/event_hdl: prepare for server event data wrapper
|
|
- MINOR: quic: support migrating the listener as well
|
|
- MINOR: quic_sock: index li->per_thr[] on local thread id, not global one
|
|
- MINOR: listener: support another thread dispatch mode: "fair"
|
|
- MINOR: receiver: add a struct shard_info to store info about each shard
|
|
- MINOR: receiver: add RX_F_MUST_DUP to indicate that an rx must be duped
|
|
- MEDIUM: proto: duplicate receivers marked RX_F_MUST_DUP
|
|
- MINOR: proto: skip socket setup for duped FDs
|
|
- MEDIUM: config: permit to start a bind on multiple groups at once
|
|
- MINOR: listener: make accept_queue index atomic
|
|
- MEDIUM: listener: rework thread assignment to consider all groups
|
|
- MINOR: listener: use a common thr_idx from the reference listener
|
|
- MINOR: listener: resync with the thread index before heavy calculations
|
|
- MINOR: listener: make sure to avoid ABA updates in per-thread index
|
|
- MINOR: listener: always compare the local thread as well
|
|
- MINOR: Make `tasklet_free()` safe to be called with `NULL`
|
|
- CLEANUP: Stop checking the pointer before calling `tasklet_free()`
|
|
- CLEANUP: Stop checking the pointer before calling `pool_free()`
|
|
- CLEANUP: Stop checking the pointer before calling `task_free()`
|
|
- CLEANUP: Stop checking the pointer before calling `ring_free()`
|
|
- BUG/MINOR: cli: clarify error message about stats bind-process
|
|
- CI: cirrus-ci: bump FreeBSD image to 13-1
|
|
- REGTESTS: remove unsupported "stats bind-process" keyword
|
|
- CI: extend spellchecker whitelist, add "clen" as well
|
|
- CLEANUP: assorted typo fixes in the code and comments
|
|
- BUG/MINOR: sock_inet: use SO_REUSEPORT_LB where available
|
|
- BUG/MINOR: tools: check libssl and libcrypto separately
|
|
- BUG/MINOR: config: fix NUMA topology detection on FreeBSD
|
|
- BUILD: sock_inet: forward-declare struct receiver
|
|
- BUILD: proto_tcp: export the correct names for proto_tcpv[46]
|
|
- CLEANUP: protocol: move the l3_addrlen to plug a hole in proto_fam
|
|
- CLEANUP: protocol: move the nb_receivers to plug a hole in protocol
|
|
- REORG: listener: move the bind_conf's thread setup code to listener.c
|
|
- MINOR: proxy: make proxy_type_str() recognize peers sections
|
|
- MEDIUM: peers: call bind_complete_thread_setup() to finish the config
|
|
- MINOR: protocol: add a flags field to store info about protocols
|
|
- MINOR: protocol: move the global reuseport flag to the protocols
|
|
- MINOR: listener: automatically adjust shards based on support for SO_REUSEPORT
|
|
- MINOR: protocol: add a function to check if some features are supported
|
|
- MINOR: sock: add a function to check for SO_REUSEPORT support at runtime
|
|
- MINOR: protocol: perform a live check for SO_REUSEPORT support
|
|
- MINOR: listener: do not restrict CLI to first group anymore
|
|
- MINOR: listener: add a new global tune.listener.default-shards setting
|
|
- MEDIUM: listener: switch the default sharding to by-group
|
|
|
|
2023/04/08 : 2.8-dev7
|
|
- BUG/MINOR: stats: Don't replace sc_shutr() by SE_FL_EOS flag yet
|
|
- BUG/MEDIUM: mux-h2: Be able to detect connection error during handshake
|
|
- BUG/MINOR: quic: Missing padding in very short probe packets
|
|
- MINOR: proxy/pool: prevent unnecessary calls to pool_gc()
|
|
- CLEANUP: proxy: remove stop_time related dead code
|
|
- DOC/MINOR: reformat configuration.txt's "quoting and escaping" table
|
|
- MINOR: http_fetch: Add support for empty delim in url_param
|
|
- MINOR: http_fetch: add case insensitive support for smp_fetch_url_param
|
|
- MINOR: http_fetch: Add case-insensitive argument for url_param/urlp_val
|
|
- REGTESTS : Add test support for case insentitive for url_param
|
|
- BUG/MEDIUM: proxy/sktable: prevent watchdog trigger on soft-stop
|
|
- BUG/MINOR: backend: make be_usable_srv() consistent when stopping
|
|
- BUG/MINOR: ssl: Remove dead code in cli_parse_update_ocsp_response
|
|
- BUG/MINOR: ssl: Fix potential leak in cli_parse_update_ocsp_response
|
|
- BUG/MINOR: ssl: ssl-(min|max)-ver parameter not duplicated for bundles in crt-list
|
|
- BUG/MINOR: quic: Wrong use of now_ms timestamps (cubic algo)
|
|
- MINOR: quic: Add recovery related information to "show quic"
|
|
- BUG/MINOR: quic: Wrong use of now_ms timestamps (newreno algo)
|
|
- BUG/MINOR: quic: Missing max_idle_timeout initialization for the connection
|
|
- MINOR: quic: Implement cubic state trace callback
|
|
- MINOR: quic: Adjustments for generic control congestion traces
|
|
- MINOR: quic: Traces adjustments at proto level.
|
|
- MEDIUM: quic: Ack delay implementation
|
|
- BUG/MINOR: quic: Wrong rtt variance computing
|
|
- MINOR: cli: support filtering on FD types in "show fd"
|
|
- MINOR: quic: Add a fake congestion control algorithm named "nocc"
|
|
- CI: run smoke tests on config syntax to check memory related issues
|
|
- CLEANUP: assorted typo fixes in the code and comments
|
|
- CI: exclude doc/{design-thoughts,internals} from spell check
|
|
- BUG/MINOR: quic: Remaining useless statements in cubic slow start callback
|
|
- BUG/MINOR: quic: Cubic congestion control window may wrap
|
|
- MINOR: quic: Add missing traces in cubic algorithm implementation
|
|
- BUG/MAJOR: quic: Congestion algorithms states shared between the connection
|
|
- BUG/MINOR: ssl: Undefined reference when building with OPENSSL_NO_DEPRECATED
|
|
- BUG/MINOR: quic: Remove useless BUG_ON() in newreno and cubic algo implementation
|
|
- MINOR: http-act: emit a warning when a header field name contains forbidden chars
|
|
- DOC: config: strict-sni allows to start without certificate
|
|
- MINOR: quic: Add trace to debug idle timer task issues
|
|
- BUG/MINOR: quic: Unexpected connection closures upon idle timer task execution
|
|
- BUG/MINOR: quic: Wrong idle timer expiration (during 20s)
|
|
- BUILD: quic: 32bits compilation issue in cli_io_handler_dump_quic()
|
|
- BUG/MINOR: quic: Possible wrong PTO computing
|
|
- BUG/MINOR: tcpcheck: Be able to expect an empty response
|
|
- BUG/MEDIUM: stconn: Add a missing return statement in sc_app_shutr()
|
|
- BUG/MINOR: stream: Fix test on channels flags to set clientfin/serverfin touts
|
|
- MINOR: applet: Uninline appctx_free()
|
|
- MEDIUM: applet/trace: Register a new trace source with its events
|
|
- CLEANUP: stconn: Remove remaining debug messages
|
|
- BUG/MEDIUM: channel: Improve reports for shut in co_getblk()
|
|
- BUG/MEDIUM: dns: Properly handle error when a response consumed
|
|
- MINOR: stconn: Remove unecessary test on SE_FL_EOS before receiving data
|
|
- MINOR: stconn/channel: Move CF_READ_DONTWAIT into the SC and rename it
|
|
- MINOR: stconn/channel: Move CF_SEND_DONTWAIT into the SC and rename it
|
|
- MINOR: stconn/channel: Move CF_NEVER_WAIT into the SC and rename it
|
|
- MINOR: stconn/channel: Move CF_EXPECT_MORE into the SC and rename it
|
|
- MINOR: mux-pt: Report end-of-input with the end-of-stream after a read
|
|
- BUG/MINOR: mux-h1: Properly report EOI/ERROR on read0 in h1_rcv_pipe()
|
|
- CLEANUP: mux-h1/mux-pt: Remove useless test on SE_FL_SHR/SE_FL_SHW flags
|
|
- MINOR: mux-h1: Report an error to the SE descriptor on truncated message
|
|
- MINOR: stconn: Always ack EOS at the end of sc_conn_recv()
|
|
- MINOR: stconn/applet: Handle EOI in the applet .wake callback function
|
|
- MINOR: applet: No longer set EOI on the SC
|
|
- MINOR: stconn/applet: Handle EOS in the applet .wake callback function
|
|
- MEDIUM: cache: Use the sedesc to report and detect end of processing
|
|
- MEDIUM: cli: Use the sedesc to report and detect end of processing
|
|
- MINOR: dns: Remove the test on the opposite SC state to send requests
|
|
- MEDIUM: dns: Use the sedesc to report and detect end of processing
|
|
- MEDIUM: spoe: Use the sedesc to report and detect end of processing
|
|
- MEDIUM: hlua/applet: Use the sedesc to report and detect end of processing
|
|
- MEDIUM: log: Use the sedesc to report and detect end of processing
|
|
- MEDIUM: peers: Use the sedesc to report and detect end of processing
|
|
- MINOR: sink: Remove the tests on the opposite SC state to process messages
|
|
- MEDIUM: sink: Use the sedesc to report and detect end of processing
|
|
- MEDIUM: stats: Use the sedesc to report and detect end of processing
|
|
- MEDIUM: promex: Use the sedesc to report and detect end of processing
|
|
- MEDIUM: http_client: Use the sedesc to report and detect end of processing
|
|
- MINOR: stconn/channel: Move CF_EOI into the SC and rename it
|
|
- MEDIUM: tree-wide: Move flags about shut from the channel to the SC
|
|
- MINOR: tree-wide: Simplifiy some tests on SHUT flags by accessing SCs directly
|
|
- MINOR: stconn/applet: Add BUG_ON_HOT() to be sure SE_FL_EOS is never set alone
|
|
- MINOR: server: add SRV_F_DELETED flag
|
|
- BUG/MINOR: server/del: fix srv->next pointer consistency
|
|
- BUG/MINOR: stats: properly handle server stats dumping resumption
|
|
- BUG/MINOR: sink: free forward_px on deinit()
|
|
- BUG/MINOR: log: free log forward proxies on deinit()
|
|
- MINOR: server: always call ssl->destroy_srv when available
|
|
- MINOR: server: correctly free servers on deinit()
|
|
- BUG/MINOR: hlua: hook yield does not behave as expected
|
|
- MINOR: hlua: properly handle hlua_process_task HLUA_E_ETMOUT
|
|
- BUG/MINOR: hlua: enforce proper running context for register_x functions
|
|
- MINOR: hlua: Fix two functions that return nothing useful
|
|
- MEDIUM: hlua: Dynamic list of frontend/backend in Lua
|
|
- MINOR: hlua_fcn: alternative to old proxy and server attributes
|
|
- MEDIUM: hlua_fcn: dynamic server iteration and indexing
|
|
- MEDIUM: hlua_fcn/api: remove some old server and proxy attributes
|
|
- CLEANUP: hlua: fix conflicting comment in hlua_ctx_destroy()
|
|
- MINOR: hlua: add simple hlua reference handling API
|
|
- MINOR: hlua: fix return type for hlua_checkfunction() and hlua_checktable()
|
|
- BUG/MINOR: hlua: fix reference leak in core.register_task()
|
|
- BUG/MINOR: hlua: fix reference leak in hlua_post_init_state()
|
|
- BUG/MINOR: hlua: prevent function and table reference leaks on errors
|
|
- CLEANUP: hlua: use hlua_ref() instead of luaL_ref()
|
|
- CLEANUP: hlua: use hlua_pushref() instead of lua_rawgeti()
|
|
- CLEANUP: hlua: use hlua_unref() instead of luaL_unref()
|
|
- MINOR: hlua: simplify lua locking
|
|
- BUG/MEDIUM: hlua: prevent deadlocks with main lua lock
|
|
- MINOR: hlua_fcn: add server->get_rid() method
|
|
- MINOR: hlua: support for optional arguments to core.register_task()
|
|
- DOC: lua: silence "literal block ends without a blank line" Sphinx warnings
|
|
- DOC: lua: silence "Unexpected indentation" Sphinx warnings
|
|
- BUG/MINOR: event_hdl: fix rid storage type
|
|
- BUG/MINOR: event_hdl: make event_hdl_subscribe thread-safe
|
|
- MINOR: event_hdl: global sublist management clarification
|
|
- BUG/MEDIUM: event_hdl: clean soft-stop handling
|
|
- BUG/MEDIUM: event_hdl: fix async data refcount issue
|
|
- MINOR: event_hdl: normal tasks support for advanced async mode
|
|
- MINOR: event_hdl: add event_hdl_async_equeue_isempty() function
|
|
- MINOR: event_hdl: add event_hdl_async_equeue_size() function
|
|
- MINOR: event_hdl: pause/resume for subscriptions
|
|
- MINOR: proxy: add findserver_unique_id() and findserver_unique_name()
|
|
- MEDIUM: hlua/event_hdl: initial support for event handlers
|
|
- MINOR: hlua/event_hdl: per-server event subscription
|
|
- EXAMPLES: add basic event_hdl lua example script
|
|
- MINOR: http-ana: Add a HTTP_MSGF flag to state the Expect header was checked
|
|
- BUG/MINOR: http-ana: Don't switch message to DATA when waiting for payload
|
|
- BUG/MINOR: quic: Possible crashes in qc_idle_timer_task()
|
|
- MINOR: quic: derive first DCID from client ODCID
|
|
- MINOR: quic: remove ODCID dedicated tree
|
|
- MINOR: quic: remove address concatenation to ODCID
|
|
- BUG/MINOR: mworker: unset more internal variables from program section
|
|
- BUG/MINOR: errors: invalid use of memprintf in startup_logs_init()
|
|
- MINOR: applet: Use unsafe version to get stream from SC in the trace function
|
|
- BUG/MUNOR: http-ana: Use an unsigned integer for http_msg flags
|
|
- MINOR: compression: Make compression offload a flag
|
|
- MINOR: compression: Prepare compression code for request compression
|
|
- MINOR: compression: Store algo and type for both request and response
|
|
- MINOR: compression: Count separately request and response compression
|
|
- MEDIUM: compression: Make it so we can compress requests as well.
|
|
- BUG/MINOR: lua: remove incorrect usage of strncat()
|
|
- CLEANUP: tcpcheck: remove the only occurrence of sprintf() in the code
|
|
- CLEANUP: ocsp: do no use strpcy() to copy a path!
|
|
- CLEANUP: tree-wide: remove strpcy() from constant strings
|
|
- CLEANUP: opentracing: remove the last two occurrences of strncat()
|
|
- BUILD: compiler: fix __equals_1() on older compilers
|
|
- MINOR: compiler: define a __attribute__warning() macro
|
|
- BUILD: bug.h: add a warning in the base API when unsafe functions are used
|
|
- BUG/MEDIUM: listeners: Use the right parameters for strlcpy2().
|
|
|
|
2023/03/28 : 2.8-dev6
|
|
- BUG/MEDIUM: mux-pt: Set EOS on error on sending path if read0 was received
|
|
- MINOR: ssl: Change the ocsp update log-format
|
|
- MINOR: ssl: Use ocsp update task for "update ssl ocsp-response" command
|
|
- BUG/MINOR: ssl: Fix double free in ocsp update deinit
|
|
- MINOR: ssl: Accept certpath as param in "show ssl ocsp-response" CLI command
|
|
- MINOR: ssl: Add certificate path to 'show ssl ocsp-response' output
|
|
- BUG/MEDIUM: proxy: properly stop backends on soft-stop
|
|
- BUG/MEDIUM: resolvers: Properly stop server resolutions on soft-stop
|
|
- DEBUG: cli/show_fd: Display connection error code
|
|
- DEBUG: ssl-sock/show_fd: Display SSL error code
|
|
- BUG/MEDIUM: mux-h1: Don't block SE_FL_ERROR if EOS is not reported on H1C
|
|
- BUG/MINOR: tcp_sample: fix a bug in fc_dst_port and fc_dst_is_local sample fetches
|
|
- BUG/MINOR: quic: Missing STREAM frame length updates
|
|
- BUG/MEDIUM: connection: Preserve flags when a conn is removed from an idle list
|
|
- BUG/MINOR: mux-h2: make sure the h2c task exists before refreshing it
|
|
- MINOR: buffer: add br_count() to return the number of allocated bufs
|
|
- MINOR: buffer: add br_single() to check if a buffer ring has more than one buf
|
|
- BUG/MEDIUM: mux-h2: only restart sending when mux buffer is decongested
|
|
- BUG/MINOR: mux-h2: set CO_SFL_STREAMER when sending lots of data
|
|
- BUG/MINOR: quic: Missing STREAM frame data pointer updates
|
|
- MINOR: stick-table: add sc-add-gpc() to http-after-response
|
|
- MINOR: doc: missing entries for sc-add-gpc()
|
|
- BUG/MAJOR: qpack: fix possible read out of bounds in static table
|
|
- OPTIM: mux-h1: limit first read size to avoid wrapping
|
|
- MINOR: mux-h2: set CO_SFL_MSG_MORE when sending multiple buffers
|
|
- MINOR: ssl-sock: pass the CO_SFL_MSG_MORE info down the stack
|
|
- MINOR: quic: Stop stressing the acknowledgments process (RX ACK frames)
|
|
- BUG/MINOR: quic: Dysfunctional 01RTT packet number space probing
|
|
- BUG/MEDIUM: stream: do not try to free a failed stream-conn
|
|
- BUG/MEDIUM: mux-h2: do not try to free an unallocated h2s->sd
|
|
- BUG/MEDIUM: mux-h2: erase h2c->wait_event.tasklet on error path
|
|
- BUG/MEDIUM: stconn: don't set the type before allocation succeeds
|
|
- BUG/MINOR: stconn: fix sedesc memory leak on stream allocation failure
|
|
- MINOR: dynbuf: set POOL_F_NO_FAIL on buffer allocation
|
|
- MINOR: pools: preset the allocation failure rate to 1% with -dMfail
|
|
- BUG/MEDIUM: mux-h1: properly destroy a partially allocated h1s
|
|
- BUG/MEDIUM: applet: only set appctx->sedesc on successful allocation
|
|
- BUG/MINOR: quic: wake up MUX on probing only for 01RTT
|
|
- BUG/MINOR: quic: ignore congestion window on probing for MUX wakeup
|
|
- BUILD: thread: implement thread_harmless_end_sig() for threadless builds
|
|
- BUILD: thread: silence a build warning when threads are disabled
|
|
- MINOR: debug: support dumping the libs addresses when running in verbose mode
|
|
- BUG/MINOR: illegal use of the malloc_trim() function if jemalloc is used
|
|
- BUG/MINOR: trace: fix hardcoded level for TRACE_PRINTF
|
|
- BUG/MEDIUM: mux-quic: release data from conn flow-control on qcs reset
|
|
- MINOR: mux-quic: complete traces for qcs emission
|
|
- MINOR: mux-quic: adjust trace level for MAX_DATA/MAX_STREAM_DATA recv
|
|
- MINOR: mux-quic: add flow-control info to minimal trace level
|
|
- MINOR: pools: make sure 'no-memory-trimming' is always used
|
|
- MINOR: pools: intercept malloc_trim() instead of trying to plug holes
|
|
- MEDIUM: pools: move the compat code from trim_all_pools() to malloc_trim()
|
|
- MINOR: pools: export trim_all_pools()
|
|
- MINOR: pattern: use trim_all_pools() instead of a conditional malloc_trim()
|
|
- MINOR: tools: relax dlopen() on malloc/free checks
|
|
- MEDIUM: tools: further relax dlopen() checks too consider grouped symbols
|
|
- BUG/MINOR: pools: restore detection of built-in allocator
|
|
- MINOR: pools: report a replaced memory allocator instead of just malloc_trim()
|
|
- BUG/MINOR: h3: properly handle incomplete remote uni stream type
|
|
- BUG/MINOR: mux-quic: prevent CC status to be erased by shutdown
|
|
- MINOR: mux-quic: interrupt qcc_recv*() operations if CC scheduled
|
|
- MINOR: mux-quic: ensure CONNECTION_CLOSE is scheduled once per conn
|
|
- MINOR: mux-quic: close on qcs allocation failure
|
|
- MINOR: mux-quic: close on frame alloc failure
|
|
- BUG/MINOR: syslog: Request for more data if message was not fully received
|
|
- BUG/MEDIUM: stats: Consume the request except when parsing the POST payload
|
|
- DOC: config: set-var() dconv rendering issues
|
|
- BUG/MEDIUM: mux-h1: Wakeup H1C on shutw if there is no I/O subscription
|
|
- BUG/MINOR: applet/new: fix sedesc freeing logic
|
|
- BUG/MINOR: quic: Missing STREAM frame type updated
|
|
- BUILD: da: extends CFLAGS to support API v3 from 3.1.7 and onwards.
|
|
- BUG/MINOR: ssl: Stop leaking `err` in ssl_sock_load_ocsp()
|
|
|
|
2023/03/10 : 2.8-dev5
|
|
- MINOR: ssl: rename confusing ssl_bind_kws
|
|
- BUG/MINOR: config: crt-list keywords mistaken for bind ssl keywords
|
|
- BUG/MEDIUM: http-ana: Detect closed SC on opposite side during body forwarding
|
|
- BUG/MEDIUM: stconn: Don't rearm the read expiration date if EOI was reached
|
|
- MINOR: global: Add an option to disable the data fast-forward
|
|
- MINOR: haproxy: Add an command option to disable data fast-forward
|
|
- REGTESTS: Remove unsupported feature command in http_splicing.vtc
|
|
- BUG/MEDIUM: wdt: fix wrong thread being checked for sleeping
|
|
- BUG/MINOR: sched: properly report long_rq when tasks remain in the queue
|
|
- BUG/MEDIUM: sched: allow a bit more TASK_HEAVY to be processed when needed
|
|
- MINOR: threads: add flags to know if a thread is started and/or running
|
|
- MINOR: h3/hq-interop: handle no data in decode_qcs() with FIN set
|
|
- BUG/MINOR: mux-quic: transfer FIN on empty STREAM frame
|
|
- BUG/MINOR: mworker: prevent incorrect values in uptime
|
|
- MINOR: h3: add traces on decode_qcs callback
|
|
- BUG/MINOR: quic: Possible unexpected counter incrementation on send*() errors
|
|
- MINOR: quic: Add new traces about by connection RX buffer handling
|
|
- MINOR: quic: Move code to wakeup the timer task to avoid anti-amplication deadlock
|
|
- BUG/MINOR: quic: Really cancel the connection timer from qc_set_timer()
|
|
- MINOR: quic: Simplication for qc_set_timer()
|
|
- MINOR: quic: Kill the connections on ICMP (port unreachable) packet receipt
|
|
- MINOR: quic: Add traces to qc_kill_conn()
|
|
- MINOR: quic: Make qc_dgrams_retransmit() return a status.
|
|
- BUG/MINOR: quic: Missing call to task_queue() in qc_idle_timer_do_rearm()
|
|
- MINOR: quic: Add a trace to identify connections which sent Initial packet.
|
|
- MINOR: quic: Add <pto_count> to the traces
|
|
- BUG/MINOR: quic: Do not probe with too little Initial packets
|
|
- BUG/MINOR: quic: Wrong initialization for io_cb_wakeup boolean
|
|
- BUG/MINOR: quic: Do not drop too small datagrams with Initial packets
|
|
- BUG/MINOR: quic: Missing padding for short packets
|
|
- MINOR: quic: adjust request reject when MUX is already freed
|
|
- BUG/MINOR: quic: also send RESET_STREAM if MUX released
|
|
- BUG/MINOR: quic: acknowledge STREAM frame even if MUX is released
|
|
- BUG/MINOR: h3: prevent hypothetical demux failure on int overflow
|
|
- MEDIUM: h3: enforce GOAWAY by resetting higher unhandled stream
|
|
- MINOR: mux-quic: define qc_shutdown()
|
|
- MINOR: mux-quic: define qc_process()
|
|
- MINOR: mux-quic: implement client-fin timeout
|
|
- MEDIUM: mux-quic: properly implement soft-stop
|
|
- MINOR: quic: mark quic-conn as jobs on socket allocation
|
|
- MEDIUM: quic: trigger fast connection closing on process stopping
|
|
- MINOR: mux-h2/traces: do not log h2s pointer for dummy streams
|
|
- MINOR: mux-h2/traces: add a missing TRACE_LEAVE() in h2s_frt_handle_headers()
|
|
- BUG/MEDIUM: quic: Missing TX buffer draining from qc_send_ppkts()
|
|
- DEBUG: stream: Add a BUG_ON to never exit process_stream with an expired task
|
|
- DOC: config: Fix description of options about HTTP connection modes
|
|
- MINOR: proxy: Only consider backend httpclose option for server connections
|
|
- BUG/MINOR: haproxy: Fix option to disable the fast-forward
|
|
- DOC: config: Add the missing tune.fail-alloc option from global listing
|
|
- MINOR: cfgcond: Implement strstr condition expression
|
|
- MINOR: cfgcond: Implement enabled condition expression
|
|
- REGTESTS: Skip http_splicing.vtc script if fast-forward is disabled
|
|
- REGTESTS: Fix ssl_errors.vtc script to wait for connections close
|
|
- BUG/MINOR: mworker: stop doing strtok directly from the env
|
|
- BUG/MEDIUM: mworker: prevent inconsistent reload when upgrading from old versions
|
|
- BUG/MEDIUM: mworker: don't register mworker_accept_wrapper() when master FD is wrong
|
|
- MINOR: startup: HAPROXY_STARTUP_VERSION contains the version used to start
|
|
- BUG/MINOR: cache: Cache response even if request has "no-cache" directive
|
|
- BUG/MINOR: cache: Check cache entry is complete in case of Vary
|
|
- MINOR: compiler: add a TOSTR() macro to turn a value into a string
|
|
- BUG/MINOR: lua/httpclient: missing free in hlua_httpclient_send()
|
|
- BUG/MEDIUM: httpclient/lua: fix a race between lua GC and hlua_ctx_destroy
|
|
- MEDIUM: channel: Remove CF_READ_NOEXP flag
|
|
- MAJOR: channel: Remove flags to report READ or WRITE errors
|
|
- DEBUG: stream/trace: Add sedesc flags in trace messages
|
|
- MINOR: channel/stconn: Move rto/wto from the channel to the stconn
|
|
- MEDIUM: channel/stconn: Move rex/wex timer from the channel to the sedesc
|
|
- MEDIUM: stconn: Don't requeue the stream's task after I/O
|
|
- MEDIUM: stconn: Replace read and write timeouts by a unique I/O timeout
|
|
- MEDIUM: stconn: Add two date to track successful reads and blocked sends
|
|
- MINOR: applet/stconn: Add a SE flag to specify an endpoint does not expect data
|
|
- MAJOR: stream: Use SE descriptor date to detect read/write timeouts
|
|
- MINOR: stream: Dump the task expiration date in trace messages
|
|
- MINOR: stream: Report rex/wex value using the sedesc date in trace messages
|
|
- MINOR: stream: Use relative expiration date in trace messages
|
|
- MINOR: stconn: Always report READ/WRITE event on shutr/shutw
|
|
- CLEANUP: stconn: Remove old read and write expiration dates
|
|
- MINOR: stconn: Set half-close timeout using proxy settings
|
|
- MINOR: stconn: Remove half-closed timeout
|
|
- REGTESTS: cache: Use rxresphdrs to only get headers for 304 responses
|
|
- MINOR: stconn: Add functions to set/clear SE_FL_EXP_NO_DATA flag from endpoint
|
|
- BUG/MINOR: proto_ux: report correct error when bind_listener fails
|
|
- BUG/MINOR: protocol: fix minor memory leak in protocol_bind_all()
|
|
- MINOR: proto_uxst: add resume method
|
|
- MINOR: listener/api: add lli hint to listener functions
|
|
- MINOR: listener: add relax_listener() function
|
|
- MINOR: listener: workaround for closing a tiny race between resume_listener() and stopping
|
|
- MINOR: listener: make sure we don't pause/resume bypassed listeners
|
|
- BUG/MEDIUM: listener: fix pause_listener() suspend return value handling
|
|
- BUG/MINOR: listener: fix resume_listener() resume return value handling
|
|
- BUG/MEDIUM: resume from LI_ASSIGNED in default_resume_listener()
|
|
- MINOR: listener: pause_listener() becomes suspend_listener()
|
|
- BUG/MEDIUM: listener/proxy: fix listeners notify for proxy resume
|
|
- BUG/MINOR: sock_unix: match finalname with tempname in sock_unix_addrcmp()
|
|
- MEDIUM: proto_ux: properly suspend named UNIX listeners
|
|
- MINOR: proto_ux: ability to dump ABNS names in error messages
|
|
- MINOR: haproxy: always protocol unbind on startup error path
|
|
- BUILD: quic: 32-bits compilation issue with %zu in quic_rx_pkts_del()
|
|
- BUG/MINOR: ring: do not realign ring contents on resize
|
|
- MEDIUM: ring: make the offset relative to the head/tail instead of absolute
|
|
- CLEANUP: ring: remove the now unused ring's offset
|
|
- MINOR: config: add HAPROXY_BRANCH environment variable
|
|
- BUILD: thead: Fix several 32 bits compilation issues with uint64_t variables
|
|
- BUG/MEDIUM: fd: avoid infinite loops in fd_add_to_fd_list and fd_rm_from_fd_list
|
|
- BUG/MEDIUM: h1-htx: Never copy more than the max data allowed during parsing
|
|
- BUG/MINOR: stream: Remove BUG_ON about the task expiration in process_stream()
|
|
- MINOR: stream: Handle stream's timeouts in a dedicated function
|
|
- MEDIUM: stream: Eventually handle stream timeouts when exiting process_stream()
|
|
- MINOR: stconn: Report a send activity when endpoint is willing to consume data
|
|
- BUG/MEDIUM: stconn: Report a blocked send if some output data are not consumed
|
|
- MEDIUM: mux-h1: Don't expect data from server as long as request is unfinished
|
|
- MEDIUM: mux-h2: Don't expect data from server as long as request is unfinished
|
|
- MEDIUM: mux-quic: Don't expect data from server as long as request is unfinished
|
|
- DOC: config: Clarify the meaning of 'hold' in the 'resolvers' section
|
|
- DOC: config: Replace TABs by spaces
|
|
- BUG/MINOR: fd: used the update list from the fd's group instead of tgid
|
|
- BUG/MEDIUM: fd: make fd_delete() support being called from a different group
|
|
- CLEANUP: listener: only store conn counts for local threads
|
|
- MINOR: tinfo: make thread_set functions return nth group/mask instead of first
|
|
- MEDIUM: quic: improve fatal error handling on send
|
|
- MINOR: quic: consider EBADF as critical on send()
|
|
- BUG/MEDIUM: connection: Clear flags when a conn is removed from an idle list
|
|
- BUG/MINOR: mux-h1: Don't report an error on an early response close
|
|
- BUG/MINOR: http-check: Don't set HTX_SL_F_BODYLESS flag with a log-format body
|
|
- BUG/MINOR: http-check: Skip C-L header for empty body when it's not mandatory
|
|
- BUG/MINOR: http-fetch: recognize IPv6 addresses in square brackets in req.hdr_ip()
|
|
- REGTEST: added tests covering smp_fetch_hdr_ip()
|
|
- MINOR: quic: simplify return path in send functions
|
|
- MINOR: quic: implement qc_notify_send()
|
|
- MINOR: quic: purge txbuf before preparing new packets
|
|
- MEDIUM: quic: implement poller subscribe on sendto error
|
|
- MINOR: quic: notify on send ready
|
|
- BUG/MINOR: http-ana: Don't increment conn_retries counter before the L7 retry
|
|
- BUG/MINOR: http-ana: Do a L7 retry on read error if there is no response
|
|
- BUG/MEDIUM: http-ana: Don't close request side when waiting for response
|
|
- BUG/MINOR: mxu-h1: Report a parsing error on abort with pending data
|
|
- MINOR: ssl: Destroy ocsp update http_client during cleanup
|
|
- MINOR: ssl: Reinsert ocsp update entries later in case of unknown error
|
|
- MINOR: ssl: Add ocsp update success/failure counters
|
|
- MINOR: ssl: Store specific ocsp update errors in response and update ctx
|
|
- MINOR: ssl: Add certificate's path to certificate_ocsp structure
|
|
- MINOR: ssl: Add 'show ssl ocsp-updates' CLI command
|
|
- MINOR: ssl: Add sample fetches related to OCSP update
|
|
- MINOR: ssl: Use dedicated proxy and log-format for OCSP update
|
|
- MINOR: ssl: Reorder struct certificate_ocsp members
|
|
- MINOR: ssl: Increment OCSP update replay delay in case of failure
|
|
- MINOR: ssl: Add way to dump ocsp response in base64
|
|
- MINOR: ssl: Add global options to modify ocsp update min/max delay
|
|
- REGTESTS: ssl: Fix ocsp update crt-lists
|
|
- REGTESTS: ssl: Add test for new ocsp update cli commands
|
|
- MINOR: ssl: Add ocsp-update information to "show ssl crt-list"
|
|
- BUG/MINOR: ssl: Fix ocsp-update when using "add ssl crt-list"
|
|
- MINOR: ssl: Replace now.tv_sec with date.tv_sec in ocsp update task
|
|
- BUG/MINOR: ssl: Use 'date' instead of 'now' in ocsp stapling callback
|
|
- BUG/MEDIUM: quic: properly handle duplicated STREAM frames
|
|
- BUG/MINOR: cli: fix CLI handler "set anon global-key" call
|
|
- MINOR: http_ext: adding some documentation, forgot to inline function
|
|
- BUG/MINOR: quic: Do not send too small datagrams (with Initial packets)
|
|
- MINOR: quic: Add a BUG_ON_HOT() call for too small datagrams
|
|
- BUG/MINOR: quic: Ensure to be able to build datagrams to be retransmitted
|
|
- BUG/MINOR: quic: v2 Initial packets decryption failed
|
|
- MINOR: quic: Add traces about QUIC TLS key update
|
|
- BUG/MINOR: quic: Remove force_ack for Initial,Handshake packets
|
|
- BUG/MINOR: quic: Ensure not to retransmit packets with no ack-eliciting frames
|
|
- BUG/MINOR: quic: Do not resend already acked frames
|
|
- BUG/MINOR: quic: Missing detections of amplification limit reached
|
|
- MINOR: quic: Send PING frames when probing Initial packet number space
|
|
- BUG/MEDIUM: quic: do not crash when handling STREAM on released MUX
|
|
- BUG/MAJOR: fd/thread: fix race between updates and closing FD
|
|
- BUG/MEDIUM: dns: ensure ring offset is properly reajusted to head
|
|
- BUG/MINOR: mux-quic: properly init STREAM frame as not duplicated
|
|
- MINOR: quic: Do not accept wrong active_connection_id_limit values
|
|
- MINOR: quic: Store the next connection IDs sequence number in the connection
|
|
- MINOR: quic: Typo fix for ACK_ECN frame
|
|
- MINOR: quic: RETIRE_CONNECTION_ID frame handling (RX)
|
|
- MINOR: quic: Useless TLS context allocations in qc_do_rm_hp()
|
|
- MINOR: quic: Add spin bit support
|
|
- MINOR: quic: Add transport parameters to "show quic"
|
|
- BUG/MEDIUM: sink/forwarder: ensure ring offset is properly readjusted to head
|
|
- BUG/MINOR: dns: fix ring offset calculation on first read
|
|
- BUG/MINOR: dns: fix ring offset calculation in dns_resolve_send()
|
|
- MINOR: jwt: Add support for RSA-PSS signatures (PS256 algorithm)
|
|
- MINOR: h3: add traces on h3_init_uni_stream() error paths
|
|
- MINOR: quic: create a global list dedicated for closing QUIC conns
|
|
- MINOR: quic: handle new closing list in show quic
|
|
- MEDIUM: quic: release closing connections on stopping
|
|
- BUG/MINOR: quic: Wrong RETIRE_CONNECTION_ID sequence number check
|
|
- MINOR: fd/cli: report the polling mask in "show fd"
|
|
- CLEANUP: sock: always perform last connection updates before wakeup
|
|
- MINOR: quic: Do not stress the peer during retransmissions of lost packets
|
|
- BUG/MINOR: init: properly detect NUMA bindings on large systems
|
|
- BUG/MINOR: thread: report thread and group counts in the correct order
|
|
- BUG/MAJOR: fd/threads: close a race on closing connections after takeover
|
|
- MINOR: debug: add random delay injection with "debug dev delay-inj"
|
|
- BUG/MINOR: mworker: use MASTER_MAXCONN as default maxconn value
|
|
- BUG/MINOR: quic: Missing listener accept queue tasklet wakeups
|
|
- MINOR: quic_sock: un-statify quic_conn_sock_fd_iocb()
|
|
- DOC: config: fix typo "dependeing" in bind thread description
|
|
- DOC/CLEANUP: fix typos
|
|
|
|
2023/02/14 : 2.8-dev4
|
|
- BUG/MINOR: stats: fix source buffer size for http dump
|
|
- BUG/MEDIUM: stats: fix resolvers dump
|
|
- BUG/MINOR: stats: fix ctx->field update in stats_dump_proxy_to_buffer()
|
|
- BUG/MINOR: stats: fix show stats field ctx for servers
|
|
- BUG/MINOR: stats: fix STAT_STARTED behavior with full htx
|
|
- MINOR: quic: Update version_information transport parameter to draft-14
|
|
- BUG/MINOR: stats: Prevent HTTP "other sessions" counter underflows
|
|
- BUG/MEDIUM: thread: fix extraneous shift in the thread_set parser
|
|
- BUG/MEDIUM: listener/thread: bypass shards setting on failed thread resolution
|
|
- BUG/MINOR: ssl/crt-list: warn when a line is malformated
|
|
- BUG/MEDIUM: stick-table: do not leave entries in end of window during purge
|
|
- BUG/MINOR: clock: do not mix wall-clock and monotonic time in uptime calculation
|
|
- BUG/MEDIUM: cache: use the correct time reference when comparing dates
|
|
- MEDIUM: clock: force internal time to wrap early after boot
|
|
- BUILD: ssl/ocsp: ssl_ocsp-t.h depends on ssl_sock-t.h
|
|
- MINOR: ssl/ocsp: add a function to check the OCSP update configuration
|
|
- MINOR: cfgparse/server: move (min/max)conn postparsing logic into dedicated function
|
|
- BUG/MINOR: server/add: ensure minconn/maxconn consistency when adding server
|
|
- BUG/MEDIUM: stconn: Schedule a shutw on shutr if data must be sent first
|
|
- BUG/MEDIUM: quic: fix crash when "option nolinger" is set in the frontend
|
|
- MINOR: quic: implement a basic "show quic" CLI handler
|
|
- MINOR: quic: display CIDs and state in "show quic"
|
|
- MINOR: quic: display socket info on "show quic"
|
|
- MINOR: quic: display infos about various encryption level on "show quic"
|
|
- MINOR: quic: display Tx stream info on "show quic"
|
|
- MINOR: quic: filter closing conn on "show quic"
|
|
- BUG/MINOR: quic: fix filtering of closing connections on "show quic"
|
|
- BUG/MEDIUM: stconn: Don't needlessly wake the stream on send during fast-forward
|
|
- BUG/MINOR: quic: fix type bug on "show quic" for 32-bits arch
|
|
- BUG/MINOR: mworker: fix uptime for master process
|
|
- BUG/MINOR: clock/stats: also use start_time not start_date in HTML info
|
|
- BUG/MEDIUM: stconn: stop to enable/disable reads from streams via si_update_rx
|
|
- BUG/MEDIUM: quic: Buffer overflow when looking through QUIC CLI keyword list
|
|
- DOC: proxy-protocol: fix wrong byte in provided example
|
|
- MINOR: ssl-ckch: Stop to test CF_WRITE_ERROR to commit CA/CRL file
|
|
- MINOR: bwlim: Remove useless test on CF_READ_ERROR to detect the last packet
|
|
- BUG/MINOR: http-ana: Fix condition to set LAST termination flag
|
|
- BUG/MINOR: mux-h1: Don't report an H1C error on client timeout
|
|
- BUG/MEDIUM: spoe: Don't set the default traget for the SPOE agent frontend
|
|
- BUG/MINOR: quic: Wrong datagram dispatch because of qc_check_dcid()
|
|
- BUG/CRITICAL: http: properly reject empty http header field names
|
|
|
|
2023/02/04 : 2.8-dev3
|
|
- BUG/MINOR: sink: make sure to always properly unmap a file-backed ring
|
|
- DEV: haring: add a new option "-r" to automatically repair broken files
|
|
- BUG/MINOR: ssl: Fix leaks in 'update ssl ocsp-response' CLI command
|
|
- MINOR: ssl: Remove debug fprintf in 'update ssl ocsp-response' cli command
|
|
- MINOR: connection: add a BUG_ON() to detect destroying connection in idle list
|
|
- MINOR: mux-quic/h3: send SETTINGS as soon as transport is ready
|
|
- BUG/MINOR: h3: fix GOAWAY emission
|
|
- BUG/MEDIUM: mux-quic: fix crash on H3 SETTINGS emission
|
|
- BUG/MEDIUM: hpack: fix incorrect huffman decoding of some control chars
|
|
- BUG/MINOR: log: release global log servers on exit
|
|
- BUG/MINOR: ring: release the backing store name on exit
|
|
- BUG/MINOR: sink: free the forwarding task on exit
|
|
- CLEANUP: trace: remove the QUIC-specific ifdefs
|
|
- MINOR: trace: add a TRACE_ENABLED() macro to determine if a trace is active
|
|
- MINOR: trace: add a trace_no_cb() dummy callback for when to use no callback
|
|
- MINOR: trace: add the long awaited TRACE_PRINTF()
|
|
- MINOR: h2: add h2_phdr_to_ist() to make ISTs from pseudo headers
|
|
- MEDIUM: mux-h2/trace: add tracing support for headers
|
|
- CLEANUP: mux-h2/trace: shorten the name of the header enc/dec functions
|
|
- DEV: hpack: fix `trash` build regression
|
|
- MINOR: http_htx: add http_append_header() to append value to header
|
|
- MINOR: http_htx: add http_prepend_header() to prepend value to header
|
|
- MINOR: sample: add ARGC_OPT
|
|
- MINOR: proxy: introduce http only options
|
|
- MINOR: proxy/http_ext: introduce proxy forwarded option
|
|
- REGTEST: add ifnone-forwardfor test
|
|
- MINOR: proxy: move 'forwardfor' option to http_ext
|
|
- MINOR: proxy: move 'originalto' option to http_ext
|
|
- MINOR: http_ext: introduce http ext converters
|
|
- MINOR: http_ext: add rfc7239_is_valid converter
|
|
- MINOR: http_ext: add rfc7239_field converter
|
|
- MINOR: http_ext: add rfc7239_n2nn converter
|
|
- MINOR: http_ext: add rfc7239_n2np converter
|
|
- REGTEST: add RFC7239 forwarded header tests
|
|
- OPTIM: http_ext/7239: introduce c_mode to save some space
|
|
- MINOR: http_ext/7239: warn the user when fetch is not available
|
|
- MEDIUM: proxy/http_ext: implement dynamic http_ext
|
|
- MINOR: cfgparse/http_ext: move post-parsing http_ext steps to http_ext
|
|
- DOC: config: fix option spop-check proxy compatibility
|
|
- BUG/MINOR: fcgi-app: prevent 'use-fcgi-app' in default section
|
|
- DOC: config: 'http-send-name-header' option may be used in default section
|
|
- BUG/MINOR: mux-h2: Fix possible null pointer deref on h2c in _h2_trace_header()
|
|
- BUG/MINOR: http_ext/7239: ipv6 dumping relies on out of scope variables
|
|
- BUG/MEDIUM: h3: do not crash if no buf space for trailers
|
|
- OPTIM: h3: skip buf realign if no trailer to encode
|
|
- MINOR: mux-quic/h3: define stream close callback
|
|
- BUG/MEDIUM: h3: handle STOP_SENDING on control stream
|
|
- BUG/MINOR: h3: reject RESET_STREAM received for control stream
|
|
- MINOR: h3: add missing traces on closure
|
|
- BUG/MEDIUM: ssl: wrong eviction from the session cache tree
|
|
- BUG/MINOR: h3: fix crash due to h3 traces
|
|
- BUG/MINOR: h3: fix crash due to h3 traces
|
|
- BUG/MEDIUM: thread: consider secondary threads as idle+harmless during boot
|
|
- BUG/MINOR: stats: use proper buffer size for http dump
|
|
- BUILD: makefile: fix PCRE overriding specific lib path
|
|
- MINOR: quic: remove fin from quic_stream frame type
|
|
- MINOR: quic: ensure offset is properly set for STREAM frames
|
|
- MINOR: quic: define new functions for frame alloc
|
|
- MINOR: quic: refactor frame deallocation
|
|
- MEDIUM: quic: implement a retransmit limit per frame
|
|
- MINOR: quic: add config for retransmit limit
|
|
- OPTIM: htx: inline the most common memcpy(8)
|
|
- CLEANUP: quic: no need for atomics on packet refcnt
|
|
- MINOR: stats: add by HTTP version cumulated number of sessions and requests
|
|
- BUG/MINOR: quic: Possible stream truncations under heavy loss
|
|
- BUG/MINOR: quic: Too big PTO during handshakes
|
|
- MINOR: quic: Add a trace about variable states in qc_prep_fast_retrans()
|
|
- BUG/MINOR: quic: Do not ignore coalesced packets in qc_prep_fast_retrans()
|
|
- MINOR: quic: When probing Handshake packet number space, also probe the Initial one
|
|
- BUG/MAJOR: quic: Possible crash when processing 1-RTT during 0-RTT session
|
|
- MEDIUM: quic: Remove qc_conn_finalize() from the ClientHello TLS callbacks
|
|
- BUG/MINOR: quic: Unchecked source connection ID
|
|
- MEDIUM: listener: move the analysers mask to the bind_conf
|
|
- MINOR: listener: move maxseg and tcp_ut to bind_conf
|
|
- MINOR: listener: move maxaccept from listener to bind_conf
|
|
- MINOR: listener: move the backlog setting from listener to bind_conf
|
|
- MINOR: listener: move the maxconn parameter to the bind_conf
|
|
- MINOR: listener: move the ->accept callback to the bind_conf
|
|
- MINOR: listener: remove the useless ->default_target field
|
|
- MINOR: listener: move the nice field to the bind_conf
|
|
- MINOR: listener: move the NOLINGER option to the bind_conf
|
|
- MINOR: listener: move the NOQUICKACK option to the bind_conf
|
|
- MINOR: listener: move the DEF_ACCEPT option to the bind_conf
|
|
- MINOR: listener: move TCP_FO to bind_conf
|
|
- MINOR: listener: move the ACC_PROXY and ACC_CIP options to bind_conf
|
|
- MINOR: listener: move LI_O_UNLIMITED and LI_O_NOSTOP to bind_conf
|
|
- MINOR: listener: get rid of LI_O_TCP_L4_RULES and LI_O_TCP_L5_RULES
|
|
- CLEANUP: listener: remove the now unused options field
|
|
- MINOR: listener: remove the now useless LI_F_QUIC_LISTENER flag
|
|
- CLEANUP: config: remove test for impossible case regarding bind thread mask
|
|
- MINOR: thread: add a simple thread_set API
|
|
- MEDIUM: listener/config: make the "thread" parser rely on thread_sets
|
|
- CLEANUP: config: stop using bind_tgroup and bind_thread
|
|
- CLEANUP: listener/thread: remove now unused bind_conf's bind_tgroup/bind_thread
|
|
- CLEANUP: listener/config: remove the special case for shards==1
|
|
- MEDIUM: config: restrict shards, not bind_conf to one group each
|
|
- BUG/MEDIUM: quic: do not split STREAM frames if no space
|
|
- BUILD: thread: fix build warnings with older gcc compilers
|
|
|
|
2023/01/22 : 2.8-dev2
|
|
- CLEANUP: htx: fix a typo in an error message of http_str_to_htx
|
|
- DOC: config: added optional rst-ttl argument to silent-drop in action lists
|
|
- BUG/MINOR: ssl: Fix crash in 'update ssl ocsp-response' CLI command
|
|
- BUG/MINOR: ssl: Crash during cleanup because of ocsp structure pointer UAF
|
|
- MINOR: ssl: Create temp X509_STORE filled with cert chain when checking ocsp response
|
|
- MINOR: ssl: Only set ocsp->issuer if issuer not in cert chain
|
|
- MINOR: ssl: Release ssl_ocsp_task_ctx.cur_ocsp when destroying task
|
|
- MINOR: ssl: Detect more OCSP update inconsistencies
|
|
- BUG/MINOR: ssl: Fix OCSP_CERTID leak when same certificate is used multiple times
|
|
- MINOR: ssl: Limit ocsp_uri buffer size to minimum
|
|
- MINOR: ssl: Remove mention of ckch_store in error message of cli command
|
|
- MINOR: channel: Don't test CF_READ_NULL while CF_SHUTR is enough
|
|
- REORG: channel: Rename CF_READ_NULL to CF_READ_EVENT
|
|
- REORG: channel: Rename CF_WRITE_NULL to CF_WRITE_EVENT
|
|
- MEDIUM: channel: Use CF_READ_EVENT instead of CF_READ_PARTIAL
|
|
- MEDIUM: channel: Use CF_WRITE_EVENT instead of CF_WRITE_PARTIAL
|
|
- MINOR: channel: Remove CF_READ_ACTIVITY
|
|
- MINOR: channel: Remove CF_WRITE_ACTIVITY
|
|
- MINOR: channel: Remove CF_ANA_TIMEOUT and report CF_READ_EVENT instead
|
|
- MEDIUM: channel: Remove CF_READ_ATTACHED and report CF_READ_EVENT instead
|
|
- MINOR: channel: Stop to test CF_READ_ERROR flag if CF_SHUTR is enough
|
|
- MINOR: channel/applets: Stop to test CF_WRITE_ERROR flag if CF_SHUTW is enough
|
|
- DOC: management: add details on "Used" status
|
|
- DOC: management: add details about @system-ca in "show ssl ca-file"
|
|
- BUG/MINOR: mux-quic: fix transfer of empty HTTP response
|
|
- MINOR: mux-quic: add traces for flow-control limit reach
|
|
- MAJOR: mux-quic: rework stream sending priorization
|
|
- MEDIUM: h3: send SETTINGS before STREAM frames
|
|
- MINOR: mux-quic: use send-list for STOP_SENDING/RESET_STREAM emission
|
|
- MINOR: mux-quic: use send-list for immediate sending retry
|
|
- BUG/MINOR: h1-htx: Remove flags about protocol upgrade on non-101 responses
|
|
- BUG/MINOR: hlua: Fix Channel.line and Channel.data behavior regarding the doc
|
|
- BUG/MINOR: resolvers: Wait the resolution execution for a do_resolv action
|
|
- BUG/MINOR: ssl: Remove unneeded pointer check in ocsp cli release function
|
|
- BUG/MINOR: ssl: Missing ssl_conf pointer check when checking ocsp update inconsistencies
|
|
- DEV: tcploop: add minimal support for unix sockets
|
|
- BUG/MEDIUM: listener: duplicate inherited FDs if needed
|
|
- BUG/MINOR: ssl: OCSP minimum update threshold not properly set
|
|
- MINOR: ssl: Treat ocsp-update inconsistencies as fatal errors
|
|
- MINOR: ssl: Do not wake ocsp update task if update tree empty
|
|
- MINOR: ssl: Reinsert updated ocsp response later in tree in case of http error
|
|
- REGTEST: ssl: Add test for 'update ssl ocsp-response' CLI command
|
|
- OPTIM: global: move byte counts out of global and per-thread
|
|
- BUG/MEDIUM: peers: make "show peers" more careful about partial initialization
|
|
- BUG/MINOR: promex: Don't forget to consume the request on error
|
|
- MINOR: http-ana: Add a function to set HTTP termination flags
|
|
- MINOR: http-ana: Use http_set_term_flags() in most of HTTP analyzers
|
|
- BUG/MINOR: http-ana: Report SF_FINST_R flag on error waiting the request body
|
|
- MINOR: http-ana: Use http_set_term_flags() when waiting the request body
|
|
- BUG/MINOR: http-fetch: Don't block HTTP sample fetch eval in HTTP_MSG_ERROR state
|
|
- MAJOR: http-ana: Review error handling during HTTP payload forwarding
|
|
- CLEANUP: http-ana: Remove HTTP_MSG_ERROR state
|
|
- BUG/MEDIUM: mux-h2: Don't send CANCEL on shutw when response length is unkown
|
|
- MINOR: htx: Add an HTX value for the extra field is payload length is unknown
|
|
- BUG/MINOR: http-ana: make set-status also update txn->status
|
|
- BUG/MINOR: listeners: fix suspend/resume of inherited FDs
|
|
- DOC: config: fix wrong section number for "protocol prefixes"
|
|
- DOC: config: fix aliases for protocol prefixes "udp4@" and "udp6@"
|
|
- DOC: config: mention the missing "quic4@" and "quic6@" in protocol prefixes
|
|
- MINOR: listener: also support "quic+" as an address prefix
|
|
- CLEANUP: stconn: always use se_fl_set_error() to set the pending error
|
|
- BUG/MEDIUM: stconn: also consider SE_FL_EOI to switch to SE_FL_ERROR
|
|
- MINOR: quic: Useless test about datagram destination addresses
|
|
- MINOR: quic: Disable the active connection migrations
|
|
- MINOR: quic: Add "no-quic" global option
|
|
- MINOR: sample: Add "quic_enabled" sample fetch
|
|
- MINOR: quic: Replace v2 draft definitions by those of the final 2 version
|
|
- BUG/MINOR: mux-fcgi: Correctly set pathinfo
|
|
- DOC: config: fix "Address formats" chapter syntax
|
|
- BUG/MEDIUM: jwt: Properly process ecdsa signatures (concatenated R and S params)
|
|
- BUILD: ssl: add ECDSA_SIG_set0() for openssl < 1.1 or libressl < 2.7
|
|
- Revert "BUILD: ssl: add ECDSA_SIG_set0() for openssl < 1.1 or libressl < 2.7"
|
|
- BUG/MINOR: ssl: Fix compilation with OpenSSL 1.0.2 (missing ECDSA_SIG_set0)
|
|
- BUG/MINOR: listener: close tiny race between resume_listener() and stopping
|
|
- BUG/MINOR: h3: properly handle connection headers
|
|
- MINOR: h3: extend function for QUIC varint encoding
|
|
- MINOR: h3: implement TRAILERS encoding
|
|
- BUG/MINOR: bwlim: Check scope for period expr for set-bandwitdh-limit actions
|
|
- MEDIUM: bwlim: Support constants limit or period on set-bandwidth-limit actions
|
|
- BUG/MINOR: bwlim: Fix parameters check for set-bandwidth-limit actions
|
|
- MINOR: h3: implement TRAILERS decoding
|
|
- BUG/MEDIUM: fd/threads: fix again incorrect thread selection in wakeup broadcast
|
|
- BUG/MINOR: thread: always reload threads_enabled in loops
|
|
- MINOR: threads: add a thread_harmless_end() version that doesn't wait
|
|
- BUG/MEDIUM: debug/thread: make the debug handler not wait for !rdv_requests
|
|
- BUG/MINOR: mux-h2: make sure to produce a log on invalid requests
|
|
- BUG/MINOR: mux-h2: add missing traces on failed headers decoding
|
|
- BUILD: hpack: include global.h for the trash that is needed in debug mode
|
|
- BUG/MINOR: jwt: Wrong return value checked
|
|
- BUG/MINOR: quic: Do not request h3 clients to close its unidirection streams
|
|
- MEDIUM: quic-sock: fix udp source address for send on listener socket
|
|
|
|
2023/01/07 : 2.8-dev1
|
|
- MEDIUM: 51d: add support for 51Degrees V4 with Hash algorithm
|
|
- MINOR: debug: support pool filtering on "debug dev memstats"
|
|
- MINOR: debug: add a balance of alloc - free at the end of the memstats dump
|
|
- LICENSE: wurfl: clarify the dummy library license.
|
|
- MINOR: event_hdl: add event handler base api
|
|
- DOC/MINOR: api: add documentation for event_hdl feature
|
|
- MEDIUM: ssl: rename the struct "cert_key_and_chain" to "ckch_data"
|
|
- MINOR: quic: remove qc from quic_rx_packet
|
|
- MINOR: quic: complete traces in qc_rx_pkt_handle()
|
|
- MINOR: quic: extract datagram parsing code
|
|
- MINOR: tools: add port for ipcmp as optional criteria
|
|
- MINOR: quic: detect connection migration
|
|
- MINOR: quic: ignore address migration during handshake
|
|
- MINOR: quic: startup detect for quic-conn owned socket support
|
|
- MINOR: quic: test IP_PKTINFO support for quic-conn owned socket
|
|
- MINOR: quic: define config option for socket per conn
|
|
- MINOR: quic: allocate a socket per quic-conn
|
|
- MINOR: quic: use connection socket for emission
|
|
- MEDIUM: quic: use quic-conn socket for reception
|
|
- MEDIUM: quic: move receive out of FD handler to quic-conn io-cb
|
|
- MINOR: mux-quic: rename duplicate function names
|
|
- MEDIUM: quic: requeue datagrams received on wrong socket
|
|
- MINOR: quic: reconnect quic-conn socket on address migration
|
|
- MINOR: quic: activate socket per conn by default
|
|
- BUG/MINOR: ssl: initialize SSL error before parsing
|
|
- BUG/MINOR: ssl: initialize WolfSSL before parsing
|
|
- BUG/MINOR: quic: fix fd leak on startup check quic-conn owned socket
|
|
- BUG/MEDIIM: stconn: Flush output data before forwarding close to write side
|
|
- MINOR: server: add srv->rid (revision id) value
|
|
- MINOR: stats: add server revision id support
|
|
- MINOR: server/event_hdl: add support for SERVER_ADD and SERVER_DEL events
|
|
- MINOR: server/event_hdl: add support for SERVER_UP and SERVER_DOWN events
|
|
- BUG/MEDIUM: checks: do not reschedule a possibly running task on state change
|
|
- BUG/MINOR: checks: make sure fastinter is used even on forced transitions
|
|
- CLEANUP: assorted typo fixes in the code and comments
|
|
- MINOR: mworker: display an alert upon a wait-mode exit
|
|
- BUG/MEDIUM: mworker: fix segv in early failure of mworker mode with peers
|
|
- BUG/MEDIUM: mworker: create the mcli_reload socketpairs in case of upgrade
|
|
- BUG/MINOR: checks: restore legacy on-error fastinter behavior
|
|
- MINOR: check: use atomic for s->consecutive_errors
|
|
- MINOR: stats: properly handle ST_F_CHECK_DURATION metric
|
|
- MINOR: mworker: remove unused legacy code in mworker_cleanlisteners
|
|
- MINOR: peers: unused code path in process_peer_sync
|
|
- BUG/MINOR: init/threads: continue to limit default thread count to max per group
|
|
- CLEANUP: init: remove useless assignment of nbthread
|
|
- BUILD: atomic: atomic.h may need compiler.h on ARMv8.2-a
|
|
- BUILD: makefile/da: also clean Os/ in Device Atlas dummy lib dir
|
|
- BUG/MEDIUM: httpclient/lua: double LIST_DELETE on end of lua task
|
|
- CLEANUP: pools: move the write before free to the uaf-only function
|
|
- CLEANUP: pool: only include pool-os from pool.c not pool.h
|
|
- REORG: pool: move all the OS specific code to pool-os.h
|
|
- CLEANUP: pools: get rid of CONFIG_HAP_POOLS
|
|
- DEBUG: pool: show a few examples in -dMhelp
|
|
- MINOR: pools: make DEBUG_UAF a runtime setting
|
|
- BUG/MINOR: promex: create haproxy_backend_agg_server_status
|
|
- MINOR: promex: introduce haproxy_backend_agg_check_status
|
|
- DOC: promex: Add missing backend metrics
|
|
- BUG/MAJOR: fcgi: Fix uninitialized reserved bytes
|
|
- REGTESTS: fix the race conditions in iff.vtc
|
|
- CI: github: reintroduce openssl 1.1.1
|
|
- BUG/MINOR: quic: properly handle alloc failure in qc_new_conn()
|
|
- BUG/MINOR: quic: handle alloc failure on qc_new_conn() for owned socket
|
|
- CLEANUP: mux-quic: remove unused attribute on qcs_is_close_remote()
|
|
- BUG/MINOR: mux-quic: remove qcs from opening-list on free
|
|
- BUG/MINOR: mux-quic: handle properly alloc error in qcs_new()
|
|
- CI: github: split ssl lib selection based on git branch
|
|
- REGTESTS: startup: check maxconn computation
|
|
- BUG/MINOR: startup: don't use internal proxies to compute the maxconn
|
|
- REGTESTS: startup: change the expected maxconn to 11000
|
|
- CI: github: set ulimit -n to a greater value
|
|
- REGTESTS: startup: activate automatic_maxconn.vtc
|
|
- MINOR: sample: add param converter
|
|
- CLEANUP: ssl: remove check on srv->proxy
|
|
- BUG/MEDIUM: freq-ctr: Don't compute overshoot value for empty counters
|
|
- BUG/MEDIUM: resolvers: Use tick_first() to update the resolvers task timeout
|
|
- REGTESTS: startup: add alternatives values in automatic_maxconn.vtc
|
|
- BUG/MEDIUM: h3: reject request with invalid header name
|
|
- BUG/MEDIUM: h3: reject request with invalid pseudo header
|
|
- MINOR: http: extract content-length parsing from H2
|
|
- BUG/MEDIUM: h3: parse content-length and reject invalid messages
|
|
- CI: github: remove redundant ASAN loop
|
|
- CI: github: split matrix for development and stable branches
|
|
- BUG/MEDIUM: mux-h1: Don't release H1 stream upgraded from TCP on error
|
|
- BUG/MINOR: mux-h1: Fix test instead a BUG_ON() in h1_send_error()
|
|
- MINOR: http-htx: add BUG_ON to prevent API error on http_cookie_register
|
|
- BUG/MEDIUM: h3: fix cookie header parsing
|
|
- BUG/MINOR: h3: fix memleak on HEADERS parsing failure
|
|
- MINOR: h3: check return values of htx_add_* on headers parsing
|
|
- MINOR: ssl: Remove unneeded buffer allocation in show ocsp-response
|
|
- MINOR: ssl: Remove unnecessary alloc'ed trash chunk in show ocsp-response
|
|
- BUG/MINOR: ssl: Fix memory leak of find_chain in ssl_sock_load_cert_chain
|
|
- MINOR: stats: provide ctx for dumping functions
|
|
- MINOR: stats: introduce stats field ctx
|
|
- BUG/MINOR: stats: fix show stat json buffer limitation
|
|
- MINOR: stats: make show info json future-proof
|
|
- BUG/MINOR: quic: fix crash on PTO rearm if anti-amplification reset
|
|
- BUILD: 51d: fix build issue with recent compilers
|
|
- REGTESTS: startup: disable automatic_maxconn.vtc
|
|
- BUILD: peers: peers-t.h depends on stick-table-t.h
|
|
- BUG/MEDIUM: tests: use tmpdir to create UNIX socket
|
|
- BUG/MINOR: mux-h1: Report EOS on parsing/internal error for not running stream
|
|
- BUG/MINOR:: mux-h1: Never handle error at mux level for running connection
|
|
- BUG/MEDIUM: stats: Rely on a local trash buffer to dump the stats
|
|
- OPTIM: pool: split the read_mostly from read_write parts in pool_head
|
|
- MINOR: pool: make the thread-local hot cache size configurable
|
|
- MINOR: freq_ctr: add opportunistic versions of swrate_add()
|
|
- MINOR: pool: only use opportunistic versions of the swrate_add() functions
|
|
- REGTESTS: ssl: enable the ssl_reuse.vtc test for WolfSSL
|
|
- BUG/MEDIUM: mux-quic: fix double delete from qcc.opening_list
|
|
- BUG/MEDIUM: quic: properly take shards into account on bind lines
|
|
- BUG/MINOR: quic: do not allocate more rxbufs than necessary
|
|
- MINOR: ssl: Add a lock to the OCSP response tree
|
|
- MINOR: httpclient: Make the CLI flags public for future use
|
|
- MINOR: ssl: Add helper function that extracts an OCSP URI from a certificate
|
|
- MINOR: ssl: Add OCSP request helper function
|
|
- MINOR: ssl: Add helper function that checks the validity of an OCSP response
|
|
- MINOR: ssl: Add "update ssl ocsp-response" cli command
|
|
- MEDIUM: ssl: Add ocsp_certid in ckch structure and discard ocsp buffer early
|
|
- MINOR: ssl: Add ocsp_update_tree and helper functions
|
|
- MINOR: ssl: Add crt-list ocsp-update option
|
|
- MINOR: ssl: Store 'ocsp-update' mode in the ckch_data and check for inconsistencies
|
|
- MEDIUM: ssl: Insert ocsp responses in update tree when needed
|
|
- MEDIUM: ssl: Add ocsp update task main function
|
|
- MEDIUM: ssl: Start update task if at least one ocsp-update option is set to on
|
|
- DOC: ssl: Add documentation for ocsp-update option
|
|
- REGTESTS: ssl: Add tests for ocsp auto update mechanism
|
|
- MINOR: ssl: Move OCSP code to a dedicated source file
|
|
- BUG/MINOR: ssl/ocsp: check chunk_strcpy() in ssl_ocsp_get_uri_from_cert()
|
|
- CLEANUP: ssl/ocsp: add spaces around operators
|
|
- BUG/MEDIUM: mux-h2: Refuse interim responses with end-stream flag set
|
|
- BUG/MINOR: pool/stats: Use ullong to report total pool usage in bytes in stats
|
|
- BUG/MINOR: ssl/ocsp: httpclient blocked when doing a GET
|
|
- MINOR: httpclient: don't add body when istlen is empty
|
|
- MEDIUM: httpclient: change the default log format to skip duplicate proxy data
|
|
- BUG/MINOR: httpclient/log: free of invalid ptr with httpclient_log_format
|
|
- MEDIUM: mux-quic: implement shutw
|
|
- MINOR: mux-quic: do not count stream flow-control if already closed
|
|
- MINOR: mux-quic: handle RESET_STREAM reception
|
|
- MEDIUM: mux-quic: implement STOP_SENDING emission
|
|
- MINOR: h3: use stream error when needed instead of connection
|
|
- CI: github: enable github api authentication for OpenSSL tags read
|
|
- BUG/MINOR: mux-quic: ignore remote unidirectional stream close
|
|
- CI: github: use the GITHUB_TOKEN instead of a manually generated token
|
|
- BUILD: makefile: build the features list dynamically
|
|
- BUILD: makefile: move common options-oriented macros to include/make/options.mk
|
|
- BUILD: makefile: sort the features list
|
|
- BUILD: makefile: initialize all build options' variables at once
|
|
- BUILD: makefile: add a function to collect all options' CFLAGS/LDFLAGS
|
|
- BUILD: makefile: start to automatically collect CFLAGS/LDFLAGS
|
|
- BUILD: makefile: ensure that all USE_* handlers appear before CFLAGS are used
|
|
- BUILD: makefile: clean the wolfssl include and lib generation rules
|
|
- BUILD: makefile: make sure to also ignore SSL_INC when using wolfssl
|
|
- BUILD: makefile: reference libdl only once
|
|
- BUILD: makefile: make sure LUA_INC and LUA_LIB are always initialized
|
|
- BUILD: makefile: do not restrict Lua's prepend path to empty LUA_LIB_NAME
|
|
- BUILD: makefile: never force -latomic, set USE_LIBATOMIC instead
|
|
- BUILD: makefile: add an implicit USE_MATH variable for -lm
|
|
- BUILD: makefile: properly report USE_PCRE/USE_PCRE2 in features
|
|
- CLEANUP: makefile: properly indent ifeq/ifneq conditional blocks
|
|
- BUILD: makefile: rework 51D to split v3/v4
|
|
- BUILD: makefile: support LIBCRYPT_LDFLAGS
|
|
- BUILD: makefile: support RT_LDFLAGS
|
|
- BUILD: makefile: support THREAD_LDFLAGS
|
|
- BUILD: makefile: support BACKTRACE_LDFLAGS
|
|
- BUILD: makefile: support SYSTEMD_LDFLAGS
|
|
- BUILD: makefile: support ZLIB_CFLAGS and ZLIB_LDFLAGS
|
|
- BUILD: makefile: support ENGINE_CFLAGS
|
|
- BUILD: makefile: support OPENSSL_CFLAGS and OPENSSL_LDFLAGS
|
|
- BUILD: makefile: support WOLFSSL_CFLAGS and WOLFSSL_LDFLAGS
|
|
- BUILD: makefile: support LUA_CFLAGS and LUA_LDFLAGS
|
|
- BUILD: makefile: support DEVICEATLAS_CFLAGS and DEVICEATLAS_LDFLAGS
|
|
- BUILD: makefile: support PCRE[2]_CFLAGS and PCRE[2]_LDFLAGS
|
|
- BUILD: makefile: refactor support for 51DEGREES v3/v4
|
|
- BUILD: makefile: support WURFL_CFLAGS and WURFL_LDFLAGS
|
|
- BUILD: makefile: make all OpenSSL variants use the same settings
|
|
- BUILD: makefile: remove the special case of the SSL option
|
|
- BUILD: makefile: only consider settings from enabled options
|
|
- BUILD: makefile: also list per-option settings in 'make opts'
|
|
- BUG/MINOR: debug: don't mask the TH_FL_STUCK flag before dumping threads
|
|
- MINOR: cfgparse-ssl: avoid a possible crash on OOM in ssl_bind_parse_npn()
|
|
- BUG/MINOR: ssl: Missing goto in error path in ocsp update code
|
|
- BUG/MINOR: stick-table: report the correct action name in error message
|
|
- CI: Improve headline in matrix.py
|
|
- CI: Add in-memory cache for the latest OpenSSL/LibreSSL
|
|
- CI: Use proper `if` blocks instead of conditional expressions in matrix.py
|
|
- CI: Unify the `GITHUB_TOKEN` name across matrix.py and vtest.yml
|
|
- CI: Explicitly check environment variable against `None` in matrix.py
|
|
- CI: Reformat `matrix.py` using `black`
|
|
- MINOR: config: add environment variables for default log format
|
|
- REGTESTS: Remove REQUIRE_VERSION=1.9 from all tests
|
|
- REGTESTS: Remove REQUIRE_VERSION=2.0 from all tests
|
|
- REGTESTS: Remove tests with REQUIRE_VERSION_BELOW=1.9
|
|
- BUG/MINOR: http-fetch: Only fill txn status during prefetch if not already set
|
|
- BUG/MAJOR: buf: Fix copy of wrapping output data when a buffer is realigned
|
|
- DOC: config: fix alphabetical ordering of http-after-response rules
|
|
- MINOR: http-rules: Add missing actions in http-after-response ruleset
|
|
- DOC: config: remove duplicated "http-response sc-set-gpt0" directive
|
|
- BUG/MINOR: proxy: free orgto_hdr_name in free_proxy()
|
|
- REGTEST: fix the race conditions in json_query.vtc
|
|
- REGTEST: fix the race conditions in add_item.vtc
|
|
- REGTEST: fix the race conditions in digest.vtc
|
|
- REGTEST: fix the race conditions in hmac.vtc
|
|
- BUG/MINOR: fd: avoid bad tgid assertion in fd_delete() from deinit()
|
|
- BUG/MINOR: http: Memory leak of http redirect rules' format string
|
|
- MEDIUM: stick-table: set the track-sc limit at boottime via tune.stick-counters
|
|
- MINOR: stick-table: implement the sc-add-gpc() action
|
|
|
|
2022/12/01 : 2.8-dev0
|
|
- MINOR: version: mention that it's development again
|
|
|
|
2022/12/01 : 2.7.0
|
|
- MINOR: ssl: forgotten newline in error messages on ca-file
|
|
- BUG/MINOR: ssl: shut the ca-file errors emitted during httpclient init
|
|
- DOC: config: provide some configuration hints for "http-reuse"
|
|
- DOC: config: refer to section about quoting in the "add_item" converter
|
|
- DOC: halog: explain how to use -ac and -ad in the help message
|
|
- DOC: config: clarify the fact that SNI should not be used in HTTP scenarios
|
|
- DOC: config: mention that a single monitor-uri rule is supported
|
|
- DOC: config: explain how default matching method for ACL works
|
|
- DOC: config: clarify the fact that "retries" is not just for connections
|
|
- BUILD: halog: fix missing double-quote at end of help line
|
|
- DOC: config: clarify the -m dir and -m dom pattern matching methods
|
|
- MINOR: activity: report uptime in "show activity"
|
|
- REORG: activity/cli: move the "show activity" handler to activity.c
|
|
- DEV: poll: add support for epoll
|
|
- DEV: tcploop: centralize the polling code into wait_for_fd()
|
|
- DEV: tcploop: add support for POLLRDHUP when supported
|
|
- DEV: tcploop: do not report an error on POLLERR
|
|
- DEV: tcploop: add optional support for epoll
|
|
- SCRIPTS: announce-release: add a link to the data plane API
|
|
- CLEANUP: stick-table: fill alignment holes in the stktable struct
|
|
- MINOR: stick-table: store a per-table hash seed and use it
|
|
- MINOR: stick-table: show the shard number in each entry's "show table" output
|
|
- CLEANUP: ncbuf: remove ncb_blk args by value
|
|
- CLEANUP: ncbuf: inline small functions
|
|
- CLEANUP: ncbuf: use standard BUG_ON with DEBUG_STRICT
|
|
- BUG/MINOR: quic: Endless loop during retransmissions
|
|
- MINOR: mux-h2: add the expire task and its expiration date in "show fd"
|
|
- BUG/MINOR: peers: always initialize the stksess shard value
|
|
- REGTESTS: fix peers-related regtests regarding "show table"
|
|
- BUG/MEDIUM: mux-h1: Close client H1C on EOS when there is no output data
|
|
- MINOR: stick-table: change the API of the function used to calculate the shard
|
|
- CLEANUP: peers: factor out the key len calculation in received updates
|
|
- BUG/MINOR: peers: always update the stksess shard number on incoming updates
|
|
- CLEANUP: assorted typo fixes in the code and comments
|
|
- MINOR: mux-h1: add the expire task and its expiration date in "show fd"
|
|
- MINOR: debug: improve error handling on the memstats command parser
|
|
- BUILD: quic: allow build with USE_QUIC and USE_OPENSSL_WOLFSSL
|
|
- CLEANUP: anon: clarify the help message on "debug dev hash"
|
|
- MINOR: debug: relax access restrictions on "debug dev hash" and "memstats"
|
|
- SCRIPTS: run-regtests: add a version check
|
|
- MINOR: version: mention that it's stable now
|
|
|
|
2022/11/24 : 2.7-dev10
|
|
- MEDIUM: tcp-act: add parameter rst-ttl to silent-drop
|
|
- BUG/MAJOR: quic: Crash upon retransmission of dgrams with several packets
|
|
- MINOR: cli: print parsed command when not found
|
|
- BUG/MAJOR: quic: Crash after discarding packet number spaces
|
|
- CLEANUP: quic: replace "choosen" with "chosen" all over the code
|
|
- MINOR: cli/pools: store "show pools" results into a temporary array
|
|
- MINOR: cli/pools: add sorting capabilities to "show pools"
|
|
- MINOR: cli/pools: add pool name filtering capability to "show pools"
|
|
- DOC: configuration: fix quic prefix typo
|
|
- MINOR: quic: report error if force-retry without cluster-secret
|
|
- MINOR: global: generate random cluster.secret if not defined
|
|
- BUG/MINOR: resolvers: do not run the timeout task when there's no resolution
|
|
- BUG/MINOR: server/idle: at least use atomic stores when updating max_used_conns
|
|
- MINOR: server/idle: make the next_takeover index per-tgroup
|
|
- BUILD: listener: fix build warning on global_listener_rwlock without threads
|
|
- BUG/MAJOR: sched: protect task during removal from wait queue
|
|
- BUILD: sched: fix build with DEBUG_THREAD with the previous commit
|
|
- DOC: quic: add note on performance issue with listener contention
|
|
- BUG/MINOR: cfgparse-listen: fix ebpt_next_dup pointer dereference on proxy "from" inheritance
|
|
- BUG/MINOR: log: fix parse_log_message rfc5424 size check
|
|
- CLEANUP: arg: remove extra check in make_arg_list arg escaping
|
|
- CLEANUP: tools: extra check in utoa_pad
|
|
- MINOR: h1: Consider empty port as invalid in authority for CONNECT
|
|
- MINOR: http: Considere empty ports as valid default ports
|
|
- BUG/MINOR: http-htx: Normalized absolute URIs with an empty port
|
|
- BUG/MINOR: h1: Replace authority validation to conform RFC3986
|
|
- REG-TESTS: http: Add more tests about authority/host matching
|
|
- BUG/MINOR: http-htx: Don't consider an URI as normalized after a set-uri action
|
|
- BUG/MEDIUM: mux-h1: Don't release H1C on timeout if there is a SC attached
|
|
- BUG/MEDIUM: mux-h1: Subscribe for reads on error on sending path
|
|
- BUILD: http-htx: Silent build error about a possible NULL start-line
|
|
- DOC: configuration.txt: add default_value for table_idle signature
|
|
- BUILD: ssl-sock: Silent error about NULL deref in ssl_sock_bind_verifycbk()
|
|
- BUG/MEDIUM: mux-h1: Remove H1C_F_WAIT_NEXT_REQ flag on a next request
|
|
- BUG/MINOR: mux-h1: Fix handling of 408-Request-Time-Out
|
|
- MINOR: mux-h1: Remove H1C_F_WAIT_NEXT_REQ in functions handling errors
|
|
- MINOR: mux-h1: Avoid useless call to h1_send() if no error is sent
|
|
- DOC: configuration.txt: fix typo in table_idle signature
|
|
- BUILD: stick-tables: fix build breakage in xxhash on older compilers
|
|
- BUILD: compiler: include compiler's definitions before ours
|
|
- BUILD: quic: global.h is needed in cfgparse-quic
|
|
- CLEANUP: tools: do not needlessly include xxhash nor cli from tools.h
|
|
- BUILD: flags: really restrict the cases where flags are exposed
|
|
- BUILD: makefile: minor reordering of objects by build time
|
|
- BUILD: quic: silence two invalid build warnings at -O1 with gcc-6.5
|
|
- BUILD: quic: use openssl-compat.h instead of openssl/ssl.h
|
|
- MEDIUM: ssl: add minimal WolfSSL support with OpenSSL compatibility mode
|
|
- MINOR: sample: make the rand() sample fetch function use the statistical_prng
|
|
- MINOR: auth: silence null dereference warning in check_user()
|
|
- CLEANUP: peers: fix format string for status messages (int signedness)
|
|
- CLEANUP: qpack: fix format string in debugging code (int signedness)
|
|
- CLEANUP: qpack: properly use the QPACK macros not HPACK ones in debug code
|
|
- BUG/MEDIUM: quic: fix datagram dropping on queueing failed
|
|
|
|
2022/11/18 : 2.7-dev9
|
|
- BUILD: quic: QUIC mux build fix for 32-bit build
|
|
- BUILD: scripts: disable tests build on QuicTLS build
|
|
- BUG/MEDIUM: httpclient: segfault when the httpclient parser fails
|
|
- BUILD: ssl_sock: fix null dereference for QUIC build
|
|
- BUILD: quic: Fix build for m68k cross-compilation
|
|
- BUG/MINOR: quic: fix buffer overflow on retry token generation
|
|
- MINOR: quic: add version field on quic_rx_packet
|
|
- MINOR: quic: extend pn_offset field from quic_rx_packet
|
|
- MINOR: quic: define first packet flag
|
|
- MINOR: quic: extract connection retrieval
|
|
- MINOR: quic: split and rename qc_lstnr_pkt_rcv()
|
|
- MINOR: quic: refactor packet drop on reception
|
|
- MINOR: quic: extend Retry token check function
|
|
- BUG/MINOR: log: Preserve message facility when the log target is a ring buffer
|
|
- BUG/MINOR: ring: Properly parse connect timeout
|
|
- BUG/MEDIUM: httpclient/lua: crash when the lua task timeout before the httpclient
|
|
- BUG/MEDIUM: httpclient: check if the httpclient was released in the IO handler
|
|
- REGTESTS: httpclient/lua: test the lua task timeout with the httpclient
|
|
- CI: github: dump the backtrace of coredumps in the alpine container
|
|
- BUILD: Makefile: add "USE_SHM_OPEN" on the linux-musl target
|
|
- DOC: lua: add a note about compression w/ httpclient
|
|
- CLEANUP: mworker/cli: rename the status function to loadstatus
|
|
- MINOR: mworker/cli: does no try to dump the startup-logs w/o USE_SHM_OPEN
|
|
- MINOR: list: fixing typo in MT_LIST_LOCK_ELT
|
|
- DOC/MINOR: list: fixing MT_LIST_LOCK_ELT macro documentation
|
|
- MINOR: list: adding MT_LIST_APPEND_LOCKED macro
|
|
- BUG/MINOR: mux-quic: complete flow-control for uni streams
|
|
- BUG/MEDIUM: compression: handle rewrite errors when updating response headers
|
|
- MINOR: quic: do not crash on unhandled sendto error
|
|
- MINOR: quic: display unknown error sendto counter on stat page
|
|
- MINOR: peers: Support for peer shards
|
|
- MINOR: peers: handle multiple resync requests using shards
|
|
- BUG/MINOR: sink: Only use backend capability for the sink proxies
|
|
- BUG/MINOR: sink: Set default connect/server timeout for implicit ring buffers
|
|
- MINOR: ssl: add the SSL error string when failing to load a certificate
|
|
- MINOR: ssl: add the SSL error string before the chain
|
|
- MEDIUM: ssl: be stricter about chain error
|
|
- BUG/MAJOR: stick-table: don't process store-response rules for applets
|
|
- MINOR: quic: remove unnecessary quic_session_accept()
|
|
- BUG/MINOR: quic: fix subscribe operation
|
|
- BUG/MINOR: log: fixing bug in tcp syslog_io_handler Octet-Counting
|
|
- MINOR: ssl: dump the SSL string error when SSL_CTX_use_PrivateKey() failed.
|
|
- MINOR: quic: add counter for interrupted reception
|
|
- BUG/MINOR: quic: fix race condition on datagram purging
|
|
- CI: add monthly gcc cross compile jobs
|
|
- CLEANUP: assorted typo fixes in the code and comments
|
|
- CLEANUP: ssl: remove dead code in ssl_sock_load_pem_into_ckch()
|
|
- BUG/MINOR: httpclient: fixed memory allocation for the SSL ca_file
|
|
- BUG/MINOR: ssl: Memory leak of DH BIGNUM fields
|
|
- BUG/MINOR: ssl: Memory leak of AUTHORITY_KEYID struct when loading issuer
|
|
- BUG/MINOR: ssl: ocsp structure not freed properly in case of error
|
|
- CI: switch to the "latest" LibreSSL
|
|
- CI: enable QUIC for LibreSSL builds
|
|
- BUG/MEDIUM: ssl: Verify error codes can exceed 63
|
|
- MEDIUM: ssl: {ca,crt}-ignore-err can now use error constant name
|
|
- MINOR: ssl: x509_v_err_str converter transforms an integer to a X509_V_ERR name
|
|
- CLEANUP: cli: rename dynamic error printing state
|
|
- MINOR: cli: define usermsgs print context
|
|
- MINOR: server: clear prefix on stderr logs after add server
|
|
- BUG/MINOR: ssl: bind_conf is uncorrectly accessed when using QUIC
|
|
- BUILD: ssl_utils: fix build on gcc versions before 8
|
|
- BUILD: debug: remove unnecessary quotes in HA_WEAK() calls
|
|
- CI: emit the compiler's version in the build reports
|
|
- IMPORT: xxhash: update xxHash to version 0.8.1
|
|
- IMPORT: slz: declare len to fix debug build when optimal match is enabled
|
|
- IMPORT: slz: mention the potential header in slz_finish()
|
|
- IMPORT: slz: define and use a __fallthrough statement for switch/case
|
|
- BUILD: compiler: add a macro to detect if another one is set and equals 1
|
|
- BUILD: compiler: add a default definition for __has_attribute()
|
|
- BUILD: compiler: define a __fallthrough statement for switch/case
|
|
- BUILD: sample: use __fallthrough in smp_is_rw() and smp_dup()
|
|
- BUILD: quic: use __fallthrough in quic_connect_server()
|
|
- BUILD: ssl/crt-list: use __fallthrough in cli_io_handler_add_crtlist()
|
|
- BUILD: ssl: use __fallthrough in cli_io_handler_commit_{cert,cafile_crlfile}()
|
|
- BUILD: ssl: use __fallthrough in cli_io_handler_tlskeys_files()
|
|
- BUILD: hlua: use __fallthrough in hlua_post_init_state()
|
|
- BUILD: stream: use __fallthrough in stats_dump_full_strm_to_buffer()
|
|
- BUILD: tcpcheck: use __fallthrough in check_proxy_tcpcheck()
|
|
- BUILD: stats: use __fallthrough in stats_dump_proxy_to_buffer()
|
|
- BUILD: peers: use __fallthrough in peer_io_handler()
|
|
- BUILD: hash: use __fallthrough in hash_djb2()
|
|
- BUILD: tools: use __fallthrough in url_decode()
|
|
- BUILD: args: use __fallthrough in make_arg_list()
|
|
- BUILD: acl: use __fallthrough in parse_acl_expr()
|
|
- BUILD: spoe: use __fallthrough in spoe_handle_appctx()
|
|
- BUILD: logs: use __fallthrough in build_log_header()
|
|
- BUILD: check: use __fallthrough in __health_adjust()
|
|
- BUILD: http_act: use __fallthrough in parse_http_del_header()
|
|
- BUILD: h1_htx: use __fallthrough in h1_parse_chunk()
|
|
- BUILD: vars: use __fallthrough in var_accounting_{diff,add}()
|
|
- BUILD: map: use __fallthrough in cli_io_handler_*()
|
|
- BUILD: compression: use __fallthrough in comp_http_payload()
|
|
- BUILD: stconn: use __fallthrough in various shutw() functions
|
|
- BUILD: prometheus: use __fallthrough in promex_dump_metrics() and IO handler()
|
|
- CLEANUP: ssl: remove printf in bind_parse_ignore_err
|
|
- BUG/MINOR: ssl: crt-ignore-err memory leak with 'all' parameter
|
|
- BUG/MINOR: ssl: Fix potential overflow
|
|
- CLEANUP: stick-table: remove the unused table->exp_next
|
|
- OPTIM: stick-table: avoid atomic ops in stktable_requeue_exp() when possible
|
|
- BUG/MEDIUM: stick-table: fix a race condition when updating the expiration task
|
|
- MEDIUM: http-ana: remove set-cookie2 support
|
|
- BUG/MEDIUM: wdt/clock: properly handle early task hangs
|
|
- MINOR: deinit: add a "quick-exit" option to bypass the deinit step
|
|
- OPTIM: ebtree: make ebmb_insert_prefix() keep a copy the new node's pfx
|
|
- OPTIM: ebtree: make ebmb_insert_prefix() keep a copy the new node's key
|
|
- MINOR: ssl: ssl_sock_load_cert_chain() display error strings
|
|
- MINOR: ssl: reintroduce ERR_GET_LIB(ret) == ERR_LIB_PEM in ssl_sock_load_pem_into_ckch()
|
|
- BUG/MINOR: http-htx: Fix error handling during parsing http replies
|
|
- BUG/MINOR: resolvers: Don't wait periodic resolution on healthcheck failure
|
|
- BUG/MINOR: resolvers: Set port before IP address when processing SRV records
|
|
- BUG/MINOR: mux-fcgi: Be sure to send empty STDING record in case of zero-copy
|
|
- BUG/MEDIUM: mux-fcgi: Avoid value length overflow when it doesn't fit at once
|
|
- BUG/MINOR: ssl: SSL_load_error_strings might not be defined
|
|
- MINOR: pool/debug: create a new pool_alloc_flag() macro
|
|
- MINOR: dynbuf: switch allocation and release to macros to better track users
|
|
- BUG/MINOR: mux-h1: Do not send a last null chunk on body-less answers
|
|
- REG-TESTS: cache: Remove T-E header for 304-Not-Modified responses
|
|
- DOC: config: fix alphabetical ordering of global section
|
|
- MINOR: trace: split the CLI "trace" parser in CLI vs statement
|
|
- MEDIUM: trace: create a new "trace" statement in the "global" section
|
|
- BUG/MEDIUM: ring: fix creation of server in uninitialized ring
|
|
- BUILD: quic: fix dubious 0-byte overflow on qc_release_lost_pkts
|
|
- BUILD: makefile: mark poll and tcploop targets as phony
|
|
- BUILD: makefile: properly pass CC to sub-projects
|
|
- BUILD: makefile: move default verbosity settings to include/make/verbose.mk
|
|
- BUILD: makefile: use $(cmd_MAKE) in quiet mode
|
|
- BUILD: makefile: move the compiler option detection stuff to compiler.mk
|
|
- DEV: poll: make the connect() step an action as well
|
|
- DEV: poll: strip the "do_" prefix from reported function names
|
|
- DEV: poll: indicate the FD's side in front of its value
|
|
- BUG/MINOR: pool/cli: use ullong to report total pool usage in bytes
|
|
- MINOR: mux-h1: Remove usless code inside shutr callback
|
|
- CLEANUP: mux-h1; Rename H1S_F_ERROR flag into H1S_F_ERROR_MASK
|
|
- REORG: mux-h1: Reorg the H1C structure
|
|
- CLEANUP: mux-h1: Rename H1C_F_ST_ERROR and H1C_F_ST_SILENT_SHUT flags
|
|
- MINOR: mux-h1: Add a dedicated enum to deal with H1 connection state
|
|
- MEDIUM: mux-h1: Handle H1C states via its state field instead of H1C_F_ST_*
|
|
- MINOR: mux-h1: Don't handle subscribe for reads in h1_process_demux()
|
|
- CLEANUP: mux-h1: Rename H1C_F_ERR_PENDING into H1C_F_ABRT_PENDING
|
|
- MINOR: mux-h1: Add flag on H1 stream to deal with internal errors
|
|
- MEDIUM: mux-h1: Rely on the H1C to deal with shutdown for reads
|
|
- CLEANUP: mux-h1: Reorder H1 connection flags to avoid holes
|
|
- MEDIUM: mux-h1: Don't report a final error whe a message is aborted
|
|
- MEDIUM: mux-pt: Don't always set a final error on SE on the sending path
|
|
- MEDIUM: mux-h2: Introduce flags to deal with connection read/write errors
|
|
- CLEANUP: mux-h2: Remove unused fields in h2c structures
|
|
- MEDIUM: mux-fcgi: Introduce flags to deal with connection read/write errors
|
|
- MINOR: sconn: Set SE_FL_ERROR only when there is no more data to read
|
|
- MINOR: mux-h1: Rely on a H1S flag to know a WS key was found or not
|
|
- DOC: lua-api: Remove warning about the lua filters
|
|
- BUG/MEDIUM: listener: Fix race condition when updating the global mngmt task
|
|
- CLEANUP: listener: Remove useless task_queue from manage_global_listener_queue
|
|
- BUG/MINOR: mux-h1: Fix error handling when H1S allocation failed on client side
|
|
- DOC: internal: commit notes about polling states and flags
|
|
- DOC: internal: commit notes about polling states and flags on connect()
|
|
- CLEANUP: mux-h1: Don't test h1c in h1_shutw_conn()
|
|
- BUG/MINOR: http_ana/txn: don't re-initialize txn and req var lists
|
|
- BUG/MEDIUM: raw-sock: Don't report connection error if something was received
|
|
- BUG/MINOR: ssl: don't initialize the keylog callback when not required
|
|
- BUILD: Makefile: enable USE_SHM_OPEN by default on freebsd
|
|
- BUG/MEDIUM: peers: messages about unkown tables not correctly ignored
|
|
- MINOR: cfgparse: Always check the section position
|
|
- MEDIUM: thread: Restric nbthread/thread-group(s) to very first global sections
|
|
- BUILD: peers: Remove unused variables
|
|
- MINOR: ncbuf: complete doc for ncb_advance()
|
|
- BUG/MEDIUM: quic: fix unsuccessful handshakes on ncb_advance error
|
|
- BUG/MEDIUM: quic: fix memleak for out-of-order crypto data
|
|
- MINOR: quic: complete traces/debug for handshake
|
|
|
|
2022/10/14 : 2.7-dev8
|
|
- BUG/MINOR: checks: update pgsql regex on auth packet
|
|
- DOC: config: Fix pgsql-check documentation to make user param mandatory
|
|
- CLEANUP: mux-quic: remove usage of non-standard ull type
|
|
- CLEANUP: quic: remove global var definition in quic_tls header
|
|
- BUG/MINOR: quic: adjust quic_tls prototypes
|
|
- CLEANUP: quic: fix headers
|
|
- CLEANUP: quic: remove unused function prototype
|
|
- CLEANUP: quic: remove duplicated varint code from xprt_quic.h
|
|
- CLEANUP: quic: create a dedicated quic_conn module
|
|
- BUG/MINOR: mux-quic: ignore STOP_SENDING for locally closed stream
|
|
- BUG/MEDIUM: lua: Don't crash in hlua_lua2arg_check on failure
|
|
- BUG/MEDIUM: lua: handle stick table implicit arguments right.
|
|
- BUILD: h1: silence an initiialized warning with gcc-4.7 and -Os
|
|
- MINOR: fd: add a new function to only raise RLIMIT_NOFILE
|
|
- MINOR: init: do not try to shrink existing RLIMIT_NOFIlE
|
|
- BUG/MINOR: http-fetch: Update method after a prefetch in smp_fetch_meth()
|
|
- BUILD: http_fetch: silence an uninitiialized warning with gcc-4/5/6 at -Os
|
|
- BUG/MINOR: hlua: hlua_channel_insert_data() behavior conflicts with documentation
|
|
- MINOR: quic: limit usage of ssl_sock_ctx in favor of quic_conn
|
|
- MINOR: mux-quic: check quic-conn return code on Tx
|
|
- CLEANUP: quic: fix indentation
|
|
- MEDIUM: quic: retrieve frontend destination address
|
|
- CLEANUP: Reapply ist.cocci (2)
|
|
- CLEANUP: Reapply strcmp.cocci
|
|
- CLEANUP: quic/receiver: remove the now unused tx_qring list
|
|
- BUG/MINOR: quic: set IP_PKTINFO socket option for QUIC receivers only
|
|
- MINOR: hlua: some luaL_checktype() calls were not guarded with MAY_LJMP
|
|
- DOC: configuration: missing 'if' in tcp-request content example
|
|
- MINOR: hlua: removing ambiguous lua_pushvalue with 0 index
|
|
- BUG/MAJOR: stick-tables: do not try to index a server name for applets
|
|
- MINOR: plock: support disabling exponential back-off
|
|
- MINOR: freq_ctr: use the thread's local time whenever possible
|
|
- MEDIUM: stick-table: switch the table lock to rwlock
|
|
- MINOR: stick-table: do not take an exclusive lock when downing ref_cnt
|
|
- MINOR: stick-table: move the write lock inside stktable_touch_with_exp()
|
|
- MEDIUM: stick-table: only take the lock when needed in stktable_touch_with_exp()
|
|
- MEDIUM: stick-table: make stksess_kill_if_expired() avoid the exclusive lock
|
|
- MEDIUM: stick-table: return inserted entry in __stktable_store()
|
|
- MEDIUM: stick-table: free newly allocated stkess if it couldn't be inserted
|
|
- MEDIUM: stick-table: switch to rdlock in stktable_lookup() and lookup_key()
|
|
- MEDIUM: stick-table: make stktable_get_entry() look up under a read lock
|
|
- MEDIUM: stick-table: do not take a lock to update t->current anymore.
|
|
- MEDIUM: stick-table: make stktable_set_entry() look up under a read lock
|
|
- MEDIUM: stick-table: requeue the expiration task out of the exclusive lock
|
|
- MINOR: stick-table: split stktable_store() between key and requeue
|
|
- MEDIUM: stick-table: always use atomic ops to requeue the table's task
|
|
- MEDIUM: stick-table: requeue the wakeup task out of the write lock
|
|
- BUG/MINOR: stick-table: fix build with DEBUG_THREAD
|
|
- REORG: mux-fcgi: Extract flags and enums into mux_fcgi-t.h
|
|
- MINOR: flags/mux-fcgi: Decode FCGI connection and stream flags
|
|
- BUG/MEDIUM: mux-h1: Add connection error handling when reading/sending on a pipe
|
|
- BUG/MEDIUM: mux-h1: Handle abort with an incomplete message during parsing
|
|
- BUG/MINOR: server: make sure "show servers state" hides private bits
|
|
- MINOR: checks: use the lighter PRNG for spread checks
|
|
- MEDIUM: checks: spread the checks load over random threads
|
|
- CI: SSL: use proper version generating when "latest" semantic is used
|
|
- CI: SSL: temporarily stick to LibreSSL=3.5.3
|
|
- MINOR: quic: New quic_cstream object implementation
|
|
- MINOR: quic: Extract CRYPTO frame parsing from qc_parse_pkt_frms()
|
|
- MINOR: quic: Use a non-contiguous buffer for RX CRYPTO data
|
|
- BUG/MINOR: quic: Stalled 0RTT connections with big ClientHello TLS message
|
|
- MINOR: quic: Split the secrets key allocation in two parts
|
|
- CLEANUP: quic: remove unused rxbufs member in receiver
|
|
- CLEANUP: quic: improve naming for rxbuf/datagrams handling
|
|
- MINOR: quic: implement datagram cleanup for quic_receiver_buf
|
|
- MINOR: ring: ring_cast_from_area() cast from an allocated area
|
|
- MINOR: buffers: split b_force_xfer() into b_cpy() and b_force_xfer()
|
|
- MINOR: logs: startup-logs can use a shm for logging the reload
|
|
- MINOR: mworker/cli: reload command displays the startup-logs
|
|
- MEDIUM: quic: respect the threads assigned to a bind line
|
|
- DOC: management: update the "reload" command of the master CLI
|
|
- BUILD: ssl_sock: bind_conf uninitialized in ssl_sock_bind_verifycbk()
|
|
- BUG/MEDIUM: httpclient: Don't set EOM flag on an empty HTX message
|
|
- MINOR: httpclient/lua: Don't set req_payload callback if body is empty
|
|
- DOC/CLEANUP: lua-api: some minor corrections
|
|
- DOC: lua-api: updating toolbox link
|
|
- DOC/CLEANUP: lua-api: removing duplicate core.proxies attribute
|
|
- DOC: management: add forgotten "show startup-logs"
|
|
- DOC: management: "show startup-logs" for master CLI
|
|
- CI: Replace the deprecated `::set-output` command by writing to $GITHUB_OUTPUT in matrix.py
|
|
- CI: Replace the deprecated `::set-output` command by writing to $GITHUB_OUTPUT in workflow definition
|
|
|
|
2022/10/03 : 2.7-dev7
|
|
- BUG/MEDIUM: mux-quic: fix nb_hreq decrement
|
|
- CLEANUP: httpclient: deleted unused variables
|
|
- MINOR: httpclient: enabled the use of SNI presets
|
|
- OPTIM: hpack-huff: reduce the cache footprint of the huffman decoder
|
|
- BUG/MINOR: mux-quic: do not keep detached qcs with empty Tx buffers
|
|
- REORG: mux-quic: extract traces in a dedicated source file
|
|
- REORG: mux-quic: export HTTP related function in a dedicated file
|
|
- MINOR: mux-quic: refactor snd_buf
|
|
- BUG/MEDIUM: mux-quic: properly trim HTX buffer on snd_buf reset
|
|
- BUG/MINOR: mux-h1: Account consumed output data on synchronous connection error
|
|
- BUG/MINOR: log: improper behavior when escaping log data
|
|
- CLEANUP: tools: removing escape_chunk() function
|
|
- MINOR: clock: split local and global date updates
|
|
- MINOR: pollers: only update the local date during busy polling
|
|
- MINOR: clock: do not update the global date too often
|
|
- REGTESTS: 4be_1srv_smtpchk_httpchk_layer47errors: Return valid SMTP replies
|
|
- MINOR: smtpchk: Update expect rule to fully match replies to EHLO commands
|
|
- BUG/MINOR: smtpchk: SMTP Service check should gracefully close SMTP transaction
|
|
- MINOR: list: documenting mt_list_for_each_entry_safe() macro
|
|
- CLEANUP: list: Fix mt_list_for_each_entry_safe indentation
|
|
- BUG/MINOR: hlua: Remove \n in Lua error message built with memprintf
|
|
- MINOR: hlua: Allow argument on lua-lod(-per-thread) directives
|
|
- BUG/MINOR: anon: memory illegal accesses in tools.c with hash_anon and hash_ipanon
|
|
- MEDIUM: mworker/cli: keep the connection of the FD that ask for a reload
|
|
- BUG/MINOR: hlua: fixing ambiguous sizeof in hlua_load_per_thread
|
|
- MINOR: mworker/cli: replace close() by fd_delete()
|
|
- MINOR: mworker: store and shows loading status
|
|
- MINOR: mworker: mworker_cli_proxy_new_listener() returns a bind_conf
|
|
- MINOR: mworker: stores the mcli_reload bind_conf
|
|
- MINOR: mworker/cli: the mcli_reload bind_conf only send the reload status
|
|
- DOC: management: describe the new reload command behavior
|
|
- CLEANUP: list: fix again some style issues in the recent comments
|
|
- BUG/MINOR: stream: Perform errors handling in right order in stream_new()
|
|
- BUG/MEDIUM: stconn: Reset SE descriptor when we fail to create a stream
|
|
- BUG/MEDIUM: resolvers: Remove aborted resolutions from query_ids tree
|
|
- DOC: management: add timeout on the "reload" command
|
|
- BUG/MINOR: ring: fix the size check in ring_make_from_area()
|
|
- BUG/MINOR: config: don't count trailing spaces as empty arg
|
|
- Revert "BUG/MINOR: config: don't count trailing spaces as empty arg"
|
|
- BUG/MINOR: hlua: fixing hlua_http_msg_del_data behavior
|
|
- BUG/MINOR: hlua: fixing hlua_http_msg_insert_data behavior
|
|
- MINOR: cli: Add anonymization on a missed element for 'show sess all'
|
|
- MINOR: cli: remove error message with 'set anon on|off'
|
|
- MINOR: tools: modify hash_ipanon in order to use it in cli
|
|
- MINOR: cli: use hash_ipanon to anonymized address
|
|
- MINOR: cli: Add an anonymization on a missed element in 'show server state'
|
|
- MINOR: config: correct errors about argument number in condition in cfgparse.c
|
|
- MINOR: config: Add other keywords when dump the anonymized configuration file
|
|
- MINOR: config: Add option line when the configuration file is dumped
|
|
- MINOR: cli: correct commentary and replace 'set global-key' name
|
|
- MINOR: tools: Impprove hash_ipanon to support dgram sockets and port offsets
|
|
- MINOR: tools: Impprove hash_ipanon to not hash FD-based addresses
|
|
- BUG/MINOR: hlua: _hlua_http_msg_delete incorrect behavior when offset is used
|
|
- DOC: management: httpclient can resolve server names in URLs
|
|
- BUG/MINOR: hlua: prevent crash when loading numerous arguments using lua-load(per-thread)
|
|
- DOC/CLEANUP: lua-api: removing duplicate date functions doc
|
|
- MINOR: hlua: ambiguous lua_pushvalue with 0 index
|
|
- BUG/MINOR: config: don't count trailing spaces as empty arg (v2)
|
|
- BUG/MEDIUM: config: count line arguments without dereferencing the output
|
|
- BUG/MAJOR: conn-idle: fix hash indexing issues on idle conns
|
|
- BUG/MINOR: config: insufficient syntax check of the global "maxconn" value
|
|
- BUG/MINOR: backend: only enforce turn-around state when not redispatching
|
|
|
|
2022/09/17 : 2.7-dev6
|
|
- MINOR: Revert part of clarifying samples support per os commit
|
|
- BUILD: makefile: enable crypt(3) for NetBSD
|
|
- BUG/MINOR: quic: Retransmitted frames marked as acknowledged
|
|
- BUG/MINOR: quic: Possible crash with "tls-ticket-keys" on QUIC bind lines
|
|
- MINOR: http-check: Remove support for headers/body in "option httpchk" version
|
|
- BUG/MINOR: h1: Support headers case adjustment for TCP proxies
|
|
- BUG/MINOR: quic: Possible crash when verifying certificates
|
|
- BUILD: quic: add some ifdef around the SSL_ERROR_* for libressl
|
|
- BUILD: ssl: fix ssl_sock_switchtx_cbk when no client_hello_cb
|
|
- BUILD: quic: temporarly ignore chacha20_poly1305 for libressl
|
|
- BUILD: quic: enable early data only with >= openssl 1.1.1
|
|
- BUILD: ssl: fix the ifdef mess in ssl_sock_initial_ctx
|
|
- BUILD: quic: fix the #ifdef in ssl_quic_initial_ctx()
|
|
- MINOR: quic: add QUIC support when no client_hello_cb
|
|
- MINOR: quic: Add traces about sent or resent TX frames
|
|
- MINOR: quic: No TRACE_LEAVE() in retrieve_qc_conn_from_cid()
|
|
- BUG/MINOR: quic: Wrong connection ID to thread ID association
|
|
- BUG/MINOR: task: always reset a new tasklet's call date
|
|
- BUG/MINOR: task: make task_instant_wakeup() work on a task not a tasklet
|
|
- MINOR: task: permanently enable latency measurement on tasklets
|
|
- CLEANUP: task: rename ->call_date to ->wake_date
|
|
- BUG/MINOR: sched: properly account for the CPU time of dying tasks
|
|
- MINOR: sched: store the current profile entry in the thread context
|
|
- BUG/MINOR: stream/sched: take into account CPU profiling for the last call
|
|
- MINOR: tasks: do not keep cpu and latency times in struct task
|
|
- MINOR: tools: add generic pointer hashing functions
|
|
- CLEANUP: activity: make memprof use the generic ptr_hash() function
|
|
- CLEANUP: activity: make taskprof use ptr_hash()
|
|
- MINOR: debug: add struct ha_caller to describe a calling location
|
|
- CLEANUP: debug: use struct ha_caller for memstat
|
|
- DEBUG: task: define a series of wakeup types for tasks and tasklets
|
|
- DEBUG: task: use struct ha_caller instead of arrays of file:line
|
|
- DEBUG: applet: instrument appctx_wakeup() to log the caller's location
|
|
- DEBUG: task: simplify the caller recording in DEBUG_TASK
|
|
- CLEANUP: task: move tid and wake_date into the common part
|
|
- CLEANUP: sched: remove duplicate code in run_tasks_from_list()
|
|
- CLEANUP: activity: make the number of sched activity entries more configurable
|
|
- DEBUG: resolvers: unstatify process_resolvers() to make it appear in profiling
|
|
- DEBUG: quic: export the few task handlers that often appear in task dumps
|
|
- MEDIUM: tasks/activity: combine the called function with the caller
|
|
- MINOR: tasks/activity: improve the caller-callee activity hash
|
|
- MINOR: activity/cli: support aggregating task profiling outputs
|
|
- MINOR: activity/cli: support sorting task profiling by total CPU time
|
|
- BUG/MINOR: signals/poller: set the poller timeout to 0 when there are signals
|
|
- BUG/MINOR: quic: Speed up the handshake completion only one time
|
|
- BUG/MINOR: quic: Trace fix about packet number space information.
|
|
- BUG/MINOR: h3: Crash when h3 trace verbosity is "minimal"
|
|
- MINOR: h3: Add the quic_conn object to h3 traces
|
|
- MINOR: h3: Missing connection argument for a TRACE_LEAVE() argument
|
|
- MINOR: h3: Send the h3 settings with others streams (requests)
|
|
- MINOR: dev/udp: Apply the corruption to both directions
|
|
- BUILD: udp-perturb: Add a make target for udp-perturb tool
|
|
- BUG/MINOR: signals/poller: ensure wakeup from signals
|
|
- CI: cirrus-ci: bump FreeBSD image to 13-1
|
|
- DEV: flags: fix usage message to reflect available options
|
|
- DEV: flags: add missing CO_FL_FDLESS connection flag
|
|
- MINOR: flags: add a new file to host flag dumping macros
|
|
- MINOR: flags: implement a macro used to dump enums inside masks
|
|
- MINOR: flags/channel: use flag dumping for channel flags and analysers
|
|
- MINOR: flags/connection: use flag dumping for connection flags
|
|
- MINOR: flags/stconn: use flag dumping for stconn and sedesc flags
|
|
- MINOR: flags/stream: use flag dumping for stream error type
|
|
- MINOR: flags/stream: use flag dumping for stream flags
|
|
- MINOR: flags/task: use flag dumping for task state
|
|
- MINOR: flags/http_ana: use flag dumping for txn flags
|
|
- DEV: flags: remove the now unused SHOW_FLAG() definition
|
|
- DEV: flags: remove the now useless intermediary functions
|
|
- MINOR: flags/htx: use flag dumping to show htx and start-line flags
|
|
- MINOR: flags/http_ana: use flag dumping to show http msg states
|
|
- BUG/MEDIUM: proxy: ensure pause_proxy() and resume_proxy() own PROXY_LOCK
|
|
- MINOR: listener: small API change
|
|
- MINOR: proxy/listener: support for additional PAUSED state
|
|
- BUG/MINOR: stats: fixing stat shows disabled frontend status as 'OPEN'
|
|
- BUILD: flags: fix build warning in some macros used by show_flags
|
|
- BUILD: flags: fix the fallback macros for missing stdio
|
|
- CLEANUP: pollers: remove dead code in the polling loop
|
|
- BUG/MINOR: mux-h1: Increment open_streams counter when H1 stream is created
|
|
- REGTESTS: healthcheckmail: Relax matching on the healthcheck log message
|
|
- CLEANUP: listener: function comment typo in stop_listener()
|
|
- BUG/MINOR: listener: null pointer dereference suspected by coverity
|
|
- MINOR: flags/fd: decode FD flags states
|
|
- REORG: mux-h2: extract flags and enums into mux_h2-t.h
|
|
- MINOR: flags/mux-h2: decode H2C and H2S flags
|
|
- REGTESTS: log: test the log-forward feature
|
|
- BUG/MEDIUM: sink: bad init sequence on tcp sink from a ring.
|
|
- REGTESTS: ssl/log: test the log-forward with SSL
|
|
- MEDIUM: httpclient: httpclient_create_proxy() creates a proxy for httpclient
|
|
- MEDIUM: httpclient: allow to use another proxy
|
|
- DOC: fix TOC in starter guide for subsection 3.3.8. Statistics
|
|
- MINOR: httpclient: export httpclient_create_proxy()
|
|
- MEDIUM: quic: separate path for rx and tx with set_encryption_secrets
|
|
- BUG/MEDIUM: mux-quic: fix crash on early app-ops release
|
|
- REORG: mux-h1: extract flags and enums into mux_h1-t.h
|
|
- MINOR: flags/mux-h1: decode H1C and H1S flags
|
|
- CLEANUP: mux-quic: remove stconn usage in h3/hq
|
|
- BUG/MINOR: mux-quic: do not remotely close stream too early
|
|
- CLEANUP: exclude udp-perturb with .gitignore
|
|
- BUG/MEDIUM: server: segv when adding server with hostname from CLI
|
|
- CLEANUP: quic,ssl: fix tiny typos in C comments
|
|
- BUG/MEDIUM: captures: free() an error capture out of the proxy lock
|
|
- BUILD: fd: fix a build warning on the DWCAS
|
|
- MINOR: anon: add new macros and functions to anonymize contents
|
|
- MINOR: anon: store the anonymizing key in the global structure
|
|
- MINOR: anon: store the anonymizing key in the CLI's appctx
|
|
- MINOR: cli: anonymize commands 'show sess' and 'show sess all'
|
|
- MINOR: cli: anonymize 'show servers state' and 'show servers conn'
|
|
- MINOR: config: add command-line -dC to dump the configuration file
|
|
- SCRIPTS: announce-release: update some URLs to https
|
|
|
|
2022/09/02 : 2.7-dev5
|
|
- BUG/MINOR: mux-quic: Fix memleak on QUIC stream buffer for unacknowledged data
|
|
- BUG/MEDIUM: cpu-map: fix thread 1's affinity affecting all threads
|
|
- MINOR: cpu-map: remove obsolete diag warning about combined ranges
|
|
- BUG/MAJOR: mworker: fix infinite loop on master with no proxies.
|
|
- REGTESTS: launch http_reuse_always in mworker mode
|
|
- BUG/MINOR: quix: Memleak for non in flight TX packets
|
|
- BUG/MINOR: quic: Wrong list_for_each_entry() use when building packets from qc_do_build_pkt()
|
|
- BUG/MINOR: quic: Safer QUIC frame builders
|
|
- MINOR: quic: Replace MT_LISTs by LISTs for RX packets.
|
|
- BUG/MEDIUM: applet: fix incorrect check for abnormal return condition from handler
|
|
- BUG/MINOR: applet: make the call_rate only count the no-progress calls
|
|
- MEDIUM: peers: limit the number of updates sent at once
|
|
- BUILD: tcp_sample: fix build of get_tcp_info() on OpenBSD
|
|
- BUG/MINOR: resolvers: return the correct value in resolvers_finalize_config()
|
|
- BUG/MINOR: mworker: does not create the "default" resolvers in wait mode
|
|
- BUG/MINOR: tcpcheck: Disable QUICKACK only if data should be sent after connect
|
|
- REGTESTS: Fix prometheus script to perform HTTP health-checks
|
|
- MINOR: resolvers: shut the warning when "default" resolvers is implicit
|
|
- Revert "BUG/MINOR: quix: Memleak for non in flight TX packets"
|
|
- BUG/MINOR: quic: Leak in qc_release_lost_pkts() for non in flight TX packets
|
|
- BUG/MINOR: quic: Stalled connections (missing I/O handler wakeup)
|
|
- CLEANUP: quic: No more use ->rx_list MT_LIST entry point (quic_rx_packet)
|
|
- CLEANUP: quic: Remove a useless check in qc_lstnr_pkt_rcv()
|
|
- MINOR: quic: Remove useless traces about references to TX packets
|
|
- Revert "MINOR: quic: Remove useless traces about references to TX packets"
|
|
- DOC: configuration: do-resolve doesn't work with a port in the string
|
|
- MINOR: sample: add the host_only and port_only converters
|
|
- BUG/MINOR: httpclient: fix resolution with port
|
|
- DOC: configuration.txt: do-resolve must use host_only to remove its port.
|
|
- BUG/MINOR: quic: Null packet dereferencing from qc_dup_pkt_frms() trace
|
|
- BUG/MINOR: quic: Frames added to packets even if not built.
|
|
- BUG/MEDIUM: spoe: Properly update streams waiting for a ACK in async mode
|
|
- BUG/MEDIUM: peers: Add connect and server timeut to peers proxy
|
|
- BUG/MEDIUM: peers: Don't use resync timer when local resync is in progress
|
|
- BUG/MEDIUM: peers: Don't start resync on reload if local peer is not up-to-date
|
|
- BUG/MINOR: hlua: Rely on CF_EOI to detect end of message in HTTP applets
|
|
- BUG/MEDIUM: mux-h1: do not refrain from signaling errors after end of input
|
|
- BUG/MINOR: epoll: do not actively poll for Rx after an error
|
|
- MINOR: raw-sock: don't try to send if an error was already reported
|
|
- BUG/MINOR: quic: Missing header protection AES cipher context initialisations (draft-v2)
|
|
- MINOR: quic: Add a trace to distinguish the datagram from the packets inside
|
|
- BUG/MINOR: ssl: fix deinit of the ca-file tree
|
|
- BUG/MINOR: ssl: leak of ckch_inst_link in ckch_inst_free()
|
|
- BUG/MINOR: tcpcheck: Disable QUICKACK for default tcp-check (with no rule)
|
|
- BUG/MEDIUM: ssl: Fix a UAF when old ckch instances are released
|
|
- BUG/MINOR: ssl: revert two wrong fixes with ckhi_link
|
|
- BUG/MINOR: dev/udp: properly preset the rx address size
|
|
- BUILD: debug: make sure debug macros are never empty
|
|
- MINOR: quic: Move traces about RX/TX bytes from QUIC_EV_CONN_PRSAFRM event
|
|
- BUG/MINOR: quic: TX frames memleak
|
|
- BUG/MINOR: ssl: leak of ckch_inst_link in ckch_inst_free() v2
|
|
- MINOR: sink/ring: rotate non-empty file-backed contents only
|
|
- BUG/MINOR: regex: Properly handle PCRE2 lib compiled without JIT support
|
|
- REGTESTS: http_request_buffer: Add a barrier to not mix up log messages
|
|
- BUG/MEDIUM: mux-h1: always use RST to kill idle connections in pools
|
|
- MINOR: backend: always satisfy the first req reuse rule with l7 retries
|
|
- BUG/MINOR: quic: Do not ack when probing
|
|
- MINOR: quic: Add TX frames addresses to traces to several trace events
|
|
- MINOR: quic: Trace typo fix in qc_release_frm()
|
|
- BUG/MINOR: quic: Frames leak during retransmissions
|
|
- BUG/MINOR: h2: properly set the direction flag on HTX response
|
|
- BUG/MEDIUM: httpclient: always detach the caller before self-killing
|
|
- BUG/MINOR: httpclient: only ask for more room on failed writes
|
|
- BUG/MINOR: httpclient: keep-alive was accidentely disabled
|
|
- MEDIUM: httpclient: enable ALPN support on outgoing https connections
|
|
- BUG/MINOR: mux-h2: fix the "show fd" dest buffer for the subscriber
|
|
- BUG/MINOR: mux-h1: fix the "show fd" dest buffer for the subscriber
|
|
- BUG/MINOR: mux-fcgi: fix the "show fd" dest buffer for the subscriber
|
|
- DEBUG: stream: minor rearrangement of a few fields in struct stream.
|
|
- MINOR: debug: report applet pointer and handler in crashes when known
|
|
- MINOR: mux-h2: extract the stream dump function out of h2_show_fd()
|
|
- MINOR: mux-h2: extract the connection dump function out of h2_show_fd()
|
|
- MINOR: muxes: add a "show_sd" helper to complete "show sess" dumps
|
|
- MINOR: mux-h2: provide a "show_sd" helper to output stream debugging info
|
|
- MINOR: mux-h2: insert line breaks in "show sess all" output for legibility
|
|
- MINOR: mux-quic: provide a "show_sd" helper to output stream debugging info
|
|
- MINOR: mux-h1: split "show_fd" into connection and stream
|
|
- MINOR: mux-h1: provide a "show_sd" helper to output stream debugging info
|
|
- BUG/MINOR: http-act: initialize http fmt head earlier
|
|
|
|
2022/08/20 : 2.7-dev4
|
|
- BUG/MEDIUM: quic: Wrong packet length check in qc_do_rm_hp()
|
|
- MINOR: quic: Too much useless traces in qc_build_frms()
|
|
- BUG/MEDIUM: quic: Missing AEAD TAG check after removing header protection
|
|
- MINOR: quic: Replace pool_zalloc() by pool_malloc() for fake datagrams
|
|
- MINOR: debug: make the mem_stats section aligned to void*
|
|
- MINOR: debug: store and report the pool's name in struct mem_stats
|
|
- MINOR: debug: also store the function name in struct mem_stats
|
|
- MINOR: debug/memstats: automatically determine first column size
|
|
- MINOR: debug/memstats: permit to pass the size to free()
|
|
- CLEANUP: mux-quic: remove loop on sending frames
|
|
- MINOR: quic: replace custom buf on Tx by default struct buffer
|
|
- MINOR: quic: release Tx buffer on each send
|
|
- MINOR: quic: refactor datagram commit in Tx buffer
|
|
- MINOR: quic: skip sending if no frame to send in io-cb
|
|
- BUG/MINOR: mux-quic: open stream on STOP_SENDING
|
|
- BUG/MINOR: quic: fix crash on handshake io-cb for null next enc level
|
|
- BUG/MEDIUM: quic: always remove the connection from the accept list on close
|
|
- BUG/MEDIUM: poller: use fd_delete() to release the poller pipes
|
|
- BUG/MEDIUM: task: relax one thread consistency check in task_unlink_wq()
|
|
- MEDIUM: quic: xprt traces rework
|
|
- BUILD: stconn: fix build warning at -O3 about possible null sc
|
|
- MINOR: quic: Remove useless lock for RX packets
|
|
- BUG/MINOR: quic: Possible infinite loop in quic_build_post_handshake_frames()
|
|
- CLEANUP: quic: Remove trailing spaces
|
|
- MINOR: mux-quic: adjust enter/leave traces
|
|
- MINOR: mux-quic: define protocol error traces
|
|
- CLEANUP: mux-quic: adjust traces level
|
|
- MINOR: mux-quic: define new traces
|
|
- BUG/MEDIUM: mux-quic: fix crash due to invalid trace arg
|
|
- BUG/MEDIUM: quic: Possible use of uninitialized <odcid> variable in qc_lstnr_params_init()
|
|
- BUG/MEDIUM: ring: fix too lax 'size' parser
|
|
- BUG/MEDIUM: quic: Wrong use of <token_odcid> in qc_lsntr_pkt_rcv()
|
|
- BUILD: ring: forward-declare struct appctx to avoid a build warning
|
|
- MINOR: ring: support creating a ring from a linear area
|
|
- MINOR: ring: add support for a backing-file
|
|
- DEV: haring: add a simple utility to read file-backed rings
|
|
- DEV: haring: support remapping LF in contents with CR VT
|
|
- BUG/MINOR: quic: memleak on wrong datagram receipt
|
|
- BUILD: sink: replace S_IRUSR, S_IWUSR with their octal value
|
|
- MINOR: ring: archive a previous file-backed ring on startup
|
|
- BUG/MINOR: mux-quic: fix crash with traces in qc_detach()
|
|
- BUG/MINOR: quic: MIssing check when building TX packets
|
|
- BUG/MINOR: quic: Wrong status returned by qc_pkt_decrypt()
|
|
- MINOR: memprof: export the minimum definitions for memory profiling
|
|
- MINOR: pool/memprof: report pool alloc/free in memory profiling
|
|
- MINOR: pools/memprof: store and report the pool's name in each bin
|
|
- MINOR: chunk: inline alloc_trash_chunk()
|
|
- MINOR: stick-table: Add table_expire() and table_idle() new converters
|
|
- CLEANUP: exclude haring with .gitignore
|
|
- MINOR: quic: adjust quic_frame flag manipulation
|
|
- MINOR: h3: report error on control stream close
|
|
- MINOR: qpack: report error on enc/dec stream close
|
|
- BUG/MEDIUM: mux-quic: reject uni stream ID exceeding flow control
|
|
- MINOR: mux-quic: adjust traces on stream init
|
|
- MINOR: mux-quic: add missing args on some traces
|
|
- MINOR: quic: refactor application send
|
|
- BUG/MINOR: quic: do not notify MUX on frame retransmit
|
|
- BUG/MEDIUM: http-ana: fix crash or wrong header deletion by http-restrict-req-hdr-names
|
|
- BUG/MINOR: quic: Missing initializations for ducplicated frames.
|
|
- BUG/MEDIUM: quic: fix crash on MUX send notification
|
|
- REORG: h2: extract cookies concat function in http_htx
|
|
- REGTESTS: add test for HTTP/2 cookies concatenation
|
|
- MEDIUM: h3: concatenate multiple cookie headers
|
|
- MINOR: applet: add a function to reset the svcctx of an applet
|
|
- BUG/MEDIUM: cli: always reset the service context between commands
|
|
- BUG/MEDIUM: mux-h2: do not fiddle with ->dsi to indicate demux is idle
|
|
- MINOR: mux-h2/traces: report transition to SETTINGS1 before not after
|
|
- MINOR: mux-h2: make streams know if they need to send more data
|
|
- BUG/MINOR: mux-h2: send a CANCEL instead of ES on truncated writes
|
|
- BUG/MINOR: quic: Possible crashes when dereferencing ->pkt quic_frame struct member
|
|
- MINOR: quic: Add frame addresses to QUIC_EV_CONN_PRSAFRM event traces
|
|
- BUG/MINOR: quic: Wrong splitted duplicated frames handling
|
|
- MINOR: quic: Add the QUIC connection to mux traces
|
|
- MINOR: quic: Trace fix in qc_release_frm()
|
|
- BUG/MAJOR: log-forward: Fix log-forward proxies not fully initialized
|
|
- BUG/MAJOR: log-forward: Fix ssl layer not initialized on bind even if configured
|
|
- MINOR: quic: Add reusable cipher contexts for header protection
|
|
- BUG/MINOR: ssl/cli: error when the ca-file is empty
|
|
- MINOR: ssl: handle ca-file appending in cafile_entry
|
|
- MINOR: ssl/cli: implement "add ssl ca-file"
|
|
|
|
2022/08/07 : 2.7-dev3
|
|
- BUILD: makefile: Fix install(1) handling for OpenBSD/NetBSD/Solaris/AIX
|
|
- BUG/MEDIUM: tools: avoid calling dlsym() in static builds (try 2)
|
|
- MINOR: resolvers: resolvers_destroy() deinit and free a resolver
|
|
- BUG/MINOR: resolvers: shut off the warning for the default resolvers
|
|
- BUG/MINOR: ssl: allow duplicate certificates in ca-file directories
|
|
- BUG/MINOR: tools: fix statistical_prng_range()'s output range
|
|
- BUG/MINOR: quic: do not send CONNECTION_CLOSE_APP in initial/handshake
|
|
- BUILD: debug: Add braces to if statement calling only CHECK_IF()
|
|
- BUG/MINOR: fd: Properly init the fd state in fd_insert()
|
|
- BUG/MEDIUM: fd/threads: fix incorrect thread selection in wakeup broadcast
|
|
- MINOR: init: load OpenSSL error strings
|
|
- MINOR: ssl: enhance ca-file error emitting
|
|
- BUG/MINOR: mworker/cli: relative pid prefix not validated anymore
|
|
- BUG/MAJOR: mux_quic: fix invalid PROTOCOL_VIOLATION on POST data overlap
|
|
- BUG/MEDIUM: mworker: proc_self incorrectly set crashes upon reload
|
|
- BUILD: add detection for unsupported compiler models
|
|
- BUG/MEDIUM: stconn: Only reset connect expiration when processing backend side
|
|
- BUG/MINOR: backend: Fallback on RR algo if balance on source is impossible
|
|
- BUG/MEDIUM: master: force the thread count earlier
|
|
- BUG/MAJOR: poller: drop FD's tgid when masks don't match
|
|
- DEBUG: fd: detect possibly invalid tgid in fd_insert()
|
|
- BUG/MINOR: sockpair: wrong return value for fd_send_uxst()
|
|
- MINOR: sockpair: move send_fd_uxst() error message in caller
|
|
- Revert "BUG/MINOR: peers: set the proxy's name to the peers section name"
|
|
- DEBUG: fd: split the fd check
|
|
- MEDIUM: resolvers: continue startup if network is unavailable
|
|
- BUG/MINOR: fd: always remove late updates when freeing fd_updt[]
|
|
- MINOR: cli: emit a warning when _getsocks was used more than once
|
|
- BUG/MINOR: mworker: PROC_O_LEAVING used but not updated
|
|
- Revert "MINOR: cli: emit a warning when _getsocks was used more than once"
|
|
- MINOR: cli: warning on _getsocks when socket were closed
|
|
- BUG/MEDIUM: mux-quic: fix missing EOI flag to prevent streams leaks
|
|
- MINOR: quic: Congestion control architecture refactoring
|
|
- MEDIUM: quic: Cubic congestion control algorithm implementation
|
|
- MINOR: quic: New "quic-cc-algo" bind keyword
|
|
- BUG/MINOR: quic: loss time limit variable computed but not used
|
|
- MINOR: quic: Stop looking for packet loss asap
|
|
- BUG/MAJOR: quic: Useless resource intensive loop qc_ackrng_pkts()
|
|
- MINOR: quic: Send packets as much as possible from qc_send_app_pkts()
|
|
- BUG/MEDIUM: queue/threads: limit the number of entries dequeued at once
|
|
- MAJOR: threads/plock: update the embedded library
|
|
- MINOR: thread: provide an alternative to pthread's rwlock
|
|
- DEBUG: tools: provide a tree dump function for ebmbtrees as well
|
|
- MINOR: ebtree: add ebmb_lookup_shorter() to pursue lookups
|
|
- BUG/MEDIUM: pattern: only visit equivalent nodes when skipping versions
|
|
- BUG/MINOR: mux-quic: prevent crash if conn released during IO callback
|
|
- CLEANUP: mux-quic: remove useless app_ops is_active callback
|
|
- BUG/MINOR: mux-quic: do not free conn if attached streams
|
|
- MINOR: mux-quic: save proxy instance into qcc
|
|
- MINOR: mux-quic: use timeout server for backend conns
|
|
- MEDIUM: mux-quic: adjust timeout refresh
|
|
- MINOR: mux-quic: count in-progress requests
|
|
- MEDIUM: mux-quic: implement http-keep-alive timeout
|
|
- MINOR: peers: Add a warning about incompatible SSL config for the local peer
|
|
- MINOR: peers: Use a dedicated reconnect timeout when stopping the local peer
|
|
- BUG/MEDIUM: peers: limit reconnect attempts of the old process on reload
|
|
- BUG/MINOR: peers: Use right channel flag to consider the peer as connected
|
|
- BUG/MEDIUM: dns: Properly initialize new DNS session
|
|
- BUG/MINOR: backend: Don't increment conn_retries counter too early
|
|
- MINOR: server: Constify source server to copy its settings
|
|
- REORG: server: Export srv_settings_cpy() function
|
|
- BUG/MEDIUM: proxy: Perform a custom copy for default server settings
|
|
- BUG/MINOR: quic: Missing in flight ack eliciting packet counter decrement
|
|
- BUG/MEDIUM: quic: Floating point exception in cubic_root()
|
|
- MINOR: h3: support HTTP request framing state
|
|
- MINOR: mux-quic: refresh timeout on frame decoding
|
|
- MINOR: mux-quic: refactor refresh timeout function
|
|
- MEDIUM: mux-quic: implement http-request timeout
|
|
- BUG/MINOR: quic: Avoid sending truncated datagrams
|
|
- BUG/MINOR: ring/cli: fix a race condition between the writer and the reader
|
|
- BUG/MEDIUM: sink: Set the sink ref for forwarders created during ring parsing
|
|
- BUG/MINOR: sink: fix a race condition between the writer and the reader
|
|
- BUG/MINOR: quic: do not reject datagrams matching minimum permitted size
|
|
- MINOR: quic: Add two new stats counters for sendto() errors
|
|
- BUG/MINOR: quic: Missing Initial packet dropping case
|
|
- MINOR: quic: explicitely ignore sendto error
|
|
- BUG/MINOR: quic: adjust errno handling on sendto
|
|
- BUG/MEDIUM: quic: break out of the loop in quic_lstnr_dghdlr
|
|
- MINOR: threads: report the number of thread groups in build options
|
|
- MINOR: config: automatically preset MAX_THREADS based on MAX_TGROUPS
|
|
- BUILD: SSL: allow to pass additional configure args to QUICTLS
|
|
- CI: enable weekly "m32" builds on x86_64
|
|
- CLEANUP: assorted typo fixes in the code and comments
|
|
- BUG/MEDIUM: fix DH length when EC key is used
|
|
- REGTESTS: ssl: adopt tests to OpenSSL-3.0.N
|
|
- REGTESTS: ssl: adopt tests to OpenSSL-3.0.N
|
|
- REGTESTS: ssl: fix grep invocation to use extended regex in ssl_generate_certificate.vtc
|
|
- BUILD: cfgparse: always defined _GNU_SOURCE for sched.h and crypt.h
|
|
|
|
2022/07/16 : 2.7-dev2
|
|
- BUG/MINOR: qpack: fix build with QPACK_DEBUG
|
|
- MINOR: h3: handle errors on HEADERS parsing/QPACK decoding
|
|
- BUG/MINOR: qpack: abort on dynamic index field line decoding
|
|
- MINOR: qpack: properly handle invalid dynamic table references
|
|
- MINOR: task: Add tasklet_wakeup_after()
|
|
- BUG/MINOR: quic: Dropped packets not counted (with RX buffers full)
|
|
- MINOR: quic: Add new stats counter to diagnose RX buffer overrun
|
|
- MINOR: quic: Duplicated QUIC_RX_BUFSZ definition
|
|
- MINOR: quic: Improvements for the datagrams receipt
|
|
- CLEANUP: h2: Typo fix in h2_unsubcribe() traces
|
|
- MINOR: quic: Increase the QUIC connections RX buffer size (upto 64Kb)
|
|
- CLEANUP: mux-quic: adjust comment on qcs_consume()
|
|
- MINOR: ncbuf: implement ncb_is_fragmented()
|
|
- BUG/MINOR: mux-quic: do not signal FIN if gap in buffer
|
|
- MINOR: fd: add a new FD_DISOWN flag to prevent from closing a deleted FD
|
|
- BUG/MEDIUM: ssl/fd: unexpected fd close using async engine
|
|
- MINOR: tinfo: make tid temporarily still reflect global ID
|
|
- CLEANUP: config: remove unused proc_mask()
|
|
- MINOR: debug: remove mask support from "debug dev sched"
|
|
- MEDIUM: task: add and preset a thread ID in the task struct
|
|
- MEDIUM: task/debug: move the ->thread_mask integrity checks to ->tid
|
|
- MAJOR: task: use t->tid instead of ffsl(t->thread_mask) to take the thread ID
|
|
- MAJOR: task: replace t->thread_mask with 1<<t->tid when thread mask is needed
|
|
- CLEANUP: task: remove thread_mask from the struct task
|
|
- MEDIUM: applet: only keep appctx_new_*() and drop appctx_new()
|
|
- MEDIUM: task: only keep task_new_*() and drop task_new()
|
|
- MINOR: applet: always use task_new_on() on applet creation
|
|
- MEDIUM: task: remove TASK_SHARED_WQ and only use t->tid
|
|
- MINOR: task: replace task_set_affinity() with task_set_thread()
|
|
- CLEANUP: task: remove the unused task_unlink_rq()
|
|
- CLEANUP: task: remove the now unused TASK_GLOBAL flag
|
|
- MINOR: task: make rqueue_ticks atomic
|
|
- MEDIUM: task: move the shared runqueue to one per thread
|
|
- MEDIUM: task: replace the global rq_lock with a per-rq one
|
|
- MINOR: task: remove grq_total and use rq_total instead
|
|
- MINOR: task: replace global_tasks_mask with a check for tree's emptiness
|
|
- MEDIUM: task: use regular eb32 trees for the run queues
|
|
- MEDIUM: queue: revert to regular inter-task wakeups
|
|
- MINOR: thread: make wake_thread() take care of the sleeping threads mask
|
|
- MINOR: thread: move the flags to the shared cache line
|
|
- MINOR: thread: only use atomic ops to touch the flags
|
|
- MINOR: poller: centralize poll return handling
|
|
- MEDIUM: polling: make update_fd_polling() not care about sleeping threads
|
|
- MINOR: poller: update_fd_polling: wake a random other thread
|
|
- MEDIUM: thread: add a new per-thread flag TH_FL_NOTIFIED to remember wakeups
|
|
- MEDIUM: tasks/fd: replace sleeping_thread_mask with a TH_FL_SLEEPING flag
|
|
- MINOR: tinfo: add the tgid to the thread_info struct
|
|
- MINOR: tinfo: replace the tgid with tgid_bit in tgroup_info
|
|
- MINOR: tinfo: add the mask of enabled threads in each group
|
|
- MINOR: debug: use ltid_bit in ha_thread_dump()
|
|
- MINOR: wdt: use ltid_bit in wdt_handler()
|
|
- MINOR: clock: use ltid_bit in clock_report_idle()
|
|
- MINOR: thread: use ltid_bit in ha_tkillall()
|
|
- MINOR: thread: add a new all_tgroups_mask variable to know about active tgroups
|
|
- CLEANUP: thread: remove thread_sync_release() and thread_sync_mask
|
|
- MEDIUM: tinfo: add a dynamic thread-group context
|
|
- MEDIUM: thread: make stopping_threads per-group and add stopping_tgroups
|
|
- MAJOR: threads: change thread_isolate to support inter-group synchronization
|
|
- MINOR: thread: add is_thread_harmless() to know if a thread already is harmless
|
|
- MINOR: debug: mark oneself harmless while waiting for threads to finish
|
|
- MINOR: wdt: do not rely on threads_to_dump anymore
|
|
- MEDIUM: debug: make the thread dumper not rely on a thread mask anymore
|
|
- BUILD: debug: fix build issue on clang with previous commit
|
|
- BUILD: debug: re-export thread_dump_state
|
|
- BUG/MEDIUM: threads: fix incorrect thread group being used on soft-stop
|
|
- BUG/MEDIUM: thread: check stopping thread against local bit and not global one
|
|
- MINOR: proxy: use tg->threads_enabled in hard_stop() to detect stopped threads
|
|
- BUILD: Makefile: Add Lua 5.4 autodetect
|
|
- CI: re-enable gcc asan builds
|
|
- MEDIUM: mworker: set the iocb of the socketpair without using fd_insert()
|
|
- MINOR: fd: Add BUG_ON checks on fd_insert()
|
|
- CLEANUP: mworker: rename mworker_pipe to mworker_sockpair
|
|
- CLEANUP: mux-quic: do not export qc_get_ncbuf
|
|
- REORG: mux-quic: reorganize flow-control fields
|
|
- MINOR: mux-quic: implement accessor for sedesc
|
|
- MEDIUM: mux-quic: refactor streams opening
|
|
- MINOR: mux-quic: rename qcs flag FIN_RECV to SIZE_KNOWN
|
|
- MINOR: mux-quic: emit FINAL_SIZE_ERROR on invalid STREAM size
|
|
- BUG/MINOR: peers/config: always fill the bind_conf's argument
|
|
- BUG/MEDIUM: peers/config: properly set the thread mask
|
|
- CLEANUP: bwlim: Set pointers to NULL when memory is released
|
|
- BUG/MINOR: http-check: Preserve headers if not redefined by an implicit rule
|
|
- BUG/MINOR: http-act: Properly generate 103 responses when several rules are used
|
|
- BUG/MEDIUM: thread: mask stopping_threads with threads_enabled when checking it
|
|
- CLEANUP: thread: also remove a thread's bit from stopping_threads on stop
|
|
- BUG/MINOR: peers: fix possible NULL dereferences at config parsing
|
|
- BUG/MINOR: http-htx: Fix scheme based normalization for URIs wih userinfo
|
|
- MINOR: http: Add function to get port part of a host
|
|
- MINOR: http: Add function to detect default port
|
|
- BUG/MEDIUM: h1: Improve authority validation for CONNCET request
|
|
- MINOR: http-htx: Use new HTTP functions for the scheme based normalization
|
|
- BUG/MEDIUM: http-fetch: Don't fetch the method if there is no stream
|
|
- REGTEESTS: filters: Fix CONNECT request in random-forwarding script
|
|
- MEDIUM: mworker/systemd: send STATUS over sd_notify
|
|
- BUG/MINOR: mux-h1: Be sure to commit htx changes in the demux buffer
|
|
- BUG/MEDIUM: http-ana: Don't wait to have an empty buf to switch in TUNNEL state
|
|
- BUG/MEDIUM: mux-h1: Handle connection error after a synchronous send
|
|
- MEDIUM: epoll: don't synchronously delete migrated FDs
|
|
- BUILD: debug: silence warning on gcc-5
|
|
- BUILD: http: silence an uninitialized warning affecting gcc-5
|
|
- BUG/MEDIUM: mux-quic: fix server chunked encoding response
|
|
- REORG: mux-quic: rename stream initialization function
|
|
- MINOR: mux-quic: rename stream purge function
|
|
- MINOR: mux-quic: add traces on frame parsing functions
|
|
- MINOR: mux-quic: implement qcs_alert()
|
|
- MINOR: mux-quic: filter send/receive-only streams on frame parsing
|
|
- MINOR: mux-quic: do not ack STREAM frames on unrecoverable error
|
|
- MINOR: mux-quic: support stream opening via MAX_STREAM_DATA
|
|
- MINOR: mux-quic: define basic stream states
|
|
- MINOR: mux-quic: use stream states to mark as detached
|
|
- MEDIUM: mux-quic: implement RESET_STREAM emission
|
|
- MEDIUM: mux-quic: implement STOP_SENDING handling
|
|
- BUG/MEDIUM: debug: fix possible hang when multiple threads dump at once
|
|
- BUG/MINOR: quic: fix closing state on NO_ERROR code sent
|
|
- CLEANUP: quic: clean up include on quic_frame-t.h
|
|
- MINOR: quic: define a generic QUIC error type
|
|
- MINOR: mux-quic: support app graceful shutdown
|
|
- MINOR: mux-quic/h3: prepare CONNECTION_CLOSE on release
|
|
- MEDIUM: quic: send CONNECTION_CLOSE on released MUX
|
|
- CLEANUP: mux-quic: move qc_release()
|
|
- MINOR: mux-quic: send one last time before release
|
|
- MINOR: h3: store control stream in h3c
|
|
- MINOR: h3: implement graceful shutdown with GOAWAY
|
|
- BUG/MINOR: threads: produce correct global mask for tgroup > 1
|
|
- BUG/MEDIUM: cli/threads: make "show threads" more robust on applets
|
|
- BUG/MINOR: thread: use the correct thread's group in ha_tkillall()
|
|
- BUG/MINOR: debug: enter ha_panic() only once
|
|
- BUG/MEDIUM: debug: fix parallel thread dumps again
|
|
- MINOR: cli/streams: show a stream's tgid next to its thread ID
|
|
- DEBUG: cli: add a new "debug dev deadlock" expert command
|
|
- MINOR: cli/activity: add a thread number argument to "show activity"
|
|
- CLEANUP: applet: remove the obsolete command context from the appctx
|
|
- MEDIUM: config: remove deprecated "bind-process" directives from frontends
|
|
- MEDIUM: config: remove the "process" keyword on "bind" lines
|
|
- MINOR: listener/config: make "thread" always support up to LONGBITS
|
|
- CLEANUP: fd: get rid of the __GET_{NEXT,PREV} macros
|
|
- MEDIUM: debug/threads: make the lock debugging take tgroups into account
|
|
- MEDIUM: proto: stop protocols under thread isolation during soft stop
|
|
- MEDIUM: poller: program the update in fd_update_events() for a migrated FD
|
|
- MEDIUM: poller: disable thread-groups for poll() and select()
|
|
- MINOR: thread: remove MAX_THREADS limitation
|
|
- MEDIUM: cpu-map: replace the process number with the thread group number
|
|
- MINOR: mworker/threads: limit the mworker sockets to group 1
|
|
- MINOR: cli/threads: always bind CLI to thread group 1
|
|
- MINOR: fd/thread: get rid of thread_mask()
|
|
- MEDIUM: task/thread: move the task shared wait queues per thread group
|
|
- MINOR: task: move the niced_tasks counter to the thread group context
|
|
- DOC: design: add some thoughts about how to handle the update_list
|
|
- MEDIUM: conn: make conn_backend_get always scan the same group
|
|
- MAJOR: fd: remove pending updates upon real close
|
|
- MEDIUM: fd/poller: make the update-list per-group
|
|
- MINOR: fd: delete unused updates on close()
|
|
- MINOR: fd: make fd_insert() apply the thread mask itself
|
|
- MEDIUM: fd: add the tgid to the fd and pass it to fd_insert()
|
|
- MINOR: cli/fd: show fd's tgid and refcount in "show fd"
|
|
- MINOR: fd: add functions to manipulate the FD's tgid
|
|
- MINOR: fd: add fd_get_running() to atomically return the running mask
|
|
- MAJOR: fd: grab the tgid before manipulating running
|
|
- MEDIUM: fd/poller: turn polled_mask to group-local IDs
|
|
- MEDIUM: fd/poller: turn update_mask to group-local IDs
|
|
- MEDIUM: fd/poller: turn running_mask to group-local IDs
|
|
- MINOR: fd: make fd_clr_running() return the previous value instead
|
|
- MEDIUM: fd: make thread_mask now represent group-local IDs
|
|
- MEDIUM: fd: make fd_insert() take local thread masks
|
|
- MEDIUM: fd: make fd_insert/fd_delete atomically update fd.tgid
|
|
- MEDIUM: fd: quit fd_update_events() when FD is closed
|
|
- MEDIUM: thread: change thread_resolve_group_mask() to return group-local values
|
|
- MEDIUM: listener: switch bind_thread from global to group-local
|
|
- MINOR: fd: add fd_reregister_all() to deal with boot-time FDs
|
|
- MEDIUM: fd: support stopping FDs during starting
|
|
- MAJOR: pollers: rely on fd_reregister_all() at boot time
|
|
- MAJOR: poller: only touch/inspect the update_mask under tgid protection
|
|
- MEDIUM: fd: support broadcasting updates for foreign groups in updt_fd_polling
|
|
- CLEANUP: threads: remove the now unused all_threads_mask and tid_bit
|
|
- MINOR: config: change default MAX_TGROUPS to 16
|
|
- BUG/MEDIUM: tools: avoid calling dlsym() in static builds
|
|
|
|
2022/06/24 : 2.7-dev1
|
|
- BUG/MINOR: ssl_ckch: Free error msg if commit changes on a cert entry fails
|
|
- BUG/MINOR: ssl_ckch: Free error msg if commit changes on a CA/CRL entry fails
|
|
- BUG/MEDIUM: ssl_ckch: Don't delete a cert entry if it is being modified
|
|
- BUG/MEDIUM: ssl_ckch: Don't delete CA/CRL entry if it is being modified
|
|
- BUG/MINOR: ssl_ckch: Don't duplicate path when replacing a cert entry
|
|
- BUG/MINOR: ssl_ckch: Don't duplicate path when replacing a CA/CRL entry
|
|
- BUG/MEDIUM: ssl_ckch: Rework 'commit ssl cert' to handle full buffer cases
|
|
- BUG/MEDIUM: ssl_ckch: Rework 'commit ssl ca-file' to handle full buffer cases
|
|
- BUG/MEDIUM: ssl/crt-list: Rework 'add ssl crt-list' to handle full buffer cases
|
|
- BUG/MEDIUM: httpclient: Don't remove HTX header blocks before duplicating them
|
|
- BUG/MEDIUM: httpclient: Rework CLI I/O handler to handle full buffer cases
|
|
- MEDIUM: httpclient: Don't close CLI applet at the end of a response
|
|
- MEDIUM: http-ana: Always report rewrite failures as PRXCOND in logs
|
|
- CLEANUP: Re-apply xalloc_size.cocci (2)
|
|
- REGTESTS: abortonclose: Add a barrier to not mix up log messages
|
|
- REGTESTS: http_request_buffer: Increase client timeout to wait "slow" clients
|
|
- CLEANUP: ssl_ckch: Use corresponding enum for commit_cacrlfile_ctx.cafile_type
|
|
- MINOR: ssl_ckch: Simplify I/O handler to commit changes on CA/CRL entry
|
|
- BUG/MINOR: ssl_ckch: Use right type for old entry in show_crlfile_ctx
|
|
- BUG/MINOR: ssl_ckch: Dump CRL transaction only once if show command yield
|
|
- BUG/MINOR: ssl_ckch: Dump CA transaction only once if show command yield
|
|
- BUG/MINOR: ssl_ckch: Dump cert transaction only once if show command yield
|
|
- BUG/MINOR: ssl_ckch: Init right field when parsing "commit ssl crl-file" cmd
|
|
- CLEANUP: ssl_ckch: Remove unused field in commit_cacrlfile_ctx structure
|
|
- MINOR: ssl_ckch: Simplify structure used to commit changes on CA/CRL entries
|
|
- MINOR: ssl_ckch: Remove service context for "set ssl cert" command
|
|
- MINOR: ssl_ckch: Remove service context for "set ssl ca-file" command
|
|
- MINOR: ssl_ckch: Remove service context for "set ssl crl-file" command
|
|
- BUG/MINOR: ssl_ckch: Fix possible uninitialized value in show_cert I/O handler
|
|
- BUG/MINOR: ssl_ckch: Fix possible uninitialized value in show_cafile I/O handler
|
|
- BUG/MINOR: ssl_ckch: Fix possible uninitialized value in show_crlfile I/O handler
|
|
- BUILD: ssl_ckch: Fix build error about a possible uninitialized value
|
|
- BUG/MINOR: ssl_ckch: Fix another possible uninitialized value
|
|
- REGTESTS: http_abortonclose: Extend supported versions
|
|
- REGTESTS: restrict_req_hdr_names: Extend supported versions
|
|
- MINOR: connection: support HTTP/3.0 for smp_*_http_major fetch
|
|
- MINOR: h3: add h3c pointer into h3s instance
|
|
- MINOR: mux-quic: simplify decode_qcs API
|
|
- MINOR: mux-quic/h3: adjust demuxing function return values
|
|
- BUG/MINOR: h3: fix return value on decode_qcs on error
|
|
- BUILD: quic: fix anonymous union for gcc-4.4
|
|
- BUILD: compiler: implement unreachable for older compilers too
|
|
- DEV: tcploop: reorder options in the usage message
|
|
- DEV: tcploop: make the current address the default address
|
|
- DEV: tcploop: make it possible to change the target address of a connect()
|
|
- DEV: tcploop: factor out the socket creation
|
|
- DEV: tcploop: permit port 0 to ease handling of default options
|
|
- DEV: tcploop: add a new "bind" command to bind to ip/port.
|
|
- DEV: tcploop: add minimal UDP support
|
|
- BUG/MINOR: trace: Test server existence for health-checks to get proxy
|
|
- BUG/MINOR: checks: Properly handle email alerts in trace messages
|
|
- BUG/MEDIUM: mailers: Set the object type for check attached to an email alert
|
|
- REGTESTS: healthcheckmail: Update the test to be functionnal again
|
|
- REGTESTS: healthcheckmail: Relax health-check failure condition
|
|
- BUG/MINOR: h3: fix incorrect BUG_ON assert on SETTINGS parsing
|
|
- MEDIUM: mux-h2: try to coalesce outgoing WINDOW_UPDATE frames
|
|
- OPTIM: mux-h2: increase h2_settings_initial_window_size default to 64k
|
|
- BUG/MINOR: h3: fix frame type definition
|
|
- BUG/MEDIUM: h3: fix SETTINGS parsing
|
|
- BUG/MINOR: cli/stats: add missing trailing LF after JSON outputs
|
|
- BUG/MINOR: server: do not enable DNS resolution on disabled proxies
|
|
- BUG/MINOR: cli/stats: add missing trailing LF after "show info json"
|
|
- DOC: design: update the notes on thread groups
|
|
- BUG/MEDIUM: mux-quic: fix flow control connection Tx level
|
|
- MINOR: mux-quic: complete BUG_ON on TX flow-control enforcing
|
|
- BUG/MINOR: mux-quic: fix memleak on frames rejected by transport
|
|
- BUG/MINOR: tcp-rules: Make action call final on read error and delay expiration
|
|
- CLEANUP: check: Remove useless tests on check's stream-connector
|
|
- BUG/MEDIUM: stconn: Don't wakeup applet for send if it won't consume data
|
|
- BUG/MEDIUM: cli: Notify cli applet won't consume data during request processing
|
|
- BUG/MEDIUM: mux-quic: fix segfault on flow-control frame cleanup
|
|
- MINOR: task: move profiling bit to per-thread
|
|
- CLEANUP: quic: use task_new_on() for single-threaded tasks
|
|
- MINOR: tinfo: remove the global thread ID bit (tid_bit)
|
|
- CLEANUP: hlua: check for at least 2 threads on a task
|
|
- MINOR: thread: get rid of MAX_THREADS_MASK
|
|
- OPTIM: task: do not consult shared WQ when we're already full
|
|
- DOC: design: update the task vs thread affinity requirements
|
|
- MINOR: qpack: add comments and remove a useless trace
|
|
- MINOR: qpack: reduce dependencies on other modules
|
|
- BUG/MINOR: qpack: support header litteral name decoding
|
|
- MINOR: qpack: add ABORT_NOW on unimplemented decoding
|
|
- BUG/MINOR: h3/qpack: deal with too many headers
|
|
- MINOR: qpack: improve decoding function
|
|
- MINOR: qpack: implement standalone decoder tool
|
|
- BUG/BUILD: h3: fix wrong label name
|
|
- BUG/MINOR: quic: Stop hardcoding Retry packet Version field
|
|
- MINOR: quic: Add several nonce and key definitions for Retry tag
|
|
- BUG/MINOR: quic: Wrong PTO calculation
|
|
- MINOR: quic: Parse long packet version from qc_parse_hd_form()
|
|
- CLEANUP: quid: QUIC draft-28 no more supported
|
|
- MEDIUM: quic: Add QUIC v2 draft support
|
|
- MINOR: quic: Released QUIC TLS extension for QUIC v2 draft
|
|
- MEDIUM: quic: Compatible version negotiation implementation (draft-08)
|
|
- CLEANUP: quic: Remove any reference to boringssl
|
|
- BUG/MINOR: task: fix thread assignment in tasklet_kill()
|
|
- BUG/MEDIUM: stream: Properly handle destructive client connection upgrades
|
|
- MINOR: stream: Rely on stconn flags to abort stream destructive upgrade
|
|
- CLEANUP: stconn: Don't expect to have no sedesc on detach
|
|
- BUG/MINOR: log: Properly test connection retries to fix dontlog-normal option
|
|
- MINOR: hlua: don't dump empty entries in hlua_traceback()
|
|
- MINOR: hlua: add a new hlua_show_current_location() function
|
|
- MEDIUM: debug: add a tainted flag when a shared library is loaded
|
|
- MEDIUM: debug: detect redefinition of symbols upon dlopen()
|
|
- BUILD: quic: Wrong HKDF label constant variable initializations
|
|
- BUG/MINOR: quic: Unexpected half open connection counter wrapping
|
|
- BUG/MINOR: quic_stats: Duplicate "quic_streams_data_blocked_bidi" field name
|
|
- BUG/MINOR: quic: purge conn Rx packet list on release
|
|
- BUG/MINOR: quic: free rejected Rx packets
|
|
- BUG/MINOR: qpack: abort on dynamic index field line decoding
|
|
- BUG/MEDIUM: ssl/cli: crash when crt inserted into a crt-list
|
|
- REGTESTS: ssl: add the same cert for client/server
|
|
- BUG/MINOR: quic: Acknowledgement must be forced during handshake
|
|
- MINOR: quic: Dump version_information transport parameter
|
|
- BUG/MEDIUM: mworker: use default maxconn in wait mode
|
|
- MINOR: intops: add a function to return a valid bit position from a mask
|
|
- TESTS: add a unit test for one_among_mask()
|
|
- BUILD: ssl_ckch: fix "maybe-uninitialized" build error on gcc-9.4 + ARM
|
|
- BUG/MINOR: ssl: Do not look for key in extra files if already in pem
|
|
- BUG/MINOR: quic: Missing acknowledgments for trailing packets
|
|
- BUG/MINOR: http-ana: Set method to HTTP_METH_OTHER when an HTTP txn is created
|
|
- BUG/MINOR: http-fetch: Use integer value when possible in "method" sample fetch
|
|
- MINOR: freq_ctr: Add a function to get events excess over the current period
|
|
- BUG/MINOR: stream: only free the req/res captures when set
|
|
- CLEANUP: pool/tree-wide: remove suffix "_pool" from certain pool names
|
|
- MEDIUM: debug: improve DEBUG_MEM_STATS to also report pool alloc/free
|
|
- BUG/MINOR: quic: Wrong reuse of fulfilled dgram RX buffer
|
|
- BUG/MAJOR: quic: Big RX dgrams leak when fulfilling a buffer
|
|
- BUG/MAJOR: quic: Big RX dgrams leak with POST requests
|
|
- BUILD: quic+h3: 32-bit compilation errors fixes
|
|
- MEDIUM: bwlim: Add support of bandwith limitation at the stream level
|
|
|
|
2022/05/31 : 2.7-dev0
|
|
- MINOR: version: it's development again
|
|
|
|
2022/05/31 : 2.6.0
|
|
- DOC: Fix formatting in configuration.txt to fix dconv
|
|
- CLEANUP: tcpcheck: Remove useless test on the stream-connector in tcpcheck_main
|
|
- CLEANUP: muxes: Consider stream's sd as defined in .show_fd callback functions
|
|
- MINOR: quic: Ignore out of packet padding.
|
|
- CLEANUP: quic: Useless QUIC_CONN_TX_BUF_SZ definition
|
|
- CLEANUP: quic: No more used handshake output buffer
|
|
- MINOR: quic: QUIC transport parameters split.
|
|
- MINOR: quic: Transport parameters dump
|
|
- DOC: quic: Update documentation for QUIC Retry
|
|
- MINOR: quic: Tunable "max_idle_timeout" transport parameter
|
|
- MINOR: quic: Tunable "initial_max_streams_bidi" transport parameter
|
|
- MINOR: quic: Clarifications about transport parameters value
|
|
- MINOIR: quic_stats: add QUIC connection errors counters
|
|
- BUG/MINOR: quic: Largest RX packet numbers mixing
|
|
- MINOR: quic_stats: Add transport new counters (lost, stateless reset, drop)
|
|
- DOC: quic: Documentation update for QUIC
|
|
- MINOR: quic: Connection TX buffer setting renaming.
|
|
- MINOR: h3: Add a statistics module for h3
|
|
- MINOR: quic: Send STOP_SENDING frames if mux is released
|
|
- MINOR: quic: Do not drop packets with RESET_STREAM frames
|
|
- BUG/MINOR: qpack: fix buffer API usage on prefix integer encoding
|
|
- BUG/MINOR: qpack: support bigger prefix-integer encoding
|
|
- BUG/MINOR: h3: do not report bug on unknown method
|
|
- SCRIPTS: add make-releases-json to recreate a releases.json file in download dirs
|
|
- SCRIPTS: make publish-release try to launch make-releases-json
|
|
- MINOR: htx: add an unchecked version of htx_get_head_blk()
|
|
- BUILD: htx: use the unchecked version of htx_get_head_blk() where needed
|
|
- BUILD: quic: use inttypes.h instead of stdint.h
|
|
- DOC: internal: remove totally outdated diagrams
|
|
- DOC: remove the outdated ROADMAP file
|
|
- DOC: add maintainers for QUIC and HTTP/3
|
|
- MINOR: h3: define h3 trace module
|
|
- MINOR: h3: add traces on frame recv
|
|
- MINOR: h3: add traces on frame send
|
|
- MINOR: h3: add traces on h3s init/end
|
|
- EXAMPLES: remove completely outdated acl-content-sw.cfg
|
|
- BUILD: makefile: reorder objects by build time
|
|
- DOC: fix a few spelling mistakes in the docs
|
|
- BUG/MEDIUM: peers/cli: fix "show peers" crash
|
|
- CLEANUP: peers/cli: stop misusing the appctx local variable
|
|
- CLEANUP: peers/cli: make peers_dump_peer() take an appctx instead of an stconn
|
|
- BUG/MINOR: peers: set the proxy's name to the peers section name
|
|
- MINOR: server: indicate when no address was expected for a server
|
|
- BUG/MINOR: peers: detect and warn on init_addr/resolvers/check/agent-check
|
|
- DOC: peers: indicate that some server settings are not usable
|
|
- DOC: peers: clarify when entry expiration date is renewed.
|
|
- DOC: peers: fix port number and addresses on new peers section format
|
|
- DOC: gpc/gpt: add commments of gpc/gpt array definitions on stick tables.
|
|
- DOC: install: update supported OpenSSL versions in the INSTALL doc
|
|
- MINOR: ncbuf: adjust ncb_data with NCBUF_NULL
|
|
- BUG/MINOR: h3: fix frame demuxing
|
|
- BUG/MEDIUM: h3: fix H3_EXCESSIVE_LOAD when receiving H3 frame header only
|
|
- BUG/MINOR: quic: Fix QUIC_EV_CONN_PRSAFRM event traces
|
|
- CLEANUP: quic: remove useless check on local UNI stream reception
|
|
- BUG/MINOR: qpack: do not consider empty enc/dec stream as error
|
|
- DOC: intro: adjust the numbering of paragrams to keep the output ordered
|
|
- MINOR: version: mention that it's LTS now.
|
|
|
|
2022/05/27 : 2.6-dev12
|
|
- CLEANUP: tools: Clean up non-QUIC error message handling in str2sa_range()
|
|
- BUG/MEDIUM: tools: Fix `inet_ntop` usage in sa2str
|
|
- CLEANUP: tools: Crash if inet_ntop fails due to ENOSPC in sa2str
|
|
- BUG/MEDIUM: mux-quic: adjust buggy proxy closing support
|
|
- Revert "MINOR: quic: activate QUIC traces at compilation"
|
|
- Revert "MINOR: mux-quic: activate qmux traces on stdout via macro"
|
|
- CLEANUP: init: address a coverity warning about possible multiply overflow
|
|
- BUG/MEDIUM: http: Properly reject non-HTTP/1.x protocols
|
|
- MEDIUM: h1: enlarge the scope of accepted version chars with accept-invalid-http-request
|
|
- BUG/MEDIUM: resolvers: Don't defer resolutions release in deinit function
|
|
- BUG/MEDIUM: peers: fix segfault using multiple bind on peers sections
|
|
- BUG/MEDIUM: peers: prevent unitialized multiple listeners on peers section
|
|
- BUG/MINOR: task: Don't defer tasks release when HAProxy is stopping
|
|
- MINOR: h3: mark ncbuf as const on h3_b_dup
|
|
- MINOR: mux-quic: do not alloc quic_stream_desc for uni remote stream
|
|
- MINOR: mux-quic: delay cs_endpoint allocation
|
|
- MINOR: mux-quic: add traces in qc_recv()
|
|
- MINOR: mux-quic: adjust return value of decode_qcs
|
|
- CLEANUP: h3: rename struct h3 -> h3c
|
|
- CLEANUP: h3: rename uni stream type constants
|
|
- BUG/MINOR: h3: prevent overflow when parsing SETTINGS
|
|
- MINOR: h3: refactor h3_control_send()
|
|
- MINOR: quic: support CONNECTION_CLOSE_APP emission
|
|
- MINOR: mux-quic: disable read on CONNECTION_CLOSE emission
|
|
- MINOR: h3: reject too big frames
|
|
- MINOR: mux-quic: emit STREAM_STATE_ERROR in qcc_recv
|
|
- BUG/MINOR: mux-quic: refactor uni streams TX/send H3 SETTINGS
|
|
- MINOR: h3/qpack: use qcs as type in decode callbacks
|
|
- MINOR: h3: define stream type
|
|
- MINOR: h3: refactor uni streams initialization
|
|
- MINOR: h3: check if frame is valid for stream type
|
|
- MINOR: h3: define non-h3 generic parsing function
|
|
- MEDIUM: quic: refactor uni streams RX
|
|
- CLEANUP: h3: remove h3 uni tasklet
|
|
- MINOR: h3: abort read on unknown uni stream
|
|
- MINOR: h3: refactor SETTINGS parsing/error reporting
|
|
- Revert "BUG/MINOR: task: Don't defer tasks release when HAProxy is stopping"
|
|
- DOC: configuration: add a warning for @system-ca on bind
|
|
- CLEANUP: init: address another coverity warning about a possible multiply overflow
|
|
- BUG/MINOR: ssl/lua: use correctly cert_ext in CertCache.set()
|
|
- BUG/MEDIUM: sample: Fix adjusting size in word converter
|
|
- REGTESTS: Do not use REQUIRE_VERSION for HAProxy 2.5+ (2)
|
|
- CLEANUP: conn_stream: remove unneeded exclusion of RX_WAIT_EP from RXBLK_ANY
|
|
- CLEANUP: conn_stream: rename the cs_endpoint's context to "conn"
|
|
- MINOR: conn_stream: add new sets of functions to set/get endpoint flags
|
|
- DEV: coccinelle: add cs_endp_flags.cocci
|
|
- CLEANUP: conn_stream: apply cs_endp_flags.cocci tree-wide
|
|
- DEV: coccinelle: add endp_flags.cocci
|
|
- CLEANUP: conn_stream: apply endp_flags.cocci tree-wide
|
|
- CLEANUP: conn_stream: rename the stream endpoint flags CS_EP_* to SE_FL_*
|
|
- CLEANUP: conn_stream: rename the cs_endpoint's target to "se"
|
|
- CLEANUP: conn_stream: rename cs_endpoint to sedesc (stream endpoint descriptor)
|
|
- CLEANUP: applet: rename the sedesc pointer from "endp" to "sedesc"
|
|
- CLEANUP: conn_stream: rename the conn_stream's endp to sedesc
|
|
- CLEANUP: conn_stream: rename cs_app_* to sc_app_*
|
|
- CLEANUP: conn_stream: tree-wide rename to stconn (stream connector)
|
|
- CLEANUP: mux-h1: add and use h1s_sc() to retrieve the stream connector
|
|
- CLEANUP: mux-h2: add and use h2s_sc() to retrieve the stream connector
|
|
- CLEANUP: mux-fcgi: add and use fcgi_strm_sc() to retrieve the stream connector
|
|
- CLEANUP: mux-pt: add and use pt_sc() to retrieve the stream connector
|
|
- CLEANUP: stdesc: rename the stream connector ->cs field to ->sc
|
|
- CLEANUP: stream: rename "csf" and "csb" to "scf" and "scb"
|
|
- CLEANUP: stconn: tree-wide rename stream connector flags CS_FL_* to SC_FL_*
|
|
- CLEANUP: stconn: tree-wide rename stconn states CS_ST/SB_* to SC_ST/SB_*
|
|
- MINOR: check: export wake_srv_chk()
|
|
- MINOR: conn_stream: test the various ops functions before calling them
|
|
- MEDIUM: stconn: merge the app_ops and the data_cb fields
|
|
- MINOR: applet: add new wrappers to put chk/blk/str/chr to channel from appctx
|
|
- CLEANUP: applet: use applet_put*() everywhere possible
|
|
- CLEANUP: stconn: rename cs_{i,o}{b,c} to sc_{i,o}{b,c}
|
|
- CLEANUP: stconn: rename cs_{check,strm,strm_task} to sc_strm_*
|
|
- CLEANUP: stconn: rename cs_conn() to sc_conn()
|
|
- CLEANUP: stconn: rename cs_mux() to sc_mux_strm()
|
|
- CLEANUP: stconn: rename cs_conn_mux() to sc_mux_ops()
|
|
- CLEANUP: stconn: rename cs_appctx() to sc_appctx()
|
|
- CLEANUP: stconn: rename __cs_endp_target() to __sc_endp()
|
|
- CLEANUP: stconn: rename cs_get_data_name() to sc_get_data_name()
|
|
- CLEANUP: stconn: rename cs_conn_*() to sc_conn_*()
|
|
- CLEANUP: stconn: rename cs_conn_get_first() to conn_get_first_sc()
|
|
- CLEANUP: stconn: rename cs_ep_set_error() to se_fl_set_error()
|
|
- CLEANUP: stconn: make a few functions take a const argument
|
|
- CLEANUP: stconn: use a single function to know if SC may send to SE
|
|
- MINOR: stconn: consider CF_SHUTW for sc_is_send_allowed()
|
|
- MINOR: stconn: remove calls to cs_done_get()
|
|
- MEDIUM: stconn: always rely on CF_SHUTR in addition to cs_rx_blocked()
|
|
- MEDIUM: stconn: remove SE_FL_RXBLK_SHUT
|
|
- MINOR: stconn: rename SE_FL_RXBLK_CONN to SE_FL_APPLET_NEED_CONN
|
|
- MEDIUM: stconn: take SE_FL_APPLET_NEED_CONN out of the RXBLK_ANY flags
|
|
- CLEANUP: stconn: rename cs_rx_room_{blk,rdy} to sc_{need,have}_room()
|
|
- CLEANUP: stconn: rename cs_rx_chan_{blk,rdy} to sc_{wont,will}_read()
|
|
- CLEANUP: stconn: rename cs_rx_buff_{blk,rdy} to sc_{need,have}_buff()
|
|
- MINOR: stconn: start to rename cs_rx_endp_{more,done}() to se_have_{no_,}more_data()
|
|
- MINOR: stconn: add sc_is_recv_allowed() to check for ability to receive
|
|
- CLEANUP: stconn: rename SE_FL_RX_WAIT_EP to SE_FL_HAVE_NO_DATA
|
|
- MEDIUM: stconn: move the RXBLK flags to the stream connector
|
|
- CLEANUP: stconn: rename SE_FL_WANT_GET to SE_FL_WILL_CONSUME
|
|
- CLEANUP: stconn: remove cs_tx_blocked() and cs_tx_endp_ready()
|
|
- CLEANUP: stconn: rename cs_{want,stop}_get() to se_{will,wont}_consume()
|
|
- CLEANUP: stconn: rename cs_cant_get() to se_need_more_data()
|
|
- CLEANUP: stconn: rename cs_{new,create,free,destroy}_* to sc_*
|
|
- CLEANUP: stconn: rename remaining management functions from cs_* to sc_*
|
|
- CLEANUP: stconn: rename cs{,_get}_{src,dst} to sc_*
|
|
- CLEANUP: stconn: rename cs_{shut,chk}* to sc_*
|
|
- CLEANUP: stconn: rename final state manipulation functions from cs_* to sc_*
|
|
- CLEANUP: quic: drop the name "conn_stream" from the pool variable names
|
|
- REORG: rename cs_utils.h to sc_strm.h
|
|
- REORG: stconn: rename conn_stream.{c,h} to stconn.{c,h}
|
|
- CLEANUP: muxes: rename "get_first_cs" to "get_first_sc"
|
|
- DEV: flags: use "sc" for stream conns instead of "cs"
|
|
- CLEANUP: check: rename all occurrences of stconn "cs" to "sc"
|
|
- CLEANUP: connection: rename all occurrences of stconn "cs" to "sc"
|
|
- CLEANUP: stconn: rename all occurrences of stconn "cs" to "sc"
|
|
- CLEANUP: quic/h3: rename all occurrences of stconn "cs" to "sc"
|
|
- CLEANUP: stream: rename all occurrences of stconn "cs" to "sc"
|
|
- CLEANUP: promex: rename all occurrences of stconn "cs" to "sc"
|
|
- CLEANUP: stats: rename all occurrences of stconn "cs" to "sc"
|
|
- CLEANUP: cli: rename all occurrences of stconn "cs" to "sc"
|
|
- CLEANUP: applet: rename all occurrences of stconn "cs" to "sc"
|
|
- CLEANUP: cache: rename all occurrences of stconn "cs" to "sc"
|
|
- CLEANUP: dns: rename all occurrences of stconn "cs" to "sc"
|
|
- CLEANUP: spoe: rename all occurrences of stconn "cs" to "sc"
|
|
- CLEANUP: hlua: rename all occurrences of stconn "cs" to "sc"
|
|
- CLEANUP: log-forward: rename all occurrences of stconn "cs" to "sc"
|
|
- CLEANUP: http-client: rename all occurrences of stconn "cs" to "sc"
|
|
- CLEANUP: mux-fcgi: rename all occurrences of stconn "cs" to "sc"
|
|
- CLEANUP: mux-h1: rename all occurrences of stconn "cs" to "sc"
|
|
- CLEANUP: mux-h2: rename all occurrences of stconn "cs" to "sc"
|
|
- CLEANUP: mux-pt: rename all occurrences of stconn "cs" to "sc"
|
|
- CLEANUP: peers: rename all occurrences of stconn "cs" to "sc"
|
|
- CLEANUP: sink: rename all occurrences of stconn "cs" to "sc"
|
|
- CLEANUP: sslsock: remove only occurrence of local variable "cs"
|
|
- CLEANUP: applet: rename appctx_cs() to appctx_sc()
|
|
- CLEANUP: stream: rename stream_upgrade_from_cs() to stream_upgrade_from_sc()
|
|
- CLEANUP: obj_type: rename OBJ_TYPE_CS to OBJ_TYPE_SC
|
|
- CLEANUP: stconn: replace a few remaining occurrences of CS in comments or traces
|
|
- DOC: internal: update the muxes doc to mention the stconn
|
|
- CLEANUP: mux-quic: rename the "endp" field to "sd"
|
|
- CLEANUP: mux-h1: rename the "endp" field to "sd"
|
|
- CLEANUP: mux-h2: rename the "endp" field to "sd"
|
|
- CLEANUP: mux-fcgi: rename the "endp" field to "sd"
|
|
- CLEANUP: mux-pt: rename the "endp" field to "sd"
|
|
- CLEANUP: stconn: rename a few "endp" arguments and variables to "sd"
|
|
- MINOR: stconn: turn SE_FL_WILL_CONSUME to SE_FL_WONT_CONSUME
|
|
- CLEANUP: stream: remove unneeded test on appctx during initialization
|
|
- CLEANUP: stconn: remove the new unneeded SE_FL_APP_MASK
|
|
- DEV: flags: fix "siet" shortcut name
|
|
- DEV: flags: rename the "endp" shortcut to "sd" for "stream descriptor"
|
|
- DEV: flags: reorder a few SC/SE flags
|
|
- DOC: internal: add a description of the stream connectors and descriptors
|
|
|
|
2022/05/20 : 2.6-dev11
|
|
- CI: determine actual LibreSSL version dynamically
|
|
- BUG/MEDIUM: ncbuf: fix null buffer usage
|
|
- MINOR: ncbuf: fix warnings for testing build
|
|
- MEDIUM: http-ana: Add a proxy option to restrict chars in request header names
|
|
- MEDIUM: ssl: Delay random generator initialization after config parsing
|
|
- MINOR: ssl: Add 'ssl-propquery' global option
|
|
- MINOR: ssl: Add 'ssl-provider' global option
|
|
- CLEANUP: Add missing header to ssl_utils.c
|
|
- CLEANUP: Add missing header to hlua_fcn.c
|
|
- CLEANUP: Remove unused function hlua_get_top_error_string
|
|
- BUILD: fix build warning on solaris based systems with __maybe_unused.
|
|
- MINOR: tools: add get_exec_path implementation for solaris based systems.
|
|
- BUG/MINOR: ssl: Fix crash when no private key is found in pem
|
|
- CLEANUP: conn-stream: Remove cs_applet_shut declaration from header file
|
|
- MINOR: applet: Prepare appctx to own the session on frontend side
|
|
- MINOR: applet: Let the frontend appctx release the session
|
|
- MINOR: applet: Change return value for .init callback function
|
|
- MINOR: stream: Export stream_free()
|
|
- MINOR: applet: Add appctx_init() helper fnuction
|
|
- MINOR: applet: Add a function to finalize frontend appctx startup
|
|
- MINOR: applet: Add function to release appctx on error during init stage
|
|
- MEDIUM: dns: Refactor dns appctx creation
|
|
- MEDIUM: spoe: Refactor SPOE appctx creation
|
|
- MEDIUM: lua: Refactor cosocket appctx creation
|
|
- MEDIUM: httpclient: Refactor http-client appctx creation
|
|
- MINOR: sink: Add a ref to sink in the sink_forward_target structure
|
|
- MEDIUM: sink: Refactor sink forwarder appctx creation
|
|
- MINOR: peers: Add a ref to peers section in the peer structure
|
|
- MEDIUM: peers: Refactor peer appctx creation
|
|
- MINOR: applet: Add API to start applet on a thread subset
|
|
- MEDIUM: applet: Add support for async appctx startup on a thread subset
|
|
- MINOR: peers: Track number of applets run by thread
|
|
- MEDIUM: peers: Balance applets across threads
|
|
- MINOR: conn-stream/applet: Stop setting appctx as the endpoint context
|
|
- CLEANUP: proxy: Remove dead code when parsing "http-restrict-req-hdr-names" option
|
|
- REGTESTS: abortonclose: Fix some race conditions
|
|
- MINOR: ssl: Add 'ssl-provider-path' global option
|
|
- CLEANUP: http_ana: Make use of the return value of stream_generate_unique_id()
|
|
- BUG/MINOR: spoe: Fix error handling in spoe_init_appctx()
|
|
- CLEANUP: peers: Remove unreachable code in peer_session_create()
|
|
- CLEANUP: httpclient: Remove useless test on ss_dst in httpclient_applet_init()
|
|
- BUG/MEDIUM: quic: fix Rx buffering
|
|
- OPTIM: quic: realign empty Rx buffer
|
|
- BUG/MINOR: ncbuf: fix ncb_is_empty()
|
|
- MINOR: ncbuf: refactor ncb_advance()
|
|
- BUG/MINOR: mux-quic: update session's idle delay before stream creation
|
|
- MINOR: h3: do not wait a complete frame for demuxing
|
|
- MINOR: h3: flag demux as full on HTX full
|
|
- MEDIUM: mux-quic: implement recv on io-cb
|
|
- MINOR: mux-quic: remove qcc_decode_qcs() call in XPRT
|
|
- MINOR: mux-quic: reorganize flow-control frames emission
|
|
- MINOR: mux-quic: implement MAX_STREAM_DATA emission
|
|
- MINOR: mux-quic: implement MAX_DATA emission
|
|
- BUG/MINOR: mux-quic: support nul buffer with qc_free_ncbuf()
|
|
- MINOR: mux-quic: free RX buf if empty
|
|
- BUG/MEDIUM: config: Reset outline buffer size on realloc error in readcfgfile()
|
|
- BUG/MINOR: check: Reinit the buffer wait list at the end of a check
|
|
- MEDIUM: check: No longer shutdown the connection in .wake callback function
|
|
- REORG: check: Rename and export I/O callback function
|
|
- MEDIUM: check: Use the CS to handle subscriptions for read/write events
|
|
- BUG/MINOR: quic: break for error on sendto
|
|
- MINOR: quic: abort on unlisted errno on sendto()
|
|
- MINOR: quic: detect EBADF on sendto()
|
|
- BUG/MEDIUM: quic: fix initialization for local/remote TPs
|
|
- CLEANUP: quic: adjust comment/coding style for TPs init
|
|
- BUG/MINOR: cfgparse: abort earlier in case of allocation error
|
|
- MINOR: quic: Dump initial derived secrets
|
|
- MINOR: quic_tls: Add quic_tls_derive_retry_token_secret()
|
|
- MINOR: quic_tls: Add quic_tls_decrypt2() implementation
|
|
- MINOR: quic: Retry implementation
|
|
- MINOR: cfgparse: Update for "cluster-secret" keyword for QUIC Retry
|
|
- MINOR: quic: Move quic_lstnr_dgram_dispatch() out of xprt_quic.c
|
|
- BUILD: stats: Missing headers inclusions from stats.h
|
|
- MINOR: quic_stats: Add a new stats module for QUIC
|
|
- MINOR: quic: Attach proxy QUIC stats counters to the QUIC connection
|
|
- BUG/MINOR: quic: Fix potential memory leak during QUIC connection allocations
|
|
- MINOR: quic: QUIC stats counters handling
|
|
- MINOR: quic: Add tune.quic.retry-threshold keyword
|
|
- MINOR: quic: Dynamic Retry implementation
|
|
- MINOR: quic/mux-quic: define CONNECTION_CLOSE send API
|
|
- MINOR: mux-quic: emit FLOW_CONTROL_ERROR
|
|
- MINOR: mux-quic: emit STREAM_LIMIT_ERROR
|
|
- MINOR: mux-quic: close connection on error if different data at offset
|
|
- BUG/MINOR: peers: fix error reporting of "bind" lines
|
|
- CLEANUP: config: improve address parser error report for unmatched protocols
|
|
- CLEANUP: config: provide cleare hints about unsupported QUIC addresses
|
|
- MINOR: protocol: replace ctrl_type with xprt_type and clarify it
|
|
- MINOR: listener: provide a function to process all of a bind_conf's arguments
|
|
- MINOR: config: use the new bind_parse_args_list() to parse a "bind" line
|
|
- CLEANUP: listener: add a comment about what the BC_SSL_O_* flags are for
|
|
- MINOR: listener: add a new "options" entry in bind_conf
|
|
- CLEANUP: listener: replace all uses of bind_conf->is_ssl with BC_O_USE_SSL
|
|
- CLEANUP: listener: replace bind_conf->generate_cers with BC_O_GENERATE_CERTS
|
|
- CLEANUP: listener: replace bind_conf->quic_force_retry with BC_O_QUIC_FORCE_RETRY
|
|
- CLEANUP: listener: store stream vs dgram at the bind_conf level
|
|
- MINOR: listener: detect stream vs dgram conflict during parsing
|
|
- MINOR: listener: set the QUIC xprt layer immediately after parsing the args
|
|
- MINOR: listener/ssl: set the SSL xprt layer only once the whole config is known
|
|
- MINOR: connection: add flag MX_FL_FRAMED to mark muxes relying on framed xprt
|
|
- MINOR: config: detect and report mux and transport incompatibilities
|
|
- MINOR: listener: automatically select a QUIC mux with a QUIC transport
|
|
- MINOR: listener: automatically enable SSL if a QUIC transport is found
|
|
- BUG/MINOR: quic: Fixe a typo in qc_idle_timer_task()
|
|
- BUG/MINOR: quic: Missing <conn_opening> stats counter decrementation
|
|
- BUILD/MINOR: cpuset fix build for FreeBSD 13.1
|
|
- CI: determine actual OpenSSL version dynamically
|
|
|
|
2022/05/14 : 2.6-dev10
|
|
- MINOR: ssl: ignore dotfiles when loading a dir w/ ca-file
|
|
- MEDIUM: ssl: ignore dotfiles when loading a dir w/ crt
|
|
- BUG/MINOR: ssl: Fix typos in crl-file related CLI commands
|
|
- MINOR: compiler: add a new macro to set an attribute on an enum when possible
|
|
- BUILD: stats: conditionally mark obsolete stats states as deprecated
|
|
- BUILD: ssl: work around bogus warning in gcc 12's -Wformat-truncation
|
|
- BUILD: debug: work around gcc-12 excessive -Warray-bounds warnings
|
|
- BUILD: listener: shut report of possible null-deref in listener_accept()
|
|
- BUG/MEDIUM: ssl: fix the gcc-12 broken fix :-(
|
|
- DOC: install: update gcc version requirements
|
|
- BUILD: makefile: add -Wfatal-errors to the default flags
|
|
- BUG/MINOR: server: Make SRV_STATE_LINE_MAXLEN value from 512 to 2kB (2000 bytes).
