Changelog

version 1.8r2



2021/08/09 : 1.8r2 (2.0.0-211.1298) - BUG/MINOR: sample: check alloc_trash_chunk return value in concat() - BUG/MINOR: sample: fix concat() converter's corruption with non-string variables 2021/08/09 : 1.8r2 (2.0.0-211.1296) 2021/07/13 : 1.8r2 (2.0.0-209.1296) - BUILD: fix build without thread - CLEANUP: pools: remove now unused seq and pool_free_list - BUG/MAJOR: pools: fix possible race with free() in the lockless variant - MEDIUM: pools: use a single pool_gc() function for locked and lockless - MEDIUM: memory: make pool_gc() run under thread isolation - BUG/MEDIUM: pools: Always update free_list in pool_gc(). - MINOR: pools: do not maintain the lock during pool_flush() - BUG/MINOR: pools: fix a possible memory leak in the lockless pool_flush() - MINOR: pools/debug: slightly relax DEBUG_DONT_SHARE_POOLS 2021/07/09 : 1.8r2 (2.0.0-209.1287) - MINOR: hapee: add a .hapee directory to list backporting notes - BUG/MINOR: peers: fix data_type bit computation more than 32 data_types - DOC: peers: fix the protocol tag name in the doc - DOC: stick-table: add missing documentation about gpt0 stored type - BUG/MINOR: cli: fix server name output in "show fd" - BUG/MEDIUM: sock: make sure to never miss early connection failures - BUG/MINOR: server/cli: Fix locking in function processing "set server" command - BUG/MEDIUM: server/cli: Fix ABBA deadlock when fqdn is set from the CLI - DOC: config: Add missing actions in "tcp-request session" documentation - BUG/MAJOR: server: fix deadlock when changing maxconn via agent-check - BUG/MEDIUM: spoe: Register pre/post analyzers in start_analyze callback function - BUG/MEDIUM: dns: send messages on closed/reused fd if fd was detected broken - BUG/MINOR: ssl: use atomic ops to update global shctx stats - BUG/MEDIUM: shctx: use at least thread-based locking on USE_PRIVATE_CACHE - BUG/MEDIUM: dns: reset file descriptor if send returns an error - BUG/MINOR: ssl: OCSP stapling does not work if expire too far in the future - BUG/MEDIUM: filters: Exec pre/post analysers only one time per filter - BUG/MAJOR: server: prevent deadlock when using 'set maxconn server' - BUG/MEDIUM: ebtree: Invalid read when looking for dup entry - BUG/MEDIUM: peers: reset tables stage flags stages on new conns - BUG/MEDIUM: peers: re-work updates lookup during the sync on the fly - BUG/MEDIUM: peers: reset commitupdate value in new conns - BUG/MEDIUM: peers: reset starting point if peers appears longly disconnected - BUG/MEDIUM: peers: stop considering ack messages teaching a full resync - BUG/MEDIUM: peers: register last acked value as origin receiving a resync req - BUG/MEDIUM: peers: initialize resync timer to get an initial full resync - BUG/MEDIUM: peers: re-work refcnt on table to protect against flush - BUG/MEDIUM: peers: re-work connection to new process during reload. - BUG/MINOR: mworker/init: don't reset nb_oldpids in non-mworker cases - BUG/MINOR: logs: Report the true number of retries if there was no connection - BUG/MEDIUM: sample: Fix adjusting size in field converter - BUG/MINOR: tools: fix parsing "us" unit for timers - BUG/MEDIUM: vars: make functions vars_get_by_{name,desc} thread-safe - BUG/MINOR: sample: secure convs that accept base64 string and var name as args - BUG/MEDIUM: ssl: check a connection's status before computing a handshake - BUG/MEDIUM: stick-table: limit the time spent purging old entries - BUG/MINOR: http_fetch: make hdr_ip() resistant to empty fields - BUILD: tcp: use IPPROTO_IPV6 instead of SOL_IPV6 on FreeBSD/MacOS - BUG/MINOR: tcp: fix silent-drop workaround for IPv6 - BUG/MINOR: http_fetch: make hdr_ip() reject trailing characters - MINOR: tools: make url2ipv4 return the exact number of bytes parsed - BUG/MEDIUM: time: make sure to always initialize the global tick - BUG/MEDIUM: freq_ctr/threads: use the global_now_ms variable - MINOR: time: also provide a global, monotonic global_now_ms timer - BUG/MINOR: freq_ctr/threads: make use of the last updated global time - OPTIM: freq-ctr: don't take the date lock for most updates - MINOR: time: export the global_now variable - BUG/MINOR: resolvers: Add missing case-insensitive comparisons of DNS hostnames - BUG/MINOR: resolvers: Consider server to have no IP on DNS resolution error - CLEANUP: tcp-rules: add missing actions in the tcp-request error message - BUG/MINOR: proxy/session: Be sure to have a listener to increment its counters - BUG/MEDIUM: filters: Set CF_FL_ANALYZE on channels when filters are attached - BUG/MEDIUM: session: NULL dereference possible when accessing the listener - BUG/MINOR: ssl: don't truncate the file descriptor to 16 bits in debug mode - BUG/MINOR: hlua: Don't strip last non-LWS char in hlua_pushstrippedstring() - BUG/MEDIUM: dns: Consider the fact that dns answers are case-insensitive - DOC: spoe: Add a note about fragmentation support in HAProxy - BUG/MEDIUM: spoe: Explicitly wakeup SPOE stream if waiting for more data - BUG/MAJOR: spoe: Be sure to remove all references on a released spoe applet - BUG/MEDIUM: spoe: Kill applets if there are pending connections and nbthread > 1 - CLEANUP: spoe: Remove unused variables the agent structure - BUG/MINOR: spoe: fix off-by-one length in UUID format string - MINOR: spoe: Support the async mode with several threads - MINOR: spoe: Improve generation of the engine-id - BUG/MINOR: spoe: Fix memory leak if failing to allocate memory - BUG/MINOR: spoe: Be sure to set tv_request when each message fragment is encoded - BUG/MINOR: connection: Use the client's dst family for adressless servers - BUG/MINOR: tcp-act: Don't forget to set the original port for IPv4 set-dst rule - BUG/MINOR: http-ana: Only consider dst address to process originalto option - BUG/MEDIUM: cli/shutdown sessions: make it thread-safe - BUG/MEDIUM: proxy: use thread-safe stream killing on hard-stop - BUG/MINOR: server: Be sure to cut the last parsed field of a server-state line - BUG/MINOR: server: Init params before parsing a new server-state line - BUG/MINOR: sample: Always consider zero size string samples as unsafe - BUG/MINOR: checks: properly handle wrapping time in __health_adjust() - BUG/MINOR: session: atomically increment the tracked sessions counter - BUG/MINOR: server: Remove RMAINT from admin state when loading server state - CLEANUP: channel: fix comment in ci_putblk. - BUG/MINOR: server: Don't call fopen() with server-state filepath set to NULL - BUG/MEDIUM: config: don't pick unset values from last defaults section - CLEANUP: deinit: release global and per-proxy server-state variables on deinit - BUG/MINOR: server: Fix server-state-file-name directive - BUG/MINOR: server: re-align state file fields number - CLEANUP: remove unused src/cfgparse-listen.c - BUG/MINOR: xxhash: make sure armv6 uses memcpy() - BUG/MINOR: stick-table: Always call smp_fetch_src() with a valid arg list - DOC: management: fix "show resolvers" alphabetical ordering - BUG/MINOR: config: fix leak on proxy.conn_src.bind_hdr_name - BUILD/MINOR: lua: define _GNU_SOURCE for LLONG_MAX - BUG/MINOR: sample: Memory leak of sample_expr structure in case of error - SCRIPTS: announce-release: fix typo in help message - DOC: fix some spelling issues over multiple files - BUG/MINOR: srv: do not init address if backend is disabled - SCRIPTS: make announce release support preparing announces before tag exists - SCRIPTS: improve announce-release to support different tag and versions - BUG/MINOR: cfgparse: Fail if the strdup() for `rule->be.name` for `use_backend` fails - MINOR: atomic: don't use ; to separate instruction on aarch64. - BUILD: hpack: hpack-tbl-t.h uses VAR_ARRAY but does not include compiler.h - BUILD: plock: remove dead code that causes a warning in gcc 11 - CONTRIB: halog: fix signed/unsigned build warnings on counts and timestamps - CONTRIB: halog: mark the has_zero* functions unused - CONTRIB: halog: fix build issue caused by %L printf format - BUILD: Makefile: have "make clean" destroy .o/.a/.s in contrib subdirs as well - BUG/MEDIUM: mworker: fix again copy_argv() - CLEANUP: stream: remove an obsolete debugging test - CLEANUP: lua: Remove declaration of an inexistant function - BUG/MEDIUM: lb-leastconn: Reposition a server using the right eweight - BUG/MINOR: tools: Reject size format not starting by a digit - BUG/MINOR: tools: make parse_time_err() more strict on the timer validity - DOC: email change of the DeviceAtlas maintainer - DOC/MINOR: Fix formatting in Management Guide - BUG/MINOR: lua: warn when registering action, conv, sf, cli or applet multiple times - MINOR: cli: add a function to look up a CLI service description - MINOR: actions: add a function returning a service pointer from its name - MINOR: actions: Export actions lookup functions - BUG/MINOR: lua: Some lua init operation are processed unsafe - BUG/MINOR: lua: Post init register function are not executed beyond the first one - BUG/MINOR: lua: lua-load doesn't check its parameters - DOC: config: Move req.hdrs and req.hdrs_bin in L7 samples fetches section - BUILD: threads: Remove references to old locks in debug mode - MINOR: spoe: Don't close connection in sync mode on processing timeout - BUG/MINOR: http-fetch: Fix calls w/o parentheses of the cookie sample fetches - BUG/MINOR: http-fetch: Extract cookie value even when no cookie name - BUG/MINOR: config: copy extra cookie attributes from dfl proxy - BUG/MINOR: filters: Skip disabled proxies during startup only - MINOR: server: Copy configuration file and line for server templates - BUG/MINOR: server: Set server without addr but with dns in RMAINT on startup - BUG/MEDIUM: filters: Don't try to init filters for disabled proxies - BUG/MINOR: cache: Inverted variables in http_calc_maxage function - BUG/MINOR: lua: initialize sample before using it - BUG/MINOR: server: fix down_time report for stats - BUG/MINOR: server: fix srv downtime calcul on starting - BUG/MINOR: extcheck: add missing checks on extchk_setenv() - BUG/MAJOR: mux-h2: Don't try to send data if we