|
|
- BUG/MAJOR: dns: multi-thread concurrency issue on UDP socket
|
|
- BUG/MINOR: mux-h2: mark the stream as open before processing it not after
|
|
- MINOR: mux-h2: report a trace event when failing to create a new stream
|
|
- DOC: configuration: add the httpclient keywords to the global keywords index
|
|
- MINOR: quic: Add a debug counter for sendto() errors
|
|
- BUG/MINOR: quic: Dropped peer transport parameters
|
|
- BUG/MINOR: quic: Wrong unit for ack delay for incoming ACK frames
|
|
- MINOR: quic: Congestion controller event trace fix (loss)
|
|
- MINOR: quic: Add correct ack delay values to ACK frames
|
|
- MINOR: config: Add "cluster-secret" new global keyword
|
|
- MINOR: quic-tls: Add quic_hkdf_extract_and_expand() for HKDF
|
|
- MINOR: quic: new_quic_cid() code moving
|
|
- MINOR: quic: Initialize stateless reset tokens with HKDF secrets
|
|
- MINOR: qc_new_conn() rework for stateless reset
|
|
- MINOR: quic: Stateless reset token copy to transport parameters
|
|
- MINOR: quic: Send stateless reset tokens
|
|
- MINOR: quic: Short packets always embed a trailing AEAD TAG
|
|
- CLEANUP: quic: wrong use of eb*entry() macro
|
|
- CLEANUP: quic: Useless use of pointer for quic_hkdf_extract()
|
|
- CLEANUP: quic_tls: QUIC_TLS_IV_LEN defined two times
|
|
- MINOR: ncbuf: define non-contiguous buffer
|
|
- MINOR: ncbuf: complete API and define block interal abstraction
|
|
- MINOR: ncbuf: optimize storage for the last gap
|
|
- MINOR: ncbuf: implement insertion
|
|
- MINOR: ncbuf: define various insertion modes
|
|
- MINOR: ncbuf: implement advance
|
|
- MINOR: ncbuf: write unit tests
|
|
- BUG/MEDIUM: lua: fix argument handling in data removal functions
|
|
- DOC/MINOR: fix typos in the lua-api document
|
|
- BUG/MEDIUM: wdt: don't trigger the watchdog when p is unitialized
|
|
- MINOR: mux-h1: Add global option accpet payload for any HTTP/1.0 requests
|
|
- CLEANUP: mux-h1: Fix comments and error messages for global options
|
|
- MINOR: conn_stream: make cs_set_error() work on the endpoint instead
|
|
- CLEANUP: mux-h1: always take the endp from the h1s not the cs
|
|
- CLEANUP: mux-h2: always take the endp from the h2s not the cs
|
|
- CLEANUP: mux-pt: always take the endp from the context not the cs
|
|
- CLEANUP: mux-fcgi: always take the endp from the fstrm not the cs
|
|
- CLEANUP: mux-quic: always take the endp from the qcs not the cs
|
|
- CLEANUP: applet: use the appctx's endp instead of cs->endp
|
|
- MINOR: conn_stream: add a pointer back to the cs from the endpoint
|
|
- MINOR: mux-h1: remove the now unneeded h1s->cs
|
|
- MINOR: mux-h2: make sure any h2s always has an endpoint
|
|
- MINOR: mux-h2: remove the now unneeded conn_stream from the h2s
|
|
- MINOR: mux-fcgi: make sure any stream always has an endpoint
|
|
- MINOR: mux-fcgi: remove the now unneeded conn_stream from the fcgi_strm
|
|
- MINOR: mux-quic: remove the now unneeded conn_stream from the qcs
|
|
- MINOR: mux-pt: remove the now unneeded conn_stream from the context
|
|
- CLEANUP: muxes: make mux->attach/detach take a conn_stream endpoint
|
|
- MINOR: applet: replace cs_applet_shut() with appctx_shut()
|
|
- MINOR: applet: add appctx_strm() and appctx_cs() to access common fields
|
|
- CLEANUP: applet: remove the unneeded appctx->owner
|
|
- CLEANUP: conn_stream: merge cs_new_from_{mux,applet} into cs_new_from_endp()
|
|
- MINOR: ext-check: indicate the transport and protocol of a server
|
|
- BUG/MEDIUM: mux-quic: fix a thinko in the latest cs/endpoint cleanup
|
|
- MINOR: tools: improve error message accuracy in str2sa_range
|
|
- MINOR: config: make sure never to mix dgram and stream protocols on a bind line
|
|
- BUG/MINOR: ncbuf: fix coverity warning on uninit sz_data
|
|
- MINOR: xprt_quic: adjust flow-control according to bufsize
|
|
- MEDIUM: mux-quic/h3/hq-interop: use ncbuf for bidir streams
|
|
- MEDIUM: mux-quic/h3/qpack: use ncbuf for uni streams
|
|
- CLEANUP: mux-quic: remove unused fields for Rx
|
|
- CLEANUP: quic: remove unused quic_rx_strm_frm
|
|
|
|
2022/05/08 : 2.6-dev9
|
|
- MINOR: mux-quic: support full request channel buffer
|
|
- BUG/MINOR: h3: fix parsing of unknown frame type with null length
|
|
- CLEANUP: backend: make alloc_{bind,dst}_address() idempotent
|
|
- MEDIUM: stream: remove the confusing SF_ADDR_SET flag
|
|
- MINOR: conn_stream: remove the now unused CS_FL_ADDR_*_SET flags
|
|
- CLEANUP: protocol: make sure the connect_* functions always receive a dst
|
|
- MINOR: connection: get rid of the CO_FL_ADDR_*_SET flags
|
|
- MINOR: session: get rid of the now unused SESS_FL_ADDR_*_SET flags
|
|
- CLEANUP: mux: Useless xprt_quic-t.h inclusion
|
|
- MINOR: quic: Make the quic_conn be aware of the number of streams
|
|
- BUG/MINOR: quic: Dropped retransmitted STREAM frames
|
|
- BUG/MINOR: mux_quic: Dropped packet upon retransmission for closed streams
|
|
- MEDIUM: httpclient: remove url2sa to use a more flexible parser
|
|
- MEDIUM: httpclient: http-request rules for resolving
|
|
- MEDIUM: httpclient: allow address and port change for resolving
|
|
- CLEANUP: httpclient: remove the comment about resolving
|
|
- MINOR: httpclient: handle unix and other socket types in dst
|
|
- MINOR: httpclient: rename dash by dot in global option
|
|
- MINOR: init: exit() after pre-check upon error
|
|
- MINOR: httpclient: cleanup the error handling in init
|
|
- MEDIUM: httpclient: hard-error when SSL is configured
|
|
- MINOR: httpclient: allow to configure the ca-file
|
|
- MINOR: httpclient: configure the resolvers section to use
|
|
- MINOR: httpclient: allow ipv4 or ipv6 preference for resolving
|
|
- DOC: configuration: httpclient global option
|
|
- MINOR: conn-stream: Add mask from flags set by endpoint or app layer
|
|
- BUG/MEDIUM: conn-stream: Only keep app layer flags of the endpoint on reset
|
|
- BUG/MEDIUM: mux-fcgi: Be sure to never set EOM flag on an empty HTX message
|
|
- BUG/MEDIUM: mux-h1: Be able to handle trailers when C-L header was specified
|
|
- DOC: config: Update doc for PR/PH session states to warn about rewrite failures
|
|
- MINOR: resolvers: cleanup alert/warning in parse-resolve-conf
|
|
- MINOR: resolvers: move the resolv.conf parser in parse_resolv_conf()
|
|
- MINOR: resolvers: resolvers_new() create a resolvers with default values
|
|
- BUILD: debug: unify the definition of ha_backtrace_to_stderr()
|
|
- BUG/MINOR: tcp/http: release the expr of set-{src,dst}[-port]
|
|
- MEDIUM: resolvers: create a "default" resolvers section at startup
|
|
- DOC: resolvers: default resolvers section
|
|
- BUG/MINOR: startup: usage() when no -cc arguments
|
|
- BUG/MEDIUM: resolvers: make "show resolvers" properly yield
|
|
- BUG/MEDIUM: cli: make "show cli sockets" really yield
|
|
- BUG/MINOR: proxy/cli: don't enumerate internal proxies on "show backend"
|
|
- BUG/MINOR: map/cli: protect the backref list during "show map" errors
|
|
- BUG/MINOR: map/cli: make sure patterns don't vanish under "show map"'s init
|
|
- BUG/MINOR: ssl/cli: fix "show ssl ca-file/crl-file" not to mix cli+ssl contexts
|
|
- BUG/MINOR: ssl/cli: fix "show ssl ca-file <name>" not to mix cli+ssl contexts
|
|
- BUG/MINOR: ssl/cli: fix "show ssl crl-file" not to mix cli+ssl contexts
|
|
- BUG/MINOR: ssl/cli: fix "show ssl cert" not to mix cli+ssl contexts
|
|
- CLEANUP: ssl/cli: do not loop on unknown states in "add ssl crt-list" handler
|
|
- MINOR: applet: reserve some generic storage in the applet's context
|
|
- CLEANUP: applet: make appctx_new() initialize the whole appctx
|
|
- CLEANUP: stream/cli: take the "show sess" context definition out of the appctx
|
|
- CLEANUP: stream/cli: stop using appctx->st2 for the dump state
|
|
- CLEANUP: stream/cli: remove the unneeded init state from "show sess"
|
|
- CLEANUP: stream/cli: remove the unneeded STATE_FIN state from "show sess"
|
|
- CLEANUP: stream/cli: remove the now unneeded dump state from "show sess"
|
|
- CLEANUP: proxy/cli: take the "show errors" context definition out of the appctx
|
|
- CLEANUP: stick-table/cli: take the "show table" context definition out of the appctx
|
|
- CLEANUP: stick-table/cli: stop using appctx->st2 for the dump state
|
|
- CLEANUP: stick-table/cli: remove the unneeded STATE_INIT for "show table"
|
|
- CLEANUP: map/cli: take the "show map" context definition out of the appctx
|
|
- CLEANUP: map/cli: stop using cli.i0/i1 to store the generation numbers
|
|
- CLEANUP: map/cli: stop using appctx->st2 for the dump state
|
|
- CLEANUP: map/cli: always detach the backref from the list after "show map"
|
|
- CLEANUP: peers/cli: take the "show peers" context definition out of the appctx
|
|
- CLEANUP: peers/cli: stop using appctx->st2 for the dump state
|
|
- CLEANUP: peers/cli: remove unneeded state STATE_INIT
|
|
- CLEANUP: cli: initialize the whole appctx->ctx, not just the stats part
|
|
- CLEANUP: promex: make the applet use its own context
|
|
- CLEANUP: promex: stop using appctx->st2
|
|
- CLEANUP: stats/cli: take the "show stat" context definition out of the appctx
|
|
- CLEANUP: stats/cli: stop using appctx->st2
|
|
- CLEANUP: hlua/cli: take the hlua_cli context definition out of the appctx
|
|
- CLEANUP: ssl/cli: use a local context for "show cafile"
|
|
- CLEANUP: ssl/cli: use a local context for "show crlfile"
|
|
- CLEANUP: ssl/cli: use a local context for "show ssl cert"
|
|
- CLEANUP: ssl/cli: use a local context for "commit ssl cert"
|
|
- CLEANUP: ssl/cli: stop using appctx->st2 for "commit ssl cert"
|
|
- CLEANUP: ssl/cli: use a local context for "set ssl cert"
|
|
- CLEANUP: ssl/cli: use a local context for "set ssl cafile"
|
|
- CLEANUP: ssl/cli: use a local context for "set ssl crlfile"
|
|
- CLEANUP: ssl/cli: use a local context for "commit ssl {ca|crl}file"
|
|
- CLEANUP: ssl/cli: stop using appctx->st2 for "commit ssl ca/crl"
|
|
- CLEANUP: ssl/cli: stop using ctx.cli.i0/i1/p0 for "show tls-keys"
|
|
- CLEANUP: ssl/cli: add a new "dump_entries" field to "show_keys_ref"
|
|
- CLEANUP: ssl/cli: make "show tlskeys" not use appctx->st2 anymore
|
|
- CLEANUP: ssl/cli: make "show ssl ocsp-response" not use cli.p0 anymore
|
|
- CLEANUP: ssl/cli: make "{show|dump} ssl crtlist" use its own context
|
|
- CLEANUP: ssl/cli: make "add ssl crtlist" use its own context
|
|
- CLEANUP: ssl/cli: make "add ssl crtlist" not use st2 anymore
|
|
- CLEANUP: dns: stop abusing the sink forwarder's context
|
|
- CLEANUP: sink: use the generic context to store the forwarder's context
|
|
- CLEANUP: activity/cli: make "show profiling" not use ctx.cli anymore
|
|
- CLEANUP: debug/cli: make "debug dev fd" not use ctx.cli anymore
|
|
- CLEANUP: debug/cli: make "debug dev memstats" not use ctx.cli anymore
|
|
- CLEANUP: ring: pass the ring watch flags to ring_attach_cli(), not in ctx.cli
|
|
- CLEANUP: ring/cli: use a locally-defined context instead of using ctx.cli
|
|
- CLEANUP: resolvers/cli: make "show resolvers" use a locally-defined context
|
|
- CLEANUP: resolvers/cli: remove the unneeded appctx->st2 from "show resolvers"
|
|
- CLEANUP: cache/cli: make use of a locally defined context for "show cache"
|
|
- CLEANUP: proxy/cli: make use of a locally defined context for "show servers"
|
|
- CLEANUP: proxy/cli: get rid of appctx->st2 in "show servers"
|
|
- CLEANUP: proxy/cli: make "show backend" only use the generic context
|
|
- CLEANUP: cli: make "show fd" use its own context
|
|
- CLEANUP: cli: make "show env" use its own context
|
|
- CLEANUP: cli: simplify the "show cli sockets" I/O handler
|
|
- CLEANUP: cli: make "show cli sockets" use its own context
|
|
- CLEANUP: httpclient/cli: use a locally-defined context instead of ctx.cli
|
|
- CLEANUP: httpclient: do not use the appctx.ctx anymore
|
|
- CLEANUP: peers: do not use appctx.ctx anymore
|
|
- CLEANUP: spoe: do not use appctx.ctx anymore
|
|
- BUILD: applet: mark the CLI's generic variables as deprecated
|
|
- BUILD: applet: mark the appctx's st2 variable as deprecated
|
|
- CLEANUP: cache: take the context out of appctx.ctx
|
|
- MEDIUM: lua: move the cosocket storage outside of appctx.ctx
|
|
- MINOR: lua: move the tcp service storage outside of appctx.ctx
|
|
- MINOR: lua: move the http service context out of appctx.ctx
|
|
- CLEANUP: cli: move the status print context into its own context
|
|
- CLEANUP: stats: rename the stats state values an mark the old ones deprecated
|
|
- DOC: internal: document the new cleaner approach to the appctx
|
|
- MINOR: tcp: socket translate TCP_KEEPIDLE for macOs equivalent
|
|
- DOC: fix typo "ant" for "and" in INSTALL
|
|
- CI: dynamically determine actual version of h2spec
|
|
|
|
2022/04/30 : 2.6-dev8
|
|
- BUG/MINOR: quic: fix use-after-free with trace on ACK consume
|
|
- BUG/MINOR: rules: Forbid captures in defaults section if used by a backend
|
|
- BUG/MEDIUM: rules: Be able to use captures defined in defaults section
|
|
- BUG/MINOR: rules: Fix check_capture() function to use the right rule arguments
|
|
- BUG/MINOR: http-act: make release_http_redir() more robust
|
|
- BUG/MINOR: sample: add missing use_backend/use-server contexts in smp_resolve_args
|
|
- MINOR: sample: don't needlessly call c_none() in sample_fetch_as_type()
|
|
- MINOR: sample: make the bool type cast to bin
|
|
- MEDIUM: backend: add new "balance hash <expr>" algorithm
|
|
- MINOR: init: add global setting "fd-hard-limit" to bound system limits
|
|
- BUILD: pollers: use an initcall to register the pollers
|
|
- BUILD: xprt: use an initcall to register the transport layers
|
|
- BUILD: thread: use initcall instead of a constructor
|
|
- BUILD: http: remove the two unused constructors in rules and ana
|
|
- CLEANUP: compression: move the default setting of maxzlibmem to defaults
|
|
- MINOR: tree-wide: always consider EWOULDBLOCK in addition to EAGAIN
|
|
- BUG/MINOR: connection: "connection:close" header added despite 'close-spread-time'
|
|
- MINOR: fd: add functions to set O_NONBLOCK and FD_CLOEXEC
|
|
- CLEANUP: tree-wide: use fd_set_nonblock() and fd_set_cloexec()
|
|
- CLEANUP: tree-wide: remove 25 occurrences of unneeded fcntl.h
|
|
- REGTESTS: fix the race conditions in be2dec.vtc ad field.vtc
|
|
- REGTESTS: webstats: remove unused stats socket in /tmp
|
|
- MEDIUM: httpclient: disable SSL when the ca-file couldn't be loaded
|
|
- BUG/MINOR: httpclient/lua: error when the httpclient_start() fails
|
|
- BUG/MINOR: ssl: free the cafile entries on deinit
|
|
- BUG/MINOR: ssl: memory leak when trying to load a directory with ca-file
|
|
- MEDIUM: httpclient: re-enable the verify by default
|
|
- BUG/MEDIUM: ssl/cli: fix yielding in show_cafile_detail
|
|
- BUILD: compiler: properly distinguish weak and global symbols
|
|
- MINOR: connection: Add way to disable active connection closing during soft-stop
|
|
- BUG/MEDIUM: http-ana: Fix memleak in redirect rules with ignore-empty option
|
|
- CLEANUP: Destroy `http_err_chunks` members during deinit
|
|
- BUG/MINOR: resolvers: Fix memory leak in resolvers_deinit()
|
|
- MINOR: Call deinit_and_exit(0) for `haproxy -vv`
|
|
- BUILD: fd: disguise the fd_set_nonblock/cloexec result
|
|
- BUG/MINOR: pools: make sure to also destroy shared pools in pool_destroy_all()
|
|
- MINOR: ssl: add a new global option "tune.ssl.hard-maxrecord"
|
|
- CLEANUP: errors: also call deinit_errors_buffers() on deinit()
|
|
- CLEANUP: chunks: release trash also in deinit
|
|
- CLEANUP: deinit: release the pre-check callbacks
|
|
- CLEANUP: deinit: release the config postparsers
|
|
- CLEANUP: listeners/deinit: release accept queue tasklets on deinit
|
|
- CLEANUP: connections/deinit: destroy the idle_conns tasks
|
|
- BUG/MINOR: mux-quic: fix build in release mode
|
|
- MINOR: mux-quic: adjust comment on emission function
|
|
- MINOR: mux-quic: remove unused bogus qcc_get_stream()
|
|
- BUG/MINOR: mux-quic: fix leak if cs alloc failure
|
|
- MINOR: mux-quic: count local flow-control stream limit on reception
|
|
- BUG/MINOR: h3: fix incomplete POST requests
|
|
- BUG/MEDIUM: h3: fix use-after-free on mux Rx buffer wrapping
|
|
- MINOR: mux-quic: partially copy Rx frame if almost full buf
|
|
- MINOR: h3: change frame demuxing API
|
|
- MINOR: mux-quic: add a app-layer context in qcs
|
|
- MINOR: h3: implement h3 stream context
|
|
- MINOR: h3: support DATA demux if buffer full
|
|
- MINOR: quic: decode as much STREAM as possible
|
|
- MINOR: quic: Improve qc_prep_pkts() flexibility
|
|
- MINOR: quic: Prepare quic_frame struct duplication
|
|
- MINOR: quic: Do not retransmit frames from coalesced packets
|
|
- MINOR: quic: Add traces about TX frame memory releasing
|
|
- MINOR: quic: process_timer() rework
|
|
- MEDIUM: quic: New functions for probing rework
|
|
- MEDIUM: quic: Retransmission functions rework
|
|
- MEDIUM: quic: qc_requeue_nacked_pkt_tx_frms() rework
|
|
- MINOR: quic: old data distinction for qc_send_app_pkt()
|
|
- MINOR: quic: Mark packets as probing with old data
|
|
- MEDIUM: quic: Mark copies of acknowledged frames as acknowledged
|
|
- MEDIUM: quic: Enable the new datagram probing process
|
|
- MINOR: quic: Do not send ACK frames when probing
|
|
- BUG/MINOR: quic: Wrong returned status by qc_build_frms()
|
|
- BUG/MINOR: quic: Avoid sending useless PADDING frame
|
|
- BUG/MINOR: quic: Traces fix about remaining frames upon packet build failure
|
|
- MINOR: quic: Wake up the mux to probe with new data
|
|
- BUG/MEDIUM: quic: Possible crash on STREAM frame loss
|
|
- BUG/MINOR: quic: Missing Initial packet length check
|
|
- CLEANUP: quic: Rely on the packet length set by qc_lstnr_pkt_rcv()
|
|
- MINOR: quic: Drop 0-RTT packets if not allowed
|
|
- BUG/MINOR: httpclient/ssl: use the correct verify constant
|
|
- BUG/MEDIUM: conn-stream: Don't erase endpoint flags on reset
|
|
- BUG/MEDIUM: httpclient: Fix loop consuming HTX blocks from the response channel
|
|
- BUG/MINOR: httpclient: Count metadata in size to transfer via htx_xfer_blks()
|
|
- MINOR: httpclient: Don't use co_set_data() to decrement output
|
|
- BUG/MINOR: conn_stream: do not confirm a connection from the frontend path
|
|
- MEDIUM: quic: do not ACK packet with STREAM if MUX not present
|
|
- MEDIUM: quic: do not ack packet with invalid STREAM
|
|
- MINOR: quic: Drop 0-RTT packets without secrets
|
|
- CLEANUP: quic: Remaining fprintf() debug trace
|
|
- MINOR: quic: moving code for QUIC loss detection
|
|
- BUG/MINOR: quic: Missing time threshold multiplifier for loss delay computation
|
|
- CI: github actions: update LibreSSL to 3.5.2
|
|
- SCRIPTS: announce-release: add URL of dev packages
|
|
|
|
2022/04/23 : 2.6-dev7
|
|
- BUILD: calltrace: fix wrong include when building with TRACE=1
|
|
- MINOR: ssl: Use DH parameters defined in RFC7919 instead of hard coded ones
|
|
- MEDIUM: ssl: Disable DHE ciphers by default
|
|
- BUILD: ssl: Fix compilation with OpenSSL 1.0.2
|
|
- MINOR: mux-quic: split xfer and STREAM frames build
|
|
- REORG: quic: use a dedicated module for qc_stream_desc
|
|
- MINOR: quic-stream: use distinct tree nodes for quic stream and qcs
|
|
- MINOR: quic-stream: add qc field
|
|
- MEDIUM: quic: implement multi-buffered Tx streams
|
|
- MINOR: quic-stream: refactor ack management
|
|
- MINOR: quic: limit total stream buffers per connection
|
|
- MINOR: mux-quic: implement immediate send retry
|
|
- MINOR: cfg-quic: define tune.quic.conn-buf-limit
|
|
- MINOR: ssl: Add 'show ssl providers' cli command and providers list in -vv option
|
|
- REGTESTS: ssl: Update error messages that changed with OpenSSLv3.1.0-dev
|
|
- BUG/MEDIUM: quic: Possible crash with released mux
|
|
- BUG/MINOR: mux-quic: unsubscribe on release
|
|
- BUG/MINOR: mux-quic: handle null timeout
|
|
- BUG/MEDIUM: logs: fix http-client's log srv initialization
|
|
- BUG/MINOR: mux-quic: remove dead code in qcs_xfer_data()
|
|
- DEV: stream: Fix conn-streams dump in full stream message
|
|
- CLEANUP: conn-stream: Rename cs_conn_close() and cs_conn_drain_and_close()
|
|
- CLEANUP: conn-stream: Rename cs_applet_release()
|
|
- MINOR: conn-stream: Rely on endpoint shutdown flags to shutdown an applet
|
|
- BUG/MINOR: cache: Disable cache if applet creation fails
|
|
- BUG/MINOR: backend: Don't allow to change backend applet
|
|
- BUG/MEDIUM: conn-stream: Set back CS to RDY state when the appctx is created
|
|
- MINOR: stream: Don't needlessly detach server endpoint on early client abort
|
|
- MINOR: conn-stream: Make cs_detach_* private and use cs_destroy() from outside
|
|
- MINOR: init: add the pre-check callback
|
|
- MEDIUM: httpclient: change the init sequence
|
|
- MEDIUM: httpclient/ssl: verify required
|
|
- MINOR: httpclient/mworker: disable in the master process
|
|
- MEDIUM: httpclient/ssl: verify is configurable and disabled by default
|
|
- BUG/MAJOR: connection: Never remove connection from idle lists outside the lock
|
|
- BUG/MEDIUM: mux-quic: fix stalled POST requets
|
|
- BUG/MINOR: mux-quic: fix POST with abortonclose
|
|
- MINOR: task: add a new task_instant_wakeup() function
|
|
- MEDIUM: queue: use tasklet_instant_wakeup() to wake tasks
|
|
- DOC: remove my name from the config doc
|
|
|
|
2022/04/16 : 2.6-dev6
|
|
- CLEANUP: connection: reduce the with of the mux dump output
|
|
- CI: Update to actions/checkout@v3
|
|
- CI: Update to actions/cache@v3
|
|
- DOC: adjust QUIC instruction in INSTALL
|
|
- BUG/MINOR: stats: define the description' background color in dark color scheme
|
|
- BUILD: ssl: add USE_ENGINE and disable the openssl engine by default
|
|
- BUILD: makefile: pass USE_ENGINE to cflags
|
|
- BUILD: xprt-quic: replace ERR_func_error_string() with ERR_peek_error_func()
|
|
- DOC: install: document the fact that SSL engines are not enabled by default
|
|
- CI: github actions: disable -Wno-deprecated
|
|
- BUILD: makefile: silence unbearable OpenSSL deprecation warnings
|
|
- MINOR: sock: check configured limits at the sock layer, not the listener's
|
|
- MINOR: connection: add a new flag CO_FL_FDLESS on fd-less connections
|
|
- MINOR: connection: add conn_fd() to retrieve the FD only when it exists
|
|
- MINOR: stream: only dump connections' FDs when they are valid
|
|
- MINOR: connection: use conn_fd() when displaying connection errors
|
|
- MINOR: connection: skip FD-based syscalls for FD-less connections
|
|
- MEDIUM: connection: panic when calling FD-specific functions on FD-less conns
|
|
- MINOR: mux-quic: properly set the flags and name fields
|
|
- MINOR: connection: rearrange conn_get_src/dst to be a bit more extensible
|
|
- MINOR: protocol: add get_src() and get_dst() at the protocol level
|
|
- MINOR: quic-sock: provide a pair of get_src/get_dst functions
|
|
- MEDIUM: ssl: improve retrieval of ssl_sock_ctx and SSL detection
|
|
- MEDIUM: ssl: stop using conn->xprt_ctx to access the ssl_sock_ctx
|
|
- MEDIUM: xprt-quic: implement get_ssl_sock_ctx()
|
|
- MEDIUM: quic: move conn->qc into conn->handle
|
|
- BUILD: ssl: fix build warning with previous changes to ssl_sock_ctx
|
|
- BUILD: ssl: add an unchecked version of __conn_get_ssl_sock_ctx()
|
|
- MINOR: ssl: refine the error testing for fc_err and fc_err_str
|
|
- BUG/MINOR: sock: do not double-close the accepted socket on the error path
|
|
- CI: cirrus: switch to FreeBSD-13.0
|
|
- MINOR: log: add '~' to frontend when the transport layer provides SSL
|
|
- BUILD/DEBUG: lru: fix printf format in debug code
|
|
- BUILD: peers: adjust some printf format to silence cppcheck
|
|
- BUILD/DEBUG: hpack-tbl: fix format string in standalone debug code
|
|
- BUILD/DEBUG: hpack: use unsigned int in printf format in debug code
|
|
- BUILD: halog: fix some incorrect signs in printf formats for integers
|
|
- BUG/MINOR: h3: fix build with DEBUG_H3
|
|
- BUG/MINOR: mux-h2: do not send GOAWAY if SETTINGS were not sent
|
|
- BUG/MINOR: cache: do not display expired entries in "show cache"
|
|
- BUG/MINOR: mux-h1: Don't release unallocated CS on error path
|
|
- MINOR: applet: Make .init callback more generic
|
|
- MINOR: conn-stream: Add flags to set the type of the endpoint
|
|
- MEDIUM: applet: Set the appctx owner during allocation
|
|
- MAJOR: conn-stream: Invert conn-stream endpoint and its context
|
|
- REORG: Initialize the conn-stream by hand in cs_init()
|
|
- MEDIUM: conn-stream: Add an endpoint structure in the conn-stream
|
|
- MINOR: conn-stream: Move some CS flags to the endpoint
|
|
- MEDIUM: conn-stream: Be able to pass endpoint to create a conn-stream
|
|
- MEDIUM: conn-stream: Pre-allocate endpoint to create CS from muxes and applets
|
|
- REORG: applet: Uninline appctx_new function
|
|
- MAJOR: conn-stream: Share endpoint struct between the CS and the mux/applet
|
|
- MEDIUM: conn-stream: Move remaning flags from CS to endpoint
|
|
- MINOR: mux-pt: Rely on the endpoint instead of the conn-stream when possible
|
|
- MINOR: conn-stream: Add ISBACK conn-stream flag
|
|
- MINOR: conn-stream: Add header file with util functions related to conn-streams
|
|
- MEDIUM: tree-wide: Use CS util functions instead of SI ones
|
|
- MINOR: stream-int/txn: Move buffer for L7 retries in the HTTP transaction
|
|
- CLEANUP: http-ana: Remove http_alloc_txn() function
|
|
- MINOR: stream-int/stream: Move conn_retries counter in the stream
|
|
- MINOR: stream: Simplify retries counter calculation
|
|
- MEDIUM: stream-int/conn-stream: Move src/dst addresses in the conn-stream
|
|
- MINOR: stream-int/conn-stream: Move half-close timeout in the conn-stream
|
|
- MEDIUM: stream-int/stream: Use connect expiration instead of SI expiration
|
|
- MINOR: stream-int/conn-stream: Report error to the CS instead of the SI
|
|
- MEDIUM: conn-stream: Use endpoint error instead of conn-stream error
|
|
- MINOR: channel: Use conn-streams as channel producer and consumer
|
|
- MINOR: stream-int: Remove SI_FL_KILL_CON to rely on conn-stream endpoint only
|
|
- MINOR: mux-h2/mux-fcgi: Fully rely on CS_EP_KILL_CONN
|
|
- MINOR: stream-int: Remove SI_FL_NOLINGER/NOHALF to rely on CS flags instead
|
|
- MINOR: stream-int: Remove SI_FL_DONT_WAKE to rely on CS flags instead
|
|
- MINOR: stream-int: Remove SI_FL_INDEP_STR to rely on CS flags instead
|
|
- MINOR: stream-int: Remove SI_FL_SRC_ADDR to rely on stream flags instead
|
|
- CLEANUP: stream-int: Remove unused SI_FL_CLEAN_ABRT flag
|
|
- MINOR: stream: Only save previous connection state for the server side
|
|
- MEDIUM: stream-int: Move SI err_type in the stream
|
|
- MEDIUM: stream-int/conn-stream: Move stream-interface state in the conn-stream
|
|
- MINOR: stream-int/stream: Move si_retnclose() in the stream scope
|
|
- MINOR: stream-int/backend: Move si_connect() in the backend scope
|
|
- MINOR: stream-int/conn-stream: Move si_conn_ready() in the conn-stream scope
|
|
- MINOR: conn-stream/connection: Move SHR/SHW modes in the connection scope
|
|
- MEDIUM: conn-stream: Be prepared to fail to attach a cs to a mux
|
|
- MEDIUM: stream-int/conn-stream: Handle I/O subscriptions in the conn-stream
|
|
- MINOR: conn-stream: Rename CS functions dedicated to connections
|
|
- MINOR: stream-int/conn-stream: Move si_shut* and si_chk* in conn-stream scope
|
|
- MEDIUM: stream-int/conn-stream: Move si_ops in the conn-stream scope
|
|
- MINOR: applet: Use the CS to register and release applets instead of SI
|
|
- MINOR: connection: unconst mux's get_fist_cs() callback function
|
|
- MINOR: stream-int/connection: Move conn_si_send_proxy() in the connection scope
|
|
- REORG: stream-int: Export si_cs_recv(), si_cs_send() and si_cs_process()
|
|
- REORG: stream-int: Move si_is_conn_error() in the header file
|
|
- REORG: conn-stream: Move cs_shut* and cs_chk* in cs_utils
|
|
- REORG: conn-stream: Move cs_app_ops in conn_stream.c
|
|
- MINOR: stream-int-conn-stream: Move si_update_* in conn-stream scope
|
|
- MINOR: stream-int/stream: Move si_update_both in stream scope
|
|
- MEDIUM: conn-stream/applet: Add a data callback for applets
|
|
- MINOR: stream-int/conn-stream: Move stream_int_read0() in the conn-stream scope
|
|
- MINOR: stream-int/conn-stream: Move stream_int_notify() in the conn-stream scope
|
|
- MINOR: stream-int/conn-stream: Move si_cs_io_cb() in the conn-stream scope
|
|
- MINOR: stream-int/conn-stream: Move si_sync_recv/send() in conn-stream scope
|
|
- MINOR: conn-stream: Move si_conn_cb in the conn-stream scope
|
|
- MINOR: stream-int/conn-stream Move si_is_conn_error() in the conn-stream scope
|
|
- MINOR: stream-int/conn-stream: Move si_alloc_ibuf() in the conn-stream scope
|
|
- CLEANUP: stream-int: Remove unused SI functions
|
|
- MEDIUM: stream-int/conn-stream: Move blocking flags from SI to CS
|
|
- MEDIUM: stream-int/conn-stream: Move I/O functions to conn-stream
|
|
- REORG: stream-int/conn-stream: Move remaining functions to conn-stream
|
|
- MINOR: stream: Use conn-stream to report server error
|
|
- MINOR: http-ana: Use CS to perform L7 retries
|
|
- MEDIUM: stream: Don't use the stream-int anymore in process_stream()
|
|
- MINOR: conn-stream: Remove the stream-interface from the conn-stream
|
|
- DEV: flags: No longer dump SI flags
|
|
- CLEANUP: tree-wide: Remove any ref to stream-interfaces
|
|
- CLEANUP: conn-stream: Don't export internal functions
|
|
- DOC: conn-stream: Add comments on functions of the new CS api
|
|
- MEDIUM: check: Use a new conn-stream for each health-check run
|
|
- CLEANUP: muxes: Remove MX_FL_CLEAN_ABRT flag
|
|
- MINOR: conn-stream: Use a dedicated function to conditionally remove a CS
|
|
- CLEANUP: conn-stream: rename cs_register_applet() to cs_applet_create()
|
|
- MINOR: muxes: Improve show_fd callbacks to dump endpoint flags
|
|
- MINOR: mux-h1: Rely on the endpoint instead of the conn-stream when possible
|
|
- BUG/MINOR: quic: Avoid starting the mux if no ALPN sent by the client
|
|
- BUILD: debug: mark the __start_mem_stats/__stop_mem_stats symbols as weak
|
|
- BUILD: initcall: mark the __start_i_* symbols as weak, not global
|
|
- BUG/MINOR: mux-h2: do not use timeout http-keep-alive on backend side
|
|
- BUG/MINOR: mux-h2: use timeout http-request as a fallback for http-keep-alive
|
|
- MINOR: muxes: Don't expect to have a mux without connection in destroy callback
|
|
- MINOR: muxes: Don't handle proto upgrade for muxes not supporting it
|
|
- MINOR: muxes: Don't expect to call release function with no mux defined
|
|
- MINOR: conn-stream: Use unsafe functions to get conn/appctx in cs_detach_endp
|
|
- BUG/MEDIUM: mux-h1: Don't request more room on partial trailers
|
|
- BUILD: http-client: Avoid dead code when compiled without SSL support
|
|
- BUG/MINOR: mux-quic: prevent a crash in session_free on mux.destroy
|
|
- BUG/MINOR: quic-sock: do not double free session on conn init failure
|
|
- BUG/MINOR: quic: fix return value for error in start
|
|
- MINOR: quic: emit CONNECTION_CLOSE on app init error
|
|
- BUILD: sched: workaround crazy and dangerous warning in Clang 14
|
|
- BUILD: compiler: use a more portable set of asm(".weak") statements
|
|
- BUG/MEDIUM: stream: do not abort connection setup too early
|
|
- CLEANUP: extcheck: do not needlessly preset the server's address/port
|
|
- MINOR: extcheck: fill in the server's UNIX socket address when known
|
|
- BUG/MEDIUM: connection: Don't crush context pointer location if it is a CS
|
|
- BUG/MEDIUM: quic: properly clean frames on stream free
|
|
- BUG/MEDIUM: fcgi-app: Use http_msg flags to know if C-L header can be added
|
|
- BUG/MEDIUM: compression: Don't forget to update htx_sl and http_msg flags
|
|
- MINOR: tcp_sample: clarifying samples support per os, for further expansion.
|
|
- MINOR: tcp_sample: extend support for get_tcp_info to macOs.
|
|
- SCRIPTS: announce-release: update the doc's URL
|
|
- DOC: lua: update a few doc URLs
|
|
- SCRIPTS: announce-release: add shortened links to pending issues
|
|
|
|
2022/04/09 : 2.6-dev5
|
|
- DOC: reflect H2 timeout changes
|
|
- BUG/MEDIUM: mux-fcgi: Properly handle return value of headers/trailers parsing
|
|
- BUG/MEDIUM: mux-h1: Properly detect full buffer cases during message parsing
|
|
- BUG/MINOR: log: Initialize the list element when allocating a new log server
|
|
- BUG/MINOR: samples: add missing context names for sample fetch functions
|
|
- MINOR: management: add some basic keyword dump infrastructure
|
|
- MINOR: config: add a function to dump all known config keywords
|
|
- MINOR: filters: extend flt_dump_kws() to dump to stdout
|
|
- MINOR: services: extend list_services() to dump to stdout
|
|
- MINOR: cli: add a new keyword dump function
|
|
- MINOR: acl: add a function to dump the list of known ACL keywords
|
|
- MINOR: samples: add a function to list register sample fetch keywords
|
|
- MINOR: sample: list registered sample converter functions
|
|
- MINOR: tools: add strordered() to check whether strings are ordered
|
|
- MINOR: action: add a function to dump the list of actions for a ruleset
|
|
- MINOR: config: alphanumerically sort config keywords output
|
|
- MINOR: sample: alphanumerically sort sample & conv keyword dumps
|
|
- MINOR: acl: alphanumerically sort the ACL dump
|
|
- MINOR: cli: alphanumerically sort the dump of supported commands
|
|
- MINOR: filters: alphabetically sort the list of filter names
|
|
- MINOR: services: alphabetically sort service names
|
|
- MEDIUM: httpclient/lua: be stricter with httpclient parameters
|
|
- MINOR: ssl: split the cert commit io handler
|
|
- MINOR: ssl: move the cert_exts and the CERT_TYPE enum
|
|
- MINOR: ssl: simplify the certificate extensions array
|
|
- MINOR: ssl: export ckch_inst_rebuild()
|
|
- MINOR: ssl: add "crt" in the cert_exts array
|
|
- MINOR: ssl/lua: CertCache.set() allows to update an SSL certificate file
|
|
- BUILD: ssl/lua: CacheCert needs OpenSSL
|
|
- DOC: lua: CertCache class documentation
|
|
- BUG/MEDIUM: quic: do not use qcs from quic_stream on ACK parsing
|
|
- MINOR: mux-quic: return qcs instance from qcc_get_qcs
|
|
- MINOR: mux-quic: reorganize qcs free
|
|
- MINOR: mux-quic: define release app-ops
|
|
- BUG/MINOR: h3: release resources on close
|
|
- BUG/MINOR: mux-quic: ensure to free all qcs on MUX release
|
|
- CLEANUP: quic: complete comment on qcs_try_to_consume
|
|
- MINOR: quic: implement stream descriptor for transport layer
|
|
- MEDIUM: quic: move transport fields from qcs to qc_conn_stream
|
|
- MEDIUM: mux-quic: remove qcs tree node
|
|
- BUG/MINOR: cli/stream: fix "shutdown session" to iterate over all threads
|
|
- DOC: management: add missing dot in 9.4.1
|
|
- BUG/MAJOR: mux_pt: always report the connection error to the conn_stream
|
|
- DOC: remove double blanks in configuration.txt
|
|
- CI: github actions: update OpenSSL to 3.0.2
|
|
- BUG/MEDIUM: quic: Possible crash in ha_quic_set_encryption_secrets()
|
|
- CLEANUP: quic: Remove all atomic operations on quic_conn struct
|
|
- CLEANUP: quic: Remove all atomic operations on packet number spaces
|
|
- MEDIUM: quic: Send ACK frames asap
|
|
- BUG/MINOR: quic: Missing probing packets when coalescing
|
|
- BUG/MINOR: quic: Discard Initial packet number space only one time
|
|
- MINOR: quic: Do not display any timer value from process_timer()
|
|
- BUG/MINOR: quic: Do not probe from an already probing packet number space
|
|
- BUG/MINOR: quic: Non duplicated frames upon fast retransmission
|
|
- BUG/MINOR: quic: Too much prepared retransmissions due to anti-amplification
|
|
- MINOR: quic: Useless call to SSL_CTX_set_default_verify_paths()
|
|
- MINOR: quic: Add traces about list of frames
|
|
- BUG/MINOR: h3: Missing wait event struct field initialization
|
|
- BUG/MINOR: quic: QUIC TLS secrets memory leak
|
|
- BUG/MINOR: quic: Missing ACK range deallocations
|
|
- BUG/MINOR: quic: Missing TX packet deallocations
|
|
- CLEANUP: hpack: be careful about integer promotion from uint8_t
|
|
- OPTIM: hpack: read 32 bits at once when possible.
|
|
- MEDIUM: ssl: allow loading of a directory with the ca-file directive
|
|
- BUG/MINOR: ssl: continue upon error when opening a directory w/ ca-file
|
|
- MINOR: ssl: ca-file @system-ca loads the system trusted CA
|
|
- DOC: configuration: add the ca-file changes
|
|
- MINOR: sample: converter: Add add_item convertor
|
|
- BUG/MINOR: ssl: handle X509_get_default_cert_dir() returning NULL
|
|
- BUG/MINOR: ssl/cli: Remove empty lines from CLI output
|
|
- MINOR: httpclient: enable request buffering
|
|
- MEDIUM: httpclient: enable l7-retry
|
|
- BUG/MINOR: httpclient: end callback in applet release
|
|
- MINOR: quic: Add draining connection state.
|
|
- MINOR: quic: Add closing connection state
|
|
- BUG/MEDIUM: quic: ensure quic-conn survives to the MUX
|
|
- CLEANUP: quic: use static qualifer on quic_close
|
|
- CLEANUP: mux-quic: remove unused QC_CF_CC_RECV
|
|
- BUG/MINOR: fix memleak on quic-conn streams cleaning
|
|
- MINOR: mux-quic: factorize conn-stream attach
|
|
- MINOR: mux-quic: adjust timeout to accelerate closing
|
|
- MINOR: mux-quic: define is_active app-ops
|
|
- MINOR: mux-quic: centralize send operations in qc_send
|
|
- MEDIUM: mux-quic: report CO_FL_ERROR on send
|
|
- MEDIUM: mux-quic: report errors on conn-streams
|
|
- MEDIUM: quic: report closing state for the MUX
|
|
- BUG/MINOR: fcgi-app: Don't add C-L header on response to HEAD requests
|
|
- BUG/MEDIUM: stats: Be sure to never set EOM flag on an empty HTX message
|
|
- BUG/MEDIUM: hlua: Don't set EOM flag on an empty HTX message in HTTP applet
|
|
- BUG/MEDIUM: promex: Be sure to never set EOM flag on an empty HTX message
|
|
- BUG/MEDIUM: mux-h1: Set outgoing message to DONE when payload length is reached
|
|
- BUG/MINOR: http_client: Don't add input data on an empty request buffer
|
|
- BUG/MEDIUM: http-conv: Fix url_enc() to not crush const samples
|
|
- BUG/MEDIUM: http-act: Don't replace URI if path is not found or invalid
|
|
- CLEANUP: mux-quic: remove uneeded TODO in qc_detach
|
|
- BUG/MEDIUM: mux-quic: properly release conn-stream on detach
|
|
- BUG/MINOR: quic: set the source not the destination address on accept()
|
|
- BUG/MEDIUM: quic: Possible crash from quic_free_arngs()
|
|
- MINOR: quic_tls: Add reusable cipher contexts to QUIC TLS contexts
|
|
- MINOR: quic_tls: Stop hardcoding cipher IV lengths
|
|
- CLEANUP: quic: Do not set any cipher/group from ssl_quic_initial_ctx()
|
|
- MINOR: quic: Add short packet key phase bit values to traces
|
|
- MINOR: quic_tls: Make key update use of reusable cipher contexts
|
|
- BUG/MINOR: opentracing: setting the return value in function flt_ot_var_set()
|
|
- BUG/BUILD: opentracing: fixed OT_DEFINE variable setting
|
|
- EXAMPLES: opentracing: refined shell scripts for testing filter performance
|
|
- DOC: opentracing: corrected comments in function descriptions
|
|
- CLEANUP: opentracing: removed unused function flt_ot_var_unset()
|
|
- CLEANUP: opentracing: removed unused function flt_ot_var_get()
|
|
- Revert "MINOR: opentracing: change the scope of the variable 'ot.uuid' from 'sess' to 'txn'"
|
|
- MINOR: opentracing: only takes the variables lock on shared entries
|
|
- CLEANUP: opentracing: added flt_ot_smp_init() function
|
|
- CLEANUP: opentracing: added variable to store variable length
|
|
- MINOR: opentracing: improved normalization of context variable names
|
|
- DEBUG: opentracing: show return values of all functions in the debug output
|
|
- CLEANUP: opentracing: added FLT_OT_PARSE_INVALID_enum enum
|
|
- DEBUG: opentracing: display the contents of the err variable after setting
|
|
- MAJOR: opentracing: reenable usage of vars to transmit opentracing context
|
|
- Revert "BUILD: opentracing: display warning in case of using OT_USE_VARS at compile time"
|
|
- MEDIUM: global: Add a "close-spread-time" option to spread soft-stop on time window
|
|
|
|
2022/03/26 : 2.6-dev4
|
|
- BUG/MEDIUM: httpclient: don't consume data before it was analyzed
|
|
- CLEANUP: htx: remove unused co_htx_remove_blk()
|
|
- BUG/MINOR: httpclient: consume partly the blocks when necessary
|
|
- BUG/MINOR: httpclient: remove the UNUSED block when parsing headers
|
|
- BUG/MEDIUM: httpclient: must manipulate head, not first
|
|
- REGTESTS: fix the race conditions in be2hex.vtc
|
|
- BUG/MEDIUM: quic: Blocked STREAM when retransmitted
|
|
- BUG/MAJOR: quic: Possible crash with full congestion control window
|
|
- BUG/MINOR: httpclient/lua: stuck when closing without data
|
|
- BUG/MEDIUM: applet: Don't call .release callback function twice
|
|
- BUG/MEDIUM: cli/debug: Properly get the stream-int in all debug I/O handlers
|
|
- BUG/MEDIUM: sink: Properly get the stream-int in appctx callback functions
|
|
- DEV: udp: switch parser to getopt() instead of positional arguments
|
|
- DEV: udp: add support for random packet corruption
|
|
- MINOR: server: export server_parse_sni_expr() function
|
|
- BUG/MINOR: httpclient: send the SNI using the host header
|
|
- BUILD: httpclient: fix build without SSL
|
|
- BUG/MINOR: server/ssl: free the SNI sample expression
|
|
- BUG/MINOR: logs: fix logsrv leaks on clean exit
|
|
- MINOR: actions: add new function free_act_rule() to free a single rule
|
|
- BUG/MINOR: tcp-rules: completely free incorrect TCP rules on error
|
|
- BUG/MINOR: http-rules: completely free incorrect TCP rules on error
|
|
- BUG/MINOR: httpclient: only check co_data() instead of HTTP_MSG_DATA
|
|
- BUG/MINOR: httpclient: process the response when received before the end of the request
|
|
- BUG/MINOR: httpclient: CF_SHUTW_NOW should be tested with channel_is_empty()
|
|
- CI: github actions: switch to LibreSSL-3.5.1
|
|
- BUG/MEDIUM: mux-h1: only turn CO_FL_ERROR to CS_FL_ERROR with empty ibuf
|
|
- BUG/MEDIUM: stream-int: do not rely on the connection error once established
|
|
- BUG/MEDIUM: trace: avoid race condition when retrieving session from conn->owner
|
|
- MEDIUM: mux-h2: slightly relax timeout management rules
|
|
- BUG/MEDIUM: mux-h2: make use of http-request and keep-alive timeouts
|
|
- BUG/MINOR: rules: Initialize the list element when allocating a new rule
|
|
- BUG/MINOR: http-rules: Don't free new rule on allocation failure
|
|
- DEV: coccinelle: Fix incorrect replacement in ist.cocci
|
|
- CLEANUP: Reapply ist.cocci with `--include-headers-for-types --recursive-includes`
|
|
- DEV: coccinelle: Add a new pattern to ist.cocci
|
|
- CLEANUP: Reapply ist.cocci
|
|
- REGTESTS: Do not use REQUIRE_VERSION for HAProxy 2.5+
|
|
- MINOR: quic: Code factorization (TX buffer reuse)
|
|
- CLEANUP: quic: "largest_acked_pn" pktns struc member moving
|
|
- MEDIUM: quic: Limit the number of ACK ranges
|
|
- MEDIUM: quic: Rework of the TX packets memory handling
|
|
- BUG/MINOR: quic: Possible crash in parse_retry_token()
|
|
- BUG/MINOR: quic: Possible leak in quic_build_post_handshake_frames()
|
|
- BUG/MINOR: quic: Unsent frame because of qc_build_frms()
|
|
- BUG/MINOR: mux-quic: Access to empty frame list from qc_send_frames()
|
|
- BUG/MINOR: mux-quic: Missing I/O handler events initialization
|
|
- BUG/MINOR: quic: Missing TX packet initializations
|
|
- BUG/MINOR: quic: 1RTT packets ignored after mux was released
|
|
- BUG/MINOR: quic: Incorrect peer address validation
|
|
- BUG/MINOR: quic: Non initialized variable in quic_build_post_handshake_frames()
|
|
- BUG/MINOR: quic: Wrong TX packet related counters handling
|
|
- MEDIUM: mqtt: support mqtt_is_valid and mqtt_field_value converters for MQTTv3.1
|
|
- DOC: config: Explictly add supported MQTT versions
|
|
- MINOR: quic: Add traces about stream TX buffer consumption
|
|
- MINOR: quic: Add traces in qc_set_timer() (scheduling)
|
|
- CLEANUP: mux-quic: change comment style to not mess with git conflict
|
|
- CLEANUP: mux-quic: adjust comment for coding-style
|
|
- MINOR: mux-quic: complete trace when stream is not found
|
|
- MINOR: mux-quic: add comments for send functions
|
|
- MINOR: mux-quic: use shorter name for flow-control fields
|
|
- MEDIUM: mux-quic: respect peer bidirectional stream data limit
|
|
- MEDIUM: mux-quic: respect peer connection data limit
|
|
- MINOR: mux-quic: support MAX_STREAM_DATA frame parsing
|
|
- MINOR: mux-quic: support MAX_DATA frame parsing
|
|
- BUILD: stream-int: avoid a build warning when DEBUG is empty
|
|
- BUG/MINOR: quic: Wrong buffer length passed to generate_retry_token()
|
|
- BUG/MINOR: tools: fix url2sa return value with IPv4
|
|
- MINOR: mux-quic: convert fin on push-frame as boolean
|
|
- BUILD: quic: add missing includes
|
|
- REORG: quic: use a dedicated quic_loss.c
|
|
- MINOR: mux-quic: declare the qmux trace module
|
|
- MINOR: mux-quic: replace printfs by traces
|
|
- MINOR: mux-quic: add trace event for frame sending
|
|
- MINOR: mux-quic: add trace event for qcs_push_frame
|
|
- MINOR: mux-quic: activate qmux traces on stdout via macro
|
|
- BUILD: qpack: fix unused value when not using DEBUG_HPACK
|
|
- CLEANUP: qpack: suppress by default stdout traces
|
|
- CLEANUP: h3: suppress by default stdout traces
|
|
- BUG/MINOR: tools: url2sa reads too far when no port nor path
|
|
|
|
2022/03/11 : 2.6-dev3
|
|
- DEBUG: rename WARN_ON_ONCE() to CHECK_IF()
|
|
- DEBUG: improve BUG_ON output message accuracy
|
|
- DEBUG: implement 4 levels of choices between warn and crash.
|
|
- DEBUG: add two new macros to enable debugging in hot paths
|
|
- DEBUG: buf: replace some sensitive BUG_ON() with BUG_ON_HOT()
|
|
- DEBUG: buf: add BUG_ON_HOT() to most buffer management functions
|
|
- MINOR: channel: don't use co_set_data() to decrement output
|
|
- DEBUG: channel: add consistency checks using BUG_ON_HOT() in some key functions
|
|
- MINOR: conn-stream: Improve API to have safe/unsafe accessors
|
|
- MEDIUM: tree-wide: Use unsafe conn-stream API when it is relevant
|
|
- CLEANUP: stream-int: Make si_cs_send() function static
|
|
- REORG: stream-int: Uninline si_sync_recv() and make si_cs_recv() private
|
|
- BUG/MEDIUM: mux-fcgi: Don't rely on SI src/dst addresses for FCGI health-checks
|
|
- BUG/MEDIUM: htx: Fix a possible null derefs in htx_xfer_blks()
|
|
- REGTESTS: fix the race conditions in normalize_uri.vtc
|
|
- DEBUG: stream-int: Fix BUG_ON used to test appctx in si_applet_ops callbacks
|
|
- BUILD: debug: fix build warning on older compilers around DEBUG_STRICT_ACTION
|
|
- CLEANUP: connection: Indicate unreachability to the compiler in conn_recv_proxy
|
|
- MINOR: connection: Transform safety check in PROXYv2 parsing into BUG_ON()
|
|
- DOC: install: it's DEBUG_CFLAGS, not DEBUG, which is set to -g
|
|
- DOC: install: describe the DEP variable
|
|
- DOC: install: describe how to choose options used in the DEBUG variable
|
|
- MINOR: queue: Replace if() + abort() with BUG_ON()
|
|
- CLEANUP: adjust indentation in bidir STREAM handling function
|
|
- MINOR: quic: simplify copy of STREAM frames to RX buffer
|
|
- MINOR: quic: handle partially received buffered stream frame
|
|
- MINOR: mux-quic: define flag for last received frame
|
|
- BUG/MINOR: quic: support FIN on Rx-buffered STREAM frames
|
|
- MEDIUM: quic: rearchitecture Rx path for bidirectional STREAM frames
|
|
- REGTESTS: fix the race conditions in secure_memcmp.vtc
|
|
- CLEANUP: stream: Remove useless tests on conn-stream in stream_dump()
|
|
- BUILD: ssl: another build warning on LIBRESSL_VERSION_NUMBER
|
|
- MINOR: quic: Ensure PTO timer is not set in the past
|
|
- MINOR: quic: Post handshake I/O callback switching
|
|
- MINOR: quic: Drop the packets of discarded packet number spaces
|
|
- CLEANUP: quic: Useless tests in qc_try_rm_hp()
|
|
- CLEANUP: quic: Indentation fix in qc_prep_pkts()
|
|
- MINOR: quic: Assemble QUIC TLS flags at the same level
|
|
- BUILD: conn_stream: avoid null-deref warnings on gcc 6
|
|
- BUILD: connection: do not declare register_mux_proto() inline
|
|
- BUILD: http_rules: do not declare http_*_keywords_registre() inline
|
|
- BUILD: trace: do not declare trace_registre_source() inline
|
|
- BUILD: tcpcheck: do not declare tcp_check_keywords_register() inline
|
|
- DEBUG: reduce the footprint of BUG_ON() calls
|
|
- BUG/MEDIUM: httpclient/lua: infinite appctx loop with POST
|
|
- BUG/MINOR: pool: always align pool_heads to 64 bytes
|
|
- DEV: udp: add a tiny UDP proxy for testing
|
|
- DEV: udp: implement pseudo-random reordering/loss
|
|
- DEV: udp: add an optional argument to set the prng seed
|
|
- BUG/MINOR: quic: fix segfault on CC if mux uninitialized
|
|
- BUG/MEDIUM: pools: fix ha_free() on area in the process of being freed
|
|
- CLEANUP: tree-wide: remove a few rare non-ASCII chars
|
|
- CI: coverity: simplify debugging options
|
|
- CLEANUP: quic: complete ABORT_NOW with a TODO comment
|
|
- MINOR: quic: qc_prep_app_pkts() implementation
|
|
- MINOR: quic: Send short packet from a frame list
|
|
- MINOR: quic: Make qc_build_frms() build ack-eliciting frames from a list
|
|
- MINOR: quic: Export qc_send_app_pkts()
|
|
- MINOR: mux-quic: refactor transport parameters init
|
|
- MINOR: mux-quic: complete functions to detect stream type
|
|
- MINOR: mux-quic: define new unions for flow-control fields
|
|
- MEDIUM: mux-quic: use direct send transport API for STREAMs
|
|
- MINOR: mux-quic: retry send opportunistically for remaining frames
|
|
- MEDIUM: mux-quic: implement MAX_STREAMS emission for bidir streams
|
|
- BUILD: fix kFreeBSD build.
|
|
- MINOR: quic: Retry on qc_build_pkt() failures
|
|
- BUG/MINOR: quic: Missing recovery start timer reset
|
|
- CLEANUP: quic: Remove QUIC path manipulations out of the congestion controller
|
|
- MINOR: quic: Add a "slow start" callback to congestion controller
|
|
- MINOR: quic: Persistent congestion detection outside of controllers
|
|
- CLEANUP: quic: Remove useless definitions from quic_cc_event struct
|
|
- BUG/MINOR: quic: Confusion betwen "in_flight" and "prep_in_flight" in quic_path_prep_data()
|
|
- MINOR: quic: More precise window update calculation
|
|
- CLEANUP: quic: Remove window redundant variable from NewReno algorithm state struct
|
|
- MINOR: quic: Add quic_max_int_by_size() function
|
|
- BUG/MAJOR: quic: Wrong quic_max_available_room() returned value
|
|
- MINOR: pools: add a new global option "no-memory-trimming"
|
|
- BUG/MINOR: add missing modes in proxy_mode_str()
|
|
- BUG/MINOR: cli: shows correct mode in "show sess"
|
|
- BUG/MEDIUM: quic: do not drop packet on duplicate stream/decoding error
|
|
- MINOR: stats: Add dark mode support for socket rows
|
|
- BUILD: fix recent build breakage of freebsd caused by kFreeBSD build fix
|
|
- BUG/MINOR: httpclient: Set conn-stream/channel EOI flags at the end of request
|
|
- BUG/MINOR: hlua: Set conn-stream/channel EOI flags at the end of request
|
|
- BUG/MINOR: stats: Set conn-stream/channel EOI flags at the end of request
|
|
- BUG/MINOR: cache: Set conn-stream/channel EOI flags at the end of request
|
|
- BUG/MINOR: promex: Set conn-stream/channel EOI flags at the end of request
|
|
- BUG/MEDIUM: stream: Use the front analyzers for new listener-less streams
|
|
- DEBUG: cache: Update underlying buffer when loading HTX message in cache applet
|
|
- BUG/MEDIUM: mcli: Properly handle errors and timeouts during reponse processing
|
|
- DEBUG: stream: Add the missing descriptions for stream trace events
|
|
- DEBUG: stream: Fix stream trace message to print response buffer state
|
|
- MINOR: proxy: Store monitor_uri as a `struct ist`
|
|
- MINOR: proxy: Store fwdfor_hdr_name as a `struct ist`
|
|
- MINOR: proxy: Store orgto_hdr_name as a `struct ist`
|
|
- MEDIUM: proxy: Store server_id_hdr_name as a `struct ist`
|
|
- CLEANUP: fcgi: Replace memcpy() on ist by istcat()
|
|
- CLEANUP: fcgi: Use `istadv()` in `fcgi_strm_send_params`
|
|
- BUG/MAJOR: mux-pt: Always destroy the backend connection on detach
|
|
- DOC: sample fetch methods: move distcc_* to the right locations
|
|
- MINOR: rules: record the last http/tcp rule that gave a final verdict
|
|
- MINOR: stream: add "last_rule_file" and "last_rule_line" samples
|
|
- BUG/MINOR: session: fix theoretical risk of memleak in session_accept_fd()
|
|
- MINOR: quic: Add max_idle_timeout advertisement handling
|
|
- MEDIUM: quic: Remove the QUIC connection reference counter
|
|
- BUG/MINOR: quic: ACK_REQUIRED and ACK_RECEIVED flag collision
|
|
- BUG/MINOR: quic: Missing check when setting the anti-amplification limit as reached
|
|
- MINOR: quic: Add a function to compute the current PTO
|
|
- MEDIUM: quic: Implement the idle timeout feature
|
|
- BUG/MEDIUM: quic: qc_prep_app_pkts() retries on qc_build_pkt() failures
|
|
- CLEANUP: quic: Comments fix for qc_prep_(app)pkts() functions
|
|
- MINOR: mux-quic: prevent push frame for unidir streams
|
|
- MINOR: mux-quic: improve opportunistic retry sending for STREAM frames
|
|
- MINOR: quic: implement sending confirmation
|
|
- MEDIUM: mux-quic: improve bidir STREAM frames sending
|
|
- MEDIUM: check: do not auto configure SSL/PROXY for dynamic servers
|
|
- REGTESTS: server: test SSL/PROXY with checks for dynamic servers
|
|
- MEDIUM: server: remove experimental-mode for dynamic servers
|
|
- BUG/MINOR: buffer: fix debugging condition in b_peek_varint()
|
|
|
|
2022/02/25 : 2.6-dev2
|
|
- DOC: management: rework the Master CLI section
|
|
- DOC: management: add expert and experimental mode in 9.4.1
|
|
- CLEANUP: cleanup a commentary in pcli_parse_request()
|
|
- BUG/MINOR: mworker/cli: don't display help on master applet
|
|
- MINOR: mworker/cli: mcli-debug-mode enables every command
|
|
- MINOR: mworker/cli: add flags in the prompt
|
|
- BUG/MINOR: httpclient: Revisit HC request and response buffers allocation
|
|
- BUG/MEDIUM: httpclient: Xfer the request when the stream is created
|
|
- MINOR: httpclient: Don't limit data transfer to 1024 bytes
|
|
- BUILD: ssl: adjust guard for X509_get_X509_PUBKEY(x)
|
|
- REGTESTS: ssl: skip show_ssl_ocspresponse.vtc when BoringSSL is used
|
|
- MINOR: quic: Do not modify a marked as consumed datagram
|
|
- MINOR: quic: Wrong datagram buffer passed to quic_lstnr_dgram_dispatch()
|
|
- MINOR: quic: Remove a useless test in quic_get_dgram_dcid()
|
|
- BUG/MINOR: ssl: Remove empty lines from "show ssl ocsp-response <id>" output
|
|
- CLEANUP: ssl: Remove unused ssl_sock_create_cert function
|
|
- MINOR: ssl: Use high level OpenSSL APIs in sha2 converter
|
|
- MINOR: ssl: Remove EC_KEY related calls when preparing SSL context
|
|
- REGTESTS: ssl: Add test for "curves" and "ecdhe" SSL options
|
|
- MINOR: ssl: Remove EC_KEY related calls when creating a certificate
|
|
- REGTESTS: ssl: Add test for "generate-certificates" SSL option
|
|
- MINOR: ssl: Remove call to SSL_CTX_set_tlsext_ticket_key_cb with OpenSSLv3
|
|
- MINOR: ssl: Remove call to HMAC_Init_ex with OpenSSLv3
|
|
- MINOR: h3: hardcode the stream id of control stream
|
|
- MINOR: mux-quic: remove quic_transport_params_update
|
|
- MINOR: quic: rename local tid variable
|
|
- MINOR: quic: remove unused xprt rcv_buf operation
|
|
- MINOR: quic: take out xprt snd_buf operation
|
|
- CI: enable QUIC for Coverity scan
|
|
- BUG/MINOR: mworker: does not erase the pidfile upon reload
|
|
- MINOR: ssl: Remove call to ERR_func_error_string with OpenSSLv3
|
|
- MINOR: ssl: Remove call to ERR_load_SSL_strings with OpenSSLv3
|
|
- REGTESTS: ssl: Add tests for DH related options
|
|
- MINOR: ssl: Create HASSL_DH wrapper structure
|
|
- MINOR: ssl: Add ssl_sock_get_dh_from_bio helper function
|
|
- MINOR: ssl: Factorize ssl_get_tmp_dh and append a cbk to its name
|
|
- MINOR: ssl: Add ssl_sock_set_tmp_dh helper function
|
|
- MINOR: ssl: Add ssl_sock_set_tmp_dh_from_pkey helper function
|
|
- MINOR: ssl: Add ssl_new_dh_fromdata helper function
|
|
- MINOR: ssl: Build local DH of right size when needed
|
|
- MINOR: ssl: Set default dh size to 2048
|
|
- MEDIUM: ssl: Replace all DH objects by EVP_PKEY on OpenSSLv3 (via HASSL_DH type)
|
|
- MINOR: ssl: Remove calls to SSL_CTX_set_tmp_dh_callback on OpenSSLv3
|
|
- MINOR: quic: Remove an RX buffer useless lock
|
|
- MINOR: quic: Variable used before being checked in ha_quic_add_handshake_data()
|
|
- MINOR: quic: EINTR error ignored
|
|
- MINOR: quic: Potential overflow expression in qc_parse_frm()
|
|
- MINOR: quic: Possible overflow in qpack_get_varint()
|
|
- CLEANUP: h3: Unreachable target in h3_uqs_init()
|
|
- MINOR: quic: Possible memleak in qc_new_conn()
|
|
- MINOR: quic: Useless statement in quic_crypto_data_cpy()
|
|
- BUG/MEDIUM: pools: ensure items are always large enough for the pool_cache_item
|
|
- BUG/MINOR: pools: always flush pools about to be destroyed
|
|
- CLEANUP: pools: don't needlessly set a call mark during refilling of caches
|
|
- DEBUG: pools: add extra sanity checks when picking objects from a local cache
|
|
- DEBUG: pools: let's add reverse mapping from cache heads to thread and pool
|
|
- DEBUG: pools: replace the link pointer with the caller's address on pool_free()
|
|
- BUG/MAJOR: sched: prevent rare concurrent wakeup of multi-threaded tasks
|
|
- MINOR: quic: use a global dghlrs for each thread
|
|
- BUG/MEDIUM: quic: fix crash on CC if mux not present
|
|
- MINOR: qpack: fix typo in trace
|
|
- BUG/MINOR: quic: fix FIN stream signaling
|
|
- BUG/MINOR: h3: fix the header length for QPACK decoding
|
|
- MINOR: h3: remove transfer-encoding header
|
|
- MINOR: h3: add documentation on h3_decode_qcs
|
|
- MINOR: h3: set properly HTX EOM/BODYLESS on HEADERS parsing
|
|
- MINOR: mux-quic: implement rcv_buf
|
|
- MINOR: mux-quic: set EOS on rcv_buf
|
|
- MINOR: h3: set CS_FL_NOT_FIRST
|
|
- MINOR: h3: report frames bigger than rx buffer
|
|
- MINOR: h3: extract HEADERS parsing in a dedicated function
|
|
- MINOR: h3: implement DATA parsing
|
|
- MINOR: quic: Wrong smoothed rtt initialization
|
|
- MINOR: quic: Wrong loss delay computation
|
|
- MINOR: quic: Code never reached in qc_ssl_sess_init()
|
|
- MINOR: quic: ha_quic_set_encryption_secrets without server specific code
|
|
- MINOR: quic: Avoid warning about NULL pointer dereferences
|
|
- MINOR: quic: Useless test in quic_lstnr_dghdlr()
|
|
- MINOR: quic: Non checked returned value for cs_new() in hq_interop_decode_qcs()
|
|
- MINOR: h3: Dead code in h3_uqs_init()
|
|
- MINOR: quic: Non checked returned value for cs_new() in h3_decode_qcs()
|
|
- MINOR: quic: Possible frame parsers array overrun
|
|
- MINOR: quic: Do not retransmit too much packets.
|
|
- MINOR: quic: Move quic_rxbuf_pool pool out of xprt part
|
|
- MINOR: h3: report error on HEADERS/DATA parsing
|
|
- BUG/MINOR: jwt: Double free in deinit function
|
|
- BUG/MINOR: jwt: Missing pkey free during cleanup
|
|
- BUG/MINOR: jwt: Memory leak if same key is used in multiple jwt_verify calls
|
|
- BUG/MINOR: httpclient/cli: display junk characters in vsn
|
|
- MINOR: h3: remove unused return value on decode_qcs
|
|
- BUG/MAJOR: http/htx: prevent unbounded loop in http_manage_server_side_cookies
|
|
- BUG/MAJOR: spoe: properly detach all agents when releasing the applet
|
|
- REGTESTS: server: close an occasional race on dynamic_server_ssl.vtc
|
|
- REGTESTS: peers: leave a bit more time to peers to synchronize
|
|
- BUG/MEDIUM: h2/hpack: fix emission of HPACK DTSU after settings change
|
|
- BUG/MINOR: mux-h2: update the session's idle delay before creating the stream
|
|
- BUG/MINOR: httpclient: reinit flags in httpclient_start()
|
|
- BUG/MINOR: mailers: negotiate SMTP, not ESMTP
|
|
- MINOR: httpclient: sets an alternative destination
|
|
- MINOR: httpclient/lua: add 'dst' optionnal field
|
|
- BUG/MINOR: ssl: Add missing return value check in ssl_ocsp_response_print
|
|
- BUG/MINOR: ssl: Fix leak in "show ssl ocsp-response" CLI command
|
|
- BUG/MINOR: ssl: Missing return value check in ssl_ocsp_response_print
|
|
- CLEANUP: httpclient/cli: fix indentation alignment of the help message
|
|
- BUG/MINOR: tools: url2sa reads ipv4 too far
|
|
- BUG/MEDIUM: httpclient: limit transfers to the maximum available room
|
|
- DEBUG: buffer: check in __b_put_blk() whether the buffer room is respected
|
|
- MINOR: mux-quic: fix a possible null dereference in qc_timeout_task
|
|
- BUG/MEDIUM: htx: Be sure to have a buffer to perform a raw copy of a message
|
|
- BUG/MEDIUM: mux-h1: Don't wake h1s if mux is blocked on lack of output buffer
|
|
- BUG/MAJOR: mux-h2: Be sure to always report HTX parsing error to the app layer
|
|
- DEBUG: stream-int: Check CS_FL_WANT_ROOM is not set with an empty input buffer
|
|
- MINOR: quic: do not modify offset node if quic_rx_strm_frm in tree
|
|
- MINOR: h3: fix compiler warning variable set but not used
|
|
- MINOR: mux-quic: fix uninitialized return on qc_send
|
|
- MINOR: quic: fix handling of out-of-order received STREAM frames
|
|
- MINOR: pools: mark most static pool configuration variables as read-mostly
|
|
- CLEANUP: pools: remove the now unused pool_is_crowded()
|
|
- REGTESTS: fix the race conditions in 40be_2srv_odd_health_checks
|
|
- BUG/MEDIUM: stream: Abort processing if response buffer allocation fails
|
|
- MINOR: httpclient/lua: ability to set a server timeout
|
|
- BUG/MINOR: httpclient/lua: missing pop for new timeout parameter
|
|
- DOC: httpclient/lua: fix the type of the dst parameter
|
|
- CLEANUP: httpclient: initialize the client in stage INIT not REGISTER
|
|
- CLEANUP: muxes: do not use a dynamic trash in list_mux_protos()
|
|
- CLEANUP: vars: move the per-process variables initialization to vars.c
|
|
- CLEANUP: init: remove the ifdef on HAPROXY_MEMMAX
|
|
- MINOR: pools: disable redundant poisonning on pool_free()
|
|
- MINOR: pools: introduce a new pool_debugging global variable
|
|
- MINOR: pools: switch the fail-alloc test to runtime only
|
|
- MINOR: pools: switch DEBUG_DONT_SHARE_POOLS to runtime
|
|
- MINOR: pools: add a new debugging flag POOL_DBG_COLD_FIRST
|
|
- MINOR: pools: add a new debugging flag POOL_DBG_INTEGRITY
|
|
- MINOR: pools: make the global pools a runtime option.
|
|
- MEDIUM: pools: replace CONFIG_HAP_POOLS with a runtime "NO_CACHE" flag.
|
|
- MINOR: pools: store the allocated size for each pool
|
|
- MINOR: pools: get rid of POOL_EXTRA
|
|
- MINOR: pools: replace DEBUG_POOL_TRACING with runtime POOL_DBG_CALLER
|
|
- MINOR: pools: replace DEBUG_MEMORY_POOLS with runtime POOL_DBG_TAG
|
|
- MINOR: pools: add a debugging flag for memory poisonning option
|
|
- MEDIUM: initcall: move STG_REGISTER earlier
|
|
- MEDIUM: init: split the early initialization in its own function
|
|
- MINOR: init: extract args parsing to their own function
|
|
- MEDIUM: init: handle arguments earlier
|
|
- MINOR: pools: delegate parsing of command line option -dM to a new function
|
|
- MINOR: pools: support setting debugging options using -dM
|
|
- BUILD: makefile: enable both DEBUG_STRICT and DEBUG_MEMORY_POOLS by default
|
|
- CI: github: enable pool debugging by default
|
|
- DOC: Fix usage/examples of deprecated ACLs
|
|
- DOC: internal: update the pools API to mention boot-time settings
|
|
- DOC: design: add design thoughts for later simplification of the pools
|
|
- DOC: design: commit the temporary design notes on thread groups
|
|
- MINOR: stream-int: Handle appctx case first when releasing the endpoint
|
|
- MINOR: connection: Be prepared to handle conn-stream with no connection
|
|
- MINOR: stream: Handle appctx case first when creating a new stream
|
|
- MINOR: connection: Add a function to detach a conn-stream from the connection
|
|
- MINOR: stream-int: Add function to reset a SI endpoint
|
|
- MINOR: stream-int: Add function to attach a connection to a SI
|
|
- MINOR: stream-int: Be able to allocate a CS without connection
|
|
- MEDIUM: stream: No longer release backend conn-stream on connection retry
|
|
- MEDIUM: stream: Allocate backend CS when the stream is created
|
|
- REORG: conn_stream: move conn-stream stuff in dedicated files
|
|
- MEDIUM: conn-stream: No longer access connection field directly
|
|
- MEDIUM: conn-stream: Be prepared to use an appctx as conn-stream endpoint
|
|
- MAJOR: conn_stream/stream-int: move the appctx to the conn-stream
|
|
- MEDIUM: applet: Set the conn-stream as appctx owner instead of the stream-int
|
|
- MEDIUM: conn_stream: Add a pointer to the app object into the conn-stream
|
|
- MINOR: stream: Add pointer to front/back conn-streams into stream struct
|
|
- MINOR: stream: Slightly rework stream_new to separate CS/SI initialization
|
|
- MINOR: stream-int: Always access the stream-int via the conn-stream
|
|
- MINOR: backend: Always access the stream-int via the conn-stream
|
|
- MINOR: stream: Always access the stream-int via the conn-stream
|
|
- MINOR: http-ana: Always access the stream-int via the conn-stream
|
|
- MINOR: cli: Always access the stream-int via the conn-stream
|
|
- MINOR: log: Always access the stream-int via the conn-stream
|
|
- MINOR: frontend: Always access the stream-int via the conn-stream
|
|
- MINOR: proxy: Always access the stream-int via the conn-stream
|
|
- MINOR: peers: Always access the stream-int via the conn-stream
|
|
- MINOR: debug: Always access the stream-int via the conn-stream
|
|
- MINOR: hlua: Always access the stream-int via the conn-stream
|
|
- MINOR: cache: Always access the stream-int via the conn-stream
|
|
- MINOR: dns: Always access the stream-int via the conn-stream
|
|
- MINOR: http-act: Always access the stream-int via the conn-stream
|
|
- MINOR: httpclient: Always access the stream-int via the conn-stream
|
|
- MINOR: tcp-act: Always access the stream-int via the conn-stream
|
|
- MINOR: sink: Always access the stream-int via the conn-stream
|
|
- MINOR: conn-stream: Rename cs_detach() to cs_detach_endp()
|
|
- CLEANUP: conn-stream: Don't export conn-stream pool
|
|
- MAJOR: stream/conn_stream: Move the stream-interface into the conn-stream
|
|
- CLEANUP: stream-int: rename si_reset() to si_init()
|
|
- MINOR: conn-stream: Release a CS when both app and endp are detached
|
|
- MINOR: stream: Don't destroy conn-streams but detach app and endp
|
|
- MAJOR: check: Use a persistent conn-stream for health-checks
|
|
- CLEANUP: conn-stream: Remove cs_destroy()
|
|
- CLEANUP: backend: Don't export connect_server anymore
|
|
- BUG/MINOR: h3/hq_interop: Fix CS and stream creation
|
|
- BUILD: tree-wide: Avoid warnings about undefined entities retrieved from a CS
|
|
- BUG/MINOR: proxy: preset the error message pointer to NULL in parse_new_proxy()
|
|
- BUG/MEDIUM: quic: fix received ACK stream calculation
|
|
- BUILD: stream: fix build warning with older compilers
|
|
- BUG/MINOR: debug: fix get_tainted() to properly read an atomic value
|
|
- DEBUG: move the tainted stuff to bug.h for easier inclusion
|
|
- DEBUG: cleanup back trace generation
|
|
- DEBUG: cleanup BUG_ON() configuration
|
|
- DEBUG: mark ABORT_NOW() as unreachable
|
|
- DBEUG: add a new WARN_ON() macro
|
|
- DEBUG: make the _BUG_ON() macro return the condition
|
|
- DEBUG: add a new WARN_ON_ONCE() macro
|
|
- DEBUG: report BUG_ON() and WARN_ON() in the tainted flags
|
|
- MINOR: quic: adjust buffer handling for STREAM transmission
|
|
- MINOR: quic: liberate the TX stream buffer after ACK processing
|
|
- MINOR: quic: add a TODO for a memleak frame on ACK consume
|
|
|
|
2022/02/01 : 2.6-dev1
|
|
- BUG/MINOR: cache: Fix loop on cache entries in "show cache"
|
|
- BUG/MINOR: httpclient: allow to replace the host header
|
|
- BUG/MINOR: lua: don't expose internal proxies
|
|
- MEDIUM: mworker: seamless reload use the internal sockpairs
|
|
- BUG/MINOR: lua: remove loop initial declarations
|
|
- BUG/MINOR: mworker: does not add the -sf in wait mode
|
|
- BUG/MEDIUM: mworker: FD leak of the eventpoll in wait mode
|
|
- MINOR: quic: do not reject PADDING followed by other frames
|
|
- REORG: quic: add comment on rare thread concurrence during CID alloc
|
|
- CLEANUP: quic: add comments on CID code
|
|
- MEDIUM: quic: handle CIDs to rattach received packets to connection
|
|
- MINOR: qpack: support litteral field line with non-huff name
|
|
- MINOR: quic: activate QUIC traces at compilation
|
|
- MINOR: quic: use more verbose QUIC traces set at compile-time
|
|
- MEDIUM: pool: refactor malloc_trim/glibc and jemalloc api addition detections.
|
|
- MEDIUM: pool: support purging jemalloc arenas in trim_all_pools()
|
|
- BUG/MINOR: mworker: deinit of thread poller was called when not initialized
|
|
- BUILD: pools: only detect link-time jemalloc on ELF platforms
|
|
- CI: github actions: add the output of $CC -dM -E-
|
|
- BUG/MEDIUM: cli: Properly set stream analyzers to process one command at a time
|
|
- BUILD: evports: remove a leftover from the dead_fd cleanup
|
|
- MINOR: quic: Set "no_application_protocol" alert
|
|
- MINOR: quic: More accurate immediately close.
|
|
- MINOR: quic: Immediately close if no transport parameters extension found
|
|
- MINOR: quic: Rename qc_prep_hdshk_pkts() to qc_prep_pkts()
|
|
- MINOR: quic: Possible crash when inspecting the xprt context
|
|
- MINOR: quic: Dynamically allocate the secrete keys
|
|
- MINOR: quic: Add a function to derive the key update secrets
|
|
- MINOR: quic: Add structures to maintain key phase information
|
|
- MINOR: quic: Optional header protection key for quic_tls_derive_keys()
|
|
- MINOR: quic: Add quic_tls_key_update() function for Key Update
|
|
- MINOR: quic: Enable the Key Update process
|
|
- MINOR: quic: Delete the ODCIDs asap
|
|
- BUG/MINOR: vars: Fix the set-var and unset-var converters
|
|
- MEDIUM: pool: Following up on previous pool trimming update.
|
|
- BUG/MEDIUM: mux-h1: Fix splicing by properly detecting end of message
|
|
- BUG/MINOR: mux-h1: Fix splicing for messages with unknown length
|
|
- MINOR: mux-h1: Improve H1 traces by adding info about http parsers
|
|
- MINOR: mux-h1: register a stats module
|
|
- MINOR: mux-h1: add counters instance to h1c
|
|
- MINOR: mux-h1: count open connections/streams on stats
|
|
- MINOR: mux-h1: add stat for total count of connections/streams
|
|
- MINOR: mux-h1: add stat for total amount of bytes received and sent
|
|
- REGTESTS: h1: Add a script to validate H1 splicing support
|
|
- BUG/MINOR: server: Don't rely on last default-server to init server SSL context
|
|
- BUG/MEDIUM: resolvers: Detach query item on response error
|
|
- MEDIUM: resolvers: No longer store query items in a list into the response
|
|
- BUG/MAJOR: segfault using multiple log forward sections.
|
|
- BUG/MEDIUM: h1: Properly reset h1m flags when headers parsing is restarted
|
|
- BUG/MINOR: resolvers: Don't overwrite the error for invalid query domain name
|
|
- BUILD: bug: Fix error when compiling with -DDEBUG_STRICT_NOCRASH
|
|
- BUG/MEDIUM: sample: Fix memory leak in sample_conv_jwt_member_query
|
|
- DOC: spoe: Clarify use of the event directive in spoe-message section
|
|
- DOC: config: Specify %Ta is only available in HTTP mode
|
|
- BUILD: tree-wide: avoid warnings caused by redundant checks of obj_types
|
|
- IMPORT: slz: use the correct CRC32 instruction when running in 32-bit mode
|
|
- MINOR: quic: fix segfault on CONNECTION_CLOSE parsing
|
|
- MINOR: h3: add BUG_ON on control receive function
|
|
- MEDIUM: xprt-quic: finalize app layer initialization after ALPN nego
|
|
- MINOR: h3: remove duplicated FIN flag position
|
|
- MAJOR: mux-quic: implement a simplified mux version
|
|
- MEDIUM: mux-quic: implement release mux operation
|
|
- MEDIUM: quic: detect the stream FIN
|
|
- MINOR: mux-quic: implement subscribe on stream
|
|
- MEDIUM: mux-quic: subscribe on xprt if remaining data after send
|
|
- MEDIUM: mux-quic: wake up xprt on data transferred
|
|
- MEDIUM: mux-quic: handle when sending buffer is full
|
|
- MINOR: quic: RX buffer full due to wrong CRYPTO data handling
|
|
- MINOR: quic: Race issue when consuming RX packets buffer
|
|
- MINOR: quic: QUIC encryption level RX packets race issue
|
|
- MINOR: quic: Delete remaining RX handshake packets
|
|
- MINOR: quic: Remove QUIC TX packet length evaluation function
|
|
- MINOR: hq-interop: fix tx buffering
|
|
- MINOR: mux-quic: remove uneeded code to check fin on TX
|
|
- MINOR: quic: add HTX EOM on request end
|
|
- BUILD: mux-quic: fix compilation with DEBUG_MEM_STATS
|
|
- MINOR: http-rules: Add capture action to http-after-response ruleset
|
|
- BUG/MINOR: cli/server: Don't crash when a server is added with a custom id
|
|
- MINOR: mux-quic: do not release qcs if there is remaining data to send
|
|
- MINOR: quic: notify the mux on CONNECTION_CLOSE
|
|
- BUG/MINOR: mux-quic: properly initialize flow control
|
|
- MINOR: quic: Compilation fix for quic_rx_packet_refinc()
|
|
- MINOR: h3: fix possible invalid dereference on htx parsing
|
|
- DOC: config: retry-on list is space-delimited
|
|
- DOC: config: fix error-log-format example
|
|
- BUG/MEDIUM: mworker/cli: crash when trying to access an old PID in prompt mode
|
|
- MINOR: hq-interop: refix tx buffering
|
|
- REGTESTS: ssl: use X509_V_ERR_UNABLE_TO_GET_ISSUER_CERT_LOCALLY for cert check
|
|
- MINOR: cli: "show version" displays the current process version
|
|
- CLEANUP: cfgparse: modify preprocessor guards around numa detection code
|
|
- MEDIUM: cfgparse: numa detect topology on FreeBSD.
|
|
- BUILD: ssl: unbreak the build with newer libressl
|
|
- MINOR: vars: Move UPDATEONLY flag test to vars_set_ifexist
|
|
- MINOR: vars: Set variable type to ANY upon creation
|
|
- MINOR: vars: Delay variable content freeing in var_set function
|
|
- MINOR: vars: Parse optional conditions passed to the set-var converter
|
|
- MINOR: vars: Parse optional conditions passed to the set-var actions
|
|
- MEDIUM: vars: Enable optional conditions to set-var converter and actions
|
|
- DOC: vars: Add documentation about the set-var conditions
|
|
- REGTESTS: vars: Add new test for conditional set-var
|
|
- MINOR: quic: Attach timer task to thread for the connection.
|
|
- CLEANUP: quic_frame: Remove a useless suffix to STOP_SENDING
|
|
- MINOR: quic: Add traces for STOP_SENDING frame and modify others
|
|
- CLEANUP: quic: Remove cdata_len from quic_tx_packet struct
|
|
- MINOR: quic: Enable TLS 0-RTT if needed
|
|
- MINOR: quic: No TX secret at EARLY_DATA encryption level
|
|
- MINOR: quic: Add quic_set_app_ops() function
|
|
- MINOR: ssl_sock: Set the QUIC application from ssl_sock_advertise_alpn_protos.
|
|
- MINOR: quic: Make xprt support 0-RTT.
|
|
- MINOR: qpack: Missing check for truncated QPACK fields
|
|
- CLEANUP: quic: Comment fix for qc_strm_cpy()
|
|
- MINOR: hq_interop: Stop BUG_ON() truncated streams
|
|
- MINOR: quic: Do not mix packet number space and connection flags
|
|
- CLEANUP: quic: Shorten a litte bit the traces in lstnr_rcv_pkt()
|
|
- MINOR: mux-quic: fix trace on stream creation
|
|
- CLEANUP: quic: fix spelling mistake in a trace
|
|
- CLEANUP: quic: rename quic_conn conn to qc in quic_conn_free
|
|
- MINOR: quic: add missing lock on cid tree
|
|
- MINOR: quic: rename constant for haproxy CIDs length
|
|
- MINOR: quic: refactor concat DCID with address for Initial packets
|
|
- MINOR: quic: compare coalesced packets by DCID
|
|
- MINOR: quic: refactor DCID lookup
|
|
- MINOR: quic: simplify the removal from ODCID tree
|
|
- REGTESTS: vars: Remove useless ssl tunes from conditional set-var test
|
|
- MINOR: ssl: Remove empty lines from "show ssl ocsp-response" output
|
|
- MINOR: quic: Increase the RX buffer for each connection
|
|
- MINOR: quic: Add a function to list remaining RX packets by encryption level
|
|
- MINOR: quic: Stop emptying the RX buffer asap.
|
|
- MINOR: quic: Do not expect to receive only one O-RTT packet
|
|
- MINOR: quic: Do not forget STREAM frames received in disorder
|
|
- MINOR: quic: Wrong packet refcount handling in qc_pkt_insert()
|
|
- DOC: fix misspelled keyword "resolve_retries" in resolvers
|
|
- CLEANUP: quic: rename quic_conn instances to qc
|
|
- REORG: quic: move mux function outside of xprt
|
|
- MINOR: quic: add reference to quic_conn in ssl context
|
|
- MINOR: quic: add const qualifier for traces function
|
|
- MINOR: trace: add quic_conn argument definition
|
|
- MINOR: quic: use quic_conn as argument to traces
|
|
- MINOR: quic: add quic_conn instance in traces for qc_new_conn
|
|
- MINOR: quic: Add stream IDs to qcs_push_frame() traces
|
|
- MINOR: quic: unchecked qc_retrieve_conn_from_cid() returned value
|
|
- MINOR: quic: Wrong dropped packet skipping
|
|
- MINOR: quic: Handle the cases of overlapping STREAM frames
|
|
- MINOR: quic: xprt traces fixes
|
|
- MINOR: quic: Drop asap Retry or Version Negotiation packets
|
|
- MINOR: pools: work around possibly slow malloc_trim() during gc
|
|
- DEBUG: ssl: make sure we never change a servername on established connections
|
|
- MINOR: quic: Add traces for RX frames (flow control related)
|
|
- MINOR: quic: Add CONNECTION_CLOSE phrase to trace
|
|
- REORG: quic: remove qc_ prefix on functions which not used it directly
|
|
- BUG/MINOR: quic: upgrade rdlock to wrlock for ODCID removal
|
|
- MINOR: quic: remove unnecessary call to free_quic_conn_cids()
|
|
- MINOR: quic: store ssl_sock_ctx reference into quic_conn
|
|
- MINOR: quic: remove unnecessary if in qc_pkt_may_rm_hp()
|
|
- MINOR: quic: replace usage of ssl_sock_ctx by quic_conn
|
|
- MINOR: quic: delete timer task on quic_close()
|
|
- MEDIUM: quic: implement refcount for quic_conn
|
|
- BUG/MINOR: quic: fix potential null dereference
|
|
- BUG/MINOR: quic: fix potential use of uninit pointer
|
|
- BUG/MEDIUM: backend: fix possible sockaddr leak on redispatch
|
|
- BUG/MEDIUM: peers: properly skip conn_cur from incoming messages
|
|
- CI: Github Actions: do not show VTest failures if build failed
|
|
- BUILD: opentracing: display warning in case of using OT_USE_VARS at compile time
|
|
- MINOR: compat: detect support for dl_iterate_phdr()
|
|
- MINOR: debug: add ability to dump loaded shared libraries
|
|
- MINOR: debug: add support for -dL to dump library names at boot
|
|
- BUG/MEDIUM: ssl: initialize correctly ssl w/ default-server
|
|
- REGTESTS: ssl: fix ssl_default_server.vtc
|
|
- BUG/MINOR: ssl: free the fields in srv->ssl_ctx
|
|
- BUG/MEDIUM: ssl: free the ckch instance linked to a server
|
|
- REGTESTS: ssl: update of a crt with server deletion
|
|
- BUILD/MINOR: cpuset FreeBSD 14 build fix.
|
|
- MINOR: pools: always evict oldest objects first in pool_evict_from_local_cache()
|
|
- DOC: pool: document the purpose of various structures in the code
|
|
- CLEANUP: pools: do not use the extra pointer to link shared elements
|
|
- CLEANUP: pools: get rid of the POOL_LINK macro
|
|
- MINOR: pool: allocate from the shared cache through the local caches
|
|
- CLEANUP: pools: group list updates in pool_get_from_cache()
|
|
- MINOR: pool: rely on pool_free_nocache() in pool_put_to_shared_cache()
|
|
- MINOR: pool: make pool_is_crowded() always true when no shared pools are used
|
|
- MINOR: pool: check for pool's fullness outside of pool_put_to_shared_cache()
|
|
- MINOR: pool: introduce pool_item to represent shared pool items
|
|
- MINOR: pool: add a function to estimate how many may be released at once
|
|
- MEDIUM: pool: compute the number of evictable entries once per pool
|
|
- MINOR: pools: prepare pool_item to support chained clusters
|
|
- MINOR: pools: pass the objects count to pool_put_to_shared_cache()
|
|
- MEDIUM: pools: centralize cache eviction in a common function
|
|
- MEDIUM: pools: start to batch eviction from local caches
|
|
- MEDIUM: pools: release cached objects in batches
|
|
- OPTIM: pools: reduce local pool cache size to 512kB
|
|
- CLEANUP: assorted typo fixes in the code and comments This is 29th iteration of typo fixes
|
|
- CI: github actions: update OpenSSL to 3.0.1
|
|
- BUILD/MINOR: tools: solaris build fix on dladdr.
|
|
- BUG/MINOR: cli: fix _getsocks with musl libc
|
|
- BUG/MEDIUM: http-ana: Preserve response's FLT_END analyser on L7 retry
|
|
- MINOR: quic: Wrong traces after rework
|
|
- MINOR: quic: Add trace about in flight bytes by packet number space
|
|
- MINOR: quic: Wrong first packet number space computation
|
|
- MINOR: quic: Wrong packet number space computation for PTO
|
|
- MINOR: quic: Wrong loss time computation in qc_packet_loss_lookup()
|
|
- MINOR: quic: Wrong ack_delay compution before calling quic_loss_srtt_update()
|
|
- MINOR: quic: Remove nb_pto_dgrams quic_conn struct member
|
|
- MINOR: quic: Wrong packet number space trace in qc_prep_pkts()
|
|
- MINOR: quic: Useless test in qc_prep_pkts()
|
|
- MINOR: quic: qc_prep_pkts() code moving
|
|
- MINOR: quic: Speeding up Handshake Completion
|
|
- MINOR: quic: Probe Initial packet number space more often
|
|
- MINOR: quic: Probe several packet number space upon timer expiration
|
|
- MINOR: quic: Comment fix.
|
|
- MINOR: quic: Improve qc_prep_pkts() flexibility
|
|
- MINOR: quic: Do not drop secret key but drop the CRYPTO data
|
|
- MINOR: quic: Prepare Handshake packets asap after completed handshake
|
|
- MINOR: quic: Flag asap the connection having reached the anti-amplification limit
|
|
- MINOR: quic: PTO timer too often reset
|
|
- MINOR: quic: Re-arm the PTO timer upon datagram receipt
|
|
- MINOR: proxy: add option idle-close-on-response
|
|
- MINOR: cpuset: switch to sched_setaffinity for FreeBSD 14 and above.
|
|
- CI: refactor spelling check
|
|
- CLEANUP: assorted typo fixes in the code and comments
|
|
- BUILD: makefile: add -Wno-atomic-alignment to work around clang abusive warning
|
|
- MINOR: quic: Only one CRYPTO frame by encryption level
|
|
- MINOR: quic: Missing retransmission from qc_prep_fast_retrans()
|
|
- MINOR: quic: Non-optimal use of a TX buffer
|
|
- BUG/MEDIUM: mworker: don't use _getsocks in wait mode
|
|
- BUG/MINOR: ssl: Store client SNI in SSL context in case of ClientHello error
|
|
- BUG/MAJOR: mux-h1: Don't decrement .curr_len for unsent data
|
|
- DOC: internals: document the pools architecture and API
|
|
- CI: github actions: clean default step conditions
|
|
- BUILD: cpuset: fix build issue on macos introduced by previous change
|
|
- MINOR: quic: Remaining TRACEs with connection as firt arg
|
|
- MINOR: quic: Reset ->conn quic_conn struct member when calling qc_release()
|
|
- MINOR: quic: Flag the connection as being attached to a listener
|
|
- MINOR: quic: Wrong CRYPTO frame concatenation
|
|
- MINOR: quid: Add traces quic_close() and quic_conn_io_cb()
|
|
- REGTESTS: ssl: Fix ssl_errors regtest with OpenSSL 1.0.2
|
|
- MINOR: quic: Do not dereference ->conn quic_conn struct member
|
|
- MINOR: quic: fix return of quic_dgram_read
|
|
- MINOR: quic: add config parse source file
|
|
- MINOR: quic: implement Retry TLS AEAD tag generation
|
|
- MEDIUM: quic: implement Initial token parsing
|
|
- MINOR: quic: define retry_source_connection_id TP
|
|
- MEDIUM: quic: implement Retry emission
|
|
- MINOR: quic: free xprt tasklet on its thread
|
|
- BUG/MEDIUM: connection: properly leave stopping list on error
|
|
- MINOR: pools: enable pools with DEBUG_FAIL_ALLOC as well
|
|
- MINOR: quic: As server, skip 0-RTT packet number space
|
|
- MINOR: quic: Do not wakeup the I/O handler before the mux is started
|
|
- BUG/MEDIUM: htx: Adjust length to add DATA block in an empty HTX buffer
|
|
- CI: github actions: use cache for OpenTracing
|
|
- BUG/MINOR: httpclient: don't send an empty body
|
|
- BUG/MINOR: httpclient: set default Accept and User-Agent headers
|
|
- BUG/MINOR: httpclient/lua: don't pop the lua stack when getting headers
|
|
- BUILD/MINOR: fix solaris build with clang.
|
|
- BUG/MEDIUM: server: avoid changing healthcheck ctx with set server ssl
|
|
- CI: refactor OpenTracing build script
|
|
- DOC: management: mark "set server ssl" as deprecated
|
|
- MEDIUM: cli: yield between each pipelined command
|
|
- MINOR: channel: add new function co_getdelim() to support multiple delimiters
|
|
- BUG/MINOR: cli: avoid O(bufsize) parsing cost on pipelined commands
|
|
- MEDIUM: h2/hpack: emit a Dynamic Table Size Update after settings change
|
|
- MINOR: quic: Retransmit the TX frames in the same order
|
|
- MINOR: quic: Remove the packet number space TX MT_LIST
|
|
- MINOR: quic: Splice the frames which could not be added to packets
|
|
- MINOR: quic: Add the number of TX bytes to traces
|
|
- CLEANUP: quic: Replace <nb_pto_dgrams> by <probe>
|
|
- MINOR: quic: Send two ack-eliciting packets when probing packet number spaces
|
|
- MINOR: quic: Probe regardless of the congestion control
|
|
- MINOR: quic: Speeding up handshake completion
|
|
- MINOR: quic: Release RX Initial packets asap
|
|
- MINOR: quic: Release asap TX frames to be transmitted
|
|
- MINOR: quic: Probe even if coalescing
|
|
- BUG/MEDIUM: cli: Never wait for more data on client shutdown
|
|
- BUG/MEDIUM: mcli: do not try to parse empty buffers
|
|
- BUG/MEDIUM: mcli: always realign wrapping buffers before parsing them
|
|
- BUG/MINOR: stream: make the call_rate only count the no-progress calls
|
|
- MINOR: quic: do not use quic_conn after dropping it
|
|
- MINOR: quic: adjust quic_conn refcount decrement
|
|
- MINOR: quic: fix race-condition on xprt tasklet free
|
|
- MINOR: quic: free SSL context on quic_conn free
|
|
- MINOR: quic: Add QUIC_FT_RETIRE_CONNECTION_ID parsing case
|
|
- MINOR: quic: Wrong packet number space selection
|
|
- DEBUG: pools: add new build option DEBUG_POOL_INTEGRITY
|
|
- MINOR: quic: add missing include in quic_sock
|
|
- MINOR: quic: fix indentation in qc_send_ppkts
|
|
- MINOR: quic: remove dereferencement of connection when possible
|
|
- MINOR: quic: set listener accept cb on parsing
|
|
- MEDIUM: quic/ssl: add new ex data for quic_conn
|
|
- MINOR: quic: initialize ssl_sock_ctx alongside the quic_conn
|
|
- MINOR: ssl: fix build in release mode
|
|
- MINOR: pools: partially uninline pool_free()
|
|
- MINOR: pools: partially uninline pool_alloc()
|
|
- MINOR: pools: prepare POOL_EXTRA to be split into multiple extra fields
|
|
- MINOR: pools: extend pool_cache API to pass a pointer to a caller
|
|
- DEBUG: pools: add new build option DEBUG_POOL_TRACING
|
|
- DEBUG: cli: add a new "debug dev fd" expert command
|
|
- MINOR: fd: register the write side of the poller pipe as well
|
|
- CI: github actions: use cache for SSL libs
|
|
- BUILD: debug/cli: condition test of O_ASYNC to its existence
|
|
- BUILD: pools: fix build error on DEBUG_POOL_TRACING
|
|
- MINOR: quic: refactor header protection removal
|
|
- MINOR: quic: handle app data according to mux/connection layer status
|
|
- MINOR: quic: refactor app-ops initialization
|
|
- MINOR: receiver: define a flag for local accept
|
|
- MEDIUM: quic: flag listener for local accept
|
|
- MINOR: quic: do not manage connection in xprt snd_buf
|
|
- MINOR: quic: remove wait handshake/L6 flags on init connection
|
|
- MINOR: listener: add flags field
|
|
- MINOR: quic: define QUIC flag on listener
|
|
- MINOR: quic: create accept queue for QUIC connections
|
|
- MINOR: listener: define per-thr struct
|
|
- MAJOR: quic: implement accept queue
|
|
- CLEANUP: mworker: simplify mworker_free_child()
|
|
- BUILD/DEBUG: lru: update the standalone code to support the revision
|
|
- DEBUG: lru: use a xorshift generator in the testing code
|
|
- BUG/MAJOR: compiler: relax alignment constraints on certain structures
|
|
- BUG/MEDIUM: fd: always align fdtab[] to 64 bytes
|
|
- MINOR: quic: No DCID length for datagram context
|
|
- MINOR: quic: Comment fix about the token found in Initial packets
|
|
- MINOR: quic: Get rid of a struct buffer in quic_lstnr_dgram_read()
|
|
- MINOR: quic: Remove the QUIC haproxy server packet parser
|
|
- MINOR: quic: Add new defintion about DCIDs offsets
|
|
- MINOR: quic: Add a list to QUIC sock I/O handler RX buffer
|
|
- MINOR: quic: Allocate QUIC datagrams from sock I/O handler
|
|
- MINOR: proto_quic: Allocate datagram handlers
|
|
- MINOR: quic: Pass CID as a buffer to quic_get_cid_tid()
|
|
- MINOR: quic: Convert quic_dgram_read() into a task
|
|
- CLEANUP: quic: Remove useless definition
|
|
- MINOR: proto_quic: Wrong allocations for TX rings and RX bufs
|
|
- MINOR: quic: Do not consume the RX buffer on QUIC sock i/o handler side
|
|
- MINOR: quic: Do not reset a full RX buffer
|
|
- MINOR: quic: Attach all the CIDs to the same connection
|
|
- MINOR: quic: Make usage of by datagram handler trees
|
|
- MEDIUM: da: new optional data file download scheduler service.
|
|
- MEDIUM: da: update doc and build for new scheduler mode service.
|
|
- MEDIUM: da: update module to handle schedule mode.
|
|
- MINOR: quic: Drop Initial packets with wrong ODCID
|
|
- MINOR: quic: Wrong RX buffer tail handling when no more contiguous data
|
|
- MINOR: quic: Iterate over all received datagrams
|
|
- MINOR: quic: refactor quic CID association with threads
|
|
- BUG/MEDIUM: resolvers: Really ignore trailing dot in domain names
|
|
- DEV: flags: Add missing flags
|
|
- BUG/MINOR: sink: Use the right field in appctx context in release callback
|
|
- MINOR: sock: move the unused socket cleaning code into its own function
|
|
- BUG/MEDIUM: mworker: close unused transferred FDs on load failure
|
|
- BUILD: atomic: make the old HA_ATOMIC_LOAD() support const pointers
|
|
- BUILD: cpuset: do not use const on the source of CPU_AND/CPU_ASSIGN
|
|
- BUILD: checks: fix inlining issue on set_srv_agent_[addr,port}
|
|
- BUILD: vars: avoid overlapping field initialization
|
|
- BUILD: server-state: avoid using not-so-portable isblank()
|
|
- BUILD: mux_fcgi: avoid aliasing of a const struct in traces
|
|
- BUILD: tree-wide: mark a few numeric constants as explicitly long long
|
|
- BUILD: tools: fix warning about incorrect cast with dladdr1()
|
|
- BUILD: task: use list_to_mt_list() instead of casting list to mt_list
|
|
- BUILD: mworker: include tools.h for platforms without unsetenv()
|
|
- BUG/MINOR: mworker: fix a FD leak of a sockpair upon a failed reload
|
|
- MINOR: mworker: set the master side of ipc_fd in the worker to -1
|
|
- MINOR: mworker: allocate and initialize a mworker_proc
|
|
- CI: Consistently use actions/checkout@v2
|
|
- REGTESTS: Remove REQUIRE_VERSION=1.8 from all tests
|
|
- MINOR: mworker: sets used or closed worker FDs to -1
|
|
- MINOR: quic: Try to accept 0-RTT connections
|
|
- MINOR: quic: Do not try to treat 0-RTT packets without started mux
|
|
- MINOR: quic: Do not try to accept a connection more than one time
|
|
- MINOR: quic: Initialize the connection timer asap
|
|
- MINOR: quic: Do not use connection struct xprt_ctx too soon
|
|
- Revert "MINOR: mworker: sets used or closed worker FDs to -1"
|
|
- BUILD: makefile: avoid testing all -Wno-* options when not needed
|
|
- BUILD: makefile: validate support for extra warnings by batches
|
|
- BUILD: makefile: only compute alternative options if required
|
|
- DEBUG: fd: make sure we never try to insert/delete an impossible FD number
|
|
- MINOR: mux-quic: add comment
|
|
- MINOR: mux-quic: properly initialize qcc flags
|
|
- MINOR: mux-quic: do not consider CONNECTION_CLOSE for the moment
|
|
- MINOR: mux-quic: create a timeout task
|
|
- MEDIUM: mux-quic: delay the closing with the timeout
|
|
- MINOR: mux-quic: release idle conns on process stopping
|
|
- MINOR: listener: replace the listener's spinlock with an rwlock
|
|
- BUG/MEDIUM: listener: read-lock the listener during accept()
|
|
- MINOR: mworker/cli: set expert/experimental mode from the CLI
|
|
|
|
2021/11/23 : 2.6-dev0
|
|
- MINOR: version: it's development again
|
|
|
|
2021/11/23 : 2.5.0
|
|
- BUILD: SSL: add quictls build to scripts/build-ssl.sh
|
|
- BUILD: SSL: add QUICTLS to build matrix
|
|
- CLEANUP: sock: Wrap `accept4_broken = 1` into additional parenthesis
|
|
- BUILD: cli: clear a maybe-unused warning on some older compilers
|
|
- BUG/MEDIUM: cli: make sure we can report a warning from a bind keyword
|
|
- BUG/MINOR: ssl: make SSL counters atomic
|
|
- CLEANUP: assorted typo fixes in the code and comments
|
|
- BUG/MINOR: ssl: free correctly the sni in the backend SSL cache
|
|
- MINOR: version: mention that it's stable now
|
|
|
|
2021/11/19 : 2.5-dev15
|
|
- BUG/MINOR: stick-table/cli: Check for invalid ipv6 key
|
|
- CLEANUP: peers: Remove useless test on peer variable in peer_trace()
|
|
- DOC: log: Add comments to specify when session's listener is defined or not
|
|
- BUG/MEDIUM: mux-h1: Handle delayed silent shut in h1_process() to release H1C
|
|
- REGTESTS: ssl_crt-list_filters: feature cmd incorrectly set
|
|
- DOC: internals: document the list API
|
|
- BUG/MINOR: h3: ignore unknown frame types
|
|
- MINOR: quic: redirect app_ops snd_buf through mux
|
|
- MEDIUM: quic: inspect ALPN to install app_ops
|
|
- MINOR: quic: support hq-interop
|
|
- MEDIUM: quic: send version negotiation packet on unknown version
|
|
- BUG/MEDIUM: mworker: cleanup the listeners when reexecuting
|
|
- DOC: internals: document the scheduler API
|
|
- BUG/MINOR: quic: fix version negotiation packet generation
|
|
- CLEANUP: ssl: fix wrong #else commentary
|
|
- MINOR: config: support default values for environment variables
|
|
- SCRIPTS: run-regtests: reduce the number of processes needed to check options
|
|
- SCRIPT: run-regtests: avoid several calls to grep to test for features
|
|
- SCRIPT: run-regtests: avoid calling awk to compute the version
|
|
- REGTEST: set retries count to zero for all tests that expect at 503
|
|
- REGTESTS: make tcp-check_min-recv fail fast
|
|
- REGTESTS: extend the default I/O timeouts and make them overridable
|
|
- BUG/MEDIUM: ssl: backend TLS resumption with sni and TLSv1.3
|
|
- BUG/MEDIUM: ssl: abort with the correct SSL error when SNI not found
|
|
- REGTESTS: ssl: test the TLS resumption
|
|
- BUILD: makefile: stop opening sub-shells for each and every command
|
|
- BUILD: makefile: reorder objects by build time
|
|
- BUG/MEDIUM: mux-h2: always process a pending shut read
|
|
- MINOR: quic_sock: missing CO_FL_ADDR_TO_SET flag
|
|
- MINOR: quic: Possible wrong connection identification
|
|
- MINOR: quic: Correctly pad UDP datagrams
|
|
- MINOR: quic: Support transport parameters draft TLS extension
|
|
- MINOR: quic: Anti-amplification implementation
|
|
- MINOR: quic: Wrong Initial packet connection initialization
|
|
- MINOR: quic: Wrong ACK range building
|
|
- MINOR: quic: Update some QUIC protocol errors
|
|
- MINOR: quic: Send CONNECTION_CLOSE frame upon TLS alert
|
|
- MINOR: quic: Wrong largest acked packet number parsing
|
|
- MINOR: quic: Add minimalistic support for stream flow control frames
|
|
- MINOR: quic: Wrong value for version negotiation packet 'Unused' field
|
|
- MINOR: quic: Support draft-29 QUIC version
|
|
- BUG/MINOR: quic: fix segfault on trace for version negotiation
|
|
- BUG/MINOR: hq-interop: fix potential NULL dereference
|
|
- BUILD: quic: fix potential NULL dereference on xprt_quic
|
|
- DOC: lua: documentation about the httpclient API
|
|
- BUG/MEDIUM: cache/cli: make "show cache" thread-safe
|
|
- BUG/MEDIUM: shctx: leave the block allocator when enough blocks are found
|
|
- BUG/MINOR: shctx: do not look for available blocks when the first one is enough
|
|
- MINOR: shctx: add a few BUG_ON() for consistency checks
|
|
|
|
2021/11/14 : 2.5-dev14
|
|
- DEV: coccinelle: Remove unused `expression e`
|
|
- DEV: coccinelle: Add rule to use `istend()` where possible
|
|
- CLEANUP: Apply ist.cocci
|
|
- CLEANUP: Re-apply xalloc_size.cocci
|
|
- CLEANUP: halog: make the default usage message fit in small screens
|
|
- MINOR: h3/qpack: fix gcc11 warnings
|
|
- MINOR: mux-quic: fix gcc11 warning
|
|
- MINOR: h3: fix potential NULL dereference
|
|
- MINOR: quic: Fix potential null pointer dereference
|
|
- CLEANUP: halog: remove unused strl2ui()
|
|
- OPTIM: halog: improve field parser speed for modern compilers
|
|
- OPTIM: halog: skip fields 64 bits at a time when supported
|
|
- DEV: coccinelle: Add rule to use `isttrim()` where possible
|
|
- CLEANUP: Apply ist.cocci
|
|
- DEV: coccinelle: Add rule to use `chunk_istcat()` instead of `chunk_memcat()`
|
|
- DEV: coccinelle: Add rule to use `chunk_istcat()` instead of `chunk_strncat()`
|
|
- CLEANUP: Apply ist.cocci
|
|
- CLEANUP: chunk: Remove duplicated chunk_Xcat implementation
|
|
- CLEANUP: chunk: remove misleading chunk_strncat() function
|
|
- BUG/MINOR: cache: properly ignore unparsable max-age in quotes
|
|
- Revert "DEV: coccinelle: Add rule to use `chunk_istcat()` instead of `chunk_strncat()`"
|
|
- DOC: stats: fix location of the text representation
|
|
- DOC: internals: document the IST API
|
|
- BUG/MINOR: httpclient/lua: rcv freeze when no request payload
|
|
- BUG/MEDIUM: httpclient: channel_add_input() must use htx->data
|
|
- MINOR: promex: backend aggregated server check status
|
|
- DOC: config: Fix typo in ssl_fc_unique_id description
|
|
- BUG/MINOR: http-ana: Apply stop to the current section for http-response rules
|
|
- Revert "BUG/MINOR: http-ana: Don't eval front after-response rules if stopped on back"
|
|
- DOC: config: Be more explicit in "allow" actions description
|
|
- DOC: lua: Be explicit with the Reply object limits
|
|
- MINOR: mux-h1: Slightly Improve H1 traces
|
|
- BUG/MEDIUM: conn-stream: Don't reset CS flags on close
|
|
- CLEANUP: mworker: remove any relative PID reference
|
|
- MEDIUM: mworker: reexec in waitpid mode after successful loading
|
|
- MINOR: mworker: clarify starting/failure messages
|
|
- MINOR: mworker: only increment the number of reload in wait mode
|
|
- MINOR: mworker: implement a reload failure counter
|
|
- MINOR: mworker: ReloadFailed shown depending on failedreload
|
|
- MINOR: mworker: change the way we set PROC_O_LEAVING
|
|
- BUG/MINOR: mworker: doesn't launch the program postparser
|
|
- DOC: management: edit the "show proc" example to show the current output
|
|
- BUG/MEDIUM: httpclient/cli: free of unallocated hc->req.uri
|
|
- REGTESTS: httpclient/lua: add greater body values
|
|
- BUG/MINOR: mux-h2: Fix H2_CF_DEM_SHORT_READ value
|
|
- BUG/MINOR: pools: don't mark ourselves as harmless in DEBUG_UAF mode
|
|
- BUG/MEDIUM: connection: make cs_shutr/cs_shutw//cs_close() idempotent
|
|
- BUILD: makefile: simplify detection of libatomic
|
|
|
|
2021/11/06 : 2.5-dev13
|
|
- SCRIPTS: git-show-backports: re-enable file-based filtering
|
|
- MINOR: jwt: Make invalid static JWT algorithms an error in `jwt_verify` converter
|
|
- MINOR: mux-h2: add trace on extended connect usage
|
|
- BUG/MEDIUM: mux-h2: reject upgrade if no RFC8441 support
|
|
- MINOR: stream/mux: implement websocket stream flag
|
|
- MINOR: connection: implement function to update ALPN
|
|
- MINOR: connection: add alternative mux_ops param for conn_install_mux_be
|
|
- MEDIUM: server/backend: implement websocket protocol selection
|
|
- MINOR: server: add ws keyword
|
|
- BUG/MINOR: resolvers: fix sent messages were counted twice
|
|
- BUG/MINOR: resolvers: throw log message if trash not large enough for query
|
|
- MINOR: resolvers/dns: split dns and resolver counters in dns_counter struct
|
|
- MEDIUM: resolvers: rename dns extra counters to resolvers extra counters
|
|
- BUG/MINOR: jwt: Fix jwt_parse_alg incorrectly returning JWS_ALG_NONE
|
|
- DOC: add QUIC instruction in INSTALL
|
|
- CLEANUP: halog: Remove dead stores
|
|
- DEV: coccinelle: Add ha_free.cocci
|
|
- CLEANUP: Apply ha_free.cocci
|
|
- DEV: coccinelle: Add rule to use `istnext()` where possible
|
|
- CLEANUP: Apply ist.cocci
|
|
- REGTESTS: Use `feature cmd` for 2.5+ tests (2)
|
|
- DOC: internals: move some API definitions to an "api" subdirectory
|
|
- MINOR: quic: Allocate listener RX buffers
|
|
- CLEANUP: quic: Remove useless code
|
|
- MINOR: quic: Enhance the listener RX buffering part
|
|
- MINOR: quic: Remove a useless lock for CRYPTO frames
|
|
- MINOR: quic: Use QUIC_LOCK QUIC specific lock label.
|
|
- MINOR: backend: Get client dst address to set the server's one only if needful
|
|
- MINOR: compression: Warn for 'compression offload' in defaults sections
|
|
- MEDIUM: connection: rename fc_conn_err and bc_conn_err to fc_err and bc_err
|
|
- DOC: configuration: move the default log formats to their own section
|
|
- MINOR: ssl: make the ssl_fc_sni() sample-fetch function always available
|
|
- MEDIUM: log: add the client's SNI to the default HTTPS log format
|
|
- DOC: config: add an example of reasonably complete error-log-format
|
|
- DOC: config: move error-log-format before custom log format
|
|
|
|
2021/11/02 : 2.5-dev12
|
|
- MINOR: httpclient: support payload within a buffer
|
|
- MINOR: httpclient/lua: support more HTTP methods
|
|
- MINOR: httpclient/lua: return an error when it can't generate the request
|
|
- CLEANUP: lua: Remove any ambiguities about lua txn execution context flags
|
|
- BUG/MEDIUM: lua: fix invalid return types in hlua_http_msg_get_body
|
|
- CLEANUP: connection: No longer export make_proxy_line_v1/v2 functions
|
|
- CLEANUP: tools: Use const address for get_net_port() and get_host_port()
|
|
- CLEANUP: lua: Use a const address to retrieve info about a connection
|
|
- MINOR: connection: Add function to get src/dst without updating the connection
|
|
- MINOR: session: Add src and dst addresses to the session
|
|
- MINOR: stream-int: Add src and dst addresses to the stream-interface
|
|
- MINOR: frontend: Rely on client src and dst addresses at stream level
|
|
- MINOR: log: Rely on client addresses at the appropriate level to log messages
|
|
- MINOR: session: Rely on client source address at session level to log error
|
|
- MINOR: http-ana: Rely on addresses at stream level to set xff and xot headers
|
|
- MINOR: http-fetch: Rely on addresses at stream level in HTTP sample fetches
|
|
- MINOR: mux-fcgi: Rely on client addresses at stream level to set default params
|
|
- MEDIUM: tcp-sample: Rely on addresses at the appropriate level in tcp samples
|
|
- MEDIUM: connection: Rely on addresses at stream level to make proxy line
|
|
- MEDIUM: backend: Rely on addresses at stream level to init server connection
|
|
- MEDIUM: connection: Assign session addresses when PROXY line is received
|
|
- MEDIUM: connection: Assign session addresses when NetScaler CIP proto is parsed
|
|
- MEDIUM: tcp-act: Set addresses at the apprioriate level in set-(src/dst) actions
|
|
- MINOR: tcp-act: Add set-src/set-src-port for "tcp-request content" rules
|
|
- DOC: config: Fix alphabetical order of fc_* samples
|
|
- MINOR: tcp-sample: Add samples to get original info about client connection
|
|
- REGTESTS: Add script to test client src/dst manipulation at different levels
|
|
- MINOR: stream: Use backend stream-interface dst address instead of target_addr
|
|
- BUILD: log: Fix compilation without SSL support
|
|
- DEBUG: protocol: yell loudly during registration of invalid sock_domain
|
|
- MINOR: protocols: add a new protocol type selector
|
|
- MINOR: protocols: make use of the protocol type to select the protocol
|
|
- MINOR: protocols: replace protocol_by_family() with protocol_lookup()
|
|
- MINOR: halog: Add -qry parameter allowing to preserve the query string in -uX
|
|
- CLEANUP: jwt: Remove the use of a trash buffer in jwt_jwsverify_hmac()
|
|
- CLEANUP: jwt: Remove the use of a trash buffer in jwt_jwsverify_rsa_ecdsa()
|
|
- DEV: coccinelle: Add realloc_leak.cocci
|
|
- CLEANUP: hlua: Remove obsolete branch in `hlua_alloc()`
|
|
- BUILD: atomic: prefer __atomic_compare_exchange_n() for __ha_cas_dw()
|
|
- BUILD: atomic: fix build on mac/arm64
|
|
- MINOR: atomic: remove the memcpy() call and dependency on string.h
|
|
- MINOR: httpclient: request streaming with a callback
|
|
- MINOR: httpclient/lua: handle the streaming into the lua applet
|
|
- REGTESTS: lua: test httpclient with body streaming
|
|
- DOC: halog: Move the `-qry` parameter into the correct section in help text
|
|
- MINOR: halog: Rename -qry to -query
|
|
- CLEANUP: halog: Use consistent indentation in help()
|
|
- BUG/MINOR: halog: Add missing newlines in die() messages
|
|
- MINOR: halog: Add support for extracting captures using -hdr
|
|
- DOC: Typo fixed "it" should be "is"
|
|
- BUG/MINOR: mux-h1: Save shutdown mode if the shutdown is delayed
|
|
- BUG/MEDIUM: mux-h1: Perform a connection shutdown when the h1c is released
|
|
- BUG/MEDIUM: resolvers: Don't recursively perform requester unlink
|
|
- BUG/MEDIUM: http-ana: Drain request data waiting the tarpit timeout expiration
|
|
- BUG/MINOR: http: Authorization value can have multiple spaces after the scheme
|
|
- BUG/MINOR: http: http_auth_bearer fetch does not work on custom header name
|
|
- BUG/MINOR: httpclient/lua: misplaced luaL_buffinit()
|
|
- BUILD/MINOR: cpuset freebsd build fix
|
|
- BUG/MINOR: httpclient: use a placeholder value for Host header
|
|
- BUG/MEDIUM: stream-int: Block reads if channel cannot receive more data
|
|
- BUG/MEDIUM: resolvers: Track api calls with a counter to free resolutions
|
|
- MINOR: stream: Improve dump of bogus streams
|
|
- DOC/peers: some grammar fixes for peers 2.1 spec
|
|
- MEDIUM: vars: make the var() sample fetch function really return type ANY
|
|
- MINOR: vars: add "set-var" for "tcp-request connection" rules.
|
|
|
|
2021/10/22 : 2.5-dev11
|
|
- DEV: coccinelle: Add strcmp.cocci
|
|
- CLEANUP: Apply strcmp.cocci
|
|
- CI: Add `permissions` to GitHub Actions
|
|
- CI: Clean up formatting in GitHub Action definitions
|
|
- MINOR: add ::1 to predefined LOCALHOST acl
|
|
- CLEANUP: assorted typo fixes in the code and comments
|
|
- CLEANUP: Consistently `unsigned int` for bitfields
|
|
- MEDIUM: resolvers: lower-case labels when converting from/to DNS names
|
|
- MEDIUM: resolvers: replace bogus resolv_hostname_cmp() with memcmp()
|
|
- MINOR: jwt: Empty the certificate tree during deinit
|
|
- MINOR: jwt: jwt_verify returns negative values in case of error
|
|
- MINOR: jwt: Do not rely on enum order anymore
|
|
- BUG/MEDIUM: stream: Keep FLT_END analyzers if a stream detects a channel error
|
|
- MINOR: httpclient/cli: access should be only done from expert mode
|
|
- DOC: management: doc about the CLI httpclient
|
|
- BUG/MEDIUM: tcpcheck: Properly catch early HTTP parsing errors
|
|
- BUG/MAJOR: dns: tcp session can remain attached to a list after a free
|
|
- BUG/MAJOR: dns: attempt to lock globaly for msg waiter list instead of use barrier
|
|
- CLEANUP: dns: always detach the appctx from the dns session on release
|
|
- DEBUG: dns: add a few more BUG_ON at sensitive places
|
|
- BUG/MAJOR: resolvers: add other missing references during resolution removal
|
|
- CLEANUP: resolvers: do not export resolv_purge_resolution_answer_records()
|
|
- BUILD: resolvers: avoid a possible warning on null-deref
|
|
- BUG/MEDIUM: resolvers: always check a valid item in query_list
|
|
- CLEANUP: always initialize the answer_list
|
|
- CLEANUP: resolvers: simplify resolv_link_resolution() regarding requesters
|
|
- CLEANUP: resolvers: replace all LIST_DELETE with LIST_DEL_INIT
|
|
- MEDIUM: resolvers: use a kill list to preserve the list consistency
|
|
- MEDIUM: resolvers: remove the last occurrences of the "safe" argument
|
|
- BUG/MEDIUM: checks: fix the starting thread for external checks
|
|
- MEDIUM: resolvers: replace the answer_list with a (flat) tree
|
|
- MEDIUM: resolvers: hash the records before inserting them into the tree
|
|
- BUG/MAJOR: buf: fix varint API post- vs pre- increment
|
|
- OPTIM: resolvers: move the eb32 node before the data in the answer_item
|
|
- MINOR: list: add new macro LIST_INLIST_ATOMIC()
|
|
- OPTIM: dns: use an atomic check for the list membership
|
|
- BUG/MINOR: task: do not set TASK_F_USR1 for no reason
|
|
- BUG/MINOR: mux-h2: do not prevent from sending a final GOAWAY frame
|
|
- MINOR: connection: add a new CO_FL_WANT_DRAIN flag to force drain on close
|
|
- MINOR: mux-h2: perform a full cycle shutdown+drain on close
|
|
- CLEANUP: resolvers: get rid of single-iteration loop in resolv_get_ip_from_response()
|
|
- MINOR: quic: Increase the size of handshake RX UDP datagrams
|
|
- BUG/MEDIUM: lua: fix memory leaks with realloc() on non-glibc systems
|
|
- MINOR: memprof: report the delta between alloc and free on realloc()
|
|
- MINOR: memprof: add one pointer size to the size of allocations
|
|
- BUILD: fix compilation on NetBSD
|
|
- MINOR: backend: add traces for idle connections reuse
|
|
- BUG/MINOR: backend: fix improper insert in avail tree for always reuse
|
|
- MINOR: backend: improve perf with tcp proxies skipping idle conns
|
|
- MINOR: connection: remove unneeded memset 0 for idle conns
|
|
|
|
2021/10/16 : 2.5-dev10
|
|
- MINOR: initcall: Rename __GLOBL and __GLOBL1.
|
|
- MINOR: rules: add a new function new_act_rule() to allocate act_rules
|
|
- MINOR: rules: add a file name and line number to act_rules
|
|
- MINOR: stream: report the current rule in "show sess all" when known
|
|
- MINOR: stream: report the current filter in "show sess all" when known
|
|
- CLEANUP: stream: Properly indent current_rule line in "show sess all"
|
|
- BUG/MINOR: lua: Fix lua error handling in `hlua_config_prepend_path()`
|
|
- CI: github: switch to OpenSSL 3.0.0
|
|
- REGTESTS: ssl: Fix references to removed option in test description
|
|
- MINOR: ssl: Add ssllib_name_startswith precondition
|
|
- REGTESTS: ssl: Fix ssl_errors test for OpenSSL v3
|
|
- REGTESTS: ssl: Reenable ssl_errors test for OpenSSL only
|
|
- REGTESTS: ssl: Use mostly TLSv1.2 in ssl_errors test
|
|
- MEDIUM: mux-quic: rationalize tx buffers between qcc/qcs
|
|
- MEDIUM: h3: properly manage tx buffers for large data
|
|
- MINOR: mux-quic: standardize h3 settings sending
|
|
- CLEANUP: h3: remove dead code
|
|
- MINOR: mux-quic: implement standard method to detect if qcc is dead
|
|
- MEDIUM: mux-quic: defer stream shut if remaining tx data
|
|
- MINOR: mux: remove last occurences of qcc ring buffer
|
|
- MINOR: quic: handle CONNECTION_CLOSE frame
|
|
- REGTESTS: ssl: re-enable set_ssl_cert_bundle.vtc
|
|
- MINOR: ssl: add ssl_fc_is_resumed to "option httpslog"
|
|
- MINOR: http: Add http_auth_bearer sample fetch
|
|
- MINOR: jwt: Parse JWT alg field
|
|
- MINOR: jwt: JWT tokenizing helper function
|
|
- MINOR: jwt: Insert public certificates into dedicated JWT tree
|
|
- MINOR: jwt: jwt_header_query and jwt_payload_query converters
|
|
- MEDIUM: jwt: Add jwt_verify converter to verify JWT integrity
|
|
- REGTESTS: jwt: Add tests for the jwt_verify converter
|
|
- BUILD: jwt: fix declaration of EVP_KEY in jwt-h.h
|
|
- MINOR: proto_tcp: use chunk_appendf() to ouput socket setup errors
|
|
- MINOR: proto_tcp: also report the attempted MSS values in error message
|
|
- MINOR: inet: report the faulty interface name in "bind" errors
|
|
- MINOR: protocol: report the file and line number for binding/listening errors
|
|
- MINOR: protocol: uniformize protocol errors
|
|
- MINOR: resolvers: fix the resolv_str_to_dn_label() API about trailing zero
|
|
- BUG/MEDIUM: resolver: make sure to always use the correct hostname length
|
|
- BUG/MINOR: resolvers: do not reject host names of length 255 in SRV records
|
|
- MINOR: resolvers: fix the resolv_dn_label_to_str() API about trailing zero
|
|
- MEDIUM: listeners: split the thread mask between receiver and bind_conf
|
|
- MINOR: listeners: add clone_listener() to duplicate listeners at boot time
|
|
- MEDIUM: listener: add the "shards" bind keyword
|
|
- BUG/MEDIUM: resolvers: use correct storage for the target address
|
|
- MINOR: resolvers: merge address and target into a union "data"
|
|
- BUG/MEDIUM: resolvers: fix truncated TLD consecutive to the API fix
|
|
- BUG/MEDIUM: jwt: fix base64 decoding error detection
|
|
- BUG/MINOR: jwt: use CRYPTO_memcmp() to compare HMACs
|
|
- DOC: jwt: fix a typo in the jwt_verify() keyword description
|
|
- BUG/MEDIUM: sample/jwt: fix another instance of base64 error detection
|
|
- BUG/MINOR: http-ana: Don't eval front after-response rules if stopped on back
|
|
- BUG/MINOR: sample: Fix 'fix_tag_value' sample when waiting for more data
|
|
- DOC: config: Move 'tcp-response content' at the right place
|
|
- BUG/MINOR: proxy: Use .disabled field as a bitfield as documented
|
|
- MINOR: proxy: Introduce proxy flags to replace disabled bitfield
|
|
- MINOR: sample/arg: Be able to resolve args found in defaults sections
|
|
- MEDIUM: proxy: Warn about ambiguous use of named defaults sections
|
|
- MINOR: proxy: Be able to reference the defaults section used by a proxy
|
|
- MINOR: proxy: Add PR_FL_READY flag on fully configured and usable proxies
|
|
- MINOR: config: Finish configuration for referenced default proxies
|
|
- MINOR: config: No longer remove previous anonymous defaults section
|
|
- MINOR: tcpcheck: Support 2-steps args resolution in defaults sections
|
|
- MEDIUM: rules/acl: Parse TCP/HTTP rules and acls defined in defaults sections
|
|
- MEDIUM: tcp-rules: Eval TCP rules defined in defaults sections
|
|
- MEDIUM: http-ana: Eval HTTP rules defined in defaults sections
|
|
- BUG/MEDIUM: sample: Cumulate frontend and backend sample validity flags
|
|
- REGTESTS: Add scripts to test support of TCP/HTTP rules in defaults sections
|
|
- DOC: config: Add documentation about TCP/HTTP rules in defaults section
|
|
- DOC: config: Rework and uniformize how TCP/HTTP rules are documented
|
|
- BUG/MINOR: proxy: Release ACLs and TCP/HTTP rules of default proxies
|
|
- BUG/MEDIUM: cpuset: fix cpuset size for FreeBSD
|
|
- BUG/MINOR: sample: fix backend direction flags consecutive to last fix
|
|
- BUG/MINOR: listener: fix incorrect return on out-of-memory
|
|
- BUG/MINOR: listener: add an error check for unallocatable trash
|
|
- CLEANUP: listeners: remove unreachable code in clone_listener()
|
|
|
|
2021/10/08 : 2.5-dev9
|
|
- head-truc
|
|
- REGTESTS: lua: test the httpclient:get() feature
|
|
- Revert "head-truc"
|
|
- BUG/MEDIUM: httpclient: replace ist0 by istptr
|
|
- MINOR: config: use a standard parser for the "nbthread" keyword
|
|
- CLEANUP: init: remove useless test against MAX_THREADS in affinity loop
|
|
- MEDIUM: init: de-uglify the per-thread affinity setting
|
|
- MINOR: init: extract the setup and end of threads to their own functions
|
|
- MINOR: log: Try to get the status code when MUX_EXIT_STATUS is retrieved
|
|
- MINOR: mux-h1: Set error code if possible when MUX_EXIT_STATUS is returned
|
|
- MINOR: mux-h1: Be able to set custom status code on parsing error
|
|
- MEDIUM: mux-h1: Reject HTTP/1.0 GET/HEAD/DELETE requests with a payload
|
|
- MEDIUM: h1: Force close mode for invalid uses of T-E header
|
|
- BUG/MINOR: mux-h1/mux-fcgi: Sanitize TE header to only send "trailers"
|
|
- MINOR: http: Add 422-Unprocessable-Content error message
|
|
- MINOR: h1: Change T-E header parsing to fail if chunked encoding is found twice
|
|
- BUG/MEDIUM: mux-h1/mux-fcgi: Reject messages with unknown transfer encoding
|
|
- REGTESTS: Add script to validate T-E header parsing
|
|
- REORG: pools: move default settings to defaults.h
|
|
- DOC: peers: fix doc "enable" statement on "peers" sections
|
|
- MINOR: Makefile: add MEMORY_POOLS to the list of DEBUG_xxx options
|
|
- MINOR: ssl: Set connection error code in case of SSL read or write fatal failure
|
|
- MINOR: ssl: Rename ssl_bc_hsk_err to ssl_bc_err
|
|
- MINOR: ssl: Store the last SSL error code in case of read or write failure
|
|
- REGTESTS: ssl: enable show_ssl_ocspresponse.vtc again
|
|
- REGTESTS: ssl: enable ssl_crt-list_filters.vtc again
|
|
- BUG/MEDIUM: lua: fix wakeup condition from sleep()
|
|
- BUG/MAJOR: lua: use task_wakeup() to properly run a task once
|
|
- MINOR: arg: Be able to forbid unresolved args when building an argument list
|
|
- BUG/MINOR: tcpcheck: Don't use arg list for default proxies during parsing
|
|
- BUG/MINOR: tcp-rules: Stop content rules eval on read error and end-of-input
|
|
- MINOR: tasks: catch TICK_ETERNITY with BUG_ON() in __task_queue()
|
|
- REGTESTS: ssl: show_ssl_ocspresponse w/ freebsd won't use base64
|
|
- REGTESTS: ssl: wrong feature cmd in show_ssl_ocspresponse.vtc
|
|
- CLEANUP: tasks: remove the long-unused work_lists
|
|
- MINOR: task: provide 3 task_new_* wrappers to simplify the API
|
|
- MINOR: time: uninline report_idle() and move it to task.c
|
|
- REORG: sched: move idle time calculation from time.h to task.h
|
|
- REORG: sched: move the stolen CPU time detection to sched_entering_poll()
|
|
- BUG/MEDIUM: filters: Fix a typo when a filter is attached blocking the release
|
|
- BUG/MEDIUM: http-ana: Clear request analyzers when applying redirect rule
|
|
- MINOR: httpclient: destroy() must free the headers and the ists
|
|
- MINOR: httpclient: set HTTPCLIENT_F_ENDED only in release
|
|
- MINOR: httpclient: stop_and_destroy() ask the applet to autokill
|
|
- MINOR: httpclient: test if started during stop_and_destroy()
|
|
- MINOR: httpclient/lua: implement garbage collection
|
|
- BUG/MEDIUM: httpclient/lua: crash because of b_xfer and get_trash_chunk()
|
|
- MINOR: httpclient: destroy checks if a client was started but not stopped
|
|
- BUG/MINOR: httpclient/lua: does not process headers when failed
|
|
- MINOR: httpclient/lua: supports headers via named arguments
|
|
- CLEANUP: server: always include the storage for SSL settings
|
|
- CLEANUP: sample: rename sample_conv_var2smp() to *_sint
|
|
- CLEANUP: sample: uninline sample_conv_var2smp_str()
|
|
- MINOR: sample: provide a generic var-to-sample conversion function
|
|
- BUG/MEDIUM: sample: properly verify that variables cast to sample
|
|
- BUILD: action: add the relevant structures for function arguments
|
|
- BUILD: extcheck: needs to include stream-t.h
|
|
- BUILD: hlua: needs to include stream-t.h
|
|
- BUILD: stats: define several missing structures in stats.h
|
|
- BUILD: resolvers: define missing types in resolvers.h
|
|
- BUILD: httpclient: include missing ssl_sock-t
|
|
- BUILD: sample: include openssl-compat
|
|
- BUILD: http_ana: need to include proxy-t to get redirect_rule
|
|
- BUILD: http_rules: requires http_ana-t.h for REDIRECT_*
|
|
- BUILD: vars: need to include xxhash
|
|
- BUILD: peers: need to include eb{32/mb/pt}tree.h
|
|
- BUILD: ssl_ckch: include ebpttree.h in ssl_ckch.c
|
|
- BUILD: compiler: add the container_of() and container_of_safe() macros
|
|
- BUILD: idleconns: include missing ebmbtree.h at several places
|
|
- BUILD: connection: connection.h needs list.h and server.h
|
|
- BUILD: tree-wide: add missing http_ana.h from many places
|
|
- BUILD: cfgparse-ssl: add missing errors.h
|
|
- BUILD: tcp_sample: include missing errors.h and session-t.h
|
|
- BUILD: mworker: mworker-prog needs time.h for the 'now' variable
|
|
- BUILD: tree-wide: add several missing activity.h
|
|
- BUILD: compat: fix -Wundef on SO_REUSEADDR
|
|
- CLEANUP: pools: pools-t.h doesn't need to include thread-t.h
|
|
- REORG: pools: uninline the UAF allocator and force-inline the rest
|
|
- REORG: thread: uninline the lock-debugging code
|
|
- MINOR: thread/debug: replace nsec_now() with now_mono_time()
|
|
- CLEANUP: remove some unneeded includes from applet-t.h
|
|
- REORG: listener: move bind_conf_alloc() and listener_state_str() to listener.c
|
|
- CLEANUP: listeners: do not include openssl-compat
|
|
- CLEANUP: servers: do not include openssl-compat
|
|
- REORG: ssl: move ssl_sock_is_ssl() to connection.h and rename it
|
|
- CLEANUP: mux_fcgi: remove dependency on ssl_sock
|
|
- CLEANUP: ssl/server: move ssl_sock_set_srv() to srv_set_ssl() in server.c
|
|
- REORG: ssl-sock: move the sslconns/totalsslconns counters to global
|
|
- REORG: sample: move the crypto samples to ssl_sample.c
|
|
- REORG: sched: moved samp_time and idle_time to task.c as well
|
|
- REORG: time/ticks: move now_ms and global_now_ms definitions to ticks.h
|
|
- CLEANUP: tree-wide: remove unneeded include time.h in ~20 files
|
|
- REORG: activity: uninline activity_count_runtime()
|
|
- REORG: acitvity: uninline sched_activity_entry()
|
|
- CLEANUP: stream: remove many unneeded includes from stream-t.h
|
|
- CLEANUP: stick-table: no need to include socket nor in.h
|
|
- MINOR: connection: use uint64_t for the hashes
|
|
- REORG: connection: move the hash-related stuff to connection.c
|
|
- REORG: connection: uninline conn_notify_mux() and conn_delete_from_tree()
|
|
- REORG: server: uninline the idle conns management functions
|
|
- REORG: ebtree: split structures into their own file ebtree-t.h
|
|
- CLEANUP: tree-wide: only include ebtree-t from type files
|
|
- REORG: connection: move the largest inlines from connection.h to connection.c
|
|
- CLEANUP: connection: do not include http_ana!
|
|
- CLEANUP: connection: remove unneeded tcpcheck-t.h and use only session-t.h
|
|
- REORG: connection: uninline the rest of the alloc/free stuff
|
|
- REORG: task: uninline the loop time measurement code
|
|
- CLEANUP: time: move a few configurable defines to defaults.h
|
|
- CLEANUP: fd: do not include time.h
|
|
- REORG: fd: uninline compute_poll_timeout()
|
|
- CLENAUP: wdt: use ha_tkill() instead of accessing pthread directly
|
|
- REORG: thread: move the thread init/affinity/stop to thread.c
|
|
- REORG: thread: move ha_get_pthread_id() to thread.c
|
|
- MINOR: thread: use a dedicated static pthread_t array in thread.c
|
|
- CLEANUP: thread: uninline ha_tkill/ha_tkillall/ha_cpu_relax()
|
|
- DOC: configuration: add clarification on escaping in keyword arguments
|
|
- BUG/MINOR: task: fix missing include with DEBUG_TASK
|
|
- MINOR: pools: report the amount used by thread caches in "show pools"
|
|
- MINOR: quic: Distinguish packet and SSL read enc. level in traces
|
|
- MINOR: quic: Add a function to dump SSL stack errors
|
|
- MINOR: quic: BUG_ON() SSL errors.
|
|
- MINOR: quic: Fix SSL error issues (do not use ssl_bio_and_sess_init())
|
|
- BUG/MEDIUM: mux-quic: reinsert all streams in by_id tree
|
|
- BUG/MAJOR: xprt-quic: do not queue qc timer if not set
|
|
- MINOR: mux-quic: release connection if no more bidir streams
|
|
- BUG/MAJOR: quic: remove qc from receiver cids tree on free
|
|
- BUG/MEDIUM: mux_h2: Handle others remaining read0 cases on partial frames
|
|
- MINOR: qpack: do not encode invalid http status code
|
|
- MINOR: qpack: support non-indexed http status code encoding
|
|
- MINOR: qpack: fix memory leak on huffman decoding
|
|
- CLEANUP: mux-quic: remove unused code
|
|
- BUG/MINOR: quic: fix includes for compilation
|
|
- BUILD: connection: avoid a build warning on FreeBSD with SO_USER_COOKIE
|
|
- BUILD: init: avoid a build warning on FreeBSD with USE_PROCCTL
|
|
- REORG: time: move time-keeping code and variables to clock.c
|
|
- REORG: clock: move the updates of cpu/mono time to clock.c
|
|
- MINOR: activity: get the run_time from the clock updates
|
|
- CLEANUP: clock: stop exporting before_poll and after_poll
|
|
- REORG: clock: move the clock_id initialization to clock.c
|
|
- REORG: clock/wdt: move wdt timer initialization to clock.c
|
|
- MINOR: clock: move the clock_ids to clock.c
|
|
- MINOR: wdt: move wd_timer to wdt.c
|
|
- CLEANUP: wdt: do not remap SI_TKILL to SI_LWP, test the values directly
|
|
- REORG: thread/sched: move the task_per_thread stuff to thread_ctx
|
|
- REORG: thread/clock: move the clock parts of thread_info to thread_ctx
|
|
- REORG: thread/sched: move the thread_info flags to the thread_ctx
|
|
- REORG: thread/sched: move the last dynamic thread_info to thread_ctx
|
|
- MINOR: thread: make "ti" a const pointer and clean up thread_info a bit
|
|
- MINOR: threads: introduce a minimalistic notion of thread-group
|
|
- MINOR: global: add a new "thread-groups" directive
|
|
- MINOR: global: add a new "thread-group" directive
|
|
- MINOR: threads: make tg point to the current thread's group
|
|
- MEDIUM: threads: automatically assign threads to groups
|
|
- MINOR: threads: set the group ID and its bit in the thread group
|
|
- MINOR: threads: set the tid, ltid and their bit in thread_cfg
|
|
- MEDIUM: threads: replace ha_set_tid() with ha_set_thread()
|
|
- MINOR: threads: add the current group ID in thread-local "tgid" variable
|
|
- MINOR: debug: report the group and thread ID in the thread dumps
|
|
- MEDIUM: listeners: support the definition of thread groups on bind lines
|
|
- MINOR: threads: add a new function to resolve config groups and masks
|
|
- MEDIUM: config: resolve relative threads on bind lines to absolute ones
|
|
- MEDIUM: stick-table: never learn the "conn_cur" value from peers
|
|
|
|
2021/09/24 : 2.5-dev8
|
|
- BUILD: compiler: fixed a missing test on defined(__GNUC__)
|
|
- BUILD: halog: fix a -Wundef warning on non-glibc systems
|
|
- BUILD: threads: fix -Wundef for _POSIX_PRIORITY_SCHEDULING on libmusl
|
|
- BUG/MINOR: compat: make sure __WORDSIZE is always defined
|
|
- BUILD: sample: fix format warning on 32-bit archs in sample_conv_be2dec_check()
|
|
- CLEANUP: pools: factor all malloc_trim() calls into trim_all_pools()
|
|
- MINOR: pools: automatically disable malloc_trim() with external allocators
|
|
- MINOR: pools: report it when malloc_trim() is enabled
|
|
- DOC: Add .mailmap
|
|
- CLEANUP: tree-wide: fix prototypes for functions taking no arguments.
|
|
- CLEANUP: Remove prototype for non-existent thread_get_default_count()
|
|
- CLEANUP: acl: Remove unused variable when releasing an acl expression
|
|
- BUG/MAJOR: mux-h1: Don't eval input data if an error was reported
|
|
- DOC: update Tim's address in .mailmap
|
|
- MINOR: pools: use mallinfo2() when available instead of mallinfo()
|
|
- BUG/MINOR: tcpcheck: Improve LDAP response parsing to fix LDAP check
|
|
- DOC: management: certificate files must be sanitized before injection
|
|
- BUG/MINOR: connection: prevent null deref on mux cleanup task allocation
|
|
- BUILD: ist: prevent gcc11 maybe-uninitialized warning on istalloc
|
|
- BUG/MINOR: cli/payload: do not search for args inside payload
|
|
- BUILD: sockpair: do not set unused flag
|
|
- BUILD: proto_uxst: do not set unused flag
|
|
- BUILD: fd: remove unused variable totlen in fd_write_frag_line()
|
|
- MINOR: applet: remove the thread mask from appctx_new()
|
|
- REORG: threads: move ha_get_pthread_id() to tinfo.h
|
|
- CLEANUP: Apply ist.cocci
|
|
- DEV: coccinelle: Add ist.cocci
|
|
- CLEANUP: Apply bug_on.cocci
|
|
- DEV: coccinelle: Add xalloc_size.cocci
|
|
- DEV: coccinelle: Add bug_on.cocci
|
|
- CLEANUP: Apply xalloc_size.cocci
|
|
- DEV: coccinelle: Add xalloc_cast.cocci
|
|
- BUG/MINOR: flt-trace: fix an infinite loop when random-parsing is set
|
|
- MINOR: httpclient: add the EOH when no headers where provided
|
|
- CLEANUP: Include check.h in flt_spoe.c
|
|
- CLEANUP: Remove unreachable `break` from parse_time_err()
|
|
- BUG/MINOR: server: allow 'enable health' only if check configured
|
|
- BUG/MINOR: server: alloc dynamic srv ssl ctx if proxy uses ssl chk rule
|
|
- MINOR: server: enable more keywords for ssl checks for dynamic servers
|
|
- MINOR: server: enable more check related keywords for dynamic servers
|
|
- REORG: server: move slowstart init outside of checks
|
|
- MINOR: server: enable slowstart for dynamic server
|
|
- MEDIUM: listener: deprecate "process" in favor of "thread" on bind lines
|
|
- BUG/MEDIUM: leastconn: fix rare possibility of divide by zero
|
|
- BUG/MINOR: quic: Possible NULL pointer dereferencing when dumping streams.
|
|
- MINOR: quic: Move transport parmaters to anynomous struct.
|
|
- MINOR: mux_quic: Add QUIC mux layer.
|
|
- MINOR: connection: Add callbacks definitions for QUIC.
|
|
- MINOR: quic: Attach QUIC mux connection objet to QUIC connection.
|
|
- MINOR: quic: Add a new definition to store STREAM frames.
|
|
- MINOR: h3: Add HTTP/3 definitions.
|
|
- MINOR: qpack: Add QPACK compression.
|
|
- MINOR: quic_sock: Finalize the QUIC connections.
|
|
- MINOR: quic: Disable the action of ->rcv_buf() xprt callback
|
|
- MINOR: quic: Add callbacks for (un)scribing to QUIC xprt.
|
|
- MINOR: quic: Variable-length integer encoding/decoding into/from buffer struct.
|
|
- BUG/MINOR: quic: Wrong ->accept() error handling
|
|
- MINOR: quic: Add a wrapper function to update transport parameters.
|
|
- MINOR: quic: Update the streams transport parameters.
|
|
- MINOR: quic: Avoid header collisions
|
|
- MINOR: quic: Replace max_packet_size by max_udp_payload size.
|
|
- MINOR: quic: Enable some quic, h3 and qpack modules compilation.
|
|
- MINOR: quic: Move an SSL func call from QUIC I/O handler to the xprt init.
|
|
- MINOR: quic: Initialize the session before starting the xprt.
|
|
- BUG/MINOR: quic: Do not check the acception of a new conn from I/O handler.
|
|
- MINOR: quic: QUIC conn initialization from I/O handler
|
|
- MINOR: quic: Remove header protection for conn with context
|
|
- MINOR: quic: Derive the initial secrets asap
|
|
- MINOR: quic: Remove header protection also for Initial packets
|
|
- BUG/MINOR: quic: Wrong memory free in quic_update_ack_ranges_list()
|
|
- MINOR: quic: quic_update_ack_ranges_list() code factorization
|
|
- MINOR: quic: Useless test in quic_update_ack_ranges_list()
|
|
- MINOR: quic: Remove a useless variable in quic_update_ack_ranges_list()
|
|
- BUG/MINOR: quic: Missing cases treatement when updating ACK ranges
|
|
- CLEAUNUP: quic: Usage of a useless variable in qc_treat_rx_pkts()
|
|
- BUG/MINOR: quic: Wrong RX packet reference counter usage
|
|
- MINOR: quic: Do not stop the packet parsing too early in qc_treat_rx_packets()
|
|
- MINOR: quic: Add a lock for RX packets
|
|
- MINOR: quic: Move the connection state
|
|
- MINOR: quic: Replace quic_conn_ctx struct by ssl_sock_ctx struct
|
|
- MINOR: quic: Replace the RX list of packet by a thread safety one.
|
|
- MINOR: quic: Replace the RX unprotected packet list by a thread safety one.
|
|
- MINOR: quic: Add useful traces for I/O dgram handler
|
|
- MINOR: quic: Do not wakeup the xprt task on ACK receipt
|
|
- MINOR: quic: Connection allocations rework
|
|
- MINOR: quic: Move conn_prepare() to ->accept_conn() callback
|
|
- MINOR: quic: Make qc_lstnr_pkt_rcv() be thread safe.
|
|
- MINOR: quic: Add a ring buffer implementation for QUIC
|
|
- MINOR: quic: Prefer x25519 as ECDH preferred parametes.
|
|
- MINOR: quic: Add the QUIC v1 initial salt.
|
|
- BUG/MINOR: quic: Too much reduced computed space to build handshake packets
|
|
- MINOR: net_helper: add functions for pointers
|
|
- MINOR: quic: Add ring buffer definition (struct qring) for QUIC
|
|
- MINOR: proto_quic: Allocate TX ring buffers for listeners
|
|
- MINOR: quic: Initialize pointers to TX ring buffer list
|
|
- MINOR: quic: Make use of TX ring buffers to send QUIC packets
|
|
- MINOR: quic_tls: Make use of the QUIC V1 salt.
|
|
- MINOR: quic: Remove old TX buffer implementation
|
|
- MINOR: Add function for TX packets reference counting
|
|
- MINOR: quic: Add TX packets at the very last time to their tree.
|
|
- MINOR: quic: Unitialized mux context upon Client Hello message receipt.
|
|
- MINOR: quic: Missing encryption level rx.crypto member initialization and lock.
|
|
- MINOR: quic: Rename ->rx.rwlock of quic_enc_level struct to ->rx.pkts_rwlock
|
|
- MINOR: quic: Make qc_treat_rx_pkts() be thread safe.
|
|
- MINOR: quic: Make ->tx.frms quic_pktns struct member be thread safe
|
|
- MINOR: quic: Replace quic_tx_frm struct by quic_frame struct
|
|
- MINOR: quic: Add a mask for TX frame builders and their authorized packet types
|
|
- MINOR: quic: Add a useful function to compute any frame length.
|
|
- MINOR: quic: Add the QUIC connection state to traces
|
|
- MINOR: quic: Store post handshake frame in ->pktns.tx.frms MT_LIST
|
|
- MINOR: quic: Add the packet type to quic_tx_packet struct
|
|
- MINOR: quic: Modify qc_do_build_hdshk_pkt() to accept any packet type
|
|
- MINOR: quic: Atomically handle packet number space ->largest_acked_pn variable
|
|
- MINOR: quic: Modify qc_build_cfrms() to support any frame
|
|
- MINOR: quic: quic_conn_io_cb() task rework
|
|
- MINOR: quic: Make qc_build_hdshk_pkt() atomically consume a packet number
|
|
- MINOR: quic: qc_do_build_hdshk_pkt() does not need to pass a copy of CRYPTO frame
|
|
- MINOR: quic: Remove Application level related functions
|
|
- MINOR: quic: Rename functions which do not build only Handshake packets
|
|
- MINOR: quic: Make circular buffer internal buffers be variable-sized.
|
|
- MINOR: quic: Add a pool for TX ring buffer internal buffer
|
|
- MINOR: quic: Make use of the last cbuf API when initializing TX ring buffers
|
|
- MINOR: quic: Missing acks encoded size updates.
|
|
- MINOR: quic: Evaluate the packet lengths in advance
|
|
- MINOR: quic: Update the TLS extension for QUIC transport parameters
|
|
- MINOR: quic: Fix handshake state debug strings
|
|
- MINOR: quic: Atomically get/set the connection state
|
|
- MINOR: quic: Missing QUIC encryption level for qc_build_pkt()
|
|
- MINOR: quic: Coalesce Application level packets with Handshake packets.
|
|
- MINOR: quic: Wrong flags handling for acks
|
|
- MINOR: quic: Missing case when discarding HANDSHAKE secrets
|
|
- MINOR: quic: Post handshake packet building improvements
|
|
- MINOR: quic: Prepare Application level packet asap.
|
|
- MINOR: h3: Send h3 settings asap
|
|
- MINOR: quic: Wrong STREAM frame length computing
|
|
- MINOR: quic: Wrong short packet minimum length
|
|
- MINOR: quic: Prepare STREAM frames to fill QUIC packets
|
|
- MINOR: h3: change default settings
|
|
- MINOR: quic-enc: fix varint encoding
|
|
- MINOR: qpack: fix wrong comment
|
|
- MINOR: qpack: generate headers list on decoder
|
|
- MINOR: h3: parse headers to htx
|
|
- MINOR: h3: allocate stream on headers
|
|
- MEDIUM: mux-quic: implement ring buffer on stream tx
|
|
- MINOR: mux-quic: send SETTINGS on uni stream
|
|
- MINOR: h3: define snd_buf callback and divert mux ops
|
|
- MINOR: mux-quic: define FIN stream flag
|
|
- MINOR: qpack: create qpack-enc module
|
|
- MINOR: qpack: encode headers functions
|
|
- MINOR: h3: encode htx headers to QPACK
|
|
- MINOR: h3: send htx data
|
|
- MINOR: h3/mux: detect fin on last h3 frame of the stream
|
|
- MINOR: quic: Shorten some handshakes
|
|
- MINOR: quic: Make QUIC-TLS support at least two initial salts
|
|
- MINOR: quic: Attach the QUIC connection to a thread.
|
|
- MINOR: quic: Missing active_connection_id_limit default value
|
|
- MINOR: quic_sock: Do not flag QUIC connections as being set
|
|
- MINOR: buf: Add b_force_xfer() function
|
|
- MINOR: quic: Make use of buffer structs to handle STREAM frames
|
|
- MINOR: mux_quic: move qc_process() code to qc_send()
|
|
- MINOR: quic: Add a typedef for unsigned long long
|
|
- MINOR: quic: Confusion between TX/RX for the frame builders
|
|
- MINOR: quic: Wrong packet flags settings during frame building
|
|
- MINOR: quic: Constantness fixes for frame builders/parsers.
|
|
- MINOR: quic_tls: Client/serveur state reordering
|
|
- MINOR: quic: Wrong packet loss detection due to wrong pktns order
|
|
- MINOR: quic: Wrong packet number space selection in quic_loss_pktns()
|
|
- MINOR: quic: Initial packet number spaced not discarded
|
|
- MINOR: quic: Add useful trace about pktns discarding
|
|
- MINOR: mux_quic: Export the mux related flags
|
|
- MINOR: quic: Implement quic_conn_subscribe()
|
|
- MINOR: quic: Wake up the mux upon ACK receipt
|
|
- MINOR: quic: Stream FIN bit fix in qcs_push_frame()
|
|
- MINOR: quic: Implement qc_process_mux()
|
|
- MINOR: quic: Wake up the xprt from mux
|
|
- CLEANUP: quic: Remove useless inline functions
|
|
- MINOR: quic: RX packets memory leak
|
|
- MINOR: quic: Possible endless loop in qc_treat_rx_pkts()
|
|
- MINOR: quic: Crash upon too big packets receipt
|
|
- MINOR: quic: define close handler
|
|
- MEDIUM: quic: implement mux release/conn free
|
|
- MINOR: quic: fix qcc subs initialization
|
|
- BUG/MINOR: h1-htx: Fix a typo when request parser is reset
|
|
- BUG/MEDIUM: mux-h1: Adjust conditions to ask more space in the channel buffer
|
|
- BUG/MEDIUM: stream-int: Notify stream that the mux wants more room to xfer data
|
|
- BUG/MEDIUM: stream: Stop waiting for more data if SI is blocked on RXBLK_ROOM
|
|
- MINOR: stream-int: Set CO_RFL transient/persistent flags apart in si_cs_rcv()
|
|
- MINOR: htx: Add an HTX flag to know when a message is fragmented
|
|
- MINOR: htx: Add a function to know if the free space wraps
|
|
- BUG/MEDIUM: stream-int: Defrag HTX message in si_cs_recv() if necessary
|
|
- MINOR: stream-int: Notify mux when the buffer is not stuck when calling rcv_buf
|
|
- BUG/MINOR: http-ana: increment internal_errors counter on response error
|
|
- MINOR: stats: Enable dark mode on stat web page
|
|
- CLEANUP: stats: Fix some alignment mistakes
|
|
- MINOR: httpclient: httpclient_data() returns the available data
|
|
- MINOR: httpclient: httpclient_ended() returns 1 if the client ended
|
|
- MINOR: httpclient/lua: httpclient:get() API in lua
|
|
- MINOR: httpclient/lua: implement the headers in the response object
|
|
- BUG/MINOR: httpclient/lua: return an error on argument check
|
|
- CLEANUP: slz: Mark `reset_refs` as static
|
|
|
|
2021/09/12 : 2.5-dev7
|
|
- BUG/MINOR: config: reject configs using HTTP with bufsize >= 256 MB
|
|
- CLEANUP: htx: remove comments about "must be < 256 MB"
|
|
- BUG/MAJOR: htx: fix missing header name length check in htx_add_header/trailer
|
|
- Revert "BUG/MINOR: stream-int: Don't block reads in si_update_rx() if chn may receive"
|
|
- MINOR: proxy: add a global "grace" directive to postpone soft-stop
|
|
- MINOR: vars: rename vars_init() to vars_init_head()
|
|
- CLEANUP: vars: rename sample_clear_stream() to var_unset()
|
|
- REORG: vars: remerge sample_store{,_stream}() into var_set()
|
|
- MEDIUM: vars: make the ifexist variant of set-var only apply to the proc scope
|
|
- MINOR: vars: add a VF_CREATEONLY flag for creation
|
|
- MINOR: vars: support storing empty sample data with a variable
|
|
- MINOR: vars: store flags into variables and add VF_PERMANENT
|
|
- MEDIUM: vars: make var_clear() only reset VF_PERMANENT variables
|
|
- MEDIUM: vars: pre-create parsed SCOPE_PROC variables as permanent ones
|
|
- MINOR: vars: preset a random seed to hash variables names
|
|
- MEDIUM: vars: replace the global name index with a hash
|
|
- CLEANUP: vars: remove the now unused var_names array
|
|
- MINOR: vars: centralize the lock/unlock into static inlines
|
|
- OPTIM: vars: only takes the variables lock on shared entries
|
|
- OPTIM: vars: remove internal bookkeeping for vars_global_size
|
|
- OPTIM: vars: do not keep variables usage stats if no limit is set
|
|
- BUILD: fix dragonfly build again on __read_mostly
|
|
- CI: Github Actions: temporarily disable Opentracing
|
|
- BUG/MEDIUM: mux-h1: Remove "Upgrade:" header for requests with payload
|
|
- MINOR: htx: Skip headers with no value when adding a header list to a message
|
|
- CLEANUP: mux-h1: Remove condition rejecting upgrade requests with payload
|
|
- BUG/MEDIUM: stream-int: Don't block SI on a channel policy if EOI is reached
|
|
- BUG/MEDIUM: http-ana: Reset channels analysers when returning an error
|
|
- BUG/MINOR: filters: Set right FLT_END analyser depending on channel
|
|
- CLEANUP: Add haproxy/xxhash.h to avoid modifying import/xxhash.h
|
|
- CLEANUP: ebmbtree: Replace always-taken elseif by else
|
|
- CLEANUP: Move XXH3 macro from haproxy/compat.h to haproxy/xxhash.h
|
|
- BUILD: opentracing: exclude the use of haproxy variables for the OpenTracing context
|
|
- BUG/MINOR: opentracing: enable the use of http headers without a set value
|
|
- CLEANUP: opentracing: use the haproxy function to generate uuid
|
|
- MINOR: opentracing: change the scope of the variable 'ot.uuid' from 'sess' to 'txn'
|
|
- CI: Github Actions: re-enable Opentracing
|
|
- CLEANUP: opentracing: simplify the condition on the empty header
|
|
- BUG/MEDIUM lua: Add missing call to RESET_SAFE_LJMP in hlua_filter_new()
|
|
|
|
2021/09/03 : 2.5-dev6
|
|
- BUG/MINOR threads: Use get_(local|gm)time instead of (local|gm)time
|
|
- BUG/MINOR: tools: Fix loop condition in dump_text()
|
|
- BUILD: ssl: next round of build warnings on LIBRESSL_VERSION_NUMBER
|
|
- BUILD: ssl: fix two remaining occurrences of #if USE_OPENSSL
|
|
- BUILD: tools: properly guard __GLIBC__ with defined()
|
|
- BUILD: globally enable -Wundef
|
|
- MINOR: log: Remove log-error-via-logformat option
|
|
- MINOR: log: Add new "error-log-format" option
|
|
- BUG/MAJOR: queue: better protect a pendconn being picked from the proxy
|
|
- CLEANUP: Add missing include guard to signal.h
|
|
- MINOR: ssl: Add new ssl_bc_hsk_err sample fetch
|
|
- MINOR: connection: Add a connection error code sample fetch for backend side
|
|
- REGTESTS: ssl: Add tests for bc_conn_err and ssl_bc_hsk_err sample fetches
|
|
- MINOR: http-rules: add a new "ignore-empty" option to redirects.
|
|
- CI: Github Actions: temporarily disable BoringSSL builds
|
|
- BUG/MINOR: vars: fix set-var/unset-var exclusivity in the keyword parser
|
|
- BUG/MINOR: vars: improve accuracy of the rules used to check expression validity
|
|
- MINOR: sample: add missing ARGC_ entries
|
|
- BUG/MINOR: vars: properly set the argument parsing context in the expression
|
|
- DOC: configuration: remove wrong tcp-request examples in tcp-response
|
|
- MEDIUM: vars: add a new "set-var-fmt" action
|
|
- BUG/MEDIUM: vars: run over the correct list in release_store_rules()
|
|
- BUG/MINOR: vars: truncate the variable name in error reports about scope.
|
|
- BUG/MINOR: vars: do not talk about global section in CLI errors for set-var
|
|
- CLEANUP: vars: name the temporary proxy "CFG" instead of "CLI" for global vars
|
|
- MINOR: log: make log-format expressions completely usable outside of req/resp
|
|
- MINOR: vars: add a "set-var-fmt" directive to the global section
|
|
- MEDIUM: vars: also support format strings in CLI's "set var" command
|
|
- CLEANUP: vars: factor out common code from vars_get_by_{desc,name}
|
|
- MINOR: vars: make vars_get_by_* support an optional default value
|
|
- MINOR: vars: make the vars() sample fetch function support a default value
|
|
- BUILD: ot: add argument for default value to vars_get_by_name()
|
|
|
|
2021/08/28 : 2.5-dev5
|
|
- MINOR: httpclient: initialize the proxy
|
|
- MINOR: httpclient: implement a simple HTTP Client API
|
|
- MINOR: httpclient/cli: implement a simple client over the CLI
|
|
- MINOR: httpclient/cli: change the User-Agent to "HAProxy"
|
|
- MEDIUM: ssl: Keep a reference to the client's certificate for use in logs
|
|
- BUG/MEDIUM: h2: match absolute-path not path-absolute for :path
|
|
- BUILD/MINOR: ssl: Fix compilation with OpenSSL 1.0.2
|
|
- MINOR: server: check if srv is NULL in free_server()
|
|
- MINOR: proxy: check if p is NULL in free_proxy()
|
|
- BUG/MEDIUM: cfgparse: do not allocate IDs to automatic internal proxies
|
|
- BUG/MINOR: http_client: make sure to preset the proxy's default settings
|
|
- REGTESTS: http_upgrade: fix incorrect expectation on TCP->H1->H2
|
|
- REGTESTS: abortonclose: after retries, 503 is expected, not close
|
|
- REGTESTS: server: fix agent-check syntax and expectation
|
|
- BUG/MINOR: httpclient: fix uninitialized sl variable
|
|
- BUG/MINOR: httpclient/cli: change the appctx test in the callbacks
|
|
- BUG/MINOR: httpclient: check if hdr_num is not 0
|
|
- MINOR: httpclient: cleanup the include files
|
|
- MINOR: hlua: take the global Lua lock inside a global function
|
|
- MINOR: tools: add FreeBSD support to get_exec_path()
|
|
- BUG/MINOR: systemd: ExecStartPre must use -Ws
|
|
- MINOR: systemd: remove the ExecStartPre line in the unit file
|
|
- MINOR: ssl: add an openssl version string parser
|
|
- MINOR: cfgcond: implements openssl_version_atleast and openssl_version_before
|
|
- CLEANUP: ssl: remove useless check on p in openssl_version_parser()
|
|
- BUG/MINOR: stick-table: fix the sc-set-gpt* parser when using expressions
|
|
- BUG/MINOR: httpclient: remove deinit of the httpclient
|
|
- BUG/MEDIUM: base64: check output boundaries within base64{dec,urldec}
|
|
- MINOR: httpclient: set verify none on the https server
|
|
- MINOR: httpclient: add the server to the proxy
|
|
- BUG/MINOR: httpclient: fix Host header
|
|
- BUILD: httpclient: fix build without OpenSSL
|
|
- CI: github-actions: remove obsolete options
|
|
- CLEANUP: assorted typo fixes in the code and comments
|
|
- MINOR: proc: setting the process to produce a core dump on FreeBSD.
|
|
- BUILD: adopt script/build-ssl.sh for OpenSSL-3.0.0beta2
|
|
- MINOR: server: return the next srv instance on free_server
|
|
- BUG/MINOR: stats: use refcount to protect dynamic server on dump
|
|
- MEDIUM: server: extend refcount for all servers
|
|
- MINOR: server: define non purgeable server flag
|
|
- MINOR: server: mark referenced servers as non purgeable
|
|
- MINOR: server: mark servers referenced by LUA script as non purgeable
|
|
- MEDIUM: server: allow to remove servers at runtime except non purgeable
|
|
- BUG/MINOR: base64: base64urldec() ignores padding in output size check
|
|
- REGTEST: add missing lua requirements on server removal test
|
|
- REGTEST: fix haproxy required version for server removal test
|
|
- BUG/MINOR: proxy: don't dump servers of internal proxies
|
|
- REGTESTS: Use `feature cmd` for 2.5+ tests
|
|
- REGTESTS: Remove REQUIRE_VERSION=1.5 from all tests
|
|
- BUG/MINOR: resolvers: mark servers with name-resolution as non purgeable
|
|
- MINOR: compiler: implement an ONLY_ONCE() macro
|
|
- BUG/MINOR: lua: use strlcpy2() not strncpy() to copy sample keywords
|
|
- MEDIUM: ssl: Capture more info from Client Hello
|
|
- MINOR: sample: Expose SSL captures using new fetchers
|
|
- MINOR: sample: Add be2dec converter
|
|
- MINOR: sample: Add be2hex converter
|
|
- MEDIUM: config: Deprecate tune.ssl.capture-cipherlist-size
|
|
- BUG/MINOR: time: fix idle time computation for long sleeps
|
|
- MINOR: time: add report_idle() to report process-wide idle time
|
|
- BUG/MINOR: ebtree: remove dependency on incorrect macro for bits per long
|
|
- BUILD: activity: use #ifdef not #if on USE_MEMORY_PROFILING
|
|
- BUILD/MINOR: defaults: eliminate warning on MAXHOSTNAMELEN with -Wundef
|
|
- BUILD/MINOR: ssl: avoid a build warning on LIBRESSL_VERSION with -Wundef
|
|
- IMPORT: slz: silence a build warning with -Wundef
|
|
- BUILD/MINOR: regex: avoid a build warning on USE_PCRE2 with -Wundef
|
|
|
|
2021/08/17 : 2.5-dev4
|
|
- MINOR: log: rename 'dontloglegacyconnerr' to 'log-error-via-logformat'
|
|
- MINOR: doc: rename conn_status in `option httsplog`
|
|
- MINOR: proxy: disabled takes a stopping and a disabled state
|
|
- MINOR: stats: shows proxy in a stopped state
|
|
- BUG/MINOR: server: fix race on error path of 'add server' CLI if track
|
|
- CLEANUP: thread: fix fantaisist indentation of thread_harmless_till_end()
|
|
- MINOR: threads: make thread_release() not wait for other ones to complete
|
|
- MEDIUM: threads: add a stronger thread_isolate_full() call
|
|
- MEDIUM: servers: make the server deletion code run under full thread isolation
|
|
- BUG/MINOR: server: remove srv from px list on CLI 'add server' error
|
|
- MINOR: activity/fd: remove the dead_fd counter
|
|
- MAJOR: fd: get rid of the DWCAS when setting the running_mask
|
|
- CLEANUP: fd: remove the now unused fd_set_running()
|
|
- CLEANUP: fd: remove the now unneeded fd_mig_lock
|
|
- BUG/MINOR: server: update last_change on maint->ready transitions too
|
|
- MINOR: spoe: Add a pointer on the filter config in the spoe_agent structure
|
|
- BUG/MEDIUM: spoe: Create a SPOE applet if necessary when the last one is released
|
|
- BUG/MEDIUM: spoe: Fix policy to close applets when SPOE connections are queued
|
|
- MINOR: server: unmark deprecated on enable health/agent cli
|
|
- MEDIUM: task: implement tasklet kill
|
|
- MINOR: server: initialize fields for dynamic server check
|
|
- MINOR: check: allocate default check ruleset for every backends
|
|
- MINOR: check: export check init functions
|
|
- MINOR: check: do not increment global maxsock at runtime
|
|
- MINOR: server: implement a refcount for dynamic servers
|
|
- MEDIUM: check: implement check deletion for dynamic servers
|
|
- MINOR: check: enable safe keywords for dynamic servers
|
|
- MEDIUM: server: implement check for dynamic servers
|
|
- MEDIUM: server: implement agent check for dynamic servers
|
|
- REGTESTS: server: add dynamic check server test
|
|
- MINOR: doc: specify ulimit-n usage for dynamic servers
|
|
- REGTESTS: server: fix dynamic server with checks test
|
|
- CI: travis-ci: temporarily disable arm64 builds
|
|
- BUG/MINOR: check: test if server is not null in purge
|
|
- MINOR: global: define MODE_STOPPING
|
|
- BUG/MINOR: server: do not use refcount in free_server in stopping mode
|
|
- ADMIN: dyncookie: implement a simple dynamic cookie calculator
|
|
- BUG/MINOR: check: do not reset check flags on purge
|
|
- BUG/MINOR: check: fix leak on add dynamic server with agent-check error
|
|
- BUG/MEDIUM: check: fix leak on agent-check purge
|
|
- BUG/MEDIUM: server: support both check/agent-check on a dynamic instance
|
|
- BUG/MINOR: buffer: fix buffer_dump() formatting
|
|
- MINOR: channel: remove an htx block from a channel
|
|
- BUG/MINOR: tcpcheck: Properly detect pending HTTP data in output buffer
|
|
- BUG/MINOR: stream: Don't release a stream if FLT_END is still registered
|
|
- MINOR: lua: Add a flag on lua context to know the yield capability at run time
|
|
- BUG/MINOR: lua: Yield in channel functions only if lua context can yield
|
|
- BUG/MINOR: lua: Don't yield in channel.append() and channel.set()
|
|
- MINOR: filters/lua: Release filters before the lua context
|
|
- MINOR: lua: Add a function to get a reference on a table in the stack
|
|
- MEDIUM: lua: Process buffer data using an offset and a length
|
|
- MEDIUM: lua: Improve/revisit the lua api to manipulate channels
|
|
- DOC: Improve the lua documentation
|
|
- MEDIUM: filters/lua: Add support for dummy filters written in lua
|
|
- MINOR: lua: Add a function to get a filter attached to a channel class
|
|
- MINOR: lua: Add flags on the lua TXN to know the execution context
|
|
- MEDIUM: filters/lua: Be prepared to filter TCP payloads
|
|
- MEDIUM: filters/lua: Support declaration of some filter callback functions in lua
|
|
- MEDIUM: filters/lua: Add HTTPMessage class to help HTTP filtering
|
|
- MINOR: filters/lua: Add request and response HTTP messages in the lua TXN
|
|
- MINOR: filters/lua: Support the HTTP filtering from filters written in lua
|
|
- DOC: config: Fix 'http-response send-spoe-group' documentation
|
|
- BUG/MINOR: lua: Properly check negative offset in Channel/HttpMessage functions
|
|
- BUG/MINOR: lua: Properly catch alloc errors when parsing lua filter directives
|
|
- BUG/MEDIUM: cfgcheck: verify existing log-forward listeners during config check
|
|
- MINOR: cli: delare the CLI frontend as an internal proxy
|
|
- MINOR: proxy: disable warnings for internal proxies
|
|
- BUG/MINOR: filters: Always set FLT_END analyser when CF_FLT_ANALYZE flag is set
|
|
- BUG/MINOR: lua/filters: Return right code when txn:done() is called
|
|
- DOC: lua-api: Add documentation about lua filters
|
|
- CI: Remove obsolete USE_SLZ=1 CI job
|
|
- CLEANUP: assorted typo fixes in the code and comments
|
|
- CI: github actions: relax OpenSSL-3.0.0 version comparision
|
|
- BUILD: tools: get the absolute path of the current binary on NetBSD.
|
|
- DOC: Minor typo fix - 'question mark' -> 'exclamation mark'
|
|
- DOC/MINOR: fix typo in management document
|
|
- MINOR: http: add a new function http_validate_scheme() to validate a scheme
|
|
- BUG/MAJOR: h2: verify early that non-http/https schemes match the valid syntax
|
|
- BUG/MAJOR: h2: verify that :path starts with a '/' before concatenating it
|
|
- BUG/MAJOR: h2: enforce stricter syntax checks on the :method pseudo-header
|
|
- BUG/MEDIUM: h2: give :authority precedence over Host
|
|
- REGTESTS: add a test to prevent h2 desync attacks
|
|
|
|
2021/08/01 : 2.5-dev3
|
|
- BUG/MINOR: arg: free all args on make_arg_list()'s error path
|
|
- BUG/MINOR: cfgcond: revisit the condition freeing mechanism to avoid a leak
|
|
- MEDIUM: proxy: remove long-broken 'option http_proxy'
|
|
- CLEANUP: http_ana: Remove now unused label from http_process_request()
|
|
- MINOR: deinit: always deinit the init_mutex on failed initialization
|
|
- BUG/MEDIUM: cfgcond: limit recursion level in the condition expression parser
|
|
- BUG/MEDIUM: mworker: do not register an exit handler if exit is expected
|
|
- BUG/MINOR: mworker: do not export HAPROXY_MWORKER_REEXEC across programs
|
|
- BUILD/MINOR: memprof fix macOs build.
|
|
- BUG/MEDIUM: ssl_sample: fix segfault for srv samples on invalid request
|
|
- BUG/MINOR: stats: Add missing agent stats on servers
|
|
- BUG/MINOR: check: fix the condition to validate a port-less server
|
|
- BUILD: threads: fix pthread_mutex_unlock when !USE_THREAD
|
|
- BUG/MINOR: resolvers: Use a null-terminated string to lookup in servers tree
|
|
- MINOR: ssl: use __objt_* variant when retrieving counters
|
|
- BUG/MINOR: systemd: must check the configuration using -Ws
|
|
- BUG/MINOR: mux-h1: Obey dontlognull option for empty requests
|
|
- BUG/MINOR: mux-h2: Obey dontlognull option during the preface
|
|
- BUG/MINOR: mux-h1: Be sure to swap H1C to splice mode when rcv_pipe() is called
|
|
- BUG/MEDIUM: mux-h2: Handle remaining read0 cases on partial frames
|
|
- MINOR: proxy: rename PR_CAP_LUA to PR_CAP_INT
|
|
- MINOR: mworker: the mworker CLI proxy is internal
|
|
- MINOR: stats: don't output internal proxies (PR_CAP_INT)
|
|
- CLEANUP: mworker: use the proxy helper functions in mworker_cli_proxy_create()
|
|
- CLEANUP: mworker: PR_CAP already initialized with alloc_new_proxy()
|
|
- BUG/MINOR: connection: Add missing error labels to conn_err_code_str
|
|
- MINOR: connection: Add a connection error code sample fetch
|
|
- MINOR: ssl: Enable error fetches in case of handshake error
|
|
- MINOR: ssl: Add new ssl_fc_hsk_err sample fetch
|
|
- MINOR: ssl: Define a default https log format
|
|
- MEDIUM: connection: Add option to disable legacy error log
|
|
- REGTESTS: ssl: Add tests for the connection and SSL error fetches
|
|
- REGTESTS: ssl: ssl_errors.vtc does not work with old openssl version
|
|
- BUG/MEDIUM: connection: close a rare race between idle conn close and takeover
|
|
- BUG/MEDIUM: pollers: clear the sleeping bit after waking up, not before
|
|
- BUG/MINOR: select: fix excess number of dead/skip reported
|
|
- BUG/MINOR: poll: fix abnormally high skip_fd counter
|
|
- BUG/MINOR: pollers: always program an update for migrated FDs
|
|
- BUG/MINOR: fd: protect fd state harder against a concurrent takeover
|
|
- DOC: internals: document the FD takeover process
|
|
- MINOR: fd: update flags only once in fd_update_events()
|
|
- MINOR: poll/epoll: move detection of RDHUP support earlier
|
|
- REORG: fd: uninline fd_update_events()
|
|
- MEDIUM: fd: rely more on fd_update_events() to detect changes
|
|
- BUG/MINOR: freq_ctr: use stricter barriers between updates and readings
|
|
- MEDIUM: atomic: simplify the atomic load/store/exchange operations
|
|
- MEDIUM: atomic: relax the load/store barriers on x86_64
|
|
- BUILD: opentracing: fixed build when using pkg-config utility
|
|
|
|
2021/07/17 : 2.5-dev2
|
|
- BUILD/MEDIUM: tcp: set-mark support for OpenBSD
|
|
- DOC: config: use CREATE USER for mysql-check
|
|
- BUG/MINOR: stick-table: fix several printf sign errors dumping tables
|
|
- BUG/MINOR: peers: fix data_type bit computation more than 32 data_types
|
|
- MINOR: stick-table: make skttable_data_cast to use only std types
|
|
- MEDIUM: stick-table: handle arrays of standard types into stick-tables
|
|
- MEDIUM: peers: handle arrays of std types in peers protocol
|
|
- DOC: stick-table: add missing documentation about gpt0 stored type
|
|
- MEDIUM: stick-table: add the new array of gpt data_type
|
|
- MEDIUM: stick-table: make the use of 'gpt' excluding the use of 'gpt0'
|
|
- MEDIUM: stick-table: add the new arrays of gpc and gpc_rate
|
|
- MEDIUM: stick-table: make the use of 'gpc' excluding the use of 'gpc0/1''
|
|
- BUG/MEDIUM: sock: make sure to never miss early connection failures
|
|
- BUG/MINOR: cli: fix server name output in "show fd"
|
|
- Revert "MINOR: tcp-act: Add set-src/set-src-port for "tcp-request content" rules"
|
|
- MEDIUM: stats: include disabled proxies that hold active sessions to stats
|
|
- BUILD: stick-table: shut up invalid "uninitialized" warning in gcc 8.3
|
|
- MINOR: http: implement http_get_scheme
|
|
- MEDIUM: http: implement scheme-based normalization
|
|
- MEDIUM: h1-htx: apply scheme-based normalization on h1 requests
|
|
- MEDIUM: h2: apply scheme-based normalization on h2 requests
|
|
- REGTESTS: add http scheme-based normalization test
|
|
- BUILD: http_htx: fix ci compilation error with isdigit for Windows
|
|
- MINOR: http: implement http uri parser
|
|
- MINOR: http: use http uri parser for scheme
|
|
- MINOR: http: use http uri parser for authority
|
|
- REORG: http_ana: split conditions for monitor-uri in wait for request
|
|
- MINOR: http: use http uri parser for path
|
|
- BUG/MEDIUM: http_ana: fix crash for http_proxy mode during uri rewrite
|
|
- MINOR: mux_h2: define config to disable h2 websocket support
|
|
- CLEANUP: applet: remove unused thread_mask
|
|
- BUG/MINOR: ssl: Default-server configuration ignored by server
|
|
- BUILD: add detection of missing important CFLAGS
|
|
- BUILD: lua: silence a build warning with TCC
|
|
- MINOR: srv: extract tracking server config function
|
|
- MINOR: srv: do not allow to track a dynamic server
|
|
- MEDIUM: server: support track keyword for dynamic servers
|
|
- REGTESTS: test track support for dynamic servers
|
|
- MINOR: init: verify that there is a single word on "-cc"
|
|
- MINOR: init: make -cc support environment variables expansion
|
|
- MINOR: arg: add a free_args() function to free an args array
|
|
- CLEANUP: config: use free_args() to release args array in cfg_eval_condition()
|
|
- CLEANUP: hlua: use free_args() to release args arrays
|
|
- REORG: config: move the condition preprocessing code to its own file
|
|
- MINOR: cfgcond: start to split the condition parser to introduce terms
|
|
- MEDIUM: cfgcond: report invalid trailing chars after expressions
|
|
- MINOR: cfgcond: remerge all arguments into a single line
|
|
- MINOR: cfgcond: support negating conditional expressions
|
|
- MINOR: cfgcond: make the conditional term parser automatically allocate nodes
|
|
- MINOR: cfgcond: insert an expression between the condition and the term
|
|
- MINOR: cfgcond: support terms made of parenthesis around expressions
|
|
- REGTEST: make check_condition.vtc fail as soon as possible
|
|
- REGTESTS: add more complex check conditions to check_conditions.vtc
|
|
- BUG/MEDIUM: init: restore behavior of command-line "-m" for memory limitation
|
|
|
|
2021/06/30 : 2.5-dev1
|
|
- CLEANUP: ssl: Move ssl_store related code to ssl_ckch.c
|
|
- MINOR: ssl: Allow duplicated entries in the cafile_tree
|
|
- MEDIUM: ssl: Chain ckch instances in ca-file entries
|
|
- MINOR: ssl: Add reference to default ckch instance in bind_conf
|
|
- MINOR: ssl: Add helper functions to create/delete cafile entries
|
|
- MEDIUM: ssl: Add a way to load a ca-file content from memory
|
|
- MINOR: ssl: Add helper function to add cafile entries
|
|
- MINOR: ssl: Ckch instance rebuild and cleanup factorization in CLI handler
|
|
- MEDIUM: ssl: Add "set+commit ssl ca-file" CLI commands
|
|
- REGTESTS: ssl: Add new ca-file update tests
|
|
- MINOR: ssl: Add "abort ssl ca-file" CLI command
|
|
- MINOR: ssl: Add a cafile_entry type field
|
|
- MINOR: ssl: Refactorize the "show certificate details" code
|
|
- MEDIUM: ssl: Add "show ssl ca-file" CLI command
|
|
- MEDIUM: ssl: Add "new ssl ca-file" CLI command
|
|
- MINOR: ssl: Add "del ssl ca-file" CLI command
|
|
- REGTESTS: ssl: Add "new/del ssl ca-file" tests
|
|
- DOC: ssl: Add documentation about CA file hot update commands
|
|
- DOC: internals: update the SSL architecture schema
|
|
- MINOR: ssl: Chain instances in ca-file entries
|
|
- MEDIUM: ssl: Add "set+commit ssl crl-file" CLI commands
|
|
- MEDIUM: ssl: Add "new+del crl-file" CLI commands
|
|
- MINOR: ssl: Add "abort ssl crl-file" CLI command
|
|
- MEDIUM: ssl: Add "show ssl crl-file" CLI command
|
|
- REGTESTS: ssl: Add "new/del ssl crl-file" tests
|
|
- REGTESTS: ssl: Add "set/commit ssl crl-file" test
|
|
- DOC: ssl: Add documentation about CRL file hot update commands
|
|
- BUILD/MINOR: ssl: Fix compilation with SSL enabled
|
|
- BUILD/MINOR: ssl: Fix compilation with OpenSSL 1.0.2
|
|
- CI: introduce scripts/build-vtest.sh for installing VTest
|
|
- CLEANUP: ssl: Fix coverity issues found in CA file hot update code
|
|
- CI: github actions: add OpenTracing builds
|
|
- BUG/MEDIUM: ebtree: Invalid read when looking for dup entry
|
|
- BUG/MAJOR: server: prevent deadlock when using 'set maxconn server'
|
|
- BUILD/MINOR: opentracing: fixed build when using clang
|
|
- BUG/MEDIUM: filters: Exec pre/post analysers only one time per filter
|
|
- BUG/MINOR: http-comp: Preserve HTTP_MSGF_COMPRESSIONG flag on the response
|
|
- MINOR: map/acl: print the count of all the map/acl entries in "show map/acl"
|
|
- CLEANUP: pattern: remove export of non-existent function pattern_delete()
|
|
- MINOR: h1-htx: Update h1 parsing functions to return result as a size_t
|
|
- MEDIUM: h1-htx: Adapt H1 data parsing to copy wrapping data in one call
|
|
- MINOR: mux-h1/mux-fcgi: Don't needlessly loop on data parsing
|
|
- MINOR: h1-htx: Move HTTP chunks parsing into a dedicated function
|
|
- MEDIUM: h1-htx: Split function to parse a chunk and the loop on the buffer
|
|
- MEDIUM: h1-htx: Add a function to parse contiguous small chunks
|
|
- MINOR: h1-htx: Use a correlation table to speed-up small chunks parsing
|
|
- MINOR: buf: Add function to realign a buffer with a specific head position
|
|
- MINOR: muxes/h1-htx: Realign input buffer using b_slow_realign_ofs()
|
|
- CLEANUP: mux-h1: Rename functions parsing input buf and filling output buf
|
|
- Revert "MEDIUM: http-ana: Deal with L7 retries in HTTP analysers"
|
|
- BUG/MINOR: http-ana: Send the right error if max retries is reached on L7 retry
|
|
- BUG/MINOR: http-ana: Handle L7 retries on refused early data before K/A aborts
|
|
- MINOR: http-ana: Perform L7 retries because of status codes in response analyser
|
|
- MINOR: cfgparse: Fail when encountering extra arguments in macro
|
|
- DOC: intro: Fix typo in starter guide
|
|
- BUG/MINOR: server: Missing calloc return value check in srv_parse_source
|
|
- BUG/MINOR: peers: Missing calloc return value check in peers_register_table
|
|
- BUG/MINOR: ssl: Missing calloc return value check in ssl_init_single_engine
|
|
- BUG/MINOR: http: Missing calloc return value check in parse_http_req_capture
|
|
- BUG/MINOR: proxy: Missing calloc return value check in proxy_parse_declare
|
|
- BUG/MINOR: proxy: Missing calloc return value check in proxy_defproxy_cpy
|
|
- BUG/MINOR: http: Missing calloc return value check while parsing tcp-request/tcp-response
|
|
- BUG/MINOR: http: Missing calloc return value check while parsing tcp-request rule
|
|
- BUG/MINOR: compression: Missing calloc return value check in comp_append_type/algo
|
|
- BUG/MINOR: worker: Missing calloc return value check in mworker_env_to_proc_list
|
|
- BUG/MINOR: http: Missing calloc return value check while parsing redirect rule
|
|
- BUG/MINOR: http: Missing calloc return value check in make_arg_list
|
|
- BUG/MINOR: proxy: Missing calloc return value check in chash_init_server_tree
|
|
- CLEANUP: http-ana: Remove useless if statement about L7 retries
|
|
- BUG/MAJOR: stream-int: Release SI endpoint on server side ASAP on retry
|
|
- MINOR: backend: Don't release SI endpoint anymore in connect_server()
|
|
- BUG/MINOR: vars: Be sure to have a session to get checks variables
|
|
- DOC/MINOR: move uuid in the configuration to the right alphabetical order
|
|
- CLEANUP: mux-fcgi: Don't needlessly store result of data/trailers parsing
|
|
- BUILD: fix compilation for OpenSSL-3.0.0-alpha17
|
|
- MINOR: http-ana: Use -1 status for client aborts during queuing and connect
|
|
- REGTESTS: Fix http_abortonclose.vtc to support -1 status for some client aborts
|
|
- CLEANUP: backend: fix incorrect comments on locking conditions for lb functions
|
|
- CLEANUP: reg-tests: Remove obsolete no-htx parameter for reg-tests
|
|
- CI: github actions: add OpenSSL-3.0.0 builds
|
|
- CI: github actions: -Wno-deprecated-declarations with OpenSSL 3.0.0
|
|
- MINOR: errors: allow empty va_args for diag variadic macro
|
|
- REORG: errors: split errors reporting function from log.c
|
|
- CLEANUP: server: fix cosmetic of error message on sni parsing
|
|
- MEDIUM: errors: implement user messages buffer
|
|
- MINOR: log: do not discard stderr when starting is over
|
|
- MEDIUM: errors: implement parsing context type
|
|
- MINOR: errors: use user messages context in print_message
|
|
- MINOR: log: display exec path on first warning
|
|
- MINOR: errors: specify prefix "config" for parsing output
|
|
- MINOR: log: define server user message format
|
|
- REORG: server: use parsing ctx for server parsing
|
|
- REORG: config: use parsing ctx for server config check
|
|
- MINOR: server: use parsing ctx for server init addr
|
|
- MINOR: server: use ha_alert in server parsing functions
|
|
- DOC: use the req.ssl_sni in examples
|
|
- CLEANUP: cfgparse: Remove duplication of `MAX_LINE_ARGS + 1`
|
|
- CLEANUP: tools: Make errptr const in `parse_line()`
|
|
- MINOR: haproxy: Add `-cc` argument
|
|
- BUG: errors: remove printf positional args for user messages context
|
|
- CI: Make matrix.py executable and add shebang
|
|
- BUILD: make tune.ssl.keylog available again
|
|
- BUG/MINOR: ssl: OCSP stapling does not work if expire too far in the future
|
|
- Revert "BUG/MINOR: opentracing: initialization after establishing daemon mode"
|
|
- BUG/MEDIUM: opentracing: initialization before establishing daemon and/or chroot mode
|
|
- SCRIPTS: opentracing: enable parallel builds in build-ot.sh
|
|
- BUG/MEDIUM: compression: Fix loop skipping unused blocks to get the next block
|
|
- BUG/MEDIUM: compression: Properly get the next block to iterate on payload
|
|
- BUG/MEDIUM: compression: Add a flag to know the filter is still processing data
|
|
- MINOR: ssl: Keep the actual key length in the certificate_ocsp structure
|
|
- MINOR: ssl: Add new "show ssl ocsp-response" CLI command
|
|
- MINOR: ssl: Add the OCSP entry key when displaying the details of a certificate
|
|
- MINOR: ssl: Add the "show ssl cert foo.pem.ocsp" CLI command
|
|
- REGTESTS: ssl: Add "show ssl ocsp-response" test
|
|
- BUG/MINOR: server: explicitly set "none" init-addr for dynamic servers
|
|
- BUG/MINOR: pools: fix a possible memory leak in the lockless pool_flush()
|
|
- BUG/MINOR: pools: make DEBUG_UAF always write to the to-be-freed location
|
|
- MINOR: pools: do not maintain the lock during pool_flush()
|
|
- MINOR: pools: call malloc_trim() under thread isolation
|
|
- MEDIUM: pools: use a single pool_gc() function for locked and lockless
|
|
- BUG/MAJOR: pools: fix possible race with free() in the lockless variant
|
|
- CLEANUP: pools: remove now unused seq and pool_free_list
|
|
- MEDIUM: pools: remove the locked pools implementation
|
|
- BUILD: ssl: Fix compilation with BoringSSL
|
|
- BUG/MEDIUM: errors: include missing obj_type file
|
|
- REGTESTS: ssl: show_ssl_ocspresponce.vtc is broken with BoringSSL
|
|
- BUG/MAJOR: htx: Fix htx_defrag() when an HTX block is expanded
|
|
- BUG/MINOR: mux-fcgi: Expose SERVER_SOFTWARE parameter by default
|
|
- BUG/MINOR: h1-htx: Fix a signess bug with char data type when parsing chunk size
|
|
- CLEANUP: l7-retries: do not test the buffer before calling b_alloc()
|
|
- BUG/MINOR: resolvers: answser item list was randomly purged or errors
|
|
- MEDIUM: resolvers: add a ref on server to the used A/AAAA answer item
|
|
- MEDIUM: resolvers: add a ref between servers and srv request or used SRV record
|
|
- BUG/MINOR: server-state: load SRV resolution only if params match the config
|
|
- MINOR: config: remove support for deprecated option "tune.chksize"
|
|
- MINOR: config: completely remove support for "no option http-use-htx"
|
|
- MINOR: log: remove the long-deprecated early log-format tags
|
|
- MINOR: http: remove the long deprecated "set-cookie()" sample fetch function
|
|
- MINOR: config: reject long-deprecated "option forceclose"
|
|
- MINOR: config: remove deprecated option "http-tunnel"
|
|
- MEDIUM: proxy: remove the deprecated "grace" keyword
|
|
- MAJOR: config: remove parsing of the global "nbproc" directive
|
|
- BUILD: init: remove initialization of multi-process thread mappings
|
|
- BUILD: log: remove unused fmt_directive()
|
|
- REGTESTS: Remove REQUIRE_VERSION=1.6 from all tests
|
|
- REGTESTS: Remove REQUIRE_VERSION=1.7 from all tests
|
|
- CI: github actions: enable alpine/musl builds
|
|
- BUG/MAJOR: resolvers: segfault using server template without SRV RECORDs
|
|
- DOC: lua: Add a warning about buffers modification in HTTP
|
|
- MINOR: ssl: Use OpenSSL's ASN1_TIME convertor when available
|
|
- BUG/MINOR: stick-table: insert srv in used_name tree even with fixed id
|
|
- BUG/MEDIUM: server: extend thread-isolate over much of CLI 'add server'
|
|
- BUG/MEDIUM: server: clear dynamic srv on delete from proxy id/name trees
|
|
- BUG/MEDIUM: server: do not forget to generate the dynamic servers ids
|
|
- BUG/MINOR: server: do not keep an invalid dynamic server in px ids tree
|
|
- BUG/MEDIUM: server: do not auto insert a dynamic server in px addr_node
|
|
- BUG/MEDIUM: shctx: use at least thread-based locking on USE_PRIVATE_CACHE
|
|
- BUG/MINOR: ssl: use atomic ops to update global shctx stats
|
|
- BUG/MINOR: mworker: fix typo in chroot error message
|
|
- CLEANUP: global: remove unused definition of stopping_task[]
|
|
- MEDIUM: init: remove the loop over processes during init
|
|
- MINOR: mworker: remove the initialization loop over processes
|
|
- CLEANUP: global: remove the nbproc field from the global structure
|
|
- CLEANUP: global: remove pid_bit and all_proc_mask
|
|
- MEDIUM: global: remove dead code from nbproc/bind_proc removal
|
|
- MEDIUM: config: simplify cpu-map handling
|
|
- MEDIUM: cpu-set: make the proc a single bit field and not an array
|
|
- CLEANUP: global: remove unused definition of MAX_PROCS
|
|
- MEDIUM: global: remove the relative_pid from global and mworker
|
|
- DOC: update references to process numbers in cpu-map and bind-process
|
|
- MEDIUM: config: warn about "bind-process" deprecation
|
|
- CLEANUP: shctx: remove the different inter-process locking techniques
|
|
- BUG/MAJOR: queue: set SF_ASSIGNED when setting strm->target on dequeue
|
|
- MINOR: backend: only skip LB when there are actual connections
|
|
- BUG/MINOR: mux-h1: do not skip the error response on bad requests
|
|
- MINOR: connection: add helper conn_append_debug_info()
|
|
- MINOR: mux-h2/trace: report a few connection-level info during h2_init()
|
|
- CLEANUP: mux-h2/traces: better align user messages
|
|
- BUG/MINOR: stats: make "show stat typed desc" work again
|
|
- MINOR: mux-h2: obey http-ignore-probes during the preface
|
|
- BUG/MINOR: mux-h2/traces: bring back the lost "rcvd H2 REQ" trace
|
|
- BUG/MINOR: mux-h2/traces: bring back the lost "sent H2 REQ/RES" traces
|
|
- CLEANUP: assorted typo fixes in the code and comments
|
|
- CI: Replace the requirement for 'sudo' with a call to 'ulimit -n'
|
|
- REGTESTS: Replace REQUIRE_VERSION=2.5 with 'haproxy -cc'
|
|
- REGTESTS: Replace REQUIRE_OPTIONS with 'haproxy -cc' for 2.5+ tests
|
|
- REGTESTS: Replace REQUIRE_BINARIES with 'command -v'
|
|
- REGTESTS: Remove support for REQUIRE_BINARIES
|
|
- CI: ssl: enable parallel builds for OpenSSL on Linux
|
|
- CI: ssl: do not needlessly build the OpenSSL docs
|
|
- CI: ssl: keep the old method for ancient OpenSSL versions
|
|
- CLEANUP: server: a separate function for initializing the per_thr field
|
|
- BUG/MINOR: server: Forbid to set fqdn on the CLI if SRV resolution is enabled
|
|
- BUG/MEDIUM: server/cli: Fix ABBA deadlock when fqdn is set from the CLI
|
|
- MINOR: resolvers: Clean server in a dedicated function when removing a SRV item
|
|
- MINOR: resolvers: Remove server from named_servers tree when removing a SRV item
|
|
- BUG/MEDIUM: resolvers: Add a task on servers to check SRV resolution status
|
|
- BUG/MINOR: backend: restore the SF_SRV_REUSED flag original purpose
|
|
- BUG/MINOR: backend: do not set sni on connection reuse
|
|
- BUG/MINOR: resolvers: Use resolver's lock in resolv_srvrq_expire_task()
|
|
- BUG/MINOR: server/cli: Fix locking in function processing "set server" command
|
|
- BUG/MINOR: cache: Correctly handle existing-but-empty 'accept-encoding' header
|
|
- MINOR: ssl: fix typo in usage for 'new ssl ca-file'
|
|
- MINOR: ssl: always initialize random generator
|
|
- MINOR: ssl: check allocation in ssl_sock_init_srv
|
|
- MINOR: ssl: check allocation in parse ciphers/ciphersuites/verifyhost
|
|
- MINOR: ssl: check allocation in parse npn/sni
|
|
- MINOR: server: disable CLI 'set server ssl' for dynamic servers
|
|
- MINOR: ssl: render file-access optional on server crt loading
|
|
- MINOR: ssl: split parse functions for alpn/check-alpn
|
|
- MINOR: ssl: support ca-file arg for dynamic servers
|
|
- MINOR: ssl: support crt arg for dynamic servers
|
|
- MINOR: ssl: support crl arg for dynamic servers
|
|
- MINOR: ssl: enable a series of ssl keywords for dynamic servers
|
|
- MINOR: ssl: support ssl keyword for dynamic servers
|
|
- REGTESTS: server: test ssl support for dynamic servers
|
|
- MINOR: queue: update the stream's pend_pos before queuing it
|
|
- CLEANUP: Prevent channel-t.h from being detected as C++ by GitHub
|
|
- BUG/MAJOR: server: fix deadlock when changing maxconn via agent-check
|
|
- REGTESTS: fix maxconn update with agent-check
|
|
- MEDIUM: queue: make pendconn_process_next_strm() only return the pendconn
|
|
- MINOR: queue: update proxy->served once out of the loop
|
|
- MEDIUM: queue: refine the locking in process_srv_queue()
|
|
- MINOR: lb/api: remove the locked argument from take_conn/drop_conn
|
|
- MINOR: queue: create a new structure type "queue"
|
|
- MINOR: proxy: replace the pendconns-related stuff with a struct queue
|
|
- MINOR: server: replace the pendconns-related stuff with a struct queue
|
|
- MEDIUM: queue: use a dedicated lock for the queues
|
|
- MEDIUM: queue: simplify again the process_srv_queue() API
|
|
- MINOR: queue: factor out the proxy/server queuing code
|
|
- MINOR: queue: use atomic-ops to update the queue's index
|
|
- MEDIUM: queue: determine in process_srv_queue() if the proxy is usable
|
|
- MEDIUM: queue: move the queue lock manipulation to pendconn_process_next_strm()
|
|
- MEDIUM: queue: unlock as soon as possible
|
|
- MINOR: queue: make pendconn_first() take the lock by itself
|
|
- CLEANUP: backend: remove impossible case of round-robin + consistent hash
|
|
- MINOR: tcp-act: Add set-src/set-src-port for "tcp-request content" rules
|
|
- DOC: config: Add missing actions in "tcp-request session" documentation
|
|
- CLEANUP: dns: Remove a forgotten debug message
|
|
- DOC: Replace issue templates by issue forms
|
|
- Revert "MINOR: queue: make pendconn_first() take the lock by itself"
|
|
- Revert "MEDIUM: queue: unlock as soon as possible"
|
|
- Revert "MEDIUM: queue: move the queue lock manipulation to pendconn_process_next_strm()"
|
|
- Revert "MEDIUM: queue: determine in process_srv_queue() if the proxy is usable"
|
|
- Revert "MINOR: queue: use atomic-ops to update the queue's index"
|
|
- Revert "MINOR: queue: factor out the proxy/server queuing code"
|
|
- Revert "MEDIUM: queue: simplify again the process_srv_queue() API"
|
|
- Revert "MEDIUM: queue: use a dedicated lock for the queues"
|
|
- Revert "MEDIUM: queue: refine the locking in process_srv_queue()"
|
|
- Revert "MINOR: queue: update proxy->served once out of the loop"
|
|
- Revert "MEDIUM: queue: make pendconn_process_next_strm() only return the pendconn"
|
|
- MEDIUM: queue: update px->served and lb's take_conn once per loop
|
|
- MEDIUM: queue: use a dedicated lock for the queues (v2)
|
|
- MEDIUM: queue: simplify again the process_srv_queue() API (v2)
|
|
- MEDIUM: queue: determine in process_srv_queue() if the proxy is usable (v2)
|
|
- MINOR: queue: factor out the proxy/server queuing code (v2)
|
|
- MINOR: queue: use atomic-ops to update the queue's index (v2)
|
|
- MEDIUM: queue: take the proxy lock only during the px queue accesses
|
|
- MEDIUM: queue: use a trylock on the server's queue
|
|
- MINOR: queue: add queue_init() to initialize a queue
|
|
- MINOR: queue: add a pointer to the server and the proxy in the queue
|
|
- MINOR: queue: store a pointer to the queue into the pendconn
|
|
- MINOR: queue: remove the px/srv fields from pendconn
|
|
- MINOR: queue: simplify pendconn_unlink() regarding srv vs px
|
|
- BUG: backend: stop looking for queued connections once there's no more
|
|
- BUG/MINOR: queue/debug: use the correct lock labels on the queue lock
|
|
- BUG/MINOR: resolvers: Always attach server on matching record on resolution
|
|
- BUG/MINOR: resolvers: Reset server IP when no ip is found in the response
|
|
- MINOR: resolvers: Reset server IP on error in resolv_get_ip_from_response()
|
|
- BUG/MINOR: checks: return correct error code for srv_parse_agent_check
|
|
- BUILD: Makefile: fix linkage for Haiku.
|
|
- BUG/MINOR: tcpcheck: Fix numbering of implicit HTTP send/expect rules
|
|
- MINOR: http-act/tcp-act: Add "set-log-level" for tcp content rules
|
|
- MINOR: http-act/tcp-act: Add "set-nice" for tcp content rules
|
|
- MINOR: http-act/tcp-act: Add "set-mark" and "set-tos" for tcp content rules
|
|
- CLEANUP: tcp-act: Sort action lists
|
|
- BUILD/MEDIUM: tcp: set-mark setting support for FreeBSD.
|
|
- BUILD: tcp-act: avoid warning when set-mark / set-tos are not supported
|
|
- BUG/MINOR: mqtt: Fix parser for string with more than 127 characters
|
|
- BUG/MINOR: mqtt: Support empty client ID in CONNECT message
|
|
- BUG/MEDIUM: resolvers: Make 1st server of a template take part to SRV resolution
|
|
- CLEANUP: peers: re-write intdecode function comment.
|
|
|
|
2021/05/14 : 2.5-dev0
|
|
- MINOR: version: it's development again
|
|
|
|
2021/05/14 : 2.4.0
|
|
- BUG/MINOR: http_fetch: fix possible uninit sockaddr in fetch_url_ip/port
|
|
- CLEANUP: cli/activity: Remove double spacing in set profiling command
|
|
- CI: Build VTest with clang
|
|
- CI: extend spellchecker whitelist, add "ists" as well
|
|
- CLEANUP: assorted typo fixes in the code and comments
|
|
- BUG/MINOR: memprof: properly account for differences for realloc()
|
|
- MINOR: memprof: also report the method used by each call
|
|
- MINOR: memprof: also report the totals and delta alloc-free
|
|
- CLEANUP: pattern: remove the unused and dangerous pat_ref_reload()
|
|
- BUG/MINOR: http_act: Fix normalizer names in error messages
|
|
- MINOR: uri_normalizer: Add `fragment-strip` normalizer
|
|
- MINOR: uri_normalizer: Add `fragment-encode` normalizer
|
|
- IMPORT: slz: use the generic function for the last bytes of the crc32
|
|
- IMPORT: slz: do not produce the crc32_fast table when CRC is natively supported
|
|
- BUILD/MINOR: opentracing: fixed compilation with filter enabled
|
|
- BUILD: makefile: add a few popular ARMv8 CPU targets
|
|
- BUG/MEDIUM: stick_table: fix crash when using tcp smp_fetch_src
|
|
- REGTESTS: stick-table: add src_conn_rate test
|
|
- CLEANUP: stick-table: remove a leftover of an old keyword declaration
|
|
- BUG/MINOR: stats: fix lastchk metric that got accidently lost
|
|
- EXAMPLES: add a "basic-config-edge" example config
|
|
- EXAMPLES: add a trivial config for quick testing
|
|
- DOC: management: Correct example reload command in the document
|
|
- Revert "CI: Build VTest with clang"
|
|
- MINOR: activity/cli: optionally support sorting by address on "show profiling"
|
|
- DEBUG: ssl: export ssl_sock_close() to see its symbol resolved in profiling
|
|
- BUG/MINOR: lua/vars: prevent get_var() from allocating a new name
|
|
- DOC: config: Fix configuration example for mqtt
|
|
- BUG/MAJOR: config: properly initialize cpu_map.thread[] up to MAX_THREADS
|
|
- BUILD: config: avoid a build warning on numa_detect_topology() without threads
|
|
- DOC: update min requirements in INSTALL
|
|
- IMPORT: slz: use inttypes.h instead of stdint.h
|
|
- BUILD: sample: use strtoll() instead of atoll()
|
|
- MINOR: version: mention that it's LTS now.
|
|
|
|
2021/05/10 : 2.4-dev19
|
|
- BUG/MINOR: hlua: Don't rely on top of the stack when using Lua buffers
|
|
- BUG/MEDIUM: cli: prevent memory leak on write errors
|
|
- BUG/MINOR: ssl/cli: fix a lock leak when no memory available
|
|
- MINOR: debug: add a new "debug dev sym" command in expert mode
|
|
- MINOR: pools/debug: slightly relax DEBUG_DONT_SHARE_POOLS
|
|
- CI: Github Actions: switch to LibreSSL-3.3.3
|
|
- MINOR: srv: close all idle connections on shutdown
|
|
- MINOR: connection: move session_list member in a union
|
|
- MEDIUM: mux_h1: release idling frontend conns on soft-stop
|
|
- MEDIUM: connection: close front idling connection on soft-stop
|
|
- MINOR: tools: add functions to retrieve the address of a symbol
|
|
- CLEANUP: activity: mark the profiling and task_profiling_mask __read_mostly
|
|
- MINOR: activity: add a "memory" entry to "profiling"
|
|
- MINOR: activity: declare the storage for memory usage statistics
|
|
- MEDIUM: activity: collect memory allocator statistics with USE_MEMORY_PROFILING
|
|
- MINOR: activity: clean up the show profiling io_handler a little bit
|
|
- MINOR: activity: make "show profiling" support a few arguments
|
|
- MINOR: activity: make "show profiling" also dump the memoery usage
|
|
- MINOR: activity: add the profiling.memory global setting
|
|
- BUILD: makefile: add new option USE_MEMORY_PROFILING
|
|
- MINOR: channel: Rely on HTX version if appropriate in channel_may_recv()
|
|
- BUG/MINOR: stream-int: Don't block reads in si_update_rx() if chn may receive
|
|
- MINOR: conn-stream: Force mux to wait for read events if abortonclose is set
|
|
- MEDIUM: mux-h1: Don't block reads when waiting for the other side
|
|
- BUG/MEDIUM: mux-h1: Properly report client close if abortonclose option is set
|
|
- REGTESTS: Add script to test abortonclose option
|
|
- MINOR: mux-h1: clean up conditions to enabled and disabled splicing
|
|
- MINOR: mux-h1: Subscribe for sends if output buffer is not empty in h1_snd_pipe
|
|
- MINOR: mux-h1: Always subscribe for reads when splicing is disabled
|
|
- MEDIUM: mux-h1: Wake H1 stream when both sides a synchronized
|
|
- CLEANUP: mux-h1: rename WAIT_INPUT/WAIT_OUTPUT flags
|
|
- MINOR: mux-h1: Manage processing blocking flags on the H1 stream
|
|
- BUG/MINOR: stream: Decrement server current session counter on L7 retry
|
|
- BUG/MINOR: config: fix uninitialized initial state in ".if" block evaluator
|
|
- BUG/MINOR: config: add a missing "ELIF_TAKE" test for ".elif" condition evaluator
|
|
- BUG/MINOR: config: .if/.elif should also accept negative integers
|
|
- MINOR: config: centralize the ".if"/".elif" condition parser and evaluator
|
|
- MINOR: config: keep up-to-date current file/line/section in the global struct
|
|
- MINOR: config: support some pseudo-variables for file/line/section
|
|
- BUILD: activity: do not include malloc.h
|
|
- MINOR: arg: improve the error message on missing closing parenthesis
|
|
- MINOR: global: export the build features string list
|
|
- MINOR: global: add version comparison functions
|
|
- MINOR: config: improve .if condition error reporting
|
|
- MINOR: config: make cfg_eval_condition() support predicates with arguments
|
|
- MINOR: config: add predicate "defined()" to conditional expression blocks
|
|
- MINOR: config: add predicates "streq()" and "strneq()" to conditional expressions
|
|
- MINOR: config: add predicate "feature" to detect certain built-in features
|
|
- MINOR: config: add predicates "version_atleast" and "version_before" to cond blocks
|
|
- BUG/MINOR: activity: use the new pointer to calculate the new size in realloc()
|
|
- BUG/MINOR: stream: properly clear the previous error mask on L7 retries
|
|
- MEDIUM: log: slightly refine the output format of alerts/warnings/etc
|
|
- MINOR: config: add a new message directive: .diag
|
|
- CLEANUP: cli/tree-wide: properly re-align the CLI commands' help messages
|
|
- BUG/MINOR: stream: Reset stream final state and si error type on L7 retry
|
|
- BUG/MINOR: checks: Handle synchronous connect when a tcpcheck is started
|
|
- BUG/MINOR: checks: Reschedule check on observe mode only if fastinter is set
|
|
- MINOR: global: define tainted flag
|
|
- MINOR: cfgparse: add a new field flags in cfg_keyword
|
|
- MINOR: cfgparse: implement experimental config keywords
|
|
- MINOR: action: replace match_pfx by a keyword flags field
|
|
- MINOR: action: implement experimental actions
|
|
- MINOR: cli: set tainted when using CLI expert/experimental mode
|
|
- MINOR: stats: report tainted on show info
|
|
- MINOR: http_act: mark normalize-uri as experimental
|
|
- BUILD: fix usage of ha_alert without format string
|
|
- MINOR: proxy: define PR_CAP_LB
|
|
- BUG/MINOR: server: do not report diag for peer servers with null weight
|
|
- DOC: ssl: Extra files loading now works for backends too
|
|
- ADDONS: make addons/ discoverable by git via .gitignore
|
|
- DOC: ssl: Add information about crl-file option
|
|
- MINOR: sample: improve error reporting on missing arg to strcmp() converter
|
|
- DOC: management: mention that some fields may be emitted as floats
|
|
- MINOR: tools: implement trimming of floating point numbers
|
|
- MINOR: tools: add a float-to-ascii conversion function
|
|
- MINOR: freq_ctr: add new functions to report float measurements
|
|
- MINOR: stats: avoid excessive padding of float values with trailing zeroes
|
|
- MINOR: stats: add the HTML conversion for float types
|
|
- MINOR: stats: pass the appctx flags to stats_fill_info()
|
|
- MINOR: stats: support an optional "float" option to "show info"
|
|
- MINOR: stats: use tv_remain() to precisely compute the uptime
|
|
- MINOR: stats: report uptime and start time as floats with subsecond resolution
|
|
- MINOR: stats: make "show info" able to report rates as floats when asked
|
|
- MINOR: config: mark tune.fd.edge-triggered as experimental
|
|
- REORG: vars: move the "proc" scope variables out of the global struct
|
|
- REORG: threads: move all_thread_mask() to thread.h
|
|
- BUILD: wdt: include signal-t.h
|
|
- BUILD: auth: include missing list.h
|
|
- REORG: mworker: move proc_self from global to mworker
|
|
- BUILD: ssl: ssl_utils requires chunk.h
|
|
- BUILD: config: cfgparse-ssl.c needs tools.h
|
|
- BUILD: wurfl: wurfl.c needs tools.h
|
|
- BUILD: spoe: flt_spoe.c needs tools.h
|
|
- BUILD: promex: service-prometheus.c needs tools.h
|
|
- BUILD: resolvers: include tools.h
|
|
- BUILD: config: include tools.h in cfgparse-listen.c
|
|
- BUILD: htx: include tools.h in http_htx.c
|
|
- BUILD: proxy: include tools.h in proxy.c
|
|
- BUILD: session: include tools.h in session.c
|
|
- BUILD: cache: include tools.h in cache.c
|
|
- BUILD: sink: include tools.h in sink.c
|
|
- BUILD: connection: include tools.h in connection.c
|
|
- BUILD: server-state: include tools.h from server_state.c
|
|
- BUILD: dns: include tools.h in dns.c
|
|
- BUILD: payload: include tools.h in payload.c
|
|
- BUILD: vars: include tools.h in vars.c
|
|
- BUILD: compression: include tools.h in compression.c
|
|
- BUILD: mworker: include tools.h from mworker.c
|
|
- BUILD: queue: include tools.h from queue.c
|
|
- BUILD: udp: include tools.h from proto_udp.c
|
|
- BUILD: stick-table: include freq_ctr.h from stick_table.h
|
|
- BUILD: server: include tools.h from server.c
|
|
- BUILD: server: include missing proxy.h in server.c
|
|
- BUILD: sink: include proxy.h in sink.c
|
|
- BUILD: mworker: include proxy.h in mworker.c
|
|
- BUILD: filters: include proxy.h in filters.c
|
|
- BUILD: fcgi-app: include proxy.h in fcgi-app.c
|
|
- BUILD: connection: move list_mux_proto() to connection.c
|
|
- REORG: stick-table: uninline stktable_alloc_data_type()
|
|
- REORG: stick-table: move composite address functions to stick_table.h
|
|
- REORG: config: uninline warnifnotcap() and failifnotcap()
|
|
- BUILD: task: remove unused includes from task.c
|
|
- MINOR: task: stop including stream.h from task.c
|
|
- BUILD: connection: stop including listener-t.h
|
|
- BUILD: hlua: include proxy.h from hlua.c
|
|
- BUILD: mux-h1: include proxy.h from mux-h1.c
|
|
- BUILD: mux-fcgi: include proxy.h from mux-fcgi.c
|
|
- BUILD: listener: include proxy.h from listener.c
|
|
- BUILD: http-rules: include proxy.h from http_rules.c
|
|
- BUILD: thread: include log.h from thread.c
|
|
- BUILD: comp: include proxy.h from flt_http_comp.c
|
|
- BUILD: fd: include log.h from fd.c
|
|
- BUILD: config: do not include proxy.h nor errors.h anymore in cfgparse.h
|
|
- BUILD: makefile: reorder object files by build time
|
|
- DOC: Fix a few grammar/spelling issues and casing of HAProxy
|
|
- REGTESTS: run-regtests: match both "HAProxy" and "HA-Proxy" in the version
|
|
- MINOR: version: report "HAProxy" not "HA-Proxy" in the version output
|
|
- DOC: remove last occurrences of "HA-Proxy" syntax
|
|
- DOC: peers: fix the protocol tag name in the doc
|
|
- ADMIN: netsnmp: report "HAProxy" and not "Haproxy" in output descriptions
|
|
- MEDIUM: mailers: use "HAProxy" nor "HAproxy" in the subject of messages
|
|
- DOC: fix a few remainig cases of "Haproxy" and "HAproxy" in doc and comments
|
|
- MINOR: tools/rnd: compute the result outside of the CAS loop
|
|
- BUILD: http_fetch: address a few aliasing warnings with older compilers
|
|
- BUILD: ssl: define HAVE_CRYPTO_memcmp() based on the library version
|
|
- BUILD: errors: include stdarg in errors.h
|
|
- REGTESTS: disable inter-thread idle connection sharing on sensitive tests
|
|
- MINOR: cli: make "help" support a command in argument
|
|
- MINOR: cli: sort the output of the "help" keywords
|
|
- CLEANUP: cli/mworker: properly align the help messages
|
|
- BUILD: memprof: make the old caller pointer a const in get_prof_bin()
|
|
- BUILD: compat: include malloc_np.h for USE_MEMORY_PROFILING on FreeBSD
|
|
- CI: Github Actions: enable USE_QUIC=1 for BoringSSL builds
|
|
- BUG/MEDIUM: quic: fix null deref on error path in qc_conn_init()
|
|
- BUILD: cli: appease a null-deref warning in cli_gen_usage_msg()
|
|
|
|
2021/05/01 : 2.4-dev18
|
|
- DOC: Fix indentation for `path-strip-dot` normalizer
|
|
- DOC: Fix RFC reference for the percent-to-uppercase normalizer
|
|
- DOC: Add RFC references for the path-strip-dot(dot)? normalizers
|
|
- MINOR: uri_normalizer: Add a `percent-decode-unreserved` normalizer
|
|
- BUG/MINOR: mux-fcgi: Don't send normalized uri to FCGI application
|
|
- REORG: htx: Inline htx functions to add HTX blocks in a message
|
|
- CLEANUP: assorted typo fixes in the code and comments
|
|
- DOC: general: fix white spaces for HTML converter
|
|
- BUG/MINOR: ssl: ssl_sock_prepare_ssl_ctx does not return an error code
|
|
- BUG/MINOR: cpuset: move include guard at the very beginning
|
|
- BUG/MAJOR: fix build on musl with cpu_set_t support
|
|
- BUG/MEDIUM: cpuset: fix build on MacOS
|
|
- BUG/MINOR: htx: Preserve HTX flags when draining data from an HTX message
|
|
- MEDIUM: htx: Refactor htx_xfer_blks() to not rely on hdrs_bytes field
|
|
- CLEANUP: htx: Remove unsued hdrs_bytes field from the HTX start-line
|
|
- BUG/MINOR: mux-h2: Don't encroach on the reserve when decoding headers
|
|
- MEDIUM: http-ana: handle read error on server side if waiting for response
|
|
- MINOR: htx: Limit length of headers name/value when a HTX message is dumped
|
|
- BUG/MINOR: applet: Notify the other side if data were consumed by an applet
|
|
- BUG/MINOR: hlua: Don't consume headers when starting an HTTP lua service
|
|
- BUG/MEDIUM: mux-h2: Handle EOM flag when sending a DATA frame with zero-copy
|
|
- CLEANUP: channel: No longer notify the producer in co_skip()/co_htx_skip()
|
|
- DOC: general: fix example in set-timeout
|
|
- CLEANUP: cfgparse: de-uglify early file error handling in readcfgfile()
|
|
- MINOR: config: add a new "default-path" global directive
|
|
- BUG/MEDIUM: peers: initialize resync timer to get an initial full resync
|
|
- BUG/MEDIUM: peers: register last acked value as origin receiving a resync req
|
|
- BUG/MEDIUM: peers: stop considering ack messages teaching a full resync
|
|
- BUG/MEDIUM: peers: reset starting point if peers appears longly disconnected
|
|
- BUG/MEDIUM: peers: reset commitupdate value in new conns
|
|
- BUG/MEDIUM: peers: re-work updates lookup during the sync on the fly
|
|
- BUG/MEDIUM: peers: reset tables stage flags stages on new conns
|
|
- MINOR: peers: add informative flags about resync process for debugging
|
|
- BUG/MEDIUM: time: fix updating of global_now upon clock drift
|
|
- CLEANUP: freq_ctr: make arguments of freq_ctr_total() const
|
|
- CLEANUP: hlua: rename hlua_appctx* appctx to luactx
|
|
- MINOR: server: fix doc/trace on lb algo for dynamic server creation
|
|
- REGTESTS: server: fix cli_add_server due to previous trace update
|
|
- REGTESTS: add minimal CLI "add map" tests
|
|
- DOC: management: move "set var" to the proper place
|
|
- CLEANUP: map: slightly reorder the add map function
|
|
- MINOR: map: get rid of map_add_key_value()
|
|
- MINOR: map: show the current and next pattern version in "show map"
|
|
- MINOR: map/acl: add the possibility to specify the version in "show map/acl"
|
|
- MINOR: pattern: support purging arbitrary ranges of generations
|
|
- MINOR: map/acl: add the possibility to specify the version in "clear map/acl"
|
|
- MINOR: map/acl: add the "prepare map/acl" CLI command
|
|
- MINOR: map/acl: add the "commit map/acl" CLI command
|
|
- MINOR: map/acl: make "add map/acl" support an optional version number
|
|
- CLEANUP: map/cli: properly align the map/acl help
|
|
- BUILD: compiler: do not use already defined __read_mostly on dragonfly
|
|
|
|
2021/04/23 : 2.4-dev17
|
|
- MINOIR: mux-pt/trace: Register a new trace source with its events
|
|
- BUG/MINOR: mux-pt: Fix a possible UAF because of traces in mux_pt_io_cb
|
|
- CI: travis: Drastically clean up .travis.yml
|
|
- CLEANUP: pattern: make all pattern tables read-only
|
|
- MINOR: trace: replace the trace() inline function with an equivalent macro
|
|
- MINOR: initcall: uniformize the section names between MacOS and other unixes
|
|
- CLEANUP: initcall: rename HA_SECTION to HA_INIT_SECTION
|
|
- MINOR: compiler: add macros to declare section names
|
|
- CLEANUP: initcall: rely on HA_SECTION_* instead of defining its own
|
|
- MINOR: global: declare a read_mostly section
|
|
- MINOR: fd: move a few read-mostly variables to their own section
|
|
- MINOR: epoll: move epoll_fd to read_mostly
|
|
- MINOR: kqueue: move kqueue_fd to read_mostly
|
|
- MINOR: pool: move pool declarations to read_mostly
|
|
- MINOR: threads: mark all_threads_mask as read_mostly
|
|
- MINOR: server: move idle_conn_task to read_mostly
|
|
- MINOR: protocol: move __protocol_by_family to read_mostly
|
|
- MINOR: pattern: make the pat_lru_seed read_mostly
|
|
- MINOR: trace: make trace sources read_mostly
|
|
- MINOR: freq_ctr: add a generic function to report the total value
|
|
- MEDIUM: freq_ctr: make read_freq_ctr_period() use freq_ctr_total()
|
|
- MEDIUM: freq_ctr: reimplement freq_ctr_remain_period() from freq_ctr_total()
|
|
- MINOR: freq_ctr: add the missing next_event_delay_period()
|
|
- MINOR: freq_ctr: unify freq_ctr and freq_ctr_period into freq_ctr
|
|
- MEDIUM: freq_ctr: replace the per-second counters with the generic ones
|
|
- MINOR: freq_ctr: add cpu_relax in the rotation loop of update_freq_ctr_period()
|
|
- MINOR: freq_ctr: simplify and improve the update function
|
|
- CLEANUP: time: remove the now unused ms_left_scaled
|
|
- MINOR: time: move the time initialization out of tv_update_date()
|
|
- MINOR: time: remove useless variable copies in tv_update_date()
|
|
- MINOR: time: change the global timeval and the the global tick at once
|
|
- MEDIUM: time: make the clock offset global and no per-thread
|
|
- MINOR: atomic: reimplement the relaxed version of x86 BTS/BTR
|
|
- MINOR: trace: Add the checks as a possible trace source
|
|
- MINOIR: checks/trace: Register a new trace source with its events
|
|
- MINOR: hlua: Add function to release a lua function
|
|
- BUG/MINOR: hlua: Fix memory leaks on error path when registering a task
|
|
- BUG/MINOR: hlua: Fix memory leaks on error path when registering a converter
|
|
- BUG/MINOR: hlua: Fix memory leaks on error path when registering a fetch
|
|
- BUG/MINOR: hlua: Fix memory leaks on error path when parsing a lua action
|
|
- BUG/MINOR: hlua: Fix memory leaks on error path when registering an action
|
|
- BUG/MINOR: hlua: Fix memory leaks on error path when registering a service
|
|
- BUG/MINOR: hlua: Fix memory leaks on error path when registering a cli keyword
|
|
- BUG/MINOR: cfgparse/proxy: Fix some leaks during proxy section parsing
|
|
- BUG/MINOR: listener: Handle allocation error when allocating a new bind_conf
|
|
- BUG/MINOR: cfgparse/proxy: Hande allocation errors during proxy section parsing
|
|
- MINOR: cfgparse/proxy: Group alloc error handling during proxy section parsing
|
|
- DOC: internals: update the SSL architecture schema
|
|
- BUG/MEDIUM: sample: Fix adjusting size in field converter
|
|
- MINOR: sample: add ub64dec and ub64enc converters
|
|
- CLEANUP: sample: align samples list in sample.c
|
|
- MINOR: ist: Add `istclear(struct ist*)`
|
|
- CI: cirrus: install "pcre" package
|
|
- MINOR: opentracing: correct calculation of the number of arguments in the args[]
|
|
- MINOR: opentracing: transfer of context names without prefix
|
|
- MINOR: sample: converter: Add mjson library.
|
|
- MINOR: sample: converter: Add json_query converter
|
|
- CI: travis-ci: enable weekly graviton2 builds
|
|
- DOC: ssl: Certificate hot update only works on fronted certificates
|
|
- DOC: ssl: Certificate hot update works on server certificates
|
|
- BUG/MEDIUM: threads: Ignore current thread to end its harmless period
|
|
- MINOR: threads: Only consider running threads to end a thread harmeless period
|
|
- BUG/MINOR: checks: Set missing id to the dummy checks frontend
|
|
- MINOR: logs: Add support of checks as session origin to format lf strings
|
|
- BUG/MINOR: connection: Fix fc_http_major and bc_http_major for TCP connections
|
|
- MINOR: connection: Make bc_http_major compatible with tcp-checks
|
|
- BUG/MINOR: ssl-samples: Fix ssl_bc_* samples when called from a health-check
|
|
- BUG/MINOR: http-fetch: Make method smp safe if headers were already forwarded
|
|
- MINOR: tcp_samples: Add samples to get src/dst info of the backend connection
|
|
- MINOR: tcp_samples: Be able to call bc_src/bc_dst from the health-checks
|
|
- BUG/MINOR: http_htx: Remove BUG_ON() from http_get_stline() function
|
|
- BUG/MINOR: logs: Report the true number of retries if there was no connection
|
|
- BUILD: makefile: Redirect stderr to /dev/null when probing options
|
|
- MINOR: uri_normalizer: Add uri_normalizer module
|
|
- MINOR: uri_normalizer: Add `enum uri_normalizer_err`
|
|
- MINOR: uri_normalizer: Add `http-request normalize-uri`
|
|
- MINOR: uri_normalizer: Add a `merge-slashes` normalizer to http-request normalize-uri
|
|
- MINOR: uri_normalizer: Add a `dotdot` normalizer to http-request normalize-uri
|
|
- MINOR: uri_normalizer: Add support for supressing leading `../` for dotdot normalizer
|
|
- MINOR: uri_normalizer: Add a `sort-query` normalizer
|
|
- MINOR: uri_normalizer: Add a `percent-upper` normalizer
|
|
- MEDIUM: http_act: Rename uri-normalizers
|
|
- DOC: Add introduction to http-request normalize-uri
|
|
- DOC: Note that URI normalization is experimental
|
|
- BUG/MINOR: pools: maintain consistent ->allocated count on alloc failures
|
|
- BUG/MINOR: pools/buffers: make sure to always reserve the required buffers
|
|
- MINOR: pools: drop the unused static history of artificially failed allocs
|
|
- CLEANUP: pools: remove unused arguments to pool_evict_from_cache()
|
|
- MEDIUM: pools: move the cache into the pool header
|
|
- MINOR: pool: remove the size field from pool_cache_head
|
|
- MINOR: pools: rename CONFIG_HAP_LOCAL_POOLS to CONFIG_HAP_POOLS
|
|
- MINOR: pools: enable the fault injector in all allocation modes
|
|
- MINOR: pools: make the basic pool_refill_alloc()/pool_free() update needed_avg
|
|
- MEDIUM: pools: unify pool_refill_alloc() across all models
|
|
- CLEANUP: pools: re-merge pool_refill_alloc() and __pool_refill_alloc()
|
|
- MINOR: pools: call pool_alloc_nocache() out of the pool's lock
|
|
- CLEANUP: pools: move the lock to the only __pool_get_first() that needs it
|
|
- CLEANUP: pools: rename __pool_get_first() to pool_get_from_shared_cache()
|
|
- CLEANUP: pools: rename pool_*_{from,to}_cache() to *_local_cache()
|
|
- CLEANUP: pools: rename __pool_free() to pool_put_to_shared_cache()
|
|
- MINOR: tools: add statistical_prng_range() to get a random number over a range
|
|
- MINOR: pools: use cheaper randoms for fault injections
|
|
- MINOR: pools: move the fault injector to __pool_alloc()
|
|
- MINOR: pools: split the OS-based allocator in two
|
|
- MINOR: pools: always use atomic ops to maintain counters
|
|
- MINOR: pools: move pool_free_area() out of the lock in the locked version
|
|
- MINOR: pools: factor the release code into pool_put_to_os()
|
|
- MEDIUM: pools: make CONFIG_HAP_POOLS control both local and shared pools
|
|
- MINOR: pools: create unified pool_{get_from,put_to}_cache()
|
|
- MINOR: pools: evict excess objects using pool_evict_from_local_cache()
|
|
- MEDIUM: pools: make pool_put_to_cache() always call pool_put_to_local_cache()
|
|
- CLEANUP: pools: make the local cache allocator fall back to the shared cache
|
|
- CLEANUP: pools: merge pool_{get_from,put_to}_local_caches with generic ones
|
|
- CLEANUP: pools: uninline pool_put_to_cache()
|
|
- CLEANUP: pools: declare dummy pool functions to remove some ifdefs
|
|
- BUILD: pools: fix build with DEBUG_FAIL_ALLOC
|
|
- BUG/MINOR: server: make srv_alloc_lb() allocate lb_nodes for consistent hash
|
|
- CONTRIB: mod_defender: import the minimal number of includes
|
|
- CONTRIB: mod_defender: make the code build with the embedded includes
|
|
- CONTRIB: modsecurity: import the minimal number of includes
|
|
- CONTRIB: modsecurity: make the code build with the embedded includes
|
|
- CLEANUP: sample: Improve local variables in sample_conv_json_query
|
|
- CLEANUP: sample: Explicitly handle all possible enum values from mjson
|
|
- CLEANUP: sample: Use explicit return for successful `json_query`s
|
|
- CLEANUP: lists/tree-wide: rename some list operations to avoid some confusion
|
|
- CONTRIB: move spoa_example out of the tree
|
|
- BUG/MINOR: server: free srv.lb_nodes in free_server
|
|
- BUG/MINOR: logs: free logsrv.conf.file on exit
|
|
- BUG/MEDIUM: server: ensure thread-safety of server runtime creation
|
|
- MINOR: server: add log on dynamic server creation
|
|
- MINOR: server: implement delete server cli command
|
|
- CONTRIB: move spoa_server out of the tree
|
|
- CONTRIB: move modsecurity out of the tree
|
|
- BUG/MINOR: server: fix potential null gcc error in delete server
|
|
- BUG/MAJOR: mux-h2: Properly detect too large frames when decoding headers
|
|
- BUG/MEDIUM: mux-h2: Fix dfl calculation when merging CONTINUATION frames
|
|
- BUG/MINOR: uri_normalizer: Use delim parameter when building the sorted query in uri_normalizer_query_sort
|
|
- CLEANUP: uri_normalizer: Remove trailing whitespace
|
|
- MINOR: uri_normalizer: Add a `strip-dot` normalizer
|
|
- CONTRIB: move mod_defender out of the tree
|
|
- CLEANUP: contrib: remove the last references to the now dead contrib/ directory
|
|
- BUG/MEDIUM: config: fix cpu-map notation with both process and threads
|
|
- MINOR: config: add a diag for invalid cpu-map statement
|
|
- BUG/MINOR: mworker/init: don't reset nb_oldpids in non-mworker cases
|
|
- BUG/MINOR: mworker: don't use oldpids[] anymore for reload
|
|
- BUILD: makefile: fix the "make clean" target on strict bourne shells
|
|
- IMPORT: slz: import slz into the tree
|
|
- BUILD: compression: switch SLZ from out-of-tree to in-tree
|
|
- CI: github: do not build libslz any more
|
|
- CLEANUP: compression: remove calls to SLZ init functions
|
|
- BUG/MEDIUM: mux-h2: Properly handle shutdowns when received with data
|
|
- MINOR: cpuset: define a platform-independent cpuset type
|
|
- MINOR: cfgparse: use hap_cpuset for parse_cpu_set
|
|
- MEDIUM: config: use platform independent type hap_cpuset for cpu-map
|
|
- MINOR: thread: implement the detection of forced cpu affinity
|
|
- MINOR: cfgparse: support the comma separator on parse_cpu_set
|
|
- MEDIUM: cfgparse: detect numa and set affinity if needed
|
|
- MINOR: global: add option to disable numa detection
|
|
- BUG/MINOR: haproxy: fix compilation on macOS
|
|
- BUG/MINOR: cpuset: fix compilation on platform without cpu affinity
|
|
- MINOR: time: avoid unneeded updates to now_offset
|
|
- MINOR: time: avoid overwriting the same values of global_now
|
|
- CLEANUP: time: use __tv_to_ms() in tv_update_date() instead of open-coding
|
|
- MINOR: time: avoid u64 needlessly expensive computations for the 32-bit now_ms
|
|
- BUG/MINOR: peers: remove useless table check if initial resync is finished
|
|
- BUG/MEDIUM: peers: re-work connection to new process during reload.
|
|
- BUG/MEDIUM: peers: re-work refcnt on table to protect against flush
|
|
- BUG/MEDIUM: config: fix missing initialization in numa_detect_topology()
|
|
|
|
2021/04/09 : 2.4-dev16
|
|
- CLEANUP: dev/flags: remove useless test in the stdin number parser
|
|
- MINOR: No longer rely on deprecated sample fetches for predefined ACLs
|
|
- MINOR: acl: Add HTTP_2.0 predefined macro
|
|
- BUG/MINOR: hlua: Detect end of request when reading data for an HTTP applet
|
|
- BUG/MINOR: tools: fix parsing "us" unit for timers
|
|
- MINOR: server/bind: add support of new prefixes for addresses.
|
|
- MINOR: log: register config file and line number on log servers.
|
|
- MEDIUM: log: support tcp or stream addresses on log lines.
|
|
- BUG/MEDIUM: log: fix config parse error logging on stdout/stderr or any raw fd
|
|
- CLEANUP: fd: remove FD_POLL_DATA and FD_POLL_STICKY
|
|
- MEDIUM: fd: prepare FD_POLL_* to move to bits 8-15
|
|
- MEDIUM: fd: merge fdtab[].ev and state for FD_EV_* and FD_POLL_* into state
|
|
- MINOR: fd: move .linger_risk into fdtab[].state
|
|
- MINOR: fd: move .cloned into fdtab[].state
|
|
- MINOR: fd: move .initialized into fdtab[].state
|
|
- MINOR: fd: move .et_possible into fdtab[].state
|
|
- MINOR: fd: move .exported into fdtab[].state
|
|
- MINOR: fd: implement an exclusive syscall bit to remove the ugly "log" lock
|
|
- MINOR: cli/show-fd: slightly reorganize the FD status flags
|
|
- MINOR: atomic/arm64: detect and use builtins for the double-word CAS
|
|
- CLEANUP: atomic: add an explicit _FETCH variant for add/sub/and/or
|
|
- CLEANUP: atomic: make all standard add/or/and/sub operations return void
|
|
- CLEANUP: atomic: add a fetch-and-xxx variant for common operations
|
|
- CLEANUP: atomic: add HA_ATOMIC_INC/DEC for unit increments
|
|
- CLEANUP: atomic/tree-wide: replace single increments/decrements with inc/dec
|
|
- CLEANUP: atomic: use the __atomic variant of BTS/BTR on modern compilers
|
|
- MINOR: atomic: implement native BTS/BTR for x86
|
|
- MINOR: ist: Add `istappend(struct ist, char)`
|
|
- MINOR: ist: Add `istshift(struct ist*)`
|
|
- MINOR: ist: Add `istsplit(struct ist*, char)`
|
|
- BUG/MAJOR: fd: switch temp values to uint in fd_stop_both()
|
|
- MINOR: opentracing: register config file and line number on log servers
|
|
- MEDIUM: resolvers: add support of tcp address on nameserver line.
|
|
- MINOR: ist: Rename istappend() to __istappend()
|
|
- CLEANUP: htx: Make http_get_stline take a `const struct`
|
|
- CLEANUP: ist: Remove unused `count` argument from `ist2str*`
|
|
- CLEANUP: Remove useless malloc() casts
|
|
|
|
2021/04/02 : 2.4-dev15
|
|
- BUG/MINOR: payload: Wait for more data if buffer is empty in payload/payload_lv
|
|
- BUG/MINOR: stats: Apply proper styles in HTML status page.
|
|
- BUG/MEDIUM: time: make sure to always initialize the global tick
|
|
- BUG/MINOR: tcp: fix silent-drop workaround for IPv6
|
|
- BUILD: tcp: use IPPROTO_IPV6 instead of SOL_IPV6 on FreeBSD/MacOS
|
|
- CLEANUP: socket: replace SOL_IP/IPV6/TCP with IPPROTO_IP/IPV6/TCP
|
|
- BUG/MINOR: http_fetch: make hdr_ip() resistant to empty fields
|
|
- BUG/MINOR: mux-h2: Don't emit log twice if an error occurred on the preface
|
|
- MINOR: stream: Don't trigger errors on destructive HTTP upgrades
|
|
- MINOR: frontend: Create HTTP txn for HTX streams
|
|
- MINOR: stream: Be sure to set HTTP analysers when creating an HTX stream
|
|
- BUG/MINOR: stream: Properly handle TCP>H1>H2 upgrades in http_wait_for_request
|
|
- BUG/MINOR: config: Add warning for http-after-response rules in TCP mode
|
|
- MINOR: muxes: Add a flag to notify a mux does not support any upgrade
|
|
- MINOR: mux-h1: Don't perform implicit HTTP/2 upgrade if not supported by mux
|
|
- MINOR: mux-pt: Don't perform implicit HTTP upgrade if not supported by mux
|
|
- MEDIUM: mux-h1: Expose h1 in the list of supported mux protocols
|
|
- MEDIUM: mux-pt: Expose passthrough in the list of supported mux protocols
|
|
- MINOR: muxes: Show muxes flags when the mux list is displayed
|
|
- DOC: config: Improve documentation about proto/check-proto keywords
|
|
- MINOR: stream: Use stream type instead of proxy mode when appropriate
|
|
- MINOR: filters/http-ana: Decide to filter HTTP headers in HTTP analysers
|
|
- MINOR: http-ana: Simplify creation/destruction of HTTP transactions
|
|
- MINOR: stream: Handle stream HTTP upgrade in a dedicated function
|
|
- MEDIUM: Add tcp-request switch-mode action to perform HTTP upgrade
|
|
- MINOR: config/proxy: Don't warn for HTTP rules in TCP if 'switch-mode http' set
|
|
- MINOR: config/proxy: Warn if a TCP proxy without backend is upgradable to HTTP
|
|
- DOC: config: Add documentation about TCP to HTTP upgrades
|
|
- REGTESTS: Add script to tests TCP to HTTP upgrades
|
|
- BUG/MINOR: payload/htx: Ingore L6 sample fetches for HTX streams/checks
|
|
- MINOR: htx: Make internal.strm.is_htx an internal sample fetch
|
|
- MINOR: action: Use a generic function to check validity of an action rule list
|
|
- MINOR: payload/config: Warn if a L6 sample fetch is used from an HTTP proxy
|
|
- MEDIUM: http-rules: Add wait-for-body action on request and response side
|
|
- REGTESTS: Add script to tests the wait-for-body HTTP action
|
|
- BUG/MINOR: http-fetch: Fix test on message state to capture the version
|
|
- CLEANUP: vars: always pre-initialize smp in vars_parse_cli_get_var()
|
|
- MINOR: global: define diagnostic mode of execution
|
|
- MINOR: cfgparse: diag for multiple nbthread statements
|
|
- MINOR: server: diag for 0 weight server
|
|
- MINOR: diag: create cfgdiag module
|
|
- MINOR: diag: diag if servers use the same cookie value
|
|
- MINOR: config: diag if global section after non-global
|
|
- TESTS: slightly reorganize the code in the tests/ directory
|
|
- TESTS: move tests/*.cfg to tests/config
|
|
- REGTESTS: ssl: "set ssl cert" and multi-certificates bundle
|
|
- REGTESTS: ssl: mark set_ssl_cert_bundle.vtc as broken
|
|
- CONTRIB: halog: fix issue with array of type char
|
|
- CONTRIB: tcploop: add a shutr command
|
|
- CONTRIB: debug: add the show-fd-to-flags script
|
|
- CONTRIB: debug: split poll from flags
|
|
- CONTRIB: move some dev-specific tools to dev/
|
|
- BUILD: makefile: always build the flags utility
|
|
- DEV: flags: replace the unneeded makefile with a README
|
|
- BUILD: makefile: integrate the hpack tools
|
|
- CONTRIB: merge ip6range with iprange
|
|
- CONTRIB: move some admin-related sub-projects to admin/
|
|
- CONTRIB: move halog to admin/
|
|
- ADMIN: halog: automatically enable USE_MEMCHR on the right glibc version
|
|
- BUILD: makefile: build halog with the correct flags
|
|
- BUILD: makefile: add a "USE_PROMEX" variable to ease building prometheus-exporter
|
|
- CONTRIB: move prometheus-exporter to addons/promex
|
|
- DOC: add a few words about USE_* and the addons directory
|
|
- CONTRIB: move 51Degrees to addons/51degrees
|
|
- CONTRIB: move src/da.c and contrib/deviceatlas to addons/deviceatlas
|
|
- CONTRIB: move src/wurfl.c and contrib/wurfl to addons/wurfl
|
|
- CONTRIB: move contrib/opentracing to addons/ot
|
|
- BUG/MINOR: opentracing: initialization after establishing daemon mode
|
|
- DOC: clarify that compression works for HTTP/2
|
|
|
|
2021/03/27 : 2.4-dev14
|
|
- MEDIUM: quic: Fix build.
|
|
- MEDIUM: quic: Fix build.
|
|
- CI: codespell: whitelist "Dragan Dosen"
|
|
- CLEANUP: assorted typo fixes in the code and comments
|
|
- CI: github actions: update LibreSSL to 3.2.5
|
|
- REGTESTS: revert workaround for a crash with recent libressl on http-reuse sni
|
|
- CLEANUP: mark defproxy as const on parse tune.fail-alloc
|
|
- REGTESTS: remove unneeded experimental-mode in cli add server test
|
|
- REGTESTS: wait for proper return of enable server in cli add server test
|
|
- MINOR: compression: use pool_alloc(), not pool_alloc_dirty()
|
|
- MINOR: spoe: use pool_alloc(), not pool_alloc_dirty()
|
|
- MINOR: fcgi-app: use pool_alloc(), not pool_alloc_dirty()
|
|
- MINOR: cache: use pool_alloc(), not pool_alloc_dirty()
|
|
- MINOR: ssl: use pool_alloc(), not pool_alloc_dirty()
|
|
- MINOR: opentracing: use pool_alloc(), not pool_alloc_dirty()
|
|
- MINOR: dynbuf: make b_alloc() always check if the buffer is allocated
|
|
- CLEANUP: compression: do not test for buffer before calling b_alloc()
|
|
- CLEANUP: l7-retries: do not test the buffer before calling b_alloc()
|
|
- MINOR: channel: simplify the channel's buffer allocation
|
|
- MEDIUM: dynbuf: remove last usages of b_alloc_margin()
|
|
- CLEANUP: dynbuf: remove b_alloc_margin()
|
|
- CLEANUP: dynbuf: remove the unused b_alloc_fast() function
|
|
- CLEANUP: pools: remove the unused pool_get_first() function
|
|
- MINOR: pools: make the pool allocator support a few flags
|
|
- MINOR: pools: add pool_zalloc() to return a zeroed area
|
|
- CLEANUP: connection: use pool_zalloc() in conn_alloc_hash_node()
|
|
- CLEANUP: filters: use pool_zalloc() in flt_stream_add_filter()
|
|
- CLEANUP: spoe: use pool_zalloc() instead of pool_alloc+memset
|
|
- CLEANUP: frontend: use pool_zalloc() in frontend_accept()
|
|
- CLEANUP: mailers: use pool_zalloc() in enqueue_one_email_alert()
|
|
- CLEANUP: resolvers: use pool_zalloc() in resolv_link_resolution()
|
|
- CLEANUP: ssl: use pool_zalloc() in ssl_init_keylog()
|
|
- CLEANUP: tcpcheck: use pool_zalloc() instead of pool_alloc+memset
|
|
- CLEANUP: quic: use pool_zalloc() instead of pool_alloc+memset
|
|
- MINOR: time: also provide a global, monotonic global_now_ms timer
|
|
- BUG/MEDIUM: freq_ctr/threads: use the global_now_ms variable
|
|
- MINOR: tools: introduce new option PA_O_DEFAULT_DGRAM on str2sa_range.
|
|
- BUILD: tools: fix build error with new PA_O_DEFAULT_DGRAM
|
|
- BUG/MINOR: ssl: Prevent disk access when using "add ssl crt-list"
|
|
- CLEANUP: ssl: remove unused definitions
|
|
- BUILD: ssl: guard ecdh functions with SSL_CTX_set_tmp_ecdh macro
|
|
- MINOR: lua: Slightly improve function dumping the lua traceback
|
|
- BUG/MEDIUM: debug/lua: Use internal hlua function to dump the lua traceback
|
|
- BUG/MEDIUM: lua: Always init the lua stack before referencing the context
|
|
- MINOR: fd: make fd_clr_running() return the remaining running mask
|
|
- MINOR: fd: remove the unneeded running bit from fd_insert()
|
|
- BUG/MEDIUM: fd: do not wait on FD removal in fd_delete()
|
|
- CLEANUP: fd: remove unused fd_set_running_excl()
|
|
- CLEANUP: fd: slightly simplify up _fd_delete_orphan()
|
|
- BUG/MEDIUM: fd: Take the fd_mig_lock when closing if no DWCAS is available.
|
|
- BUG/MEDIUM: release lock on idle conn killing on reached pool high count
|
|
- BUG/MEDIUM: thread: Fix a deadlock if an isolated thread is marked as harmless
|
|
- MINOR: tools: make url2ipv4 return the exact number of bytes parsed
|
|
- BUG/MINOR: http_fetch: make hdr_ip() reject trailing characters
|
|
- BUG/MEDIUM: mux-h1: make h1_shutw_conn() idempotent
|
|
- BUG/MINOR: ssl: Fix update of default certificate
|
|
- BUG/MINOR: ssl: Prevent removal of crt-list line if the instance is a default one
|
|
- BUILD: ssl: introduce fine guard for ssl random extraction functions
|
|
- REORG: global: move initcall register code in a dedicated file
|
|
- REORG: global: move free acl/action in their related source files
|
|
- REORG: split proxy allocation functions
|
|
- MINOR: proxy: implement a free_proxy function
|
|
- MINOR: proxy: define cap PR_CAP_LUA
|
|
- MINOR: lua: properly allocate the lua Socket proxy
|
|
- MINOR: lua: properly allocate the lua Socket servers
|
|
- MINOR: vars: make get_vars() allow the session to be null
|
|
- MINOR: vars: make the var() sample fetch keyword depend on nothing
|
|
- CLEANUP: sample: remove duplicate "stopping" sample fetch keyword
|
|
- MINOR: sample: make smp_resolve_args() return an allocate error message
|
|
- MINOR: sample: add a new SMP_SRC_CONST sample capability
|
|
- MINOR: sample: mark the truly constant sample fetch keywords as such
|
|
- MINOR: sample: add a new CFG_PARSER context for samples
|
|
- MINOR: action: add a new ACT_F_CFG_PARSER origin designation
|
|
- MEDIUM: vars: add support for a "set-var" global directive
|
|
- REGTESTS: add a basic reg-test for some "set-var" commands
|
|
- MINOR: sample: add a new CLI_PARSER context for samples
|
|
- MINOR: action: add a new ACT_F_CLI_PARSER origin designation
|
|
- MINOR: vars/cli: add a "get var" CLI command to retrieve global variables
|
|
- MEDIUM: cli: add a new experimental "set var" command
|
|
- MINOR: compat: add short aliases for a few very commonly used types
|
|
- BUILD: ssl: use EVP_CIPH_GCM_MODE macro instead of HA_OPENSSL_VERSION
|
|
- MEDIUM: backend: use a trylock to grab a connection on high FD counts as well
|
|
|
|
2021/03/19 : 2.4-dev13
|
|
- BUG/MEDIUM: cli: fix "help" crashing since recent spelling fixes
|
|
- BUG/MINOR: cfgparse: use the GLOBAL not LISTEN keywords list for spell checking
|
|
- MINOR: tools: improve word fingerprinting by counting presence
|
|
- MINOR: tools: do not sum squares of differences for word fingerprints
|
|
- MINOR: cli: improve fuzzy matching to work on all remaining words at once
|
|
- MINOR: cli: sort the suggestions by order of relevance
|
|
- MINOR: cli: limit spelling suggestions to 5
|
|
- MINOR: cfgparse/proxy: also support spelling fixes on options
|
|
- BUG/MINOR: resolvers: Add missing case-insensitive comparisons of DNS hostnames
|
|
- MINOR: time: export the global_now variable
|
|
- BUG/MINOR: freq_ctr/threads: make use of the last updated global time
|
|
- MINOR: freq_ctr/threads: relax when failing to update a sliding window value
|
|
- MINOR/BUG: mworker/cli: do not use the unix_bind prefix for the master CLI socket
|
|
- MINOR: mworker/cli: alert the user if we enabled a master CLI but not the master-worker mode
|
|
- MINOR: cli: implement experimental-mode
|
|
- REORG: server: add a free server function
|
|
- MINOR: cfgparse: always alloc idle conns task
|
|
- REORG: server: move keywords in srv_kws
|
|
- MINOR: server: remove fastinter from mistyped kw list
|
|
- REORG: server: split parse_server
|
|
- REORG: server: move alert traces in parse_server
|
|
- REORG: server: rename internal functions from parse_server
|
|
- REORG: server: attach servers in parse_server
|
|
- REORG: server: use flags for parse_server
|
|
- MINOR: server: prepare parsing for dynamic servers
|
|
- MINOR: stats: export function to allocate extra proxy counters
|
|
- MEDIUM: server: implement 'add server' cli command
|
|
- REGTESTS: implement test for 'add server' cli
|
|
- MINOR: server: enable standard options for dynamic servers
|
|
- MINOR: server: support keyword proto in 'add server' cli
|
|
- BUG/MINOR: protocol: add missing support of dgram unix socket.
|
|
- CLEANUP: Fix a typo in fix_is_valid description
|
|
- MINOR: raw_sock: Add a close method.
|
|
- MEDIUM: connections: Introduce a new XPRT method, start().
|
|
- MEDIUM: connections: Implement a start() method for xprt_handshake.
|
|
- MEDIUM: connections: Implement a start() method in ssl_sock.
|
|
- MINOR: muxes: garbage collect the reset() method.
|
|
- CLEANUP: tcp-rules: Fix a typo in error messages about expect-netscaler-cip
|
|
- MEDIUM: lua: Use a per-thread counter to track some non-reentrant parts of lua
|
|
- BUG/MEDIUM: debug/lua: Don't dump the lua stack if not dumpable
|
|
|
|
2021/03/13 : 2.4-dev12
|
|
- CLEANUP: connection: Use `VAR_ARRAY` in `struct tlv` definition
|
|
- CLEANUP: connection: Remove useless test for NULL before calling `pool_free()`
|
|
- CLEANUP: connection: Use istptr / istlen for proxy_unique_id
|
|
- MINOR: connection: Use a `struct ist` to store proxy_authority
|
|
- CLEANUP: connection: Consistently use `struct ist` to process all TLV types
|
|
- BUILD: task: fix build at -O0 with threads disabled
|
|
- BUILD: bug: refine HA_LINK_ERROR() to only be used on gcc and derivatives
|
|
- CLEANUP: config: make the cfg_keyword parsers take a const for the defproxy
|
|
- BUILD: connection: do not use VAR_ARRAY in struct tlv
|
|
- BUG/MEDIUM: session: NULL dereference possible when accessing the listener
|
|
- MINOR: build: force CC to set a return code when probing options
|
|
- CLEANUP: stream: rename a few remaining occurrences of "stream *sess"
|
|
- BUG/MEDIUM: resolvers: handle huge responses over tcp servers.
|
|
- CLEANUP: config: also address the cfg_keyword API change in the compression code
|
|
- BUG/MEDIUM: ssl: properly remove the TASK_HEAVY flag at end of handshake
|
|
- BUG/MINOR: sample: Rename SenderComID/TargetComID to SenderCompID/TargetCompID
|
|
- MINOR: task: give the scheduler a bit more flexibility in the runqueue size
|
|
- OPTIM: task: automatically adjust the default runqueue-depth to the threads
|
|
- BUG/MINOR: connection: Missing QUIC initialization
|
|
- BUG/MEDIUM: stick-tables: fix ref counter in table entry using multiple http tracksc.
|
|
- BUILD: atomic/arm64: force the register pairs to use in __ha_cas_dw()
|
|
- BUG/MEDIUM: filters: Set CF_FL_ANALYZE on channels when filters are attached
|
|
- BUG/MINOR: tcpcheck: Update .health threshold of agent inside an agent-check
|
|
- BUG/MINOR: proxy/session: Be sure to have a listener to increment its counters
|
|
- BUG/MINOR: tcpcheck: Fix double free on error path when parsing tcp/http-check
|
|
- BUG/MINOR: server-state: properly handle the case where the base is not set
|
|
- BUG/MINOR: server-state: use the argument, not the global state
|
|
- CLEANUP: tcp-rules: add missing actions in the tcp-request error message
|
|
- CLEANUP: vars: make the error message clearer on missing arguments for set-var
|
|
- CLEANUP: http-rules: remove the unexpected comma before the list of action keywords
|
|
- CLEANUP: actions: the keyword must always be const from the rule
|
|
- MINOR: tools: add simple word fingerprinting to find similar-looking words
|
|
- MINOR: cfgparse: add cfg_find_best_match() to suggest an existing word
|
|
- MINOR: cfgparse: suggest correct spelling for unknown words in proxy sections
|
|
- MINOR: cfgparse: suggest correct spelling for unknown words in global section
|
|
- MINOR: cfgparse/server: try to fix spelling mistakes on server lines
|
|
- MINOR: cfgparse/bind: suggest correct spelling for unknown bind keywords
|
|
- MINOR: actions: add a function to suggest an action ressembling a given word
|
|
- MINOR: http-rules: suggest approaching action names on mismatch
|
|
- MINOR: tcp-rules: suggest approaching action names on mismatch
|
|
- BUG/MINOR: cfgparse/server: increment the extra keyword counter one at a time
|
|
- Revert "BUG/MINOR: resolvers: Only renew TTL for SRV records with an additional record"
|
|
- BUG/MINOR: resolvers: Consider server to have no IP on DNS resolution error
|
|
- BUG/MINOR: resolvers: Reset server address on DNS error only on status change
|
|
- BUG/MINOR: resolvers: Unlink DNS resolution to set RMAINT on SRV resolution
|
|
- BUG/MEDIUM: resolvers: Don't set an address-less server as UP
|
|
- BUG/MEDIUM: resolvers: Fix the loop looking for an existing ADD item
|
|
- MINOR: resolvers: new function find_srvrq_answer_record()
|
|
- BUG/MINOR; resolvers: Ignore DNS resolution for expired SRV item
|
|
- BUG/MEDIUM: resolvers: Trigger a DNS resolution if an ADD item is obsolete
|
|
- MINOR: resolvers: Use a function to remove answers attached to a resolution
|
|
- MINOR: resolvers: Purge answer items when a SRV resolution triggers an error
|
|
- MINOR: resolvers: Add function to change the srv status based on SRV resolution
|
|
- MINOR: resolvers: Directly call srvrq_update_srv_state() when possible
|
|
- BUG/MEDIUM: resolvers: Don't release resolution from a requester callbacks
|
|
- BUG/MEDIUM: resolvers: Skip DNS resolution at startup if SRV resolution is set
|
|
- MINOR: resolvers: Use milliseconds for cached items in resolver responses
|
|
- MINOR: resolvers: Don't try to match immediatly renewed ADD items
|
|
- CLEANUP: resolvers: Use ha_free() in srvrq_resolution_error_cb()
|
|
- CLEANUP: resolvers: Perform unsafe loop on requester list when possible
|
|
- BUG/MINOR: cli: make sure "help", "prompt", "quit" are enabled at master level
|
|
- CLEANUP: cli: fix misleading comment and better indent the access level flags
|
|
- MINOR: cli: set the ACCESS_MASTER* bits on the master bind_conf
|
|
- MINOR: cli: test the appctx level for master access instead of comparing pointers
|
|
- MINOR: cli: print the error message in the parser function itself
|
|
- MINOR: cli: filter the list of commands to the matching part
|
|
- MEDIUM: cli: apply spelling fixes for known commands before listing them
|
|
- MINOR: tools: add the ability to update a word fingerprint
|
|
- MINOR: cli: apply the fuzzy matching on the whole command instead of words
|
|
- CLEANUP: cli: rename MAX_STATS_ARGS to MAX_CLI_ARGS
|
|
- CLEANUP: cli: rename the last few "stats_" to "cli_"
|
|
- CLEANUP: task: make sure tasklet handlers always indicate their statuses
|
|
- CLEANUP: assorted typo fixes in the code and comments
|
|
|
|
2021/03/05 : 2.4-dev11
|
|
- CI: codespell: skip Makefile for spell check
|
|
- CLEANUP: assorted typo fixes in the code and comments
|
|
- BUG/MINOR: tcp-act: Don't forget to set the original port for IPv4 set-dst rule
|
|
- BUG/MINOR: connection: Use the client's dst family for adressless servers
|
|
- BUG/MEDIUM: spoe: Kill applets if there are pending connections and nbthread > 1
|
|
- CLEANUP: Use ist2(const void*, size_t) whenever possible
|
|
- CLEANUP: Use IST_NULL whenever possible
|
|
- BUILD: proxy: Missing header inclusion for quic_transport_params_init()
|
|
- BUILD: quic: Implicit conversion between SSL related enums.
|
|
- DOC: spoe: Add a note about fragmentation support in HAProxy
|
|
- MINOR: contrib: add support for heartbeat control messages.
|
|
- MINOR: contrib: Enhance peers dissector heuristic.
|
|
- BUG/MINOR: mux-h2: Fix typo in scheme adjustment
|
|
- CLEANUP: Reapply the ist2() replacement patch
|
|
- CLEANUP: Use istadv(const struct ist, const size_t) whenever possible
|
|
- CLEANUP: Use isttest(const struct ist) whenever possible
|
|
- Revert "CI: Pin VTest to a known good commit"
|
|
- CLEANUP: backend: fix a wrong comment
|
|
- BUG/MINOR: backend: free allocated bind_addr if reuse conn
|
|
- MINOR: backend: handle reuse for conns with no server as target
|
|
- REGTESTS: test http-reuse if no server target
|
|
- BUG/MINOR: hlua: Don't strip last non-LWS char in hlua_pushstrippedstring()
|
|
- BUG/MINOR: server-state: Don't load server-state file for disabled backends
|
|
- CLEANUP: dns: Use DISGUISE() on a never-failing ring_attach() call
|
|
- CLEANUP: dns: Remove useless test on ns->dgram in dns_connect_nameserver()
|
|
- DOC: fix originalto except clause on destination address
|
|
- CLEANUP: Use the ist() macro whenever possible
|
|
- CLEANUP: Replace for loop with only a condition by while
|
|
- REORG: atomic: reimplement pl_cpu_relax() from atomic-ops.h
|
|
- BUG/MINOR: mt-list: always perform a cpu_relax call on failure
|
|
- MINOR: atomic: add armv8.1-a atomics variant for cas-dw
|
|
- MINOR: atomic: implement a more efficient arm64 __ha_cas_dw() using pairs
|
|
- BUG/MINOR: ssl: don't truncate the file descriptor to 16 bits in debug mode
|
|
- MEDIUM: pools: add CONFIG_HAP_NO_GLOBAL_POOLS and CONFIG_HAP_GLOBAL_POOLS
|
|
- MINOR: pools: double the local pool cache size to 1 MB
|
|
- MINOR: stream: use ABORT_NOW() and not abort() in stream_dump_and_crash()
|
|
- CLEANUP: stream: explain why we queue the stream at the head of the server list
|
|
- MEDIUM: backend: use a trylock when trying to grab an idle connection
|
|
- REORG: tools: promote the debug PRNG to more general use as a statistical one
|
|
- OPTIM: lb-random: use a cheaper PRNG to pick a server
|
|
- MINOR: task: stop abusing the nice field to detect a tasklet
|
|
- MINOR: task: move the nice field to the struct task only
|
|
- MEDIUM: task: extend the state field to 32 bits
|
|
- MINOR: task: add an application specific flag to the state: TASK_F_USR1
|
|
- MEDIUM: muxes: mark idle conns tasklets with TASK_F_USR1
|
|
- MINOR: xprt: add new xprt_set_idle and xprt_set_used methods
|
|
- MEDIUM: ssl: implement xprt_set_used and xprt_set_idle to relax context checks
|
|
- MINOR: server: don't read curr_used_conns multiple times
|
|
- CLEANUP: global: reorder some fields to respect cache lines
|
|
- CLEANUP: sockpair: silence a coverity check about fcntl()
|
|
- CLEANUP: lua: set a dummy file name and line number on the dummy servers
|
|
- MINOR: server: add a global list of all known servers
|
|
- MINOR: cfgparse: finish to set up servers outside of the proxy setup loop
|
|
- MINOR: server: allocate a per-thread struct for the per-thread connections stuff
|
|
- MINOR: server: move actconns to the per-thread structure
|
|
- CLEANUP: server: reorder some fields in the server struct to respect cache lines
|
|
- MINOR: backend: add a BUG_ON if conn mux NULL in connect_server
|
|
- BUG/MINOR: backend: fix condition for reuse on mode HTTP
|
|
- BUILD: Fix build when using clang without optimizing.
|
|
- CLEANUP: assorted typo fixes in the code and comments
|
|
|
|
2021/02/26 : 2.4-dev10
|
|
- BUILD: SSL: introduce fine guard for RAND_keep_random_devices_open
|
|
- MINOR: Configure the `cpp` userdiff driver for *.[ch] in .gitattributes
|
|
- BUG/MINOR: ssl/cli: potential null pointer dereference in "set ssl cert"
|
|
- BUG/MINOR: sample: secure convs that accept base64 string and var name as args
|
|
- BUG/MEDIUM: vars: make functions vars_get_by_{name,desc} thread-safe
|
|
- CLEANUP: vars: make smp_fetch_var() to reuse vars_get_by_desc()
|
|
- DOC: muxes: add a diagram of the exchanges between muxes and outer world
|
|
- BUG/MEDIUM: proxy: use thread-safe stream killing on hard-stop
|
|
- BUG/MEDIUM: cli/shutdown sessions: make it thread-safe
|
|
- BUG/MINOR: proxy: wake up all threads when sending the hard-stop signal
|
|
- MINOR: stream: add an "epoch" to figure which streams appeared when
|
|
- MINOR: cli/streams: make "show sess" dump all streams till the new epoch
|
|
- MINOR: streams: use one list per stream instead of a global one
|
|
- MEDIUM: streams: do not use the streams lock anymore
|
|
- BUILD: dns: avoid a build warning when threads are disabled (dss unused)
|
|
- MEDIUM: task: remove the tasks_run_queue counter and have one per thread
|
|
- MINOR: tasks: do not maintain the rqueue_size counter anymore
|
|
- CLEANUP: tasks: use a less confusing name for task_list_size
|
|
- CLEANUP: task: move the tree root detection from __task_wakeup() to task_wakeup()
|
|
- MINOR: task: limit the remote thread wakeup to the global runqueue only
|
|
- MINOR: task: move the allocated tasks counter to the per-thread struct
|
|
- CLEANUP: task: split the large tasklet_wakeup_on() function in two
|
|
- BUG/MINOR: fd: properly wait for !running_mask in fd_set_running_excl()
|
|
- BUG/MINOR: resolvers: Fix condition to release received ARs if not assigned
|
|
- BUG/MINOR: resolvers: Only renew TTL for SRV records with an additional record
|
|
- BUG/MINOR: resolvers: new callback to properly handle SRV record errors
|
|
- BUG/MEDIUM: resolvers: Reset server address and port for obselete SRV records
|
|
- BUG/MEDIUM: resolvers: Reset address for unresolved servers
|
|
- DOC: Update the module list in MAINTAINERS file
|
|
- MINOR: htx: Add function to reserve the max possible size for an HTX DATA block
|
|
- DOC: Update the HTX API documentation
|
|
- DOC: Update the filters guide
|
|
- BUG/MEDIUM: contrib/prometheus-exporter: fix segfault in listener name dump
|
|
- MINOR: task: split the counts of local and global tasks picked
|
|
- MINOR: task: do not use __task_unlink_rq() from process_runnable_tasks()
|
|
- MINOR: task: don't decrement then increment the local run queue
|
|
- CLEANUP: task: re-merge __task_unlink_rq() with task_unlink_rq()
|
|
- MINOR: task: make grq_total atomic to move it outside of the grq_lock
|
|
- MINOR: tasks: also compute the tasklet latency when DEBUG_TASK is set
|
|
- MINOR: task: make tasklet wakeup latency measurements more accurate
|
|
- MINOR: server: Be more strict on the server-state line parsing
|
|
- MINOR: server: Only fill one array when parsing a server-state line
|
|
- MEDIUM: server: Refactor apply_server_state() to make it more readable
|
|
- CLEANUP: server: Rename state_line node to node instead of name_name
|
|
- CLEANUP: server: Rename state_line structure into server_state_line
|
|
- CLEANUP: server: Use a local eb-tree to store lines of the global server-state file
|
|
- MINOR: server: Be more strict when reading the version of a server-state file
|
|
- MEDIUM: server: Store parsed params of a server-state line in the tree
|
|
- MINOR: server: Remove cached line from global server-state tree when found
|
|
- MINOR: server: Move loading state of servers in a dedicated function
|
|
- MEDIUM: server: Use a tree to store local server-state lines
|
|
- MINOR: server: Parse and store server-state lines in a dedicated function
|
|
- MEDIUM: server: Don't load server-state file if a line is corrupted
|
|
- REORG: server: Export and rename some functions updating server info
|
|
- REORG: server-state: Move functions to deal with server-state in its own file
|
|
- MINOR: server-state: Don't load server-state file for serverless proxies
|
|
- CLEANUP: muxes: Remove useless if condition in show_fd function
|
|
- BUG/MINOR: stats: fix compare of no-maint url suffix
|
|
- MINOR: task: limit the number of subsequent heavy tasks with flag TASK_HEAVY
|
|
- MINOR: ssl: mark the SSL handshake tasklet as heavy
|
|
- CLEANUP: server: rename srv_cleanup_{idle,toremove}_connections()
|
|
- BUG/MINOR: ssl: potential null pointer dereference in ckchs_dup()
|
|
- MINOR: task: add one extra tasklet class: TL_HEAVY
|
|
- MINOR: task: place the heavy elements in TL_HEAVY
|
|
- MINOR: task: only limit TL_HEAVY tasks but not others
|
|
- BUG/MINOR: http-ana: Only consider dst address to process originalto option
|
|
- MINOR: tools: Add net_addr structure describing a network addess
|
|
- MINOR: tools: Add function to compare an address to a network address
|
|
- MEDIUM: http-ana: Add IPv6 support for forwardfor and orignialto options
|
|
- CLEANUP: hlua: Use net_addr structure internally to parse and compare addresses
|
|
- REGTESTS: Add script to test except param for fowardedfor/originalto options
|
|
- DOC: scheduler: add a diagram showing the different queues and their usages
|
|
- CLEANUP: tree-wide: replace free(x);x=NULL with ha_free(&x)
|
|
- CLEANUP: config: replace a few free() with ha_free()
|
|
- CLEANUP: vars: always zero the pointers after a free()
|
|
- CLEANUP: ssl: remove a useless "if" before freeing an error message
|
|
- CLEANUP: ssl: make ssl_sock_free_srv_ctx() zero the pointers after free
|
|
- CLEANUP: ssl: use realloc() instead of free()+malloc()
|
|
|
|
2021/02/20 : 2.4-dev9
|
|
- BUG/MINOR: server: Remove RMAINT from admin state when loading server state
|
|
- CLEANUP: check: fix get_check_status_info declaration
|
|
- CLEANUP: contrib/prometheus-exporter: align for with srv status case
|
|
- MEDIUM: stats: allow to select one field in `stats_fill_li_stats`
|
|
- MINOR: stats: add helper to get status string
|
|
- MEDIUM: contrib/prometheus-exporter: add listen stats
|
|
- BUG/MINOR: dns: add test on result getting value from buffer into ring.
|
|
- BUG/MINOR: dns: dns_connect_server must return -1 unsupported nameserver's type
|
|
- BUG/MINOR: dns: missing test writing in output channel in session handler
|
|
- BUG/MINOR: dns: fix ring attach control on dns_session_new
|
|
- BUG/MEDIUM: dns: fix multiple double close on fd in dns.c
|
|
- BUG/MAJOR: connection: prevent double free if conn selected for removal
|
|
- BUG/MINOR: session: atomically increment the tracked sessions counter
|
|
- REGTESTS: fix http_reuse_conn_hash proxy test
|
|
- BUG/MINOR: backend: do not call smp_make_safe for sni conn hash
|
|
- MINOR: connection: remove pointers for prehash in conn_hash_params
|
|
- BUG/MINOR: checks: properly handle wrapping time in __health_adjust()
|
|
- BUG/MEDIUM: checks: don't needlessly take the server lock in health_adjust()
|
|
- DEBUG: thread: add 5 extra lock labels for statistics and debugging
|
|
- OPTIM: server: switch the actconn list to an mt-list
|
|
- Revert "MINOR: threads: change lock_t to an unsigned int"
|
|
- MINOR: lb/api: let callers of take_conn/drop_conn tell if they have the lock
|
|
- OPTIM: lb-first: do not take the server lock on take_conn/drop_conn
|
|
- OPTIM: lb-leastconn: do not take the server lock on take_conn/drop_conn
|
|
- OPTIM: lb-leastconn: do not unlink the server if it did not change
|
|
- MINOR: tasks: add DEBUG_TASK to report caller info in a task
|
|
- MINOR: tasks/debug: add some extra controls of use-after-free in DEBUG_TASK
|
|
- BUG/MINOR: sample: Always consider zero size string samples as unsafe
|
|
- MINOR: cli: add missing agent commands for set server
|
|
- BUILD/MEDIUM: da Adding pcre2 support.
|
|
- BUILD: ssl: introduce fine guard for OpenSSL specific SCTL functions
|
|
- REGTESTS: reorder reuse conn proxy protocol test
|
|
- DOC: explain the relation between pool-low-conn and tune.idle-pool.shared
|
|
- MINOR: tasks: refine the default run queue depth
|
|
- MINOR: listener: refine the default MAX_ACCEPT from 64 to 4
|
|
- MINOR: mux_h2: do not try to remove front conn from idle trees
|
|
- REGTESTS: workaround for a crash with recent libressl on http-reuse sni
|
|
- BUG/MEDIUM: lists: Avoid an infinite loop in MT_LIST_TRY_ADDQ().
|
|
- MINOR: connection: allocate dynamically hash node for backend conns
|
|
- DOC: DeviceAtlas documentation typo fix.
|
|
- BUG/MEDIUM: spoe: Resolve the sink if a SPOE logs in a ring buffer
|
|
- BUG/MINOR: http-rules: Always replace the response status on a return action
|
|
- BUG/MINOR: server: Init params before parsing a new server-state line
|
|
- BUG/MINOR: server: Be sure to cut the last parsed field of a server-state line
|
|
- MEDIUM: server: Don't introduce a new server-state file version
|
|
- DOC: contrib/prometheus-exporter: remove htx reference
|
|
- REGTESTS: contrib/prometheus-exporter: test NaN values
|
|
- REGTESTS: contrib/prometheus-exporter: test well known labels
|
|
- CI: github actions: switch to stable LibreSSL release
|
|
- BUG/MINOR: server: Fix test on number of fields allowed in a server-state line
|
|
- MINOR: dynbuf: make the buffer wait queue per thread
|
|
- MINOR: dynbuf: use regular lists instead of mt_lists for buffer_wait
|
|
- MINOR: dynbuf: pass offer_buffers() the number of buffers instead of a threshold
|
|
- MINOR: sched: have one runqueue ticks counter per thread
|
|
|
|
2021/02/13 : 2.4-dev8
|
|
- BUILD: ssl: fix typo in HAVE_SSL_CTX_ADD_SERVER_CUSTOM_EXT macro
|
|
- BUILD: ssl: guard SSL_CTX_add_server_custom_ext with special macro
|
|
- BUG/MINOR: mux-h1: Don't emit extra CRLF for empty chunked messages
|
|
- MINOR: contrib/prometheus-exporter: use stats desc when possible followup
|
|
- MEDIUM: contrib/prometheus-exporter: export base stick table stats
|
|
- CLEANUP: assorted typo fixes in the code and comments
|
|
- CLEANUP: check: fix some typo in comments
|
|
- CLEANUP: tools: typo in `strl2irc` mention
|
|
- BUILD: ssl: guard SSL_CTX_set_msg_callback with SSL_CTRL_SET_MSG_CALLBACK macro
|
|
- MEDIUM: ssl: add a rwlock for SSL server session cache
|
|
- BUG/MINOR: intops: fix mul32hi()'s off-by-one
|
|
- BUG/MINOR: freq_ctr: fix a wrong delay calculation in next_event_delay()
|
|
- MINOR: stick-tables/counters: add http_fail_cnt and http_fail_rate data types
|
|
- MINOR: ssl: add SSL_SERVER_LOCK label in threads.h
|
|
- BUG/MINOR: mux-h1: Don't increment HTTP error counter for 408/500/501 errors
|
|
- BUG/MINOR: http-ana: Don't increment HTTP error counter on internal errors
|
|
- BUG/MEDIUM: mux-h1: Always set CS_FL_EOI for response in MSG_DONE state
|
|
- BUG/MINOR: mux-h1: Fix data skipping for bodyless responses
|
|
- BUG/MINOR: mux-h1: Don't blindly skip EOT block for non-chunked messages
|
|
- BUG/MEDIUM: mux-h2: Add EOT block when EOM flag is set on an empty HTX message
|
|
- MINOR: mux-h1: Be sure EOM flag is set when processing end of outgoing message
|
|
- REGTESTS: Add a script to test payload skipping for bodyless HTTP responses
|
|
- BUG/MINOR: server: re-align state file fields number
|
|
- CLEANUP: muxes: Remove useless calls to b_realign_if_empty()
|
|
- BUG/MINOR: tools: Fix a memory leak on error path in parse_dotted_uints()
|
|
- CLEANUP: remove unused variable assigned found by Coverity
|
|
- CLEANUP: queue: Remove useless tests on p or pp in pendconn_process_next_strm()
|
|
- BUG/MINOR: backend: hold correctly lock when killing idle conn
|
|
- MEDIUM: connection: protect idle conn lists with locks
|
|
- MEDIUM: connection: replace idle conn lists by eb trees
|
|
- MINOR: backend: search conn in idle/safe trees after available
|
|
- MINOR: backend: search conn in idle tree after safe on always reuse
|
|
- MINOR: connection: prepare hash calcul for server conns
|
|
- MINOR: connection: use the srv pointer for the srv conn hash
|
|
- MINOR: backend: compare conn hash for session conn reuse
|
|
- MINOR: connection: use sni as parameter for srv conn hash
|
|
- MINOR: reg-tests: test http-reuse with sni
|
|
- MINOR: backend: rewrite alloc of stream target address
|
|
- MINOR: connection: use dst addr as parameter for srv conn hash
|
|
- MINOR: reg-test: test http-reuse with specific dst addr
|
|
- MINOR: backend: rewrite alloc of connection src address
|
|
- MINOR: connection: use src addr as parameter for srv conn hash
|
|
- MINOR: connection: use proxy protocol as parameter for srv conn hash
|
|
- MINOR: reg-tests: test http-reuse with proxy protocol
|
|
- MINOR: doc: update http reuse for new eligilible connections
|
|
- BUG/MINOR: backend: fix compilation without ssl
|
|
- REGTESTS: adjust http_reuse_conn_hash requirements
|
|
- REGTESTS: deactivate a failed test on CI in http_reuse_conn_hash
|
|
- REGTESTS: fix sni used in http_reuse_conn_hash for libressl 3.3.0
|
|
- CI: cirrus: update FreeBSD image to 12.2
|
|
- MEDIUM: cli: add check-addr command
|
|
- MEDIUM: cli: add agent-port command
|
|
- MEDIUM: server: add server-states version 2
|
|
- MEDIUM: server: support {check,agent}_addr, agent_port in server state
|
|
- MINOR: server: enhance error precision when applying server state
|
|
- BUG/MINOR: server: Fix server-state-file-name directive
|
|
- CLEANUP: deinit: release global and per-proxy server-state variables on deinit
|
|
- BUG/MEDIUM: config: don't pick unset values from last defaults section
|
|
- BUG/MINOR: stats: revert the change on ST_CONVDONE
|
|
- BUG/MINOR: cfgparse: do not mention "addr:port" as supported on proxy lines
|
|
- BUG/MINOR: http-htx: defpx must be a const in proxy_dup_default_conf_errors()
|
|
- BUG/MINOR: tcpheck: the source list must be a const in dup_tcpcheck_var()
|
|
- BUILD: proxy: add missing compression-t.h to proxy-t.h
|
|
- REORG: move init_default_instance() to proxy.c and pass it the defproxy pointer
|
|
- REORG: proxy: centralize the proxy allocation code into alloc_new_proxy()
|
|
- MEDIUM: proxy: only take defaults when a default proxy is passed.
|
|
- MINOR: proxy: move the defproxy freeing code to proxy.c
|
|
- MINOR: proxy: always properly reset the just freed default instance pointers
|
|
- BUG/MINOR: extcheck: proxy_parse_extcheck() must take a const for the defproxy
|
|
- BUG/MINOR: tcpcheck: proxy_parse_*check*() must take a const for the defproxy
|
|
- BUG/MINOR: server: parse_server() must take a const for the defproxy
|
|
- MINOR: cfgparse: move defproxy to cfgparse-listen as a static
|
|
- MINOR: proxy: add a new capability PR_CAP_DEF
|
|
- MINOR: cfgparse: check PR_CAP_DEF instead of comparing poiner against defproxy
|
|
- MINOR: cfgparse: use a pointer to the current default proxy
|
|
- MINOR: proxy: also store the name for a defaults section
|
|
- MINOR: proxy: support storing defaults sections into their own tree
|
|
- MEDIUM: proxy: store the default proxies in a tree by name
|
|
- MEDIUM: cfgparse: allow a proxy to designate the defaults section to use
|
|
- MINOR: http: add baseq sample fetch
|
|
- CLEANUP: tcpcheck: Remove a useless test on port variable
|
|
- BUG/MINOR: server: Don't call fopen() with server-state filepath set to NULL
|
|
- CLEANUP: server: Remove useless "filepath" variable in apply_server_state()
|
|
- MINOR: peers/cli: do not dump the peers dictionaries by default on "show peers"
|
|
- MINOR: cfgparse: implement a simple if/elif/else/endif macro block handler
|
|
- DOC: tune: explain the origin of block size for ssl.cachesize
|
|
- MINOR: tcp: add support for defer-accept on FreeBSD.
|
|
- MINOR: ring: adds new ring_init function.
|
|
- CLEANUP: channel: fix comment in ci_putblk.
|
|
- BUG/MINOR: dns: add missing sent counter and parent id to dns counters.
|
|
- BUG/MINOR: resolvers: fix attribute packed struct for dns
|
|
- MINOR: resolvers: renames some resolvers internal types and removes dns prefix
|
|
- MINOR: resolvers: renames type dns_resolvers to resolvers.
|
|
- MINOR: resolvers: renames some resolvers specific types to not use dns prefix
|
|
- MINOR: resolvers: renames some dns prefixed types using resolv prefix.
|
|
- MINOR: resolvers: renames resolvers DNS_RESP_* errcodes RSLV_RESP_*
|
|
- MINOR: resolvers: renames resolvers DNS_UPD_* returncodes to RSLV_UPD_*
|
|
- MINOR: resolvers: rework prototype suffixes to split resolving and dns.
|
|
- MEDIUM: resolvers: move resolvers section parsing from cfgparse.c to dns.c
|
|
- MINOR: resolvers: replace nameserver's resolver ref by generic parent pointer
|
|
- MINOR: resolvers: rework dns stats prototype because specific to resolvers
|
|
- MEDIUM: resolvers: split resolving and dns message exchange layers.
|
|
- MEDIUM: resolvers/dns: split dns.c into dns.c and resolvers.c
|
|
- MEDIUM: dns: adds code to support pipelined DNS requests over TCP.
|
|
- MEDIUM: resolvers: add supports of TCP nameservers in resolvers.
|
|
|
|
2021/02/05 : 2.4-dev7
|
|
- BUG/MINOR: stats: Continue to fill frontend stats on unimplemented metric
|
|
- BUILD: ssl: guard Client Hello callbacks with HAVE_SSL_CLIENT_HELLO_CB macro instead of openssl version
|
|
- BUG/MINOR: stats: Init the metric variable when frontend stats are filled
|
|
- MINOR: contrib/prometheus-exporter: better output of Not-a-Number
|
|
- CLEANUP: stats: improve field selection for frontend http fields
|
|
- CLEANUP: assorted typo fixes in the code and comments
|
|
- DOC: Improve documentation of the various hdr() fetches
|
|
- MEDIUM: stats: allow to select one field in `stats_fill_be_stats`
|
|
- MINOR: contrib/prometheus-exporter: use fill_be_stats for backend dump
|
|
- MEDIUM: stats: allow to select one field in `stats_fill_sv_stats`
|
|
- MINOR: contrib/prometheus-exporter: use fill_sv_stats for server dump
|
|
- MINOR: abort() on my_unreachable() when DEBUG_USE_ABORT is set.
|
|
- BUG/MEDIUM: filters/htx: Fix data forwarding when payload length is unknown
|
|
- BUG/MINOR: config: fix leak on proxy.conn_src.bind_hdr_name
|
|
- MINOR: reg-tests: add http-reuse test
|
|
- CLEANUP: srv: fix comment for pool-max-conn
|
|
- CLEANUP: backend: remove an obsolete comment on conn_backend_get
|
|
- REORG: backend: simplify conn_backend_get
|
|
- MINOR: ssl: Server ssl context prepare function refactoring
|
|
- MINOR: ssl: Certificate chain loading refactorization
|
|
- MEDIUM: ssl: Load client certificates in a ckch for backend servers
|
|
- MEDIUM: ssl: Enable backend certificate hot update
|
|
- MINOR: ssl: Remove client_crt member of the server's ssl context
|
|
- CLEANUP: ssl/cli: rework free in cli_io_handler_commit_cert()
|
|
- CLEANUP: ssl: remove SSL_CTX function parameter
|
|
- CLEANUP: ssl: make load_srv_{ckchs,cert} match their bind counterpart
|
|
- BUILD: Include stdlib.h in compiler.h if DEBUG_USE_ABORT is set
|
|
- CI: Fix DEBUG_STRICT definition for Coverity
|
|
- BUG/MINOR: stats: Remove a break preventing ST_F_QCUR to be set for servers
|
|
- BUG/MINOR: stats: Add a break after filling ST_F_MODE field for servers
|
|
- CLEANUP: ssl: remove dead code in ckch_inst_new_load_srv_store()
|
|
- BUG/MINOR: ssl: init tmp chunk correctly in ssl_sock_load_sctl_from_file()
|
|
- BUG/MEDIUM: session: only retrieve ready idle conn from session
|
|
- BUG/MEDIUM: backend: never reuse a connection for tcp mode
|
|
- REGTESTS: set_ssl_server_cert.vtc: remove the abort command
|
|
- REGTESTS: set_ssl_server_cert.vtc: check the Sha1 Fingerprint
|
|
- REGTESTS: set_ssl_server_cert.vtc: check the sha1 from the server
|
|
- MEDIUM: stream-int: Take care of EOS if the SI wake callback function
|
|
- MINOR: mux-h1: Try to wake up data layer first before calling its wake callback
|
|
- MINOR: mux-h1: Wake up H1C after its creation if input buffer is not empty
|
|
- MEDIUM: mux-h1: Add ST_READY state for the H1 connections
|
|
- MINOR: stream: Add a function to validate TCP to H1 upgrades
|
|
- MEDIUM: http-ana: Do nothing in wait-for-request analyzer if not htx
|
|
- BUG/MEDIUM: stream: Don't immediatly ack the TCP to H1 upgrades
|
|
- BUG/MAJOR: mux-h1: Properly handle TCP to H1 upgrades
|
|
- MINOR: htx/http-ana: Save info about Upgrade option in the Connection header
|
|
- MEDIUM: http-ana: Refuse invalid 101-switching-protocols responses
|
|
- BUG/MINOR: h2/mux-h2: Reject 101 responses with a PROTOCOL_ERROR h2s error
|
|
- MINOR: mux-h1/mux-fcgi: Don't set TUNNEL mode if payload length is unknown
|
|
- MINOR: mux-h1: Split H1C_F_WAIT_OPPOSITE flag to separate input/output sides
|
|
- MINOR: mux-h2: Add 2 flags to help to properly handle tunnel mode
|
|
- MEDIUM: mux-h2: Block client data on server side waiting tunnel establishment
|
|
- MEDIUM: mux-h2: Close streams when processing data for an aborted tunnel
|
|
- MEDIUM: mux-h1: Properly handle tunnel establishments and aborts
|
|
- BUG/MAJOR: mux-h1/mux-h2/htx: Fix HTTP tunnel management at the mux level
|
|
- MINOR: htx: Rename HTX_FL_EOI flag into HTX_FL_EOM
|
|
- REGTESTS: Don't run http_msg_full_on_eom script on the 2.4 anymore
|
|
- MINOR: htx: Add a function to know if a block is the only one in a message
|
|
- MAJOR: htx: Remove the EOM block type and use HTX_FL_EOM instead
|
|
- MINOR: mux-h1: Add a flag on H1 streams with a response known to be bodyless
|
|
- MEDIUM: mux-h1: Don't emit any payload for bodyless responses
|
|
- MINOR: mux-h1: Don't emit C-L and T-E headers for 204 and 1xx responses
|
|
- MINOR: mux-h1: Don't add Connection close/keep-alive header for 1xx messages
|
|
- MINOR: h2/mux-h2: Add flags to notify the response is known to have no body
|
|
- MEDIUM: mux-h2: Don't emit DATA frame for bodyless responses
|
|
- MEDIUM: http-ana: Deal with L7 retries in HTTP analysers
|
|
- MINOR: h1: reject websocket handshake if missing key
|
|
- MEDIUM: h1: generate WebSocket key on response if needed
|
|
- MINOR: mux_h2: define H2_SF_EXT_CONNECT_SENT stream flag
|
|
- MEDIUM: h2: parse Extended CONNECT reponse to htx
|
|
- MEDIUM: mux_h2: generate Extended CONNECT from htx upgrade
|
|
- MEDIUM: h1: add a WebSocket key on handshake if needed
|
|
- MEDIUM: mux_h2: generate Extended CONNECT response
|
|
- MEDIUM: h2: parse Extended CONNECT request to htx
|
|
- MEDIUM: h2: send connect protocol h2 settings
|
|
- MINOR: vtc: add test for h1/h2 protocol upgrade translation
|
|
- MINOR: vtc: add websocket test
|
|
- REGTESTS: Fix required versions for several scripts
|
|
- REGTEST: Don't use the websocket to validate http-check
|
|
- MINOR: mux-h1/trace: add traces at level ERROR for all kind of errors
|
|
- MINOR: mux-fcgi/trace: add traces at level ERROR for all kind of errors
|
|
- MINOR: h1: Raise the chunk size limit up to (2^52 - 1)
|
|
- BUG/MEDIUM: listener: do not accept connections faster than we can process them
|
|
- REGTESTS: set_ssl_server_cert.vtc: set as broken
|
|
- Revert "BUG/MEDIUM: listener: do not accept connections faster than we can process them"
|
|
- BUG/MINOR: backend: check available list allocation for reuse
|
|
- CI: Fix the coverity builds
|
|
- DOC: management: fix "show resolvers" alphabetical ordering
|
|
- MINOR: tools: add print_time_short() to print a condensed duration value
|
|
- MINOR: activity: make profiling more manageable
|
|
- MINOR: activity: declare a new structure to collect per-function activity
|
|
- MEDIUM: tasks/activity: collect per-task statistics when profiling is enabled
|
|
- MINOR: activity: also report collected tasks stats in "show profiling"
|
|
- MINOR: activity: flush scheduler stats on "set profiling tasks on"
|
|
- MINOR: activity: add a new "show tasks" command to list currently active tasks
|
|
- MINOR: listener: export accept_queue_process
|
|
- MINOR: session: export session_expire_embryonic()
|
|
- MINOR: muxes: export the timeout and shutr task handlers
|
|
- MINOR: checks: export a few functions that appear often in trace dumps
|
|
- MINOR: peers: export process_peer_sync() to improve traces
|
|
- MINOR: stick-tables: export process_table_expire()
|
|
- MINOR: mux-h1: Remove first useless test on count in h1_process_output()
|
|
- BUG/MINOR: stick-table: Always call smp_fetch_src() with a valid arg list
|
|
- MINOR: http-fetch: Don't check if argument list is set in sample fetches
|
|
- MINOR: http-conv: Don't check if argument list is set in sample converters
|
|
- MINOR: sample: Don't check if argument list is set in sample fetches
|
|
- MINOR: ssl-sample: Don't check if argument list is set in sample fetches
|
|
- MINOR: mux-h2: Don't tests the start-line when sending HEADERS frame
|
|
- MINOR: mux-h2: Slightly improve request HEADERS frames sending
|
|
- MINOR: contrib/prometheus-exporter: declare states for objects
|
|
- MAJOR: contrib/prometheus-exporter: move ftd/bkd/srv states to labels
|
|
- MEDIUM: contrib/prometheus-exporter: Use dynamic labels instead of static ones
|
|
- MINOR: listener: export manage_global_listener_queue()
|
|
- BUG/MINOR: activity: take care of late wakeups in "show tasks"
|
|
- REGTESTS: set_ssl_server_cert.vtc: remove SSL caching and set as working
|
|
- REGTESTS: set_ssl_server_cert: cleanup the SSL caching option
|
|
- MINOR: checks: Add function to get the result code corresponding to a status
|
|
- MAJOR: contrib/prometheus-exporter: move health check status to labels
|
|
- MINOR: contrib/prometheus-exporter: improve service status description field
|
|
- MINOR: stats: improve pending connections description
|
|
- MINOR: stats: improve max stats descriptions
|
|
- MINOR: contrib/prometheus-exporter: use stats desc when possible
|
|
- MINOR: contrib/prometheus-exporter: add uweight field
|
|
- MINOR: contrib/prometheus-exporter: add recv logs_logs_total field
|
|
- CLEANUP: contrib/prometheus-exporter: remove unused includes
|
|
- CLEANUP: contrib/prometheus-exporter: align and reorder fields
|
|
- CLEANUP: contrib/prometheus-exporter: remove description in README
|
|
- DOC: contrib/prometheus-exporter: Add missing metrics in README
|
|
- BUG/MINOR: contrib/prometheus-exporter: Add missing label for ST_F_HRSP_1XX
|
|
- BUG/MINOR: contrib/prometheus-exporter: Restart labels dump at the right pos
|
|
- BUG/MEDIUM: ssl/cli: abort ssl cert is freeing the old store
|
|
- BUG/MEDIUM: ssl: check a connection's status before computing a handshake
|
|
- BUG/MINOR: mux_h2: fix incorrect stat titles
|
|
- MINOR: ssl/cli: flush the server session cache upon 'commit ssl cert'
|
|
- BUG/MINOR: cli: fix set server addr/port coherency with health checks
|
|
- MINOR: server: Don't set the check port during the update from a state file
|
|
- MINOR: dns: Don't set the check port during a server dns resolution
|
|
- MEDIUM: check: remove checkport checkaddr flag
|
|
- MEDIUM: server: adding support for check_port in server state
|
|
- BUG/MINOR: check: consitent way to set agentaddr
|
|
- MEDIUM: check: align agentaddr and agentport behaviour
|
|
- DOC: server: Add missing params in comment of the server state line parsing
|
|
- BUG/MINOR: xxhash: make sure armv6 uses memcpy()
|
|
- REGTESTS: mark http-check-send.vtc as 2.4-only
|
|
- REGTESTS: mark sample_fetches/hashes.vtc as 2.4-only
|
|
- BUG/MINOR: ssl: do not try to use early data if not configured
|
|
- REGTESTS: unbreak http-check-send.vtc
|
|
- MINOR: cli/show_fd: report local and report ports when known
|
|
- BUILD: Makefile: move REGTESTST_TYPE default setting
|
|
- BUG/MEDIUM: mux-h2: handle remaining read0 cases
|
|
- CLEANUP: http-htx: Set buffer area to NULL instead of malloc(0)
|
|
- BUG/MINOR: sock: Unclosed fd in case of connection allocation failure
|
|
- BUG/MEDIUM: mux-h2: do not quit the demux loop before setting END_REACHED
|
|
|
|
2021/01/22 : 2.4-dev6
|
|
- MINOR: converter: adding support for url_enc
|
|
- BUILD: SSL: guard TLS13 ciphersuites with HAVE_SSL_CTX_SET_CIPHERSUITES
|
|
- BUILD: ssl: guard EVP_PKEY_get_default_digest_nid with ASN1_PKEY_CTRL_DEFAULT_MD_NID
|
|
- BUILD: ssl: guard openssl specific with SSL_READ_EARLY_DATA_SUCCESS
|
|
- BUILD: Makefile: exclude broken tests by default
|
|
- CLEANUP: cfgparse: replace "realloc" with "my_realloc2" to fix to memory leak on error
|
|
- BUG/MINOR: hlua: Fix memory leak in hlua_alloc
|
|
- MINOR: contrib/prometheus-exporter: export build_info
|
|
- DOC: fix some spelling issues over multiple files
|
|
- CLEANUP: Fix spelling errors in comments
|
|
- SCRIPTS: announce-release: fix typo in help message
|
|
- CI: github: add a few more words to the codespell ignore list
|
|
- DOC: Add maintainers for the Prometheus exporter
|
|
- BUG/MINOR: sample: fix concat() converter's corruption with non-string variables
|
|
- BUG/MINOR: server: Memory leak of proxy.used_server_addr during deinit
|
|
- CLEANUP: sample: remove uneeded check in json validation
|
|
- MINOR: reg-tests: add a way to add service dependency
|
|
- BUG/MINOR: sample: check alloc_trash_chunk return value in concat()
|
|
- BUG/MINOR: reg-tests: fix service dependency script
|
|
- MINOR: reg-tests: add base prometheus test
|
|
- Revert "BUG/MINOR: dns: SRV records ignores duplicated AR records"
|
|
- BUG/MINOR: sample: Memory leak of sample_expr structure in case of error
|
|
- BUG/MINOR: check: Don't perform any check on servers defined in a frontend
|
|
- BUG/MINOR: init: enforce strict-limits when using master-worker
|
|
- MINOR: contrib/prometheus-exporter: avoid connection close header
|
|
- MINOR: contrib/prometheus-exporter: use fill_info for process dump
|
|
- BUG/MINOR: init: Use a dynamic buffer to set HAPROXY_CFGFILES env variable
|
|
- MINOR: config: Add failifnotcap() to emit an alert on proxy capabilities
|
|
- MINOR: server: Forbid server definitions in frontend sections
|
|
- BUG/MINOR: threads: Fixes the number of possible cpus report for Mac.
|
|
- CLEANUP: pattern: rename pat_ref_commit() to pat_ref_commit_elt()
|
|
- MINOR: pattern: add the missing generation ID manipulation functions
|
|
- MINOR: peers: Add traces for peer control messages.
|
|
- BUG/MINOR: dns: SRV records ignores duplicated AR records (v2)
|
|
- BUILD: peers: fix build warning about unused variable
|
|
- BUG/MEDIUM: stats: add missing INF_BUILD_INFO definition
|
|
- MINOR: cache: Do not store responses with an unknown encoding
|
|
- BUG/MINOR: peers: Possible appctx pointer dereference.
|
|
- MINOR: build: discard echoing in help target
|
|
- MINOR: cache: Remove the `hash` part of the accept-encoding secondary key
|
|
- CLEANUP: cache: Use proper data types in secondary_key_cmp()
|
|
- CLEANUP: Rename accept_encoding_hash_cmp to accept_encoding_bitmap_cmp
|
|
- BUG/MINOR: peers: Wrong "new_conn" value for "show peers" CLI command.
|
|
- MINOR: contrib: Make the wireshark peers dissector compile for more distribs.
|
|
- BUG/MINOR: mux_h2: missing space between "st" and ".flg" in the "show fd" helper
|
|
- CLEANUP: tools: make resolve_sym_name() take a const pointer
|
|
- CLEANUP: cli: make "show fd" use a const connection to access other fields
|
|
- MINOR: cli: make "show fd" also report the xprt and xprt_ctx
|
|
- MINOR: xprt: add a new show_fd() helper to complete some "show fd" dumps.
|
|
- MINOR: ssl: provide a "show fd" helper to report important SSL information
|
|
- MINOR: xprt/mux: export all *_io_cb functions so that "show fd" resolves them
|
|
- MINOR: mux-h2: make the "show fd" helper also decode the h2s subscriber when known
|
|
- MINOR: mux-h1: make the "show fd" helper also decode the h1s subscriber when known
|
|
- MINOR: mux-fcgi: make the "show fd" helper also decode the fstrm subscriber when known
|
|
- CI: Pin VTest to a known good commit
|
|
- MINOR: cli: give the show_fd helpers the ability to report a suspicious entry
|
|
- MINOR: cli/show_fd: report some easily detectable suspicious states
|
|
- MINOR: ssl/show_fd: report some FDs as suspicious when possible
|
|
- MINOR: mux-h2/show_fd: report as suspicious an entry with too many calls
|
|
- MINOR: mux-h1/show_fd: report as suspicious an entry with too many calls
|
|
- BUG/MINOR: mworker: define _GNU_SOURCE for strsignal()
|
|
- BUG/MEDIUM: tcpcheck: Don't destroy connection in the wake callback context
|
|
- BUG/MEDIUM: mux-h2: Xfer rxbuf to the upper layer when creating a front stream
|
|
- MINOR: http: Add HTTP 501-not-implemented error message
|
|
- MINOR: muxes: Add exit status for errors about not implemented features
|
|
- MINOR: mux-h1: Be prepared to return 501-not-implemented error during parsing
|
|
- MEDIUM: mux-h1: Return a 501-not-implemented for upgrade requests with a body
|
|
- DOC: Remove space after comma in converter signature
|
|
- DOC: Rename '<var name>' to '<var>' in converter signature
|
|
- MINOR: stats: duplicate 3 fields in bytes in info
|
|
- MINOR: stats: add new start time field
|
|
- MINOR: contrib/prometheus-exporter: merge info description from stats
|
|
- MEDIUM: stats: allow to select one field in `stats_fill_fe_stats`
|
|
- MINOR: contrib/prometheus-exporter: use fill_fe_stats for frontend dump
|
|
- MINOR: contrib/prometheus-exporter: Don't needlessly set empty label for metrics
|
|
- MINOR: contrib/prometheus-exporter: Split the PROMEX_FL_STATS_METRIC flag
|
|
- MINOR: contrib/prometheus-exporter: Add promex_metric struct defining a metric
|
|
- MEDIUM: contrib/prometheus-exporter: Rework matrices defining Promex metrics
|
|
- BUG/MINOR: stream: Don't update counters when TCP to H2 upgrades are performed
|
|
- BUG/MEDIUM: mux-h2: fix read0 handling on partial frames
|
|
- MINOR: debug: always export the my_backtrace function
|
|
- MINOR: debug: extract the backtrace dumping code to its own function
|
|
- MINOR: debug: create ha_backtrace_to_stderr() to dump an instant backtrace
|
|
- MEDIUM: debug: now always print a backtrace on CRASH_NOW() and friends
|
|
- MINOR: debug: let ha_dump_backtrace() dump a bit further for some callers
|
|
- BUILD: debug: fix build warning by consuming the write() result
|
|
- MINOR: lua: remove unused variable
|
|
- BUILD/MINOR: lua: define _GNU_SOURCE for LLONG_MAX
|
|
|
|
2021/01/06 : 2.4-dev5
|
|
- BUG/MEDIUM: mux_h2: Add missing braces in h2_snd_buf()around trace+wakeup
|
|
- BUILD: hpack: hpack-tbl-t.h uses VAR_ARRAY but does not include compiler.h
|
|
- MINOR: time: increase the minimum wakeup interval to 60s
|
|
- MINOR: check: do not ignore a connection header for http-check send
|
|
- REGTESTS: complete http-check test
|
|
- CI: travis-ci: drop coverity scan builds
|
|
- MINOR: atomic: don't use ; to separate instruction on aarch64.
|
|
- IMPORT: xxhash: update to v0.8.0 that introduces stable XXH3 variant
|
|
- MEDIUM: xxhash: use the XXH3 functions to generate 64-bit hashes
|
|
- MEDIUM: xxhash: use the XXH_INLINE_ALL macro to inline all functions
|
|
- CLEANUP: xxhash: remove the unused src/xxhash.c
|
|
- MINOR: sample: add the xxh3 converter
|
|
- REGTESTS: add tests for the xxh3 converter
|
|
- MINOR: protocol: Create proto_quic QUIC protocol layer.
|
|
- MINOR: connection: Attach a "quic_conn" struct to "connection" struct.
|
|
- MINOR: quic: Redefine control layer callbacks which are QUIC specific.
|
|
- MINOR: ssl_sock: Initialize BIO and SSL objects outside of ssl_sock_init()
|
|
- MINOR: connection: Add a new xprt to connection.
|
|
- MINOR: ssl: Export definitions required by QUIC.
|
|
- MINOR: cfgparse: Do not modify the QUIC xprt when parsing "ssl".
|
|
- MINOR: tools: Add support for QUIC addresses parsing.
|
|
- MINOR: quic: Add definitions for QUIC protocol.
|
|
- MINOR: quic: Import C source code files for QUIC protocol.
|
|
- MINOR: listener: Add QUIC info to listeners and receivers.
|
|
- MINOR: server: Add QUIC definitions to servers.
|
|
- MINOR: ssl: SSL CTX initialization modifications for QUIC.
|
|
- MINOR: ssl: QUIC transport parameters parsing.
|
|
- MINOR: quic: QUIC socket management finalization.
|
|
- MINOR: cfgparse: QUIC default server transport parameters init.
|
|
- MINOR: quic: Enable the compilation of QUIC modules.
|
|
- MAJOR: quic: Make usage of ebtrees to store QUIC ACK ranges.
|
|
- MINOR: quic: Attempt to make trace more readable
|
|
- MINOR: quic: Make usage of the congestion control window.
|
|
- MINOR: quic: Flag RX packet as ack-eliciting from the generic parser.
|
|
- MINOR: quic: Code reordering to help in reviewing/modifying.
|
|
- MINOR: quic: Add traces to congestion avoidance NewReno callback.
|
|
- MINOR: quic: Display the SSL alert in ->ssl_send_alert() callback.
|
|
- MINOR: quic: Update the initial salt to that of draft-29.
|
|
- MINOR: quic: Add traces for in flght ack-eliciting packet counter.
|
|
- MINOR: quic: make a packet build fails when qc_build_frm() fails.
|
|
- MINOR: quic: Add traces for quic_packet_encrypt().
|
|
- MINOR: cache: Refactoring of secondary_key building functions
|
|
- MINOR: cache: Avoid storing responses whose secondary key was not correctly calculated
|
|
- BUG/MINOR: cache: Manage multiple headers in accept-encoding normalization
|
|
- MINOR: cache: Add specific secondary key comparison mechanism
|
|
- MINOR: http: Add helper functions to trim spaces and tabs
|
|
- MEDIUM: cache: Manage a subset of encodings in accept-encoding normalizer
|
|
- REGTESTS: cache: Simplify vary.vtc file
|
|
- REGTESTS: cache: Add a specific test for the accept-encoding normalizer
|
|
- MINOR: cache: Remove redundant test in http_action_req_cache_use
|
|
- MINOR: cache: Replace the "process-vary" option's expected values
|
|
- CI: GitHub Actions: enable daily Coverity scan
|
|
- BUG/MEDIUM: cache: Fix hash collision in `accept-encoding` handling for `Vary`
|
|
- MEDIUM: stick-tables: Add srvkey option to stick-table
|
|
- REGTESTS: add test for stickiness using "srvkey addr"
|
|
- BUILD: Makefile: disable -Warray-bounds until it's fixed in gcc 11
|
|
- BUG/MINOR: sink: Return an allocation failure in __sink_new if strdup() fails
|
|
- BUG/MINOR: lua: Fix memory leak error cases in hlua_config_prepend_path
|
|
- MINOR: lua: Use consistent error message 'memory allocation failed'
|
|
- CLEANUP: Compare the return value of `XXXcmp()` functions with zero
|
|
- CLEANUP: Apply the coccinelle patch for `XXXcmp()` on include/
|
|
- CLEANUP: Apply the coccinelle patch for `XXXcmp()` on contrib/
|
|
- MINOR: qpack: Add static header table definitions for QPACK.
|
|
- CLEANUP: qpack: Wrong comment about the draft for QPACK static header table.
|
|
- CLEANUP: quic: Remove useless QUIC event trace definitions.
|
|
- BUG/MINOR: quic: Possible CRYPTO frame building errors.
|
|
- MINOR: quic: Pass quic_conn struct to frame parsers.
|
|
- BUG/MINOR: quic: Wrong STREAM frames parsing.
|
|
- MINOR: quic: Drop packets with STREAM frames with wrong direction.
|
|
- CLEANUP: ssl: Remove useless loop in tlskeys_list_get_next()
|
|
- CLEANUP: ssl: Remove useless local variable in tlskeys_list_get_next()
|
|
- MINOR: ssl: make tlskeys_list_get_next() take a list element
|
|
- Revert "BUILD: Makefile: disable -Warray-bounds until it's fixed in gcc 11"
|
|
- BUG/MINOR: cfgparse: Fail if the strdup() for `rule->be.name` for `use_backend` fails
|
|
- CLEANUP: mworker: remove duplicate pointer tests in cfg_parse_program()
|
|
- CLEANUP: Reduce scope of `header_name` in http_action_store_cache()
|
|
- CLEANUP: Reduce scope of `hdr_age` in http_action_store_cache()
|
|
- CLEANUP: spoe: fix typo on `var_check_arg` comment
|
|
- BUG/MINOR: tcpcheck: Report a L7OK if the last evaluated rule is a send rule
|
|
- CI: github actions: build several popular "contrib" tools
|
|
- DOC: Improve the message printed when running `make` w/o `TARGET`
|
|
- BUG/MEDIUM: server: srv_set_addr_desc() crashes when a server has no address
|
|
- REGTESTS: add unresolvable servers to srvkey-addr
|
|
- BUG/MINOR: stats: Make stat_l variable used to dump a stat line thread local
|
|
- BUG/MINOR: quic: NULL pointer dereferences when building post handshake frames.
|
|
- SCRIPTS: improve announce-release to support different tag and versions
|
|
- SCRIPTS: make announce release support preparing announces before tag exists
|
|
- CLEANUP: assorted typo fixes in the code and comments
|
|
- BUG/MINOR: srv: do not init address if backend is disabled
|
|
- BUG/MINOR: srv: do not cleanup idle conns if pool max is null
|
|
- CLEANUP: assorted typo fixes in the code and comments
|
|
- CLEANUP: few extra typo and fixes over last one ("ot" -> "to")
|
|
|
|
2020/12/21 : 2.4-dev4
|
|
- BUG/MEDIUM: lb-leastconn: Reposition a server using the right eweight
|
|
- BUG/MEDIUM: mux-h1: Fix a deadlock when a 408 error is pending for a client
|
|
- BUG/MEDIUM: ssl/crt-list: bad behavior with "commit ssl cert"
|
|
- BUG/MAJOR: cache: Crash because of disabled entry not removed from the tree
|
|
- BUILD: SSL: fine guard for SSL_CTX_add_server_custom_ext call
|
|
- MEDIUM: cache: Add a secondary entry counter and insertion limitation
|
|
- MEDIUM: cache: Avoid going over duplicates lists too often
|
|
- MINOR: cache: Add a max-secondary-entries cache option
|
|
- CI: cirrus: drop CentOS 6 builds
|
|
- BUILD: Makefile: have "make clean" destroy .o/.a/.s in contrib subdirs as well
|
|
- MINOR: vars: replace static functions with global ones
|
|
- MINOR: opentracing: add ARGC_OT enum
|
|
- CONTRIB: opentracing: add the OpenTracing filter
|
|
- DOC: opentracing: add the OpenTracing filter section
|
|
- REGTESTS: make use of HAPROXY_ARGS and pass -dM by default
|
|
- BUG/MINOR: http: Establish a tunnel for all 2xx responses to a CONNECT
|
|
- BUG/MINOR: mux-h1: Don't set CS_FL_EOI too early for protocol upgrade requests
|
|
- BUG/MEDIUM: http-ana: Never for sending data in TUNNEL mode
|
|
- CLEANUP: mux-h2: Rename h2s_frt_make_resp_data() to be generic
|
|
- CLEANUP: mux-h2: Rename h2c_frt_handle_data() to be generic
|
|
- BUG/MEDIUM: mux-h1: Handle h1_process() failures on a pipelined request
|
|
- CLEANUP: debug: mark the RNG's seed as unsigned
|
|
- CONTRIB: halog: fix build issue caused by %L printf format
|
|
- CONTRIB: halog: mark the has_zero* functions unused
|
|
- CONTRIB: halog: fix signed/unsigned build warnings on counts and timestamps
|
|
- CONTRIB: debug: address "poll" utility build on non-linux platforms
|
|
- BUILD: plock: remove dead code that causes a warning in gcc 11
|
|
- BUILD: ssl: fine guard for SSL_CTX_get0_privatekey call
|
|
- BUG/MINOR: dns: SRV records ignores duplicated AR records
|
|
- DOC: fix "smp_size" vs "sample_size" in "log" directive arguments
|
|
- CLEANUP: assorted typo fixes in the code and comments
|
|
- DOC: assorted typo fixes in the documentation
|
|
- CI: codespell: whitelist "te" and "nd" words
|
|
|
|
2020/12/11 : 2.4-dev3
|
|
- MINOR: log: Logging HTTP path only with %HPO
|
|
- BUG/MINOR: mux-h2/stats: make stream/connection proto errors more accurate
|
|
- MINOR: traces: add a new level "error" below the "user" level
|
|
- MINOR: mux-h2/trace: add traces at level ERROR for protocol errors
|
|
- BUG/MINOR: mux-h2/stats: not all GOAWAY frames are errors
|
|
- BUG/MINOR: lua: missing "\n" in error message
|
|
- BUG/MINOR: lua: lua-load doesn't check its parameters
|
|
- BUG/MINOR: lua: Post init register function are not executed beyond the first one
|
|
- BUG/MINOR: lua: Some lua init operation are processed unsafe
|
|
- MINOR: actions: Export actions lookup functions
|
|
- MINOR: actions: add a function returning a service pointer from its name
|
|
- MINOR: cli: add a function to look up a CLI service description
|
|
- BUG/MINOR: lua: warn when registering action, conv, sf, cli or applet multiple times
|
|
- MINOR: cache: Improve accept_encoding_normalizer
|
|
- MINOR: cache: Add entry to the tree as soon as possible
|
|
- BUG/MINOR: trace: Wrong displayed trace level
|
|
- BUG/MAJOR: ring: tcp forward on ring can break the reader counter.
|
|
- MINOR: lua: simplify hlua_alloc() to only rely on realloc()
|
|
- MEDIUM: lua-thread: use atomics for memory accounting
|
|
- MINOR: lua-thread: remove struct hlua from function hlua_prepend_path()
|
|
- MEDIUM: lua-thread: make hlua_post_init() no longer use the runtime execution function
|
|
- MINOR: lua-thread: hlua_ctx_renew() is never called with main gL lua state
|
|
- MINOR: lua-thread: Use NULL context for main lua state
|
|
- MINOR: lua-thread: Stop usage of struct hlua for the global lua state
|
|
- MINOR: lua-thread: Replace embedded struct hlua_function by a pointer
|
|
- MINOR: lua-thread: Split hlua_init() function in two parts
|
|
- MINOR: lua-thread: make hlua_ctx_init() get L from its caller
|
|
- MINOR: lua-thread: Split hlua_load function in two parts
|
|
- MINOR: lua-thread: Split hlua_post_init() function in two parts
|
|
- MINOR: lua-thread: Add the "thread" core variable
|
|
- MEDIUM: lua-thread: No longer use locked context in initialization parts
|
|
- MEDIUM: lua-thread: Apply lock only if the parent state is the main thread
|
|
- MINOR: lua-thread: Replace global gL var with an array of states
|
|
- MINOR: lua-thread: Replace "struct hlua_function" allocation by dedicated function
|
|
- MINOR: lua-thread: Replace state_from by state_id
|
|
- MINOR: lua-thread: Store each function reference and init reference in array
|
|
- MEDIUM: lua-thread: Add the lua-load-per-thread directive
|
|
- MINOR: lua-thread: Add verbosity in errors
|
|
- REGTESTS: add a test for the threaded Lua code
|
|
- BUILD/MINOR: haproxy DragonFlyBSD affinity build update.
|
|
- DOC/MINOR: Fix formatting in Management Guide
|
|
- MINOR: cache: Do not store stale entry
|
|
- MINOR: cache: Add extra "cache-control" value checks
|
|
- MEDIUM: cache: Remove cache entry in case of POST on the same resource
|
|
- MINOR: cache: Consider invalid Age values as stale
|
|
- BUG/MEDIUM: lua-thread: some parts must be initialized once
|
|
- BUG/MINOR: lua-thread: close all states on deinit
|
|
- BUG/MINOR: listener: use sockaddr_in6 for IPv6
|
|
- BUG/MINOR: mux-h1: Handle keep-alive timeout for idle frontend connections
|
|
- MINOR: session: Add the idle duration field into the session
|
|
- MINOR: mux-h1: Update session idle duration when data are received
|
|
- MINOR: mux-h1: Reset session dates and durations info when the CS is detached
|
|
- MINOR: logs: Use session idle duration when no stream is provided
|
|
- MINOR: stream: Always get idle duration from the session
|
|
- MINOR: stream: Don't retrieve anymore timing info from the mux csinfo
|
|
- MINOR: mux-h1: Don't provide anymore timing info using cs_info structure
|
|
- MINOR: muxes: Remove get_cs_info callback function now useless
|
|
- MINOR: stream: Pass an optional input buffer when a stream is created
|
|
- MINOR: mux-h1: Add a flag to disable reads to wait opposite side
|
|
- MEDIUM: mux-h1: Use a h1c flag to block reads when splicing is in-progress
|
|
- MINOR: mux-h1: Introduce H1C_F_IS_BACK flag on the H1 connection
|
|
- MINOR: mux-h1: Separate parsing and formatting errors at H1 stream level
|
|
- MINOR: mux-h1: Split front/back h1 stream creation in 2 functions
|
|
- MINOR: mux-h1: Add a rxbuf into the H1 stream
|
|
- MINOR: mux-h1: Don't set CS flags in internal parsing functions
|
|
- MINOR: mux-h1: Add embryonic and attached states on the H1 connection
|
|
- MINOR: mux-h1: rework the h1_timeout_task() function
|
|
- MINOR: mux-h1: Reset more H1C flags when a H1 stream is destroyed
|
|
- MINOR: mux-h1: Disable reads if an error was reported on the H1 stream
|
|
- MINOR: mux-h1: Rework how shutdowns are handled
|
|
- MINOR: mux-h1: Rework h1_refresh_timeout to be easier to read
|
|
- MINOR: mux-h1: Process next request for IDLE connection only
|
|
- MINOR: mux-h1: Add a idle expiration date on the H1 connection
|
|
- MINOR: stick-tables: Add functions to update some values of a tracked counter
|
|
- MINOR: session: Add functions to increase http values of tracked counters
|
|
- MINOR: mux: Add a ctl parameter to get the exit status of the multiplexers
|
|
- MINOR: logs: Get the multiplexer exist status when no stream is provided
|
|
- MINOR: mux-h1: Add functions to send HTTP errors from the mux
|
|
- MAJOR: mux-h1: Create the client stream as later as possible
|
|
- DOC: config: Add notes about errors emitted by H1 mux
|
|
- CLEANUP: mux-h1: Rename H1C_F_CS_* flags and reorder H1C flags
|
|
- MINOR: http-ana: Remove useless update of t_idle duration of the stream
|
|
- CLEANUP: htx: Remove HTX_FL_UPGRADE unsued flag
|
|
- MEDIUM: http-ana: Don't process partial or empty request anymore
|
|
- CLEANUP: http-ana: Remove TX_WAIT_NEXT_RQ unsued flag
|
|
- CLEANUP: connection: Remove CS_FL_READ_PARTIAL flag
|
|
- REGTESTS: Fix proxy_protocol_tlv_validation
|
|
- MINOR: http-ana: Properly set message flags from the start-line flags
|
|
- MINOR: h1-htx/http-ana: Set BODYLESS flag on message in TUNNEL state
|
|
- MINOR: protocol: add a ->set_port() helper to address families
|
|
- MINOR: listener: automatically set the port when creating listeners
|
|
- MINOR: listener: now use a generic add_listener() function
|
|
- MEDIUM: ssl: fatal error with bundle + openssl < 1.1.1
|
|
- BUG/MEDIUM: stream: Xfer the input buffer to a fully created stream
|
|
- BUG/MINOR: stream: Don't use input buffer after the ownership xfer
|
|
- MINOR: protocol: remove the redundant ->sock_domain field
|
|
- MINOR: protocol: export protocol definitions
|
|
- CLEANUP: protocol: group protocol struct members by usage
|
|
- MINOR: protocol: add a set of ctrl_init/ctrl_close methods for setup/teardown
|
|
- MINOR: connection: use the control layer's init/close
|
|
- MINOR: udp: export udp_suspend_receiver() and udp_resume_receiver()
|
|
- BUG/MAJOR: spoa/python: Fixing return None
|
|
- DOC: spoa/python: Fixing typo in IP related error messages
|
|
- DOC: spoa/python: Rephrasing memory related error messages
|
|
- DOC: spoa/python: Fixing typos in comments
|
|
- BUG/MINOR: spoa/python: Cleanup references for failed Module Addobject operations
|
|
- BUG/MINOR: spoa/python: Cleanup ipaddress objects if initialization fails
|
|
- BUG/MEDIUM: spoa/python: Fixing PyObject_Call positional arguments
|
|
- BUG/MEDIUM: spoa/python: Fixing references to None
|
|
- DOC: email change of the DeviceAtlas maintainer
|
|
- MINOR: cache: Dump secondary entries in "show cache"
|
|
- CLEANUP: connection: use fd_stop_both() instead of conn_stop_polling()
|
|
- MINOR: stream-int: don't touch polling anymore on shutdown
|
|
- MINOR: connection: implement cs_drain_and_close()
|
|
- MINOR: mux-pt: take care of CS_SHR_DRAIN in shutr()
|
|
- MINOR: checks: use cs_drain_and_close() instead of draining the connection
|
|
- MINOR: checks: don't call conn_cond_update_polling() anymore
|
|
- CLEANUP: connection: open-code conn_cond_update_polling() and update the comment
|
|
- CLEANUP: connection: remove the unused conn_{stop,cond_update}_polling()
|
|
- BUG/MINOR: http-check: Use right condition to consider HTX message as full
|
|
- BUG/MINOR: tcpcheck: Don't rearm the check timeout on each read
|
|
- MINOR: tcpcheck: Only wait for more payload data on HTTP expect rules
|
|
- BUG/MINOR: tools: make parse_time_err() more strict on the timer validity
|
|
- BUG/MINOR: tools: Reject size format not starting by a digit
|
|
- MINOR: action: define enum for timeout type of the set-timeout rule
|
|
- MINOR: stream: prepare the hot refresh of timeouts
|
|
- MEDIUM: stream: support a dynamic server timeout
|
|
- MEDIUM: stream: support a dynamic tunnel timeout
|
|
- MEDIUM: http_act: define set-timeout server/tunnel action
|
|
- MINOR: frontend: add client timeout sample fetch
|
|
- MINOR: backend: add timeout sample fetches
|
|
- MINOR: stream: add sample fetches
|
|
- MINOR: stream: add timeout sample fetches
|
|
- REGTESTS: add regtest for http-request set-timeout
|
|
- CLEANUP: remove the unused fd_stop_send() in conn_xprt_shutw{,_hard}()
|
|
- CLEANUP: connection: remove the unneeded fd_stop_{recv,send} on read0/shutw
|
|
- MINOR: connection: remove sock-specific code from conn_sock_send()
|
|
- REORG: connection: move the socket iocb (conn_fd_handler) to sock.c
|
|
- MINOR: protocol: add a ->drain() function at the connection control layer
|
|
- MINOR: connection: make conn_sock_drain() use the control layer's ->drain()
|
|
- MINOR: protocol: add a pair of check_events/ignore_events functions at the ctrl layer
|
|
- MEDIUM: connection: make use of the control layer check_events/ignore_events
|
|
|
|
2020/12/01 : 2.4-dev2
|
|
- BUILD: Make DEBUG part of .build_opts
|
|
- BUILD: Show the value of DEBUG= in haproxy -vv
|
|
- CI: Set DEBUG=-DDEBUG_STRICT=1 in GitHub Actions
|
|
- MINOR: stream: Add level 7 retries on http error 401, 403
|
|
- CLEANUP: remove unused function "ssl_sock_is_ckch_valid"
|
|
- BUILD: SSL: add BoringSSL guarding to "RAND_keep_random_devices_open"
|
|
- BUILD: SSL: do not "update" BoringSSL version equivalent anymore
|
|
- BUG/MEDIUM: http_act: Restore init of log-format list
|
|
- DOC: better describes how to configure a fallback crt
|
|
- BUG/MAJOR: filters: Always keep all offsets up to date during data filtering
|
|
- MINOR: cache: Prepare helper functions for Vary support
|
|
- MEDIUM: cache: Add the Vary header support
|
|
- MINOR: cache: Add a process-vary option that can enable/disable Vary processing
|
|
- BUG/CRITICAL: cache: Fix trivial crash by sending accept-encoding header
|
|
- BUG/MAJOR: peers: fix partial message decoding
|
|
- DOC: cache: Add new caching limitation information
|
|
- DOC: cache: Add information about Vary support
|
|
- DOC: better document the config file format and escaping/quoting rules
|
|
- DOC: Clarify %HP description in log-format
|
|
- CI: github actions: update LibreSSL to 3.3.0
|
|
- CI: github actions: enable 51degrees feature
|
|
- MINOR: fd/threads: silence a build warning with threads disabled
|
|
- BUG/MINOR: tcpcheck: Don't forget to reset tcp-check flags on new kind of check
|
|
- MINOR: tcpcheck: Don't handle anymore in-progress send rules in tcpcheck_main
|
|
- BUG/MAJOR: tcpcheck: Allocate input and output buffers from the buffer pool
|
|
- MINOR: tcpcheck: Don't handle anymore in-progress connect rules in tcpcheck_main
|
|
- MINOR: config: Deprecate and ignore tune.chksize global option
|
|
- MINOR: config: Add a warning if tune.chksize is used
|
|
- REORG: tcpcheck: Move check option parsing functions based on tcp-check
|
|
- MINOR: check: Always increment check health counter on CONPASS
|
|
- MINOR: tcpcheck: Add support of L7OKC on expect rules error-status argument
|
|
- DOC: config: Make disable-on-404 option clearer on transition conditions
|
|
- DOC: config: Move req.hdrs and req.hdrs_bin in L7 samples fetches section
|
|
- BUG/MINOR: http-fetch: Fix smp_fetch_body() when called from a health-check
|
|
- MINOR: plock: use an ARMv8 instruction barrier for the pause instruction
|
|
- MINOR: debug: add "debug dev sched" to stress the scheduler.
|
|
- MINOR: debug: add a trivial PRNG for scheduler stress-tests
|
|
- BUG/MEDIUM: lists: Lock the element while we check if it is in a list.
|
|
- MINOR: task: remove tasklet_insert_into_tasklet_list()
|
|
- MINOR: task: perform atomic counter increments only once per wakeup
|
|
- MINOR: task: remove __tasklet_remove_from_tasklet_list()
|
|
- BUG/MEDIUM: task: close a possible data race condition on a tasklet's list link
|
|
- BUG/MEDIUM: local log format regression.
|
|
|
|
2020/11/21 : 2.4-dev1
|
|
- MINOR: ist: Add istend() function to return a pointer to the end of the string
|
|
- MINOR: sample: Add converters to parse FIX messages
|
|
- REGTEST: converter: Add a regtest for fix converters
|
|
- MINOR: sample: Add converts to parses MQTT messages
|
|
- REGTEST: converter: Add a regtest for MQTT converters
|
|
- MINOR: compat: automatically include malloc.h on glibc
|
|
- MEDIUM: pools: call malloc_trim() from pool_gc()
|
|
- MEDIUM: pattern: call malloc_trim() on pat_ref_reload()
|
|
- MINOR: pattern: move the update revision to the pat_ref, not the expression
|
|
- CLEANUP: pattern: delete the back refs at once during pat_ref_reload()
|
|
- MINOR: pattern: new sflag PAT_SF_REGFREE indicates regex_free() is needed
|
|
- MINOR: pattern: make the delete and prune functions more generic
|
|
- MEDIUM: pattern: link all final elements from the reference
|
|
- MEDIUM: pattern: change the pat_del_* functions to delete from the references
|
|
- MINOR: pattern: remerge the list and tree deletion functions
|
|
- MINOR: pattern: perform a single call to pat_delete_gen() under the expression
|
|
- CLEANUP: acl: don't reference the generic pattern deletion function anymore
|
|
- CLEANUP: pattern: remove pat_delete_fcts[] and pattern_head->delete()
|
|
- MINOR: pattern: introduce pat_ref_delete_by_ptr() to delete a valid reference
|
|
- MINOR: pattern: store a generation number in the reference patterns
|
|
- MEDIUM: pattern: only match patterns that match the current generation
|
|
- MINOR: pattern: add pat_ref_commit() to commit a previously inserted element
|
|
- MINOR: pattern: implement pat_ref_load() to load a pattern at a given generation
|
|
- MINOR: pattern: add pat_ref_purge_older() to purge old entries
|
|
- MEDIUM: pattern: make pat_ref_prune() rely on pat_ref_purge_older()
|
|
- MINOR: pattern: during reload, delete elements frem the ref, not the expression
|
|
- MINOR: pattern: prepare removal of a pattern from the list head
|
|
- MEDIUM: pattern: turn the pattern chaining to single-linked list
|
|
- CLEANUP: cfgparse: remove duplicate registration for transparent build options
|
|
- BUG/MINOR: ssl: don't report 1024 bits DH param load error when it's higher
|
|
- MINOR: http-htx: Add understandable errors for the errorfiles parsing
|
|
- MINOR: ssl: instantiate stats module
|
|
- MINOR: ssl: count client hello for stats
|
|
- MINOR: ssl: add counters for ssl sessions
|
|
- DOC: config: Fix a typo on ssl_c_chain_der
|
|
- MINOR: server: remove idle lock in srv_cleanup_connections
|
|
- BUILD: ssl: silence build warning on uninitialised counters
|
|
- BUILD: http-htx: fix build warning regarding long type in printf
|
|
- REGTEST: ssl: test wildcard and multi-type + exclusions
|
|
- BUG/MEDIUM: ssl/crt-list: correctly insert crt-list line if crt already loaded
|
|
- CI: Expand use of GitHub Actions for CI
|
|
- REGTEST: ssl: mark reg-tests/ssl/ssl_crt-list_filters.vtc as broken
|
|
- BUG/MINOR: pattern: a sample marked as const could be written
|
|
- BUG/MINOR: lua: set buffer size during map lookups
|
|
- MEDIUM: cache: Change caching conditions
|
|
- BUG/MINOR: stats: free dynamically stats fields/lines on shutdown
|
|
- BUG/MEDIUM: stats: prevent crash if counters not alloc with dummy one
|
|
- MINOR: peers: Add traces to peer_treat_updatemsg().
|
|
- BUG/MINOR: peers: Do not ignore a protocol error for dictionary entries.
|
|
- BUG/MINOR: peers: Missing TX cache entries reset.
|
|
- BUG/MEDIUM: peers: fix decoding of multi-byte length in stick-table messages
|
|
- BUG/MINOR: http-fetch: Extract cookie value even when no cookie name
|
|
- BUG/MINOR: http-fetch: Fix calls w/o parentheses of the cookie sample fetches
|
|
- BUG/MEDIUM: check: reuse srv proto only if using same mode
|
|
- MINOR: check: report error on incompatible proto
|
|
- MINOR: check: report error on incompatible connect proto
|
|
- BUG/MINOR: http-htx: Handle warnings when parsing http-error and http-errors
|
|
- BUG/MAJOR: spoe: Be sure to remove all references on a released spoe applet
|
|
- MINOR: spoe: Don't close connection in sync mode on processing timeout
|
|
- BUG/MINOR: tcpcheck: Don't warn on unused rules if check option is after
|
|
- MINOR: init: Fix the prototype for per-thread free callbacks
|
|
- MINOR: config/mux-h2: Return ERR_ flags from init_h2() instead of a status
|
|
- CLEANUP: config: Return ERR_NONE from config callbacks instead of 0
|
|
- MINOR: cfgparse: tighten the scope of newnameserver variable, free it on error.
|
|
- REGTEST: make ssl_client_samples and ssl_server_samples require to 2.2
|
|
- REGTESTS: Add sample_fetches/cook.vtc
|
|
- BUG/MEDIUM: filters: Forward all filtered data at the end of http filtering
|
|
- BUG/MINOR: http-ana: Don't wait for the body of CONNECT requests
|
|
- CLEANUP: flt-trace: Remove unused random-parsing option
|
|
- MINOR: flt-trace: Add an option to inhibits trace messages
|
|
- MINOR: flt-trace: Use a bitfield for the trace options
|
|
- REGTESTS: Add a script to test the random forwarding with several filters
|
|
- REGTESTS: mark the abns test as broken again
|
|
- REGTESTS: converter: add url_dec test
|
|
- CI: Stop hijacking the hosts file
|
|
- CI: Make the h2spec workflow more consistent with the VTest workflow
|
|
- CI: travis-ci: remove amd64, osx builds
|
|
- CI: travis-ci: arm64 are not allowed to fail anymore
|
|
- DOC: add missing 3.10 in the summary
|
|
- MINOR: ssl: remove client hello counters
|
|
- MEDIUM: stats: add counters for failed handshake
|
|
- MINOR: ssl: create common ssl_ctx init
|
|
- MEDIUM: cli/ssl: configure ssl on server at runtime
|
|
- REGTEST: server/cli_set_ssl.vtc requires OpenSSL
|
|
- DOC: coding-style: update a few rules about pointers
|
|
- BUG/MINOR: ssl: segv on startup when AKID but no keyid
|
|
- BUILD: ssl: use SSL_MODE_ASYNC macro instead of OPENSSL_VERSION
|
|
- BUG/MEDIUM: http-ana: Don't eval http-after-response ruleset on empty messages
|
|
- BUG/MEDIUM: ssl/crt-list: bundle support broken in crt-list
|
|
- BUG/MEDIUM: ssl: error when no certificate are found
|
|
- BUG/MINOR: ssl/crt-list: load bundle in crt-list only if activated
|
|
- BUG/MEDIUM: ssl/crt-list: fix error when no file found
|
|
- CI: Github Actions: enable prometheus exporter
|
|
- CI: Github Actions: remove LibreSSL-3.0.2 builds
|
|
- CI: Github Actions: enable BoringSSL builds
|
|
- CI: travis-ci: remove builds migrated to GH actions
|
|
- BUILD: makefile: enable crypt(3) for OpenBSD
|
|
- CI: Github Action: run "apt-get update" before packages restore
|
|
- BUILD: SSL: guard TLS13 ciphersuites with HAVE_SSL_CTX_SET_CIPHERSUITES
|
|
- CI: Pass the github.event_name to matrix.py
|
|
- CI: Clean up Windows CI
|
|
- DOC: clarify how to create a fallback crt
|
|
- CLEANUP: connection: do not use conn->owner when the session is known
|
|
- BUG/MAJOR: connection: reset conn->owner when detaching from session list
|
|
- REGTESTS: mark proxy_protocol_random_fail as broken
|
|
- BUG/MINOR: http_htx: Fix searching headers by substring
|
|
- MINOR: http_act: Add -m flag for del-header name matching method
|
|
|
|
2020/11/05 : 2.4-dev0
|
|
- MINOR: version: it's development again.
|
|
- DOC: mention in INSTALL that it's development again
|
|
|
|
2020/11/05 : 2.3.0
|
|
- CLEANUP: pattern: remove unused entry "tree" in pattern.val
|
|
- BUILD: ssl: use SSL_CTRL_GET_RAW_CIPHERLIST instead of OpenSSL versions
|
|
- BUG/MEDIUM: filters: Don't try to init filters for disabled proxies
|
|
- BUG/MINOR: proxy/server: Skip per-proxy/server post-check for disabled proxies
|
|
- BUG/MINOR: checks: Report a socket error before any connection attempt
|
|
- BUG/MINOR: server: Set server without addr but with dns in RMAINT on startup
|
|
- MINOR: server: Copy configuration file and line for server templates
|
|
- BUG/MEDIUM: mux-pt: Release the tasklet during an HTTP upgrade
|
|
- BUILD: ssl: use HAVE_OPENSSL_KEYLOG instead of OpenSSL versions
|
|
- MINOR: debug: don't count free(NULL) in memstats
|
|
- BUG/MINOR: filters: Skip disabled proxies during startup only
|
|
- MINOR: mux_h2: capitalize frame type in stats
|
|
- MINOR: mux_h2: add stat for total count of connections/streams
|
|
- MINOR: stats: do not display empty stat module title on html
|
|
- BUG/MEDIUM: stick-table: limit the time spent purging old entries
|
|
- BUG/MEDIUM: listener: only enable a listening listener if needed
|
|
- BUG/MEDIUM: listener: never suspend inherited sockets
|
|
- BUG/MEDIUM: listener: make the master also keep workers' inherited FDs
|
|
- MINOR: fd: add fd_want_recv_safe()
|
|
- MEDIUM: listeners: make use of fd_want_recv_safe() to enable early receivers
|
|
- REGTESTS: mark abns_socket as working now
|
|
- CLEANUP: mux-h2: Remove the h1 parser state from the h2 stream
|
|
- MINOR: sock: add a check against cross worker<->master socket activities
|
|
- CI: github actions: limit OpenSSL no-deprecated builds to "default,bug,devel" reg-tests
|
|
- BUG/MEDIUM: server: make it possible to kill last idle connections
|
|
- MINOR: mworker/cli: the master CLI use its own applet
|
|
- MINOR: ssl: define SSL_CTX_set1_curves_list to itself on BoringSSL
|
|
- BUILD: ssl: use feature macros for detecting ec curves manipulation support
|
|
- DOC: Add dns as an available domain to show stat
|
|
- BUILD: makefile: usual reorder of objects for faster builds
|
|
- DOC: update INSTALL to mention that TCC is supported
|
|
- DOC: mention in INSTALL that haproxy 2.3 is a stable version
|
|
- MINOR: version: mention that it's stable now
|
|
|
|
2020/10/31 : 2.3-dev9
|
|
- CLEANUP: http_ana: remove unused assignation of `att_beg`
|
|
- BUG/MEDIUM: ssl: OCSP must work with BoringSSL
|
|
- BUG/MINOR: log: fix memory leak on logsrv parse error
|
|
- BUG/MINOR: log: fix risk of null deref on error path
|
|
- BUILD: ssl: more elegant OpenSSL early data support check
|
|
- CI: github actions: update h2spec to 2.6.0
|
|
- BUG/MINOR: cache: Check the return value of http_replace_res_status
|
|
- MINOR: cache: Store the "Last-Modified" date in the cache_entry
|
|
- MINOR: cache: Process the If-Modified-Since header in conditional requests
|
|
- MINOR: cache: Create res.cache_hit and res.cache_name sample fetches
|
|
- MINOR: mux-h2: register a stats module
|
|
- MINOR: mux-h2: add counters instance to h2c
|
|
- MINOR: mux-h2: add stats for received frame types
|
|
- MINOR: mux-h2: report detected error on stats
|
|
- MINOR: mux-h2: count open connections/streams on stats
|
|
- BUG/MINOR: server: fix srv downtime calcul on starting
|
|
- BUG/MINOR: server: fix down_time report for stats
|
|
- BUG/MINOR: lua: initialize sample before using it
|
|
- MINOR: cache: Add Expires header value parsing
|
|
- MINOR: ist: Add a case insensitive istmatch function
|
|
- BUG/MINOR: cache: Manage multiple values in cache-control header value
|
|
- BUG/MINOR: cache: Inverted variables in http_calc_maxage function
|
|
- MINOR: pattern: make pat_ref_append() return the newly added element
|
|
- MINOR: pattern: make pat_ref_add() rely on pat_ref_append()
|
|
- MINOR: pattern: export pat_ref_push()
|
|
- CLEANUP: pattern: use calloc() rather than malloc for structures
|
|
- CLEANUP: pattern: fix spelling/grammatical/copy-paste in comments
|
|
|
|
2020/10/24 : 2.3-dev8
|
|
- MINOR: backend: replace the lbprm lock with an rwlock
|
|
- MINOR: lb/map: use seek lock and read locks where appropriate
|
|
- MINOR: lb/leastconn: only take a read lock in fwlc_get_next_server()
|
|
- MINOR: lb/first: use a read lock in fas_get_next_server()
|
|
- MINOR: lb/chash: use a read lock in chash_get_server_hash()
|
|
- BUG/MINOR: disable dynamic OCSP load with BoringSSL
|
|
- BUILD: ssl: make BoringSSL use its own version numbers
|
|
- CLEANUP: threads: don't register an initcall when not debugging
|
|
- MINOR: threads: change lock_t to an unsigned int
|
|
- CLEANUP: tree-wide: reorder a few structures to plug some holes around locks
|
|
- CLEANUP: task: remove the unused and mishandled global_rqueue_size
|
|
- BUG/MEDIUM: connection: Never cleanup server lists when freeing private conns
|
|
- MEDIUM: config: report that "nbproc" is deprecated
|
|
- BUG/MINOR: listener: close before free in `listener_accept`
|
|
- MINOR: ssl: 'ssl-load-extra-del-ext' removes the certificate extension
|
|
- BUG/MINOR: queue: properly report redistributed connections
|
|
- CONTRIB: tcploop: remove unused local variables in tcp_pause()
|
|
- BUILD: makefile: add entries to build common debugging tools
|
|
- BUG/MEDIUM: server: support changing the slowstart value from state-file
|
|
- MINOR: http: Add `enum etag_type http_get_etag_type(const struct ist)`
|
|
- MINOR: http: Add etag comparison function
|
|
- MEDIUM: cache: Store the ETag information in the cache_entry
|
|
- MEDIUM: cache: Add support for 'If-None-Match' request header
|
|
- REGTEST: cache: Add if-none-match test case
|
|
- CLEANUP: compression: Make use of http_get_etag_type()
|
|
- BUG/MINOR: http-ana: Don't send payload for internal responses to HEAD requests
|
|
- BUG/MAJOR: mux-h2: Don't try to send data if we know it is no longer possible
|
|
- MINOR: threads/debug: only report used lock stats
|
|
- MINOR: threads/debug: only report lock stats for used operations
|
|
- MINOR: proxy; replace the spinlock with an rwlock
|
|
- MINOR: server: read-lock the cookie during srv_set_dyncookie()
|
|
- MINOR: proxy/cli: only take a read lock in "show errors"
|
|
- OPTIM: queue: don't call pendconn_unlink() when the pendconn is not queued
|
|
- MINOR: queue: split __pendconn_unlink() in per-srv and per-prx
|
|
- MINOR: queue: reduce the locked area in pendconn_add()
|
|
- OPTIM: queue: make the nbpend counters atomic
|
|
- OPTIM: queue: decrement the nbpend and totpend counters outside of the lock
|
|
- MINOR: leastconn: take the queue length into account when queuing servers
|
|
- MEDIUM: fwlc: re-enable per-server queuing up to maxqueue
|
|
- Revert "OPTIM: queue: don't call pendconn_unlink() when the pendconn is not queued"
|
|
- MINOR: stats: support the "up" output modifier for "show stat"
|
|
- MINOR: stats: also support a "no-maint" show stat modifier
|
|
- MINOR: stats: indicate the number of servers in a backend's status
|
|
- MEDIUM: ssl: ssl-load-extra-del-ext work only with .crt
|
|
- REGTEST: ssl: test "set ssl cert" with separate key / crt
|
|
- DOC: management: apply the "show stat" modifiers to "show stat", not "show info"
|
|
- MINOR: stats: report server's user-configured weight next to effective weight
|
|
- CI: travis-ci: switch to Ubuntu 20.04
|
|
- CONTRIB: release-estimator: Add release estimating tool
|
|
- BUG/MEDIUM: queue: fix unsafe proxy pointer when counting nbpend
|
|
- BUG/MINOR: extcheck: add missing checks on extchk_setenv()
|
|
|
|
2020/10/17 : 2.3-dev7
|
|
- CI: travis-ci: replace not defined SSL_LIB, SSL_INC for BotringSSL builds
|
|
- BUG/MINOR: init: only keep rlim_fd_cur if max is unlimited
|
|
- BUG/MINOR: mux-h2: do not stop outgoing connections on stopping
|
|
- MINOR: fd: report an error message when failing initial allocations
|
|
- MINOR: proto-tcp: make use of connect(AF_UNSPEC) for the pause
|
|
- MINOR: sock: add sock_accept_conn() to test a listening socket
|
|
- MINOR: protocol: make proto_tcp & proto_uxst report listening sockets
|
|
- MINOR: sockpair: implement the .rx_listening function
|
|
- CLEANUP: tcp: make use of sock_accept_conn() where relevant
|
|
- CLEANUP: unix: make use of sock_accept_conn() where relevant
|
|
- BUG/MINOR: listener: detect and handle shared sockets stopped in other processes
|
|
- CONTRIB: tcploop: implement a disconnect operation 'D'
|
|
- CLEANUP: protocol: intitialize all of the sockaddr when disconnecting
|
|
- BUG/MEDIUM: deinit: check fdtab before fdtab[fd].owner
|
|
- BUG/MINOR: connection: fix loop iter on connection takeover
|
|
- BUG/MEDIUM: connection: fix srv idle count on conn takeover
|
|
- MINOR: connection: improve list api usage
|
|
- MINOR: mux/connection: add a new mux flag for HOL risk
|
|
- MINOR: connection: don't check priv flag on free
|
|
- MEDIUM: backend: add new conn to session if mux marked as HOL blocking
|
|
- MEDIUM: backend: add reused conn to sess if mux marked as HOL blocking
|
|
- MEDIUM: h2: remove conn from session on detach
|
|
- MEDIUM: fcgi: remove conn from session on detach
|
|
- DOC: Describe reuse safe for HOL handling
|
|
- MEDIUM: proxy: remove obsolete "mode health"
|
|
- MEDIUM: proxy: remove obsolete "monitor-net"
|
|
- CLEANUP: protocol: remove the ->drain() function
|
|
- CLEANUP: fd: finally get rid of fd_done_recv()
|
|
- MINOR: connection: make sockaddr_alloc() take the address to be copied
|
|
- MEDIUM: listener: allocate the connection before queuing a new connection
|
|
- MINOR: session: simplify error path in session_accept_fd()
|
|
- MINOR: connection: add new error codes for accept_conn()
|
|
- MINOR: sock: rename sock_accept_conn() to sock_accepting_conn()
|
|
- MINOR: protocol: add a new function accept_conn()
|
|
- MINOR: sock: implement sock_accept_conn() to accept a connection
|
|
- MINOR: sockpair: implement sockpair_accept_conn() to accept a connection
|
|
- MEDIUM: listener: use protocol->accept_conn() to accept a connection
|
|
- MEDIUM: listener: remove the second pass of fd manipulation at the end
|
|
- MINOR: protocol: add a default I/O callback and put it into the receiver
|
|
- MINOR: log: set the UDP receiver's I/O handler in the receiver
|
|
- MINOR: protocol: register the receiver's I/O handler and not the protocol's
|
|
- CLEANUP: protocol: remove the now unused <handler> field of proto_fam->bind()
|
|
- DOC: improve the documentation for "option nolinger"
|
|
- BUG/MEDIUM: proxy: properly stop backends
|
|
- BUG/MEDIUM: task: bound the number of tasks picked from the wait queue at once
|
|
- MINOR: threads: augment rwlock debugging stats to report seek lock stats
|
|
- MINOR: threads: add the transitions to/from the seek state
|
|
- MEDIUM: task: use an upgradable seek lock when scanning the wait queue
|
|
- BUILD: listener: avoir a build warning when threads are disabled
|
|
- BUG/MINOR: peers: Possible unexpected peer seesion reset after collisions.
|
|
- MINOR: ssl: add volatile flags to ssl samples
|
|
- MEDIUM: backend: reuse connection if using a static sni
|
|
- BUG/MEDIUM: spoe: Unset variable instead of set it if no data provided
|
|
- BUG/MEDIUM: mux-h1: Get the session from the H1S when capturing bad messages
|
|
- BUG/MEDIUM: lb: Always lock the server when calling server_{take,drop}_conn
|
|
- DOC: fix typo in MAX_SESS_STKCTR
|
|
|
|
2020/10/10 : 2.3-dev6
|
|
- REGTESTS: use "command" instead of "which" for better POSIX compatibility
|
|
- BUILD: makefile: Update feature flags for OpenBSD
|
|
- DOC: agent-check: fix typo in "fail" word expected reply
|
|
- DOC: crt: advise to move away from cert bundle
|
|
- BUG/MINOR: ssl/crt-list: exit on warning out of crtlist_parse_line()
|
|
- REGTEST: fix host part in balance-uri-path-only.vtc
|
|
- REGTEST: make ssl_client_samples and ssl_server_samples requiret to 2.3
|
|
- REGTEST: the iif converter test requires 2.3
|
|
- REGTEST: make agent-check.vtc require 1.8
|
|
- REGTEST: make abns_socket.vtc require 1.8
|
|
- REGTEST: make map_regm_with_backref require 1.7
|
|
- BUILD: makefile: Update feature flags for FreeBSD
|
|
- OPTIM: backend/random: never queue on the server, always on the backend
|
|
- OPTIM: backend: skip LB when we know the backend is full
|
|
- BUILD: makefile: Fix building with closefrom() support enabled
|
|
- BUILD: makefile: add an EXTRAVERSION variable to ease local naming
|
|
- MINOR: tools: support for word expansion of environment in parse_line
|
|
- BUILD: tools: fix minor build issue on isspace()
|
|
- BUILD: makefile: Enable closefrom() support on Solaris
|
|
- CLEANUP: ssl: Use structured format for error line report during crt-list parsing
|
|
- MINOR: ssl: Add error if a crt-list might be truncated
|
|
- MINOR: ssl: remove uneeded check in crtlist_parse_file
|
|
- BUG/MINOR: Fix several leaks of 'log_tag' in init().
|
|
- DOC: tcp-rules: Refresh details about L7 matching for tcp-request content rules
|
|
- MEDIUM: tcp-rules: Warn if a track-sc* content rule doesn't depend on content
|
|
- BUG/MINOR: tcpcheck: Set socks4 and send-proxy flags before the connect call
|
|
- DOC: ssl: new "cert bundle" behavior
|
|
- BUG/MEDIUM: queue: make pendconn_cond_unlink() really thread-safe
|
|
- CLEANUP: ssl: "bundle" is not an OpenSSL wording
|
|
- MINOR: counters: fix a typo in comment
|
|
- BUG/MINOR: stats: fix validity of the json schema
|
|
- REORG: stats: export some functions
|
|
- MINOR: stats: add stats size as a parameter for csv/json dump
|
|
- MINOR: stats: hide px/sv/li fields in applet struct
|
|
- REORG: stats: extract proxy json dump
|
|
- REORG: stats: extract proxies dump loop in a function
|
|
- MINOR: hlua: Display debug messages on stderr only in debug mode
|
|
- MINOR: stats: define the concept of domain for statistics
|
|
- MINOR: stats: define additional flag px cap on domain
|
|
- MEDIUM: stats: add delimiter for static proxy stats on csv
|
|
- MEDIUM: stats: define an API to register stat modules
|
|
- MEDIUM: stats: add abstract type to store counters
|
|
- MEDIUM: stats: integrate static proxies stats in new stats
|
|
- MINOR: stats: support clear counters for dynamic stats
|
|
- MINOR: stats: display extra proxy stats on the html page
|
|
- MINOR: stats: add config "stats show modules"
|
|
- MINOR: dns/stats: integrate dns counters in stats
|
|
- MINOR: stats: remove for loop declaration
|
|
- DOC: ssl: fix typo about ocsp files
|
|
- BUG/MINOR: peers: Inconsistency when dumping peer status codes.
|
|
- DOC: update INSTALL with supported OpenBSD / FreeBSD versions
|
|
- BUG/MINOR: proto_tcp: Report warning messages when listeners are bound
|
|
- CLEANUP: cache: Fix leak of cconf->c.name during config check
|
|
- CLEANUP: ssl: Release cached SSL sessions on deinit
|
|
- BUG/MINOR: mux-h1: Be sure to only set CO_RFL_READ_ONCE for the first read
|
|
- BUG/MINOR: mux-h1: Always set the session on frontend h1 stream
|
|
- MINOR: mux-h1: Don't wakeup the H1C when output buffer become available
|
|
- CLEANUP: sock-unix: Remove an unreachable goto clause
|
|
- BUG/MINOR: proxy: inc req counter on new syslog messages.
|
|
- BUG/MEDIUM: log: old processes with log foward section don't die on soft stop.
|
|
- MINOR: stats: inc req counter on listeners.
|
|
- MINOR: channel: new getword and getchar functions on channel.
|
|
- MEDIUM: log: syslog TCP support on log forward section.
|
|
- BUG/MINOR: proxy/log: frontend/backend and log forward names must differ
|
|
- DOC: re-work log forward bind statement documentation.
|
|
- DOC: fix a confusing typo on a regsub example
|
|
- BUILD: Add a DragonFlyBSD target
|
|
- BUG/MINOR: makefile: fix a tiny typo in the target list
|
|
- BUILD: makefile: Update feature flags for NetBSD
|
|
- CI: travis-ci: help Coverity to detect BUG_ON() as a real stop
|
|
- DOC: Add missing stats fields in the management doc
|
|
- BUG/MEDIUM: mux-fcgi: Don't handle pending read0 too early on streams
|
|
- BUG/MEDIUM: mux-h2: Don't handle pending read0 too early on streams
|
|
- DOC: Fix typos in configuration.txt
|
|
- BUG/MINOR: http: Fix content-length of the default 500 error
|
|
- BUG/MINOR: http-htx: Expect no body for 204/304 internal HTTP responses
|
|
- REGTESTS: mark abns_socket as broken
|
|
- MEDIUM: fd: always wake up one thread when enabling a foreing FD
|
|
- MEDIUM: listeners: don't bounce listeners management between queues
|
|
- MEDIUM: init: stop disabled proxies after initializing fdtab
|
|
- MEDIUM: listeners: make unbind_listener() converge if needed
|
|
- MEDIUM: deinit: close all receivers/listeners before scanning proxies
|
|
- MEDIUM: listeners: remove the now unused ZOMBIE state
|
|
- MINOR: listeners: do not uselessly try to close zombie listeners in soft_stop()
|
|
- CLEANUP: proxy: remove the first_to_listen hack in zombify_proxy()
|
|
- MINOR: listeners: introduce listener_set_state()
|
|
- MINOR: proxy: maintain per-state counters of listeners
|
|
- MEDIUM: proxy: remove the unused PR_STFULL state
|
|
- MEDIUM: proxy: remove the PR_STERROR state
|
|
- MEDIUM: proxy: remove state PR_STPAUSED
|
|
- MINOR: startup: don't rely on PR_STNEW to check for listeners
|
|
- CLEANUP: peers: don't use the PR_ST* states to mark enabled/disabled
|
|
- MEDIUM: proxy: replace proxy->state with proxy->disabled
|
|
- MEDIUM: proxy: remove start_proxies()
|
|
- MEDIUM: proxy: merge zombify_proxy() with stop_proxy()
|
|
- MINOR: listeners: check the current listener state in pause_listener()
|
|
- MINOR: listeners: check the current listener earlier state in resume_listener()
|
|
- MEDIUM: listener/proxy: make the listeners notify about proxy pause/resume
|
|
- MINOR: protocol: introduce protocol_{pause,resume}_all()
|
|
- MAJOR: signals: use protocol_pause_all() and protocol_resume_all()
|
|
- CLEANUP: proxy: remove the now unused pause_proxies() and resume_proxies()
|
|
- MEDIUM: proto_tcp: make the pause() more robust in multi-process
|
|
- BUG/MEDIUM: listeners: correctly report pause() errors
|
|
- MINOR: listeners: move fd_stop_recv() to the receiver's socket code
|
|
- CLEANUP: protocol: remove the ->disable_all method
|
|
- CLEANUP: listeners: remove unused disable_listener and disable_all_listeners
|
|
- MINOR: listeners: export enable_listener()
|
|
- MINOR: protocol: directly call enable_listener() from protocol_enable_all()
|
|
- CLEANUP: protocol: remove the ->enable_all method
|
|
- CLEANUP: listeners: remove the now unused enable_all_listeners()
|
|
- MINOR: protocol: rename the ->listeners field to ->receivers
|
|
- MINOR: protocol: replace ->pause(listener) with ->rx_suspend(receiver)
|
|
- MINOR: protocol: implement an ->rx_resume() method
|
|
- MINOR: listener: use the protocol's ->rx_resume() method when available
|
|
- MINOR: sock: provide a set of generic enable/disable functions
|
|
- MINOR: protocol: add a new pair of rx_enable/rx_disable methods
|
|
- MINOR: protocol: add a new pair of enable/disable methods for listeners
|
|
- MEDIUM: listeners: now use the listener's ->enable/disable
|
|
- MINOR: listeners: split delete_listener() in two versions
|
|
- MINOR: listeners: count unstoppable jobs on creation, not deletion
|
|
- MINOR: listeners: add a new stop_listener() function
|
|
- MEDIUM: proxy: make stop_proxy() now use stop_listener()
|
|
- MEDIUM: proxy: add mode PR_MODE_PEERS to flag peers frontends
|
|
- MEDIUM: proxy: centralize proxy status update and reporting
|
|
- MINOR: protocol: add protocol_stop_now() to instant-stop listeners
|
|
- MEDIUM: proxy: make soft_stop() stop most listeners using protocol_stop_now()
|
|
- MEDIUM: udp: implement udp_suspend() and udp_resume()
|
|
- MINOR: listener: add a few BUG_ON() statements to detect inconsistencies
|
|
- MEDIUM: listeners: always close master vs worker listeners
|
|
- BROKEN/MEDIUM: listeners: rework the unbind logic to make it idempotent
|
|
- MEDIUM: listener: let do_unbind_listener() decide whether to close or not
|
|
- CLEANUP: listeners: remove the do_close argument to unbind_listener()
|
|
- MINOR: listeners: move the LI_O_MWORKER flag to the receiver
|
|
- MEDIUM: receivers: add an rx_unbind() method in the protocols
|
|
- MINOR: listeners: split do_unbind_listener() in two
|
|
- MEDIUM: listeners: implement protocol level ->suspend/resume() calls
|
|
- MEDIUM: config: mark "grace" as deprecated
|
|
- MEDIUM: config: remove the deprecated and dangerous global "debug" directive
|
|
- BUG/MINOR: proxy: respect the proper format string in sig_pause/sig_listen
|
|
- MINOR: peers: heartbeat, collisions and handshake information for "show peers" command.
|
|
- BUILD: makefile: Enable getaddrinfo() on OS/X
|
|
|
|
2020/09/25 : 2.3-dev5
|
|
- DOC: Fix typo in iif() example
|
|
- CLEANUP: Update .gitignore
|
|
- BUILD: introduce possibility to define ABORT_NOW() conditionally
|
|
- CI: travis-ci: help Coverity to recognize abort()
|
|
- BUG/MINOR: Fix type passed of sizeof() for calloc()
|
|
- CLEANUP: Do not use a fixed type for 'sizeof' in 'calloc'
|
|
- CLEANUP: tree-wide: use VAR_ARRAY instead of [0] in various definitions
|
|
- BUILD: connection: fix build on clang after the VAR_ARRAY cleanup
|
|
- BUG/MINOR: ssl: verifyhost is case sensitive
|
|
- BUILD: makefile: change default value of CC from gcc to cc
|
|
- CI: travis-ci: split asan step out of running tests
|
|
- BUG/MINOR: server: report correct error message for invalid port on "socks4"
|
|
- BUG/MEDIUM: ssl: Don't call ssl_sock_io_cb() directly.
|
|
- BUG/MINOR: ssl/crt-list: crt-list could end without a \n
|
|
- BUG/MINOR: log-forward: fail on unknown keywords
|
|
- MEDIUM: log-forward: use "dgram-bind" instead of "bind" for the listener
|
|
- BUG/MEDIUM: log-forward: always quit on parsing errors
|
|
- MEDIUM: ssl: remove bundle support in crt-list and directories
|
|
- MEDIUM: ssl/cli: remove support for multi certificates bundle
|
|
- MINOR: ssl: crtlist_dup_ssl_conf() duplicates a ssl_bind_conf
|
|
- MINOR: ssl: crtlist_entry_dup() duplicates a crtlist_entry
|
|
- MEDIUM: ssl: emulates the multi-cert bundles in the crtlist
|
|
- MEDIUM: ssl: emulate multi-cert bundles loading in standard loading
|
|
- CLEANUP: ssl: remove test on "multi" variable in ckch functions
|
|
- CLEANUP: ssl/cli: remove test on 'multi' variable in CLI functions
|
|
- CLEANUP: ssl: remove utility functions for bundle
|
|
- DOC: explain bundle emulation in configuration.txt
|
|
- BUILD: fix build with openssl < 1.0.2 since bundle removal
|
|
- BUG/MINOR: log: gracefully handle the "udp@" address format for log servers
|
|
- BUG/MINOR: dns: gracefully handle the "udp@" address format for nameservers
|
|
- MINOR: listener: create a new struct "settings" in bind_conf
|
|
- MINOR: listener: move bind_proc and bind_thread to struct settings
|
|
- MINOR: listener: move the interface to the struct settings
|
|
- MINOR: listener: move the network namespace to the struct settings
|
|
- REORG: listener: create a new struct receiver
|
|
- REORG: listener: move the listening address to a struct receiver
|
|
- REORG: listener: move the receiving FD to struct receiver
|
|
- REORG: listener: move the listener's proto to the receiver
|
|
- MINOR: listener: make sock_find_compatible_fd() check the socket type
|
|
- REORG: listener: move the receiver part to a new file
|
|
- MINOR: receiver: link the receiver to its settings
|
|
- MINOR: receiver: link the receiver to its owner
|
|
- MINOR: listener: prefer to retrieve the socket's settings via the receiver
|
|
- MINOR: receiver: add a receiver-specific flag to indicate the socket is bound
|
|
- MINOR: listener: move the INHERITED flag down to the receiver
|
|
- MINOR: receiver: move the FOREIGN and V6ONLY options from listener to settings
|
|
- MINOR: sock: make sock_find_compatible_fd() only take a receiver
|
|
- MINOR: protocol: rename the ->bind field to ->listen
|
|
- MINOR: protocol: add a new ->bind() entry to bind the receiver
|
|
- MEDIUM: sock_inet: implement sock_inet_bind_receiver()
|
|
- MEDIUM: tcp: make use of sock_inet_bind_receiver()
|
|
- MEDIUM: udp: make use of sock_inet_bind_receiver()
|
|
- MEDIUM: sock_unix: implement sock_unix_bind_receiver()
|
|
- MEDIUM: uxst: make use of sock_unix_bind_receiver()
|
|
- MEDIUM: sockpair: implement sockpair_bind_receiver()
|
|
- MEDIUM: proto_sockpair: make use of sockpair_bind_receiver()
|
|
- MEDIUM: protocol: explicitly start the receiver before the listener
|
|
- MEDIUM: protocol: do not call proto->bind() anymore from bind_listener()
|
|
- MINOR: protocol: add a new proto_fam structure for protocol families
|
|
- MINOR: protocol: retrieve the family-specific fields from the family
|
|
- CLEANUP: protocol: remove family-specific fields from struct protocol
|
|
- MINOR: protocol: add a real family for existing FDs
|
|
- CLEANUP: tools: make str2sa_range() less awful for fd@ and sockpair@
|
|
- MINOR: tools: make str2sa_range() take more options than just resolve
|
|
- MINOR: tools: add several PA_O_PORT_* flags in str2sa_range() callers
|
|
- MEDIUM: tools: make str2sa_range() validate callers' port specifications
|
|
- MEDIUM: config: remove all checks for missing/invalid ports/ranges
|
|
- MINOR: tools: add several PA_O_* flags in str2sa_range() callers
|
|
- MINOR: listener: remove the inherited arg to create_listener()
|
|
- MINOR: tools: make str2sa_range() optionally return the fd
|
|
- MINOR: log: detect LOG_TARGET_FD from the fd and not from the syntax
|
|
- MEDIUM: tools: make str2sa_range() resolve pre-bound listeners
|
|
- MINOR: config: do not test an inherited socket again
|
|
- MEDIUM: tools: make str2sa_range() check for the sockpair's FD usability
|
|
- MINOR: tools: start to distinguish stream and dgram in str2sa_range()
|
|
- MEDIUM: tools: make str2sa_range() only report AF_CUST_UDP on listeners
|
|
- MINOR: tools: remove the central test for "udp" in str2sa_range()
|
|
- MINOR: cfgparse: add str2receiver() to parse dgram receivers
|
|
- MINOR: log-forward: use str2receiver() to parse the dgram-bind address
|
|
- MEDIUM: config: make str2listener() not accept datagram sockets anymore
|
|
- MINOR: listener: pass the chosen protocol to create_listeners()
|
|
- MINOR: tools: make str2sa_range() directly return the protocol
|
|
- MEDIUM: tools: make str2sa_range() check that the protocol has ->connect()
|
|
- MINOR: protocol: add the control layer type in the protocol struct
|
|
- MEDIUM: protocol: store the socket and control type in the protocol array
|
|
- MEDIUM: tools: make str2sa_range() use protocol_lookup()
|
|
- MEDIUM: proto_udp: replace last AF_CUST_UDP* with AF_INET*
|
|
- MINOR: tools: drop listener detection hack from str2sa_range()
|
|
- BUILD: sock_unix: add missing errno.h
|
|
- MINOR: sock_inet: report the errno string in binding errors
|
|
- MINOR: sock_unix: report the errno string in binding errors
|
|
- BUILD: sock_inet: include errno.h
|
|
- MINOR: h2/trace: also display the remaining frame length in traces
|
|
- BUG/MINOR: h2/trace: do not display "stream error" after a frame ACK
|
|
- BUG/MEDIUM: h2: report frame bits only for handled types
|
|
- BUG/MINOR: http-fetch: Don't set the sample type during the htx prefetch
|
|
- BUG/MINOR: Fix memory leaks cfg_parse_peers
|
|
- BUG/MINOR: config: Fix memory leak on config parse listen
|
|
- MINOR: backend: make the "whole" option of balance uri take only one bit
|
|
- MINOR: backend: add a new "path-only" option to "balance uri"
|
|
- REGTESTS: add a few load balancing tests
|
|
- BUG/MEDIUM: listeners: do not pause foreign listeners
|
|
- BUG/MINOR: listeners: properly close listener FDs
|
|
- BUILD: trace: include tools.h
|
|
|
|
2020/09/11 : 2.3-dev4
|
|
- MINOR: hlua: Add error message relative to the Channel manipulation and HTTP mode
|
|
- BUG/MEDIUM: ssl: crt-list negative filters don't work
|
|
- DOC: overhauling github issue templates
|
|
- MEDIUM: cfgparse: Emit hard error on truncated lines
|
|
- DOC: cache: Use '<name>' instead of '<id>' in error message
|
|
- MINOR: cache: Reject duplicate cache names
|
|
- REGTEST: remove stray leading spaces in converteers_ref_cnt_never_dec.vtc
|
|
- MINOR: stats: prevent favicon.ico requests for stats page
|
|
- BUILD: tools: include auxv a bit later
|
|
- BUILD: task: work around a bogus warning in gcc 4.7/4.8 at -O1
|
|
- MEDIUM: ssl: Support certificate chaining for certificate generation
|
|
- MINOR: ssl: Support SAN extension for certificate generation
|
|
- MINOR: tcp: don't try to set/clear v6only on inherited sockets
|
|
- BUG/MINOR: reload: detect the OS's v6only status before choosing an old socket
|
|
- MINOR: reload: determine the foreing binding status from the socket
|
|
- MEDIUM: reload: stop passing listener options along with FDs
|
|
- BUG/MEDIUM: ssl: fix ssl_bind_conf double free w/ wildcards
|
|
- MEDIUM: fd: replace usages of fd_remove() with fd_stop_both()
|
|
- CLEANUP: fd: remove fd_remove() and rename fd_dodelete() to fd_delete()
|
|
- MINOR: fd: add a new "exported" flag and use it for all regular listeners
|
|
- MEDIUM: reload: pass all exportable FDs, not just listeners
|
|
- DOC: add description of pidfile in master-worker mode
|
|
- BUG/MINOR: reload: do not fail when no socket is sent
|
|
- REORG: tcp: move TCP actions from proto_tcp.c to tcp_act.c
|
|
- CLEANUP: tcp: stop exporting smp_fetch_src()
|
|
- REORG: tcp: move TCP sample fetches from proto_tcp.c to tcp_sample.c
|
|
- REORG: tcp: move TCP bind/server keywords from proto_tcp.c to cfgparse-tcp.c
|
|
- REORG: unix: move UNIX bind/server keywords from proto_uxst.c to cfgparse-unix.c
|
|
- REORG: sock: start to move some generic socket code to sock.c
|
|
- MINOR: sock: introduce sock_inet and sock_unix
|
|
- MINOR: tcp/udp/unix: make use of proto->addrcmp() to compare addresses
|
|
- MINOR: sock_inet: implement sock_inet_get_dst()
|
|
- REORG: inet: replace tcp_is_foreign() with sock_inet_is_foreign()
|
|
- REORG: sock_inet: move v6only_default from proto_tcp.c to sock_inet.c
|
|
- REORG: sock_inet: move default_tcp_maxseg from proto_tcp.c
|
|
- REORG: listener: move xfer_sock_list to sock.{c,h}.
|
|
- MINOR: sock: add interface and namespace length to xfer_sock_list
|
|
- MINOR: sock: implement sock_find_compatible_fd()
|
|
- MINOR: sock_inet: move the IPv4/v6 transparent mode code to sock_inet
|
|
- REORG: sock: move get_old_sockets() from haproxy.c
|
|
- MINOR: sock: do not use LI_O_* in xfer_sock_list anymore
|
|
- MINOR: sock: distinguish dgram from stream types when retrieving old sockets
|
|
- BUILD: sock_unix: fix build issue with isdigit()
|
|
- BUG/MEDIUM: http-ana: Don't wait to send 1xx responses received from servers
|
|
- MINOR: http-htx: Add an option to eval query-string when the path is replaced
|
|
- BUG/MINOR: http-rules: Replace path and query-string in "replace-path" action
|
|
- MINOR: http-htx: Handle an optional reason when replacing the response status
|
|
- MINOR: contrib/spoa-server: allow MAX_FRAME_SIZE override
|
|
- BUG/MAJOR: contrib/spoa-server: Fix unhandled python call leading to memory leak
|
|
- BUG/MINOR: contrib/spoa-server: Ensure ip address references are freed
|
|
- BUG/MINOR: contrib/spoa-server: Do not free reference to NULL
|
|
- BUG/MINOR: contrib/spoa-server: Updating references to free in case of failure
|
|
- BUG/MEDIUM: contrib/spoa-server: Fix ipv4_address used instead of ipv6_address
|
|
- CLEANUP: http: silence a cppcheck warning in get_http_auth()
|
|
- REGTEST: increase some short timeouts to make tests more reliable
|
|
- BUG/MINOR: threads: work around a libgcc_s issue with chrooting
|
|
- BUILD: thread: limit the libgcc_s workaround to glibc only
|
|
- MINOR: protocol: do not call proto->bind_all() anymore
|
|
- MINOR: protocol: do not call proto->unbind_all() anymore
|
|
- CLEANUP: protocol: remove all ->bind_all() and ->unbind_all() functions
|
|
- MAJOR: init: start all listeners via protocols and not via proxies anymore
|
|
- BUG/MINOR: startup: haproxy -s cause 100% cpu
|
|
- Revert "BUG/MINOR: http-rules: Replace path and query-string in "replace-path" action"
|
|
- BUG/MEDIUM: doc: Fix replace-path action description
|
|
- MINOR: http-rules: Add set-pathq and replace-pathq actions
|
|
- MINOR: http-fetch: Add pathq sample fetch
|
|
- REGTEST: Add a test for request path manipulations, with and without the QS
|
|
- MINOR: Commit .gitattributes
|
|
- CLEANUP: Update .gitignore
|
|
- BUG/MEDIUM: dns: Don't store additional records in a linked-list
|
|
- BUG/MEDIUM: dns: Be sure to renew IP address for already known servers
|
|
- MINOR: server: Improve log message sent when server address is updated
|
|
- DOC: ssl-load-extra-files only applies to certificates on bind lines
|
|
- BUG/MINOR: auth: report valid crypto(3) support depending on build options
|
|
- BUG/MEDIUM: mux-h1: always apply the timeout on half-closed connections
|
|
- BUILD: threads: better workaround for late loading of libgcc_s
|
|
- BUILD: compiler: reserve the gcc version checks to the gcc compiler
|
|
- BUILD: compiler: workaround a glibc madness around __attribute__()
|
|
- BUILD: intops: on x86_64, the bswap instruction is called bswapq
|
|
- BUILD: trace: always have an argument before variadic args in macros
|
|
- BUILD: traces: don't pass an empty argument for missing ones
|
|
- BUG/MINOR: haproxy: Free uri_auth->scope during deinit
|
|
- CLEANUP: Free old_argv on deinit
|
|
- CLEANUP: haproxy: Free post_proxy_check_list in deinit()
|
|
- CLEANUP: haproxy: Free per_thread_*_list in deinit()
|
|
- CLEANUP: haproxy: Free post_check_list in deinit()
|
|
- BUG/MEDIUM: pattern: Renew the pattern expression revision when it is pruned
|
|
- REORG: tools: move PARSE_OPT_* from tools.h to tools-t.h
|
|
- MINOR: sample: Add iif(<true>,<false>) converter
|
|
|
|
2020/08/14 : 2.3-dev3
|
|
- SCRIPTS: git-show-backports: make -m most only show the left branch
|
|
- SCRIPTS: git-show-backports: emit the shell command to backport a commit
|
|
- BUILD: Makefile: require SSL_LIB, SSL_INC to be explicitly set
|
|
- CI: travis-ci: specify SLZ_LIB, SLZ_INC for travis builds
|
|
- BUG/MEDIUM: mux-h1: Refresh H1 connection timeout after a synchronous send
|
|
- CLEANUP: dns: typo in reported error message
|
|
- BUG/MAJOR: dns: disabled servers through SRV records never recover
|
|
- BUG/MINOR: spoa-server: fix size_t format printing
|
|
- DOC: spoa-server: fix false friends `actually`
|
|
- BUG/MINOR: ssl: fix memory leak at OCSP loading
|
|
- BUG/MEDIUM: ssl: memory leak of ocsp data at SSL_CTX_free()
|
|
- BUG/MEDIUM: map/lua: Return an error if a map is loaded during runtime
|
|
- MINOR: arg: Add an argument type to keep a reference on opaque data
|
|
- BUG/MINOR: converters: Store the sink in an arg pointer for debug() converter
|
|
- BUG/MINOR: lua: Duplicate map name to load it when a new Map object is created
|
|
- BUG/MINOR: arg: Fix leaks during arguments validation for fetches/converters
|
|
- BUG/MINOR: lua: Check argument type to convert it to IPv4/IPv6 arg validation
|
|
- BUG/MINOR: lua: Check argument type to convert it to IP mask in arg validation
|
|
- MINOR: hlua: Don't needlessly copy lua strings in trash during args validation
|
|
- BUG/MINOR: lua: Duplicate lua strings in sample fetches/converters arg array
|
|
- MEDIUM: lua: Don't filter exported fetches and converters
|
|
- MINOR: lua: Add support for userlist as fetches and converters arguments
|
|
- MINOR: lua: Add support for regex as fetches and converters arguments
|
|
- MINOR: arg: Use chunk_destroy() to release string arguments
|
|
- BUG/MINOR: snapshots: leak of snapshots on deinit()
|
|
- CLEANUP: ssl: ssl_sock_crt2der semicolon and spaces
|
|
- MINOR: ssl: add ssl_{c,s}_chain_der fetch methods
|
|
- CLEANUP: fix all duplicated semicolons
|
|
- BUG/MEDIUM: ssl: fix the ssl-skip-self-issued-ca option
|
|
- BUG/MINOR: ssl: ssl-skip-self-issued-ca requires >= 1.0.2
|
|
- BUG/MINOR: stats: use strncmp() instead of memcmp() on health states
|
|
- BUILD: makefile: don't disable -Wstringop-overflow anymore
|
|
- BUG/MINOR: ssl: double free w/ smp_fetch_ssl_x_chain_der()
|
|
- BUG/MEDIUM: htx: smp_prefetch_htx() must always validate the direction
|
|
- BUG/MEDIUM: ssl: never generates the chain from the verify store
|
|
- OPTIM: regex: PCRE2 use JIT match when JIT optimisation occured.
|
|
- BUG/MEDIUM: ssl: does not look for all SNIs before chosing a certificate
|
|
- CLEANUP: ssl: remove poorly readable nested ternary
|
|
|
|
2020/07/31 : 2.3-dev2
|
|
- DOC: ssl: req_ssl_sni needs implicit TLS
|
|
- BUG/MEDIUM: arg: empty args list must be dropped
|
|
- BUG/MEDIUM: resolve: fix init resolving for ring and peers section.
|
|
- BUG/MAJOR: tasks: don't requeue global tasks into the local queue
|
|
- MINOR: tasks/debug: make the thread affinity BUG_ON check a bit stricter
|
|
- MINOR: tasks/debug: add a few BUG_ON() to detect use of wrong timer queue
|
|
- MINOR: tasks/debug: add a BUG_ON() check to detect requeued task on free
|
|
- BUG/MAJOR: dns: Make the do-resolve action thread-safe
|
|
- BUG/MEDIUM: dns: Release answer items when a DNS resolution is freed
|
|
- MEDIUM: htx: Add a flag on a HTX message when no more data are expected
|
|
- BUG/MEDIUM: stream-int: Don't set MSG_MORE flag if no more data are expected
|
|
- BUG/MEDIUM: http-ana: Only set CF_EXPECT_MORE flag on data filtering
|
|
- CLEANUP: dns: remove 45 "return" statements from dns_validate_dns_response()
|
|
- BUG/MINOR: htx: add two missing HTX_FL_EOI and remove an unexpected one
|
|
- BUG/MINOR: mux-fcgi: Don't url-decode the QUERY_STRING parameter anymore
|
|
- BUILD: tools: fix build with static only toolchains
|
|
- DOC: Use gender neutral language
|
|
- BUG/MINOR: debug: Don't dump the lua stack if it is not initialized
|
|
- BUG/MAJOR: dns: fix null pointer dereference in snr_update_srv_status
|
|
- BUG/MAJOR: dns: don't treat Authority records as an error
|
|
- CI : travis-ci : prepare for using stock OpenSSL
|
|
- CI: travis-ci : switch to stock openssl when openssl-1.1.1 is used
|
|
- MEDIUM: lua: Add support for the Lua 5.4
|
|
- BUG/MEDIUM: dns: Don't yield in do-resolve action on a final evaluation
|
|
- BUG/MINOR: lua: Abort execution of actions that yield on a final evaluation
|
|
- MINOR: tcp-rules: Return an internal error if an action yields on a final eval
|
|
- BUG/MINOR: tcp-rules: Preserve the right filter analyser on content eval abort
|
|
- BUG/MINOR: tcp-rules: Set the inspect-delay when a tcp-response action yields
|
|
- MEDIUM: tcp-rules: Use a dedicated expiration date for tcp ruleset
|
|
- MEDIUM: lua: Set the analyse expiration date with smaller wake_time only
|
|
- BUG/MEDIUM: connection: Be sure to always install a mux for sync connect
|
|
- MINOR: connection: Preinstall the mux for non-ssl connect
|
|
- MINOR: stream-int: Be sure to have a mux to do sends and receives
|
|
- BUG/MINOR: lua: Fix a possible null pointer deref on lua ctx
|
|
- SCRIPTS: announce-release: add the link to the wiki in the announce messages
|
|
- CI: travis-ci: use better name for Coverity scan job
|
|
- CI: travis-ci: use proper linking flags for SLZ build
|
|
- BUG/MEDIUM: backend: always attach the transport before installing the mux
|
|
- BUG/MEDIUM: tcp-checks: always attach the transport before installing the mux
|
|
- MINOR: connection: avoid a useless recvfrom() on outgoing connections
|
|
- MINOR: mux-h1: do not even try to receive if the connection is not fully set up
|
|
- MINOR: mux-h1: do not try to receive on backend before sending a request
|
|
- CLEANUP: assorted typo fixes in the code and comments
|
|
- BUG/MEDIUM: ssl: check OCSP calloc in ssl_sock_load_ocsp()
|
|
|
|
2020/07/17 : 2.3-dev1
|
|
- MINOR: config: make strict limits enabled by default
|
|
- BUG/MINOR: acl: Fix freeing of expr->smp in prune_acl_expr
|
|
- BUG/MINOR: sample: Fix freeing of conv_exprs in release_sample_expr
|
|
- BUG/MINOR: haproxy: Free proxy->format_unique_id during deinit
|
|
- BUG/MINOR: haproxy: Add missing free of server->(hostname|resolvers_id)
|
|
- BUG/MINOR: haproxy: Free proxy->unique_id_header during deinit
|
|
- BUG/MINOR: haproxy: Free srule->file during deinit
|
|
- BUG/MINOR: haproxy: Free srule->expr during deinit
|
|
- BUG/MINOR: sample: Free str.area in smp_check_const_bool
|
|
- BUG/MINOR: sample: Free str.area in smp_check_const_meth
|
|
- CLEANUP: haproxy: Free proxy_deinit_list in deinit()
|
|
- CLEANUP: haproxy: Free post_deinit_list in deinit()
|
|
- CLEANUP: haproxy: Free server_deinit_list in deinit()
|
|
- CLEANUP: haproxy: Free post_server_check_list in deinit()
|
|
- CLEANUP: Add static void vars_deinit()
|
|
- CLEANUP: Add static void hlua_deinit()
|
|
- CLEANUP: contrib/prometheus-exporter: typo fixes for ssl reuse metric
|
|
- BUG/MEDIUM: lists: add missing store barrier on MT_LIST_BEHEAD()
|
|
- BUG/MEDIUM: lists: add missing store barrier in MT_LIST_ADD/MT_LIST_ADDQ
|
|
- MINOR: tcp: Support TCP keepalive parameters customization
|
|
- BUILD: tcp: condition TCP keepalive settings to platforms providing them
|
|
- MINOR: lists: rename some MT_LIST operations to clarify them
|
|
- MINOR: buffer: use MT_LIST_ADDQ() for buffer_wait lists additions
|
|
- MINOR: connection: use MT_LIST_ADDQ() to add connections to idle lists
|
|
- MINOR: tasks: use MT_LIST_ADDQ() when killing tasks.