know it is no longer possible - BUG/MEDIUM: server: support changing the slowstart value from state-file - BUG/MINOR: queue: properly report redistributed connections 2021/02/02 : 1.8r2 (2.0.0-209.1151) 2020/10/19 : 1.8r2 (2.0.0-207.1151) - BUG/MEDIUM: lb: Always lock the server when calling server_{take,drop}_conn - BUG/MEDIUM: spoe: Unset variable instead of set it if no data provided - MINOR: hlua: Display debug messages on stderr only in debug mode - BUG/MINOR: stats: fix validity of the json schema - MINOR: counters: fix a typo in comment - DOC: ssl: crt-list negative filters are only a hint - REGTEST: make map_regm_with_backref require 1.7 - REGTEST: make abns_socket.vtc require 1.8 - REGTEST: fix host part in balance-uri-path-only.vtc - REGTESTS: add a few load balancing tests - DOC: agent-check: fix typo in "fail" word expected reply - BUG/MEDIUM: listeners: do not pause foreign listeners - BUG/MINOR: config: Fix memory leak on config parse listen - BUG/MEDIUM: h2: report frame bits only for handled types - BUG/MINOR: ssl: verifyhost is case sensitive - BUG/MEDIUM: ssl: does not look for all SNIs before chosing a certificate 2020/09/23 : 1.8r2 (2.0.0-206.1135) - BUG/MEDIUM: pattern: fix memory leak in regex pattern functions 2020/09/18 : 1.8r2 (2.0.0-206.1134) - BUILD: cache: avoid a build warning with some compilers/linkers - BUILD: chunk: properly declare pool_head_trash as extern - BUG/MEDIUM: pattern: Renew the pattern expression revision when it is pruned - BUILD: threads: better workaround for late loading of libgcc_s - CLEANUP: Update .gitignore - MINOR: Commit .gitattributes - BUILD: thread: limit the libgcc_s workaround to glibc only - BUG/MINOR: threads: work around a libgcc_s issue with chrooting - BUG/MEDIUM: ssl: check OCSP calloc in ssl_sock_load_ocsp() - BUG/MINOR: startup: haproxy -s cause 100% cpu - BUG/MINOR: reload: do not fail when no socket is sent - BUG/MINOR: stats: use strncmp() instead of memcmp() on health states - BUG/MINOR: lua: Check argument type to convert it to IP mask in arg validation - BUG/MINOR: lua: Check argument type to convert it to IPv4/IPv6 arg validation - BUG/MEDIUM: map/lua: Return an error if a map is loaded during runtime - BUG/MEDIUM: mux-h2: Don't fail if nothing is parsed for a legacy chunk response - BUG/MINOR: dns: ignore trailing dot - BUG/MINOR: server: Fix server_finalize_init() to avoid unused variable - BUG/MINOR: checks: Respect check-ssl param when a port or an addr is specified - BUG/MEDIUM: checks: Always initialize checks before starting them - BUG/MEDIUM: server/checks: Init server check during config validity check - MEDIUM: map: make the "clear map" operation yield - BUG/MINOR: pools: use %u not %d to report pool stats in "show pools" - BUG/MINOR: threads: fix multiple use of argument inside HA_ATOMIC_UPDATE_{MIN,MAX}() - BUG/MINOR: threads: fix multiple use of argument inside HA_ATOMIC_CAS() - BUG/MINOR: checks: Remove a warning about http health checks - BUG/MINOR: checks: Compute the right HTTP request length for HTTP health checks - MINOR: checks: Add a way to send custom headers and payload during http chekcs - BUG/MINOR: http: make url_decode() optionally convert '+' to SP - DOC: Improve documentation on http-request set-src - SCRIPTS: git-show-backports: emit the shell command to backport a commit - SCRIPTS: git-show-backports: make -m most only show the left branch - SCRIPTS: announce-release: add the link to the wiki in the announce messages - BUG/MINOR: tcp-rules: Set the inspect-delay when a tcp-response action yields - BUG/MEDIUM: dns: Release answer items when a DNS resolution is freed - BUG/MEDIUM: mux-h2: Emit an error if the response chunk formatting is incomplete - BUG/MINOR: cfgparse: don't increment linenum on incomplete lines - BUILD: ebtree: fix build on libmusl after recent introduction of eb_memcmp() - BUG/MEDIUM: channel: Be aware of SHUTW_NOW flag when output data are peeked - BUG/MINOR: sample: Free str.area in smp_check_const_meth - BUG/MINOR: sample: Free str.area in smp_check_const_bool - BUG/MINOR: http_act: don't check capture id in backend (2) - BUG/MINOR: proxy: always initialize the trash in show servers state - BUG/MINOR: proxy: fix dump_server_state()'s misuse of the trash - BUG/MEDIUM: pattern: Add a trailing \0 to match strings only if possible - DOC: ssl: add "allow-0rtt" and "ciphersuites" in crt-list - MINOR: cli: make "show sess" stop at the last known session - BUG/MEDIUM: fetch: Fix hdr_ip misparsing IPv4 addresses due to missing NUL - BUG/MINOR: spoe: correction of setting bits for analyzer - BUG/MINOR: systemd: Wait for network to be online - BUG/MINOR: spoe: add missing key length check before checking key names - BUG/MEDIUM: ebtree: use a byte-per-byte memcmp() to compare memory blocks - BUG/MINOR: tcp-rules: tcp-response must check the buffer's fullness - BUG/MINOR: ssl: fix ssl-{min,max}-ver with openssl < 1.1.0 - BUG/MEDIUM: pattern: fix thread safety of pattern matching - BUG/MINOR: mworker: fix a memleak when execvp() failed - BUG/MEDIUM: mworker: fix the reload with an -- option - BUG/MINOR: init: -x can have a parameter starting with a dash - BUG/MEDIUM: mworker: fix the copy of options in copy_argv() - BUG/MINOR: proto-http: Fix detection of NTLM for the legacy HTTP version - BUG/MEDIUM: logs: fix trailing zeros on log message. - BUG/MINOR: logs: prevent double line returns in some events. - BUG/MEDIUM: hlua: Lock pattern references to perform set/add/del operations - BUG/MEDIUM: lua: Reset analyse expiration timeout before executing a lua action - BUG/MINOR: peers: fix internal/network key type mapping. - SCRIPTS: publish-release: pass -n to gzip to remove timestamp - BUILD: select: only declare existing local labels to appease clang - BUG/MINOR: pollers: remove uneeded free in global init - BUG/MINOR: cfgparse: Abort parsing the current line if an invalid \x sequence is encountered - BUG/MEDIUM: http_ana: make the detection of NTLM variants safer - BUG/MINOR: config: Make use_backend and use-server post-parsing less obscur - BUG/MINOR: sample: Set the correct type when a binary is converted to a string - REGTEST: ssl: test the client certificate authentication - BUG/MEDIUM: shctx: bound the number of loops that can happen around the lock - BUG/MEDIUM: shctx: really check the lock's value while waiting - BUG/MEDIUM: http: the "unique-id" sample fetch could crash without a steeam - BUG/MEDIUM: http: the "http_first_req" sample fetch could crash without a steeam - BUG/MEDIUM: capture: capture.{req,res}.* crash without a stream - BUG/MEDIUM: capture: capture-req/capture-res converters crash without a stream - BUG/MINOR: checks: chained expect will not properly wait for enough data - BUG/MINOR: checks/server: use_ssl member must be signed - BUG/MINOR: checks: Respect the no-check-ssl option - BUG/MINOR: check: Update server address and port to execute an external check - DOC: option logasap does not depend on mode - BUG/MINOR: tools: fix the i386 version of the div64_32 function - BUG/MINOR: ssl: default settings for ssl server options are not used 2020/04/01 : 1.8r2 (2.0.0-205.1048) - BUG/CRITICAL: hpack: never index a header into the headroom after wrapping - BUG/MINOR: http-ana: Reset request analysers on error when waiting for response - MINOR: http-rules: Handle the rule direction when a redirect is evaluated - BUG/MINOR: http_ana: make sure redirect flags don't have overlapping bits - MINOR: http-rules: Add a flag on redirect rules to know the rule direction - BUG/MEDIUM: http: unbreak redirects in legacy mode - DOC: internals: Fix spelling errors in filters.txt - BUG/MINOR: stats: Fix color of draining servers on stats page - BUG/MINOR: peers: avoid an infinite loop with peers_fe is NULL - BUG/MINOR: peers: init bind_proc to 1 if it wasn't initialized - DOC: assorted typo fixes in the documentation - DOC: proxy_protocol: Reserve TLV type 0x05 as PP2_TYPE_UNIQUE_ID - DOC: ssl: clarify security implications of TLS tickets - DOC: improve description of no-tls-tickets - DOC: fix typo about no-tls-tickets - BUG/MINOR: rules: Increment be_counters if backend is assigned for a silent-drop - BUG/MINOR: rules: Preserve FLT_END analyzers on silent-drop action - BUG/MINOR: http-rules: Fix a typo in the reject action function - BUG/MINOR: http-rules: Preserve FLT_END analyzers on reject action - BUG/MINOR: lua: Ignore the reserve to know if a channel is full or not - REGTEST: make the PROXY TLV validation depend on version 2.2 - BUG/MAJOR: proxy_protocol: Properly validate TLV lengths - DOC: fix incorrect indentation of http_auth_* - BUG/MAJOR: list: fix invalid element address calculation - BUG/MINOR: sample: Make sure to return stable IDs in the unique-id fetch - BUG/MINOR: sample: fix the json converter's endian-sensitivity - BUILD: ebtree: improve architecture-specific alignment - MINOR: compiler: add new alignment macros - BUILD: fix recent build failure on unaligned archs - BUG/MEDIUM: ebtree: don't set attribute packed without unaligned access support - MINOR: compiler: move CPU capabilities definition from config.h and complete them - BUG/MEDIUM: shctx: make sure to keep all blocks aligned - CONTRIB: debug: also support reading values from stdin - CONTRIB: debug: support reporting multiple values at once - CONTRIB: debug: add the possibility to decode the value as certain types only - SCRIPTS: announce-release: use mutt -H instead of -i to include the draft - BUG/MINOR: namespace: avoid closing fd when socket failed in my_socketat - SCRIPTS: make announce-release executable again - BUG/MINOR: tcp: don't try to set defaultmss when value is negative - BUG/MINOR: tcp: avoid closing fd when socket failed in tcp_bind_listener - BUG/MEDIUM: listener: only consider running threads when resuming listeners - BUG/MINOR: dns: allow 63 char in hostname - BUG/MINOR: unix: better catch situations where the unix socket path length is close to the limit - SCRIPTS: announce-release: allow the user to force to overwrite