|
|
- CONTRIB: da: fix memory leak in dummy function da_atlas_open()
|
|
- CI: travis-ci: speed up osx build by running brew scripted, switch to latest osx image
|
|
- BUG/MEDIUM: mux-h2: Don't add private connections in available connection list
|
|
- BUG/MEDIUM: mux-fcgi: Don't add private connections in available connection list
|
|
- MINOR: connection: Set the SNI on server connections before installing the mux
|
|
- MINOR: connection: Set new connection as private on reuse never
|
|
- MINOR: connection: Add a wrapper to mark a connection as private
|
|
- MEDIUM: connection: Add private connections synchronously in session server list
|
|
- MINOR: connection: Use a dedicated function to look for a session's connection
|
|
- MINOR: connection: Set the conncetion target during its initialisation
|
|
- MINOR: session: Take care to decrement idle_conns counter in session_unown_conn
|
|
- MINOR: server: Factorize code to deal with reuse of server idle connections
|
|
- MINOR: server: Factorize code to deal with connections removed from an idle list
|
|
- CLEANUP: connection: remove unused field idle_time from the connection struct
|
|
- BUG/MEDIUM: mux-h1: Continue to process request when switching in tunnel mode
|
|
- MINOR: raw_sock: Report the number of bytes emitted using the splicing
|
|
- MINOR: contrib/prometheus-exporter: Add missing global and per-server metrics
|
|
- MINOR: backend: Add sample fetches to get the server's weight
|
|
- BUG/MINOR: mux-fcgi: Handle empty STDERR record
|
|
- BUG/MINOR: mux-fcgi: Set conn state to RECORD_P when skipping the record padding
|
|
- BUG/MINOR: mux-fcgi: Set flags on the right stream field for empty FCGI_STDOUT
|
|
- BUG/MINOR: backend: fix potential null deref on srv_conn
|
|
- BUG/MEDIUM: log: issue mixing sampled to not sampled log servers.
|
|
- MEDIUM: udp: adds minimal proto udp support for message listeners.
|
|
- MEDIUM: log/sink: re-work and merge of build message API.
|
|
- MINOR: log: adds syslog udp message handler and parsing.
|
|
- MEDIUM: log: adds log forwarding section.
|
|
- MINOR: log: adds counters on received syslog messages.
|
|
- BUG/MEDIUM: fcgi-app: fix memory leak in fcgi_flt_http_headers
|
|
- BUG/MEDIUM: server: resolve state file handle leak on reload
|
|
- BUG/MEDIUM: server: fix possibly uninitialized state file on close
|
|
- BUG/MEDIUM: channel: Be aware of SHUTW_NOW flag when output data are peeked
|
|
- BUILD: config: address build warning on raspbian+rpi4
|
|
- BUG/MAJOR: tasks: make sure to always lock the shared wait queue if needed
|
|
- BUILD: config: fix again bugs gcc warnings on calloc
|
|
|
|
2020/07/07 : 2.3-dev0
|
|
- [RELEASE] Released version 2.3-dev0
|
|
- MINOR: version: back to development, update status message
|
|
|
|
2020/07/07 : 2.3-dev0
|
|
- exact copy of 2.2.0
|
|
|
|
2020/07/07 : 2.2.0
|
|
- BUILD: mux-h2: fix typo breaking build when using DEBUG_LOCK
|
|
- CLEANUP: makefile: update the outdated list of DEBUG_xxx options
|
|
- BUILD: tools: make resolve_sym_name() return a const
|
|
- CLEANUP: auth: fix useless self-include of auth-t.h
|
|
- BUILD: tree-wide: cast arguments to tolower/toupper to unsigned char
|
|
- CLEANUP: assorted typo fixes in the code and comments
|
|
- WIP/MINOR: ssl: add sample fetches for keylog in frontend
|
|
- DOC: fix tune.ssl.keylog sample fetches array
|
|
- BUG/MINOR: ssl: check conn in keylog sample fetch
|
|
- DOC: configuration: various typo fixes
|
|
- MINOR: log: Remove unused case statement during the log-format string parsing
|
|
- BUG/MINOR: mux-h1: Fix the splicing in TUNNEL mode
|
|
- BUG/MINOR: mux-h1: Don't read data from a pipe if the mux is unable to receive
|
|
- BUG/MINOR: mux-h1: Disable splicing only if input data was processed
|
|
- BUG/MEDIUM: mux-h1: Disable splicing for the conn-stream if read0 is received
|
|
- MINOR: mux-h1: Improve traces about the splicing
|
|
- BUG/MINOR: backend: Remove CO_FL_SESS_IDLE if a client remains on the last server
|
|
- BUG/MEDIUM: connection: Don't consider new private connections as available
|
|
- BUG/MINOR: connection: See new connection as available only on reuse always
|
|
- DOC: configuration: remove obsolete mentions of H2 being converted to HTTP/1.x
|
|
- CLEANUP: ssl: remove unrelevant comment in smp_fetch_ssl_x_keylog()
|
|
- DOC: update INSTALL with new compiler versions
|
|
- DOC: minor update to coding style file
|
|
- MINOR: version: mention that it's an LTS release now
|
|
|
|
2020/07/04 : 2.2-dev12
|
|
- BUG/MINOR: mux_h2: don't lose the leaving trace in h2_io_cb()
|
|
- MINOR: cli: make "show sess" stop at the last known session
|
|
- CLEANUP: buffers: remove unused buffer_wq_lock lock
|
|
- BUG/MEDIUM: buffers: always allocate from the local cache first
|
|
- MINOR: connection: align toremove_{lock,connections} and cleanup into idle_conns
|
|
- CONTRIB: debug: add missing flags SI_FL_L7_RETRY & SI_FL_D_L7_RETRY
|
|
- BUG/MEDIUM: connections: Don't increase curr_used_conns for shared connections.
|
|
- BUG/MEDIUM: checks: Increment the server's curr_used_conns
|
|
- REORG: buffer: rename buffer.c to dynbuf.c
|
|
- REORG: includes: create tinfo.h for the thread_info struct
|
|
- CLEANUP: pool: only include the type files from types
|
|
- MINOR: pools: move the LRU cache heads to thread_info
|
|
- BUG/MINOR: debug: fix "show fd" null-deref when built with DEBUG_FD
|
|
- MINOR: stats: add 3 new output values for the per-server idle conn state
|
|
- MINOR: activity: add per-thread statistics on FD takeover
|
|
- BUG/MINOR: server: start cleaning idle connections from various points
|
|
- MEDIUM: server: improve estimate of the need for idle connections
|
|
- MINOR: stats: add the estimated need of concurrent connections per server
|
|
- BUG/MINOR: threads: Don't forget to init each thread toremove_lock.
|
|
- BUG/MEDIUM: lists: Lock the element while we check if it is in a list.
|
|
- Revert "BUG/MEDIUM: lists: Lock the element while we check if it is in a list."
|
|
- BUG/MINOR: haproxy: don't wake already stopping threads on exit
|
|
- BUG/MINOR: server: always count one idle slot for current thread
|
|
- MEDIUM: server: use the two thresholds for the connection release algorithm
|
|
- BUG/MINOR: http-rules: Fix ACLs parsing for http deny rules
|
|
- BUG/MINOR: sched: properly cover for a rare MT_LIST_ADDQ() race
|
|
- MINOR: mux-h1: avoid taking the toremove_lock in on dying tasks
|
|
- MINOR: mux-h2: avoid taking the toremove_lock in on dying tasks
|
|
- MINOR: mux-fcgi: avoid taking the toremove_lock in on dying tasks
|
|
- MINOR: pools: increase MAX_BASE_POOLS to 64
|
|
- DOC: ssl: add "allow-0rtt" and "ciphersuites" in crt-list
|
|
- BUG/MEDIUM: pattern: Add a trailing \0 to match strings only if possible
|
|
- BUG/MEDIUM: log-format: fix possible endless loop in parse_logformat_string()
|
|
- BUG/MINOR: proxy: fix dump_server_state()'s misuse of the trash
|
|
- BUG/MINOR: proxy: always initialize the trash in show servers state
|
|
- MINOR: cli/proxy: add a new "show servers conn" command
|
|
- MINOR: server: skip servers with no idle conns earlier
|
|
- BUG/MINOR: server: fix the connection release logic regarding nearly full conditions
|
|
- MEDIUM: server: add a new pool-low-conn server setting
|
|
- BUG/MEDIUM: backend: always search in the safe list after failing on the idle one
|
|
- MINOR: backend: don't always takeover from the same threads
|
|
- MINOR: sched: make sched->task_list_size atomic
|
|
- MEDIUM: sched: create a new TASK_KILLED task flag
|
|
- MEDIUM: sched: implement task_kill() to kill a task
|
|
- MEDIUM: mux-h1: use task_kill() during h1_takeover() instead of task_wakeup()
|
|
- MEDIUM: mux-h2: use task_kill() during h2_takeover() instead of task_wakeup()
|
|
- MEDIUM: mux-fcgi: use task_kill() during fcgi_takeover() instead of task_wakeup()
|
|
- MINOR: list: Add MT_LIST_DEL_SAFE_NOINIT() and MT_LIST_ADDQ_NOCHECK()
|
|
- CLEANUP: connections: rename the toremove_lock to takeover_lock
|
|
- MEDIUM: connections: Don't use a lock when moving connections to remove.
|
|
- DOC: configuration: add missing index entries for tune.pool-{low,high}-fd-ratio
|
|
- DOC: configuration: fix alphabetical ordering for tune.pool-{high,low}-fd-ratio
|
|
- MINOR: config: add a new tune.idle-pool.shared global setting.
|
|
- MINOR: 51d: silence a warning about null pointer dereference
|
|
- MINOR: debug: add a new "debug dev memstats" command
|
|
- MINOR: log-format: allow to preserve spacing in log format strings
|
|
- BUILD: debug: avoid build warnings with DEBUG_MEM_STATS
|
|
- BUG/MAJOR: sched: make sure task_kill() always queues the task
|
|
- BUG/MEDIUM: muxes: Make sure nobody stole the connection before using it.
|
|
- BUG/MEDIUM: cli/proxy: don't try to dump idle connection state if there's none
|
|
- BUILD: haproxy: fix build error when RLIMIT_AS is not set
|
|
- BUG/MAJOR: sched: make it work also when not building with DEBUG_STRICT
|
|
- MINOR: log: add time second fraction field to rfc5424 log timestamp.
|
|
- BUG/MINOR: log: missing timezone on iso dates.
|
|
- BUG/MEDIUM: server: don't kill all idle conns when there are not enough
|
|
- MINOR: sched: split tasklet_wakeup() into tasklet_wakeup_on()
|
|
- BUG/MEDIUM: connections: Set the tid for the old tasklet on takeover.
|
|
- BUG/MEDIUM: connections: Let the xprt layer know a takeover happened.
|
|
- BUG/MINOR: http_act: don't check capture id in backend (2)
|
|
- BUILD: makefile: disable threads by default on OpenBSD
|
|
- BUILD: peers: fix build warning with gcc 4.2.1
|
|
- CI: cirrus-ci: exclude slow reg-tests
|
|
|
|
2020/06/26 : 2.2-dev11
|
|
- REGTEST: Add a simple script to tests errorfile directives in proxy sections
|
|
- BUG/MEDIUM: fcgi-app: Resolve the sink if a fcgi-app logs in a ring buffer
|
|
- BUG/MINOR: spoe: correction of setting bits for analyzer
|
|
- BUG/MINOR: cfgparse: Support configurations without newline at EOF
|
|
- MINOR: cfgparse: Warn on truncated lines / files
|
|
- BUG/MINOR: http_ana: clarify connection pointer check on L7 retry
|
|
- MINOR: debug: add a new DEBUG_FD build option
|
|
- BUG/MINOR: tasks: make sure never to exceed max_processed
|
|
- MINOR: task: add a new pointer to current tasklet queue
|
|
- BUG/MEDIUM: task: be careful not to run too many tasks at TL_URGENT
|
|
- BUG/MINOR: cfgparse: Fix argument reference in PARSE_ERR_TOOMANY message
|
|
- BUG/MINOR: cfgparse: Fix calculation of position for PARSE_ERR_TOOMANY message
|
|
- BUG/MEDIUM: ssl: fix ssl_bind_conf double free
|
|
- MINOR: ssl: free bind_conf_node in crtlist_free()
|
|
- MINOR: ssl: free the crtlist and the ckch during the deinit()
|
|
- BUG/MINOR: ssl: fix build with ckch_deinit() and crtlist_deinit()
|
|
- BUG/MINOR: ssl/cli: certs added from the CLI can't be deleted
|
|
- MINOR: ssl: move the ckch/crtlist deinit to ssl_sock.c
|
|
- MEDIUM: tasks: apply a fair CPU distribution between tasklet classes
|
|
- MINOR: tasks: make current_queue an index instead of a pointer
|
|
- MINOR: tasks: add a mask of the queues with active tasklets
|
|
- MINOR: tasks: pass the queue index to run_task_from_list()
|
|
- MINOR: tasks: make run_tasks_from_lists() scan the queues itself
|
|
- MEDIUM: tasks: add a tune.sched.low-latency option
|
|
- BUG/MEDIUM: ssl/cli: 'commit ssl cert' crashes when no private key
|
|
- BUG/MINOR: cfgparse: don't increment linenum on incomplete lines
|
|
- MINOR: tools: make parse_line() always terminate the args list
|
|
- BUG/MINOR: cfgparse: report extraneous args *after* the string is allocated
|
|
- MINOR: cfgparse: sanitize the output a little bit
|
|
- MINOR: cli/ssl: handle trailing slashes in crt-list commands
|
|
- MINOR: ssl: add the ssl_s_* sample fetches for server side certificate
|
|
- BUG/MEDIUM: http-ana: Don't loop trying to generate a malformed 500 response
|
|
- BUG/MINOR: stream-int: Don't wait to send truncated HTTP messages
|
|
- BUG/MINOR: http-ana: Set CF_EOI on response channel for generated responses
|
|
- BUG/MINOR: http-ana: Don't wait to send 1xx responses generated by HAProxy
|
|
- MINOR: spoe: Don't systematically create new applets if processing rate is low
|
|
- DOC: fix some typos in the ssl_s_{s|i}_dn documentation
|
|
- BUILD: fix ssl_sample.c when building against BoringSSL
|
|
- CI: travis-ci: switch BoringSSL builds to ninja
|
|
- CI: extend spellchecker whitelist
|
|
- DOC: assorted typo fixes in the documentation
|
|
- CLEANUP: assorted typo fixes in the code and comments
|
|
- MINOR: http: Add support for http 413 status
|
|
- REGTEST: ssl: tests the ssl_f_* sample fetches
|
|
- REGTEST: ssl: add some ssl_c_* sample fetches test
|
|
- DOC: ssl: update the documentation of "commit ssl cert"
|
|
- BUG/MINOR: cfgparse: correctly deal with empty lines
|
|
- BUG/MEDIUM: fetch: Fix hdr_ip misparsing IPv4 addresses due to missing NUL
|
|
|
|
2020/06/19 : 2.2-dev10
|
|
- BUILD: include: add sys/types before netinet/tcp.h
|
|
- BUG/MEDIUM: log: don't hold the log lock during writev() on a file descriptor
|
|
- BUILD: Remove nowarn for warnings that do not trigger
|
|
- BUG/MEDIUM: pattern: fix thread safety of pattern matching
|
|
- BUILD: Re-enable -Wimplicit-fallthrough
|
|
- BUG/MINOR: ssl: fix ssl-{min,max}-ver with openssl < 1.1.0
|
|
- BUILD: thread: add parenthesis around values of locking macros
|
|
- BUILD: proto_uxst: shut up yet another gcc's absurd warning
|
|
- BUG/MEDIUM: checks: Fix off-by-one in allocation of SMTP greeting cmd
|
|
- CI: travis-ci: use "-O1" for clang builds
|
|
- MINOR: haproxy: Add void deinit_and_exit(int)
|
|
- MINOR: haproxy: Make use of deinit_and_exit() for clean exits
|
|
- BUG/MINOR: haproxy: Free rule->arg.vars.expr during deinit_act_rules
|
|
- BUILD: compression: make gcc 10 happy with free_zlib()
|
|
- BUILD: atomic: add string.h for memcpy() on ARM64
|
|
- BUG/MINOR: http: make smp_fetch_body() report that the contents may change
|
|
- BUG/MINOR: tcp-rules: tcp-response must check the buffer's fullness
|
|
- BUILD: haproxy: mark deinit_and_exit() as noreturn
|
|
- BUG/MAJOR: vars: Fix bogus free() during deinit() for http-request rules
|
|
- BUG/MEDIUM: ebtree: use a byte-per-byte memcmp() to compare memory blocks
|
|
- MINOR: tools: add a new configurable line parse, parse_line()
|
|
- BUG/MEDIUM: cfgparse: use parse_line() to expand/unquote/unescape config lines
|
|
- BUG/MEDIUM: cfgparse: stop after a reasonable amount of fatal error
|
|
- MINOR: http: do not close connections anymore after internal responses
|
|
- BUG/MINOR: cfgparse: Add missing fatal++ in PARSE_ERR_HEX case
|
|
- BUG/MINOR: spoe: add missing key length check before checking key names
|
|
- MINOR: version: put the compiler version output into version.c not haproxy.c
|
|
- MINOR: compiler: always define __has_feature()
|
|
- MINOR: version: report the presence of the compiler's address sanitizer
|
|
- BUILD: Fix build by including haproxy/global.h
|
|
- BUG/MAJOR: connection: always disable ready events once reported
|
|
- CLEANUP: activity: remove unused counter fd_lock
|
|
- DOC: fd: make it clear that some fields ordering must absolutely be respected
|
|
- MINOR: activity: report the number of times poll() reports I/O
|
|
- MINOR: activity: rename confusing poll_* fields in the output
|
|
- MINOR: fd: Fix a typo in a coment.
|
|
- BUG/MEDIUM: fd: Don't fd_stop_recv() a fd we don't own.
|
|
- BUG/MEDIUM: fd: Call fd_stop_recv() when we just got a fd.
|
|
- MINOR: activity: group the per-loop counters at the top
|
|
- MINOR: activity: rename the "stream" field to "stream_calls"
|
|
- MEDIUM: fd: refine the fd_takeover() migration lock
|
|
- MINOR: fd: slightly optimize the fd_takeover double-CAS loop
|
|
- MINOR: fd: factorize the fd_takeover() exit path to make it safer
|
|
- MINOR: peers: do not use localpeer as an array anymore
|
|
- MEDIUM: peers: add the "localpeer" global option
|
|
- MEDIUM: fd: add experimental support for edge-triggered polling
|
|
- CONTRIB: debug: add the missing flags CO_FL_SAFE_LIST and CO_FL_IDLE_LIST
|
|
- MINOR: haproxy: process signals before runnable tasks
|
|
- MEDIUM: tasks: clean up the front side of the wait queue in wake_expired_tasks()
|
|
- MEDIUM: tasks: also process late wakeups in process_runnable_tasks()
|
|
- BUG/MINOR: cli: allow space escaping on the CLI
|
|
- BUG/MINOR: mworker/cli: fix the escaping in the master CLI
|
|
- BUG/MINOR: mworker/cli: fix semicolon escaping in master CLI
|
|
- REGTEST: http-rules: test spaces in ACLs
|
|
- REGTEST: http-rules: test spaces in ACLs with master CLI
|
|
- BUG/MAJOR: init: properly compute the default global.maxpipes value
|
|
- MEDIUM: map: make the "clear map" operation yield
|
|
- BUG/MEDIUM: stream-int: fix loss of CO_SFL_MSG_MORE flag in forwarding
|
|
- MINOR: mux_h1: Set H1_F_CO_MSG_MORE if we know we have more to send.
|
|
- BUG/MINOR: systemd: Wait for network to be online
|
|
- DOC: configuration: Unindent non-code sentences in the protobuf example
|
|
- DOC: configuration: http-check send was missing from matrix
|
|
|
|
2020/06/11 : 2.2-dev9
|
|
- BUG/MINOR: http-htx: Don't forget to release the http reply in release function
|
|
- BUG/MINOR: http-htx: Fix a leak on error path during http reply parsing
|
|
- MINOR: checks: Remove dead code from process_chk_conn()
|
|
- REGTESTS: checks: Fix tls_health_checks when IPv6 addresses are used
|
|
- REGTESTS: Add missing OPENSSL to REQUIRE_OPTIONS for lua/txn_get_priv
|
|
- MINOR: lua: Use vars_unset_by_name_ifexist()
|
|
- CLEANUP: vars: Remove void vars_unset_by_name(const char*, size_t, struct sample*)
|
|
- MINOR: vars: Make vars_(un|)set_by_name(_ifexist|) return a success value
|
|
- MINOR: lua: Make `set_var()` and `unset_var()` return success
|
|
- MEDIUM: lua: Add `ifexist` parameter to `set_var`
|
|
- MEDIUM: ring: new section ring to declare custom ring buffers.
|
|
- REGTESTS: Add missing OPENSSL to REQUIRE_OPTIONS for compression/lua_validation
|
|
- REGTESTS: Require the version 2.2 to execute lua/set_var
|
|
- BUG/MEDIUM: checks: Refresh the conn-stream and the connection after a connect
|
|
- MINOR: checks: Remove useless tests on the connection and conn-stream
|
|
- BUG/MEDIUM: contrib/spoa: do not register python3.8 if --embed fail
|
|
- BUG/MEDIUM: connection: Ignore PP2 unique ID for stream-less connections
|
|
- BUG/MINOR: connection: Always get the stream when available to send PP2 line
|
|
- BUG/MEDIUM: backend: set the connection owner to the session when using alpn.
|
|
- MINOR: pools: compute an estimate of each pool's average needed objects
|
|
- MEDIUM: pools: directly free objects when pools are too much crowded
|
|
- REGTEST: Add connection/proxy_protocol_send_unique_id_alpn
|
|
- MINOR: http-ana: Make the function http_reply_to_htx() public
|
|
- MINOR: http-ana: Use proxy's error replies to emit 401/407 responses
|
|
- MINOR: http-rules: Use an action function to eval http-request auth rules
|
|
- CLEANUP: http: Remove unused HTTP message templates
|
|
- BUG/MEDIUM: checks: Don't blindly subscribe for receive if waiting for connect
|
|
- MINOR: checks: I/O callback function only rely on the data layer wake callback
|
|
- BUG/MINOR: lua: Add missing string length for lua sticktable lookup
|
|
- BUG/MEDIUM: logs: fix trailing zeros on log message.
|
|
- CI: cirrus-ci: skip reg-tests/connection/proxy_protocol_send_unique_id_alpn.vtc on CentOS 6
|
|
- BUG/MINOR: nameservers: fix error handling in parsing of resolv.conf
|
|
- BUG/MEDIUM: checks: Don't add a tcpcheck ruleset twice in the shared tree
|
|
- MEDIUM: ssl: use TLSv1.2 as the minimum default on bind lines
|
|
- CLEANUP: pools: use the regular lock for the flush operation on lockless pools
|
|
- SCRIPTS: publish-release: pass -n to gzip to remove timestamp
|
|
- MINOR: ring: re-work ring attach generic API.
|
|
- BUG/MINOR: error on unknown statement in ring section.
|
|
- MEDIUM: ring: add server statement to forward messages from a ring
|
|
- MEDIUM: ring: add new srv statement to support octet counting forward
|
|
- MINOR: ssl: set ssl-min-ver in ambiguous configurations
|
|
- CLEANUP: ssl: remove comment from dump_crtlist_sslconf()
|
|
- BUILD: sink: address build warning on 32-bit architectures
|
|
- BUG/MINOR: peers: fix internal/network key type mapping.
|
|
- CLEANUP: regex: remove outdated support for regex actions
|
|
- Revert "MINOR: ssl: rework add cert chain to CTX to be libssl independent"
|
|
- MINOR: mux-h1/proxy: Add a proxy option to disable clear h2 upgrade
|
|
- BUG/MEDIUM: lua: Reset analyse expiration timeout before executing a lua action
|
|
- DOC: add a line about comments in crt-list
|
|
- BUG/MEDIUM: hlua: Lock pattern references to perform set/add/del operations
|
|
- BUG/MINOR: checks: Fix test on http-check rulesets during config validity check
|
|
- BUG/MEDIUM: contrib/prometheus-exporter: Properly set flags to dump metrics
|
|
- BUG/MEDIUM: mworker: fix the copy of options in copy_argv()
|
|
- BUG/MINOR: init: -x can have a parameter starting with a dash
|
|
- BUG/MINOR: init: -S can have a parameter starting with a dash
|
|
- BUG/MEDIUM: mworker: fix the reload with an -- option
|
|
- BUG/MINOR: ssl: fix a trash buffer leak in some error cases
|
|
- BUG/MINOR: mworker: fix a memleak when execvp() failed
|
|
- MINOR: sample: Add secure_memcmp converter
|
|
- REORG: ebtree: move the C files from ebtree/ to src/
|
|
- REORG: ebtree: move the include files from ebtree to include/import/
|
|
- REORG: ebtree: clean up remains of the ebtree/ directory
|
|
- REORG: include: create new file haproxy/api-t.h
|
|
- REORG: include: create new file haproxy/api.h
|
|
- REORG: include: update all files to use haproxy/api.h or api-t.h if needed
|
|
- CLEANUP: include: remove common/config.h
|
|
- CLEANUP: include: remove unused template.h
|
|
- REORG: include: move MIN/MAX from tools.h to compat.h
|
|
- REORG: include: move SWAP/MID_RANGE/MAX_RANGE from tools.h to standard.h
|
|
- CLEANUP: include: remove unused common/tools.h
|
|
- REORG: include: move the base files from common/ to haproxy/
|
|
- REORG: include: move version.h to haproxy/
|
|
- REORG: include: move base64.h, errors.h and hash.h from common to to haproxy/
|
|
- REORG: include: move openssl-compat.h from common/ to haproxy/
|
|
- REORG: include: move ist.h from common/ to import/
|
|
- REORG: include: move the BUG_ON() code to haproxy/bug.h
|
|
- REORG: include: move debug.h from common/ to haproxy/
|
|
- CLEANUP: debug: drop unused function p_malloc()
|
|
- REORG: include: split buf.h into haproxy/buf-t.h and haproxy/buf.h
|
|
- REORG: include: move istbuf.h to haproxy/
|
|
- REORG: include: split mini-clist into haproxy/list and list-t.h
|
|
- REORG: threads: extract atomic ops from hathreads.h
|
|
- CLEANUP: threads: remove a few needless includes of hathreads.h
|
|
- REORG: include: split hathreads into haproxy/thread.h and haproxy/thread-t.h
|
|
- CLEANUP: thread: rename __decl_hathreads() to __decl_thread()
|
|
- REORG: include: move time.h from common/ to haproxy/
|
|
- REORG: include: move integer manipulation functions from standard.h to intops.h
|
|
- CLEANUP: include: remove excessive includes of common/standard.h
|
|
- REORG: include: move freq_ctr to haproxy/
|
|
- CLEANUP: pool: include freq_ctr.h and remove locally duplicated functions
|
|
- REORG: memory: move the pool type definitions to haproxy/pool-t.h
|
|
- REORG: memory: move the OS-level allocator to haproxy/pool-os.h
|
|
- MINOR: memory: don't let __pool_get_first() pick from the cache
|
|
- MEDIUM: memory: don't let pool_put_to_cache() free the objects itself
|
|
- MINOR: memory: move pool-specific path of the locked pool_free() to __pool_free()
|
|
- MEDIUM: memory: make local pools independent on lockless pools
|
|
- REORG: include: move common/memory.h to haproxy/pool.h
|
|
- REORG: include: move common/chunk.h to haproxy/chunk.h
|
|
- REORG: include: move activity to haproxy/
|
|
- REORG: include: move common/buffer.h to haproxy/dynbuf{,-t}.h
|
|
- REORG: include: move common/net_helper.h to haproxy/net_helper.h
|
|
- REORG: include: move common/namespace.h to haproxy/namespace{,-t}.h
|
|
- REORG: include: split common/regex.h into haproxy/regex{,-t}.h
|
|
- REORG: include: split common/xref.h into haproxy/xref{,-t}.h
|
|
- REORG: include: move common/ticks.h to haproxy/ticks.h
|
|
- REORG: include: split common/http.h into haproxy/http{,-t}.h
|
|
- REORG: include: split common/http-hdr.h into haproxy/http-hdr{,-t}.h
|
|
- REORG: include: move common/h1.h to haproxy/h1.h
|
|
- REORG: include: split common/htx.h into haproxy/htx{,-t}.h
|
|
- REORG: include: move hpack*.h to haproxy/ and split hpack-tbl
|
|
- REORG: include: move common/h2.h to haproxy/h2.h
|
|
- REORG: include: move common/fcgi.h to haproxy/
|
|
- REORG: include: move protocol.h to haproxy/protocol{,-t}.h
|
|
- REORG: tools: split common/standard.h into haproxy/tools{,-t}.h
|
|
- REORG: include: move dict.h to hparoxy/dict{,-t}.h
|
|
- REORG: include: move shctx to haproxy/shctx{,-t}.h
|
|
- REORG: include: move port_range.h to haproxy/port_range{,-t}.h
|
|
- REORG: include: move fd.h to haproxy/fd{,-t}.h
|
|
- REORG: include: move ring to haproxy/ring{,-t}.h
|
|
- REORG: include: move sink.h to haproxy/sink{,-t}.h
|
|
- REORG: include: move pipe.h to haproxy/pipe{,-t}.h
|
|
- CLEANUP: include: remove empty raw_sock.h
|
|
- REORG: include: move proto_udp.h to haproxy/proto_udp{,-t}.h
|
|
- REORG: include: move proto/proto_sockpair.h to haproxy/proto_sockpair.h
|
|
- REORG: include: move compression.h to haproxy/compression{,-t}.h
|
|
- REORG: include: move h1_htx.h to haproxy/h1_htx.h
|
|
- REORG: include: move http_htx.h to haproxy/http_htx{,-t}.h
|
|
- REORG: include: move hlua.h to haproxy/hlua{,-t}.h
|
|
- REORG: include: move hlua_fcn.h to haproxy/hlua_fcn.h
|
|
- REORG: include: move action.h to haproxy/action{,-t}.h
|
|
- REORG: include: move arg.h to haproxy/arg{,-t}.h
|
|
- REORG: include: move auth.h to haproxy/auth{,-t}.h
|
|
- REORG: include: move dns.h to haproxy/dns{,-t}.h
|
|
- REORG: include: move flt_http_comp.h to haproxy/
|
|
- REORG: include: move counters.h to haproxy/counters-t.h
|
|
- REORG: include: split mailers.h into haproxy/mailers{,-t}.h
|
|
- REORG: include: move capture.h to haproxy/capture{,-t}.h
|
|
- REORG: include: move frontend.h to haproxy/frontend.h
|
|
- REORG: include: move obj_type.h to haproxy/obj_type{,-t}.h
|
|
- REORG: include: move http_rules.h to haproxy/http_rules.h
|
|
- CLEANUP: include: remove unused mux_pt.h
|
|
- REORG: include: move mworker.h to haproxy/mworker{,-t}.h
|
|
- REORG: include: move ssl_utils.h to haproxy/ssl_utils.h
|
|
- REORG: include: move ssl_ckch.h to haproxy/ssl_ckch{,-t}.h
|
|
- REORG: move ssl_crtlist.h to haproxy/ssl_crtlist{,-t}.h
|
|
- REORG: include: move lb_chash.h to haproxy/lb_chash{,-t}.h
|
|
- REORG: include: move lb_fas.h to haproxy/lb_fas{,-t}.h
|
|
- REORG: include: move lb_fwlc.h to haproxy/lb_fwlc{,-t}.h
|
|
- REORG: include: move lb_fwrr.h to haproxy/lb_fwrr{,-t}.h
|
|
- REORG: include: move listener.h to haproxy/listener{,-t}.h
|
|
- REORG: include: move pattern.h to haproxy/pattern{,-t}.h
|
|
- REORG: include: move map to haproxy/map{,-t}.h
|
|
- REORG: include: move payload.h to haproxy/payload.h
|
|
- REORG: include: move sample.h to haproxy/sample{,-t}.h
|
|
- REORG: include: move protocol_buffers.h to haproxy/protobuf{,-t}.h
|
|
- REORG: include: move vars.h to haproxy/vars{,-t}.h
|
|
- REORG: include: split global.h into haproxy/global{,-t}.h
|
|
- REORG: include: move task.h to haproxy/task{,-t}.h
|
|
- REORG: include: move proto_tcp.h to haproxy/proto_tcp.h
|
|
- REORG: include: move signal.h to haproxy/signal{,-t}.h
|
|
- REORG: include: move tcp_rules.h to haproxy/tcp_rules.h
|
|
- REORG: include: move connection.h to haproxy/connection{,-t}.h
|
|
- REORG: include: move checks.h to haproxy/check{,-t}.h
|
|
- REORG: include: move http_fetch.h to haproxy/http_fetch.h
|
|
- REORG: include: move peers.h to haproxy/peers{,-t}.h
|
|
- REORG: include: move stick_table.h to haproxy/stick_table{,-t}.h
|
|
- REORG: include: move session.h to haproxy/session{,-t}.h
|
|
- REORG: include: move trace.h to haproxy/trace{,-t}.h
|
|
- REORG: include: move acl.h to haproxy/acl.h{,-t}.h
|
|
- REORG: include: split common/uri_auth.h into haproxy/uri_auth{,-t}.h
|
|
- REORG: move applet.h to haproxy/applet{,-t}.h
|
|
- REORG: include: move stats.h to haproxy/stats{,-t}.h
|
|
- REORG: include: move cli.h to haproxy/cli{,-t}.h
|
|
- REORG: include: move lb_map.h to haproxy/lb_map{,-t}.h
|
|
- REORG: include: move ssl_sock.h to haproxy/ssl_sock{,-t}.h
|
|
- REORG: include: move stream_interface.h to haproxy/stream_interface{,-t}.h
|
|
- REORG: include: move channel.h to haproxy/channel{,-t}.h
|
|
- REORG: include: move http_ana.h to haproxy/http_ana{,-t}.h
|
|
- REORG: include: move filters.h to haproxy/filters{,-t}.h
|
|
- REORG: include: move fcgi-app.h to haproxy/fcgi-app{,-t}.h
|
|
- REORG: include: move log.h to haproxy/log{,-t}.h
|
|
- REORG: include: move proxy.h to haproxy/proxy{,-t}.h
|
|
- REORG: include: move spoe.h to haproxy/spoe{,-t}.h
|
|
- REORG: include: move backend.h to haproxy/backend{,-t}.h
|
|
- REORG: include: move queue.h to haproxy/queue{,-t}.h
|
|
- REORG: include: move server.h to haproxy/server{,-t}.h
|
|
- REORG: include: move stream.h to haproxy/stream{,-t}.h
|
|
- REORG: include: move cfgparse.h to haproxy/cfgparse.h
|
|
- CLEANUP: hpack: export debug functions and move inlines to .h
|
|
- REORG: check: move the e-mail alerting code to mailers.c
|
|
- REORG: check: move tcpchecks away from check.c
|
|
- REORG: check: move email_alert* from proxy-t.h to mailers-t.h
|
|
- REORG: check: extract the external checks from check.{c,h}
|
|
- CLEANUP: include: don't include stddef.h directly
|
|
- CLEANUP: include: don't include proxy-t.h in global-t.h
|
|
- CLEANUP: include: move sample_data out of sample-t.h
|
|
- REORG: include: move the error reporting functions to from log.h to errors.h
|
|
- BUILD: reorder objects in the Makefile for faster builds
|
|
- CLEANUP: compiler: add a THREAD_ALIGNED macro and use it where appropriate
|
|
- CLEANUP: include: make atomic.h part of the base API
|
|
- REORG: include: move MAX_THREADS to defaults.h
|
|
- REORG: include: move THREAD_LOCAL and __decl_thread() to compiler.h
|
|
- CLEANUP: include: tree-wide alphabetical sort of include files
|
|
- REORG: include: make list-t.h part of the base API
|
|
- REORG: dgram: rename proto_udp to dgram
|
|
|
|
2020/05/22 : 2.2-dev8
|
|
- MINOR: checks: Improve report of unexpected errors for expect rules
|
|
- MEDIUM: checks: Add matching on log-format string for expect rules
|
|
- DOC: Fix req.body and co documentation to be accurate
|
|
- MEDIUM: checks: Remove dedicated sample fetches and use response ones instead
|
|
- CLEANUP: checks: sort and rename tcpcheck_expect_type types
|
|
- MINOR: checks: Use dedicated actions to send log-format strings in send rules
|
|
- MINOR: checks: Simplify matching on HTTP headers in HTTP expect rules
|
|
- MINOR: checks/sample: Remove unnecessary tests on the sample session
|
|
- REGTEST: checks: Adapt SSL error message reported when connection is rejected
|
|
- MINOR: mworker: replace ha_alert by ha_warning when exiting successfuly
|
|
- MINOR: checks: Support log-format string to set the URI for HTTP send rules
|
|
- MINOR: checks: Support log-format string to set the body for HTTP send rules
|
|
- DOC: Be more explicit about configurable check ok/error/timeout status
|
|
- MINOR: checks: Make matching on HTTP headers for expect rules less obscure
|
|
- BUG/MEDIUM: lua: Fix dumping of stick table entries for STD_T_DICT
|
|
- BUG/MINOR: config: Make use_backend and use-server post-parsing less obscur
|
|
- REGTESTS: make the http-check-send test require version 2.2
|
|
- BUG/MINOR: http-ana: fix NTLM response parsing again
|
|
- BUG/MEDIUM: http_ana: make the detection of NTLM variants safer
|
|
- BUG/MINOR: cfgparse: Abort parsing the current line if an invalid \x sequence is encountered
|
|
- MINOR: cfgparse: Improve error message for invalid \x sequences
|
|
- CI: travis-ci: enable arm64 builds again
|
|
- MEDIUM: ssl: increase default-dh-param to 2048
|
|
- CI: travis-ci: skip pcre2 on arm64 build
|
|
- CI: travis-ci: extend the build time for SSL to 60 minutes
|
|
- CLEANUP: config: drop unused setting CONFIG_HAP_MEM_OPTIM
|
|
- CLEANUP: config: drop unused setting CONFIG_HAP_INLINE_FD_SET
|
|
- CLENAUP: config: move CONFIG_HAP_LOCKLESS_POOLS out of config.h
|
|
- CLEANUP: remove THREAD_LOCAL from config.h
|
|
- CI: travis-ci: upgrade LibreSSL versions
|
|
- DOC: assorted typo fixes in the documentation
|
|
- CI: extend spellchecker whitelist
|
|
- CLEANUP: assorted typo fixes in the code and comments
|
|
- MAJOR: contrib: porting spoa_server to support python3
|
|
- BUG/MEDIUM: checks: Subscribe to I/O events on an unfinished connect
|
|
- BUG/MINOR: checks: Don't subscribe to I/O events if it is already done
|
|
- BUG/MINOR: checks: Rely on next I/O oriented rule when waiting for a connection
|
|
- MINOR: checks: Don't try to send outgoing data if waiting to be able to send
|
|
- MINOR: sample: Move aes_gcm_dec implementation into sample.c
|
|
- MINOR: sample: Add digest and hmac converters
|
|
- BUG/MEDIUM: checks: Subscribe to I/O events only if a mux was installed
|
|
- BUG/MINOR: sample/ssl: Fix digest converter for openssl < 1.1.0
|
|
- BUG/MINOR: pools: use %u not %d to report pool stats in "show pools"
|
|
- BUG/MINOR: pollers: remove uneeded free in global init
|
|
- CLEANUP: select: enhance readability in init
|
|
- BUG/MINOR: soft-stop: always wake up waiting threads on stopping
|
|
- MINOR: soft-stop: let the first stopper only signal other threads
|
|
- BUILD: select: only declare existing local labels to appease clang
|
|
- BUG/MEDIUM: streams: Remove SF_ADDR_SET if we're retrying due to L7 retry.
|
|
- BUG/MEDIUM: stream: Only allow L7 retries when using HTTP.
|
|
- DOC: retry-on can only be used with mode http
|
|
- MEDIUM: ssl: allow to register callbacks for SSL/TLS protocol messages
|
|
- MEDIUM: ssl: split ssl_sock_msgcbk() and use a new callback mechanism
|
|
- MINOR: ssl: add a new function ssl_sock_get_ssl_object()
|
|
- MEDIUM: ssl: use ssl_sock_get_ssl_object() in fetchers where appropriate
|
|
- REORG: ssl: move macros and structure definitions to ssl_sock.h
|
|
- CLEANUP: ssl: remove the shsess_* macros
|
|
- REORG: move the crt-list structures in their own .h
|
|
- REORG: ssl: move the ckch structures to types/ssl_ckch.h
|
|
- CLEANUP: ssl: add ckch prototypes in proto/ssl_ckch.h
|
|
- REORG: ssl: move crtlist functions to src/ssl_crtlist.c
|
|
- CLEANUP: ssl: avoid circular dependencies in ssl_crtlist.h
|
|
- REORG: ssl: move the ckch_store related functions to src/ssl_ckch.c
|
|
- REORG: ssl: move ckch_inst functions to src/ssl_ckch.c
|
|
- REORG: ssl: move the crt-list CLI functions in src/ssl_crtlist.c
|
|
- REORG: ssl: move the CLI 'cert' functions to src/ssl_ckch.c
|
|
- REORG: ssl: move ssl configuration to cfgparse-ssl.c
|
|
- MINOR: ssl: remove static keyword in some SSL utility functions
|
|
- REORG: ssl: move ssl_sock_ctx and fix cross-dependencies issues
|
|
- REORG: ssl: move sample fetches to src/ssl_sample.c
|
|
- REORG: ssl: move utility functions to src/ssl_utils.c
|
|
- DOC: ssl: update MAINTAINERS file
|
|
- CI: travis-ci: switch arm64 builds to use openssl from distro
|
|
- MINOR: stats: Prepare for more accurate moving averages
|
|
- MINOR: stats: Expose native cum_req metric for a server
|
|
- MEDIUM: stats: Enable more accurate moving average calculation for stats
|
|
- BUILD: ssl: include buffer common headers for ssl_sock_ctx
|
|
- BUILD: ssl: include errno.h in ssl_crtlist.c
|
|
- CLEANUP: acl: remove unused assignment
|
|
- DOC/MINOR: halog: Add long help info for ic flag
|
|
- BUILD: ssl: fix build without OPENSSL_NO_ENGINE
|
|
- DOC: SPOE is no longer experimental
|
|
- BUG/MINOR: cache: Don't needlessly test "cache" keyword in parse_cache_flt()
|
|
- MINOR: config: Don't dump keywords if argument is NULL
|
|
- MEDIUM: checks: Make post-41 the default mode for mysql checks
|
|
- BUG/MINOR: logs: prevent double line returns in some events.
|
|
- MEDIUM: sink: build header in sink_write for log formats
|
|
- MEDIUM: logs: buffer targets now rely on new sink_write
|
|
- MEDIUM: sink: add global statement to create a new ring (sink buffer)
|
|
- MEDIUM: hpack: use a pool for the hpack table
|
|
- BUG/MAJOR: mux-fcgi: Stop sending loop if FCGI stream is blocked for any reason
|
|
- BUG/MEDIUM: ring: write-lock the ring while attaching/detaching
|
|
- MINOR: applet: adopt the wait list entry from the CLI
|
|
- MINOR: ring: make the applet code not depend on the CLI
|
|
- Revert "MEDIUM: sink: add global statement to create a new ring (sink buffer)"
|
|
- CI: travis-ci: fix libslz download URL
|
|
- MINOR: ssl: split config and runtime variable for ssl-{min,max}-ver
|
|
- CLEANUP: http_ana: Remove unused TXN flags
|
|
- BUG/MINOR: http-rules: Mark http return rules as final
|
|
- MINOR: http-htx: Add http_reply type based on what is used for http return rules
|
|
- CLEANUP: http-htx: Rename http_error structure into http_error_msg
|
|
- MINOR: http-rules: Use http_reply structure for http return rules
|
|
- MINOR: http-htx: Use a dedicated function to release http_reply objects
|
|
- MINOR: http-htx: Use a dedicated function to parse http reply arguments
|
|
- MINOR: http-htx: Use a dedicated function to check http reply validity
|
|
- MINOR: http-ana: Use a dedicated function to send a response from an http reply
|
|
- MEDIUM: http-rules: Rely on http reply for http deny/tarpit rules
|
|
- MINOR: http-htx: Store default error messages in a global http reply array
|
|
- MINOR: http-htx: Store messages of an http-errors section in a http reply array
|
|
- MINOR: http-htx: Store errorloc/errorfile messages in http replies
|
|
- MINOR: proxy: Add references on http replies for proxy error messages
|
|
- MINOR: http-htx: Use http reply from the http-errors section
|
|
- MINOR: http-ana: Use a TXN flag to prevent after-response ruleset evaluation
|
|
- MEDIUM: http-ana: Use http replies for HTTP error messages
|
|
- CLEANUP: http-htx: Remove unused storage of error messages in buffers
|
|
- MINOR: htx: Add a function to copy a buffer in an HTX message
|
|
- CLEANUP: channel: Remove channel_htx_copy_msg() function
|
|
- MINOR: http-ana: Add a function to write an http reply in an HTX message
|
|
- MINOR: http-htx/proxy: Add http-error directive using http return syntax
|
|
- DOC: Fix "errorfile" description in the configuration manual
|
|
- BUG/MINOR: checks: Respect check-ssl param when a port or an addr is specified
|
|
- BUILD: hpack: make sure the hpack table can still be built standalone
|
|
- CONTRIB: hpack: make use of the simplified standalone HPACK API
|
|
- MINOR: connection: add pp2-never-send-local to support old PP2 behavior
|
|
|
|
2020/05/05 : 2.2-dev7
|
|
- MINOR: version: Show uname output in display_version()
|
|
- CI: run weekly OpenSSL "no-deprecated" builds
|
|
- CLEANUP: log: fix comment of parse_logformat_string()
|
|
- DOC: Improve documentation on http-request set-src
|
|
- MINOR: ssl/cli: disallow SSL options for directory in 'add ssl crt-list'
|
|
- MINOR: ssl/cli: restrain certificate path when inserting into a directory
|
|
- MINOR: ssl: add ssl-skip-self-issued-ca global option
|
|
- BUG/MINOR: ssl: default settings for ssl server options are not used
|
|
- MINOR: config: add a global directive to set default SSL curves
|
|
- BUG/MEDIUM: http-ana: Handle NTLM messages correctly.
|
|
- DOC: internals: update the SSL architecture schema
|
|
- BUG/MINOR: tools: fix the i386 version of the div64_32 function
|
|
- BUG/MINOR: mux-fcgi/trace: fix wrong set of trace flags in fcgi_strm_add_eom()
|
|
- BUG/MINOR: http: make url_decode() optionally convert '+' to SP
|
|
- DOC: option logasap does not depend on mode
|
|
- MEDIUM: memory: make pool_gc() run under thread isolation
|
|
- MINOR: contrib: make the peers wireshark dissector a plugin
|
|
- BUG/MINOR: http-ana: Throw a 500 error if after-response ruleset fails on errors
|
|
- BUG/MINOR: check: Update server address and port to execute an external check
|
|
- MINOR: mini-clist: Add functions to iterate backward on a list
|
|
- MINOR: checks: Add a way to send custom headers and payload during http chekcs
|
|
- MINOR: server: respect warning and alert semantic
|
|
- BUG/MINOR: checks: Respect the no-check-ssl option
|
|
- BUG/MEDIUM: server/checks: Init server check during config validity check
|
|
- CLEANUP: checks: Don't export anymore init_check and srv_check_healthcheck_port
|
|
- BUG/MINOR: checks: chained expect will not properly wait for enough data
|
|
- BUG/MINOR: checks: Forbid tcp-check lines in default section as documented
|
|
- MINOR: checks: Use an enum to describe the tcp-check rule type
|
|
- MINOR: checks: Simplify connection flag parsing in tcp-check connect
|
|
- MEDIUM: checks: rewind to the first inverse expect rule of a chain on new data
|
|
- MINOR: checks: simplify tcp expect config parser
|
|
- MINOR: checks: add min-recv tcp-check expect option
|
|
- MINOR: checks: add linger option to tcp connect
|
|
- MINOR: checks: define a tcp expect type
|
|
- MEDIUM: checks: rewrite tcp-check expect block
|
|
- MINOR: checks: Stop xform buffers to null-terminated string for tcp-check rules
|
|
- MINOR: checks: add rbinary expect match type
|
|
- MINOR: checks: Simplify functions to get step id and comment
|
|
- MEDIUM: checks: capture groups in expect regexes
|
|
- MINOR: checks: Don't use a static tcp rule list head
|
|
- MEDIUM: checks: Use a non-comment rule iterator to get next rule
|
|
- MEDIUM: proxy/checks: Register a keyword to parse tcp-check rules
|
|
- MINOR: checks: Set the tcp-check rule index during parsing
|
|
- MINOR: checks: define tcp-check send type
|
|
- MINOR: checks: define a tcp-check connect type
|
|
- MEDIUM: checks: Add implicit tcp-check connect rule
|
|
- MAJOR: checks: Refactor and simplify the tcp-check loop
|
|
- MEDIUM: checks: Associate a session to each tcp-check healthcheck
|
|
- MINOR: checks/vars: Add a check scope for variables
|
|
- MEDIUM: checks: Parse custom action rules in tcp-checks
|
|
- MINOR: checks: Add support to set-var and unset-var rules in tcp-checks
|
|
- MINOR: checks: Add the sni option for tcp-check connect rules
|
|
- MINOR: checks: Add the via-socks4 option for tcp-check connect rules
|
|
- MINOR: checks: Add the alpn option for tcp-check connect rules
|
|
- MINOR: ssl: Export a generic function to parse an alpn string
|
|
- MINOR: checks: Add the default option for tcp-check connect rules
|
|
- MINOR: checks: Add the addr option for tcp-check connect rule
|
|
- MEDIUM: checks: Support expression to set the port
|
|
- MEDIUM: checks: Support log-format strings for tcp-check send rules
|
|
- MINOR: log: Don't depends on a stream to process samples in log-format string
|
|
- MINOR: log: Don't systematically set LW_REQ when a sample expr is added
|
|
- MEDIUM: checks: Add a shared list of tcp-check rules
|
|
- MINOR: sample: add htonl converter
|
|
- MINOR: sample: add cut_crlf converter
|
|
- MINOR: sample: add ltrim converter
|
|
- MINOR: sample: add rtrim converter
|
|
- MINOR: checks: Use a name for the healthcheck status enum
|
|
- MINOR: checks: Add option to tcp-check expect rules to customize error status
|
|
- MINOR: checks: Merge tcp-check comment rules with the others at config parsing
|
|
- MINOR: checks: Add a sample fetch to extract a block from the input check buffer
|
|
- MEDIUM: checks: Add on-error/on-success option on tcp-check expect rules
|
|
- MEDIUM: checks: Add status-code sample expression on tcp-check expect rules
|
|
- MINOR: checks: Relax the default option for tcp-check connect rules
|
|
- MEDIUM: checks: Add a list of vars to set before executing a tpc-check ruleset
|
|
- MINOR: checks: Export the tcpcheck_eval_ret enum
|
|
- MINOR: checks: Use dedicated function to handle onsuccess/onerror messages
|
|
- MINOR: checks: Support custom functions to eval a tcp-check expect rules
|
|
- MEDIUM: checks: Implement redis check using tcp-check rules
|
|
- MEDIUM: checks: Implement ssl-hello check using tcp-check rules
|
|
- MEDIUM: checks: Implement smtp check using tcp-check rules
|
|
- MEDIUM: checks: Implement postgres check using tcp-check rules
|
|
- MEDIUM: checks: Implement MySQL check using tcp-check rules
|
|
- MEDIUM: checks: Implement LDAP check using tcp-check rules
|
|
- MEDIUM: checks: Implement SPOP check using tcp-check rules
|
|
- MINOR: server/checks: Move parsing of agent keywords in checks.c
|
|
- MINOR: server/checks: Move parsing of server check keywords in checks.c
|
|
- MEDIUM: checks: Implement agent check using tcp-check rules
|
|
- REGTEST: Adapt regtests about checks to recent changes
|
|
- MINOR: Produce tcp-check info message for pure tcp-check rules only
|
|
- MINOR: checks: Add an option to set success status of tcp-check expect rules
|
|
- MINOR: checks: Improve log message of tcp-checks on success
|
|
- MINOR: proxy/checks: Move parsing of httpchk option in checks.c
|
|
- MINOR: proxy/checks: Move parsing of tcp-check option in checks.c
|
|
- MINOR: proxy/checks: Register a keyword to parse http-check rules
|
|
- MINOR: proxy/checks: Move parsing of external-check option in checks.c
|
|
- MINOR: proxy/checks: Register a keyword to parse external-check rules
|
|
- MEDIUM: checks: Use a shared ruleset to store tcp-check rules
|
|
- MINOR: checks: Use an indirect string to represent the expect matching string
|
|
- MINOR: checks: Introduce flags to configure in tcp-check expect rules
|
|
- MINOR: standard: Add my_memspn and my_memcspn
|
|
- MINOR: checks: Add a reverse non-comment rule iterator to get last rule
|
|
- MAJOR: checks: Implement HTTP check using tcp-check rules
|
|
- MINOR: checks: Make resume conditions more explicit in tcpcheck_main()
|
|
- MINOR: connection: Add macros to know if a conn or a cs uses an HTX mux
|
|
- MEDIUM: checks: Refactor how data are received in tcpcheck_main()
|
|
- MINOR: checks/obj_type: Add a new object type for checks
|
|
- BUG/MINOR: obj_type: Handle stream object in obj_base_ptr() function
|
|
- MINOR: checks: Use the check as origin when a session is created
|
|
- MINOR: checks: Add a mux proto to health-check and tcp-check connect rule
|
|
- MINOR: connection: Add a function to install a mux for a health-check
|
|
- MAJOR: checks: Use the best mux depending on the protocol for health checks
|
|
- MEDIUM: checks: Implement default TCP check using tcp-check rules
|
|
- MINOR: checks: Remove unused code about pure TCP checks
|
|
- CLEANUP: checks: Reorg checks.c file to be more readable
|
|
- REGTEST: Fix reg-tests about health-checks to adapt them to recent changes
|
|
- MINOR: ist: Add a function to retrieve the ist pointer
|
|
- MINOR: checks: Use ist API as far as possible
|
|
- BUG/MEDIUM: checks: Be sure to subscribe for sends if outgoing data remains
|
|
- MINOR: checks: Use a tree instead of a list to store tcp-check rulesets
|
|
- BUG/MINOR: checks: Send the right amount of outgoing data for HTTP checks
|
|
- REGTEST: Add scripts to test based tcp-check health-checks
|
|
- Revert "MEDIUM: checks: capture groups in expect regexes"
|
|
- DOC: Add documentation about comments for tcp-check and http-check directives
|
|
- DOC: Fix the tcp-check and http-check directives layout
|
|
- BUG/MEDIUM: checks: Use the mux protocol specified on the server line
|
|
- MINOR: checks: Support mux protocol definition for tcp and http health checks
|
|
- BUG/MINOR: mux-fcgi: Be sure to have a connection as session's origin to use it
|
|
- MINOR: checks: Support list of status codes on http-check expect rules
|
|
- BUG/MEDIUM: checks: Unsubscribe to mux events when a conn-stream is destroyed
|
|
- REGTEST: Add a script to validate agent checks
|
|
- BUG/MINOR: server: Fix server_finalize_init() to avoid unused variable
|
|
- BUG/MEDIUM: checks: unsubscribe for events on the old conn-stream on connect
|
|
- BUG/MINOR: checks: Only use ssl_sock_is_ssl() if compiled with SSL support
|
|
- BUG/MINOR: checks/server: use_ssl member must be signed
|
|
- BUG/MEDIUM: sessions: Always pass the mux context as argument to destroy a mux
|
|
- BUG/MEDIUM: checks: Destroy the conn-stream before the session
|
|
- BUG/MINOR: checks: Fix PostgreSQL regex on the authentication packet
|
|
- CI: cirrus-ci: remove reg-tests/checks/tcp-check-ssl.vtc on CentOS 6
|
|
- MINOR: checks: Support HTTP/2 version (without '.0') for http-check send rules
|
|
- MINOR: checks: Use ver keyword to specify the HTTP version for http checks
|
|
- BUG/MINOR: checks: Remove wrong variable redeclaration
|
|
- BUG/MINOR: checks: Properly handle truncated mysql server messages
|
|
- CLEANUP: checks: Remove unused code when ldap server message is parsed
|
|
- MINOR: checks: Make the use of the check's server more explicit on connect
|
|
- BUG/MINOR: checks: Avoid incompatible cast when a binary string is parsed
|
|
- BUG/MINOR: checks: Remove bad call to free() when an expect rule is parsed
|
|
- BUG/MINOR: checks: Don't lose warning on proxy capability
|
|
- MINOR: log: Add "Tu" timer
|
|
- BUG/MINOR: checks: Set the output buffer length before calling parse_binary()
|
|
- BUG/MEDIUM: mux-h1: make sure we always have a timeout on front connections
|
|
- REGTEST: ssl: test the client certificate authentication
|
|
- DOC: give a more accurate description of what check does
|
|
- BUG/MEDIUM: capture: capture-req/capture-res converters crash without a stream
|
|
- BUG/MEDIUM: capture: capture.{req,res}.* crash without a stream
|
|
- BUG/MEDIUM: http: the "http_first_req" sample fetch could crash without a steeam
|
|
- BUG/MEDIUM: http: the "unique-id" sample fetch could crash without a steeam
|
|
- CLEANUP: http: add a few comments on certain functions' assumptions about streams
|
|
- BUG/MEDIUM: sample: make the CPU and latency sample fetches check for a stream
|
|
- MINOR: http-htx: Export functions to update message authority and host
|
|
- MINOR: checks: Don't support multiple host header for http-check send rule
|
|
- MINOR: checks: Skip some headers for http-check send rules
|
|
- MINOR: checks: Keep the Host header and the request uri synchronized
|
|
- CLEANUP: checks: Fix checks includes
|
|
- DOC: Fix send rules in the http-check connect example
|
|
- DOC: Add more info about request formatting in http-check send description
|
|
- REGTEST: http-rules: Require PCRE or PCRE2 option to run map_redirect script
|
|
- REGTEST: ssl: remove curl from the "add ssl crt-list" test
|
|
- REGTEST: ssl: improve the "set ssl cert" test
|
|
- CLEANUP: ssl: silence a build warning when threads are disabled
|
|
- BUG/MEDIUM: listener: mark the thread as not stuck inside the loop
|
|
- MINOR: threads: export the POSIX thread ID in panic dumps
|
|
- BUG/MINOR: debug: properly use long long instead of long for the thread ID
|
|
- BUG/MEDIUM: shctx: really check the lock's value while waiting
|
|
- BUG/MEDIUM: shctx: bound the number of loops that can happen around the lock
|
|
- MINOR: stream: report the list of active filters on stream crashes
|
|
- BUG/MEDIUM: mux-fcgi: Return from detach if server don't keep the connection
|
|
- BUG/MEDIUM: mux_fcgi: Free the FCGI connection at the end of fcgi_release()
|
|
- BUG/MEDIUM: mux-fcgi: Fix wrong test on FCGI_CF_KEEP_CONN in fcgi_detach()
|
|
- BUG/MEDIUM: connections: force connections cleanup on server changes
|
|
- BUG/MEDIUM: h1: Don't compare host and authority if only h1 headers are parsed
|
|
- BUG/MEDIUM: ssl: fix the id length check within smp_fetch_ssl_fc_session_id()
|
|
- CLEANUP: connections: align function declaration
|
|
- BUG/MINOR: sample: Set the correct type when a binary is converted to a string
|
|
- MEDIUM: checks/http-fetch: Support htx prefetch from a check for HTTP samples
|
|
- DOC: Document the log-format parameter for tcp-check send/send-binary rules
|
|
- MINOR: checks: Add support of payload-based sample fetches
|
|
- MINOR: checks: Add support of be_id, be_name, srv_id and srv_name sample fetches
|
|
- MINOR: checks: Add support of server side ssl sample fetches
|
|
- MINOR: checks: Add support of HTTP response sample fetches
|
|
- MINOR: http-htx: Support different methods to look for header names
|
|
- MINOR: checks: Set by default expect rule status to UNKNOWN during parsing
|
|
- BUG/MINOR: checks: Support multiple HTTP expect rules
|
|
- REGTEST: checks: Fix sync condition for agent-check
|
|
- MEDIUM: checks: Support matching on headers for http-check expect rules
|
|
- MINOR: lua: allow changing port with set_addr
|
|
- BUG/MINOR: da: Fix HTX message prefetch
|
|
- BUG/MINOR: wurfl: Fix HTX message prefetch
|
|
- BUG/MINOR: 51d: Fix HTX message prefetch
|
|
- MINOR: ist: add istadv() function
|
|
- MINOR: ist: add istissame() function
|
|
- MINOR: istbuf: add ist2buf() function
|
|
- BUG/MINOR: threads: fix multiple use of argument inside HA_ATOMIC_CAS()
|
|
- BUG/MINOR: threads: fix multiple use of argument inside HA_ATOMIC_UPDATE_{MIN,MAX}()
|
|
- DOC: update intro.txt for 2.2
|
|
- DOC: intro: add a contacts section
|
|
|
|
2020/04/17 : 2.2-dev6
|
|
- BUG/MINOR: ssl: memory leak when find_chain is NULL
|
|
- CLEANUP: ssl: rename ssl_get_issuer_chain to ssl_get0_issuer_chain
|
|
- MINOR: ssl: rework add cert chain to CTX to be libssl independent
|
|
- BUG/MINOR: peers: init bind_proc to 1 if it wasn't initialized
|
|
- BUG/MINOR: peers: avoid an infinite loop with peers_fe is NULL
|
|
- BUG/MINOR: peers: Use after free of "peers" section.
|
|
- CI: github actions: add weekly h2spec test
|
|
- BUG/MEDIUM: mux_h1: Process a new request if we already received it.
|
|
- MINOR: build: Fix build in mux_h1
|
|
- CLEANUP: remove obsolete comments
|
|
- BUG/MEDIUM: dns: improper parsing of aditional records
|
|
- MINOR: ssl: skip self issued CA in cert chain for ssl_ctx
|
|
- MINOR: listener: add so_name sample fetch
|
|
- MEDIUM: stream: support use-server rules with dynamic names
|
|
- MINOR: servers: Add a counter for the number of currently used connections.
|
|
- MEDIUM: connections: Revamp the way idle connections are killed
|
|
- MINOR: cli: add a general purpose pointer in the CLI struct
|
|
- MINOR: ssl: add a list of bind_conf in struct crtlist
|
|
- REORG: ssl: move SETCERT enum to ssl_sock.h
|
|
- BUG/MINOR: ssl: ckch_inst wrongly inserted in crtlist_entry
|
|
- REORG: ssl: move some functions above crtlist_load_cert_dir()
|
|
- MINOR: ssl: use crtlist_free() upon error in directory loading
|
|
- MINOR: ssl: add a list of crtlist_entry in ckch_store
|
|
- MINOR: ssl: store a ptr to crtlist in crtlist_entry
|
|
- MINOR: ssl/cli: update pointer to store in 'commit ssl cert'
|
|
- MEDIUM: ssl/cli: 'add ssl crt-list' command
|
|
- REGTEST: ssl/cli: test the 'add ssl crt-list' command
|
|
- BUG/MINOR: ssl: entry->ckch_inst not initialized
|
|
- REGTEST: ssl/cli: change test type to devel
|
|
- REGTEST: make the PROXY TLV validation depend on version 2.2
|
|
- CLEANUP: assorted typo fixes in the code and comments
|
|
- BUG/MINOR: stats: Fix color of draining servers on stats page
|
|
- DOC: internals: Fix spelling errors in filters.txt
|
|
- MINOR: connections: Don't mark conn flags 0x00000001 and 0x00000002 as unused.
|
|
- REGTEST: make the unique-id test depend on version 2.0
|
|
- BUG/MEDIUM: dns: Consider the fact that dns answers are case-insensitive
|
|
- MINOR: ssl: split the line parsing of the crt-list
|
|
- MINOR: ssl/cli: support filters and options in add ssl crt-list
|
|
- MINOR: ssl: add a comment above the ssl_bind_conf keywords
|
|
- REGTEST: ssl/cli: tests options and filters w/ add ssl crt-list
|
|
- REGTEST: ssl: pollute the crt-list file
|
|
- BUG/CRITICAL: hpack: never index a header into the headroom after wrapping
|
|
- BUG/MINOR: protocol_buffer: Wrong maximum shifting.
|
|
- CLEANUP: src/fd.c: mask setsockopt with DISGUISE
|
|
- BUG/MINOR: ssl/cli: initialize fcount int crtlist_entry
|
|
- REGTEST: ssl/cli: add other cases of 'add ssl crt-list'
|
|
- CLEANUP: assorted typo fixes in the code and comments
|
|
- DOC: management: add the new crt-list CLI commands
|
|
- BUG/MINOR: ssl/cli: fix spaces in 'show ssl crt-list'
|
|
- MINOR: ssl/cli: 'del ssl crt-list' delete an entry
|
|
- MINOR: ssl/cli: replace dump/show ssl crt-list by '-n' option
|
|
- CI: use better SSL library definition
|
|
- CI: travis-ci: enable DEBUG_STRICT=1 for CI builds
|
|
- CI: travis-ci: upgrade openssl to 1.1.1f
|
|
- MINOR: ssl: improve the errors when a crt can't be open
|
|
- CI: cirrus-ci: rename openssl package after it is renamed in FreeBSD
|
|
- CI: adopt openssl download script to download all versions
|
|
- BUG/MINOR: ssl/cli: lock the ckch structures during crt-list delete
|
|
- MINOR: ssl/cli: improve error for bundle in add/del ssl crt-list
|
|
- MINOR: ssl/cli: 'del ssl cert' deletes a certificate
|
|
- BUG/MINOR: ssl: trailing slashes in directory names wrongly cached
|
|
- BUG/MINOR: ssl/cli: memory leak in 'set ssl cert'
|
|
- CLEANUP: ssl: use the refcount for the SSL_CTX'
|
|
- CLEANUP: ssl/cli: use the list of filters in the crtlist_entry
|
|
- BUG/MINOR: ssl: memleak of the struct cert_key_and_chain
|
|
- CLEANUP: ssl: remove a commentary in struct ckch_inst
|
|
- MINOR: ssl: initialize all list in ckch_inst_new()
|
|
- MINOR: ssl: free instances and SNIs with ckch_inst_free()
|
|
- MINOR: ssl: replace ckchs_free() by ckch_store_free()
|
|
- BUG/MEDIUM: ssl/cli: trying to access to free'd memory
|
|
- MINOR: ssl: ckch_store_new() alloc and init a ckch_store
|
|
- MINOR: ssl: crtlist_new() alloc and initialize a struct crtlist
|
|
- REORG: ssl: move some free/new functions
|
|
- MINOR: ssl: crtlist_entry_{new, free}
|
|
- BUG/MINOR: ssl: ssl_conf always set to NULL on crt-list parsing
|
|
- MINOR: ssl: don't alloc ssl_conf if no option found
|
|
- BUG/MINOR: connection: always send address-less LOCAL PROXY connections
|
|
- BUG/MINOR: peers: Incomplete peers sections should be validated.
|
|
- MINOR: init: report in "haproxy -c" whether there were warnings or not
|
|
- MINOR: init: add -dW and "zero-warning" to reject configs with warnings
|
|
- MINOR: init: report the compiler version in haproxy -vv
|
|
- CLEANUP: assorted typo fixes in the code and comments
|
|
- MINOR: init: report the haproxy version and executable path once on errors
|
|
- DOC: Make how "option redispatch" works more explicit
|
|
- BUILD: Makefile: add linux-musl to TARGET
|
|
- CLEANUP: assorted typo fixes in the code and comments
|
|
- CLEANUP: http: Fixed small typo in parse_http_return
|
|
- DOC: hashing: update link to hashing functions
|
|
|
|
2020/03/23 : 2.2-dev5
|
|
- CLEANUP: ssl: is_default is a bit in ckch_inst
|
|
- BUG/MINOR: ssl/cli: sni_ctx' mustn't always be used as filters
|
|
- DOC: ssl: clarify security implications of TLS tickets
|
|
- CLEANUP: remove support for Linux i686 vsyscalls
|
|
- CLEANUP: drop support for USE_MY_ACCEPT4
|
|
- CLEANUP: remove support for USE_MY_EPOLL
|
|
- CLEANUP: remove support for USE_MY_SPLICE
|
|
- CLEANUP: remove the now unused common/syscall.h
|
|
- BUILD: make dladdr1 depend on glibc version and not __USE_GNU
|
|
- BUILD: wdt: only test for SI_TKILL when compiled with thread support
|
|
- BUILD: Makefile: the compiler-specific flags should all be in SPEC_CFLAGS
|
|
- CLEANUP: ssl: separate the directory loading in a new function
|
|
- BUG/MINOR: buffers: MT_LIST_DEL_SAFE() expects the temporary pointer.
|
|
- BUG/MEDIUM: mt_lists: Make sure we set the deleted element to NULL;
|
|
- MINOR: init: move the maxsock calculation code to compute_ideal_maxsock()
|
|
- MEDIUM: init: always try to push the FD limit when maxconn is set from -m
|
|
- BUG/MAJOR: list: fix invalid element address calculation
|
|
- BUILD: stream-int: fix a few includes dependencies
|
|
- MINOR: mt_lists: Appease gcc.
|
|
- MINOR: lists: Implement function to convert list => mt_list and mt_list => list
|
|
- MINOR: servers: Kill priv_conns.
|
|
- MINOR: lists: fix indentation.
|
|
- BUG/MEDIUM: random: align the state on 2*64 bits for ARM64
|
|
- BUG/MEDIUM: connections: Don't assume the connection has a valid session.
|
|
- BUG/MEDIUM: pools: Always update free_list in pool_gc().
|
|
- BUG/MINOR: haproxy: always initialize sleeping_thread_mask
|
|
- BUG/MINOR: listener/mq: do not dispatch connections to remote threads when stopping
|
|
- BUG/MINOR: haproxy/threads: try to make all threads leave together
|
|
- Revert "BUILD: travis-ci: enable s390x builds"
|
|
- BUILD: travis-ci: enable regular s390x builds
|
|
- DOC: proxy_protocol: Reserve TLV type 0x05 as PP2_TYPE_UNIQUE_ID
|
|
- MINOR: proxy_protocol: Ingest PP2_TYPE_UNIQUE_ID on incoming connections
|
|
- MEDIUM: proxy_protocol: Support sending unique IDs using PPv2
|
|
- CLEANUP: connection: Add blank line after declarations in PP handling
|
|
- CLEANUP: assorted typo fixes in the code and comments
|
|
- CI: add spellcheck github action
|
|
- DOC: correct typo in alert message about rspirep
|
|
- CI: travis: switch linux builds to clang-9
|
|
- MINOR: debug: add a new DISGUISE() macro to pass a value as identity
|
|
- MINOR: debug: consume the write() result in BUG_ON() to silence a warning
|
|
- MINOR: use DISGUISE() everywhere we deliberately want to ignore a result
|
|
- BUILD: pools: silence build warnings with DEBUG_MEMORY_POOLS and DEBUG_UAF
|
|
- CLEANUP: connection: Stop directly setting an ist's .ptr
|
|
- CI: travis: revert to clang-7 for BoringSSL tests
|
|
- BUILD: on ARM, must be linked to libatomic.
|
|
- BUILD: makefile: fix regex syntax in ARM platform detection
|
|
- BUG/MEDIUM: peers: resync ended with RESYNC_PARTIAL in wrong cases.
|
|
- REORG: ssl: move ssl_sock_load_cert()
|
|
- MINOR: ssl: pass ckch_inst to ssl_sock_load_ckchs()
|
|
- MEDIUM: ssl: allow crt-list caching
|
|
- MINOR: ssl: directories are loaded like crt-list
|
|
- BUG/MINOR: ssl: can't open directories anymore
|
|
- BUG/MEDIUM: spoe: dup agent's engine_id string from trash.area
|
|
- MINOR: fd: Use a separate lock for logs instead of abusing the fd lock.
|
|
- MINOR: mux_pt: Don't try to remove the connection from the idle list.
|
|
- MINOR: ssl/cli: show/dump ssl crt-list
|
|
- BUG/MINOR: ssl/cli: free the trash chunk in dump_crtlist
|
|
- MEDIUM: fd: Introduce a running mask, and use it instead of the spinlock.
|
|
- BUG/MINOR: ssl: memory leak in crtlist_parse_file()
|
|
- MINOR: tasks: Provide the tasklet to the callback.
|
|
- BUG/MINOR: ssl: memleak of struct crtlist_entry
|
|
- BUG/MINOR: pattern: Do not pass len = 0 to calloc()
|
|
- BUILD: makefile: fix expression again to detect ARM platform
|
|
- CI: travis: re-enable ASAN on clang
|
|
- CI: travis: proper group output redirection together with travis_wait
|
|
- DOC: assorted typo fixes in the documentation
|
|
- MINOR: wdt: Move the definitions of WDTSIG and DEBUGSIG into types/signal.h.
|
|
- BUG/MEDIUM: wdt: Don't ignore WDTSIG and DEBUGSIG in __signal_process_queue().
|
|
- MINOR: memory: Change the flush_lock to a spinlock, and don't get it in alloc.
|
|
- MINOR: ssl/cli: 'new ssl cert' command
|
|
- MINOR: ssl/cli: show certificate status in 'show ssl cert'
|
|
- MEDIUM: sessions: Don't be responsible for connections anymore.
|
|
- MEDIUM: servers: Split the connections into idle, safe, and available.
|
|
- MINOR: fd: Implement fd_takeover().
|
|
- MINOR: connections: Add a new mux method, "takeover".
|
|
- MINOR: connections: Make the "list" element a struct mt_list instead of list.
|
|
- MINOR: connections: Add a flag to know if we're in the safe or idle list.
|
|
- MEDIUM: connections: Attempt to get idle connections from other threads.
|
|
- MEDIUM: mux_h1: Implement the takeover() method.
|
|
- MEDIUM: mux_h2: Implement the takeover() method.
|
|
- MEDIUM: mux_fcgi: Implement the takeover() method.
|
|
- MEDIUM: connections: Kill connections even if we are reusing one.
|
|
- BUG/MEDIUM: connections: Don't forget to decrement idle connection counters.
|
|
- BUG/MINOR: ssl: Do not free garbage pointers on memory allocation failure
|
|
- BUG/MINOR: ssl: Correctly add the 1 for the sentinel to the number of elements
|
|
- BUG/MINOR: ssl: crtlist_dup_filters() must return NULL with fcount == 0
|
|
- BUG/MEDIUM: build: Fix compilation by spelling decl correctly.
|
|
- BUILD/MEDIUM: fd: Declare fd_mig_lock as extern.
|
|
- CI: run travis-ci builds on push only, skip pull requests
|
|
- CI: temporarily disable unstable travis arm64 builds
|
|
- BUG/MINOR: ssl/cli: free BIO upon error in 'show ssl cert'
|
|
- BUG/MINOR: connections: Make sure we free the connection on failure.
|
|
- BUG/MINOR: ssl/cli: fix a potential NULL dereference
|
|
- BUG/MEDIUM: h1: Make sure we subscribe before going into idle list.
|
|
- BUG/MINOR: connections: Set idle_time before adding to idle list.
|
|
- MINOR: muxes: Note that we can't usee a connection when added to the srv idle.
|
|
- REGTEST: increase timeouts on the seamless-reload test
|
|
- BUG/MINOR: haproxy/threads: close a possible race in soft-stop detection
|
|
- CLEANUP: haproxy/threads: don't check global_tasks_mask twice
|
|
|
|
2020/03/09 : 2.2-dev4
|
|
- MEDIUM: buffer: remove the buffer_wq lock
|
|
- MINOR: ssl: move find certificate chain code to its own function
|
|
- MINOR: ssl: resolve issuers chain later
|
|
- MINOR: ssl: resolve ocsp_issuer later
|
|
- MINOR: ssl/cli: "show ssl cert" command should print the "Chain Filename:"
|
|
- BUG/MINOR: h2: reject again empty :path pseudo-headers
|
|
- MINOR: wdt: always clear sigev_value to make valgrind happy
|
|
- MINOR: epoll: always initialize all of epoll_event to please valgrind
|
|
- BUG/MINOR: sample: Make sure to return stable IDs in the unique-id fetch
|
|
- BUG/MEDIUM: ssl: chain must be initialized with sk_X509_new_null()
|
|
- BUILD: cirrus-ci: suppress OS version check when installing packages
|
|
- BUG/MINOR: http_ana: make sure redirect flags don't have overlapping bits
|
|
- CLEANUP: fd: remove the FD_EV_STATUS aggregate
|
|
- CLEANUP: fd: remove some unneeded definitions of FD_EV_* flags
|
|
- MINOR: fd: merge the read and write error bits into RW error
|
|
- BUG/MINOR: dns: ignore trailing dot
|
|
- MINOR: contrib/prometheus-exporter: Add the last heathcheck duration metric
|
|
- BUG/MINOR: http-htx: Do case-insensive comparisons on Host header name
|
|
- MINOR: mux-h1: Remove useless case-insensitive comparisons
|
|
- MINOR: rawsock: always mark the FD not ready when we're certain it happens
|
|
- MEDIUM: connection: make the subscribe() call able to wakeup if ready
|
|
- MEDIUM: connection: don't stop receiving events in the FD handler
|
|
- MEDIUM: mux-h1: do not blindly wake up the tasklet at end of request anymore
|
|
- BUG/MINOR: arg: don't reject missing optional args
|
|
- MINOR: tools: make sure to correctly check the returned 'ms' in date2std_log
|
|
- MINOR: debug: report the task handler's pointer relative to main
|
|
- BUG/MEDIUM: debug: make the debug_handler check for the thread in threads_to_dump
|
|
- MINOR: haproxy: export main to ease access from debugger
|
|
- MINOR: haproxy: export run_poll_loop
|
|
- MINOR: task: export run_tasks_from_list
|
|
- BUILD: tools: remove obsolete and conflicting trace() from standard.c
|
|
- MINOR: tools: add new function dump_addr_and_bytes()
|
|
- MINOR: tools: add resolve_sym_name() to resolve function pointers
|
|
- MINOR: debug: use resolve_sym_name() to dump task handlers
|
|
- MINOR: cli: make "show fd" rely on resolve_sym_name()
|
|
- MEDIUM: debug: add support for dumping backtraces of stuck threads
|
|
- MINOR: debug: call backtrace() once upon startup
|
|
- MINOR: ssl: add "ca-verify-file" directive
|
|
- BUG/MINOR: wdt: do not return an error when the watchdog couldn't be enabled
|
|
- BUILD: Makefile: include librt before libpthread
|
|
- MEDIUM: wdt: fall back to CLOCK_REALTIME if CLOCK_THREAD_CPUTIME is not available
|
|
- MINOR: wdt: do not depend on USE_THREAD
|
|
- MINOR: debug: report the number of entries in the backtrace
|
|
- MINOR: debug: improve backtrace() on aarch64 and possibly other systems
|
|
- MINOR: debug: use our own backtrace function on clang+x86_64
|
|
- MINOR: debug: dump the whole trace if we can't spot the starting point
|
|
- BUILD: tools: unbreak resolve_sym_name() on non-GNU platforms
|
|
- BUILD: tools: rely on __ELF__ not USE_DL to enable use of dladdr()
|
|
- CLEANUP: contrib/spoa_example: Fix several typos
|
|
- BUILD: makefile: do not modify the build options during make reg-tests
|
|
- BUG/MEDIUM: connection: stop polling for sending when the event is ready
|
|
- MEDIUM: stream-int: make sure to try to immediately validate the connection
|
|
- MINOR: tcp/uxst/sockpair: only ask for I/O when really waiting for a connect()
|
|
- MEDIUM: connection: only call ->wake() for connect() without I/O
|
|
- OPTIM: connection: disable receiving on disabled events when the run queue is too high
|
|
- OPTIM: mux-h1: subscribe rather than waking up at a few other places
|
|
- REGTEST: Add unique-id reg-test
|
|
- MINOR: stream: Add stream_generate_unique_id function
|
|
- MINOR: stream: Use stream_generate_unique_id
|
|
- BUG/MINOR: connection/debug: do not enforce !event_type on subscribe() anymore
|
|
- MINOR: ssl/cli: support crt-list filters
|
|
- MINOR: ssl: reach a ckch_store from a sni_ctx
|
|
- DOC: fix incorrect indentation of http_auth_*
|
|
- BUG/MINOR: ssl-sock: do not return an uninitialized pointer in ckch_inst_sni_ctx_to_sni_filters
|
|
- MINOR: debug: add CLI command "debug dev write" to write an arbitrary size
|
|
- MINOR: ist: Add `IST_NULL` macro
|
|
- MINOR: ist: Add `int isttest(const struct ist)`
|
|
- MINOR: ist: Add `struct ist istalloc(size_t)` and `void istfree(struct ist*)`
|
|
- CLEANUP: Use `isttest()` and `istfree()`
|
|
- MINOR: ist: Add `struct ist istdup(const struct ist)`
|
|
- MINOR: proxy: Make `header_unique_id` a `struct ist`
|
|
- MEDIUM: stream: Make the `unique_id` member of `struct stream` a `struct ist`
|
|
- OPTIM: startup: fast unique_id allocation for acl.
|
|
- DOC: configuration.txt: fix various typos
|
|
- DOC: assorted typo fixes in the documentation and Makefile
|
|
- BUG/MINOR: init: make the automatic maxconn consider the max of soft/hard limits
|
|
- BUG/MAJOR: proxy_protocol: Properly validate TLV lengths
|
|
- CLEANUP: proxy_protocol: Use `size_t` when parsing TLVs
|
|
- MINOR: buf: Add function to insert a string at an absolute offset in a buffer
|
|
- MINOR: htx: Add a function to return a block at a specific offset
|
|
- MINOR: htx: Use htx_find_offset() to truncate an HTX message
|
|
- MINOR: flt_trace: Use htx_find_offset() to get the available payload length
|
|
- BUG/MINOR: filters: Use filter offset to decude the amount of forwarded data
|
|
- BUG/MINOR: filters: Forward everything if no data filters are called
|
|
- BUG/MEDIUM: cache/filters: Fix loop on HTX blocks caching the response payload
|
|
- BUG/MEDIUM: compression/filters: Fix loop on HTX blocks compressing the payload
|
|
- BUG/MINOR: http-ana: Reset request analysers on a response side error
|
|
- BUG/MINOR: lua: Abort when txn:done() is called from a Lua action
|
|
- BUG/MINOR: lua: Ignore the reserve to know if a channel is full or not
|
|
- MINOR: lua: Add function to know if a channel is a response one
|
|
- MINOR: lua: Stop using the lua txn in hlua_http_get_headers()
|
|
- MINOR: lua: Stop using the lua txn in hlua_http_rep_hdr()
|
|
- MINOR: lua: Stop using lua txn in hlua_http_del_hdr() and hlua_http_add_hdr()
|
|
- MINOR: lua: Remove the flag HLUA_TXN_HTTP_RDY
|
|
- MINOR: lua: Rename hlua_action_wake_time() to hlua_set_wake_time()
|
|
- BUG/MINOR: lua: Init the lua wake_time value before calling a lua function
|
|
- BUG/MINOR: http-rules: Return ACT_RET_ABRT to abort a transaction
|
|
- BUG/MINOR: http-rules: Preserve FLT_END analyzers on reject action
|
|
- BUG/MINOR: http-rules: Fix a typo in the reject action function
|
|
- MINOR: cache/filters: Initialize the cache filter when stream is created
|
|
- MINOR: compression/filters: Initialize the comp filter when stream is created
|
|
- BUG/MINOR: rules: Preserve FLT_END analyzers on silent-drop action
|
|
- BUG/MINOR: rules: Return ACT_RET_ABRT when a silent-drop action is executed
|
|
- BUG/MINOR: rules: Increment be_counters if backend is assigned for a silent-drop
|
|
- BUG/MINOR: http-rules: Abort transaction when a redirect is applied on response
|
|
- BUILD: buffer: types/{ring.h,checks.h} should include buf.h, not buffer.h
|
|
- BUILD: ssl: include mini-clist.h
|
|
- BUILD: global: must not include common/standard.h but only types/freq_ctr.h
|
|
- BUILD: freq_ctr: proto/freq_ctr needs to include common/standard.h
|
|
- BUILD: listener: types/listener.h must not include standard.h
|
|
- BUG/MEDIUM: random: initialize the random pool a bit better
|
|
- BUG/MEDIUM: random: implement per-thread and per-process random sequences
|
|
- Revert "BUG/MEDIUM: random: implement per-thread and per-process random sequences"
|
|
- BUILD: cirrus-ci: get rid of unstable freebsd images
|
|
- MINOR: tools: add 64-bit rotate operators
|
|
- BUG/MEDIUM: random: implement a thread-safe and process-safe PRNG
|
|
- MINOR: backend: use a single call to ha_random32() for the random LB algo
|
|
- BUG/MINOR: checks/threads: use ha_random() and not rand()
|
|
- MINOR: sample: make all bits random on the rand() sample fetch
|
|
- MINOR: tools: add a generic function to generate UUIDs
|
|
- DOC: fix typo about no-tls-tickets
|
|
- DOC: improve description of no-tls-tickets
|
|
- DOC: assorted typo fixes in the documentation
|
|
- CLEANUP: remove unused code in 'my_ffsl/my_flsl' functions
|
|
|
|
2020/02/25 : 2.2-dev3
|
|
- SCRIPTS: announce-release: place the send command in the mail's header
|
|
- SCRIPTS: announce-release: allow the user to force to overwrite old files
|
|
- SCRIPTS: backport: fix the master branch detection
|
|
- BUG/MINOR: http-act: Set stream error flag before returning an error
|
|
- BUG/MINOR: http-act: Fix bugs on error path during parsing of return actions
|
|
- BUG/MEDIUM: ssl/cli: 'commit ssl cert' wrong SSL_CTX init
|
|
- BUG/MEDIUM: tcp-rules: Fix track-sc* actions for L4/L5 TCP rules
|
|
- DOC: schematic of the SSL certificates architecture
|
|
- BUG/MAJOR: mux-h2: don't wake streams after connection was destroyed
|
|
- BUG/MINOR: unix: better catch situations where the unix socket path length is close to the limit
|
|
- BUILD: cirrus-ci: switch to "snap" images to unify openssl naming
|
|
- BUILD: cirrus-ci: workaround "pkg install" bug
|
|
- BUILD: cirrus-ci: add ERR=1 to freebsd builds
|
|
- BUG/MINOR: connection: correctly retry I/O on signals
|
|
- CLEANUP: mini-clist: simplify nested do { while(1) {} } while (0)
|
|
- BUILD: http_act: cast file sizes when reporting file size error
|
|
- BUG/MEDIUM: listener: only consider running threads when resuming listeners
|
|
- BUG/MINOR: listener: enforce all_threads_mask on bind_thread on init
|
|
- BUG/MINOR: tcp: avoid closing fd when socket failed in tcp_bind_listener
|
|
- MINOR: build: add aix72-gcc build TARGET and power{8,9} CPUs
|
|
- BUILD: travis-ci: no more allowed failures for openssl-1.0.2
|
|
- BUILD: travis-ci: harden builds, add ERR=1 (warning ought to be errors)
|
|
- BUILD: scripts/build-ssl.sh: use "uname" instead of ${TRAVIS_OS_NAME}
|
|
- BUG/MINOR: tcp: don't try to set defaultmss when value is negative
|
|
- SCRIPTS: make announce-release executable again
|
|
- BUG/MINOR: namespace: avoid closing fd when socket failed in my_socketat
|
|
- BUG/MEDIUM: muxes: Use the right argument when calling the destroy method.
|
|
- BUG/MINOR: mux-fcgi: Forbid special characters when matching PATH_INFO param
|
|
- CLEANUP: ssl: remove unused functions in openssl-compat.h
|
|
- MINOR: mux-fcgi: Make the capture of the path-info optional in pathinfo regex
|
|
- MINOR: tools: add is_idchar() to tell if a char may belong to an identifier
|
|
- MINOR: chunk: implement chunk_strncpy() to copy partial strings
|
|
- MINOR: sample/acl: use is_idchar() to locate the fetch/conv name
|
|
- MEDIUM: arg: make make_arg_list() stop after its own arguments
|
|
- MEDIUM: arg: copy parsed arguments into the trash instead of allocating them
|
|
- MEDIUM: arg: make make_arg_list() support quotes in arguments
|
|
- MINOR: sample: make sample_parse_expr() able to return an end pointer
|
|
- MEDIUM: log-format: make the LF parser aware of sample expressions' end
|
|
- BUG/MINOR: arg: report an error if an argument is larger than bufsize
|
|
- SCRIPTS: announce-release: use mutt -H instead of -i to include the draft
|
|
- BUILD: enable ERR=1 in github cygwin builds
|
|
- BUG/MINOR: arg: fix again incorrect argument length check
|
|
- MINOR: sample: regsub now supports backreferences
|
|
- BUG/MINOR: tools: also accept '+' as a valid character in an identifier
|
|
- MINOR: http-htx: Add a function to retrieve the headers size of an HTX message
|
|
- MINOR: filters: Forward data only if the last filter forwards something
|
|
- BUG/MINOR: filters: Count HTTP headers as filtered data but don't forward them
|
|
- BUG/MINOR: http-htx: Don't return error if authority is updated without changes
|
|
- BUG/MINOR: stream: Don't incr frontend cum_req counter when stream is closed
|
|
- BUG/MINOR: sample: exit regsub() in case of trash allocation error
|
|
- MINOR: ssl: add "issuers-chain-path" directive.
|
|
- REGTESTS: use "command -v" instead of "which"
|
|
- BUG/MINOR: http-ana: Matching on monitor-uri should be case-sensitive
|
|
- MINOR: http-ana: Match on the path if the monitor-uri starts by a /
|
|
- BUG/MINOR: ssl: Stop passing dynamic strings as format arguments
|
|
- BUG/MAJOR: http-ana: Always abort the request when a tarpit is triggered
|
|
- BUG/MINOR: mux: do not call conn_xprt_stop_recv() on buffer shortage
|
|
- MINOR: checks: do not call conn_xprt_stop_send() anymore
|
|
- CLEANUP: epoll: place the struct epoll_event in the stack
|
|
- MEDIUM: connection: remove the intermediary polling state from the connection
|
|
- MINOR: raw_sock: directly call fd_stop_send() and not conn_xprt_stop_send()
|
|
- MINOR: tcp/uxst/sockpair: use fd_want_send() instead of conn_xprt_want_send()
|
|
- MINOR: connection: remove the last calls to conn_xprt_{want,stop}_*
|
|
- CLEANUP: connection: remove the definitions of conn_xprt_{stop,want}_{send,recv}
|
|
- MINOR: connection: introduce a new receive flag: CO_RFL_READ_ONCE
|
|
- MINOR: mux-h1: pass CO_RFL_READ_ONCE to the lower layers when relevant
|
|
- MINOR: ist: add an iststop() function
|
|
- BUG/MINOR: http: http-request replace-path duplicates the query string
|
|
- CLEANUP: sample: use iststop instead of a for loop
|
|
- BUG/MEDIUM: shctx: make sure to keep all blocks aligned
|
|
- MINOR: compiler: move CPU capabilities definition from config.h and complete them
|
|
- BUG/MEDIUM: ebtree: don't set attribute packed without unaligned access support
|
|
- CLEANUP: http/h1: rely on HA_UNALIGNED_LE instead of checking for CPU families
|
|
- BUILD: fix recent build failure on unaligned archs
|
|
- MINOR: ssl: load the key from a dedicated file
|
|
- BUG/MINOR: ssl: load .key in a directory only after PEM
|
|
- MINOR: compiler: drop special cases of likely/unlikely for older compilers
|
|
- CLEANUP: conn: Do not pass a pointer to likely
|
|
- CLEANUP: net_helper: Do not negate the result of unlikely
|
|
- BUILD: remove obsolete support for -mregparm / USE_REGPARM
|
|
- CLEANUP: cfgparse: Fix type of second calloc() parameter
|
|
- BUILD: ssl: only pass unsigned chars to isspace()
|
|
- BUILD: general: always pass unsigned chars to is* functions
|
|
- BUG/MINOR: sample: fix the json converter's endian-sensitivity
|
|
- BUG/MEDIUM: ssl: fix several bad pointer aliases in a few sample fetch functions
|
|
- CLEANUP: fd: use a union in fd_rm_from_fd_list() to shut aliasing warnings
|
|
- CLEANUP: cache: use read_u32/write_u32 to access the cache entry's hash
|
|
- CLEANUP: stick-tables: use read_u32() to display a node's key
|
|
- CLEANUP: sample: use read_u64() in ipmask() to apply an IPv6 mask
|
|
- MINOR: pattern: fix all remaining strict aliasing issues
|
|
- CLEANUP: lua: fix aliasing issues in the address matching code
|
|
- CLEANUP: connection: use read_u32() instead of a cast in the netscaler parser
|
|
- BUILD: makefile: re-enable strict aliasing
|
|
- BUG/MINOR: connection: make sure to correctly tag local PROXY connections
|
|
- MINOR: compiler: add new alignment macros
|
|
- BUILD: ebtree: improve architecture-specific alignment
|
|
- MINOR: config: mark global.debug as deprecated
|
|
- BUILD: travis-ci: enable s390x builds
|
|
- MINOR: ssl/cli: 'show ssl cert' displays the chain
|
|
- MINOR: ssl/cli: 'show ssl cert'displays the issuer in the chain
|
|
- MINOR: ssl/cli: reorder 'show ssl cert' output
|
|
- CLEANUP: ssl: move issuer_chain tree and definition
|
|
- DOC: proxy-protocol: clarify IPv6 address representation in the spec
|
|
|
|
2020/02/07 : 2.2-dev2
|
|
- BUILD: CI: temporarily mark openssl-1.0.2 as allowed failure
|
|
- MEDIUM: cli: Allow multiple filter entries for "show table"
|
|
- BUG/MEDIUM: netscaler: Don't forget to allocate storage for conn->src/dst.
|
|
- BUG/MINOR: ssl: ssl_sock_load_pem_into_ckch is not consistent
|
|
- BUILD: stick-table: fix build errors introduced by last stick-table change
|
|
- BUG/MINOR: cli: Missing arg offset for filter data values.
|
|
- MEDIUM: streams: Always create a conn_stream in connect_server().
|
|
- MEDIUM: connections: Get ride of the xprt_done callback.
|
|
- CLEANUP: changelog: remove the duplicate entry for 2.2-dev1
|
|
- BUILD: CI: move cygwin builds to Github Actions
|
|
- MINOR: cli: Report location of errors or any extra data for "show table"
|
|
- BUG/MINOR: ssl/cli: free the previous ckch content once a PEM is loaded
|
|
- CLEANUP: backend: remove useless test for inexistent connection
|
|
- CLEANUP: backend: shut another false null-deref in back_handle_st_con()
|
|
- CLEANUP: stats: shut up a wrong null-deref warning from gcc 9.2
|
|
- BUG/MINOR: ssl: increment issuer refcount if in chain
|
|
- BUG/MINOR: ssl: memory leak w/ the ocsp_issuer
|
|
- BUG/MINOR: ssl: typo in previous patch
|
|
- BUG/MEDIUM: connections: Set CO_FL_CONNECTED in conn_complete_session().
|
|
- BUG/MINOR: ssl/cli: ocsp_issuer must be set w/ "set ssl cert"
|
|
- MEDIUM: connection: remove CO_FL_CONNECTED and only rely on CO_FL_WAIT_*
|
|
- BUG/MEDIUM: 0rtt: Only consider the SSL handshake.
|
|
- MINOR: stream-int: always report received shutdowns
|
|
- MINOR: connection: remove CO_FL_SSL_WAIT_HS from CO_FL_HANDSHAKE
|
|
- MEDIUM: connection: use CO_FL_WAIT_XPRT more consistently than L4/L6/HANDSHAKE
|
|
- MINOR: connection: remove checks for CO_FL_HANDSHAKE before I/O
|
|
- MINOR: connection: do not check for CO_FL_SOCK_RD_SH too early
|
|
- MINOR: connection: don't check for CO_FL_SOCK_WR_SH too early in handshakes
|
|
- MINOR: raw-sock: always check for CO_FL_SOCK_WR_SH before sending
|
|
- MINOR: connection: remove some unneeded checks for CO_FL_SOCK_WR_SH
|
|
- BUG/MINOR: stktable: report the current proxy name in error messages
|
|
- BUG/MEDIUM: mux-h2: make sure we don't emit TE headers with anything but "trailers"
|
|
- MINOR: lua: Add hlua_prepend_path function
|
|
- MINOR: lua: Add lua-prepend-path configuration option
|
|
- MINOR: lua: Add HLUA_PREPEND_C?PATH build option
|
|
- BUILD: cfgparse: silence a bogus gcc warning on 32-bit machines
|
|
- BUG/MINOR: http-ana: Increment the backend counters on the backend
|
|
- BUG/MINOR: stream: Be sure to have a listener to increment its counters
|
|
- BUG/MEDIUM: streams: Move the conn_stream allocation outside #IF USE_OPENSSL.
|
|
- REGTESTS: make the set_ssl_cert test require version 2.2
|
|
- BUG/MINOR: ssl: Possible memleak when allowing the 0RTT data buffer.
|
|
- MINOR: ssl: Remove dead code.
|
|
- BUG/MEDIUM: ssl: Don't forget to free ctx->ssl on failure.
|
|
- BUG/MEDIUM: stream: Don't install the mux in back_handle_st_con().
|
|
- MEDIUM: streams: Don't close the connection in back_handle_st_con().
|
|
- MEDIUM: streams: Don't close the connection in back_handle_st_rdy().
|
|
- BUILD: CI: disable slow regtests on Travis
|
|
- BUG/MINOR: tcpchecks: fix the connect() flags regarding delayed ack
|
|
- BUG/MINOR: http-rules: Always init log-format expr for common HTTP actions
|
|
- BUG/MINOR: connection: fix ip6 dst_port copy in make_proxy_line_v2
|
|
- BUG/MINOR: dns: allow 63 char in hostname
|
|
- MINOR: proxy: clarify number of connections log when stopping
|
|
- DOC: word converter ignores delimiters at the start or end of input string
|
|
- MEDIUM: raw-sock: remove obsolete calls to fd_{cant,cond,done}_{send,recv}
|
|
- BUG/MINOR: ssl/cli: fix unused variable with openssl < 1.0.2
|
|
- MEDIUM: pipe/thread: reduce the locking overhead
|
|
- MEDIUM: pipe/thread: maintain a per-thread local cache of recently used pipes
|
|
- BUG/MEDIUM: pipe/thread: fix atomicity of pipe counters
|
|
- MINOR: tasks: move the list walking code to its own function
|
|
- MEDIUM: tasks: implement 3 different tasklet classes with their own queues
|
|
- MEDIUM: tasks: automatically requeue into the bulk queue an already running tasklet
|
|
- OPTIM: task: refine task classes default CPU bandwidth ratios
|
|
- BUG/MEDIUM: connections: Don't forget to unlock when killing a connection.
|
|
- MINOR: task: permanently flag tasklets waking themselves up
|
|
- MINOR: task: make sched->current also reflect tasklets
|
|
- MINOR: task: detect self-wakeups on tl==sched->current instead of TASK_RUNNING
|
|
- OPTIM: task: readjust CPU bandwidth distribution since last update
|
|
- MINOR: task: don't set TASK_RUNNING on tasklets
|
|
- BUG/MEDIUM: memory_pool: Update the seq number in pool_flush().
|
|
- MINOR: memory: Only init the pool spinlock once.
|
|
- BUG/MEDIUM: memory: Add a rwlock before freeing memory.
|
|
- BUG/MAJOR: memory: Don't forget to unlock the rwlock if the pool is empty.
|
|
- MINOR: ssl: ssl-load-extra-files configure loading of files
|
|
- SCRIPTS: add a new "backport" script to simplify long series of backports
|
|
- BUG/MINOR: ssl: we may only ignore the first 64 errors
|
|
- SCRIPTS: use /usr/bin/env bash instead of /bin/bash for scripts
|
|
- BUG/MINOR: ssl: clear the SSL errors on DH loading failure
|
|
- CLEANUP: hpack: remove a redundant test in the decoder
|
|
- CLEANUP: peers: Remove unused static function `free_dcache`
|
|
- CLEANUP: peers: Remove unused static function `free_dcache_tx`
|
|
- CONTRIB: debug: add missing flags SF_HTX and SF_MUX
|
|
- CONTRIB: debug: add the possibility to decode the value as certain types only
|
|
- CONTRIB: debug: support reporting multiple values at once
|
|
- BUG/MINOR: http-act: Use the good message to test strict rewritting mode
|
|
- MINOR: global: Set default tune.maxrewrite value during global structure init
|
|
- MINOR: http-rules: Set SF_ERR_PRXCOND termination flag when a header rewrite fails
|
|
- MINOR: http-htx: Emit a warning if an error file runs over the buffer's reserve
|
|
- MINOR: htx: Add a function to append an HTX message to another one
|
|
- MINOR: htx/channel: Add a function to copy an HTX message in a channel's buffer
|
|
- BUG/MINOR: http-ana: Don't overwrite outgoing data when an error is reported
|
|
- MINOR: dns: Dynamically allocate dns options to reduce the act_rule size
|
|
- MINOR: dns: Add function to release memory allocated for a do-resolve rule
|
|
- BUG/MINOR: http-ana: Reset HTX first index when HAPRoxy sends a response
|
|
- BUG/MINOR: http-ana: Set HTX_FL_PROXY_RESP flag if a server perform a redirect
|
|
- MINOR: http-rules: Add a flag on redirect rules to know the rule direction
|
|
- MINOR: http-rules: Handle the rule direction when a redirect is evaluated
|
|
- MINOR: http-ana: Rely on http_reply_and_close() to handle server error
|
|
- MINOR: http-ana: Add a function for forward internal responses
|
|
- MINOR: http-ana/http-rules: Use dedicated function to forward internal responses
|
|
- MEDIUM: http: Add a ruleset evaluated on all responses just before forwarding
|
|
- MEDIUM: http-rules: Add the return action to HTTP rules
|
|
- MEDIUM: http-rules: Support extra headers for HTTP return actions
|
|
- CLEANUP: lua: Remove consistency check for sample fetches and actions
|
|
- BUG/MINOR: http-ana: Increment failed_resp counters on invalid response
|
|
- MINOR: lua: Get the action return code on the stack when an action finishes
|
|
- MINOR: lua: Create the global 'act' object to register all action return codes
|
|
- MINOR: lua: Add act:wake_time() function to set a timeout when an action yields
|
|
- MEDIUM: lua: Add ability for actions to intercept HTTP messages
|
|
- REGTESTS: Add reg tests for the HTTP return action
|
|
- REGTESTS: Add a reg test for http-after-response rulesets
|
|
- BUILD: lua: silence a warning on systems where longjmp is not marked as noreturn
|
|
- MINOR: acl: Warn when an ACL is named 'or'
|
|
- CONTRIB: debug: also support reading values from stdin
|
|
- SCRIPTS: backport: use short revs and resolve the initial commit
|
|
- BUG/MINOR: acl: Fix type of log message when an acl is named 'or'
|
|
|
|
2020/01/22 : 2.2-dev1
|
|
- DOC: this is development again
|
|
- MINOR: version: this is development again, update the status
|
|
- SCRIPTS: update create-release to fix the changelog on new branches
|
|
- CLEANUP: ssl: Clean up error handling
|
|
- BUG/MINOR: contrib/prometheus-exporter: decode parameter and value only
|
|
- BUG/MINOR: h1: Don't test the host header during response parsing
|
|
- BUILD/MINOR: trace: fix use of long type in a few printf format strings
|
|
- DOC: Clarify behavior of server maxconn in HTTP mode
|
|
- MINOR: ssl: deduplicate ca-file
|
|
- MINOR: ssl: compute ca-list from deduplicate ca-file
|
|
- MINOR: ssl: deduplicate crl-file
|
|
- CLEANUP: dns: resolution can never be null
|
|
- BUG/MINOR: http-htx: Don't make http_find_header() fail if the value is empty
|
|
- DOC: ssl/cli: set/commit/abort ssl cert
|
|
- BUG/MINOR: ssl: fix SSL_CTX_set1_chain compatibility for openssl < 1.0.2
|
|
- BUG/MINOR: fcgi-app: Make the directive pass-header case insensitive
|
|
- BUG/MINOR: stats: Fix HTML output for the frontends heading
|
|
- BUG/MINOR: ssl: fix X509 compatibility for openssl < 1.1.0
|
|
- DOC: clarify matching strings on binary fetches
|
|
- DOC: Fix ordered list in summary
|
|
- DOC: move the "group" keyword at the right place
|
|
- MEDIUM: init: prevent process and thread creation at runtime
|
|
- BUG/MINOR: ssl/cli: 'ssl cert' cmd only usable w/ admin rights
|
|
- BUG/MEDIUM: stream-int: don't subscribed for recv when we're trying to flush data
|
|
- BUG/MINOR: stream-int: avoid calling rcv_buf() when splicing is still possible
|
|
- BUG/MINOR: ssl/cli: don't overwrite the filters variable
|
|
- BUG/MEDIUM: listener/thread: fix a race when pausing a listener
|
|
- BUG/MINOR: ssl: certificate choice can be unexpected with openssl >= 1.1.1
|
|
- BUG/MEDIUM: mux-h1: Never reuse H1 connection if a shutw is pending
|
|
- BUG/MINOR: mux-h1: Don't rely on CO_FL_SOCK_RD_SH to set H1C_F_CS_SHUTDOWN
|
|
- BUG/MINOR: mux-h1: Fix conditions to know whether or not we may receive data
|
|
- BUG/MEDIUM: tasks: Make sure we switch wait queues in task_set_affinity().
|
|
- BUG/MEDIUM: checks: Make sure we set the task affinity just before connecting.
|
|
- MINOR: debug: replace popen() with pipe+fork() in "debug dev exec"
|
|
- MEDIUM: init: set NO_NEW_PRIVS by default when supported
|
|
- BUG/MINOR: mux-h1: Be sure to set CS_FL_WANT_ROOM when EOM can't be added
|
|
- BUG/MEDIUM: mux-fcgi: Handle cases where the HTX EOM block cannot be inserted
|
|
- BUG/MINOR: proxy: make soft_stop() also close FDs in LI_PAUSED state
|
|
- BUG/MINOR: listener/threads: always use atomic ops to clear the FD events
|
|
- BUG/MINOR: listener: also clear the error flag on a paused listener
|
|
- BUG/MEDIUM: listener/threads: fix a remaining race in the listener's accept()
|
|
- MINOR: listener: make the wait paths cleaner and more reliable
|
|
- MINOR: listener: split dequeue_all_listener() in two
|
|
- REORG: listener: move the global listener queue code to listener.c
|
|
- DOC: document the listener state transitions
|
|
- BUG/MEDIUM: kqueue: Make sure we report read events even when no data.
|
|
- BUG/MAJOR: dns: add minimalist error processing on the Rx path
|
|
- BUG/MEDIUM: proto_udp/threads: recv() and send() must not be exclusive.
|
|
- DOC: listeners: add a few missing transitions
|
|
- BUG/MINOR: tasks: only requeue a task if it was already in the queue
|
|
- MINOR: tasks: split wake_expired_tasks() in two parts to avoid useless wakeups
|
|
- DOC: proxies: HAProxy only supports 3 connection modes
|
|
- DOC: remove references to the outdated architecture.txt
|
|
- BUG/MINOR: log: fix minor resource leaks on logformat error path
|
|
- BUG/MINOR: mworker: properly pass SIGTTOU/SIGTTIN to workers
|
|
- BUG/MINOR: listener: do not immediately resume on transient error
|
|
- BUG/MINOR: server: make "agent-addr" work on default-server line
|
|
- BUG/MINOR: listener: fix off-by-one in state name check
|
|
- BUILD/MINOR: unix sockets: silence an absurd gcc warning about strncpy()
|
|
- MEDIUM: h1-htx: Add HTX EOM block when the message is in H1_MSG_DONE state
|
|
- MINOR: http-htx: Add some htx sample fetches for debugging purpose
|
|
- REGTEST: Add an HTX reg-test to check an edge case
|
|
- DOC: clarify the fact that replace-uri works on a full URI
|
|
- BUG/MINOR: sample: fix the closing bracket and LF in the debug converter
|
|
- BUG/MINOR: sample: always check converters' arguments
|
|
- MINOR: sample: Validate the number of bits for the sha2 converter
|
|
- BUG/MEDIUM: ssl: Don't set the max early data we can receive too early.
|
|
- MINOR: ssl/cli: 'show ssl cert' give information on the certificates
|
|
- BUG/MINOR: ssl/cli: fix build for openssl < 1.0.2
|
|
- MINOR: debug: support logging to various sinks
|
|
- MINOR: http: add a new "replace-path" action
|
|
- REGTEST: ssl: test the "set ssl cert" CLI command
|
|
- REGTEST: run-regtests: implement #REQUIRE_BINARIES
|
|
- MINOR: task: only check TASK_WOKEN_ANY to decide to requeue a task
|
|
- BUG/MAJOR: task: add a new TASK_SHARED_WQ flag to fix foreing requeuing
|
|
- BUG/MEDIUM: ssl: Revamp the way early data are handled.
|
|
- MINOR: fd/threads: make _GET_NEXT()/_GET_PREV() use the volatile attribute
|
|
- BUG/MEDIUM: fd/threads: fix a concurrency issue between add and rm on the same fd
|
|
- REGTEST: make the "set ssl cert" require version 2.1
|
|
- BUG/MINOR: ssl: openssl-compat: Fix getm_ defines
|
|
- BUG/MEDIUM: state-file: do not allocate a full buffer for each server entry
|
|
- BUG/MINOR: state-file: do not store duplicates in the global tree
|
|
- BUG/MINOR: state-file: do not leak memory on parse errors
|
|
- BUG/MAJOR: mux-h1: Don't pretend the input channel's buffer is full if empty
|
|
- BUG/MEDIUM: stream: Be sure to never assign a TCP backend to an HTX stream
|
|
- BUILD: ssl: improve SSL_CTX_set_ecdh_auto compatibility
|
|
- BUILD: travis-ci: link with ssl libraries using rpath instead of LD_LIBRARY_PATH/DYLD_LIBRARY_PATH
|
|
- BUILD: travis-ci: reenable address sanitizer for clang builds
|
|
- BUG/MINOR: checks: refine which errno values are really errors.
|
|
- BUG/MINOR: connection: only wake send/recv callbacks if the FD is active
|
|
- CLEANUP: connection: conn->xprt is never NULL
|
|
- MINOR: pollers: add a new flag to indicate pollers reporting ERR & HUP
|
|
- MEDIUM: tcp: make tcp_connect_probe() consider ERR/HUP
|
|
- REORG: connection: move tcp_connect_probe() to conn_fd_check()
|
|
- MINOR: connection: check for connection validation earlier
|
|
- MINOR: connection: remove the double test on xprt_done_cb()
|
|
- CLEANUP: connection: merge CO_FL_NOTIFY_DATA and CO_FL_NOTIFY_DONE
|
|
- MINOR: poller: do not call the IO handler if the FD is not active
|
|
- OPTIM: epoll: always poll for recv if neither active nor ready
|
|
- OPTIM: polling: do not create update entries for FD removal
|
|
- BUG/MEDIUM: checks: Only attempt to do handshakes if the connection is ready.
|
|
- BUG/MEDIUM: connections: Hold the lock when wanting to kill a connection.
|
|
- BUILD: CI: modernize cirrus-ci
|
|
- MINOR: config: disable busy polling on old processes
|
|
- MINOR: ssl: Remove unused variable "need_out".
|
|
- BUG/MINOR: h1: Report the right error position when a header value is invalid
|
|
- BUG/MINOR: proxy: Fix input data copy when an error is captured
|
|
- BUG/MEDIUM: http-ana: Truncate the response when a redirect rule is applied
|
|
- BUG/MINOR: channel: inject output data at the end of output
|
|
- BUG/MEDIUM: session: do not report a failure when rejecting a session
|
|
- MEDIUM: dns: implement synchronous send
|
|
- MINOR: raw_sock: make sure to disable polling once everything is sent
|
|
- MINOR: http: Add 410 to http-request deny
|
|
- MINOR: http: Add 404 to http-request deny
|
|
- CLEANUP: mux-h2: remove unused goto "out_free_h2s"
|
|
- BUILD: cirrus-ci: choose proper openssl package name
|
|
- BUG/MAJOR: listener: do not schedule a task-less proxy
|
|
- CLEANUP: server: remove unused err section in server_finalize_init
|
|
- REGTEST: set_ssl_cert.vtc: replace "echo" with "printf"
|
|
- BUG/MINOR: stream-int: Don't trigger L7 retry if max retries is already reached
|
|
- BUG/MEDIUM: tasks: Use the MT macros in tasklet_free().
|
|
- BUG/MINOR: mux-h2: use a safe list_for_each_entry in h2_send()
|
|
- BUG/MEDIUM: mux-h2: fix missing test on sending_list in previous patch
|
|
- CLEANUP: ssl: remove opendir call in ssl_sock_load_cert
|
|
- MEDIUM: lua: don't call the GC as often when dealing with outgoing connections
|
|
- BUG/MEDIUM: mux-h2: don't stop sending when crossing a buffer boundary
|
|
- BUG/MINOR: cli/mworker: can't start haproxy with 2 programs
|
|
- REGTEST: mcli/mcli_start_progs: start 2 programs
|
|
- BUG/MEDIUM: mworker: remain in mworker mode during reload
|
|
- DOC: clarify crt-base usage
|
|
- CLEANUP: compression: remove unused deinit_comp_ctx section
|
|
- BUG/MEDIUM: mux_h1: Don't call h1_send if we subscribed().
|
|
- BUG/MEDIUM: raw_sock: Make sur the fd and conn are sync.
|
|
- CLEANUP: proxy: simplify proxy_parse_rate_limit proxy checks
|
|
- BUG/MAJOR: hashes: fix the signedness of the hash inputs
|
|
- REGTEST: add sample_fetches/hashes.vtc to validate hashes
|
|
- BUG/MEDIUM: cli: _getsocks must send the peers sockets
|
|
- CLEANUP: cli: deduplicate the code in _getsocks
|
|
- BUG/MINOR: stream: don't mistake match rules for store-request rules
|
|
- BUG/MEDIUM: connection: add a mux flag to indicate splice usability
|
|
- BUG/MINOR: pattern: handle errors from fgets when trying to load patterns
|
|
- MINOR: connection: move the CO_FL_WAIT_ROOM cleanup to the reader only
|
|
- MINOR: stream-int: remove dependency on CO_FL_WAIT_ROOM for rcv_buf()
|
|
- MEDIUM: connection: get rid of CO_FL_CURR_* flags
|
|
- BUILD: pattern: include errno.h
|
|
- MEDIUM: mux-h2: do not try to stop sending streams on blocked mux
|
|
- MEDIUM: mux-fcgi: do not try to stop sending streams on blocked mux
|
|
- MEDIUM: mux-h2: do not make an h2s subscribe to itself on deferred shut
|
|
- MEDIUM: mux-fcgi: do not make an fstrm subscribe to itself on deferred shut
|
|
- REORG: stream/backend: move backend-specific stuff to backend.c
|
|
- MEDIUM: backend: move the connection finalization step to back_handle_st_con()
|
|
- MEDIUM: connection: merge the send_wait and recv_wait entries
|
|
- MEDIUM: xprt: merge recv_wait and send_wait in xprt_handshake
|
|
- MEDIUM: ssl: merge recv_wait and send_wait in ssl_sock
|
|
- MEDIUM: mux-h1: merge recv_wait and send_wait
|
|
- MEDIUM: mux-h2: merge recv_wait and send_wait event notifications
|
|
- MEDIUM: mux-fcgi: merge recv_wait and send_wait event notifications
|
|
- MINOR: connection: make the last arg of subscribe() a struct wait_event*
|
|
- MINOR: ssl: Add support for returning the dn samples from ssl_(c|f)_(i|s)_dn in LDAP v3 (RFC2253) format.
|
|
- DOC: Fix copy and paste mistake in http-response replace-value doc
|
|
- BUG/MINOR: cache: Fix leak of cache name in error path
|
|
- BUG/MINOR: dns: Make dns_query_id_seed unsigned
|
|
- BUG/MINOR: 51d: Fix bug when HTX is enabled
|
|
- MINOR: http-htx: Move htx sample fetches in the scope "internal"
|
|
- MINOR: http-htx: Rename 'internal.htx_blk.val' to 'internal.htx_blk.data'
|
|
- MINOR: http-htx: Make 'internal.htx_blk_data' return a binary string
|
|
- DOC: Add a section to document the internal sample fetches
|
|
- MINOR: mux-h1: Inherit send flags from the upper layer
|
|
- MINOR: contrib/prometheus-exporter: Add heathcheck status/code in server metrics
|
|
- BUG/MINOR: http-ana/filters: Wait end of the http_end callback for all filters
|
|
- BUG/MINOR: http-rules: Remove buggy deinit functions for HTTP rules
|
|
- BUG/MINOR: stick-table: Use MAX_SESS_STKCTR as the max track ID during parsing
|
|
- MEDIUM: http-rules: Register an action keyword for all http rules
|
|
- MINOR: tcp-rules: Always set from which ruleset a rule comes from
|
|
- MINOR: actions: Use ACT_RET_CONT code to ignore an error from a custom action
|
|
- MINOR: tcp-rules: Kill connections when custom actions return ACT_RET_ERR
|
|
- MINOR: http-rules: Return an error when custom actions return ACT_RET_ERR
|
|
- MINOR: counters: Add a counter to report internal processing errors
|
|
- MEDIUM: http-ana: Properly handle internal processing errors
|
|
- MINOR: http-rules: Add a rule result to report internal error
|
|
- MINOR: http-rules: Handle internal errors during HTTP rules evaluation
|
|
- MINOR: http-rules: Add more return codes to let custom actions act as normal ones
|
|
- MINOR: tcp-rules: Handle denied/aborted/invalid connections from TCP rules
|
|
- MINOR: http-rules: Handle denied/aborted/invalid connections from HTTP rules
|
|
- MINOR: stats: Report internal errors in the proxies/listeners/servers stats
|
|
- MINOR: contrib/prometheus-exporter: Export internal errors per proxy/server
|
|
- MINOR: counters: Remove failed_secu counter and use denied_resp instead
|
|
- MINOR: counters: Review conditions to increment counters from analysers
|
|
- MINOR: http-ana: Add a txn flag to support soft/strict message rewrites
|
|
- MINOR: http-rules: Handle all message rewrites the same way
|
|
- MINOR: http-rules: Add a rule to enable or disable the strict rewriting mode
|
|
- MEDIUM: http-rules: Enable the strict rewriting mode by default
|
|
- REGTEST: Fix format of set-uri HTTP request rule in h1or2_to_h1c.vtc
|
|
- MINOR: actions: Add a function pointer to release args used by actions
|
|
- MINOR: actions: Regroup some info about HTTP rules in the same struct
|
|
- MINOR: http-rules/tcp-rules: Call the defined action function first if defined
|
|
- MINOR: actions: Rename the act_flag enum into act_opt
|
|
- MINOR: actions: Add flags to configure the action behaviour
|
|
- MINOR: actions: Use an integer to set the action type
|
|
- MINOR: http-rules: Use a specific action type for some custom HTTP actions
|
|
- MINOR: http-rules: Make replace-header and replace-value custom actions
|
|
- MINOR: http-rules: Make set-header and add-header custom actions
|
|
- MINOR: http-rules: Make set/del-map and add/del-acl custom actions
|
|
- MINOR: http-rules: Group all processing of early-hint rule in its case clause
|
|
- MEDIUM: http-rules: Make early-hint custom actions
|
|
- MINOR: http-rule/tcp-rules: Make track-sc* custom actions
|
|
- MINOR: tcp-rules: Make tcp-request capture a custom action
|
|
- MINOR: http-rules: Add release functions for existing HTTP actions
|
|
- BUG/MINOR: http-rules: Fix memory releases on error path during action parsing
|
|
- MINOR: tcp-rules: Add release functions for existing TCP actions
|
|
- BUG/MINOR: tcp-rules: Fix memory releases on error path during action parsing
|
|
- MINOR: http-htx: Add functions to read a raw error file and convert it in HTX
|
|
- MINOR: http-htx: Add functions to create HTX redirect message
|
|
- MINOR: config: Use dedicated function to parse proxy's errorfiles
|
|
- MINOR: config: Use dedicated function to parse proxy's errorloc
|
|
- MEDIUM: http-htx/proxy: Use a global and centralized storage for HTTP error messages
|
|
- MINOR: proxy: Register keywords to parse errorfile and errorloc directives
|
|
- MINOR: http-htx: Add a new section to create groups of custom HTTP errors
|
|
- MEDIUM: proxy: Add a directive to reference an http-errors section in a proxy
|
|
- MINOR: http-rules: Update txn flags and status when a deny rule is executed
|
|
- MINOR: http-rules: Support an optional status on deny rules for http reponses
|
|
- MINOR: http-rules: Use same function to parse request and response deny actions
|
|
- MINOR: http-ana: Add an error message in the txn and send it when defined
|
|
- MEDIUM: http-rules: Support an optional error message in http deny rules
|
|
- REGTEST: Add a strict rewriting mode reg test
|
|
- REGEST: Add reg tests about error files
|
|
- MINOR: ssl: accept 'verify' bind option with 'set ssl cert'
|
|
- BUG/MINOR: ssl: ssl_sock_load_ocsp_response_from_file memory leak
|
|
- BUG/MINOR: ssl: ssl_sock_load_issuer_file_into_ckch memory leak
|
|
- BUG/MINOR: ssl: ssl_sock_load_sctl_from_file memory leak
|
|
- BUG/MINOR: http_htx: Fix some leaks on error path when error files are loaded
|
|
- CLEANUP: http-ana: Remove useless test on txn when the error message is retrieved
|
|
- BUILD: CI: introduce ARM64 builds
|
|
- BUILD: ssl: more elegant anti-replay feature presence check
|
|
- MINOR: proxy/http-ana: Add support of extra attributes for the cookie directive
|
|
- MEDIUM: dns: use Additional records from SRV responses
|
|
- CLEANUP: Consistently `unsigned int` for bitfields
|
|
- CLEANUP: pattern: remove the pat_time definition
|
|
- BUG/MINOR: http_act: don't check capture id in backend
|
|
- BUG/MINOR: ssl: fix build on development versions of openssl-1.1.x
|
|
|
|
2019/11/25 : 2.2-dev0
|
|
- exact copy of 2.1.0
|
|
|
|
2019/11/25 : 2.1.0
|
|
- BUG/MINOR: init: fix set-dumpable when using uid/gid
|
|
- MINOR: init: avoid code duplication while setting identify
|
|
- BUG/MINOR: ssl: ssl_pkey_info_index ex_data can store a dereferenced pointer
|
|
- BUG/MINOR: ssl: fix crt-list neg filter for openssl < 1.1.1
|
|
- MINOR: peers: Alway show the table info for disconnected peers.
|
|
- MINOR: peers: Add TX/RX heartbeat counters.
|
|
- MINOR: peers: Add debugging information to "show peers".
|
|
- BUG/MINOR: peers: Wrong null "server_name" data field handling.
|
|
- MINOR: ssl/cli: 'abort ssl cert' deletes an on-going transaction
|
|
- BUG/MEDIUM: mworker: don't fill the -sf argument with -1 during the reexec
|
|
- BUG/MINOR: peers: "peer alive" flag not reset when deconnecting.
|
|
- BUILD/MINOR: ssl: fix compiler warning about useless statement
|
|
- BUG/MEDIUM: stream-int: Don't loose events on the CS when an EOS is reported
|
|
- MINOR: contrib/prometheus-exporter: filter exported metrics by scope
|
|
- MINOR: contrib/prometheus-exporter: Add a param to ignore servers in maintenance
|
|
- BUILD: debug: Avoid warnings in dev mode with -02 because of some BUG_ON tests
|
|
- BUG/MINOR: mux-h1: Fix tunnel mode detection on the response path
|
|
- BUG/MINOR: http-ana: Properly catch aborts during the payload forwarding
|
|
- DOC: Update http-buffer-request description to remove the part about chunks
|
|
- BUG/MINOR: stream-int: Fix si_cs_recv() return value
|
|
- DOC: internal: document the init calls
|
|
- MEDIUM: dns: Add resolve-opts "ignore-weight"
|
|
- MINOR: ssl: ssl_sock_prepare_ctx() return an error code
|
|
- MEDIUM: ssl/cli: apply SSL configuration on SSL_CTX during commit
|
|
- MINOR: ssl/cli: display warning during 'commit ssl cert'
|
|
- MINOR: version: report the version status in "haproxy -v"
|
|
- MINOR: version: emit the link to the known bugs in output of "haproxy -v"
|
|
- DOC: Add documentation about the use-service action
|
|
- MINOR: ssl: fix possible null dereference in error handling
|
|
- BUG/MINOR: ssl: fix curve setup with LibreSSL
|
|
- BUG/MINOR: ssl: Stop passing dynamic strings as format arguments
|
|
- CLEANUP: ssl: check if a transaction exists once before setting it
|
|
- BUG/MINOR: cli: fix out of bounds in -S parser
|
|
- MINOR: ist: add ist_find_ctl()
|
|
- BUG/MAJOR: h2: reject header values containing invalid chars
|
|
- BUG/MAJOR: h2: make header field name filtering stronger
|
|
- BUG/MAJOR: mux-h2: don't try to decode a response HEADERS frame in idle state
|
|
- MINOR: h2: add a function to report H2 error codes as strings
|
|
- MINOR: mux-h2/trace: report the connection and/or stream error code
|
|
- SCRIPTS: create-release: show the correct origin name in suggested commands
|
|
- SCRIPTS: git-show-backports: add "-s" to proposed cherry-pick commands
|
|
- BUG/MEDIUM: trace: fix a typo causing an incorrect startup error
|
|
- BUILD: reorder the objects in the makefile
|
|
- DOC: mention in INSTALL haproxy 2.1 is a stable stable version
|
|
- MINOR: version: indicate that this version is stable
|
|
|
|
2019/11/15 : 2.1-dev5
|
|
- BUG/MEDIUM: ssl/cli: don't alloc path when cert not found
|
|
- BUG/MINOR: ssl/cli: unable to update a certificate without bundle extension
|
|
- BUG/MINOR: ssl/cli: fix an error when a file is not found
|
|
- MINOR: ssl/cli: replace the default_ctx during 'commit ssl cert'
|
|
- DOC: fix date and http_date keywords syntax
|
|
- MINOR: peers: Add "log" directive to "peers" section.
|
|
- BUG/MEDIUM: mux-h1: Disable splicing for chunked messages
|
|
- BUG/MEDIUM: stream: Be sure to support splicing at the mux level to enable it
|
|
- MINOR: flt_trace: Rename macros to print trace messages
|
|
- MINOR: trace: Add a set of macros to trace events if HA is compiled with debug
|
|
- MEDIUM: stream/trace: Register a new trace source with its events
|
|
- MINOR: doc: http-reuse connection pool fix
|
|
- BUG/MEDIUM: stream: Be sure to release allocated captures for TCP streams
|
|
- MINOR: http-ana: Remove the unused function http_reset_txn()
|
|
- BUG/MINOR: action: do-resolve now use cached response
|
|
- BUG: dns: timeout resolve not applied for valid resolutions
|
|
- DOC: management: fix typo on "cache_lookups" stats output
|
|
- BUG/MINOR: stream: init variables when the list is empty
|
|
- BUG/MEDIUM: tasks: Make tasklet_remove_from_tasklet_list() no matter the tasklet.
|
|
- BUG/MINOR: queue/threads: make the queue unlinking atomic
|
|
- BUG/MEDIUM: Make sure we leave the session list in session_free().
|
|
- CLEANUP: session: slightly simplify idle connection cleanup logic
|
|
- MINOR: memory: also poison the area on freeing
|
|
- CLEANUP: cli: use srv_shutdown_streams() instead of open-coding it
|
|
- CLEANUP: stats: use srv_shutdown_streams() instead of open-coding it
|
|
- BUG/MEDIUM: listeners: always pause a listener on out-of-resource condition
|
|
- BUILD: contrib/da: remove an "unused" warning
|
|
- BUG/MEDIUM: filters: Don't call TCP callbacks for HTX streams
|
|
- MEDIUM: filters: Adapt filters API to allow again TCP filtering on HTX streams
|
|
- MINOR: freq_ctr: Make the sliding window sums thread-safe
|
|
- MINOR: stream: Remove the lock on the proxy to update time stats
|
|
- MINOR: counters: Add fields to store the max observed for {q,c,d,t}_time
|
|
- MINOR: stats: Report max times in addition of the averages for sessions
|
|
- MINOR: contrib/prometheus-exporter: Report metrics about max times for sessions
|
|
- BUG/MINOR: contrib/prometheus-exporter: Rename some metrics
|
|
- MINOR: contrib/prometheus-exporter: report the number of idle conns per server
|
|
- DOC: Add missing stats fields in the management manual
|
|
- BUG/MINOR: mux-h1: Properly catch parsing errors on payload and trailers
|
|
- BUG/MINOR: mux-h1: Don't set CS_FL_EOS on a read0 when receiving data to pipe
|
|
- MINOR: mux-h1: Set EOI on the conn-stream when EOS is reported in TUNNEL state
|
|
- MINOR: sink: Set the default max length for a message to BUFSIZE
|
|
- MINOR: ring: make the parse function automatically set the handler/release
|
|
- BUG/MINOR: log: make "show startup-log" use a ring buffer instead
|
|
- MINOR: stick-table: allow sc-set-gpt0 to set value from an expression
|
|
|
|
2019/11/03 : 2.1-dev4
|
|
- BUG/MINOR: cli: don't call the kw->io_release if kw->parse failed
|
|
- BUG/MINOR: mux-h2: Don't pretend mux buffers aren't full anymore if nothing sent
|
|
- BUG/MAJOR: stream-int: Don't receive data from mux until SI_ST_EST is reached
|
|
- DOC: remove obsolete section about header manipulation
|
|
- BUG/MINOR: ssl/cli: cleanup on cli_parse_set_cert error
|
|
- MINOR: ssl/cli: rework the 'set ssl cert' IO handler
|
|
- BUILD: CI: comment out cygwin build, upgrade various ssl libraries
|
|
- DOC: Improve documentation of http-re(quest|sponse) replace-(header|value|uri)
|
|
- BUILD/MINOR: tools: shut up the format truncation warning in get_gmt_offset()
|
|
- BUG/MINOR: spoe: fix off-by-one length in UUID format string
|
|
- BUILD/MINOR: ssl: shut up a build warning about format truncation
|
|
- BUILD: do not disable -Wformat-truncation anymore
|
|
- MINOR: chunk: add chunk_istcat() to concatenate an ist after a chunk
|
|
- Revert "MINOR: istbuf: add b_fromist() to make a buffer from an ist"
|
|
- MINOR: mux: Add a new method to get informations about a mux.
|
|
- BUG/MEDIUM: stream_interface: Only use SI_ST_RDY when the mux is ready.
|
|
- BUG/MEDIUM: servers: Only set SF_SRV_REUSED if the connection if fully ready.
|
|
- MINOR: doc: fix busy-polling performance reference
|
|
- MINOR: config: allow no set-dumpable config option
|
|
- MINOR: init: always fail when setrlimit fails
|
|
- MINOR: ssl/cli: rework 'set ssl cert' as 'set/commit'
|
|
- CLEANUP: ssl/cli: remove leftovers of bundle/certs (it < 2)
|
|
- REGTEST: vtest can now enable mcli with its own flag
|
|
- BUG/MINOR: config: Update cookie domain warn to RFC6265
|
|
- MINOR: sample: add us/ms support to date/http_date
|
|
- BUG/MINOR: ssl/cli: check trash allocation in cli_io_handler_commit_cert()
|
|
- BUG/MEDIUM: mux-h2: report no available stream on a connection having errors
|
|
- BUG/MEDIUM: mux-h2: immediately remove a failed connection from the idle list
|
|
- BUG/MEDIUM: mux-h2: immediately report connection errors on streams
|
|
- BUG/MINOR: stats: properly check the path and not the whole URI
|
|
- BUG/MINOR: ssl: segfault in cli_parse_set_cert with old openssl/boringssl
|
|
- BUG/MINOR: ssl: ckch->chain must be initialized
|
|
- BUG/MINOR: ssl: double free on error for ckch->{key,cert}
|
|
- MINOR: ssl: BoringSSL ocsp_response does not need issuer
|
|
- BUG/MEDIUM: ssl/cli: fix dot research in cli_parse_set_cert
|
|
- MINOR: backend: Add srv_name sample fetche
|
|
- DOC: Add GitHub issue config.yml
|
|
|
|
2019/10/25 : 2.1-dev3
|
|
- MINOR: mux-h2/trace: missing conn pointer in demux full message
|
|
- MINOR: mux-h2: add a per-connection list of blocked streams
|
|
- BUILD: ebtree: make eb_is_empty() and eb_is_dup() take a const
|
|
- BUG/MEDIUM: mux-h2: do not enforce timeout on long connections
|
|
- BUG/MEDIUM: tasks: Don't forget to decrement tasks_run_queue.
|
|
- BUG/MINOR: peers: crash on reload without local peer.
|
|
- BUG/MINOR: mux-h2/trace: Fix traces on h2c initialization
|
|
- MINOR: h1-htx: Update h1_copy_msg_data() to ease the traces in the mux-h1
|
|
- MINOR: htx: Adapt htx_dump() to be used from traces
|
|
- MINOR: mux-h1/trace: register a new trace source with its events
|
|
- MINOR: proxy: Store http-send-name-header in lower case
|
|
- MINOR: http: Remove headers matching the name of http-send-name-header option
|
|
- BUG/MINOR: mux-h1: Adjust header case when the server name is add to a request
|
|
- BUG/MINOR: mux-h1: Adjust header case when chunked encoding is add to a message
|
|
- MINOR: mux-h1: Try to wakeup the stream on output buffer allocation
|
|
- MINOR: fcgi: Add function to get the string representation of a record type
|
|
- MINOR: mux-fcgi/trace: Register a new trace source with its events
|
|
- BUG/MEDIUM: cache: make sure not to cache requests with absolute-uri
|
|
- DOC: clarify some points around http-send-name-header's behavior
|
|
- MEDIUM: mux-h2: support emitting CONTINUATION frames after HEADERS
|
|
- BUG/MINOR: mux-h1/mux-fcgi/trace: Fix position of the 4th arg in some traces
|
|
- DOC: fix typo in Prometheus exporter doc
|
|
- MINOR: h2: clarify the rules for how to convert an H2 request to HTX
|
|
- MINOR: htx: Add 2 flags on the start-line to have more info about the uri
|
|
- MINOR: http: Add a function to get the authority into a URI
|
|
- MINOR: h1-htx: Set the flag HTX_SL_F_HAS_AUTHORITY during the request parsing
|
|
- MEDIUM: http-htx: Keep the Host header and the request start-line synchronized
|
|
- MINOR: h1-htx: Only use the path of a normalized URI to format a request line
|
|
- MEDIUM: h2: make the request parser rebuild a complete URI
|
|
- MINOR: h2: report in the HTX flags when the request has an authority
|
|
- MEDIUM: mux-h2: do not map Host to :authority on output
|
|
- MEDIUM: h2: use the normalized URI encoding for absolute form requests
|
|
- MINOR: stats: mention in the help message support for "json" and "typed"
|
|
- MINOR: stats: get rid of the ST_CONVDONE flag
|
|
- MINOR: stats: replace the ST_* uri_auth flags with STAT_*
|
|
- MINOR: stats: always merge the uri_auth flags into the appctx flags
|
|
- MINOR: stats: set the appctx flags when initializing the applet only
|
|
- MINOR: stats: get rid of the STAT_SHOWADMIN flag
|
|
- MINOR: stats: make stats_dump_fields_json() directly take flags
|
|
- MINOR: stats: uniformize the calling convention of the dump functions
|
|
- MINOR: stats: support the "desc" output format modifier for info and stat
|
|
- MINOR: stats: prepare to add a description with each stat/info field
|
|
- MINOR: stats: make "show stat" and "show info"
|
|
- MINOR: stats: fill all the descriptions for "show info" and "show stat"
|
|
- BUG/MEDIUM: applet: always check a fast running applet's activity before killing
|
|
- BUILD: stats: fix missing '=' sign in array declaration
|
|
- MINOR: lists: add new macro LIST_SPLICE_END_DETACHED
|
|
- MINOR: list: add new macro MT_LIST_BEHEAD
|
|
- MEDIUM: task: Split the tasklet list into two lists.
|
|
- MINOR: h2: Document traps to be avoided on multithread.
|
|
- MINOR: lists: Try to use local variables instead of macro arguments.
|
|
- MINOR: lists: Fix alignement of \ when relevant.
|
|
- MINOR: mux-h2: also support emitting CONTINUATION on trailers
|
|
- MINOR: ssl: crt-list do ckchn_lookup
|
|
- REORG: ssl: rename ckch_node to ckch_store
|
|
- REORG: ssl: move structures to ssl_sock.h
|
|
- MINOR: ssl: initialize the sni_keytypes_map as EB_ROOT
|
|
- MINOR: ssl: initialize explicitly the sni_ctx trees
|
|
- BUG/MINOR: ssl: abort on sni allocation failure
|
|
- BUG/MINOR: ssl: free the sni_keytype nodes
|
|
- BUG/MINOR: ssl: abort on sni_keytypes allocation failure
|
|
- MEDIUM: ssl: introduce the ckch instance structure
|
|
- MEDIUM: ssl: split ssl_sock_add_cert_sni()
|
|
- MINOR: ssl: ssl_sock_load_ckchn() can properly fail
|
|
- MINOR: ssl: ssl_sock_load_multi_ckchs() can properly fail
|
|
- MEDIUM: ssl: ssl_sock_load_ckchs() alloc a ckch_inst
|
|
- MINOR: ssl: ssl_sock_load_crt_file_into_ckch() is filling from a BIO
|
|
- MEDIUM: ssl/cli: 'set ssl cert' updates a certificate from the CLI
|
|
- MINOR: ssl: load the sctl in/from the ckch
|
|
- MINOR: ssl: load the ocsp in/from the ckch
|
|
- BUG/MEDIUM: ssl: NULL dereference in ssl_sock_load_cert_sni()
|
|
- BUG/MINOR: ssl: fix build without SSL
|
|
- BUG/MINOR: ssl: fix build without multi-cert bundles
|
|
- BUILD: ssl: wrong #ifdef for SSL engines code
|
|
- BUG/MINOR: ssl: fix OCSP build with BoringSSL
|
|
- BUG/MEDIUM: htx: Catch chunk_memcat() failures when HTX data are formatted to h1
|
|
- BUG/MINOR: chunk: Fix tests on the chunk size in functions copying data
|
|
- BUG/MINOR: mux-h1: Mark the output buffer as full when the xfer is interrupted
|
|
- MINOR: mux-h1: Xfer as much payload data as possible during output processing
|
|
- CLEANUP: h1-htx: Move htx-to-h1 formatting functions from htx.c to h1_htx.c
|
|
- BUG/MINOR: mux-h1: Capture ignored parsing errors
|
|
- MINOR: h1: Reject requests with different occurrences of the header host
|
|
- MINOR: h1: Reject requests if the authority does not match the header host
|
|
- REGTESTS: Send valid URIs in peers reg-tests and fix HA config to avoid warnings
|
|
- REGTESTS: Adapt proxy_protocol_random_fail.vtc to match normalized URI too
|
|
- BUG/MINOR: WURFL: fix send_log() function arguments
|
|
- BUG/MINOR: ssl: fix error messages for OCSP loading
|
|
- BUG/MINOR: ssl: can't load ocsp files
|
|
- MINOR: version: make the version strings variables, not constants
|
|
- BUG/MINOR: http-htx: Properly set htx flags on error files to support keep-alive
|
|
- MINOR: htx: Add a flag on HTX to known when a response was generated by HAProxy
|
|
- MINOR: mux-h1: Force close mode for proxy responses with an unfinished request
|
|
- BUILD: travis-ci: limit build to branches "master" and "next"
|
|
- BUILD/MEDIUM: threads: rename thread_info struct to ha_thread_info
|
|
- BUILD/SMALL: threads: enable threads on osx
|
|
- BUILD/MEDIUM: threads: enable cpu_affinity on osx
|
|
- MINOR: istbuf: add b_fromist() to make a buffer from an ist
|
|
- BUG/MINOR: cache: also cache absolute URIs
|
|
- BUG/MINOR: mworker/ssl: close openssl FDs unconditionally
|
|
- BUG/MINOR: tcp: Don't alter counters returned by tcp info fetchers
|
|
- BUG/MEDIUM: lists: Handle 1-element-lists in MT_LIST_BEHEAD().
|
|
- BUG/MEDIUM: mux_pt: Make sure we don't have a conn_stream before freeing.
|
|
- BUG/MEDIUM: tasklet: properly compute the sleeping threads mask in tasklet_wakeup()
|
|
- BUG/MAJOR: idle conns: schedule the cleanup task on the correct threads
|
|
- BUG/MEDIUM: task: make tasklets either local or shared but not both at once
|
|
- Revert e8826ded5fea3593d89da2be5c2d81c522070995.
|
|
- BUG/MEDIUM: mux_pt: Don't destroy the connection if we have a stream attached.
|
|
- BUG/MEDIUM: mux_pt: Only call the wake emthod if nobody subscribed to receive.
|
|
- REGTEST: mcli/mcli_show_info: launch a 'show info' on the master CLI
|
|
- CLEANUP: ssl: make ssl_sock_load_cert*() return real error codes
|
|
- CLEANUP: ssl: make ssl_sock_load_ckchs() return a set of ERR_*
|
|
- CLEANUP: ssl: make cli_parse_set_cert handle errcode and warnings.
|
|
- CLEANUP: ssl: make ckch_inst_new_load_(multi_)store handle errcode/warn
|
|
- CLEANUP: ssl: make ssl_sock_put_ckch_into_ctx handle errcode/warn
|
|
- CLEANUP: ssl: make ssl_sock_load_dh_params handle errcode/warn
|
|
- CLEANUP: bind: handle warning label on bind keywords parsing.
|
|
- BUG/MEDIUM: ssl: 'tune.ssl.default-dh-param' value ignored with openssl > 1.1.1
|
|
- BUG/MINOR: mworker/cli: reload fail with inherited FD
|
|
- BUG/MINOR: ssl: Fix fd leak on error path when a TLS ticket keys file is parsed
|
|
- BUG/MINOR: stick-table: Never exceed (MAX_SESS_STKCTR-1) when fetching a stkctr
|
|
- BUG/MINOR: cache: alloc shctx after check config
|
|
- BUG/MINOR: sample: Make the `field` converter compatible with `-m found`
|
|
- BUG/MINOR: server: check return value of fopen() in apply_server_state()
|
|
- REGTESTS: make seamless-reload depend on 1.9 and above
|
|
- REGTESTS: server/cli_set_fqdn requires version 1.8 minimum
|
|
- BUG/MINOR: dns: allow srv record weight set to 0
|
|
- BUG/MINOR: ssl: fix memcpy overlap without consequences.
|
|
- BUG/MINOR: stick-table: fix an incorrect 32 to 64 bit key conversion
|
|
- BUG/MEDIUM: pattern: make the pattern LRU cache thread-local and lockless
|
|
- BUG/MINOR: mux-h2: do not emit logs on backend connections
|
|
- CLEANUP: ssl: remove old TODO commentary
|
|
- CLEANUP: ssl: fix SNI/CKCH lock labels
|
|
- MINOR: ssl: OCSP functions can load from file or buffer
|
|
- MINOR: ssl: load sctl from buf OR from a file
|
|
- MINOR: ssl: load issuer from file or from buffer
|
|
- MINOR: ssl: split ssl_sock_load_crt_file_into_ckch()
|
|
- BUG/MINOR: ssl/cli: fix looking up for a bundle
|
|
- MINOR: ssl/cli: update ocsp/issuer/sctl file from the CLI
|
|
- MINOR: ssl: update ssl_sock_free_cert_key_and_chain_contents
|
|
- MINOR: ssl: copy a ckch from src to dst
|
|
- MINOR: ssl: new functions duplicate and free a ckch_store
|
|
- MINOR: ssl/cli: assignate a new ckch_store
|
|
- MEDIUM: cli/ssl: handle the creation of SSL_CTX in an IO handler
|
|
- BUG/MINOR: ssl/cli: fix build of SCTL and OCSP
|
|
- BUG/MINOR: ssl/cli: out of bounds when built without ocsp/sctl
|
|
- BUG/MINOR: ssl: fix build with openssl < 1.1.0
|
|
- BUG/MINOR: ssl: fix build of X509_chain_up_ref() w/ libreSSL
|
|
- MINOR: tcp: avoid confusion in time parsing init
|
|
- MINOR: debug: add a new "debug dev stream" command
|
|
- MINOR: cli/debug: validate addresses using may_access() in "debug dev stream"
|
|
- REORG: move CLI access level definitions to cli.h
|
|
- MINOR: cli: add an expert mode to hide dangerous commands
|
|
- MINOR: debug: make most debug CLI commands accessible in expert mode
|
|
- MINOR: stats/debug: maintain a counter of debug commands issued
|
|
- BUG/MEDIUM: debug: address a possible null pointer dereference in "debug dev stream"
|
|
|
|
2019/10/01 : 2.1-dev2
|
|
- DOC: management: document reuse and connect counters in the CSV format
|
|
- DOC: management: document cache_hits and cache_lookups in the CSV format
|
|
- BUG/MINOR: dns: remove irrelevant dependency on a client connection
|
|
- MINOR: applet: make appctx use their own pool
|
|
- BUG/MEDIUM: checks: Don't attempt to receive data if we already subscribed.
|
|
- BUG/MEDIUM: http/htx: unbreak option http_proxy
|
|
- BUG/MINOR: backend: do not try to install a mux when the connection failed
|
|
- MINOR: mux-h2: Don't adjust anymore the amount of data sent in h2_snd_buf()
|
|
- BUG/MINOR: http_fetch: Fix http_auth/http_auth_group when called from TCP rules
|
|
- BUG/MINOR: http_htx: Initialize HTX error messages for TCP proxies
|
|
- BUG/MINOR: cache/htx: Make maxage calculation HTX aware
|
|
- BUG/MINOR: hlua: Make the function txn:done() HTX aware
|
|
- MINOR: proto_htx: Directly call htx_check_response_for_cacheability()
|
|
- MINOR: proto_htx: Rely on the HTX function to apply a redirect rules
|
|
- MINOR: proto_htx: Add the function htx_return_srv_error()
|
|
- MINOR: backend/htx: Don't rewind output data to set the sni on a srv connection
|
|
- MINOR: proto_htx: Don't stop forwarding when there is a post-connect processing
|
|
- DOC: htx: Update comments in HTX files
|
|
- CLEANUP: htx: Remove the unsued function htx_add_blk_type_size()
|
|
- MINOR: htx: Deduce the number of used blocks from tail and head values
|
|
- MINOR: htx: Use an array of char to store HTX blocks
|
|
- MINOR: htx: Slightly update htx_dump() to report better messages
|
|
- DOC: htx: Add internal documentation about the HTX
|
|
- MAJOR: http: Deprecate and ignore the option "http-use-htx"
|
|
- MEDIUM: mux-h2: Remove support of the legacy HTTP mode
|
|
- CLEANUP: h2: Remove functions converting h2 requests to raw HTTP/1.1 ones
|
|
- MINOR: connection: Remove the multiplexer protocol PROTO_MODE_HTX
|
|
- MINOR: stream: Rely on HTX analyzers instead of legacy HTTP ones
|
|
- MEDIUM: http_fetch: Remove code relying on HTTP legacy mode
|
|
- MINOR: config: Remove tests on the option 'http-use-htx'
|
|
- MINOR: stream: Remove tests on the option 'http-use-htx' in stream_new()
|
|
- MINOR: proxy: Remove tests on the option 'http-use-htx' during H1 upgrade
|
|
- MINOR: hlua: Remove tests on the option 'http-use-htx' to reject TCP applets
|
|
- MINOR: cache: Remove tests on the option 'http-use-htx'
|
|
- MINOR: contrib/prometheus-exporter: Remove tests on the option 'http-use-htx'
|
|
- CLEANUP: proxy: Remove the flag PR_O2_USE_HTX
|
|
- MINOR: proxy: Don't adjust connection mode of HTTP proxies anymore
|
|
- MEDIUM: backend: Remove code relying on the HTTP legacy mode
|
|
- MEDIUM: hlua: Remove code relying on the legacy HTTP mode
|
|
- MINOR: http_act: Remove code relying on the legacy HTTP mode
|
|
- MEDIUM: cache: Remove code relying on the legacy HTTP mode
|
|
- MEDIUM: compression: Remove code relying on the legacy HTTP mode
|
|
- MINOR: flt_trace: Remove code relying on the legacy HTTP mode
|
|
- MINOR: stats: Remove code relying on the legacy HTTP mode
|
|
- MAJOR: filters: Remove code relying on the legacy HTTP mode
|
|
- MINOR: stream: Remove code relying on the legacy HTTP mode
|
|
- MAJOR: http: Remove the HTTP legacy code
|
|
- MINOR: hlua: Remove useless test on TX_CON_WANT_* flags
|
|
- MINOR: proto_http: Remove unused http txn flags
|
|
- MINOR: proto_http: Remove the unused flag HTTP_MSGF_WAIT_CONN
|
|
- CLEANUP: proto_http: Group remaining flags of the HTTP transaction
|
|
- CLEANUP: channel: Remove the unused flag CF_WAKE_CONNECT
|
|
- CLEANUP: proto_http: Remove unecessary includes and comments
|
|
- CLEANUP: proto_http: Move remaining code from proto_http.c to proto_htx.c
|
|
- REORG: proto_htx: Move HTX analyzers & co to http_ana.{c,h} files
|
|
- BUG/MINOR: debug: Remove flags CO_FL_SOCK_WR_ENA/CO_FL_SOCK_RD_ENA
|
|
- MINOR: proxy: Remove support of the option 'http-tunnel'
|
|
- DOC: config: Update as a result of the legacy HTTP removal
|
|
- MEDIUM: config: Remove parsing of req* and rsp* directives
|
|
- MINOR: proxy: Remove the unused list of block rules
|
|
- MINOR: proxy/http_ana: Remove unused req_exp/rsp_exp and req_add/rsp_add lists
|
|
- DOC: config: Remove unsupported req* and rsp* keywords
|
|
- MINOR: global: Preset tune.max_http_hdr to its default value
|
|
- MINOR: http: Don't store raw HTTP errors in chunks anymore
|
|
- BUG/MINOR: session: Emit an HTTP error if accept fails only for H1 connection
|
|
- BUG/MINOR: session: Send a default HTTP error if accept fails for a H1 socket
|
|
- CLEANUP: mux-h2: Remove unused flags H2_SF_CHNK_*
|
|
- BUG/MINOR: checks: do not exit tcp-checks from the middle of the loop
|
|
- MINOR: config: Warn only if the option http-use-htx is used with "no" prefix
|
|
- BUG/MEDIUM: mux-h1: Trim excess server data at the end of a transaction
|
|
- MINOR: connection: add conn_get_src() and conn_get_dst()
|
|
- MINOR: frontend: switch to conn_get_{src,dst}() for logging and debugging
|
|
- MINOR: backend: switch to conn_get_{src,dst}() for port and address mapping
|
|
- MINOR: ssl: switch to conn_get_dst() to retrieve the destination address
|
|
- MINOR: tcp: replace various calls to conn_get_{from,to}_addr with conn_get_{src,dst}
|
|
- MINOR: stream-int: use conn_get_{src,dst} in conn_si_send_proxy()
|
|
- MINOR: stream/cli: use conn_get_{src,dst} in "show sess" and "show peers" output
|
|
- MINOR: log: use conn_get_{dst,src}() to retrieve the cli/frt/bck/srv/ addresses
|
|
- MINOR: http/htx: use conn_get_dst() to retrieve the destination address
|
|
- MINOR: lua: use conn_get_{src,dst} to retrieve connection addresses
|
|
- MINOR: http: check the source address via conn_get_src() in sample fetch functions
|
|
- CLEANUP: connection: remove the now unused conn_get_{from,to}_addr()
|
|
- MINOR: connection: add new src and dst fields
|
|
- MINOR: connection: use conn->{src,dst} instead of &conn->addr.{from,to}
|
|
- MINOR: ssl-sock: use conn->dst instead of &conn->addr.to
|
|
- MINOR: lua: switch to conn->dst for a connection's target address
|
|
- MINOR: peers: use conn->dst for the peer's target address
|
|
- MINOR: htx: switch from conn->addr.{from,to} to conn->{src,dst}
|
|
- MINOR: stream: switch from conn->addr.{from,to} to conn->{src,dst}
|
|
- MINOR: proxy: switch to conn->src in error snapshots
|
|
- MINOR: session: use conn->src instead of conn->addr.from
|
|
- MINOR: tcp: replace conn->addr.{from,to} with conn->{src,dst}
|
|
- MINOR: unix: use conn->dst for the target address in ->connect()
|
|
- MINOR: sockpair: use conn->dst for the target address in ->connect()
|
|
- MINOR: log: use conn->{src,dst} instead of conn->addr.{from,to}
|
|
- MINOR: checks: replace conn->addr.to with conn->dst
|
|
- MINOR: frontend: switch from conn->addr.{from,to} to conn->{src,dst}
|
|
- MINOR: http: convert conn->addr.from to conn->src in sample fetches
|
|
- MEDIUM: backend: turn all conn->addr.{from,to} to conn->{src,dst}
|
|
- MINOR: connection: create a new pool for struct sockaddr_storage
|
|
- MEDIUM: connection: make sure all address producers allocate their address
|
|
- MAJOR: connection: remove the addr field
|
|
- MINOR: connection: don't use clear_addr() anymore, just release the address
|
|
- MINOR: stream: add a new target_addr entry in the stream structure
|
|
- MAJOR: stream: store the target address into s->target_addr
|
|
- MINOR: peers: now remove the remote connection setup code
|
|
- MEDIUM: lua: do not allocate the remote connection anymore
|
|
- MEDIUM: backend: always release any existing prior connection in connect_server()
|
|
- MEDIUM: backend: remove impossible cases from connect_server()
|
|
- BUG/MINOR: mux-h1: Close server connection if input data remains in h1_detach()
|
|
- BUG/MEDIUM: tcp-checks: do not dereference inexisting conn_stream
|
|
- BUG/MINOR: http_ana: Be sure to have an allocated buffer to generate an error
|
|
- BUG/MINOR: http_htx: Support empty errorfiles
|
|
- BUG/CRITICAL: http_ana: Fix parsing of malformed cookies which start by a delimiter
|
|
- BUG/MEDIUM: protocols: add a global lock for the init/deinit stuff
|
|
- BUG/MINOR: proxy: always lock stop_proxy()
|
|
- MEDIUM: mux-h1: Add the support of headers adjustment for bogus HTTP/1 apps
|
|
- BUILD: threads: add the definition of PROTO_LOCK
|
|
- BUG/MEDIUM: lb-chash: Fix the realloc() when the number of nodes is increased
|
|
- BUG/MEDIUM: streams: Don't switch the SI to SI_ST_DIS if we have data to send.
|
|
- BUG/MINOR: log: make sure writev() is not interrupted on a file output
|
|
- DOC: improve the wording in CONTRIBUTING about how to document a bug fix
|
|
- MEDIUM: h1: Don't try to subscribe if we managed to read data.
|
|
- MEDIUM: h1: Don't wake the H1 tasklet if we got the whole request.
|
|
- REGTESTS: checks: exclude freebsd target for tcp-check_multiple_ports.vtc
|
|
- BUG/MINOR: hlua/htx: Reset channels analyzers when txn:done() is called
|
|
- BUG/MEDIUM: hlua: Check the calling direction in lua functions of the HTTP class
|
|
- MINOR: hlua: Don't set request analyzers on response channel for lua actions
|
|
- MINOR: hlua: Add a flag on the lua txn to know in which context it can be used
|
|
- BUG/MINOR: hlua: Only execute functions of HTTP class if the txn is HTTP ready
|
|
- BUG/MINOR: htx: Fix free space addresses calculation during a block expansion
|
|
- MINOR: ssl: merge ssl_sock_load_cert_file() and ssl_sock_load_cert_chain_file()
|
|
- MEDIUM: ssl: use cert_key_and_chain struct in ssl_sock_load_cert_file()
|
|
- MEDIUM: ssl: split the loading of the certificates
|
|
- MEDIUM: ssl: lookup and store in a ckch_node tree
|
|
- MEDIUM: ssl: load DH param in struct cert_key_and_chain
|
|
- BUG/MAJOR: queue/threads: avoid an AB/BA locking issue in process_srv_queue()
|
|
- MINOR: ssl: use STACK_OF for chain certs
|
|
- MINOR: ssl: add extra chain compatibility
|
|
- MINOR: ssl: check private key consistency in loading
|
|
- MINOR: ssl: do not look at DHparam with OPENSSL_NO_DH
|
|
- CLEANUP: ssl: ssl_sock_load_crt_file_into_ckch
|
|
- MINOR: ssl: clean ret variable in ssl_sock_load_ckchn
|
|
- MAJOR: fd: Get rid of the fd cache.
|
|
- MEDIUM: pollers: Remember the state for read and write for each threads.
|
|
- MEDIUM: mux-h2: don't try to read more than needed
|
|
- BUG/BUILD: ssl: fix build with openssl < 1.0.2
|
|
- BUG/MEDIUM: ssl: does not try to free a DH in a ckch
|
|
- BUG/MINOR: debug: fix a small race in the thread dumping code
|
|
- MINOR: wdt: also consider that waiting in the thread dumper is normal
|
|
- REGTESTS: checks: make 4be_1srv_health_checks more reliable
|
|
- BUILD: ssl: BoringSSL add EVP_PKEY_base_id
|
|
- BUG/MEDIUM: ssl: don't free the ckch in multi-cert bundle
|
|
- BUG/MINOR: ssl: fix ressource leaks on error
|
|
- BUG/MEDIUM: lb-chash: Ensure the tree integrity when server weight is increased
|
|
- BUG/MAJOR: http/sample: use a static buffer for raw -> htx conversion
|
|
- BUG/MINOR: stream-int: make sure to always release empty buffers after sending
|
|
- BUG/MEDIUM: ssl: open the right path for multi-cert bundle
|
|
- BUG/MINOR: stream-int: also update analysers timeouts on activity
|
|
- BUG/MEDIUM: mux-h2: unbreak receipt of large DATA frames
|
|
- BUG/MEDIUM: mux-h2: split the stream's and connection's window sizes
|
|
- BUG/MEDIUM: proxy: Make sure to destroy the stream on upgrade from TCP to H2
|
|
- DOC: Add 'Question.md' issue template, discouraging asking questions
|
|
- BUG/MEDIUM: fd: Always reset the polled_mask bits in fd_dodelete().
|
|
- BUG/MEDIUM: pollers: Clear the poll_send bits as well.
|
|
- BUILD: travis-ci: enable daily Coverity scan
|
|
- BUG/MINOR: mux-h2: don't refrain from sending an RST_STREAM after another one
|
|
- BUG/MINOR: mux-h2: use CANCEL, not STREAM_CLOSED in h2c_frt_handle_data()
|
|
- BUG/MINOR: mux-h2: do not send REFUSED_STREAM on aborted uploads
|
|
- BUG/MEDIUM: mux-h2: do not recheck a frame type after a state transition
|
|
- BUG/MINOR: mux-h2: always send stream window update before connection's
|
|
- BUG/MINOR: mux-h2: always reset rcvd_s when switching to a new frame
|
|
- BUG/MEDIUM: checks: make sure to close nicely when we're the last to speak
|
|
- BUG/MEDIUM: stick-table: Wrong stick-table backends parsing.
|
|
- CLEANUP: mux-h2: move the demuxed frame check code in its own function
|
|
- MINOR: cache: add method to cache hash
|
|
- MINOR: cache: allow caching of OPTIONS request
|
|
- BUG/MINOR: ssl: fix 0-RTT for BoringSSL
|
|
- MINOR: ssl: ssl_fc_has_early should work for BoringSSL
|
|
- BUG/MINOR: pools: don't mark the thread harmless if already isolated
|
|
- BUG/MINOR: buffers/threads: always clear a buffer's head before releasing it
|
|
- CLEANUP: buffer: replace b_drop() with b_free()
|
|
- CLEANUP: task: move the cpu_time field to the task-only part
|
|
- MINOR: cli: add two new states to print messages on the CLI
|
|
- MINOR: cli: add cli_msg(), cli_err(), cli_dynmsg(), cli_dynerr()
|
|
- CLEANUP: cli: replace all occurrences of manual handling of return messages
|
|
- BUG/MEDIUM: proxy: Don't forget the SF_HTX flag when upgrading TCP=>H1+HTX.
|
|
- BUG/MEDIUM: proxy: Don't use cs_destroy() when freeing the conn_stream.
|
|
- BUG/MINOR: lua: fix setting netfilter mark
|
|
- BUG/MINOR: Fix prometheus '# TYPE' and '# HELP' headers
|
|
- BUG/MEDIUM: lua: Fix test on the direction to set the channel exp timeout
|
|
- BUG/MINOR: stats: Wait the body before processing POST requests
|
|
- MINOR: fd: make sure to mark the thread as not stuck in fd_update_events()
|
|
- BUG/MEDIUM: mux_pt: Don't call unsubscribe if we did not subscribe.
|
|
- BUILD: travis-ci: trigger non-mainstream configurations only on daily builds.
|
|
- MINOR: debug: indicate the applet name when the task is task_run_applet()
|
|
- MINOR: tools: add append_prefixed_str()
|
|
- MINOR: lua: export applet and task handlers
|
|
- MEDIUM: debug: make the thread dump code show Lua backtraces
|
|
- BUG/MEDIUM: h1: Always try to receive more in h1_rcv_buf().
|
|
- MINOR: list: add LIST_SPLICE() to merge one list into another
|
|
- MINOR: tools: add a DEFNULL() macro to use NULL for empty args
|
|
- REORG: trace: rename trace.c to calltrace.c and mention it's not thread-safe
|
|
- MINOR: sink: create definitions a minimal code for event sinks
|
|
- MINOR: sink: add a support for file descriptors
|
|
- MINOR: trace: start to create a new trace subsystem
|
|
- MINOR: trace: add allocation of buffer-sized trace buffers
|
|
- MINOR: trace/cli: register the "trace" CLI keyword to list the sources
|
|
- MINOR: trace/cli: parse the "level" argument to configure the trace verbosity
|
|
- MINOR: trace/cli: add "show trace" to report trace state and statistics
|
|
- MINOR: trace: implement a very basic trace() function
|
|
- MINOR: trace: add the file name and line number in the prefix
|
|
- MINOR: trace: make trace() now also take a level in argument
|
|
- MINOR: trace: implement a call to a decode function
|
|
- MINOR: trace: add per-level macros to produce traces
|
|
- MINOR: trace: add a definition of typed arguments to trace()
|
|
- MINOR: trace: make sure to always stop the locking when stopping or pausing
|
|
- MINOR: trace: add the possibility to lock on some arguments
|
|
- MINOR: trace: parse the "lock" argument to trace
|
|
- MINOR: trace: retrieve useful pointers and enforce lock-on
|
|
- DOC: management: document the "trace" and "show trace" commands
|
|
- BUILD: trace: make the lockon_ptr const to silence a warning without threads
|
|
- BUG/MEDIUM: mux-h1: do not truncate trailing 0CRLF on buffer boundary
|
|
- BUG/MEDIUM: mux-h1: do not report errors on transfers ending on buffer full
|
|
- DOC: fixed typo in management.txt
|
|
- BUG/MINOR: mworker: disable SIGPROF on re-exec
|
|
- BUG/MEDIUM: listener/threads: fix an AB/BA locking issue in delete_listener()
|
|
- BUG/MEDIUM: url32 does not take the path part into account in the returned hash.
|
|
- MINOR: backend: Add srv_queue converter
|
|
- MINOR: sink: set the fd-type sinks to non-blocking
|
|
- MINOR: tools: add a function varint_bytes() to report the size of a varint
|
|
- MINOR: buffer: add functions to read/write varints from/to buffers
|
|
- MINOR: fd: add fd_write_frag_line() to send a fragmented line to an fd
|
|
- MINOR: sink: now call the generic fd write function
|
|
- MINOR: ring: add a new mechanism for retrieving/storing ring data in buffers
|
|
- MINOR: ring: add a ring_write() function
|
|
- MINOR: ring: add a generic CLI io_handler to dump a ring buffer
|
|
- MINOR: sink: add support for ring buffers
|
|
- MINOR: sink: implement "show events" to show supported sinks and dump the rings
|
|
- MINOR: sink: now report the number of dropped events on output
|
|
- MINOR: trace: support a default callback for the source
|
|
- MINOR: trace: extend the source location to 13 chars
|
|
- MINOR: trace: show thread number and source name in the trace
|
|
- MINOR: trace: change the TRACE() calling convention to put the args and cb last
|
|
- MINOR: connection: add the fc_pp_authority fetch -- authority TLV, from PROXYv2
|
|
- MINOR: tools: add a generic struct "name_desc" for name-description pairs
|
|
- MINOR: trace: replace struct trace_lockon_args with struct name_desc
|
|
- MINOR: trace: change the "payload" level to "data" and move it
|
|
- MINOR: trace: prepend the function name for developer level traces
|
|
- MINOR: trace: also report the trace level in the output
|
|
- MINOR: trace: change the detail_level to per-source verbosity
|
|
- MINOR: mux-h2/trace: register a new trace source with its events
|
|
- MINOR: mux-h2/trace: add the default decoding callback
|
|
- MEDIUM: mux-h2/trace: add lots of traces all over the code
|
|
- MINOR: mux-h2: add functions to convert an h2c/h2s state to a string
|
|
- MINOR: mux-h2/trace: add a new verbosity level "clean"
|
|
- MINOR: mux-h2/trace: only decode the start-line at verbosity other than "minimal"
|
|
- MINOR: mux-h2/trace: always report the h2c/h2s state and flags
|
|
- MINOR: mux-h2/trace: report h2s->id before h2c->dsi for the stream ID
|
|
- CLEANUP: mux-h2/trace: reformat the "received" messages for better alignment
|
|
- CLEANUP: mux-h2/trace: lower-case event names
|
|
- MINOR: trace: extend default event names to 12 chars
|
|
- BUG/MINOR: ring: fix the way watchers are counted
|
|
- MINOR: cli: extend the CLI context with a list and two offsets
|
|
- MINOR: mux-h2/trace: report the connection pointer and state before FRAME_H
|
|
- MEDIUM: ring: implement a wait mode for watchers
|
|
- BUG/MEDIUM: mux-h2/trace: do not dereference h2c->conn after failed idle
|
|
- BUG/MEDIUM: mux-h2/trace: fix missing braces added with traces
|
|
- BUG/MINOR: ring: b_peek_varint() returns a uint64_t, not a size_t
|
|
- CLEANUP: fd: remove leftovers of the fdcache
|
|
- MINOR: fd: add a new "initialized" bit in the fdtab struct
|
|
- MINOR: fd/log/sink: make the non-blocking initialization depend on the initialized bit
|
|
- MEDIUM: log: use the new generic fd_write_frag_line() function
|
|
- MINOR: log: add a target type instead of hacking the address family
|
|
- MEDIUM: log: add support for logging to a ring buffer
|
|
- MINOR: send-proxy-v2: sends authority TLV according to TLV received
|
|
- MINOR: build: add linux-glibc-legacy build TARGET
|
|
- BUG/MEDIUM: peers: local peer socket not bound.
|
|
- BUILD: connection: silence gcc warning with extra parentheses
|
|
- BUG/MINOR: http-ana: Reset response flags when 1xx messages are handled
|
|
- BUG/MINOR: h1: Properly reset h1m when parsing is restarted
|
|
- BUG/MINOR: mux-h1: Fix size evaluation of HTX messages after headers parsing
|
|
- BUG/MINOR: mux-h1: Don't stop anymore input processing when the max is reached
|
|
- BUG/MINOR: mux-h1: Be sure to update the count before adding EOM after trailers
|
|
- BUG/MEDIUM: cache: Properly copy headers splitted on several shctx blocks
|
|
- BUG/MEDIUM: cache: Don't cache objects if the size of headers is too big
|
|
- BUG/MINOR: mux-h1: Fix a possible null pointer dereference in h1_subscribe()
|
|
- MEDIUM: fd: remove the FD_EV_POLLED status bit
|
|
- MEDIUM: fd: simplify the fd_*_{recv,send} functions using BTS/BTR
|
|
- MINOR: fd: make updt_fd_polling() a normal function
|
|
- CONTRIB: debug: add new program "poll" to test poll() events
|
|
- BUG/MINOR: checks: stop polling for write when we have nothing left to send
|
|
- BUG/MINOR: checks: start sending the request right after connect()
|
|
- BUG/MINOR: checks: make __event_chk_srv_r() report success before closing
|
|
- BUG/MINOR: checks: do not uselessly poll for reads before the connection is up
|
|
- BUG/MINOR: mux-h1: Fix a UAF in cfg_h1_headers_case_adjust_postparser()
|
|
- BUILD: CI: add basic CentOS 6 cirrus build
|
|
- MINOR: contrib/prometheus-exporter: Report DRAIN/MAINT/NOLB status for servers
|
|
- BUG/MINOR: lb/leastconn: ignore the server weights for empty servers
|
|
- BUG/MAJOR: ssl: ssl_sock was not fully initialized.
|
|
- MEDIUM: fd: mark the FD as ready when it's inserted
|
|
- MINOR: fd: add two new calls fd_cond_{recv,send}()
|
|
- MEDIUM: connection: enable reading only once the connection is confirmed
|
|
- MINOR: fd: add two flags ERR and SHUT to describe FD states
|
|
- MEDIUM: fd: do not use the FD_POLL_* flags in the pollers anymore
|
|
- BUG/MEDIUM: connection: don't keep more idle connections than ever needed
|
|
- MINOR: stats: report the number of idle connections for each server
|
|
- BUILD: CI: skip reg-tests/connection/proxy_protocol_random_fail.vtc on CentOS 6
|
|
- BUILD/MINOR: auth: enabling for osx
|
|
- BUG/MINOR: listener: Fix a possible null pointer dereference
|
|
- BUG/MINOR: ssl: always check for ssl connection before getting its XPRT context
|
|
- MINOR: stats: Add JSON export from the stats page
|
|
- BUG/MINOR: filters: Properly set the HTTP status code on analysis error
|
|
- MINOR: sample: Add UUID-fetch
|
|
- CLEANUP: mux-h2: Remove unused flag H2_SF_DATA_CHNK
|
|
- BUG/MINOR: acl: Fix memory leaks when an ACL expression is parsed
|
|
- BUG/MINOR: backend: Fix a possible null pointer dereference
|
|
- BUG/MINOR: Missing stat_field_names (since f21d17bb)
|
|
- BUG/MEDIUM: stick-table: Properly handle "show table" with a data type argument
|
|
- BUILD: CI: temporarily disable ASAN
|
|
- MINOR: htx: Add a flag on HTX message to report processing errors
|
|
- MINOR: mux-h1: Report a processing error during output processing
|
|
- MINOR: http-ana: Handle HTX errors first during message analysis
|
|
- MINOR: http-ana: Remove err_state field from http_msg
|
|
- MINOR: config: Support per-proxy and per-server deinit functions callbacks
|
|
- MINOR: config: Support per-proxy and per-server post-check functions callbacks
|
|
- MINOR: http_fetch: Add sample fetches to get auth method/user/pass
|
|
- MINOR: istbuf: Add the function b_isteqi()
|
|
- MINOR: log: Provide a function to emit a log for an application
|
|
- MINOR: http: Add function to parse value of the header Status
|
|
- MEDIUM: mux-h1/h1-htx: move HTX convertion of H1 messages in dedicated file
|
|
- MINOR: h1-htx: Use the same function to copy message payload in all cases
|
|
- MINOR: muxes/htx: Ignore pseudo header during message formatting
|
|
- MINOR: fcgi: Add code related to FCGI protocol
|
|
- MEDIUM: fcgi-app: Add FCGI application and filter
|
|
- MEDIUM: mux-fcgi: Add the FCGI multiplexer
|
|
- MINOR: doc: Add documentation about the FastCGI support
|
|
- BUG/MINOR: build: Fix compilation of mux_fcgi.c when compiled without SSL
|
|
- BUILD: CI: install golang-1.13 when building BoringSSL
|
|
- BUG/MINOR: mux-h2: Be sure to have a connection to unsubcribe
|
|
- BUG/MINOR: mux-fcgi: Be sure to have a connection to unsubcribe
|
|
- CLEANUP: fcgi-app: Remove useless test on fcgi_conf pointer
|
|
- BUG/MINOR: mux-fcgi: Don't compare the filter name in its parsing callback
|
|
- BUG/MAJOR: mux-h2: Handle HEADERS frames received after a RST_STREAM frame
|
|
- BUG/MEDIUM: check/threads: make external checks run exclusively on thread 1
|
|
- MEDIUM: list: Separate "locked" list from regular list.
|
|
- MINOR: mt_lists: Add new macroes.
|
|
- MEDIUM: servers: Use LIST_DEL_INIT() instead of LIST_DEL().
|
|
- MINOR: mt_lists: Do nothing in MT_LIST_ADD/MT_LIST_ADDQ if already in list.
|
|
- MINOR: mt_lists: Give MT_LIST_ADD, MT_LIST_ADDQ and MT_LIST_DEL a return value.
|
|
- MEDIUM: tasklets: Make the tasklet list a struct mt_list.
|
|
- TESTS: Add a stress-test for mt_lists.
|
|
- BUILD: travis-ci: add PCRE2, SLZ build
|
|
- BUG/MINOR: build: fix event ports (Solaris)
|
|
- BUG/MEDIUM: namespace: fix fd leak in master-worker mode
|
|
- OPTIM: listeners: use tasklets for the multi-queue rings
|
|
- BUILD: makefile: work around yet another GCC fantasy (-Wstring-plus-int)
|
|
- BUG/MINOR: stream-int: Process connection/CS errors first in si_cs_send()
|
|
- BUG/MEDIUM: stream-int: Process connection/CS errors during synchronous sends
|
|
- BUG/MEDIUM: checks: make sure the connection is ready before trying to recv
|
|
- CLEANUP: task: remove impossible test
|
|
- CLEANUP: task: cache the task_per_thread pointer
|
|
- MINOR: task: split the tasklet vs task code in process_runnable_tasks()
|
|
- MINOR: task: introduce a thread-local "sched" variable for local scheduler stuff
|
|
- CLEANUP: mux-fcgi: Remove the unused function fcgi_strm_id()
|
|
- BUG/MINOR: mux-fcgi: Use a literal string as format in app_log()
|
|
- BUG/MEDIUM: tasklets: Make sure we're waking the target thread if it sleeps.
|
|
- MINOR: h2/trace: indicate 'F' or 'B' to locate the side of an h2c in traces
|
|
- MINOR: h2/trace: report the frame type when known
|
|
- BUG/MINOR: mux-h2: do not wake up blocked streams before the mux is ready
|
|
- BUG/MEDIUM: namespace: close open namespaces during soft shutdown
|
|
- MINOR: time: add timeofday_as_iso_us() to return instant time as ISO
|
|
- MINOR: sink: finally implement support for SINK_FMT_{TIMED,ISO}
|
|
- MINOR: sink: change ring buffer "buf0"'s format to "timed"
|
|
- BUG/MEDIUM: mux-h2: don't reject valid frames on closed streams
|
|
- BUG/MINOR: mux-fcgi: silence a gcc warning about null dereference
|
|
- BUG/MINOR: mux-h2: Fix missing braces because of traces in h2_detach()
|
|
- BUG/MINOR: mux-h2: Use the dummy error when decoding headers for a closed stream
|
|
- BUG/MAJOR: mux_h2: Don't consume more payload than received for skipped frames
|
|
- BUG/MINOR: mux-h1: Do h2 upgrade only on the first request
|
|
- BUG/MEDIUM: spoe: Use a different engine-id per process
|
|
- MINOR: spoe: Improve generation of the engine-id
|
|
- MINOR: spoe: Support the async mode with several threads
|
|
- MINOR: http: Add server name header from HTTP multiplexers
|
|
- CLEANUP: http-ana: Remove the unused function http_send_name_header()
|
|
- MINOR: stats: Add the support of float fields in stats
|
|
- BUG/MINOR: contrib/prometheus-exporter: Return the time averages in seconds
|
|
- DOC: Fix documentation about the cli command to get resolver stats
|
|
- BUG/MEDIUM: fcgi: fix missing list tail in sample fetch registration
|
|
- BUG/MINOR: stats: Add a missing break in a switch statement
|
|
- BUG/MINOR: lua: Properly initialize the buffer's fields for string samples in hlua_lua2(smp|arg)
|
|
- CLEANUP: lua: Get rid of obsolete (size_t *) cast in hlua_lua2(smp|arg)
|
|
- BUG/MEDIUM: lua: Store stick tables into the sample's `t` field
|
|
- CLEANUP: proxy: Remove `proxy_tbl_by_name`
|
|
- BUILD: ssl: fix a warning when built with openssl < 1.0.2
|
|
- DOC: replace utf-8 quotes by ascii ones
|
|
- BUG/MEDIUM: fd: HUP is an error only when write is active
|
|
- BUG/MINOR: action: do-resolve does not yield on requests with body
|
|
- Revert "MINOR: cache: allow caching of OPTIONS request"
|
|
|
|
2019/07/16 : 2.1-dev1
|
|
- BUG/MEDIUM: h2/htx: Update data length of the HTX when the cookie list is built
|
|
- DOC: this is a development branch again.
|
|
- MEDIUM: Make 'block' directive fatal
|
|
- MEDIUM: Make 'redispatch' directive fatal
|
|
- MEDIUM: Make '(cli|con|srv)timeout' directive fatal
|
|
- MEDIUM: Remove 'option independant-streams'
|
|
- MINOR: sample: Add sha2([<bits>]) converter
|
|
- MEDIUM: server: server-state global file stored in a tree
|
|
- BUG/MINOR: lua/htx: Make txn.req_req_* and txn.res_rep_* HTX aware
|
|
- BUG/MINOR: mux-h1: Add the header connection in lower case in outgoing messages
|
|
- BUG/MEDIUM: compression: Set Vary: Accept-Encoding for compressed responses
|
|
- MINOR: htx: Add the function htx_change_blk_value_len()
|
|
- BUG/MEDIUM: htx: Fully update HTX message when the block value is changed
|
|
- BUG/MEDIUM: mux-h2: Reset padlen when several frames are demux
|
|
- BUG/MEDIUM: mux-h2: Remove the padding length when a DATA frame size is checked
|
|
- BUG/MEDIUM: lb_fwlc: Don't test the server's lb_tree from outside the lock
|
|
- BUG/MAJOR: sample: Wrong stick-table name parsing in "if/unless" ACL condition.
|
|
- BUILD: mworker: silence two printf format warnings around getpid()
|
|
- BUILD: makefile: use :space: instead of digits to count commits
|
|
- BUILD: makefile: adjust the sed expression of "make help" for solaris
|
|
- BUILD: makefile: do not rely on shell substitutions to determine git version
|
|
- BUG/MINOR: mworker-prog: Fix segmentation fault during cfgparse
|
|
- BUG/MINOR: spoe: Fix memory leak if failing to allocate memory
|
|
- BUG/MEDIUM: mworker: don't call the thread and fdtab deinit
|
|
- BUG/MEDIUM: stream_interface: Don't add SI_FL_ERR the state is < SI_ST_CON.
|
|
- BUG/MEDIUM: connections: Always add the xprt handshake if needed.
|
|
- BUG/MEDIUM: ssl: Don't do anything in ssl_subscribe if we have no ctx.
|
|
- BUG/MEDIUM: mworker/cli: command pipelining doesn't work anymore
|
|
- BUG/MINOR: htx: Save hdrs_bytes when the HTX start-line is replaced
|
|
- BUG/MAJOR: mux-h1: Don't crush trash chunk area when outgoing message is formatted
|
|
- BUG/MINOR: memory: Set objects size for pools in the per-thread cache
|
|
- BUG/MINOR: log: Detect missing sampling ranges in config
|
|
- BUG/MEDIUM: proto_htx: Don't add EOM on 1xx informational messages
|
|
- BUG/MEDIUM: mux-h1: Use buf_room_for_htx_data() to detect too large messages
|
|
- BUG/MINOR: mux-h1: Make format errors during output formatting fatal
|
|
- BUG/MEDIUM: ssl: Don't attempt to set alpn if we're not using SSL.
|
|
- BUG/MEDIUM: mux-h1: Always release H1C if a shutdown for writes was reported
|
|
- BUG/MINOR: mworker/cli: don't output a \n before the response
|
|
- BUG/MEDIUM: checks: unblock signals in external checks
|
|
- BUG/MINOR: mux-h1: Skip trailers for non-chunked outgoing messages
|
|
- BUG/MINOR: mux-h1: Don't return the empty chunk on HEAD responses
|
|
- BUG/MEDIUM: connections: Always call shutdown, with no linger.
|
|
- BUG/MEDIUM: checks: Make sure the tasklet won't run if the connection is closed.
|
|
- BUG/MINOR: contrib/prometheus-exporter: Don't use channel_htx_recv_max()
|
|
- BUG/MINOR: hlua: Don't use channel_htx_recv_max()
|
|
- BUG/MEDIUM: channel/htx: Use the total HTX size in channel_htx_recv_limit()
|
|
- BUG/MINOR: hlua/htx: Respect the reserve when HTX data are sent
|
|
- BUG/MINOR: contrib/prometheus-exporter: Respect the reserve when data are sent
|
|
- BUG/MEDIUM: connections: Make sure we're unsubscribe before upgrading the mux.
|
|
- BUG/MEDIUM: servers: Authorize tfo in default-server.
|
|
- BUG/MEDIUM: sessions: Don't keep an extra idle connection in sessions.
|
|
- MINOR: server: Add "no-tfo" option.
|
|
- BUG/MINOR: contrib/prometheus-exporter: Don't try to add empty data blocks
|
|
- MINOR: action: Add the return code ACT_RET_DONE for actions
|
|
- BUG/MEDIUM: http/applet: Finish request processing when a service is registered
|
|
- BUG/MEDIUM: lb_fas: Don't test the server's lb_tree from outside the lock
|
|
- BUG/MEDIUM: mux-h1: Handle TUNNEL state when outgoing messages are formatted
|
|
- BUG/MINOR: mux-h1: Don't process input or ouput if an error occurred
|
|
- MINOR: stream-int: Factorize processing done after sending data in si_cs_send()
|
|
- BUG/MEDIUM: stream-int: Don't rely on CF_WRITE_PARTIAL to unblock opposite si
|
|
- DOC: contrib: spoa_server Add some hints for building spoa_server
|
|
- DOC: Fix typo in intro.txt
|
|
- BUG/MEDIUM: servers: Don't forget to set srv_cs to NULL if we can't reuse it.
|
|
- BUG/MINOR: ssl: revert empty handshake detection in OpenSSL <= 1.0.2
|
|
- MINOR: pools: release the pool's lock during the malloc/free calls
|
|
- MINOR: pools: always pre-initialize allocated memory outside of the lock
|
|
- MINOR: pools: make the thread harmless during the mmap/munmap syscalls
|
|
- BUG/MEDIUM: fd/threads: fix excessive CPU usage on multi-thread accept
|
|
- BUG/MINOR: server: Be really able to keep "pool-max-conn" idle connections
|
|
- BUG/MEDIUM: checks: Don't attempt to read if we destroyed the connection.
|
|
- BUG/MEDIUM: da: cast the chunk to string.
|
|
- DOC: Fix typos and grammer in configuration.txt
|
|
- CLEANUP: proto_tcp: Remove useless header inclusions.
|
|
- BUG/MEDIUM: servers: Fix a race condition with idle connections.
|
|
- MINOR: task: introduce work lists
|
|
- BUG/MAJOR: listener: fix thread safety in resume_listener()
|
|
- BUG/MEDIUM: mux-h1: Don't release h1 connection if there is still data to send
|
|
- BUG/MINOR: mux-h1: Correctly report Ti timer when HTX and keepalives are used
|
|
- BUG/MEDIUM: streams: Don't give up if we couldn't send the request.
|
|
- BUG/MEDIUM: streams: Don't redispatch with L7 retries if redispatch isn't set.
|
|
- BUG/MINOR: mux-pt: do not pretend there's more data after a read0
|
|
- BUG/MEDIUM: tcp-check: unbreak multiple connect rules again
|
|
- MEDIUM: mworker-prog: Add user/group options to program section
|
|
- REGTESTS: checks: tcp-check connect to multiple ports
|
|
- BUG/MEDIUM: threads: cpu-map designating a single thread/process are ignored
|
|
|
|
2019/06/16 : 2.1-dev0
|
|
- exact copy of 2.0.0
|
|
|
|
2019/06/16 : 2.0.0
|
|
- MINOR: fd: Don't use atomic operations when it's not needed.
|
|
- DOC: mworker-prog: documentation for the program section
|
|
- MINOR: http: add a new "http-request replace-uri" action
|
|
- BUG/MINOR: 51d/htx: The _51d_fetch method, and the methods it calls are now HTX aware.
|
|
- MINOR: 51d: Added dummy libraries for the 51Degrees module for testing.
|
|
- MINOR: mworker: change formatting in uptime field of "show proc"
|
|
- MINOR: mworker: add the HAProxy version in "show proc"
|
|
- MINOR: doc: Remove -Ds option in man page
|
|
- MINOR: doc: add master-worker in the man page
|
|
- MINOR: doc: mention HAPROXY_LOCALPEER in the man
|
|
- BUILD: Silence gcc warning about unused return value
|
|
- CLEANUP: 51d: move the 51d dummy lib to contrib/51d/src to match the real lib
|
|
- BUILD: travis-ci: add 51Degree device detection, update openssl to 1.1.1c
|
|
- MINOR: doc: update the manpage and usage message about -S
|
|
- BUILD/MINOR: 51d: Updated build registration output to indicate thatif the library is a dummy one or not.
|
|
- BUG/MEDIUM: h1: Don't wait for handshake if we had an error.
|
|
- BUG/MEDIUM: h1: Wait for the connection if the handshake didn't complete.
|
|
- BUG/MINOR: task: prevent schedulable tasks from starving under high I/O activity
|
|
- BUG/MINOR: fl_trace/htx: Be sure to always forward trailers and EOM
|
|
- BUG/MINOR: channel/htx: Call channel_htx_full() from channel_full()
|
|
- BUG/MINOR: http: Use the global value to limit the number of parsed headers
|
|
- BUG/MINOR: htx: Detect when tail_addr meet end_addr to maximize free rooms
|
|
- BUG/MEDIUM: htx: Don't change position of the first block during HTX analysis
|
|
- CLEANUP: channel: Remove channel_htx_fwd_payload() and channel_htx_fwd_all()
|
|
- BUG/MEDIUM: proto_htx: Introduce the state ENDING during forwarding
|
|
- MINOR: htx: Add 3 flags on the start-line to deal with the request schemes
|
|
- MINOR: h2: Set flags about the request's scheme on the start-line
|
|
- MINOR: mux-h1: Set flags about the request's scheme on the start-line
|
|
- MINOR: mux-h2: Forward clients scheme to servers checking start-line flags
|
|
- MEDIUM: server: server-state only rely on server name
|
|
- CLEANUP: connection: rename the wait_event.task field to .tasklet
|
|
- CLEANUP: tasks: rename task_remove_from_tasklet_list() to tasklet_remove_*
|
|
- BUG/MEDIUM: connections: Don't call shutdown() if we want to disable linger.
|
|
- DOC: add some environment variables in section 2.3
|
|
- BUILD: makefile: clarify the "help" output and list options
|
|
- BUG/MINOR: mux-h1: Wake busy mux for I/O when message is fully sent
|
|
- BUG: tasks: fix bug introduced by latest scheduler cleanup
|
|
- BUG/MEDIUM: mux-h2: fix early close with option abortonclose
|
|
- BUG/MEDIUM: connections: Don't use ALPN to pick mux when in mode TCP.
|
|
- BUG/MEDIUM: connections: Don't try to send early data if we have no mux.
|
|
- BUG/MEDIUM: mux-h2: properly account for the appended data in HTX
|
|
- BUILD: makefile: further clarify the "help" output and list targets
|
|
- BUILD: makefile: rename "linux2628" to "linux-glibc" and remove older targets
|
|
- BUILD: travis-ci: switch to linux-glibc instead of linux2628
|
|
- DOC: update few references to the linux* targets and change them to linux-glibc
|
|
- BUILD: makefile: detect and reject recently removed linux targets
|
|
- BUILD: makefile: enable linux namespaces by default on linux
|
|
- BUILD: makefile: enable TFO on linux platforms
|
|
- BUILD: makefile: enable getaddrinfo on the linux-glibc target
|
|
- DOC: small updates to the CONTRIBUTING file
|
|
- BUG/MEDIUM: ssl: Make sure we initiate the handshake after using early data.
|
|
- CLEANUP: removed obsolete examples an move a few to better places
|
|
- DOC: Fix typos in CONTRIBUTING
|
|
- DOC: update the outdated ROADMAP file
|
|
- DOC: create a BRANCHES file to explain the life cycle
|
|
- DOC: mention in INSTALL haproxy 2.0 is a long-term supported stable version
|
|
- BUILD: travis-ci: TFO and GETADDRINFO are now enabled by default
|
|
- BUILD: makefile: make the obsolete target detection compatible with make-3.80
|
|
- BUILD: tools: work around an internal compiler bug in gcc-3.4
|
|
- BUILD: pattern: work around an internal compiler bug in gcc-3.4
|
|
- BUILD: makefile: enable USE_RT on Solaris
|
|
- BUILD: makefile: do not use echo -n
|
|
- DOC: mention a few common build errors in the INSTALL file
|
|
|
|
2019/06/11 : 2.0-dev7
|
|
- BUG/MEDIUM: mux-h2: make sure the connection timeout is always set
|
|
- MINOR: tools: add new bitmap manipulation functions
|
|
- MINOR: logs: use the new bitmap functions instead of fd_sets for encoding maps
|
|
- MINOR: chunks: Make sure trash_size is only set once.
|
|
- Revert "MINOR: chunks: Make sure trash_size is only set once."
|
|
- MINOR: threads: serialize threads initialization
|
|
- MINOR peers: data structure simplifications for server names dictionary cache.
|
|
- DOC: peers: Update for dictionary cache entries for peers protocol.
|
|
- MINOR: dict: Store the length of the dictionary entries.
|
|
- MINOR: peers: A bit of optimization when encoding cached server names.
|
|
- MINOR: peers: Optimization for dictionary cache lookup.
|
|
- MEDIUM: tools: improve time format error detection
|
|
- BUG/MEDIUM: H1: When upgrading, make sure we don't free the buffer too early.
|
|
- BUG/MEDIUM: stream_interface: Make sure we call si_cs_process() if CS_FL_EOI.
|
|
- MINOR: threads: avoid clearing harmless twice in thread_release()
|
|
- MEDIUM: threads: add thread_sync_release() to synchronize steps
|
|
- BUG/MEDIUM: init/threads: prevent initialized threads from starting before others
|
|
- OPTIM/MINOR: init/threads: only call protocol_enable_all() on first thread
|
|
- BUG/MINOR: dict: race condition fix when inserting dictionary entries.
|
|
- MEDIUM: init/threads: don't use spinlocks during the init phase
|
|
- BUG/MINOR: cache/htx: Fix the counting of data already sent by the cache applet
|
|
- BUG/MEDIUM: compression/htx: Fix the adding of the last data block
|
|
- MINOR: flt_trace: Don't scrash the original offset during the random forwarding
|
|
- MAJOR: htx: Rework how free rooms are tracked in an HTX message
|
|
- MINOR: htx: Add the function htx_move_blk_before()
|
|
- Revert "BUG/MEDIUM: H1: When upgrading, make sure we don't free the buffer too early."
|
|
- BUG/MINOR: http-rules: mention "deny_status" for "deny" in the error message
|
|
- MINOR: http: turn default error files to HTTP/1.1
|
|
- BUG/MEDIUM: h1: Don't try to subscribe if we had a connection error.
|
|
- BUG/MEDIUM: h1: Don't consider we're connected if the handshake isn't done.
|
|
- MINOR: contrib/spoa_server: Upgrade SPOP to 2.0
|
|
- BUG/MEDIUM: contrib/spoa_server: Set FIN flag on agent frames
|
|
- MINOR: contrib/spoa_server: Add random IP score
|
|
- DOC/MINOR: contrib/spoa_server: Fix typo in README
|
|
|
|
2019/06/07 : 2.0-dev6
|
|
- BUG/MEDIUM: connection: fix multiple handshake polling issues
|
|
- MINOR: connection: also stop receiving after a SOCKS4 response
|
|
- MINOR: mux-h1: don't try to recv() before the connection is ready
|
|
- BUG/MEDIUM: mux-h1: only check input data for the current stream, not next one
|
|
- MEDIUM: mux-h1: don't use CS_FL_REOS anymore
|
|
- CLEANUP: connection: remove the now unused CS_FL_REOS flag
|
|
- CONTRIB: debug: add 4 missing connection/conn_stream flags
|
|
- MEDIUM: stream: make a full process_stream() loop when completing I/O on exit
|
|
- MINOR: server: increase the default pool-purge-delay to 5 seconds
|
|
- BUILD: tools: do not use the weak attribute for trace() on obsolete linkers
|
|
- BUG/MEDIUM: vars: make sure the scope is always valid when accessing vars
|
|
- BUG/MEDIUM: vars: make the tcp/http unset-var() action support conditions
|
|
- BUILD: task: fix a build warning when threads are disabled
|
|
- CLEANUP: peers: Remove tabs characters.
|
|
- CLEANUP: peers: Replace hard-coded values by macros.
|
|
- BUG/MINOR: peers: Wrong stick-table update message building.
|
|
- MINOR: dict: Add dictionary new data structure.
|
|
- MINOR: peers: Add a LRU cache implementation for dictionaries.
|
|
- MINOR: stick-table: Add "server_name" new data type.
|
|
- MINOR: cfgparse: Space allocation for "server_name" stick-table data type.
|
|
- MINOR: proxy: Add a "server by name" tree to proxy.
|
|
- MINOR: server: Add a dictionary for server names.
|
|
- MINOR: stream: Stickiness server lookup by name.
|
|
- MINOR: peers: Make peers protocol support new "server_name" data type.
|
|
- MINOR: stick-table: Make the CLI stick-table handler support dictionary entry data type.
|
|
- REGTEST: Add a basic server by name stickiness reg test.
|
|
- MINOR: peers: Add dictionary cache information to "show peers" CLI command.
|
|
- MINOR: peers: Replace hard-coded for peer protocol 64-bits value encoding by macros.
|
|
- MINOR: peers: Replace hard-coded values for peer protocol messaging by macros.
|
|
- CLEANUP: ssl: remove unneeded defined(OPENSSL_IS_BORINGSSL)
|
|
- BUILD: travis-ci improvements
|
|
- MINOR: SSL: add client/server random sample fetches
|
|
- BUG/MINOR: channel/htx: Don't alter channel during forward for empty HTX message
|
|
- BUG/MINOR: contrib/prometheus-exporter: Add HTX data block in one time
|
|
- BUG/MINOR: mux-h1: errflag must be set on H1S and not H1M during output processing
|
|
- MEDIUM: mux-h1: refactor output processing
|
|
- MINOR: mux-h1: Add the flag HAVE_O_CONN on h1s
|
|
- MINOR: mux-h1: Add h1_eval_htx_hdrs_size() to estimate size of the HTX headers
|
|
- MINOR: mux-h1: Don't count the EOM in the estimated size of headers
|
|
- MEDIUM: cache/htx: Always store info about HTX blocks in the cache
|
|
- MEDIUM: htx: Add the parsing of trailers of chunked messages
|
|
- MINOR: htx: Don't use end-of-data blocks anymore
|
|
- BUG/MINOR: mux-h1: Don't send more data than expected
|
|
- BUG/MINOR: flt_trace/htx: Only apply the random forwarding on the message body.
|
|
- BUG/MINOR: peers: Wrong "server_name" decoding.
|
|
- BUG/MEDIUM: servers: Don't attempt to destroy idle connections if disabled.
|
|
- MEDIUM: checks: Make sure we unsubscribe before calling cs_destroy().
|
|
- MEDIUM: connections: Wake the upper layer even if sending/receiving is disabled.
|
|
- MEDIUM: ssl: Handle subscribe by itself.
|
|
- MINOR: ssl: Make ssl_sock_handshake() static.
|
|
- MINOR: connections: Add a new xprt method, remove_xprt.
|
|
- MINOR: connections: Add a new xprt method, add_xprt().
|
|
- MEDIUM: connections: Introduce a handshake pseudo-XPRT.
|
|
- MEDIUM: connections: Remove CONN_FL_SOCK*
|
|
- BUG/MEDIUM: ssl: Don't forget to initialize ctx->send_recv and ctx->recv_wait.
|
|
- BUG/MINOR: peers: Wrong server name parsing.
|
|
- MINOR: server: really increase the pool-purge-delay default to 5 seconds
|
|
- BUG/MINOR: stream: don't emit a send-name-header in conn error or disconnect states
|
|
- MINOR: stream-int: use bit fields to match multiple stream-int states at once
|
|
- MEDIUM: stream-int: remove dangerous interval checks for stream-int states
|
|
- MEDIUM: stream-int: introduce a new state SI_ST_RDY
|
|
- MAJOR: stream-int: switch from SI_ST_CON to SI_ST_RDY on I/O
|
|
- MEDIUM: stream-int: make idle-conns switch to ST_RDY
|
|
- MEDIUM: stream: re-arrange the connection setup status reporting
|
|
- MINOR: stream-int: split si_update() into si_update_rx() and si_update_tx()
|
|
- MINOR: stream-int: make si_sync_send() from the send code of si_update_both()
|
|
- MEDIUM: stream: rearrange the events to remove the loop
|
|
- MEDIUM: stream: only loop on flags relevant to the analysers
|
|
- MEDIUM: stream: don't abusively loop back on changes on CF_SHUT*_NOW
|
|
- BUILD: stream-int: avoid a build warning in dev mode in si_state_bit()
|
|
- BUILD: peers: fix a build warning about an incorrect intiialization
|
|
- BUG/MINOR: time: make sure only one thread sets global_now at boot
|
|
- BUG/MEDIUM: tcp: Make sure we keep the polling consistent in tcp_probe_connect.
|
|
|
|
2019/06/02 : 2.0-dev5
|
|
- BUILD: watchdog: use si_value.sival_int, not si_int for the timer's value
|
|
- BUILD: signals: FreeBSD has SI_LWP instead of SI_TKILL
|
|
- BUILD: watchdog: condition it to USE_RT
|
|
- MINOR: raw_sock: report global traffic statistics
|
|
- MINOR: stats: report the global output bit rate in human readable form
|
|
- BUG/MINOR: proto-htx: Try to keep connections alive on redirect
|
|
- BUG/MEDIUM: spoe: Don't use the SPOE applet after releasing it
|
|
- BUG/MINOR: lua: Set right direction and flags on new HTTP objects
|
|
- BUG/MINOR: mux-h2: Count EOM in bytes sent when a HEADERS frame is formatted
|
|
- BUG/MINOR: mux-h1: Report EOI instead EOS on parsing error or H2 upgrade
|
|
- BUG/MEDIUM: proto-htx: Not forward too much data when 1xx reponses are handled
|
|
- BUG/MINOR: htx: Remove a forgotten while loop in htx_defrag()
|
|
- DOC: fix typos
|
|
- BUG/MINOR: ssl_sock: Fix memory leak when disabling compression
|
|
- OPTIM: freq-ctr: don't take the date lock for most updates
|
|
- MEDIUM: mux-h2: avoid doing expensive buffer realigns when not absolutely needed
|
|
- CLEANUP: debug: remove the TRACE() macro
|
|
- MINOR: buffer: introduce b_make() to make a buffer from its parameters
|
|
- MINOR: buffer: add a new buffer ring API to manipulate rings of buffers
|
|
- MEDIUM: mux-h2: replace all occurrences of mbuf with a buffer ring
|
|
- MEDIUM: mux-h2: make the conditions to send based on mbuf, not just its tail
|
|
- MINOR: mux-h2: introduce h2_release_mbuf() to release all buffers in the mbuf ring
|
|
- MEDIUM: mux-h2: make the send() function iterate over all mux buffers
|
|
- CLEANUP: mux-h2: consistently use a local variable for the mbuf
|
|
- MINOR: mux-h2: report the mbuf's head and tail in "show fd"
|
|
- MAJOR: mux-h2: switch to next mux buffer on buffer full condition.
|
|
- BUILD: connections: shut up gcc about impossible out-of-bounds warning
|
|
- BUILD: ssl: fix latest LibreSSL reg-test error
|
|
- MINOR: cli/activity: remove "fd_del" and "fd_skip" from show activity
|
|
- MINOR: cli/activity: add 3 general purpose counters in development mode
|
|
- BUG/MAJOR: lb/threads: make sure the avoided server is not full on second pass
|
|
- BUG/MEDIUM: queue: fix the tree walk in pendconn_redistribute.
|
|
- BUG/MEDIUM: threads: fix double-word CAS on non-optimized 32-bit platforms
|
|
- MEDIUM: config: now alert when two servers have the same name
|
|
- MINOR: htx: Remove the macro IS_HTX_SMP() and always use IS_HTX_STRM() instead
|
|
- MINOR: htx: Move the macro IS_HTX_STRM() in proto/stream.h
|
|
- MINOR: htx: Store the head position instead of the wrap one
|
|
- MINOR: htx: Store start-line block's position instead of address of its payload
|
|
- MINOR: htx: Add functions to get the first block of an HTX message
|
|
- MINOR: mux-h2/htx: Get the start-line from the head when HEADERS frame is built
|
|
- MINOR: htx: Replace the function http_find_stline() by http_get_stline()
|
|
- CLEANUP: htx: Remove unused function htx_get_stline()
|
|
- MINOR: http/htx: Use sl_pos directly to replace the start-line
|
|
- MEDIUM: http/htx: Perform analysis relatively to the first block
|
|
- MINOR: channel/htx: Call channel_htx_recv_max() from channel_recv_max()
|
|
- MINOR: htx: Add function htx_get_max_blksz()
|
|
- BUG/MINOR: htx: Change htx_xfer_blk() to also count metadata
|
|
- MEDIUM: mux-h1: Use the count value received from the SI in h1_rcv_buf()
|
|
- MINOR: mux-h2: Use the count value received from the SI in h2_rcv_buf()
|
|
- MINOR: stream-int: Don't use the flag CO_RFL_KEEP_RSV anymore in si_cs_recv()
|
|
- MINOR: connection: Remove the unused flag CO_RFL_KEEP_RSV
|
|
- MINOR: mux-h2/htx: Support zero-copy when possible in h2_rcv_buf()
|
|
- MINOR: htx: Add a field to set the memory used by headers in the HTX start-line
|
|
- MINOR: h2/htx: Set hdrs_bytes on the SL when an HTX message is produced
|
|
- MINOR: mux-h1: Set hdrs_bytes on the SL when an HTX message is produced
|
|
- MINOR: htx: Be sure to xfer all headers in one time in htx_xfer_blks()
|
|
- MEDIUM: htx: 1xx messages are now part of the final reponses
|
|
- MINOR: channel/htx: Add function to forward headers of an HTX message
|
|
- MINOR: filters/htx: Use channel_htx_fwd_headers() after headers filtering
|
|
- MINOR: proto-htx: Use channel_htx_fwd_headers() to forward 1xx responses
|
|
- MEDIUM: htx: Store the first block position instead of the start-line one
|
|
- MINOR: stats/htx: don't use the first block position but the head one
|
|
- MINOR: channel/htx: Add functions to forward a part or all HTX payload
|
|
- MINOR: proto-htx: Use channel_htx_fwd_all() when unfiltered body are forwarded
|
|
- MEDIUM: filters/htx: Filter body relatively to the first block
|
|
- MINOR: htx: Optimize htx_drain() when all data are drained
|
|
- MINOR: htx: don't rely on htx_find_blk() anymore in the function htx_truncate()
|
|
- MINOR: htx: remove the unused function htx_find_blk()
|
|
- MINOR: htx: Remove support of pseudo headers because it is unused
|
|
- BUG/MEDIUM: http: fix "http-request reject" when not final
|
|
- MINOR: ssl: Make sure the underlying xprt's init method doesn't fail.
|
|
- MINOR: ssl: Don't forget to call the close method of the underlying xprt.
|
|
- MINOR: htx: rename htx_append_blk_value() to htx_add_data_atonce()
|
|
- MINOR: htx: make htx_add_data() return the transmitted byte count
|
|
- MEDIUM: htx: make htx_add_data() never defragment the buffer
|
|
- MINOR: activity: write totals on the "show activity" output
|
|
- MINOR: activity: report totals and average separately
|
|
- MEDIUM: poller: separate the wait time from the wake events
|
|
- MINOR: activity: report the number of failed pool/buffer allocations
|
|
- MEDIUM: buffers: relax the buffer lock a little bit
|
|
- MINOR: task: turn the WQ lock to an RW_LOCK
|
|
- MEDIUM: task: don't grab the WR lock just to check the WQ
|
|
- BUG/MEDIUM: mux-h1: Don't skip the TCP splicing when there is no more data to read
|
|
- MEDIUM: sessions: Introduce session flags.
|
|
- BUG/MEDIUM: h2: Don't forget to set h2s->cs to NULL after having free'd cs.
|
|
- BUG/MEDIUM: mux-h2: fix the conditions to end the h2_send() loop
|
|
- BUG/MEDIUM: mux-h2: don't refrain from offering oneself a used buffer
|
|
- BUG/MEDIUM: connection: Use the session to get the origin address if needed.
|
|
- MEDIUM: tasks: Get rid of active_tasks_mask.
|
|
- MEDIUM: connection: Upstream SOCKS4 proxy support
|
|
- BUILD: contrib/prometheus: fix build breakage caused by move of idle_pct
|
|
- BUG/MINOR: deinit/threads: make hard-stop-after perform a clean exit
|
|
|
|
2019/05/22 : 2.0-dev4
|
|
- BUILD: enable freebsd builds on cirrus-ci
|
|
- BUG/MINOR: http_fetch: Rely on the smp direction for "cookie()" and "hdr()"
|
|
- MEDIUM: Make 'option forceclose' actually warn
|
|
- MEDIUM: Make 'resolution_pool_size' directive fatal
|
|
- DOC: management: place "show activity" at the right place
|
|
- MINOR: cli/activity: show the dumping thread ID starting at 1
|
|
- MINOR: task: export global_task_mask
|
|
- MINOR: cli/debug: add a thread dump function
|
|
- BUG/MEDIUM: streams: Don't use CF_EOI to decide if the request is complete.
|
|
- BUG/MEDIUM: streams: Try to L7 retry before aborting the connection.
|
|
- BUG/MINOR: debug: make ha_task_dump() always check the task before dumping it
|
|
- BUG/MINOR: debug: make ha_task_dump() actually dump the requested task
|
|
- MINOR: debug: make ha_thread_dump() and ha_task_dump() take a buffer
|
|
- BUG/MINOR: debug: don't check the call date on tasklets
|
|
- MINOR: thread: implement ha_thread_relax()
|
|
- MINOR: task: put barriers after each write to curr_task
|
|
- MINOR: task: always reset curr_task when freeing a task or tasklet
|
|
- MINOR: stream: detach the stream from its own task on stream_free()
|
|
- MEDIUM: debug/threads: implement an advanced thread dump system
|
|
- REGTEST: extend the check duration on tls_health_checks and mark it slow
|
|
- DOC: fix "successful" typo
|
|
- MINOR: init: setenv HAPROXY_CFGFILES
|
|
- MINOR: threads/init: synchronize the threads startup
|
|
- MEDIUM: init/mworker: make the pipe register function a regular initcall
|
|
- CLEANUP: memory: make the fault injection code use the OTHER_LOCK label
|
|
- CLEANUP: threads: remove the now unused START_LOCK label
|
|
- MINOR: init/threads: make the global threads an array of structs
|
|
- MINOR: threads: add each thread's clockid into the global thread_info
|
|
- CLEANUP: stream: remove an obsolete debugging test
|
|
- MINOR: tools: add dump_hex()
|
|
- MINOR: debug: implement ha_panic()
|
|
- MINOR: debug/cli: add some debugging commands for developers
|
|
- MINOR: tools: provide a may_access() function and make dump_hex() use it
|
|
- MINOR: debug: make ha_panic() report threads starting at 1
|
|
- REORG: compat: move some integer limit definitions from standard.h to compat.h
|
|
- REORG: threads: move the struct thread_info from global.h to hathreads.h
|
|
- MINOR: compat: make sure to always define clockid_t
|
|
- MINOR: threads: always place the clockid in the struct thread_info
|
|
- MINOR: threads: add a thread-local thread_info pointer "ti"
|
|
- MINOR: time: move the cpu, mono, and idle time to thread_info
|
|
- MINOR: time: add a function to retrieve another thread's cputime
|
|
- MINOR: debug: report each thread's cpu usage in "show thread"
|
|
- BUILD: threads: only assign the clock_id when supported
|
|
- BUILD: makefile: use USE_OBSOLETE_LINKER for solaris
|
|
- BUILD: makefile: remove -fomit-frame-pointer optimisation (solaris)
|
|
- MAJOR: polling: add event ports support (Solaris)
|
|
- BUG/MEDIUM: streams: Don't switch from SI_ST_CON to SI_ST_DIS on read0.
|
|
- CLEANUP: time: refine the test on _POSIX_TIMERS
|
|
- MINOR: compat: define a new empty type empty_t for non-implemented fields
|
|
- CLEANUP: time: switch clockid_t to empty_t when not available
|
|
- BUG/MINOR: mworker: Fix memory leak of mworker_proc members
|
|
- CLEANUP: objtype: make obj_type() and obj_type_name() take consts
|
|
- MINOR: debug: switch to SIGURG for thread dumps
|
|
- CLEANUP: threads: really move thread_info to hathreads.c
|
|
- MINOR: threads: make threads_{harmless|want_rdv}_mask constant 0 without threads
|
|
- CLEANUP: debug: always report harmless/want_rdv even without threads
|
|
- MINOR: threads: implement ha_tkill() and ha_tkillall()
|
|
- CLEANUP: debug: make use of ha_tkill() and remove ifdefs
|
|
- MINOR: stream: introduce a stream_dump() function and use it in stream_dump_and_crash()
|
|
- MINOR: debug: dump streams when an applet, iocb or stream is known
|
|
- MINOR: threads: add a "stuck" flag to the thread_info struct
|
|
- MINOR: threads: add a timer_t per thread in thread_info
|
|
- MAJOR: watchdog: implement a thread lockup detection mechanism
|
|
- MINOR: stream: remove the cpu time detection from process_stream()
|
|
- MINOR: connection: report the mux names in "haproxy -vv"
|
|
- CLEANUP: mux-h1: use "H1" and not "h1" as the mux's name
|
|
- BUG/MEDIUM: WURFL: segfault in wurfl-get() with missing info.
|
|
- MINOR: WURFL: call header_retireve_callback() in dummy library
|
|
- MINOR: WURFL: fixed Engine load failed error when wurfl-information-list contains wurfl_root_id
|
|
- MINOR: WURFL: shows log messages during module initialization
|
|
- MINOR: WURFL: removes heading wurfl-information-separator from wurfl-get-all() and wurfl-get() results
|
|
- MINOR: WURFL: wurfl_get() and wurfl_get_all() now return an empty string if device detection fails
|
|
- MEDIUM: WURFL: HTX awareness.
|
|
- MINOR: WURFL: module version bump to 2.0
|
|
- MINOR: WURFL: do not emit warnings when not configured
|
|
- CONTRIB: wurfl: address 3 build issues in the wurfl dummy library
|
|
- BUG/MEDIUM: init/threads: provide per-thread alloc/free function callbacks
|
|
- BUILD: travis: add sanitizers to travis-ci builds
|
|
- BUILD: time: remove the test on _POSIX_C_SOURCE
|
|
- CLEANUP: build: rename some build macros to use the USE_* ones
|
|
- CLEANUP: raw_sock: remove support for very old linux splice bug workaround
|
|
- BUG/MEDIUM: dns: make the port numbers unsigned
|
|
- MEDIUM: config: deprecate the antique req* and rsp* commands
|
|
|
|
2019/05/15 : 2.0-dev3
|
|
- BUG/MINOR: peers: Really close the sessions with no heartbeat.
|
|
- CLEANUP: peers: remove useless annoying tabulations.
|
|
- CLEANUP: peers: replace timeout constants by macros.
|
|
- REGTEST: Enable again reg tests with HEAD HTTP method usage.
|
|
- DOC: The option httplog is no longer valid in a backend.
|
|
- DOC: peers: Peers protocol documentation update.
|
|
- REGTEST: remove unexpected "nbthread" statement from Lua test cases
|
|
- BUILD: Makefile: remove 11-years old workarounds for deprecated options
|
|
- BUILD: remove 10-years old error message for obsolete option USE_TCPSPLICE
|
|
- BUILD: Makefile: remove outdated support for dlmalloc
|
|
- BUILD: Makefile: consider a variable's origin and not its value for the options list
|
|
- BUILD: Makefile: also report disabled options in the BUILD_OPTIONS variable
|
|
- BUILD: Makefile: shorten default settings declaration
|
|
- BUILD: Makefile: clean up the target declarations
|
|
- BUILD: report the whole feature set with their status in haproxy -vv
|
|
- BUILD: pass all "USE_*" variables as -DUSE_* to the compiler
|
|
- REGTEST: script: make the script use the new features list
|
|
- REGTEST: script: remove platform-specific assigments of OPTIONS
|
|
- BUG/MINOR: peers: Missing initializations after peer session shutdown.
|
|
- BUG/MINOR: contrib/prometheus-exporter: Fix applet accordingly to recent changes
|
|
- BUILD/MINOR: listener: Silent a few signedness warnings.
|
|
- BUG/MINOR: mux-h1: Only skip invalid C-L headers on output
|
|
- BUG/MEDIUM: mworker: don't free the wrong child when not found
|
|
- BUG/MEDIUM: checks: Don't bother subscribing if we have a connection error.
|
|
- BUG/MAJOR: checks: segfault during tcpcheck_main
|
|
- BUILD: makefile: work around an old bug in GNU make-3.80
|
|
- BUILD: makefile: work around another bug in make 3.80
|
|
- BUILD: http: properly mark some struct as extern
|
|
- BUILD: chunk: properly declare pool_head_trash as extern
|
|
- BUILD: cache: avoid a build warning with some compilers/linkers
|
|
- MINOR: tools: make memvprintf() never pass a NULL target to vsnprintf()
|
|
- MINOR: tools: add an unsetenv() implementation
|
|
- BUILD: re-implement an initcall variant without using executable sections
|
|
- BUILD: use inttypes.h instead of stdint.h
|
|
- BUILD: connection: fix naming of ip_v field
|
|
- BUILD: makefile: fix build of IPv6 header on aix51
|
|
- BUILD: makefile: add _LINUX_SOURCE_COMPAT to build on AIX-51
|
|
- BUILD: define unsetenv on AIX 5.1
|
|
- BUILD: Makefile: disable shared cache on AIX 5.1
|
|
- MINOR: ssl: Add aes_gcm_dec converter
|
|
- REORG: mworker: move serializing functions to mworker.c
|
|
- REORG: mworker: move signals functions to mworker.c
|
|
- REORG: mworker: move IPC functions to mworker.c
|
|
- REORG: mworker: move signal handlers and related functions
|
|
- REORG: mworker: move mworker_cleanlisteners to mworker.c
|
|
- MINOR: mworker: calloc mworker_proc structures
|
|
- MINOR: mworker: don't use children variable anymore
|
|
- MINOR: cli: export cli_parse_default() definition in cli.h
|
|
- REORG: mworker/cli: move CLI functions to mworker.c
|
|
- MEDIUM: mworker-prog: implement program for master-worker
|
|
- MINOR: mworker/cli: show programs in 'show proc'
|
|
- BUG/MINOR: cli: correctly handle abns in 'show cli sockets'
|
|
- MINOR: cli: start addresses by a prefix in 'show cli sockets'
|
|
- MINOR: cli: export HAPROXY_CLI environment variable
|
|
- BUG/MINOR: htx: Preserve empty HTX messages with an unprocessed parsing error
|
|
- BUG/MINOR: proto_htx: Reset to_forward value when a message is set to DONE
|
|
- REGTEST: http-capture/h00000: Relax a regex matching the log message
|
|
- REGTEST: http-messaging/h00000: Fix the test when the HTX is enabled
|
|
- REGTEST: http-rules/h00003: Use a different client for requests expecting a 301
|
|
- REGTEST: log/b00000: Be sure the client always hits its timeout
|
|
- REGTEST: lua/b00003: Relax the regex matching the log message
|
|
- REGTEST: lua/b00003: Specify the HAProxy pid when the command ss is executed
|
|
- BUG/MEDIUM: peers: fix a case where peer session is not cleanly reset on release.
|
|
- BUG/MEDIUM: h2: Don't attempt to recv from h2_process_demux if we subscribed.
|
|
- BUG/MEDIUM: htx: fix random premature abort of data transfers
|
|
- BUG/MEDIUM: streams: Don't remove the SI_FL_ERR flag in si_update_both().
|
|
- BUG/MEDIUM: streams: Store prev_state before calling si_update_both().
|
|
- BUG/MEDIUM: stream: Don't clear the stream_interface flags in si_update_both.
|
|
- MINOR: initcall: Don't forget to define the __start/stop_init_##stg symbols.
|
|
- MINOR: threads: Implement thread_cpus_enabled() for FreeBSD.
|
|
- BUG/MEDIUM: pattern: assign pattern IDs after checking the config validity
|
|
- MINOR: skip get_gmtime where tm is unused
|
|
- MINOR: ssl: Activate aes_gcm_dec converter for BoringSSL
|
|
- BUG/MEDIUM: streams: Only re-run process_stream if we're in a connected state.
|
|
- BUG/MEDIUM: stream_interface: Don't bother doing chk_rcv/snd if not connected.
|
|
- BUG/MEDIUM: task/threads: address a fairness issue between local and global tasks
|
|
- BUG/MINOR: tasks: make sure the first task to be queued keeps its nice value
|
|
- BUG/MINOR: listener: renice the accept ring processing task
|
|
- MINOR: cli/listener: report the number of accepts on "show activity"
|
|
- MINOR: cli/activity: report the accept queue sizes in "show activity"
|
|
- BUG/MEDIUM: spoe: Queue message only if no SPOE applet is attached to the stream
|
|
- BUG/MEDIUM: spoe: Return an error if nothing is encoded for fragmented messages
|
|
- BUG/MINOR: spoe: Be sure to set tv_request when each message fragment is encoded
|
|
- BUG/MEDIUM: htx: Defrag if blocks position is changed and the payloads wrap
|
|
- BUG/MEDIUM: htx: Don't crush blocks payload when append is done on a data block
|
|
- MEDIUM: htx: Deprecate the option 'http-tunnel' and ignore it in HTX
|
|
- MINOR: proto_htx: Don't adjust transaction mode anymore in HTX analyzers
|
|
- BUG/MEDIUM: htx: Fix the process of HTTP CONNECT with h2 connections
|
|
- MINOR: mux-h1: Simplify handling of 1xx responses
|
|
- MINOR: stats/htx: Don't add "Connection: close" header anymore in stats responses
|
|
- MEDIUM: h1: Add an option to sanitize connection headers during parsing
|
|
- MEDIUM: mux-h1: Simplify the connection mode management by sanitizing headers
|
|
- MINOR: mux-h1: Don't release the conn_stream anymore when h1s is destroyed
|
|
- BUG/MINOR: mux-h1: Handle the flag CS_FL_KILL_CONN during a shutdown read/write
|
|
- MINOR: mux-h2: Add a mux_ops dedicated to the HTX mode
|
|
- MINOR: muxes: Add a flag to specify a multiplexer uses the HTX
|
|
- MINOR: stream: Set a flag when the stream uses the HTX
|
|
- MINOR: http: update the macro IS_HTX_STRM() to check the stream flag SF_HTX
|
|
- MINOR: http_fetch/htx: Use stream flags instead of px mode in smp_prefetch_htx
|
|
- MINOR: filters/htx: Use stream flags instead of px mode to instanciate a filter
|
|
- MINOR: muxes: Rely on conn_is_back() during init to handle front/back conn
|
|
- MEDIUM: muxes: Add an optional input buffer during mux initialization
|
|
- MINOR: muxes: Pass the context of the mux to destroy() instead of the connection
|
|
- MEDIUM: muxes: Be prepared to don't own connection during the release
|
|
- MEDIUM: connection: Add conn_upgrade_mux_fe() to handle mux upgrades
|
|
- MEDIUM: htx: Allow the option http-use-htx to be used on TCP proxies too
|
|
- MAJOR: proxy/htx: Handle mux upgrades from TCP to HTTP in HTX mode
|
|
- MAJOR: muxes/htx: Handle inplicit upgrades from h1 to h2
|
|
- MAJOR: htx: Enable the HTX mode by default for all proxies
|
|
- REGTEST: Use HTX by default and add '--no-htx' option to disable it
|
|
- BUG/MEDIUM: muxes: Don't dereference mux context if null in release functions
|
|
- CLEANUP: task: do not export rq_next anymore
|
|
- MEDIUM: tasks: improve fairness between the local and global queues
|
|
- MEDIUM: tasks: only base the nice offset on the run queue depth
|
|
- MINOR: tasks: restore the lower latency scheduling when niced tasks are present
|
|
- BUG/MEDIUM: map: Fix memory leak in the map converter
|
|
- BUG/MINOR: ssl: Fix 48 byte TLS ticket key rotation
|
|
- BUILD: task/thread: fix single-threaded build of task.c
|
|
- BUILD: cli/threads: fix build in single-threaded mode
|
|
- BUG/MEDIUM: muxes: Make sure we unsubcribed when destroying mux ctx.
|
|
- BUG/MEDIUM: h2: Make sure we're not already in the send_list in h2_subscribe().
|
|
- BUG/MEDIUM: h2: Revamp the way send subscriptions works.
|
|
- MINOR: connections: Remove the SUB_CALL_UNSUBSCRIBE flag.
|
|
- BUG/MEDIUM: Threads: Only use the gcc >= 4.7 builtins when using gcc >= 4.7.
|
|
- BUILD: address a few cases of "static <type> inline foo()"
|
|
- BUILD: do not specify "const" on functions returning structs or scalars
|
|
- BUILD: htx: fix a used uninitialized warning on is_cookie2
|
|
- MINOR: peers: Add a new command to the CLI for peers.
|
|
- DOC: update for "show peers" CLI command.
|
|
- BUG/MAJOR: lb/threads: fix insufficient locking on round-robin LB
|
|
- MEDIUM: mworker: store the leaving state of a process
|
|
- MEDIUM: mworker-prog: implements 'option start-on-reload'
|
|
- CLEANUP: mworker: remove the type field in mworker_proc
|
|
- MEDIUM: mworker/cli: export the HAPROXY_MASTER_CLI variable
|
|
- MINOR: cli: don't add a semicolon at the end of HAPROXY_CLI
|
|
- MINOR: mworker: export HAPROXY_MWORKER=1 when running in mworker mode
|
|
- MINOR: init: add a "set-dumpable" global directive to enable core dumps
|
|
- BUG/MINOR: listener/mq: correctly scan all bound threads under low load
|
|
- BUG/MINOR: mworker: mworker_kill should apply on every children
|
|
- BUG/MINOR: mworker: don't exit with an ambiguous value
|
|
- BUG/MINOR: mworker: ensure that we still quits with SIGINT
|
|
- REGTESTS: exclude tests that require ssl, pcre if no such feature is enabled
|
|
- BUG/MINOR: mux-h1: Process input even if the input buffer is empty
|
|
- BUG/MINOR: mux-h1: Don't switch the parser in busy mode if other side has done
|
|
- BUG/MEDIUM: mux-h1: Notify the stream waiting for TCP splicing if ibuf is empty
|
|
- BUG/MEDIUM: mux-h1: Enable TCP splicing to exchange data only
|
|
- MINOR: mux-h1: Handle read0 during TCP splicing
|
|
- BUG/MEDIUM: htx: Don't return the start-line if the HTX message is empty
|
|
- BUG/MAJOR: http_fetch: Get the channel depending on the keyword used
|
|
- BUG/MINOR: http_fetch/htx: Allow permissive sample prefetch for the HTX
|
|
- BUG/MINOR: http_fetch/htx: Use HTX versions if the proxy enables the HTX mode
|
|
- BUG/MEDIUM: tasks: Make sure we set TASK_QUEUED before adding a task to the rq.
|
|
- BUG/MEDIUM: tasks: Make sure we modify global_tasks_mask with the rq_lock.
|
|
- MINOR: tasks: Don't consider we can wake task with tasklet_wakeup().
|
|
- MEDIUM: tasks: No longer use rq.node.leaf_p as a lock.
|
|
- MINOR: tasks: Don't set the TASK_RUNNING flag when adding in the tasklet list.
|
|
- BUG/MEDIUM: applets: Don't use task_in_rq().
|
|
- BUG/MAJOR: task: make sure never to delete a queued task
|
|
- MINOR: task/thread: factor out a wake-up condition
|
|
- CLEANUP: task: remain consistent when using the task's handler
|
|
- MEDIUM: tasks: Merge task_delete() and task_free() into task_destroy().
|
|
- MEDIUM: tasks: Don't account a destroyed task as a runned task.
|
|
- BUG/MINOR: contrib/prometheus-exporter: Fix a typo in the run-queue metric type
|
|
- MINOR: contrib/prometheus-exporter: Remove usless rate metrics
|
|
- MINOR: contrib/prometheus-exporter: Rename some metrics to be more usable
|
|
- MINOR: contrib/prometheus-exporter: Follow best practices about metrics type
|
|
- BUG/MINOR: mworker: disable busy polling in the master process
|
|
- MEDIUM: tasks: Use __ha_barrier_store after modifying global_tasks_mask.
|
|
- MEDIUM: ssl: Give ssl_sock its own context.
|
|
- MEDIUM: connections: Move some fields from struct connection to ssl_sock_ctx.
|
|
- MEDIUM: ssl: provide its own subscribe/unsubscribe function.
|
|
- MEDIUM: connections: Provide a xprt_ctx for each xprt method.
|
|
- MEDIUM: ssl: provide our own BIO.
|
|
- BUILD/medium: ssl: Fix build with OpenSSL < 1.1.0
|
|
- MINOR: peers: adds counters on show peers about tasks calls.
|
|
- MEDIUM: enable travis-ci builds
|
|
- MINOR: fd: Add a counter of used fds.
|
|
- MEDIUM: connections: Add a way to control the number of idling connections.
|
|
- BUG/MEDIUM: maps: only try to parse the default value when it's present
|
|
- BUG/MINOR: acl: properly detect pattern type SMP_T_ADDR
|
|
- REGTEST: Missing REQUIRE_VERSION declarations.
|
|
- MINOR: proto_tcp: tcp-request content: enable set-dst and set-dst-var
|
|
- BUG/MEDIUM: h1: Don't parse chunks CRLF if not enough data are available
|
|
- BUG/MEDIUM: thread/http: Add missing locks in set-map and add-acl HTTP rules
|
|
- BUG/MEDIUM: stream: Don't request a server connection if a shutw was scheduled
|
|
- BUG/MINOR: 51d: Get the request channel to call CHECK_HTTP_MESSAGE_FIRST()
|
|
- BUG/MINOR: da: Get the request channel to call CHECK_HTTP_MESSAGE_FIRST()
|
|
- MINOR: gcc: Fix a silly gcc warning in connect_server()
|
|
- MINOR: ssl/cli: async fd io-handlers printable on show fd
|
|
- Revert "CLEANUP: wurfl: remove dead, broken and unmaintained code"
|
|
- BUILD: add USE_WURFL to the list of known build options
|
|
- MINOR: wurfl: indicate in haproxy -vv the wurfl version in use
|
|
- BUILD: wurfl: build fix for 1.9/2.0 code base
|
|
- CLEANUP: wurfl: removed deprecated methods
|
|
- DOC: wurfl: added point of contact in MAINTAINERS file
|
|
- MINOR: wurfl: enabled multithreading mode
|
|
- MINOR: contrib: dummy wurfl library
|
|
- MINOR: dns: dns_requester structures are now in a memory pool
|
|
- MINOR: dns: move callback affection in dns_link_resolution()
|
|
- MINOR: obj_type: new object type for struct stream
|
|
- MINOR: action: new '(http-request|tcp-request content) do-resolve' action
|
|
- MINOR: log: Extract some code to send syslog messages.
|
|
- REGTEST: replace LEVEL option by a more human readable one.
|
|
- REGTEST: rename the reg test files.
|
|
- REGTEST: adapt some reg tests after renaming.
|
|
- REGTEST: make the "run-regtests" script search for tests in reg-tests by default
|
|
- BUG/MAJOR: stream: Missing DNS context initializations.
|
|
- BUG/MEDIUM: stream: Fix the way early aborts on the client side are handled
|
|
- BUG/MINOR: spoe: Don't systematically wakeup SPOE stream in the applet handler
|
|
- BUG/MEDIUM: ssl: Return -1 on recv/send if we got EAGAIN.
|
|
- BUG/MAJOR: lb/threads: fix AB/BA locking issue in round-robin LB
|
|
- BUG/MAJOR: muxes: Use the HTX mode to find the best mux for HTTP proxies only
|
|
- BUG/MINOR: htx: Exclude TCP proxies when the HTX mode is handled during startup
|
|
- CLEANUP: task: report calls as unsigned in show sess
|
|
- MINOR: tasks/activity: report the context switch and task wakeup rates
|
|
- MINOR: stream: measure and report a stream's call rate in "show sess"
|
|
- MINOR: applet: measure and report an appctx's call rate in "show sess"
|
|
- BUILD: extend Travis CI config to support more platforms
|
|
- REGTEST: exclude osx and generic targets for 40be_2srv_odd_health_checks
|
|
- REGTEST: relax the IPv6 address format checks in converters_ipmask_concat_strcmp_field_word
|
|
- REGTEST: exclude OSX and generic targets from abns_socket.vtc
|
|
- BUILD: travis: remove the "allow_failures" entry
|
|
- BUG/MINOR: activity: always initialize the profiling variable
|
|
- MINOR: activity: make the profiling status per thread and not global
|
|
- MINOR: activity: enable automatic profiling turn on/off
|
|
- CLEANUP: standard: use proper const to addr_to_str() and port_to_str()
|
|
- BUG/MINOR: proto_http: properly reset the stream's call rate on keep-alive
|
|
- MINOR: connection: make the debugging helper functions safer
|
|
- MINOR: stream/debug: make a stream dump and crash function
|
|
- MEDIUM: appctx/debug: force a crash if an appctx spins over itself forever
|
|
- MEDIUM: stream/debug: force a crash if a stream spins over itself forever
|
|
- MEDIUM: streams: measure processing time and abort when detecting bugs
|
|
- BUILD/MEDIUM: contrib: Dummy DeviceAtlas API.
|
|
- MEDIUM: da: HTX mode support.
|
|
- BUG/MEDIUM: mux-h2: properly deal with too large headers frames
|
|
- BUG/MINOR: http: Call stream_inc_be_http_req_ctr() only one time per request
|
|
- BUG/MEDIUM: spoe: arg len encoded in previous frag frame but len changed
|
|
- MINOR: spoe: Use the sample context to pass frag_ctx info during encoding
|
|
- DOC: contrib/modsecurity: Typos and fix the reject example
|
|
- BUG/MEDIUM: contrib/modsecurity: If host header is NULL, don't try to strdup it
|
|
- MINOR: log: Add "sample" new keyword to "log" lines.
|
|
- MINOR: log: Enable the log sampling and load-balancing feature.
|
|
- DOC: log: Document the sampling and load-balancing logging feature.
|
|
- REGTEST: Add a new reg test for log load-balancing feature.
|
|
- BUG/MAJOR: map/acl: real fix segfault during show map/acl on CLI
|
|
- REGTEST: Make this reg test be Linux specific.
|
|
- CLEANUP: task: move the task_per_thread definition to task.h
|
|
- MINOR: activity: report context switch counts instead of rates
|
|
- MINOR: threads: Implement HA_ATOMIC_LOAD().
|
|
- BUG/MEDIUM: port_range: Make the ring buffer lock-free.
|
|
- BUG/MEDIUM: listener: Fix how unlimited number of consecutive accepts is handled
|
|
- MINOR: config: Test validity of tune.maxaccept during the config parsing
|
|
- CLEANUP: config: Don't alter listener->maxaccept when nbproc is set to 1
|
|
- BUG/MEDIUM: servers: fix typo "src" instead of "srv"
|
|
- BUG/MEDIUM: ssl: Don't pretend we can retry a recv/send if we got a shutr/w.
|
|
- BUG/MINOR: haproxy: fix rule->file memory leak
|
|
- BUG/MINOR: log: properly free memory on logformat parse error and deinit()
|
|
- BUG/MINOR: checks: free memory allocated for tasklets
|
|
- BUG/MEDIUM: pattern: fix memory leak in regex pattern functions
|
|
- BUG/MEDIUM: channels: Don't forget to reset output in channel_erase().
|
|
- BUG/MEDIUM: connections: Make sure we remove CO_FL_SESS_IDLE on disown.
|
|
- MINOR: threads: flatten the per-thread cpu-map
|
|
- MINOR: init/threads: remove the useless tids[] array
|
|
- MINOR: init/threads: make the threads array global
|
|
- BUG/MEDIUM: ssl: Use the early_data API the right way.
|
|
- BUG/MEDIUM: streams: Don't add CF_WRITE_ERROR if early data were rejected.
|
|
- MEDIUM: streams: Add the ability to retry a request on L7 failure.
|
|
- MEDIUM: streams: Add a way to replay failed 0rtt requests.
|
|
- MEDIUM: streams: Add a new keyword for retry-on, "junk-response"
|
|
- BUG/MINOR: stream: also increment the retry stats counter on L7 retries
|
|
- BUG/MEDIUM: checks: make sure the warmup task takes the server lock
|
|
- BUG/MINOR: logs/threads: properly split the log area upon startup
|
|
- BUILD: extend travis-ci matrix
|
|
- CLEANUP: Remove appsession documentation
|
|
- DOC: Fix typo in keyword matrix
|
|
- BUILD: remove "build_libressl" duplicate declaration
|
|
- BUILD: travis-ci: get back to osx without openssl support
|
|
- BUILD: enable several LibreSSL hacks, including
|
|
- BUILD: temporarily mark LibreSSL builds as allowed to fail
|
|
- BUILD: travis: TMPDIR replacement.
|
|
- BUG/MEDIUM: ssl: Don't attempt to use early data with libressl.
|
|
- MINOR: doc: Document allow-0rtt on the server line.
|
|
- MINOR: doc: Document the interaction of allow-0rtt and retry-on 0rtt-rejected.
|
|
- MEDIUM: proto: Change the prototype of the connect() method.
|
|
- MEDIUM: tcp: add the "tfo" option to support TCP fastopen on the server
|
|
- MINOR: config: Extract the code of "stick-table" line parsing.
|
|
- BUILD/MINOR: stick-table: Compilation fix.
|
|
- MEDIUM: stick-table: Stop handling stick-tables as proxies.
|
|
- MINOR: stick-tables: Add peers process binding computing.
|
|
- MINOR: stick-table: Add prefixes to stick-table names.
|
|
- MINOR: peers: Do not emit global stick-table names.
|
|
- DOC: Update for "table" lines in "peers" section.
|
|
- REGTEST: Add reg tests for "table" lines in "peers" sections.
|
|
- MEDIUM: regex: modify regex_comp() to atomically allocate/free the my_regex struct
|
|
- REGTEST: make the tls_health_checks test much faster
|
|
- REGTEST: make the "table in peers" test require v2.0
|
|
- BUG/MINOR: mux-h2: rely on trailers output not input to turn them to empty data
|
|
- BUG/MEDIUM: h2/htx: always fail on too large trailers
|
|
- MEDIUM: mux-h2: discard contents that are to be sent after a shutdown
|
|
- BUG/MEDIUM: mux-h2/htx: never wait for EOM when processing trailers
|
|
- BUG/MEDIUM: h2/htx: never leave a trailers block alone with no EOM block
|
|
- REGTEST: Flag some slow reg tests.
|
|
- REGTEST: Reg tests file renaming.
|
|
- REGTEST: Wrong renaming for one reg test.
|
|
- REGTEST: Wrong assumption in IP:port logging test.
|
|
- BUG/MINOR: mworker/ssl: close OpenSSL FDs on reload
|
|
- MINOR: systemd: Use the variables from /etc/default/haproxy
|
|
- MINOR: systemd: Make use of master socket in systemd unit
|
|
- MINOR: systemd: support /etc/sysconfig/ for redhat based distrib
|
|
- BUG/MEDIUM: stick-table: fix regression caused by a change in proxy struct
|
|
- BUG/MEDIUM: tasks: fix possible segfault on task_destroy()
|
|
- CLEANUP: task: remove unneeded tests before task_destroy()
|
|
- MINOR: mworker: support a configurable maximum number of reloads
|
|
- BUG/MINOR: mux-h2: fix the condition to close a cs-less h2s on the backend
|
|
- BUG/MEDIUM: spoe: Be sure the sample is found before setting its context
|
|
- BUG/MINOR: mux-h1: Fix the parsing of trailers
|
|
- BUG/MINOR: htx: Never transfer more than expected in htx_xfer_blks()
|
|
- MINOR: htx: Split on DATA blocks only when blocks are moved to an HTX message
|
|
- MINOR: htx: Don't try to append a trailer block with the previous one
|
|
- MINOR: htx: Remove support for unused OOB HTX blocks
|
|
- BUILD: travis-ci bugfixes and improvements
|
|
- BUG/MEDIUM: servers: Don't use the same srv flag for cookie-set and TFO.
|
|
- BUG/MEDIUM: h2: Make sure we set send_list to NULL in h2_detach().
|
|
- BUILD: ssl: fix again a libressl build failure after the openssl FD leak fix
|
|
- CLEANUP: ssl-sock: use HA_OPENSSL_VERSION_NUMBER instead of OPENSSL_VERSION_NUMBER
|
|
- BUILD: ssl: make libressl use its own version numbers
|
|
- CLEANUP: ssl: remove 57 occurrences of useless tests on LIBRESSL_VERSION_NUMBER
|
|
- MINOR: ssl: enable aes_gcm_dec on LibreSSL
|
|
- BUILD: ssl: fix libressl build again after aes-gcm-enc
|
|
- REORG: ssl: move openssl-compat from proto to common
|
|
- REORG: ssl: move some OpenSSL defines from ssl_sock to openssl-compat
|
|
- CLEANUP: ssl: never include openssl/*.h outside of openssl-compat.h anymore
|
|
- CLEANUP: ssl: make inclusion of openssl headers safe
|
|
- BUILD: add BoringSSL to travis-ci build matrix
|
|
- BUILD: threads: Add __ha_cas_dw fallback for single threaded builds
|
|
- BUG/MINOR: stream: Attach the read side on the response as soon as possible
|
|
- BUG/MEDIUM: http: Use pointer to the begining of input to parse message headers
|
|
- BUG/MEDIUM: h2: Don't check send_wait to know if we're in the send_list.
|
|
- BUG/MEDIUM: streams: Make sur SI_FL_L7_RETRY is set before attempting a retry.
|
|
- MEDIUM: streams: Add a new http action, disable-l7-retry.
|
|
- MINOR: streams: Introduce a new retry-on keyword, all-retryable-errors.
|
|
- BUG/MINOR: vars: Fix memory leak in vars_check_arg
|
|
- BUILD: travis-ci: make TMPDIR global variable in travis-ci
|
|
- CLEANUP: ssl: move the SSL_OP_* and SSL_MODE_* definitions to openssl-compat
|
|
- CLEANUP: ssl: remove ifdef around SSL_CTX_get_extra_chain_certs()
|
|
- CLEANUP: ssl: move all BIO_* definitions to openssl-compat
|
|
- BUILD: threads: fix again the __ha_cas_dw() definition
|
|
- BUG/MAJOR: mux-h2: do not add a stream twice to the send list
|
|
- Revert "BUG/MINOR: vars: Fix memory leak in vars_check_arg"
|
|
- BUG/MINOR: peers: Fix memory leak in cfg_parse_peers
|
|
- BUG/MINOR: htx: make sure to always initialize the HTTP method when parsing a buffer
|
|
- REGTEST: fix tls_health_checks random failures on MacOS in Travis-CI
|
|
- MINOR: spoe: Set the argument chunk size to 0 when SPOE variables are checked
|
|
- BUG/MINOR: vars: Fix memory leak in vars_check_arg
|
|
- BUG/MAJOR: ssl: segfault upon an heartbeat request
|
|
- MINOR: spoa-server: Clone the v1.7 spoa-example project
|
|
- MINOR: spoa-server: move some definition from spoa_server.c to spoa_server.h
|
|
- MINOR: spoa-server: Externalise debug functions
|
|
- MINOR: spoe-server: rename "worker" functions
|
|
- MINOR: spoa-server: Replace the thread init system by processes
|
|
- MINOR: spoa-server: With debug mode, start only one process
|
|
- MINOR: spoa-server: Allow registering external processes
|
|
- MINOR: spoa-server: Allow registering message processors
|
|
- MINOR: spoa-server: Load files
|
|
- MINOR: spoa-server: Prepare responses
|
|
- MINOR: spoa-server: Execute registered callbacks
|
|
- MINOR: spoa-server: Add Lua processing
|
|
- MINOR: spoa-server: Add python
|
|
- MINOR/DOC: spoe-server: Add documentation
|
|
- BUG/MEDIUM: connections: Don't forget to set xprt_ctx to NULL on close.
|
|
- MINOR: lists: add LIST_ADDED() to check if an element belongs to a list
|
|
- CLEANUP: mux-h2: use LIST_ADDED() instead of LIST_ISEMPTY() where relevant
|
|
- MINOR: mux-h2: add two H2S flags to report the need for shutr/shutw
|
|
- CLEANUP: mux-h2: simply use h2s->flags instead of ret in h2_deferred_shut()
|
|
- CLEANUP: connection: remove the handle field from the wait_event struct
|
|
- BUG/MINOR: log: Wrong log format initialization.
|
|
- BUG/MINOR: mux-h2: make the do_shut{r,w} functions more robust against retries
|
|
- BUG/MINOR: mworker: use after free when the PID not assigned
|
|
- MINOR: mux-h2: remove useless test on stream ID vs last in wake function
|
|
- MINOR: mux-h2: make h2_wake_some_streams() not depend on the CS flags
|
|
- MINOR: mux-h2: make h2s_wake_one_stream() the only function to deal with CS
|
|
- MINOR: mux-h2: make h2s_wake_one_stream() not depend on temporary CS flags
|
|
- BUG/MINOR: mux-h2: make sure to honor KILL_CONN in do_shut{r,w}
|
|
- CLEANUP: mux-h2: don't test for impossible CS_FL_REOS conditions
|
|
- MINOR: mux-h2: add macros to check multiple stream states at once
|
|
- MINOR: mux-h2: stop relying on CS_FL_REOS
|
|
- BUG/MEDIUM: mux-h2: Set EOI on the conn_stream during h2_rcv_buf()
|
|
- BUILD: debug: make gcc not complain on the ABORT_NOW() macro
|
|
- MINOR: debug: add a new BUG_ON macro
|
|
- MINOR: h2: Use BUG_ON() to enforce rules in subscribe/unsubscribe.
|
|
- MINOR: h1: Use BUG_ON() to enforce rules in subscribe/unsubscribe.
|
|
- MINOR: connections: Use BUG_ON() to enforce rules in subscribe/unsubscribe.
|
|
- BUILD: ist: turn the lower/upper case tables to literal on obsolete linkers
|
|
|
|
2019/03/26 : 2.0-dev2
|
|
- CLEANUP: http: Remove unreachable code in parse_http_req_capture
|
|
- CLEANUP: stream: Remove bogus loop in conn_si_send_proxy
|
|
- MINOR: lists: Implement locked variations.
|
|
- MEDIUM: servers: Used a locked list for idle_orphan_conns.
|
|
- MEDIUM: servers: Reorganize the way idle connections are cleaned.
|
|
- BUG/MEDIUM: lists: Properly handle the case we're removing the first elt.
|
|
- MINOR: cfgparse: Add a cast to make gcc happier.
|
|
- BUG/MEDIUM: standard: Wrong reallocation size.
|
|
- BUG/MINOR: listener: keep accept rate counters accurate under saturation
|
|
- DOC: fix alphabetic ordering for "tune.fail-alloc" setting
|
|
- MAJOR: config: disable support for nbproc and nbthread in parallel
|
|
- MEDIUM: listener: keep a single thread-mask and warn on "process" misuse
|
|
- MAJOR: listener: do not hold the listener lock in listener_accept()
|
|
- MINOR: listener: maintain a per-thread count of the number of connections on a listener
|
|
- MINOR: tools: implement functions to look up the nth bit set in a mask
|
|
- MINOR: listener: pre-compute some thread counts per bind_conf
|
|
- MINOR: listener: implement multi-queue accept for threads
|
|
- MAJOR: listener: use the multi-queue for multi-thread listeners
|
|
- MINOR: activity: add accept queue counters for pushed and overflows
|
|
- MINOR: config: add global tune.listener.multi-queue setting
|
|
- MAJOR: threads: enable one thread per CPU by default
|
|
- DOC: update management.txt to reflect that threads are used by default
|
|
- BUG/MINOR: config: don't over-count the global maxsock value
|
|
- BUG/MEDIUM: list: fix the rollback on addq in the locked liss
|
|
- BUG/MEDIUM: list: fix LIST_POP_LOCKED's removal of the last pointer
|
|
- BUG/MEDIUM: list: add missing store barriers when updating elements and head
|
|
- MINOR: list: make the delete and pop operations idempotent
|
|
- MINOR: server: remove a few unneeded LIST_INIT calls after LIST_DEL_LOCKED
|
|
- BUG/MEDIUM: listener: use a self-locked list for the dequeue lists
|
|
- BUG/MEDIUM: listener: make sure the listener never accepts too many conns
|
|
- BUG/MEDIUM: list: correct fix for LIST_POP_LOCKED's removal of last element
|
|
- MINOR: listener: introduce listener_backlog() to report the backlog value
|
|
- MINOR: listener: do not needlessly set l->maxconn
|
|
- MINOR: proxy: do not change the listeners' maxconn when updating the frontend's
|
|
- MEDIUM: config: don't enforce a low frontend maxconn value anymore
|
|
- MINOR: peers: Add a message for heartbeat.
|
|
- MINOR: global: keep a copy of the initial rlim_fd_cur and rlim_fd_max values
|
|
- BUG/MINOR: init: never lower rlim_fd_max
|
|
- BUG/MINOR: checks: make external-checks restore the original rlim_fd_cur/max
|
|
- BUG/MINOR: mworker: be careful to restore the original rlim_fd_cur/max on reload
|
|
- MINOR: init: make the maxpipe computation more accurate
|
|
- MINOR: init: move some maxsock updates earlier
|
|
- MEDIUM: init: make the global maxconn default to what rlim_fd_cur permits
|
|
- REGTEST: fix a spurious "nbthread 4" in the connection test
|
|
- DOC: update the text related to the global maxconn value
|
|
- BUG/MAJOR: mux-h2: fix race condition between close on both ends
|
|
- MINOR: sample: Replace "req.ungrpc" smp fetch by a "ungrpc" converter.
|
|
- BUG/MEDIUM: list: fix again LIST_ADDQ_LOCKED
|
|
- MINOR: htx: unconditionally handle parsing errors in requests or responses
|
|
- MINOR: mux-h2: always pass HTX_FL_PARSING_ERROR between h2s and buf on RX
|
|
- BUG/MEDIUM: h2/htx: verify that :path doesn't contain invalid chars
|
|
- MINOR: sample: Code factorization "ungrpc" converter.
|
|
- MINOR: sample: Rework gRPC converter code.
|
|
- CLEANUP: wurfl: remove dead, broken and unmaintained code
|
|
- MINOR: config: relax the range checks on cpu-map
|
|
- BUG/MINOR: ssl: fix warning about ssl-min/max-ver support
|
|
- MINOR: sample: Extract some protocol buffers specific code.
|
|
- DOC: Remove tabs and fixed punctuation.
|
|
- MINOR: sample: Add a protocol buffers specific converter.
|
|
- REGTEST: Peers reg tests.
|
|
- REGTEST: Enable reg tests with HEAD HTTP method usage.
|
|
- MINOR: lists: add a LIST_DEL_INIT() macro
|
|
- MINOR: task: use LIST_DEL_INIT() to remove a task from the queue
|
|
- MINOR: listener: improve incoming traffic distribution
|
|
- MINOR: tools: implement my_flsl()
|
|
- MEDIUM: listener: change the LB algorithm again to use two round robins instead
|
|
- CLEANUP: listener: remove old thread bit mapping
|
|
- MINOR: listener: move thr_idx from the bind_conf to the listener
|
|
- BUG/MEDIUM: logs: Only attempt to free startup_logs once.
|
|
- BUG/MAJOR: config: Wrong maxconn adjustment.
|
|
- BUG/MEDIUM: 51d: fix possible segfault on deinit_51degrees()
|
|
- OPTIM: task: limit the impact of memory barriers in taks_remove_from_task_list()
|
|
- MINOR: fd: Remove debugging code.
|
|
- BUG/MEDIUM: listeners: Don't call fd_stop_recv() if fd_updt is NULL.
|
|
- MINOR: threads: Implement __ha_barrier_atomic*.
|
|
- MEDIUM: threads: Use __ATOMIC_SEQ_CST when using the newer atomic API.
|
|
- MINOR: threads: Add macros to do atomic operation with no memory barrier.
|
|
- MEDIUM: various: Use __ha_barrier_atomic* when relevant.
|
|
- MEDIUM: applets: Use the new _HA_ATOMIC_* macros.
|
|
- MEDIUM: xref: Use the new _HA_ATOMIC_* macros.
|
|
- MEDIUM: fd: Use the new _HA_ATOMIC_* macros.
|
|
- MEDIUM: freq_ctr: Use the new _HA_ATOMIC_* macros.
|
|
- MEDIUM: proxy: Use the new _HA_ATOMIC_* macros.
|
|
- MEDIUM: server: Use the new _HA_ATOMIC_* macros.
|
|
- MEDIUM: task: Use the new _HA_ATOMIC_* macros.
|
|
- MEDIUM: activity: Use the new _HA_ATOMIC_* macros.
|
|
- MEDIUM: backend: Use the new _HA_ATOMIC_* macros.
|
|
- MEDIUM: cache: Use the new _HA_ATOMIC_* macros.
|
|
- MEDIUM: checks: Use the new _HA_ATOMIC_* macros.
|
|
- MEDIUM: pollers: Use the new _HA_ATOMIC_* macros.
|
|
- MEDIUM: compression: Use the new _HA_ATOMIC_* macros.
|
|
- MEDIUM: spoe: Use the new _HA_ATOMIC_* macros.
|
|
- MEDIUM: threads: Use the new _HA_ATOMIC_* macros.
|
|
- MEDIUM: http: Use the new _HA_ATOMIC_* macros.
|
|
- MEDIUM: lb/threads: Use the new _HA_ATOMIC_* macros.
|
|
- MEDIUM: listeners: Use the new _HA_ATOMIC_* macros.
|
|
- MEDIUM: logs: Use the new _HA_ATOMIC_* macros.
|
|
- MEDIUM: memory: Use the new _HA_ATOMIC_* macros.
|
|
- MEDIUM: peers: Use the new _HA_ATOMIC_* macros.
|
|
- MEDIUM: proto_tcp: Use the new _HA_ATOMIC_* macros.
|
|
- MEDIUM: queues: Use the new _HA_ATOMIC_* macros.
|
|
- MEDIUM: sessions: Use the new _HA_ATOMIC_* macros.
|
|
- MEDIUM: ssl: Use the new _HA_ATOMIC_* macros.
|
|
- MEDIUM: stream: Use the new _HA_ATOMIC_* macros.
|
|
- MEDIUM: tcp_rules: Use the new _HA_ATOMIC_* macros.
|
|
- MEDIUM: time: Use the new _HA_ATOMIC_* macros.
|
|
- MEDIUM: vars: Use the new _HA_ATOMIC_* macros.
|
|
- MINOR: config: remove obsolete use of DEFAULT_MAXCONN at various places
|
|
- MINOR: config: continue to rely on DEFAULT_MAXCONN to set the minimum maxconn
|
|
- BUG/MEDIUM: list: fix incorrect pointer unlocking in LIST_DEL_LOCKED()
|
|
- BUG/MEDIUM: listener: make sure we don't pick stopped threads
|
|
- MEDIUM: list: Remove useless barriers.
|
|
- MEDIUM: list: Use _HA_ATOMIC_*
|
|
- MEDIUM: connections: Use _HA_ATOMIC_*
|
|
- BUG/MAJOR: tasks: Use the TASK_GLOBAL flag to know if we're in the global rq.
|
|
- BUG/MEDIUM: threads/fd: do not forget to take into account epoll_fd/pipes
|
|
- BUG/MEDIUM: init/threads: consider epoll_fd/pipes for automatic maxconn calculation
|
|
- BUG/MEDIUM: tasks: Make sure we wake sleeping threads if needed.
|
|
- BUG/MINOR: mux-h1: Don't report an error on EOS if no message was received
|
|
- BUG/MINOR: stats/htx: Call channel_add_input() when response headers are sent
|
|
- BUG/MINOR: lua/htx: Use channel_add_input() when response data are added
|
|
- BUG/MINOR: lua/htx: Don't forget to call htx_to_buf() when appropriate
|
|
- MINOR: stats: Add the status code STAT_STATUS_IVAL to handle invalid requests
|
|
- MINOR: stats: Move stuff about the stats status codes in stats files
|
|
- BUG/MINOR: stats: Be more strict on what is a valid request to the stats applet
|
|
- Revert "REGTEST: Enable reg tests with HEAD HTTP method usage."
|
|
- BUILD: listener: shut up a build warning when threads are disabled
|
|
- BUILD: Makefile: allow the reg-tests target to be verbose
|
|
- BUILD: Makefile: resolve LEVEL before calling run-regtests
|
|
- BUG/MAJOR: spoe: Fix initialization of thread-dependent fields
|
|
- BUG/MAJOR: stats: Fix how huge POST data are read from the channel
|
|
- BUG/MINOR: http/counters: fix missing increment of fe->srv_aborts
|
|
- BUG/MEDIUM: mux-h2: Always wakeup streams with no id to avoid frozen streams
|
|
- MINOR: mux-h2: Set REFUSED_STREAM error to reset a stream if no data was never sent
|
|
- MINOR: muxes: Report the Last read with a dedicated flag
|
|
- MINOR: proto-http/proto-htx: Make error handling clearer during data forwarding
|
|
- BUILD: tools: fix a build warning on some 32-bit archs
|
|
- MINOR: init: report the list of optionally available services
|
|
- MEDIUM: proto_htx: Switch to infinite forwarding if there is no data filter
|
|
- BUG/MINOR: cache: Fully consume large requests in the cache applet
|
|
- BUG/MINOR: stats: Fully consume large requests in the stats applet
|
|
- BUG/MEDIUM: lua: Fully consume large requests when an HTTP applet ends
|
|
- MINOR: proto_http: Add function to handle the header "Expect: 100-continue"
|
|
- MINOR: proto_htx: Add function to handle the header "Expect: 100-continue"
|
|
- MINOR: stats/cache: Handle the header Expect when applets are registered
|
|
- MINOR: http/applets: Handle all applets intercepting HTTP requests the same way
|
|
- CLEANUP: cache: don't export http_cache_applet anymore
|
|
- MINOR: lua: Don't handle the header Expect in lua HTTP applets anymore
|
|
- BUG/MINOR: doc: Be accurate on the behavior on pool-purge-delay.
|
|
- Revert "MEDIUM: proto_htx: Switch to infinite forwarding if there is no data filter"
|
|
- BUG/MEDIUM: mux-h2: Make sure we destroyed the h2s once shutr/shutw is done.
|
|
- BUG/MEDIUM: mux-h2: Don't bother keeping the h2s if detaching and nothing to send.
|
|
- BUG/MEDIUM: mux-h2: Use the right list in h2_stop_senders().
|
|
- MINOR: mux-h2: copy small data blocks more often and reduce the number of pauses
|
|
- CLEANUP: mux-h2: add some comments to help understand the code
|
|
- BUG/MEDIUM: ssl: ability to set TLS 1.3 ciphers using ssl-default-server-ciphersuites
|
|
- BUG/MINOR: log: properly format IPv6 address when LOG_OPT_HEXA modifier is used.
|
|
- BUG/MEDIUM: h2: Try to be fair when sending data.
|
|
- BUG/MINOR: proto-http: Don't forward request body anymore on error
|
|
- MINOR: mux-h2: Remove useless test on ES flag in h2_frt_transfer_data()
|
|
- MINOR: connection: and new flag to mark end of input (EOI)
|
|
- MINOR: channel: Report EOI on the input channel if it was reached in the mux
|
|
- MEDIUM: mux-h2: Don't mix the end of the message with the end of stream
|
|
- MINOR: mux-h1: Set CS_FL_EOI the end of the message is reached
|
|
- BUG/MEDIUM: http/htx: Fix handling of the option abortonclose
|
|
- CLEANUP: muxes/stream-int: Remove flags CS_FL_READ_NULL and SI_FL_READ_NULL
|
|
- MEDIUM: proto_htx: Reintroduce the infinite forwarding on data
|
|
- BUG/MEDIUM: h2: only destroy the h2s if h2s->cs is NULL.
|
|
- BUG/MEDIUM: h2: Use the new sending_list in h2s_notify_send().
|
|
- BUG/MEDIUM: h2: Follow the same logic in h2_deferred_shut than in h2_snd_buf.
|
|
- BUG/MEDIUM: h2: Remove the tasklet from the task list if unsubscribing.
|
|
- BUG/MEDIUM: task/h2: add an idempotent task removal fucntion
|
|
- CLEANUP: task: only perform a LIST_DEL() when the list is not empty
|
|
- BUG/MEDIUM: mux-h2: make sure to always notify streams of EOS condition
|
|
- CONTRIB: debug: report the CS and CF's EOI flags
|
|
- MINOR: channel: don't unset CF_SHUTR_NOW after shutting down.
|
|
|
|
2019/02/26 : 2.0-dev1
|
|
- MINOR: mux-h2: only increase the connection window with the first update
|
|
- REGTESTS: remove the expected window updates from H2 handshakes
|
|
- BUG/MINOR: mux-h2: make empty HEADERS frame return a connection error
|
|
- BUG/MEDIUM: mux-h2: mark that we have too many CS once we have more than the max
|
|
- MEDIUM: mux-h2: remove padlen during headers phase
|
|
- MINOR: h2: add a bit-based frame type representation
|
|
- MINOR: mux-h2: remove useless check for empty frame length in h2s_decode_headers()
|
|
- MEDIUM: mux-h2: decode HEADERS frames before allocating the stream
|
|
- MINOR: mux-h2: make h2c_send_rst_stream() use the dummy stream's error code
|
|
- MINOR: mux-h2: add a new dummy stream for the REFUSED_STREAM error code
|
|
- MINOR: mux-h2: fail stream creation more cleanly using RST_STREAM
|
|
- MINOR: buffers: add a new b_move() function
|
|
- MINOR: mux-h2: make h2_peek_frame_hdr() support an offset
|
|
- MEDIUM: mux-h2: handle decoding of CONTINUATION frames
|
|
- CLEANUP: mux-h2: remove misleading comments about CONTINUATION
|
|
- BUG/MEDIUM: servers: Don't try to reuse connection if we switched server.
|
|
- BUG/MEDIUM: tasks: Decrement tasks_run_queue in tasklet_free().
|
|
- BUG/MINOR: htx: send the proper authenticate header when using http-request auth
|
|
- BUG/MEDIUM: mux_h2: Don't add to the idle list if we're full.
|
|
- BUG/MEDIUM: servers: Fail if we fail to allocate a conn_stream.
|
|
- BUG/MAJOR: servers: Use the list api correctly to avoid crashes.
|
|
- BUG/MAJOR: servers: Correctly use LIST_ELEM().
|
|
- BUG/MAJOR: sessions: Use an unlimited number of servers for the conn list.
|
|
- BUG/MEDIUM: servers: Flag the stream_interface on handshake error.
|
|
- MEDIUM: servers: Be smarter when switching connections.
|
|
- MEDIUM: sessions: Keep track of which connections are idle.
|
|
- MINOR: payload: add sample fetch for TLS ALPN
|
|
- BUG/MEDIUM: log: don't mark log FDs as non-blocking on terminals
|
|
- MINOR: channel: Add the function channel_add_input
|
|
- MINOR: stats/htx: Call channel_add_input instead of updating channel state by hand
|
|
- BUG/MEDIUM: cache: Be sure to end the forwarding when XFER length is unknown
|
|
- BUG/MAJOR: htx: Return the good block address after a defrag
|
|
- MINOR: lb: allow redispatch when using consistent hash
|
|
- CLEANUP: mux-h2: fix end-of-stream flag name when processing headers
|
|
- BUG/MEDIUM: mux-h2: always restart reading if data are available
|
|
- BUG/MINOR: mux-h2: set the stream-full flag when leaving h2c_decode_headers()
|
|
- BUG/MINOR: mux-h2: don't check the CS count in h2c_bck_handle_headers()
|
|
- BUG/MINOR: mux-h2: mark end-of-stream after processing response HEADERS, not before
|
|
- BUG/MINOR: mux-h2: only update rxbuf's length for H1 headers
|
|
- BUG/MEDIUM: mux-h1: use per-direction flags to indicate transitions
|
|
- BUG/MEDIUM: mux-h1: make HTX chunking consistent with H2
|
|
- BUG/MAJOR: stream-int: Update the stream expiration date in stream_int_notify()
|
|
- BUG/MEDIUM: proto-htx: Set SI_FL_NOHALF on server side when request is done
|
|
- BUG/MEDIUM: mux-h1: Add a task to handle connection timeouts
|
|
- MINOR: mux-h2: make h2c_decode_headers() return a status, not a count
|
|
- MINOR: mux-h2: add a new dummy stream : h2_error_stream
|
|
- MEDIUM: mux-h2: make h2c_decode_headers() support recoverable errors
|
|
- BUG/MINOR: mux-h2: detect when the HTX EOM block cannot be added after headers
|
|
- MINOR: mux-h2: remove a misleading and impossible test
|
|
- CLEANUP: mux-h2: clean the stream error path on HEADERS frame processing
|
|
- MINOR: mux-h2: check for too many streams only for idle streams
|
|
- MINOR: mux-h2: set H2_SF_HEADERS_RCVD when a HEADERS frame was decoded
|
|
- BUG/MEDIUM: mux-h2: decode trailers in HEADERS frames
|
|
- MINOR: h2: add h2_make_h1_trailers to turn H2 headers to H1 trailers
|
|
- MEDIUM: mux-h2: pass trailers to H1 (legacy mode)
|
|
- MINOR: htx: add a new function to add a block without filling it
|
|
- MINOR: h2: add h2_make_htx_trailers to turn H2 headers to HTX trailers
|
|
- MEDIUM: mux-h2: pass trailers to HTX
|
|
- MINOR: mux-h1: parse the content-length header on output and set H1_MF_CLEN
|
|
- BUG/MEDIUM: mux-h1: don't enforce chunked encoding on requests
|
|
- MINOR: mux-h2: make HTX_BLK_EOM processing idempotent
|
|
- MINOR: h1: make the H1 headers block parser able to parse headers only
|
|
- MEDIUM: mux-h2: emit HEADERS frames when facing HTX trailers blocks
|
|
- MINOR: stream/htx: Add info about the HTX structs in "show sess all" command
|
|
- MINOR: stream: Add the subscription events of SIs in "show sess all" command
|
|
- MINOR: mux-h1: Add the subscription events in "show fd" command
|
|
- BUG/MEDIUM: h1: Get the h1m state when restarting the headers parsing
|
|
- BUG/MINOR: cache/htx: Be sure to count partial trailers
|
|
- BUG/MEDIUM: h1: In h1_init(), wake the tasklet instead of calling h1_recv().
|
|
- BUG/MEDIUM: server: Defer the mux init until after xprt has been initialized.
|
|
- MINOR: connections: Remove a stall comment.
|
|
- BUG/MEDIUM: cli: make "show sess" really thread-safe
|
|
- BUILD: add a new file "version.c" to carry version updates
|
|
- MINOR: stream/htx: add the HTX flags output in "show sess all"
|
|
- MINOR: stream/cli: fix the location of the waiting flag in "show sess all"
|
|
- MINOR: stream/cli: report more info about the HTTP messages on "show sess all"
|
|
- BUG/MINOR: lua: bad args are returned for Lua actions
|
|
- BUG/MEDIUM: lua: dead lock when Lua tasks are trigerred
|
|
- MINOR: htx: Add an helper function to get the max space usable for a block
|
|
- MINOR: channel/htx: Add HTX version for some helper functions
|
|
- BUG/MEDIUM: cache/htx: Respect the reserve when cached objects are served
|
|
- BUG/MINOR: stats/htx: Respect the reserve when the stats page is dumped
|
|
- DOC: regtest: make it clearer what the purpose of the "broken" series is
|
|
- REGTEST: mailers: add new test for 'mailers' section
|
|
- REGTEST: Add a reg test for health-checks over SSL/TLS.
|
|
- BUG/MINOR: mux-h1: Close connection on shutr only when shutw was really done
|
|
- MEDIUM: mux-h1: Clarify how shutr/shutw are handled
|
|
- BUG/MINOR: compression: Disable it if another one is already in progress
|
|
- BUG/MINOR: filters: Detect cache+compression config on legacy HTTP streams
|
|
- BUG/MINOR: cache: Disable the cache if any compression filter precedes it
|
|
- REGTEST: Add some informatoin to test results.
|
|
- MINOR: htx: Add a function to truncate all blocks after a specific offset
|
|
- MINOR: channel/htx: Add the HTX version of channel_truncate/erase
|
|
- BUG/MINOR: proto_htx: Use HTX versions to truncate or erase a buffer
|
|
- BUG/CRITICAL: mux-h2: re-check the frame length when PRIORITY is used
|
|
- DOC: Fix typo in req.ssl_alpn example (commit 4afdd138424ab...)
|
|
- DOC: http-request cache-use / http-response cache-store expects cache name
|
|
- REGTEST: "capture (request|response)" regtest.
|
|
- BUG/MINOR: lua/htx: Respect the reserve when data are send from an HTX applet
|
|
- REGTEST: filters: add compression test
|
|
- BUG/MEDIUM: init: Initialize idle_orphan_conns for first server in server-template
|
|
- BUG/MEDIUM: ssl: Disable anti-replay protection and set max data with 0RTT.
|
|
- DOC: Be a bit more explicit about allow-0rtt security implications.
|
|
- MINOR: mux-h1: make the mux_h1_ops struct static
|
|
- BUILD: makefile: add an EXTRA_OBJS variable to help build optional code
|
|
- BUG/MEDIUM: connection: properly unregister the mux on failed initialization
|
|
- BUG/MAJOR: cache: fix confusion between zero and uninitialized cache key
|
|
- REGTESTS: test case for map_regm commit 271022150d
|
|
- REGTESTS: Basic tests for concat,strcmp,word,field,ipmask converters
|
|
- REGTESTS: Basic tests for using maps to redirect requests / select backend
|
|
- DOC: REGTESTS README varnishtest -Dno-htx= define.
|
|
- MINOR: spoe: Make the SPOE filter compatible with HTX proxies
|
|
- MINOR: checks: Store the proxy in checks.
|
|
- BUG/MEDIUM: checks: Avoid having an associated server for email checks.
|
|
- REGTEST: Switch to vtest.
|
|
- REGTEST: Adapt reg test doc files to vtest.
|
|
- BUG/MEDIUM: h1: Make sure we destroy an inactive connectin that did shutw.
|
|
- BUG/MINOR: base64: dec func ignores padding for output size checking
|
|
- BUG/MEDIUM: ssl: missing allocation failure checks loading tls key file
|
|
- MINOR: ssl: add support of aes256 bits ticket keys on file and cli.
|
|
- BUG/MINOR: backend: don't use url_param_name as a hint for BE_LB_ALGO_PH
|
|
- BUG/MINOR: backend: balance uri specific options were lost across defaults
|
|
- BUG/MINOR: backend: BE_LB_LKUP_CHTREE is a value, not a bit
|
|
- MINOR: backend: move url_param_name/len to lbprm.arg_str/len
|
|
- MINOR: backend: make headers and RDP cookie also use arg_str/len
|
|
- MINOR: backend: add new fields in lbprm to store more LB options
|
|
- MINOR: backend: make the header hash use arg_opt1 for use_domain_only
|
|
- MINOR: backend: remap the balance uri settings to lbprm.arg_opt{1,2,3}
|
|
- MINOR: backend: move hash_balance_factor out of chash
|
|
- MEDIUM: backend: move all LB algo parameters into an union
|
|
- MINOR: backend: make the random algorithm support a number of draws
|
|
- BUILD/MEDIUM: da: Necessary code changes for new buffer API.
|
|
- BUG/MINOR: stick_table: Prevent conn_cur from underflowing
|
|
- BUG: 51d: Changes to the buffer API in 1.9 were not applied to the 51Degrees code.
|
|
- BUG/MEDIUM: stats: Get the right scope pointer depending on HTX is used or not
|
|
- DOC: add a missing space in the documentation for bc_http_major
|
|
- REGTEST: checks basic stats webpage functionality
|
|
- BUG/MEDIUM: servers: Make assign_tproxy_address work when ALPN is set.
|
|
- BUG/MEDIUM: connections: Add the CO_FL_CONNECTED flag if a send succeeded.
|
|
- DOC: add github issue templates
|
|
- MINOR: cfgparse: Extract some code to be re-used.
|
|
- CLEANUP: cfgparse: Return asap from cfg_parse_peers().
|
|
- CLEANUP: cfgparse: Code reindentation.
|
|
- MINOR: cfgparse: Useless frontend initialization in "peers" sections.
|
|
- MINOR: cfgparse: Rework peers frontend init.
|
|
- MINOR: cfgparse: Simplication.
|
|
- MINOR: cfgparse: Make "peer" lines be parsed as "server" lines.
|
|
- MINOR: peers: Make outgoing connection to SSL/TLS peers work.
|
|
- MINOR: cfgparse: SSL/TLS binding in "peers" sections.
|
|
- DOC: peers: SSL/TLS documentation for "peers"
|
|
- BUG/MINOR: startup: certain goto paths in init_pollers fail to free
|
|
- BUG/MEDIUM: checks: fix recent regression on agent-check making it crash
|
|
- BUG/MINOR: server: don't always trust srv_check_health when loading a server state
|
|
- BUG/MINOR: check: Wake the check task if the check is finished in wake_srv_chk()
|
|
- BUG/MEDIUM: ssl: Fix handling of TLS 1.3 KeyUpdate messages
|
|
- DOC: mention the effect of nf_conntrack_tcp_loose on src/dst
|
|
- BUG/MINOR: proto-htx: Return an error if all headers cannot be received at once
|
|
- BUG/MEDIUM: mux-h2/htx: Respect the channel's reserve
|
|
- BUG/MINOR: mux-h1: Apply the reserve on the channel's buffer only
|
|
- BUG/MINOR: mux-h1: avoid copying output over itself in zero-copy
|
|
- BUG/MAJOR: mux-h2: don't destroy the stream on failed allocation in h2_snd_buf()
|
|
- BUG/MEDIUM: backend: also remove from idle list muxes that have no more room
|
|
- BUG/MEDIUM: mux-h2: properly abort on trailers decoding errors
|
|
- MINOR: h2: declare new sets of frame types
|
|
- BUG/MINOR: mux-h2: CONTINUATION in closed state must always return GOAWAY
|
|
- BUG/MINOR: mux-h2: headers-type frames in HREM are always a connection error
|
|
- BUG/MINOR: mux-h2: make it possible to set the error code on an already closed stream
|
|
- BUG/MINOR: hpack: return a compression error on invalid table size updates
|
|
- MINOR: server: make sure pool-max-conn is >= -1
|
|
- BUG/MINOR: stream: take care of synchronous errors when trying to send
|
|
- CLEANUP: server: fix indentation mess on idle connections
|
|
- BUG/MINOR: mux-h2: always check the stream ID limit in h2_avail_streams()
|
|
- BUG/MINOR: mux-h2: refuse to allocate a stream with too high an ID
|
|
- BUG/MEDIUM: backend: never try to attach to a mux having no more stream available
|
|
- MINOR: server: add a max-reuse parameter
|
|
- MINOR: mux-h2: always consider a server's max-reuse parameter
|
|
- MEDIUM: stream-int: always mark pending outgoing SI_ST_CON
|
|
- MINOR: stream: don't wait before retrying after a failed connection reuse
|
|
- MEDIUM: h2: always parse and deduplicate the content-length header
|
|
- BUG/MINOR: mux-h2: always compare content-length to the sum of DATA frames
|
|
- CLEANUP: h2: Remove debug printf in mux_h2.c
|
|
- MINOR: cfgparse: make the process/thread parser support a maximum value
|
|
- MINOR: threads: make MAX_THREADS configurable at build time
|
|
- DOC: nbthread is no longer experimental.
|
|
- BUG/MINOR: listener: always fill the source address for accepted socketpairs
|
|
- BUG/MINOR: mux-h2: do not report available outgoing streams after GOAWAY
|
|
- BUG/MINOR: spoe: corrected fragmentation string size
|
|
- BUG/MINOR: task: fix possibly missed event in inter-thread wakeups
|
|
- BUG/MEDIUM: servers: Attempt to reuse an unfinished connection on retry.
|
|
- BUG/MEDIUM: backend: always call si_detach_endpoint() on async connection failure
|
|
- SCRIPTS: add the issue tracker URL to the announce script
|
|
- MINOR: peers: Extract some code to be reused.
|
|
- CLEANUP: peers: Indentation fixes.
|
|
- MINOR: peers: send code factorization.
|
|
- MINOR: peers: Add new functions to send code and reduce the I/O handler.
|
|
- MEDIUM: peers: synchronizaiton code factorization to reduce the size of the I/O handler.
|
|
- MINOR: peers: Move update receive code to reduce the size of the I/O handler.
|
|
- MINOR: peers: Move ack, switch and definition receive code to reduce the size of the I/O handler.
|
|
- MINOR: peers: Move high level receive code to reduce the size of I/O handler.
|
|
- CLEANUP: peers: Be more generic.
|
|
- MINOR: peers: move error handling to reduce the size of the I/O handler.
|
|
- MINOR: peers: move messages treatment code to reduce the size of the I/O handler.
|
|
- MINOR: peers: move send code to reduce the size of the I/O handler.
|
|
- CLEANUP: peers: Remove useless statements.
|
|
- MINOR: peers: move "hello" message treatment code to reduce the size of the I/O handler.
|
|
- MINOR: peers: move peer initializations code to reduce the size of the I/O handler.
|
|
- CLEANUP: peers: factor the error handling code in peer_treet_updatemsg()
|
|
- CLEANUP: peers: factor error handling in peer_treat_definedmsg()
|
|
- BUILD/MINOR: peers: shut up a build warning introduced during last cleanup
|
|
- BUG/MEDIUM: mux-h2: only close connection on request frames on closed streams
|
|
- CLEANUP: mux-h2: remove two useless but misleading assignments
|
|
- BUG/MEDIUM: checks: Check that conn_install_mux succeeded.
|
|
- BUG/MEDIUM: servers: Only destroy a conn_stream we just allocated.
|
|
- BUG/MEDIUM: servers: Don't add an incomplete conn to the server idle list.
|
|
- BUG/MEDIUM: checks: Don't try to set ALPN if connection failed.
|
|
- BUG/MEDIUM: h2: In h2_send(), stop the loop if we failed to alloc a buf.
|
|
- BUG/MEDIUM: peers: Handle mux creation failure.
|
|
- BUG/MEDIUM: servers: Close the connection if we failed to install the mux.
|
|
- BUG/MEDIUM: compression: Rewrite strong ETags
|
|
- BUG/MINOR: deinit: tcp_rep.inspect_rules not deinit, add to deinit
|
|
- CLEANUP: mux-h2: remove misleading leftover test on h2s' nullity
|
|
- BUG/MEDIUM: mux-h2: wake up flow-controlled streams on initial window update
|
|
- BUG/MEDIUM: mux-h2: fix two half-closed to closed transitions
|
|
- BUG/MEDIUM: mux-h2: make sure never to send GOAWAY on too old streams
|
|
- BUG/MEDIUM: mux-h2: do not abort HEADERS frame before decoding them
|
|
- BUG/MINOR: mux-h2: make sure response HEADERS are not received in other states than OPEN and HLOC
|
|
- MINOR: h2: add a generic frame checker
|
|
- MEDIUM: mux-h2: check the frame validity before considering the stream state
|
|
- CLEANUP: mux-h2: remove stream ID and frame length checks from the frame parsers
|
|
- BUG/MINOR: mux-h2: make sure request trailers on aborted streams don't break the connection
|
|
- DOC: compression: Update the reasons for disabled compression
|
|
- BUG/MEDIUM: buffer: Make sure b_is_null handles buffers waiting for allocation.
|
|
- DOC: htx: make it clear that htxbuf() and htx_from_buf() always return valid pointers
|
|
- MINOR: htx: never check for null htx pointer in htx_is_{,not_}empty()
|
|
- MINOR: mux-h2: consistently rely on the htx variable to detect the mode
|
|
- BUG/MEDIUM: peers: Peer addresses parsing broken.
|
|
- BUG/MEDIUM: mux-h1: Don't add "transfer-encoding" if message-body is forbidden
|
|
- BUG/MEDIUM: connections: Don't forget to remove CO_FL_SESS_IDLE.
|
|
- BUG/MINOR: stream: don't close the front connection when facing a backend error
|
|
- BUG/MEDIUM: mux-h2: wait for the mux buffer to be empty before closing the connection
|
|
- MINOR: stream-int: add a new flag to mention that we want the connection to be killed
|
|
- MINOR: connstream: have a new flag CS_FL_KILL_CONN to kill a connection
|
|
- BUG/MEDIUM: mux-h2: do not close the connection on aborted streams
|
|
- BUG/MINOR: server: fix logic flaw in idle connection list management
|
|
- MINOR: mux-h2: max-concurrent-streams should be unsigned
|
|
- MINOR: mux-h2: make sure to only check concurrency limit on the frontend
|
|
- MINOR: mux-h2: learn and store the peer's advertised MAX_CONCURRENT_STREAMS setting
|
|
- BUG/MEDIUM: mux-h2: properly consider the peer's advertised max-concurrent-streams
|
|
- MINOR: xref: Add missing barriers.
|
|
- MINOR: muxes: Don't bother to LIST_DEL(&conn->list) before calling conn_free().
|
|
- MINOR: debug: Add an option that causes random allocation failures.
|
|
- BUG/MEDIUM: backend: always release the previous connection into its own target srv_list
|
|
- BUG/MEDIUM: htx: check the HTX compatibility in dynamic use-backend rules
|
|
- BUG/MINOR: tune.fail-alloc: Don't forget to initialize ret.
|
|
- BUG/MINOR: backend: check srv_conn before dereferencing it
|
|
- BUG/MEDIUM: mux-h2: always omit :scheme and :path for the CONNECT method
|
|
- BUG/MEDIUM: mux-h2: always set :authority on request output
|
|
- BUG/MEDIUM: stream: Don't forget to free s->unique_id in stream_free().
|
|
- BUG/MINOR: threads: fix the process range of thread masks
|
|
- BUG/MINOR: config: fix bind line thread mask validation
|
|
- CLEANUP: threads: fix misleading comment about all_threads_mask
|
|
- CLEANUP: threads: use nbits to calculate the thread mask
|
|
- OPTIM: listener: optimize cache-line packing for struct listener
|
|
- MINOR: tools: improve the popcount() operation
|
|
- MINOR: config: keep an all_proc_mask like we have all_threads_mask
|
|
- MINOR: global: add proc_mask() and thread_mask()
|
|
- MINOR: config: simplify bind_proc processing using proc_mask()
|
|
- MINOR: threads: make use of thread_mask() to simplify some thread calculations
|
|
- BUG/MINOR: compression: properly report compression stats in HTX mode
|
|
- BUG/MINOR: task: close a tiny race in the inter-thread wakeup
|
|
- BUG/MAJOR: config: verify that targets of track-sc and stick rules are present
|
|
- BUG/MAJOR: spoe: verify that backends used by SPOE cover all their callers' processes
|
|
- BUG/MAJOR: htx/backend: Make all tests on HTTP messages compatible with HTX
|
|
- BUG/MINOR: config: make sure to count the error on incorrect track-sc/stick rules
|
|
- DOC: ssl: Clarify when pre TLSv1.3 cipher can be used
|
|
- DOC: ssl: Stop documenting ciphers example to use
|
|
- BUG/MINOR: spoe: do not assume agent->rt is valid on exit
|
|
- BUG/MINOR: lua: initialize the correct idle conn lists for the SSL sockets
|
|
- BUG/MEDIUM: spoe: initialization depending on nbthread must be done last
|
|
- BUG/MEDIUM: server: initialize the idle conns list after parsing the config
|
|
- BUG/MEDIUM: server: initialize the orphaned conns lists and tasks at the end
|
|
- MINOR: config: make MAX_PROCS configurable at build time
|
|
- BUG/MAJOR: spoe: Don't try to get agent config during SPOP healthcheck
|
|
- BUG/MINOR: config: Reinforce validity check when a process number is parsed
|
|
- BUG/MEDIUM: peers: check that p->srv actually exists before using p->srv->use_ssl
|
|
- CONTRIB: contrib/prometheus-exporter: Add a Prometheus exporter for HAProxy
|
|
- BUG/MINOR: mux-h1: verify the request's version before dropping connection: keep-alive
|
|
- BUG: 51d: In Hash Trie, multi header matching was affected by the header names stored globaly.
|
|
- MEDIUM: 51d: Enabled multi threaded operation in the 51Degrees module.
|
|
- BUG/MAJOR: stream: avoid double free on unique_id
|
|
- BUILD/MINOR: stream: avoid a build warning with threads disabled
|
|
- BUILD/MINOR: tools: fix build warning in the date conversion functions
|
|
- BUILD/MINOR: peers: remove an impossible null test in intencode()
|
|
- BUILD/MINOR: htx: fix some potential null-deref warnings with http_find_stline
|
|
- BUG/MEDIUM: peers: Missing peer initializations.
|
|
- BUG/MEDIUM: http_fetch: fix the "base" and "base32" fetch methods in HTX mode
|
|
- BUG/MEDIUM: proto_htx: Fix data size update if end of the cookie is removed
|
|
- BUG/MEDIUM: http_fetch: fix "req.body_len" and "req.body_size" fetch methods in HTX mode
|
|
- BUILD/MEDIUM: initcall: Fix build on MacOS.
|
|
- BUG/MEDIUM: mux-h2/htx: Always set CS flags before exiting h2_rcv_buf()
|
|
- MINOR: h2/htx: Set the flag HTX_SL_F_BODYLESS for messages without body
|
|
- BUG/MINOR: mux-h1: Add "transfer-encoding" header on outgoing requests if needed
|
|
- BUG/MINOR: mux-h2: Don't add ":status" pseudo-header on trailers
|
|
- BUG/MINOR: proto-htx: Consider a XFER_LEN message as chunked by default
|
|
- BUG/MEDIUM: h2/htx: Correctly handle interim responses when HTX is enabled
|
|
- MINOR: mux-h2: Set HTX extra value when possible
|
|
- BUG/MEDIUM: htx: count the amount of copied data towards the final count
|
|
- MINOR: mux-h2: make the H2 MAX_FRAME_SIZE setting configurable
|
|
- BUG/MEDIUM: mux-h2/htx: send an empty DATA frame on empty HTX trailers
|
|
- BUG/MEDIUM: servers: Use atomic operations when handling curr_idle_conns.
|
|
- BUG/MEDIUM: servers: Add a per-thread counter of idle connections.
|
|
- MINOR: fd: add a new my_closefrom() function to close all FDs
|
|
- MINOR: checks: use my_closefrom() to close all FDs
|
|
- MINOR: fd: implement an optimised my_closefrom() function
|
|
- BUG/MINOR: fd: make sure my_closefrom() doesn't miss some FDs
|
|
- BUG/MAJOR: fd/threads, task/threads: ensure all spin locks are unlocked
|
|
- BUG/MAJOR: listener: Make sure the listener exist before using it.
|
|
- MINOR: fd: Use closefrom() as my_closefrom() if supported.
|
|
- BUG/MEDIUM: mux-h1: Report the right amount of data xferred in h1_rcv_buf()
|
|
- BUG/MINOR: channel: Set CF_WROTE_DATA when outgoing data are skipped
|
|
- MINOR: htx: Add function to drain data from an HTX message
|
|
- MINOR: channel/htx: Add function to skips output bytes from an HTX channel
|
|
- BUG/MAJOR: cache/htx: Set the start-line offset when a cached object is served
|
|
- BUG/MEDIUM: cache: Get objects from the cache only for GET and HEAD requests
|
|
- BUG/MINOR: cache/htx: Return only the headers of cached objects to HEAD requests
|
|
- BUG/MINOR: mux-h1: Always initilize h1m variable in h1_process_input()
|
|
- BUG/MEDIUM: proto_htx: Fix functions applying regex filters on HTX messages
|
|
- BUG/MEDIUM: h2: advertise to servers that we don't support push
|
|
- MINOR: standard: Add a function to parse uints (dotted notation).
|
|
- MINOR: arg: Add support for ARGT_PBUF_FNUM arg type.
|
|
- MINOR: http_fetch: add "req.ungrpc" sample fetch for gRPC.
|
|
- MINOR: sample: Add two sample converters for protocol buffers.
|
|
- DOC: sample: Add gRPC related documentation.
|
|
|
|
2018/12/22 : 2.0-dev0
|
|
- BUG/MAJOR: connections: Close the connection before freeing it.
|
|
- REGTEST: Require the option LUA to run lua tests
|
|
- REGTEST: script: Process script arguments before everything else
|
|
- REGTEST: script: Evaluate the varnishtest command to allow quoted parameters
|
|
- REGTEST: script: Add the option --clean to remove previous log direcotries
|
|
- REGTEST: script: Add the option --debug to show logs on standard ouput
|
|
- REGTEST: script: Add the option --keep-logs to keep all log directories
|
|
- REGTEST: script: Add the option --use-htx to enable the HTX in regtests
|
|
- REGTEST: script: Print only errors in the results report
|
|
- REGTEST: Add option to use HTX prefixed by the macro 'no-htx'
|
|
- REGTEST: Make reg-tests target support argument.
|
|
- REGTEST: Fix a typo about barrier type.
|
|
- REGTEST: Be less Linux specific with a syslog regex.
|
|
- REGTEST: Missing enclosing quotes for ${tmpdir} macro.
|
|
- REGTEST: Exclude freebsd target for some reg tests.
|
|
- BUG/MEDIUM: h2: Don't forget to quit the sending_list if SUB_CALL_UNSUBSCRIBE.
|
|
- BUG/MEDIUM: mux-h2: Don't forget to quit the send list on error reports
|
|
- BUG/MEDIUM: dns: Don't prevent reading the last byte of the payload in dns_validate_response()
|
|
- BUG/MEDIUM: dns: overflowed dns name start position causing invalid dns error
|
|
- BUG/MINOR: compression/htx: Don't compress responses with unknown body length
|
|
- BUG/MINOR: compression/htx: Don't add the last block of data if it is empty
|
|
- MEDIUM: mux_h1: Implement h1_show_fd.
|
|
- REGTEST: script: Add support of alternatives in requited options list
|
|
- REGTEST: Add a basic test for the compression
|
|
- BUG/MEDIUM: mux-h2: don't needlessly wake up the demux on short frames
|
|
- REGTEST: A basic test for "http-buffer-request"
|
|
- BUG/MEDIUM: server: Also copy "check-sni" for server templates.
|
|
- MINOR: ssl: Add ssl_sock_set_alpn().
|
|
- MEDIUM: checks: Add check-alpn.
|
|
- wip
|
|
|
|
2018/12/19 : 1.9.0
|
|
- BUG/MEDIUM: compression: Use the right buffer pointers to compress input data
|
|
- BUG/MINOR: mux_pt: Set CS_FL_WANT_ROOM when count is zero in rcv_buf() callback
|
|
- BUG/MEDIUM: connection: Add a new CS_FL_ERR_PENDING flag to conn_streams.
|
|
- CONTRIB: debug: teach the "flags" utility about new conn_stream flags
|
|
- BUG/MEDIUM: stream-int: always clear CS_FL_WANT_ROOM before receiving
|
|
- BUG/MEDIUM: mux-h2: also restart demuxing when data are pending in demux
|
|
- BUG/MEDIUM: mux-h2: restart demuxing as soon as demux data are available
|
|
- BUG/MEDIUM: h2: fix aggregated cookie length computation in HTX mode
|
|
- MINOR: mux-h2: report more h2c, last h2s and cs information on "show fd"
|
|
- CONTRIB: debug: report stream-int's flag SI_FL_CLEAN_ABRT
|
|
- MINOR: cli/stream: add the conn_stream in "show sess" output
|
|
- BUG/MINOR: mux-h2: don't report a fantom h2s in "show fd"
|
|
- BUG/MINOR: cli/fd: don't isolate the thread for each individual fd
|
|
- MINOR: objtype: report a few missing types in names and base pointers
|
|
- BUG/MEDIUM: mux-h2: make sure to report synchronous errors after EOS
|
|
- BUG/MEDIUM: mux-h2: report asynchronous errors in h2_wake_some_streams()
|
|
- BUG/MEDIUM: mux-h2: make sure the demux also wakes streams up on errors
|
|
- BUG/MINOR: mux-h1: report the correct frontend in error captures
|
|
- BUG/MEDIUM: stream-int: also wake the stream up on end of transfer
|
|
- MEDIUM: h2: properly check and deduplicate the content-length header in HTX
|
|
- BUG/MEDIUM: stream: Forward the right amount of data before infinite forwarding
|
|
- BUG/MINOR: proto_htx: Call the HTX version of the function managing client cookies
|
|
- BUG/MEDIUM: lua/htx: Handle EOM in receive/get_line calls in HTTP applets
|
|
- BUG/MINOR: lua: Return an error if a legacy HTTP applet doesn't send anything
|
|
- MINOR: compression: Remove the thread_local variable buf_output
|
|
- CLEANUP: connection: rename subscription events values and event field
|
|
- CLEANUP: connection: rename conn->mux_ctx to conn->ctx
|
|
- MINOR: connection: remove an unwelcome dependency on struct stream
|
|
- CLEANUP: stream-int: consistently call the si/stream_int functions
|
|
- BUG/MEDIUM: h1: Don't shutw/shutr the connection if we have keepalive.
|
|
- BUG/MEDIUM: H2: Make sure htx is set even on empty frames.
|
|
- BUG/MEDIUM: mux-h2: pass CS_FL_ERR_PENDING to h2_wake_some_streams()
|
|
- MEDIUM: stream-int: always consider all CS errors on the send side
|
|
- BUG/MEDIUM: h2: Make sure we don't set CS_FL_ERROR if there's still data.
|
|
- CLEANUP: mux-h2: implement h2s_notify_{send,recv} to report events to subscribers
|
|
- MINOR: mux-h2: add a new function h2s_alert() to call the data layer
|
|
- BUG/MEDIUM: mux-h2: make use of h2s_alert() to report aborts
|
|
- MINOR: connection: add cs_set_error() to set the error bits
|
|
- CLEANUP: mux-h2: make use of cs_set_error()
|
|
- BUG/MINOR: mux-h2: make sure we check the conn_stream in early data
|
|
- BUG/MEDIUM: h2: Don't wait for flow control if the connection had a shutr.
|
|
- MINOR: cli/show_fd: report that a connection is back or not
|
|
- SCRIPTS: add the slack channel URL to the announce script
|
|
- CLEANUP: remove my name and address from the copyright banner
|
|
- DOC: mention in the readme that 1.9 is a stable version now
|
|
|
|
2018/12/16 : 1.9-dev11
|
|
- BUG/MEDIUM: connection: Don't use the provided conn_stream if it was tried.
|
|
- REGTEST/MINOR: remove double body specification for server txresp
|
|
- BUG/MEDIUM: connections: Remove error flags when retrying.
|
|
- REGTEST/MINOR: skip seamless-reload test with abns socket on freebsd
|
|
- REGTEST/MINOR: remove health-check that can make the test fail
|
|
- DOC: clarify that check-sni needs an argument.
|
|
- DOC: refer to check-sni in the documentation of sni
|
|
- BUG/MEDIUM: mux-h2: fix encoding of non-GET/POST methods
|
|
- BUG/MINOR: mux-h1: Fix conn_mode processing for headerless outgoing messages
|
|
- BUG/MEDIUM: mux-h1: Add a BUSY mode to not loop on pipelinned requests
|
|
- BUG/MEDIUM: mux-h1: Don't loop on the headers parsing if the read0 was received
|
|
- BUG/MEDIUM: htx: Always do a defrag if a block value is replace by a bigger one
|
|
- BUG/MEDIUM: mux-h2: Don't forget to set the CS_FL_EOS flag with htx.
|
|
- BUG/MINOR: hpack: fix off-by-one in header name encoding length calculation
|
|
- CLEANUP: hpack: no need to include chunk.h, only include buf.h
|
|
- MINOR: hpack: simplify the len to bytes conversion
|
|
- MINOR: hpack: use ist2bin() to copy header names in hpack_encode_header()
|
|
- MINOR: hpack: optimize header encoding for short names
|
|
- CONTRIB: hpack: add a compressed stream generator for the encoder
|
|
- MEDIUM: hpack: make it possible to encode any static header name
|
|
- MINOR: hpack: move the length computation and encoding functions to .h
|
|
- MINOR: hpack: provide a function to encode a short indexed header
|
|
- MINOR: hpack: provide a function to encode a long indexed header
|
|
- MINOR: hpack: provide new functions to encode the ":status" header
|
|
- MEDIUM: mux-h2: make use of standard HPACK encoding functions for the status
|
|
- MINOR: hpack: provide a function to encode an HTTP method
|
|
- MEDIUM: mux-h2: make use of hpack_encode_method() to encode the method
|
|
- MINOR: hpack: provide a function to encode an HTTP scheme
|
|
- MEDIUM: mux-h2: make use of hpack_encode_scheme() to encode the scheme
|
|
- MINOR: hpack: provide a function to encode an HTTP path
|
|
- MEDIUM: mux-h2: make use of hpack_encode_path() to encode the path
|
|
- REGTEST: add the HTTP rules test involving HTX processing
|
|
- REORG: connection: centralize the conn_set_{tos,mark,quickack} functions
|
|
- MEDIUM: cli: rework the CLI proxy parser
|
|
- MINOR: cli: parse prompt command in the CLI proxy
|
|
- MINOR: cli: implements 'quit' in the CLI proxy
|
|
- BUG/MINOR: cli: wait for payload data even without prompt
|
|
- MEDIUM: cli: handle payload in CLI proxy
|
|
- MINOR: cli: use pcli_flags for prompt activation
|
|
- MINOR: compression: Rename the function check_legacy_http_comp_flt()
|
|
- MINOR: cache/htx: Don't use the same cache on HTX and legacy HTTP proxies
|
|
- MINOR: cache: Register the cache as a data filter only if response is cacheable
|
|
- MEDIUM: cache/htx: Add the HTX support into the cache
|
|
- MINOR: cache: Improve and simplify the cache configuration check
|
|
- MINOR: filters: Export the name of known filters
|
|
- MEDIUM: cache/compression: Add a way to safely combined compression and cache
|
|
- MEDIUM: cache: Require an explicit filter declaration if other filters are used
|
|
- REORG: htx: merge types+proto into common/htx.h
|
|
- REORG: http: create http_msg.c to place there some legacy HTTP parts
|
|
- REORG: h1: move legacy http functions to http_msg.c
|
|
- REORG: h1: move the h1_state definition to proto_http
|
|
- CLEANUP: h1: remove some occurrences of unneeded h1.h inclusions
|
|
- REORG: h1: merge types+proto into common/h1.h
|
|
- CLEANUP: stream: remove SF_TUNNEL, SF_INITIALIZED, SF_CONN_TAR
|
|
- MEDIUM: mux-h1: implement true zero-copy of DATA blocks
|
|
- MINOR: config: round up global.tune.bufsize to the next multiple of 2 void*
|
|
- BUG/MINOR: mux-h2: refrain from muxing during the preface
|
|
- BUG/MINOR: mux-h2: advertise a larger connection window size
|
|
- DOC: master CLI documentation in management.txt
|
|
- MINOR: mux-h2: avoid copying large blocks into full buffers
|
|
- MEDIUM: mux-h2: implement true zero-copy send of large HTX DATA blocks
|
|
- MINOR: mux-h2: force reads to be HTX-aligned in HTX mode
|
|
- MINOR: cli: change 'show proc' output of old processes
|
|
- BUG/MEDIUM: mux-h1: Fix the zero-copy on output for chunked messages
|
|
- BUG: dns: Prevent stack-exhaustion via recursion loop in dns_read_name
|
|
- BUG: dns: Prevent out-of-bounds read in dns_read_name()
|
|
- BUG: dns: Prevent out-of-bounds read in dns_validate_dns_response()
|
|
- BUG: dns: Fix out-of-bounds read via signedness error in dns_validate_dns_response()
|
|
- BUG: dns: Fix off-by-one write in dns_validate_dns_response()
|
|
- REGTEST: the cache regtest requires haproxy 1.9
|
|
- MEDIUM: cli: store CLI level in the appctx
|
|
- MEDIUM: cli: show and change CLI permissions
|
|
- CLEANUP: cli: use dedicated define instead of appctx ones
|
|
- MEDIUM: cli: handle CLI level from the master CLI
|
|
- BUG/MEDIUM: cli: handle correctly prefix and payload
|
|
- BUILD: Makefile: Implements the help target
|
|
- REGTESTS: adjust the http-rules regtest to support window updates
|
|
- BUG/MEDIUM: connections: Remove CS_FL_EOS | CS_FL_REOS on retry.
|
|
- BUG/MEDIUM: stream_interface: Don't report read0 if we were not connected.
|
|
- BUG/MEDIUM: connection: Just make sure we closed the fd on connection failure.
|
|
- MEDIUM: mux: Add an optional "reset" method.
|
|
- BUG/MEDIUM: mux-h1: Fix loop if server closes its connection with unparsed data
|
|
- MINOR: mux-h1: Add helper functions to wake a stream from recv or send
|
|
- BUG/MEDIUM: mux-h1: Wake the stream for send once the connection is established
|
|
- BUG/MEDIUM: connections: Don't attempt to reuse an unusable connection.
|
|
- MEDIUM: htx: Try to take a connection over if it has no owner.
|
|
- REGTEST: Reg testing improvements.
|
|
- REGTEST: Add a first test for health-checks.
|
|
- REGTEST: Reg test for "check" health-check option.
|
|
- REGTEST: level 1 health-check test 2.
|
|
- REGTEST: Add miscellaneous reg tests for health-checks.
|
|
- REGTEST: add a few HTTP messaging tests
|
|
- MINOR: lb: make the leastconn algorithm more accurate
|
|
- REGTEST: fix missing space in checks/s00001
|
|
- REGTEST: http-messaging: add "option http-buffer-request" for H2 tests
|
|
- BUG/MEDIUM: cache: fix random crash on filter parser's error path
|
|
- MINOR: connection: realign empty buffers in muxes, not transport layers
|
|
- MINOR: mux_h1/h2: simplify the zero-copy Rx alignment
|
|
- MINOR: backend: count the number of connect and reuse per server and per backend
|
|
- BUG/MINOR: stats: fix inversion of failed header rewrites and other statuses
|
|
- MINOR: tools: increase the number of ITOA strings to 16
|
|
- MINOR: cache: report the number of cache lookups and cache hits
|
|
- MEDIUM: tasks: check the global task mask instead of the thread number
|
|
- MINOR: mworker: set all_threads_mask and pid_bit to 1
|
|
- BUG/MINOR: proto_htx: Fix htx_res_set_status to also set the reason
|
|
- BUG/MINOR: stats: Parse post data for HTX streams
|
|
- MINOR: payload/htx: Adapt smp_fetch_len to be HTX aware
|
|
- MINOR: http_fecth: Implement body_len and body_size sample fetches for the HTX
|
|
- MAJOR: lua: Forbid calls to Channel functions for LUA scripts in HTTP proxies
|
|
- MEDIUM: lua/htx: Adapt functions of the HTTP to be compatible with HTX
|
|
- MINOR: lua/htx: Adapt the functions get_in_length and is_full to be HTX aware
|
|
- MAJOR: lua/htx: Adapt HTTP applets to support HTX messages
|
|
- MINOR: lua: Remove useless check on the messages state in HTTP functions
|
|
- BUG/MEDIUM: htx: When performing zero-copy, start from the right offset.
|
|
- BUG/MINOR: mworker: don't use unitialized mworker_proc struct
|
|
- MINOR: mworker/cli: indicate in the master prompt when a reload failed
|
|
- MINOR: cli: implements 'reload' on master CLI
|
|
- BUG/MEDIUM: log: Don't call sample_fetch_as_type if we don't have a stream.
|
|
- BUG/MEDIUM: mux-h1: make sure we always have at least one HTX block to send
|
|
- BUG/MAJOR: backend: only update server's counters when the server exists
|
|
- MINOR: tools: preset the port of fd-based "sockets" to zero
|
|
- BUG/MINOR: log: fix logging to both FD and IP
|
|
- REGTEST: Add a reg test for HTTP cookies.
|
|
- BUILD: ssl: Fix compilation without deprecated OpenSSL 1.1 APIs
|
|
- BUILD: thread: properly report multi-thread support
|
|
- BUG/MINOR: logs: leave startup-logs global and not per-thread
|
|
- BUG/MEDIUM: threads: don't close the thread waker pipe if not init
|
|
- BUG/MAJOR: compression/cache: Make it really works with these both filters
|
|
- BUG/MEDIUM: h2: Don't forget to destroy the h2s after deferred shut.
|
|
- MEDIUM: proxy: Set http-reuse safe as default.
|
|
- MEDIUM: servers: Add a command to limit the number of idling connections.
|
|
- MEDIUM: servers: Replace idle-timeout with pool-purge-delay.
|
|
- MEDIUM: mux: Destroy the stream before trying to add the conn to the idle list.
|
|
- MEDIUM: mux: provide the session to the init() and attach() method.
|
|
- MEDIUM: sessions: Don't keep an infinite number of idling connections.
|
|
- MEDIUM: servers: Be more agressive when adding H2 connection to idle lists.
|
|
- MEDIUM: mux_h2: Always set CS_FL_NOT_FIRST for new conn_streams.
|
|
- BUG/MEDIUM: htx/cache: use the correct class of error codes on abort
|
|
- BUG/MINOR: cache: also consider CF_SHUTR to abort delivery
|
|
- MINOR: pools: Cast to volatile int * instead of int *.
|
|
- MINOR: debug: make the ABORT_NOW macro use a volatile int
|
|
- BUG/MEDIUM: h2: Don't destroy the h2s if it still has a cs attached.
|
|
- BUG/MEDIUM: mux-h1: don't try to process an empty input buffer
|
|
- DOC: clarify the agent-check status line syntax
|
|
- BUG/MAJOR: hpack: fix length check for short names encoding
|
|
- DOC: split the README into README + INSTALL
|
|
|
|
2018/12/08 : 1.9-dev10
|
|
- MINOR: htx: Rename functions htx_*_to_str() to be H1 specific
|
|
- BUG/MINOR: htx: Force HTTP/1.1 on H1 formatting when version is 1.1 or above
|
|
- BUG/MINOR: fix ssl_fc_alpn and actually add ssl_bc_alpn
|
|
- BUG/MEDIUM: mworker: stop proxies which have no listener in the master
|
|
- BUG/MEDIUM: h1: Destroy a connection after detach if it has no owner.
|
|
- BUG/MEDIUM: h2: Don't forget to wake the tasklet after shutr/shutw.
|
|
- BUG/MINOR: flt_trace/compression: Use the right flag to add the HTX support
|
|
- BUG/MEDIUM: stream_interface: Make REALLY sure we read all the data.
|
|
- MEDIUM: mux-h1: Revamp the way subscriptions are handled.
|
|
- BUG/MEDIUM: mux-h1: Always set CS_FL_RCV_MORE when data are received in h1_recv()
|
|
- MINOR: mux-h1: Make sure to return 1 in h1_recv() when needed
|
|
- BUG/MEDIUM: mux-h1: Release the mux H1 in h1_process() if there is no h1s
|
|
- BUG/MINOR: proto_htx: Truncate the request when an error is detected
|
|
- BUG/MEDIUM: h2: When sending in HTX, make sure the caller knows we sent all.
|
|
- BUG/MEDIUM: mux-h2: properly update the window size in HTX mode
|
|
- BUG/MEDIUM: mux-h2: make sure to always report HTX EOM when consumed by headers
|
|
- BUG/MEDIUM: mux-h2: stop sending HTX once the mux is blocked
|
|
- BUG/MEDIUM: mux-h2: don't send more HTX data than requested
|
|
- MINOR: mux-h2: stop on non-DATA and non-EOM HTX blocks
|
|
- BUG/MEDIUM: h1: Correctly report used data with no len.
|
|
- MEDIUM: h1: Realign the ibuf before calling rcv_buf if needed.
|
|
- BUG/MEDIUM: mux_pt: Always set CS_FL_RCV_MORE.
|
|
- MINOR: htx: make htx_from_buf() adjust the size only on new buffers
|
|
- MINOR: htx: add buf_room_for_htx_data() to help optimize buffer transfers
|
|
- MEDIUM: mux-h1: make use of buf_room_for_htx_data() instead of b_room()
|
|
- MEDIUM: mux-h1: attempt to zero-copy Rx DATA transfers
|
|
- MEDIUM: mux-h1: avoid a double copy on the Tx path whenever possible
|
|
- BUG/MEDIUM: stream-int: don't mark as blocked an empty buffer on Rx
|
|
- BUG/MINOR: mux-h1: Check h1m flags to set the server conn_mode on request path
|
|
- MEDIUM: htx: Rework conversion from a buffer to an htx structure
|
|
- MEDIUM: channel/htx: Add functions for forward HTX data
|
|
- MINOR: mux-h1: Don't adjust anymore the amount of data sent in h1_snd_buf()
|
|
- CLEANUP: htx: Fix indentation here and there in HTX files
|
|
- MINOR: mux-h1: Allow partial data consumption during outgoing data processing
|
|
- BUG/MEDIUM: mux-h2: use the correct offset for the HTX start line
|
|
- BUG/MEDIUM: mux-h2: stop sending using HTX on errors
|
|
- MINOR: mux-h1: Drain obuf if the output is closed after sending data
|
|
- BUG/MEDIUM: mworker: stop every tasks in the master
|
|
- BUG/MEDIUM: htx: Set the right start-line offset after a defrag
|
|
- BUG/MEDIUM: stream: Don't dereference s->txn when it is not there yet.
|
|
- BUG/MEDIUM: connections: Reuse an already attached conn_stream.
|
|
- MINOR: stream-int: add a new blocking condition on the remote connection
|
|
- BUG/MEDIUM: stream-int: don't attempt to receive if the connection is not established
|
|
- BUG/MEDIUM: lua: block on remote connection establishment
|
|
- BUG/MEDIUM: mworker: fix several typos in mworker_cleantasks()
|
|
- SCRIPTS/REGTEST: merge grep+sed into sed in run-regtests
|
|
- BUG/MEDIUM: connections: Split CS_FL_RCV_MORE into 2 flags.
|
|
- BUG/MEDIUM: h1: Don't free the connection if it's an outgoing connection.
|
|
- BUG/MEDIUM: h1: Set CS_FL_REOS if we had a read0.
|
|
- BUG/MEDIUM: mux-h1: Be sure to have a conn_stream to set CS_FL_REOS in h1_recv
|
|
- REGTEST: Move LUA reg test 4 to level 1.
|
|
- MINOR: ist: add functions to copy/uppercase/lowercase into a buffer or string
|
|
- MEDIUM: ist: always turn header names to lower case
|
|
- MINOR: h2: don't turn HTX header names to lower case anymore
|
|
- MEDIUM: ist: use local conversion arrays to case conversion
|
|
- MINOR: htx: switch to case sensitive search of lower case header names
|
|
- MINOR: mux-h1: Set CS_FL_EOS when read0 is detected and no data are pending
|
|
- BUG/MINOR: stream-int: Process read0 even if no data was received in si_cs_recv
|
|
- REGTEST: fix the Lua test file name in test lua/h00002 :-)
|
|
- REGTEST: add a basic test for HTTP rules manipulating headers
|
|
- BUG/MEDIUM: sample: Don't treat SMP_T_METH as SMP_T_STR.
|
|
- MINOR: sample: add bc_http_major
|
|
- BUG/MEDIUM: htx: fix typo in htx_replace_stline() making it fail all the time
|
|
- REGTEST: make the HTTP rules test compatible with HTTP/2 as well
|
|
- BUG/MEDIUM: h2: Don't try to chunk data when using HTX.
|
|
- MINOR: compiler: add a new macro ALREADY_CHECKED()
|
|
- BUILD: h2: mark the start line already checked to avoid warnings
|
|
- BUG/MINOR: mux-h1: Remove the connection header when it is useless
|
|
|
|
2018/12/02 : 1.9-dev9
|
|
- BUILD/MINOR: ssl: fix build with non-alpn/non-npn libssl
|
|
- BUG/MINOR: mworker: Do not attempt to close(2) fd -1
|
|
- BUILD: compression: fix build error with DEFAULT_MAXZLIBMEM
|
|
- MINOR: compression: always create the compression pool
|
|
- BUG/MEDIUM: mworker: fix FD leak upon reload
|
|
- BUILD: htx: fix fprintf format inconsistency on 32-bit platforms
|
|
- BUILD: buffers: buf.h requires unistd to get ssize_t on libmusl
|
|
- MINOR: initcall: introduce a way to register init functions to call at boot
|
|
- MINOR: init: process all initcalls in order at boot time
|
|
- MEDIUM: init: convert all trivial registration calls to initcalls
|
|
- MINOR: thread: provide a set of lock initialisers
|
|
- MINOR: threads: add new macros to declare self-initializing locks
|
|
- MEDIUM: init: use self-initializing spinlocks and rwlocks
|
|
- MINOR: initcall: apply initcall to all register_build_opts() calls
|
|
- MINOR: initcall: use initcalls for most post_{check,deinit} and per_thread*
|
|
- MINOR: initcall: use initcalls for section parsers
|
|
- MINOR: memory: add a callback function to create a pool
|
|
- MEDIUM: init: use initcall for all fixed size pool creations
|
|
- MEDIUM: memory: use pool_destroy_all() to destroy all pools on deinit()
|
|
- MEDIUM: initcall: use initcalls for a few initialization functions
|
|
- MEDIUM: memory: make the pool cache an array and not a thread_local
|
|
- MINOR: ssl: free ctx when libssl doesn't support NPN
|
|
- BUG/MINOR: proto_htx: only mark connections private if NTLM is detected
|
|
- MINOR: h2: make struct h2_ops static
|
|
- BUG/MEDIUM: mworker: avoid leak of client socket
|
|
- REORG: mworker: declare master variable in global.h
|
|
- BUG/MEDIUM: listeners: CLOEXEC flag is not correctly set
|
|
- CLEANUP: http: Fix typo in init_http's comment
|
|
- BUILD: Makefile: Disable -Wcast-function-type if it exists.
|
|
- BUG/MEDIUM: h2: Don't bogusly error if the previous stream was closed.
|
|
- REGTEST/MINOR: script: add run-regtests.sh script
|
|
- REGTEST: Add a basic test for the cache.
|
|
- BUG/MEDIUM: mux_pt: Don't forget to unsubscribe() on attach.
|
|
- BUG/MINOR: ssl: ssl_sock_parse_clienthello ignores session id
|
|
- BUG/MEDIUM: connections: Wake the stream once the mux is chosen.
|
|
- BUG/MEDIUM: connections: Don't forget to detach the connection from the SI.
|
|
- BUG/MEDIUM: stream_interface: Don't check if the handshake is done.
|
|
- BUG/MEDIUM: stream_interface: Make sure we read all the data available.
|
|
- BUG/MEDIUM: h2: Call h2_process() if there's an error on the connection.
|
|
- REGTEST: Fix several issues.
|
|
- REGTEST: lua: check socket functionality from a lua-task
|
|
- BUG/MEDIUM: session: Remove the session from the session_list in session_free.
|
|
- BUG/MEDIUM: streams: Don't assume we have a CS in sess_update_st_con_tcp.
|
|
- BUG/MEDIUM: connections: Don't assume we have a mux in connect_server().
|
|
- BUG/MEDIUM: connections: Remove the connection from the idle list before destroy.
|
|
- BUG/MEDIUM: session: properly clean the outgoing connection before freeing.
|
|
- BUG/MEDIUM: mux_pt: Don't try to send if handshake is not done.
|
|
- MEDIUM: connections: Put H2 connections in the idle list if http-reuse always.
|
|
- MEDIUM: h2: Destroy a connection with no stream if it has no owner.
|
|
- MAJOR: sessions: Store multiple outgoing connections in the session.
|
|
- MEDIUM: session: Steal owner-less connections on end of transaction.
|
|
- MEDIUM: server: Be smarter about deciding to reuse the last server.
|
|
- BUG/MEDIUM: Special-case http_proxy when dealing with outgoing connections.
|
|
- BUG/MINOR: cfgparse: Fix transition between 2 sections with the same name
|
|
- BUG/MINOR: http: Use out buffer instead of trash to display error snapshot
|
|
- BUG/MINOR: htx: Fix block size calculation when a start-line is added/replaced
|
|
- BUG/MINOR: mux-h1: Fix processing of "Connection: " header on outgoing messages
|
|
- BUG/MEDIUM: mux-h1: Reset the H1 parser when an outgoing message is processed
|
|
- BUG/MINOR: proto_htx: Send outgoing data to client to start response processing
|
|
- BUG/MINOR: htx: Stop a header or a start line lookup on the first EOH or EOM
|
|
- BUG/MINOR: connection: report mux modes when HTX is supported
|
|
- MINOR: htx: add a function to cut the beginning of a DATA block
|
|
- MEDIUM: conn_stream: Add a way to get mux's info on a CS from the upper layer
|
|
- MINOR: mux-h1: Implement get_cs_info() callback
|
|
- MINOR: stream: Rely on CS's info if it exists and fallback on session's ones
|
|
- MINOR: proto_htx: Use conn_stream's info to set t_idle duration when possible
|
|
- MINOR: mux-h1: Don't rely on the stream anymore in h1_set_srv_conn_mode()
|
|
- MINOR: mux-h1: Write last chunk and trailers if not found in the HTX message
|
|
- MINOR: mux-h1: Be prepare to fail when EOM is added during trailers parsing
|
|
- MINOR: mux-h1: Subscribe to send in h1_snd_buf() when not all data have been sent
|
|
- MINOR: mux-h1: Consume channel's data in a loop in h1_snd_buf()
|
|
- MEDIUM: mux-h1: Add keep-alive outgoing connections in connections list
|
|
- MINOR: htx: Add function to add an HTX block just before another one
|
|
- MINOR: htx: Add function to iterate on an HTX message using HTX blocks
|
|
- MINOR: htx: Add a function to find the HTX block corresponding to a data offset
|
|
- MINOR: stats: Don't add end-of-data marker and trailers in the HTX response
|
|
- MEDIUM: htx: Change htx_sl to be a struct instead of an union
|
|
- MINOR: htx: Add the start-line offset for the HTX message in the HTX structure
|
|
- MEDIUM: htx: Don't rely on h1_sl anymore except during H1 header parsing
|
|
- MINOR: proto-htx: Use the start-line flags to set the HTTP messsage ones
|
|
- MINOR: htx: Add BODYLESS flags on the HTX start-line and the HTTP message
|
|
- MINOR: proto_htx: Use full HTX messages to send 100-Continue responses
|
|
- MINOR: proto_htx: Use full HTX messages to send 103-Early-Hints responses
|
|
- MINOR: proto_htx: Use full HTX messages to send 401 and 407 responses
|
|
- MINOR: proto_htx: Send valid HTX message when redir mode is enabled on a server
|
|
- MINOR: proto_htx: Send valid HTX message to send 30x responses
|
|
- MEDIUM: proto_htx: Convert all HTTP error messages into HTX
|
|
- MINOR: mux-h1: Process conn_mode on the EOH when no connection header is found
|
|
- MINOR: mux-h1: Change client conn_mode on an explicit close for the response
|
|
- MINOR: mux-h1: Capture bad H1 messages
|
|
- MAJOR: filters: Adapt filters API to be compatible with the HTX represenation
|
|
- MEDIUM: proto_htx/filters: Add data filtering during the forwarding
|
|
- MINOR: flt_trace: Adapt to be compatible with the HTX representation
|
|
- MEDIUM: compression: Adapt to be compatible with the HTX representation
|
|
- MINOR: h2: implement H2->HTX request header frame transcoding
|
|
- MEDIUM: mux-h2: register mux for both HTTP and HTX modes
|
|
- MEDIUM: mux-h2: make h2_rcv_buf() support HTX transfers
|
|
- MEDIUM: mux-h2: make h2_snd_buf() HTX-aware
|
|
- MEDIUM: mux-h2: add basic H2->HTX transcoding support for headers
|
|
- MEDIUM: mux-h2: implement emission of H2 headers frames from HTX blocks
|
|
- MEDIUM: mux-h2: implement the emission of DATA frames from HTX DATA blocks
|
|
- MEDIUM: mux-h2: support passing H2 DATA frames to HTX blocks
|
|
- BUG/MINOR: cfgparse: Fix the call to post parser of the last sections parsed
|
|
- BUG/MEDIUM: mux-h2: don't lose the first response header in HTX mode
|
|
- BUG/MEDIUM: mux-h2: remove the HTX EOM block on H2 response headers
|
|
- MINOR: listener: the mux_proto entry in the bind_conf is const
|
|
- MINOR: connection: create conn_get_best_mux_entry()
|
|
- MINOR: server: the mux_proto entry in the server is const
|
|
- MINOR: config: make sure to associate the proper mux to bind and servers
|
|
- MINOR: hpack: add ":path" to the list of common header fields
|
|
- MINOR: h2: add new functions to produce an HTX message from an H2 response
|
|
- MINOR: mux-h2: mention that the mux is compatible with both sides
|
|
- MINOR: mux-h2: implement an outgoing stream allocator : h2c_bck_stream_new()
|
|
- MEDIUM: mux-h2: start to create the outgoing mux
|
|
- MEDIUM: mux-h2: implement encoding of H2 request on the backend side
|
|
- MEDIUM: mux-h2: make h2_frt_decode_headers() direction-agnostic
|
|
- MEDIUM: mux-h2: make h2_process_demux() capable of processing responses as well
|
|
- MEDIUM: mux-h2: Implement h2_attach().
|
|
- MEDIUM: mux-h2: Don't bother flagging outgoing connections as TOOMANY.
|
|
- REGTEST: Fix LEVEL 4 script 0 of "connection" module.
|
|
- MINOR: connection: Fix a comment.
|
|
- MINOR: mux: add a "max_streams" method.
|
|
- MEDIUM: servers: Add a way to keep idle connections alive.
|
|
- CLEANUP: fix typos in the htx subsystem
|
|
- CLEANUP: Fix typo in the chunk headers file
|
|
- CLEANUP: Fix typos in the h1 subsystem
|
|
- CLEANUP: Fix typos in the h2 subsystem
|
|
- CLEANUP: Fix a typo in the mini-clist header
|
|
- CLEANUP: Fix a typo in the proto_htx subsystem
|
|
- CLEANUP: Fix typos in the proto_tcp subsystem
|
|
- CLEANUP: Fix a typo in the signal subsystem
|
|
- CLEANUP: Fix a typo in the session subsystem
|
|
- CLEANUP: Fix a typo in the queue subsystem
|
|
- CLEANUP: Fix typos in the shctx subsystem
|
|
- CLEANUP: Fix typos in the socket pair protocol subsystem
|
|
- CLEANUP: Fix typos in the map management functions
|
|
- CLEANUP: Fix typo in the fwrr subsystem
|
|
- CLEANUP: Fix typos in the cli subsystem
|
|
- CLEANUP: Fix typo in the 51d subsystem
|
|
- CLEANUP: Fix a typo in the base64 subsystem
|
|
- CLEANUP: Fix a typo in the connection subsystem
|
|
- CLEANUP: Fix a typo in the protocol header file
|
|
- CLEANUP: Fix a typo in the checks header file
|
|
- CLEANUP: Fix typos in the file descriptor subsystem
|
|
- CLEANUP: Fix a typo in the listener subsystem
|
|
- BUG/MINOR: lb-map: fix unprotected update to server's score
|
|
- BUILD: threads: fix minor build warnings when threads are disabled
|
|
|
|
2018/11/25 : 1.9-dev8
|
|
- REORG: config: extract the global section parser into cfgparse-global
|
|
- REORG: config: extract the proxy parser into cfgparse-listen.c
|
|
- BUILD: update the list of supported targets and compilers in makefile and readme
|
|
- BUILD: reorder the objects in the makefile
|
|
- BUILD: Makefile: make "V=1" show some of the commands that are executed
|
|
- BUILD: Makefile: add the quiet mode to a few more targets
|
|
- BUILD: Makefile: add "$(Q)" to clean, tags and cscope targets
|
|
- BUILD: Makefile: switch to quiet mode by default for CC/LD/AR
|
|
- MINOR: cli: format `show proc` to be more readable
|
|
- MINOR: cli: displays uptime in `show proc`
|
|
- MINOR: cli: show master information in 'show proc'
|
|
- BUG/MEDIUM: hpack: fix encoding of "accept-ranges" field
|
|
- MAJOR: mux-h1: Remove the rxbuf and decode HTTP messages in channel's buffer
|
|
- BUG/MINOR: mux-h1: Enable keep-alive on server side
|
|
- BUG/MEDIUM: mux-h1: Fix freeze when the kernel splicing is used
|
|
- BUG/MEDIUM: mux-h1: Don't set the flag CS_FL_RCV_MORE when nothing was parsed
|
|
- BUG/MINOR: stats/htx: Remove channel's output when the request is eaten
|
|
- BUG/MINOR: proto_htx: Fix request/response synchronisation on error
|
|
- MINOR: stream-int: Notify caller when an error is reported after a rcv_pipe()
|
|
- MINOR: stream-int: Notify caller when an error is reported after a rcv_buf()
|
|
- BUG/MINOR: stream-int: Don't call snd_buf() if there are still data in the pipe
|
|
- MINOR: stream-int: remove useless checks on CS and conn flags in si_cs_send()
|
|
- BUG/MINOR: config: Be aware of the HTX during the check of mux protocols
|
|
- BUG/MINOR: mux-htx: Fix bad test on h1c flags in h1_recv_allowed()
|
|
- MEDIUM: mworker: wait mode use standard init code path
|
|
- MINOR: log: introduce ha_notice()
|
|
- MINOR: mworker: use ha_notice to announce a new worker
|
|
- BUG/MEDIUM: http_fetch: Make sure name is initialized before http_find_header.
|
|
- MINOR: cli: add mworker_accept_wrapper to 'show fd'
|
|
- MEDIUM: signal: signal_unregister() removes every handlers
|
|
- BUG/MEDIUM: mworker: unregister the signals of main()
|
|
- MINOR: cli: add a few missing includes in proto/cli.h
|
|
- REORG: time/activity: move activity measurements to activity.{c,h}
|
|
- MINOR: activity: report the average loop time in "show activity"
|
|
- MINOR: activity: add configuration and CLI support for "profiling.tasks"
|
|
- MEDIUM: tasks: collect per-task CPU time and latency
|
|
- MINOR: sample: add cpu_calls, cpu_ns_avg, cpu_ns_tot, lat_ns_avg, lat_ns_tot
|
|
- MINOR: cli/activity: rename the stolen CPU time fields to mention milliseconds
|
|
- BUG/MINOR: cli: Fix memory leak
|
|
- BUG/MINOR: mworker: fix FD leak and memory leak in error path
|
|
- MINOR: poller: move the call of tv_update_date() back to the pollers
|
|
- MINOR: polling: add an option to support busy polling
|
|
- MINOR: server: Add "alpn" and "npn" keywords.
|
|
- MEDIUM: connection: Don't bother reactivating polling after connection retry.
|
|
- MAJOR: connections: Defer mux creation for outgoing connection if alpn is set.
|
|
- MEDIUM: ssl: Add ssl_bc_alpn and ssl_bc_npn sample fetches.
|
|
- MINOR: servers: Free [idle|safe|priv]_conns on exit.
|
|
- REGTEST: add the option to test only a specific set of files
|
|
- REGTEST: add a test for connections to a "dispatch" address
|
|
- BUG/MEDIUM: connections: Don't reset the conn flags in *connect_server().
|
|
- MINOR: server: Only defined conn_complete_server if USE_OPENSSL is set.
|
|
- BUG/MEDIUM: servers: Don't check if we have a conn_stream too soon.
|
|
- BUG/MEDIUM: sessions: Set sess->origin to NULL if the origin was destroyed.
|
|
- MEDIUM: servers: Store the connection in the SI until we have a mux.
|
|
- BUG/MEDIUM: h2: wake the processing task up after demuxing
|
|
- BUG/MEDIUM: h2: restart demuxing after releasing buffer space
|
|
|
|
2018/11/18 : 1.9-dev7
|
|
- BUILD: cache: fix a build warning regarding too large an integer for the age
|
|
- CLEANUP: fix typos in the comments of the Makefile
|
|
- CLEANUP: fix a typo in a comment for the contrib/halog subsystem
|
|
- CLEANUP: fix typos in comments for the contrib/modsecurity subsystem
|
|
- CLEANUP: fix typos in comments for contrib/spoa_example
|
|
- CLEANUP: fix typos in comments for contrib/wireshark-dissectors
|
|
- DOC: Fix typos in README and CONTRIBUTING
|
|
- MINOR: log: slightly improve error message syntax on log failure
|
|
- DOC: logs: the format directive was missing from the second log part
|
|
- MINOR: log: report the number of dropped logs in the stats
|
|
- MEDIUM: log: add support for logging to existing file descriptors
|
|
- MEDIUM: log: support a new "short" format
|
|
- MEDIUM: log: add a new "raw" format
|
|
- BUG/MEDIUM: stream-int: change the way buffer room is requested by a stream-int
|
|
- BUG/MEDIUM: stream-int: convert some co_data() checks to channel_is_empty()
|
|
- MINOR: namespaces: don't build namespace.c if disabled
|
|
- BUILD/MEDIUM: threads/affinity: DragonFly build fix
|
|
- MINOR: http: Add new "early-hint" http-request action.
|
|
- MINOR: http: Make new "early-hint" http-request action really be parsed.
|
|
- MINOR: http: Implement "early-hint" http request rules.
|
|
- MINOR: doc: Add information about "early-hint" http-request action.
|
|
- DOC: early-hints: fix truncated line.
|
|
- MINOR: mworker: only close std{in,out,err} in daemon mode
|
|
- BUG/MEDIUM: log: don't CLOEXEC the inherited FDs
|
|
- BUG/MEDIUM: Make sure stksess is properly aligned.
|
|
- BUG/MEDIUM: stream-int: make failed splice_in always subscribe to recv
|
|
- BUG/MEDIUM: stream-int: clear CO_FL_WAIT_ROOM after splicing data in
|
|
- BUG/MINOR: stream-int: make sure not to go through the rcv_buf path after splice()
|
|
- CONTRIB: debug: fix build related to conn_stream flags change
|
|
- REGTEST: fix scripts 1 and 3 to accept development version
|
|
- BUG/MINOR: http_fetch: Remove the version part when capturing the request uri
|
|
- MINOR: http: Regroup return statements of http_req_get_intercept_rule at the end
|
|
- MINOR: http: Regroup return statements of http_res_get_intercept_rule at the end
|
|
- BUG/MINOR: http: Be sure to sent fully formed HTTP 103 responses
|
|
- MEDIUM: jobs: support unstoppable jobs for soft stop
|
|
- MEDIUM: listeners: support unstoppable listener
|
|
- MEDIUM: cli: worker socketpair is unstoppable
|
|
- BUG/MINOR: stream-int: set SI_FL_WANT_PUT in sess_establish()
|
|
- MINOR: stream: move the conn_stream specific calls to the stream-int
|
|
- BUG/MINOR: config: Copy default error messages when parsing of a backend starts
|
|
- CLEANUP: h2: minimum documentation for recent API changes
|
|
- MINOR: mux: implement a get_first_cs() method
|
|
- MINOR: stream-int: make conn_si_send_proxy() use cs_get_first()
|
|
- MINOR: stream-int: relax the forwarding rules in stream_int_notify()
|
|
- MINOR: stream-int: expand the flags to 32-bit
|
|
- MINOR: stream-int: rename SI_FL_WAIT_ROOM to SI_FL_RXBLK_ROOM
|
|
- MINOR: stream-int: introduce new SI_FL_RXBLK flags
|
|
- MINOR: stream-int: add new functions si_{rx,tx}_{blocked,endp_ready}()
|
|
- MINOR: stream-int: replace SI_FL_WANT_PUT with !SI_FL_RX_WAIT_EP
|
|
- MINOR: stream-int: use si_rx_blocked()/si_tx_blocked() to check readiness
|
|
- MEDIUM: stream-int: use si_rx_buff_{rdy,blk} to report buffer readiness
|
|
- MINOR: stream-int: replace si_{want,stop}_put() with si_rx_endp_{more,done}()
|
|
- MEDIUM: stream-int: update the endp polling status only at the end of si_cs_recv()
|
|
- MINOR: stream-int: make si_sync_recv() simply check ENDP before si_cs_recv()
|
|
- MINOR: stream-int: automatically mark applets as ready if they block on the channel
|
|
- MEDIUM: stream-int: fix the si_cant_put() calls used for end point readiness
|
|
- MEDIUM: stream-int: fix the si_cant_put() calls used for buffer readiness
|
|
- MEDIUM: stream-int: use si_rx_shut_blk() to indicate the SI is closed
|
|
- MEDIUM: stream-int: unconditionally call si_chk_rcv() in update and notify
|
|
- MEDIUM: stream-int: make use of si_rx_chan_{rdy,blk} to control the stream-int from the channel
|
|
- MINOR: stream-int: replace si_cant_put() with si_rx_room_{blk,rdy}()
|
|
- MEDIUM: connections: Wait until the connection is established to try to recv.
|
|
- MEDIUM: mux: Teach the mux_pt how to deal with idle connections.
|
|
- MINOR: mux: Add a new "avail_streams" method.
|
|
- MINOR: mux: Add a destroy() method.
|
|
- MINOR: sessions: Start to store the outgoing connection in sessions.
|
|
- MAJOR: connections: Detach connections from streams.
|
|
- MINOR: conn_stream: Add a flag to notify the mux it should flush its buffers
|
|
- MINOR: htx: Add proto_htx.c file
|
|
- MINOR: conn_stream: Add a flag to notify the mux it must respect the reserve
|
|
- MINOR: http: Add standalone functions to parse a start-line or a header
|
|
- MINOR: http: Call http_send_name_header with the stream instead of the txn
|
|
- MINOR: conn_stream: Add a flag to notify the SI some data were received
|
|
- MINOR: http: Add macros to check if a stream uses the HTX representation
|
|
- MEDIUM: proto_htx: Add HTX analyzers and use it when the mux H1 is used
|
|
- MEDIUM: mux-h1: Add dummy mux to handle HTTP/1.1 connections
|
|
- MEDIUM: mux-h1: Add parsing of incoming and ougoing HTTP messages
|
|
- MAJOR: mux-h1/proto_htx: Handle keep-alive connections in the mux
|
|
- MEDIUM: mux-h1: Add support of the kernel TCP splicing to forward data
|
|
- MEDIUM: htx: Add API to deal with the internal representation of HTTP messages
|
|
- MINOR: http_htx: Add functions to manipulate HTX messages in http_htx.c
|
|
- MINOR: proto_htx: Add some functions to handle HTX messages
|
|
- MAJOR: mux-h1/proto_htx: Switch mux-h1 and HTX analyzers on the HTX representation
|
|
- MINOR: http_htx: Add functions to replace part of the start-line
|
|
- MINOR: http_htx: Add functions to retrieve a specific occurrence of a header
|
|
- MINOR: proto_htx: Rewrite htx_apply_redirect_rule to handle HTX messages
|
|
- MINOR: proto_htx: Add the internal function htx_del_hdr_value
|
|
- MINOR: proto_htx: Add the internal function htx_fmt_res_line
|
|
- MINOR: proto_htx: Add functions htx_transform_header and htx_transform_header_str
|
|
- MINOR: proto_htx: Add functions htx_req_replace_stline and htx_res_set_status
|
|
- MINOR: proto_htx: Add function to build and send HTTP 103 responses
|
|
- MINOR: proto_htx: Add functions htx_req_get_intercept_rule and htx_res_get_intercept_rule
|
|
- MINOR: proto_htx: Add functions to apply req* and rsp* rules on HTX messages
|
|
- MINOR: proto_htx: Add functions to manage cookies on HTX messages
|
|
- MINOR: proto_htx: Add functions to check the cacheability of HTX messages
|
|
- MINOR: proto_htx: Add functions htx_send_name_header
|
|
- MINOR: proto_htx: Add functions htx_perform_server_redirect
|
|
- MINOR: proto_htx: Add functions to handle the stats applet
|
|
- MEDIUM: proto_htx: Adapt htx_process_req_common to handle HTX messages
|
|
- MEDIUM: proto_htx: Adapt htx_process_request to handle HTX messages
|
|
- MINOR: proto_htx: Adapt htx_process_tarpit to handle HTX messages
|
|
- MEDIUM: proto_htx: Adapt htx_wait_for_request_body to handle HTX messages
|
|
- MEDIUM: proto_htx: Adapt htx_process_res_common to handle HTX messages
|
|
- MINOR: http_fetch: Add smp_prefetch_htx
|
|
- MEDIUM: http_fetch: Adapt all fetches to handle HTX messages
|
|
- MEDIUM: mux-h1: Wait for connection establishment before consuming channel's data
|
|
- MINOR: stats/htx: Adapt the stats applet to handle HTX messages
|
|
- MINOR: stream: Don't reset sov value with HTX messages
|
|
- MEDIUM: mux-h1: Handle errors and timeouts in the stream
|
|
- MINOR: filters/htx: Forbid filters when the HTX is enabled on a proxy
|
|
- MINOR: lua/htx: Forbid lua usage when the HTX is enabled on a proxy
|
|
- CLEANUP: Fix some typos in the haproxy subsystem
|
|
- CLEANUP: Fix typos in the dns subsystem
|
|
- CLEANUP: Fix typos in the pattern subsystem
|
|
- CLEANUP: fix 2 typos in the xxhash subsystem
|
|
- CLEANUP: fix a few typos in the comments of the server subsystem
|
|
- CLEANUP: fix a misspell in tests/filltab25.c
|
|
- CLEANUP: fix a typo found in the stream subsystem
|
|
- CLEANUP: fix typos in comments in ebtree
|
|
- CLEANUP: fix typos in reg-tests
|
|
- CLEANUP: fix typos in the comments of the vars subsystem
|
|
- CLEANUP: fix typos in the hlua_fcn subsystem
|
|
- CLEANUP: fix typos in the proto_http subsystem
|
|
- CLEANUP: fix typos in the proxy subsystem
|
|
- CLEANUP: fix typos in the ssl_sock subsystem
|
|
- DOC: Fix typos in different subsections of the documentation
|
|
- DOC: fix a few typos in the documentation
|
|
- MINOR: Fix an error message thrown when we run out of memory
|
|
- MINOR: Fix typos in error messages in the proxy subsystem
|
|
- MINOR: fix typos in the examples files
|
|
- CLEANUP: Fix a typo in the stats subsystem
|
|
- CLEANUP: Fix typos in the acl subsystem
|
|
- CLEANUP: Fix typos in the cache subsystem
|
|
- CLEANUP: Fix typos in the cfgparse subsystem
|
|
- CLEANUP: Fix typos in the filters subsystem
|
|
- CLEANUP: Fix typos in the http subsystem
|
|
- CLEANUP: Fix typos in the log subsystem
|
|
- CLEANUP: Fix typos in the peers subsystem
|
|
- CLEANUP: Fix typos in the regex subsystem
|
|
- CLEANUP: Fix typos in the sample subsystem
|
|
- CLEANUP: Fix typos in the spoe subsystem
|
|
- CLEANUP: Fix typos in the standard subsystem
|
|
- CLEANUP: Fix typos in the stick_table subsystem
|
|
- CLEANUP: Fix typos in the task subsystem
|
|
- MINOR: Fix typo in error message in the standard subsystem
|
|
- CLEANUP: fix typos in the comments of hlua
|
|
- MINOR: Fix typo in the error 500 output of hlua
|
|
- MINOR: Fix a typo in a warning message in the spoe subsystem
|
|
|
|
2018/11/11 : 1.9-dev6
|
|
- BUG/MEDIUM: tools: fix direction of my_ffsl()
|
|
- BUG/MINOR: cli: forward the whole command on master CLI
|
|
- BUG/MEDIUM: auth/threads: use of crypt() is not thread-safe
|
|
- MINOR: compat: automatically detect support for crypt_r()
|
|
- MEDIUM: auth/threads: make use of crypt_r() on systems supporting it
|
|
- DOC: split the http-request actions in their own section
|
|
- DOC: split the http-response actions in their own section
|
|
- BUG/MAJOR: stream-int: don't call si_cs_recv() in stream_int_chk_rcv_conn()
|
|
- BUG/MINOR: tasks: make sure wakeup events are properly reported to subscribers
|
|
- MINOR: stats: report the number of active jobs and listeners in "show info"
|
|
- MINOR: stats: report the number of active peers in "show info"
|
|
- MINOR: stats: report the number of currently connected peers
|
|
- MINOR: cli: show the number of reload in 'show proc'
|
|
- MINOR: cli: can't connect to the target CLI
|
|
- MEDIUM: mworker: does not create the CLI proxy when no listener
|
|
- MINOR: mworker: displays more information when leaving
|
|
- MEDIUM: mworker: exit with the incriminated exit code
|
|
- MINOR: mworker: displays a message when a worker is forked
|
|
- MEDIUM: mworker: leave when the master die
|
|
- CLEANUP: stream-int: retro-document si_cs_io_cb()
|
|
- BUG/MEDIUM: mworker: does not abort() in mworker_pipe_register()
|
|
- BUG/MEDIUM: stream-int: don't wake up for nothing during SI_ST_CON
|
|
- BUG/MEDIUM: cli: crash when trying to access a worker
|
|
- DOC: restore note about "independant" typo
|
|
- MEDIUM: stream: implement stream_buf_available()
|
|
- MEDIUM: appctx: check for allocation attempts in buffer allocation callbacks
|
|
- MINOR: stream-int: rename si_applet_{want|stop|cant}_{get|put}
|
|
- MINOR: stream-int: add si_done_{get,put} to indicate that we won't do it anymore
|
|
- MINOR: stream-int: use si_cant_put() instead of setting SI_FL_WAIT_ROOM
|
|
- MINOR: stream-int: make use of si_done_{get,put}() in shut{w,r}
|
|
- MINOR: stream-int: make it clear that si_ops cannot be null
|
|
- MEDIUM: stream-int: temporarily make si_chk_rcv() take care of SI_FL_WAIT_ROOM
|
|
- MINOR: stream-int: factor the SI_ST_EST state test into si_chk_rcv()
|
|
- MEDIUM: stream-int: make SI_FL_WANT_PUT reflect CF_DONT_READ
|
|
- MEDIUM: stream-int: always call si_chk_rcv() when we make room in the buffer
|
|
- MEDIUM: stream-int: make si_chk_rcv() check that SI_FL_WAIT_ROOM is cleared
|
|
- MINOR: stream-int: replace si_update() with si_update_both()
|
|
- MEDIUM: stream-int: make stream_int_update() aware of the lower layers
|
|
- CLEANUP: stream-int: remove the now unused si->update() function
|
|
- MEDIUM: stream-int: Rely only on SI_FL_WAIT_ROOM to stop data receipt
|
|
- MEDIUM: stream-int: Try to read data even if channel's buffer seems to be full
|
|
- BUG/MINOR: config: better detect the presence of the h2 pattern in npn/alpn
|
|
|
|
2018/10/28 : 1.9-dev5
|
|
- BUILD: Makefile: add the new ERR variable to force -Werror
|
|
- MINOR: freq_ctr: add swrate_add_scaled() to work with large samples
|
|
- MINOR: stream_interface: Avoid calling si_cs_send/recv if not needed.
|
|
- CLEANUP: http: Remove the unused function http_find_header
|
|
- MINOR: h1: Export some functions parsing the value of some HTTP headers
|
|
- BUG/MEDIUM: stream-int: don't set SI_FL_WAIT_ROOM on CF_READ_DONTWAIT
|
|
- MINOR: proxy: add a new option "http-use-htx"
|
|
- BUG/MEDIUM: pools: fix the minimum allocation size
|
|
- MINOR: shctx: Shared objects block by block allocation.
|
|
- MINOR: cache: Larger HTTP objects caching.
|
|
- MINOR: shctx: Add a maximum object size parameter.
|
|
- MINOR: cache: Add "max-object-size" option.
|
|
- DOC: Update about the cache support for big objects.
|
|
- BUG/MINOR: cache: Crashes with "total-max-size" > 2047(MB).
|
|
- BUG/MINOR: cache: Wrong usage of shctx_init().
|
|
- BUG/MINOR: ssl: Wrong usage of shctx_init().
|
|
- MINOR: cache: Avoid usage of atoi() when parsing "max-object-size".
|
|
- MINOR: shctx: Change max. object size type to unsigned int.
|
|
- DOC: cache: Missing information about "total-max-size" and "max-object-size"
|
|
- CLEANUP: tools: fix misleading comment above function LIM2A
|
|
- MEDIUM: channel: merge back flags CF_WRITE_PARTIAL and CF_WRITE_EVENT
|
|
- BUG/MINOR: only mark connections private if NTLM is detected
|
|
- BUG/MINOR: only auto-prefer last server if lb-alg is non-deterministic
|
|
- MINOR: stream: don't prune variables if the list is empty
|
|
- MINOR: stream-int: add si_alloc_ibuf() to ease input buffer allocation
|
|
- MEDIUM: stream-int: replace channel_alloc_buffer() with si_alloc_ibuf() everywhere
|
|
- MEDIUM: stream: always call si_cs_recv() after a failed buffer allocation
|
|
- MEDIUM: stream: don't try to send first in process_stream()
|
|
- MEDIUM: stream-int: make si_update() synchronize flag changes before the I/O
|
|
- MEDIUM: stream-int: call si_cs_process() in stream_int_update_conn
|
|
- MINOR: stream-int: don't needlessly call tasklet_wakeup() in stream_int_chk_snd_conn()
|
|
- MINOR: stream-int: make stream_int_notify() not wake the tasklet up
|
|
- MINOR: stream-int: don't needlessly call si_cs_send() in si_cs_process()
|
|
- MINOR: mworker: number of reload in the life of a worker
|
|
- MEDIUM: mworker: each worker socketpair is a CLI listener
|
|
- REORG: mworker: move struct mworker_proc to global.h
|
|
- MINOR: server: export new_server() function
|
|
- MEDIUM: mworker: move proc_list gen before proxies startup
|
|
- MEDIUM: mworker: add proc_list in global.h
|
|
- MEDIUM: mworker: proxy for the master CLI
|
|
- MEDIUM: mworker: create CLI listeners from argv[]
|
|
- MEDIUM: cli: disable some keywords in the master
|
|
- MEDIUM: mworker: find the server ptr using a CLI prefix
|
|
- MEDIUM: cli: 'show proc' displays processus
|
|
- MEDIUM: cli: implement 'mode cli' proxy analyzers
|
|
- MINOR: cli: displays sockpair@ in "show cli sockets"
|
|
- MEDIUM: cli: enable "show cli sockets" for the master
|
|
- MINOR: cli: put @master @<relative pid> @!<pid> in the help
|
|
- MEDIUM: listeners: set O_CLOEXEC on the accepted FDs
|
|
- MEDIUM: mworker: stop the master proxy in the workers
|
|
- MEDIUM: channel: reorder the channel analyzers for the cli
|
|
- MEDIUM: cli: write a prompt for the CLI proxy of the master
|
|
- MINOR: cli: helper to write an response message and close
|
|
- MINOR: cache: Add "Age" header.
|
|
- REGTEST: make the IP+port logging test more reliable
|
|
- BUG/MINOR: memory: make the thread-local cache allocator set the debugging link
|
|
- BUG/MAJOR: http: http_txn_get_path() may deference an inexisting buffer
|
|
- BUG/MINOR: backend: assign the wait list after the error check
|
|
|
|
2018/10/21 : 1.9-dev4
|
|
- BUILD: Allow configuration of pcre-config path
|
|
- DOC: clarify force-private-cache is an option
|
|
- BUG/MINOR: connection: avoid null pointer dereference in send-proxy-v2
|
|
- REORG: http: move the code to different files
|
|
- REORG: http: move HTTP rules parsing to http_rules.c
|
|
- CLEANUP: http: remove some leftovers from recent cleanups
|
|
- BUILD: Makefile: add a "make opts" target to simply show the build options
|
|
- BUILD: Makefile: speed up compiler options detection
|
|
- BUG/MINOR: backend: check that the mux installed properly
|
|
- BUG/MEDIUM: h2: check that the connection is still valid at the end of init()
|
|
- BUG/MEDIUM: h2: make h2_stream_new() return an error on memory allocation failure
|
|
- REGTEST/MINOR: compatibility: use unix@ instead of abns@ sockets
|
|
- MINOR: ssl: cleanup old openssl API call
|
|
- MINOR: ssl: generate-certificates for BoringSSL
|
|
- BUG/MEDIUM: buffers: Make sure we don't wrap in ci_insert_line2/b_rep_blk.
|
|
- MEDIUM: ssl: add support for ciphersuites option for TLSv1.3
|
|
- CLEANUP: haproxy: Remove unused variable
|
|
- CLEANUP: h1: Fix debug warnings for h1 headers
|
|
- CLEANUP: stick-tables: Remove unneeded double (()) around conditional clause
|
|
- MEDIUM: task: perform a single tree lookup per run queue batch
|
|
- BUG/MEDIUM: Cur/CumSslConns counters not threadsafe.
|
|
- BUG/MINOR: threads: move declaration of capabilities to config.h
|
|
- OPTIM: tools: optimize my_ffsl() for x86_64
|
|
- BUG/MINOR: h2: null-deref
|
|
- BUG/MINOR: checks: queues null-deref
|
|
- MINOR: connections: Introduce an unsubscribe method.
|
|
- MEDIUM: connections: Change struct wait_list to wait_event.
|
|
- BUG/MEDIUM: h2: Make sure we're not in the send list on flow control.
|
|
- BUG/MEDIUM: mworker: segfault receiving SIGUSR1 followed by SIGTERM.
|
|
- BUG/MEDIUM: stream: Make sure to unsubscribe before si_release_endpoint.
|
|
- MINOR: http: Move comment about some HTTP macros in the right header file
|
|
- MINOR: stats: Add missing include
|
|
- MINOR: http: Export some functions and do cleanup to prepare HTTP refactoring
|
|
- MEDIUM: http: Ignore http-pretend-keepalive option on frontend
|
|
- MEDIUM: http: Ignore http-tunnel option on backend
|
|
- MINOR: http: Use same flag for httpclose and forceclose options
|
|
- MINOR: h1: Add EOH marker during headers parsing
|
|
- MINOR: conn-stream: Add CL_FL_NOT_FIRST flag
|
|
- MINOR: h1: Change the union h1_sl to use indirect strings to store infos
|
|
- MINOR: h1: Add the flag H1_MF_NO_PHDR to not add pseudo-headers during parsing
|
|
- MINOR: log: make sess_log() support sess=NULL
|
|
- MINOR: chunk: add chunk_cpy() and chunk_cat()
|
|
- MEDIUM: h2: stop relying on H2_SS_IDLE / H2_SS_CLOSED
|
|
- CLEANUP: h2: rename h2c_snd_settings() to h2c_send_settings()
|
|
- MINOR: h2: don't try to send data before preface
|
|
- MINOR: h2: unify the mux init function
|
|
- MINOR: h2: retrieve the front proxy from the caller instead of the session
|
|
- MINOR: h2: split h2c_stream_new() into h2s_new() + h2c_frt_stream_new()
|
|
- MINOR: h2: add a new flag to quickly distinguish front vs back connection
|
|
- BUG/MEDIUM: mworker: don't poll on LI_O_INHERITED listeners
|
|
- BUG/MEDIUM: stream: don't crash on out-of-memory
|
|
- BUILD: compiler: add a new statement "__unreachable()"
|
|
- BUILD: lua: silence some compiler warnings about potential null derefs
|
|
- BUILD: ssl: fix null-deref warning in ssl_fc_cipherlist_str sample fetch
|
|
- BUILD: ssl: fix another null-deref warning in ssl_sock_switchctx_cbk()
|
|
- BUILD: stick-table: make sure not to fail on task_new() during initialization
|
|
- BUILD: peers: check allocation error during peers_init_sync()
|
|
- MINOR: tools: add a new function atleast2() to test masks for more than 1 bit
|
|
- MINOR: config: use atleast2() instead of my_popcountl() where relevant
|
|
- MEDIUM: fd/threads: only grab the fd's lock if the FD has more than one thread
|
|
- MAJOR: tasks: create per-thread wait queues
|
|
- OPTIM: tasks: group all tree roots per cache line
|
|
- DOC: Fix a few typos
|
|
- MINOR: pools: allocate most memory pools from an array
|
|
- MINOR: pools: split pool_free() in the lockfree variant
|
|
- MEDIUM: pools: implement a thread-local cache for pool entries
|
|
- BUG/MEDIUM: threads: fix thread_release() at the end of the rendez-vous point
|
|
- Revert "BUILD: lua: silence some compiler warnings about potential null derefs"
|
|
- BUILD: lua: silence some compiler warnings about potential null derefs (#2)
|
|
- MINOR: lua: all functions calling lua_yieldk() may return
|
|
- BUILD: lua: silence some compiler warnings after WILL_LJMP
|
|
- BUILD: Makefile: silence an option conflict warning with clang
|
|
- MINOR: server: Use memcpy() instead of strncpy().
|
|
- CLEANUP: state-file: make the path concatenation code a bit more consistent
|
|
- MINOR: build: Disable -Wstringop-overflow.
|
|
- MINOR: cfgparse: Write 130 as 128 as 0x82 and 0x80.
|
|
- MINOR: peers: use defines instead of enums to appease clang.
|
|
- DOC: fix reference to map files in MAINTAINERS
|
|
- MINOR: fd: centralize poll timeout computation in compute_poll_timeout()
|
|
- MINOR: poller: move time and date computation out of the pollers
|
|
- BUILD: memory: fix pointer declaration for atomic CAS
|
|
- BUILD: Makefile: add USE_RT to pass -lrt for clock_gettime() and friends
|
|
- MINOR: time: add now_mono_time() and now_cpu_time()
|
|
- MEDIUM: time: measure the time stolen by other threads
|
|
- BUILD: memory: fix free_list pointer declaration again for atomic CAS
|
|
- BUILD: compiler: rename __unreachable() to my_unreachable()
|
|
- BUG/MEDIUM: pools: Fix the usage of mmap()) with DEBUG_UAF.
|
|
- BUILD: memory: fix free_list pointer declaration again for atomic CAS
|
|
- BUG/MEDIUM: h2: Close connection if no stream is left an GOAWAY was sent.
|
|
- BUG/MEDIUM: connections: Remove subscription if going in idle mode.
|
|
- BUG/MEDIUM: stream: Make sure polling is right on retry.
|
|
- MINOR: h2: Make sure to return 1 in h2_recv() when needed.
|
|
- MEDIUM: connections: Don't directly mess with the polling from the upper layers.
|
|
- MINOR: streams: Call tasklet_free() after si_release_endpoint().
|
|
- MINOR: connection: Add a SUB_CALL_UNSUBSCRIBE event.
|
|
- MINOR: h2: Don't run tasks that are waiting to send if mux in full.
|
|
- MINOR: ebtree: save 8 bytes in struct eb32sc_node
|
|
|
|
2018/09/29 : 1.9-dev3
|
|
- BUG/MINOR: h1: don't consider the status for each header
|
|
- MINOR: h1: report in the h1m struct if the HTTP version is 1.1 or above
|
|
- MINOR: h1: parse the Connection header field
|
|
- DOC: Fix typos in lua documentation
|
|
- MINOR: h1: Add H1_MF_XFER_LEN flag
|
|
- MINOR: http: add http_hdr_del() to remove a header from a list
|
|
- MINOR: h1: add headers to the list after controls, not before
|
|
- MEDIUM: h1: better handle transfer-encoding vs content-length
|
|
- MEDIUM: h1: deduplicate the content-length header
|
|
- BUG/MEDIUM: patterns: fix possible double free when reloading a pattern list
|
|
- BUG/MEDIUM: h1: Really skip all updates when incomplete messages are parsed
|
|
- CLEANUP/CONTRIB: hpack: remove some h1 build warnings
|
|
- BUG/MINOR: tools: fix set_net_port() / set_host_port() on IPv4
|
|
- BUG/MINOR: cli: make sure the "getsock" command is only called on connections
|
|
- MINOR: stktable: provide an unchecked version of stktable_data_ptr()
|
|
- MINOR: stream-int: make si_appctx() never fail
|
|
- BUILD: ssl_sock: remove build warnings on potential null-derefs
|
|
- BUILD: stats: remove build warnings on potential null-derefs
|
|
- BUILD: stream: address null-deref build warnings at -Wextra
|
|
- BUILD: http: address a couple of null-deref warnings at -Wextra
|
|
- BUILD: log: silent build warnings due to unchecked __objt_{server,applet}
|
|
- BUILD: dns: fix null-deref build warning at -Wextra
|
|
- BUILD: checks: silence a null-deref build warning at -Wextra
|
|
- BUILD: connection: silence a couple of null-deref build warnings at -Wextra
|
|
- BUILD: backend: fix 3 build warnings related to null-deref at -Wextra
|
|
- BUILD: sockpair: silence a build warning at -Wextra
|
|
- BUILD: build with -Wextra and sort out certain warnings
|
|
- BUG/CRITICAL: hpack: fix improper sign check on the header index value
|
|
- BUG/MEDIUM: http: Don't parse chunked body if there is no input data
|
|
- DOC: Update configuration doc about the maximum number of stick counters.
|
|
- BUG/MEDIUM: process_stream: Don't use si_cs_io_cb() in process_stream().
|
|
- MINOR: h2/stream_interface: Reintroduce te wake() method.
|
|
- BUG/MEDIUM: h2: Wake the task instead of calling h2_recv()/h2_process().
|
|
- BUG/MEDIUM: process_stream(): Don't wake the task if no new data was received.
|
|
- MEDIUM: lua: Add stick table support for Lua.
|
|
|
|
2018/09/12 : 1.9-dev2
|
|
- BUG/MINOR: buffers: Fix b_slow_realign when a buffer is realign without output
|
|
- BUG/MEDIUM: threads: fix the no-thread case after the change to the sync point
|
|
- BUG/MEDIUM: servers: check the queues once enabling a server
|
|
- BUG/MEDIUM: queue: prevent a backup server from draining the proxy's connections
|
|
- MEDIUM: mux: Remove const on the buffer in mux->snd_buf()
|
|
- CLEANUP: backend: Move mux install to call it at only one place
|
|
- MINOR: conn_stream: add an tx buffer to the conn_stream
|
|
- MINOR: conn_stream: add cs_send() as a default snd_buf() function
|
|
- MINOR: backend: Try to find the best mux for outgoing connections
|
|
- MEDIUM: backend: don't rely on mux_pt_ops in connect_server()
|
|
- MINOR: mux: Add info about the supported side in alpn_mux_list structure
|
|
- MINOR: mux: Unlink ALPN and multiplexers to rather speak of mux protocols
|
|
- MINOR: mux: Print the list of existing mux protocols during HA startup
|
|
- MEDIUM: checks: use the new rendez-vous point to spread check result
|
|
- MEDIUM: haproxy: don't use sync_poll_loop() anymore in the main loop
|
|
- MINOR: threads: remove the previous synchronization point
|
|
- MAJOR: server: make server state changes synchronous again
|
|
- CLEANUP: server: remove the update list and the update lock
|
|
- BUG/MINOR: threads: Remove the unexisting lock label "UPDATED_SERVERS_LOCK"
|
|
- BUG/MEDIUM: stream_int: Don't check CO_FL_SOCK_RD_SH flag to trigger cs receive
|
|
- MINOR: mux: Change get_mux_proto to get an ist as parameter
|
|
- MINOR: mux: Improve the message with the list of existing mux protocols
|
|
- MINOR: mux/frontend: Add 'proto' keyword to force the mux protocol
|
|
- MINOR: mux/server: Add 'proto' keyword to force the multiplexer's protocol
|
|
- MEDIUM: mux: Use the mux protocol specified on bind/server lines
|
|
- BUG/MEDIUM: connection/mux: take care of serverless proxies
|
|
- MINOR: queue: make sure the pendconn is released before logging
|
|
- MINOR: stream: rename {srv,prx}_queue_size to *_queue_pos
|
|
- MINOR: queue: store the queue index in the stream when enqueuing
|
|
- MINOR: queue: replace the linked list with a tree
|
|
- MEDIUM: add set-priority-class and set-priority-offset
|
|
- MEDIUM: queue: adjust position based on priority-class and priority-offset
|
|
- DOC: update the roadmap about priority queues
|
|
- BUG/MINOR: ssl: empty connections reported as errors.
|
|
- MINOR: connections: Make rcv_buf mandatory and nuke cs_recv().
|
|
- MINOR: connections: Move rxbuf from the conn_stream to the h2s.
|
|
- MINOR: connections: Get rid of txbuf.
|
|
- MINOR: tasks: Allow tasklet_wakeup() to wakeup a task.
|
|
- MINOR: connections/mux: Add the wait reason(s) to wait_list.
|
|
- MINOR: stream_interface: Don't use si_cs_send() as a task handler.
|
|
- MINOR: stream_interface: Give stream_interface its own wait_list.
|
|
- MINOR: mux_h2: Don't use h2_send() as a callback.
|
|
- MINOR: checks: Add event_srv_chk_io().
|
|
- BUG/MEDIUM: tasks: Don't insert in the global rqueue if nbthread == 1
|
|
- BUG/MEDIUM: sessions: Don't use t->state.
|
|
- BUG/MEDIUM: ssl: fix missing error loading a keytype cert from a bundle.
|
|
- BUG/MEDIUM: ssl: loading dh param from certifile causes unpredictable error.
|
|
- BUG/MINOR: map: fix map_regm with backref
|
|
- DOC: dns: explain set server ... fqdn requires resolver
|
|
- DOC: add documentation for prio_class and prio_offset sample fetches.
|
|
- DOC: ssl: Use consistent naming for TLS protocols
|
|
- DOC: update the layering design notes
|
|
- MINOR: tasks: Don't special-case when nbthreads == 1
|
|
- MINOR: fd cache: And the thread_mask with all_threads_mask.
|
|
- BUG/MEDIUM: lua: socket timeouts are not applied
|
|
- BUG/MINOR: lua: fix extra 500ms added to socket timeouts
|
|
- BUG/MEDIUM: server: update our local state before propagating changes
|
|
- BUG/MEDIUM: cli/threads: protect all "proxy" commands against concurrent updates
|
|
- DOC: server/threads: document which functions need to be called with/without locks
|
|
- BUG/MEDIUM: cli/threads: protect some server commands against concurrent operations
|
|
- BUG/MEDIUM: streams: Don't forget to remove the si from the wait list.
|
|
- BUG/MEDIUM: tasklets: Add the thread as active when waking a tasklet.
|
|
- BUG/MEDIUM: stream-int: Check if the conn_stream exist in si_cs_io_cb.
|
|
- BUG/MEDIUM: H2: Activate polling after successful h2_snd_buf().
|
|
- BUG/MEDIUM: stream_interface: Call the wake callback after sending.
|
|
- BUG/MAJOR: queue/threads: make pendconn_redistribute not lock the server
|
|
- BUG/MEDIUM: connection: don't forget to always delete the list's head
|
|
- BUG/MEDIUM: lb/threads: always properly lock LB algorithms on maintenance operations
|
|
- BUG/MEDIUM: check/threads: do not involve the rendez-vous point for status updates
|
|
- BUG/MINOR: chunks: do not store -1 into chunk_printf() in case of error
|
|
- BUG/MEDIUM: http: don't store exp_replace() result in the trash's length
|
|
- BUG/MEDIUM: http: don't store url_decode() result in the samples's length
|
|
- BUG/MEDIUM: dns: don't store dns_build_query() result in the trash's length
|
|
- BUG/MEDIUM: map: don't store exp_replace() result in the trash's length
|
|
- BUG/MEDIUM: connection: don't store recv() result into trash.data
|
|
- BUG/MEDIUM: cli/ssl: don't store base64dec() result in the trash's length
|
|
- MINOR: chunk: remove impossible tests on negative chunk->data
|
|
- MINOR: sample: remove impossible tests on negative smp->data.u.str.data
|
|
- DOC: Fix spelling error in configuration doc
|
|
- REGTEST/MINOR: Missing mandatory "ignore_unknown_macro".
|
|
- REGTEST/MINOR: Add a new class of regression testing files.
|
|
- BUG/MEDIUM: unix: provide a ->drain() function
|
|
- MINOR: connection: make conn_sock_drain() work for all socket families
|
|
- BUG/MINOR: lua: Bad HTTP client request duration.
|
|
- REGEST/MINOR: Add reg testing files.
|
|
- BUG/MEDIUM: mux_pt: dereference the connection with care in mux_pt_wake()
|
|
- REGTEST/MINOR: Add a reg testing file for b406b87 commit.
|
|
- BUG/MEDIUM: lua: reset lua transaction between http requests
|
|
- MINOR: add be_conn_free sample fetch
|
|
- MINOR: Add srv_conn_free sample fetch
|
|
- BUG/MEDIUM: hlua: Make sure we drain the output buffer when done.
|
|
- MINOR: checks: Call wake_srv_chk() when we can finally send data.
|
|
- BUG/MEDIUM: stream_interface: try to call si_cs_send() earlier.
|
|
- BUG/MAJOR: thread: lua: Wrong SSL context initialization.
|
|
- REGTEST/MINOR: Add a reg testing file for 3e60b11.
|
|
- BUG/MEDIUM: hlua: Don't call RESET_SAFE_LJMP if SET_SAFE_LJMP returns 0.
|
|
- REGTEST/MINOR: lua: Add reg testing files for 70d318c.
|
|
- BUG/MEDIUM: dns/server: fix incomatibility between SRV resolution and server state file
|
|
- BUG/MEDIUM: ECC cert should work with TLS < v1.2 and openssl >= 1.1.1
|
|
- MINOR: tools: make date2str_log() take some consts
|
|
- MINOR: thread: implement HA_ATOMIC_XADD()
|
|
- BUG/MINOR: stream: use atomic increments for the request counter
|
|
- BUG/MEDIUM: session: fix reporting of handshake processing time in the logs
|
|
- BUG/MEDIUM: h2: fix risk of memory leak on malformated wrapped frames
|
|
- BUG/MAJOR: buffer: fix incorrect check in __b_putblk()
|
|
- MINOR: log: move the log code to sess_build_logline() to add extra arguments
|
|
- MINOR: log: make the backend fall back to the frontend when there's no stream
|
|
- MINOR: log: make sess_build_logline() not dereference a NULL stream for txn
|
|
- MINOR: log: don't unconditionally pick log info from s->logs
|
|
- CLEANUP: log: make the low_level lf_{ip,port,text,text_len} functions take consts
|
|
- MINOR: log: keep a copy of the backend connection early in sess_build_logline()
|
|
- MINOR: log: do not dereference a null stream to access captures
|
|
- MINOR: log: be sure not to dereference a null stream for a target
|
|
- MINOR: log: don't check the stream-int's conn_retries if the stream is NULL
|
|
- MINOR: log: use NULL for the unique_id if there is no stream
|
|
- MINOR: log: keep a copy of s->flags early to avoid a dereference
|
|
- MINOR: log: use zero as the request counter if there is no stream
|
|
- MEDIUM: log: make sess_build_logline() support being called with no stream
|
|
- MINOR: log: provide a function to emit a log for a session
|
|
- MEDIUM: h2: produce some logs on early errors that prevent streams from being created
|
|
- BUG/MINOR: h1: fix buffer shift after realignment
|
|
- MINOR: connection: make the initialization more consistent
|
|
- MINOR: connection: add new function conn_get_proxy()
|
|
- MINOR: connection: add new function conn_is_back()
|
|
- MINOR: log: One const should be enough.
|
|
- BUG/MINOR: dns: check and link servers' resolvers right after config parsing
|
|
- BUG/MINOR: http/threads: atomically increment the error snapshot ID
|
|
- MINOR: snapshot: restart on the event ID and not the stream ID
|
|
- MINOR: snapshot: split the error snapshots into common and proto-specific parts
|
|
- MEDIUM: snapshot: start to reorder the HTTP snapshot output a little bit
|
|
- MEDIUM: snapshot: implement a show() callback and use it for HTTP
|
|
- MINOR: proxy: add a new generic proxy_capture_error()
|
|
- MINOR: http: make the HTTP error capture rely on the generic proxy code
|
|
- MINOR: http: remove the pointer to the error snapshot in http_capture_bad_message()
|
|
- REORG: cli: move the "show errors" handler from http to proxy
|
|
- BUG/MEDIUM: snapshot: take the proxy's lock while dumping errors
|
|
- MEDIUM: snapshots: dynamically allocate the snapshots
|
|
- MEDIUM: snapshot: merge the captured data after the descriptor
|
|
- MEDIUM: mworker: remove register/unregister signal functions
|
|
- MEDIUM: mworker: use the haproxy poll loop
|
|
- BUG/MINOR: mworker: no need to stop peers for each proxy
|
|
- MINOR: mworker: mworker_cleanlisteners() delete the listeners
|
|
- MEDIUM: mworker: block SIGCHLD until the master is ready
|
|
- MEDIUM: mworker: never block SIG{TERM,INT} during reload
|
|
- MEDIUM: startup: unify signal init between daemon and mworker mode
|
|
- MINOR: mworker: don't deinit the poller fd when in wait mode
|
|
- MEDIUM: mworker: master wait mode use its own initialization
|
|
- MEDIUM: mworker: replace the master pipe by socketpairs
|
|
- MINOR: mworker: keep and clean the listeners
|
|
- MEDIUM: threads: close the thread-waker pipe during deinit
|
|
- MEDIUM: mworker: call per_thread deinit in mworker_reload()
|
|
- REORG: http: move the HTTP semantics definitions to http.h/http.c
|
|
- REORG: http: move http_get_path() to http.c
|
|
- REORG: http: move error codes production and processing to http.c
|
|
- REORG: http: move the log encoding tables to log.c
|
|
- REORG: http: move some header value processing functions to http.c
|
|
- BUG/MAJOR: kqueue: Don't reset the changes number by accident.
|
|
- MEDIUM: protocol: use a custom AF_MAX to help protocol parser
|
|
- MEDIUM: protocol: sockpair protocol
|
|
- TESTS: add a python wrapper for sockpair@
|
|
- BUG/MINOR: server: Crash when setting FQDN via CLI.
|
|
- BUG/MINOR: h2: report asynchronous end of stream on closed connections
|
|
- BUILD: fix build without thread
|
|
- BUG/MEDIUM: tasks: Don't forget to decrement task_list_size in tasklet_free().
|
|
- MEDIUM: connections: Don't reset the polling flags in conn_fd_handler().
|
|
- MEDIUM: connections/mux: Add a recv and a send+recv wait list.
|
|
- MEDIUM: connections: Get rid of the recv() method.
|
|
- MINOR: h2: Let user of h2_recv() and h2_send() know xfer has been done.
|
|
- MEDIUM: h2: always subscribe to receive if allowed.
|
|
- MEDIUM: h2: Don't use a wake() method anymore.
|
|
- MEDIUM: stream_interface: Make recv() subscribe when more data is needed.
|
|
- MINOR: connections: Add a "handle" field to wait_list.
|
|
- MEDIUM: mux_h2: Revamp the send path when blocking.
|
|
- MEDIUM: stream_interfaces: Starts receiving from the upper layers.
|
|
- MINOR: checks: Give checks their own wait_list.
|
|
- MINOR: conn_streams: Remove wait_list from conn_streams.
|
|
- REORG: h1: create a new h1m_state
|
|
- MINOR: h1: add the restart offsets into struct h1m
|
|
- MINOR: h1: remove the unused states from h1m_state
|
|
- MINOR: h1: provide a distinct init() function for request and response
|
|
- MINOR: h1: add a message flag to indicate that a message carries a response
|
|
- MINOR: h2: make sure h1m->err_pos field is correct on chunk error
|
|
- MINOR: h1: properly pre-initialize err_pos to -2
|
|
- MINOR: mux_h2: replace the req,res h1 messages with a single h1 message
|
|
- MINOR: h2: pre-initialize h1m->err_pos to -1 on the output path
|
|
- MEDIUM: h1: consider err_pos before deciding to accept a header name or not
|
|
- MEDIUM: h1: make the parser support a pointer to a start line
|
|
- MEDIUM: h1: let the caller pass the initial parser's state
|
|
- MINOR: h1: make the message parser support a null <hdr> argument
|
|
- MEDIUM: h1: support partial message parsing
|
|
- MEDIUM: h1: remove the useless H1_MSG_BODY state
|
|
- MINOR: h2: store the HTTP status into the H2S, not the H1M
|
|
- MINOR: h1: remove the HTTP status from the H1M struct
|
|
- MEDIUM: h1: implement the request parser as well
|
|
- MINOR: h1: add H1_MF_TOLOWER to decide when to turn header names to lower case
|
|
- MINOR: connection: pass the proxy when creating a connection
|
|
- BUG/MEDIUM: h2: Don't forget to empty the wait lists on destroy.
|
|
- BUG/MEDIUM: h2: Don't forget to set recv_wait_list to NULL in h2_detach.
|
|
- BUG/MAJOR: h2: reset the parser's state on mux buffer full
|
|
|
|
2018/08/02 : 1.9-dev1
|
|
- BUG/MEDIUM: kqueue: Don't bother closing the kqueue after fork.
|
|
- DOC: cache: update sections and fix some typos
|
|
- BUILD/MINOR: deviceatlas: enable thread support
|
|
- BUG/MEDIUM: tcp-check: Don't lock the server in tcpcheck_main
|
|
- BUG/MEDIUM: ssl: don't allocate shctx several time
|
|
- BUG/MEDIUM: cache: bad computation of the remaining size
|
|
- BUILD: checks: don't include server.h
|
|
- BUG/MEDIUM: stream: fix session leak on applet-initiated connections
|
|
- BUILD/MINOR: haproxy : FreeBSD/cpu affinity needs pthread_np header
|
|
- BUILD/MINOR: Makefile : enabling USE_CPU_AFFINITY
|
|
- BUG/MINOR: ssl: CO_FL_EARLY_DATA removal is managed by stream
|
|
- BUG/MEDIUM: threads/peers: decrement, not increment jobs on quitting
|
|
- BUG/MEDIUM: h2: don't report an error after parsing a 100-continue response
|
|
- BUG/MEDIUM: peers: fix some track counter rules dont register entries for sync.
|
|
- BUG/MAJOR: thread/peers: fix deadlock on peers sync.
|
|
- BUILD/MINOR: haproxy: compiling config cpu parsing handling when needed
|
|
- MINOR: config: report when "monitor fail" rules are misplaced
|
|
- BUG/MINOR: mworker: fix validity check for the pipe FDs
|
|
- BUG/MINOR: mworker: detach from tty when in daemon mode
|
|
- MINOR: threads: Fix pthread_setaffinity_np on FreeBSD.
|
|
- BUG/MAJOR: thread: Be sure to request a sync between threads only once at a time
|
|
- BUILD: Fix LDFLAGS vs. LIBS re linking order in various makefiles
|
|
- BUG/MEDIUM: checks: Be sure we have a mux if we created a cs.
|
|
- BUG/MINOR: hpack: fix debugging output of pseudo header names
|
|
- BUG/MINOR: hpack: must reject huffman literals padded with more than 7 bits
|
|
- BUG/MINOR: hpack: reject invalid header index
|
|
- BUG/MINOR: hpack: dynamic table size updates are only allowed before headers
|
|
- BUG/MAJOR: h2: correctly check the request length when building an H1 request
|
|
- BUG/MINOR: h2: immediately close if receiving GOAWAY after the last stream
|
|
- BUG/MINOR: h2: try to abort closed streams as soon as possible
|
|
- BUG/MINOR: h2: ":path" must not be empty
|
|
- BUG/MINOR: h2: fix a typo causing PING/ACK to be responded to
|
|
- BUG/MINOR: h2: the TE header if present may only contain trailers
|
|
- BUG/MEDIUM: h2: enforce the per-connection stream limit
|
|
- BUG/MINOR: h2: do not accept SETTINGS_ENABLE_PUSH other than 0 or 1
|
|
- BUG/MINOR: h2: reject incorrect stream dependencies on HEADERS frame
|
|
- BUG/MINOR: h2: properly check PRIORITY frames
|
|
- BUG/MINOR: h2: reject response pseudo-headers from requests
|
|
- BUG/MEDIUM: h2: remove connection-specific headers from request
|
|
- BUG/MEDIUM: h2: do not accept upper case letters in request header names
|
|
- BUG/MINOR: h2: use the H2_F_DATA_* macros for DATA frames
|
|
- BUG/MINOR: action: Don't check http capture rules when no id is defined
|
|
- BUG/MAJOR: hpack: don't pretend large headers fit in empty table
|
|
- BUG/MINOR: ssl: support tune.ssl.cachesize 0 again
|
|
- BUG/MEDIUM: mworker: also close peers sockets in the master
|
|
- BUG/MEDIUM: ssl engines: Fix async engines fds were not considered to fix fd limit automatically.
|
|
- BUG/MEDIUM: checks: a down server going to maint remains definitely stucked on down state.
|
|
- BUG/MEDIUM: peers: set NOLINGER on the outgoing stream interface
|
|
- BUG/MEDIUM: h2: fix handling of end of stream again
|
|
- MINOR: mworker: Update messages referencing exit-on-failure
|
|
- MINOR: mworker: Improve wording in `void mworker_wait()`
|
|
- CONTRIB: halog: Add help text for -s switch in halog program
|
|
- BUG/MEDIUM: email-alert: don't set server check status from a email-alert task
|
|
- BUG/MEDIUM: threads/vars: Fix deadlock in register_name
|
|
- MINOR: systemd: remove comment about HAPROXY_STATS_SOCKET
|
|
- DOC: notifications: add precisions about thread usage
|
|
- BUG/MEDIUM: lua/notification: memory leak
|
|
- MINOR: conn_stream: add new flag CS_FL_RCV_MORE to indicate pending data
|
|
- BUG/MEDIUM: stream-int: always set SI_FL_WAIT_ROOM on CS_FL_RCV_MORE
|
|
- BUG/MEDIUM: h2: automatically set CS_FL_RCV_MORE when the output buffer is full
|
|
- BUG/MEDIUM: h2: enable recv polling whenever demuxing is possible
|
|
- BUG/MEDIUM: h2: work around a connection API limitation
|
|
- BUG/MEDIUM: h2: debug incoming traffic in h2_wake()
|
|
- MINOR: h2: store the demux padding length in the h2c struct
|
|
- BUG/MEDIUM: h2: support uploading partial DATA frames
|
|
- MINOR: h2: don't demand that a DATA frame is complete before processing it
|
|
- BUG/MEDIUM: h2: don't switch the state to HREM before end of DATA frame
|
|
- BUG/MEDIUM: h2: don't close after the first DATA frame on tunnelled responses
|
|
- BUG/MEDIUM: http: don't disable lingering on requests with tunnelled responses
|
|
- BUG/MEDIUM: h2: fix stream limit enforcement
|
|
- BUG/MINOR: stream-int: don't try to receive again after receiving an EOS
|
|
- MINOR: sample: add len converter
|
|
- BUG: MAJOR: lb_map: server map calculation broken
|
|
- BUG: MINOR: http: don't check http-request capture id when len is provided
|
|
- MINOR: sample: rename the "len" converter to "length"
|
|
- BUG/MEDIUM: mworker: Set FD_CLOEXEC flag on log fd
|
|
- DOC/MINOR: intro: typo, wording, formatting fixes
|
|
- MINOR: netscaler: respect syntax
|
|
- MINOR: netscaler: remove the use of cip_magic only used once
|
|
- MINOR: netscaler: rename cip_len to clarify its uage
|
|
- BUG/MEDIUM: netscaler: use the appropriate IPv6 header size
|
|
- BUG/MAJOR: netscaler: address truncated CIP header detection
|
|
- MINOR: netscaler: check in one-shot if buffer is large enough for IP and TCP header
|
|
- MEDIUM: netscaler: do not analyze original IP packet size
|
|
- MEDIUM: netscaler: add support for standard NetScaler CIP protocol
|
|
- MINOR: spoe: add force-set-var option in spoe-agent configuration
|
|
- CONTRIB: iprange: Fix compiler warning in iprange.c
|
|
- CONTRIB: halog: Fix compiler warnings in halog.c
|
|
- BUG/MINOR: h2: properly report a stream error on RST_STREAM
|
|
- MINOR: mux: add flags to describe a mux's capabilities
|
|
- MINOR: stream-int: set flag SI_FL_CLEAN_ABRT when mux supports clean aborts
|
|
- BUG/MEDIUM: stream: don't consider abortonclose on muxes which close cleanly
|
|
- BUG/MEDIUM: checks: a server passed in maint state was not forced down.