old files - SCRIPTS: announce-release: place the send command in the mail's header - MINOR: acl: Warn when an ACL is named 'or' - BUG/MINOR: connection: fix ip6 dst_port copy in make_proxy_line_v2 - BUG/MEDIUM: pipe: fix a use-after-free in case of pipe creation error 2020/03/18 : 1.8r2 (2.0.0-205.1000) - BUG/MINOR: dns: allow srv record weight set to 0 - BUG/MINOR: http_act: don't check capture id in backend - MINOR: proxy/http-ana: Add support of extra attributes for the cookie directive - BUG/MINOR: tcp-rules: Fix memory releases on error path during action parsing - BUG/MINOR: stick-table: Use MAX_SESS_STKCTR as the max track ID during parsing - BUG/MINOR: http-rules: Remove buggy deinit functions for HTTP rules - BUG/MINOR: dns: Make dns_query_id_seed unsigned - BUG/MINOR: pattern: handle errors from fgets when trying to load patterns - BUG/MINOR: stream: don't mistake match rules for store-request rules - BUG/MEDIUM: cli: _getsocks must send the peers sockets - BUG/MAJOR: hashes: fix the signedness of the hash inputs - BUG/MEDIUM: mworker: remain in mworker mode during reload - BUG/MEDIUM: session: do not report a failure when rejecting a session 2019/12/20 : 1.8r2 (2.0.0-200.987) - BUG/MEDIUM: fd/threads: fix a concurrency issue between add and rm on the same fd - MINOR: fd/threads: make _GET_NEXT()/_GET_PREV() use the volatile attribute - BUG/MEDIUM: ssl: Don't set the max early data we can receive too early. - BUG/MINOR: sample: always check converters' arguments - BUG/MINOR: sample: fix the closing bracket and LF in the debug converter - DOC: clarify matching strings on binary fetches 2019/12/12 : 1.8r2 (2.0.0-200.981) - BUILD/MINOR: unix sockets: silence an absurd gcc warning about strncpy() - BUG/MINOR: listener: fix off-by-one in state name check - BUG/MINOR: server: make "agent-addr" work on default-server line - BUG/MINOR: listener: do not immediately resume on transient error - BUG/MINOR: mworker: properly pass SIGTTOU/SIGTTIN to workers - BUG/MINOR: log: fix minor resource leaks on logformat error path - DOC: remove references to the outdated architecture.txt - BUILD: do not disable -Wformat-truncation anymore - BUILD/MINOR: tools: shut up the format truncation warning in get_gmt_offset() - BUILD/MINOR: ssl: shut up a build warning about format truncation - DOC: listeners: add a few missing transitions - BUG/MEDIUM: kqueue: Make sure we report read events even when no data. - BUG/MEDIUM: proto_udp/threads: recv() and send() must not be exclusive. - BUG/MAJOR: dns: add minimalist error processing on the Rx path - DOC: document the listener state transitions - BUG/MEDIUM: listener/threads: fix a remaining race in the listener's accept() - BUG/MINOR: listener: also clear the error flag on a paused listener - BUG/MINOR: listener/threads: always use atomic ops to clear the FD events - BUG/MINOR: proxy: make soft_stop() also close FDs in LI_PAUSED state - BUG/MINOR: ssl: certificate choice can be unexpected with openssl >= 1.1.1 - BUG/MEDIUM: listener/thread: fix a race when pausing a listener - SCRIPTS: git-show-backports: add "-s" to proposed cherry-pick commands - SCRIPTS: create-release: show the correct origin name in suggested commands - BUG/MAJOR: h2: make header field name filtering stronger - BUG/MAJOR: h2: reject header values containing invalid chars - MINOR: ist: add ist_find_ctl() - BUILD/MINOR: ssl: fix compiler warning about useless statement - BUG/MINOR: ssl: fix crt-list neg filter for openssl < 1.1.1 2019/11/15 : 1.8r2 (2.0.0-198.953) - BUG/MEDIUM: listeners: always pause a listener on out-of-resource condition - BUG: dns: timeout resolve not applied for valid resolutions - BUG/MEDIUM: stream: Be sure to release allocated captures for TCP streams - BUG/MEDIUM: stream: Be sure to support splicing at the mux level to enable it - BUG/MINOR: config: Update cookie domain warn to RFC6265 - BUG/MINOR: cli: don't call the kw->io_release if kw->parse failed - MINOR: tcp: avoid confusion in time parsing init 2019/10/23 : 1.8r2 (2.0.0-197.946) - BUG/MEDIUM: pattern: make the pattern LRU cache thread-local and lockless - BUG/MINOR: stick-table: fix an incorrect 32 to 64 bit key conversion 2019/10/22 : 1.8r2 (2.0.0-197.944) - BUG/MINOR: ssl: fix memcpy overlap without consequences. - MINOR: sample: Add UUID-fetch - BUG/MINOR: ssl: Fix fd leak on error path when a TLS ticket keys file is parsed - BUG/MINOR: mworker/ssl: close openssl FDs unconditionally - BUILD: ssl: fix again a libressl build failure after the openssl FD leak fix - BUG/MINOR: mworker/ssl: close OpenSSL FDs on reload - BUG/MINOR: sample: Make the `field` converter compatible with `-m found` - BUG/MINOR: stick-table: Never exceed (MAX_SESS_STKCTR-1) when fetching a stkctr - BUG/MEDIUM: ssl: 'tune.ssl.default-dh-param' value ignored with openssl > 1.1.1 - CLEANUP: bind: handle warning label on bind keywords parsing. - CLEANUP: ssl: make ssl_sock_load_dh_params handle errcode/warn - CLEANUP: ssl: make ssl_sock_put_ckch_into_ctx handle errcode/warn - CLEANUP: ssl: make ssl_sock_load_cert*() return real error codes - BUG/MINOR: ssl: abort on sni_keytypes allocation failure - BUG/MINOR: ssl: abort on sni allocation failure - BUG/MINOR: tcp: Don't alter counters returned by tcp info fetchers - BUG/MINOR: WURFL: fix send_log() function arguments - BUG/MINOR: chunk: Fix tests on the chunk size in functions copying data - BUG/MINOR: ssl: free the sni_keytype nodes - MINOR: stats: mention in the help message support for "json" and "typed" - DOC: clarify some points around http-send-name-header's behavior - BUG/MEDIUM: cache: make sure not to cache requests with absolute-uri - BUG/MINOR: lua: Properly initialize the buffer's fields for string samples in hlua_lua2(smp|arg) - BUG/MEDIUM: namespace: fix fd leak in master-worker mode - DOC: Fix documentation about the cli command to get resolver stats - BUG/MEDIUM: spoe: Use a different engine-id per process - MINOR: tools: implement my_flsl() - BUG/MAJOR: mux_h2: Don't consume more payload than received for skipped frames - BUG/MEDIUM: namespace: close open namespaces during soft shutdown - BUG/MEDIUM: check/threads: make external checks run exclusively on thread 1 - BUG/MINOR: acl: Fix memory leaks when an ACL expression is parsed - BUG/MINOR: filters: Properly set the HTTP status code on analysis error - BUG/MEDIUM: http: also reject messages where "chunked" is missing from transfer-enoding - BUG/MEDIUM: proto-http: Always start the parsing if there is no outgoing data 2019/09/05 : 1.8r2 (2.0.0-196.910) - BUG/MEDIUM: listener/threads: fix an AB/BA locking issue in delete_listener() - BUG/MINOR: mworker: disable SIGPROF on re-exec - DOC: fixed typo in management.txt - MINOR: doc: Document allow-0rtt on the server line. - BUG/MINOR: logs/threads: properly split the log area upon startup - BUG/MEDIUM: checks: make sure the warmup task takes the server lock - BUG/MEDIUM: ssl: Use the early_data API the right way. - MINOR: connection: add new function conn_is_back() - BUG/MINOR: haproxy: fix rule->file memory leak - BUILD/MINOR: stream: avoid a build warning with threads disabled 2019/08/16 : 1.8r2 (2.0.0-195.900) - BUG/MEDIUM: lua: Fix test on the direction to set the channel exp timeout - MINOR: ssl: ssl_fc_has_early should work for BoringSSL - BUG/MINOR: ssl: fix 0-RTT for BoringSSL - MINOR: build: Disable -Wstringop-overflow. - BUG/MINOR: mux-h2: always reset rcvd_s when switching to a new frame - BUG/MINOR: mux-h2: always send stream window update before connection's - BUG/MEDIUM: mux-h2: do not recheck a frame type after a state transition - BUG/MINOR: mux-h2: use CANCEL, not STREAM_CLOSED in h2c_frt_handle_data() - BUG/MINOR: mux-h2: don't refrain from sending an RST_STREAM after another one - BUG/MEDIUM: fd: Always reset the polled_mask bits in fd_dodelete(). - BUG/MEDIUM: mux-h2: split the stream's and connection's window sizes - BUG/MINOR: stream-int: also update analysers timeouts on activity - BUG/MEDIUM: lb-chash: Ensure the tree integrity when server weight is increased 2019/07/30 : 1.8r2 (2.0.0-195.887) - BUG/MAJOR: queue/threads: avoid an AB/BA locking issue in process_srv_queue() - BUG/MINOR: hlua: Only execute functions of HTTP class if the txn is HTTP ready - MINOR: hlua: Add a flag on the lua txn to know in which context it can be used - MINOR: hlua: Don't set request analyzers on response channel for lua actions - BUG/MEDIUM: hlua: Check the calling direction in lua functions of the HTTP class - BUG/MINOR: lua: Set right direction and flags on new HTTP objects - DOC: improve the wording in CONTRIBUTING about how to document a bug fix - BUG/MINOR: log: make sure writev() is not interrupted on a file output - BUILD: log/threads: implement the logsrv lock - BUG/MEDIUM: lb-chash: Fix the realloc() when the number of nodes is increased - BUG/MINOR: proxy: always lock stop_proxy() - BUG/MEDIUM: protocols: properly initialize the proto_lock in 1.8 - BUG/MEDIUM: protocols: add a global lock for the init/deinit stuff - BUILD: threads: add the definition of PROTO_LOCK - BUG/MEDIUM: tcp-checks: do not dereference inexisting conn_stream - BUG/MEDIUM: http/htx: unbreak option http_proxy 2019/07/15 : 1.8r2 (2.0.0-195.871) - BUG/MEDIUM: tcp-check: unbreak multiple connect rules again 2019/07/12 : 1.8r2 (2.0.0-195.870) - BUG/MAJOR: listener: fix thread safety in resume_listener() - MINOR: task: introduce work lists - BUG/MEDIUM: da: cast the chunk to string. - BUG/MEDIUM: lb_fas: Don't test the server's lb_tree from outside the lock - BUILD: makefile: do not rely on shell substitutions to determine git version - BUILD: makefile: use :space: instead of digits to count commits 2019/06/26 : 1.8r2 (2.0.0-195.864) - BUG/MEDIUM: lb_fwlc: Don't test the server's lb_tree from outside the lock - BUG/MEDIUM: compression: Set Vary: Accept-Encoding for compressed responses - MINOR: doc: add master-worker in the man page - MINOR: doc: Remove -Ds option in man page - BUG/MINOR: http-rules: mention "deny_status" for "deny" in the error message - BUG/MEDIUM: mux-h2: make sure the connection timeout is always set - BUG/MEDIUM: vars: make the tcp/http unset-var() action support conditions - BUG/MEDIUM: vars: make sure the scope is always valid when accessing vars - BUG/MEDIUM: connection: fix multiple handshake polling issues - BUG/MINOR: deinit/threads: make hard-stop-after perform a clean exit - BUG/MEDIUM: http: fix "http-request reject" when not final 2019/06/06 : 1.8r2 (2.0.0-195.853) - BUG/MEDIUM: spoe: Be sure the sample is found before setting its context 2019/05/27 : 1.8r2 (2.0.0-195.852) - BUG/MEDIUM: queue: fix the tree walk in pendconn_redistribute. - BUG/MAJOR: lb/threads: make sure the avoided server is not full on second pass - BUILD: ssl: fix latest LibreSSL reg-test error - BUG/MINOR: ssl_sock: Fix memory leak when disabling compression - DOC: fix typos 2019/05/24 : 1.8r2 (2.0.0-195.847) - BUG/MEDIUM: spoe: Don't use the SPOE applet after releasing it - BUG/MEDIUM: dns: make the port numbers unsigned - BUG/MINOR: http_fetch: Rely on the smp direction for "cookie()" and "hdr()" 2019/05/15 : 1.8r2 (2.0.0-195.844) - BUG/MINOR: ssl: Fix 48 byte TLS ticket key rotation - BUG/MEDIUM: spoe: Return an error if nothing is encoded for fragmented messages - BUG/MEDIUM: spoe: Queue message only if no SPOE applet is attached to the stream - BUG/MEDIUM: port_range: Make the ring buffer lock-free. - MINOR: threads: Implement HA_ATOMIC_LOAD(). - CLEANUP: config: Don't alter listener->maxaccept when nbproc is set to 1 - MINOR: config: Test validity of tune.maxaccept during the config parsing - BUG/MEDIUM: listener: Fix how unlimited number of consecutive accepts is handled - BUG/MAJOR: map/acl: real fix segfault during show map/acl on CLI - BUG/MEDIUM: contrib/modsecurity: If host header is NULL, don't try to strdup it - DOC: contrib/modsecurity: Typos and fix the reject example - MINOR: spoe: Use the sample context to pass frag_ctx info during encoding - BUG/MEDIUM: spoe: arg len encoded in previous frag frame but len changed - BUG/MINOR: http: Call stream_inc_be_http_req_ctr() only one time per request - BUG/MINOR: spoe: Don't systematically wakeup SPOE stream in the applet handler - BUG/MINOR: da: Get the request channel to call CHECK_HTTP_MESSAGE_FIRST() - BUG/MINOR: 51d: Get the request channel to call CHECK_HTTP_MESSAGE_FIRST() - BUG/MEDIUM: thread/http: Add missing locks in set-map and add-acl HTTP rules - BUG/MINOR: acl: properly detect pattern type SMP_T_ADDR - BUG/MEDIUM: maps: only try to parse the default value when it's present - BUG/MAJOR: http_fetch: Get the channel depending on the keyword used - MINOR: skip get_gmtime where tm is unused - BUILD/MINOR: listener: Silent a few signedness warnings. - BUG/MEDIUM: listener: make sure the listener never accepts too many conns - BUG/MEDIUM: listener: use a self-locked list for the dequeue lists - MAJOR: listener: do not hold the listener lock in listener_accept() - BUG/MEDIUM: list: fix incorrect pointer unlocking in LIST_DEL_LOCKED() - BUG/MEDIUM: list: fix again LIST_ADDQ_LOCKED - BUG/MEDIUM: list: correct fix for LIST_POP_LOCKED's removal of last element - MINOR: list: make the delete and pop operations idempotent - BUG/MEDIUM: list: add missing store barriers when updating elements and head - BUG/MEDIUM: list: fix LIST_POP_LOCKED's removal of the last pointer - BUG/MEDIUM: list: fix the rollback on addq in the locked liss - BUG/MEDIUM: lists: Properly handle the case we're removing the first elt. - MINOR: lists: Implement locked variations. - BUG/MINOR: threads: fix the process range of thread masks - BUG/MEDIUM: pattern: assign pattern IDs after checking the config validity - BUILD: connection: fix naming of ip_v field - BUILD: use inttypes.h instead of stdint.h - BUG/MEDIUM: peers: fix a case where peer session is not cleanly reset on release. - MINOR: cli: start addresses by a prefix in 'show cli sockets' - BUG/MINOR: cli: correctly handle abns in 'show cli sockets' 2019/04/01 : 1.8r2 (2.0.0-195.802) - MINOR: ssl: Add aes_gcm_dec converter - MINOR: tools: make memvprintf() never pass a NULL target to vsnprintf() - BUILD: makefile: work around an old bug in GNU make-3.80 - BUG/MAJOR: checks: segfault during tcpcheck_main - DOC: The option httplog is no longer valid in a backend. - BUG/MINOR: log: properly format IPv6 address when LOG_OPT_HEXA modifier is used. - BUG/MEDIUM: ssl: ability to set TLS 1.3 ciphers using ssl-default-server-ciphersuites - BUG/MINOR: http/counters: fix missing increment of fe->srv_aborts - BUG/MAJOR: stats: Fix how huge POST data are read from the channel 2019/03/19 : 1.8r2 (2.0.0-195.793) - BUG/MAJOR: spoe: Fix initialization of thread-dependent fields - BUG/MEDIUM: threads/fd: do not forget to take into account epoll_fd/pipes - MEDIUM: threads: Use __ATOMIC_SEQ_CST when using the newer atomic API. 2019/03/12 : 1.8r2 (2.0.0-193.790) - BUG/MINOR: threads: move declaration of capabilities to config.h - BUG/MINOR: ssl: fix warning about ssl-min/max-ver support - BUG/MEDIUM: logs: Only attempt to free startup_logs once. - BUG/MINOR: listener: keep accept rate counters accurate under saturation - BUG/MAJOR: listener: Make sure the listener exist before using it. - BUG/MEDIUM: hapee/51d: fix a segfault on exit when 51d configuration is not loaded 2019/02/15 : 1.8r2 (2.0.0-193.784) - MINOR: dns: Implement `parse-resolv-conf` directive - BUG/MEDIUM: spoe: initialization depending on nbthread must be done last - BUG/MINOR: config: Reinforce validity check when a process number is parsed - BUG/MAJOR: stream: avoid double free on unique_id - BUG/MAJOR: spoe: Don't try to get agent config during SPOP healthcheck - BUG/MEDIUM: server: initialize the idle conns list after parsing the config - BUG/MINOR: lua: initialize the correct idle conn lists for the SSL sockets - BUG/MINOR: spoe: do not assume agent->rt is valid on exit - DOC: ssl: Stop documenting ciphers example to use - DOC: ssl: Clarify when pre TLSv1.3 cipher can be used - BUG/MINOR: config: make sure to count the error on incorrect track-sc/stick rules 2019/02/05 : 1.8r2 (2.0.0-193.773) - BUILD/MINOR: compiler: fix offsetof() on older compilers - MINOR: compiler: introduce offsetoff(). - BUG/MAJOR: spoe: verify that backends used by SPOE cover all their callers' processes - BUG/MAJOR: config: verify that targets of track-sc and stick rules are present - BUG/MINOR: config: fix bind line thread mask validation - BUG/MEDIUM: stream: Don't forget to free s->unique_id in stream_free(). - BUG/MEDIUM: mux-h2: do not close the connection on aborted streams - MINOR: connstream: have a new flag CS_FL_KILL_CONN to kill a connection - MINOR: stream-int: add a new flag to mention that we want the connection to be killed - MINOR: stream-int: expand the flags to 32-bit - BUG/MEDIUM: mux-h2: wait for the mux buffer to be empty before closing the connection - BUG/MEDIUM: mux-h2: make sure never to send GOAWAY on too old streams - BUG/MEDIUM: mux-h2: fix two half-closed to closed transitions - BUG/MEDIUM: mux-h2: wake up flow-controlled streams on initial window update - MINOR: xref: Add missing barriers. - BUG/MINOR: stream: don't close the front connection when facing a backend error - SCRIPTS: add the issue tracker URL to the announce script - SCRIPTS: add the slack channel URL to the announce script - BUG/MINOR: deinit: tcp_rep.inspect_rules not deinit, add to deinit - BUG/MINOR: spoe: corrected fragmentation string size - DOC: nbthread is no longer experimental. - BUG/MINOR: hpack: return a compression error on invalid table size updates - BUG/MINOR: mux-h2: make it possible to set the error code on an already closed stream - BUG/MINOR: mux-h2: headers-type frames in HREM are always a connection error - BUG/MINOR: mux-h2: CONTINUATION in closed state must always return GOAWAY - MINOR: h2: declare new sets of frame types - MINOR: h2: add a bit-based frame type representation 2019/01/28 : 1.8r2 (2.0.0-191.746) - DOC: mention the effect of nf_conntrack_tcp_loose on src/dst - BUG/MEDIUM: ssl: Fix handling of TLS 1.3 KeyUpdate messages - BUG/MINOR: check: Wake the check task if the check is finished in wake_srv_chk() - BUG/MINOR: server: don't always trust srv_check_health when loading a server state - BUG/MINOR: stick_table: Prevent conn_cur from underflowing - BUG/MINOR: backend: BE_LB_LKUP_CHTREE is a value, not a bit - BUG/MINOR: backend: balance uri specific options were lost across defaults - BUG/MINOR: backend: don't use url_param_name as a hint for BE_LB_ALGO_PH - DOC: Be a bit more explicit about allow-0rtt security implications. - BUG/MEDIUM: ssl: Disable anti-replay protection and set max data with 0RTT. - BUG/MAJOR: cache: fix confusion between zero and uninitialized cache key - DOC: http-request cache-use / http-response cache-store expects cache name 2019/01/15 : 1.8r2 (2.0.0-191.734) - MINOR: ssl: add support of aes256 bits ticket keys on file and cli. - BUG/MEDIUM: ssl: missing allocation failure checks loading tls key file - BUG/MINOR: base64: dec func ignores padding for output size checking 2019/01/08 : 1.8r2 (2.0.0-191.731) - BUG/CRITICAL: mux-h2: re-check the frame length when PRIORITY is used - BUG/MEDIUM: log: don't mark log FDs as non-blocking on terminals - BUG/MINOR: log: fix logging to both FD and IP - BUG/MEDIUM: lua: dead lock when Lua tasks are trigerred - BUG/MINOR: lua: bad args are returned for Lua actions - BUG/MINOR: lua: Return an error if a legacy HTTP applet doesn't send anything - BUG/MEDIUM: cli: make "show sess" really thread-safe - MINOR: stream/cli: report more info about the HTTP messages on "show sess all" - MINOR: stream/cli: fix the location of the waiting flag in "show sess all" - MINOR: lb: allow redispatch when using consistent hash - BUG/MEDIUM: server: Also copy "check-sni" for server templates. - BUG/MEDIUM: mux-h2: mark that we have too many CS once we have more than the max - MINOR: mux-h2: only increase the connection window with the first update - BUG/MAJOR: stream-int: Update the stream expiration date in stream_int_notify() 2018/12/21 : 1.8r2 (2.0.0-190.717) - BUG/MEDIUM: dns: overflowed dns name start position causing invalid dns error - BUG/MEDIUM: dns: Don't prevent reading the last byte of the payload in dns_validate_response() - BUG/MINOR: logs: leave startup-logs global and not per-thread 2018/12/17 : 1.8r2 (2.0.0-190.714) - MINOR: cli: implements 'reload' on master CLI - MINOR: mworker/cli: indicate in the master prompt when a reload failed - BUG/MINOR: mworker: don't use unitialized mworker_proc struct - BUG/MEDIUM: cli: handle correctly prefix and payload - MEDIUM: cli: handle CLI level from the master CLI - CLEANUP: cli: use dedicated define instead of appctx ones - MEDIUM: cli: show and change CLI permissions - MEDIUM: cli: store CLI level in the appctx - MINOR: cli: change 'show proc' output of old processes - DOC: master CLI documentation in management.txt - MINOR: cli: use pcli_flags for prompt activation - MEDIUM: cli: handle payload in CLI proxy - MINOR: cli: implements 'quit' in the CLI proxy - MINOR: cli: parse prompt command in the CLI proxy - MEDIUM: cli: rework the CLI proxy parser - BUG/MINOR: cli: wait for payload data even without prompt - DOC: fix a few typos in the documentation - DOC: Fix typos in different subsections of the documentation - DOC: Fix typos in README and CONTRIBUTING - DOC: restore note about "independant" typo - DOC: Update configuration doc about the maximum number of stick counters. - BUG: dns: Fix off-by-one write in dns_validate_dns_response() - BUG: dns: Fix out-of-bounds read via signedness error in dns_validate_dns_response() - BUG: dns: Prevent out-of-bounds read in dns_validate_dns_response() - BUG: dns: Prevent out-of-bounds read in dns_read_name() - BUG: dns: Prevent stack-exhaustion via recursion loop in dns_read_name - DOC: refer to check-sni in the documentation of sni - DOC: clarify that check-sni needs an argument. - MINOR: servers: Free [idle|safe|priv]_conns on exit. - BUILD: threads: fix minor build warnings when threads are disabled - BUILD: compression: fix build error with DEFAULT_MAXZLIBMEM - BUG/MINOR: mux-h2: advertise a larger connection window size - BUG/MINOR: mux-h2: refrain from muxing during the preface - BUG/MINOR: hpack: fix off-by-one in header name encoding length calculation - BUG/MEDIUM: sample: Don't treat SMP_T_METH as SMP_T_STR. - BUG/MINOR: lb-map: fix unprotected update to server's score - BUG/MINOR: cfgparse: Fix the call to post parser of the last sections parsed - BUG/MINOR: cfgparse: Fix transition between 2 sections with the same name - BUG/MINOR: ssl: ssl_sock_parse_clienthello ignores session id - BUG/MEDIUM: mworker: fix several typos in mworker_cleantasks() - BUG/MEDIUM: mworker: stop every tasks in the master - BUG/MEDIUM: mworker: stop proxies which have no listener in the master - BUILD: modules: update HAPEE version macro to 1.8r2 - MEDIUM: modules: prototype change for CLI parser - BUILD: Makefile: fix undefined TARGET - BUILD: Makefile: switch to quiet mode by default for CC/LD/AR - BUILD: Makefile: add "$(Q)" to clean, tags and cscope targets - BUILD: Makefile: add the quiet mode to a few more targets - BUILD: Makefile: make "V=1" show some of the commands that are executed - MEDIUM: threads: close the thread-waker pipe during deinit - BUG/MEDIUM: hapee/mworker: init the thread_sync_pipe - MEDIUM: hapee/threads: implement a deinit for the sync pipe - MINOR: mworker: only close std{in,out,err} in daemon mode - BUG/MEDIUM: mworker: does not abort() in mworker_pipe_register() - BUG/MINOR: cli: forward the whole command on master CLI - BUG/MEDIUM: listeners: CLOEXEC flag is not correctly set - BUG/MEDIUM: mworker: avoid leak of client socket - REORG: mworker: declare master variable in global.h - BUG/MEDIUM: mworker: fix FD leak upon reload - BUG/MINOR: mworker: Do not attempt to close(2) fd -1 - BUG/MINOR: mworker: fix FD leak and memory leak in error path - BUG/MINOR: cli: Fix memory leak - MINOR: cli: add a few missing includes in proto/cli.h - BUG/MEDIUM: mworker: unregister the signals of main() - MEDIUM: signal: signal_unregister() removes every handlers - MINOR: cli: add mworker_accept_wrapper to 'show fd' - MINOR: mworker: use ha_notice to announce a new worker - MINOR: log: introduce ha_notice() - MEDIUM: mworker: wait mode use standard init code path - MINOR: cli: show master information in 'show proc' - MINOR: cli: displays uptime in `show proc` - MINOR: cli: format `show proc` to be more readable - MEDIUM: listeners: support unstoppable listener - MEDIUM: jobs: support unstoppable jobs for soft stop - BUG/MEDIUM: cli: crash when trying to access a worker - MEDIUM: mworker: leave when the master die - MINOR: mworker: displays a message when a worker is forked - MEDIUM: mworker: exit with the incriminated exit code - MINOR: mworker: displays more information when leaving - MEDIUM: mworker: does not create the CLI proxy when no listener - MINOR: cli: can't connect to the target CLI - MINOR: cli: show the number of reload in 'show proc' - MEDIUM: cli: worker socketpair is unstoppable - MINOR: stats: report the number of active jobs and listeners in "show info" - MEDIUM: cli: write a prompt for the CLI proxy of the master - MEDIUM: channel: reorder the channel analyzers for the cli - MEDIUM: mworker: stop the master proxy in the workers - MEDIUM: listeners: set O_CLOEXEC on the accepted FDs - MINOR: cli: put @master @<relative pid> @!<pid> in the help - MEDIUM: cli: enable "show cli sockets" for the master - MINOR: cli: displays sockpair@ in "show cli sockets" - MINOR: cli: helper to write an response message and close - MEDIUM: cli: implement 'mode cli' proxy analyzers - MEDIUM: cli: 'show proc' displays processus - MEDIUM: mworker: find the server ptr using a CLI prefix - MEDIUM: cli: disable some keywords in the master - MEDIUM: mworker: create CLI listeners from argv[] - MEDIUM: mworker: proxy for the master CLI - MEDIUM: mworker: add proc_list in global.h - MEDIUM: mworker: move proc_list gen before proxies startup - MINOR: server: export new_server() function - REORG: mworker: move struct mworker_proc to global.h - MEDIUM: mworker: each worker socketpair is a CLI listener - MINOR: mworker: number of reload in the life of a worker - BUG/MEDIUM: mworker: don't poll on LI_O_INHERITED listeners - CLEANUP: haproxy: Remove unused variable - BUILD: sockpair: silence a build warning at -Wextra - TESTS: add a python wrapper for sockpair@ - MEDIUM: protocol: sockpair protocol - MEDIUM: protocol: use a custom AF_MAX to help protocol parser - MEDIUM: mworker: call per_thread deinit in mworker_reload() - MINOR: mworker: don't deinit the poller fd when in wait mode - MINOR: mworker: keep and clean the listeners - MEDIUM: mworker: replace the master pipe by socketpairs - MEDIUM: mworker: master wait mode use its own initialization - MEDIUM: startup: unify signal init between daemon and mworker mode - MEDIUM: mworker: never block SIG{TERM,INT} during reload - MEDIUM: mworker: block SIGCHLD until the master is ready - MINOR: mworker: mworker_cleanlisteners() delete the listeners - BUG/MINOR: mworker: no need to stop peers for each proxy - MEDIUM: mworker: use the haproxy poll loop - MEDIUM: mworker: remove register/unregister signal functions - MINOR: startup: change session/process group settings - BUG/MINOR: cli: don't stop cli_gen_usage_msg() when kw->usage == NULL - MINOR: backend: implement random-based load balancing - MINOR: http: Add support for 421 Misdirected Request - MINOR: sample: Add strcmp sample converter - MINOR: export localpeer as an environment variable - BUG/MEDIUM: hpack: fix encoding of "accept-ranges" field - BUG/MINOR: config: Copy default error messages when parsing of a backend starts - BUG/MEDIUM: Make sure stksess is properly aligned. - BUG/MINOR: config: better detect the presence of the h2 pattern in npn/alpn - REGTEST: add a test for connections to a "dispatch" address - REGTEST: add the option to test only a specific set of files - CLEANUP: fix typos in reg-tests - REGTEST: fix scripts 1 and 3 to accept development version - REGTEST: make the IP+port logging test more reliable - REGTEST/MINOR: lua: Add reg testing files for 70d318c. - REGTEST/MINOR: Add a reg testing file for 3e60b11. - REGEST/MINOR: Add reg testing files. - REGTEST/MINOR: Add a new class of regression testing files. - REGTEST/MINOR: Missing mandatory "ignore_unknown_macro". - DOC: regression testing: Add a short starting guide. - REGTEST/MINOR: Unexpected curl URL globling. - REGTEST/MINOR: Wrong URI syntax. - REGTEST/MINOR: Wrong URI in a reg test for SSL/TLS. - DOC: Add new REGTEST tag info about reg testing. - MINOR: reg-tests: Add a few regression testing files. - MINOR: reg-tests: Add reg-tests/README file. - REGTEST/MINOR: Add levels to reg-tests target. - REGTEST/MINOR: Set HAPROXY_PROGRAM default value. - MINOR: tests: First regression testing file. - DOC: add documentation for prio_class and prio_offset sample fetches. - DOC: update the roadmap about priority queues - MEDIUM: queue: adjust position based on priority-class and priority-offset - MEDIUM: add set-priority-class and set-priority-offset - MINOR: queue: replace the linked list with a tree - MINOR: queue: store the queue index in the stream when enqueuing - MINOR: stream: rename {srv,prx}_queue_size to *_queue_pos - MINOR: queue: make sure the pendconn is released before logging - MINOR: threads/queue: Get rid of THREAD_WANT_SYNC in the queue code. - MEDIUM: queue: get rid of the pendconn lock - MINOR: queue: implement pendconn queue locking functions - MINOR: queue: use a distinct variable for the assigned server and the queue - MINOR: queue: make sure pendconn->strm->pend_pos is always valid - DOC: queue: document the expected locking model for the server's queue - MEDIUM: queue: make pendconn_free() work on the stream instead - MINOR: queue: centralize dequeuing code a bit better - MINOR: doc: Add information about "early-hint" http-request action. - MINOR: http: Implement "early-hint" http request rules. - MINOR: http: Make new "early-hint" http-request action really be parsed. - MINOR: http: Add new "early-hint" http-request action. - MINOR: cache: Add "Age" header. - DOC: cache: Missing information about "total-max-size" and "max-object-size" - MINOR: shctx: Change max. object size type to unsigned int. - MINOR: cache: Avoid usage of atoi() when parsing "max-object-size". - DOC: Update about the cache support for big objects. - MINOR: cache: Add "max-object-size" option. - MINOR: shctx: Add a maximum object size parameter. - MINOR: cache: Larger HTTP objects caching. - MINOR: shctx: Shared objects block by block allocation. - MEDIUM: log: add a new "raw" format - MEDIUM: log: support a new "short" format - MEDIUM: log: add support for logging to existing file descriptors - MINOR: log: report the number of dropped logs in the stats - DOC: logs: the format directive was missing from the second log part - MINOR: log: slightly improve error message syntax on log failure - BUG/MEDIUM: log: don't CLOEXEC the inherited FDs - MINOR: ssl: Add payload support to "set ssl ocsp-response" - MINOR: map: Add payload support to "add map" - MEDIUM: cli: Add payload support - MINOR: ssl: set SSL_OP_PRIORITIZE_CHACHA - MINOR: ssl: add fetch 'ssl_fc_session_key' and 'ssl_bc_session_key' - MINOR: ssl: disable SSL sample fetches when unsupported - BUG/MEDIUM: auth/threads: use of crypt() is not thread-safe - BUG/MAJOR: http: http_txn_get_path() may deference an inexisting buffer - BUG/MINOR: only auto-prefer last server if lb-alg is non-deterministic - BUG/MINOR: only mark connections private if NTLM is detected - DOC: cache: Missing information about "total-max-size" - BUG/MINOR: ssl: Wrong usage of shctx_init(). - BUG/MINOR: cache: Wrong usage of shctx_init(). - BUG/MINOR: cache: Crashes with "total-max-size" > 2047(MB). - BUILD: Makefile: add the new ERR variable to force -Werror - BUG/MEDIUM: h2: Close connection if no stream is left an GOAWAY was sent. - BUG/MEDIUM: pools: Fix the usage of mmap()) with DEBUG_UAF. - BUILD: compiler: rename __unreachable() to my_unreachable() - DOC: fix reference to map files in MAINTAINERS - MINOR: peers: use defines instead of enums to appease clang. - MINOR: cfgparse: Write 130 as 128 as 0x82 and 0x80. - MINOR: server: Use memcpy() instead of strncpy(). - BUILD: Makefile: silence an option conflict warning with clang - BUILD: Makefile: speed up compiler options detection - CLEANUP: stick-tables: Remove unneeded double (()) around conditional clause - BUILD: lua: silence some compiler warnings after WILL_LJMP - BUILD: lua: silence some compiler warnings about potential null derefs (#2) - MINOR: lua: all functions calling lua_yieldk() may return - BUILD: compiler: add a new statement "__unreachable()" - BUILD: peers: check allocation error during peers_init_sync() - BUILD: stick-table: make sure not to fail on task_new() during initialization - BUILD: ssl: fix another null-deref warning in ssl_sock_switchctx_cbk() - BUILD: ssl: fix null-deref warning in ssl_fc_cipherlist_str sample fetch - BUG/MINOR: cli: make sure the "getsock" command is only called on connections - BUG/MINOR: tools: fix set_net_port() / set_host_port() on IPv4 - BUG/MEDIUM: threads: make sure threads_want_sync is marked volatile - BUG/MEDIUM: threads: fix thread_release() at the end of the rendez-vous point - DOC: Fix a few typos - BUG/MEDIUM: stream: don't crash on out-of-memory - BUG/MEDIUM: mworker: segfault receiving SIGUSR1 followed by SIGTERM. - BUG/MINOR: checks: queues null-deref - BUG/MEDIUM: Cur/CumSslConns counters not threadsafe. - MEDIUM: ssl: add support for ciphersuites option for TLSv1.3 - BUG/MEDIUM: buffers: Make sure we don't wrap in buffer_insert_line2/replace2. - BUG/MINOR: backend: check that the mux installed properly - BUG/MINOR: connection: avoid null pointer dereference in send-proxy-v2 - DOC: clarify force-private-cache is an option - MINOR: threads: Make sure threads_sync_pipe is initialized before using it. - MEDIUM: lua: Add stick table support for Lua. - BUG/CRITICAL: hpack: fix improper sign check on the header index value - MINOR: Add srv_conn_free sample fetch - MINOR: add be_conn_free sample fetch - BUG/MEDIUM: patterns: fix possible double free when reloading a pattern list - DOC: Fix typos in lua documentation - BUG/MINOR: server: Crash when setting FQDN via CLI. - BUG/MAJOR: kqueue: Don't reset the changes number by accident. - BUG/MEDIUM: snapshot: take the proxy's lock while dumping errors - BUG/MINOR: http/threads: atomically increment the error snapshot ID - BUG/MINOR: dns: check and link servers' resolvers right after config parsing - BUG/MEDIUM: h2: fix risk of memory leak on malformated wrapped frames - BUG/MEDIUM: session: fix reporting of handshake processing time in the logs - BUG/MINOR: stream: use atomic increments for the request counter - MINOR: thread: implement HA_ATOMIC_XADD() - BUG/MEDIUM: ECC cert should work with TLS < v1.2 and openssl >= 1.1.1 - BUG/MEDIUM: dns/server: fix incomatibility between SRV resolution and server state file - BUG/MEDIUM: hlua: Don't call RESET_SAFE_LJMP if SET_SAFE_LJMP returns 0. - BUG/MAJOR: thread: lua: Wrong SSL context initialization. - BUG/MEDIUM: hlua: Make sure we drain the output buffer when done. - BUG/MEDIUM: lua: reset lua transaction between http requests - MINOR: fd cache: And the thread_mask with all_threads_mask. - BUG/MEDIUM: mux_pt: dereference the connection with care in mux_pt_wake() - BUG/MINOR: lua: Bad HTTP client request duration. - BUG/MEDIUM: unix: provide a ->drain() function - DOC: Fix spelling error in configuration doc - BUG/MEDIUM: cli/threads: protect some server commands against concurrent operations - BUG/MEDIUM: cli/threads: protect all "proxy" commands against concurrent updates - BUG/MEDIUM: lua: socket timeouts are not applied - DOC: ssl: Use consistent naming for TLS protocols - DOC: dns: explain set server ... fqdn requires resolver - BUG/MINOR: map: fix map_regm with backref - BUG/MEDIUM: ssl: loading dh param from certifile causes unpredictable error. - BUG/MEDIUM: ssl: fix missing error loading a keytype cert from a bundle. - BUG/MINOR: ssl: empty connections reported as errors. - BUG/MEDIUM: cli: make "show fd" thread-safe - MEDIUM: hathreads: implement a more flexible rendez-vous point - BUG/MEDIUM: threads: fix the no-thread case after the change to the sync point - MINOR: threads: add more consistency between certain variables in no-thread case - BUG/MEDIUM: lua: possible CLOSE-WAIT state with '\n' headers - MINOR: dns: new DNS options to allow/prevent IP address duplication - MINOR: dns: fix wrong score computation in dns_get_ip_from_response - BUG/MEDIUM: queue: prevent a backup server from draining the proxy's connections - BUG/MEDIUM: servers: check the queues once enabling a server - BUG/MEDIUM: fd: Don't modify the update_mask in fd_dodelete(). - SCRIPTS: git-show-backports: add missing quotes to "echo" - MEDIUM: proxy_protocol: Convert IPs to v6 when protocols are mixed - BUG/MEDIUM: threads: unbreak "bind" referencing an incorrect thread number - MINOR: threads: move "nbthread" parsing to hathreads.c - BUG/MEDIUM: threads: properly fix nbthreads == MAX_THREADS - BUG/MINOR: threads: Handle nbthread == MAX_THREADS. - BUG/MINOR: config: stick-table is not supported in defaults section - BUG/MEDIUM: h2: prevent orphaned streams from blocking a connection forever - BUG/MEDIUM: threads/sync: use sched_yield when available - BUG/MINOR: servers: Don't make "server" in a frontend fatal. - BUG/MEDIUM: stats: don't ask for more data as long as we're responding - BUG/MEDIUM: stream-int: don't immediately enable reading when the buffer was reportedly full - MINOR: h2: add the error code and the max/last stream IDs to "show fd" - BUG/MINOR: http: Set brackets for the unlikely macro at the right place - BUG/MEDIUM: threads: Fix the exit condition of the thread barrier - MINOR: debug: Add checks for conn_stream flags - MINOR: debug: Add check for CO_FL_WILL_UPDATE - BUILD: Generate sha256 checksums in publish-release - BUG/MINOR: unix: Make sure we can transfer abns sockets on seamless reload. - BUG/MEDIUM: h2: make sure the last stream closes the connection after a timeout - BUG/MEDIUM: h2: never leave pending data in the output buffer on close - BUG/MEDIUM: h2: don't accept new streams if conn_streams are still in excess - MINOR: h2: add the mux and demux buffer lengths on "show fd" - MINOR: h2: keep a count of the number of conn_streams attached to the mux - BUG/MINOR: h2: remove accidental debug code introduced with show_fd function - MINOR: h2: implement a basic "show_fd" function - MINOR: mux: add a "show_fd" function to dump debugging information for "show fd" - BUG/MINOR: ssl: properly ref-count the tls_keys entries - MINOR: systemd: consider exit status 143 as successful - MINOR: stick-tables: make stktable_release() do nothing on NULL - BUG/MAJOR: stick_table: Complete incomplete SEGV fix - BUG/BUILD: threads: unbreak build without threads - BUG/MAJOR: Stick-tables crash with segfault when the key is not in the stick-table - MINOR: threads: Be sure to remove threads from all_threads_mask on exit - BUG/MEDIUM: threads: Use the sync point to check active jobs and exit - BUG/MAJOR: ssl: OpenSSL context is stored in non-reserved memory slot - BUG/MAJOR: ssl: Random crash with cipherlist capture - BUG/MINOR: lua: Segfaults with wrong usage of types. - BUG/MINOR: signals: ha_sigmask macro for multithreading - BUG/MINOR: don't ignore SIG{BUS,FPE,ILL,SEGV} during signal processing - BUG/MEDIUM: threads: handle signal queue only in thread 0 - MINOR: lua: Increase debug information - BUG/MAJOR: map: fix a segfault when using http-request set-map - MAJOR: hapee/spoe: Reintroduce the support of SPOP 1.0 - DOC: contrib/modsecurity: few typo fixes - DOC: SPOE.txt: fix a typo - BUG/MINOR: contrib/modsecurity: update pointer on the