|
|
- BUG/MEDIUM: lua: fix crash when using bogus mode in register_service()
|
|
- MINOR: http: adjust the list of supposedly cacheable methods
|
|
- MINOR: http: update the list of cacheable status codes as per RFC7231
|
|
- MINOR: http: start to compute the transaction's cacheability from the request
|
|
- BUG/MINOR: http: do not ignore cache-control: public
|
|
- BUG/MINOR: http: properly detect max-age=0 and s-maxage=0 in responses
|
|
- BUG/MINOR: cache: do not force the TX_CACHEABLE flag before checking cacheability
|
|
- MINOR: http: add a function to check request's cache-control header field
|
|
- BUG/MEDIUM: cache: do not try to retrieve host-less requests from the cache
|
|
- BUG/MEDIUM: cache: replace old object on store
|
|
- BUG/MEDIUM: cache: respect the request cache-control header
|
|
- BUG/MEDIUM: cache: don't cache the response on no-cache="set-cookie"
|
|
- BUG/MAJOR: connection: refine the situations where we don't send shutw()
|
|
- BUG/MEDIUM: checks: properly set servers to stopping state on 404
|
|
- BUG/MEDIUM: h2: properly handle and report some stream errors
|
|
- BUG/MEDIUM: h2: improve handling of frames received on closed streams
|
|
- DOC/MINOR: configuration: typo, formatting fixes
|
|
- BUG/MEDIUM: h2: ensure we always know the stream before sending a reset
|
|
- BUG/MEDIUM: mworker: don't close stdio several time
|
|
- MINOR: don't close stdio anymore
|
|
- BUG/MEDIUM: http: don't automatically forward request close
|
|
- BUG/MAJOR: hpack: don't return direct references to the dynamic headers table
|
|
- MINOR: h2: add a function to report pseudo-header names
|
|
- DEBUG: hpack: make hpack_dht_dump() expose the output file
|
|
- DEBUG: hpack: add more traces to the hpack decoder
|
|
- CONTRIB: hpack: add an hpack decoder
|
|
- MEDIUM: h2: prepare a graceful shutdown when the frontend is stopped
|
|
- BUG/MEDIUM: h2: properly handle the END_STREAM flag on empty DATA frames
|
|
- BUILD: ssl: silence a warning when building without NPN nor ALPN support
|
|
- CLEANUP: rbtree: remove
|
|
- BUG/MEDIUM: ssl: cache doesn't release shctx blocks
|
|
- BUG/MINOR: lua: Fix default value for pattern in Socket.receive
|
|
- DOC: lua: Fix typos in comments of hlua_socket_receive
|
|
- BUG/MEDIUM: lua: Fix IPv6 with separate port support for Socket.connect
|
|
- BUG/MINOR: lua: Fix return value of Socket.settimeout
|
|
- MINOR: dns: Handle SRV record weight correctly.
|
|
- BUG/MEDIUM: mworker: execvp failure depending on argv[0]
|
|
- MINOR: hathreads: add support for gcc < 4.7
|
|
- BUILD/MINOR: ancient gcc versions atomic fix
|
|
- BUG/MEDIUM: stream: properly handle client aborts during redispatch
|
|
- MINOR: spoe: add register-var-names directive in spoe-agent configuration
|
|
- MINOR: spoe: Don't queue a SPOE context if nothing is sent
|
|
- DOC: clarify the scope of ssl_fc_is_resumed
|
|
- CONTRIB: debug: fix a few flags definitions
|
|
- BUG/MINOR: poll: too large size allocation for FD events
|
|
- MINOR: sample: add date_us sample
|
|
- BUG/MEDIUM: peers: fix expire date wasn't updated if entry is modified remotely.
|
|
- MINOR: servers: Don't report duplicate dyncookies for disabled servers.
|
|
- MINOR: global/threads: move cpu_map at the end of the global struct
|
|
- MINOR: threads: add a MAX_THREADS define instead of LONGBITS
|
|
- MINOR: global: add some global activity counters to help debugging
|
|
- MINOR: threads/fd: Use a bitfield to know if there are FDs for a thread in the FD cache
|
|
- BUG/MEDIUM: threads/polling: Use fd_cache_mask instead of fd_cache_num
|
|
- BUG/MEDIUM: fd: maintain a per-thread update mask
|
|
- MINOR: fd: add a bitmask to indicate that an FD is known by the poller
|
|
- BUG/MEDIUM: epoll/threads: use one epoll_fd per thread
|
|
- BUG/MEDIUM: kqueue/threads: use one kqueue_fd per thread
|
|
- BUG/MEDIUM: threads/mworker: fix a race on startup
|
|
- BUG/MINOR: mworker: only write to pidfile if it exists
|
|
- MINOR: threads: Fix build when we're not compiling with threads.
|
|
- BUG/MINOR: threads: always set an owner to the thread_sync pipe
|
|
- BUG/MEDIUM: threads/server: Fix deadlock in srv_set_stopping/srv_set_admin_flag
|
|
- BUG/MEDIUM: checks: Don't try to release undefined conn_stream when a check is freed
|
|
- BUG/MINOR: kqueue/threads: Don't forget to close kqueue_fd[tid] on each thread
|
|
- MINOR: threads: Use __decl_hathreads instead of #ifdef/#endif
|
|
- BUILD: epoll/threads: Add test on MAX_THREADS to avoid warnings when complied without threads
|
|
- BUILD: kqueue/threads: Add test on MAX_THREADS to avoid warnings when complied without threads
|
|
- CLEANUP: sample: Fix comment encoding of sample.c
|
|
- CLEANUP: sample: Fix outdated comment about sample casts functions
|
|
- BUG/MINOR: sample: Fix output type of c_ipv62ip
|
|
- CLEANUP: Fix typo in ARGT_MSK6 comment
|
|
- CLEANUP: standard: Use len2mask4 in str2mask
|
|
- MINOR: standard: Add str2mask6 function
|
|
- MINOR: config: Add support for ARGT_MSK6
|
|
- MEDIUM: sample: Add IPv6 support to the ipmask converter
|
|
- MINOR: config: Enable tracking of up to MAX_SESS_STKCTR stick counters.
|
|
- BUG/MINOR: cli: use global.maxsock and not maxfd to list all FDs
|
|
- MINOR: polling: make epoll and kqueue not depend on maxfd anymore
|
|
- MINOR: fd: don't report maxfd in alert messages
|
|
- MEDIUM: polling: start to move maxfd computation to the pollers
|
|
- CLEANUP: fd/threads: remove the now unused fdtab_lock
|
|
- MINOR: poll: more accurately compute the new maxfd in the loop
|
|
- CLEANUP: fd: remove the unused "new" field
|
|
- MINOR: fd: move the hap_fd_{clr,set,isset} functions to fd.h
|
|
- MEDIUM: select: make use of hap_fd_* functions
|
|
- MEDIUM: fd: use atomic ops for hap_fd_{clr,set} and remove poll_lock
|
|
- MEDIUM: select: don't use the old FD state anymore
|
|
- MEDIUM: poll: don't use the old FD state anymore
|
|
- MINOR: fd: pass the iocb and owner to fd_insert()
|
|
- BUG/MINOR: threads: Update labels array because of changes in lock_label enum
|
|
- MINOR: stick-tables: Adds support for new "gpc1" and "gpc1_rate" counters.
|
|
- BUG/MINOR: epoll/threads: only call epoll_ctl(DEL) on polled FDs
|
|
- DOC: don't suggest using http-server-close
|
|
- MINOR: introduce proxy-v2-options for send-proxy-v2
|
|
- BUG/MEDIUM: spoe: Always try to receive or send the frame to detect shutdowns
|
|
- BUG/MEDIUM: spoe: Allow producer to read and to forward shutdown on request side
|
|
- MINOR: spoe: Remove check on min_applets number when a SPOE context is queued
|
|
- MINOR: spoe: Always link a SPOE context with the applet processing it
|
|
- MINOR: spoe: Replace sending_rate by a frequency counter
|
|
- MINOR: spoe: Count the number of frames waiting for an ack for each applet
|
|
- MEDIUM: spoe: Use an ebtree to manage idle applets
|
|
- MINOR: spoa_example: Count the number of frames processed by each worker
|
|
- MINOR: spoe: Add max-waiting-frames directive in spoe-agent configuration
|
|
- MINOR: init: make stdout unbuffered
|
|
- MINOR: early data: Don't rely on CO_FL_EARLY_DATA to wake up streams.
|
|
- MINOR: early data: Never remove the CO_FL_EARLY_DATA flag.
|
|
- MINOR: compiler: introduce offsetoff().
|
|
- MINOR: threads: Introduce double-width CAS on x86_64 and arm.
|
|
- MINOR: threads: add test and set/reset operations
|
|
- MINOR: pools/threads: Implement lockless memory pools.
|
|
- MAJOR: fd/threads: Make the fdcache mostly lockless.
|
|
- MEDIUM: fd/threads: Make sure we don't miss a fd cache entry.
|
|
- MAJOR: fd: compute the new fd polling state out of the fd lock
|
|
- MINOR: epoll: get rid of the now useless fd_compute_new_polled_status()
|
|
- MINOR: kqueue: get rid of the now useless fd_compute_new_polled_status()
|
|
- MINOR: poll: get rid of the now useless fd_compute_new_polled_status()
|
|
- MINOR: select: get rid of the now useless fd_compute_new_polled_status()
|
|
- CLEANUP: fd: remove the now unused fd_compute_new_polled_status() function
|
|
- MEDIUM: fd: make updt_fd_polling() use atomics
|
|
- MEDIUM: poller: use atomic ops to update the fdtab mask
|
|
- MINOR: fd: move the fd_{add_to,rm_from}_fdlist functions to fd.c
|
|
- BUG/MINOR: fd/threads: properly dereference fdcache as volatile
|
|
- MINOR: fd: remove the unneeded last CAS when adding an fd to the list
|
|
- MINOR: fd: reorder fd_add_to_fd_list()
|
|
- BUG/MINOR: time/threads: ensure the adjusted time is always correct
|
|
- BUG/MEDIUM: standard: Fix memory leak in str2ip2()
|
|
- MINOR: init: emit warning when -sf/-sd cannot parse argument
|
|
- BUILD: fd/threads: fix breakage build breakage without threads
|
|
- DOC: Describe routing impact of using interface keyword on bind lines
|
|
- DOC: Mention -Ws in the list of available options
|
|
- BUG/MINOR: config: don't emit a warning when global stats is incompletely configured
|
|
- BUG/MINOR: fd/threads: properly lock the FD before adding it to the fd cache.
|
|
- BUG/MEDIUM: threads: fix the double CAS implementation for ARMv7
|
|
- BUG/MEDIUM: ssl: Don't always treat SSL_ERROR_SYSCALL as unrecovarable.
|
|
- BUILD/MINOR: memory: stdint is needed for uintptr_t
|
|
- BUG/MINOR: init: Add missing brackets in the code parsing -sf/-st
|
|
- DOC: lua: new prototype for function "register_action()"
|
|
- DOC: cfgparse: Warn on option (tcp|http)log in backend
|
|
- BUG/MINOR: ssl/threads: Make management of the TLS ticket keys files thread-safe
|
|
- MINOR: sample: add a new "concat" converter
|
|
- BUG/MEDIUM: ssl: Shutdown the connection for reading on SSL_ERROR_SYSCALL
|
|
- BUG/MEDIUM: http: Switch the HTTP response in tunnel mode as earlier as possible
|
|
- BUG/MEDIUM: ssl/sample: ssl_bc_* fetch keywords are broken.
|
|
- MINOR: ssl/sample: adds ssl_bc_is_resumed fetch keyword.
|
|
- CLEANUP: cfgparse: Remove unused label end
|
|
- CLEANUP: spoe: Remove unused label retry
|
|
- CLEANUP: h2: Remove unused labels from mux_h2.c
|
|
- CLEANUP: pools: Remove unused end label in memory.h
|
|
- CLEANUP: standard: Fix typo in IPv6 mask example
|
|
- BUG/MINOR: pools/threads: don't ignore DEBUG_UAF on double-word CAS capable archs
|
|
- BUG/MINOR: debug/pools: properly handle out-of-memory when building with DEBUG_UAF
|
|
- MINOR: debug/pools: make DEBUG_UAF also detect underflows
|
|
- MINOR: stats: display the number of threads in the statistics.
|
|
- BUG/MINOR: h2: Set the target of dbuf_wait to h2c
|
|
- BUG/MEDIUM: h2: always consume any trailing data after end of output buffers
|
|
- BUG/MEDIUM: buffer: Fix the wrapping case in bo_putblk
|
|
- BUG/MEDIUM: buffer: Fix the wrapping case in bi_putblk
|
|
- BUG/MEDIUM: spoe: Remove idle applets from idle list when HAProxy is stopping
|
|
- Revert "BUG/MINOR: send-proxy-v2: string size must include ('\0')"
|
|
- MINOR: ssl: extract full pkey info in load_certificate
|
|
- MINOR: ssl: add ssl_sock_get_pkey_algo function
|
|
- MINOR: ssl: add ssl_sock_get_cert_sig function
|
|
- MINOR: connection: add proxy-v2-options ssl-cipher,cert-sig,cert-key
|
|
- MINOR: connection: add proxy-v2-options authority
|
|
- MINOR: systemd: Add section for SystemD sandboxing to unit file
|
|
- MINOR: systemd: Add SystemD's Protect*= options to the unit file
|
|
- MINOR: systemd: Add SystemD's SystemCallFilter option to the unit file
|
|
- CLEANUP: h2: rename misleading h2c_stream_close() to h2s_close()
|
|
- MINOR: h2: provide and use h2s_detach() and h2s_free()
|
|
- MEDIUM: h2: use a single buffer allocator
|
|
- MINOR/BUILD: fix Lua build on Mac OS X
|
|
- BUILD/MINOR: fix Lua build on Mac OS X (again)
|
|
- BUG/MINOR: session: Fix tcp-request session failure if handshake.
|
|
- CLEANUP: .gitignore: Ignore binaries from the contrib directory
|
|
- BUG/MINOR: unix: Don't mess up when removing the socket from the xfer_sock_list.
|
|
- DOC: buffers: clarify the purpose of the <from> pointer in offer_buffers()
|
|
- BUG/MEDIUM: h2: also arm the h2 timeout when sending
|
|
- BUG/MINOR: cli: Fix a crash when passing a negative or too large value to "show fd"
|
|
- CLEANUP: ssl: Remove a duplicated #include
|
|
- CLEANUP: cli: Remove a leftover debug message
|
|
- BUG/MINOR: cli: Fix a typo in the 'set rate-limit' usage
|
|
- BUG/MEDIUM: fix a 100% cpu usage with cpu-map and nbthread/nbproc
|
|
- BUG/MINOR: force-persist and ignore-persist only apply to backends
|
|
- BUG/MEDIUM: threads/unix: Fix a deadlock when a listener is temporarily disabled
|
|
- BUG/MAJOR: threads/queue: Fix thread-safety issues on the queues management
|
|
- BUG/MINOR: dns: don't downgrade DNS accepted payload size automatically
|
|
- TESTS: Add a testcase for multi-port + multi-server listener issue
|
|
- CLEANUP: dns: remove duplicate code in src/dns.c
|
|
- BUG/MINOR: seemless reload: Fix crash when an interface is specified.
|
|
- BUG/MINOR: cli: Ensure all command outputs end with a LF
|
|
- BUG/MINOR: cli: Fix a crash when sending a command with too many arguments
|
|
- BUILD: ssl: Fix build with OpenSSL without NPN capability
|
|
- BUG/MINOR: spoa-example: unexpected behavior for more than 127 args
|
|
- BUG/MINOR: lua: return bad error messages
|
|
- CLEANUP: lua/syntax: lua is a name and not an acronym
|
|
- BUG/MEDIUM: tcp-check: single connect rule can't detect DOWN servers
|
|
- BUG/MINOR: tcp-check: use the server's service port as a fallback
|
|
- BUG/MEDIUM: threads/queue: wake up other threads upon dequeue
|
|
- MINOR: log: stop emitting alerts when it's not possible to write on the socket
|
|
- BUILD/BUG: enable -fno-strict-overflow by default
|
|
- BUG/MEDIUM: fd/threads: ensure the fdcache_mask always reflects the cache contents
|
|
- DOC: log: more than 2 log servers are allowed
|
|
- MINOR: hash: add new function hash_crc32c
|
|
- MINOR: proxy-v2-options: add crc32c
|
|
- MINOR: accept-proxy: support proxy protocol v2 CRC32c checksum
|
|
- REORG: compact "struct server"
|
|
- MINOR: samples: add crc32c converter
|
|
- BUG/MEDIUM: h2: properly account for DATA padding in flow control
|
|
- BUG/MINOR: h2: ensure we can never send an RST_STREAM in response to an RST_STREAM
|
|
- BUG/MINOR: listener: Don't decrease actconn twice when a new session is rejected
|
|
- CLEANUP: map, stream: remove duplicate code in src/map.c, src/stream.c
|
|
- BUG/MINOR: lua: the function returns anything
|
|
- BUG/MINOR: lua funtion hlua_socket_settimeout don't check negative values
|
|
- CLEANUP: lua: typo fix in comments
|
|
- BUILD/MINOR: fix build when USE_THREAD is not defined
|
|
- MINOR: lua: allow socket api settimeout to accept integers, float, and doubles
|
|
- BUG/MINOR: hpack: fix harmless use of uninitialized value in hpack_dht_insert
|
|
- MINOR: cli/threads: make "show fd" report thread_sync_io_handler instead of "unknown"
|
|
- MINOR: cli: make "show fd" report the mux and mux_ctx pointers when available
|
|
- BUILD/MINOR: cli: fix a build warning introduced by last commit
|
|
- BUG/MAJOR: h2: remove orphaned streams from the send list before closing
|
|
- MINOR: h2: always call h2s_detach() in h2_detach()
|
|
- MINOR: h2: fuse h2s_detach() and h2s_free() into h2s_destroy()
|
|
- BUG/MEDIUM: h2/threads: never release the task outside of the task handler
|
|
- BUG/MEDIUM: h2: don't consider pending data on detach if connection is in error
|
|
- BUILD/MINOR: threads: always export thread_sync_io_handler()
|
|
- MINOR: mux: add a "show_fd" function to dump debugging information for "show fd"
|
|
- MINOR: h2: implement a basic "show_fd" function
|
|
- MINOR: cli: report cache indexes in "show fd"
|
|
- BUG/MINOR: h2: remove accidental debug code introduced with show_fd function
|
|
- BUG/MEDIUM: h2: always add a stream to the send or fctl list when blocked
|
|
- BUG/MINOR: checks: check the conn_stream's readiness and not the connection
|
|
- BUG/MINOR: fd: Don't clear the update_mask in fd_insert.
|
|
- BUG/MINOR: email-alert: Set the mailer port during alert initialization
|
|
- BUG/MINOR: cache: fix "show cache" output
|
|
- BUG/MAJOR: cache: fix random crashes caused by incorrect delete() on non-first blocks
|
|
- BUG/MINOR: spoe: Initialize variables used during conf parsing before any check
|
|
- BUG/MINOR: spoe: Don't release the context buffer in .check_timeouts callbaclk
|
|
- BUG/MINOR: spoe: Register the variable to set when an error occurred
|
|
- BUG/MINOR: spoe: Don't forget to decrement fpa when a processing is interrupted
|
|
- MINOR: spoe: Add metrics in to know time spent in the SPOE
|
|
- MINOR: spoe: Add options to store processing times in variables
|
|
- MINOR: log: move 'log' keyword parsing in dedicated function
|
|
- MINOR: log: Keep the ref when a log server is copied to avoid duplicate entries
|
|
- MINOR: spoe: Add loggers dedicated to the SPOE agent
|
|
- MINOR: spoe: Add support for option dontlog-normal in the SPOE agent section
|
|
- MINOR: spoe: use agent's logger to log SPOE messages
|
|
- MINOR: spoe: Add counters to log info about SPOE agents
|
|
- BUG/MAJOR: cache: always initialize newly created objects
|
|
- MINOR: servers: Support alphanumeric characters for the server templates names
|
|
- BUG/MEDIUM: threads: Fix the max/min calculation because of name clashes
|
|
- BUG/MEDIUM: connection: Make sure we have a mux before calling detach().
|
|
- BUG/MINOR: http: Return an error in proxy mode when url2sa fails
|
|
- MINOR: proxy: Add fe_defbe fetcher
|
|
- MINOR: config: Warn if resolvers has no nameservers
|
|
- BUG/MINOR: cli: Guard against NULL messages when using CLI_ST_PRINT_FREE
|
|
- MINOR: cli: Ensure the CLI always outputs an error when it should
|
|
- MEDIUM: sample: Extend functionality for field/word converters
|
|
- MINOR: export localpeer as an environment variable
|
|
- BUG/MEDIUM: kqueue: When adding new events, provide an output to get errors.
|
|
- BUILD: sample: avoid build warning in sample.c
|
|
- BUG/CRITICAL: h2: fix incorrect frame length check
|
|
- DOC: lua: update the links to the config and Lua API
|
|
- BUG/MINOR: pattern: Add a missing HA_SPIN_INIT() in pat_ref_newid()
|
|
- BUG/MAJOR: channel: Fix crash when trying to read from a closed socket
|
|
- BUG/MINOR: log: t_idle (%Ti) is not set for some requests
|
|
- BUG/MEDIUM: lua: Fix segmentation fault if a Lua task exits
|
|
- MINOR: h2: detect presence of CONNECT and/or content-length
|
|
- BUG/MEDIUM: h2: implement missing support for chunked encoded uploads
|
|
- BUG/MINOR: spoe: Fix counters update when processing is interrupted
|
|
- BUG/MINOR: spoe: Fix parsing of dontlog-normal option
|
|
- MEDIUM: cli: Add payload support
|
|
- MINOR: map: Add payload support to "add map"
|
|
- MINOR: ssl: Add payload support to "set ssl ocsp-response"
|
|
- BUG/MINOR: lua/threads: Make lua's tasks sticky to the current thread
|
|
- MINOR: sample: Add strcmp sample converter
|
|
- MINOR: http: Add support for 421 Misdirected Request
|
|
- BUG/MINOR: config: disable http-reuse on TCP proxies
|
|
- MINOR: ssl: disable SSL sample fetches when unsupported
|
|
- MINOR: ssl: add fetch 'ssl_fc_session_key' and 'ssl_bc_session_key'
|
|
- BUG/MINOR: checks: Fix check->health computation for flapping servers
|
|
- BUG/MEDIUM: threads: Fix the sync point for more than 32 threads
|
|
- BUG/MINOR, BUG/MINOR: lua: Put tasks to sleep when waiting for data
|
|
- MINOR: backend: implement random-based load balancing
|
|
- DOC/MINOR: clean up LUA documentation re: servers & array/table.
|
|
- MINOR: lua: Add server name & puid to LUA Server class.
|
|
- MINOR: lua: add get_maxconn and set_maxconn to LUA Server class.
|
|
- BUG/MINOR: map: correctly track reference to the last ref_elt being dumped
|
|
- BUG/MEDIUM: task: Don't free a task that is about to be run.
|
|
- MINOR: fd: Make the lockless fd list work with multiple lists.
|
|
- BUG/MEDIUM: pollers: Use a global list for fd shared between threads.
|
|
- MINOR: pollers: move polled_mask outside of struct fdtab.
|
|
- BUG/MINOR: lua: schedule socket task upon lua connect()
|
|
- BUG/MINOR: lua: ensure large proxy IDs can be represented
|
|
- BUG/MEDIUM: pollers/kqueue: use incremented position in event list
|
|
- BUG/MINOR: cli: don't stop cli_gen_usage_msg() when kw->usage == NULL
|
|
- BUG/MEDIUM: http: don't always abort transfers on CF_SHUTR
|
|
- BUG/MEDIUM: ssl: properly protect SSL cert generation
|
|
- BUG/MINOR: lua: Socket.send threw runtime error: 'close' needs 1 arguments.
|
|
- BUG/MINOR: spoe: Mistake in error message about SPOE configuration
|
|
- BUG/MEDIUM: spoe: Flags are not encoded in network order
|
|
- CLEANUP: spoe: Remove unused variables the agent structure
|
|
- DOC: spoe: fix a typo
|
|
- BUG/MEDIUM: contrib/mod_defender: Use network order to encode/decode flags
|
|
- BUG/MEDIUM: contrib/modsecurity: Use network order to encode/decode flags
|
|
- DOC: add some description of the pending rework of the buffer structure
|
|
- BUG/MINOR: ssl/lua: prevent lua from affecting automatic maxconn computation
|
|
- MINOR: lua: Improve error message
|
|
- BUG/MEDIUM: cache: don't cache when an Authorization header is present
|
|
- MINOR: ssl: set SSL_OP_PRIORITIZE_CHACHA
|
|
- BUG/MEDIUM: dns: Delay the attempt to run a DNS resolution on check failure.
|
|
- BUG/BUILD: threads: unbreak build without threads
|
|
- BUG/MEDIUM: servers: Add srv_addr default placeholder to the state file
|
|
- BUG/MEDIUM: lua/socket: Length required read doesn't work
|
|
- MINOR: tasks: Change the task API so that the callback takes 3 arguments.
|
|
- MAJOR: tasks: Create a per-thread runqueue.
|
|
- MAJOR: tasks: Introduce tasklets.
|
|
- MINOR: tasks: Make the number of tasks to run at once configurable.
|
|
- MAJOR: applets: Use tasks, instead of rolling our own scheduler.
|
|
- BUG/MEDIUM: stick-tables: Decrement ref_cnt in table_* converters
|
|
- MINOR: http: Log warning if (add|set)-header fails
|
|
- DOC: management: add the new wrew stats column
|
|
- MINOR: stats: also report the failed header rewrites warnings on the stats page
|
|
- BUG/MEDIUM: tasks: Don't forget to increase/decrease tasks_run_queue.
|
|
- BUG/MEDIUM: task: Don't forget to decrement max_processed after each task.
|
|
- MINOR: task: Also consider the task list size when getting global tasks.
|
|
- MINOR: dns: Implement `parse-resolv-conf` directive
|
|
- BUG/MEDIUM: spoe: Return an error when the wrong ACK is received in sync mode
|
|
- MINOR: task/notification: Is notifications registered ?
|
|
- BUG/MEDIUM: lua/socket: wrong scheduling for sockets
|
|
- BUG/MAJOR: lua: Dead lock with sockets
|
|
- BUG/MEDIUM: lua/socket: Notification error
|
|
- BUG/MEDIUM: lua/socket: Sheduling error on write: may dead-lock
|
|
- BUG/MEDIUM: lua/socket: Buffer error, may segfault
|
|
- DOC: contrib/modsecurity: few typo fixes
|
|
- DOC: SPOE.txt: fix a typo
|
|
- MAJOR: spoe: upgrade the SPOP version to 2.0 and remove the support for 1.0
|
|
- BUG/MINOR: contrib/spoa_example: Don't reset the status code during disconnect
|
|
- BUG/MINOR: contrib/mod_defender: Don't reset the status code during disconnect
|
|
- BUG/MINOR: contrib/modsecurity: Don't reset the status code during disconnect
|
|
- BUG/MINOR: contrib/mod_defender: update pointer on the end of the frame
|
|
- BUG/MINOR: contrib/modsecurity: update pointer on the end of the frame
|
|
- MINOR: task: Fix a compiler warning by adding a cast.
|
|
- MINOR: stats: also report the nice and number of calls for applets
|
|
- MINOR: applet: assign the same nice value to a new appctx as its owner task
|
|
- MINOR: task: Fix compiler warning.
|
|
- BUG/MEDIUM: tasks: Use the local runqueue when building without threads.
|
|
- MINOR: tasks: Don't define rqueue if we're building without threads.
|
|
- BUG/MINOR: unix: Make sure we can transfer abns sockets on seamless reload.
|
|
- MINOR: lua: Increase debug information
|
|
- BUG/MEDIUM: threads: handle signal queue only in thread 0
|
|
- BUG/MINOR: don't ignore SIG{BUS,FPE,ILL,SEGV} during signal processing
|
|
- BUG/MINOR: signals: ha_sigmask macro for multithreading
|
|
- BUG/MAJOR: map: fix a segfault when using http-request set-map
|
|
- DOC: regression testing: Add a short starting guide.
|
|
- MINOR: tasks: Make sure we correctly init and deinit a tasklet.
|
|
- BUG/MINOR: tasklets: Just make sure we don't pass a tasklet to the handler.
|
|
- BUG/MINOR: lua: Segfaults with wrong usage of types.
|
|
- BUG/MAJOR: ssl: Random crash with cipherlist capture
|
|
- BUG/MAJOR: ssl: OpenSSL context is stored in non-reserved memory slot
|
|
- BUG/MEDIUM: ssl: do not store pkinfo with SSL_set_ex_data
|
|
- MINOR: tests: First regression testing file.
|
|
- MINOR: reg-tests: Add reg-tests/README file.
|
|
- MINOR: reg-tests: Add a few regression testing files.
|
|
- DOC: Add new REGTEST tag info about reg testing.
|
|
- BUG/MEDIUM: fd: Don't modify the update_mask in fd_dodelete().
|
|
- MINOR: Some spelling cleanup in the comments.
|
|
- BUG/MEDIUM: threads: Use the sync point to check active jobs and exit
|
|
- MINOR: threads: Be sure to remove threads from all_threads_mask on exit
|
|
- REGTEST/MINOR: Wrong URI in a reg test for SSL/TLS.
|
|
- REGTEST/MINOR: Set HAPROXY_PROGRAM default value.
|
|
- REGTEST/MINOR: Add levels to reg-tests target.
|
|
- BUG/MAJOR: Stick-tables crash with segfault when the key is not in the stick-table
|
|
- BUG/BUILD: threads: unbreak build without threads
|
|
- BUG/MAJOR: stick_table: Complete incomplete SEGV fix
|
|
- MINOR: stick-tables: make stktable_release() do nothing on NULL
|
|
- BUG/MEDIUM: lua: possible CLOSE-WAIT state with '\n' headers
|
|
- MINOR: startup: change session/process group settings
|
|
- MINOR: systemd: consider exit status 143 as successful
|
|
- REGTEST/MINOR: Wrong URI syntax.
|
|
- CLEANUP: dns: remove obsolete macro DNS_MAX_IP_REC
|
|
- CLEANUP: dns: inacurate comment about prefered IP score
|
|
- MINOR: dns: fix wrong score computation in dns_get_ip_from_response
|
|
- MINOR: dns: new DNS options to allow/prevent IP address duplication
|
|
- REGTEST/MINOR: Unexpected curl URL globling.
|
|
- BUG/MINOR: ssl: properly ref-count the tls_keys entries
|
|
- MINOR: h2: keep a count of the number of conn_streams attached to the mux
|
|
- BUG/MEDIUM: h2: don't accept new streams if conn_streams are still in excess
|
|
- MINOR: h2: add the mux and demux buffer lengths on "show fd"
|
|
- BUG/MEDIUM: h2: never leave pending data in the output buffer on close
|
|
- BUG/MEDIUM: h2: make sure the last stream closes the connection after a timeout
|
|
- MINOR: tasklet: Set process to NULL.
|
|
- MINOR: buffer: implement a new file for low-level buffer manipulation functions
|
|
- MINOR: buffer: switch buffer sizes and offsets to size_t
|
|
- MINOR: buffer: add a few basic functions for the new API
|
|
- MINOR: buffer: Introduce b_sub(), b_add(), and bo_add()
|
|
- MINOR: buffer: Add b_set_data().
|
|
- MINOR: buffer: introduce b_realign_if_empty()
|
|
- MINOR: compression: pass the channel to http_compression_buffer_end()
|
|
- MINOR: channel: add a few basic functions for the new buffer API
|
|
- MINOR: channel/buffer: use c_realign_if_empty() instead of buffer_realign()
|
|
- MINOR: channel/buffer: replace buffer_slow_realign() with channel_slow_realign() and b_slow_realign()
|
|
- MEDIUM: channel: make channel_slow_realign() take a swap buffer
|
|
- MINOR: h2: use b_slow_realign() with the trash as a swap buffer
|
|
- MINOR: buffer: remove buffer_slow_realign() and the swap_buffer allocation code
|
|
- MINOR: channel/buffer: replace b_{adv,rew} with c_{adv,rew}
|
|
- MINOR: buffer: replace calls to buffer_space_wraps() with b_space_wraps()
|
|
- MINOR: buffer: remove bi_getblk() and bi_getblk_nc()
|
|
- MINOR: buffer: split bi_contig_data() into ci_contig_data and b_config_data()
|
|
- MINOR: buffer: remove bi_ptr()
|
|
- MINOR: buffer: remove bo_ptr()
|
|
- MINOR: buffer: remove bo_end()
|
|
- MINOR: buffer: remove bi_end()
|
|
- MINOR: buffer: remove bo_contig_data()
|
|
- MINOR: buffer: merge b{i,o}_contig_space()
|
|
- MINOR: buffer: replace bo_getblk() with direction agnostic b_getblk()
|
|
- MINOR: buffer: replace bo_getblk_nc() with b_getblk_nc() which takes an offset
|
|
- MINOR: buffer: replace bi_del() and bo_del() with b_del()
|
|
- MINOR: buffer: convert most b_ptr() calls to c_ptr()
|
|
- MINOR: h1: make h1_measure_trailers() take the byte count in argument
|
|
- MINOR: h2: clarify the fact that the send functions are unsigned
|
|
- MEDIUM: h2: prevent the various mux encoders from modifying the buffer
|
|
- MINOR: h1: make h1_skip_chunk_crlf() not depend on b_ptr() anymore
|
|
- MINOR: h1: make h1_parse_chunk_size() not depend on b_ptr() anymore
|
|
- MINOR: h1: make h1_measure_trailers() use an offset and a count
|
|
- MEDIUM: h2: do not use buf->o anymore inside h2_snd_buf's loop
|
|
- MEDIUM: h2: don't use b_ptr() nor b_end() anymore
|
|
- MINOR: buffer: get rid of b_end() and b_to_end()
|
|
- MINOR: buffer: make b_getblk_nc() take const pointers
|
|
- MINOR: buffer: make b_getblk_nc() take size_t for the block sizes
|
|
- MEDIUM: connection: make xprt->snd_buf() take the byte count in argument
|
|
- MEDIUM: mux: make mux->snd_buf() take the byte count in argument
|
|
- MEDIUM: connection: make xprt->rcv_buf() use size_t for the count
|
|
- MEDIUM: mux: make mux->rcv_buf() take a size_t for the count
|
|
- MINOR: connection: add a flags argument to rcv_buf()
|
|
- MINOR: connection: add a new receive flag : CO_RFL_BUF_WET
|
|
- MINOR: buffer: get rid of b_ptr() and convert its last users
|
|
- MINOR: buffer: use b_room() to determine available space in a buffer
|
|
- MINOR: buffer: replace buffer_not_empty() with b_data() or c_data()
|
|
- MINOR: buffer: replace buffer_empty() with b_empty() or c_empty()
|
|
- MINOR: buffer: make bo_putchar() use b_tail()
|
|
- MINOR: buffer: replace buffer_full() with channel_full()
|
|
- MINOR: buffer: replace bi_space_for_replace() with ci_space_for_replace()
|
|
- MINOR: buffer: replace buffer_pending() with ci_data()
|
|
- MINOR: buffer: replace buffer_flush() with c_adv(chn, ci_data(chn))
|
|
- MINOR: buffer: use c_head() instead of buffer_wrap_sub(c->buf, p-o)
|
|
- MINOR: buffer: use b_orig() to replace most references to b->data
|
|
- MINOR: buffer: Use b_add()/bo_add() instead of accessing b->i/b->o.
|
|
- MINOR: channel: remove almost all references to buf->i and buf->o
|
|
- MINOR: channel: Add co_set_data().
|
|
- MEDIUM: channel: adapt to the new buffer API
|
|
- MINOR: checks: adapt to the new buffer API
|
|
- MEDIUM: h2: update to the new buffer API
|
|
- MINOR: buffer: remove unused bo_add()
|
|
- MEDIUM: spoe: use the new buffer API for the SPOE buffer
|
|
- MINOR: stats: adapt to the new buffers API
|
|
- MINOR: cli: use the new buffer API
|
|
- MINOR: cache: use the new buffer API
|
|
- MINOR: stream-int: use the new buffer API
|
|
- MINOR: stream: use wrappers instead of directly manipulating buffers
|
|
- MINOR: backend: use new buffer API
|
|
- MEDIUM: http: use wrappers instead of directly manipulating buffers states
|
|
- MINOR: filters: convert to the new buffer API
|
|
- MINOR: payload: convert to the new buffer API
|
|
- MEDIUM: h1: port to new buffer API.
|
|
- MINOR: flt_trace: adapt to the new buffer API
|
|
- MEDIUM: compression: start to move to the new buffer API
|
|
- MINOR: lua: use the wrappers instead of directly manipulating buffer states
|
|
- MINOR: buffer: convert part bo_putblk() and bi_putblk() to the new API
|
|
- MINOR: buffer: adapt buffer_slow_realign() and buffer_dump() to the new API
|
|
- MAJOR: start to change buffer API
|
|
- MINOR: buffer: remove the check for output on b_del()
|
|
- MINOR: buffer: b_set_data() doesn't truncate output data anymore
|
|
- MINOR: buffer: rename the "data" field to "area"
|
|
- MEDIUM: buffers: move "output" from struct buffer to struct channel
|
|
- MINOR: buffer: replace bi_fast_delete() with b_del()
|
|
- MINOR: buffer: replace b{i,o}_put* with b_put*
|
|
- MINOR: buffer: add a new file for ist + buffer manipulation functions
|
|
- MINOR: checks: use b_putist() instead of b_putstr()
|
|
- MINOR: buffers: remove b_putstr()
|
|
- CLEANUP: buffer: minor cleanups to buffer.h
|
|
- MINOR: buffers/channel: replace buffer_insert_line2() with ci_insert_line2()
|
|
- MINOR: buffer: replace buffer_replace2() with b_rep_blk()
|
|
- MINOR: buffer: rename the data length member to '->data'
|
|
- MAJOR: buffer: finalize buffer detachment
|
|
- MEDIUM: chunks: make the chunk struct's fields match the buffer struct
|
|
- MAJOR: chunks: replace struct chunk with struct buffer
|
|
- DOC: buffers: document the new buffers API
|
|
- DOC: buffers: remove obsolete docs about buffers
|
|
- MINOR: tasklets: Don't attempt to add a tasklet in the list twice.
|
|
- MINOR: connections/mux: Add a new "subscribe" method.
|
|
- MEDIUM: connections/mux: Revamp the send direction.
|
|
- MINOR: connection: simplify subscription by adding a registration function
|
|
- BUG/MINOR: http: Set brackets for the unlikely macro at the right place
|
|
- BUG/MINOR: build: Fix compilation with debug mode enabled
|
|
- BUILD: Generate sha256 checksums in publish-release
|
|
- MINOR: debug: Add check for CO_FL_WILL_UPDATE
|
|
- MINOR: debug: Add checks for conn_stream flags
|
|
- MINOR: ist: Add the function isteqi
|
|
- BUG/MEDIUM: threads: Fix the exit condition of the thread barrier
|
|
- BUG/MEDIUM: mux_h2: Call h2_send() before updating polling.
|
|
- MINOR: buffers: simplify b_contig_space()
|
|
- MINOR: buffers: split b_putblk() into __b_putblk()
|
|
- MINOR: buffers: add b_xfer() to transfer data between buffers
|
|
- DOC: add some design notes about the new layering model
|
|
- MINOR: conn_stream: add a new CS_FL_REOS flag
|
|
- MINOR: conn_stream: add an rx buffer to the conn_stream
|
|
- MEDIUM: conn_stream: add cs_recv() as a default rcv_buf() function
|
|
- MEDIUM: stream-int: automatically call si_cs_recv_cb() if the cs has data on wake()
|
|
- MINOR: h2: make each H2 stream support an intermediary input buffer
|
|
- MEDIUM: h2: make h2_frt_decode_headers() use an intermediary buffer
|
|
- MEDIUM: h2: make h2_frt_transfer_data() copy via an intermediary buffer
|
|
- MEDIUM: h2: centralize transfer of decoded frames in h2_rcv_buf()
|
|
- MEDIUM: h2: move headers and data frame decoding to their respective parsers
|
|
- MEDIUM: buffers: make b_xfer() automatically swap buffers when possible
|
|
- MEDIUM: h2: perform a single call to the data layer in demux()
|
|
- MEDIUM: h2: don't call data_cb->recv() anymore
|
|
- MINOR: h2: make use of CS_FL_REOS to indicate that end of stream was seen
|
|
- MEDIUM: h2: use the default conn_stream's receive function
|
|
- DOC: add more design feedback on the new layering model
|
|
- MINOR: h2: add the error code and the max/last stream IDs to "show fd"
|
|
- BUG/MEDIUM: stream-int: don't immediately enable reading when the buffer was reportedly full
|
|
- BUG/MEDIUM: stats: don't ask for more data as long as we're responding
|
|
- BUG/MINOR: servers: Don't make "server" in a frontend fatal.
|
|
- BUG/MEDIUM: tasks: make sure we pick all tasks in the run queue
|
|
- BUG/MEDIUM: tasks: Decrement rqueue_size at the right time.
|
|
- BUG/MEDIUM: tasks: use atomic ops for active_tasks_mask
|
|
- BUG/MEDIUM: tasks: Make sure there's no task left before considering inactive.
|
|
- MINOR: signal: don't pass the signal number anymore as the wakeup reason
|
|
- MINOR: tasks: extend the state bits from 8 to 16 and remove the reason
|
|
- MINOR: tasks: Add a flag that tells if we're in the global runqueue.
|
|
- BUG/MEDIUM: tasks: make __task_unlink_rq responsible for the rqueue size.
|
|
- MINOR: queue: centralize dequeuing code a bit better
|
|
- MEDIUM: queue: make pendconn_free() work on the stream instead
|
|
- DOC: queue: document the expected locking model for the server's queue
|
|
- MINOR: queue: make sure pendconn->strm->pend_pos is always valid
|
|
- MINOR: queue: use a distinct variable for the assigned server and the queue
|
|
- MINOR: queue: implement pendconn queue locking functions
|
|
- MEDIUM: queue: get rid of the pendconn lock
|
|
- MINOR: tasks: Make active_tasks_mask volatile.
|
|
- MINOR: tasks: Make global_tasks_mask volatile.
|
|
- MINOR: pollers: Add a way to wake a thread sleeping in the poller.
|
|
- MINOR: threads/queue: Get rid of THREAD_WANT_SYNC in the queue code.
|
|
- BUG/MEDIUM: threads/sync: use sched_yield when available
|
|
- MINOR: ssl: BoringSSL matches OpenSSL 1.1.0
|
|
- BUG/MEDIUM: h2: prevent orphaned streams from blocking a connection forever
|
|
- BUG/MINOR: config: stick-table is not supported in defaults section
|
|
- BUILD/MINOR: threads: unbreak build with threads disabled
|
|
- BUG/MINOR: threads: Handle nbthread == MAX_THREADS.
|
|
- BUG/MEDIUM: threads: properly fix nbthreads == MAX_THREADS
|
|
- MINOR: threads: move "nbthread" parsing to hathreads.c
|
|
- BUG/MEDIUM: threads: unbreak "bind" referencing an incorrect thread number
|
|
- MEDIUM: proxy_protocol: Convert IPs to v6 when protocols are mixed
|
|
- BUILD/MINOR: compiler: fix offsetof() on older compilers
|
|
- SCRIPTS: git-show-backports: add missing quotes to "echo"
|
|
- MINOR: threads: add more consistency between certain variables in no-thread case
|
|
- MEDIUM: hathreads: implement a more flexible rendez-vous point
|
|
- BUG/MEDIUM: cli: make "show fd" thread-safe
|
|
|
|
2017/11/26 : 1.9-dev0
|
|
|
|
2017/11/26 : 1.8.0
|
|
- BUG/MEDIUM: stream: don't automatically forward connect nor close
|
|
- BUG/MAJOR: stream: ensure analysers are always called upon close
|
|
- BUG/MINOR: stream-int: don't try to read again when CF_READ_DONTWAIT is set
|
|
- MEDIUM: mworker: Add systemd `Type=notify` support
|
|
- BUG/MEDIUM: cache: free callback to remove from tree
|
|
- CLEANUP: cache: remove unused struct
|
|
- MEDIUM: cache: enable the HTTP analysers
|
|
- CLEANUP: cache: remove wrong comment
|
|
- MINOR: threads/atomic: rename local variables in macros to avoid conflicts
|
|
- MINOR: threads/plock: rename local variables in macros to avoid conflicts
|
|
- MINOR: threads/atomic: implement pl_mb() in asm on x86
|
|
- MINOR: threads/atomic: implement pl_bts() on non-x86
|
|
- MINOR: threads/build: atomic: replace the few inlines with macros
|
|
- BUILD: threads/plock: fix a build issue on Clang without optimization
|
|
- BUILD: ebtree: don't redefine types u32/s32 in scope-aware trees
|
|
- BUILD: compiler: add a new type modifier __maybe_unused
|
|
- BUILD: h2: mark some inlined functions "unused"
|
|
- BUILD: server: check->desc always exists
|
|
- BUG/MEDIUM: h2: properly report connection errors in headers and data handlers
|
|
- MEDIUM: h2: add a function to emit an HTTP/1 request from a headers list
|
|
- MEDIUM: h2: change hpack_decode_headers() to only provide a list of headers
|
|
- BUG/MEDIUM: h2: always reassemble the Cookie request header field
|
|
- BUG/MINOR: systemd: ignore daemon mode
|
|
- CONTRIB: spoa_example: allow to compile outside HAProxy.
|
|
- CONTRIB: spoa_example: remove bref, wordlist, cond_wordlist
|
|
- CONTRIB: spoa_example: remove last dependencies on type "sample"
|
|
- CONTRIB: spoa_example: remove SPOE enums that are useless for clients
|
|
- CLEANUP: cache: reorder includes
|
|
- MEDIUM: shctx: use unsigned int for len and block_count
|
|
- MEDIUM: cache: "show cache" on the cli
|
|
- BUG/MEDIUM: cache: use key=0 as a condition for freeing
|
|
- BUG/MEDIUM: cache: refcount forbids to free the objects
|
|
- BUG/MEDIUM: cache fix cli_kws structure
|
|
- BUG/MEDIUM: deinit: correctly deinitialize the proxy and global listener tasks
|
|
- BUG/MINOR: ssl: Always start the handshake if we can't send early data.
|
|
- MINOR: ssl: Don't disable early data handling if we could not write.
|
|
- MINOR: pools: prepare functions to override malloc/free in pools
|
|
- MINOR: pools: implement DEBUG_UAF to detect use after free
|
|
- BUG/MEDIUM: threads/time: fix time drift correction
|
|
- BUG/MEDIUM: threads/time: maintain a common time reference between all threads
|
|
- MINOR: sample: Add "thread" sample fetch
|
|
- BUG/MINOR: Use crt_base instead of ca_base when crt is parsed on a server line
|
|
- BUG/MINOR: stream: fix tv_request calculation for applets
|
|
- BUG/MAJOR: h2: always remove a stream from the send list before freeing it
|
|
- BUG/MAJOR: threads/task: dequeue expired tasks under the WQ lock
|
|
- MINOR: ssl: Handle reading early data after writing better.
|
|
- MINOR: mux: Make sure every string is woken up after the handshake.
|
|
- MEDIUM: cache: store sha1 for hashing the cache key
|
|
- MINOR: http: implement the "http-request reject" rule
|
|
- MINOR: h2: send RST_STREAM before GOAWAY on reject
|
|
- MEDIUM: h2: don't gracefully close the connection anymore on Connection: close
|
|
- MINOR: h2: make use of client-fin timeout after GOAWAY
|
|
- MEDIUM: config: ensure that tune.bufsize is at least 16384 when using HTTP/2
|
|
- MINOR: ssl: Handle early data with BoringSSL
|
|
- BUG/MEDIUM: stream: always release the stream-interface on abort
|
|
- BUG/MEDIUM: cache: free ressources in chn_end_analyze
|
|
- MINOR: cache: move the refcount decrease in the applet release
|
|
- BUG/MINOR: listener: Allow multiple "process" options on "bind" lines
|
|
- MINOR: config: Support a range to specify processes in "cpu-map" parameter
|
|
- MINOR: config: Slightly change how parse_process_number works
|
|
- MINOR: config: Export parse_process_number and use it wherever it's applicable
|
|
- MINOR: standard: Add my_ffsl function to get the position of the bit set to one
|
|
- MINOR: config: Add auto-increment feature for cpu-map
|
|
- MINOR: config: Support partial ranges in cpu-map directive
|
|
- MINOR:: config: Remove thread-map directive
|
|
- MINOR: config: Add the threads support in cpu-map directive
|
|
- MINOR: config: Add threads support for "process" option on "bind" lines
|
|
- MEDIUM: listener: Bind listeners on a thread subset if specified
|
|
- CLEANUP: debug: Use DPRINTF instead of fprintf into #ifdef DEBUG_FULL/#endif
|
|
- CLEANUP: log: Rename Alert/Warning in ha_alert/ha_warning
|
|
- MINOR/CLEANUP: proxy: rename "proxy" to "proxies_list"
|
|
- CLEANUP: pools: rename all pool functions and pointers to remove this "2"
|
|
- DOC: update the roadmap file with the latest changes merged in 1.8
|
|
- DOC: fix mangled version in peers protocol documentation
|
|
- DOC: add initial peers protovol v2.0 documentation.
|
|
- DOC: mention William as maintainer of the cache and master-worker
|
|
- DOC: add Christopher and Emeric as maintainers of the threads
|
|
- MINOR: cache: replace a fprint() by an abort()
|
|
- MEDIUM: cache: max-age configuration keyword
|
|
- DOC: explain HTTP2 timeout behavior
|
|
- DOC: cache: configuration and management
|
|
- MAJOR: mworker: exits the master on failure
|
|
- BUG/MINOR: threads: don't drop "extern" on the lock in include files
|
|
- MINOR: task: keep a pointer to the currently running task
|
|
- MINOR: task: align the rq and wq locks
|
|
- MINOR: fd: cache-align fdtab and fdcache locks
|
|
- MINOR: buffers: cache-align buffer_wq_lock
|
|
- CLEANUP: server: reorder some fields in struct server to save 40 bytes
|
|
- CLEANUP: proxy: slightly reorder the struct proxy to reduce holes
|
|
- CLEANUP: checks: remove 16 bytes of holes in struct check
|
|
- CLEANUP: cache: more efficiently pack the struct cache
|
|
- CLEANUP: fd: place the lock at the beginning of struct fdtab
|
|
- CLEANUP: pools: align pools on a cache line
|
|
- DOC: config: add a few bits about how to configure HTTP/2
|
|
- BUG/MAJOR: threads/queue: avoid recursive locking in pendconn_get_next_strm()
|
|
- BUILD: Makefile: reorder object files by size
|
|
|
|
2017/11/19 : 1.8-rc4
|
|
- BUG/MEDIUM: cache: does not cache if no Content-Length
|
|
- BUILD: thread/pipe: fix build without threads
|
|
- BUG/MINOR: spoe: check buffer size before acquiring or releasing it
|
|
- MINOR: debug/flags: Add missing flags
|
|
- MINOR: threads: Use __decl_hathreads to declare locks
|
|
- BUG/MINOR: buffers: Fix b_alloc_margin to be "fonctionnaly" thread-safe
|
|
- BUG/MAJOR: ebtree/scope: fix insertion and removal of duplicates in scope-aware trees
|
|
- BUG/MAJOR: ebtree/scope: fix lookup of next node in scope-aware trees
|
|
- MINOR: ebtree/scope: add a function to find next node from a parent
|
|
- MINOR: ebtree/scope: simplify the lookup functions by using eb32sc_next_with_parent()
|
|
- BUG/MEDIUM: mworker: Fix re-exec when haproxy is started from PATH
|
|
- BUG/MEDIUM: cache: use msg->sov to forward header
|
|
- MINOR: cache: forward data with headers
|
|
- MINOR: cache: disable cache if shctx_row_data_append fail
|
|
- BUG/MINOR: threads: tid_bit must be a unsigned long
|
|
- CLEANUP: tasks: Remove useless double test on rq_next
|
|
- BUG/MEDIUM: standard: itao_str/idx and quote_str/idx must be thread-local
|
|
- MINOR: tools: add a function to dump a scope-aware tree to a file
|
|
- MINOR: tools: improve the DOT dump of the ebtree
|
|
- MINOR: tools: emphasize the node being worked on in the tree dump
|
|
- BUG/MAJOR: ebtree/scope: properly tag upper nodes during insertion
|
|
- DOC: peers: Add a first version of peers protocol v2.1.
|
|
- CONTRIB: Wireshark dissector for HAProxy Peer Protocol.
|
|
- MINOR: mworker: display an accurate error when the reexec fail
|
|
- BUG/MEDIUM: mworker: wait again for signals when execvp fail
|
|
- BUG/MEDIUM: mworker: does not deinit anymore
|
|
- BUG/MEDIUM: mworker: does not close inherited FD
|
|
- MINOR: tests: add a python wrapper to test inherited fd
|
|
- BUG/MINOR: Allocate the log buffers before the proxies startup
|
|
- MINOR: tasks: Use a bitfield to track tasks activity per-thread
|
|
- MAJOR: polling: Use active_tasks_mask instead of tasks_run_queue
|
|
- MINOR: applets: Use a bitfield to track applets activity per-thread
|
|
- MAJOR: polling: Use active_appels_mask instead of applets_active_queue
|
|
- MEDIUM: applets: Don't process more than 200 active applets at once
|
|
- MINOR: stream: Add thread-mask of tasks/FDs/applets in "show sess all" command
|
|
- MINOR: SSL: Store the ASN1 representation of client sessions.
|
|
- MINOR: ssl: Make sure we don't shutw the connection before the handshake.
|
|
- BUG/MEDIUM: deviceatlas: ignore not valuable HTTP request data
|
|
|
|
2017/11/11 : 1.8-rc3
|
|
- BUILD: use MAXPATHLEN instead of NAME_MAX.
|
|
- BUG/MAJOR: threads/checks: add 4 missing spin_unlock() in various functions
|
|
- BUG/MAJOR: threads/server: missing unlock in CLI fqdn parser
|
|
- BUG/MINOR: cli: do not perform an invalid action on "set server check-port"
|
|
- BUG/MAJOR: threads/checks: wrong use of SPIN_LOCK instead of SPIN_UNLOCK
|
|
- CLEANUP: checks: remove return statements in locked functions
|
|
- BUG/MINOR: cli: add severity in "set server addr" parser
|
|
- CLEANUP: server: get rid of return statements in the CLI parser
|
|
- BUG/MAJOR: cli/streams: missing unlock on exit "show sess"
|
|
- BUG/MAJOR: threads/dns: add missing unlock on allocation failure path
|
|
- BUG/MAJOR: threads/lb: fix missing unlock on consistent hash LB
|
|
- BUG/MAJOR: threads/lb: fix missing unlock on map-based hash LB
|
|
- BUG/MEDIUM: threads/stick-tables: close a race condition on stktable_trash_expired()
|
|
- BUG/MAJOR: h2: set the connection's task to NULL when no client timeout is set
|
|
- BUG/MAJOR: thread/listeners: enable_listener must not call unbind_listener()
|
|
- BUG/MEDIUM: threads: don't try to free build option message on exit
|
|
- MINOR: applets: no need to check for runqueue's emptiness in appctx_res_wakeup()
|
|
- MINOR: add master-worker in the warning about nbproc
|
|
- MINOR: mworker: allow pidfile in mworker + foreground
|
|
- MINOR: mworker: write parent pid in the pidfile
|
|
- MINOR: mworker: do not store child pid anymore in the pidfile
|
|
- MINOR: ebtree: implement the scope-aware functions for eb32
|
|
- MEDIUM: ebtree: specify the scope of every node inserted via eb32sc
|
|
- MINOR: ebtree: update the eb32sc parent node's scope on delete
|
|
- MEDIUM: ebtree: only consider the branches matching the scope in lookups
|
|
- MINOR: ebtree: implement eb32sc_lookup_ge_or_first()
|
|
- MAJOR: task: make use of the scope-aware ebtree functions
|
|
- MINOR: task: simplify wake_expired_tasks() to avoid unlocking in the loop
|
|
- MEDIUM: task: change the construction of the loop in process_runnable_tasks()
|
|
- MINOR: threads: use faster locks for the spin locks
|
|
- MINOR: tasks: only visit filled task slots after processing them
|
|
- MEDIUM: tasks: implement a lockless scheduler for single-thread usage
|
|
- BUG/MINOR: dns: Don't try to get the server lock if it's already held.
|
|
- BUG/MINOR: dns: Don't lock the server lock in snr_check_ip_callback().
|
|
- DOC: Add note about encrypted password CPU usage
|
|
- BUG/MINOR: h2: set the "HEADERS_SENT" flag on stream, not connection
|
|
- BUG/MEDIUM: h2: properly send an RST_STREAM on mux stream error
|
|
- BUG/MEDIUM: h2: properly send the GOAWAY frame in the mux
|
|
- BUG/MEDIUM: h2: don't try (and fail) to send non-existing data in the mux
|
|
- MEDIUM: h2: remove the H2_SS_RESET intermediate state
|
|
- BUG/MEDIUM: h2: fix some wrong error codes on connections
|
|
- BUILD: threads: Rename SPIN/RWLOCK macros using HA_ prefix
|
|
- BUILD: enable USE_THREAD for Solaris build.
|
|
- BUG/MEDIUM: h2: don't close the connection is there are data left
|
|
- MINOR: h2: don't re-enable the connection's task when we're closing
|
|
- BUG/MEDIUM: h2: properly set H2_SF_ES_SENT when sending the final frame
|
|
- BUG/MINOR: h2: correctly check for H2_SF_ES_SENT before closing
|
|
- MINOR: h2: add new stream flag H2_SF_OUTGOING_DATA
|
|
- BUG/MINOR: h2: don't send GOAWAY on failed response
|
|
- BUG/MEDIUM: splice/threads: pipe reuse list was not protected.
|
|
- BUG/MINOR: comp: fix compilation warning compiling without compression.
|
|
- BUG/MINOR: stream-int: don't set MSG_MORE on closed request path
|
|
- BUG/MAJOR: threads/tasks: fix the scheduler again
|
|
- BUG/MINOR; ssl: Don't assume we have a ssl_bind_conf because a SNI is matched.
|
|
- MINOR: ssl: Handle session resumption with TLS 1.3
|
|
- MINOR: ssl: Spell 0x10101000L correctly.
|
|
- MINOR: ssl: Handle sending early data to server.
|
|
- BUILD: ssl: fix build of backend without ssl
|
|
- BUILD: shctx: do not depend on openssl anymore
|
|
- BUG/MINOR: h1: the HTTP/1 make status code parser check for digits
|
|
- BUG/MEDIUM: h2: reject non-3-digit status codes
|
|
- BUG/MEDIUM: stream-int: Don't loss write's notifs when a stream is woken up
|
|
- BUG/MINOR: pattern: Rely on the sample type to copy it in pattern_exec_match
|
|
- BUG/MEDIUM: h2: split the function to send RST_STREAM
|
|
- BUG/MEDIUM: h1: ensure the chunk size parser can deal with full buffers
|
|
- MINOR: tools: don't use unlikely() in hex2i()
|
|
- BUG/MEDIUM: h2: support orphaned streams
|
|
- BUG/MEDIUM: threads/cli: fix "show sess" locking on release
|
|
- CLEANUP: mux: remove the unused "release()" function
|
|
- MINOR: cli: make "show fd" report the fd's thread mask
|
|
- BUG/MEDIUM: stream: don't ignore res.analyse_exp anymore
|
|
- CLEANUP: global: introduce variable pid_bit to avoid shifts with relative_pid
|
|
- MEDIUM: http: always reject the "PRI" method
|
|
|
|
2017/11/03 : 1.8-rc2
|
|
- BUG/MINOR: send-proxy-v2: fix dest_len in make_tlv call
|
|
- BUG/MINOR: send-proxy-v2: string size must include ('\0')
|
|
- MINOR: mux: Only define pipe functions on linux.
|
|
- MINOR: cache: Remove useless test for nonzero.
|
|
- MINOR: cache: Don't confuse act_return and act_parse_ret.
|
|
- BUG/MEDIUM: h2: don't try to parse incomplete H1 responses
|
|
- BUG/MEDIUM: checks/mux: always enable send-polling after connecting
|
|
- BUG/MAJOR: fix deadlock on healthchecks.
|
|
- BUG/MINOR: thread: fix a typo in the debug code
|
|
- BUILD: shctx: allow to be built without openssl
|
|
- BUG/MEDIUM: cache: don't try to resolve wrong filters
|
|
- BUG/MAJOR: buffers: fix get_buffer_nc() for data at end of buffer
|
|
- BUG/MINOR: freq: fix infinite loop on freq_ctr_period.
|
|
- BUG/MINOR: stdarg.h inclusion
|
|
- BUG/MINOR: dns: fix missing lock protection on server.
|
|
- BUG/MINOR: lua: fix missing lock protection on server.
|
|
- BUILD: enable USE_THREAD for OpenBSD build.
|
|
- BUG/MAJOR: mux_pt: don't dereference a connstream after ->wake()
|
|
- MINOR: thread: report multi-thread support in haproxy -vv
|
|
|
|
2017/10/31 : 1.8-rc1
|
|
- BUG/MEDIUM: server: Allocate tmptrash before using it.
|
|
- CONTRIB: trace: add the possibility to place trace calls in the code
|
|
- CONTRIB: trace: try to display the function's return value on exit
|
|
- CONTRIB: trace: report the base name only for file names
|
|
- BUILD: ssl: support OPENSSL_NO_ASYNC #define
|
|
- MINOR: ssl: build with recent BoringSSL library
|
|
- BUG/MINOR: ssl: OCSP_single_get0_status can return -1
|
|
- BUG/MINOR: cli: restore "set ssl tls-key" command
|
|
- CLEANUP: cli: remove undocumented "set ssl tls-keys" command
|
|
- IMPORT: sha1: import SHA1 functions
|
|
- MINOR: sample: add the sha1 converter
|
|
- MINOR: sample: add the hex2i converter
|
|
- MINOR: stream-int: stop checking for useless connection flags in chk_snd_conn
|
|
- MINOR: ssl: don't abort after sending 16kB
|
|
- MINOR: connection: move the cleanup of flag CO_FL_WAIT_ROOM
|
|
- MINOR: connection: add flag CO_FL_WILL_UPDATE to indicate when updates are granted
|
|
- MEDIUM: connection: make use of CO_FL_WILL_UPDATE in conn_sock_shutw()
|
|
- MINOR: raw_sock: make use of CO_FL_WILL_UPDATE
|
|
- MINOR: ssl_sock: make use of CO_FL_WILL_UPDATE
|
|
- BUG/MINOR: checks: Don't forget to release the connection on error case.
|
|
- MINOR: buffer: add the buffer input manipulation functions
|
|
- BUG/MEDIUM: prevent buffers being overwritten during build_logline() execution
|
|
- MEDIUM: cfgparse: post section callback
|
|
- MEDIUM: cfgparse: post parsing registration
|
|
- MINOR: lua: add uuid to the Class Proxy
|
|
- MINOR: hlua: Add regex class
|
|
- MINOR: http: Mark the 425 code as "Too Early".
|
|
- MEDIUM: ssl: convert CBS (BoringSSL api) usage to neutral code
|
|
- MINOR: ssl: support Openssl 1.1.1 early callback for switchctx
|
|
- MINOR: ssl: generated certificate is missing in switchctx early callback
|
|
- MEDIUM: ssl: Handle early data with OpenSSL 1.1.1
|
|
- BUILD: Makefile: disable -Wunused-label
|
|
- MINOR: ssl/proto_http: Add keywords to take care of early data.
|
|
- BUG/MINOR: lua: const attribute of a string is overridden
|
|
- MINOR: ssl: Don't abuse ssl_options.
|
|
- MINOR: update proxy-protocol-v2 #define
|
|
- MINOR: merge ssl_sock_get calls for log and ppv2
|
|
- MINOR: add ALPN information to send-proxy-v2
|
|
- MEDIUM: h1: ensure that 1xx, 204 and 304 don't have a payload body
|
|
- CLEANUP: shctx: get ride of the shsess_packet{_hdr} structures
|
|
- MEDIUM: lists: list_for_each_entry{_safe}_from functions
|
|
- REORG: shctx: move lock functions and struct
|
|
- MEDIUM: shctx: allow the use of multiple shctx
|
|
- REORG: shctx: move ssl functions to ssl_sock.c
|
|
- MEDIUM: shctx: separate ssl and shctx
|
|
- MINOR: shctx: rename lock functions
|
|
- MINOR: h1: store the status code in the H1 message
|
|
- BUG/MINOR: spoe: Don't compare engine name and SPOE scope when both are NULL
|
|
- BUG/MINOR: spoa: Update pointer on the end of the frame when a reply is encoded
|
|
- MINOR: action: Add trk_idx inline function
|
|
- MINOR: action: Use trk_idx instead of tcp/http_trk_idx
|
|
- MINOR: action: Add a function pointer in act_rule struct to check its validity
|
|
- MINOR: action: Add function to check rules using an action ACT_ACTION_TRK_*
|
|
- MINOR: action: Add a functions to check http capture rules
|
|
- MINOR: action: Factorize checks on rules calling check_ptr if defined
|
|
- MINOR: acl: Pass the ACLs as an explicit parameter of build_acl_cond
|
|
- MEDIUM: spoe: Add support of ACLS to enable or disable sending of SPOE messages
|
|
- MINOR: spoe: Check uniqness of SPOE engine names during config parsing
|
|
- MEDIUM: spoe: Parse new "spoe-group" section in SPOE config file
|
|
- MEDIUM: spoe/rules: Add "send-spoe-group" action for tcp/http rules
|
|
- MINOR: spoe: Move message encoding in its own function
|
|
- MINOR: spoe: Add a type to qualify the message list during encoding
|
|
- MINOR: spoe: Add a generic function to encode a list of SPOE message
|
|
- MEDIUM: spoe/rules: Process "send-spoe-group" action
|
|
- BUG/MINOR: dns: Fix CLI keyword declaration
|
|
- MAJOR: dns: Refactor the DNS code
|
|
- BUG/MINOR: mailers: Fix a memory leak when email alerts are released
|
|
- MEDIUM: mailers: Init alerts during conf parsing and refactor their processing
|
|
- MINOR: mailers: Use pools to allocate email alerts and its tcpcheck_rules
|
|
- MINOR: standard: Add memvprintf function
|
|
- MINOR: log: Save alerts and warnings emitted during HAProxy startup
|
|
- MINOR: cli: Add "show startup-logs" command
|
|
- MINOR: startup: Extend the scope the MODE_STARTING flag
|
|
- MINOR: threads: Prepare makefile to link with pthread
|
|
- MINOR: threads: Add THREAD_LOCAL macro
|
|
- MINOR: threads: Add atomic-ops and plock includes in import dir
|
|
- MEDIUM: threads: Add hathreads header file
|
|
- MINOR: threads: Add mechanism to register per-thread init/deinit functions
|
|
- MINOR: threads: Add nbthread parameter
|
|
- MEDIUM: threads: Adds a set of functions to handle sync-point
|
|
- MAJOR: threads: Start threads to experiment multithreading
|
|
- MINOR: threads: Define the sync-point inside run_poll_loop
|
|
- MEDIUM: threads/buffers: Define and register per-thread init/deinit functions
|
|
- MEDIUM: threads/chunks: Transform trash chunks in thread-local variables
|
|
- MEDIUM: threads/time: Many global variables from time.h are now thread-local
|
|
- MEDIUM: threads/logs: Make logs thread-safe
|
|
- MEDIUM: threads/pool: Make pool thread-safe by locking all access to a pool
|
|
- MAJOR: threads/fd: Make fd stuffs thread-safe
|
|
- MINOR: threads/fd: Add a mask of threads allowed to process on each fd in fdtab array
|
|
- MEDIUM: threads/fd: Initialize the process mask during the call to fd_insert
|
|
- MINOR: threads/fd: Process cached events of FDs depending on the process mask
|
|
- MINOR: threads/polling: pollers now handle FDs depending on the process mask
|
|
- WIP: SQUASH WITH SYNC POINT
|
|
- MAJOR: threads/task: handle multithread on task scheduler
|
|
- MEDIUM: threads/signal: Add a lock to make signals thread-safe
|
|
- MEDIUM: threads/listeners: Make listeners thread-safe
|
|
- MEDIUM: threads/proxy: Add a lock per proxy and atomically update proxy vars
|
|
- MEDIUM: threads/server: Make connection list (priv/idle/safe) thread-safe
|
|
- MEDIUM: threads/server: Add a lock per server and atomically update server vars
|
|
- MINOR: threads/server: Add a lock to deal with insert in updates_servers list
|
|
- MEDIUM: threads/lb: Make LB algorithms (lb_*.c) thread-safe
|
|
- MEDIUM: threads/stick-tables: handle multithreads on stick tables
|
|
- MINOR: threads/sample: Change temp_smp into a thread local variable
|
|
- MEDIUM: threads/http: Make http_capture_bad_message thread-safe
|
|
- MINOR: threads/regex: Change Regex trash buffer into a thread local variable
|
|
- MAJOR: threads/applet: Handle multithreading for applets
|
|
- MAJOR: threads/peers: Make peers thread safe
|
|
- MAJOR: threads/buffer: Make buffer wait queue thread safe
|
|
- MEDIUM: threads/stream: Make streams list thread safe
|
|
- MAJOR: threads/ssl: Make SSL part thread-safe
|
|
- MEDIUM: threads/queue: Make queues thread-safe
|
|
- MAJOR: threads/map: Make acls/maps thread safe
|
|
- MEDIUM: threads/freq_ctr: Make the frequency counters thread-safe
|
|
- MEDIUM: thread/vars: Make vars thread-safe
|
|
- MEDIUM: threads/filters: Add init/deinit callback per thread
|
|
- MINOR: threads/filters: Update trace filter to add _per_thread callbacks
|
|
- MEDIUM: threads/compression: Make HTTP compression thread-safe
|
|
- MEDIUM: threads/lua: Makes the jmpbuf and some other buffers local to the current thread.
|
|
- MEDIUM: threads/lua: Add locks around the Lua execution parts.
|
|
- MEDIUM: threads/lua: Ensure that the launched tasks runs on the same threads than me
|
|
- MEDIUM: threads/lua: Cannot acces to the socket if we try to access from another thread.
|
|
- MEDIUM: threads/xref: Convert xref function to a thread safe model
|
|
- MEDIUM: threads/tasks: Add lock around notifications
|
|
- MEDIUM: thread/spoe: Make the SPOE thread-safe
|
|
- MEDIUM: thread/dns: Make DNS thread-safe
|
|
- MINOR: threads: Add thread-map config parameter in the global section
|
|
- MINOR: threads/checks: Add a lock to protect the pid list used by external checks
|
|
- MINOR: threads/checks: Set the task process_mask when a check is executed
|
|
- MINOR: threads/mailers: Add a lock to protect queues of email alerts
|
|
- MEDIUM: threads/server: Use the server lock to protect health check and cli concurrency
|
|
- MINOR: threads: Don't start when device a detection module is used
|
|
- BUG/MEDIUM: threads: Run the poll loop on the main thread too
|
|
- BUG/MINOR: threads: Add missing THREAD_LOCAL on static here and there
|
|
- MAJOR: threads: Offically enable the threads support in HAProxy
|
|
- BUG/MAJOR: threads/freq_ctr: fix lock on freq counters.
|
|
- BUG/MAJOR: threads/time: Store the time deviation in an 64-bits integer
|
|
- BUILD: stick-tables: silence an uninitialized variable warning
|
|
- BUG/MINOR: dns: Fix SRV records with the new thread code.
|
|
- MINOR: ssl: Remove the global allow-0rtt option.
|
|
- CLEANUP: threads: replace the last few 1UL<<tid with tid_bit
|
|
- CLEANUP: threads: rename process_mask to thread_mask
|
|
- MINOR: h1: add a function to measure the trailers length
|
|
- MINOR: threads: add a portable barrier for threads and non-threads
|
|
- BUG/MAJOR: threads/freq_ctr: use a memory barrier to detect changes
|
|
- BUG/MEDIUM: threads: Initialize the sync-point
|
|
- MEDIUM: connection: start to introduce a mux layer between xprt and data
|
|
- MINOR: connection: implement alpn registration of muxes
|
|
- MINOR: mux: register the pass-through mux for any ALPN string
|
|
- MEDIUM: session: use the ALPN token and proxy mode to select the mux
|
|
- MINOR: connection: report the major HTTP version from the MUX for logging (fc_http_major)
|
|
- MINOR: connection: introduce conn_stream
|
|
- MINOR: mux: add more methods to mux_ops
|
|
- MINOR: connection: introduce the conn_stream manipulation functions
|
|
- MINOR: mux_pt: implement remaining mux_ops methods
|
|
- MAJOR: connection : Split struct connection into struct connection and struct conn_stream.
|
|
- MINOR: connection: make conn_stream users also check for per-stream error flag
|
|
- MINOR: conn_stream: new shutr/w status flags
|
|
- MINOR: conn_stream: modify cs_shut{r,w} API to pass the desired mode
|
|
- MEDIUM: connection: make conn_sock_shutw() aware of lingering
|
|
- MINOR: connection: add cs_close() to close a conn_stream
|
|
- MEDIUM: mux_pt: make cs_shutr() / cs_shutw() properly close the connection
|
|
- MEDIUM: connection: replace conn_full_close() with cs_close()
|
|
- MEDIUM: connection: make mux->detach() release the connection
|
|
- MEDIUM: stream: do not forcefully close the client connection anymore
|
|
- MEDIUM: checks: exclusively use cs_destroy() to release a connection
|
|
- MEDIUM: connection: add a destroy callback
|
|
- MINOR: session: release the listener with the session, not the stream
|
|
- MEDIUM: session: make use of the connection's destroy callback
|
|
- CONTRIB: hpack: implement a reverse huffman table generator for hpack
|
|
- MINOR: hpack: implement the HPACK Huffman table decoder
|
|
- MINOR: hpack: implement the header tables management
|
|
- MINOR: hpack: implement the decoder
|
|
- MEDIUM: hpack: implement basic hpack encoding
|
|
- MINOR: h2: centralize all HTTP/2 protocol elements and constants
|
|
- MINOR: h2: create a very minimalistic h2 mux
|
|
- MINOR: h2: expose tune.h2.header-table-size to configure the table size
|
|
- MINOR: h2: expose tune.h2.initial-window-size to configure the window size
|
|
- MINOR: h2: expose tune.h2.max-concurrent-streams to limit the number of streams
|
|
- MINOR: h2: create the h2c struct and allocate its pool
|
|
- MINOR: h2: create the h2s struct and the associated pool
|
|
- MINOR: h2: handle two extra stream states for errors
|
|
- MINOR: h2: add a frame header descriptor for incoming frames
|
|
- MEDIUM: h2: allocate and release the h2c context on connection init/end
|
|
- MEDIUM: h2: implement basic recv/send/wake functions
|
|
- MEDIUM: h2: dynamically allocate the demux buffer on Rx
|
|
- MEDIUM: h2: implement the mux buffer allocator
|
|
- MINOR: h2: add the connection and stream flags listing the causes for blocking
|
|
- MINOR: h2: add function h2s_id() to report a stream's ID
|
|
- MINOR: h2: small function to know when the mux is busy
|
|
- MINOR: h2: new function h2c_error to mark an error on the connection
|
|
- MINOR: h2: new function h2s_error() to mark an error on a stream
|
|
- MINOR: h2: add h2_set_frame_size() to update the size in a binary frame
|
|
- MINOR: h2: new function h2_peek_frame_hdr() to retrieve a new frame header
|
|
- MINOR: h2: add a few functions to retrieve contents from a wrapping buffer
|
|
- MINOR: h2: add stream lookup function based on the stream ID
|
|
- MINOR: h2: create dummy idle and closed streams
|
|
- MINOR: h2: add the function to create a new stream
|
|
- MINOR: h2: update the {MUX,DEM}_{M,D}ALLOC flags on buffer availability
|
|
- MEDIUM: h2: start to consider the H2_CF_{MUX,DEM}_* flags for polling
|
|
- MINOR: h2: also terminate the connection on shutr
|
|
- MEDIUM: h2: properly consider all conditions for end of connection
|
|
- MEDIUM: h2: wake the connection up for send on pending streams
|
|
- MEDIUM: h2: start to implement the frames processing loop
|
|
- MINOR: h2: add a function to send a GOAWAY error frame
|
|
- MINOR: h2: match the H2 connection preface on init
|
|
- MEDIUM: h2: enable connection polling for send when a cs wants to emit
|
|
- MEDIUM: h2: enable reading again on the connection if it was blocked on stream buffer full
|
|
- MEDIUM: h2: process streams pending for sending
|
|
- MINOR: h2: send a real SETTINGS frame based on the configuration
|
|
- MEDIUM: h2: detect the presence of the first settings frame
|
|
- MINOR: h2: create a stream parser for the demuxer
|
|
- MINOR: h2: implement PING frames
|
|
- MEDIUM: h2: decode SETTINGS frames and extract relevant settings
|
|
- MINOR: h2: lookup the stream during demuxing
|
|
- MEDIUM: h2: honor WINDOW_UPDATE frames
|
|
- MINOR: h2: implement h2_send_rst_stream() to send RST_STREAM frames
|
|
- MINOR: h2: handle CONTINUATION frames
|
|
- MEDIUM: h2: partial implementation of h2_detach()
|
|
- MEDIUM: h2: unblock a connection when its current stream detaches
|
|
- MEDIUM: h2: basic processing of HEADERS frame
|
|
- MEDIUM: h2: don't use trash to decode headers!
|
|
- MEDIUM: h2: implement the response HEADERS frame to encode the H1 response
|
|
- MEDIUM: h2: send the H1 response body as DATA frames
|
|
- MEDIUM: h2: skip the response trailers if any
|
|
- MEDIUM: h2: properly continue to parse header block when facing a 1xx response
|
|
- MEDIUM: h2: send WINDOW_UPDATE frames for connection
|
|
- MEDIUM: h2: handle request body in DATA frames
|
|
- MINOR: h2: handle RST_STREAM frames
|
|
- MEDIUM: h2: send DATA+ES or RST_STREAM on shutw/shutr
|
|
- MINOR: h2: use a common function to signal some and all streams.
|
|
- MEDIUM: h2: handle GOAWAY frames
|
|
- MINOR: h2: centralize the check for the idle streams
|
|
- MINOR: h2: centralize the check for the half-closed(remote) streams
|
|
- MEDIUM: h2: silently ignore frames higher than last_id after GOAWAY
|
|
- MINOR: h2: properly reject PUSH_PROMISE frames coming from the client
|
|
- MEDIUM: h2: perform a graceful shutdown on "Connection: close"
|
|
- MEDIUM: h2: send a GOAWAY frame when dealing with an empty response
|
|
- MEDIUM: h2: apply a timeout to h2 connections
|
|
- BUG/MEDIUM: h2: fix incorrect timeout handling on the connection
|
|
- MEDIUM: shctx: forbid shctx to read more than expected
|
|
- MEDIUM: cache: configuration parsing and initialization
|
|
- MEDIUM: cache: store objects in cache
|
|
- MEDIUM: cache: deliver objects from cache
|
|
|
|
2017/10/22 : 1.8-dev3
|
|
- REORG: ssl: move defines and methodVersions table upper
|
|
- MEDIUM: ssl: ctx_set_version/ssl_set_version func for methodVersions table
|
|
- MINOR: ssl: support ssl-min-ver and ssl-max-ver with crt-list
|
|
- MEDIUM: ssl: disable SSLv3 per default for bind
|
|
- BUG/MAJOR: ssl: fix segfault on connection close using async engines.
|
|
- BUG/MAJOR: ssl: buffer overflow using offloaded ciphering on async engine
|
|
- BUG/MINOR: ssl: do not call directly the conn_fd_handler from async_fd_handler
|
|
- BUG/MINOR: haproxy/cli : fix for solaris/illumos distros for CMSG* macros
|
|
- BUG/MEDIUM: build without openssl broken
|
|
- BUG/MINOR: warning: need_resend may be used uninitialized
|
|
- BUG/MEDIUM: misplaced exit and wrong exit code
|
|
- BUG/MINOR: Makefile: fix compile error with USE_LUA=1 in ubuntu16.04
|
|
- BUILD: scripts: make publish-release support bare repositories
|
|
- BUILD: scripts: add an automatic mode for publish-release
|
|
- BUILD: scripts: add a "quiet" mode to publish-release
|
|
- BUG/MAJOR: http: call manage_client_side_cookies() before erasing the buffer
|
|
- BUG/MINOR: buffers: Fix bi/bo_contig_space to handle full buffers
|
|
- CONTRIB: plug qdiscs: Plug queuing disciplines mini HOWTO.
|
|
- BUG/MINOR: acls: Set the right refflag when patterns are loaded from a map
|
|
- BUG/MINOR: ssl: Be sure that SSLv3 connection methods exist for openssl < 1.1.0
|
|
- BUG/MINOR: http/filters: Be sure to wait if a filter loops in HTTP_MSG_ENDING
|
|
- BUG/MEDIUM: peers: Peers CLOSE_WAIT issue.
|
|
- BUG/MAJOR: server: Segfault after parsing server state file.
|
|
- BUG/MEDIUM: unix: never unlink a unix socket from the file system
|
|
- scripts: create-release pass -n to tail
|
|
- SCRIPTS: create-release: enforce GIT_COMMITTER_{NAME|EMAIL} validity
|
|
- BUG/MEDIUM: fix segfault when no argument to -x option
|
|
- MINOR: warning on multiple -x
|
|
- MINOR: mworker: don't copy -x argument anymore in copy_argv()
|
|
- BUG/MEDIUM: mworker: don't reuse PIDs passed to the master
|
|
- BUG/MINOR: Wrong peer task expiration handling during synchronization processing.
|
|
- BUG/MINOR: cfgparse: Check if tune.http.maxhdr is in the range 1..32767
|
|
- BUG/MINOR: log: pin the front connection when front ip/ports are logged
|
|
- DOC: fix references to the section about the unix socket
|
|
- BUG/MINOR: stream: flag TASK_WOKEN_RES not set if task in runqueue
|
|
- MAJOR: task: task scheduler rework.
|
|
- MINOR: task/stream: tasks related to a stream must be init by the caller.
|
|
- MINOR: queue: Change pendconn_get_next_strm into private function
|
|
- MINOR: backends: Change get_server_sh/get_server_uh into private function
|
|
- MINOR: queue: Change pendconn_from_srv/pendconn_from_px into private functions
|
|
- MEDIUM: stream: make stream_new() always set the target and analysers
|
|
- MINOR: frontend: initialize HTTP layer after the debugging code
|
|
- MINOR: connection: add a .get_alpn() method to xprt_ops
|
|
- MINOR: ssl: add a get_alpn() method to ssl_sock
|
|
- MINOR: frontend: retrieve the ALPN name when available
|
|
- MINOR: frontend: report the connection's ALPN in the debug output
|
|
- MINOR: stream: don't set backend's nor response analysers on SF_TUNNEL
|
|
- MINOR: connection: send data before receiving
|
|
- MAJOR: applet: applet scheduler rework.
|
|
- BUG/MAJOR: frontend: don't dereference a null conn on outgoing connections
|
|
- BUG/MAJOR: cli: fix custom io_release was crushed by NULL.
|
|
- BUG/MAJOR: map: fix segfault during 'show map/acl' on cli.
|
|
- BUG/MAJOR: compression: Be sure to release the compression state in all cases
|
|
- MINOR: compression: Use a memory pool to allocate compression states
|
|
- BUG/MAJOR: applet: fix a freeze if data is immedately forwarded.
|
|
- DOC: fix references to the section about time format.
|
|
- BUG/MEDIUM: map/acl: fix unwanted flags inheritance.
|
|
- BUG/MAJOR: http: fix buffer overflow on loguri buffer.
|
|
- MINOR: ssl: compare server certificate names to the SNI on outgoing connections
|
|
- BUG/MINOR: stream: Don't forget to remove CF_WAKE_ONCE flag on response channel
|
|
- BUG/MINOR: http: Don't reset the transaction if there are still data to send
|
|
- BUG/MEDIUM: filters: Be sure to call flt_end_analyze for both channels
|
|
- MINOR: peers: Add additional information to stick-table definition messages.
|
|
- BUG/MINOR: http: properly handle all 1xx informational responses
|
|
- OPTIM: ssl: don't consider a small ssl_read() as an indication of end of buffer
|
|
- BUG/MINOR: peers: peer synchronization issue (with several peers sections).
|
|
- CLEANUP: hdr_idx: make some function arguments const where possible
|
|
- BUG/MINOR: Prevent a use-after-free on error scenario on option "-x".
|
|
- BUG/MINOR: lua: In error case, the safe mode is not removed
|
|
- BUG/MINOR: lua: executes the function destroying the Lua session in safe mode
|
|
- BUG/MAJOR: lua/socket: resources not detroyed when the socket is aborted
|
|
- BUG/MEDIUM: lua: bad memory access
|
|
- BUG/MINOR: Lua: variable already initialized
|
|
- DOC: update CONTRIBUTING regarding optional parts and message format
|
|
- DOC: update the list of OpenSSL versions in the README
|
|
- BUG/MINOR: http: Set the response error state in http_sync_res_state
|
|
- MINOR: http: Reorder/rewrite checks in http_resync_states
|
|
- MINOR: http: Switch requests/responses in TUNNEL mode only by checking txn flags
|
|
- BUG/MEDIUM: http: Switch HTTP responses in TUNNEL mode when body length is undefined
|
|
- MINOR: http: Rely on analyzers mask to end processing in forward_body functions
|
|
- BUG/MINOR: http: Fix bug introduced in previous patch in http_resync_states
|
|
- BUG/MINOR: contrib/modsecurity: BSD build fix
|
|
- BUG/MINOR: contrib/mod_defender: build fix
|
|
- BUG/MINOR: ssl: remove haproxy SSLv3 support when ssl lib have no SSLv3
|
|
- MINOR: ssl: remove an unecessary SSL_OP_NO_* dependancy
|
|
- BUILD: ssl: fix compatibility with openssl without TLSEXT_signature_*
|
|
- MINOR: tools: add a portable timegm() alternative
|
|
- BUILD: lua: replace timegm() with my_timegm() to fix build on Solaris 10
|
|
- DOC: Updated 51Degrees git URL to point to a stable version.
|
|
- BUG/MAJOR: http: Fix possible infinity loop in http_sync_(req|res)_state
|
|
- MINOR: memory: remove macros
|
|
- BUG/MINOR: lua: Fix Server.get_addr() port values
|
|
- BUG/MINOR: lua: Correctly use INET6_ADDRSTRLEN in Server.get_addr()
|
|
- MINOR: samples: Handle the type SMP_T_METH when we duplicate a sample in smp_dup
|
|
- MINOR: samples: Handle the type SMP_T_METH in smp_is_safe and smp_is_rw
|
|
- MINOR: samples: Don't allocate memory for SMP_T_METH sample when method is known
|
|
- BUG/MINOR: lua: always detach the tcp/http tasks before freeing them
|
|
- MINOR: task: always preinitialize the task's timeout in task_init()
|
|
- CLEANUP: task: remove all initializations to TICK_ETERNITY after task_new()
|
|
- BUG/MAJOR: lua: properly dequeue hlua_applet_wakeup() for new scheduler
|
|
- MINOR: lua: Add proxy as member of proxy object.
|
|
- DOC: lua: Proxy class doc update
|
|
- MINOR: lua: Add lists of frontends and backends
|
|
- BUG/MINOR: ssl: Fix check against SNI during server certificate verification
|
|
- BUG/MINOR: ssl: make use of the name in SNI before verifyhost
|
|
- MINOR: ssl: add a new error codes for wrong server certificates
|
|
- BUG/MEDIUM: stream: don't retry SSL connections which fail the SNI name check
|
|
- MINOR: ssl: add "no-ca-names" parameter for bind
|
|
- BUG/MINOR: lua: Fix bitwise logic for hlua_server_check_* functions.
|
|
- DOC: fix alphabetical order of "show commands" in management.txt
|
|
- MINOR: listener: add a function to return a listener's state as a string
|
|
- MINOR: cli: add a new "show fd" command
|
|
- BUG/MEDIUM: ssl: Fix regression about certificates generation
|
|
- MINOR: Add server port field to server state file.
|
|
- MINOR: ssl: allow to start without certificate if strict-sni is set
|
|
- MINOR: dns: Cache previous DNS answers.
|
|
- MINOR: obj: Add a new type of object, OBJ_TYPE_SRVRQ.
|
|
- Add a few functions to do unaligned access.
|
|
- MINOR: dns: Handle SRV records.
|
|
- MINOR: check: Fix checks when using SRV records.
|
|
- MINOR: doc: Document SRV label usage.
|
|
- BUILD/MINOR: cli: shut a minor gcc warning in "show fd"
|
|
- BUILD: ssl: replace SSL_CTX_get0_privatekey for openssl < 1.0.2
|
|
- BUILD/MINOR: build without openssl still broken
|
|
- BUG/MAJOR: stream: in stream_free(), close the front endpoint and not the origin
|
|
- CLEANUP: raw_sock: Use a better name for the constructor than __ssl_sock_deinit()
|
|
- MINOR: init: Fix CPU affinity setting on FreeBSD.
|
|
- MINOR: dns: Update analysis of TRUNCATED response for SRV records
|
|
- MINOR: dns: update record dname matching for SRV query types
|
|
- MINOR: dns: update dns response buffer reading pointer due to SRV record
|
|
- MINOR: dns: duplicate entries in resolution wait queue for SRV records
|
|
- MINOR: dns: make debugging function dump_dns_config() compatible with SRV records
|
|
- MINOR: dns: ability to use a SRV resolution for multiple backends
|
|
- MINOR: dns: enable caching of responses for server set by a SRV record
|
|
- MINOR: dns: new dns record type (RTYPE) for OPT
|
|
- MINOR: dns: enabled edns0 extension and make accpeted payload size tunable
|
|
- MINOR: dns: default "hold obsolete" timeout set to 0
|
|
- MINOR: chunks: add chunk_memcpy() and chunk_memcat()
|
|
- MINOR: session: add a streams field to the session struct
|
|
- MINOR: stream: link the stream to its session
|
|
- MEDIUM: session: do not free a session until no stream references it
|
|
- MINOR: ist: implement very simple indirect strings
|
|
- TESTS: ist: add a test file for the functions
|
|
- MINOR: http: export some of the HTTP parser macros
|
|
- BUG/MINOR: Wrong type used as argument for spoe_decode_buffer().
|
|
- BUG/MINOR: dns: server set by SRV records stay in "no resolution" status
|
|
- MINOR: dns: Maximum DNS udp payload set to 8192
|
|
- MINOR: dns: automatic reduction of DNS accpeted payload size
|
|
- MINOR: dns: make SRV record processing more verbose
|
|
- CLEANUP: dns: remove duplicated code in dns_resolve_recv()
|
|
- CLEANUP: dns: remove duplicated code in dns_validate_dns_response()
|
|
- BUG/MINOR: dns: wrong resolution interval lead to 100% CPU
|
|
- BUG/MEDIUM: dns: fix accepted_payload_size parser to avoid integer overflow
|
|
- BUG/MAJOR: lua: fix the impact of the scheduler changes again
|
|
- BUG/MEDIUM: lua: HTTP services must take care of body-less status codes
|
|
- MINOR: lua: properly process the contents of the content-length field
|
|
- BUG/MEDIUM: stream: properly set the required HTTP analysers on use-service
|
|
- OPTIM: lua: don't use expensive functions to parse headers in the HTTP applet
|
|
- OPTIM: lua: don't add "Connection: close" on the response
|
|
- REORG/MEDIUM: connection: introduce the notion of connection handle
|
|
- BUG/MINOR: stream-int: don't check the CO_FL_CURR_WR_ENA flag
|
|
- MEDIUM: connection: get rid of data->init() which was not for data
|
|
- MEDIUM: stream: make stream_new() allocate its own task
|
|
- CLEANUP: listener: remove the unused handler field
|
|
- MEDIUM: session: add a pointer to a struct task in the session
|
|
- MINOR: stream: provide a new stream creation function for connections
|
|
- MEDIUM: connection: remove useless flag CO_FL_DATA_RD_SH
|
|
- CLEANUP: connection: remove the unused conn_sock_shutw_pending()
|
|
- MEDIUM: connection: remove useless flag CO_FL_DATA_WR_SH
|
|
- DOC: add CLI info on privilege levels
|
|
- DOC: Refer to Mozilla TLS info / config generator
|
|
- MINOR: ssl: remove duplicate ssl_methods in struct bind_conf
|
|
- BUG/MEDIUM: http: Fix a regression bug when a HTTP response is in TUNNEL mode
|
|
- DOC: Add note about "* " prefix in CSV stats
|
|
- CLEANUP: memory: Remove unused function pool_destroy
|
|
- MINOR: listeners: Change listener_full and limit_listener into private functions
|
|
- MINOR: listeners: Change enable_listener and disable_listener into private functions
|
|
- MINOR: fd: Don't forget to reset fdtab[fd].update when a fd is added/removed
|
|
- MINOR: fd: Set owner and iocb field before inserting a new fd in the fdtab
|
|
- MINOR: backends: Make get_server_* functions explicitly static
|
|
- MINOR: applet: Check applets_active_queue before processing applets queue
|
|
- MINOR: chunks: Use dedicated function to init/deinit trash buffers
|
|
- MEDIUM: chunks: Realloc trash buffers only after the config is parsed and checked
|
|
- MINOR: logs: Use dedicated function to init/deinit log buffers
|
|
- MINOR: logs: Realloc log buffers only after the config is parsed and checked
|
|
- MINOR: buffers: Move swap_buffer into buffer.c and add deinit_buffer function
|
|
- MINOR: stick-tables: Make static_table_key a struct variable instead of a pointer
|
|
- MINOR: http: Use a trash chunk to store decoded string of the HTTP auth header
|
|
- MINOR: fd: Add fd_active function
|
|
- MINOR: fd: Use inlined functions to check fd state in fd_*_send/recv functions
|
|
- MINOR: fd: Move (de)allocation of fdtab and fdinfo in (de)init_pollers
|
|
- MINOR: freq_ctr: Return the new value after an update
|
|
- MEDIUM: check: server states and weight propagation re-work
|
|
- BUG/MEDIUM: epoll: ensure we always consider HUP and ERR
|
|
- MINOR: fd: Add fd_update_events function
|
|
- MINOR: polling: Use fd_update_events to update events seen for a fd
|
|
- BUG/MINOR: server: Remove FQDN requirement for using init-addr and state file
|
|
- Revert "BUG/MINOR: server: Remove FQDN requirement for using init-addr and state file"
|
|
- MINOR: ssl: rework smp_fetch_ssl_fc_cl_str without internal ssl use
|
|
- BUG/MEDIUM: http: Close streams for connections closed before a redirect
|
|
- BUG/MINOR: Lua: The socket may be destroyed when we try to access.
|
|
- MINOR: xref: Add a new xref system
|
|
- MEDIUM: xref/lua: Use xref for referencing cosocket relation between stream and lua
|
|
- MINOR: tasks: Move Lua notification from Lua to tasks
|
|
- MINOR: net_helper: Inline functions meant to be inlined.
|
|
- MINOR: cli: add socket commands and config to prepend informational messages with severity
|
|
- MINOR: add severity information to cli feedback messages
|
|
- BUILD: Makefile: add a function to detect support by the compiler of certain options
|
|
- BUILD: Makefile: shut certain gcc/clang stupid warnings
|
|
- BUILD: Makefile: improve detection of support for compiler warnings
|
|
- MINOR: peers: don't reference the incoming listener on outgoing connections
|
|
- MINOR: frontend: don't retrieve ALPN on the critical path
|
|
- MINOR: protocols: always pass a "port" argument to the listener creation
|
|
- MINOR: protocols: register the ->add function and stop calling them directly
|
|
- MINOR: unix: remove the now unused proto_uxst.h file
|
|
- MINOR: listeners: new function create_listeners
|
|
- MINOR: listeners: make listeners count consistent with reality
|
|
- MEDIUM: session: take care of incrementing/decrementing jobs
|
|
- MINOR: listener: new function listener_release
|
|
- MINOR: session: small cleanup of conn_complete_session()
|
|
- MEDIUM: session: factor out duplicated code for conn_complete_session
|
|
- MEDIUM: session: count the frontend's connections at a single place
|
|
- BUG/MEDIUM: compression: Fix check on txn in smp_fetch_res_comp_algo
|
|
- BUG/MINOR: compression: Check response headers before http-response rules eval
|
|
- BUG/MINOR: spoe: Don't rely on SPOE ctx in debug message when its creation failed
|
|
- BUG/MINOR: dns: Fix check on nameserver in snr_resolution_cb
|
|
- MINOR: ssl: Remove useless checks on bind_conf or bind_conf->is_ssl
|
|
- BUG/MINOR: contrib/mod_defender: close the va_list argp before return
|
|
- BUG/MINOR: contrib/modsecurity: close the va_list ap before return
|
|
- MINOR: tools: make my_htonll() more efficient on x86_64
|
|
- MINOR: buffer: add b_del() to delete a number of characters
|
|
- MINOR: buffer: add b_end() and b_to_end()
|
|
- MINOR: net_helper: add functions to read from vectors
|
|
- MINOR: net_helper: add write functions
|
|
- MINOR: net_helper: add 64-bit read/write functions
|
|
- MINOR: connection: adjust CO_FL_NOTIFY_DATA after removal of flags
|
|
- MINOR: ist: add a macro to ease const array initialization
|
|
- BUG/MEDIUM: server: unwanted behavior leaving maintenance mode on tracked stopping server
|
|
- BUG/MEDIUM: server: unwanted behavior leaving maintenance mode on tracked stopping server (take2)
|
|
- BUG/MINOR: log: fixing small memory leak in error code path.
|
|
- BUG/MINOR: contrib/halog: fixing small memory leak
|
|
- BUG/MEDIUM: tcp/http: set-dst-port action broken
|
|
- CLEANUUP: checks: don't set conn->handle.fd to -1
|
|
- BUG/MEDIUM: tcp-check: properly indicate polling state before performing I/O
|
|
- BUG/MINOR: tcp-check: don't quit with pending data in the send buffer
|
|
- BUG/MEDIUM: tcp-check: don't call tcpcheck_main() from the I/O handlers!
|
|
- BUG/MINOR: unix: properly check for octal digits in the "mode" argument
|
|
- MINOR: checks: make chk_report_conn_err() take a check, not a connection
|
|
- CLEANUP: checks: remove misleading comments and statuses for external process
|
|
- CLEANUP: checks: don't report report the fork() error twice
|
|
- CLEANUP: checks: do not allocate a connection for process checks
|
|
- TESTS: checks: add a simple test config for external checks
|
|
- BUG/MINOR: tcp-check: don't initialize then break a connection starting with a comment
|
|
- TESTS: checks: add a simple test config for tcp-checks
|
|
- MINOR: tcp-check: make tcpcheck_main() take a check, not a connection
|
|
- MINOR: checks: don't create then kill a dummy connection before tcp-checks
|
|
- MEDIUM: checks: make tcpcheck_main() indicate if it recycled a connection
|
|
- MEDIUM: checks: do not allocate a permanent connection anymore
|
|
- BUG/MEDIUM: cli: fix "show fd" crash when dumping closed FDs
|
|
- BUG/MEDIUM: http: Return an error when url_dec sample converter failed
|
|
- BUG/MAJOR: stream-int: don't re-arm recv if send fails
|
|
- BUILD/MINOR: 51d: fix warning when building with 51Degrees release version 3.2.12.12
|
|
- DOC: 51d: add 51Degrees git URL that points to release version 3.2.12.12
|
|
- DOC: 51d: Updated git URL and instructions for getting Hash Trie data files.
|
|
- MINOR: compiler: restore the likely() wrapper for gcc 5.x
|
|
- MINOR: session: remove the list of streams from struct session
|
|
- DOC: fix some typos
|
|
- MINOR: server: add the srv_queue() sample fetch method
|
|
- MINOR: payload: add new sample fetch functions to process distcc protocol
|
|
- MAJOR: servers: propagate server status changes asynchronously.
|
|
- BUG/MEDIUM: ssl: fix OCSP expiry calculation
|
|
- BUG/MINOR: stream-int: don't set MSG_MORE on SHUTW_NOW without AUTO_CLOSE
|
|
- MINOR: server: Handle weight increase in consistent hash.
|
|
- MINOR: checks: Add a new keyword to specify a SNI when doing SSL checks.
|
|
- BUG/MINOR: tools: fix my_htonll() on x86_64
|
|
- BUG/MINOR: stats: Clear a bit more counters with in cli_parse_clear_counters().
|
|
- BUG/MAJOR: lua: scheduled task is freezing.
|
|
- MINOR: buffer: add bo_del() to delete a number of characters from output
|
|
- MINOR: buffer: add a function to match against string patterns
|
|
- MINOR: buffer: add two functions to inject data into buffers
|
|
- MINOR: buffer: add buffer_space_wraps()
|
|
- REORG: channel: finally rename the last bi_* / bo_* functions
|
|
- MINOR: buffer: add bo_getblk() and bo_getblk_nc()
|
|
- MINOR: channel: make use of bo_getblk{,_nc} for their channel equivalents
|
|
- MINOR: channel: make the channel be a const in all {ci,co}_get* functions
|
|
- MINOR: ist: add ist0() to add a trailing zero to a string.
|
|
- BUG/MEDIUM: log: check result details truncated.
|
|
- MINOR: buffer: make bo_getblk_nc() not return 2 for a full buffer
|
|
- REORG: http: move some very http1-specific parts to h1.{c,h}
|
|
- REORG: http: move the HTTP/1 chunk parser to h1.{c,h}
|
|
- REORG: http: move the HTTP/1 header block parser to h1.c
|
|
- MEDIUM: http: make the chunk size parser only depend on the buffer
|
|
- MEDIUM: http: make the chunk crlf parser only depend on the buffer
|
|
- MINOR: h1: add struct h1m for basic HTTP/1 messages
|
|
- MINOR: http: add very simple header management based on double strings
|
|
- MEDIUM: h1: reimplement the http/1 response parser for the gateway
|
|
- REORG: connection: rename CO_FL_DATA_* -> CO_FL_XPRT_*
|
|
- MEDIUM: connection: make conn_sock_shutw() aware of lingering
|
|
- MINOR: connection: ensure conn_ctrl_close() also resets the fd
|
|
- MINOR: connection: add conn_stop_tracking() to disable tracking
|
|
- MINOR: tcp: use conn_full_close() instead of conn_force_close()
|
|
- MINOR: unix: use conn_full_close() instead of conn_force_close()
|
|
- MINOR: checks: use conn_full_close() instead of conn_force_close()
|
|
- MINOR: session: use conn_full_close() instead of conn_force_close()
|
|
- MINOR: stream: use conn_full_close() instead of conn_force_close()
|
|
- MINOR: stream: use conn_full_close() instead of conn_force_close()
|
|
- MINOR: backend: use conn_full_close() instead of conn_force_close()
|
|
- MINOR: stream-int: use conn_full_close() instead of conn_force_close()
|
|
- MINOR: connection: remove conn_force_close()
|
|
- BUG/MINOR: ssl: ocsp response with 'revoked' status is correct
|
|
|
|
2017/06/02 : 1.8-dev2
|
|
- CLEANUP: server: moving netinet/tcp.h inclusion
|
|
- DOC: changed "block"(deprecated) examples to http-request deny
|
|
- DOC: add few comments to examples.
|
|
- DOC: update sample code for PROXY protocol
|
|
- DOC: mention lighttpd 1.4.46 implements PROXY
|
|
- MINOR server: Restrict dynamic cookie check to the same proxy.
|
|
- DOC: stick-table is available in frontend sections
|
|
- BUG/MINOR: server : no transparent proxy for DragonflyBSD
|
|
- BUILD/MINOR: stats: remove unexpected argument to stats_dump_json_header()
|
|
- BUILD/MINOR: tools: fix build warning in debug_hexdump()
|
|
- BUG/MINOR: dns: Wrong address family used when creating IPv6 sockets.
|
|
- BUG/MINOR: config: missing goto out after parsing an incorrect ACL character
|
|
- BUG/MINOR: arg: don't try to add an argument on failed memory allocation
|
|
- MEDIUM: server: Inherit CLI weight changes and agent-check weight responses
|
|
- BUG/MEDIUM: arg: ensure that we properly unlink unresolved arguments on error
|
|
- BUG/MEDIUM: acl: don't free unresolved args in prune_acl_expr()
|
|
- BUG/MEDIUM: servers: unbreak server weight propagation
|
|
- MINOR: lua: ensure the memory allocator is used all the time
|
|
- MINOR: cli: Add a command to send listening sockets.
|
|
- MINOR: global: Add an option to get the old listening sockets.
|
|
- MINOR: tcp: When binding socket, attempt to reuse one from the old proc.
|
|
- MINOR: doc: document the -x flag
|
|
- MINOR: proxy: Don't close FDs if not our proxy.
|
|
- MINOR: socket transfer: Set a timeout on the socket.
|
|
- MINOR: systemd wrapper: add support for passing the -x option.
|
|
- BUG/MINOR: server: Fix a wrong error message during 'usesrc' keyword parsing.
|
|
- BUG/MAJOR: Broken parsing for valid keywords provided after 'source' setting.
|
|
- CLEANUP: logs: typo: simgle => single
|
|
- BUG/MEDIUM: acl: proprely release unused args in prune_acl_expr()
|
|
- MEDIUM: config: don't check config validity when there are fatal errors
|
|
- BUG/MAJOR: Use -fwrapv.
|
|
- BUG/MINOR: server: don't use "proxy" when px is really meant.
|
|
- BUG/MEDIUM: http: Drop the connection establishment when a redirect is performed
|
|
- BUG/MINOR: server: missing default server 'resolvers' setting duplication.
|
|
- MINOR: server: Extract the code responsible of copying default-server settings.
|
|
- MINOR: server: Extract the code which finalizes server initializations after 'server' lines parsing.
|
|
- MINOR: server: Add 'server-template' new keyword supported in backend sections.
|
|
- MINOR: server: Add server_template_init() function to initialize servers from a templates.
|
|
- DOC: Add documentation for new "server-template" keyword.
|
|
- DOC: add layer 4 links/cross reference to "block" keyword.
|
|
- DOC: errloc/errorloc302/errorloc303 missing status codes.
|
|
- BUG/MEDIUM: lua: memory leak
|
|
- CLEANUP: lua: remove test
|
|
- BUG/MINOR: hash-balance-factor isn't effective in certain circumstances
|
|
- BUG/MINOR: change header-declared function to static inline
|
|
- REORG: spoe: move spoe_encode_varint / spoe_decode_varint from spoe to common
|
|
- MINOR: Add binary encoding request header sample fetch
|
|
- MINOR: proto-http: Add sample fetch wich returns all HTTP headers
|
|
- MINOR: Add ModSecurity wrapper as contrib
|
|
- BUG/MINOR: ssl: fix warnings about methods for opensslv1.1.
|
|
- DOC: update RFC references
|
|
- CONTRIB: tcploop: add action "X" to execute a command
|
|
- MINOR: server: cli: Add server FQDNs to server-state file and stats socket.
|
|
- BUG/MINOR: contrib/mod_security: fix build on FreeBSD
|
|
- BUG/MINOR: checks: don't send proxy protocol with agent checks
|
|
- MINOR: ssl: add prefer-client-ciphers
|
|
- MEDIUM: ssl: revert ssl/tls version settings relative to default-server.
|
|
- MEDIUM: ssl: ssl_methods implementation is reworked and factored for min/max tlsxx
|
|
- MEDIUM: ssl: calculate the real min/max TLS version and find holes
|
|
- MINOR: ssl: support TLSv1.3 for bind and server
|
|
- MINOR: ssl: show methods supported by openssl
|
|
- MEDIUM: ssl: add ssl-min-ver and ssl-max-ver parameters for bind and server
|
|
- MEDIUM: ssl: ssl-min-ver and ssl-max-ver compatibility.
|
|
- CLEANUP: retire obsoleted USE_GETSOCKNAME build option
|
|
- BUG/MAJOR: dns: Broken kqueue events handling (BSD systems).
|
|
- MINOR: sample: Add b64dec sample converter
|
|
- BUG/MEDIUM: lua: segfault if a converter or a sample doesn't return anything
|
|
- MINOR: cli: add ACCESS_LVL_MASK to store the access level
|
|
- MINOR: cli: add 'expose-fd listeners' to pass listeners FDs
|
|
- MEDIUM: proxy: zombify proxies only when the expose-fd socket is bound
|
|
- MEDIUM: ssl: add basic support for OpenSSL crypto engine
|
|
- MAJOR: ssl: add openssl async mode support
|
|
- MEDIUM: ssl: handle multiple async engines
|
|
- MINOR: boringssl: basic support for OCSP Stapling
|
|
- MEDIUM: mworker: replace systemd mode by master worker mode
|
|
- MEDIUM: mworker: handle reload and signals
|
|
- MEDIUM: mworker: wait mode on reload failure
|
|
- MEDIUM: mworker: try to guess the next stats socket to use with -x
|
|
- MEDIUM: mworker: exit-on-failure option
|
|
- MEDIUM: mworker: workers exit when the master leaves
|
|
- DOC: add documentation for the master-worker mode
|
|
- MEDIUM: systemd: Type=forking in unit file
|
|
- MAJOR: systemd-wrapper: get rid of the wrapper
|
|
- MINOR: log: Add logurilen tunable.
|
|
- CLEANUP: server.c: missing prototype of srv_free_dns_resolution
|
|
- MINOR: dns: smallest DNS fqdn size
|
|
- MINOR: dns: functions to manage memory for a DNS resolution structure
|
|
- MINOR: dns: parse_server() now uses srv_alloc_dns_resolution()
|
|
- REORG: dns: dns_option structure, storage of hostname_dn
|
|
- MINOR: dns: new snr_check_ip_callback function
|
|
- MAJOR: dns: save a copy of the DNS response in struct resolution
|
|
- MINOR: dns: implement a LRU cache for DNS resolutions
|
|
- MINOR: dns: make 'ancount' field to match the number of saved records
|
|
- MINOR: dns: introduce roundrobin into the internal cache (WIP)
|
|
- MAJOR/REORG: dns: DNS resolution task and requester queues
|
|
- BUILD: ssl: fix build with OPENSSL_NO_ENGINE
|
|
- MINOR: Add Mod Defender integration as contrib
|
|
- CLEANUP: str2mask return code comment: non-zero -> zero.
|
|
- MINOR: tools: make debug_hexdump() use a const char for the string
|
|
- MINOR: tools: make debug_hexdump() take a string prefix
|
|
- CLEANUP: connection: remove unused CO_FL_WAIT_DATA
|
|
|
|
2017/04/03 : 1.8-dev1
|
|
- BUG/MEDIUM: proxy: return "none" and "unknown" for unknown LB algos
|
|
- BUG/MINOR: stats: make field_str() return an empty string on NULL
|
|
- DOC: Spelling fixes
|
|
- BUG/MEDIUM: http: Fix tunnel mode when the CONNECT method is used
|
|
- BUG/MINOR: http: Keep the same behavior between 1.6 and 1.7 for tunneled txn
|
|
- BUG/MINOR: filters: Protect args in macros HAS_DATA_FILTERS and IS_DATA_FILTER
|
|
- BUG/MINOR: filters: Invert evaluation order of HTTP_XFER_BODY and XFER_DATA analyzers
|
|
- BUG/MINOR: http: Call XFER_DATA analyzer when HTTP txn is switched in tunnel mode
|
|
- BUG/MAJOR: stream: fix session abort on resource shortage
|
|
- OPTIM: stream-int: don't disable polling anymore on DONT_READ
|
|
- BUG/MINOR: cli: allow the backslash to be escaped on the CLI
|
|
- BUG/MEDIUM: cli: fix "show stat resolvers" and "show tls-keys"
|
|
- DOC: Fix map table's format
|
|
- DOC: Added 51Degrees conv and fetch functions to documentation.
|
|
- BUG/MINOR: http: don't send an extra CRLF after a Set-Cookie in a redirect
|
|
- DOC: mention that req_tot is for both frontends and backends
|
|
- BUG/MEDIUM: variables: some variable name can hide another ones
|
|
- MINOR: lua: Allow argument for actions
|
|
- BUILD: rearrange target files by build time
|
|
- CLEANUP: hlua: just indent functions
|
|
- MINOR: lua: give HAProxy variable access to the applets
|
|
- BUG/MINOR: stats: fix be/sessions/max output in html stats
|
|
- MINOR: proxy: Add fe_name/be_name fetchers next to existing fe_id/be_id
|
|
- DOC: lua: Documentation about some entry missing
|
|
- DOC: lua: Add documentation about variable manipulation from applet
|
|
- MINOR: Do not forward the header "Expect: 100-continue" when the option http-buffer-request is set
|
|
- DOC: Add undocumented argument of the trace filter
|
|
- DOC: Fix some typo in SPOE documentation
|
|
- MINOR: cli: Remove useless call to bi_putchk
|
|
- BUG/MINOR: cli: be sure to always warn the cli applet when input buffer is full
|
|
- MINOR: applet: Count number of (active) applets
|
|
- MINOR: task: Rename run_queue and run_queue_cur counters
|
|
- BUG/MEDIUM: stream: Save unprocessed events for a stream
|
|
- BUG/MAJOR: Fix how the list of entities waiting for a buffer is handled
|
|
- BUILD/MEDIUM: Fixing the build using LibreSSL
|
|
- BUG/MEDIUM: lua: In some case, the return of sample-fetches is ignored (2)
|
|
- SCRIPTS: git-show-backports: fix a harmless typo
|
|
- SCRIPTS: git-show-backports: add -H to use the hash of the commit message
|
|
- BUG/MINOR: stream-int: automatically release SI_FL_WAIT_DATA on SHUTW_NOW
|
|
- CLEANUP: applet/lua: create a dedicated ->fcn entry in hlua_cli context
|
|
- CLEANUP: applet/table: add an "action" entry in ->table context
|
|
- CLEANUP: applet: remove the now unused appctx->private field
|
|
- DOC: lua: documentation about time parser functions
|
|
- DOC: lua: improve links
|
|
- DOC: lua: section declared twice
|
|
- MEDIUM: cli: 'show cli sockets' list the CLI sockets
|
|
- BUG/MINOR: cli: "show cli sockets" wouldn't list all processes
|
|
- BUG/MINOR: cli: "show cli sockets" would always report process 64
|
|
- CLEANUP: lua: rename one of the lua appctx union
|
|
- BUG/MINOR: lua/cli: bad error message
|
|
- MEDIUM: lua: use memory pool for hlua struct in applets
|
|
- MINOR: lua/signals: Remove Lua part from signals.
|
|
- DOC: cli: show cli sockets
|
|
- MINOR: cli: automatically enable a CLI I/O handler when there's no parser
|
|
- CLEANUP: memory: remove the now unused cli_parse_show_pools() function
|
|
- CLEANUP: applet: group all CLI contexts together
|
|
- CLEANUP: stats: move a misplaced stats context initialization
|
|
- MINOR: cli: add two general purpose pointers and integers in the CLI struct
|
|
- MINOR: appctx/cli: remove the cli_socket entry from the appctx union
|
|
- MINOR: appctx/cli: remove the env entry from the appctx union
|
|
- MINOR: appctx/cli: remove the "be" entry from the appctx union
|
|
- MINOR: appctx/cli: remove the "dns" entry from the appctx union
|
|
- MINOR: appctx/cli: remove the "server_state" entry from the appctx union
|
|
- MINOR: appctx/cli: remove the "tlskeys" entry from the appctx union
|
|
- CONTRIB: tcploop: add limits.h to fix build issue with some compilers
|
|
- MINOR/DOC: lua: just precise one thing
|
|
- DOC: fix small typo in fe_id (backend instead of frontend)
|
|
- BUG/MINOR: Fix the sending function in Lua's cosocket
|
|
- BUG/MINOR: lua: memory leak executing tasks
|
|
- BUG/MINOR: lua: bad return code
|
|
- BUG/MINOR: lua: memleak when Lua/cli fails
|
|
- MEDIUM: lua: remove Lua struct from session, and allocate it with memory pools
|
|
- CLEANUP: haproxy: statify unexported functions
|
|
- MINOR: haproxy: add a registration for build options
|
|
- CLEANUP: wurfl: use the build options list to report it
|
|
- CLEANUP: 51d: use the build options list to report it
|
|
- CLEANUP: da: use the build options list to report it
|
|
- CLEANUP: namespaces: use the build options list to report it
|
|
- CLEANUP: tcp: use the build options list to report transparent modes
|
|
- CLEANUP: lua: use the build options list to report it
|
|
- CLEANUP: regex: use the build options list to report the regex type
|
|
- CLEANUP: ssl: use the build options list to report the SSL details
|
|
- CLEANUP: compression: use the build options list to report the algos
|
|
- CLEANUP: auth: use the build options list to report its support
|
|
- MINOR: haproxy: add a registration for post-check functions
|
|
- CLEANUP: checks: make use of the post-init registration to start checks
|
|
- CLEANUP: filters: use the function registration to initialize all proxies
|
|
- CLEANUP: wurfl: make use of the late init registration
|
|
- CLEANUP: 51d: make use of the late init registration
|
|
- CLEANUP: da: make use of the late init registration code
|
|
- MINOR: haproxy: add a registration for post-deinit functions
|
|
- CLEANUP: wurfl: register the deinit function via the dedicated list
|
|
- CLEANUP: 51d: register the deinitialization function
|
|
- CLEANUP: da: register the deinitialization function
|
|
- CLEANUP: wurfl: move global settings out of the global section
|
|
- CLEANUP: 51d: move global settings out of the global section
|
|
- CLEANUP: da: move global settings out of the global section
|
|
- MINOR: cfgparse: add two new functions to check arguments count
|
|
- MINOR: cfgparse: move parsing of "ca-base" and "crt-base" to ssl_sock
|
|
- MEDIUM: cfgparse: move all tune.ssl.* keywords to ssl_sock
|
|
- MEDIUM: cfgparse: move maxsslconn parsing to ssl_sock
|
|
- MINOR: cfgparse: move parsing of ssl-default-{bind,server}-ciphers to ssl_sock
|
|
- MEDIUM: cfgparse: move ssl-dh-param-file parsing to ssl_sock
|
|
- MEDIUM: compression: move the zlib-specific stuff from global.h to compression.c
|
|
- BUG/MEDIUM: ssl: properly reset the reused_sess during a forced handshake
|
|
- BUG/MEDIUM: ssl: avoid double free when releasing bind_confs
|
|
- BUG/MINOR: stats: fix be/sessions/current out in typed stats
|
|
- MINOR: tcp-rules: check that the listener exists before updating its counters
|
|
- MEDIUM: spoe: don't create a dummy listener for outgoing connections
|
|
- MINOR: listener: move the transport layer pointer to the bind_conf
|
|
- MEDIUM: move listener->frontend to bind_conf->frontend
|
|
- MEDIUM: ssl: remote the proxy argument from most functions
|
|
- MINOR: connection: add a new prepare_bind_conf() entry to xprt_ops
|
|
- MEDIUM: ssl_sock: implement ssl_sock_prepare_bind_conf()
|
|
- MINOR: connection: add a new destroy_bind_conf() entry to xprt_ops
|
|
- MINOR: ssl_sock: implement ssl_sock_destroy_bind_conf()
|
|
- MINOR: server: move the use_ssl field out of the ifdef USE_OPENSSL
|
|
- MINOR: connection: add a minimal transport layer registration system
|
|
- CLEANUP: connection: remove all direct references to raw_sock and ssl_sock
|
|
- CLEANUP: connection: unexport raw_sock and ssl_sock
|
|
- MINOR: connection: add new prepare_srv()/destroy_srv() entries to xprt_ops
|
|
- MINOR: ssl_sock: implement and use prepare_srv()/destroy_srv()
|
|
- CLEANUP: ssl: move tlskeys_finalize_config() to a post_check callback
|
|
- CLEANUP: ssl: move most ssl-specific global settings to ssl_sock.c
|
|
- BUG/MINOR: backend: nbsrv() should return 0 if backend is disabled
|
|
- BUG/MEDIUM: ssl: for a handshake when server-side SNI changes
|
|
- BUG/MINOR: systemd: potential zombie processes
|
|
- DOC: Add timings events schemas
|
|
- BUILD: lua: build failed on FreeBSD.
|
|
- MINOR: samples: add xx-hash functions
|
|
- MEDIUM: regex: pcre2 support
|
|
- BUG/MINOR: option prefer-last-server must be ignored in some case
|
|
- MINOR: stats: Support "select all" for backend actions
|
|
- BUG/MINOR: sample-fetches/stick-tables: bad type for the sample fetches sc*_get_gpt0
|
|
- BUG/MAJOR: channel: Fix the definition order of channel analyzers
|
|
- BUG/MINOR: http: report real parser state in error captures
|
|
- BUILD: scripts: automatically update the branch in version.h when releasing
|
|
- MINOR: tools: add a generic hexdump function for debugging
|
|
- BUG/MAJOR: http: fix risk of getting invalid reports of bad requests
|
|
- MINOR: http: custom status reason.
|
|
- MINOR: connection: add sample fetch "fc_rcvd_proxy"
|
|
- BUG/MINOR: config: emit a warning if http-reuse is enabled with incompatible options
|
|
- BUG/MINOR: tools: fix off-by-one in port size check
|
|
- BUG/MEDIUM: server: consider AF_UNSPEC as a valid address family
|
|
- MEDIUM: server: split the address and the port into two different fields
|
|
- MINOR: tools: make str2sa_range() return the port in a separate argument
|
|
- MINOR: server: take the destination port from the port field, not the addr
|
|
- MEDIUM: server: disable protocol validations when the server doesn't resolve
|
|
- BUG/MEDIUM: tools: do not force an unresolved address to AF_INET:0.0.0.0
|
|
- BUG/MINOR: ssl: EVP_PKEY must be freed after X509_get_pubkey usage
|
|
- BUG/MINOR: ssl: assert on SSL_set_shutdown with BoringSSL
|
|
- MINOR: Use "500 Internal Server Error" for 500 error/status code message.
|
|
- MINOR: proto_http.c 502 error txt typo.
|
|
- DOC: add deprecation notice to "block"
|
|
- MINOR: compression: fix -vv output without zlib/slz
|
|
- BUG/MINOR: Reset errno variable before calling strtol(3)
|
|
- MINOR: ssl: don't show prefer-server-ciphers output
|
|
- OPTIM/MINOR: config: Optimize fullconn automatic computation loading configuration
|
|
- BUG/MINOR: stream: Fix how backend-specific analyzers are set on a stream
|
|
- MAJOR: ssl: bind configuration per certificat
|
|
- MINOR: ssl: add curve suite for ECDHE negotiation
|
|
- MINOR: checks: Add agent-addr config directive
|
|
- MINOR: cli: Add possiblity to change agent config via CLI/socket
|
|
- MINOR: doc: Add docs for agent-addr configuration variable
|
|
- MINOR: doc: Add docs for agent-addr and agent-send CLI commands
|
|
- BUILD: ssl: fix to build (again) with boringssl
|
|
- BUILD: ssl: fix build on OpenSSL 1.0.0
|
|
- BUILD: ssl: silence a warning reported for ERR_remove_state()
|
|
- BUILD: ssl: eliminate warning with OpenSSL 1.1.0 regarding RAND_pseudo_bytes()
|
|
- BUILD: ssl: kill a build warning introduced by BoringSSL compatibility
|
|
- BUG/MEDIUM: tcp: don't poll for write when connect() succeeds
|
|
- BUG/MINOR: unix: fix connect's polling in case no data are scheduled
|
|
- MINOR: server: extend the flags to 32 bits
|
|
- BUG/MINOR: lua: Map.end are not reliable because "end" is a reserved keyword
|
|
- MINOR: dns: give ability to dns_init_resolvers() to close a socket when requested
|
|
- BUG/MAJOR: dns: restart sockets after fork()
|
|
- MINOR: chunks: implement a simple dynamic allocator for trash buffers
|
|
- BUG/MEDIUM: http: prevent redirect from overwriting a buffer
|
|
- BUG/MEDIUM: filters: Do not truncate HTTP response when body length is undefined
|
|
- BUG/MEDIUM: http: Prevent replace-header from overwriting a buffer
|
|
- BUG/MINOR: http: Return an error when a replace-header rule failed on the response
|
|
- BUG/MINOR: sendmail: The return of vsnprintf is not cleanly tested
|
|
- BUG/MAJOR: ssl: fix a regression in ssl_sock_shutw()
|
|
- BUG/MAJOR: lua segmentation fault when the request is like 'GET ?arg=val HTTP/1.1'
|
|
- BUG/MEDIUM: config: reject anything but "if" or "unless" after a use-backend rule
|
|
- MINOR: http: don't close when redirect location doesn't start with "/"
|
|
- MEDIUM: boringssl: support native multi-cert selection without bundling
|
|
- BUG/MEDIUM: ssl: fix verify/ca-file per certificate
|
|
- BUG/MEDIUM: ssl: switchctx should not return SSL_TLSEXT_ERR_ALERT_WARNING
|
|
- MINOR: ssl: removes SSL_CTX_set_ssl_version call and cleanup CTX creation.
|
|
- BUILD: ssl: fix build with -DOPENSSL_NO_DH
|
|
- MEDIUM: ssl: add new sample-fetch which captures the cipherlist
|
|
- MEDIUM: ssl: remove ssl-options from crt-list
|
|
- BUG/MEDIUM: ssl: in bind line, ssl-options after 'crt' are ignored.
|
|
- BUG/MINOR: ssl: fix cipherlist captures with sustainable SSL calls
|
|
- MINOR: ssl: improved cipherlist captures
|
|
- BUG/MINOR: spoe: Fix soft stop handler using a specific id for spoe filters
|
|
- BUG/MINOR: spoe: Fix parsing of arguments in spoe-message section
|
|
- MAJOR: spoe: Add support of pipelined and asynchronous exchanges with agents
|
|
- MINOR: spoe: Add support for pipelining/async capabilities in the SPOA example
|
|
- MINOR: spoe: Remove SPOE details from the appctx structure
|
|
- MINOR: spoe: Add status code in error variable instead of hardcoded value
|
|
- MINOR: spoe: Send a log message when an error occurred during event processing
|
|
- MINOR: spoe: Check the scope of sample fetches used in SPOE messages
|
|
- MEDIUM: spoe: Be sure to wakeup the good entity waiting for a buffer
|
|
- MINOR: spoe: Use the min of all known max_frame_size to encode messages
|
|
- MAJOR: spoe: Add support of payload fragmentation in NOTIFY frames
|
|
- MINOR: spoe: Add support for fragmentation capability in the SPOA example
|
|
- MAJOR: spoe: refactor the filter to clean up the code
|
|
- MINOR: spoe: Handle NOTIFY frames cancellation using ABORT bit in ACK frames
|
|
- REORG: spoe: Move struct and enum definitions in dedicated header file
|
|
- REORG: spoe: Move low-level encoding/decoding functions in dedicated header file
|
|
- MINOR: spoe: Improve implementation of the payload fragmentation
|
|
- MINOR: spoe: Add support of negation for options in SPOE configuration file
|
|
- MINOR: spoe: Add "pipelining" and "async" options in spoe-agent section
|
|
- MINOR: spoe: Rely on alertif_too_many_arg during configuration parsing
|
|
- MINOR: spoe: Add "send-frag-payload" option in spoe-agent section
|
|
- MINOR: spoe: Add "max-frame-size" statement in spoe-agent section
|
|
- DOC: spoe: Update SPOE documentation to reflect recent changes
|
|
- MINOR: config: warn when some HTTP rules are used in a TCP proxy
|
|
- BUG/MEDIUM: ssl: Clear OpenSSL error stack after trying to parse OCSP file
|
|
- BUG/MEDIUM: cli: Prevent double free in CLI ACL lookup
|
|
- BUG/MINOR: Fix "get map <map> <value>" CLI command
|
|
- MINOR: Add nbsrv sample converter
|
|
- CLEANUP: Replace repeated code to count usable servers with be_usable_srv()
|
|
- MINOR: Add hostname sample fetch
|
|
- CLEANUP: Remove comment that's no longer valid
|
|
- MEDIUM: http_error_message: txn->status / http_get_status_idx.
|
|
- MINOR: http-request tarpit deny_status.
|
|
- CLEANUP: http: make http_server_error() not set the status anymore
|
|
- MEDIUM: stats: Add JSON output option to show (info|stat)
|
|
- MEDIUM: stats: Add show json schema
|
|
- BUG/MAJOR: connection: update CO_FL_CONNECTED before calling the data layer
|
|
- MINOR: server: Add dynamic session cookies.
|
|
- MINOR: cli: Let configure the dynamic cookies from the cli.
|
|
- BUG/MINOR: checks: attempt clean shutw for SSL check
|
|
- CONTRIB: tcploop: make it build on FreeBSD
|
|
- CONTRIB: tcploop: fix time format to silence build warnings
|
|
- CONTRIB: tcploop: report action 'K' (kill) in usage message
|
|
- CONTRIB: tcploop: fix connect's address length
|
|
- CONTRIB: tcploop: use the trash instead of NULL for recv()
|
|
- BUG/MEDIUM: listener: do not try to rebind another process' socket
|
|
- BUG/MEDIUM server: Fix crash when dynamic is defined, but not key is provided.
|
|
- CLEANUP: config: Typo in comment.
|
|
- BUG/MEDIUM: filters: Fix channels synchronization in flt_end_analyze
|
|
- TESTS: add a test configuration to stress handshake combinations
|
|
- BUG/MAJOR: stream-int: do not depend on connection flags to detect connection
|
|
- BUG/MEDIUM: connection: ensure to always report the end of handshakes
|
|
- MEDIUM: connection: don't test for CO_FL_WAKE_DATA
|
|
- CLEANUP: connection: completely remove CO_FL_WAKE_DATA
|
|
- BUG: payload: fix payload not retrieving arbitrary lengths
|
|
- BUILD: ssl: simplify SSL_CTX_set_ecdh_auto compatibility
|
|
- BUILD: ssl: fix OPENSSL_NO_SSL_TRACE for boringssl and libressl
|
|
- BUG/MAJOR: http: fix typo in http_apply_redirect_rule
|
|
- MINOR: doc: 2.4. Examples should be 2.5. Examples
|
|
- BUG/MEDIUM: stream: fix client-fin/server-fin handling
|
|
- MINOR: fd: add a new flag HAP_POLL_F_RDHUP to struct poller
|
|
- BUG/MINOR: raw_sock: always perfom the last recv if RDHUP is not available
|
|
- OPTIM: poll: enable support for POLLRDHUP
|
|
- MINOR: kqueue: exclusively rely on the kqueue returned status
|
|
- MEDIUM: kqueue: take care of EV_EOF to improve polling status accuracy
|
|
- MEDIUM: kqueue: only set FD_POLL_IN when there are pending data
|
|
- DOC/MINOR: Fix typos in proxy protocol doc
|
|
- DOC: Protocol doc: add checksum, TLV type ranges
|
|
- DOC: Protocol doc: add SSL TLVs, rename CHECKSUM
|
|
- DOC: Protocol doc: add noop TLV
|
|
- MEDIUM: global: add a 'hard-stop-after' option to cap the soft-stop time
|
|
- MINOR: dns: improve DNS response parsing to use as many available records as possible
|
|
- BUG/MINOR: cfgparse: loop in tracked servers lists not detected by check_config_validity().
|
|
- MINOR: server: irrelevant error message with 'default-server' config file keyword.
|
|
- MINOR: server: Make 'default-server' support 'backup' keyword.
|
|
- MINOR: server: Make 'default-server' support 'check-send-proxy' keyword.
|
|
- CLEANUP: server: code alignement.
|
|
- MINOR: server: Make 'default-server' support 'non-stick' keyword.
|
|
- MINOR: server: Make 'default-server' support 'send-proxy' and 'send-proxy-v2 keywords.
|
|
- MINOR: server: Make 'default-server' support 'check-ssl' keyword.
|
|
- MINOR: server: Make 'default-server' support 'force-sslv3' and 'force-tlsv1[0-2]' keywords.
|
|
- CLEANUP: server: code alignement.
|
|
- MINOR: server: Make 'default-server' support 'no-ssl*' and 'no-tlsv*' keywords.
|
|
- MINOR: server: Make 'default-server' support 'ssl' keyword.
|
|
- MINOR: server: Make 'default-server' support 'send-proxy-v2-ssl*' keywords.
|
|
- CLEANUP: server: code alignement.
|
|
- MINOR: server: Make 'default-server' support 'verify' keyword.
|
|
- MINOR: server: Make 'default-server' support 'verifyhost' setting.
|
|
- MINOR: server: Make 'default-server' support 'check' keyword.
|
|
- MINOR: server: Make 'default-server' support 'track' setting.
|
|
- MINOR: server: Make 'default-server' support 'ca-file', 'crl-file' and 'crt' settings.
|
|
- MINOR: server: Make 'default-server' support 'redir' keyword.
|
|
- MINOR: server: Make 'default-server' support 'observe' keyword.
|
|
- MINOR: server: Make 'default-server' support 'cookie' keyword.
|
|
- MINOR: server: Make 'default-server' support 'ciphers' keyword.
|
|
- MINOR: server: Make 'default-server' support 'tcp-ut' keyword.
|
|
- MINOR: server: Make 'default-server' support 'namespace' keyword.
|
|
- MINOR: server: Make 'default-server' support 'source' keyword.
|
|
- MINOR: server: Make 'default-server' support 'sni' keyword.
|
|
- MINOR: server: Make 'default-server' support 'addr' keyword.
|
|
- MINOR: server: Make 'default-server' support 'disabled' keyword.
|
|
- MINOR: server: Add 'no-agent-check' server keyword.
|
|
- DOC: server: Add docs for "server" and "default-server" new "no-*" and other settings.
|
|
- MINOR: doc: fix use-server example (imap vs mail)
|
|
- BUG/MEDIUM: tcp: don't require privileges to bind to device
|
|
- BUILD: make the release script use shortlog for the final changelog
|
|
- BUILD: scripts: fix typo in announce-release error message
|
|
- CLEANUP: time: curr_sec_ms doesn't need to be exported
|
|
- BUG/MEDIUM: server: Wrong server default CRT filenames initialization.
|
|
- BUG/MEDIUM: peers: fix buffer overflow control in intdecode.
|
|
- BUG/MEDIUM: buffers: Fix how input/output data are injected into buffers
|
|
- BUG/MINOR: http: Fix conditions to clean up a txn and to handle the next request
|
|
- CLEANUP: http: Remove channel_congested function
|
|
- CLEANUP: buffers: Remove buffer_bounce_realign function
|
|
- CLEANUP: buffers: Remove buffer_contig_area and buffer_work_area functions
|
|
- MINOR: http: remove useless check on HTTP_MSGF_XFER_LEN for the request
|
|
- MINOR: http: Add debug messages when HTTP body analyzers are called
|
|
- BUG/MEDIUM: http: Fix blocked HTTP/1.0 responses when compression is enabled
|
|
- BUG/MINOR: filters: Don't force the stream's wakeup when we wait in flt_end_analyze
|
|
- DOC: fix parenthesis and add missing "Example" tags
|
|
- DOC: update the contributing file
|
|
- DOC: log-format/tcplog/httplog update
|
|
- MINOR: config parsing: add warning when log-format/tcplog/httplog is overriden in "defaults" sections
|
|
|
|
2016/11/25 : 1.8-dev0
|
|
|
|
2016/11/25 : 1.7.0
|
|
- SCRIPTS: make publish-release also copy the new SPOE doc
|
|
- BUILD: http: include types/sample.h in proto_http.h
|
|
- BUILD: debug/flags: remove test for SF_COMP_READY
|
|
- CONTRIB: debug/flags: add check for SF_ERR_CHK_PORT
|
|
- MINOR: lua: add function which return true if the channel is full.
|
|
- MINOR: lua: add ip addresses and network manipulation function
|
|
- CONTRIB: tcploop: scriptable TCP I/O for debugging purposes
|
|
- CONTRIB: tcploop: implement fork()
|
|
- CONTRIB: tcploop: implement logging when called with -v
|
|
- CONTRIB: tcploop: update the usage output
|
|
- CONTRIB: tcploop: support sending plain strings
|
|
- CONTRIB: tcploop: don't report failed send() or recv()
|
|
- CONTRIB: tcploop: add basic loops via a jump instruction
|
|
- BUG/MEDIUM: channel: bad unlikely macro
|
|
- CLEANUP: lua: move comment
|
|
- CLEANUP: lua: control executed twice
|
|
- BUG/MEDIUM: ssl: Store certificate filename in a variable
|
|
- BUG/MINOR: ssl: Print correct filename when error occurs reading OCSP
|
|
- CLEANUP: ssl: Remove goto after return dead code
|
|
- CLEANUP: ssl: Fix bind keywords name in comments
|
|
- DOC: ssl: Use correct wording for ca-sign-pass
|
|
- CLEANUP: lua: avoid directly calling getsockname/getpeername()
|
|
- BUG/MINOR: stick-table: handle out-of-memory condition gracefully
|
|
- MINOR: cli: add private pointer and release function
|
|
- MEDIUM: lua: Add cli handler for Lua
|
|
- BUG/MEDIUM: connection: check the control layer before stopping polling
|
|
- DEBUG: connection: mark the closed FDs with a value that is easier to detect
|
|
- BUG/MEDIUM: stick-table: fix regression caused by recent fix for out-of-memory
|
|
- BUG/MINOR: cli: properly decrement ref count on tables during failed dumps
|
|
- BUG/MEDIUM: lua: In some case, the return of sample-fetche is ignored
|
|
- MINOR: filters: Add check_timeouts callback to handle timers expiration on streams
|
|
- MINOR: spoe: Add 'timeout processing' option to limit time to process an event
|
|
- MINOR: spoe: Remove useless 'timeout ack' option
|
|
- MINOR: spoe: Add 'option continue-on-error' statement in spoe-agent section
|
|
- MINOR: spoe: Add "maxconnrate" and "maxerrrate" statements
|
|
- MINOR: spoe: Add "option set-on-error" statement
|
|
- MINOR: stats: correct documentation of process ID for typed output
|
|
- BUILD: contrib: fix ip6range build on Centos 7
|
|
- BUILD: fix build on Solaris 10/11
|
|
- BUG/MINOR: cli: fix pointer size when reporting data/transport layer name
|
|
- BUG/MINOR: cli: dequeue from the proxy when changing a maxconn
|
|
- BUG/MINOR: cli: wake up the CLI's task after a timeout update
|
|
- MINOR: connection: add a few functions to report the data and xprt layers' names
|
|
- MINOR: connection: add names for transport and data layers
|
|
- REORG: cli: split dumpstats.c in src/cli.c and src/stats.c
|
|
- REORG: cli: split dumpstats.h in stats.h and cli.h
|
|
- REORG: cli: move ssl CLI functions to ssl_sock.c
|
|
- REORG: cli: move map and acl code to map.c
|
|
- REORG: cli: move show stat resolvers to dns.c
|
|
- MINOR: cli: create new function cli_has_level() to validate permissions
|
|
- MINOR: server: create new function cli_find_server() to find a server
|
|
- MINOR: proxy: create new function cli_find_frontend() to find a frontend
|
|
- REORG: cli: move 'set server' to server.c
|
|
- REORG: cli: move 'show pools' to memory.c
|
|
- REORG: cli: move 'show servers' to proxy.c
|
|
- REORG: cli: move 'show sess' to stream.c
|
|
- REORG: cli: move 'show backend' to proxy.c
|
|
- REORG: cli: move get/set weight to server.c
|
|
- REORG: cli: move "show stat" to stats.c
|
|
- REORG: cli: move "show info" to stats.c
|
|
- REORG: cli: move dump_text(), dump_text_line(), and dump_binary() to standard.c
|
|
- REORG: cli: move table dump/clear/set to stick_table.c
|
|
- REORG: cli: move "show errors" out of cli.c
|
|
- REORG: cli: make "show env" also use the generic keyword registration
|
|
- REORG: cli: move "set timeout" to its own handler
|
|
- REORG: cli: move "clear counters" to stats.c
|
|
- REORG: cli: move "set maxconn global" to its own handler
|
|
- REORG: cli: move "set maxconn server" to server.c
|
|
- REORG: cli: move "set maxconn frontend" to proxy.c
|
|
- REORG: cli: move "shutdown sessions server" to stream.c
|
|
- REORG: cli: move "shutdown session" to stream.c
|
|
- REORG: cli: move "shutdown frontend" to proxy.c
|
|
- REORG: cli: move "{enable|disable} frontend" to proxy.c
|
|
- REORG: cli: move "{enable|disable} server" to server.c
|
|
- REORG: cli: move "{enable|disable} health" to server.c
|
|
- REORG: cli: move "{enable|disable} agent" to server.c
|
|
- REORG: cli: move the "set rate-limit" functions to their own parser
|
|
- CLEANUP: cli: rename STAT_CLI_* to CLI_ST_*
|
|
- CLEANUP: cli: simplify the request parser a little bit
|
|
- CLEANUP: cli: remove assignments to st0 and st2 in keyword parsers
|
|
- BUILD: server: remove a build warning introduced by latest series
|
|
- BUG/MINOR: log-format: uncatched memory allocation functions
|
|
- CLEANUP: log-format: useless file and line in json converter
|
|
- CLEANUP/MINOR: log-format: unexport functions parse_logformat_var_args() and parse_logformat_var()
|
|
- CLEANUP: log-format: fix return code of the function parse_logformat_var()
|
|
- CLEANUP: log-format: fix return code of function parse_logformat_var_args()
|
|
- CLEANUP: log-format: remove unused arguments
|
|
- MEDIUM: log-format: strict parsing and enable fail
|
|
- MEDIUM: log-format/conf: take into account the parse_logformat_string() return code
|
|
- BUILD: ssl: make the SSL layer build again with openssl 0.9.8
|
|
- BUILD: vars: remove a build warning on vars.c
|
|
- MINOR: lua: add utility function for check boolean argument
|
|
- MINOR: lua: Add tokenize function.
|
|
- BUG/MINOR: conf: calloc untested
|
|
- MINOR: http/conf: store the use_backend configuration file and line for logs
|
|
- MEDIUM: log-format: Use standard HAProxy log system to report errors
|
|
- CLEANUP: sample: report "converter" instead of "conv method" in error messages
|
|
- BUG: spoe: Fix parsing of SPOE actions in ACK frames
|
|
- MINOR: cli: make "show stat" support a proxy name
|
|
- MINOR: cli: make "show errors" support a proxy name
|
|
- MINOR: cli: make "show errors" capable of dumping only request or response
|
|
- BUG/MINOR: freq-ctr: make swrate_add() support larger values
|
|
- CLEANUP: counters: move from 3 types to 2 types
|
|
- CLEANUP: cfgparse: cascade the warnif_misplaced_* rules
|
|
- REORG: tcp-rules: move tcp rules processing to their own file
|
|
- REORG: stkctr: move all the stick counters processing to stick-tables.c
|
|
- DOC: update the roadmap file with the latest changes
|
|
|
|
2016/11/09 : 1.7-dev6
|
|
- DOC: fix the entry for hash-balance-factor config option
|
|
- DOC: Fix typo in description of `-st` parameter in man page
|
|
- CLEANUP: cfgparse: Very minor spelling correction
|
|
- MINOR: examples: Update haproxy.spec URLs to haproxy.org
|
|
- BUG/MEDIUM: peers: on shutdown, wake up the appctx, not the stream
|
|
- BUG/MEDIUM: peers: fix use after free in peer_session_create()
|
|
- MINOR: peers: make peer_session_forceshutdown() use the appctx and not the stream
|
|
- MINOR: peers: remove the pointer to the stream
|
|
- BUG/MEDIUM: systemd-wrapper: return correct exit codes
|
|
- DOC: stats: provide state details for show servers state
|
|
- MEDIUM: tools: make str2ip2() preserve existing ports
|
|
- CLEANUP: tools: make ipcpy() preserve the original port
|
|
- OPTIM: http: move all http character classs tables into a single one
|
|
- OPTIM: http: improve parsing performance of long header lines
|
|
- OPTIM: http: improve parsing performance of long URIs
|
|
- OPTIM: http: optimize lookup of comma and quote in header values
|
|
- BUG/MEDIUM: srv-state: properly restore the DRAIN state
|
|
- BUG/MINOR: srv-state: allow to have both CMAINT and FDRAIN flags
|
|
- MINOR: server: do not emit warnings/logs/alerts on server state changes at boot
|
|
- BUG/MEDIUM: servers: properly propagate the maintenance states during startup
|
|
- MEDIUM: wurfl: add Scientiamobile WURFL device detection module
|
|
- DOC: move the device detection modules documentation to their own files
|
|
- CLEANUP: wurfl: reduce exposure in the rest of the code
|
|
- MEDIUM: ssl: Add support for OpenSSL 1.1.0
|
|
- MINOR: stream: make option contstats usable again
|
|
- MEDIUM: tools: make str2sa_range() return the FQDN even when not resolving
|
|
- MINOR: init: move apply_server_state in haproxy.c before MODE_CHECK
|
|
- MAJOR: server: postpone address resolution
|
|
- MINOR: new srv_admin flag: SRV_ADMF_RMAINT
|
|
- MINOR: server: indicate in the logs when RMAINT is cleared
|
|
- MINOR: stats: indicate it when a server is down due to resolution
|
|
- MINOR: server: make srv_set_admin_state() capable of telling why this happens
|
|
- MINOR: dns: implement extra 'hold' timers.
|
|
- MAJOR: dns: runtime resolution can change server admin state
|
|
- MEDIUM: cli: leave the RMAINT state when setting an IP address on the CLI
|
|
- MEDIUM: server: add a new init-addr server line setting
|
|
- MEDIUM: server: make use of init-addr
|
|
- MINOR: server: implement init-addr none
|
|
- MEDIUM: server: make libc resolution failure non-fatal
|
|
- MINOR: server: add support for explicit numeric address in init-addr
|
|
- DOC: add some documentation for the "init-addr" server keyword
|
|
- MINOR: init: add -dr to ignore server address resolution failures
|
|
- MEDIUM: server: do not restrict anymore usage of IP address from the state file
|
|
- BUG: vars: Fix 'set-var' converter because of a typo
|
|
- CLEANUP: remove last references to 'ruleset' section
|
|
- MEDIUM: filters: Add attch/detach and stream_set_backend callbacks
|
|
- MINOR: filters: Update filters documentation accordingly to recent changes
|
|
- MINOR: filters: Call stream_set_backend callbacks before updating backend stats
|
|
- MINOR: filters: Remove backend filters attached to a stream only for HTTP streams
|
|
- MINOR: flt_trace: Add hexdump option to dump forwarded data
|
|
- MINOR: cfgparse: Add functions to backup and restore registered sections
|
|
- MINOR: cfgparse: Parse scope lines and save the last one parsed
|
|
- REORG: sample: move code to release a sample expression in sample.c
|
|
- MINOR: vars: Allow '.' in variable names
|
|
- MINOR: vars: Add vars_set_by_name_ifexist function
|
|
- MEDIUM: vars: Add a per-process scope for variables
|
|
- MINOR: vars: Add 'unset-var' action/converter
|
|
- MAJOR: spoe: Add an experimental Stream Processing Offload Engine
|
|
- MINOR: spoe: add random ip-reputation service as SPOA example
|
|
- MINOR: spoe/checks: Add support for SPOP health checks
|
|
- DOC: update ROADMAP file
|
|
|
|
2016/10/25 : 1.7-dev5
|
|
- MINOR: cfgparse: few memory leaks fixes.
|
|
- MEDIUM: log: Decompose %Tq in %Th %Ti %TR
|
|
- CLEANUP: logs: remove unused log format field definitions
|
|
- BUILD/MAJOR:updated 51d Trie implementation to incorperate latest update to 51Degrees.c
|
|
- BUG/MAJOR: stream: properly mark the server address as unset on connect retry
|
|
- CLEANUP: proto_http: Removing useless variable assignation
|
|
- CLEANUP: dumpstats: Removing useless variables allocation
|
|
- CLEANUP: dns: Removing usless variable & assignation
|
|
- BUG/MINOR: payload: fix SSLv2 version parser
|
|
- MINOR: cli: allow the semi-colon to be escaped on the CLI
|
|
- MINOR: cli: change a server health check port through the stats socket
|
|
- BUG/MINOR: Fix OSX compilation errors
|
|
- MAJOR: check: find out which port to use for health check at run time
|
|
- MINOR: server: introduction of 3 new server flags
|
|
- MINOR: new update_server_addr_port() function to change both server's ADDR and service PORT
|
|
- MINOR: cli: ability to change a server's port
|
|
- CLEANUP/MINOR dns: comment do not follow up code update
|
|
- MINOR: chunk: new strncat function
|
|
- MINOR: dns: wrong DNS_MAX_UDP_MESSAGE value
|
|
- MINOR: dns: new MAX values
|
|
- MINOR: dns: new macro to compute DNS header size
|
|
- MINOR: dns: new DNS structures to store received packets
|
|
- MEDIUM: dns: new DNS response parser
|
|
- MINOR: dns: query type change when last record is a CNAME
|
|
- MINOR: dns: proper domain name validation when receiving DNS response
|
|
- MINOR: dns: comments in types/dns.h about structures endianness
|
|
- BUG/MINOR: displayed PCRE version is running release
|
|
- MINOR: show Built with PCRE version
|
|
- MINOR: show Running on zlib version
|
|
- MEDIUM: make SO_REUSEPORT configurable
|
|
- MINOR: enable IP_BIND_ADDRESS_NO_PORT on backend connections
|
|
- BUG/MEDIUM: http/compression: Fix how chunked data are copied during the HTTP body parsing
|
|
- BUG/MINOR: stats: report the correct conn_time in backend's html output
|
|
- BUG/MEDIUM: dns: don't randomly crash on out-of-memory
|
|
- MINOR: Add fe_req_rate sample fetch
|
|
- MEDIUM: peers: Fix a peer stick-tables synchronization issue.
|
|
- MEDIUM: cli: register CLI keywords with cli_register_kw()
|
|
- BUILD: Make use of accept4() on OpenBSD.
|
|
- MINOR: tcp: make set-src/set-src-port and set-dst/set-dst-port commutative
|
|
- DOC: fix missed entry for "set-{src,dst}{,-port}"
|
|
- BUG/MINOR: vars: use sess and not s->sess in action_store()
|
|
- BUG/MINOR: vars: make smp_fetch_var() more robust against misuses
|
|
- BUG/MINOR: vars: smp_fetch_var() doesn't depend on HTTP but on the session
|
|
- MINOR: stats: output dcon
|
|
- CLEANUP: tcp rules: mention everywhere that tcp-conn rules are L4
|
|
- MINOR: counters: add new fields for denied_sess
|
|
- MEDIUM: tcp: add registration and processing of TCP L5 rules
|
|
- MINOR: stats: emit dses
|
|
- DOC: document tcp-request session
|
|
- MINOR: ssl: add debug traces
|
|
- BUILD/CLEANUP: ssl: Check BIO_reset() return code
|
|
- BUG/MINOR: ssl: Check malloc return code
|
|
- BUG/MINOR: ssl: prevent multiple entries for the same certificate
|
|
- BUG/MINOR: systemd: make the wrapper return a non-null status code on error
|
|
- BUG/MINOR: systemd: always restore signals before execve()
|
|
- BUG/MINOR: systemd: check return value of calloc()
|
|
- MINOR: systemd: report it when execve() fails
|
|
- BUG/MEDIUM: systemd: let the wrapper know that haproxy has completed or failed
|
|
- MINOR: proxy: add 'served' field to proxy, equal to total of all servers'
|
|
- MINOR: backend: add hash-balance-factor option for hash-type consistent
|
|
- MINOR: server: compute a "cumulative weight" to allow chash balancing to hit its target
|
|
- MEDIUM: server: Implement bounded-load hash algorithm
|
|
- SCRIPTS: make git-show-backports also dump a "git show" command
|
|
- MINOR: build: Allow linking to device-atlas library file
|
|
- MINOR: stats: Escape equals sign on socket dump
|
|
|
|
2016/08/14 : 1.7-dev4
|
|
- MINOR: add list_append_word function
|
|
- MEDIUM: init: use list_append_word in haproxy.c
|
|
- MEDIUM: init: allow directory as argument of -f
|
|
- CLEANUP: config: detect double registration of a config section
|
|
- MINOR: log: add the %Td log-format specifier
|
|
- MEDIUM: filters: Move HTTP headers filtering in its own callback
|
|
- MINOR: filters: Simplify calls to analyzers using 2 new macros
|
|
- MEDIUM: filters: Add pre and post analyzer callbacks
|
|
- DOC: filters: Update the filters documentation accordingly to recent changes
|
|
- BUG/MEDIUM: init: don't use environment locale
|
|
- SCRIPTS: teach git-show-backports how to report upstream commits
|
|
- SCRIPTS: make git-show-backports capable of limiting its history
|
|
- BUG/MAJOR: fix listening IP address storage for frontends
|
|
- BUG/MINOR: fix listening IP address storage for frontends (cont)
|
|
- DOC: Fix typo so fetch is properly parsed by Cyril's converter
|
|
- BUG/MAJOR: http: fix breakage of "reqdeny" causing random crashes
|
|
- BUG/MEDIUM: stick-tables: fix breakage in table converters
|
|
- MINOR: stick-table: change all stick-table converters' inputs to SMP_T_ANY
|
|
- BUG/MEDIUM: dns: unbreak DNS resolver after header fix
|
|
- BUILD: fix build on Solaris 11
|
|
- BUG/MEDIUM: config: fix multiple declaration of section parsers
|
|
- BUG/MEDIUM: stats: show servers state may show an servers from another backend
|
|
- BUG/MEDIUM: fix risk of segfault with "show tls-keys"
|
|
- MEDIUM: dumpstats: 'show tls-keys' is now able to show secrets
|
|
- DOC: update doc about tls-tickets-keys dump
|
|
- MEDIUM: tcp: add 'set-src' to 'tcp-request connection'
|
|
- MINOR: set the CO_FL_ADDR_FROM_SET flags with 'set-src'
|
|
- MEDIUM: tcp/http: add 'set-src-port' action
|
|
- MEDIUM: tcp/http: new set-dst/set-dst-port actions
|
|
- BUG/MEDIUM: sticktables: segfault in some configuration error cases
|
|
- BUILD/MEDIUM: rebuild everything when an include file is changed
|
|
- BUILD/MEDIUM: force a full rebuild if some build options change
|
|
- BUG/MEDIUM: lua: converters doesn't work
|
|
- BUG/MINOR: http: add-header: header name copied twice
|
|
- BUG/MEDIUM: http: add-header: buffer overwritten
|
|
- BUG/MINOR: ssl: fix potential memory leak in ssl_sock_load_dh_params()
|
|
- MINOR: stream: export the function 'smp_create_src_stkctr'
|
|
- BUG/MEDIUM: dumpstats: undefined behavior in stats_tlskeys_list()
|
|
- MEDIUM: dumpstats: make stats_tlskeys_list() yield-aware during tls-keys dump
|
|
- BUG/MINOR: http: url32+src should use the big endian version of url32
|
|
- BUG/MINOR: http: url32+src should check cli_conn before using it
|
|
- DOC: http: add documentation for url32 and url32+src
|
|
- BUG/MINOR: fix http-response set-log-level parsing error
|
|
- MINOR: systemd: Use variable for config and pidfile paths
|
|
- MINOR: systemd: Perform sanity check on config before reload
|
|
- MEDIUM: ssl: support SNI filters with multicerts
|
|
- MINOR: ssl: crt-list parsing factor
|
|
- BUILD: ssl: fix typo causing a build failure in the multicert patch
|
|
- MINOR: listener: add the "accept-netscaler-cip" option to the "bind" keyword
|
|
- MINOR: tcp: add "tcp-request connection expect-netscaler-cip layer4"
|
|
- BUG/MINOR: init: always ensure that global.rlimit_nofile matches actual limits
|
|
- BUG/MINOR: init: ensure that FD limit is raised to the max allowed
|
|
- BUG/MEDIUM: external-checks: close all FDs right after the fork()
|
|
- BUG/MAJOR: external-checks: use asynchronous signal delivery
|
|
- BUG/MINOR: external-checks: do not unblock undesired signals
|
|
- CLEANUP: external-check: don't block/unblock SIGCHLD when manipulating the list
|
|
- BUG/MEDIUM: filters: Fix data filtering when data are modified
|
|
- BUG/MINOR: filters: Fix HTTP parsing when a filter loops on data forwarding
|
|
- BUG/MINOR: srv-state: fix incorrect output of state file
|
|
- BUG/MINOR: ssl: close ssl key file on error
|
|
- BUG/MINOR: http: fix misleading error message for response captures
|
|
- BUG/BUILD: don't automatically run "make" on "make install"
|
|
- DOC: add missing doc for http-request deny [deny_status <status>]
|
|
- CLEANUP: dumpstats: u64 field is an unsigned type.
|
|
- BUG/MEDIUM: http: unbreak uri/header/url_param hashing
|
|
- BUG/MINOR: Rework slightly commit 9962f8fc to clean code and avoid mistakes
|
|
- MINOR: new function my_realloc2 = realloc + free upon failure
|
|
- CLEANUP: fixed some usages of realloc leading to memory leak
|
|
- Revert "BUG/MINOR: ssl: fix potential memory leak in ssl_sock_load_dh_params()"
|
|
- CLEANUP: connection: using internal struct to hold source and dest port.
|
|
- DOC: spelling fixes
|
|
- BUG/MINOR: ssl: fix potential memory leak in ssl_sock_load_dh_params()
|
|
- BUG/MEDIUM: dns: fix alignment issues in the DNS response parser
|
|
- BUG/MINOR: Fix endiness issue in DNS header creation code
|
|
- BUG/MEDIUM: lua: the function txn_done() from sample fetches can crash
|
|
- BUG/MEDIUM: lua: the function txn_done() from action wrapper can crash
|
|
- MEDIUM: http: implement http-response track-sc* directive
|
|
- BUG/MINOR: peers: Fix peers data decoding issue
|
|
- BUG/MINOR: peers: don't count track-sc multiple times on errors
|
|
- MINOR: standard: add function "escape_string"
|
|
- BUG/MEDIUM: log: use function "escape_string" instead of "escape_chunk"
|
|
- MINOR: tcp: Return TCP statistics like RTT and RTT variance
|
|
- DOC: lua: remove old functions
|
|
- BUG/MEDIUM: lua: somme HTTP manipulation functions are called without valid requests
|
|
- DOC: fix json converter example and error message
|
|
- BUG/MEDIUM: stream-int: completely detach connection on connect error
|
|
- DOC: minor typo fixes to improve HTML parsing by haproxy-dconv
|
|
- BUILD: make proto_tcp.c compatible with musl library
|
|
- BUG/MAJOR: compression: initialize avail_in/next_in even during flush
|
|
- BUG/MEDIUM: samples: make smp_dup() always duplicate the sample
|
|
- MINOR: sample: implement smp_is_safe() and smp_make_safe()
|
|
- MINOR: sample: provide smp_is_rw() and smp_make_rw()
|
|
- BUG/MAJOR: server: the "sni" directive could randomly cause trouble
|
|
- BUG/MEDIUM: stick-tables: do not fail on string keys with no allocated size
|
|
- BUG/MEDIUM: stick-table: properly convert binary samples to keys
|
|
- MINOR: sample: use smp_make_rw() in upper/lower converters
|
|
- MINOR: tcp: add dst_is_local and src_is_local
|
|
- BUG/MINOR: peers: some updates are pushed twice after a resync.
|
|
- BUILD: protocol: fix some build errors on OpenBSD
|
|
- BUILD: log: iovec requires to include sys/uio.h on OpenBSD
|
|
- BUILD: tcp: do not include netinet/ip.h for IP_TTL
|
|
- BUILD: connection: fix build breakage on openbsd due to missing in_systm.h
|
|
- BUILD: checks: remove the last strcat and eliminate a warning on OpenBSD
|
|
- BUILD: tcp: define SOL_TCP when only IPPROTO_TCP exists
|
|
- BUILD: compression: remove a warning when no compression lib is used
|
|
- BUILD: poll: remove unused hap_fd_isset() which causes a warning with clang
|
|
- MINOR: tcp: add further tcp info fetchers
|
|
- BUG/MINOR: peers: empty chunks after a resync.
|
|
- BUG/MAJOR: stick-counters: possible crash when using sc_trackers with wrong table
|
|
- MINOR: standard.c: ipcmp() function to compare 2 IP addresses stored in 2 struct sockaddr_storage
|
|
- MINOR: standard.c: ipcpy() function to copy an IP address from a struct sockaddr_storage into an other one
|
|
- MAJOR: listen section: don't use first bind port anymore when no server ports are provided
|
|
|
|
2016/05/10 : 1.7-dev3
|
|
- MINOR: sample: Moves ARGS underlying type from 32 to 64 bits.
|
|
- BUG/MINOR: log: Don't use strftime() which can clobber timezone if chrooted
|
|
- BUILD: namespaces: fix a potential build warning in namespaces.c
|
|
- MINOR: da: Using ARG12 macro for the sample fetch and the convertor.
|
|
- DOC: add encoding to json converter example
|
|
- BUG/MINOR: conf: "listener id" expects integer, but its not checked
|
|
- DOC: Clarify tunes.vars.xxx-max-size settings
|
|
- CLEANUP: chunk: adding NULL check to chunk_dup allocation.
|
|
- CLEANUP: connection: fix double negation on memcmp()
|
|
- BUG/MEDIUM: peers: fix incorrect age in frequency counters
|
|
- BUG/MEDIUM: Fix RFC5077 resumption when more than TLS_TICKETS_NO are present
|
|
- BUG/MAJOR: Fix crash in http_get_fhdr with exactly MAX_HDR_HISTORY headers
|
|
- BUG/MINOR: lua: can't load external libraries
|
|
- BUG/MINOR: prevent the dump of uninitialized vars
|
|
- CLEANUP: map: it seems that the map were planed to be chained
|
|
- MINOR: lua: move class registration facilities
|
|
- MINOR: lua: remove some useless checks
|
|
- CLEANUP: lua: Remove two same functions
|
|
- MINOR: lua: refactor the Lua object registration
|
|
- MINOR: lua: precise message when a critical error is catched
|
|
- MINOR: lua: post initialization
|
|
- MINOR: lua: Add internal function which strip spaces
|
|
- MINOR: lua: convert field to lua type
|
|
- DOC: "addr" parameter applies to both health and agent checks
|
|
- DOC: timeout client: pointers to timeout http-request
|
|
- DOC: typo on stick-store response
|
|
- DOC: stick-table: amend paragraph blaming the loss of table upon reload
|
|
- DOC: typo: ACL subdir match
|
|
- DOC: typo: maxconn paragraph is wrong due to a wrong buffer size
|
|
- DOC: regsub: parser limitation about the inability to use closing square brackets
|
|
- DOC: typo: req.uri is now replaced by capture.req.uri
|
|
- DOC: name set-gpt0 mismatch with the expected keyword
|
|
- MINOR: http: sample fetch which returns unique-id
|
|
- MINOR: dumpstats: extract stats fields enum and names
|
|
- MINOR: dumpstats: split stats_dump_info_to_buffer() in two parts
|
|
- MINOR: dumpstats: split stats_dump_fe_stats() in two parts
|
|
- MINOR: dumpstats: split stats_dump_li_stats() in two parts
|
|
- MINOR: dumpstats: split stats_dump_sv_stats() in two parts
|
|
- MINOR: dumpstats: split stats_dump_be_stats() in two parts
|
|
- MINOR: lua: dump general info
|
|
- MINOR: lua: add class proxy
|
|
- MINOR: lua: add class server
|
|
- MINOR: lua: add class listener
|
|
- BUG/MEDIUM: stick-tables: some sample-fetch doesn't work in the connection state.
|
|
- MEDIUM: proxy: use dynamic allocation for error dumps
|
|
- CLEANUP: remove unneeded casts
|
|
- CLEANUP: uniformize last argument of malloc/calloc
|
|
- DOC: fix "needed" typo
|
|
- BUG/MINOR: dumpstats: fix write to global chunk
|
|
- BUG/MINOR: dns: inapropriate way out after a resolution timeout
|
|
- BUG/MINOR: dns: trigger a DNS query type change on resolution timeout
|
|
- CLEANUP: proto_http: few corrections for gcc warnings.
|
|
- BUG/MINOR: DNS: resolution structure change
|
|
- BUG/MINOR : allow to log cookie for tarpit and denied request
|
|
- BUG/MEDIUM: ssl: rewind the BIO when reading certificates
|
|
- OPTIM/MINOR: session: abort if possible before connecting to the backend
|
|
- DOC: http: rename the unique-id sample and add the documentation
|
|
- BUG/MEDIUM: trace.c: rdtsc() is defined in two files
|
|
- BUG/MEDIUM: channel: fix miscalculation of available buffer space (2nd try)
|
|
- BUG/MINOR: server: risk of over reading the pref_net array.
|
|
- BUG/MINOR: cfgparse: couple of small memory leaks.
|
|
- BUG/MEDIUM: sample: initialize the pointer before parse_binary call.
|
|
- DOC: fix discrepancy in the example for http-request redirect
|
|
- MINOR: acl: Add predefined METH_DELETE, METH_PUT
|
|
- CLEANUP: .gitignore cleanup
|
|
- DOC: Clarify IPv4 address / mask notation rules
|
|
- CLEANUP: fix inconsistency between fd->iocb, proto->accept and accept()
|
|
- BUG/MEDIUM: fix maxaccept computation on per-process listeners
|
|
- BUG/MINOR: listener: stop unbound listeners on startup
|
|
- BUG/MINOR: fix maxaccept computation according to the frontend process range
|
|
- TESTS: add blocksig.c to run tests with all signals blocked
|
|
- MEDIUM: unblock signals on startup.
|
|
- MINOR: filters: Print the list of existing filters during HA startup
|
|
- MINOR: filters: Typo in an error message
|
|
- MINOR: filters: Filters must define the callbacks struct during config parsing
|
|
- DOC: filters: Add filters documentation
|
|
- BUG/MEDIUM: channel: don't allow to overwrite the reserve until connected
|
|
- BUG/MEDIUM: channel: incorrect polling condition may delay event delivery
|
|
- BUG/MEDIUM: channel: fix miscalculation of available buffer space (3rd try)
|
|
- BUG/MEDIUM: log: fix risk of segfault when logging HTTP fields in TCP mode
|
|
- MINOR: Add ability for agent-check to set server maxconn
|
|
- CLEANUP: Use server_parse_maxconn_change_request for maxconn CLI updates
|
|
- MINOR: filters: add opaque data
|
|
- BUG/MEDIUM: lua: protects the upper boundary of the argument list for converters/fetches.
|
|
- MINOR: lua: migrate the argument mask to 64 bits type.
|
|
- BUG/MINOR: dumpstats: Fix the "Total bytes saved" counter in backends stats
|
|
- BUG/MINOR: log: fix a typo that would cause %HP to log <BADREQ>
|
|
- BUG/MEDIUM: http: fix incorrect reporting of server errors
|
|
- MINOR: channel: add new function channel_congested()
|
|
- BUG/MEDIUM: http: fix risk of CPU spikes with pipelined requests from dead client
|
|
- BUG/MAJOR: channel: fix miscalculation of available buffer space (4th try)
|
|
- BUG/MEDIUM: stream: ensure the SI_FL_DONT_WAKE flag is properly cleared
|
|
- BUG/MEDIUM: channel: fix inconsistent handling of 4GB-1 transfers
|
|
- BUG/MEDIUM: stats: show servers state may show an empty or incomplete result
|
|
- BUG/MEDIUM: stats: show backend may show an empty or incomplete result
|
|
- MINOR: stats: fix typo in help messages
|
|
- MINOR: stats: show stat resolvers missing in the help message
|
|
- BUG/MINOR: dns: fix DNS header definition
|
|
- BUG/MEDIUM: dns: fix alignment issue when building DNS queries
|
|
- CLEANUP: don't ignore scripts in .gitignore
|
|
- BUILD: add a few release and backport scripts in scripts/
|
|
|
|
2016/03/14 : 1.7-dev2
|
|
- DOC: lua: fix lua API
|
|
- DOC: mailers: typo in 'hostname' description
|
|
- DOC: compression: missing mention of libslz for compression algorithm
|
|
- BUILD/MINOR: regex: missing header
|
|
- BUG/MINOR: stream: bad return code
|
|
- DOC: lua: fix somme errors and add implicit types
|
|
- MINOR: lua: add set/get priv for applets
|
|
- BUG/MINOR: http: fix several off-by-one errors in the url_param parser
|
|
- BUG/MINOR: http: Be sure to process all the data received from a server
|
|
- MINOR: filters/http: Use a wrapper function instead of stream_int_retnclose
|
|
- BUG/MINOR: chunk: make chunk_dup() always check and set dst->size
|
|
- DOC: ssl: fixed some formatting errors in crt tag
|
|
- MINOR: chunks: ensure that chunk_strcpy() adds a trailing zero
|
|
- MINOR: chunks: add chunk_strcat() and chunk_newstr()
|
|
- MINOR: chunk: make chunk_initstr() take a const string
|
|
- MEDIUM: tools: add csv_enc_append() to preserve the original chunk
|
|
- MINOR: tools: make csv_enc_append() always start at the first byte of the chunk
|
|
- MINOR: lru: new function to delete <nb> least recently used keys
|
|
- DOC: add Ben Shillito as the maintainer of 51d
|
|
- BUG/MINOR: 51d: Ensures a unique domain for each configuration
|
|
- BUG/MINOR: 51d: Aligns Pattern cache implementation with HAProxy best practices.
|
|
- BUG/MINOR: 51d: Releases workset back to pool.
|
|
- BUG/MINOR: 51d: Aligned const pointers to changes in 51Degrees.
|
|
- CLEANUP: 51d: Aligned if statements with HAProxy best practices and removed casts from malloc.
|
|
- MINOR: rename master process name in -Ds (systemd mode)
|
|
- DOC: fix a few spelling mistakes
|
|
- DOC: fix "workaround" spelling
|
|
- BUG/MINOR: examples: Fixing haproxy.spec to remove references to .cfg files
|
|
- MINOR: fix the return type for dns_response_get_query_id() function
|
|
- MINOR: server state: missing LF (\n) on error message printed when parsing server state file
|
|
- BUG/MEDIUM: dns: no DNS resolution happens if no ports provided to the nameserver
|
|
- BUG/MAJOR: servers state: server port is erased when dns resolution is enabled on a server
|
|
- BUG/MEDIUM: servers state: server port is used uninitialized
|
|
- BUG/MEDIUM: config: Adding validation to stick-table expire value.
|
|
- BUG/MEDIUM: sample: http_date() doesn't provide the right day of the week
|
|
- BUG/MEDIUM: channel: fix miscalculation of available buffer space.
|
|
- MEDIUM: pools: add a new flag to avoid rounding pool size up
|
|
- BUG/MEDIUM: buffers: do not round up buffer size during allocation
|
|
- BUG/MINOR: stream: don't force retries if the server is DOWN
|
|
- BUG/MINOR: counters: make the sc-inc-gpc0 and sc-set-gpt0 touch the table
|
|
- MINOR: unix: don't mention free ports on EAGAIN
|
|
- BUG/CLEANUP: CLI: report the proper field states in "show sess"
|
|
- MINOR: stats: send content-length with the redirect to allow keep-alive
|
|
- BUG: stream_interface: Reuse connection even if the output channel is empty
|
|
- DOC: remove old tunnel mode assumptions
|
|
- BUG/MAJOR: http-reuse: fix risk of orphaned connections
|
|
- BUG/MEDIUM: http-reuse: do not share private connections across backends
|
|
- BUG/MINOR: ssl: Be sure to use unique serial for regenerated certificates
|
|
- BUG/MINOR: stats: fix missing comma in stats on agent drain
|
|
- MAJOR: filters: Add filters support
|
|
- MINOR: filters: Do not reset stream analyzers if the client is gone
|
|
- REORG: filters: Prepare creation of the HTTP compression filter
|
|
- MAJOR: filters/http: Rewrite the HTTP compression as a filter
|
|
- MEDIUM: filters: Use macros to call filters callbacks to speed-up processing
|
|
- MEDIUM: filters: remove http_start_chunk, http_last_chunk and http_chunk_end
|
|
- MEDIUM: filters: Replace filter_http_headers callback by an analyzer
|
|
- MEDIUM: filters/http: Move body parsing of HTTP messages in dedicated functions
|
|
- MINOR: filters: Add stream_filters structure to hide filters info
|
|
- MAJOR: filters: Require explicit registration to filter HTTP body and TCP data
|
|
- MINOR: filters: Remove unused or useless stuff and do small optimizations
|
|
- MEDIUM: filters: Optimize the HTTP compression for chunk encoded response
|
|
- MINOR: filters/http: Slightly update the parsing of chunks
|
|
- MINOR: filters/http: Forward remaining data when a channel has no "data" filters
|
|
- MINOR: filters: Add an filter example
|
|
- MINOR: filters: Extract proxy stuff from the struct filter
|
|
- MINOR: map: Add regex matching replacement
|
|
- BUG/MINOR: lua: unsafe initialization
|
|
- DOC: lua: fix somme errors
|
|
- MINOR: lua: file dedicated to unsafe functions
|
|
- MINOR: lua: add "now" time function
|
|
- MINOR: standard: add RFC HTTP date parser
|
|
- MINOR: lua: Add date functions
|
|
- MINOR: lua: move common function
|
|
- MINOR: lua: merge function
|
|
- MINOR: lua: Add concat class
|
|
- MINOR: standard: add function "escape_chunk"
|
|
- MEDIUM: log: add a new log format flag "E"
|
|
- DOC: add server name at rate-limit sessions example
|
|
- BUG/MEDIUM: ssl: fix off-by-one in ALPN list allocation
|
|
- BUG/MEDIUM: ssl: fix off-by-one in NPN list allocation
|
|
- DOC: LUA: fix some typos and syntax errors
|
|
- MINOR: cli: add a new "show env" command
|
|
- MEDIUM: config: allow to manipulate environment variables in the global section
|
|
- MEDIUM: cfgparse: reject incorrect 'timeout retry' keyword spelling in resolvers
|
|
- MINOR: mailers: increase default timeout to 10 seconds
|
|
- MINOR: mailers: use <CRLF> for all line endings
|
|
- BUG/MAJOR: lua: segfault using Concat object
|
|
- DOC: lua: copyrights
|
|
- MINOR: common: mask conversion
|
|
- MEDIUM: dns: extract options
|
|
- MEDIUM: dns: add a "resolve-net" option which allow to prefer an ip in a network
|
|
- MINOR: mailers: make it possible to configure the connection timeout
|
|
- BUG/MAJOR: lua: applets can't sleep.
|
|
- BUG/MINOR: server: some prototypes are renamed
|
|
- BUG/MINOR: lua: Useless copy
|
|
- BUG/MEDIUM: stats: stats bind-process doesn't propagate the process mask correctly
|
|
- BUG/MINOR: server: fix the format of the warning on address change
|
|
- CLEANUP: server: add "const" to some message strings
|
|
- MINOR: server: generalize the "updater" source
|
|
- BUG/MEDIUM: chunks: always reject negative-length chunks
|
|
- BUG/MINOR: systemd: ensure we don't miss signals
|
|
- BUG/MINOR: systemd: report the correct signal in debug message output
|
|
- BUG/MINOR: systemd: propagate the correct signal to haproxy
|
|
- MINOR: systemd: ensure a reload doesn't mask a stop
|
|
- BUG/MEDIUM: cfgparse: wrong argument offset after parsing server "sni" keyword
|
|
- CLEANUP: stats: Avoid computation with uninitialized bits.
|
|
- CLEANUP: pattern: Ignore unknown samples in pat_match_ip().
|
|
- CLEANUP: map: Avoid memory leak in out-of-memory condition.
|
|
- BUG/MINOR: tcpcheck: fix incorrect list usage resulting in failure to load certain configs
|
|
- BUG/MAJOR: samples: check smp->strm before using it
|
|
- MINOR: sample: add a new helper to initialize the owner of a sample
|
|
- MINOR: sample: always set a new sample's owner before evaluating it
|
|
- BUG/MAJOR: vars: always retrieve the stream and session from the sample
|
|
- CLEANUP: payload: remove useless and confusing nullity checks for channel buffer
|
|
- BUG/MINOR: ssl: fix usage of the various sample fetch functions
|
|
- MINOR: stats: create fields types suitable for all CSV output data
|
|
- MINOR: stats: add all the "show info" fields in a table
|
|
- MEDIUM: stats: fill all the show info elements prior to displaying them
|
|
- MINOR: stats: add a function to emit fields into a chunk
|
|
- MINOR: stats: add stats_dump_info_fields() to dump one field per line
|
|
- MEDIUM: stats: make use of stats_dump_info_fields() for "show info"
|
|
- MINOR: stats: add a declaration of all stats fields
|
|
- MINOR: stats: don't hard-code the CSV fields list anymore
|
|
- MINOR: stats: create stats fields storage and CSV dump function
|
|
- MEDIUM: stats: convert stats_dump_fe_stats() to use stats_dump_fields_csv()
|
|
- MEDIUM: stats: make stats_dump_fe_stats() use stats fields for HTML dump
|
|
- MEDIUM: stats: convert stats_dump_li_stats() to use stats_dump_fields_csv()
|
|
- MEDIUM: stats: make stats_dump_li_stats() use stats fields for HTML dump
|
|
- MEDIUM: stats: convert stats_dump_be_stats() to use stats_dump_fields_csv()
|
|
- MEDIUM: stats: make stats_dump_be_stats() use stats fields for HTML dump
|
|
- MEDIUM: stats: convert stats_dump_sv_stats() to use stats_dump_fields_csv()
|
|
- MEDIUM: stats: make stats_dump_sv_stats() use the stats field for HTML
|
|
- MEDIUM: stats: move the server state coloring logic to the server dump function
|
|
- MINOR: stats: do not use srv->admin & STATS_ADMF_MAINT in HTML dumps
|
|
- MINOR: stats: do not check srv->state for SRV_ST_STOPPED in HTML dumps
|
|
- MINOR: stats: make CSV report server check status only when enabled
|
|
- MINOR: stats: only report backend's down time if it has servers
|
|
- MINOR: stats: prepend '*' in front of the check status when in progress
|
|
- MINOR: stats: make HTML stats dump rely on the table for the check status
|
|
- MINOR: stats: add agent_status, agent_code, agent_duration to output
|
|
- MINOR: stats: add check_desc and agent_desc to the output fields
|
|
- MINOR: stats: add check and agent's health values in the output
|
|
- MEDIUM: stats: make the HTML server state dump use the CSV states
|
|
- MEDIUM: stats: only report observe errors when observe is set
|
|
- MEDIUM: stats: expose the same flags for CLI and HTTP accesses
|
|
- MEDIUM: stats: report server's address in the CSV output
|
|
- MEDIUM: stats: report the cookie value in the server & backend CSV dumps
|
|
- MEDIUM: stats: compute the color code only in the HTML form
|
|
- MEDIUM: stats: report the listeners' address in the CSV output
|
|
- MEDIUM: stats: make it possible to report the WAITING state for listeners
|
|
- REORG: stats: dump the frontend's HTML stats via a generic function
|
|
- REORG: stats: dump the socket stats via the generic function
|
|
- REORG: stats: dump the server stats via the generic function
|
|
- REORG: stats: dump the backend stats via the generic function
|
|
- MEDIUM: stats: add a new "mode" column to report the proxy mode
|
|
- MINOR: stats: report the load balancing algorithm in CSV output
|
|
- MINOR: stats: add 3 fields to report the frontend-specific connection stats
|
|
- MINOR: stats: report number of intercepted requests for frontend and backends
|
|
- MINOR: stats: introduce stats_dump_one_line() to dump one stats line
|
|
- CLEANUP: stats: make stats_dump_fields_html() not rely on proxy anymore
|
|
- MINOR: stats: add ST_SHOWADMIN to pass the admin info in the regular flags
|
|
- MINOR: stats: make stats_dump_fields_html() not use &trash by default
|
|
- MINOR: stats: add functions to emit typed fields into a chunk
|
|
- MEDIUM: stats: support "show info typed" on the CLI
|
|
- MEDIUM: stats: implement a typed output format for stats
|
|
- DOC: document the "show info typed" and "show stat typed" output formats
|
|
- MINOR: cfgparse: warn when uid parameter is not a number
|
|
- MINOR: cfgparse: warn when gid parameter is not a number
|
|
- BUG/MINOR: standard: Avoid free of non-allocated pointer
|
|
- BUG/MINOR: pattern: Avoid memory leak on out-of-memory condition
|
|
- CLEANUP: http: fix a build warning introduced by a recent fix
|
|
- BUG/MINOR: log: GMT offset not updated when entering/leaving DST
|
|
|
|
2015/12/20 : 1.7-dev1
|
|
- DOC: specify that stats socket doc (section 9.2) is in management
|
|
- BUILD: install only relevant and existing documentation
|
|
- CLEANUP: don't ignore debian/ directory if present
|
|
- BUG/MINOR: dns: parsing error of some DNS response
|
|
- BUG/MEDIUM: namespaces: don't fail if no namespace is used
|
|
- BUG/MAJOR: ssl: free the generated SSL_CTX if the LRU cache is disabled
|
|
- MEDIUM: dns: Don't use the ANY query type
|
|
- BUILD: ssl: fix build error introduced in commit 7969a3 with OpenSSL < 1.0.0
|
|
- DOC: fix a typo for a "deviceatlas" keyword
|
|
- FIX: small typo in an example using the "Referer" header
|
|
- MINOR: cli: ability to set per-server maxconn
|
|
- DEBUG/MINOR: memory: add a build option to disable memory pools sharing
|
|
- DEBUG/MEDIUM: memory: optionally protect free data in pools
|
|
- DEBUG/MEDIUM: memory: add optional control pool memory operations
|
|
- MEDIUM: memory: add accounting for failed allocations
|
|
- BUG/MEDIUM: config: count memory limits on 64 bits, not 32
|
|
- BUG/MAJOR: dns: first DNS response packet not matching queried hostname may lead to a loop
|
|
- BUG/MINOR: dns: unable to parse CNAMEs response
|
|
- BUG/MINOR: examples/haproxy.init: missing brace in quiet_check()
|
|
- DOC: deviceatlas: more example use cases.
|
|
- MINOR: config: allow IPv6 bracketed literals
|
|
- BUG/BUILD: replace haproxy-systemd-wrapper with $(EXTRA) in install-bin.
|
|
- BUILD: add Haiku as supported target.
|
|
- BUG/MAJOR: http: don't requeue an idle connection that is already queued
|
|
- DOC: typo on capture.res.hdr and capture.req.hdr
|
|
- BUG/MINOR: dns: check for duplicate nameserver id in a resolvers section was missing
|
|
- CLEANUP: use direction names in place of numeric values
|
|
- BUG/MEDIUM: lua: sample fetches based on response doesn't work
|
|
- MINOR: check: add agent-send server parameter
|
|
- BUG/MINOR: http rule: http capture 'id' rule points to a non existing id
|
|
- BUG/MINOR: server: check return value of fgets() in apply_server_state()
|
|
- BUG/MINOR: acl: don't use record layer in req_ssl_ver
|
|
- BUILD: freebsd: double declaration
|
|
- BUG/MEDIUM: lua: clean output buffer
|
|
- BUILD: check for libressl to be able to build against it
|
|
- DOC: lua-api/index.rst small example fixes, spelling correction.
|
|
- DOC: lua: architecture and first steps
|
|
- DOC: relation between timeout http-request and option http-buffer-request
|
|
- BUILD: Make deviceatlas require PCRE
|
|
- BUG: http: do not abort keep-alive connections on server timeout
|
|
- BUG/MEDIUM: http: switch the request channel to no-delay once done.
|
|
- BUG/MINOR: lua: don't force-sslv3 LUA's SSL socket
|
|
- BUILD/MINOR: http: proto_http.h needs sample.h
|
|
- BUG/MEDIUM: http: don't enable auto-close on the response side
|
|
- BUG/MEDIUM: stream: fix half-closed timeout handling
|
|
- CLEANUP: compression: don't allocate DEFAULT_MAXZLIBMEM without USE_ZLIB
|
|
- BUG/MEDIUM: cli: changing compression rate-limiting must require admin level
|
|
- BUG/MEDIUM: sample: urlp can't match an empty value
|
|
- BUILD: dumpstats: silencing warning for printf format specifier / time_t
|
|
- CLEANUP: proxy: calloc call inverted arguments
|
|
- MINOR: da: silent logging by default and displaying DeviceAtlas support if built.
|
|
- BUG/MEDIUM: da: stop DeviceAtlas processing in the convertor if there is no input.
|
|
- DOC: Edited 51Degrees section of README/
|
|
- BUG/MEDIUM: checks: email-alert not working when declared in defaults
|
|
- BUG/MINOR: checks: email-alert causes a segfault when an unknown mailers section is configured
|
|
- BUG/MINOR: checks: typo in an email-alert error message
|
|
- BUG/MINOR: tcpcheck: conf parsing error when no port configured on server and last rule is a CONNECT with no port
|
|
- BUG/MINOR: tcpcheck: conf parsing error when no port configured on server and first rule(s) is (are) COMMENT
|
|
- BUG/MEDIUM: http: fix http-reuse when frontend and backend differ
|
|
- DOC: prefer using http-request/response over reqXXX/rspXXX directives
|
|
- CLEANUP: haproxy: using _GNU_SOURCE instead of __USE_GNU macro.
|
|
- MINOR: ssl: Added cert_key_and_chain struct
|
|
- MEDIUM: ssl: Added support for creating SSL_CTX with multiple certs
|
|
- MINOR: ssl: Added multi cert support for crt-list config keyword
|
|
- MEDIUM: ssl: Added multi cert support for loading crt directories
|
|
- MEDIUM: ssl: Added support for Multi-Cert OCSP Stapling
|
|
- BUILD: ssl: set SSL_SOCK_NUM_KEYTYPES with openssl < 1.0.2
|
|
- MINOR: config: make tune.recv_enough configurable
|
|
- BUG/MEDIUM: config: properly adjust maxconn with nbproc when memmax is forced
|
|
- DOC: ssl: Adding docs for Multi-Cert bundling
|
|
- BUG/MEDIUM: peers: table entries learned from a remote are pushed to others after a random delay.
|
|
- BUG/MEDIUM: peers: old stick table updates could be repushed.
|
|
- MINOR: lua: service/applet can have access to the HTTP headers when a POST is received
|
|
- REORG/MINOR: lua: convert boolean "int" to bitfield
|
|
- BUG/MEDIUM: lua: Lua applets must not fetch samples using http_txn
|
|
- BUG/MINOR: lua: Lua applets must not use http_txn
|
|
- BUG/MEDIUM: lua: Forbid HTTP applets from being called from tcp rulesets
|
|
- BUG/MAJOR: lua: Do not force the HTTP analysers in use-services
|
|
- CLEANUP: lua: bad error messages
|
|
- CONTRIB: initiate a debugging suite to make debugging easier
|
|
|
|
2015/10/13 : 1.7-dev0
|
|
- exact copy of 1.6.0
|
|
|
|
2015/10/13 : 1.6.0
|
|
- BUG/MINOR: Handle interactive mode in cli handler
|
|
- DOC: global section missing parameters
|
|
- DOC: backend section missing parameters
|
|
- DOC: stats paramaters available in frontend
|
|
- MINOR: lru: do not allocate useless memory in lru64_lookup
|
|
- BUG/MINOR: http: Add OPTIONS in supported http methods (found by find_http_meth)
|
|
- BUG/MINOR: ssl: fix management of the cache where forged certificates are stored
|
|
- MINOR: ssl: Release Servers SSL context when HAProxy is shut down
|
|
- MINOR: ssl: Read the file used to generate certificates in any order
|
|
- MINOR: ssl: Add support for EC for the CA used to sign generated certificates
|
|
- MINOR: ssl: Add callbacks to set DH/ECDH params for generated certificates
|
|
- BUG/MEDIUM: logs: fix time zone offset format in RFC5424
|
|
- BUILD: Fix the build on OSX (htonll/ntohll)
|
|
- BUILD: enable build on Linux/s390x
|
|
- BUG/MEDIUM: lua: direction test failed
|
|
- MINOR: lua: fix a spelling error in some error messages
|
|
- CLEANUP: cli: ensure we can never double-free error messages
|
|
- BUG/MEDIUM: lua: force server-close mode on Lua services
|
|
- MEDIUM: init: support more command line arguments after pid list
|
|
- MEDIUM: init: support a list of files on the command line
|
|
- MINOR: debug: enable memory poisonning to use byte 0
|
|
- BUILD: ssl: fix build error introduced by recent commit
|
|
- BUG/MINOR: config: make the stats socket pass the correct proxy to the parsers
|
|
- MEDIUM: server: implement TCP_USER_TIMEOUT on the server
|
|
- DOC: mention the "namespace" options for bind and server lines
|
|
- DOC: add the "management" documentation
|
|
- DOC: move the stats socket documentation from config to management
|
|
- MINOR: examples: update haproxy.spec to mention new docs
|
|
- DOC: mention management.txt in README
|
|
- DOC: remove haproxy-{en,fr}.txt
|
|
- BUILD: properly report when USE_ZLIB and USE_SLZ are used together
|
|
- MINOR: init: report use of libslz instead of "no compression"
|
|
- CLEANUP: examples: remove some obsolete and confusing files
|
|
- CLEANUP: examples: remove obsolete configuration file samples
|
|
- CLEANUP: examples: fix the example file content-sw-sample.cfg
|
|
- CLEANUP: examples: update sample file option-http_proxy.cfg
|
|
- CLEANUP: examples: update sample file ssl.cfg
|
|
- CLEANUP: tests: move a test file from examples/ to tests/
|
|
- CLEANUP: examples: shut up warnings in transparent proxy example
|
|
- CLEANUP: tests: removed completely obsolete test files
|
|
- DOC: update ROADMAP to remove what was done in 1.6
|
|
- BUG/MEDIUM: pattern: fixup use_after_free in the pat_ref_delete_by_id
|
|
|
|
2015/10/06 : 1.6-dev7
|
|
- MINOR: cli: Dump all resolvers stats if no resolver section is given
|
|
- BUG: config: external-check command validation is checking for incorrect arguments.
|
|
- DOC: documentation format cleanups
|
|
- DOC: lua: few typos.
|
|
- BUG/MEDIUM: str2ip: make getaddrinfo() consider local address selection policy
|
|
- BUG/MEDIUM: logs: segfault writing to log from Lua
|
|
- DOC: fix lua use-service example
|
|
- MINOR: payload: add support for tls session ticket ext
|
|
- MINOR: lua: remove the run flag
|
|
- MEDIUM: lua: change the timeout execution
|
|
- MINOR: lua: rename the tune.lua.applet-timeout
|
|
- DOC: lua: update Lua doc
|
|
- DOC: lua: update doc according with the last Lua changes
|
|
- MINOR: http/tcp: fill the avalaible actions
|
|
- DOC: reorder misplaced res.ssl_hello_type in the doc
|
|
- BUG/MINOR: tcp: make silent-drop always force a TCP reset
|
|
- CLEANUP: tcp: silent-drop: only drain the connection when quick-ack is disabled
|
|
- BUILD: tcp: use IPPROTO_IP when SOL_IP is not available
|
|
- BUILD: server: fix build warnings introduced by load-server-state
|
|
- BUG/MEDIUM: server: fix misuse of format string in load-server-state's warnings
|
|
|
|
2015/09/28 : 1.6-dev6
|
|
- BUG/MAJOR: can't enable a server through the stat socket
|
|
- MINOR: server: Macro definition for server-state
|
|
- MINOR: cli: new stats socket command: show servers state
|
|
- DOC: stats socket command: show servers state
|
|
- MINOR: config: new global directive server-state-base
|
|
- DOC: global directive server-state-base
|
|
- MINOR: config: new global section directive: server-state-file
|
|
- DOC: new global directive: server-state-file
|
|
- MINOR: config: new backend directives: load-server-state-from-file and server-state-file-name
|
|
- DOC: load-server-state-from-file
|
|
- MINOR: init: server state loaded from file
|
|
- MINOR: server: startup slowstart task when using seamless reload of HAProxy
|
|
- MINOR: cli: new stats socket command: show backend
|
|
- DOC: servers state seamless reload example
|
|
- BUG: dns: can't connect UDP socket on FreeBSD
|
|
- MINOR: cfgparse: New function cfg_unregister_sections()
|
|
- MINOR: chunk: New function free_trash_buffers()
|
|
- BUG/MEDIUM: main: Freeing a bunch of static pointers
|
|
- MINOR: proto_http: Externalisation of previously internal functions
|
|
- MINOR: global: Few new struct fields for da module
|
|
- MAJOR: da: Update of the DeviceAtlas API module
|
|
- DOC: DeviceAtlas new keywords
|
|
- DOC: README: DeviceAtlas sample configuration updates
|
|
- MEDIUM: log: replace sendto() with sendmsg() in __send_log()
|
|
- MEDIUM: log: use a separate buffer for the header and for the message
|
|
- MEDIUM: logs: remove the hostname, tag and pid part from the logheader
|
|
- MEDIUM: logs: add support for RFC5424 header format per logger
|
|
- MEDIUM: logs: add a new RFC5424 log-format for the structured-data
|
|
- DOC: mention support for the RFC5424 syslog message format
|
|
- MEDIUM: logs: have global.log_send_hostname not contain the trailing space
|
|
- MEDIUM: logs: pass the trailing "\n" as an iovec
|
|
- BUG/MEDIUM: peers: some table updates are randomly not pushed.
|
|
- BUG/MEDIUM: peers: same table updates re-pushed after a re-connect
|
|
- BUG/MINOR: fct peer_prepare_ackmsg should not use trash.
|
|
- MINOR: http: made CHECK_HTTP_MESSAGE_FIRST accessible to other functions
|
|
- MINOR: global: Added new fields for 51Degrees device detection
|
|
- DOC: Added more explanation for 51Degrees V3.2
|
|
- BUILD: Changed 51Degrees option to support V3.2
|
|
- MAJOR: 51d: Upgraded to support 51Degrees V3.2 and new features
|
|
- MINOR: 51d: Improved string handling for LRU cache
|
|
- DOC: add references to rise/fall for the fastinter explanation
|
|
- MINOR: support cpu-map feature through the compile option USE_CPU_AFFINITY on FreeBSD
|
|
- BUG/MAJOR: lua: potential unexpected aborts()
|
|
- BUG/MINOR: lua: breaks the log message if his size exceed one buffer
|
|
- MINOR: action: add private configuration
|
|
- MINOR: action: add reference to the original keywork matched for the called parser.
|
|
- MINOR: lua: change actions registration
|
|
- MEDIUM: proto_http: smp_prefetch_http initialize txn
|
|
- MINOR: channel: rename function chn_sess to chn_strm
|
|
- CLEANUP: lua: align defines
|
|
- MINOR: http: export http_get_path() function
|
|
- MINOR: http: export the get_reason() function
|
|
- MINOR: http: export function http_msg_analyzer()
|
|
- MINOR: http: split initialization
|
|
- MINOR: lua: reset pointer after use
|
|
- MINOR: lua: identify userdata objects
|
|
- MEDIUM: lua: use the function lua_rawset in place of lua_settable
|
|
- BUG/MAJOR: lua: segfault after the channel data is modified by some Lua action.
|
|
- CLEANUP: lua: use calloc in place of malloc
|
|
- BUG/MEDIUM: lua: longjmp function must be unregistered
|
|
- BUG/MEDIUM: lua: forces a garbage collection
|
|
- BUG/MEDIUM: lua: wakeup task on bad conditions
|
|
- MINOR: standard: avoid DNS resolution from the function str2sa_range()
|
|
- MINOR: lua: extend socket address to support non-IP families
|
|
- MINOR: lua/applet: the cosocket applet should use appctx_wakeup in place of task_wakeup
|
|
- BUG/MEDIUM: lua: socket destroy before reading pending data
|
|
- MEDIUM: lua: change the GC policy
|
|
- OPTIM/MEDIUM: lua: executes the garbage collector only when using cosocket
|
|
- BUG/MEDIUM: lua: don't reset undesired flags in hlua_ctx_resume
|
|
- MINOR: applet: add init function
|
|
- MINOR: applet: add an execution timeout
|
|
- MINOR: stream/applet: add use-service action
|
|
- MINOR: lua: add AppletTCP class and service
|
|
- MINOR: lua: add AppletHTTP class and service
|
|
- DOC: lua: some documentation update
|
|
- DOC: add the documentation about internal circular lists
|
|
- DOC: add a CONTRIBUTING file
|
|
- DOC: add a MAINTAINERS file
|
|
- BUG/MAJOR: peers: fix a crash when stopping peers on unbound processes
|
|
- DOC: update coding-style to reference checkpatch.pl
|
|
- BUG/MEDIUM: stick-tables: fix double-decrement of tracked entries
|
|
- BUG/MINOR: args: add name for ARGT_VAR
|
|
- DOC: add more entries to MAINTAINERS
|
|
- DOC: add more entries to MAINTAINERS
|
|
- CLEANUP: stream-int: remove obsolete function si_applet_call()
|
|
- BUG/MAJOR: cli: do not dereference strm_li()->proto->name
|
|
- BUG/MEDIUM: http: do not dereference strm_li(stream)
|
|
- BUG/MEDIUM: proxy: do not dereference strm_li(stream)
|
|
- BUG/MEDIUM: stream: do not dereference strm_li(stream)
|
|
- MINOR: stream-int: use si_release_endpoint() to close idle conns
|
|
- BUG/MEDIUM: payload: make req.payload and payload_lv aware of dynamic buffers
|
|
- BUG/MEDIUM: acl: always accept match "found"
|
|
- MINOR: applet: rename applet_runq to applet_active_queue
|
|
- BUG/MAJOR: applet: use a separate run queue to maintain list integrity
|
|
- MEDIUM: stream-int: split stream_int_update_conn() into si- and conn-specific parts
|
|
- MINOR: stream-int: implement a new stream_int_update() function
|
|
- MEDIUM: stream-int: factor out the stream update functions
|
|
- MEDIUM: stream-int: call stream_int_update() from si_update()
|
|
- MINOR: stream-int: export stream_int_update_*
|
|
- MINOR: stream-int: move the applet_pause call out of the stream updates
|
|
- MEDIUM: stream-int: clean up the conditions to enable reading in si_conn_wake_cb
|
|
- MINOR: stream-int: implement the stream_int_notify() function
|
|
- MEDIUM: stream-int: use the same stream notification function for applets and conns
|
|
- MEDIUM: stream-int: completely remove stream_int_update_embedded()
|
|
- MINOR: stream-int: rename si_applet_done() to si_applet_wake_cb()
|
|
- BUG/MEDIUM: applet: fix reporting of broken write situation
|
|
- BUG/MINOR: stats: do not call cli_release_handler 3 times
|
|
- BUG/MEDIUM: cli: properly handle closed output
|
|
- MINOR: cli: do not call the release handler on internal error.
|
|
- BUG/MEDIUM: stream-int: avoid double-call to applet->release
|
|
- DEBUG: add p_malloc() to return a poisonned memory area
|
|
- CLEANUP: lua: remove unneeded memset(0) after calloc()
|
|
- MINOR: lua: use the proper applet wakeup mechanism
|
|
- BUG/MEDIUM: lua: better fix for the protocol check
|
|
- BUG/MEDIUM: lua: properly set the target on the connection
|
|
- MEDIUM: actions: pass a new "flags" argument to custom actions
|
|
- MEDIUM: actions: add new flag ACT_FLAG_FINAL to notify about last call
|
|
- MEDIUM: http: pass ACT_FLAG_FINAL to custom actions
|
|
- MEDIUM: lua: only allow actions to yield if not in a final call
|
|
- DOC: clarify how to make use of abstract sockets in socat
|
|
- CLEANUP: config: make the errorloc/errorfile messages less confusing
|
|
- MEDIUM: action: add a new flag ACT_FLAG_FIRST
|
|
- BUG/MINOR: config: check that tune.bufsize is always positive
|
|
- MEDIUM: config: set tune.maxrewrite to 1024 by default
|
|
- DOC: add David Carlier as maintainer of da.c
|
|
- DOC: fix some broken unexpected unicode chars in the Lua doc.
|
|
- BUG/MEDIUM: proxy: ignore stopped peers
|
|
- BUG/MEDIUM: proxy: do not wake stopped proxies' tasks during soft_stop()
|
|
- MEDIUM: init: completely deallocate unused peers
|
|
- BUG/MEDIUM: tcp: fix inverted condition to call custom actions
|
|
- DOC: remove outdated actions lists on tcp-request/response
|
|
- MEDIUM: tcp: add new tcp action "silent-drop"
|
|
- DOC: add URLs to optional libraries in the README
|
|
|
|
2015/09/14 : 1.6-dev5
|
|
- MINOR: dns: dns_resolution structure update: time_t to unsigned int
|
|
- BUG/MEDIUM: dns: DNS resolution doesn't start
|
|
- BUG/MAJOR: dns: dns client resolution infinite loop
|
|
- MINOR: dns: coding style update
|
|
- MINOR: dns: new bitmasks to use against DNS flags
|
|
- MINOR: dns: dns_nameserver structure update: new counter for truncated response
|
|
- MINOR: dns: New DNS response analysis code: DNS_RESP_TRUNCATED
|
|
- MEDIUM: dns: handling of truncated response
|
|
- MINOR: DNS client query type failover management
|
|
- MINOR: dns: no expected DNS record type found
|
|
- MINOR: dns: new flag to report that no IP can be found in a DNS response packet
|
|
- BUG/MINOR: DNS request retry counter used for retry only
|
|
- DOC: DNS documentation updated
|
|
- MEDIUM: actions: remove ACTION_STOP
|
|
- BUG/MEDIUM: lua: outgoing connection was broken since 1.6-dev2 (bis)
|
|
- BUG/MINOR: lua: last log character truncated.
|
|
- CLEANUP: typo: bad indent
|
|
- CLEANUP: actions: missplaced includes
|
|
- MINOR: build: missing header
|
|
- CLEANUP: lua: Merge log functions
|
|
- BUG/MAJOR: http: don't manipulate the server connection if it's killed
|
|
- BUG/MINOR: http: remove stupid HTTP_METH_NONE entry
|
|
- BUG/MAJOR: http: don't call http_send_name_header() after an error
|
|
- MEDIUM: tools: make str2sa_range() optionally return the FQDN
|
|
- BUG/MINOR: tools: make str2sa_range() report unresolvable addresses
|
|
- BUG/MEDIUM: dns: use the correct server hostname when resolving
|
|
|
|
2015/08/30 : 1.6-dev4
|
|
- MINOR: log: Add log-format variable %HQ, to log HTTP query strings
|
|
- DOC: typo in 'redirect', 302 code meaning
|
|
- DOC: typos in tcp-check expect examples
|
|
- DOC: resolve-prefer default value and default-server update
|
|
- MINOR: DNS counters: increment valid counter
|
|
- BUG/MEDIUM: DNS resolution response parsing broken
|
|
- MINOR: server: add new SRV_ADMF_CMAINT flag
|
|
- MINOR: server SRV_ADMF_CMAINT flag doesn't imply SRV_ADMF_FMAINT
|
|
- BUG/MEDIUM: dns: wrong first time DNS resolution
|
|
- BUG/MEDIUM: lua: Lua tasks fail to start.
|
|
- BUILD: add USE_LUA to BUILD_OPTIONS when it's used
|
|
- DOC/MINOR: fix OpenBSD versions where haproxy works
|
|
- MINOR: 51d: unable to start haproxy without "51degrees-data-file"
|
|
- BUG/MEDIUM: peers: fix wrong message id on stick table updates acknowledgement.
|
|
- BUG/MAJOR: peers: fix current table pointer not re-initialized on session release.
|
|
- BUILD: ssl: Allow building against libssl without SSLv3.
|
|
- DOC: clarify some points about SSL and the proxy protocol
|
|
- DOC: mention support for RFC 5077 TLS Ticket extension in starter guide
|
|
- BUG/MEDIUM: mailer: DATA part must be terminated with <CRLF>.<CRLF>
|
|
- DOC: match several lua configuration option names to those implemented in code
|
|
- MINOR cfgparse: Correct the mailer warning text to show the right names to the user
|
|
- BUG/MINOR: ssl: TLS Ticket Key rotation broken via socket command
|
|
- MINOR: stream: initialize the current_rule field to NULL on stream init
|
|
- BUG/MEDIUM: lua: timeout error with converters, wrapper and actions.
|
|
- CLEANUP: proto_http: remove useless initialisation
|
|
- CLEANUP: http/tcp actions: remove the scope member
|
|
- BUG/MINOR: proto_tcp: custom action continue is ignored
|
|
- MINOR: proto_tcp: add session in the action prototype
|
|
- MINOR: vars: reduce the code size of some wrappers
|
|
- MINOR: Move http method enum from proto_http to sample
|
|
- MINOR: sample: Add ipv6 to ipv4 and sint to ipv6 casts
|
|
- MINOR: sample/proto_tcp: export "smp_fetch_src"
|
|
- MEDIUM: cli: rely on the map's output type instead of the sample type
|
|
- BUG/MEDIUM: stream: The stream doen't inherit SC from the session
|
|
- BUG/MEDIUM: vars: segfault during the configuration parsing
|
|
- BUG/MEDIUM: stick-tables: refcount error after copying SC for the session to the stream
|
|
- BUG/MEDIUM: lua: bad error processing
|
|
- MINOR: samples: rename a struct from sample_storage to sample_data
|
|
- MINOR: samples: rename some struct member from "smp" to "data"
|
|
- MEDIUM: samples: Use the "struct sample_data" in the "struct sample"
|
|
- MINOR: samples: extract the anonymous union and create the union sample_value
|
|
- MINOR: samples: rename union from "data" to "u"
|
|
- MEDIUM: 51degrees: Adapt the 51Degrees library
|
|
- MINOR: samples: data assignation simplification
|
|
- MEDIUM: pattern/map: Maps can returns various types
|
|
- MINOR: map: The map can return IPv4 and IPv6
|
|
- MEDIUM: actions: Merge (http|tcp)-(request|reponse) action structs
|
|
- MINOR: actions: Remove the data opaque pointer
|
|
- MINOR: lua: use the hlua_rule type in place of opaque type
|
|
- MINOR: vars: use the vars types as argument in place of opaque type
|
|
- MINOR: proto_http: use an "expr" type in place of generic opaque type.
|
|
- MINOR: proto_http: replace generic opaque types by real used types for the actions on thr request line
|
|
- MINOR: proto_http: replace generic opaque types by real used types in "http_capture"
|
|
- MINOR: proto_http: replace generic opaque types by real used types in "http_capture" by id
|
|
- MEDIUM: track-sc: Move the track-sc configuration storage in the union
|
|
- MEDIUM: capture: Move the capture configuration storage in the union
|
|
- MINOR: actions: add "from" information
|
|
- MINOR: actions: remove the mark indicating the last entry in enum
|
|
- MINOR: actions: Declare all the embedded actions in the same header file
|
|
- MINOR: actions: change actions names
|
|
- MEDIUM: actions: Add standard return code for the action API
|
|
- MEDIUM: actions: Merge (http|tcp)-(request|reponse) keywords structs
|
|
- MINOR: proto_tcp: proto_tcp.h is now useles
|
|
- MINOR: actions: mutualise the action keyword lookup
|
|
- MEDIUM: actions: Normalize the return code of the configuration parsers
|
|
- MINOR: actions: Remove wrappers
|
|
- MAJOR: stick-tables: use sample types in place of dedicated types
|
|
- MEDIUM: stick-tables: use the sample type names
|
|
- MAJOR: stick-tables: remove key storage from the key struct
|
|
- MEDIUM: stick-tables: Add GPT0 in the stick tables
|
|
- MINOR: stick-tables: Add GPT0 access
|
|
- MINOR: stick-tables: Add GPC0 actions
|
|
- BUG/MEDIUM: lua: the lua fucntion Channel:close() causes a segfault
|
|
- DOC: ssl: missing LF
|
|
- MINOR: lua: add core.done() function
|
|
- DOC: fix function name
|
|
- BUG/MINOR: lua: in some case a sample may remain undefined
|
|
- DOC: fix "http_action_set_req_line()" comments
|
|
- MINOR: http: Action for manipulating the returned status code.
|
|
- MEDIUM: lua: turns txn:close into txn:done
|
|
- BUG/MEDIUM: lua: cannot process more Lua hooks after a "done()" function call
|
|
- BUILD: link with libdl if needed for Lua support
|
|
- CLEANUP: backend: factor out objt_server() in connect_server()
|
|
- MEDIUM: backend: don't call si_alloc_conn() when we reuse a valid connection
|
|
- MEDIUM: stream-int: simplify si_alloc_conn()
|
|
- MINOR: stream-int: add new function si_detach_endpoint()
|
|
- MINOR: server: add a list of private idle connections
|
|
- MINOR: connection: add a new list member in the connection struct
|
|
- MEDIUM: stream-int: queue idle connections at the server
|
|
- MINOR: stream-int: make si_idle_conn() only accept valid connections
|
|
- MINOR: server: add a list of already used idle connections
|
|
- MINOR: connection: add a new flag CO_FL_PRIVATE
|
|
- MINOR: config: add new setting "http-reuse"
|
|
- MAJOR: backend: initial work towards connection reuse
|
|
- MAJOR: backend: improve the connection reuse mechanism
|
|
- MEDIUM: backend: implement "http-reuse safe"
|
|
- MINOR: server: add a list of safe, already reused idle connections
|
|
- MEDIUM: backend: add the "http-reuse aggressive" strategy
|
|
- DOC: document the new http-reuse directive
|
|
- DOC: internals: document next steps for HTTP connection reuse
|
|
- DOC: mention that %ms is left-padded with zeroes.
|
|
- MINOR: init: indicate to check 'bind' lines when no listeners were found.
|
|
- MAJOR: http: remove references to appsession
|
|
- CLEANUP: config: remove appsession initialization
|
|
- CLEANUP: appsession: remove appsession.c and sessionhash.c
|
|
- CLEANUP: tests: remove sessionhash_test.c and test-cookie-appsess.cfg
|
|
- CLEANUP: proxy: remove last references to appsession
|
|
- CLEANUP: appsession: remove the last include files
|
|
- DOC: remove documentation about appsession
|
|
- CLEANUP: .gitignore: ignore more test files
|
|
- CLEANUP: .gitignore: finally ignore everything but what is known.
|
|
- MEDIUM: config: emit a warning on a frontend without listener
|
|
- DOC: add doc/internals/entities-v2.txt
|
|
- DOC: add doc/linux-syn-cookies.txt
|
|
- DOC: add design thoughts on HTTP/2
|
|
- DOC: add some thoughts on connection sharing for HTTP/2
|
|
- DOC: add design thoughts on dynamic buffer allocation
|
|
- BUG/MEDIUM: counters: ensure that src_{inc,clr}_gpc0 creates a missing entry
|
|
- DOC: add new file intro.txt
|
|
- MAJOR: tproxy: remove support for cttproxy
|
|
- BUG/MEDIUM: lua: outgoing connection was broken since 1.6-dev2
|
|
- DOC: lua: replace txn:close with txn:done in lua-api
|
|
- DOC: intro: minor updates and fixes
|
|
- DOC: intro: fix too long line.
|
|
- DOC: fix example of http-request using ssl_fc_session_id
|
|
- BUG/MEDIUM: lua: txn:done() still causes a segfault in TCP mode
|
|
- CLEANUP: lua: fix some indent issues
|
|
- BUG/MEDIUM: lua: fix a segfault in txn:done() if called twice
|
|
- DOC: lua: mention than txn:close was renamed txn:done.
|
|
|
|
2015/07/22 : 1.6-dev3
|
|
- CLEANUP: sample: generalize sample_fetch_string() as sample_fetch_as_type()
|
|
- MEDIUM: http: Add new 'set-src' option to http-request
|
|
- DOC usesrc root privileges requirments
|
|
- BUG/MINOR: dns: wrong time unit for some DNS default parameters
|
|
- MINOR: proxy: bit field for proxy_find_best_match diff status
|
|
- MINOR: server: new server flag: SRV_F_FORCED_ID
|
|
- MINOR: server: server_find functions: id, name, best_match
|
|
- DOC: dns: fix chapters syntax
|
|
- BUILD/MINOR: tools: rename popcount to my_popcountl
|
|
- BUILD: add netbsd TARGET
|
|
- MEDIUM: 51Degrees code refactoring and cleanup
|
|
- MEDIUM: 51d: add LRU-based cache on User-Agent string detection
|
|
- DOC: add notes about the "51degrees-cache-size" parameter
|
|
- BUG/MEDIUM: 51d: possible incorrect operations on smp->data.str.str
|
|
- BUG/MAJOR: connection: fix TLV offset calculation for proxy protocol v2 parsing
|
|
- MINOR: Add sample fetch to detect Supported Elliptic Curves Extension
|
|
- BUG/MINOR: payload: Add volatile flag to smp_fetch_req_ssl_ec_ext
|
|
- BUG/MINOR: lua: type error in the arguments wrapper
|
|
- CLEANUP: vars: remove unused struct
|
|
- BUG/MINOR: http/sample: gmtime/localtime can fail
|
|
- MINOR: standard: add 64 bits conversion functions
|
|
- MAJOR: sample: converts uint and sint in 64 bits signed integer
|
|
- MAJOR: arg: converts uint and sint in sint
|
|
- MEDIUM: sample: switch to saturated arithmetic
|
|
- MINOR: vars: returns variable content
|
|
- MEDIUM: vars/sample: operators can use variables as parameter
|
|
- BUG/MINOR: ssl: fix smp_fetch_ssl_fc_session_id
|
|
- BUILD/MINOR: lua: fix a harmless build warning
|
|
- BUILD/MINOR: stats: fix build warning due to condition always true
|
|
- BUG/MAJOR: lru: fix unconditional call to free due to unexpected semi-colon
|
|
- BUG/MEDIUM: logs: fix improper systematic use of quotes with a few tags
|
|
- BUILD/MINOR: lua: ensure that hlua_ctx_destroy is properly defined
|
|
- BUG/MEDIUM: lru: fix possible memory leak when ->free() is used
|
|
- MINOR: vars: make the accounting not depend on the stream
|
|
- MEDIUM: vars: move the session variables to the session, not the stream
|
|
- BUG/MEDIUM: vars: do not freeze the connection when the expression cannot be fetched
|
|
- BUG/MAJOR: buffers: make the buffer_slow_realign() function respect output data
|
|
- BUG/MAJOR: tcp: tcp rulesets were still broken
|
|
- MINOR: stats: improve compression stats reporting
|
|
- MINOR: ssl: make self-generated certs also work with raw IPv6 addresses
|
|
- CLEANUP: ssl: make ssl_sock_generated_cert_serial() take a const
|
|
- CLEANUP: ssl: make ssl_sock_generate_certificate() use ssl_sock_generated_cert_serial()
|
|
- BUG/MINOR: log: missing some ARGC_* entries in fmt_directives()
|
|
- MINOR: args: add new context for servers
|
|
- MINOR: stream: maintain consistence between channel_forward and HTTP forward
|
|
- MINOR: ssl: provide ia function to set the SNI extension on a connection
|
|
- MEDIUM: ssl: add sni support on the server lines
|
|
- CLEANUP: stream: remove a useless call to si_detach()
|
|
- CLEANUP: stream-int: fix a few outdated comments about stream_int_register_handler()
|
|
- CLEANUP: stream-int: remove stream_int_unregister_handler() and si_detach()
|
|
- MINOR: stream-int: only use si_release_endpoint() to release a connection
|
|
- MINOR: standard: provide htonll() and ntohll()
|
|
- CLEANUP/MINOR: dns: dns_str_to_dn_label() only needs a const char
|
|
- BUG/MAJOR: dns: fix the length of the string to be copied
|
|
|
|
2015/06/17 : 1.6-dev2
|
|
- BUG/MINOR: ssl: Display correct filename in error message
|
|
- MEDIUM: logs: Add HTTP request-line log format directives
|
|
- BUG/MEDIUM: check: tcpcheck regression introduced by e16c1b3f
|
|
- BUG/MINOR: check: fix tcpcheck error message
|
|
- MINOR: use an int instead of calling tcpcheck_get_step_id
|
|
- MINOR: tcpcheck_rule structure update
|
|
- MINOR: include comment in tcpcheck error log
|
|
- DOC: tcpcheck comment documentation
|
|
- MEDIUM: server: add support for changing a server's address
|
|
- MEDIUM: server: change server ip address from stats socket
|
|
- MEDIUM: protocol: add minimalist UDP protocol client
|
|
- MEDIUM: dns: implement a DNS resolver
|
|
- MAJOR: server: add DNS-based server name resolution
|
|
- DOC: server name resolution + proto DNS
|
|
- MINOR: dns: add DNS statistics
|
|
- MEDIUM: http: configurable http result codes for http-request deny
|
|
- BUILD: Compile clean when debug options defined
|
|
- MINOR: lru: Add the possibility to free data when an item is removed
|
|
- MINOR: lru: Add lru64_lookup function
|
|
- MEDIUM: ssl: Add options to forge SSL certificates
|
|
- MINOR: ssl: Export functions to manipulate generated certificates
|
|
- MEDIUM: config: add DeviceAtlas global keywords
|
|
- MEDIUM: global: add the DeviceAtlas required elements to struct global
|
|
- MEDIUM: sample: add the da-csv converter
|
|
- MEDIUM: init: DeviceAtlas initialization
|
|
- BUILD: Makefile: add options to build with DeviceAtlas
|
|
- DOC: README: explain how to build with DeviceAtlas
|
|
- BUG/MEDIUM: http: fix the url_param fetch
|
|
- BUG/MEDIUM: init: segfault if global._51d_property_names is not initialized
|
|
- MAJOR: peers: peers protocol version 2.0
|
|
- MINOR: peers: avoid re-scheduling of pending stick-table's updates still not pushed.
|
|
- MEDIUM: peers: re-schedule stick-table's entry for sync when data is modified.
|
|
- MEDIUM: peers: support of any stick-table data-types for sync
|
|
- BUG/MAJOR: sample: regression on sample cast to stick table types.
|
|
- CLEANUP: deinit: remove codes for cleaning p->block_rules
|
|
- DOC: Fix L4TOUT typo in documentation
|
|
- DOC: set-log-level in Logging section preamble
|
|
- BUG/MEDIUM: compat: fix segfault on FreeBSD
|
|
- MEDIUM: check: include server address and port in the send-state header
|
|
- MEDIUM: backend: Allow redispatch on retry intervals
|
|
- MINOR: Add TLS ticket keys reference and use it in the listener struct
|
|
- MEDIUM: Add support for updating TLS ticket keys via socket
|
|
- DOC: Document new socket commands "show tls-keys" and "set ssl tls-key"
|
|
- MINOR: Add sample fetch which identifies if the SSL session has been resumed
|
|
- DOC: Update doc about weight, act and bck fields in the statistics
|
|
- BUG/MEDIUM: ssl: fix tune.ssl.default-dh-param value being overwritten
|
|
- MINOR: ssl: add a destructor to free allocated SSL ressources
|
|
- MEDIUM: ssl: add the possibility to use a global DH parameters file
|
|
- MEDIUM: ssl: replace standards DH groups with custom ones
|
|
- MEDIUM: stats: Add enum srv_stats_state
|
|
- MEDIUM: stats: Separate server state and colour in stats
|
|
- MEDIUM: stats: Only report drain state in stats if server has SRV_ADMF_DRAIN set
|
|
- MEDIUM: stats: Differentiate between DRAIN and DRAIN (agent)
|
|
- MEDIUM: Lower priority of email alerts for log-health-checks messages
|
|
- MEDIUM: Send email alerts when servers are marked as UP or enter the drain state
|
|
- MEDIUM: Document when email-alerts are sent
|
|
- BUG/MEDIUM: lua: bad argument number in analyser and in error message
|
|
- MEDIUM: lua: automatically converts strings in proxy, tables, server and ip
|
|
- BUG/MINOR: utf8: remove compilator warning
|
|
- MEDIUM: map: uses HAProxy facilities to store default value
|
|
- BUG/MINOR: lua: error in detection of mandatory arguments
|
|
- BUG/MINOR: lua: set current proxy as default value if it is possible
|
|
- BUG/MEDIUM: http: the action set-{method|path|query|uri} doesn't run.
|
|
- BUG/MEDIUM: lua: undetected infinite loop
|
|
- BUG/MAJOR: http: don't read past buffer's end in http_replace_value
|
|
- BUG/MEDIUM: http: the function "(req|res)-replace-value" doesn't respect the HTTP syntax
|
|
- MEDIUM/CLEANUP: http: rewrite and lighten http_transform_header() prototype
|
|
- BUILD: lua: it miss the '-ldl' directive
|
|
- MEDIUM: http: allows 'R' and 'S' in the protocol alphabet
|
|
- MINOR: http: split the function http_action_set_req_line() in two parts
|
|
- MINOR: http: split http_transform_header() function in two parts.
|
|
- MINOR: http: export function inet_set_tos()
|
|
- MINOR: lua: txn: add function set_(loglevel|tos|mark)
|
|
- MINOR: lua: create and register HTTP class
|
|
- DOC: lua: fix some typos
|
|
- MINOR: lua: add log functions
|
|
- BUG/MINOR: lua: Fix SSL initialisation
|
|
- DOC: lua: some fixes
|
|
- MINOR: lua: (req|res)_get_headers return more than one header value
|
|
- MINOR: lua: map system integration in Lua
|
|
- BUG/MEDIUM: http: functions set-{path,query,method,uri} breaks the HTTP parser
|
|
- MINOR: sample: add url_dec converter
|
|
- MEDIUM: sample: fill the struct sample with the session, proxy and stream pointers
|
|
- MEDIUM: sample change the prototype of sample-fetches and converters functions
|
|
- MINOR: sample: fill the struct sample with the options.
|
|
- MEDIUM: sample: change the prototype of sample-fetches functions
|
|
- MINOR: http: split the url_param in two parts
|
|
- CLEANUP: http: bad indentation
|
|
- MINOR: http: add body_param fetch
|
|
- MEDIUM: http: url-encoded parsing function can run throught wrapped buffer
|
|
- DOC: http: req.body_param documentation
|
|
- MINOR: proxy: custom capture declaration
|
|
- MINOR: capture: add two "capture" converters
|
|
- MEDIUM: capture: Allow capture with slot identifier
|
|
- MINOR: http: add array of generic pointers in http_res_rules
|
|
- MEDIUM: capture: adds http-response capture
|
|
- MINOR: common: escape CSV strings
|
|
- MEDIUM: stats: escape some strings in the CSV dump
|
|
- MINOR: tcp: add custom actions that can continue tcp-(request|response) processing
|
|
- MINOR: lua: Lua tcp action are not final action
|
|
- DOC: lua: schematics about lua socket organization
|
|
- BUG/MINOR: debug: display (null) in place of "meth"
|
|
- DOC: mention the "lua action" in documentation
|
|
- MINOR: standard: add function that converts signed int to a string
|
|
- BUG/MINOR: sample: wrong conversion of signed values
|
|
- MEDIUM: sample: Add type any
|
|
- MINOR: debug: add a special converter which display its input sample content.
|
|
- MINOR: tcp: increase the opaque data array
|
|
- MINOR: tcp/http/conf: extends the keyword registration options
|
|
- MINOR: build: fix build dependency
|
|
- MEDIUM: vars: adds support of variables
|
|
- MINOR: vars: adds get and set functions
|
|
- MINOR: lua: Variable access
|
|
- MINOR: samples: add samples which returns constants
|
|
- BUG/MINOR: vars/compil: fix some warnings
|
|
- BUILD: add 51degrees options to makefile.
|
|
- MINOR: global: add several 51Degrees members to global
|
|
- MINOR: config: add 51Degrees config parsing.
|
|
- MINOR: init: add 51Degrees initialisation code
|
|
- MEDIUM: sample: add fiftyone_degrees converter.
|
|
- MEDIUM: deinit: add cleanup for 51Degrees to deinit
|
|
- MEDIUM: sample: add trie support to 51Degrees
|
|
- DOC: add 51Degrees notes to configuration.txt.
|
|
- DOC: add build indications for 51Degrees to README.
|
|
- MEDIUM: cfgparse: introduce weak and strong quoting
|
|
- BUG/MEDIUM: cfgparse: incorrect memmove in quotes management
|
|
- MINOR: cfgparse: remove line size limitation
|
|
- MEDIUM: cfgparse: expand environment variables
|
|
- BUG/MINOR: cfgparse: fix typo in 'option httplog' error message
|
|
- BUG/MEDIUM: cfgparse: segfault when userlist is misused
|
|
- CLEANUP: cfgparse: remove reference to 'ruleset' section
|
|
- MEDIUM: cfgparse: check section maximum number of arguments
|
|
- MEDIUM: cfgparse: max arguments check in the global section
|
|
- MEDIUM: cfgparse: check max arguments in the proxies sections
|
|
- CLEANUP: stream-int: remove a redundant clearing of the linger_risk flag
|
|
- MINOR: connection: make conn_sock_shutw() actually perform the shutdown() call
|
|
- MINOR: stream-int: use conn_sock_shutw() to shutdown a connection
|
|
- MINOR: connection: perform the call to xprt->shutw() in conn_data_shutw()
|
|
- MEDIUM: stream-int: replace xprt->shutw calls with conn_data_shutw()
|
|
- MINOR: checks: use conn_data_shutw_hard() instead of call via xprt
|
|
- MINOR: connection: implement conn_sock_send()
|
|
- MEDIUM: stream-int: make conn_si_send_proxy() use conn_sock_send()
|
|
- MEDIUM: connection: make conn_drain() perform more controls
|
|
- REORG: connection: move conn_drain() to connection.c and rename it
|
|
- CLEANUP: stream-int: remove inclusion of fd.h that is not used anymore
|
|
- MEDIUM: channel: don't always set CF_WAKE_WRITE on bi_put*
|
|
- CLEANUP: lua: don't use si_ic/si_oc on known stream-ints
|
|
- BUG/MEDIUM: peers: correctly configure the client timeout
|
|
- MINOR: peers: centralize configuration of the peers frontend
|
|
- MINOR: proxy: store the default target into the frontend's configuration
|
|
- MEDIUM: stats: use frontend_accept() as the accept function
|
|
- MEDIUM: peers: use frontend_accept() instead of peer_accept()
|
|
- CLEANUP: listeners: remove unused timeout
|
|
- MEDIUM: listener: store the default target per listener
|
|
- BUILD: fix automatic inclusion of libdl.
|
|
- MEDIUM: lua: implement a simple memory allocator
|
|
- MEDIUM: compression: postpone buffer adjustments after compression
|
|
- MEDIUM: compression: don't send leading zeroes with chunk size
|
|
- BUG/MINOR: compression: consider the expansion factor in init
|
|
- MINOR: http: check the algo name "identity" instead of the function pointer
|
|
- CLEANUP: compression: statify all algo-specific functions
|
|
- MEDIUM: compression: add a distinction between UA- and config- algorithms
|
|
- MEDIUM: compression: add new "raw-deflate" compression algorithm
|
|
- MEDIUM: compression: split deflate_flush() into flush and finish
|
|
- CLEANUP: compression: remove unused reset functions
|
|
- MAJOR: compression: integrate support for libslz
|
|
- BUG/MEDIUM: http: hdr_cnt would not count any header when called without name
|
|
- BUG/MAJOR: http: null-terminate the http actions keywords list
|
|
- CLEANUP: lua: remove the unused hlua_sleep memory pool
|
|
- BUG/MAJOR: lua: use correct object size when initializing a new converter
|
|
- CLEANUP: lua: remove hard-coded sizeof() in object creations and mallocs
|
|
- CLEANUP: lua: fix confusing local variable naming in hlua_txn_new()
|
|
- CLEANUP: hlua: stop using variable name "s" alternately for hlua_txn and hlua_smp
|
|
- CLEANUP: lua: get rid of the last "*ht" for struct hlua_txn.
|
|
- CLEANUP: lua: rename last occurrences of "*s" to "*htxn" for hlua_txn
|
|
- CLEANUP: lua: rename variable "sc" for struct hlua_smp
|
|
- CLEANUP: lua: get rid of the last two "*hs" for hlua_smp
|
|
- REORG/MAJOR: session: rename the "session" entity to "stream"
|
|
- REORG/MEDIUM: stream: rename stream flags from SN_* to SF_*
|
|
- MINOR: session: start to reintroduce struct session
|
|
- MEDIUM: stream: allocate the session when a stream is created
|
|
- MEDIUM: stream: move the listener's pointer to the session
|
|
- MEDIUM: stream: move the frontend's pointer to the session
|
|
- MINOR: session: add a pointer to the session's origin
|
|
- MEDIUM: session: use the pointer to the origin instead of s->si[0].end
|
|
- CLEANUP: sample: remove useless tests in fetch functions for l4 != NULL
|
|
- MEDIUM: http: move header captures from http_txn to struct stream
|
|
- MINOR: http: create a dedicated pool for http_txn
|
|
- MAJOR: http: move http_txn out of struct stream
|
|
- MAJOR: sample: don't pass l7 anymore to sample fetch functions
|
|
- CLEANUP: lua: remove unused hlua_smp->l7 and hlua_txn->l7
|
|
- MEDIUM: http: remove the now useless http_txn from {req/res} rules
|
|
- CLEANUP: lua: don't pass http_txn anymore to hlua_request_act_wrapper()
|
|
- MAJOR: sample: pass a pointer to the session to each sample fetch function
|
|
- MINOR: stream: provide a few helpers to retrieve frontend, listener and origin
|
|
- CLEANUP: stream: don't set ->target to the incoming connection anymore
|
|
- MINOR: stream: move session initialization before the stream's
|
|
- MINOR: session: store the session's accept date
|
|
- MINOR: session: don't rely on s->logs.logwait in embryonic sessions
|
|
- MINOR: session: implement session_free() and use it everywhere
|
|
- MINOR: session: add stick counters to the struct session
|
|
- REORG: stktable: move the stkctr_* functions from stream to sticktable
|
|
- MEDIUM: streams: support looking up stkctr in the session
|
|
- MEDIUM: session: update the session's stick counters upon session_free()
|
|
- MEDIUM: proto_tcp: track the session's counters in the connection ruleset
|
|
- MAJOR: tcp: make tcp_exec_req_rules() only rely on the session
|
|
- MEDIUM: stream: don't call stream_store_counters() in kill_mini_session() nor session_accept()
|
|
- MEDIUM: stream: move all the session-specific stuff of stream_accept() earlier
|
|
- MAJOR: stream: don't initialize the stream anymore in stream_accept
|
|
- MEDIUM: session: remove the task pointer from the session
|
|
- REORG: session: move the session parts out of stream.c
|
|
- MINOR: stream-int: make appctx_new() take the applet in argument
|
|
- MEDIUM: peers: move the appctx initialization earlier
|
|
- MINOR: session: introduce session_new()
|
|
- MINOR: session: make use of session_new() when creating a new session
|
|
- MINOR: peers: make use of session_new() when creating a new session
|
|
- MEDIUM: peers: initialize the task before the stream
|
|
- MINOR: session: set the CO_FL_CONNECTED flag on the connection once ready
|
|
- CLEANUP: stream.c: do not re-attach the connection to the stream
|
|
- MEDIUM: stream: isolate connection-specific initialization code
|
|
- MEDIUM: stream: also accept appctx as origin in stream_accept_session()
|
|
- MEDIUM: peers: make use of stream_accept_session()
|
|
- MEDIUM: frontend: make ->accept only return +/-1
|
|
- MEDIUM: stream: return the stream upon accept()
|
|
- MEDIUM: frontend: move some stream initialisation to stream_new()
|
|
- MEDIUM: frontend: move the fd-specific settings to session_accept_fd()
|
|
- MEDIUM: frontend: don't restrict frontend_accept() to connections anymore
|
|
- MEDIUM: frontend: move some remaining stream settings to stream_new()
|
|
- CLEANUP: frontend: remove one useless local variable
|
|
- MEDIUM: stream: don't rely on the session's listener anymore in stream_new()
|
|
- MEDIUM: lua: make use of stream_new() to create an outgoing connection
|
|
- MINOR: lua: minor cleanup in hlua_socket_new()
|
|
- MINOR: lua: no need for setting timeouts / conn_retries in hlua_socket_new()
|
|
- MINOR: peers: no need for setting timeouts / conn_retries in peer_session_create()
|
|
- CLEANUP: stream-int: swap stream-int and appctx declarations
|
|
- CLEANUP: namespaces: fix protection against multiple inclusions
|
|
- MINOR: session: maintain the session count stats in the session, not the stream
|
|
- MEDIUM: session: adjust the connection flags before stream_new()
|
|
- MINOR: stream: pass the pointer to the origin explicitly to stream_new()
|
|
- CLEANUP: poll: move the conditions for waiting out of the poll functions
|
|
- BUG/MEDIUM: listener: don't report an error when resuming unbound listeners
|
|
- BUG/MEDIUM: init: don't limit cpu-map to the first 32 processes only
|
|
- BUG/MAJOR: tcp/http: fix current_rule assignment when restarting over a ruleset
|
|
- BUG/MEDIUM: stream-int: always reset si->ops when si->end is nullified
|
|
- DOC: update the entities diagrams
|
|
- BUG/MEDIUM: http: properly retrieve the front connection
|
|
- MINOR: applet: add a new "owner" pointer in the appctx
|
|
- MEDIUM: applet: make the applet not depend on a stream interface anymore
|
|
- REORG: applet: move the applet definitions out of stream_interface
|
|
- CLEANUP: applet: rename struct si_applet to applet
|
|
- REORG: stream-int: create si_applet_ops dedicated to applets
|
|
- MEDIUM: applet: add basic support for an applet run queue
|
|
- MEDIUM: applet: implement a run queue for active appctx
|
|
- MEDIUM: stream-int: add a new function si_applet_done()
|
|
- MAJOR: applet: now call si_applet_done() instead of si_update() in I/O handlers
|
|
- MAJOR: stream: use a regular ->update for all stream interfaces
|
|
- MEDIUM: dumpstats: don't unregister the applet anymore
|
|
- MEDIUM: applet: centralize the call to si_applet_done() in the I/O handler
|
|
- MAJOR: stream: do not allocate request buffers anymore when the left side is an applet
|
|
- MINOR: stream-int: add two flags to indicate an applet's wishes regarding I/O
|
|
- MEDIUM: applet: make the applets only use si_applet_{cant|want|stop}_{get|put}
|
|
- MEDIUM: stream-int: pause the appctx if the task is woken up
|
|
- BUG/MAJOR: tcp: only call registered actions when they're registered
|
|
- BUG/MEDIUM: peers: fix applet scheduling
|
|
- BUG/MEDIUM: peers: recent applet changes broke peers updates scheduling
|
|
- MINOR: tools: provide an rdtsc() function for time comparisons
|
|
- IMPORT: lru: import simple ebtree-based LRU functions
|
|
- IMPORT: hash: import xxhash-r39
|
|
- MEDIUM: pattern: add a revision to all pattern expressions
|
|
- MAJOR: pattern: add LRU-based cache on pattern matching
|
|
- BUG/MEDIUM: http: remove content-length from chunked messages
|
|
- DOC: http: update the comments about the rules for determining transfer-length
|
|
- BUG/MEDIUM: http: do not restrict parsing of transfer-encoding to HTTP/1.1
|
|
- BUG/MEDIUM: http: incorrect transfer-coding in the request is a bad request
|
|
- BUG/MEDIUM: http: remove content-length form responses with bad transfer-encoding
|
|
- MEDIUM: http: restrict the HTTP version token to 1 digit as per RFC7230
|
|
- MEDIUM: http: disable support for HTTP/0.9 by default
|
|
- MEDIUM: http: add option-ignore-probes to get rid of the floods of 408
|
|
- BUG/MINOR: config: clear proxy->table.peers.p for disabled proxies
|
|
- MEDIUM: init: don't stop proxies in parent process when exiting
|
|
- MINOR: stick-table: don't attach to peers in stopped state
|
|
- MEDIUM: config: initialize stick-tables after peers, not before
|
|
- MEDIUM: peers: add the ability to disable a peers section
|
|
- MINOR: peers: store the pointer to the signal handler
|
|
- MEDIUM: peers: unregister peers that were never started
|
|
- MEDIUM: config: propagate the table's process list to the peers sections
|
|
- MEDIUM: init: stop any peers section not bound to the correct process
|
|
- MEDIUM: config: validate that peers sections are bound to exactly one process
|
|
- MAJOR: peers: allow peers section to be used with nbproc > 1
|
|
- DOC: relax the peers restriction to single-process
|
|
- DOC: document option http-ignore-probes
|
|
- DOC: fix the comments about the meaning of msg->sol in HTTP
|
|
- BUG/MEDIUM: http: wait for the exact amount of body bytes in wait_for_request_body
|
|
- BUG/MAJOR: http: prevent risk of reading past end with balance url_param
|
|
- MEDIUM: stream: move HTTP request body analyser before process_common
|
|
- MEDIUM: http: add a new option http-buffer-request
|
|
- MEDIUM: http: provide 3 fetches for the body
|
|
- DOC: update the doc on the proxy protocol
|
|
- BUILD: pattern: fix build warnings introduced in the LRU cache
|
|
- BUG/MEDIUM: stats: properly initialize the scope before dumping stats
|
|
- CLEANUP: config: fix misleading information in error message.
|
|
- MINOR: config: report the number of processes using a peers section in the error case
|
|
- BUG/MEDIUM: config: properly compute the default number of processes for a proxy
|
|
- MEDIUM: http: add new "capture" action for http-request
|
|
- BUG/MEDIUM: http: fix the http-request capture parser
|
|
- BUG/MEDIUM: http: don't forward client shutdown without NOLINGER except for tunnels
|
|
- BUILD/MINOR: ssl: fix build failure introduced by recent patch
|
|
- BUG/MAJOR: check: fix breakage of inverted tcp-check rules
|
|
- CLEANUP: checks: fix double usage of cur / current_step in tcp-checks
|
|
- BUG/MEDIUM: checks: do not dereference head of a tcp-check at the end
|
|
- CLEANUP: checks: simplify the loop processing of tcp-checks
|
|
- BUG/MAJOR: checks: always check for end of list before proceeding
|
|
- BUG/MEDIUM: checks: do not dereference a list as a tcpcheck struct
|
|
- BUG/MAJOR: checks: break infinite loops when tcp-checks starts with comment
|
|
- MEDIUM: http: make url_param iterate over multiple occurrences
|
|
- BUG/MEDIUM: peers: apply a random reconnection timeout
|
|
- MEDIUM: config: reject invalid config with name duplicates
|
|
- MEDIUM: config: reject conflicts in table names
|
|
- CLEANUP: proxy: make the proxy lookup functions more user-friendly
|
|
- MINOR: proxy: simply ignore duplicates in proxy name lookups
|
|
- MINOR: config: don't open-code proxy name lookups
|
|
- MEDIUM: config: clarify the conflicting modes detection for backend rules
|
|
- CLEANUP: proxy: remove now unused function findproxy_mode()
|
|
- MEDIUM: stick-table: remove the now duplicate find_stktable() function
|
|
- MAJOR: config: remove the deprecated reqsetbe / reqisetbe actions
|
|
- MINOR: proxy: add a new function proxy_find_by_id()
|
|
- MINOR: proxy: add a flag to memorize that the proxy's ID was forced
|
|
- MEDIUM: proxy: add a new proxy_find_best_match() function
|
|
- CLEANUP: http: explicitly reference request in http_apply_redirect_rules()
|
|
- MINOR: http: prepare support for parsing redirect actions on responses
|
|
- MEDIUM: http: implement http-response redirect rules
|
|
- MEDIUM: http: no need to close the request on redirect if data was parsed
|
|
- BUG/MEDIUM: http: fix body processing for the stats applet
|
|
- BUG/MINOR: da: fix log-level comparison to emove annoying warning
|
|
- CLEANUP: global: remove one ifdef USE_DEVICEATLAS
|
|
- CLEANUP: da: move the converter registration to da.c
|
|
- CLEANUP: da: register the config keywords in da.c
|
|
- CLEANUP: adjust the envelope name in da.h to reflect the file name
|
|
- CLEANUP: da: remove ifdef USE_DEVICEATLAS from da.c
|
|
- BUILD: make 51D easier to build by defaulting to 51DEGREES_SRC
|
|
- BUILD: fix build warning when not using 51degrees
|
|
- BUILD: make DeviceAtlas easier to build by defaulting to DEVICEATLAS_SRC
|
|
- BUILD: ssl: fix recent build breakage on older SSL libs
|
|
|
|
2015/03/11 : 1.6-dev1
|
|
- CLEANUP: extract temporary $CFG to eliminate duplication
|
|
- CLEANUP: extract temporary $BIN to eliminate duplication
|
|
- CLEANUP: extract temporary $PIDFILE to eliminate duplication
|
|
- CLEANUP: extract temporary $LOCKFILE to eliminate duplication
|
|
- CLEANUP: extract quiet_check() to avoid duplication
|
|
- BUG/MINOR: don't start haproxy on reload
|
|
- DOC: Address issue where documentation is excluded due to a gitignore rule.
|
|
- BUG/MEDIUM: systemd: set KillMode to 'mixed'
|
|
- BUILD: fix "make install" to support spaces in the install dirs
|
|
- BUG/MINOR: config: http-request replace-header arg typo
|
|
- BUG: config: error in http-response replace-header number of arguments
|
|
- DOC: missing track-sc* in http-request rules
|
|
- BUILD: lua: missing ifdef related to SSL when enabling LUA
|
|
- BUG/MEDIUM: regex: fix pcre_study error handling
|
|
- MEDIUM: regex: Use pcre_study always when PCRE is used, regardless of JIT
|
|
- BUG/MINOR: Fix search for -p argument in systemd wrapper.
|
|
- MEDIUM: Improve signal handling in systemd wrapper.
|
|
- DOC: fix typo in Unix Socket commands
|
|
- BUG/MEDIUM: checks: external checks can't change server status to UP
|
|
- BUG/MEDIUM: checks: segfault with external checks in a backend section
|
|
- BUG/MINOR: checks: external checks shouldn't wait for timeout to return the result
|
|
- BUG/MEDIUM: auth: fix segfault with http-auth and a configuration with an unknown encryption algorithm
|
|
- BUG/MEDIUM: config: userlists should ensure that encrypted passwords are supported
|
|
- BUG/MINOR: config: don't propagate process binding for dynamic use_backend
|
|
- BUG/MINOR: log: fix request flags when keep-alive is enabled
|
|
- BUG/MEDIUM: checks: fix conflicts between agent checks and ssl healthchecks
|
|
- MINOR: checks: allow external checks in backend sections
|
|
- MEDIUM: checks: provide environment variables to the external checks
|
|
- MINOR: checks: update dynamic environment variables in external checks
|
|
- DOC: checks: environment variables used by "external-check command"
|
|
- BUG/MEDIUM: backend: correctly detect the domain when use_domain_only is used
|
|
- MINOR: ssl: load certificates in alphabetical order
|
|
- BUG/MINOR: checks: prevent http keep-alive with http-check expect
|
|
- MINOR: lua: typo in an error message
|
|
- MINOR: report the Lua version in -vv
|
|
- MINOR: lua: add a compilation error message when compiled with an incompatible version
|
|
- BUG/MEDIUM: lua: segfault when calling haproxy sample fetches from lua
|
|
- BUILD: try to automatically detect the Lua library name
|
|
- BUILD/CLEANUP: systemd: avoid a warning due to mixed code and declaration
|
|
- BUG/MEDIUM: backend: Update hash to use unsigned int throughout
|
|
- BUG/MEDIUM: connection: fix memory corruption when building a proxy v2 header
|
|
- MEDIUM: connection: add new bit in Proxy Protocol V2
|
|
- BUG/MINOR: ssl: rejects OCSP response without nextupdate.
|
|
- BUG/MEDIUM: ssl: Fix to not serve expired OCSP responses.
|
|
- BUG/MINOR: ssl: Fix OCSP resp update fails with the same certificate configured twice.
|
|
- BUG/MINOR: ssl: Fix external function in order not to return a pointer on an internal trash buffer.
|
|
- MINOR: add fetchs 'ssl_c_der' and 'ssl_f_der' to return DER formatted certs
|
|
- MINOR: ssl: add statement to force some ssl options in global.
|
|
- BUG/MINOR: ssl: correctly initialize ssl ctx for invalid certificates
|
|
- BUG/MEDIUM: ssl: fix bad ssl context init can cause segfault in case of OOM.
|
|
- BUG/MINOR: samples: fix unnecessary memcopy converting binary to string.
|
|
- MINOR: samples: adds the bytes converter.
|
|
- MINOR: samples: adds the field converter.
|
|
- MINOR: samples: add the word converter.
|
|
- BUG/MINOR: server: move the directive #endif to the end of file
|
|
- BUG/MAJOR: buffer: check the space left is enough or not when input data in a buffer is wrapped
|
|
- DOC: fix a few typos
|
|
- CLEANUP: epoll: epoll_events should be allocated according to global.tune.maxpollevents
|
|
- BUG/MINOR: http: fix typo: "401 Unauthorized" => "407 Unauthorized"
|
|
- BUG/MINOR: parse: refer curproxy instead of proxy
|
|
- BUG/MINOR: parse: check the validity of size string in a more strict way
|
|
- BUILD: add new target 'make uninstall' to support uninstalling haproxy from OS
|
|
- DOC: expand the docs for the provided stats.
|
|
- BUG/MEDIUM: unix: do not unlink() abstract namespace sockets upon failure.
|
|
- MEDIUM: ssl: Certificate Transparency support
|
|
- MEDIUM: stats: proxied stats admin forms fix
|
|
- MEDIUM: http: Compress HTTP responses with status codes 201,202,203 in addition to 200
|
|
- BUG/MEDIUM: connection: sanitize PPv2 header length before parsing address information
|
|
- MAJOR: namespace: add Linux network namespace support
|
|
- MINOR: systemd: Check configuration before start
|
|
- BUILD: ssl: handle boringssl in openssl version detection
|
|
- BUILD: ssl: disable OCSP when using boringssl
|
|
- BUILD: ssl: don't call get_rfc2409_prime when using boringssl
|
|
- MINOR: ssl: don't use boringssl's cipher_list
|
|
- BUILD: ssl: use OPENSSL_NO_OCSP to detect OCSP support
|
|
- MINOR: stats: fix minor typo in HTML page
|
|
- MINOR: Also accept SIGHUP/SIGTERM in systemd-wrapper
|
|
- MEDIUM: Add support for configurable TLS ticket keys
|
|
- DOC: Document the new tls-ticket-keys bind keyword
|
|
- DOC: clearly state that the "show sess" output format is not fixed
|
|
- MINOR: stats: fix minor typo fix in stats_dump_errors_to_buffer()
|
|
- DOC: httplog does not support 'no'
|
|
- BUG/MEDIUM: ssl: Fix a memory leak in DHE key exchange
|
|
- MINOR: ssl: use SSL_get_ciphers() instead of directly accessing the cipher list.
|
|
- BUG/MEDIUM: Consistently use 'check' in process_chk
|
|
- MEDIUM: Add external check
|
|
- BUG/MEDIUM: Do not set agent health to zero if server is disabled in config
|
|
- MEDIUM/BUG: Only explicitly report "DOWN (agent)" if the agent health is zero
|
|
- MEDIUM: Remove connect_chk
|
|
- MEDIUM: Refactor init_check and move to checks.c
|
|
- MEDIUM: Add free_check() helper
|
|
- MEDIUM: Move proto and addr fields struct check
|
|
- MEDIUM: Attach tcpcheck_rules to check
|
|
- MEDIUM: Add parsing of mailers section
|
|
- MEDIUM: Allow configuration of email alerts
|
|
- MEDIUM: Support sending email alerts
|
|
- DOC: Document email alerts
|
|
- MINOR: Remove trailing '.' from email alert messages
|
|
- MEDIUM: Allow suppression of email alerts by log level
|
|
- BUG/MEDIUM: Do not consider an agent check as failed on L7 error
|
|
- MINOR: deinit: fix memory leak
|
|
- MINOR: http: export the function 'smp_fetch_base32'
|
|
- BUG/MEDIUM: http: tarpit timeout is reset
|
|
- MINOR: sample: add "json" converter
|
|
- BUG/MEDIUM: pattern: don't load more than once a pattern list.
|
|
- MINOR: map/acl/dumpstats: remove the "Done." message
|
|
- BUG/MAJOR: ns: HAProxy segfault if the cli_conn is not from a network connection
|
|
- BUG/MINOR: pattern: error message missing
|
|
- BUG/MEDIUM: pattern: some entries are not deleted with case insensitive match
|
|
- BUG/MINOR: ARG6 and ARG7 don't fit in a 32 bits word
|
|
- MAJOR: poll: only rely on wake_expired_tasks() to compute the wait delay
|
|
- MEDIUM: task: call session analyzers if the task is woken by a message.
|
|
- MEDIUM: protocol: automatically pick the proto associated to the connection.
|
|
- MEDIUM: channel: wake up any request analyzer on response activity
|
|
- MINOR: converters: add a "void *private" argument to converters
|
|
- MINOR: converters: give the session pointer as converter argument
|
|
- MINOR: sample: add private argument to the struct sample_fetch
|
|
- MINOR: global: export function and permits to not resolve DNS names
|
|
- MINOR: sample: add function for browsing samples.
|
|
- MINOR: global: export many symbols.
|
|
- MINOR: includes: fix a lot of missing or useless includes
|
|
- MEDIUM: tcp: add register keyword system.
|
|
- MEDIUM: buffer: make bo_putblk/bo_putstr/bo_putchk return the number of bytes copied.
|
|
- MEDIUM: http: change the code returned by the response processing rule functions
|
|
- MEDIUM: http/tcp: permit to resume http and tcp custom actions
|
|
- MINOR: channel: functions to get data from a buffer without copy
|
|
- MEDIUM: lua: lua integration in the build and init system.
|
|
- MINOR: lua: add ease functions
|
|
- MINOR: lua: add runtime execution context
|
|
- MEDIUM: lua: "com" signals
|
|
- MINOR: lua: add the configuration directive "lua-load"
|
|
- MINOR: lua: core: create "core" class and object
|
|
- MINOR: lua: post initialisation bindings
|
|
- MEDIUM: lua: add coroutine as tasks.
|
|
- MINOR: lua: add sample and args type converters
|
|
- MINOR: lua: txn: create class TXN associated with the transaction.
|
|
- MINOR: lua: add shared context in the lua stack
|
|
- MINOR: lua: txn: import existing sample-fetches in the class TXN
|
|
- MINOR: lua: txn: add lua function in TXN that returns an array of http headers
|
|
- MINOR: lua: register and execute sample-fetches in LUA
|
|
- MINOR: lua: register and execute converters in LUA
|
|
- MINOR: lua: add bindings for tcp and http actions
|
|
- MINOR: lua: core: add sleep functions
|
|
- MEDIUM: lua: socket: add "socket" class for TCP I/O
|
|
- MINOR: lua: core: pattern and acl manipulation
|
|
- MINOR: lua: channel: add "channel" class
|
|
- MINOR: lua: txn: object "txn" provides two objects "channel"
|
|
- MINOR: lua: core: can set the nice of the current task
|
|
- MINOR: lua: core: can yield an execution stack
|
|
- MINOR: lua: txn: add binding for closing the client connection.
|
|
- MEDIUM: lua: Lua initialisation "on demand"
|
|
- BUG/MAJOR: lua: send function fails and return bad bytes
|
|
- MINOR: remove unused declaration.
|
|
- MINOR: lua: remove some #define
|
|
- MINOR: lua: use bitfield and macro in place of integer and enum
|
|
- MINOR: lua: set skeleton for Lua execution expiration
|
|
- MEDIUM: lua: each yielding function returns a wake up time.
|
|
- MINOR: lua: adds "forced yield" flag
|
|
- MEDIUM: lua: interrupt the Lua execution for running other process
|
|
- MEDIUM: lua: change the sleep function core
|
|
- BUG/MEDIUM: lua: the execution timeout is ignored in yield case
|
|
- DOC: lua: Lua configuration documentation
|
|
- MINOR: lua: add the struct session in the lua channel struct
|
|
- BUG/MINOR: lua: set buffer if it is nnot avalaible.
|
|
- BUG/MEDIUM: lua: reset flags before resuming execution
|
|
- BUG/MEDIUM: lua: fix infinite loop about channel
|
|
- BUG/MEDIUM: lua: the Lua process is not waked up after sending data on requests side
|
|
- BUG/MEDIUM: lua: many errors when we try to send data with the channel API
|
|
- MEDIUM: lua: use the Lua-5.3 version of the library
|
|
- BUG/MAJOR: lua: some function are not yieldable, the forced yield causes errors
|
|
- BUG/MEDIUM: lua: can't handle the response bytes
|
|
- BUG/MEDIUM: lua: segfault with buffer_replace2
|
|
- BUG/MINOR: lua: check buffers before initializing socket
|
|
- BUG/MINOR: log: segfault if there are no proxy reference
|
|
- BUG/MEDIUM: lua: sockets don't have buffer to write data
|
|
- BUG/MEDIUM: lua: cannot connect socket
|
|
- BUG/MINOR: lua: sockets receive behavior doesn't follows the specs
|
|
- BUG/BUILD: lua: The strict Lua 5.3 version check is not done.
|
|
- BUG/MEDIUM: buffer: one byte miss in buffer free space check
|
|
- MEDIUM: lua: make the functions hlua_gethlua() and hlua_sethlua() faster
|
|
- MINOR: replace the Core object by a simple model.
|
|
- MEDIUM: lua: change the objects configuration
|
|
- MEDIUM: lua: create a namespace for the fetches
|
|
- MINOR: converters: add function to browse converters
|
|
- MINOR: lua: wrapper for converters
|
|
- MINOR: lua: replace function (req|get)_channel by a variable
|
|
- MINOR: lua: fetches and converters can return an empty string in place of nil
|
|
- DOC: lua api
|
|
- BUG/MEDIUM: sample: fix random number upper-bound
|
|
- BUG/MINOR: stats:Fix incorrect printf type.
|
|
- BUG/MAJOR: session: revert all the crappy client-side timeout changes
|
|
- BUG/MINOR: logs: properly initialize and count log sockets
|
|
- BUG/MEDIUM: http: fetch "base" is not compatible with set-header
|
|
- BUG/MINOR: counters: do not untrack counters before logging
|
|
- BUG/MAJOR: sample: correctly reinitialize sample fetch context before calling sample_process()
|
|
- MINOR: stick-table: make stktable_fetch_key() indicate why it failed
|
|
- BUG/MEDIUM: counters: fix track-sc* to wait on unstable contents
|
|
- BUILD: remove TODO from the spec file and add README
|
|
- MINOR: log: make MAX_SYSLOG_LEN overridable at build time
|
|
- MEDIUM: log: support a user-configurable max log line length
|
|
- DOC: provide an example of how to use ssl_c_sha1
|
|
- BUILD: checks: external checker needs signal.h
|
|
- BUILD: checks: kill a minor warning on Solaris in external checks
|
|
- BUILD: http: fix isdigit & isspace warnings on Solaris
|
|
- BUG/MINOR: listener: set the listener's fd to -1 after deletion
|
|
- BUG/MEDIUM: unix: failed abstract socket binding is retryable
|
|
- MEDIUM: listener: implement a per-protocol pause() function
|
|
- MEDIUM: listener: support rebinding during resume()
|
|
- BUG/MEDIUM: unix: completely unbind abstract sockets during a pause()
|
|
- DOC: explicitly mention the limits of abstract namespace sockets
|
|
- DOC: minor fix on {sc,src}_kbytes_{in,out}
|
|
- DOC: fix alphabetical sort of converters
|
|
- MEDIUM: stick-table: implement lookup from a sample fetch
|
|
- MEDIUM: stick-table: add new converters to fetch table data
|
|
- MINOR: samples: add two converters for the date format
|
|
- BUG/MAJOR: http: correctly rewind the request body after start of forwarding
|
|
- DOC: remove references to CPU=native in the README
|
|
- DOC: mention that "compression offload" is ignored in defaults section
|
|
- DOC: mention that Squid correctly responds 400 to PPv2 header
|
|
- BUILD: fix dependencies between config and compat.h
|
|
- MINOR: session: export the function 'smp_fetch_sc_stkctr'
|
|
- MEDIUM: stick-table: make it easier to register extra data types
|
|
- BUG/MINOR: http: base32+src should use the big endian version of base32
|
|
- MINOR: sample: allow IP address to cast to binary
|
|
- MINOR: sample: add new converters to hash input
|
|
- MINOR: sample: allow integers to cast to binary
|
|
- BUILD: report commit ID in git versions as well
|
|
- CLEANUP: session: move the stick counters declarations to stick_table.h
|
|
- MEDIUM: http: add the track-sc* actions to http-request rules
|
|
- BUG/MEDIUM: connection: fix proxy v2 header again!
|
|
- BUG/MAJOR: tcp: fix a possible busy spinning loop in content track-sc*
|
|
- OPTIM/MINOR: proxy: reduce struct proxy by 48 bytes on 64-bit archs
|
|
- MINOR: log: add a new field "%lc" to implement a per-frontend log counter
|
|
- BUG/MEDIUM: http: fix inverted condition in pat_match_meth()
|
|
- BUG/MEDIUM: http: fix improper parsing of HTTP methods for use with ACLs
|
|
- BUG/MINOR: pattern: remove useless allocation of unused trash in pat_parse_reg()
|
|
- BUG/MEDIUM: acl: correctly compute the output type when a converter is used
|
|
- CLEANUP: acl: cleanup some of the redundancy and spaghetti after last fix
|
|
- BUG/CRITICAL: http: don't update msg->sov once data start to leave the buffer
|
|
- MEDIUM: http: enable header manipulation for 101 responses
|
|
- BUG/MEDIUM: config: propagate frontend to backend process binding again.
|
|
- MEDIUM: config: properly propagate process binding between proxies
|
|
- MEDIUM: config: make the frontends automatically bind to the listeners' processes
|
|
- MEDIUM: config: compute the exact bind-process before listener's maxaccept
|
|
- MEDIUM: config: only warn if stats are attached to multi-process bind directives
|
|
- MEDIUM: config: report it when tcp-request rules are misplaced
|
|
- DOC: indicate in the doc that track-sc* can wait if data are missing
|
|
- MINOR: config: detect the case where a tcp-request content rule has no inspect-delay
|
|
- MEDIUM: systemd-wrapper: support multiple executable versions and names
|
|
- BUG/MEDIUM: remove debugging code from systemd-wrapper
|
|
- BUG/MEDIUM: http: adjust close mode when switching to backend
|
|
- BUG/MINOR: config: don't propagate process binding on fatal errors.
|
|
- BUG/MEDIUM: check: rule-less tcp-check must detect connect failures
|
|
- BUG/MINOR: tcp-check: report the correct failed step in the status
|
|
- DOC: indicate that weight zero is reported as DRAIN
|
|
- BUG/MEDIUM: config: avoid skipping disabled proxies
|
|
- BUG/MINOR: config: do not accept more track-sc than configured
|
|
- BUG/MEDIUM: backend: fix URI hash when a query string is present
|
|
- BUG/MEDIUM: http: don't dump debug headers on MSG_ERROR
|
|
- BUG/MAJOR: cli: explicitly call cli_release_handler() upon error
|
|
- BUG/MEDIUM: tcp: fix outgoing polling based on proxy protocol
|
|
- BUILD/MINOR: ssl: de-constify "ciphers" to avoid a warning on openssl-0.9.8
|
|
- BUG/MEDIUM: tcp: don't use SO_ORIGINAL_DST on non-AF_INET sockets
|
|
- BUG/BUILD: revert accidental change in the makefile from latest SSL fix
|
|
- BUG/MEDIUM: ssl: force a full GC in case of memory shortage
|
|
- MEDIUM: ssl: add support for smaller SSL records
|
|
- MINOR: session: release a few other pools when stopping
|
|
- MINOR: task: release the task pool when stopping
|
|
- BUG/MINOR: config: don't inherit the default balance algorithm in frontends
|
|
- BUG/MAJOR: frontend: initialize capture pointers earlier
|
|
- BUG/MINOR: stats: correctly set the request/response analysers
|
|
- MAJOR: polling: centralize calls to I/O callbacks
|
|
- DOC: fix typo in the body parser documentation for msg.sov
|
|
- BUG/MINOR: peers: the buffer size is global.tune.bufsize, not trash.size
|
|
- MINOR: sample: add a few basic internal fetches (nbproc, proc, stopping)
|
|
- DEBUG: pools: apply poisonning on every allocated pool
|
|
- BUG/MAJOR: sessions: unlink session from list on out of memory
|
|
- BUG/MEDIUM: patterns: previous fix was incomplete
|
|
- BUG/MEDIUM: payload: ensure that a request channel is available
|
|
- BUG/MINOR: tcp-check: don't condition data polling on check type
|
|
- BUG/MEDIUM: tcp-check: don't rely on random memory contents
|
|
- BUG/MEDIUM: tcp-checks: disable quick-ack unless next rule is an expect
|
|
- BUG/MINOR: config: fix typo in condition when propagating process binding
|
|
- BUG/MEDIUM: config: do not propagate processes between stopped processes
|
|
- BUG/MAJOR: stream-int: properly check the memory allocation return
|
|
- BUG/MEDIUM: memory: fix freeing logic in pool_gc2()
|
|
- BUG/MAJOR: namespaces: conn->target is not necessarily a server
|
|
- BUG/MEDIUM: compression: correctly report zlib_mem
|
|
- CLEANUP: lists: remove dead code
|
|
- CLEANUP: memory: remove dead code
|
|
- CLEANUP: memory: replace macros pool_alloc2/pool_free2 with functions
|
|
- MINOR: memory: cut pool allocator in 3 layers
|
|
- MEDIUM: memory: improve pool_refill_alloc() to pass a refill count
|
|
- MINOR: stream-int: retrieve session pointer from stream-int
|
|
- MINOR: buffer: reset a buffer in b_reset() and not channel_init()
|
|
- MEDIUM: buffer: use b_alloc() to allocate and initialize a buffer
|
|
- MINOR: buffer: move buffer initialization after channel initialization
|
|
- MINOR: buffer: only use b_free to release buffers
|
|
- MEDIUM: buffer: always assign a dummy empty buffer to channels
|
|
- MEDIUM: buffer: add a new buf_wanted dummy buffer to report failed allocations
|
|
- MEDIUM: channel: do not report full when buf_empty is present on a channel
|
|
- MINOR: session: group buffer allocations together
|
|
- MINOR: buffer: implement b_alloc_fast()
|
|
- MEDIUM: buffer: implement b_alloc_margin()
|
|
- MEDIUM: session: implement a basic atomic buffer allocator
|
|
- MAJOR: session: implement a wait-queue for sessions who need a buffer
|
|
- MAJOR: session: only allocate buffers when needed
|
|
- MINOR: stats: report a "waiting" flags for sessions
|
|
- MAJOR: session: only wake up as many sessions as available buffers permit
|
|
- MINOR: config: implement global setting tune.buffers.reserve
|
|
- MINOR: config: implement global setting tune.buffers.limit
|
|
- MEDIUM: channel: implement a zero-copy buffer transfer
|
|
- MEDIUM: stream-int: support splicing from applets
|
|
- OPTIM: stream-int: try to send pending spliced data
|
|
- CLEANUP: session: remove session_from_task()
|
|
- DOC: add missing entry for log-format and clarify the text
|
|
- MINOR: logs: add a new per-proxy "log-tag" directive
|
|
- BUG/MEDIUM: http: fix header removal when previous header ends with pure LF
|
|
- MINOR: config: extend the default max hostname length to 64 and beyond
|
|
- BUG/MEDIUM: channel: fix possible integer overflow on reserved size computation
|
|
- BUG/MINOR: channel: compare to_forward with buf->i, not buf->size
|
|
- MINOR: channel: add channel_in_transit()
|
|
- MEDIUM: channel: make buffer_reserved() use channel_in_transit()
|
|
- MEDIUM: channel: make bi_avail() use channel_in_transit()
|
|
- BUG/MEDIUM: channel: don't schedule data in transit for leaving until connected
|
|
- CLEANUP: channel: rename channel_reserved -> channel_is_rewritable
|
|
- MINOR: channel: rename channel_full() to !channel_may_recv()
|
|
- MINOR: channel: rename buffer_reserved() to channel_reserved()
|
|
- MINOR: channel: rename buffer_max_len() to channel_recv_limit()
|
|
- MINOR: channel: rename bi_avail() to channel_recv_max()
|
|
- MINOR: channel: rename bi_erase() to channel_truncate()
|
|
- BUG/MAJOR: log: don't try to emit a log if no logger is set
|
|
- MINOR: tools: add new round_2dig() function to round integers
|
|
- MINOR: global: always export some SSL-specific metrics
|
|
- MINOR: global: report information about the cost of SSL connections
|
|
- MAJOR: init: automatically set maxconn and/or maxsslconn when possible
|
|
- MINOR: http: add a new fetch "query" to extract the request's query string
|
|
- MINOR: hash: add new function hash_crc32
|
|
- MINOR: samples: provide a "crc32" converter
|
|
- MEDIUM: backend: add the crc32 hash algorithm for load balancing
|
|
- BUG/MINOR: args: add missing entry for ARGT_MAP in arg_type_names
|
|
- BUG/MEDIUM: http: make http-request set-header compute the string before removal
|
|
- MEDIUM: args: use #define to specify the number of bits used by arg types and counts
|
|
- MEDIUM: args: increase arg type to 5 bits and limit arg count to 5
|
|
- MINOR: args: add type-specific flags for each arg in a list
|
|
- MINOR: args: implement a new arg type for regex : ARGT_REG
|
|
- MEDIUM: regex: add support for passing regex flags to regex_exec_match()
|
|
- MEDIUM: samples: add a regsub converter to perform regex-based transformations
|
|
- BUG/MINOR: sample: fix case sensitivity for the regsub converter
|
|
- MEDIUM: http: implement http-request set-{method,path,query,uri}
|
|
- DOC: fix missing closing brackend on regsub
|
|
- MEDIUM: samples: provide basic arithmetic and bitwise operators
|
|
- MEDIUM: init: continue to enforce SYSTEM_MAXCONN with auto settings if set
|
|
- BUG/MINOR: http: fix incorrect header value offset in replace-hdr/replace-value
|
|
- BUG/MINOR: http: abort request processing on filter failure
|
|
- MEDIUM: tcp: implement tcp-ut bind option to set TCP_USER_TIMEOUT
|
|
- MINOR: ssl/server: add the "no-ssl-reuse" server option
|
|
- BUG/MAJOR: peers: initialize s->buffer_wait when creating the session
|
|
- MINOR: http: add a new function to iterate over each header line
|
|
- MINOR: http: add the new sample fetches req.hdr_names and res.hdr_names
|
|
- MEDIUM: task: always ensure that the run queue is consistent
|
|
- BUILD: Makefile: add -Wdeclaration-after-statement
|
|
- BUILD/CLEANUP: ssl: avoid a warning due to mixed code and declaration
|
|
- BUILD/CLEANUP: config: silent 3 warnings about mixed declarations with code
|
|
- MEDIUM: protocol: use a family array to index the protocol handlers
|
|
- BUILD: lua: cleanup many mixed occurrences declarations & code
|
|
- BUG/MEDIUM: task: fix recently introduced scheduler skew
|
|
- BUG/MINOR: lua: report the correct function name in an error message
|
|
- BUG/MAJOR: http: fix stats regression consecutive to HTTP_RULE_RES_YIELD
|
|
- Revert "BUG/MEDIUM: lua: can't handle the response bytes"
|
|
- MINOR: lua: convert IP addresses to type string
|
|
- CLEANUP: lua: use the same function names in C and Lua
|
|
- REORG/MAJOR: move session's req and resp channels back into the session
|
|
- CLEANUP: remove now unused channel pool
|
|
- REORG/MEDIUM: stream-int: introduce si_ic/si_oc to access channels
|
|
- MEDIUM: stream-int: add a flag indicating which side the SI is on
|
|
- MAJOR: stream-int: only rely on SI_FL_ISBACK to find the requested channel
|
|
- MEDIUM: stream-interface: remove now unused pointers to channels
|
|
- MEDIUM: stream-int: make si_sess() use the stream int's side
|
|
- MEDIUM: stream-int: use si_task() to retrieve the task from the stream int
|
|
- MEDIUM: stream-int: remove any reference to the owner
|
|
- CLEANUP: stream-int: add si_ib/si_ob to dereference the buffers
|
|
- CLEANUP: stream-int: add si_opposite() to find the other stream interface
|
|
- REORG/MEDIUM: channel: only use chn_prod / chn_cons to find stream-interfaces
|
|
- MEDIUM: channel: add a new flag "CF_ISRESP" for the response channel
|
|
- MAJOR: channel: only rely on the new CF_ISRESP flag to find the SI
|
|
- MEDIUM: channel: remove now unused ->prod and ->cons pointers
|
|
- CLEANUP: session: simplify references to chn_{prod,cons}(&s->{req,res})
|
|
- CLEANUP: session: use local variables to access channels / stream ints
|
|
- CLEANUP: session: don't needlessly pass a pointer to the stream-int
|
|
- CLEANUP: session: don't use si_{ic,oc} when we know the session.
|
|
- CLEANUP: stream-int: limit usage of si_ic/si_oc
|
|
- CLEANUP: lua: limit usage of si_ic/si_oc
|
|
- MINOR: channel: add chn_sess() helper to retrieve session from channel
|
|
- MEDIUM: session: simplify receive buffer allocator to only use the channel
|
|
- MEDIUM: lua: use CF_ISRESP to detect the channel's side
|
|
- CLEANUP: lua: remove the session pointer from hlua_channel
|
|
- CLEANUP: lua: hlua_channel_new() doesn't need the pointer to the session anymore
|
|
- MEDIUM: lua: remove struct hlua_channel
|
|
- MEDIUM: lua: remove hlua_sample_fetch
|
|
|
|
2014/06/19 : 1.6-dev0
|
|
- exact copy of 1.5.0
|
|
|
|
2014/06/19 : 1.5.0
|
|
- MEDIUM: ssl: ignored file names ending as '.issuer' or '.ocsp'.
|
|
- MEDIUM: ssl: basic OCSP stapling support.
|
|
- MINOR: ssl/cli: Fix unapropriate comment in code on 'set ssl ocsp-response'
|
|
- MEDIUM: ssl: add 300s supported time skew on OCSP response update.
|
|
- MINOR: checks: mysql-check: Add support for v4.1+ authentication
|
|
- MEDIUM: ssl: Add the option to use standardized DH parameters >= 1024 bits
|
|
- MEDIUM: ssl: fix detection of ephemeral diffie-hellman key exchange by using the cipher description.
|
|
- MEDIUM: http: add actions "replace-header" and "replace-values" in http-req/resp
|
|
- MEDIUM: Break out check establishment into connect_chk()
|
|
- MEDIUM: Add port_to_str helper
|
|
- BUG/MEDIUM: fix ignored values for half-closed timeouts (client-fin and server-fin) in defaults section.
|
|
- BUG/MEDIUM: Fix unhandled connections problem with systemd daemon mode and SO_REUSEPORT.
|
|
- MINOR: regex: fix a little configuration memory leak.
|
|
- MINOR: regex: Create JIT compatible function that return match strings
|
|
- MEDIUM: regex: replace all standard regex function by own functions
|
|
- MEDIUM: regex: Remove null terminated strings.
|
|
- MINOR: regex: Use native PCRE API.
|
|
- MINOR: missing regex.h include
|
|
- DOC: Add Exim as Proxy Protocol implementer.
|
|
- BUILD: don't use type "uint" which is not portable
|
|
- BUILD: stats: workaround stupid and bogus -Werror=format-security behaviour
|
|
- BUG/MEDIUM: http: clear CF_READ_NOEXP when preparing a new transaction
|
|
- CLEANUP: http: don't clear CF_READ_NOEXP twice
|
|
- DOC: fix proxy protocol v2 decoder example
|
|
- DOC: fix remaining occurrences of "pattern extraction"
|
|
- MINOR: log: allow the HTTP status code to be logged even in TCP frontends
|
|
- MINOR: logs: don't limit HTTP header captures to HTTP frontends
|
|
- MINOR: sample: improve sample_fetch_string() to report partial contents
|
|
- MINOR: capture: extend the captures to support non-header keys
|
|
- MINOR: tcp: prepare support for the "capture" action
|
|
- MEDIUM: tcp: add a new tcp-request capture directive
|
|
- MEDIUM: session: allow shorter retry delay if timeout connect is small
|
|
- MEDIUM: session: don't apply the retry delay when redispatching
|
|
- MEDIUM: session: redispatch earlier when possible
|
|
- MINOR: config: warn when tcp-check rules are used without option tcp-check
|
|
- BUG/MINOR: connection: make proxy protocol v1 support the UNKNOWN protocol
|
|
- DOC: proxy protocol example parser was still wrong
|
|
- DOC: minor updates to the proxy protocol doc
|
|
- CLEANUP: connection: merge proxy proto v2 header and address block
|
|
- MEDIUM: connection: add support for proxy protocol v2 in accept-proxy
|
|
- MINOR: tools: add new functions to quote-encode strings
|
|
- DOC: clarify the CSV format
|
|
- MEDIUM: stats: report the last check and last agent's output on the CSV status
|
|
- MINOR: freq_ctr: introduce a new averaging method
|
|
- MEDIUM: session: maintain per-backend and per-server time statistics
|
|
- MEDIUM: stats: report per-backend and per-server time stats in HTML and CSV outputs
|
|
- BUG/MINOR: http: fix typos in previous patch
|
|
- DOC: remove the ultra-obsolete TODO file
|
|
- DOC: update roadmap
|
|
- DOC: minor updates to the README
|
|
- DOC: mention the maxconn limitations with the select poller
|
|
- DOC: commit a few old design thoughts files
|
|
|
|
2014/05/28 : 1.5-dev26
|
|
- BUG/MEDIUM: polling: fix possible CPU hogging of worker processes after receiving SIGUSR1.
|
|
- BUG/MINOR: stats: fix a typo on a closing tag for a server tracking another one
|
|
- OPTIM: stats: avoid the calculation of a useless link on tracking servers in maintenance
|
|
- MINOR: fix a few memory usage errors
|
|
- CONTRIB: halog: Filter input lines by date and time through timestamp
|
|
- MINOR: ssl: SSL_CTX_set_options() and SSL_CTX_set_mode() take a long, not an int
|
|
- BUG/MEDIUM: regex: fix risk of buffer overrun in exp_replace()
|
|
- MINOR: acl: set "str" as default match for strings
|
|
- DOC: Add some precisions about acl default matching method
|
|
- MEDIUM: acl: strenghten the option parser to report invalid options
|
|
- BUG/MEDIUM: config: a stats-less config crashes in 1.5-dev25
|
|
- BUG/MINOR: checks: tcp-check must not stop on '\0' for binary checks
|
|
- MINOR: stats: improve alignment of color codes to save one line of header
|
|
- MINOR: checks: simplify and improve reporting of state changes when using log-health-checks
|
|
- MINOR: server: remove the SRV_DRAIN flag which can always be deduced
|
|
- MINOR: server: use functions to detect state changes and to update them
|
|
- MINOR: server: create srv_was_usable() from srv_is_usable() and use a pointer
|
|
- BUG/MINOR: stats: do not report "100%" in the thottle column when server is draining
|
|
- BUG/MAJOR: config: don't free valid regex memory
|
|
- BUG/MEDIUM: session: don't clear CF_READ_NOEXP if analysers are not called
|
|
- BUG/MINOR: stats: tracking servers may incorrectly report an inherited DRAIN status
|
|
- MEDIUM: proxy: make timeout parser a bit stricter
|
|
- REORG/MEDIUM: server: split server state and flags in two different variables
|
|
- REORG/MEDIUM: server: move the maintenance bits out of the server state
|
|
- MAJOR: server: use states instead of flags to store the server state
|
|
- REORG: checks: put the functions in the appropriate files !
|
|
- MEDIUM: server: properly support and propagate the maintenance status
|
|
- MEDIUM: server: allow multi-level server tracking
|
|
- CLEANUP: checks: rename the server_status_printf function
|
|
- MEDIUM: checks: simplify server up/down/nolb transitions
|
|
- MAJOR: checks: move health checks changes to set_server_check_status()
|
|
- MINOR: server: make the status reporting function support a reason
|
|
- MINOR: checks: simplify health check reporting functions
|
|
- MINOR: server: implement srv_set_stopped()
|
|
- MINOR: server: implement srv_set_running()
|
|
- MINOR: server: implement srv_set_stopping()
|
|
- MEDIUM: checks: simplify failure notification using srv_set_stopped()
|
|
- MEDIUM: checks: simplify success notification using srv_set_running()
|
|
- MEDIUM: checks: simplify stopping mode notification using srv_set_stopping()
|
|
- MEDIUM: stats: report a server's own state instead of the tracked one's
|
|
- MINOR: server: make use of srv_is_usable() instead of checking eweight
|
|
- MAJOR: checks: add support for a new "drain" administrative mode
|
|
- MINOR: stats: use the admin flags for soft enable/disable/stop/start on the web page
|
|
- MEDIUM: stats: introduce new actions to simplify admin status management
|
|
- MINOR: cli: introduce a new "set server" command
|
|
- MINOR: stats: report a distinct output for DOWN caused by agent
|
|
- MINOR: checks: support specific check reporting for the agent
|
|
- MINOR: checks: support a neutral check result
|
|
- BUG/MINOR: cli: "agent" was missing from the "enable"/"disable" help message
|
|
- MEDIUM: cli: add support for enabling/disabling health checks.
|
|
- MEDIUM: stats: report down caused by agent prior to reporting up
|
|
- MAJOR: agent: rework the response processing and support additional actions
|
|
- MINOR: stats: improve the stats web page to support more actions
|
|
- CONTRIB: halog: avoid calling time/localtime/mktime for each line
|
|
- DOC: document the workarouds for Google Chrome's bogus pre-connect
|
|
- MINOR: stats: report SSL key computations per second
|
|
- MINOR: stats: add counters for SSL cache lookups and misses
|
|
|
|
2014/05/10 : 1.5-dev25
|
|
- MEDIUM: connection: Implement and extented PROXY Protocol V2
|
|
- MINOR: ssl: clean unused ACLs declarations
|
|
- MINOR: ssl: adds fetchs and ACLs for ssl back connection.
|
|
- MINOR: ssl: merge client's and frontend's certificate functions.
|
|
- MINOR: ssl: adds ssl_f_sha1 fetch to return frontend's certificate fingerprint
|
|
- MINOR: ssl: adds sample converter base64 for binary type.
|
|
- MINOR: ssl: convert to binary ssl_fc_unique_id and ssl_bc_unique_id.
|
|
- BUG/MAJOR: ssl: Fallback to private session cache if current lock mode is not supported.
|
|
- MAJOR: ssl: Change default locks on ssl session cache.
|
|
- BUG/MINOR: chunk: Fix function chunk_strcmp and chunk_strcasecmp match a substring.
|
|
- MINOR: ssl: add global statement tune.ssl.force-private-cache.
|
|
- MINOR: ssl: remove fallback to SSL session private cache if lock init fails.
|
|
- BUG/MEDIUM: patterns: last fix was still not enough
|
|
- MINOR: http: export the smp_fetch_cookie function
|
|
- MINOR: http: generic pointer to rule argument
|
|
- BUG/MEDIUM: pattern: a typo breaks automatic acl/map numbering
|
|
- BUG/MAJOR: patterns: -i and -n are ignored for inlined patterns
|
|
- BUG/MINOR: proxy: unsafe initialization of HTTP transaction when switching from TCP frontend
|
|
- BUG/MINOR: http: log 407 in case of proxy auth
|
|
- MINOR: http: rely on the message body parser to send 100-continue
|
|
- MEDIUM: http: move reqadd after execution of http_request redirect
|
|
- MEDIUM: http: jump to dedicated labels after http-request processing
|
|
- BUG/MINOR: http: block rules forgot to increment the denied_req counter
|
|
- BUG/MINOR: http: block rules forgot to increment the session's request counter
|
|
- MEDIUM: http: move Connection header processing earlier
|
|
- MEDIUM: http: remove even more of the spaghetti in the request path
|
|
- MINOR: http: silently support the "block" action for http-request
|
|
- CLEANUP: proxy: rename "block_cond" to "block_rules"
|
|
- MEDIUM: http: emulate "block" rules using "http-request" rules
|
|
- MINOR: http: remove the now unused loop over "block" rules
|
|
- MEDIUM: http: factorize the "auth" action of http-request and stats
|
|
- MEDIUM: http: make http-request rules processing return a verdict instead of a rule
|
|
- MINOR: config: add minimum support for emitting warnings only once
|
|
- MEDIUM: config: inform the user about the deprecatedness of "block" rules
|
|
- MEDIUM: config: inform the user that "reqsetbe" is deprecated
|
|
- MEDIUM: config: inform the user only once that "redispatch" is deprecated
|
|
- MEDIUM: config: warn that '{cli,con,srv}timeout' are deprecated
|
|
- BUG/MINOR: auth: fix wrong return type in pat_match_auth()
|
|
- BUILD: config: remove a warning with clang
|
|
- BUG/MAJOR: http: connection setup may stall on balance url_param
|
|
- BUG/MEDIUM: http/session: disable client-side expiration only after body
|
|
- BUG/MEDIUM: http: correctly report request body timeouts
|
|
- BUG/MEDIUM: http: disable server-side expiration until client has sent the body
|
|
- MEDIUM: listener: make the accept function more robust against pauses
|
|
- BUILD: syscalls: remove improper inline statement in front of syscalls
|
|
- BUILD: ssl: SSL_CTX_set_msg_callback() needs openssl >= 0.9.7
|
|
- BUG/MAJOR: session: recover the correct connection pointer in half-initialized sessions
|
|
- DOC: add some explanation on the shared cache build options in the readme.
|
|
- MEDIUM: proxy: only adjust the backend's bind-process when already set
|
|
- MEDIUM: config: limit nbproc to the machine's word size
|
|
- MEDIUM: config: check the bind-process settings according to nbproc
|
|
- MEDIUM: listener: parse the new "process" bind keyword
|
|
- MEDIUM: listener: inherit the process mask from the proxy
|
|
- MAJOR: listener: only start listeners bound to the same processes
|
|
- MINOR: config: only report a warning when stats sockets are bound to more than 1 process
|
|
- CLEANUP: config: set the maxaccept value for peers listeners earlier
|
|
- BUG/MINOR: backend: only match IPv4 addresses with RDP cookies
|
|
- BUG/MINOR: checks: correctly configure the address family and protocol
|
|
- MINOR: tools: split is_addr() and is_inet_addr()
|
|
- MINOR: protocols: use is_inet_addr() when only INET addresses are desired
|
|
- MEDIUM: unix: add preliminary support for connecting to servers over UNIX sockets
|
|
- MEDIUM: checks: only complain about the missing port when the check uses TCP
|
|
- MEDIUM: unix: implement support for Linux abstract namespace sockets
|
|
- DOC: map_beg was missing from the table of map_* converters
|
|
- DOC: ebtree: indicate that prefix insertion/lookup may be used with strings
|
|
- MEDIUM: pattern: use ebtree's longest match to index/lookup string beginning
|
|
- BUILD: remove the obsolete BSD and OSX makefiles
|
|
- MEDIUM: unix: avoid a double connect probe when no data are sent
|
|
- DOC: stop referencing the slow git repository in the README
|
|
- BUILD: only build the systemd wrapper on Linux 2.6 and above
|
|
- DOC: update roadmap with completed tasks
|
|
- MEDIUM: session: implement half-closed timeouts (client-fin and server-fin)
|
|
|
|
2014/04/26 : 1.5-dev24
|
|
- MINOR: pattern: find element in a reference
|
|
- MEDIUM: http: ACL and MAP updates through http-(request|response) rules
|
|
- MEDIUM: ssl: explicitly log failed handshakes after a heartbeat
|
|
- DOC: Full section dedicated to the converters
|
|
- MEDIUM: http: register http-request and http-response keywords
|
|
- BUG/MINOR: compression: correctly report incoming byte count
|
|
- BUG/MINOR: http: don't report server aborts as client aborts
|
|
- BUG/MEDIUM: channel: bi_putblk() must not wrap before the end of buffer
|
|
- CLEANUP: buffers: remove unused function buffer_contig_space_with_res()
|
|
- MEDIUM: stats: reimplement HTTP keep-alive on the stats page
|
|
- BUG/MAJOR: http: fix timeouts during data forwarding
|
|
- BUG/MEDIUM: http: 100-continue responses must process the next part immediately
|
|
- MEDIUM: http: move skipping of 100-continue earlier
|
|
- BUILD: stats: let gcc know that last_fwd cannot be used uninitialized...
|
|
- CLEANUP: general: get rid of all old occurrences of "session *t"
|
|
- CLEANUP: http: remove the useless "if (1)" inherited from version 1.4
|
|
- BUG/MEDIUM: stats: mismatch between behaviour and doc about front/back
|
|
- MEDIUM: http: enable analysers to have keep-alive on stats
|
|
- REORG: http: move HTTP Connection response header parsing earlier
|
|
- MINOR: stats: always emit HTTP/1.1 in responses
|
|
- MINOR: http: add capture.req.ver and capture.res.ver
|
|
- MINOR: checks: add a new global max-spread-checks directive
|
|
- BUG/MAJOR: http: fix the 'next' pointer when performing a redirect
|
|
- MINOR: http: implement the max-keep-alive-queue setting
|
|
- DOC: fix alphabetic order of tcp-check
|
|
- MINOR: connection: add a new error code for SSL with heartbeat
|
|
- MEDIUM: ssl: implement a workaround for the OpenSSL heartbleed attack
|
|
- BUG/MEDIUM: Revert "MEDIUM: ssl: Add standardized DH parameters >= 1024 bits"
|
|
- BUILD: http: remove a warning on strndup
|
|
- BUILD: ssl: avoid a warning about conn not used with OpenSSL < 1.0.1
|
|
- BUG/MINOR: ssl: really block OpenSSL's response to heartbleed attack
|
|
- MINOR: ssl: finally catch the heartbeats missing the padding
|
|
|
|
2014/04/23 : 1.5-dev23
|
|
- BUG/MINOR: reject malformed HTTP/0.9 requests
|
|
- MINOR: systemd wrapper: re-execute on SIGUSR2
|
|
- MINOR: systemd wrapper: improve logging
|
|
- MINOR: systemd wrapper: propagate exit status
|
|
- BUG/MINOR: tcpcheck connect wrong behavior
|
|
- MEDIUM: proxy: support use_backend with dynamic names
|
|
- MINOR: stats: Enhancement to stats page to provide information of last session time.
|
|
- BUG/MEDIUM: peers: fix key consistency for integer stick tables
|
|
- DOC: fix a typo on http-server-close and encapsulate options with double-quotes
|
|
- DOC: fix fetching samples syntax
|
|
- MINOR: ssl: add ssl_fc_unique_id to fetch TLS Unique ID
|
|
- MEDIUM: ssl: Use ALPN support as it will be available in OpenSSL 1.0.2
|
|
- DOC: fix typo
|
|
- CLEANUP: code style: use tabs to indent codes instead of spaces
|
|
- DOC: fix a few config typos.
|
|
- BUG/MINOR: raw_sock: also consider ENOTCONN in addition to EAGAIN for recv()
|
|
- DOC: lowercase format string in unique-id
|
|
- MINOR: set IP_FREEBIND on IPv6 sockets in transparent mode
|
|
- BUG/MINOR: acl: req_ssl_sni fails with SSLv3 record version
|
|
- BUG/MINOR: build: add missing objects in osx and bsd Makefiles
|
|
- BUG/MINOR: build: handle whitespaces in wc -l output
|
|
- BUG/MINOR: Fix name lookup ordering when compiled with USE_GETADDRINFO
|
|
- MEDIUM: ssl: Add standardized DH parameters >= 1024 bits
|
|
- BUG/MEDIUM: map: The map parser includes blank lines.
|
|
- BUG/MINOR: log: The log of quotted capture header has been terminated by 2 quotes.
|
|
- MINOR: standard: add function "encode_chunk"
|
|
- BUG/MINOR: http: fix encoding of samples used in http headers
|
|
- MINOR: sample: add hex converter
|
|
- MEDIUM: sample: change the behavior of the bin2str cast
|
|
- MAJOR: auth: Change the internal authentication system.
|
|
- MEDIUM: acl/pattern: standardisation "of pat_parse_int()" and "pat_parse_dotted_ver()"
|
|
- MEDIUM: pattern: The pattern parser no more uses <opaque> and just takes one string.
|
|
- MEDIUM: pattern: Change the prototype of the function pattern_register().
|
|
- CONTRIB: ip6range: add a network IPv6 range to mask converter
|
|
- MINOR: pattern: separe list element from the data part.
|
|
- MEDIUM: pattern: add indexation function.
|
|
- MEDIUM: pattern: The parse functions just return "struct pattern" without memory allocation
|
|
- MINOR: pattern: Rename "pat_idx_elt" to "pattern_tree"
|
|
- MINOR: sample: dont call the sample cast function "c_none"
|
|
- MINOR: standard: Add function for converting cidr to network mask.
|
|
- MEDIUM: sample: Remove types SMP_T_CSTR and SMP_T_CBIN, replace it by SMP_F_CONST flags
|
|
- MEDIUM: sample/http_proto: Add new type called method
|
|
- MINOR: dumpstats: Group map inline help
|
|
- MEDIUM: pattern: The function pattern_exec_match() returns "struct pattern" if the patten match.
|
|
- MINOR: dumpstats: change map inline sentences
|
|
- MINOR: dumpstats: change the "get map" display management
|
|
- MINOR: map/dumpstats: The cli cmd "get map ..." display the "int" format.
|
|
- MEDIUM: pattern: The match function browse itself the list or the tree.
|
|
- MEDIUM: pattern: Index IPv6 addresses in a tree.
|
|
- MEDIUM: pattern: add delete functions
|
|
- MEDIUM: pattern: add prune function
|
|
- MEDIUM: pattern: add sample lookup function.
|
|
- MEDIUM: pattern/dumpstats: The function pattern_lookup() is no longer used
|
|
- MINOR: map/pattern: The sample parser is stored in the pattern
|
|
- MAJOR: pattern/map: Extends the map edition system in the patterns
|
|
- MEDIUM: pattern: merge same pattern
|
|
- MEDIUM: pattern: The expected type is stored in the pattern head, and conversion is executed once.
|
|
- MINOR: pattern: Each pattern is identified by unique id.
|
|
- MINOR: pattern/acl: Each pattern of each acl can be load with specified id
|
|
- MINOR: pattern: The function "pattern_register()" is no longer used.
|
|
- MINOR: pattern: Merge function pattern_add() with pat_ref_push().
|
|
- MINOR: pattern: store configuration reference for each acl or map pattern.
|
|
- MINOR: pattern: Each pattern expression element store the reference struct.
|
|
- MINOR: dumpstats: display the reference for th key/pattern and value.
|
|
- MEDIUM: pattern: delete() function uses the pat_ref_elt to find the element to be removed
|
|
- MEDIUM: pattern_find_smp: functions find_smp uses the pat_ref_elt to find the element to be removed
|
|
- MEDIUM: dumpstats/pattern: display and use each pointer of each pattern dumped
|
|
- MINOR: pattern/map/acl: Centralization of the file parsers
|
|
- MINOR: pattern: Check if the file reference is not used with acl and map
|
|
- MINOR: acl/pattern: Acl "-M" option force to load file as map file with two columns
|
|
- MEDIUM: dumpstats: Display error message during add of values.
|
|
- MINOR: pattern: The function pat_ref_set() have now atomic behavior
|
|
- MINOR: regex: The pointer regstr in the struc regex is no longer used.
|
|
- MINOR: cli: Block the usage of the command "acl add" in many cases.
|
|
- MINOR: doc: Update the documentation about the map and acl
|
|
- MINOR: pattern: index duplicates
|
|
- MINOR: configuration: File and line propagation
|
|
- MINOR: dumpstat/conf: display all the configuration lines that using pattern reference
|
|
- MINOR: standard: Disable ip resolution during the runtime
|
|
- MINOR: pattern: Remove the flag "PAT_F_FROM_FILE".
|
|
- MINOR: pattern: forbid dns resolutions
|
|
- DOC: document "get map" / "get acl" on the CLI
|
|
- MEDIUM: acl: Change the acl register struct
|
|
- BUG/MEDIUM: acl: boolean only matches were broken by recent changes
|
|
- DOC: pattern: pattern organisation schematics
|
|
- MINOR: pattern/cli: Update used terms in documentation and cli
|
|
- MINOR: cli: remove information about acl or map owner.
|
|
- MINOR: session: don't always assume there's a listener
|
|
- MINOR: pattern: Add function to prune and reload pattern list.
|
|
- MINOR: standard: Add ipv6 support in the function url2sa().
|
|
- MEDIUM: config: Dynamic sections.
|
|
- BUG/MEDIUM: stick-table: fix IPv4-to-IPv6 conversion in src_* fetches
|
|
- MINOR: http: Add the "language" converter to for use with accept-language
|
|
- BUG/MINOR: log: Don't dump empty unique-id
|
|
- BUG/MAJOR: session: fix a possible crash with src_tracked
|
|
- DOC: Update "language" documentation
|
|
- MINOR: http: add the function "del-header" to the directives http-request and http-response
|
|
- DOC: add some information on capture.(req|res).hdr
|
|
- MINOR: http: capture.req.method and capture.req.uri
|
|
- MINOR: http: optimize capture.req.method and capture.req.uri
|
|
- MINOR: session: clean up the connection free code
|
|
- BUG/MEDIUM: checks: immediately report a connection success
|
|
- MEDIUM: connection: don't use real send() flags in snd_buf()
|
|
- OPTIM: ssl: implement dynamic record size adjustment
|
|
- MINOR: stats: report exact last session time in backend too
|
|
- BUG/MEDIUM: stats: the "lastsess" field must appear last in the CSV.
|
|
- BUG/MAJOR: check: fix memory leak in "tcp-check connect" over SSL
|
|
- BUG/MINOR: channel: initialize xfer_small/xfer_large on new buffers
|
|
- MINOR: channel: add the date of last read in the channel
|
|
- MEDIUM: stream-int: automatically disable CF_STREAMER flags after idle
|
|
- MINOR: ssl: add DEFAULT_SSL_MAX_RECORD to set the record size at build time
|
|
- MINOR: config: make the stream interface idle timer user-configurable
|
|
- MINOR: config: add global directives to set default SSL ciphers
|
|
- MINOR: sample: add a rand() sample fetch to return a sample.
|
|
- BUG/MEDIUM: config: immediately abort if peers section has no name
|
|
- BUG/MINOR: ssl: fix syntax in config error message
|
|
- BUG/MEDIUM: ssl: always send a full buffer after EAGAIN
|
|
- BUG/MINOR: config: server on-marked-* statement is ignored in default-server
|
|
- BUG/MEDIUM: backend: prefer-last-server breaks redispatch
|
|
- BUG/MEDIUM: http: continue to emit 503 on keep-alive to different server
|
|
- MEDIUM: acl: fix pattern type for payload / payload_lv
|
|
- BUG/MINOR: config: fix a crash on startup when a disabled backend references a peer
|
|
- BUG/MEDIUM: compression: fix the output type of the compressor name
|
|
- BUG/MEDIUM: http: don't start to forward request data before the connect
|
|
- MINOR: http: release compression context only in http_end_txn()
|
|
- MINOR: protect ebimtree/ebistree against multiple inclusions
|
|
- MEDIUM: proxy: create a tree to store proxies by name
|
|
- MEDIUM: proxy: make findproxy() use trees to look up proxies
|
|
- MEDIUM: proxy: make get_backend_server() use findproxy() to lookup proxies
|
|
- MEDIUM: stick-table: lookup table names using trees.
|
|
- MEDIUM: config: faster lookup for duplicated proxy name
|
|
- CLEANUP: acl: remove obsolete test in parse_acl_expr()
|
|
- MINOR: sample: move smp_to_type to sample.c
|
|
- MEDIUM: compression: consider the "q=" attribute in Accept-Encoding
|
|
- REORG: cfgparse: move server keyword parsing to server.c
|
|
- BUILD: adjust makefile for AIX 5.1
|
|
- BUG/MEDIUM: pattern: fix wrong definition of the pat_prune_fcts array
|
|
- CLEANUP: pattern: move array definitions to proto/ and not types/
|
|
- BUG/MAJOR: counters: check for null-deref when looking up an alternate table
|
|
- BUILD: ssl: previous patch failed
|
|
- BUILD/MEDIUM: standard: get rid of the last strcpy()
|
|
- BUILD/MEDIUM: standard: get rid of sprintf()
|
|
- BUILD/MEDIUM: cfgparse: get rid of sprintf()
|
|
- BUILD/MEDIUM: checks: get rid of sprintf()
|
|
- BUILD/MEDIUM: http: remove calls to sprintf()
|
|
- BUG/MEDIUM: systemd-wrapper: fix locating of haproxy binary
|
|
- BUILD/MINOR: ssl: remove one call to sprintf()
|
|
- MEDIUM: http: don't reject anymore message bodies not containing the url param
|
|
- MEDIUM: http: wait for the first chunk or message body length in http_process_body
|
|
- CLEANUP: http: rename http_process_request_body()
|
|
- CLEANUP: http: prepare dedicated processing for chunked encoded message bodies
|
|
- MINOR: http: make msg->eol carry the last CRLF length
|
|
- MAJOR: http: do not use msg->sol while processing messages or forwarding data
|
|
- MEDIUM: http: http_parse_chunk_crlf() must not advance the buffer pointer
|
|
- MAJOR: http: don't update msg->sov anymore while processing the body
|
|
- MINOR: http: add a small helper to compute the amount of body bytes present
|
|
- MEDIUM: http: add a small helper to compute how far to rewind to find headers
|
|
- MINOR: http: add a small helper to compute how far to rewind to find URI
|
|
- MEDIUM: http: small helpers to compute how far to rewind to find BODY and DATA
|
|
- MAJOR: http: reset msg->sov after headers are forwarded
|
|
- MEDIUM: http: forward headers again while waiting for connection to complete
|
|
- BUG/MINOR: http: deinitialize compression after a parsing error
|
|
- BUG/MINOR: http: deinitialize compression after a compression error
|
|
- MEDIUM: http: headers must be forwarded even if data was already inspected
|
|
- MAJOR: http: re-enable compression on chunked encoding
|
|
- MAJOR: http/compression: fix chunked-encoded response processing
|
|
- MEDIUM: http: cleanup: centralize a little bit HTTP compression end
|
|
- MEDIUM: http: start to centralize the forwarding code
|
|
- MINOR: http: further cleanups of response forwarding function
|
|
- MEDIUM: http: only allocate the temporary compression buffer when needed
|
|
- MAJOR: http: centralize data forwarding in the request path
|
|
- CLEANUP: http: document the response forwarding states
|
|
- CLEANUP: http: remove all calls to http_silent_debug()
|
|
- DOC: internal: add some reminders about HTTP parsing and pointer states
|
|
- BUG/MAJOR: http: fix bug in parse_qvalue() when selecting compression algo
|
|
- BUG/MINOR: stats: last session was not always set
|
|
- DOC: add pointer to the Cyril's HTML doc in the README
|
|
- MEDIUM: config: relax use_backend check to make the condition optional
|
|
- MEDIUM: config: report misplaced http-request rules
|
|
- MEDIUM: config: report misplaced use-server rules
|
|
- DOC: update roadmap with what was done.
|
|
|
|
2014/02/03 : 1.5-dev22
|
|
- MEDIUM: tcp-check new feature: connect
|
|
- MEDIUM: ssl: Set verify 'required' as global default for servers side.
|
|
- MINOR: ssl: handshake optim for long certificate chains.
|
|
- BUG/MINOR: pattern: pattern comparison executed twice
|
|
- BUG/MEDIUM: map: segmentation fault with the stats's socket command "set map ..."
|
|
- BUG/MEDIUM: pattern: Segfault in binary parser
|
|
- MINOR: pattern: move functions for grouping pat_match_* and pat_parse_* and add documentation.
|
|
- MINOR: standard: The parse_binary() returns the length consumed and his documentation is updated
|
|
- BUG/MINOR: payload: the patterns of the acl "req.ssl_ver" are no parsed with the good function.
|
|
- BUG/MEDIUM: pattern: "pat_parse_dotted_ver()" set bad expect_type.
|
|
- BUG/MINOR: sample: The c_str2int converter does not fail if the entry is not an integer
|
|
- BUG/MEDIUM: http/auth: Sometimes the authentication credentials can be mix between two requests
|
|
- MINOR: doc: Bad cli function name.
|
|
- MINOR: http: smp_fetch_capture_header_* fetch captured headers
|
|
- BUILD: last release inadvertently prepended a "+" in front of the date
|
|
- BUG/MEDIUM: stream-int: fix the keep-alive idle connection handler
|
|
- BUG/MEDIUM: backend: do not re-initialize the connection's context upon reuse
|
|
- BUG: Revert "OPTIM/MEDIUM: epoll: fuse active events into polled ones during polling changes"
|
|
- BUG/MINOR: checks: successful check completion must not re-enable MAINT servers
|
|
- MINOR: http: try to stick to same server after status 401/407
|
|
- BUG/MINOR: http: always disable compression on HTTP/1.0
|
|
- OPTIM: poll: restore polling after a poll/stop/want sequence
|
|
- OPTIM: http: don't stop polling for read on the client side after a request
|
|
- BUG/MEDIUM: checks: unchecked servers could not be enabled anymore
|
|
- BUG/MEDIUM: stats: the web interface must check the tracked servers before enabling
|
|
- BUG/MINOR: channel: CHN_INFINITE_FORWARD must be unsigned
|
|
- BUG/MINOR: stream-int: do not clear the owner upon unregister
|
|
- MEDIUM: stats: add support for HTTP keep-alive on the stats page
|
|
- BUG/MEDIUM: stats: fix HTTP/1.0 breakage introduced in previous patch
|
|
- Revert "MEDIUM: stats: add support for HTTP keep-alive on the stats page"
|
|
- MAJOR: channel: add a new flag CF_WAKE_WRITE to notify the task of writes
|
|
- OPTIM: session: set the READ_DONTWAIT flag when connecting
|
|
- BUG/MINOR: http: don't clear the SI_FL_DONT_WAKE flag between requests
|
|
- MINOR: session: factor out the connect time measurement
|
|
- MEDIUM: session: prepare to support earlier transitions to the established state
|
|
- MEDIUM: stream-int: make si_connect() return an established state when possible
|
|
- MINOR: checks: use an inline function for health_adjust()
|
|
- OPTIM: session: put unlikely() around the freewheeling code
|
|
- MEDIUM: config: report a warning when multiple servers have the same name
|
|
- BUG: Revert "OPTIM: poll: restore polling after a poll/stop/want sequence"
|
|
- BUILD/MINOR: listener: remove a glibc warning on accept4()
|
|
- BUG/MAJOR: connection: fix mismatch between rcv_buf's API and usage
|
|
- BUILD: listener: fix recent accept4() again
|
|
- BUG/MAJOR: ssl: fix breakage caused by recent fix abf08d9
|
|
- BUG/MEDIUM: polling: ensure we update FD status when there's no more activity
|
|
- MEDIUM: listener: fix polling management in the accept loop
|
|
- MINOR: protocol: improve the proto->drain() API
|
|
- MINOR: connection: add a new conn_drain() function
|
|
- MEDIUM: tcp: report in tcp_drain() that lingering is already disabled on close
|
|
- MEDIUM: connection: update callers of ctrl->drain() to use conn_drain()
|
|
- MINOR: connection: add more error codes to report connection errors
|
|
- MEDIUM: tcp: report connection error at the connection level
|
|
- MEDIUM: checks: make use of chk_report_conn_err() for connection errors
|
|
- BUG/MEDIUM: unique_id: HTTP request counter is not stable
|
|
- DOC: fix misleading information about SIGQUIT
|
|
- BUG/MAJOR: fix freezes during compression
|
|
- BUG/MEDIUM: stream-interface: don't wake the task up before end of transfer
|
|
- BUILD: fix VERDATE exclusion regex
|
|
- CLEANUP: polling: rename "spec_e" to "state"
|
|
- DOC: add a diagram showing polling state transitions
|
|
- REORG: polling: rename "spec_e" to "state" and "spec_p" to "cache"
|
|
- REORG: polling: rename "fd_spec" to "fd_cache"
|
|
- REORG: polling: rename the cache allocation functions
|
|
- REORG: polling: rename "fd_process_spec_events()" to "fd_process_cached_events()"
|
|
- MAJOR: polling: rework the whole polling system
|
|
- MAJOR: connection: remove the CO_FL_WAIT_{RD,WR} flags
|
|
- MEDIUM: connection: remove conn_{data,sock}_poll_{recv,send}
|
|
- MEDIUM: connection: add check for readiness in I/O handlers
|
|
- MEDIUM: stream-interface: the polling flags must always be updated in chk_snd_conn
|
|
- MINOR: stream-interface: no need to call fd_stop_both() on error
|
|
- MEDIUM: connection: no need to recheck FD state
|
|
- CLEANUP: connection: use conn_ctrl_ready() instead of checking the flag
|
|
- CLEANUP: connection: use conn_xprt_ready() instead of checking the flag
|
|
- CLEANUP: connection: fix comments in connection.h to reflect new behaviour.
|
|
- OPTIM: raw-sock: don't speculate after a short read if polling is enabled
|
|
- MEDIUM: polling: centralize polled events processing
|
|
- MINOR: polling: create function fd_compute_new_polled_status()
|
|
- MINOR: cli: add more information to the "show info" output
|
|
- MEDIUM: listener: add support for limiting the session rate in addition to the connection rate
|
|
- MEDIUM: listener: apply a limit on the session rate submitted to SSL
|
|
- REORG: stats: move the stats socket states to dumpstats.c
|
|
- MINOR: cli: add the new "show pools" command
|
|
- BUG/MEDIUM: counters: flush content counters after each request
|
|
- BUG/MEDIUM: counters: fix stick-table entry leak when using track-sc2 in connection
|
|
- MINOR: tools: add very basic support for composite pointers
|
|
- MEDIUM: counters: stop relying on session flags at all
|
|
- BUG/MINOR: cli: fix missing break in command line parser
|
|
- BUG/MINOR: config: correctly report when log-format headers require HTTP mode
|
|
- MAJOR: http: update connection mode configuration
|
|
- MEDIUM: http: make keep-alive + httpclose be passive mode
|
|
- MAJOR: http: switch to keep-alive mode by default
|
|
- BUG/MEDIUM: http: fix regression caused by recent switch to keep-alive by default
|
|
- BUG/MEDIUM: listener: improve detection of non-working accept4()
|
|
- BUILD: listener: add fcntl.h and unistd.h
|
|
- BUG/MINOR: raw_sock: correctly set the MSG_MORE flag
|
|
|
|
2013/12/17 : 1.5-dev21
|
|
- MINOR: stats: don't use a monospace font to report numbers
|
|
- MINOR: session: remove debugging code
|
|
- BUG/MAJOR: patterns: fix double free caused by loading strings from files
|
|
- MEDIUM: http: make option http_proxy automatically rewrite the URL
|
|
- BUG/MEDIUM: http: cook_cnt() forgets to set its output type
|
|
- BUG/MINOR: stats: correctly report throttle rate of low weight servers
|
|
- BUG/MEDIUM: checks: servers must not start in slowstart mode
|
|
- BUG/MINOR: acl: parser must also stop at comma on ACL-only keywords
|
|
- MEDIUM: stream-int: implement a very simplistic idle connection manager
|
|
- DOC: update the ROADMAP file
|
|
|
|
2013/12/16 : 1.5-dev20
|
|
- DOC: add missing options to the manpage
|
|
- DOC: add manpage references to all system calls
|
|
- DOC: update manpage reference to haproxy-en.txt
|
|
- DOC: remove -s and -l options from the manpage
|
|
- DOC: missing information for the "description" keyword
|
|
- DOC: missing http-send-name-header keyword in keyword table
|
|
- MINOR: tools: function my_memmem() to lookup binary contents
|
|
- MEDIUM: checks: add send/expect tcp based check
|
|
- MEDIUM: backend: Enhance hash-type directive with an algorithm options
|
|
- MEDIUM: backend: Implement avalanche as a modifier of the hashing functions.
|
|
- DOC: Documentation for hashing function, with test results.
|
|
- BUG/MEDIUM: ssl: potential memory leak using verifyhost
|
|
- BUILD: ssl: compilation issue with openssl v0.9.6.
|
|
- BUG/MINOR: ssl: potential memory leaks using ssl_c_key_alg or ssl_c_sig_alg.
|
|
- MINOR: ssl: optimization of verifyhost on wildcard certificates.
|
|
- BUG/MINOR: ssl: verifyhost does not match empty strings on wildcard.
|
|
- MINOR: ssl: Add statement 'verifyhost' to "server" statements
|
|
- CLEANUP: session: remove event_accept() which was not used anymore
|
|
- BUG/MINOR: deinit: free fdinfo while doing cleanup
|
|
- DOC: minor typo fix in documentation
|
|
- BUG/MEDIUM: server: set the macro for server's max weight SRV_UWGHT_MAX to SRV_UWGHT_RANGE
|
|
- BUG/MINOR: use the same check condition for server as other algorithms
|
|
- DOC: fix typo in comments
|
|
- BUG/MINOR: deinit: free server map which is allocated in init_server_map()
|
|
- CLEANUP: stream_interface: cleanup loop information in si_conn_send_loop()
|
|
- MINOR: buffer: align the last output line of buffer_dump()
|
|
- MINOR: buffer: align the last output line if there are less than 8 characters left
|
|
- DOC: stick-table: modify the description
|
|
- OPTIM: stream_interface: return directly if the connection flag CO_FL_ERROR has been set
|
|
- CLEANUP: code style: use tabs to indent codes
|
|
- DOC: checkcache: block responses with cacheable cookies
|
|
- BUG/MINOR: check_config_validity: check the returned value of stktable_init()
|
|
- MEDIUM: haproxy-systemd-wrapper: Use haproxy in same directory
|
|
- MEDIUM: systemd-wrapper: Kill child processes when interrupted
|
|
- LOW: systemd-wrapper: Write debug information to stdout
|
|
- BUG/MINOR: http: fix "set-tos" not working in certain configurations
|
|
- MEDIUM: http: add IPv6 support for "set-tos"
|
|
- DOC: ssl: update build instructions to use new SSL_* variables
|
|
- BUILD/MINOR: systemd: fix compiler warning about unused result
|
|
- url32+src - like base32+src but whole url including parameters
|
|
- BUG/MINOR: fix forcing fastinter in "on-error"
|
|
- CLEANUP: Make parameters of srv_downtime and srv_getinter const
|
|
- CLEANUP: Remove unused 'last_slowstart_change' field from struct peer
|
|
- MEDIUM: Split up struct server's check element
|
|
- MEDIUM: Move result element to struct check
|
|
- MEDIUM: Paramatise functions over the check of a server
|
|
- MEDIUM: cfgparse: Factor out check initialisation
|
|
- MEDIUM: Add state to struct check
|
|
- MEDIUM: Move health element to struct check
|
|
- MEDIUM: Add helper for task creation for checks
|
|
- MEDIUM: Add helper function for failed checks
|
|
- MEDIUM: Log agent fail, stopped or down as info
|
|
- MEDIUM: Remove option lb-agent-chk
|
|
- MEDIUM: checks: Add supplementary agent checks
|
|
- MEDIUM: Do not mark a server as down if the agent is unavailable
|
|
- MEDIUM: Set rise and fall of agent checks to 1
|
|
- MEDIUM: Add enable and disable agent unix socket commands
|
|
- MEDIUM: Add DRAIN state and report it on the stats page
|
|
- BUILD/MINOR: missing header file
|
|
- CLEANUP: regex: Create regex_comp function that compiles regex using compilation options
|
|
- CLEANUP: The function "regex_exec" needs the string length but in many case they expect null terminated char.
|
|
- MINOR: http: some exported functions were not in the header file
|
|
- MINOR: http: change url_decode to return the size of the decoded string.
|
|
- BUILD/MINOR: missing header file
|
|
- BUG/MEDIUM: sample: The function v4tov6 cannot support input and output overlap
|
|
- BUG/MINOR: arg: fix error reporting for add-header/set-header sample fetch arguments
|
|
- MINOR: sample: export the generic sample conversion parser
|
|
- MINOR: sample: export sample_casts
|
|
- MEDIUM: acl: use the fetch syntax 'fetch(args),conv(),conv()' into the ACL keyword
|
|
- MINOR: stick-table: use smp_expr_output_type() to retrieve the output type of a "struct sample_expr"
|
|
- MINOR: sample: provide the original sample_conv descriptor struct to the argument checker function.
|
|
- MINOR: tools: Add a function to convert buffer to an ipv6 address
|
|
- MINOR: acl: export acl arrays
|
|
- MINOR: acl: Extract the pattern parsing and indexation from the "acl_read_patterns_from_file()" function
|
|
- MINOR: acl: Extract the pattern matching function
|
|
- MINOR: sample: Define new struct sample_storage
|
|
- MEDIUM: acl: associate "struct sample_storage" to each "struct acl_pattern"
|
|
- REORG: acl/pattern: extract pattern matching from the acl file and create pattern.c
|
|
- MEDIUM: pattern: create pattern expression
|
|
- MEDIUM: pattern: rename "acl" prefix to "pat"
|
|
- MEDIUM: sample: let the cast functions set their output type
|
|
- MINOR: sample: add a private field to the struct sample_conv
|
|
- MINOR: map: Define map types
|
|
- MEDIUM: sample: add the "map" converter
|
|
- MEDIUM: http: The redirect strings follows the log format rules.
|
|
- BUG/MINOR: acl: acl parser does not recognize empty converter list
|
|
- BUG/MINOR: map: The map list was declared in the map.h file
|
|
- MINOR: map: Cleanup the initialisation of map descriptors.
|
|
- MEDIUM: map: merge identical maps
|
|
- BUG/MEDIUM: pattern: Pattern node has type of "struct pat_idx_elt" in place of "struct eb_node"
|
|
- BUG/MEDIUM: map: Bad map file parser
|
|
- CLEANUP/MINOR: standard: use the system define INET6_ADDRSTRLEN in place of MAX_IP6_LEN
|
|
- BUG/MEDIUM: sample: conversion from str to ipv6 may read data past end
|
|
- MINOR: map: export map_get_reference() function
|
|
- MINOR: pattern: Each pattern sets the expected input type
|
|
- MEDIUM: acl: Last patch change the output type
|
|
- MEDIUM: pattern: Extract the index process from the pat_parse_*() functions
|
|
- MINOR: standard: The function parse_binary() can use preallocated buffer
|
|
- MINOR: regex: Change the struct containing regex
|
|
- MINOR: regex: Copy the original regex expression into string.
|
|
- MINOR: pattern: add support for compiling patterns for lookups
|
|
- MINOR: pattern: make the pattern matching function return a pointer to the matched element
|
|
- MINOR: map: export parse output sample functions
|
|
- MINOR: pattern: add function to lookup a specific entry in pattern list
|
|
- MINOR: pattern/map: Each pattern must free the associated sample
|
|
- MEDIUM: dumpstat: make the CLI parser understand the backslash as an escape char
|
|
- MEDIUM: map: dynamic manipulation of maps
|
|
- BUG/MEDIUM: unique_id: junk in log on empty unique_id
|
|
- BUG/MINOR: log: junk at the end of syslog packet
|
|
- MINOR: Makefile: provide cscope rule
|
|
- DOC: compression: chunk are not compressed anymore
|
|
- MEDIUM: session: disable lingering on the server when the client aborts
|
|
- BUG/MEDIUM: prevent gcc from moving empty keywords lists into BSS
|
|
- DOC: remove the comment saying that SSL certs are not checked on the server side
|
|
- BUG: counters: third counter was not stored if others unset
|
|
- BUG/MAJOR: http: don't emit the send-name-header when no server is available
|
|
- BUG/MEDIUM: http: "option checkcache" fails with the no-cache header
|
|
- BUG/MAJOR: http: sample prefetch code was not properly migrated
|
|
- BUG/MEDIUM: splicing: fix abnormal CPU usage with splicing
|
|
- BUG/MINOR: stream_interface: don't call chk_snd() on polled events
|
|
- OPTIM: splicing: use splice() for the last block when relevant
|
|
- MEDIUM: sample: handle comma-delimited converter list
|
|
- MINOR: sample: fix sample_process handling of unstable data
|
|
- CLEANUP: acl: move the 3 remaining sample fetches to samples.c
|
|
- MINOR: sample: add a new "date" fetch to return the current date
|
|
- MINOR: samples: add the http_date([<offset>]) sample converter.
|
|
- DOC: minor improvements to the part on the stats socket.
|
|
- MEDIUM: sample: systematically pass the keyword pointer to the keyword
|
|
- MINOR: payload: split smp_fetch_rdp_cookie()
|
|
- MINOR: counters: factor out smp_fetch_sc*_tracked
|
|
- MINOR: counters: provide a generic function to retrieve a stkctr for sc* and src.
|
|
- MEDIUM: counters: factor out smp_fetch_sc*_get_gpc0
|
|
- MEDIUM: counters: factor out smp_fetch_sc*_gpc0_rate
|
|
- MEDIUM: counters: factor out smp_fetch_sc*_inc_gpc0
|
|
- MEDIUM: counters: factor out smp_fetch_sc*_clr_gpc0
|
|
- MEDIUM: counters: factor out smp_fetch_sc*_conn_cnt
|
|
- MEDIUM: counters: factor out smp_fetch_sc*_conn_rate
|
|
- MEDIUM: counters: factor out smp_fetch_sc*_conn_cur
|
|
- MEDIUM: counters: factor out smp_fetch_sc*_sess_cnt
|
|
- MEDIUM: counters: factor out smp_fetch_sc*_sess_rate
|
|
- MEDIUM: counters: factor out smp_fetch_sc*_http_req_cnt
|
|
- MEDIUM: counters: factor out smp_fetch_sc*_http_req_rate
|
|
- MEDIUM: counters: factor out smp_fetch_sc*_http_err_cnt
|
|
- MEDIUM: counters: factor out smp_fetch_sc*_http_err_rate
|
|
- MEDIUM: counters: factor out smp_fetch_sc*_kbytes_in
|
|
- MEDIUM: counters: factor out smp_fetch_sc*_bytes_in_rate
|
|
- MEDIUM: counters: factor out smp_fetch_sc*_kbytes_out
|
|
- MEDIUM: counters: factor out smp_fetch_sc*_bytes_out_rate
|
|
- MEDIUM: counters: factor out smp_fetch_sc*_trackers
|
|
- MINOR: session: make the number of stick counter entries more configurable
|
|
- MEDIUM: counters: support passing the counter number as a fetch argument
|
|
- MEDIUM: counters: support looking up a key in an alternate table
|
|
- MEDIUM: cli: adjust the method for feeding frequency counters in tables
|
|
- MINOR: cli: make it possible to enter multiple values at once with "set table"
|
|
- MINOR: payload: allow the payload sample fetches to retrieve arbitrary lengths
|
|
- BUG/MINOR: cli: "clear table" must not kill entries that don't match condition
|
|
- MINOR: ssl: use MAXPATHLEN instead of PATH_MAX
|
|
- MINOR: config: warn when a server with no specific port uses rdp-cookie
|
|
- BUG/MEDIUM: unique_id: HTTP request counter must be unique!
|
|
- DOC: add a mention about the limited chunk size
|
|
- BUG/MEDIUM: fix broken send_proxy on FreeBSD
|
|
- MEDIUM: stick-tables: flush old entries upon soft-stop
|
|
- MINOR: tcp: add new "close" action for tcp-response
|
|
- MINOR: payload: provide the "res.len" fetch method
|
|
- BUILD: add SSL_INC/SSL_LIB variables to force the path to openssl
|
|
- MINOR: http: compute response time before processing headers
|
|
- BUG/MINOR: acl: fix improper string size assignment in proxy argument
|
|
- BUG/MEDIUM: http: accept full buffers on smp_prefetch_http
|
|
- BUG/MINOR: acl: implicit arguments of ACL keywords were not properly resolved
|
|
- BUG/MEDIUM: session: risk of crash on out of memory conditions
|
|
- BUG/MINOR: peers: set the accept date in outgoing connections
|
|
- BUG/MEDIUM: tcp: do not skip tracking rules on second pass
|
|
- BUG/MEDIUM: acl: do not evaluate next terms after a miss
|
|
- MINOR: acl: add a warning when an ACL keyword is used without any value
|
|
- MINOR: tcp: don't use tick_add_ifset() when timeout is known to be set
|
|
- BUG/MINOR: acl: remove patterns from the tree before freeing them
|
|
- MEDIUM: backend: add support for the wt6 hash
|
|
- OPTIM/MEDIUM: epoll: fuse active events into polled ones during polling changes
|
|
- OPTIM/MINOR: mark the source address as already known on accept()
|
|
- BUG/MINOR: stats: don't count tarpitted connections twice
|
|
- CLEANUP: http: homogenize processing of denied req counter
|
|
- CLEANUP: http: merge error handling for req* and http-request *
|
|
- BUG/MEDIUM: http: fix possible parser crash when parsing erroneous "http-request redirect" rules
|
|
- BUG/MINOR: http: fix build warning introduced with url32/url32_src
|
|
- BUG/MEDIUM: checks: fix slow start regression after fix attempt
|
|
- BUG/MAJOR: server: weight calculation fails for map-based algorithms
|
|
- MINOR: stats: report correct throttling percentage for servers in slowstart
|
|
- OPTIM: connection: fold the error handling with handshake handling
|
|
- MINOR: peers: accept to learn strings of different lengths
|
|
- BUG/MAJOR: fix haproxy crash when using server tracking instead of checks
|
|
- BUG/MAJOR: check: fix haproxy crash during soft-stop/soft-start
|
|
- BUG/MINOR: stats: do not report "via" on tracking servers in maintenance
|
|
- BUG/MINOR: connection: fix typo in error message report
|
|
- BUG/MINOR: backend: fix target address retrieval in transparent mode
|
|
- BUG/MINOR: config: report the correct track-sc number in tcp-rules
|
|
- BUG/MINOR: log: fix log-format parsing errors
|
|
- DOC: add some information about how to apply converters to samples
|
|
- MINOR: acl/pattern: use types different from int to clarify who does what.
|
|
- MINOR: pattern: import acl_find_match_name() into pattern.h
|
|
- MEDIUM: stick-tables: support automatic conversion from ipv4<->ipv6
|
|
- MEDIUM: log-format: relax parsing of '%' followed by unsupported characters
|
|
- BUG/MINOR: http: usual deinit stuff in last commit
|
|
- BUILD: log: silent a warning about isblank() with latest patches
|
|
- BUG/MEDIUM: checks: fix health check regression causing them to depend on declaration order
|
|
- BUG/MEDIUM: checks: fix a long-standing issue with reporting connection errors
|
|
- BUG/MINOR: checks: don't consider errno and use conn->err_code
|
|
- BUG/MEDIUM: checks: also update the DRAIN state from the web interface
|
|
- MINOR: stats: remove some confusion between the DRAIN state and NOLB
|
|
- BUG/MINOR: tcp: check that no error is pending during a connect probe
|
|
- BUG/MINOR: connection: check EINTR when sending a PROXY header
|
|
- MEDIUM: connection: set the socket shutdown flags on socket errors
|
|
- BUG/MEDIUM: acl: fix regression introduced by latest converters support
|
|
- MINOR: connection: clear errno prior to checking for errors
|
|
- BUG/MINOR: checks: do not trust errno in write event before any syscall
|
|
- MEDIUM: checks: centralize error reporting
|
|
- OPTIM: checks: don't poll on recv when using plain TCP connects
|
|
- OPTIM: checks: avoid setting SO_LINGER twice
|
|
- MINOR: tools: add a generic binary hex string parser
|
|
- BUG/MEDIUM: checks: tcp-check: do not poll when there's nothing to send
|
|
- BUG/MEDIUM: check: tcp-check might miss some outgoing data when socket buffers are full
|
|
- BUG/MEDIUM: args: fix double free on error path in argument expression parser
|
|
- BUG/MINOR: acl: fix sample expression error reporting
|
|
- BUG/MINOR: checks: tcp-check actions are enums, not flags
|
|
- MEDIUM: checks: make tcp-check perform multiple send() at once
|
|
- BUG/MEDIUM: stick: completely remove the unused flag from the store entries
|
|
- OPTIM: ebtree: pack the struct eb_node to avoid holes on 64-bit
|
|
- BUG/MEDIUM: stick-tables: complete the latest fix about store-responses
|
|
- CLEANUP: stream_interface: remove unused field err_loc
|
|
- MEDIUM: stats: don't use conn->xprt_st anymore
|
|
- MINOR: session: add a simple function to retrieve a session from a task
|
|
- MEDIUM: stats: don't use conn->xprt_ctx anymore
|
|
- MEDIUM: peers: don't rely on conn->xprt_ctx anymore
|
|
- MINOR: http: prevent smp_fetch_url_{ip,port} from using si->conn
|
|
- MINOR: connection: make it easier to emit proxy protocol for unknown addresses
|
|
- MEDIUM: stats: prepare the HTTP stats I/O handler to support more states
|
|
- MAJOR: stats: move the HTTP stats handling to its applet
|
|
- MEDIUM: stats: move request argument processing to the final step
|
|
- MEDIUM: session: detect applets from the session by using s->target
|
|
- MAJOR: session: check for a connection to an applet in sess_prepare_conn_req()
|
|
- MAJOR: session: pass applet return traffic through the response analysers
|
|
- MEDIUM: stream-int: split the shutr/shutw functions between applet and conn
|
|
- MINOR: stream-int: make the shutr/shutw functions void
|
|
- MINOR: obj: provide a safe and an unsafe access to pointed objects
|
|
- MINOR: connection: add a field to store an object type
|
|
- MINOR: connection: always initialize conn->objt_type to OBJ_TYPE_CONN
|
|
- MEDIUM: stream interface: move the peers' ptr into the applet context
|
|
- MINOR: stream-interface: move the applet context to its own struct
|
|
- MINOR: obj: introduce a new type appctx
|
|
- MINOR: stream-int: rename ->applet to ->appctx
|
|
- MINOR: stream-int: split si_prepare_embedded into si_prepare_none and si_prepare_applet
|
|
- MINOR: stream-int: add a new pointer to the end point
|
|
- MEDIUM: stream-interface: set the pointer to the applet into the applet context
|
|
- MAJOR: stream interface: remove the ->release function pointer
|
|
- MEDIUM: stream-int: make ->end point to the connection or the appctx
|
|
- CLEANUP: stream-int: remove obsolete si_ctrl function
|
|
- MAJOR: stream-int: stop using si->conn and use si->end instead
|
|
- MEDIUM: stream-int: do not allocate a connection in parallel to applets
|
|
- MEDIUM: session: attach incoming connection to target on embryonic sessions
|
|
- MINOR: connection: add conn_init() to (re)initialize a connection
|
|
- MINOR: checks: call conn_init() to properly initialize the connection.
|
|
- MINOR: peers: make use of conn_init() to initialize the connection
|
|
- MINOR: session: use conn_init() to initialize the connections
|
|
- MINOR: http: use conn_init() to reinitialize the server connection
|
|
- MEDIUM: connection: replace conn_prepare with conn_assign
|
|
- MINOR: get rid of si_takeover_conn()
|
|
- MINOR: connection: add conn_new() / conn_free()
|
|
- MAJOR: connection: add two new flags to indicate readiness of control/transport
|
|
- MINOR: stream-interface: introduce si_reset() and si_set_state()
|
|
- MINOR: connection: reintroduce conn_prepare to set the protocol and transport
|
|
- MINOR: connection: replace conn_assign with conn_attach
|
|
- MEDIUM: stream-interface: introduce si_attach_conn to replace si_prepare_conn
|
|
- MAJOR: stream interface: dynamically allocate the outgoing connection
|
|
- MEDIUM: connection: move the send_proxy offset to the connection
|
|
- MINOR: connection: check for send_proxy during the connect(), not the SI
|
|
- MEDIUM: connection: merge the send_proxy and local_send_proxy calls
|
|
- MEDIUM: stream-int: replace occurrences of si->appctx with si_appctx()
|
|
- MEDIUM: stream-int: return the allocated appctx in stream_int_register_handler()
|
|
- MAJOR: stream-interface: dynamically allocate the applet context
|
|
- MEDIUM: session: automatically register the applet designated by the target
|
|
- MEDIUM: stats: delay appctx initialization
|
|
- CLEANUP: peers: use less confusing state/status code names
|
|
- MEDIUM: peers: delay appctx initialization
|
|
- MINOR: stats: provide some appctx information in "show sess all"
|
|
- DIET/MINOR: obj: pack the obj_type enum to 8 bits
|
|
- DIET/MINOR: connection: rearrange a few fields to save 8 bytes in the struct
|
|
- DIET/MINOR: listener: rearrange a few fields in struct listener to save 16 bytes
|
|
- DIET/MINOR: proxy: rearrange a few fields in struct proxy to save 16 bytes
|
|
- DIET/MINOR: session: reduce the struct session size by 8 bytes
|
|
- DIET/MINOR: stream-int: rearrange a few fields in struct stream_interface to save 8 bytes
|
|
- DIET/MINOR: http: reduce the size of struct http_txn by 8 bytes
|
|
- MINOR: http: switch the http state to an enum
|
|
- MINOR: http: use an enum for the auth method in http_auth_data
|
|
- DIET/MINOR: task: reduce struct task size by 8 bytes
|
|
- MINOR: stream_interface: add reporting of ressouce allocation errors
|
|
- MINOR: session: report lack of resources using the new stream-interface's error code
|
|
- BUILD: simplify the date and version retrieval in the makefile
|
|
- BUILD: prepare the makefile to skip format lines in SUBVERS and VERDATE
|
|
- BUILD: use format tags in VERDATE and SUBVERS files
|
|
- BUG/MEDIUM: channel: bo_getline() must wait for \n until buffer is full
|
|
- CLEANUP: check: server port is unsigned
|
|
- BUG/MEDIUM: checks: agent doesn't get the response if server does not closes
|
|
- MINOR: tools: buf2ip6 must not modify output on failure
|
|
- MINOR: pattern: do not assign SMP_TYPES by default to patterns
|
|
- MINOR: sample: make sample_parse_expr() use memprintf() to report parse errors
|
|
- MINOR: arg: improve wording on error reporting
|
|
- BUG/MEDIUM: sample: simplify and fix the argument parsing
|
|
- MEDIUM: acl: fix the argument parser to let the lower layer report detailed errors
|
|
- MEDIUM: acl: fix the initialization order of the ACL expression
|
|
- CLEANUP: acl: remove useless blind copy-paste from sample converters
|
|
- TESTS: add regression tests for ACL and sample expression parsers
|
|
- BUILD: time: adapt the type of TV_ETERNITY to the local system
|
|
- MINOR: chunks: allocate the trash chunks before parsing the config
|
|
- BUILD: definitely silence some stupid GCC warnings
|
|
- MINOR: chunks: always initialize the output chunk in get_trash_chunk()
|
|
- MINOR: checks: improve handling of the servers tracking chain
|
|
- REORG: checks: retrieve the check-specific defines from server.h to checks.h
|
|
- MINOR: checks: use an enum instead of flags to report a check result
|
|
- MINOR: checks: rename the state flags
|
|
- MINOR: checks: replace state DISABLED with CONFIGURED and ENABLED
|
|
- MINOR: checks: use check->state instead of srv->state & SRV_CHECKED
|
|
- MINOR: checks: fix agent check interval computation
|
|
- MINOR: checks: add a PAUSED state for the checks
|
|
- MINOR: checks: create the agent tasks even when no check is configured
|
|
- MINOR: checks: add a flag to indicate what check is an agent
|
|
- MEDIUM: checks: enable agent checks even if health checks are disabled
|
|
- BUG/MEDIUM: checks: ensure we can enable a server after boot
|
|
- BUG/MEDIUM: checks: tracking servers must not inherit the MAINT flag
|
|
- BUG/MAJOR: session: repair tcp-request connection rules
|
|
- BUILD: fix SUBVERS extraction in the Makefile
|
|
- BUILD: pattern: silence a warning about uninitialized value
|
|
- BUILD: log: fix build warning on Solaris
|
|
- BUILD: dumpstats: fix build error on Solaris
|
|
- DOC: move option pgsql-check to the correct place
|
|
- DOC: move option tcp-check to the proper place
|
|
- MINOR: connection: add simple functions to report connection readiness
|
|
- MEDIUM: connection: centralize handling of nolinger in fd management
|
|
- OPTIM: http: set CF_READ_DONTWAIT on response message
|
|
- OPTIM: http: do not re-enable reading on client side while closing the server side
|
|
- MINOR: config: add option http-keep-alive
|
|
- MEDIUM: connection: inform si_alloc_conn() whether existing conn is OK or not
|
|
- MAJOR: stream-int: handle the connection reuse in si_connect()
|
|
- MAJOR: http: add the keep-alive transition on the server side
|
|
- MAJOR: backend: enable connection reuse
|
|
- MINOR: http: add option prefer-last-server
|
|
- MEDIUM: http: do not report connection errors for second and further requests
|
|
|
|
2013/06/17 : 1.5-dev19
|
|
- MINOR: stats: remove the autofocus on the scope input field
|
|
- BUG/MEDIUM: Fix crt-list file parsing error: filtered name was ignored.
|
|
- BUG/MEDIUM: ssl: EDH ciphers are not usable if no DH parameters present in pem file.
|
|
- BUG/MEDIUM: shctx: makes the code independent on SSL runtime version.
|
|
- MEDIUM: ssl: improve crt-list format to support negation
|
|
- BUG: ssl: fix crt-list for clients not supporting SNI
|
|
- MINOR: stats: show soft-stopped servers in different color
|
|
- BUG/MINOR: config: "source" does not work in defaults section
|
|
- BUG: regex: fix pcre compile error when using JIT
|
|
- MINOR: ssl: add pattern fetch 'ssl_c_sha1'
|
|
- BUG: ssl: send payload gets corrupted if tune.ssl.maxrecord is used
|
|
- MINOR: show PCRE version and JIT status in -vv
|
|
- BUG/MINOR: jit: don't rely on USE flag to detect support
|
|
- DOC: readme: add suggestion to link against static openssl
|
|
- DOC: examples: provide simplified ssl configuration
|
|
- REORG: tproxy: prepare the transparent proxy defines for accepting other OSes
|
|
- MINOR: tproxy: add support for FreeBSD
|
|
- MINOR: tproxy: add support for OpenBSD
|
|
- DOC: examples: provide an example of transparent proxy configuration for FreeBSD 8
|
|
- CLEANUP: fix minor typo in error message.
|
|
- CLEANUP: fix missing include <string.h> in proto/listener.h
|
|
- CLEANUP: protect checks.h from multiple inclusions
|
|
- MINOR: compression: acl "res.comp" and fetch "res.comp_algo"
|
|
- BUG/MINOR: http: add-header/set-header did not accept the ACL condition
|
|
- BUILD: mention in the Makefile that USE_PCRE_JIT is for libpcre >= 8.32
|
|
- BUG/MEDIUM: splicing is broken since 1.5-dev12
|
|
- BUG/MAJOR: acl: add implicit arguments to the resolve list
|
|
- BUG/MINOR: tcp: fix error reporting for TCP rules
|
|
- CLEANUP: peers: remove a bit of spaghetti to prepare for the next bugfix
|
|
- MINOR: stick-table: allow to allocate an entry without filling it
|
|
- BUG/MAJOR: peers: fix an overflow when syncing strings larger than 16 bytes
|
|
- MINOR: session: only call http_send_name_header() when changing the server
|
|
- MINOR: tcp: report the erroneous word in tcp-request track*
|
|
- BUG/MAJOR: backend: consistent hash can loop forever in certain circumstances
|
|
- BUG/MEDIUM: log: fix regression on log-format handling
|
|
- MEDIUM: log: report file name, line number, and directive name with log-format errors
|
|
- BUG/MINOR: cli: "clear table" did not work anymore without a key
|
|
- BUG/MINOR: cli: "clear table xx data.xx" does not work anymore
|
|
- BUG/MAJOR: http: compression still has defects on chunked responses
|
|
- BUG/MINOR: stats: fix confirmation links on the stats interface
|
|
- BUG/MINOR: stats: the status bar does not appear anymore after a change
|
|
- BUG/MEDIUM: stats: allocate the stats frontend also on "stats bind-process"
|
|
- BUG/MEDIUM: stats: fix a regression when dealing with POST requests
|
|
- BUG/MINOR: fix unterminated ACL array in compression
|
|
- BUILD: last fix broke non-linux platforms
|
|
- MINOR: init: indicate the SSL runtime version on -vv.
|
|
- BUG/MEDIUM: compression: the deflate algorithm must use global settings as well
|
|
- BUILD: stdbool is not portable (again)
|
|
- DOC: readme: add a small reminder about restrictions to respect in the code
|
|
- MINOR: ebtree: add new eb_next_dup/eb_prev_dup() functions to visit duplicates
|
|
- BUG/MINOR: acl: fix a double free during exit when using PCRE_JIT
|
|
- DOC: fix wrong copy-paste in the rspdel example
|
|
- MINOR: counters: make it easier to extend the amount of tracked counters
|
|
- MEDIUM: counters: add support for tracking a third counter
|
|
- MEDIUM: counters: add a new "gpc0_rate" counter in stick-tables
|
|
- BUG/MAJOR: http: always ensure response buffer has some room for a response
|
|
- MINOR: counters: add fetch/acl sc*_tracked to indicate whether a counter is tracked
|
|
- MINOR: defaults: allow REQURI_LEN and CAPTURE_LEN to be redefined
|
|
- MINOR: log: add a new flag 'L' for locally processed requests
|
|
- MINOR: http: add full-length header fetch methods
|
|
- MEDIUM: protocol: implement a "drain" function in protocol layers
|
|
- MEDIUM: http: add a new "http-response" ruleset
|
|
- MEDIUM: http: add the "set-nice" action to http-request and http-response
|
|
- MEDIUM: log: add a log level override value in struct session
|
|
- MEDIUM: http: add support for action "set-log-level" in http-request/http-response
|
|
- MEDIUM: http: add support for "set-tos" in http-request/http-response
|
|
- MEDIUM: http: add the "set-mark" action on http-request/http-response rules
|
|
- MEDIUM: tcp: add "tcp-request connection expect-proxy layer4"
|
|
- MEDIUM: acl: automatically detect the type of certain fetches
|
|
- MEDIUM: acl: remove a lot of useless ACLs that are equivalent to their fetches
|
|
- MEDIUM: acl: remove 15 additional useless ACLs that are equivalent to their fetches
|
|
- DOC: major reorg of ACL + sample fetch
|
|
- CLEANUP: http: remove the bogus urlp_ip ACL match
|
|
- MINOR: acl: add the new "env()" fetch method to retrieve an environment variable
|
|
- BUG/MINOR: acl: correctly consider boolean fetches when doing casts
|
|
- BUG/CRITICAL: fix a possible crash when using negative header occurrences
|
|
- DOC: update ROADMAP file
|
|
- MEDIUM: counters: use sc0/sc1/sc2 instead of sc1/sc2/sc3
|
|
- MEDIUM: stats: add proxy name filtering on the statistic page
|
|
|
|
2013/04/03 : 1.5-dev18
|
|
- DOCS: Add explanation of intermediate certs to crt paramater
|
|
- DOC: typo and minor fixes in compression paragraph
|
|
- MINOR: config: http-request configuration error message misses new keywords
|
|
- DOC: minor typo fix in documentation
|
|
- BUG/MEDIUM: ssl: ECDHE ciphers not usable without named curve configured.
|
|
- MEDIUM: ssl: add bind-option "strict-sni"
|
|
- MEDIUM: ssl: add mapping from SNI to cert file using "crt-list"
|
|
- MEDIUM: regex: Use PCRE JIT in acl
|
|
- DOC: simplify bind option "interface" explanation
|
|
- DOC: tfo: bump required kernel to linux-3.7
|
|
- BUILD: add explicit support for TFO with USE_TFO
|
|
- MEDIUM: New cli option -Ds for systemd compatibility
|
|
- MEDIUM: add haproxy-systemd-wrapper
|
|
- MEDIUM: add systemd service
|
|
- BUG/MEDIUM: systemd-wrapper: don't leak zombie processes
|
|
- BUG/MEDIUM: remove supplementary groups when changing gid
|
|
- BUG/MEDIUM: config: fix parser crash with bad bind or server address
|
|
- BUG/MINOR: Correct logic in cut_crlf()
|
|
- CLEANUP: checks: Make desc argument to set_server_check_status const
|
|
- CLEANUP: dumpstats: Make cli_release_handler() static
|
|
- MEDIUM: server: Break out set weight processing code
|
|
- MEDIUM: server: Allow relative weights greater than 100%
|
|
- MEDIUM: server: Tighten up parsing of weight string
|
|
- MEDIUM: checks: Add agent health check
|
|
- BUG/MEDIUM: ssl: openssl 0.9.8 doesn't open /dev/random before chroot
|
|
- BUG/MINOR: time: frequency counters are not totally accurate
|
|
- BUG/MINOR: http: don't process abortonclose when request was sent
|
|
- BUG/MEDIUM: stream_interface: don't close outgoing connections on shutw()
|
|
- BUG/MEDIUM: checks: ignore late resets after valid responses
|
|
- DOC: fix bogus recommendation on usage of gpc0 counter
|
|
- BUG/MINOR: http-compression: lookup Cache-Control in the response, not the request
|
|
- MINOR: signal: don't block SIGPROF by default
|
|
- OPTIM: epoll: make use of EPOLLRDHUP
|
|
- OPTIM: splice: detect shutdowns and avoid splice() == 0
|
|
- OPTIM: splice: assume by default that splice is working correctly
|
|
- BUG/MINOR: log: temporary fix for lost SSL info in some situations
|
|
- BUG/MEDIUM: peers: only the last peers section was used by tables
|
|
- BUG/MEDIUM: config: verbosely reject peers sections with multiple local peers
|
|
- BUG/MINOR: epoll: use a fix maxevents argument in epoll_wait()
|
|
- BUG/MINOR: config: fix improper check for failed memory alloc in ACL parser
|
|
- BUG/MINOR: config: free peer's address when exiting upon parsing error
|
|
- BUG/MINOR: config: check the proper variable when parsing log minlvl
|
|
- BUG/MEDIUM: checks: ensure the health_status is always within bounds
|
|
- BUG/MINOR: cli: show sess should always validate s->listener
|
|
- BUG/MINOR: log: improper NULL return check on utoa_pad()
|
|
- CLEANUP: http: remove a useless null check
|
|
- CLEANUP: tcp/unix: remove useless NULL check in {tcp,unix}_bind_listener()
|
|
- BUG/MEDIUM: signal: signal handler does not properly check for signal bounds
|
|
- BUG/MEDIUM: tools: off-by-one in quote_arg()
|
|
- BUG/MEDIUM: uri_auth: missing NULL check and memory leak on memory shortage
|
|
- BUG/MINOR: unix: remove the 'level' field from the ux struct
|
|
- CLEANUP: http: don't try to deinitialize http compression if it fails before init
|
|
- CLEANUP: config: slowstart is never negative
|
|
- CLEANUP: config: maxcompcpuusage is never negative
|
|
- BUG/MEDIUM: log: emit '-' for empty fields again
|
|
- BUG/MEDIUM: checks: fix a race condition between checks and observe layer7
|
|
- BUILD: fix a warning emitted by isblank() on non-c99 compilers
|
|
- BUILD: improve the makefile's support for libpcre
|
|
- MEDIUM: halog: add support for counting per source address (-ic)
|
|
- MEDIUM: tools: make str2sa_range support all address syntaxes
|
|
- MEDIUM: config: make use of str2sa_range() instead of str2sa()
|
|
- MEDIUM: config: use str2sa_range() to parse server addresses
|
|
- MEDIUM: config: use str2sa_range() to parse peers addresses
|
|
- MINOR: tests: add a config file to ease address parsing tests.
|
|
- MINOR: ssl: add a global tunable for the max SSL/TLS record size
|
|
- BUG/MINOR: syscall: fix NR_accept4 system call on sparc/linux
|
|
- BUILD/MINOR: syscall: add definition of NR_accept4 for ARM
|
|
- MINOR: config: report missing peers section name
|
|
- BUG/MEDIUM: tools: fix bad character handling in str2sa_range()
|
|
- BUG/MEDIUM: stats: never apply "unix-bind prefix" to the global stats socket
|
|
- MINOR: tools: prepare str2sa_range() to return an error message
|
|
- BUG/MEDIUM: checks: don't call connect() on unsupported address families
|
|
- MINOR: tools: prepare str2sa_range() to accept a prefix
|
|
- MEDIUM: tools: make str2sa_range() parse unix addresses too
|
|
- MEDIUM: config: make str2listener() use str2sa_range() to parse unix addresses
|
|
- MEDIUM: config: use a single str2sa_range() call to parse bind addresses
|
|
- MEDIUM: config: use str2sa_range() to parse log addresses
|
|
- CLEANUP: tools: remove str2sun() which is not used anymore.
|
|
- MEDIUM: config: add complete support for str2sa_range() in dispatch
|
|
- MEDIUM: config: add complete support for str2sa_range() in server addr
|
|
- MEDIUM: config: add complete support for str2sa_range() in 'server'
|
|
- MEDIUM: config: add complete support for str2sa_range() in 'peer'
|
|
- MEDIUM: config: add complete support for str2sa_range() in 'source' and 'usesrc'
|
|
- CLEANUP: minor cleanup in str2sa_range() and str2ip()
|
|
- CLEANUP: config: do not use multiple errmsg at once
|
|
- MEDIUM: tools: support specifying explicit address families in str2sa_range()
|
|
- MAJOR: listener: support inheriting a listening fd from the parent
|
|
- MAJOR: tools: support environment variables in addresses
|
|
- BUG/MEDIUM: http: add-header should not emit "-" for empty fields
|
|
- BUG/MEDIUM: config: ACL compatibility check on "redirect" was wrong
|
|
- BUG/MEDIUM: http: fix another issue caused by http-send-name-header
|
|
- DOC: mention the new HTTP 307 and 308 redirect statues
|
|
- MEDIUM: poll: do not use FD_* macros anymore
|
|
- BUG/MAJOR: ev_select: disable the select() poller if maxsock > FD_SETSIZE
|
|
- BUG/MINOR: acl: ssl_fc_{alg,use}_keysize must parse integers, not strings
|
|
- BUG/MINOR: acl: ssl_c_used, ssl_fc{,_has_crt,_has_sni} take no pattern
|
|
- BUILD: fix usual isdigit() warning on solaris
|
|
- BUG/MEDIUM: tools: vsnprintf() is not always reliable on Solaris
|
|
- OPTIM: buffer: remove one jump in buffer_count()
|
|
- OPTIM: http: improve branching in chunk size parser
|
|
- OPTIM: http: optimize the response forward state machine
|
|
- BUILD: enable poll() by default in the makefile
|
|
- BUILD: add explicit support for Mac OS/X
|
|
- BUG/MAJOR: http: use a static storage for sample fetch context
|
|
- BUG/MEDIUM: ssl: improve error processing and reporting in ssl_sock_load_cert_list_file()
|
|
- BUG/MAJOR: http: fix regression introduced by commit a890d072
|
|
- BUG/MAJOR: http: fix regression introduced by commit d655ffe
|
|
- BUG/CRITICAL: using HTTP information in tcp-request content may crash the process
|
|
- MEDIUM: acl: remove flag ACL_MAY_LOOKUP which is improperly used
|
|
- MEDIUM: samples: use new flags to describe compatibility between fetches and their usages
|
|
- MINOR: log: indicate it when some unreliable sample fetches are logged
|
|
- MEDIUM: samples: move payload-based fetches and ACLs to their own file
|
|
- MINOR: backend: rename sample fetch functions and declare the sample keywords
|
|
- MINOR: frontend: rename sample fetch functions and declare the sample keywords
|
|
- MINOR: listener: rename sample fetch functions and declare the sample keywords
|
|
- MEDIUM: http: unify acl and sample fetch functions
|
|
- MINOR: session: rename sample fetch functions and declare the sample keywords
|
|
- MAJOR: acl: make all ACLs reference the fetch function via a sample.
|
|
- MAJOR: acl: remove the arg_mask from the ACL definition and use the sample fetch's
|
|
- MAJOR: acl: remove fetch argument validation from the ACL struct
|
|
- MINOR: http: add new direction-explicit sample fetches for headers and cookies
|
|
- MINOR: payload: add new direction-explicit sample fetches
|
|
- CLEANUP: acl: remove ACL hooks which were never used
|
|
- MEDIUM: proxy: remove acl_requires and just keep a flag "http_needed"
|
|
- MINOR: sample: provide a function to report the name of a sample check point
|
|
- MAJOR: acl: convert all ACL requires to SMP use+val instead of ->requires
|
|
- CLEANUP: acl: remove unused references to ACL_USE_*
|
|
- MINOR: http: replace acl_parse_ver with acl_parse_str
|
|
- MEDIUM: acl: move the ->parse, ->match and ->smp fields to acl_expr
|
|
- MAJOR: acl: add option -m to change the pattern matching method
|
|
- MINOR: acl: remove the use_count in acl keywords
|
|
- MEDIUM: acl: have a pointer to the keyword name in acl_expr
|
|
- MEDIUM: acl: support using sample fetches directly in ACLs
|
|
- MEDIUM: http: remove val_usr() to validate user_lists
|
|
- MAJOR: sample: maintain a per-proxy list of the fetch args to resolve
|
|
- MINOR: ssl: add support for the "alpn" bind keyword
|
|
- MINOR: http: status code 303 is HTTP/1.1 only
|
|
- MEDIUM: http: implement redirect 307 and 308
|
|
- MINOR: http: status 301 should not be marked non-cacheable
|
|
|
|
2012/12/28 : 1.5-dev17
|
|
- MINOR: ssl: Setting global tune.ssl.cachesize value to 0 disables SSL session cache.
|
|
- BUG/MEDIUM: stats: fix stats page regression introduced by commit 20b0de5
|
|
- BUG/MINOR: stats: last fix was still wrong
|
|
- BUG/MINOR: stats: http-request rules still don't cope with stats
|
|
- BUG/MINOR: http: http-request add-header emits a corrupted header
|
|
- BUG/MEDIUM: stats: disable request analyser when processing POST or HEAD
|
|
- BUG/MINOR: log: make log-format, unique-id-format and add-header more independant
|
|
- BUILD: log: unused variable svid
|
|
- CLEANUP: http: rename the misleading http_check_access_rule
|
|
- MINOR: http: move redirect rule processing to its own function
|
|
- REORG: config: move the http redirect rule parser to proto_http.c
|
|
- MEDIUM: http: add support for "http-request redirect" rules
|
|
- MEDIUM: http: add support for "http-request tarpit" rule
|
|
|
|
2012/12/24 : 1.5-dev16
|
|
- BUG/MEDIUM: ssl: Prevent ssl error from affecting other connections.
|
|
- BUG/MINOR: ssl: error is not reported if it occurs simultaneously with peer close detection.
|
|
- MINOR: ssl: add fetch and acl "ssl_c_used" to check if current SSL session uses a client certificate.
|
|
- MINOR: contrib: make the iprange tool grep for addresses
|
|
- CLEANUP: polling: gcc doesn't always optimize constants away
|
|
- OPTIM: poll: optimize fd management functions for low register count CPUs
|
|
- CLEANUP: poll: remove a useless double-check on fdtab[fd].owner
|
|
- OPTIM: epoll: use a temp variable for intermediary flag computations
|
|
- OPTIM: epoll: current fd does not count as a new one
|
|
- BUG/MINOR: poll: the I/O handler was called twice for polled I/Os
|
|
- MINOR: http: make resp_ver and status ACLs check for the presence of a response
|
|
- BUG/MEDIUM: stream-interface: fix possible stalls during transfers
|
|
- BUG/MINOR: stream_interface: don't return when the fd is already set
|
|
- BUG/MEDIUM: connection: always update connection flags prior to computing polling
|
|
- CLEANUP: buffer: use buffer_empty() instead of buffer_len()==0
|
|
- BUG/MAJOR: stream_interface: fix occasional data transfer freezes
|
|
- BUG/MEDIUM: stream_interface: fix another case where the reader might not be woken up
|
|
- BUG/MINOR: http: don't abort client connection on premature responses
|
|
- BUILD: no need to clean up when making git-tar
|
|
- MINOR: log: add a tag for amount of bytes uploaded from client to server
|
|
- BUG/MEDIUM: log: fix possible segfault during config parsing
|
|
- MEDIUM: log: change a few log tokens to make them easier to remember
|
|
- BUG/MINOR: log: add_to_logformat_list() used the wrong constants
|
|
- MEDIUM: log-format: make the format parser more robust and more extensible
|
|
- MINOR: sample: support cast from bool to string
|
|
- MINOR: samples: add a function to fetch and convert any sample to a string
|
|
- MINOR: log: add lf_text_len
|
|
- MEDIUM: log: add the ability to include samples in logs
|
|
- REORG: stats: massive code reorg and cleanup
|
|
- REORG: stats: move the HTTP header injection to proto_http
|
|
- REORG: stats: functions are now HTTP/CLI agnostic
|
|
- BUG/MINOR: log: fix regression introduced by commit 8a3f52
|
|
- MINOR: chunks: centralize the trash chunk allocation
|
|
- MEDIUM: stats: use hover boxes instead of title to report details
|
|
- MEDIUM: stats: use multi-line tips to display detailed counters
|
|
- MINOR: tools: simplify the use of the int to ascii macros
|
|
- MINOR: stats: replace STAT_FMT_CSV with STAT_FMT_HTML
|
|
- MINOR: http: prepare to support more http-request actions
|
|
- MINOR: log: make parse_logformat_string() take a const char *
|
|
- MEDIUM: http: add http-request 'add-header' and 'set-header' to build headers
|
|
|
|
2012/12/12 : 1.5-dev15
|
|
- DOC: add a few precisions on compression
|
|
- BUG/MEDIUM: ssl: Fix handshake failure on session resumption with client cert.
|
|
- BUG/MINOR: ssl: One free session in cache remains unused.
|
|
- BUG/MEDIUM: ssl: first outgoing connection would fail with {ca,crt}-ignore-err
|
|
- MEDIUM: ssl: manage shared cache by blocks for huge sessions.
|
|
- MINOR: acl: add fetch for server session rate
|
|
- BUG/MINOR: compression: Content-Type is case insensitive
|
|
- MINOR: compression: disable on multipart or status != 200
|
|
- BUG/MINOR: http: don't report client aborts as server errors
|
|
- MINOR: stats: compute the ratio of compressed response based on 2xx responses
|
|
- MINOR: http: factor out the content-type checks
|
|
- BUG/MAJOR: stats: correctly check for a possible divide error when showing compression ratios
|
|
- BUILD: ssl: OpenSSL 0.9.6 has no renegociation
|
|
- BUG/MINOR: http: disable compression when message has no body
|
|
- MINOR: compression: make the stats a bit more robust
|
|
- BUG/MEDIUM: comp: DEFAULT_MAXZLIBMEM was expressed in bytes and not megabytes
|
|
- MINOR: connection: don't remove failed handshake flags
|
|
- MEDIUM: connection: add an error code in connections
|
|
- MEDIUM: connection: add minimal error reporting in logs for incomplete connections
|
|
- MEDIUM: connection: add error reporting for the PROXY protocol header
|
|
- MEDIUM: connection: add error reporting for the SSL
|
|
- DOC: document the connection error format in logs
|
|
- BUG/MINOR: http: don't log a 503 on client errors while waiting for requests
|
|
- BUILD: stdbool is not portable
|
|
- BUILD: ssl: NAME_MAX is not portable, use MAXPATHLEN instead
|
|
- BUG/MAJOR: raw_sock: must check error code on hangup
|
|
- BUG/MAJOR: polling: do not set speculative events on ERR nor HUP
|
|
- BUG/MEDIUM: session: fix FD leak when transport layer logging is enabled
|
|
- MINOR: stats: add a few more information on session dump
|
|
- BUG/MINOR: tcp: set the ADDR_TO_SET flag on outgoing connections
|
|
- CLEANUP: connection: remove unused server/proxy/task/si_applet declarations
|
|
- BUG/MEDIUM: tcp: process could theorically crash on lack of source ports
|
|
- MINOR: cfgparse: mention "interface" in the list of allowed "source" options
|
|
- MEDIUM: connection: introduce "struct conn_src" for servers and proxies
|
|
- CLEANUP: proto_tcp: use the same code to bind servers and backends
|
|
- CLEANUP: backend: use the same tproxy address selection code for servers and backends
|
|
- BUG/MEDIUM: stick-tables: conversions to strings were broken in dev13
|
|
- MEDIUM: proto_tcp: add support for tracking L7 information
|
|
- MEDIUM: counters: add sc1_trackers/sc2_trackers
|
|
- MINOR: http: add the "base32" pattern fetch function
|
|
- MINOR: http: add the "base32+src" fetch method.
|
|
- CLEANUP: session: use an array for the stick counters
|
|
- BUG/MINOR: proto_tcp: fix parsing of "table" in track-sc1/2
|
|
- BUG/MINOR: proto_tcp: bidirectional fetches not supported anymore in track-sc1/2
|
|
- BUG/MAJOR: connection: always recompute polling status upon I/O
|
|
- BUG/MINOR: connection: remove a few synchronous calls to polling updates
|
|
- MINOR: config: improve error checking on TCP stick-table tracking
|
|
- DOC: add some clarifications to the readme
|
|
|
|
2012/11/26 : 1.5-dev14
|
|
- DOC: fix minor typos
|
|
- BUG/MEDIUM: compression: does not forward trailers
|
|
- MINOR: buffer_dump with ASCII
|
|
- BUG/MEDIUM: checks: mark the check as stopped after a connect error
|
|
- BUG/MEDIUM: checks: ensure we completely disable polling upon success
|
|
- BUG/MINOR: checks: don't mark the FD as closed before transport close
|
|
- MEDIUM: checks: avoid accumulating TIME_WAITs during checks
|
|
- MINOR: cli: report the msg state in full text in "show sess $PTR"
|
|
- CLEANUP: checks: rename some server check flags
|
|
- MAJOR: checks: rework completely bogus state machine
|
|
- BUG/MINOR: checks: slightly clean the state machine up
|
|
- MEDIUM: checks: avoid waking the application up for pure TCP checks
|
|
- MEDIUM: checks: close the socket as soon as we have a response
|
|
- BUG/MAJOR: checks: close FD on all timeouts
|
|
- MINOR: checks: fix recv polling after connect()
|
|
- MEDIUM: connection: provide a common conn_full_close() function
|
|
- BUG/MEDIUM: checks: prevent TIME_WAITs from appearing also on timeouts
|
|
- BUG/MAJOR: peers: the listener's maxaccept was not set and caused loops
|
|
- MINOR: listeners: make the accept loop more robust when maxaccept==0
|
|
- BUG/MEDIUM: acl: correctly resolve all args, not just the first one
|
|
- BUG/MEDIUM: acl: make prue_acl_expr() correctly free ACL expressions upon exit
|
|
- BUG/MINOR: stats: fix inversion of the report of a check in progress
|
|
- MEDIUM: tcp: add explicit support for delayed ACK in connect()
|
|
- BUG/MEDIUM: connection: always disable polling upon error
|
|
- MINOR: connection: abort earlier when errors are detected
|
|
- BUG/MEDIUM: checks: report handshake failures
|
|
- BUG/MEDIUM: connection: local_send_proxy must wait for connection to establish
|
|
- MINOR: tcp: add support for the "v6only" bind option
|
|
- MINOR: stats: also report the computed compression savings in html stats
|
|
- MINOR: stats: report the total number of compressed responses per front/back
|
|
- MINOR: tcp: add support for the "v4v6" bind option
|
|
- DOC: stats: document the comp_rsp stats column
|
|
- BUILD: buffer: fix another isprint() warning on solaris
|
|
- MINOR: cli: add support for the "show sess all" command
|
|
- BUG/MAJOR: cli: show sess <id> may randomly corrupt the back-ref list
|
|
- MINOR: cli: improve output format for show sess $ptr
|
|
|
|
2012/11/22 : 1.5-dev13
|
|
- BUILD: fix build issue without USE_OPENSSL
|
|
- BUILD: fix compilation error with DEBUG_FULL
|
|
- DOC: ssl: remove prefer-server-ciphers documentation
|
|
- DOC: ssl: surround keywords with quotes
|
|
- DOC: fix minor typo on http-send-name-header
|
|
- BUG/MEDIUM: acls using IPv6 subnets patterns incorrectly match IPs
|
|
- BUG/MAJOR: fix a segfault on option http_proxy and url_ip acl
|
|
- MEDIUM: http: accept IPv6 values with (s)hdr_ip acl
|
|
- BUILD: report zlib support in haproxy -vv
|
|
- DOC: compression: add some details and clean up the formatting
|
|
- DOC: Change is_ssl acl to ssl_fc acl in example
|
|
- DOC: make it clear what the HTTP request size is
|
|
- MINOR: ssl: try to load Diffie-Hellman parameters from cert file
|
|
- DOC: ssl: update 'crt' statement on 'bind' about Diffie-Hellman parameters loading
|
|
- MINOR: ssl: add elliptic curve Diffie-Hellman support for ssl key generation
|
|
- DOC: ssl: add 'ecdhe' statement on 'bind'
|
|
- MEDIUM: ssl: add client certificate authentication support
|
|
- DOC: ssl: add 'verify', 'cafile' and 'crlfile' statements on 'bind'
|
|
- MINOR: ssl: add fetch and ACL 'client_crt' to test a client cert is present
|
|
- DOC: ssl: add fetch and ACL 'client_cert'
|
|
- MINOR: ssl: add ignore verify errors options
|
|
- DOC: ssl: add 'ca-ignore-err' and 'crt-ignore-err' statements on 'bind'
|
|
- MINOR: ssl: add fetch and ACL 'ssl_verify_result'
|
|
- DOC: ssl: add fetch and ACL 'ssl_verify_result'
|
|
- MINOR: ssl: add fetches and ACLs to return verify errors
|
|
- DOC: ssl: add fetches and ACLs 'ssl_verify_crterr', 'ssl_verify_caerr', and 'ssl_verify_crterr_depth'
|
|
- MINOR: ssl: disable shared memory and locks on session cache if nbproc == 1
|
|
- MINOR: ssl: add build param USE_PRIVATE_CACHE to build cache without shared memory
|
|
- MINOR: ssl : add statements 'notlsv11' and 'notlsv12' and rename 'notlsv1' to 'notlsv10'.
|
|
- DOC: ssl : add statements 'notlsv11' and 'notlsv12' and rename 'notlsv1' to 'notlsv10'.
|
|
- MEDIUM: config: authorize frontend and listen without bind.
|
|
- MINOR: ssl: add statement 'no-tls-tickets' on bind to disable stateless session resumption
|
|
- DOC: ssl: add 'no-tls-tickets' statement documentation.
|
|
- BUG/MINOR: ssl: Fix CRL check was not enabled when crlfile was specified.
|
|
- BUG/MINOR: build: Fix compilation issue on openssl 0.9.6 due to missing CRL feature.
|
|
- BUG/MINOR: conf: Fix 'maxsslconn' statement error if built without OPENSSL.
|
|
- BUG/MINOR: build: Fix failure with USE_OPENSSL=1 and USE_FUTEX=1 on archs i486 and i686.
|
|
- MINOR: ssl: remove prefer-server-ciphers statement and set it as the default on ssl listeners.
|
|
- BUG/MEDIUM: ssl: subsequent handshakes fail after server configuration changes
|
|
- MINOR: ssl: add 'crt-base' and 'ca-base' global statements.
|
|
- MEDIUM: conf: rename 'nosslv3' and 'notlsvXX' statements 'no-sslv3' and 'no-tlsvXX'.
|
|
- MEDIUM: conf: rename 'cafile' and 'crlfile' statements 'ca-file' and 'crl-file'
|
|
- MINOR: ssl: use bit fields to store ssl options instead of one int each
|
|
- MINOR: ssl: add 'force-sslv3' and 'force-tlsvXX' statements on bind.
|
|
- MINOR: ssl: add 'force-sslv3' and 'force-tlsvXX' statements on server
|
|
- MINOR: ssl: add defines LISTEN_DEFAULT_CIPHERS and CONNECT_DEFAULT_CIPHERS.
|
|
- BUG/MINOR: ssl: Fix issue on server statements 'no-tls*' and 'no-sslv3'
|
|
- MINOR: ssl: move ssl context init for servers from cfgparse.c to ssl_sock.c
|
|
- MEDIUM: ssl: reject ssl server keywords in default-server statement
|
|
- MINOR: ssl: add statement 'no-tls-tickets' on server side.
|
|
- MINOR: ssl: add statements 'verify', 'ca-file' and 'crl-file' on servers.
|
|
- DOC: Fix rename of options cafile and crlfile to ca-file and crl-file.
|
|
- MINOR: sample: manage binary to string type convertion in stick-table and samples.
|
|
- MINOR: acl: add parse and match primitives to use binary type on ACLs
|
|
- MINOR: sample: export 'sample_get_trash_chunk(void)'
|
|
- MINOR: conf: rename all ssl modules fetches using prefix 'ssl_fc' and 'ssl_c'
|
|
- MINOR: ssl: add pattern and ACLs fetches 'ssl_fc_protocol', 'ssl_fc_cipher', 'ssl_fc_use_keysize' and 'ssl_fc_alg_keysize'
|
|
- MINOR: ssl: add pattern fetch 'ssl_fc_session_id'
|
|
- MINOR: ssl: add pattern and ACLs fetches 'ssl_c_version' and 'ssl_f_version'
|
|
- MINOR: ssl: add pattern and ACLs fetches 'ssl_c_s_dn', 'ssl_c_i_dn', 'ssl_f_s_dn' and 'ssl_c_i_dn'
|
|
- MINOR: ssl: add pattern and ACLs 'ssl_c_sig_alg' and 'ssl_f_sig_alg'
|
|
- MINOR: ssl: add pattern and ACLs fetches 'ssl_c_key_alg' and 'ssl_f_key_alg'
|
|
- MINOR: ssl: add pattern and ACLs fetches 'ssl_c_notbefore', 'ssl_c_notafter', 'ssl_f_notbefore' and 'ssl_f_notafter'
|
|
- MINOR: ssl: add 'crt' statement on server.
|
|
- MINOR: ssl: checks the consistency of a private key with the corresponding certificate
|
|
- BUG/MEDIUM: ssl: review polling on reneg.
|
|
- BUG/MEDIUM: ssl: Fix some reneg cases not correctly handled.
|
|
- BUG/MEDIUM: ssl: Fix sometimes reneg fails if requested by server.
|
|
- MINOR: build: allow packagers to specify the ssl cache size
|
|
- MINOR: conf: add warning if ssl is not enabled and a certificate is present on bind.
|
|
- MINOR: ssl: Add tune.ssl.lifetime statement in global.
|
|
- MINOR: compression: Enable compression for IE6 w/SP2, IE7 and IE8
|
|
- BUG: http: revert broken optimisation from 82fe75c1a79dac933391501b9d293bce34513755
|
|
- DOC: duplicate ssl_sni section
|
|
- MEDIUM: HTTP compression (zlib library support)
|
|
- CLEANUP: use struct comp_ctx instead of union
|
|
- BUILD: remove dependency to zlib.h
|
|
- MINOR: compression: memlevel and windowsize
|
|
- MEDIUM: use pool for zlib
|
|
- MINOR: compression: try init in cfgparse.c
|
|
- MINOR: compression: init before deleting headers
|
|
- MEDIUM: compression: limit RAM usage
|
|
- MINOR: compression: tune.comp.maxlevel
|
|
- MINOR: compression: maximum compression rate limit
|
|
- MINOR: log-format: check number of arguments in cfgparse.c
|
|
- BUG/MEDIUM: compression: no Content-Type header but type in configuration
|
|
- BUG/MINOR: compression: deinit zlib only when required
|
|
- MEDIUM: compression: don't compress when no data
|
|
- MEDIUM: compression: use pool for comp_ctx
|
|
- MINOR: compression: rate limit in 'show info'
|
|
- MINOR: compression: report zlib memory usage
|
|
- BUG/MINOR: compression: dynamic level increase
|
|
- DOC: compression: unsupported cases.
|
|
- MINOR: compression: CPU usage limit
|
|
- MEDIUM: http: add "redirect scheme" to ease HTTP to HTTPS redirection
|
|
- BUG/MAJOR: ssl: missing tests in ACL fetch functions
|
|
- MINOR: config: add a function to indent error messages
|
|
- REORG: split "protocols" files into protocol and listener
|
|
- MEDIUM: config: replace ssl_conf by bind_conf
|
|
- CLEANUP: listener: remove unused conf->file and conf->line
|
|
- MEDIUM: listener: add a minimal framework to register "bind" keyword options
|
|
- MEDIUM: config: move the "bind" TCP parameters to proto_tcp
|
|
- MEDIUM: move bind SSL parsing to ssl_sock
|
|
- MINOR: config: improve error reporting for "bind" lines
|
|
- MEDIUM: config: move the common "bind" settings to listener.c
|
|
- MEDIUM: config: move all unix-specific bind keywords to proto_uxst.c
|
|
- MEDIUM: config: enumerate full list of registered "bind" keywords upon error
|
|
- MINOR: listener: add a scope field in the bind keyword lists
|
|
- MINOR: config: pass the file and line to config keyword parsers
|
|
- MINOR: stats: fill the file and line numbers in the stats frontend
|
|
- MINOR: config: set the bind_conf entry on listeners created from a "listen" line.
|
|
- MAJOR: listeners: use dual-linked lists to chain listeners with frontends
|
|
- REORG: listener: move unix perms from the listener to the bind_conf
|
|
- BUG: backend: balance hdr was broken since 1.5-dev11
|
|
- MINOR: standard: make memprintf() support a NULL destination
|
|
- MINOR: config: make str2listener() use memprintf() to report errors.
|
|
- MEDIUM: stats: remove the stats_sock struct from the global struct
|
|
- MINOR: ssl: set the listeners' data layer to ssl during parsing
|
|
- MEDIUM: stats: make use of the standard "bind" parsers to parse global socket
|
|
- DOC: move bind options to their own section
|
|
- DOC: stats: refer to "bind" section for "stats socket" settings
|
|
- DOC: fix index to reference bind and server options
|
|
- BUG: http: do not print garbage on invalid requests in debug mode
|
|
- BUG/MINOR: config: check the proper pointer to report unknown protocol
|
|
- CLEANUP: connection: offer conn_prepare() to set up a connection
|
|
- CLEANUP: config: fix typo inteface => interface
|
|
- BUG: stats: fix regression introduced by commit 4348fad1
|
|
- MINOR: cli: allow to set frontend maxconn to zero
|
|
- BUG/MAJOR: http: chunk parser was broken with buffer changes
|
|
- MEDIUM: monitor: simplify handling of monitor-net and mode health
|
|
- MINOR: connection: add a pointer to the connection owner
|
|
- MEDIUM: connection: make use of the owner instead of container_of
|
|
- BUG/MINOR: ssl: report the L4 connection as established when possible
|
|
- BUG/MEDIUM: proxy: must not try to stop disabled proxies upon reload
|
|
- BUG/MINOR: config: use a copy of the file name in proxy configurations
|
|
- BUG/MEDIUM: listener: don't pause protocols that do not support it
|
|
- MEDIUM: proxy: add the global frontend to the list of normal proxies
|
|
- BUG/MINOR: epoll: correctly disable FD polling in fd_rem()
|
|
- MINOR: signal: really ignore signals configured with no handler
|
|
- MINOR: buffers: add a few functions to write chars, strings and blocks
|
|
- MINOR: raw_sock: always report asynchronous connection errors
|
|
- MEDIUM: raw_sock: improve connection error reporting
|
|
- REORG: connection: rename the data layer the "transport layer"
|
|
- REORG: connection: rename app_cb "data"
|
|
- MINOR: connection: provide a generic data layer wakeup callback
|
|
- MINOR: connection: split conn_prepare() in two functions
|
|
- MINOR: connection: add an init callback to the data_cb struct
|
|
- MEDIUM: session: use a specific data_cb for embryonic sessions
|
|
- MEDIUM: connection: use a generic data-layer init() callback
|
|
- MEDIUM: connection: reorganize connection flags
|
|
- MEDIUM: connection: only call the data->wake callback on activity
|
|
- MEDIUM: connection: make it possible for data->wake to return an error
|
|
- MEDIUM: session: register a data->wake callback to process errors
|
|
- MEDIUM: connection: don't call the data->init callback upon error
|
|
- MEDIUM: connection: it's not the data layer's role to validate the connection
|
|
- MEDIUM: connection: automatically disable polling on error
|
|
- REORG: connection: move the PROXY protocol management to connection.c
|
|
- MEDIUM: connection: add a new local send-proxy transport callback
|
|
- MAJOR: checks: make use of the connection layer to send checks
|
|
- REORG: server: move the check-specific parts into a check subsection
|
|
- MEDIUM: checks: use real buffers to store requests and responses
|
|
- MEDIUM: check: add the ctrl and transport layers in the server check structure
|
|
- MAJOR: checks: completely use the connection transport layer
|
|
- MEDIUM: checks: add the "check-ssl" server option
|
|
- MEDIUM: checks: enable the PROXY protocol with health checks
|
|
- CLEANUP: checks: remove minor warnings for assigned but not used variables
|
|
- MEDIUM: tcp: enable TCP Fast Open on systems which support it
|
|
- BUG: connection: fix regression from commit 9e272bf9
|
|
- CLEANUP: cttproxy: remove a warning on undeclared close()
|
|
- BUG/MAJOR: ensure that hdr_idx is always reserved when L7 fetches are used
|
|
- MEDIUM: listener: add support for linux's accept4() syscall
|
|
- MINOR: halog: sort output by cookie code
|
|
- BUG/MINOR: halog: -ad/-ac report the correct number of output lines
|
|
- BUG/MINOR: halog: fix help message for -ut/-uto
|
|
- MINOR: halog: add a parameter to limit output line count
|
|
- BUILD: accept4: move the socketcall declaration outside of accept4()
|
|
- MINOR: server: add minimal infrastructure to parse keywords
|
|
- MINOR: standard: make indent_msg() support empty messages
|
|
- MEDIUM: server: check for registered keywords when parsing unknown keywords
|
|
- MEDIUM: server: move parsing of keyword "id" to server.c
|
|
- BUG/MEDIUM: config: check-send-proxy was ignored if SSL was not builtin
|
|
- MEDIUM: ssl: move "server" keyword SSL options parsing to ssl_sock.c
|
|
- MEDIUM: log: suffix the frontend's name with '~' when using SSL
|
|
- MEDIUM: connection: always unset the transport layer upon close
|
|
- BUG/MINOR: session: fix some leftover from debug code
|
|
- BUG/MEDIUM: session: enable the conn_session_update() callback
|
|
- MEDIUM: connection: add a flag to hold the transport layer
|
|
- MEDIUM: log: add a new LW_XPRT flag to pin the transport layer
|
|
- MINOR: log: make lf_text use a const char *
|
|
- MEDIUM: log: report SSL ciphers and version in logs using logformat %sslc/%sslv
|
|
- REORG: http: rename msg->buf to msg->chn since it's a channel
|
|
- CLEANUP: http: use 'chn' to name channel variables, not 'buf'
|
|
- CLEANUP: channel: use 'chn' instead of 'buf' as local variable names
|
|
- CLEANUP: tcp: use 'chn' instead of 'buf' or 'b' for channel pointer names
|
|
- CLEANUP: stream_interface: use 'chn' instead of 'b' to name channel pointers
|
|
- CLEANUP: acl: use 'chn' instead of 'b' to name channel pointers
|
|
- MAJOR: channel: replace the struct buffer with a pointer to a buffer
|
|
- OPTIM: channel: reorganize struct members to improve cache efficiency
|
|
- CLEANUP: session: remove term_trace which is not used anymore
|
|
- OPTIM: session: reorder struct session fields
|
|
- OPTIM: connection: pack the struct target
|
|
- DOC: document relations between internal entities
|
|
- MINOR: ssl: add 'ssl_npn' sample/acl to extract TLS/NPN information
|
|
- BUILD: ssl: fix shctx build on older compilers
|
|
- MEDIUM: ssl: add support for the "npn" bind keyword
|
|
- BUG: ssl: fix ssl_sni ACLs to correctly process regular expressions
|
|
- MINOR: chunk: provide string compare functions
|
|
- MINOR: sample: accept fetch keywords without parenthesis
|
|
- MEDIUM: sample: pass an empty list instead of a null for fetch args
|
|
- MINOR: ssl: improve socket behaviour upon handshake abort.
|
|
- BUG/MEDIUM: http: set DONTWAIT on data when switching to tunnel mode
|
|
- MEDIUM: listener: provide a fallback for accept4() when not supported
|
|
- BUG/MAJOR: connection: risk of crash on certain tricky close scenario
|
|
- MEDIUM: cli: allow the stats socket to be bound to a specific set of processes
|
|
- OPTIM: channel: inline channel_forward's fast path
|
|
- OPTIM: http: inline http_parse_chunk_size() and http_skip_chunk_crlf()
|
|
- OPTIM: tools: inline hex2i()
|
|
- CLEANUP: http: rename HTTP_MSG_DATA_CRLF state
|
|
- MINOR: compression: automatically disable compression for older browsers
|
|
- MINOR: compression: optimize memLevel to improve byte rate
|
|
- BUG/MINOR: http: compression should consider all Accept-Encoding header values
|
|
- BUILD: fix coexistence of openssl and zlib
|
|
- MINOR: ssl: add pattern and ACLs fetches 'ssl_c_serial' and 'ssl_f_serial'
|
|
- BUG/MEDIUM: command-line option -D must have precedence over "debug"
|
|
- MINOR: tools: add a clear_addr() function to unset an address
|
|
- BUG/MEDIUM: tcp: transparent bind to the source only when address is set
|
|
- CLEANUP: remove trashlen
|
|
- MAJOR: session: detach the connections from the stream interfaces
|
|
- DOC: update document describing relations between internal entities
|
|
- BUILD: make it possible to specify ZLIB path
|
|
- MINOR: compression: add an offload option to remove the Accept-Encoding header
|
|
- BUG: compression: disable auto-close and enable MSG_MORE during transfer
|
|
- CLEANUP: completely remove trashlen
|
|
- MINOR: chunk: add a function to reset a chunk
|
|
- CLEANUP: replace chunk_printf() with chunk_appendf()
|
|
- MEDIUM: make the trash be a chunk instead of a char *
|
|
- MEDIUM: remove remains of BUFSIZE in HTTP auth and sample conversions
|
|
- MEDIUM: stick-table: allocate the table key of size buffer size
|
|
- BUG/MINOR: stream_interface: don't loop over ->snd_buf()
|
|
- BUG/MINOR: session: ensure that we don't retry connection if some data were sent
|
|
- OPTIM: session: don't process the whole session when only timers need a refresh
|
|
- BUG/MINOR: session: mark the handshake as complete earlier
|
|
- MAJOR: connection: remove the CO_FL_CURR_*_POL flag
|
|
- BUG/MAJOR: always clear the CO_FL_WAIT_* flags after updating polling flags
|
|
- MAJOR: sepoll: make the poller totally event-driven
|
|
- OPTIM: stream_interface: disable reading when CF_READ_DONTWAIT is set
|
|
- BUILD: compression: remove a build warning
|
|
- MEDIUM: fd: don't unset fdtab[].updated upon delete
|
|
- REORG: fd: move the speculative I/O management from ev_sepoll
|
|
- REORG: fd: move the fd state management from ev_sepoll
|
|
- REORG: fd: centralize the processing of speculative events
|
|
- BUG: raw_sock: also consider ENOTCONN in addition to EAGAIN
|
|
- BUILD: stream_interface: remove si_fd() and its references
|
|
- BUILD: compression: enable build in BSD and OSX Makefiles
|
|
- MAJOR: ev_select: make the poller support speculative events
|
|
- MAJOR: ev_poll: make the poller support speculative events
|
|
- MAJOR: ev_kqueue: make the poller support speculative events
|
|
- MAJOR: polling: replace epoll with sepoll and remove sepoll
|
|
- MAJOR: polling: remove unused callbacks from the poller struct
|
|
- MEDIUM: http: refrain from sending "Connection: close" when Upgrade is present
|
|
- CLEANUP: channel: remove any reference of the hijackers
|
|
- CLEANUP: stream_interface: remove the external task type target
|
|
- MAJOR: connection: replace struct target with a pointer to an enum
|
|
- BUG: connection: fix typo in previous commit
|
|
- BUG: polling: don't skip polled events in the spec list
|
|
- MINOR: splice: disable it when the system returns EBADF
|
|
- MINOR: build: allow packagers to specify the default maxzlibmem
|
|
- BUG: halog: fix broken output limitation
|
|
- BUG: proxy: fix server name lookup in get_backend_server()
|
|
- BUG: compression: do not always increment the round counter on allocation failure
|
|
- BUG/MEDIUM: compression: release the zlib pools between keep-alive requests
|
|
- MINOR: global: don't prevent nbproc from being redefined
|
|
- MINOR: config: support process ranges for "bind-process"
|
|
- MEDIUM: global: add support for CPU binding on Linux ("cpu-map")
|
|
- MINOR: ssl: rename and document the tune.ssl.cachesize option
|
|
- DOC: update the PROXY protocol spec to support v2
|
|
- MINOR: standard: add a simple popcount function
|
|
- MEDIUM: adjust the maxaccept per listener depending on the number of processes
|
|
- BUG: compression: properly disable compression when content-type does not match
|
|
- MINOR: cli: report connection status in "show sess xxx"
|
|
- BUG/MAJOR: stream_interface: certain workloads could cause get stuck
|
|
- BUILD: cli: fix build when SSL is enabled
|
|
- MINOR: cli: report the fd state in "show sess xxx"
|
|
- MINOR: cli: report an error message on missing argument to compression rate
|
|
- MINOR: http: add some debugging functions to pretty-print msg state names
|
|
- BUG/MAJOR: stream_interface: read0 not always handled since dev12
|
|
- DOC: documentation on http header capture is wrong
|
|
- MINOR: http: allow the cookie capture size to be changed
|
|
- DOC: http header capture has not been limited in size for a long time
|
|
- DOC: update readme with build methods for BSD
|
|
- BUILD: silence a warning on Solaris about usage of isdigit()
|
|
- MINOR: stats: report HTTP compression stats per frontend and per backend
|
|
- MINOR: log: add '%Tl' to log-format
|
|
- MINOR: samples: update the url_param fetch to match parameters in the path
|
|
|
|
2012/09/10 : 1.5-dev12
|
|
- CONTRIB: halog: sort URLs by avg bytes_read or total bytes_read
|
|
- MEDIUM: ssl: add support for prefer-server-ciphers option
|
|
- MINOR: IPv6 support for transparent proxy
|
|
- MINOR: protocol: add SSL context to listeners if USE_OPENSSL is defined
|
|
- MINOR: server: add SSL context to servers if USE_OPENSSL is defined
|
|
- MEDIUM: connection: add a new handshake flag for SSL (CO_FL_SSL_WAIT_HS).
|
|
- MEDIUM: ssl: add new files ssl_sock.[ch] to provide the SSL data layer
|
|
- MEDIUM: config: add the 'ssl' keyword on 'bind' lines
|
|
- MEDIUM: config: add support for the 'ssl' option on 'server' lines
|
|
- MEDIUM: ssl: protect against client-initiated renegociation
|
|
- BUILD: add optional support for SSL via the USE_OPENSSL flag
|
|
- MEDIUM: ssl: add shared memory session cache implementation.
|
|
- MEDIUM: ssl: replace OpenSSL's session cache with the shared cache
|
|
- MINOR: ssl add global setting tune.sslcachesize to set SSL session cache size.
|
|
- MEDIUM: ssl: add support for SNI and wildcard certificates
|
|
- DOC: Typos cleanup
|
|
- DOC: fix name for "option independant-streams"
|
|
- DOC: specify the default value for maxconn in the context of a proxy
|
|
- BUG/MINOR: to_log erased with unique-id-format
|
|
- LICENSE: add licence exception for OpenSSL
|
|
- BUG/MAJOR: cookie prefix doesn't support cookie-less servers
|
|
- BUILD: add an AIX 5.2 (and later) target.
|
|
- MEDIUM: fd/si: move peeraddr from struct fdinfo to struct connection
|
|
- MINOR: halog: use the more recent dual-mode fgets2 implementation
|
|
- BUG/MEDIUM: ebtree: ebmb_insert() must not call cmp_bits on full-length matches
|
|
- CLEANUP: halog: make clean should also remove .o files
|
|
- OPTIM: halog: make use of memchr() on platforms which provide a fast one
|
|
- OPTIM: halog: improve cold-cache behaviour when loading a file
|
|
- BUG/MINOR: ACL implicit arguments must be created with unresolved flag
|
|
- MINOR: replace acl_fetch_{path,url}* with smp_fetch_*
|
|
- MEDIUM: pattern: add the "base" sample fetch method
|
|
- OPTIM: i386: make use of kernel-mode-linux when available
|
|
- BUG/MINOR: tarpit: fix condition to return the HTTP 500 message
|
|
- BUG/MINOR: polling: some events were not set in various pollers
|
|
- MINOR: http: add the urlp_val ACL match
|
|
- BUG: stktable: tcp_src_to_stktable_key() must return NULL on invalid families
|
|
- MINOR: stats/cli: add plans to support more stick-table actions
|
|
- MEDIUM: stats/cli: add support for "set table key" to enter values
|
|
- REORG/MEDIUM: fd: remove FD_STCLOSE from struct fdtab
|
|
- REORG/MEDIUM: fd: remove checks for FD_STERROR in ev_sepoll
|
|
- REORG/MEDIUM: fd: get rid of FD_STLISTEN
|
|
- REORG/MINOR: connection: move declaration to its own include file
|
|
- REORG/MINOR: checks: put a struct connection into the server
|
|
- MINOR: connection: add flags to the connection struct
|
|
- MAJOR: get rid of fdtab[].state and use connection->flags instead
|
|
- MINOR: fd: add a new I/O handler to fdtab
|
|
- MEDIUM: polling: prepare to call the iocb() function when defined.
|
|
- MEDIUM: checks: make use of fdtab->iocb instead of cb[]
|
|
- MEDIUM: protocols: use the generic I/O callback for accept callbacks
|
|
- MINOR: connection: add a handler for fd-based connections
|
|
- MAJOR: connection: replace direct I/O callbacks with the connection callback
|
|
- MINOR: fd: make fdtab->owner a connection and not a stream_interface anymore
|
|
- MEDIUM: connection: remove the FD_POLL_* flags only once
|
|
- MEDIUM: connection: extract the send_proxy callback from proto_tcp
|
|
- MAJOR: tcp: remove the specific I/O callbacks for TCP connection probes
|
|
- CLEANUP: remove the now unused fdtab direct I/O callbacks
|
|
- MAJOR: remove the stream interface and task management code from sock_*
|
|
- MEDIUM: stream_interface: pass connection instead of fd in sock_ops
|
|
- MEDIUM: stream_interface: centralize the SI_FL_ERR management
|
|
- MAJOR: connection: add a new CO_FL_CONNECTED flag
|
|
- MINOR: rearrange tcp_connect_probe() and fix wrong return codes
|
|
- MAJOR: connection: call data layer handshakes from the handler
|
|
- MEDIUM: fd: remove the EV_FD_COND_* primitives
|
|
- MINOR: sock_raw: move calls to si_data_close upper
|
|
- REORG: connection: replace si_data_close() with conn_data_close()
|
|
- MEDIUM: sock_raw: introduce a read0 callback that is different from shutr
|
|
- MAJOR: stream_int: use a common stream_int_shut*() functions regardless of the data layer
|
|
- MAJOR: fd: replace all EV_FD_* macros with new fd_*_* inline calls
|
|
- MEDIUM: fd: add fd_poll_{recv,send} for use when explicit polling is required
|
|
- MEDIUM: connection: add definitions for dual polling mechanisms
|
|
- MEDIUM: connection: make use of the new polling functions
|
|
- MAJOR: make use of conn_{data|sock}_{poll|stop|want}* in connection handlers
|
|
- MEDIUM: checks: don't use FD_WAIT_* anymore
|
|
- MINOR: fd: get rid of FD_WAIT_*
|
|
- MEDIUM: stream_interface: offer a generic function for connection updates
|
|
- MEDIUM: stream-interface: offer a generic chk_rcv function for connections
|
|
- MEDIUM: stream-interface: add a snd_buf() callback to sock_ops
|
|
- MEDIUM: stream-interface: provide a generic stream_int_chk_snd_conn() function
|
|
- MEDIUM: stream-interface: provide a generic si_conn_send_cb callback
|
|
- MEDIUM: stream-interface: provide a generic stream_sock_read0() function
|
|
- REORG/MAJOR: use "struct channel" instead of "struct buffer"
|
|
- REORG/MAJOR: extract "struct buffer" from "struct channel"
|
|
- MINOR: connection: provide conn_{data|sock}_{read0|shutw} functions
|
|
- REORG: sock_raw: rename the files raw_sock*
|
|
- MAJOR: raw_sock: extract raw_sock_to_buf() from raw_sock_read()
|
|
- MAJOR: raw_sock: temporarily disable splicing
|
|
- MINOR: stream-interface: add an rcv_buf callback to sock_ops
|
|
- REORG: stream-interface: move sock_raw_read() to si_conn_recv_cb()
|
|
- MAJOR: connection: split the send call into connection and stream interface
|
|
- MAJOR: stream-interface: restore splicing mechanism
|
|
- MAJOR: stream-interface: make conn_notify_si() more robust
|
|
- MEDIUM: proxy-proto: don't use buffer flags in conn_si_send_proxy()
|
|
- MAJOR: stream-interface: don't commit polling changes in every callback
|
|
- MAJOR: stream-interface: fix splice not to call chk_snd by itself
|
|
- MEDIUM: stream-interface: don't remove WAIT_DATA when a handshake is in progress
|
|
- CLEANUP: connection: split sock_ops into data_ops, app_cp and si_ops
|
|
- REORG: buffers: split buffers into chunk,buffer,channel
|
|
- MAJOR: channel: remove the BF_OUT_EMPTY flag
|
|
- REORG: buffer: move buffer_flush, b_adv and b_rew to buffer.h
|
|
- MINOR: channel: rename bi_full to channel_full as it checks the whole channel
|
|
- MINOR: buffer: provide a new buffer_full() function
|
|
- MAJOR: channel: stop relying on BF_FULL to take action
|
|
- MAJOR: channel: remove the BF_FULL flag
|
|
- REORG: channel: move buffer_{replace,insert_line}* to buffer.{c,h}
|
|
- CLEANUP: channel: usr CF_/CHN_ prefixes instead of BF_/BUF_
|
|
- CLEANUP: channel: use "channel" instead of "buffer" in function names
|
|
- REORG: connection: move the target pointer from si to connection
|
|
- MAJOR: connection: move the addr field from the stream_interface
|
|
- MEDIUM: stream_interface: remove CAP_SPLTCP/CAP_SPLICE flags
|
|
- MEDIUM: proto_tcp: remove any dependence on stream_interface
|
|
- MINOR: tcp: replace tcp_src_to_stktable_key with addr_to_stktable_key
|
|
- MEDIUM: connection: add an ->init function to data layer
|
|
- MAJOR: session: introduce embryonic sessions
|
|
- MAJOR: connection: make the PROXY decoder a handshake handler
|
|
- CLEANUP: frontend: remove the old proxy protocol decoder
|
|
- MAJOR: connection: rearrange the polling flags.
|
|
- MEDIUM: connection: only call tcp_connect_probe when nothing was attempted yet
|
|
- MEDIUM: connection: complete the polling cleanups
|
|
- MEDIUM: connection: avoid calling handshakes when polling is required
|
|
- MAJOR: stream_interface: continue to update data polling flags during handshakes
|
|
- CLEANUP: fd: remove fdtab->flags
|
|
- CLEANUP: fdtab: flatten the struct and merge the spec struct with the rest
|
|
- CLEANUP: includes: fix includes for a number of users of fd.h
|
|
- MINOR: ssl: disable TCP quick-ack by default on SSL listeners
|
|
- MEDIUM: config: add a "ciphers" keyword to set SSL cipher suites
|
|
- MEDIUM: config: add "nosslv3" and "notlsv1" on bind and server lines
|
|
- BUG: ssl: mark the connection as waiting for an SSL connection during the handshake
|
|
- BUILD: http: rename error_message http_error_message to fix conflicts on RHEL
|
|
- BUILD: ssl: fix shctx build on RHEL with futex
|
|
- BUILD: include sys/socket.h to fix build failure on FreeBSD
|
|
- BUILD: fix build error without SSL (ssl_cert)
|
|
- BUILD: ssl: use MAP_ANON instead of MAP_ANONYMOUS
|
|
- BUG/MEDIUM: workaround an eglibc bug which truncates the pidfiles when nbproc > 1
|
|
- MEDIUM: config: support per-listener backlog and maxconn
|
|
- MINOR: session: do not send an HTTP/500 error on SSL sockets
|
|
- MEDIUM: config: implement maxsslconn in the global section
|
|
- BUG: tcp: close socket fd upon connect error
|
|
- MEDIUM: connection: improve error handling around the data layer
|
|
- MINOR: config: make the tasks "nice" value configurable on "bind" lines.
|
|
- BUILD: shut a gcc warning introduced by commit 269ab31
|
|
- MEDIUM: config: centralize handling of SSL config per bind line
|
|
- BUILD: makefile: report USE_OPENSSL status in build options
|
|
- BUILD: report openssl build settings in haproxy -vv
|
|
- MEDIUM: ssl: add sample fetches for is_ssl, ssl_has_sni, ssl_sni_*
|
|
- DOC: add a special acknowledgement for the stud project
|
|
- DOC: add missing SSL options for servers and listeners
|
|
- BUILD: automatically add -lcrypto for SSL
|
|
- DOC: add some info about openssl build in the README
|
|
|
|
2012/06/04 : 1.5-dev11
|
|
- BUG/MEDIUM: option forwardfor if-none doesn't work with some configurations
|
|
- BUG/MAJOR: trash must always be the size of a buffer
|
|
- DOC: fix minor regex example issue and improve doc on stats
|
|
- MINOR: stream_interface: add a pointer to the listener for TARG_TYPE_CLIENT
|
|
- MEDIUM: protocol: add a pointer to struct sock_ops to the listener struct
|
|
- MINOR: checks: add on-marked-up option
|
|
- MINOR: balance uri: added 'whole' parameter to include query string in hash calculation
|
|
- MEDIUM: stream_interface: remove the si->init
|
|
- MINOR: buffers: add a rewind function
|
|
- BUG/MAJOR: fix regression on content-based hashing and http-send-name-header
|
|
- MAJOR: http: stop using msg->sol outside the parsers
|
|
- CLEANUP: http: make it more obvious that msg->som is always null outside of chunks
|
|
- MEDIUM: http: get rid of msg->som which is not used anymore
|
|
- MEDIUM: http: msg->sov and msg->sol will never wrap
|
|
- BUG/MAJOR: checks: don't call set_server_status_* when no LB algo is set
|
|
- BUG/MINOR: stop connect timeout when connect succeeds
|
|
- REORG: move the send-proxy code to tcp_connect_write()
|
|
- REORG/MINOR: session: detect the TCP monitor checks at the protocol accept
|
|
- MINOR: stream_interface: introduce a new "struct connection" type
|
|
- REORG/MINOR: stream_interface: move si->fd to struct connection
|
|
- REORG/MEDIUM: stream_interface: move applet->state and private to connection
|
|
- MINOR: stream_interface: add a data channel close function
|
|
- MEDIUM: stream_interface: call si_data_close() before releasing the si
|
|
- MINOR: peers: use the socket layer operations from the peer instead of sock_raw
|
|
- BUG/MINOR: checks: expire on timeout.check if smaller than timeout.connect
|
|
- MINOR: add a new function call tracer for debugging purposes
|
|
- BUG/MINOR: perform_http_redirect also needs to rewind the buffer
|
|
- BUG/MAJOR: b_rew() must pass a signed offset to b_ptr()
|
|
- BUG/MEDIUM: register peer sync handler in the proper order
|
|
- BUG/MEDIUM: buffers: fix bi_putchr() to correctly advance the pointer
|
|
- BUG/MINOR: fix option httplog validation with TCP frontends
|
|
- BUG/MINOR: log: don't report logformat errors in backends
|
|
- REORG/MINOR: use dedicated proxy flags for the cookie handling
|
|
- BUG/MINOR: config: do not report twice the incompatibility between cookie and non-http
|
|
- MINOR: http: add support for "httponly" and "secure" cookie attributes
|
|
- BUG/MEDIUM: ensure that unresolved arguments are freed exactly once
|
|
- BUG/MINOR: commit 196729ef used wrong condition resulting in freeing constants
|
|
- MEDIUM: stats: add support for soft stop/soft start in the admin interface
|
|
- MEDIUM: stats: add the ability to kill sessions from the admin interface
|
|
- BUILD: add support for linux kernels >= 2.6.28
|
|
|
|
2012/05/14 : 1.5-dev10
|
|
- BUG/MINOR: stats admin: "Unexpected result" was displayed unconditionally
|
|
- BUG/MAJOR: acl: http_auth_group() must not accept any user from the userlist
|
|
- CLEANUP: auth: make the code build again with DEBUG_AUTH
|
|
- BUG/MEDIUM: config: don't crash at config load time on invalid userlist names
|
|
- REORG: use the name sock_raw instead of stream_sock
|
|
- MINOR: stream_interface: add a client target : TARG_TYPE_CLIENT
|
|
- BUG/MEDIUM: stream_interface: restore get_src/get_dst
|
|
- CLEANUP: sock_raw: remove last references to stream_sock
|
|
- CLEANUP: stream_interface: stop exporting socket layer functions
|
|
- MINOR: stream_interface: add an init callback to sock_ops
|
|
- MEDIUM: stream_interface: derive the socket operations from the target
|
|
- MAJOR: fd: remove the need for the socket layer to recheck the connection
|
|
- MINOR: session: call the socket layer init function when a session establishes
|
|
- MEDIUM: session: add support for tunnel timeouts
|
|
- MINOR: standard: add a new debug macro : fddebug()
|
|
- CLEANUP: fd: remove unused cb->b pointers in the struct fdtab
|
|
- OPTIM: proto_http: don't enable quick-ack on empty buffers
|
|
- OPTIM/MAJOR: ev_sepoll: process spec events after polled events
|
|
- OPTIM/MEDIUM: stream_interface: add a new SI_FL_NOHALF flag
|
|
|
|
2012/05/08 : 1.5-dev9
|
|
- MINOR: Add release callback to si_applet
|
|
- CLEANUP: Fix some minor typos
|
|
- MINOR: Add TO/FROM_SET flags to struct stream_interface
|
|
- CLEANUP: Fix some minor whitespace issues
|
|
- MINOR: stats admin: allow unordered parameters in POST requests
|
|
- CLEANUP: fix typo in findserver() log message
|
|
- MINOR: stats admin: use the backend id instead of its name in the form
|
|
- MINOR: stats admin: reduce memcmp()/strcmp() calls on status codes
|
|
- DOC: cleanup indentation, alignment, columns and chapters
|
|
- DOC: fix some keywords arguments documentation
|
|
- MINOR: cli: display the 4 IP addresses and ports on "show sess XXX"
|
|
- BUG/MAJOR: log: possible segfault with logformat
|
|
- MEDIUM: log: split of log_format generation
|
|
- MEDIUM: log: New format-log flags: %Fi %Fp %Si %Sp %Ts %rt %H %pid
|
|
- MEDIUM: log: Unique ID
|
|
- MINOR: log: log-format: usable without httplog and tcplog
|
|
- BUG/MEDIUM: balance source did not properly hash IPv6 addresses
|
|
- MINOR: contrib/iprange: add a network IP range to mask converter
|
|
- MEDIUM: session: implement the "use-server" directive
|
|
- MEDIUM: log: add a new cookie flag 'U' to report situations where cookie is not used
|
|
- MEDIUM: http: make extract_cookie_value() iterate over cookie values
|
|
- MEDIUM: http: add cookie and scookie ACLs
|
|
- CLEANUP: lb_first: add reference to a paper describing the original idea
|
|
- MEDIUM: stream_sock: add a get_src and get_dst callback and remove SN_FRT_ADDR_SET
|
|
- BUG/MINOR: acl: req_ssl_sni would randomly fail if a session ID is present
|
|
- BUILD: http: make extract_cookie_value() return an int not size_t
|
|
- BUILD: http: stop gcc-4.1.2 from complaining about possibly uninitialized values
|
|
- CLEANUP: http: message parser must ignore HTTP_MSG_ERROR
|
|
- MINOR: standard: add a memprintf() function to build formatted error messages
|
|
- CLEANUP: remove a few warning about unchecked return values in debug code
|
|
- MEDIUM: move message-related flags from transaction to message
|
|
- DOC: add a diagram to explain how circular buffers work
|
|
- MAJOR: buffer rework: replace ->send_max with ->o
|
|
- MAJOR: buffer: replace buf->l with buf->{o+i}
|
|
- MINOR: buffers: provide simple pointer normalization functions
|
|
- MINOR: buffers: remove unused function buffer_contig_data()
|
|
- MAJOR: buffers: replace buf->w with buf->p - buf->o
|
|
- MAJOR: buffers: replace buf->r with buf->p + buf->i
|
|
- MAJOR: http: move buffer->lr to http_msg->next
|
|
- MAJOR: http: change msg->{som,col,sov,eoh} to be relative to buffer origin
|
|
- CLEANUP: http: remove unused http_msg->col
|
|
- MAJOR: http: turn http_msg->eol to a buffer-relative offset
|
|
- MEDIUM: http: add a pointer to the buffer in http_msg
|
|
- MAJOR: http: make http_msg->sol relative to buffer's origin
|
|
- MEDIUM: http: http_send_name_header: remove references to msg and buffer
|
|
- MEDIUM: http: remove buffer arg in a few header manipulation functions
|
|
- MEDIUM: http: remove buffer arg in http_capture_bad_message
|
|
- MEDIUM: http: remove buffer arg in http_msg_analyzer
|
|
- MEDIUM: http: remove buffer arg in http_upgrade_v09_to_v10
|
|
- MEDIUM: http: remove buffer arg in http_buffer_heavy_realign
|
|
- MEDIUM: http: remove buffer arg in chunk parsing functions
|
|
- MINOR: http: remove useless wrapping checks in http_msg_analyzer
|
|
- MEDIUM: buffers: fix unsafe use of buffer_ignore at some places
|
|
- MEDIUM: buffers: add new pointer wrappers and get rid of almost all buffer_wrap_add calls
|
|
- MEDIUM: buffers: implement b_adv() to advance a buffer's pointer
|
|
- MEDIUM: buffers: rename a number of buffer management functions
|
|
- MEDIUM: http: add a prefetch function for ACL pattern fetch
|
|
- MEDIUM: http: make all ACL fetch function use acl_prefetch_http()
|
|
- BUG/MINOR: http_auth: ACLs are volatile, not permanent
|
|
- MEDIUM: http/acl: merge all request and response ACL fetches of headers and cookies
|
|
- MEDIUM: http/acl: make acl_fetch_hdr_{ip,val} rely on acl_fetch_hdr()
|
|
- MEDIUM: add a new typed argument list parsing framework
|
|
- MAJOR: acl: make use of the new argument parsing framework
|
|
- MAJOR: acl: store the ACL argument types in the ACL keyword declaration
|
|
- MEDIUM: acl: acl_find_target() now resolves arguments based on their types
|
|
- MAJOR: acl: make acl_find_targets also resolve proxy names at config time
|
|
- MAJOR: acl: ensure that implicit table and proxies are valid
|
|
- MEDIUM: acl: remove unused tests for missing args when args are mandatory
|
|
- MEDIUM: pattern: replace type pattern_arg with type arg
|
|
- MEDIUM: pattern: get rid of arg_i in all functions making use of arguments
|
|
- MEDIUM: pattern: use the standard arg parser
|
|
- MEDIUM: pattern: add an argument validation callback to pattern descriptors
|
|
- MEDIUM: pattern: report the precise argument parsing error when known.
|
|
- MEDIUM: acl: remove the ACL_TEST_F_NULL_MATCH flag
|
|
- MINOR: pattern: add a new 'sample' type to store fetched data
|
|
- MEDIUM: pattern: add new sample types to replace pattern types
|
|
- MAJOR: acl: make use of the new sample struct and get rid of acl_test
|
|
- MEDIUM: pattern/acl: get rid of temp_pattern in ACLs
|
|
- MEDIUM: acl: get rid of the SET_RES flags
|
|
- MEDIUM: get rid of SMP_F_READ_ONLY and SMP_F_MUST_FREE
|
|
- MINOR: pattern: replace struct pattern with struct sample
|
|
- MEDIUM: pattern: integrate pattern_data into sample and use sample everywhere
|
|
- MEDIUM: pattern: retrieve the sample type in the sample, not in the keyword description
|
|
- MEDIUM: acl/pattern: switch rdp_cookie functions stack up-down
|
|
- MEDIUM: acl: replace acl_expr with args in acl fetch_* functions
|
|
- MINOR: tcp: replace acl_fetch_rdp_cookie with smp_fetch_rdp_cookie
|
|
- MEDIUM: acl/pattern: use the same direction scheme
|
|
- MEDIUM: acl/pattern: start merging common sample fetch functions
|
|
- MEDIUM: pattern: ensure that sample types always cast into other types.
|
|
- MEDIUM: acl/pattern: factor out the src/dst address fetches
|
|
- MEDIUM: acl: implement payload and payload_lv
|
|
- CLEANUP: pattern: ensure that payload and payload_lv always stay in the buffer
|
|
- MINOR: stick_table: centralize the handling of empty keys
|
|
- MINOR: pattern: centralize handling of unstable data in pattern_process()
|
|
- MEDIUM: pattern: use smp_fetch_rdp_cookie instead of the pattern specific version
|
|
- MINOR: acl: set SMP_OPT_ITERATE on fetch functions
|
|
- MINOR: acl: add a val_args field to keywords
|
|
- MINOR: proto_tcp: validate arguments of payload and payload_lv ACLs
|
|
- MEDIUM: http: merge acl and pattern header fetch functions
|
|
- MEDIUM: http: merge ACL and pattern cookie fetches into a single one
|
|
- MEDIUM: acl: report parsing errors to the caller
|
|
- MINOR: arg: improve error reporting on invalid arguments
|
|
- MINOR: acl: report errors encountered when loading patterns from files
|
|
- MEDIUM: acl: extend the pattern parsers to report meaningful errors
|
|
- REORG: use the name "sample" instead of "pattern" to designate extracted data
|
|
- REORG: rename "pattern" files
|
|
- MINOR: acl: add types to ACL patterns
|
|
- MINOR: standard: add an IPv6 parsing function (str62net)
|
|
- MEDIUM: acl: support IPv6 address matching
|
|
- REORG: stream_interface: create a struct sock_ops to hold socket operations
|
|
- REORG/MEDIUM: move protocol->{read,write} to sock_ops
|
|
- REORG/MEDIUM: stream_interface: initialize socket ops from descriptors
|
|
- REORG/MEDIUM: replace stream interface protocol functions by a proto pointer
|
|
- REORG/MEDIUM: move the default accept function from sockstream to protocols.c
|
|
- MEDIUM: proto_tcp: remove src6 and dst6 pattern fetch methods
|
|
- BUG/MINOR: http: error snapshots are wrong if buffer wraps
|
|
- BUG/MINOR: http: ensure that msg->err_pos is always relative to buf->p
|
|
- MEDIUM: http: improve error capture reports
|
|
- MINOR: acl: add the cook_val() match to match a cookie against an integer
|
|
- BUG/MEDIUM: send_proxy: fix initialisation of send_proxy_ofs
|
|
- MEDIUM: memory: add the ability to poison memory at run time
|
|
- BUG/MEDIUM: log: ensure that unique_id is properly initialized
|
|
- MINOR: cfgparse: use a common errmsg pointer for all parsers
|
|
- MEDIUM: cfgparse: make backend_parse_balance() use memprintf to report errors
|
|
- MEDIUM: cfgparse: use the new error reporting framework for remaining cfg_keywords
|
|
- MINOR: http: replace http_message_realign() with buffer_slow_realign()
|
|
|
|
2012/03/26 : 1.5-dev8
|
|
- MINOR: patch for minor typo (ressources/resources)
|
|
- MEDIUM: http: add support for sending the server's name in the outgoing request
|
|
- DOC: mention that default checks are TCP connections
|
|
- BUG/MINOR: fix options forwardfor if-none when an alternative header name is specified
|
|
- CLEANUP: Make check_statuses, analyze_statuses and process_chk static
|
|
- CLEANUP: Fix HCHK spelling errors
|
|
- BUG/MINOR: fix typo in processing of http-send-name-header
|
|
- MEDIUM: log: Use linked lists for loggers
|
|
- BUILD: fix declaration inside a scope block
|
|
- REORG: log: split send_log function
|
|
- MINOR: config: Parse the string of the log-format config keyword
|
|
- MINOR: add ultoa, ulltoa, ltoa, lltoa implementations
|
|
- MINOR: Date and time fonctions that don't use snprintf
|
|
- MEDIUM: log: make http_sess_log use log_format
|
|
- DOC: log-format documentation
|
|
- MEDIUM: log: use log_format for mode tcplog
|
|
- MEDIUM: log-format: backend source address %Bi %Bp
|
|
- BUG/MINOR: log-format: fix %o flag
|
|
- BUG/MEDIUM: bad length in log_format and __send_log
|
|
- MINOR: logformat %st is signed
|
|
- BUILD/MINOR: fix the source URL in the spec file
|
|
- DOC: acl is http_first_req, not http_req_first
|
|
- BUG/MEDIUM: don't trim last spaces from headers consisting only of spaces
|
|
- MINOR: acl: add new matches for header/path/url length
|
|
- BUILD: halog: make halog build on solaris
|
|
- BUG/MINOR: don't use a wrong port when connecting to a server with mapped ports
|
|
- MINOR: remove the client/server side distinction in SI addresses
|
|
- MINOR: halog: add support for matching queued requests
|
|
- DOC: indicate that cookie "prefix" and "indirect" should not be mixed
|
|
- OPTIM/MINOR: move struct sockaddr_storage to the tail of structs
|
|
- OPTIM/MINOR: make it possible to change pipe size (tune.pipesize)
|
|
- BUILD/MINOR: silent a build warning in src/pipe.c (fcntl)
|
|
- OPTIM/MINOR: move the hdr_idx pools out of the proxy struct
|
|
- MEDIUM: tune.http.maxhdr makes it possible to configure the maximum number of HTTP headers
|
|
- BUG/MINOR: fix a segfault when parsing a config with undeclared peers
|
|
- CLEANUP: rename possibly confusing struct field "tracked"
|
|
- BUG/MEDIUM: checks: fix slowstart behaviour when server tracking is in use
|
|
- MINOR: config: tolerate server "cookie" setting in non-HTTP mode
|
|
- MEDIUM: buffers: add some new primitives and rework existing ones
|
|
- BUG: buffers: don't return a negative value on buffer_total_space_res()
|
|
- MINOR: buffers: make buffer_pointer() support negative pointers too
|
|
- CLEANUP: kill buffer_replace() and use an inline instead
|
|
- BUG: tcp: option nolinger does not work on backends
|
|
- CLEANUP: ebtree: remove a few annoying signedness warnings
|
|
- CLEANUP: ebtree: clarify licence and update to 6.0.6
|
|
- CLEANUP: ebtree: remove 4-year old harmless typo in duplicates insertion code
|
|
- CLEANUP: ebtree: remove another typo, a wrong initialization in insertion code
|
|
- BUG: ebtree: ebst_lookup() could return the wrong entry
|
|
- OPTIM: stream_sock: reduce the amount of in-flight spliced data
|
|
- OPTIM: stream_sock: save a failed recv syscall when splice returns EAGAIN
|
|
- MINOR: acl: add support for TLS server name matching using SNI
|
|
- BUG: http: re-enable TCP quick-ack upon incomplete HTTP requests
|
|
- BUG: proto_tcp: don't try to bind to a foreign address if sin_family is unknown
|
|
- MINOR: pattern: export the global temporary pattern
|
|
- CLEANUP: patterns: get rid of pattern_data_setstring()
|
|
- MEDIUM: acl: use temp_pattern to store fetched information in the "method" match
|
|
- MINOR: acl: include pattern.h to make pattern migration more transparent
|
|
- MEDIUM: pattern: change the pattern data integer from unsigned to signed
|
|
- MEDIUM: acl: use temp_pattern to store any integer-type information
|
|
- MEDIUM: acl: use temp_pattern to store any address-type information
|
|
- CLEANUP: acl: integer part of acl_test is not used anymore
|
|
- MEDIUM: acl: use temp_pattern to store any string-type information
|
|
- CLEANUP: acl: remove last data fields from the acl_test struct
|
|
- MEDIUM: http: replace get_ip_from_hdr2() with http_get_hdr()
|
|
- MEDIUM: patterns: the hdr() pattern is now of type string
|
|
- DOC: add minimal documentation on how ACLs work internally
|
|
- DOC: add a coding-style file
|
|
- OPTIM: halog: keep a fast path for the lines-count only
|
|
- CLEANUP: silence a warning when building on sparc
|
|
- BUG: http: tighten the list of allowed characters in a URI
|
|
- MEDIUM: http: block non-ASCII characters in URIs by default
|
|
- DOC: add some documentation from RFC3986 about URI format
|
|
- BUG/MINOR: cli: correctly remove the whole table on "clear table"
|
|
- BUG/MEDIUM: correctly disable servers tracking another disabled servers.
|
|
- BUG/MEDIUM: zero-weight servers must not dequeue requests from the backend
|
|
- MINOR: halog: add some help on the command line
|
|
- BUILD: fix build error on FreeBSD
|
|
- BUG: fix double free in peers config error path
|
|
- MEDIUM: improve config check return codes
|
|
- BUILD: make it possible to look for pcre in the default system paths
|
|
- MINOR: config: emit a warning when 'default_backend' masks servers
|
|
- MINOR: backend: rework the LC definition to support other connection-based algos
|
|
- MEDIUM: backend: add the 'first' balancing algorithm
|
|
- BUG: fix httplog trailing LF
|
|
- MEDIUM: increase chunk-size limit to 2GB-1
|
|
- BUG: queue: fix dequeueing sequence on HTTP keep-alive sessions
|
|
- BUG: http: disable TCP delayed ACKs when forwarding content-length data
|
|
- BUG: checks: fix server maintenance exit sequence
|
|
- BUG/MINOR: stream_sock: don't remove BF_EXPECT_MORE and BF_SEND_DONTWAIT on partial writes
|
|
- DOC: enumerate valid status codes for "observe layer7"
|
|
- MINOR: buffer: switch a number of buffer args to const
|
|
- CLEANUP: silence signedness warning in acl.c
|
|
- BUG: stream_sock: si->release was not called upon shutw()
|
|
- MINOR: log: use "%ts" to log term status only and "%tsc" to log with cookie
|
|
- BUG/CRITICAL: log: fix risk of crash in development snapshot
|
|
- BUG/MAJOR: possible crash when using capture headers on TCP frontends
|
|
- MINOR: config: disable header captures in TCP mode and complain
|
|
|
|
2011/09/10 : 1.5-dev7
|
|
- [BUG] fix binary stick-tables
|
|
- [MINOR] http: *_dom matching header functions now also split on ":"
|
|
- [BUG] checks: fix support of Mysqld >= 5.5 for mysql-check
|
|
- [MINOR] acl: add srv_conn acl to count connections on a specific backend server
|
|
- [MINOR] check: add redis check support
|
|
- [DOC] small fixes to clearly distinguish between keyword and variables
|
|
- [MINOR] halog: add support for termination code matching (-tcn/-TCN)
|
|
- [DOC] Minor spelling fixes and grammatical enhancements
|
|
- [CLEANUP] dumpstats: make symbols static where possible
|
|
- [MINOR] Break out dumping table
|
|
- [MINOR] Break out processing of clear table
|
|
- [MINOR] Allow listing of stick table by key
|
|
- [MINOR] Break out all stick table socat command parsing
|
|
- [MINOR] More flexible clearing of stick table
|
|
- [MINOR] Allow showing and clearing by key of ipv6 stick tables
|
|
- [MINOR] Allow showing and clearing by key of integer stick tables
|
|
- [MINOR] Allow showing and clearing by key of string stick tables
|
|
- [CLEANUP] Remove assigned but unused variables
|
|
- [CLEANUP] peers.h: fix declarations
|
|
- [CLEANUP] session.c: Make functions static where possible
|
|
- [MINOR] Add active connection list to server
|
|
- [MINOR] Allow shutdown of sessions when a server becomes unavailable
|
|
- [MINOR] Add down termination condition
|
|
- [MINOR] Make appsess{,ion}_refresh static
|
|
- [MINOR] Add rdp_cookie pattern fetch function
|
|
- [CLEANUP] Remove unnecessary casts
|
|
- [MINOR] Add non-stick server option
|
|
- [MINOR] Consistently use error in tcp_parse_tcp_req()
|
|
- [MINOR] Consistently free expr on error in cfg_parse_listen()
|
|
- [MINOR] Free rdp_cookie_name on denint()
|
|
- [MINOR] Free tcp rules on denint()
|
|
- [MINOR] Free stick table pool on denint()
|
|
- [MINOR] Free stick rules on denint()
|
|
- [MEDIUM] Fix stick-table replication on soft-restart
|
|
- [MEDIUM] Correct ipmask() logic
|
|
- [MINOR] Correct type in table dump examples
|
|
- [MINOR] Fix build error in stream_int_register_handler()
|
|
- [MINOR] Use DPRINTF in assign_server()
|
|
- [BUG] checks: http-check expect could fail a check on multi-packet responses
|
|
- [DOC] fix minor typo in the "dispatch" doc
|
|
- [BUG] proto_tcp: fix address binding on remote source
|
|
- [MINOR] http: don't report the "haproxy" word on the monitoring response
|
|
- [REORG] http: move HTTP error codes back to proto_http.h
|
|
- [MINOR] http: make the "HTTP 200" status code configurable.
|
|
- [MINOR] http: partially revert the chunking optimization for now
|
|
- [MINOR] stream_sock: always clear BF_EXPECT_MORE upon complete transfer
|
|
- [CLEANUP] stream_sock: remove unneeded FL_TCP and factor out test
|
|
- [MEDIUM] http: add support for "http-no-delay"
|
|
- [OPTIM] http: optimize chunking again in non-interactive mode
|
|
- [OPTIM] stream_sock: avoid fast-forwarding of partial data
|
|
- [OPTIM] stream_sock: don't use splice on too small payloads
|
|
- [MINOR] config: make it possible to specify a cookie even without a server
|
|
- [BUG] stats: support url-encoded forms
|
|
- [MINOR] config: automatically compute a default fullconn value
|
|
- [CLEANUP] config: remove some left-over printf debugging code from previous patch
|
|
- [DOC] add missing entry or stick store-response
|
|
- [MEDIUM] http: add support for 'cookie' and 'set-cookie' patterns
|
|
- [BUG] halog: correctly handle truncated last line
|
|
- [MINOR] halog: make SKIP_CHAR stop on field delimiters
|
|
- [MINOR] halog: add support for HTTP log matching (-H)
|
|
- [MINOR] halog: gain back performance before SKIP_CHAR fix
|
|
- [OPTIM] halog: cache some common fields positions
|
|
- [OPTIM] halog: check once for correct line format and reuse the pointer
|
|
- [OPTIM] halog: remove many 'if' by using a function pointer for the filters
|
|
- [OPTIM] halog: remove support for tab delimiters in input data
|
|
- [BUG] session: risk of crash on out of memory (1.5-dev regression)
|
|
- [MINOR] session: try to emit a 500 response on memory allocation errors
|
|
- [OPTIM] stream_sock: reduce the default number of accepted connections at once
|
|
- [BUG] stream_sock: disable listener when system resources are exhausted
|
|
- [MEDIUM] proxy: add a PAUSED state to listeners and move socket tricks out of proxy.c
|
|
- [BUG] stream_sock: ensure orphan listeners don't accept too many connections
|
|
- [MINOR] listeners: add listen_full() to mark a listener full
|
|
- [MINOR] listeners: add support for queueing resource limited listeners
|
|
- [MEDIUM] listeners: put listeners in queue upon resource shortage
|
|
- [MEDIUM] listeners: queue proxy-bound listeners at the proxy's
|
|
- [MEDIUM] listeners: don't stop proxies when global maxconn is reached
|
|
- [MEDIUM] listeners: don't change listeners states anymore in maintain_proxies
|
|
- [CLEANUP] proxy: rename a few proxy states (PR_STIDLE and PR_STRUN)
|
|
- [MINOR] stats: report a "WAITING" state for sockets waiting for resource
|
|
- [MINOR] proxy: make session rate-limit more accurate
|
|
- [MINOR] sessions: only wake waiting listeners up if rate limit is OK
|
|
- [BUG] proxy: peers must only be stopped once, not upon every call to maintain_proxies
|
|
- [CLEANUP] proxy: merge maintain_proxies() operation inside a single loop
|
|
- [MINOR] task: new function task_schedule() to schedule a wake up
|
|
- [MAJOR] proxy: finally get rid of maintain_proxies()
|
|
- [BUG] proxy: stats frontend and peers were missing many initializers
|
|
- [MEDIUM] listeners: add a global listener management task
|
|
- [MINOR] proxy: make findproxy() return proxies from numeric IDs too
|
|
- [DOC] fix typos, "#" is a sharp, not a dash
|
|
- [MEDIUM] stats: add support for changing frontend's maxconn at runtime
|
|
- [MEDIUM] checks: group health checks methods by values and save option bits
|
|
- [MINOR] session-counters: add the ability to clear the counters
|
|
- [BUG] check: http-check expect + regex would crash in defaults section
|
|
- [MEDIUM] http: make x-forwarded-for addition conditional
|
|
- [REORG] build: move syscall redefinition to specific places
|
|
- [CLEANUP] update the year in the copyright banner
|
|
- [BUG] possible crash in 'show table' on stats socket
|
|
- [BUG] checks: use the correct destination port for sending checks
|
|
- [BUG] backend: risk of picking a wrong port when mapping is used with crossed families
|
|
- [MINOR] make use of set_host_port() and get_host_port() to get rid of family mismatches
|
|
- [DOC] fixed a few "sensible" -> "sensitive" errors
|
|
- [MINOR] make use of addr_to_str() and get_host_port() to replace many inet_ntop()
|
|
- [BUG] http: trailing white spaces must also be trimmed after headers
|
|
- [MINOR] stats: display "<NONE>" instead of the frontend name when unknown
|
|
- [MINOR] http: take a capture of too large requests and responses
|
|
- [MINOR] http: take a capture of truncated responses
|
|
- [MINOR] http: take a capture of bad content-lengths.
|
|
- [DOC] add a few old and uncommitted docs
|
|
- [CLEANUP] cfgparse: fix reported options for the "bind" keyword
|
|
- [MINOR] halog: add -hs/-HS to filter by HTTP status code range
|
|
- [MINOR] halog: support backslash-escaped quotes
|
|
- [CLEANUP] remove dirty left-over of a debugging message
|
|
- [MEDIUM] stats: disable complex socket reservation for stats socket
|
|
- [CLEANUP] remove a useless test in manage_global_listener_queue()
|
|
- [MEDIUM] stats: add the "set maxconn" setting to the command line interface
|
|
- [MEDIUM] add support for global.maxconnrate to limit the per-process conn rate.
|
|
- [MINOR] stats: report the current and max global connection rates
|
|
- [MEDIUM] stats: add the ability to adjust the global maxconnrate
|
|
- [BUG] peers: don't pre-allocate 65000 connections to each peer
|
|
- [MEDIUM] don't limit peers nor stats socket to maxconn nor maxconnrate
|
|
- [BUG] peers: the peer frontend must not emit any log
|
|
- [CLEANUP] proxy: make pause_proxy() perform the required controls and emit the logs
|
|
- [BUG] peers: don't keep a peers section which has a NULL frontend
|
|
- [BUG] peers: ensure the peers are resumed if they were paused
|
|
- [MEDIUM] stats: add the ability to enable/disable/shutdown a frontend at runtime
|
|
- [MEDIUM] session: make session_shutdown() an independant function
|
|
- [MEDIUM] stats: offer the possibility to kill a session from the CLI
|
|
- [CLEANUP] stats: centralize tests for backend/server inputs on the CLI
|
|
- [MEDIUM] stats: offer the possibility to kill sessions by server
|
|
- [MINOR] halog: do not consider byte 0x8A as end of line
|
|
- [MINOR] frontend: ensure debug message length is always initialized
|
|
- [OPTIM] halog: make fgets parse more bytes by blocks
|
|
- [OPTIM] halog: add assembly version of the field lookup code
|
|
- [MEDIUM] poll: add a measurement of idle vs work time
|
|
- [CLEANUP] startup: report only the basename in the usage message
|
|
- [MINOR] startup: add an option to change to a new directory
|
|
- [OPTIM] task: don't scan the run queue if we know it's empty
|
|
- [BUILD] stats: stdint is not present on solaris
|
|
- [DOC] update the README file to reflect new naming rules for patches
|
|
- [MINOR] stats: report the number of requests intercepted by the frontend
|
|
- [DOC] update ROADMAP file
|
|
|
|
2011/04/08 : 1.5-dev6
|
|
- [BUG] stream_sock: use get_addr_len() instead of sizeof() on sockaddr_storage
|
|
- [BUG] TCP source tracking was broken with IPv6 changes
|
|
- [BUG] stick-tables did not work when converting IPv6 to IPv4
|
|
- [CRITICAL] fix risk of crash when dealing with space in response cookies
|
|
|
|
2011/03/29 : 1.5-dev5
|
|
- [BUG] standard: is_addr return value for IPv4 was inverted
|
|
- [MINOR] update comment about IPv6 support for server
|
|
- [MEDIUM] use getaddrinfo to resolve names if gethostbyname fail
|
|
- [DOC] update IPv6 support for bind
|
|
- [DOC] document IPv6 support for server
|
|
- [DOC] fix a minor typo
|
|
- [MEDIUM] IPv6 support for syslog
|
|
- [DOC] document IPv6 support for syslog
|
|
- [MEDIUM] IPv6 support for stick-tables
|
|
- [DOC] document IPv6 support for stick-tables
|
|
- [DOC] update ROADMAP file
|
|
- [BUG] session: src_conn_cur was returning src_conn_cnt instead
|
|
- [MINOR] frontend: add a make_proxy_line function
|
|
- [MEDIUM] stream_sock: add support for sending the proxy protocol header line
|
|
- [MEDIUM] server: add support for the "send-proxy" option
|
|
- [DOC] update the spec on the proxy protocol
|
|
- [BUILD] proto_tcp: fix build issue with CTTPROXY
|
|
- [DOC] update ROADMAP file
|
|
- [MEDIUM] config: rework the IPv4/IPv6 address parser to support host-only addresses
|
|
- [MINOR] cfgparse: better report wrong listening addresses and make use of str2sa_range
|
|
- [BUILD] add the USE_GETADDRINFO build option
|
|
- [TESTS] provide a test case for various address formats
|
|
- [BUG] session: conn_retries was not always initialized
|
|
- [BUG] log: retrieve the target from the session, not the SI
|
|
- [BUG] http: fix possible incorrect forwarded wrapping chunk size (take 2)
|
|
- [MINOR] tools: add two macros MID_RANGE and MAX_RANGE
|
|
- [BUG] http: fix content-length handling on 32-bit platforms
|
|
- [OPTIM] buffers: uninline buffer_forward()
|
|
- [BUG] stream_sock: fix handling for server side PROXY protocol
|
|
- [MINOR] acl: add support for table_cnt and table_avl matches
|
|
- [DOC] update ROADMAP file
|
|
|
|
2011/03/13 : 1.5-dev4
|
|
- [MINOR] cfgparse: Check whether the path given for the stats socket actually fits into the sockaddr_un structure to avoid truncation.
|
|
- [MINOR] unix sockets : inherits the backlog size from the listener
|
|
- [CLEANUP] unix sockets : move create_uxst_socket() in uxst_bind_listener()
|
|
- [DOC] fix a minor typo
|
|
- [DOC] fix ignore-persist documentation
|
|
- [MINOR] add warnings on features not compatible with multi-process mode
|
|
- [BUG] http: fix http-pretend-keepalive and httpclose/tunnel mode
|
|
- [MINOR] stats: add support for several packets in stats admin
|
|
- [BUG] stats: admin commands must check the proxy state
|
|
- [BUG] stats: admin web interface must check the proxy state
|
|
- [MINOR] http: add pattern extraction method to stick on query string parameter
|
|
- [MEDIUM] add internal support for IPv6 server addresses
|
|
- [MINOR] acl: add be_id/srv_id to match backend's and server's id
|
|
- [MINOR] log: add support for passing the forwarded hostname
|
|
- [MINOR] log: ability to override the syslog tag
|
|
- [MINOR] checks: add PostgreSQL health check
|
|
- [DOC] update ROADMAP file
|
|
- [BUILD] pattern: use 'int' instead of 'int32_t'
|
|
- [OPTIM] linux: add support for bypassing libc to force using vsyscalls
|
|
- [BUG] debug: report the correct poller list in verbose mode
|
|
- [BUG] capture: do not capture a cookie if there is no memory left
|
|
- [BUG] appsession: fix possible double free in case of out of memory
|
|
- [CRITICAL] cookies: mixing cookies in indirect mode and appsession can crash the process
|
|
- [BUG] http: correctly update the header list when removing two consecutive headers
|
|
- [BUILD] add the CPU=native and ARCH=32/64 build options
|
|
- [BUILD] add -fno-strict-aliasing to fix warnings with gcc >= 4.4
|
|
- [CLEANUP] hash: move the avalanche hash code globally available
|
|
- [MEDIUM] hash: add support for an 'avalanche' hash-type
|
|
- [DOC] update roadmap file
|
|
- [BUG] http: do not re-enable the PROXY analyser on keep-alive
|
|
- [OPTIM] http: don't send each chunk in a separate packet
|
|
- [DOC] fix minor typos reported recently in the peers section
|
|
- [DOC] fix another typo in the doc
|
|
- [MINOR] stats: report HTTP message state and buffer flags in error dumps
|
|
- [BUG] http chunking: don't report a parsing error on connection errors
|
|
- [BUG] stream_interface: truncate buffers when sending error messages
|
|
- [MINOR] http: support wrapping messages in error captures
|
|
- [MINOR] http: capture incorrectly chunked message bodies
|
|
- [MINOR] stats: add global event ID and count
|
|
- [BUG] http: analyser optimizations broke pipelining
|
|
- [CLEANUP] frontend: only apply TCP-specific settings to TCP/TCP6 sockets
|
|
- [BUG] http: fix incorrect error reporting during data transfers
|
|
- [CRITICAL] session: correctly leave turn-around and queue states on abort
|
|
- [BUG] session: release slot before processing pending connections
|
|
- [MINOR] tcp: add support for dynamic MSS setting
|
|
- [BUG] stick-table: correctly terminate string keys during lookups
|
|
- [BUG] acl: fix handling of empty lines in pattern files
|
|
- [BUG] stick-table: use the private buffer when padding strings
|
|
- [BUG] ebtree: fix ebmb_lookup() with len smaller than the tree's keys
|
|
- [OPTIM] ebtree: ebmb_lookup: reduce stack usage by moving the return code out of the loop
|
|
- [OPTIM] ebtree: inline ebst_lookup_len and ebis_lookup_len
|
|
- [REVERT] undo the stick-table string key lookup fixes
|
|
- [MINOR] http: improve url_param pattern extraction to ignore empty values
|
|
- [BUILD] frontend: shut a warning with TCP_MAXSEG
|
|
- [BUG] http: update the header list's tail when removing the last header
|
|
- [DOC] fix minor typo in the proxy protocol doc
|
|
- [DOC] fix typos (http-request instead of http-check)
|
|
- [BUG] http: use correct ACL pointer when evaluating authentication
|
|
- [BUG] cfgparse: correctly count one socket per port in ranges
|
|
- [BUG] startup: set the rlimits before binding ports, not after.
|
|
- [BUG] acl: srv_id must return no match when the server is NULL
|
|
- [MINOR] acl: add ability to check for internal response-only parameters
|
|
- [MINOR] acl: srv_id is only valid in responses
|
|
- [MINOR] config: warn if response-only conditions are used in "redirect" rules
|
|
- [BUG] acl: fd leak when reading patterns from file
|
|
- [DOC] fix minor typo in "usesrc"
|
|
- [BUG] http: fix possible incorrect forwarded wrapping chunk size
|
|
- [BUG] http: fix computation of message body length after forwarding has started
|
|
- [BUG] http: balance url_param did not work with first parameters on POST
|
|
- [TESTS] update the url_param regression test to test check_post too
|
|
- [DOC] update ROADMAP
|
|
- [DOC] internal: reflect the fact that SI_ST_ASS is transient
|
|
- [BUG] config: don't crash on empty pattern files.
|
|
- [MINOR] stream_interface: make use of an applet descriptor for IO handlers
|
|
- [REORG] stream_interface: move the st0, st1 and private members to the applet
|
|
- [REORG] stream_interface: split the struct members in 3 parts
|
|
- [REORG] session: move client and server address to the stream interface
|
|
- [REORG] tcp: make tcpv4_connect_server() take the target address from the SI
|
|
- [MEDIUM] stream_interface: store the target pointer and type
|
|
- [CLEANUP] stream_interface: remove the applet.handler pointer
|
|
- [MEDIUM] log: take the logged server name from the stream interface
|
|
- [CLEANUP] session: remove data_source from struct session
|
|
- [CLEANUP] stats: make all dump functions only rely on the stream interface
|
|
- [REORG] session: move the data_ctx struct to the stream interface's applet
|
|
- [MINOR] proxy: add PR_O2_DISPATCH to detect dispatch mode
|
|
- [MINOR] cfgparse: only keep one of dispatch, transparent, http_proxy
|
|
- [MINOR] session: add a pointer to the new target into the session
|
|
- [MEDIUM] session: remove s->prev_srv which is not needed anymore
|
|
- [CLEANUP] stream_interface: use inline functions to manipulate targets
|
|
- [MAJOR] session: remove the ->srv pointer from struct session
|
|
- [MEDIUM] stats: split frontend and backend stats
|
|
- [MEDIUM] http: always evaluate http-request rules before stats http-request
|
|
- [REORG] http: move the http-request rules to proto_http
|
|
- [BUG] http: stats were not incremented on http-request deny
|
|
- [MINOR] checks: report it if checks fail due to socket creation error
|
|
|
|
2010/11/11 : 1.5-dev3
|
|
- [DOC] fix http-request documentation
|
|
- [MEDIUM] enable/disable servers from the stats web interface
|
|
- [MEDIUM] stats: add an admin level
|
|
- [DOC] stats: document the "stats admin" statement
|
|
- [MINOR] startup: print the proxy socket which caused an error
|
|
- [CLEANUP] Remove unneeded chars allocation
|
|
- [MINOR] config: detect options not supported due to compilation options
|
|
- [MINOR] Add pattern's fetchs payload and payload_lv
|
|
- [MINOR] frontend: improve accept-proxy header parsing
|
|
- [MINOR] frontend: add tcpv6 support on accept-proxy bind
|
|
- [MEDIUM] Enhance message errors management on binds
|
|
- [MINOR] Manage unix socket source field on logs
|
|
- [MINOR] Manage unix socket source field on session dump on sock stats
|
|
- [MINOR] Support of unix listener sockets for debug and log event messages on frontend.c
|
|
- [MINOR] Add some tests on sockets family for port remapping and mode transparent.
|
|
- [MINOR] Manage socket type unix for some logs
|
|
- [MINOR] Enhance controls of socket's family on acls and pattern fetch
|
|
- [MINOR] Support listener's sockets unix on http logs.
|
|
- [MEDIUM] Add supports of bind on unix sockets.
|
|
- [BUG] stick table purge failure if size less than 255
|
|
- [BUG] stick table entries expire on counters updates/read or show table, even if there is no "expire" parameter
|
|
- [MEDIUM] Implement tcp inspect response rules
|
|
- [DOC] tcp-response content and inspect
|
|
- [MINOR] new acls fetch req_ssl_hello_type and rep_ssl_hello_type
|
|
- [DOC] acls rep_ssl_hello and req_ssl_hello
|
|
- [MEDIUM] Create new protected pattern types CONSTSTRING and CONSTDATA to force memcpy if data from protected areas need to be manipulated.
|
|
- [DOC] new type binary in stick-table
|
|
- [DOC] stick store-response and new patterns payload and payload_lv
|
|
- [MINOR] Manage all types (ip, integer, string, binary) on cli "show table" command
|
|
- [MEDIUM] Create updates tree on stick table to manage sync.
|
|
- [MAJOR] Add new files src/peer.c, include/proto/peers.h and include/types/peers.h for sync stick table management
|
|
- [MEDIUM] Manage peers section parsing and stick table registration on peers.
|
|
- [MEDIUM] Manage soft stop on peers proxy
|
|
- [DOC] add documentation for peers section
|
|
- [MINOR] checks: add support for LDAPv3 health checks
|
|
- [MINOR] add better support to "mysql-check"
|
|
- [BUG] Restore info about available active/backup servers
|
|
- [CONTRIB] Update haproxy.pl
|
|
- [CONTRIB] Update Cacti Tempates
|
|
- [CONTRIB] add templates for Cacti.
|
|
- [BUG] http: don't consider commas as a header delimitor within quotes
|
|
- [MINOR] support a global jobs counter
|
|
- [DOC] add a summary about cookie incompatibilities between specs and browsers
|
|
- [DOC] fix description of cookie "insert" and "indirect" modes
|
|
- [MEDIUM] http: fix space handling in the request cookie parser
|
|
- [MEDIUM] http: fix space handling in the response cookie parser
|
|
- [DOC] fix typo in the queue() definition (backend, not frontend)
|
|
- [BUG] deinit: unbind listeners before freeing them
|
|
- [BUG] stream_interface: only call si->release when both dirs are closed
|
|
- [MEDIUM] buffers: rework the functions to exchange between SI and buffers
|
|
- [DOC] fix typo in the avg_queue() and be_conn() definition (backend, not frontend)
|
|
- [MINOR] halog: add '-tc' to sort by termination codes
|
|
- [MINOR] halog: skip non-traffic logs for -st and -tc
|
|
- [BUG] stream_sock: cleanly disable the listener in case of resource shortage
|
|
- [BUILD] stream_sock: previous fix lacked the #include, causing a warning.
|
|
- [DOC] bind option is "defer-accept", not "defer_accept"
|
|
- [DOC] missing index entry for http-check send-state
|
|
- [DOC] tcp-request inspect-delay is for backends too
|
|
- [BUG] ebtree: string_equal_bits() could return garbage on identical strings
|
|
- [BUG] stream_sock: try to flush any extra pending request data after a POST
|
|
- [BUILD] proto_http: eliminate some build warnings with gcc-2.95
|
|
- [MEDIUM] make it possible to combine http-pretend-keepalived with httpclose
|
|
- [MEDIUM] tcp-request : don't wait for inspect-delay to expire when the buffer is full
|
|
- [MEDIUM] checks: add support for HTTP contents lookup
|
|
- [TESTS] add test-check-expect to test various http-check methods
|
|
- [MINOR] global: add "tune.chksize" to change the default check buffer size
|
|
- [MINOR] cookie: add options "maxidle" and "maxlife"
|
|
- [MEDIUM] cookie: support client cookies with some contents appended to their value
|
|
- [MINOR] http: make some room in the transaction flags to extend cookies
|
|
- [MINOR] cookie: add the expired (E) and old (O) flags for request cookies
|
|
- [MEDIUM] cookie: reassign set-cookie status flags to store more states
|
|
- [MINOR] add encode/decode function for 30-bit integers from/to base64
|
|
- [MEDIUM] cookie: check for maxidle and maxlife for incoming dated cookies
|
|
- [MEDIUM] cookie: set the date in the cookie if needed
|
|
- [DOC] document the cookie maxidle and maxlife parameters
|
|
- [BUG] checks: don't log backend down for all zero-weight servers
|
|
- [MEDIUM] checks: set server state to one state from failure when leaving maintenance
|
|
- [BUG] config: report correct keywords for "observe"
|
|
- [MINOR] checks: ensure that we can inherit binary checks from the defaults section
|
|
- [MINOR] acl: add the http_req_first match
|
|
- [DOC] fix typos about bind-process syntax
|
|
- [BUG] cookie: correctly unset default cookie parameters
|
|
- [MINOR] cookie: add support for the "preserve" option
|
|
- [BUG] ebtree: fix duplicate strings insertion
|
|
- [CONTRIB] halog: report per-url counts, errors and times
|
|
- [CONTRIB] halog: minor speed improvement in timer parser
|
|
- [MINOR] buffers: add a new request analyser flag for PROXY mode
|
|
- [MINOR] listener: add the "accept-proxy" option to the "bind" keyword
|
|
- [MINOR] standard: add read_uint() to parse a delimited unsigned integer
|
|
- [MINOR] standard: change arg type from const char* to char*
|
|
- [MINOR] frontend: add a new analyser to parse a proxied connection
|
|
- [MEDIUM] session: call the frontend_decode_proxy analyser on proxied connections
|
|
- [DOC] add the proxy protocol's specifications
|
|
- [DOC] document the 'accept-proxy' bind option
|
|
- [MINOR] cfgparse: report support of <path> for the 'bind' statements
|
|
- [DOC] add references to unix socket handling
|
|
- [MINOR] move MAXPATHLEN definition to compat.h
|
|
- [MEDIUM] unix sockets: cleanup the error reporting path
|
|
- [BUG] session: don't stop forwarding of data upon last packet
|
|
- [CLEANUP] accept: replace some inappropriate Alert() calls with send_log()
|
|
- [BUILD] peers: shut a printf format warning (key_size is a size_t)
|
|
- [BUG] accept: don't close twice upon error
|
|
- [OPTIM] session: don't recheck analysers when buffer flags have not changed
|
|
- [OPTIM] stream_sock: don't clear FDs that are already cleared
|
|
- [BUG] proto_tcp: potential bug on pattern fetch dst and dport
|
|
|
|
2010/08/28 : 1.5-dev2
|
|
- [MINOR] startup: release unused structs after forking
|
|
- [MINOR] startup: don't wait for nothing when no old pid remains
|
|
- [CLEANUP] reference product branch 1.5
|
|
- [MEDIUM] signals: add support for registering functions and tasks
|
|
- [MEDIUM] signals: support redistribution of signal zero when stopping
|
|
- [BUG] http: don't set auto_close if more data are expected
|
|
|
|
2010/08/25 : 1.5-dev1
|
|
- [BUG] stats: session rate limit gets garbaged in the stats
|
|
- [DOC] mention 'option http-server-close' effect in Tq section
|
|
- [DOC] summarize and highlight persistent connections behaviour
|
|
- [DOC] add configuration samples
|
|
- [BUG] http: dispatch and http_proxy modes were broken for a long time
|
|
- [BUG] http: the transaction must be initialized even in TCP mode
|
|
- [BUG] tcp: dropped connections must be counted as "denied" not "failed"
|
|
- [BUG] consistent hash: balance on all servers, not only 2 !
|
|
- [CONTRIB] halog: report per-server status codes, errors and response times
|
|
- [BUG] http: the transaction must be initialized even in TCP mode (part 2)
|
|
- [BUG] client: always ensure to zero rep->analysers
|
|
- [BUG] session: clear BF_READ_ATTACHED before next I/O
|
|
- [BUG] http: automatically close response if req is aborted
|
|
- [BUG] proxy: connection rate limiting was eating lots of CPU
|
|
- [BUG] http: report correct flags in case of client aborts during body
|
|
- [TESTS] refine non-regression tests and add 4 new tests
|
|
- [BUG] debug: wrong pointer was used to report a status line
|
|
- [BUG] debug: correctly report truncated messages
|
|
- [DOC] document the "dispatch" keyword
|
|
- [BUG] stick_table: fix possible memory leak in case of connection error
|
|
- [CLEANUP] acl: use 'L6' instead of 'L4' in ACL flags relying on contents
|
|
- [MINOR] accept: count the incoming connection earlier
|
|
- [CLEANUP] tcp: move some non tcp-specific layer6 processing out of proto_tcp
|
|
- [CLEANUP] client: move some ACLs away to their respective locations
|
|
- [CLEANUP] rename client -> frontend
|
|
- [MEDIUM] separate protocol-level accept() from the frontend's
|
|
- [MINOR] proxy: add a list to hold future layer 4 rules
|
|
- [MEDIUM] config: parse tcp layer4 rules (tcp-request accept/reject)
|
|
- [MEDIUM] tcp: check for pure layer4 rules immediately after accept()
|
|
- [OPTIM] frontend: tell the compiler that errors are unlikely to occur
|
|
- [MEDIUM] frontend: check for LI_O_TCP_RULES in the listener
|
|
- [MINOR] frontend: only check for monitor-net rules if LI_O_CHK_MONNET is set
|
|
- [CLEANUP] buffer->cto is not used anymore
|
|
- [MEDIUM] session: finish session establishment sequence in with I/O handlers
|
|
- [MEDIUM] session: initialize server-side timeouts after connect()
|
|
- [MEDIUM] backend: initialize the server stream_interface upon connect()
|
|
- [MAJOR] frontend: don't initialize the server-side stream_int anymore
|
|
- [MEDIUM] session: move the conn_retries attribute to the stream interface
|
|
- [MEDIUM] session: don't assign conn_retries upon accept() anymore
|
|
- [MINOR] frontend: rely on the frontend and not the backend for INDEPSTR
|
|
- [MAJOR] frontend: reorder the session initialization upon accept
|
|
- [MINOR] proxy: add an accept() callback for the application layer
|
|
- [MAJOR] frontend: split accept() into frontend_accept() and session_accept()
|
|
- [MEDIUM] stats: rely on the standard session_accept() function
|
|
- [MINOR] buffer: refine the flags that may wake an analyser up.
|
|
- [MINOR] stream_sock: don't dereference a non-existing frontend
|
|
- [MINOR] session: differenciate between accepted connections and received connections
|
|
- [MEDIUM] frontend: count the incoming connection earlier
|
|
- [MINOR] frontend: count denied TCP requests separately
|
|
- [CLEANUP] stick_table: add/clarify some comments
|
|
- [BUILD] memory: add a few missing parenthesis to the pool management macros
|
|
- [MINOR] stick_table: add support for variable-sized data
|
|
- [CLEANUP] stick_table: rename some stksess struct members to avoid confusion
|
|
- [CLEANUP] stick_table: move pattern to key functions to stick_table.c
|
|
- [MEDIUM] stick_table: add room for extra data types
|
|
- [MINOR] stick_table: add support for "conn_cum" data type.
|
|
- [MEDIUM] stick_table: don't overwrite data when storing an entry
|
|
- [MINOR] config: initialize stick tables after all the parsing
|
|
- [MINOR] stick_table: provide functions to return stksess data from a type
|
|
- [MEDIUM] stick_table: move the server ID to a generic data type
|
|
- [MINOR] stick_table: enable it for frontends too
|
|
- [MINOR] stick_table: export the stick_table_key
|
|
- [MINOR] tcp: add per-source connection rate limiting
|
|
- [MEDIUM] stick_table: separate storage and update of session entries
|
|
- [MEDIUM] stick-tables: add a reference counter to each entry
|
|
- [MINOR] session: add a pointer to the tracked counters for the source
|
|
- [CLEANUP] proto_tcp: make the config parser a little bit more flexible
|
|
- [BUG] config: report the correct proxy type in tcp-request errors
|
|
- [MINOR] config: provide a function to quote args in a more friendly way
|
|
- [BUG] stick_table: the fix for the memory leak caused a regression
|
|
- [MEDIUM] backend: support servers on 0.0.0.0
|
|
- [BUG] stick-table: correctly refresh expiration timers
|
|
- [MEDIUM] stream-interface: add a ->release callback
|
|
- [MINOR] proxy: add a "parent" member to the structure
|
|
- [MEDIUM] session: make it possible to call an I/O handler on both SI
|
|
- [MINOR] tools: add a fast div64_32 function
|
|
- [MINOR] freq_ctr: add new types and functions for periods different from 1s
|
|
- [MINOR] errors: provide new status codes for config parsing functions
|
|
- [BUG] http: denied requests must not be counted as denied resps in listeners
|
|
- [MINOR] tools: add a get_std_op() function to parse operators
|
|
- [MEDIUM] acl: make use of get_std_op() to parse intger ranges
|
|
- [MAJOR] stream_sock: better wakeup conditions on read()
|
|
- [BUG] session: analysers must be checked when SI state changes
|
|
- [MINOR] http: reset analysers to listener's, not frontend's
|
|
- [MEDIUM] session: support "tcp-request content" rules in backends
|
|
- [BUILD] always match official tags when doing git-tar
|
|
- [MAJOR] stream_interface: fix the wakeup conditions for embedded iohandlers
|
|
- [MEDIUM] buffer: make buffer_feed* support writing non-contiguous chunks
|
|
- [MINOR] tcp: src_count acl does not have a permanent result
|
|
- [MAJOR] session: add track-counters to track counters related to the session
|
|
- [MINOR] stick-table: provide a table lookup function
|
|
- [MINOR] stick-table: use suffix "_cnt" for cumulated counts
|
|
- [MEDIUM] session: move counter ACL fetches from proto_tcp
|
|
- [MEDIUM] session: add concurrent connections counter
|
|
- [MEDIUM] session: add data in and out volume counters
|
|
- [MINOR] session: add the trk_conn_cnt ACL keyword to track connection counts
|
|
- [MEDIUM] session-counters: automatically update tracked connection count
|
|
- [MINOR] session: add the trk_conn_cur ACL keyword to track concurrent connection
|
|
- [MINOR] session: add trk_kbytes_* ACL keywords to track data size
|
|
- [MEDIUM] session: add a counter on the cumulated number of sessions
|
|
- [MINOR] config: support a comma-separated list of store data types in stick-table
|
|
- [MEDIUM] stick-tables: add support for arguments to data_types
|
|
- [MEDIUM] stick-tables: add stored data argument type checking
|
|
- [MEDIUM] session counters: add conn_rate and sess_rate counters
|
|
- [MEDIUM] session counters: add bytes_in_rate and bytes_out_rate counters
|
|
- [MINOR] stktable: add a stktable_update_key() function
|
|
- [MINOR] session-counters: add a general purpose counter (gpc0)
|
|
- [MEDIUM] session-counters: add HTTP req/err tracking
|
|
- [MEDIUM] stats: add "show table [<name>]" to dump a stick-table
|
|
- [MEDIUM] stats: add "clear table <name> key <value>" to clear table entries
|
|
- [CLEANUP] stick-table: declare stktable_data_types as extern
|
|
- [MEDIUM] stick-table: make use of generic types for stored data
|
|
- [MINOR] stats: correctly report errors on "show table" and "clear table"
|
|
- [MEDIUM] stats: add the ability to dump table entries matching criteria
|
|
- [DOC] configuration: document all the new tracked counters
|
|
- [DOC] stats: document "show table" and "clear table"
|
|
- [MAJOR] session-counters: split FE and BE track counters
|
|
- [MEDIUM] tcp: accept the "track-counters" in "tcp-request content" rules
|
|
- [MEDIUM] session counters: automatically remove expired entries.
|
|
- [MEDIUM] config: replace 'tcp-request <action>' with "tcp-request connection"
|
|
- [MEDIUM] session-counters: make it possible to count connections from frontend
|
|
- [MINOR] session-counters: use "track-sc{1,2}" instead of "track-{fe,be}-counters"
|
|
- [MEDIUM] session-counters: correctly unbind the counters tracked by the backend
|
|
- [CLEANUP] stats: use stksess_kill() to remove table entries
|
|
- [DOC] update the references to session counters and to tcp-request connection
|
|
- [DOC] cleanup: split a few long lines
|
|
- [MEDIUM] http: forward client's close when abortonclose is set
|
|
- [BUG] queue: don't dequeue proxy-global requests on disabled servers
|
|
- [BUG] stats: global stats timeout may be specified before stats socket.
|
|
- [BUG] conf: add tcp-request content rules to the correct list
|
|
|
|
2010/05/23 : 1.5-dev0
|
|
- exact copy of 1.4.6
|
|
|
|
2010/05/16 : 1.4.6
|
|
- [BUILD] ebtree: update to v6.0.1 to remove references to dprintf()
|
|
- [CLEANUP] acl: make use of eb_is_empty() instead of open coding the tree's emptiness test
|
|
- [MINOR] acl: add srv_is_up() to check that a specific server is up or not
|
|
- [DOC] add a few precisions about the use of RDP cookies
|
|
|
|
2010/05/13 : 1.4.5
|
|
- [DOC] report minimum kernel version for tproxy in the Makefile
|
|
- [MINOR] add the "ignore-persist" option to conditionally ignore persistence
|
|
- [DOC] add the "ignore-persist" option to conditionally ignore persistence
|
|
- [DOC] fix ignore-persist/force-persist documentation
|
|
- [BUG] cttproxy: socket fd leakage in check_cttproxy_version
|
|
- [DOC] doc/configuration.txt: fix typos
|
|
- [MINOR] option http-pretend-keepalive is both for FEs and BEs
|
|
- [MINOR] fix possible crash in debug mode with invalid responses
|
|
- [MINOR] halog: add support for statisticts on status codes
|
|
- [OPTIM] halog: use a faster zero test in fgets()
|
|
- [OPTIM] halog: minor speedup by using unlikely()
|
|
- [OPTIM] halog: speed up fgets2-64 by about 10%
|
|
- [DOC] refresh the README file and merge the CONTRIB file into it
|
|
- [MINOR] acl: support loading values from files
|
|
- [MEDIUM] ebtree: upgrade to version 6.0
|
|
- [MINOR] acl trees: add flags and union members to store values in trees
|
|
- [MEDIUM] acl: add ability to insert patterns in trees
|
|
- [MEDIUM] acl: add tree-based lookups of exact strings
|
|
- [MEDIUM] acl: add tree-based lookups of networks
|
|
- [MINOR] acl: ignore empty lines and comments in pattern files
|
|
- [MINOR] stick-tables: add support for "stick on hdr"
|
|
|
|
2010/04/07 : 1.4.4
|
|
- [BUG] appsession should match the whole cookie name
|
|
- [CLEANUP] proxy: move PR_O_SSL3_CHK to options2 to release one flag
|
|
- [MEDIUM] backend: move the transparent proxy address selection to backend
|
|
- [MINOR] add very fast IP parsing functions
|
|
- [MINOR] add new tproxy flags for dynamic source address binding
|
|
- [MEDIUM] add ability to connect to a server from an IP found in a header
|
|
- [BUILD] config: last patch breaks build without CONFIG_HAP_LINUX_TPROXY
|
|
- [MINOR] http: make it possible to pretend keep-alive when doing close
|
|
- [MINOR] config: report "default-server" instead of "(null)" in error messages
|
|
|
|
2010/03/30 : 1.4.3
|
|
- [CLEANUP] stats: remove printf format warning in stats_dump_full_sess_to_buffer()
|
|
- [MEDIUM] session: better fix for connection to servers with closed input
|
|
- [DOC] indicate in the doc how to bind to port ranges
|
|
- [BUG] backend: L7 hashing must not be performed on incomplete requests
|
|
- [TESTS] add a simple program to test connection resets
|
|
- [MINOR] cli: "show errors" should display "backend <NONE>" when backend was not used
|
|
- [MINOR] config: emit warnings when HTTP-only options are used in TCP mode
|
|
- [MINOR] config: allow "slowstart 0s"
|
|
- [BUILD] 'make tags' did not consider files ending in '.c'
|
|
- [MINOR] checks: add the ability to disable a server in the config
|
|
|
|
2010/03/17 : 1.4.2
|
|
- [CLEANUP] product branch update
|
|
- [DOC] Some more documentation cleanups
|
|
- [BUG] clf logs segfault when capturing a non existant header
|
|
- [OPTIM] config: only allocate check buffer when checks are enabled
|
|
- [MEDIUM] checks: support multi-packet health check responses
|
|
- [CLEANUP] session: remove duplicate test
|
|
- [BUG] http: don't wait for response data to leave buffer is client has left
|
|
- [MINOR] proto_uxst: set accept_date upon accept() to the wall clock time
|
|
- [MINOR] stats: don't send empty lines in "show errors"
|
|
- [MINOR] stats: make the data dump function reusable for other purposes
|
|
- [MINOR] stats socket: add show sess <id> to dump details about a session
|
|
- [BUG] stats: connection reset counters must be plain ascii, not HTML
|
|
- [BUG] url_param hash may return a down server
|
|
- [MINOR] force null-termination of hostname
|
|
- [MEDIUM] connect to servers even when the input has already been closed
|
|
- [BUG] don't merge anonymous ACLs !
|
|
- [BUG] config: fix endless loop when parsing "on-error"
|
|
- [MINOR] http: don't mark a server as failed when it returns 501/505
|
|
- [OPTIM] checks: try to detect the end of response without polling again
|
|
- [BUG] checks: don't report an error when recv() returns an error after data
|
|
- [BUG] checks: don't abort when second poll returns an error
|
|
- [MINOR] checks: make shutdown() silently fail
|
|
- [BUG] http: fix truncated responses on chunk encoding when size divides buffer size
|
|
- [BUG] init: unconditionally catch SIGPIPE
|
|
- [BUG] checks: don't wait for a close to start parsing the response
|
|
|
|
2010/03/04 : 1.4.1
|
|
- [BUG] Clear-cookie path issue
|
|
- [DOC] fix typo on stickiness rules
|
|
- [BUILD] fix BSD and OSX makefiles for missing files
|
|
- [BUILD] includes order breaks OpenBSD build
|
|
- [BUILD] fix some build warnings on Solaris with is* macros
|
|
- [BUG] logs: don't report "last data" when we have just closed after an error
|
|
- [BUG] logs: don't report "proxy request" when server closes early
|
|
- [BUILD] fix platform-dependant build issues related to crypt()
|
|
- [STATS] count transfer aborts caused by client and by server
|
|
- [STATS] frontend requests were not accounted for failed requests
|
|
- [MINOR] report total number of processed connections when stopping a proxy
|
|
- [DOC] be more clear about the limitation to one single monitor-net entry
|
|
|
|
2010/02/26 : 1.4.0
|
|
- [MINOR] stats: report maint state for tracking servers too
|
|
- [DOC] fix summary to add pattern extraction
|
|
- [DOC] Documentation cleanups
|
|
- [BUG] cfgparse memory leak and missing free calls in deinit()
|
|
- [BUG] pxid/puid/luid: don't shift IDs when some of them are forced
|
|
- [EXAMPLES] add auth.cfg
|
|
- [BUG] uri_auth: ST_SHLGNDS should be 0x00000008 not 0x0000008
|
|
- [BUG] uri_auth: do not attemp to convert uri_auth -> http-request more than once
|
|
- [BUILD] auth: don't use unnamed unions
|
|
- [BUG] config: report unresolvable host names as errors
|
|
- [BUILD] fix build breakage with DEBUG_FULL
|
|
- [DOC] fix a typo about timeout check and clarify the explanation.
|
|
- [MEDIUM] http: don't use trash to realign large buffers
|
|
- [STATS] report HTTP requests (total and rate) in frontends
|
|
- [STATS] separate frontend and backend HTTP stats
|
|
- [MEDIUM] http: revert to use a swap buffer for realignment
|
|
- [MINOR] stats: report the request rate in frontends as cell titles
|
|
- [MINOR] stats: mark areas with an underline when tooltips are available
|
|
- [DOC] reorder some entries to maintain the alphabetical order
|
|
- [DOC] cleanup of the keyword matrix
|
|
|
|
2010/02/02 : 1.4-rc1
|
|
- [MEDIUM] add a maintenance mode to servers
|
|
- [MINOR] http-auth: last fix was wrong
|
|
- [CONTRIB] add base64rev-gen.c that was used to generate the base64rev table.
|
|
- [MINOR] Base64 decode
|
|
- [MINOR] generic auth support with groups and encrypted passwords
|
|
- [MINOR] add ACL_TEST_F_NULL_MATCH
|
|
- [MINOR] http-request: allow/deny/auth support for frontend/backend/listen
|
|
- [MINOR] acl: add http_auth and http_auth_group
|
|
- [MAJOR] use the new auth framework for http stats
|
|
- [DOC] add info about userlists, http-request and http_auth/http_auth_group acls
|
|
- [STATS] make it possible to change a CLI connection timeout
|
|
- [BUG] patterns: copy-paste typo in type conversion arguments
|
|
- [MINOR] pattern: make the converter more flexible by supporting void* and int args
|
|
- [MINOR] standard: str2mask: string to netmask converter
|
|
- [MINOR] pattern: add support for argument parsers for converters
|
|
- [MINOR] pattern: add the "ipmask()" converting function
|
|
- [MINOR] config: off-by-one in "stick-table" after list of converters
|
|
- [CLEANUP] acl, patterns: make use of my_strndup() instead of malloc+memcpy
|
|
- [BUG] restore accidentely removed line in last patch !
|
|
- [MINOR] checks: make the HTTP check code add the CRLF itself
|
|
- [MINOR] checks: add the server's status in the checks
|
|
- [BUILD] halog: make without arch-specific optimizations
|
|
- [BUG] halog: fix segfault in case of empty log in PCT mode (cherry picked from commit fe362fe4762151d209b9656639ee1651bc2b329d)
|
|
- [MINOR] http: disable keep-alive when process is going down
|
|
- [MINOR] acl: add build_acl_cond() to make it easier to add ACLs in config
|
|
- [CLEANUP] config: use build_acl_cond() instead of parse_acl_cond()
|
|
- [CLEANUP] config: use warnif_cond_requires_resp() to check for bad ACLs
|
|
- [MINOR] prepare req_*/rsp_* to receive a condition
|
|
- [CLEANUP] config: specify correct const char types to warnif_* functions
|
|
- [MEDIUM] config: factor out the parsing of 20 req*/rsp* keywords
|
|
- [MEDIUM] http: make the request filter loop check for optional conditions
|
|
- [MEDIUM] http: add support for conditional request filter execution
|
|
- [DOC] add some build info about the AIX platform (cherry picked from commit e41914c77edbc40aebf827b37542d37d758e371e)
|
|
- [MEDIUM] http: add support for conditional request header addition
|
|
- [MEDIUM] http: add support for conditional response header rewriting
|
|
- [DOC] add some missing ACLs about response header matching
|
|
- [MEDIUM] http: add support for proxy authentication
|
|
- [MINOR] http-auth: make the 'unless' keyword work as expected
|
|
- [CLEANUP] config: use build_acl_cond() to simplify http-request ACL parsing
|
|
- [MEDIUM] add support for anonymous ACLs
|
|
- [MEDIUM] http: switch to tunnel mode after status 101 responses
|
|
- [MEDIUM] http: stricter processing of the CONNECT method
|
|
- [BUG] config: reset check request to avoid double free when switching to ssl/sql
|
|
- [MINOR] config: fix too large ssl-hello-check message.
|
|
- [BUG] fix error response in case of server error
|
|
|
|
2010/01/25 : 1.4-dev8
|
|
- [CLEANUP] Keep in sync "defaults" support between documentation and code
|
|
- [MEDIUM] http: add support for Proxy-Connection header
|
|
- [CRITICAL] buffers: buffer_insert_line2 must not change the ->w entry
|
|
- [MINOR] http: remove a copy-paste typo in transaction cleaning
|
|
- [BUG] http: trim any excess buffer data when recycling a connection
|
|
|
|
2010/01/25 : 1.4-dev7
|
|
- [BUG] appsession: possible memory leak in case of out of memory condition
|
|
- [MINOR] config: don't accept 'appsession' in defaults section
|
|
- [MINOR] Add function to parse a size in configuration
|
|
- [MEDIUM] Add stick table (persistence) management functions and types
|
|
- [MEDIUM] Add pattern fetch management types and functions
|
|
- [MEDIUM] Add src dst and dport pattern fetches.
|
|
- [MEDIUM] Add stick table configuration and init.
|
|
- [MEDIUM] Add stick and store rules analysers.
|
|
- [MINOR] add option "mysql-check" to use MySQL health checks
|
|
- [BUG] health checks: fix requeued message
|
|
- [OPTIM] remove SSP_O_VIA and SSP_O_STATUS
|
|
- [BUG] checks: fix newline termination
|
|
- [MINOR] acl: add fe_id/so_id to match frontend's and socket's id
|
|
- [BUG] appsession's sessid must be reset at end of transaction
|
|
- [BUILD] appsession did not build anymore under gcc-2.95
|
|
- [BUG] server redirection used an uninitialized string.
|
|
- [MEDIUM] http: fix handling of message pointers
|
|
- [MINOR] http: fix double slash prefix with server redirect
|
|
- [MINOR] http redirect: add the ability to append a '/' to the URL
|
|
- [BUG] stream_interface: fix retnclose and remove cond_close
|
|
- [MINOR] http redirect: don't explicitly state keep-alive on 1.1
|
|
- [MINOR] http: move appsession 'sessid' from session to http_txn
|
|
- [OPTIM] reorder http_txn to optimize cache lines placement
|
|
- [MINOR] http: differentiate waiting for new request and waiting for a complete requst
|
|
- [MINOR] http: add a separate "http-keep-alive" timeout
|
|
- [MINOR] config: remove undocumented and buggy 'timeout appsession'
|
|
- [DOC] fix various too large lines
|
|
- [DOC] remove several trailing spaces
|
|
- [DOC] add the doc about stickiness
|
|
- [BUILD] remove a warning in standard.h on AIX
|
|
- [BUG] checks: chars are unsigned on AIX, check was always true
|
|
- [CLEANUP] stream_sock: MSG_NOSIGNAL is only for send(), not recv()
|
|
- [BUG] check: we must not check for error before reading a response
|
|
- [BUG] buffers: remove remains of wrong obsolete length check
|
|
- [OPTIM] stream_sock: don't shutdown(write) when the socket is in error
|
|
- [BUG] http: don't count req errors on client resets or t/o during keep-alive
|
|
- [MEDIUM] http: don't switch to tunnel mode upon close
|
|
- [DOC] add documentation about connection header processing
|
|
- [MINOR] http: add http_remove_header2() to remove a header value.
|
|
- [MINOR] tools: add a "word_match()" function to match words and ignore spaces
|
|
- [MAJOR] http: rework request Connection header handling
|
|
- [MAJOR] http: rework response Connection header handling
|
|
- [MINOR] add the ability to force kernel socket buffer size.
|
|
- [BUG] http_server_error() must not purge a previous pending response
|
|
- [OPTIM] http: don't delay response if next request is incomplete
|
|
- [MINOR] add the "force-persist" statement to force persistence on down servers
|
|
- [MINOR] http: logs must report persistent connections to down servers
|
|
- [BUG] buffer_replace2 must never change the ->w entry
|
|
|
|
2010/01/08 : 1.4-dev6
|
|
- [BUILD] warning in stream_interface.h
|
|
- [BUILD] warning ultoa_r returns char *
|
|
- [MINOR] hana: only report stats if it is enabled
|
|
- [MINOR] stats: add "a link" & "a href" for sockets
|
|
- [MINOR]: stats: add show-legends to report additional informations
|
|
- [MEDIUM] default-server support
|
|
- [BUG]: add 'observer', 'on-error', 'error-limit' to supported options list
|
|
- [MINOR] stats: add href to tracked server
|
|
- [BUG] stats: show UP/DOWN status also in tracking servers
|
|
- [DOC] Restore ability to search a keyword at the beginning of a line
|
|
- [BUG] stats: cookie should be reported under backend not under proxy
|
|
- [BUG] cfgparser/stats: fix error message
|
|
- [BUG] http: disable auto-closing during chunk analysis
|
|
- [BUG] http: fix hopefully last closing issue on data forwarding
|
|
- [DEBUG] add an http_silent_debug function to debug HTTP states
|
|
- [MAJOR] http: fix again the forward analysers
|
|
- [BUG] http_process_res_common() must not skip the forward analyser
|
|
- [BUG] http: some possible missed close remain in the forward chain
|
|
- [BUG] http: redirect needed to be updated after recent changes
|
|
- [BUG] http: don't set no-linger on response in case of forced close
|
|
- [MEDIUM] http: restore the original behaviour of option httpclose
|
|
- [TESTS] add a file to test various connection modes
|
|
- [BUG] http: check options before the connection header
|
|
- [MAJOR] session: fix the order by which the analysers are run
|
|
- [MEDIUM] session: also consider request analysers added during response
|
|
- [MEDIUM] http: make safer use of the DONT_READ and AUTO_CLOSE flags
|
|
- [BUG] http: memory leak with captures when using keep-alive
|
|
- [BUG] http: fix for capture memory leak was incorrect
|
|
- [MINOR] http redirect: use proper call to return last response
|
|
- [MEDIUM] http: wait for some flush of the response buffer before a new request
|
|
- [MEDIUM] session: limit the number of analyser loops
|
|
|
|
2010/01/03 : 1.4-dev5
|
|
- [MINOR] server tracking: don't care about the tracked server's mode
|
|
- [MEDIUM] appsession: add "len", "prefix" and "mode" options
|
|
- [MEDIUM] appsession: add the "request-learn" option
|
|
- [BUG] Configuration parser bug when escaping characters
|
|
- [MINOR] CSS & HTML fun
|
|
- [MINOR] Collect & provide http response codes received from servers
|
|
- [BUG] Fix silly typo: hspr_other -> hrsp_other
|
|
- [MINOR] Add "a name" to stats page
|
|
- [MINOR] add additional "a href"s to stats page
|
|
- [MINOR] Collect & provide http response codes for frontends, fix backends
|
|
- [DOC] some small spell fixes and unifications
|
|
- [MEDIUM] Decrease server health based on http responses / events, version 3
|
|
- [BUG] format '%d' expects type 'int', but argument 5 has type 'long int'
|
|
- [BUG] config: fix erroneous check on cookie domain names, again
|
|
- [BUG] Healthchecks: get a proper error code if connection cannot be completed immediately
|
|
- [DOC] trivial fix for man page
|
|
- [MINOR] config: report all supported options for the "bind" keyword
|
|
- [MINOR] tcp: add support for the defer_accept bind option
|
|
- [MINOR] unix socket: report the socket path in case of bind error
|
|
- [CONTRIB] halog: support searching by response time
|
|
- [DOC] add a reminder about obsolete documents
|
|
- [DOC] point to 1.4 doc, not 1.3
|
|
- [DOC] option tcp-smart-connect was missing from index
|
|
- [MINOR] http: detect connection: close earlier
|
|
- [CLEANUP] sepoll: clean up the fd_clr/fd_set functions
|
|
- [OPTIM] move some rarely used fields out of fdtab
|
|
- [MEDIUM] fd: merge fd_list into fdtab
|
|
- [MAJOR] buffer: flag BF_DONT_READ to disable reads when not required
|
|
- [MINOR] http: add new transaction flags for keep-alive and content-length
|
|
- [MEDIUM] http request: parse connection, content-length and transfer-encoding
|
|
- [MINOR] http request: update the TX_SRV_CONN_KA flag on rewrite
|
|
- [MINOR] http request: simplify the test of no-data
|
|
- [MEDIUM] http request: simplify POST length detection
|
|
- [MEDIUM] http request: make use of pre-parsed transfer-encoding header
|
|
- [MAJOR] http: create the analyser which waits for a response
|
|
- [MINOR] http: pre-set the persistent flags in the transaction
|
|
- [MEDIUM] http response: check body length and set transaction flags
|
|
- [MINOR] http response: update the TX_CLI_CONN_KA flag on rewrite
|
|
- [MINOR] http: remove the last call to stream_int_return
|
|
- [IMPORT] import ebtree v5.0 into directory ebtree/
|
|
- [MEDIUM] build: switch ebtree users to use new ebtree version
|
|
- [CLEANUP] ebtree: remove old unused files
|
|
- [BUG] definitely fix regparm issues between haproxy core and ebtree
|
|
- [CLEANUP] ebtree: cast to char * to get rid of gcc warning
|
|
- [BUILD] missing #ifndef in ebmbtree.h
|
|
- [BUILD] missing #ifndef in ebsttree.h
|
|
- [MINOR] tools: add hex2i() function to convert hex char to int
|
|
- [MINOR] http: create new MSG_BODY sub-states
|
|
- [BUG] stream_sock: BUF_INFINITE_FORWARD broke splice on 64-bit platforms
|
|
- [DOC] option is "defer-accept", not "defer_accept"
|
|
- [MINOR] http: keep pointer to beginning of data
|
|
- [BUG] x-original-to: name was not set in default instance
|
|
- [MINOR] http: detect tunnel mode and set it in the session
|
|
- [BUG] config: fix error message when config file is not found
|
|
- [BUG] config: fix wrong handling of too large argument count
|
|
- [BUG] config: disable 'option httplog' on TCP proxies
|
|
- [BUG] config: fix erroneous check on cookie domain names
|
|
- [BUG] config: cookie domain was ignored in defaults sections
|
|
- [MINOR] config: support passing multiple "domain" statements to cookies
|
|
- [MINOR] ebtree: add functions to lookup non-null terminated strings
|
|
- [MINOR] config: don't report error on all subsequent files on failure
|
|
- [BUG] second fix for the printf format warning
|
|
- [BUG] check_post: limit analysis to the buffer length
|
|
- [MEDIUM] http: process request body in a specific analyser
|
|
- [MEDIUM] backend: remove HTTP POST parsing from get_server_ph_post()
|
|
- [MAJOR] http: completely process the "connection" header
|
|
- [MINOR] http: only consider chunk encoding with HTTP/1.1
|
|
- [MAJOR] buffers: automatically compute the maximum buffer length
|
|
- [MINOR] http: move the http transaction init/cleanup code to proto_http
|
|
- [MINOR] http: move 1xx handling earlier to eliminate a lot of ifs
|
|
- [MINOR] http: introduce a new synchronisation state : HTTP_MSG_DONE
|
|
- [MEDIUM] http: rework chunk-size parser
|
|
- [MEDIUM] http: add a new transaction flags indicating if we know the transfer length
|
|
- [MINOR] buffers: add buffer_ignore() to skip some bytes
|
|
- [BUG] http: offsets are relative to the buffer, not to ->som
|
|
- [MEDIUM] http: automatically re-aling request buffer
|
|
- [BUG] http: body parsing must consider the start of message
|
|
- [MINOR] new function stream_int_cond_close()
|
|
- [MAJOR] http: implement body parser
|
|
- [BUG] http: typos on several unlikely() around header insertion
|
|
- [BUG] stream_sock: wrong max computation on recv
|
|
- [MEDIUM] http: rework the buffer alignment logic
|
|
- [BUG] buffers: wrong size calculation for displaced data
|
|
- [MINOR] stream_sock: prepare for closing when all pending data are sent
|
|
- [MEDIUM] http: add two more states for the closing period
|
|
- [MEDIUM] http: properly handle "option forceclose"
|
|
- [MINOR] stream_sock: add SI_FL_NOLINGER for faster close
|
|
- [MEDIUM] http: make forceclose use SI_FL_NOLINGER
|
|
- [MEDIUM] session: set SI_FL_NOLINGER when aborting on write timeouts
|
|
- [MEDIUM] http: add some SI_FL_NOLINGER around server errors
|
|
- [MINOR] config: option forceclose is valid in frontends too
|
|
- [BUILD] halog: insufficient include path in makefile
|
|
- [MEDIUM] http: make the analyser not rely on msg being initialized anymore
|
|
- [MEDIUM] http: make the parsers able to wait for a buffer flush
|
|
- [MAJOR] http: add support for option http-server-close
|
|
- [BUG] http: ensure we abort data transfer on write error
|
|
- [BUG] last fix was overzealous and disabled server-close
|
|
- [BUG] http: fix erroneous trailers size computation
|
|
- [MINOR] stream_sock: enable MSG_MORE when forwarding finite amount of data
|
|
- [OPTIM] http: set MSG_MORE on response when a pipelined request is pending
|
|
- [BUG] http: redirects were broken by chunk changes
|
|
- [BUG] http: the request URI pointer is relative to the buffer
|
|
- [OPTIM] http: don't immediately enable reading on request
|
|
- [MINOR] http: move redirect messages to HTTP/1.1 with a content-length
|
|
- [BUG] http: take care of errors, timeouts and aborts during the data phase
|
|
- [MINOR] http: don't wait for sending requests to the server
|
|
- [MINOR] http: make the conditional redirect support keep-alive
|
|
- [BUG] http: fix cookie parser to support spaces and commas in values
|
|
- [MINOR] config: some options were missing for "redirect"
|
|
- [MINOR] redirect: add support for unconditional rules
|
|
- [MINOR] config: centralize proxy struct initialization
|
|
- [MEDIUM] config: remove the limitation of 10 reqadd/rspadd statements
|
|
- [MEDIUM] config: remove the limitation of 10 config files
|
|
- [CLEANUP] http: remove a remaining impossible condition
|
|
- [OPTIM] http: optimize a bit the construct of the forward loops
|
|
|
|
2009/10/12 : 1.4-dev4
|
|
- [DOC] add missing rate_lim and rate_max
|
|
- [MAJOR] struct chunk rework
|
|
- [MEDIUM] Health check reporting code rework + health logging, v3
|
|
- [BUG] check if rise/fall has an argument and it is > 0
|
|
- [MINOR] health checks logging unification
|
|
- [MINOR] add "description", "node" and show-node"/"show-desc", remove "node-name", v2
|
|
- [MINOR] Allow dots in show-node & add "white-space: nowrap" in th.pxname.
|
|
- [DOC] Add information about http://haproxy.1wt.eu/contrib.html
|
|
- [MINOR] Introduce include/types/counters.h
|
|
- [CLEANUP] Move counters to dedicated structures
|
|
- [MINOR] Add "clear counters" to clear statistics counters
|
|
- [MEDIUM] Collect & provide separate statistics for sockets, v2
|
|
- [BUG] Fix NULL pointer dereference in stats_check_uri_auth(), v2
|
|
- [MINOR] acl: don't report valid acls as potential mistakes
|
|
- [MINOR] Add cut_crlf(), ltrim(), rtrim() and alltrim()
|
|
- [MINOR] Add chunk_htmlencode and chunk_asciiencode
|
|
- [MINOR] Capture & display more data from health checks, v2
|
|
- [BUG] task.c: don't assing last_timer to node-less entries
|
|
- [BUG] http stats: large outputs sometimes got some parts chopped off
|
|
- [MINOR] backend: export some functions to recount servers
|
|
- [MINOR] backend: uninline some LB functions
|
|
- [MINOR] include time.h from freq_ctr.h as is uses "now".
|
|
- [CLEANUP] backend: move LB algos to individual files
|
|
- [MINOR] lb_map: reorder code in order to ease integration of new hash functions
|
|
- [CLEANUP] proxy: move last lb-specific bits to their respective files
|
|
- [MINOR] backend: separate declarations of LB algos from their lookup method
|
|
- [MINOR] backend: reorganize the LB algorithm selection
|
|
- [MEDIUM] backend: introduce the "static-rr" LB algorithm
|
|
- [MINOR] report list of supported pollers with -vv
|
|
- [DOC] log-health-checks is an option, not a directive
|
|
- [MEDIUM] new option "independant-streams" to stop updating read timeout on writes
|
|
- [BUG] stats: don't call buffer_shutw(), but ->shutw() instead
|
|
- [MINOR] stats: strip CR and LF from the input command line
|
|
- [BUG] don't refresh timeouts late after detected activity
|
|
- [MINOR] stats_dump_errors_to_buffer: use buffer_feed_chunk()
|
|
- [MINOR] stats_dump_sess_to_buffer: use buffer_feed_chunk()
|
|
- [MINOR] stats: make stats_dump_raw_to_buffer() use buffer_feed_chunk
|
|
- [MEDIUM] stats: don't use s->ana_state anymore
|
|
- [MINOR] remove now obsolete ana_state from the session struct
|
|
- [MEDIUM] stats: make HTTP stats use an I/O handler
|
|
- [MEDIUM] stream_int: adjust WAIT_ROOM handling
|
|
- [BUG] config: look for ID conflicts in all sockets, not only last ones.
|
|
- [MINOR] config: reference file and line with any listener/proxy/server declaration
|
|
- [MINOR] config: report places of duplicate names or IDs
|
|
- [MINOR] config: add pointer to file name in block/redirect/use_backend/monitor rules
|
|
- [MINOR] tools: add a new get_next_id() function
|
|
- [MEDIUM] config: automatically find unused IDs for proxies, servers and listeners
|
|
- [OPTIM] counters: move some max numbers to the counters struct
|
|
- [BUG] counters: fix segfault on missing counters for a listener
|
|
- [MEDIUM] backend: implement consistent hashing variation
|
|
- [MINOR] acl: add fe_conn, be_conn, queue, avg_queue
|
|
- [MINOR] stats: use 'clear counters all' to clear all values
|
|
- [MEDIUM] add access restrictions to the stats socket
|
|
- [MINOR] buffers: add buffer_feed2() and make buffer_feed() measure string length
|
|
- [MINOR] proxy: provide function to retrieve backend/server pointers
|
|
- [MINOR] add the "initial weight" to the server struct.
|
|
- [MEDIUM] stats: add the "get weight" command to report a server's weight
|
|
- [MEDIUM] stats: add the "set weight" command
|
|
- [BUILD] add a 'make tags' target
|
|
- [MINOR] stats: add support for numeric IDs in set weight/get weight
|
|
- [MINOR] stats: use a dedicated state to output static data
|
|
- [OPTIM] stats: check free space before trying to print
|
|
|
|
2009/09/24 : 1.4-dev3
|
|
- [BUILD] compilation of haproxy-1.4-dev2 on FreeBSD
|
|
- [MEDIUM] Collect & show information about last health check, v3
|
|
- [MINOR] export the hostname variable so that all the code can access it
|
|
- [MINOR] stats: add a new node-name setting
|
|
- [MEDIUM] remove old experimental tcpsplice option
|
|
- [BUILD] fix build for systems without SOL_TCP
|
|
- [MEDIUM] move connection establishment from backend to the SI.
|
|
- [MEDIUM] make the global stats socket part of a frontend
|
|
- [MEDIUM] session: account per-listener connections
|
|
- [MINOR] session: switch to established state if no connect function
|
|
- [MEDIUM] make the unix stats sockets use the generic session handler
|
|
- [CLEANUP] unix: remove uxst_process_session()
|
|
- [CLEANUP] move remaining stats sockets code to dumpstats
|
|
- [MINOR] move the initial task's nice value to the listener
|
|
- [MINOR] cleanup set_session_backend by using pre-computed analysers
|
|
- [MINOR] set s->srv_error according to the analysers
|
|
- [MEDIUM] set rep->analysers from fe and be analysers
|
|
- [MEDIUM] replace BUFSIZE with buf->size in computations
|
|
- [MEDIUM] make it possible to change the buffer size in the configuration
|
|
- [MEDIUM] report error on buffer writes larger than buffer size
|
|
- [MEDIUM] stream_interface: add and use ->update function to resync
|
|
- [CLEANUP] remove ifdef MSG_NOSIGNAL and define it instead
|
|
- [MEDIUM] remove TCP_CORK and make use of MSG_MORE instead
|
|
- [BUG] tarpit did not work anymore
|
|
- [MINOR] acl: add support for hdr_ip to match IP addresses in headers
|
|
- [MAJOR] buffers: fix misuse of the BF_SHUTW_NOW flag
|
|
- [MINOR] buffers: provide more functions to handle buffer data
|
|
- [MEDIUM] buffers: provide new buffer_feed*() function
|
|
- [MINOR] buffers: add peekchar and peekline functions for stream interfaces
|
|
- [MINOR] buffers: provide buffer_si_putchar() to send a char from a stream interface
|
|
- [BUG] buffer_forward() would not correctly consider data already scheduled
|
|
- [MINOR] buffers: add buffer_cut_tail() to cut only unsent data
|
|
- [MEDIUM] stream_interface: make use of buffer_cut_tail() to report errors
|
|
- [MAJOR] http: add support for HTTP 1xx informational responses
|
|
- [MINOR] buffers: inline buffer_si_putchar()
|
|
- [MAJOR] buffers: split BF_WRITE_ENA into BF_AUTO_CONNECT and BF_AUTO_CLOSE
|
|
- [MAJOR] buffers: fix the BF_EMPTY flag's meaning
|
|
- [BUG] stream_interface: SI_ST_CLO must have buffers SHUT
|
|
- [MINOR] stream_sock: don't set SI_FL_WAIT_DATA if BF_SHUTW_NOW is set
|
|
- [MEDIUM] add support for infinite forwarding
|
|
- [BUILD] stream_interface: fix conflicting declaration
|
|
- [BUG] buffers: buffer_forward() must not always clear BF_OUT_EMPTY
|
|
- [BUG] variable buffer size ignored at initialization time
|
|
- [MINOR] ensure that buffer_feed() and buffer_skip() set BF_*_PARTIAL
|
|
- [BUG] fix buffer_skip() and buffer_si_getline() to correctly handle wrap-arounds
|
|
- [MINOR] stream_interface: add SI_FL_DONT_WAKE flag
|
|
- [MINOR] stream_interface: add iohandler callback
|
|
- [MINOR] stream_interface: add functions to support running as internal/external tasks
|
|
- [MEDIUM] session: call iohandler for embedded tasks (applets)
|
|
- [MINOR] add a ->private member to the stream_interface
|
|
- [MEDIUM] stats: prepare the connection for closing before dumping
|
|
- [MEDIUM] stats: replace the stats socket analyser with an SI applet
|
|
|
|
2009/08/09 : 1.4-dev2
|
|
- [BUG] task: fix possible crash when some timeouts are not configured
|
|
- [BUG] log: option tcplog would log to global if no logger was defined
|
|
|
|
2009/07/29 : 1.4-dev1
|
|
- [MINOR] acl: add support for matching of RDP cookies
|
|
- [MEDIUM] add support for RDP cookie load-balancing
|
|
- [MEDIUM] add support for RDP cookie persistence
|
|
- [MINOR] add a new CLF log format
|
|
- [MINOR] startup: don't imply -q with -D
|
|
- [BUG] ensure that we correctly re-start old process in case of error
|
|
- [MEDIUM] add support for binding to source port ranges during connect
|
|
- [MINOR] config: track "no option"/"option" changes
|
|
- [MINOR] config: support resetting options do default values
|
|
- [MEDIUM] implement option tcp-smart-accept at the frontend
|
|
- [MEDIUM] stream_sock: implement tcp-cork for use during shutdowns on Linux
|
|
- [MEDIUM] implement tcp-smart-connect option at the backend
|
|
- [MEDIUM] add support for TCP MSS adjustment for listeners
|
|
- [MEDIUM] support setting a server weight to zero
|
|
- [MINOR] make DEFAULT_MAXCONN user-configurable at build time
|
|
- [MAJOR] session: don't clear buffer status flags anymore
|
|
- [MAJOR] session: only check for timeouts when they have just occurred.
|
|
- [MAJOR] session: simplify buffer error handling
|
|
- [MEDIUM] config: split parser and checker in two functions
|
|
- [MEDIUM] config: support loading multiple configuration files
|
|
- [MEDIUM] stream_sock: don't close prematurely when nolinger is set
|
|
- [MEDIUM] session: rework buffer analysis to permit permanent analysers
|
|
- [MEDIUM] splice: set the capability on each stream_interface
|
|
- [BUG] http: redirect rules were processed too early
|
|
- [CLEANUP] remove unused DEBUG_PARSE_NO_SPEEDUP define
|
|
- [MEDIUM] http: split request waiter from request processor
|
|
- [MEDIUM] session: tell analysers what bit they were called for
|
|
- [MAJOR] http: complete splitting of the remaining stages
|
|
- [MINOR] report in the proxies the requirements for ACLs
|
|
- [MINOR] http: rely on proxy->acl_requires to allocate hdr_idx
|
|
- [MINOR] acl: add HTTP protocol detection (req_proto_http)
|
|
- [MINOR] prepare callers of session_set_backend to handle errors
|
|
- [BUG] default ACLs did not properly set the ->requires flag
|
|
- [MEDIUM] allow a TCP frontend to switch to an HTTP backend
|
|
- [MINOR] ensure we can jump from swiching rules to http without data
|
|
- [MINOR] http: take http request timeout from the backend
|
|
- [MINOR] allow TCP inspection rules to make use of HTTP ACLs
|
|
- [BUILD] report commit date and not author's date as build date
|
|
- [MINOR] acl: don't complain anymore when using L7 acls in TCP
|
|
- [BUG] stream_sock: always shutdown(SHUT_WR) before closing
|
|
- [BUG] stream_sock: don't stop reading when the poller reports an error
|
|
- [BUG] config: tcp-request content only accepts "if" or "unless"
|
|
- [BUG] task: fix possible timer drift after update
|
|
- [MINOR] apply tcp-smart-connect option for the checks too
|
|
- [MINOR] stats: better displaying in MSIE
|
|
- [MINOR] config: improve error reporting in global section
|
|
- [MINOR] config: improve error reporting in listen sections
|
|
- [MINOR] config: the "capture" keyword is not allowed in backends
|
|
- [MINOR] config: improve error reporting when checking configuration
|
|
- [BUILD] fix a minor build warning on AIX
|
|
- [BUILD] use "git cmd" instead of "git-cmd"
|
|
- [CLEANUP] report 2009 not 2008 in the copyright banner.
|
|
- [MINOR] print usage on the stats sockets upon invalid commands
|
|
- [MINOR] acl: detect and report potential mistakes in ACLs
|
|
- [BUILD] fix incorrect printf arg count with tcp_splice
|
|
- [BUG] fix random pauses on last segment of a series
|
|
- [BUILD] add support for build under Cygwin
|
|
|
|
2009/06/09 : 1.4-dev0
|
|
- exact copy of 1.3.18
|
|
|
|
2009/05/10 : 1.3.18
|
|
- [MEDIUM] add support for "balance hdr(name)"
|
|
- [CLEANUP] give a little bit more information in error message
|
|
- [MINOR] add X-Original-To: header
|
|
- [BUG] x-original-to: fix missing initialization to default value
|
|
- [BUILD] spec file: fix broken pipe during rpmbuild and add man file
|
|
- [MINOR] improve reporting of misplaced acl/reqxxx rules
|
|
- [MEDIUM] http: add options to ignore invalid header names
|
|
- [MEDIUM] http: capture invalid requests/responses even if accepted
|
|
- [BUILD] add format(printf) to printf-like functions
|
|
- [MINOR] fix several printf formats and missing arguments
|
|
- [BUG] stats: total and lbtot are unsigned
|
|
- [MINOR] fix a few remaining printf-like formats on 64-bit platforms
|
|
- [CLEANUP] remove unused make option from haproxy.spec
|
|
- [BUILD] make it possible to pass alternative arch at build time
|
|
- [MINOR] switch all stat counters to 64-bit
|
|
- [MEDIUM] ensure we don't recursively call pool_gc2()
|
|
- [CRITICAL] uninitialized response field can sometimes cause crashes
|
|
- [BUG] fix wrong pointer arithmetics in HTTP message captures
|
|
- [MINOR] rhel init script : support the reload operation
|
|
- [MINOR] add basic signal handling functions
|
|
- [BUILD] add signal.o to all makefiles
|
|
- [MEDIUM] call signal_process_queue from run_poll_loop
|
|
- [MEDIUM] pollers: don't wait if a signal is pending
|
|
- [MEDIUM] convert all signals to asynchronous signals
|
|
- [BUG] O(1) pollers should check their FD before closing it
|
|
- [MINOR] don't close stdio fds twice
|
|
- [MINOR] add options dontlog-normal and log-separate-errors
|
|
- [DOC] minor fixes and rearrangements
|
|
- [BUG] fix parser crash on unconditional tcp content rules
|
|
- [DOC] rearrange the configuration manual and add a summary
|
|
- [MINOR] standard: provide a new 'my_strndup' function
|
|
- [MINOR] implement per-logger log level limitation
|
|
- [MINOR] compute the max of sessions/s on fe/be/srv
|
|
- [MINOR] stats: report max sessions/s and limit in CSV export
|
|
- [MINOR] stats: report max sessions/s and limit in HTML stats
|
|
- [MINOR] stats/html: use the arial font before helvetica
|
|
|
|
2009/03/29 : 1.3.17
|
|
- Update specfile to build for v2.6 kernel.
|
|
- [BUG] reset the stream_interface connect timeout upon connect or error
|
|
- [BUG] reject unix accepts when connection limit is reached
|
|
- [MINOR] show sess: report number of calls to each task
|
|
- [BUG] don't call epoll_ctl() on closed sockets
|
|
- [BUG] stream_sock: disable I/O on fds reporting an error
|
|
- [MINOR] sepoll: don't count two events on the same FD.
|
|
- [MINOR] show sess: report a lot more information about sessions
|
|
- [BUG] stream_sock: check for shut{r,w} before refreshing some timeouts
|
|
- [BUG] don't set an expiration date directly from now_ms
|
|
- [MINOR] implement ulltoh() to write HTML-formatted numbers
|
|
- [MINOR] stats/html: group digits by 3 to clarify numbers
|
|
- [BUILD] remove haproxy-small.spec
|
|
- [BUILD] makefile: remove unused references to linux24eold and EPOLL_CTL_WORKAROUND
|
|
|
|
2009/03/22 : 1.3.16
|
|
- [BUILD] Fixed Makefile for linking pcre
|
|
- [CONTRIB] selinux policy for haproxy
|
|
- [MINOR] show errors: encode backslash as well as non-ascii characters
|
|
- [MINOR] cfgparse: some cleanups in the consistency checks
|
|
- [MINOR] cfgparse: set backends to "balance roundrobin" by default
|
|
- [MINOR] tcp-inspect: permit the use of no-delay inspection
|
|
- [MEDIUM] reverse internal proxy declaration order to match configuration
|
|
- [CLEANUP] config: catch and report some possibly wrong rule ordering
|
|
- [BUG] connect timeout is in the stream interface, not the buffer
|
|
- [BUG] session: errors were not reported in termination flags in TCP mode
|
|
- [MINOR] tcp_request: let the caller take care of errors and timeouts
|
|
- [CLEANUP] http: remove some commented out obsolete code in process_response
|
|
- [MINOR] update ebtree to version 4.1
|
|
- [MEDIUM] scheduler: get rid of the 4 trees thanks and use ebtree v4.1
|
|
- [BUG] sched: don't leave 3 lasts tasks unprocessed when niced tasks are present
|
|
- [BUG] scheduler: fix improper handling of duplicates __task_queue()
|
|
- [MINOR] sched: permit a task to stay up between calls
|
|
- [MINOR] task: keep a task count and clean up task creators
|
|
- [MINOR] stats: report number of tasks (active and running)
|
|
- [BUG] server check intervals must not be null
|
|
- [OPTIM] stream_sock: don't retry to read after a large read
|
|
- [OPTIM] buffer: new BF_READ_DONTWAIT flag reduces EAGAIN rates
|
|
- [MEDIUM] session: don't resync FSMs on non-interesting changes
|
|
- [BUG] check for global.maxconn before doing accept()
|
|
- [OPTIM] sepoll: do not re-check whole list upon accepts
|
|
|
|
2009/03/09 : 1.3.16-rc2
|
|
- [BUG] stream_sock: write timeout must be updated when forwarding !
|
|
|
|
2009/03/09 : 1.3.16-rc1
|
|
- appsessions: cleanup DEBUG_HASH and initialize request_counter
|
|
- [MINOR] acl: add new keyword "connslots"
|
|
- [MINOR] cfgparse: fix off-by 2 in error message size
|
|
- [BUILD] fix build with gcc 4.3
|
|
- [BUILD] fix MANDIR default location to match documentation
|
|
- [TESTS] add a debug patch to help trigger the stats bug
|
|
- [BUG] Flush buffers also where there are exactly 0 bytes left
|
|
- [MINOR] Allow to specify a domain for a cookie
|
|
- [BUG/CLEANUP] cookiedomain -> cookie_domain rename + free(p->cookie_domain)
|
|
- [MEDIUM] Fix memory freeing at exit
|
|
- [MEDIUM] Fix memory freeing at exit, part 2
|
|
- [BUG] Fix listen & more of 2 couples <ip>:<port>
|
|
- [DOC] remove buggy comment for use_backend
|
|
- [CRITICAL] fix server state tracking: it was O(n!) instead of O(n)
|
|
- [MEDIUM] add support for URI hash depth and length limits
|
|
- [MINOR] permit renaming of x-forwarded-for header
|
|
- [BUILD] fix Makefile.bsd and Makefile.osx for stream_interface
|
|
- [BUILD] Haproxy won't compile if DEBUG_FULL is defined
|
|
- [MEDIUM] upgrade to ebtree v4.0
|
|
- [DOC] update the README file with new build options
|
|
- [MEDIUM] reduce risk of event starvation in ev_sepoll
|
|
- [MEDIUM] detect streaming buffers and tag them as such
|
|
- [MEDIUM] add support for conditional HTTP redirection
|
|
- [BUILD] make install should depend on haproxy not "all"
|
|
- [DEBUG] add a TRACE macro to facilitate runtime data extraction
|
|
- [BUG] event pollers must not wait if a task exists in the run queue
|
|
- [BUG] queue management: wake oldest request in queues
|
|
- [BUG] log: reported queue position was offed-by-one
|
|
- [BUG] fix the dequeuing logic to ensure that all requests get served
|
|
- [DOC] documentation for the "retries" parameter was missing.
|
|
- [MEDIUM] implement a monotonic internal clock
|
|
- [MEDIUM] further improve monotonic clock by check forward jumps
|
|
- [OPTIM] add branch prediction hints in list manipulations
|
|
- [MAJOR] replace ultree with ebtree in wait-queues
|
|
- [BUG] we could segfault during exit while freeing uri_auths
|
|
- [BUG] wqueue: perform proper timeout comparisons with wrapping values
|
|
- [MINOR] introduce now_ms, the current date in milliseconds
|
|
- [BUG] disable buffer read timeout when reading stats
|
|
- [MEDIUM] rework the wait queue mechanism
|
|
- [BUILD] change declaration of base64tab to fix build with Intel C++
|
|
- [OPTIM] shrink wake_expired_tasks() by using task_wakeup()
|
|
- [MAJOR] use an ebtree instead of a list for the run queue
|
|
- [MEDIUM] introduce task->nice and boot access to statistics
|
|
- [OPTIM] task_queue: assume most consecutive timers are equal
|
|
- [BUILD] silent a warning in unlikely() with gcc 4.x
|
|
- [MAJOR] convert all expiration timers from timeval to ticks
|
|
- [BUG] use_backend would not correctly consider "unless"
|
|
- [TESTS] added test-acl.cfg to test some ACL combinations
|
|
- [MEDIUM] add support for configuration keyword registration
|
|
- [MEDIUM] modularize the global "stats" keyword configuration parser
|
|
- [MINOR] cfgparse: add support for warnings in external functions
|
|
- [MEDIUM] modularize the "timeout" keyword configuration parser
|
|
- [MAJOR] implement tcp request content inspection
|
|
- [MINOR] acl: add a new parsing function: parse_dotted_ver
|
|
- [MINOR] acl: add req_ssl_ver in TCP, to match an SSL version
|
|
- [CLEANUP] remove unused include/types/client.h
|
|
- [CLEANUP] remove many #include <types/xxx> from C files
|
|
- [CLEANUP] remove dependency on obsolete INTBITS macro
|
|
- [DOC] document the new "tcp-request" keyword and associated ACLs
|
|
- [MINOR] acl: add REQ_CONTENT to the list of default acls
|
|
- [MEDIUM] acl: permit fetch() functions to set the result themselves
|
|
- [MEDIUM] acl: get rid of dummy values in always_true/always_false
|
|
- [MINOR] acl: add the "wait_end" acl verb
|
|
- [MEDIUM] acl: enforce ACL type checking
|
|
- [MEDIUM] acl: set types on all currently known ACL verbs
|
|
- [MEDIUM] acl: when possible, report the name and requirements of ACLs in warnings
|
|
- [CLEANUP] remove 65 useless NULL checks before free
|
|
- [MEDIUM] memory: update pool_free2() to support NULL pointers
|
|
- [MEDIUM] buffers: ensure buffer_shut* are properly called upon shutdowns
|
|
- [MEDIUM] process_srv: rely on buffer flags for client shutdown
|
|
- [MEDIUM] process_srv: don't rely at all on client state
|
|
- [MEDIUM] process_cli: don't rely at all on server state
|
|
- [BUG] fix segfault with url_param + check_post
|
|
- [BUG] server timeout was not considered in some circumstances
|
|
- [BUG] client timeout incorrectly rearmed while waiting for server
|
|
- [MAJOR] kill CL_STINSPECT and CL_STHEADERS (step 1)
|
|
- [MAJOR] get rid of SV_STANALYZE (step 2)
|
|
- [MEDIUM] simplify and centralize request timeout cancellation and request forwarding
|
|
- [MAJOR] completely separate HTTP and TCP states on the request path
|
|
- [BUG] fix recently introduced loop when client closes early
|
|
- [MAJOR] get rid of the SV_STHEADERS state
|
|
- [MAJOR] better separation of response processing and server state
|
|
- [MAJOR] clearly separate HTTP response processing from TCP server state
|
|
- [MEDIUM] remove unused references to {CL|SV}_STSHUT*
|
|
- [MINOR] term_trace: add better instrumentations to trace the code
|
|
- [BUG] ev_sepoll: closed file descriptors could persist in the spec list
|
|
- [BUG] process_response must not enable the read FD
|
|
- [BUG] buffers: remove BF_MAY_CONNECT and fix forwarding issue
|
|
- [BUG] process_response: do not touch srv_state
|
|
- [BUG] maintain_proxies must not disable backends
|
|
- [CLEANUP] get rid of BF_SHUT*_PENDING
|
|
- [MEDIUM] buffers: add BF_EMPTY and BF_FULL to remove dependency on req/rep->l
|
|
- [MAJOR] process_session: rely only on buffer flags
|
|
- [MEDIUM] use buffer->wex instead of buffer->cex for connect timeout
|
|
- [MEDIUM] centralize buffer timeout checks at the top of process_session
|
|
- [MINOR] ensure the termination flags are set by process_xxx
|
|
- [MEDIUM] session: move the analysis bit field to the buffer
|
|
- [OPTIM] process_cli/process_srv: reduce the number of tests
|
|
- [BUG] regparm is broken on gcc < 3
|
|
- [BUILD] fix warning in proto_tcp.c with gcc >= 4
|
|
- [MEDIUM] merge inspect_exp and txn->exp into request buffer
|
|
- [BUG] process_cli/process_srv: don't call shutdown when already done
|
|
- [BUG] process_request: HTTP body analysis must return zero if missing data
|
|
- [TESTS] test-fsm: 22 regression tests for state machines
|
|
- [BUG] Fix empty X-Forwarded-For header name when set in defaults section
|
|
- [BUG] fix harmless but wrong fd insertion sequence
|
|
- [MEDIUM] make it possible for analysers to follow the whole session
|
|
- [MAJOR] rework of the server FSM
|
|
- [OPTIM] remove useless fd_set(read) upon shutdown(write)
|
|
- [MEDIUM] massive cleanup of process_srv()
|
|
- [MEDIUM] second level of code cleanup for process_srv_data
|
|
- [MEDIUM] third cleanup and optimization of process_srv_data()
|
|
- [MEDIUM] process_srv_data: ensure that we always correctly re-arm timeouts
|
|
- [MEDIUM] stream_sock_process_data moved to stream_sock.c
|
|
- [MAJOR] make the client side use stream_sock_process_data()
|
|
- [MEDIUM] split stream_sock_process_data
|
|
- [OPTIM] stream_sock_read must check for null-reads more often
|
|
- [MINOR] only call flow analysers when their read side is connected.
|
|
- [MEDIUM] reintroduce BF_HIJACK with produce_content
|
|
- [MINOR] re-arrange buffer flags and rename some of them
|
|
- [MINOR] do not check for BF_SHUTR when computing write timeout
|
|
- [OPTIM] ev_sepoll: detect newly created FDs and check them once
|
|
- [OPTIM] reduce the number of calls to task_wakeup()
|
|
- [OPTIM] force inlining of large functions with gcc >= 3
|
|
- [MEDIUM] indicate a reason for a task wakeup
|
|
- [MINOR] change type of fdtab[]->owner to void*
|
|
- [MAJOR] make stream sockets aware of the stream interface
|
|
- [MEDIUM] stream interface: add the ->shutw method as well as in and out buffers
|
|
- [MEDIUM] buffers: add BF_READ_ATTACHED and BF_ANA_TIMEOUT
|
|
- [MEDIUM] process_session: make use of the new buffer flags
|
|
- [CLEANUP] process_session: move debug outputs out of the critical loop
|
|
- [MEDIUM] move QUEUE and TAR timers to stream interfaces
|
|
- [OPTIM] add compiler hints in tick_is_expired()
|
|
- [MINOR] add buffer_check_timeouts() to check what timeouts have fired.
|
|
- [MEDIUM] use buffer_check_timeouts instead of stream_sock_check_timeouts()
|
|
- [MINOR] add an expiration flag to the stream_sock_interface
|
|
- [MAJOR] migrate the connection logic to stream interface
|
|
- [MAJOR] add a connection error state to the stream_interface
|
|
- [MEDIUM] add the SN_CURR_SESS flag to the session to track open sessions
|
|
- [MEDIUM] continue layering cleanups.
|
|
- [MEDIUM] stream_interface: added a DISconnected state between CON/EST and CLO
|
|
- [MEDIUM] remove stream_sock_update_data()
|
|
- [MINOR] maintain a global session list in order to ease debugging
|
|
- [BUG] shutw must imply close during a connect
|
|
- [MEDIUM] process shutw during connection attempt
|
|
- [MEDIUM] make the stream interface control the SHUT{R,W} bits
|
|
- [MAJOR] complete layer4/7 separation
|
|
- [CLEANUP] move the session-related functions to session.c
|
|
- [MINOR] call session->do_log() for logging
|
|
- [MINOR] replace the ambiguous client_return function by stream_int_return
|
|
- [MINOR] replace client_retnclose() with stream_int_retnclose()
|
|
- [MINOR] replace srv_close_with_err() with http_server_error()
|
|
- [MEDIUM] make the http server error function a pointer in the session
|
|
- [CLEANUP] session.c: removed some migration left-overs in sess_establish()
|
|
- [MINOR] stream_sock_data_finish() should not expose fd
|
|
- [MEDIUM] extract TCP request processing from HTTP
|
|
- [MEDIUM] extract the HTTP tarpit code from process_request().
|
|
- [MEDIUM] move the HTTP request body analyser out of process_request().
|
|
- [MEDIUM] rename process_request to http_process_request
|
|
- [BUG] fix forgotten server session counter
|
|
- [MINOR] declare process_session in session.h, not proto_http.h
|
|
- [MEDIUM] first pass of lifting to proto_uxst.c:uxst_event_accept()
|
|
- [MINOR] add an analyser code for UNIX stats request
|
|
- [MINOR] pre-set analyser flags on the listener at registration time
|
|
- [BUG] do not forward close from cons to prod with analysers
|
|
- [MEDIUM] ensure that sock->shutw() also closes read for init states
|
|
- [MINOR] add an analyser state in struct session
|
|
- [MAJOR] make unix sockets work again with stats
|
|
- [MEDIUM] remove cli_fd, srv_fd, cli_state and srv_state from the session
|
|
- [MINOR] move the listener reference from fd to session
|
|
- [MEDIUM] reference the current hijack function in the buffer itself
|
|
- [MINOR] slightly rebalance stats_dump_{raw,http}
|
|
- [MINOR] add a new back-reference type : struct bref
|
|
- [MINOR] add back-references to sessions for later use by a dumper.
|
|
- [MEDIUM] add support for "show sess" in unix stats socket
|
|
- [BUG] do not release the connection slot during a retry
|
|
- [BUG] dynamic connection throttling could return a max of zero conns
|
|
- [BUG] do not try to pause backends during reload
|
|
- [BUG] ensure that listeners from disabled proxies are correctly unbound.
|
|
- [BUG] acl-related keywords are not allowed in defaults sections
|
|
- [BUG] cookie capture is declared in the frontend but checked on the backend
|
|
- [BUG] critical errors should be reported even in daemon mode
|
|
- [MINOR] redirect: add support for the "drop-query" option
|
|
- [MINOR] redirect: add support for "set-cookie" and "clear-cookie"
|
|
- [MINOR] redirect: in prefix mode a "/" means not to change the URI
|
|
- [BUG] do not dequeue requests on a dead server
|
|
- [BUG] do not dequeue the backend's pending connections on a dead server
|
|
- [MINOR] stats: indicate if a task is running in "show sess"
|
|
- [BUG] check timeout must not be changed if timeout.check is not set
|
|
- [BUG] "option transparent" is for backend, not frontend !
|
|
- [MINOR] transfer errors were not reported anymore in data phase
|
|
- [MEDIUM] add a send limit to a buffer
|
|
- [MEDIUM] don't report buffer timeout when there is I/O activity
|
|
- [MEDIUM] indicate when we don't care about read timeout
|
|
- [MINOR] add flags to indicate when a stream interface is waiting for space/data
|
|
- [MEDIUM] enable inter-stream_interface wakeup calls
|
|
- [MAJOR] implement autonomous inter-socket forwarding
|
|
- [MINOR] add the splice_len member to the buffer struct in preparation of splice support
|
|
- [MEDIUM] stream_sock: factor out the return path in case of no-writes
|
|
- [MEDIUM] i/o: rework ->to_forward and ->send_max
|
|
- [OPTIM] stream_sock: do not ask for polling on EAGAIN if we have read
|
|
- [OPTIM] buffer: replace rlim by max_len
|
|
- [OPTIM] stream_sock: factor out the buffer full handling out of the loop
|
|
- [CLEANUP] replace a few occurrences of (flags & X) && !(flags & Y)
|
|
- [CLEANUP] stream_sock: move the write-nothing condition out of the loop
|
|
- [MEDIUM] split stream_sock_write() into callback and core functions
|
|
- [MEDIUM] stream_sock_read: call ->chk_snd whenever there are data pending
|
|
- [MINOR] stream_sock: fix a few wrong empty calculations
|
|
- [MEDIUM] stream_sock: try to send pending data on chk_snd()
|
|
- [MINOR] global.maxpipes: add the ability to reserve file descriptors for pipes
|
|
- [MEDIUM] splice: add configuration options and set global.maxpipes
|
|
- [MINOR] introduce structures required to support Linux kernel splicing
|
|
- [MEDIUM] add definitions for Linux kernel splicing
|
|
- [MAJOR] complete support for linux 2.6 kernel splicing
|
|
- [BUG] reserve some pipes for backends with splice enabled
|
|
- [MEDIUM] splice: add hints to support older buggy kernels
|
|
- [MEDIUM] introduce pipe pools
|
|
- [MEDIUM] splice: make use of pipe pools
|
|
- [STATS] report pipe usage in the statistics
|
|
- [OPTIM] make global.maxpipes default to global.maxconn/4 when not specified
|
|
- [BUILD] fix snapshot date extraction with negative timezones
|
|
- [MEDIUM] move global tuning options to the global structure
|
|
- [MEDIUM] splice: add the global "nosplice" option
|
|
- [BUILD] add USE_LINUX_SPLICE to enable LINUX_SPLICE on linux 2.6
|
|
- [BUG] we must not exit if protocol binding only returns a warning
|
|
- [MINOR] add support for bind interface name
|
|
- [BUG] inform the user when root is expected but not set
|
|
- [MEDIUM] add support for source interface binding
|
|
- [MEDIUM] add support for source interface binding at the server level
|
|
- [MEDIUM] implement bind-process to limit service presence by process
|
|
- [DOC] document maxpipes, nosplice, option splice-{auto,request,response}
|
|
- [DOC] filled the logging section of the configuration manual
|
|
- [DOC] document HTTP status codes
|
|
- [DOC] document a few missing info about errorfile
|
|
- [BUG] fix random memory corruption using "show sess"
|
|
- [BUG] fix unix socket processing of interrupted output
|
|
- [DOC] add diagrams of queuing and future ACL design
|
|
- [BUILD] proto_http did not build on gcc-2.95
|
|
- [BUG] the "source" keyword must first clear optional settings
|
|
- [BUG] global.tune.maxaccept must be limited even in mono-process mode
|
|
- [MINOR] ensure that http_msg_analyzer updates pointer to invalid char
|
|
- [MEDIUM] store a complete dump of request and response errors in proxies
|
|
- [MEDIUM] implement error dump on unix socket with "show errors"
|
|
- [DOC] document "show errors"
|
|
- [MINOR] errors dump must use user-visible date, not internal date.
|
|
- [MINOR] time: add __usec_to_1024th to convert usecs to 1024th of second
|
|
- [MINOR] add curr_sec_ms and curr_sec_ms_scaled for current second.
|
|
- [MEDIUM] measure and report session rate on frontend, backends and servers
|
|
- [BUG] the "connslots" keyword was matched as "connlots"
|
|
- [MINOR] acl: add 2 new verbs: fe_sess_rate and be_sess_rate
|
|
- [MEDIUM] implement "rate-limit sessions" for the frontend
|
|
- [BUG] interface binding: length must include the trailing zero
|
|
- [BUG] typo in timeout error reporting : report *res and not *err
|
|
- [OPTIM] maintain_proxies: only wake up when the frontend will be ready
|
|
- [OPTIM] rate-limit: cleaner behaviour on low rates and reduce consumption
|
|
- [BUG] switch server-side stream interface to close in case of abort
|
|
- [CLEANUP] remove last references to term_trace
|
|
- [OPTIM] freq_ctr: do not rotate the counters when reading
|
|
- [BUG] disable any analysers for monitoring requests
|
|
- [BUG] rate-limit in defaults section was ignored
|
|
- [BUG] task: fix handling of duplicate keys
|
|
- [OPTIM] task: don't unlink a task from a wait queue when waking it up
|
|
- [OPTIM] displace tasks in the wait queue only if absolutely needed
|
|
- [MEDIUM] minor update to the task api: let the scheduler queue itself
|
|
- [BUG] event_accept() must always wake the task up, even in health mode
|
|
- [CLEANUP] task: distinguish between clock ticks and timers
|
|
- [OPTIM] task: reduce the number of calls to task_queue()
|
|
- [OPTIM] do not re-check req buffer when only response has changed
|
|
- [CLEANUP] don't enable kernel splicing when socket is closed
|
|
- [CLEANUP] buffer_flush() was misleading, rename it as buffer_erase
|
|
- [MINOR] buffers: implement buffer_flush()
|
|
- [MEDIUM] rearrange forwarding condition to enable splice during analysis
|
|
- [BUILD] build fixes for Solaris
|
|
- [BUILD] proto_http did not build on gcc-2.95 (again)
|
|
- [CONTRIB] halog: fast log parser for haproxy
|
|
- [CONTRIB] halog: faster fgets() and add support for percentile reporting
|
|
|
|
2008/04/19 : 1.3.15
|
|
- [BUILD] Added support for 'make install'
|
|
- [BUILD] Added 'install-man' make target for installing the man page
|
|
- [BUILD] Added 'install-bin' make target
|
|
- [BUILD] Added 'install-doc' make target
|
|
- [BUILD] Removed "/" after '$(DESTDIR)' in install targets
|
|
- [BUILD] Changed 'install' target to install the binaries first
|
|
- [BUILD] Replace hardcoded 'LD = gcc' with 'LD = $(CC)'
|
|
- [MEDIUM]: Inversion for options
|
|
- [MEDIUM]: Count retries and redispatches also for servers, fix redistribute_pending, extend logs, %d->%u cleanup
|
|
- [BUG]: Restore clearing t->logs.bytes
|
|
- [MEDIUM]: rework checks handling
|
|
- [DOC] Update a "contrib" file with a hint about a scheme used for formathing subjects
|
|
- [MEDIUM] Implement "track [<backend>/]<server>"
|
|
- [MINOR] Implement persistent id for proxies and servers
|
|
- [BUG] Don't increment server connections too much + fix retries
|
|
- [MEDIUM]: Prevent redispatcher from selecting the same server, version #3
|
|
- [MAJOR] proto_uxst rework -> SNMP support
|
|
- [BUG] appsession lookup in URL does not work
|
|
- [BUG] transparent proxy address was ignored in backend
|
|
- [BUG] hot reconfiguration failed because of a wrong error check
|
|
- [DOC] big update to the configuration manual
|
|
- [DOC] large update to the configuration manual
|
|
- [DOC] document more options
|
|
- [BUILD] major rework of the GNU Makefile
|
|
- [STATS] add support for "show info" on the unix socket
|
|
- [DOC] document options forwardfor to logasap
|
|
- [MINOR] add support for the "backlog" parameter
|
|
- [OPTIM] introduce global parameter "tune.maxaccept"
|
|
- [MEDIUM] introduce "timeout http-request" in frontends
|
|
- [MINOR] tarpit timeout is also allowed in backends
|
|
- [BUG] increment server connections for each connect()
|
|
- [MEDIUM] add a turn-around state of one second after a connection failure
|
|
- [BUG] fix typo in redispatched connection
|
|
- [DOC] document options nolinger to ssl-hello-chk
|
|
- [DOC] added documentation for "option tcplog" to "use_backend"
|
|
- [BUG] connect_server: server might not exist when sending error report
|
|
- [MEDIUM] support fully transparent proxy on Linux (USE_LINUX_TPROXY)
|
|
- [MEDIUM] add non-local bind to connect() on Linux
|
|
- [MINOR] add transparent proxy support for balabit's Tproxy v4
|
|
- [BUG] use backend's source and not server's source with tproxy
|
|
- [BUG] fix overlapping server flags
|
|
- [MEDIUM] fix server health checks source address selection
|
|
- [BUG] build failed on CONFIG_HAP_LINUX_TPROXY without CONFIG_HAP_CTTPROXY
|
|
- [DOC] added "server", "source" and "stats" keywords
|
|
- [DOC] all server parameters have been documented
|
|
- [DOC] document all req* and rsp* keywords.
|
|
- [DOC] added documentation about HTTP header manipulations
|
|
- [BUG] log response byte count, not request
|
|
- [BUILD] code did not build in full debug mode
|
|
- [BUG] fix truncated responses with sepoll
|
|
- [MINOR] use s->frt_addr as the server's address in transparent proxy
|
|
- [MINOR] fix configuration hint about timeouts
|
|
- [DOC] minor cleanup of the doc and notice to contributors
|
|
- [MINOR] report correct section type for unknown keywords.
|
|
- [BUILD] update MacOS Makefile to build on newer versions
|
|
- [DOC] fix erroneous "useallbackups" option in the doc
|
|
- [DOC] applied small fixes from early readers
|
|
- [MINOR] add configuration support for "redir" server keyword
|
|
- [MEDIUM] completely implement the server redirection method
|
|
- [TESTS] add a test case for the server redirection mechanism
|
|
- [DOC] add a configuration entry for "server ... redir <prefix>"
|
|
- [BUILD] backend.c and checks.c did not build without tproxy !
|
|
- Revert "[BUILD] backend.c and checks.c did not build without tproxy !"
|
|
- [BUILD] backend.c and checks.c did not build without tproxy !
|
|
- [OPTIM] used unsigned ints for HTTP state and message offsets
|
|
- [OPTIM] GCC4's builtin_expect() is suboptimal
|
|
- [BUG] failed conns were sometimes incremented in the frontend!
|
|
- [BUG] timeout.check was not pre-set to eternity
|
|
- [TESTS] add test-pollers.cfg to easily report pollers in use
|
|
- [BUG] do not apply timeout.connect in checks if unset
|
|
- [BUILD] ensure that makefile understands USE_DLMALLOC=1
|
|
- [MINOR] silent gcc for a wrong warning
|
|
- [CLEANUP] update .gitignore to ignore more temporary files
|
|
- [CLEANUP] report dlmalloc's source path only if explictly specified
|
|
- [BUG] str2sun could leak a small buffer in case of error during parsing
|
|
- [BUG] option allbackups was not working anymore in roundrobin mode
|
|
- [MAJOR] implementation of the "leastconn" load balancing algorithm
|
|
- [BUILD] ensure that users don't build without setting the target anymore.
|
|
- [DOC] document the leastconn LB algo
|
|
- [MEDIUM] fix stats socket limitation to 16 kB
|
|
- [DOC] fix unescaped space in httpchk example.
|
|
- [BUG] fix double-decrement of server connections
|
|
- [TESTS] add a test case for port mapping
|
|
- [TESTS] add a benchmark for integer hashing
|
|
- [TESTS] add new methods in ip-hash test file
|
|
- [MAJOR] implement parameter hashing for POST requests
|
|
|
|
2007/12/06 : 1.3.14
|
|
- New option http_proxy (Alexandre Cassen)
|
|
- add support for "maxqueue" to limit server queue overload (Elijah Epifanov)
|
|
- Check for duplicated conflicting proxies (Krzysztof Oledzki)
|
|
- stats: report server and backend cumulated downtime (Krzysztof Oledzki)
|
|
- use backends only with use_backend directive (Krzysztof Oledzki)
|
|
- Handle long lines properly (Krzysztof Oledzki)
|
|
- Implement and use generic findproxy and relax duplicated proxy check (Krzysztof Oledzki)
|
|
- continous statistics (Krzysztof Oledzki)
|
|
- add support for logging via a UNIX socket (Robert Tsai)
|
|
- fix error checking in strl2ic/strl2uic()
|
|
- fix calls to localtime()
|
|
- provide easier-to-use ultoa_* functions
|
|
- provide easy-to-use limit_r and LIM2A* macros
|
|
- add a simple test for the status page
|
|
- move error codes to common/errors.h
|
|
- silent warning about LIST_* being redefined on OpenBSD
|
|
- add socket address length to the protocols
|
|
- group PR_O_BALANCE_* bits into a checkable value
|
|
- externalize the "balance" option parser to backend.c
|
|
- introduce the "url_param" balance method
|
|
- make default_backend work in TCP mode too
|
|
- disable warning about localtime_r on Solaris
|
|
- adjust error messages about conflicting proxies
|
|
- avoid calling some layer7 functions if not needed
|
|
- simplify error path in event_accept()
|
|
- add an options field to the listeners
|
|
- added a new state to listeners
|
|
- unbind_listener() must use fd_delete() and not close()
|
|
- add a generic unbind_listener() primitive
|
|
- add a generic delete_listener() primitive
|
|
- add a generic unbind_all_listeners() primitive
|
|
- create proto_tcp and move initialization of proxy listeners
|
|
- stats: report numerical process ID, proxy ID and server ID
|
|
- relative_pid was not initialized
|
|
- missing header names in raw stats output
|
|
- fix missing parenthesis in check_response_for_cacheability
|
|
- small optimization on session_process_counters()
|
|
- merge ebtree version 3.0
|
|
- make ebtree headers multiple-include compatible
|
|
- ebtree: include config.h for REGPRM*
|
|
- differentiate between generic LB params and map-specific ones
|
|
- add a weight divisor to the struct proxy
|
|
- implement the Fast Weighted Round Robin (FWRR) algo
|
|
- include filltab25.c to experiment on FWRR for dynamic weights
|
|
- merge test-fwrr.cfg to validate dynamic weights
|
|
- move the load balancing algorithm to be->lbprm.algo
|
|
- change server check result to a bit field
|
|
- implement "http-check disable-on-404" for graceful shutdown
|
|
- secure the calling conditions of ->set_server_status_{up,down}
|
|
- report disabled servers as "NOLB" when they are still UP
|
|
- document the "http-check disable-on-404" option
|
|
- http-check disable-on-404 is not limited to HTTP mode
|
|
- add a test file for disable-on-404
|
|
- use distinct bits per load-balancing algorithm type
|
|
- implement the slowstart parameter for servers
|
|
- document the server's slowstart parameter
|
|
- stats: report the server warm up status in a "throttle" column
|
|
- fix 2 minor issues on AIX
|
|
- add the "nbsrv" ACL verb
|
|
- add the "fail" condition to monitor requests
|
|
- remove a warning from gcc due to htons() in standard.c
|
|
- fwrr: ensure that we never overflow in placements
|
|
- store the build options to report with -vv
|
|
- fix the status return of the init script (R.I. Pienaar)
|
|
- stats: real time monitoring script for unix socket (Prizee)
|
|
- document "nbsrv" and "monitor fail"
|
|
- restrict the set of allowed characters for identifiers
|
|
- implement a time parsing function
|
|
- add support for time units in the configuration
|
|
- add a bit of documentation about timers
|
|
- introduce separation between contimeout, and tarpit + queue
|
|
- introduce the "timeout" keyword
|
|
- grouped all timeouts in one structure
|
|
- slowstart is in ms, not seconds
|
|
- slowstart: ensure we don't start with a null weight
|
|
- report the number of times each server was selected
|
|
- fix build on AIX due to recent log changes
|
|
- fix build on Solaris due to recent log changes
|
|
|
|
2007/10/18 : 1.3.13
|
|
- replace the code under O'Reilly license (Arnaud Cornet)
|
|
- add a small man page (Arnaud Cornet)
|
|
- stats: report haproxy's version by default (Krzysztof Oledzki)
|
|
- stats: count server retries and redispatches (Krzysztof Oledzki)
|
|
- core: added easy support for Doug Lea's malloc (dlmalloc)
|
|
- core: fade out memory usage when stopping proxies
|
|
- core: moved the sockaddr pointer to the fdtab structure
|
|
- core: add generic protocol support
|
|
- core: implement client-side support for PF_UNIX sockets
|
|
- stats: implement the CSV output
|
|
- stats: add a link to the CSV export HTML page
|
|
- stats: implement the statistics output on a unix socket
|
|
- config: introduce the "stats" keyword in global section
|
|
- build: centralize version and date into one file for each
|
|
- tests: added a new hash algorithm
|
|
|
|
2007/10/18 : 1.3.12.3
|
|
- add the "nolinger" option to disable data lingering (Alexandre Cassen)
|
|
- fix double-free during clean exit (Krzysztof Oledzki)
|
|
- prevent the system from sending an RST when closing health-checks
|
|
(Krzysztof Oledzki)
|
|
- do not add a cache-control header when on non-cacheable responses
|
|
(Krzysztof Oledzki)
|
|
- spread health checks even more (Krzysztof Oledzki)
|
|
- stats: scope "." must match the backend and not the frontend
|
|
- fixed call to chroot() during startup
|
|
- fix wrong timeout computation in event_accept()
|
|
- remove condition for exit() under fork() failure
|
|
|
|
2007/09/20 : 1.3.12.2
|
|
- fix configuration sanity checks for TCP listeners
|
|
- set the log socket receive window to zero bytes
|
|
- pre-initialize timeouts to infinity, not zero
|
|
- fix the SIGHUP message not to alert on server-less proxies
|
|
- timeouts and retries could be ignored when switching backend
|
|
- added a file to check that "retries" works.
|
|
- O'Reilly has clarified its license
|
|
|
|
2007/09/05 : 1.3.12.1
|
|
- spec I/O: fix allocations of spec entries for an FD
|
|
- ensure we never overflow in chunk_printf()
|
|
- improve behaviour with large number of servers per proxy
|
|
- add support for "stats refresh <interval>"
|
|
- stats page: added links for 'refresh' and 'hide down'
|
|
- fix backend's weight in the stats page.
|
|
- the "stats" keyword is not allowed in a pure frontend.
|
|
- provide a test configuration file for stats and checks
|
|
|
|
2007/06/17 : 1.3.12
|
|
- fix segfault at exit when using captures
|
|
- bug: negation in ACL conds was not cleared between terms
|
|
- errorfile: use a local file to feed error messages
|
|
- acl: support '-i' to ignore case when matching
|
|
- acl: smarter integer comparison with operators eq,lt,gt,le,ge
|
|
- acl: support maching on 'path' component
|
|
- acl: implement matching on header values
|
|
- acl: distinguish between request and response headers
|
|
- acl: permit to return any header when no name specified
|
|
- acl: provide default ACLs
|
|
- added the 'use_backend' keyword for full content-switching
|
|
- acl: specify the direction during fetches
|
|
- acl: provide the argument length for fetch functions
|
|
- acl: provide a reference to the expr to fetch()
|
|
- improve memory freeing upon exit
|
|
- str2net() must not change the const char *
|
|
- shut warnings 'is*' macros from ctype.h on solaris
|
|
|
|
2007/06/03 : 1.3.11.4
|
|
- do not re-arm read timeout in SHUTR state !
|
|
- optimize I/O by detecting system starvation
|
|
- the epoll FD must not be shared between processes
|
|
- limit the number of events returned by *poll*
|
|
|
|
2007/05/14 : 1.3.11.3
|
|
- pre-initialize timeouts with tv_eternity during parsing
|
|
|
|
2007/05/14 : 1.3.11.2
|
|
- fixed broken health-checks since switch to timeval
|
|
|
|
2007/05/14 : 1.3.11.1
|
|
- fixed ev_kqueue which was forgotten during the switch to timeval
|
|
- allowed null timeouts for past events in select
|
|
|
|
2007/05/14 : 1.3.11
|
|
- fixed ev_sepoll again by rewriting the state machine
|
|
- switched all timeouts to timevals instead of milliseconds
|
|
- improved memory management using mempools v2.
|
|
- several minor optimizations
|
|
|
|
2007/05/09 : 1.3.10.2
|
|
- fixed build on OpenBSD (missing types.h)
|
|
|
|
2007/05/09 : 1.3.10.1
|
|
- fixed sepoll transition matrix (two states were missing)
|
|
|
|
2007/05/08 : 1.3.10
|
|
- several fixes in ev_sepoll
|
|
- fixed some expiration dates on some tasks
|
|
- fixed a bug in connection establishment detection due to speculative I/O
|
|
- fixed rare bug occuring on TCP with early close (reported by Andy Smith)
|
|
- implemented URI hashing algorithm (Guillaume Dallaire)
|
|
- implemented SMTP health checks (Peter van Dijk)
|
|
- replaced the rbtree with ul2tree from old scheduler project
|
|
- new framework for generic ACL support
|
|
- added the 'acl' and 'block' keywords to the config language
|
|
- added several ACL criteria and matches (IP, port, URI, ...)
|
|
- cleaned up and better modularization for some time functions
|
|
- fixed list macros
|
|
- fixed useless memory allocation in str2net()
|
|
- store the original destination address in the session
|
|
|
|
2007/04/15 : 1.3.9
|
|
- modularized the polling mechanisms and use function pointers instead
|
|
of macros at many places
|
|
- implemented support for FreeBSD's kqueue() polling mechanism
|
|
- fixed a warning on OpenBSD : MIN/MAX redefined
|
|
- change socket registration order at startup to accomodate kqueue.
|
|
- several makefile cleanups to support old shells
|
|
- fix build with limits.h once for all
|
|
- ev_epoll: do not rely on fd_sets anymore, use changes stacks instead.
|
|
- fdtab now holds the results of polling
|
|
- implemented support for speculative I/O processing with epoll()
|
|
- remove useless calls to shutdown(SHUT_RD), resulting in small speed boost
|
|
- auto-registering of pollers at load time
|
|
|
|
2007/04/03 : 1.3.8.2
|
|
- rewriting either the status line or request line could crash the
|
|
process due to a pointer which ought to be reset before parsing.
|
|
- rewriting the status line in the response did not work, it caused
|
|
a 502 Bad Gateway due to an erroneous state during parsing
|
|
|
|
2007/04/01 : 1.3.8.1
|
|
- fix reqadd when no option httpclose is used.
|
|
- removed now unused fiprm and beprm from proxies
|
|
- split logs into two versions : TCP and HTTP
|
|
- added some docs about http headers storage and acls
|
|
- added a VIM script for syntax color highlighting (Bruno Michel)
|
|
|
|
2007/03/25 : 1.3.8
|
|
- fixed several bugs which might have caused a crash with bad configs
|
|
- several optimizations in header processing
|
|
- many progresses towards transaction-based processing
|
|
- option forwardfor may be used in frontends
|
|
- completed HTTP response processing
|
|
- some code refactoring between request and response processing
|
|
- new HTTP header manipulation functions
|
|
- optimizations on the recv() patch to reduce CPU usage under very
|
|
high data rates.
|
|
- more user-friendly help about the 'usesrc' keyword (CTTPROXY)
|
|
- username/groupname support from Marcus Rueckert
|
|
- added the "except" keyword to the "forwardfor" option (Bryan German)
|
|
- support for health-checks on other addresses (Fabrice Dulaunoy)
|
|
- makefile for MacOS 10.4 / Darwin (Dan Zinngrabe)
|
|
- do not insert "Connection: close" in HTTP/1.0 messages
|
|
|
|
2007/01/26 : 1.3.7
|
|
- fix critical bug introduced with 1.3.6 : an empty request header
|
|
may lead to a crash due to missing pointer assignment
|
|
- hdr_idx might be left uninitialized in debug mode
|
|
- fixed build on FreeBSD due to missing fd_set declaration
|
|
|
|
2007/01/22 : 1.3.6.1
|
|
- change in the header chaining broke cookies and authentication
|
|
|
|
2007/01/22 : 1.3.6
|
|
- stats now support the HEAD method too
|
|
- extracted http request from the session
|
|
- huge rework of the HTTP parser which is now a 28-state FSM.
|
|
- linux-style likely/unlikely macros for optimization hints
|
|
- do not create a server socket when there's no server
|
|
- imported lots of docs
|
|
|
|
2007/01/07 : 1.3.5
|
|
- stats: swap color sets for active and backup servers
|
|
- try to guess server check port when unset
|
|
- added complete support and doc for TCP Splicing
|
|
- replace the wait-queue linked list with an rbtree.
|
|
- a few bugfixes and cleanups
|
|
|
|
2007/01/02 : 1.3.4
|
|
- support for cttproxy on the server side to present the client
|
|
address to the server.
|
|
- added support for SO_REUSEPORT on Linux (needs kernel patch)
|
|
- new RFC2616-compliant HTTP request parser with header indexing
|
|
- split proxies in frontends, rulesets and backends
|
|
- implemented the 'req[i]setbe' to select a backend depending
|
|
on the contents
|
|
- added the 'default_backend' keyword to select a default BE.
|
|
- new stats page featuring FEs and BEs + bytes in both dirs
|
|
- improved log format to indicate the backend and the time in ms.
|
|
- lots of cleanups
|
|
|
|
2006/10/15 : 1.3.3
|
|
- fix broken redispatch option in case the connection has already
|
|
been marked "in progress" (ie: nearly always).
|
|
- support regparm on x86 to speed up some often called functions
|
|
- removed a few useless calls to gettimeofday() in log functions.
|
|
- lots of 'const char*' cleanups
|
|
- turn every FD_* into functions which are faster on recent CPUs
|
|
|
|
2006/09/03 : 1.3.2
|
|
- started the changes towards I/O completion callbacks. stream_sock* have
|
|
replaced event_*.
|
|
- added the new "reqtarpit" and "reqitarpit" protection features
|
|
|
|
2006/07/09 : 1.3.1 (1.2.15)
|
|
- now, haproxy warns about missing timeout during startup to try to
|
|
eliminate all those buggy configurations.
|
|
- added "Content-Type: text/html" in responses wherever appropriate, as
|
|
suggested by Cameron Simpson.
|
|
- implemented "option ssl-hello-chk" to use SSLv3 CLIENT HELLO messages to
|
|
test server's health
|
|
- implemented "monitor-uri" so that haproxy can reply to a specific URI with
|
|
an "HTTP/1.0 200 OK" response. This is useful to validate multiple proxies
|
|
at once.
|
|
|
|
2006/06/29 : 1.3.0
|
|
- exploded the whole file into multiple .c and .h. No functionnal
|
|
difference is expected at all.
|
|
- fixed a bug by which neither stats nor error messages could be returned if
|
|
'clitimeout' was missing.
|
|
|
|
2006/05/21 : 1.2.14
|
|
- new HTML status report with the 'stats' keyword.
|
|
- added the 'abortonclose' option to better resist traffic surges
|
|
- implemented dynamic traffic regulation with the 'minconn' option
|
|
- show request time on denied requests
|
|
- definitely fixed hot reconf on OpenBSD by the use of SO_REUSEPORT
|
|
- now a proxy instance is allowed to run without servers, which is
|
|
useful to dedicate one instance to stats
|
|
- added lots of error counters
|
|
- a missing parenthesis preventd matching of cacheable cookies
|
|
- a missing parenthesis in poll_loop() might have caused missed events.
|
|
|
|
2006/05/14 : 1.2.13.1
|
|
- an uninitialized field in the struct session could cause a crash when
|
|
the session was freed. This has been encountered on Solaris only.
|
|
- Solaris and OpenBSD no not support shutdown() on listening socket. Let's
|
|
be nice to them by performing a soft stop if pause fails.
|
|
|
|
2006/05/13 : 1.2.13
|
|
- 'maxconn' server parameter to do per-server session limitation
|
|
- queueing to support non-blocking session limitation
|
|
- fixed removal of cookies for cookie-less servers such as backup servers
|
|
- two separate wait queues for expirable and non-expirable tasks provide
|
|
better performance with lots of sessions.
|
|
- some code cleanups and performance improvements
|
|
- made state dumps a bit more verbose
|
|
- fixed missing checks for NULL srv in dispatch mode
|
|
- load balancing on backup servers was not possible in source hash mode.
|
|
- two session flags shared the same bit, but fortunately they were not
|
|
compatible.
|
|
|
|
2006/04/15 : 1.2.12
|
|
Very few changes preparing for more important changes to support per-server
|
|
session limitations and queueing :
|
|
- ignore leading empty lines in HTTP requests as suggested by RFC2616.
|
|
- added the 'weight' parameter to the servers, limited to 1..256. It applies
|
|
to roundrobin and source hash.
|
|
- the optional '-s' option could clobber '-st' and '-sf' if compiled in.
|
|
|
|
2006/03/30 : 1.2.11.1
|
|
- under some conditions, it might have been possible that when the
|
|
last dead server became available, it would not have been used
|
|
till another one would have changed state. Could not be reproduced
|
|
at all, however seems possible from the code.
|
|
|
|
2006/03/25 : 1.2.11
|
|
- added the '-db' command-line option to disable backgrounding.
|
|
- added the -sf/-st command-line arguments which are used to specify
|
|
a list of pids to send a FINISH or TERMINATE signal upon startup.
|
|
They will also be asked to release their port if a bind fails.
|
|
- reworked the startup mechanism to allow the sending of a signal to a list
|
|
of old pids if a socket cannot be bound, with a retry for a limited amount
|
|
of time (1 second by default).
|
|
- added the ability to enforce limits on memory usage.
|
|
- added the 'source' load-balancing algorithm which uses the source IP(v4|v6)
|
|
- re-architectured the server round-robin mechanism to ease integration of
|
|
other algorithms. It now relies on the number of active and backup servers.
|
|
- added a counter for the number of active and backup servers, and report
|
|
these numbers upon SIGHUP or state change.
|
|
|
|
2006/03/23 : 1.2.10.1
|
|
- while fixing the backup server round-robin "feature", a new bug was
|
|
introduced which could miss some backup servers.
|
|
- the displayed proxy name was wrong when dumping upon SIGHUP.
|
|
|
|
2006/03/19 : 1.2.10
|
|
- assert.h is needed when DEBUG is defined.
|
|
- ENORMOUS long standing bug affecting the epoll polling system :
|
|
event_data is a union, not a structure !
|
|
- Make fd management more robust and easier to debug. Also some
|
|
micro-optimisations.
|
|
- Limit the number of consecutive accept() in multi-process mode.
|
|
This produces a more evenly distributed load across the processes and
|
|
slightly improves performance by reducing bottlenecks.
|
|
- Make health-checks be more regular, and faster to retry after a timeout.
|
|
- Fixed some messages to ease parsing of alerts.
|
|
- provided a patch to enable epoll on RHEL3 kernels.
|
|
- Separated OpenBSD build from the main Makefile into a new one.
|
|
|
|
2006/03/15 : 1.2.9
|
|
- haproxy could not be stopped after being paused, it had to be woken up
|
|
first. This has been fixed.
|
|
- the 'ulimit-n' parameter is now optional and by default computed from
|
|
maxconn + the number of listeners + the number of health-checks.
|
|
- it is now possible to specify a maximum number of connections at build
|
|
time with the SYSTEM_MAXCONN define. The value set in the configuration
|
|
file will then be limited to this value, and only the command-line '-n'
|
|
option will be able to bypass it. It will prevent against accidental
|
|
high memory usage on small systems.
|
|
- RFC2616 expects that any HTTP agent accepts multi-line headers. Earlier
|
|
versions did not detect a line beginning with a space as the continuation
|
|
of previous header. It is now correct.
|
|
- health checks sent to servers configured with identical intervals were
|
|
sent in perfect synchronisation because the initial time was the same
|
|
for all. This could induce high load peaks when fragile servers were
|
|
hosting tens of instances for the same application. Now the load is
|
|
spread evenly across the smallest interval amongst a listener.
|
|
- a new 'forceclose' option was added to make the proxy close the outgoing
|
|
channel to the server once it has sent all its headers and the server
|
|
starts responding. This helps some servers which don't close upon the
|
|
'Connection: close' header. It implies 'option httpclose'.
|
|
- there was a bug in the way the backup servers were handled. They were
|
|
erroneously load-balanced while the doc said the opposite. Since
|
|
load-balanced backup servers is one of the features some people have
|
|
been asking for, the problem was fixed to reflect the documented
|
|
behaviour and a new option 'allbackups' was introduced to provide the
|
|
feature to those who need it.
|
|
- a never ending connect() could lead to a fast select() loop if its
|
|
timeout times the number of retransmits exceeded the server read or write
|
|
timeout, because the later was used to compute select()'s timeout while
|
|
the connection timeout was not reached.
|
|
- now we initialize the libc's localtime structures very early so that even
|
|
under OOM conditions, we can still send dated error messages without
|
|
segfaulting.
|
|
- the 'daemon' mode implies 'quiet' and disables 'verbose' because file
|
|
descriptors are closed.
|
|
|
|
2006/01/29 : 1.2.8
|
|
- fixed a nasty bug affecting poll/epoll which could return unmodified data
|
|
from the server to the client, and sometimes lead to memory corruption
|
|
crashing the process.
|
|
- added the new pause/play mechanism with SIGTTOU/SIGTTIN for hot-reconf.
|
|
|
|
2005/12/18 : 1.2.7.1
|
|
- the "retries" option was ignored because connect() could not return an
|
|
error if the connection failed before the timeout.
|
|
- TCP health-checks could not detect a connection refused in poll/epoll
|
|
mode.
|
|
|
|
2005/11/13 : 1.2.7
|
|
- building with -DUSE_PCRE should include PCRE headers and not regex.h. At
|
|
least on Solaris, this caused the libc's regex primitives to be used instead
|
|
of PCRE, which caused trouble on group references. This is now fixed.
|
|
- delayed the quiet mode during startup so that most of the startup alerts can
|
|
be displayed even in quiet mode.
|
|
- display an alert when a listener has no address, invalid or no port, or when
|
|
there are no enabled listeners upon startup.
|
|
- added "static-pcre" to the list of supported regex options in the Makefile.
|
|
|
|
2005/10/09 : 1.2.7rc (1.1.33rc)
|
|
- second batch of socklen_t changes.
|
|
- clean-ups from Cameron Simpson.
|
|
- because tv_remain() does not know about eternity, using no timeout can
|
|
make select() spin around a null time-out. Bug reported by Cameron Simpson.
|
|
- client read timeout was not properly set to eternity initialized after an
|
|
accept() if it was not set in the config. It remained undetected so long
|
|
because eternity is 0 and newly allocated pages are zeroed by the system.
|
|
- do not call get_original_dst() when not in transparent mode.
|
|
- implemented a workaround for a bug in certain epoll() implementations on
|
|
linux-2.4 kernels (epoll-lt <= 0.21).
|
|
- implemented TCP keepalive with new options : tcpka, clitcpka, srvtcpka.
|
|
|
|
2005/08/07 : 1.2.6
|
|
- clean-up patch from Alexander Lazic fixes build on Debian 3.1 (socklen_t).
|
|
|
|
2005/07/06 : 1.2.6-pre5 (1.1.32)
|
|
- added the number of active sessions (proxy/process) in the logs
|
|
|
|
2005/07/06 : 1.2.6-pre4 (1.1.32-pre4)
|
|
- the time-out fix introduced in 1.1.25 caused a corner case where it was
|
|
possible for a client to keep a connection maintained regardless of the
|
|
timeout if the server closed the connection during the HEADER phase,
|
|
while the client ignored the close request while doing nothing in the
|
|
other direction. This has been fixed now by ensuring that read timeouts
|
|
are re-armed when switching to any SHUTW state.
|
|
|
|
2005/07/05 : 1.2.6-pre3 (1.1.32-pre3)
|
|
- enhanced error reporting in the logs. Now the proxy will precisely detect
|
|
various error conditions related to the system and/or process limits, and
|
|
generate LOG_EMERG logs indicating that a resource has been exhausted.
|
|
- logs will contain two new characters for the error cause : 'R' indicates
|
|
a resource exhausted, and 'I' indicates an internal error, though this
|
|
one should never happen.
|
|
- server connection timeouts can now be reported in the logs (sC), as well
|
|
as connections refused because of maxconn limitations (PC).
|
|
|
|
2005/07/05 : 1.2.6-pre2 (1.1.32-pre2)
|
|
- new global configuration keyword "ulimit-n" may be used to raise the FD
|
|
limit to usable values.
|
|
- a warning is now displayed on startup if the FD limit is lower than the
|
|
configured maximum number of sockets.
|
|
|
|
2005/07/05 : 1.2.6-pre1 (1.1.32-pre1)
|
|
- new configuration keyword "monitor-net" makes it possible to be monitored
|
|
by external devices which connect to the proxy without being logged nor
|
|
forwarded to any server. Particularly useful on generic TCPv4 relays.
|
|
|
|
2005/06/21 : 1.2.5.2
|
|
- fixed build on PPC where chars are unsigned by default
|
|
|
|
2005/05/02 : 1.2.5.1
|
|
- dirty hack to fix a bug introduced with epoll : if we close an FD and
|
|
immediately reassign it to another session through a connect(), the
|
|
Prev{Read,Write}Events are not updated, which causes trouble detecting
|
|
changes, thus leading to many timeouts at high loads.
|
|
|
|
2005/04/30 : 1.2.5 (1.1.31)
|
|
- changed the runtime argument to disable epoll() to '-de'
|
|
- changed the runtime argument to disable poll() to '-dp'
|
|
- added global options 'nopoll' and 'noepoll' to do the same at the
|
|
configuration level.
|
|
- added a 'linux24e' target to the Makefile for Linux 2.4 systems patched to
|
|
support epoll().
|
|
- changed default FD_SETSIZE to 65536 on Solaris (default=1024)
|
|
- conditionned signals redirection to #ifdef DEBUG_MEMORY
|
|
|
|
2005/04/26 : 1.2.5-pre4
|
|
- made epoll() support a compile-time option : ENABLE_EPOLL
|
|
- provided a very little libc replacement for a possibly missing epoll()
|
|
implementation which can be enabled by -DUSE_MY_EPOLL
|
|
- implemented the poll() poller, which can be enabled with -DENABLE_POLL.
|
|
The equivalent runtime argument becomes '-P'. A few tests show that it
|
|
performs like select() with many fds, but slightly slower (certainly
|
|
because of the higher amount of memory involved).
|
|
- separated the 3 polling methods and the tasks scheduler into 4 distinct
|
|
functions which makes the code a lot more modular.
|
|
- moved some event tables to private static declarations inside the poller
|
|
functions.
|
|
- the poller functions can now initialize themselves, run, and cleanup.
|
|
- changed the runtime argument to enable epoll() to '-E'.
|
|
- removed buggy epoll_ctl() code in the client_retnclose() function. This
|
|
function was never meant to remove anything.
|
|
- fixed a typo which caused glibc to yell about a double free on exit.
|
|
- removed error checking after epoll_ctl(DEL) because we can never know if
|
|
the fd is still active or already closed.
|
|
- added a few entries in the makefile
|
|
|
|
2005/04/25 : 1.2.5-pre3
|
|
- experimental epoll() support (use temporary '-e' argument)
|
|
|
|
2005/04/24 : 1.2.5-pre2
|
|
- implemented the HTTP 303 code for error redirection. This forces the
|
|
browser to fetch the given URI with a GET request. The new keyword for
|
|
this is 'errorloc303', and a new 'errorloc302' keyword has been created
|
|
to make them easily distinguishable.
|
|
- added more controls in the parser for valid use of '\x' sequence.
|
|
- few fixes from Alex & Klaus
|
|
|
|
2005/02/17 : 1.2.5-pre1
|
|
- fixed a few errors in the documentation
|
|
|
|
2005/02/13
|
|
- do not pre-initialize unused file-descriptors before select() anymore.
|
|
|
|
2005/01/22 : 1.2.4
|
|
- merged Alexander Lazic's and Klaus Wagner's work on application
|
|
cookie-based persistence. Since this is the first merge, this version is
|
|
not intended for general use and reports are more than welcome. Some
|
|
documentation is really needed though.
|
|
|
|
2005/01/22 : 1.2.3 (1.1.30)
|
|
- add an architecture guide to the documentation
|
|
- released without any changes
|
|
|
|
2004/12/26 : 1.2.3-pre1 (1.1.30-pre1)
|
|
- increased default BUFSIZE to 16 kB to accept max headers of 8 kB which is
|
|
compatible with Apache. This limit can be configured in the makefile now.
|
|
Thanks to Eric Fehr for the checks.
|
|
- added a per-server "source" option which now makes it possible to bind to
|
|
a different source for each (potentially identical) server.
|
|
- changed cookie-based server selection slightly to allow several servers to
|
|
share a same cookie, thus making it possible to associate backup servers to
|
|
live servers and ease soft-stop for maintenance periods. (Alexander Lazic)
|
|
- added the cookie 'prefix' mode which makes it possible to use persistence
|
|
with thin clients which support only one cookie. The server name is prefixed
|
|
before the application cookie, and restore back.
|
|
- fixed the order of servers within an instance to match documentation. Now
|
|
the servers are *really* used in the order of their declaration. This is
|
|
particularly important when multiple backup servers are in use.
|
|
|
|
2004/10/18 : 1.2.2 (1.1.29)
|
|
- fixed a bug where a TCP connection would be logged twice if the 'logasap'
|
|
option was enabled without the 'tcplog' option.
|
|
- encode_string() would use hdr_encode_map instead of the map argument.
|
|
|
|
2004/08/10 : (1.1.29-pre2)
|
|
- the logged request is now encoded with '#XX' for unprintable characters
|
|
- new keywords 'capture request header' and 'capture response header' enable
|
|
logging of arbitrary HTTP headers in requests and responses
|
|
- removed "-DSOLARIS" after replacing the last inet_aton() with inet_pton()
|
|
|
|
2004/06/06 : 1.2.1 (1.1.28)
|
|
- added the '-V' command line option to verbosely report errors even though
|
|
the -q or 'quiet' options are specified. This is useful with '-c'.
|
|
- added a Red Hat init script and a .spec from Simon Matter <simon.matter@invoca.ch>
|
|
|
|
2004/06/05 :
|
|
- added the "logasap" option which produces a log without waiting for the data
|
|
to be transferred from the server to the client.
|
|
- added the "httpclose" option which removes any "connection:" header and adds
|
|
"Connection: close" in both direction.
|
|
- added the 'checkcache' option which blocks cacheable responses containing
|
|
dangerous headers, such as 'set-cookie'.
|
|
- added 'rspdeny' and 'rspideny' to block certain responses to avoid sensible
|
|
information leak from servers.
|
|
|
|
2004/04/18 :
|
|
- send an EMERG log when no server is available for a given proxy
|
|
- added the '-c' command line option to syntactically check the
|
|
configuration file without starting the service.
|
|
|
|
2003/11/09 : 1.2.0
|
|
- the same as 1.1.27 + IPv6 support on the client side
|
|
|
|
2003/10/27 : 1.1.27
|
|
- the configurable HTTP health check introduced in 1.1.23 revealed a shameful
|
|
bug : the code still assumed that HTTP requests were the same size as the
|
|
original ones (22 bytes), and failed if they were not.
|
|
- added support for pidfiles.
|
|
|
|
2003/10/22 : 1.1.26
|
|
- the fix introduced in 1.1.25 for client timeouts while waiting for servers
|
|
broke almost all compatibility with POST requests, because the proxy
|
|
stopped to read anything from the client as soon as it got all of its
|
|
headers.
|
|
|
|
2003/10/15 : 1.1.25
|
|
- added the 'tcplog' option, which provides enhanced, HTTP-like logs for
|
|
generic TCP proxies, or lighter logs for HTTP proxies.
|
|
- fixed a time-out condition wrongly reported as client time-out in data
|
|
phase if the client timeout was lower than the connect timeout times the
|
|
number of retries.
|
|
|
|
2003/09/21 : 1.1.24
|
|
- if a client sent a full request then shut its write connection down, then
|
|
the request was aborted. This case was detected only when using haproxy
|
|
both as health-check client and as a server.
|
|
- if 'option httpchk' is used in a 'health' mode server, then responses will
|
|
change from 'OK' to 'HTTP/1.0 200 OK'.
|
|
- fixed a Linux-only bug in case of HTTP server health-checks, where a single
|
|
server response followed by a close could be ignored, and the server seen
|
|
as failed.
|
|
|
|
2003/09/19 : 1.1.23
|
|
- fixed a stupid bug introduced in 1.1.22 which caused second and subsequent
|
|
'default' sections to keep previous parameters, and not initialize logs
|
|
correctly.
|
|
- fixed a second stupid bug introduced in 1.1.22 which caused configurations
|
|
relying on 'dispatch' mode to segfault at the first connection.
|
|
- 'option httpchk' now supports method, HTTP version and a few headers.
|
|
- now, 'option httpchk', 'cookie' and 'capture' can be specified in
|
|
'defaults' section
|
|
|
|
2003/09/10 : 1.1.22
|
|
- 'listen' now supports optionnal address:port-range lists
|
|
- 'bind' introduced to add new listen addresses
|
|
- fixed a bug which caused a session to be kept established on a server till
|
|
it timed out if the client closed during the DATA phase.
|
|
- the port part of each server address can now be empty to make the proxy
|
|
connect to the server on the same port it was connected to, be an absolute
|
|
unsigned number to reflect a single port (as in older versions), or an
|
|
explicitly signed number (+N/-N) to indicate that this offset must be
|
|
applied to the port the proxy was connected to, when connecting to the
|
|
server.
|
|
- the 'port' server option allows the user to specify a different
|
|
health-check port than the service one. It is mandatory when only relative
|
|
ports have been specified and check is required. By default, the checks are
|
|
sent to the service port.
|
|
- new 'defaults' section which is rather similar to 'listen' except that all
|
|
values are only used as default values for future 'listen' sections, until
|
|
a new 'defaults' resets them. At the moment, server options, regexes,
|
|
cookie names and captures cannot be set in the 'defaults' section.
|
|
|
|
2003/05/06 : 1.1.21
|
|
- changed the debug output format so that it now includes the session unique
|
|
ID followed by the instance name at the beginning of each line.
|
|
- in debug mode, accept now shows the client's IP and port.
|
|
- added one 3 small debugging scripts to search and pretty print debug output
|
|
- changed the default health check request to "OPTIONS /" instead of
|
|
"OPTIONS *" since not all servers implement the later one.
|
|
- "option httpchk" now accepts an optional parameter allowing the user to
|
|
specify and URI other than '/' during health-checks.
|
|
|
|
2003/04/21 : 1.1.20
|
|
- fixed two problems with time-outs, one where a server would be logged as
|
|
timed out during transfer that take longer to complete than the fixed
|
|
time-out, and one where clients were logged as timed-out during the data
|
|
phase because they didn't have anything to send. This sometimes caused
|
|
slow client connections to close too early while in fact there was no
|
|
problem. The proper fix would be to have a per-fd time-out with
|
|
conditions depending on the state of the HTTP FSM.
|
|
|
|
2003/04/16 : 1.1.19
|
|
- haproxy was NOT RFC compliant because it was case-sensitive on HTTP
|
|
"Cookie:" and "Set-Cookie:" headers. This caused JVM 1.4 to fail on
|
|
cookie persistence because it uses "cookie:". Two memcmp() have been
|
|
replaced with strncasecmp().
|
|
|
|
2003/04/02 : 1.1.18
|
|
- Haproxy can be compiled with PCRE regex instead of libc regex, by setting
|
|
REGEX=pcre on the make command line.
|
|
- HTTP health-checks now use "OPTIONS *" instead of "OPTIONS /".
|
|
- when explicit source address binding is required, it is now also used for
|
|
health-checks.
|
|
- added 'reqpass' and 'reqipass' to allow certain headers but not the request
|
|
itself.
|
|
- factored several strings to reduce binary size by about 2 kB.
|
|
- replaced setreuid() and setregid() with more standard setuid() and setgid().
|
|
- added 4 status flags to the log line indicating who ended the connection
|
|
first, the sessions state, the validity of the cookie, and action taken on
|
|
the set-cookie header.
|
|
|
|
2002/10/18 : 1.1.17
|
|
- add the notion of "backup" servers, which are used only when all other
|
|
servers are down.
|
|
- make Set-Cookie return "" instead of "(null)" when the server has no
|
|
cookie assigned (useful for backup servers).
|
|
- "log" now supports an optionnal level name (info, notice, err ...) above
|
|
which nothing is sent.
|
|
- replaced some strncmp() with memcmp() for better efficiency.
|
|
- added "capture cookie" option which logs client and/or server cookies
|
|
- cleaned up/down messages and dump servers states upon SIGHUP
|
|
- added a redirection feature for errors : "errorloc <errnum> <url>"
|
|
- now we won't insist on connecting to a dead server, even with a cookie,
|
|
unless option "persist" is specified.
|
|
- added HTTP/408 response for client request time-out and HTTP/50[234] for
|
|
server reply time-out or errors.
|
|
|
|
2002/09/01 : 1.1.16
|
|
- implement HTTP health checks when option "httpchk" is specified.
|
|
|
|
2002/08/07 : 1.1.15
|
|
- replaced setpgid()/setpgrp() with setsid() for better portability, because
|
|
setpgrp() doesn't have the same meaning under Solaris, Linux, and OpenBSD.
|
|
|
|
2002/07/20 : 1.1.14
|
|
- added "postonly" cookie mode
|
|
|
|
2002/07/15 : 1.1.13
|
|
- tv_diff used inverted parameters which led to negative times !
|
|
|
|
2002/07/13 : 1.1.12
|
|
- fixed stats monitoring, and optimized some tv_* for most common cases.
|
|
- replaced temporary 'newhdr' with 'trash' to reduce stack size
|
|
- made HTTP errors more HTML-fiendly.
|
|
- renamed strlcpy() to strlcpy2() because of a slightly difference between
|
|
their behaviour (return value), to avoid confusion.
|
|
- restricted HTTP messages to HTTP proxies only
|
|
- added a 502 message when the connection has been refused by the server,
|
|
to prevent clients from believing this is a zero-byte HTTP 0.9 reply.
|
|
- changed 'Cache-control:' from 'no-cache="set-cookie"' to 'private' when
|
|
inserting a cookie, because some caches (apache) don't understand it.
|
|
- fixed processing of server headers when client is in SHUTR state
|
|
|
|
2002/07/04 :
|
|
- automatically close fd's 0,1 and 2 when going daemon ; setpgrp() after
|
|
setpgid()
|
|
|
|
2002/06/04 : 1.1.11
|
|
- fixed multi-cookie handling in client request to allow clean deletion
|
|
in insert+indirect mode. Now, only the server cookie is deleted and not
|
|
all the header. Should now be compliant to RFC2965.
|
|
- added a "nocache" option to "cookie" to specify that we explicitly want
|
|
to add a "cache-control" header when we add a cookie.
|
|
It is also possible to add an "Expires: <old-date>" to keep compatibility
|
|
with old/broken caches.
|
|
|
|
2002/05/10 : 1.1.10
|
|
- if a cookie is used in insert+indirect mode, it's desirable that the
|
|
the servers don't see it. It was not possible to remove it correctly
|
|
with regexps, so now it's removed automatically.
|
|
|
|
2002/04/19 : 1.1.9
|
|
- don't use snprintf()'s return value as an end of message since it may
|
|
be larger. This caused bus errors and segfaults in internal libc's
|
|
getenv() during localtime() in send_log().
|
|
- removed dead insecure send_syslog() function and all references to it.
|
|
- fixed warnings on Solaris due to buggy implementation of isXXXX().
|
|
|
|
2002/04/18 : 1.1.8
|
|
- option "dontlognull"
|
|
- fixed "double space" bug in config parser
|
|
- fixed an uninitialized server field in case of dispatch
|
|
with no existing server which could cause a segfault during
|
|
logging.
|
|
- the pid logged was always the father's, which was wrong for daemons.
|
|
- fixed wrong level "LOG_INFO" for message "proxy started".
|
|
|
|
2002/04/13 :
|
|
- http logging is now complete :
|
|
- ip:port, date, proxy, server
|
|
- req_time, conn_time, hdr_time, tot_time
|
|
- status, size, request
|
|
- source address
|
|
|
|
2002/04/12 : 1.1.7
|
|
- added option forwardfor
|
|
- added reqirep, reqidel, reqiallow, reqideny, rspirep, rspidel
|
|
- added "log global" in "listen" section.
|
|
|
|
2002/04/09 :
|
|
- added a new "global" section :
|
|
- logs
|
|
- debug, quiet, daemon modes
|
|
- uid, gid, chroot, nbproc, maxconn
|
|
|
|
2002/04/08 : 1.1.6
|
|
- regex are now chained and not limited anymore.
|
|
- unavailable server now returns HTTP/502.
|
|
- increased per-line args limit to 40
|
|
- added reqallow/reqdeny to block some request on matches
|
|
- added HTTP 400/403 responses
|
|
|
|
2002/04/03 : 1.1.5
|
|
- connection logging displayed incorrect source address.
|
|
- added proxy start/stop and server up/down log events.
|
|
- replaced log message short buffers with larger trash.
|
|
- enlarged buffer to 8 kB and replace buffer to 4 kB.
|
|
|
|
2002/03/25 : 1.1.4
|
|
- made rise/fall/interval time configurable
|
|
|
|
2002/03/22 : 1.1.3
|
|
- fixed a bug : cr_expire and cw_expire were inverted in CL_STSHUT[WR]
|
|
which could lead to loops.
|
|
|
|
2002/03/21 : 1.1.2
|
|
- fixed a bug in buffer management where we could have a loop
|
|
between event_read() and process_{cli|srv} if R==BUFSIZE-MAXREWRITE.
|
|
=> implemented an adjustable buffer limit.
|
|
- fixed a bug : expiration of tasks in wait queue timeout is used again,
|
|
and running tasks are skipped.
|
|
- added some debug lines for accept events.
|
|
- send warnings for servers up/down.
|
|
|
|
2002/03/12 : 1.1.1
|
|
- fixed a bug in total failure handling
|
|
- fixed a bug in timestamp comparison within same second (tv_cmp_ms)
|
|
|
|
2002/03/10 : 1.1.0
|
|
- fixed a few timeout bugs
|
|
- rearranged the task scheduler subsystem to improve performance,
|
|
add new tasks, and make it easier to later port to librt ;
|
|
- allow multiple accept() for one select() wake up ;
|
|
- implemented internal load balancing with basic health-check ;
|
|
- cookie insertion and header add/replace/delete, with better strings
|
|
support.
|
|
|
|
2002/03/08
|
|
- reworked buffer handling to fix a few rewrite bugs, and
|
|
improve overall performance.
|
|
- implement the "purge" option to delete server cookies in direct mode.
|
|
|
|
2002/03/07
|
|
- fixed some error cases where the maxfd was not decreased.
|
|
|
|
2002/02/26
|
|
- now supports transparent proxying, at least on linux 2.4.
|
|
|
|
2002/02/12
|
|
- soft stop works again (fixed select timeout computation).
|
|
- it seems that TCP proxies sometimes cannot timeout.
|
|
- added a "quiet" mode.
|
|
- enforce file descriptor limitation on socket() and accept().
|
|
|
|
2001/12/30 : release of version 1.0.2 : fixed a bug in header processing
|
|
2001/12/19 : release of version 1.0.1 : no MSG_NOSIGNAL on solaris
|
|
2001/12/16 : release of version 1.0.0.
|
|
2001/12/16 : added syslog capability for each accepted connection.
|
|
2001/11/19 : corrected premature end of files and occasional SIGPIPE.
|
|
2001/10/31 : added health-check type servers (mode health) which replies OK then closes.
|
|
2001/10/30 : added the ability to support standard TCP proxies and HTTP proxies
|
|
with or without cookies (use keyword http for this).
|
|
2001/09/01 : added client/server header replacing with regexps.
|
|
eg:
|
|
cliexp ^(Host:\ [^:]*).* Host:\ \1:80
|
|
srvexp ^Server:\ .* Server:\ Apache
|
|
2000/11/29 : first fully working release with complete FSMs and timeouts.
|
|
2000/11/28 : major rewrite
|
|
2000/11/26 : first write
|