end of the frame - BUG/MINOR: contrib/mod_defender: update pointer on the end of the frame - BUG/MINOR: contrib/modsecurity: Don't reset the status code during disconnect - BUG/MINOR: contrib/mod_defender: Don't reset the status code during disconnect - BUG/MINOR: contrib/spoa_example: Don't reset the status code during disconnect - MAJOR: spoe: upgrade the SPOP version to 2.0 and remove the support for 1.0 - BUG/MEDIUM: lua/socket: Buffer error, may segfault - BUG/MEDIUM: lua/socket: Sheduling error on write: may dead-lock - BUG/MEDIUM: lua/socket: Notification error - BUG/MAJOR: lua: Dead lock with sockets - BUG/MEDIUM: lua/socket: wrong scheduling for sockets - MINOR: task/notification: Is notifications registered ? - BUG/MEDIUM: spoe: Return an error when the wrong ACK is received in sync mode - BUG/MEDIUM: stick-tables: Decrement ref_cnt in table_* converters - BUG/MEDIUM: lua/socket: Length required read doesn't work - BUG/MEDIUM: servers: Add srv_addr default placeholder to the state file - BUG/BUILD: threads: unbreak build without threads - BUG/MEDIUM: dns: Delay the attempt to run a DNS resolution on check failure. - BUG/MEDIUM: cache: don't cache when an Authorization header is present - BUG/MINOR: ssl/lua: prevent lua from affecting automatic maxconn computation - BUG/MEDIUM: contrib/modsecurity: Use network order to encode/decode flags - BUG/MEDIUM: contrib/mod_defender: Use network order to encode/decode flags - BUG/MEDIUM: spoe: Flags are not encoded in network order - BUG/MINOR: lua: Socket.send threw runtime error: 'close' needs 1 arguments. - BUG/MINOR: spoe: Mistake in error message about SPOE configuration - BUG/MEDIUM: ssl: properly protect SSL cert generation - BUG/MEDIUM: http: don't always abort transfers on CF_SHUTR - BUG/MEDIUM: pollers: Use a global list for fd shared between threads. - MINOR: fd: Make the lockless fd list work with multiple lists. - BUG/MINOR: lua: ensure large proxy IDs can be represented - BUG/MINOR: lua: schedule socket task upon lua connect() - BUG/MEDIUM: task: Don't free a task that is about to be run. - BUG/MINOR: map: correctly track reference to the last ref_elt being dumped - DOC/MINOR: clean up LUA documentation re: servers & array/table. - BUG/MINOR: lua: Put tasks to sleep when waiting for data - BUG/MEDIUM: threads: Fix the sync point for more than 32 threads - BUG/MINOR: checks: Fix check->health computation for flapping servers - BUG/MINOR: spoe: Fix parsing of dontlog-normal option - BUG/MINOR: spoe: Fix counters update when processing is interrupted - BUG/MINOR: config: disable http-reuse on TCP proxies - BUG/MINOR: lua/threads: Make lua's tasks sticky to the current thread - BUG/MEDIUM: h2: implement missing support for chunked encoded uploads - MINOR: h2: detect presence of CONNECT and/or content-length - BUG/MEDIUM: lua: Fix segmentation fault if a Lua task exits - BUG/MINOR: log: t_idle (%Ti) is not set for some requests - BUG/MAJOR: channel: Fix crash when trying to read from a closed socket - BUG/MINOR: pattern: Add a missing HA_SPIN_INIT() in pat_ref_newid() - BUG/CRITICAL: h2: fix incorrect frame length check - DOC: lua: update the links to the config and Lua API - BUILD: sample: avoid build warning in sample.c - MEDIUM: sample: Extend functionality for field/word converters - MINOR: proxy: Add fe_defbe fetcher - BUG/MEDIUM: kqueue: When adding new events, provide an output to get errors. - MINOR: cli: Ensure the CLI always outputs an error when it should - BUG/MINOR: cli: Guard against NULL messages when using CLI_ST_PRINT_FREE - BUG/MINOR: http: Return an error in proxy mode when url2sa fails - BUG/MEDIUM: connection: Make sure we have a mux before calling detach(). - BUG/MEDIUM: threads: Fix the max/min calculation because of name clashes - MINOR: servers: Support alphanumeric characters for the server templates names - BUG/MAJOR: cache: always initialize newly created objects - MINOR: spoe: Add counters to log info about SPOE agents - MINOR: spoe: use agent's logger to log SPOE messages - MINOR: spoe: Add support for option dontlog-normal in the SPOE agent section - MINOR: spoe: Add loggers dedicated to the SPOE agent - MINOR: spoe: Add options to store processing times in variables - MINOR: spoe: Add metrics in to know time spent in the SPOE - BUG/MINOR: spoe: Don't forget to decrement fpa when a processing is interrupted - BUG/MINOR: spoe: Register the variable to set when an error occurred - BUG/MINOR: spoe: Don't release the context buffer in .check_timeouts callbaclk - BUG/MINOR: spoe: Initialize variables used during conf parsing before any check - CLEANUP: spoe: Remove unused label retry - MINOR: log: Keep the ref when a log server is copied to avoid duplicate entries - MINOR: log: move 'log' keyword parsing in dedicated function - BUG/MAJOR: cache: fix random crashes caused by incorrect delete() on non-first blocks - BUG/MINOR: fd: Don't clear the update_mask in fd_insert. - BUG/MINOR: cache: fix "show cache" output - BUG/MINOR: email-alert: Set the mailer port during alert initialization - BUG/MINOR: checks: check the conn_stream's readiness and not the connection - BUG/MEDIUM: h2: always add a stream to the send or fctl list when blocked - BUILD/MINOR: threads: always export thread_sync_io_handler() - BUG/MEDIUM: h2: don't consider pending data on detach if connection is in error - BUG/MEDIUM: h2/threads: never release the task outside of the task handler - MINOR: h2: fuse h2s_detach() and h2s_free() into h2s_destroy() - MINOR: h2: always call h2s_detach() in h2_detach() - BUG/MAJOR: h2: remove orphaned streams from the send list before closing - MINOR: h2: provide and use h2s_detach() and h2s_free() - CLEANUP: h2: rename misleading h2c_stream_close() to h2s_close() - BUG/MINOR: hpack: fix harmless use of uninitialized value in hpack_dht_insert - BUILD/MINOR: cli: fix a build warning introduced by last commit - MINOR: cli: make "show fd" report the mux and mux_ctx pointers when available - MINOR: cli/threads: make "show fd" report thread_sync_io_handler instead of "unknown" - BUILD/MINOR: fix build when USE_THREAD is not defined - BUG/MINOR: lua funtion hlua_socket_settimeout don't check negative values - BUG/MINOR: lua: the function returns anything - BUG/MINOR: listener: Don't decrease actconn twice when a new session is rejected - BUG/MINOR: h2: ensure we can never send an RST_STREAM in response to an RST_STREAM - BUG/MEDIUM: h2: properly account for DATA padding in flow control - BUG/MINOR: cli: Ensure all command outputs end with a LF - BUG/MINOR: pools/threads: don't ignore DEBUG_UAF on double-word CAS capable archs - DOC: don't suggest using http-server-close - BUG/MEDIUM: fd/threads: ensure the fdcache_mask always reflects the cache contents - DOC: log: more than 2 log servers are allowed - BUILD/BUG: enable -fno-strict-overflow by default - MINOR: log: stop emitting alerts when it's not possible to write on the socket - BUG/MEDIUM: threads/queue: wake up other threads upon dequeue - BUG/MINOR: tcp-check: use the server's service port as a fallback - BUG/MEDIUM: tcp-check: single connect rule can't detect DOWN servers - BUG/MINOR: lua: return bad error messages - BUG/MINOR: spoa-example: unexpected behavior for more than 127 args - BUILD: ssl: Fix build with OpenSSL without NPN capability - BUG/MINOR: cli: Fix a crash when sending a command with too many arguments - BUG/MINOR: seemless reload: Fix crash when an interface is specified. - BUG/MINOR: dns: don't downgrade DNS accepted payload size automatically - BUG/MAJOR: threads/queue: Fix thread-safety issues on the queues management - BUG/MEDIUM: threads/unix: Fix a deadlock when a listener is temporarily disabled - BUG/MINOR: force-persist and ignore-persist only apply to backends - BUG/MEDIUM: fix a 100% cpu usage with cpu-map and nbthread/nbproc - BUG/MINOR: cli: Fix a typo in the 'set rate-limit' usage - CLEANUP: cli: Remove a leftover debug message - CLEANUP: ssl: Remove a duplicated #include - BUG/MINOR: cli: Fix a crash when passing a negative or too large value to "show fd" - BUG/MEDIUM: h2: also arm the h2 timeout when sending - BUG/MINOR: unix: Don't mess up when removing the socket from the xfer_sock_list. - CLEANUP: .gitignore: Ignore binaries from the contrib directory - BUG/MINOR: session: Fix tcp-request session failure if handshake. - BUILD/MINOR: fix Lua build on Mac OS X (again) - MINOR/BUILD: fix Lua build on Mac OS X - MINOR: systemd: Add SystemD's SystemCallFilter option to the unit file - MINOR: systemd: Add SystemD's Protect*= options to the unit file - MINOR: systemd: Add section for SystemD sandboxing to unit file - Revert "BUG/MINOR: send-proxy-v2: string size must include ('\0')" - BUG/MEDIUM: buffer: Fix the wrapping case in bi_putblk - BUG/MEDIUM: buffer: Fix the wrapping case in bo_putblk - BUG/MEDIUM: h2: always consume any trailing data after end of output buffers - MINOR: stats: display the number of threads in the statistics. - MINOR: modules: add a new label MODULES_LOCK to the lock_label enum - BUG/MINOR: h2: Set the target of dbuf_wait to h2c - MINOR: debug/pools: make DEBUG_UAF also detect underflows - BUG/MINOR: debug/pools: properly handle out-of-memory when building with DEBUG_UAF - DOC: cfgparse: Warn on option (tcp|http)log in backend - DOC: lua: new prototype for function "register_action()" - BUG/MEDIUM: ssl/sample: ssl_bc_* fetch keywords are broken. - BUG/MEDIUM: http: Switch the HTTP response in tunnel mode as earlier as possible - BUG/MINOR: ssl/threads: Make management of the TLS ticket keys files thread-safe - BUG/MEDIUM: ssl: Shutdown the connection for reading on SSL_ERROR_SYSCALL - BUG/MEDIUM: ssl: Don't always treat SSL_ERROR_SYSCALL as unrecovarable. - BUG/MINOR: threads: fix missing thread lock labels for 1.8 - BUG/MEDIUM: spoe: Remove idle applets from idle list when HAProxy is stopping - BUG/MINOR: init: Add missing brackets in the code parsing -sf/-st - BUG/MEDIUM: threads: fix the double CAS implementation for ARMv7 - BUG/MINOR: fd/threads: properly lock the FD before adding it to the fd cache. - BUILD: fd/threads: fix breakage build breakage without threads - MINOR: fd: reorder fd_add_to_fd_list() - MINOR: fd: remove the unneeded last CAS when adding an fd to the list - BUG/MINOR: fd/threads: properly dereference fdcache as volatile - MINOR: fd: move the fd_{add_to,rm_from}_fdlist functions to fd.c - MEDIUM: poller: use atomic ops to update the fdtab mask - MEDIUM: fd: make updt_fd_polling() use atomics - CLEANUP: fd: remove the now unused fd_compute_new_polled_status() function - MINOR: select: get rid of the now useless fd_compute_new_polled_status() - MINOR: poll: get rid of the now useless fd_compute_new_polled_status() - MINOR: kqueue: get rid of the now useless fd_compute_new_polled_status() - MINOR: epoll: get rid of the now useless fd_compute_new_polled_status() - MAJOR: fd: compute the new fd polling state out of the fd lock - MEDIUM: fd/threads: Make sure we don't miss a fd cache entry. - MAJOR: fd/threads: Make the fdcache mostly lockless. - MINOR: pools/threads: Implement lockless memory pools. - MINOR: threads: add test and set/reset operations - MINOR: threads: Introduce double-width CAS on x86_64 and arm. - MINOR: fd: pass the iocb and owner to fd_insert() - MEDIUM: poll: don't use the old FD state anymore - MEDIUM: select: don't use the old FD state anymore - MEDIUM: fd: use atomic ops for hap_fd_{clr,set} and remove poll_lock - MEDIUM: select: make use of hap_fd_* functions - MINOR: fd: move the hap_fd_{clr,set,isset} functions to fd.h - CLEANUP: fd: remove the unused "new" field - MINOR: poll: more accurately compute the new maxfd in the loop - CLEANUP: fd/threads: remove the now unused fdtab_lock - MEDIUM: polling: start to move maxfd computation to the pollers - MINOR: fd: don't report maxfd in alert messages - MINOR: polling: make epoll and kqueue not depend on maxfd anymore - MINOR: ssl/sample: adds ssl_bc_is_resumed fetch keyword. - MINOR: sample: add a new "concat" converter - MINOR: config: Add support for ARGT_MSK6 - MINOR: standard: Add str2mask6 function - CLEANUP: standard: Use len2mask4 in str2mask - MINOR: config: Enable tracking of up to MAX_SESS_STKCTR stick counters. - MINOR: stick-tables: Adds support for new "gpc1" and "gpc1_rate" counters. - MEDIUM: sample: Add IPv6 support to the ipmask converter - MINOR: sample: add date_us sample - MINOR: sample: rename the "len" converter to "length" - MINOR: sample: add len converter - MINOR: spoe: Add max-waiting-frames directive in spoe-agent configuration - MEDIUM: spoe: Use an ebtree to manage idle applets - MINOR: spoe: Count the number of frames waiting for an ack for each applet - MINOR: spoe: Replace sending_rate by a frequency counter - MINOR: spoe: Always link a SPOE context with the applet processing it - MINOR: spoe: Remove check on min_applets number when a SPOE context is queued - MINOR: spoe: Don't queue a SPOE context if nothing is sent - MINOR: spoe: add register-var-names directive in spoe-agent configuration - MINOR: spoe: add force-set-var option in spoe-agent configuration - MEDIUM: 51d: use fiftyoneDegreesProvider to access the pool and dataset - MINOR: config: report when "monitor fail" rules are misplaced - BUILD: modules: update HAPEE version macro to 1.8r1 - MINOR: modules: Add the ability to register variable and functions. - MINOR: modules: report more precise errors about module API mismatch - MINOR: modules: Remove Gcc warnings about unused variables - BUILD: modules: Remove modules-config.h from DEP variable to generate .i file - BUILD: modules: Add macors to compute numerical value of a HAPEE version - BUILD: modules: Only define the all target if MODULES isn't defined. - MEDIUM: modules: 'modules list' on the cli shows currently loaded modules - BUILD: modules: strip the MODULE_COPTS before hashing them - BUILD: modules: add make module-copts to show module options - BUILD: modules: take pkg-config out of install-inc - MINOR: modules: fix incorrect API HASH generation with certain awk versions - MODULES: BUILD: modules: Add version of the module in the defines - BUILD: modules: use gawk insteads of awk - BUILD: modules: make modules support optional - MINOR: modules: Don't use constructor/destructor anymore... - MINOR: modules: Terminate properly loaded modules if possible - MINOR: modules: Keep a list of loaded modules to unload them when HAProxy is stopped - MINOR: modules: Register function called after the main config check - MEDIUM: modules: modules: Add memory reservation support for the modules - MEDIUM: modules: modules: Add modules support - BUG/MINOR: config: don't emit a warning when global stats is incompletely configured - DOC: Mention -Ws in the list of available options - DOC: Describe routing impact of using interface keyword on bind lines - MINOR: init: emit warning when -sf/-sd cannot parse argument - BUG/MEDIUM: standard: Fix memory leak in str2ip2() - BUG/MINOR: time/threads: ensure the adjusted time is always correct - BUG/MEDIUM: spoe: Allow producer to read and to forward shutdown on request side - BUG/MEDIUM: spoe: Always try to receive or send the frame to detect shutdowns - BUG/MINOR: epoll/threads: only call epoll_ctl(DEL) on polled FDs - BUG/MINOR: threads: Update labels array because of changes in lock_label enum - BUG/MINOR: cli: use global.maxsock and not maxfd to list all FDs - CLEANUP: Fix typo in ARGT_MSK6 comment - BUG/MINOR: sample: Fix output type of c_ipv62ip - CLEANUP: sample: Fix outdated comment about sample casts functions - CLEANUP: sample: Fix comment encoding of sample.c - BUILD: kqueue/threads: Add test on MAX_THREADS to avoid warnings when complied without threads - BUILD: epoll/threads: Add test on MAX_THREADS to avoid warnings when complied without threads - MINOR: threads: Use __decl_hathreads instead of #ifdef/#endif - BUG/MINOR: kqueue/threads: Don't forget to close kqueue_fd[tid] on each thread - BUG/MEDIUM: checks: Don't try to release undefined conn_stream when a check is freed - BUG/MEDIUM: threads/server: Fix deadlock in srv_set_stopping/srv_set_admin_flag - BUG/MINOR: threads: always set an owner to the thread_sync pipe - MINOR: threads: Fix build when we're not compiling with threads. - BUG/MINOR: mworker: only write to pidfile if it exists - BUG/MEDIUM: threads/mworker: fix a race on startup - BUG/MEDIUM: kqueue/threads: use one kqueue_fd per thread - BUG/MEDIUM: epoll/threads: use one epoll_fd per thread - MINOR: fd: add a bitmask to indicate that an FD is known by the poller - BUG/MEDIUM: fd: maintain a per-thread update mask - BUG/MEDIUM: threads/polling: Use fd_cache_mask instead of fd_cache_num - MINOR: threads/fd: Use a bitfield to know if there are FDs for a thread in the FD cache - MINOR: global: add some global activity counters to help debugging - MINOR: threads: add a MAX_THREADS define instead of LONGBITS - MINOR: global/threads: move cpu_map at the end of the global struct - MINOR: servers: Don't report duplicate dyncookies for disabled servers. - BUG/MEDIUM: peers: fix expire date wasn't updated if entry is modified remotely. - BUG/MINOR: poll: too large size allocation for FD events - CONTRIB: debug: fix a few flags definitions - DOC: clarify the scope of ssl_fc_is_resumed - BUG/MEDIUM: stream: properly handle client aborts during redispatch - BUILD/MINOR: ancient gcc versions atomic fix - MINOR: hathreads: add support for gcc < 4.7 - BUG/MEDIUM: mworker: execvp failure depending on argv[0] - MINOR: dns: Handle SRV record weight correctly. - BUG/MINOR: lua: Fix return value of Socket.settimeout - BUG/MEDIUM: lua: Fix IPv6 with separate port support for Socket.connect - DOC: lua: Fix typos in comments of hlua_socket_receive - BUG/MINOR: lua: Fix default value for pattern in Socket.receive - BUG/MEDIUM: ssl: cache doesn't release shctx blocks - BUILD: ssl: silence a warning when building without NPN nor ALPN support - BUG/MEDIUM: h2: properly handle the END_STREAM flag on empty DATA frames - MEDIUM: h2: prepare a graceful shutdown when the frontend is stopped - BUG/MAJOR: hpack: don't return direct references to the dynamic headers table - BUG/MEDIUM: http: don't automatically forward request close - MINOR: don't close stdio anymore - BUG/MEDIUM: mworker: don't close stdio several time - BUG/MEDIUM: h2: ensure we always know the stream before sending a reset - DOC/MINOR: configuration: typo, formatting fixes - BUG/MEDIUM: h2: improve handling of frames received on closed streams - BUG/MEDIUM: h2: properly handle and report some stream errors - BUG/MEDIUM: checks: properly set servers to stopping state on 404 - BUG/MAJOR: connection: refine the situations where we don't send shutw() - BUG/MEDIUM: cache: don't cache the response on no-cache="set-cookie" - BUG/MEDIUM: cache: respect the request cache-control header - BUG/MEDIUM: cache: replace old object on store - BUG/MEDIUM: cache: do not try to retrieve host-less requests from the cache - MINOR: http: add a function to check request's cache-control header field - BUG/MINOR: cache: do not force the TX_CACHEABLE flag before checking cacheability - BUG/MINOR: http: properly detect max-age=0 and s-maxage=0 in responses - BUG/MINOR: http: do not ignore cache-control: public - MINOR: http: start to compute the transaction's cacheability from the request - MINOR: http: update the list of cacheable status codes as per RFC7231 - MINOR: http: adjust the list of supposedly cacheable methods - BUG/MEDIUM: lua: fix crash when using bogus mode in register_service() - BUG/MEDIUM: checks: a server passed in maint state was not forced down. - MEDIUM: netscaler: add support for standard NetScaler CIP protocol - MEDIUM: netscaler: do not analyze original IP packet size - MINOR: netscaler: check in one-shot if buffer is large enough for IP and TCP header - BUG/MEDIUM: stream: don't consider abortonclose on muxes which close cleanly - MINOR: stream-int: set flag SI_FL_CLEAN_ABRT when mux supports clean aborts - MINOR: mux: add flags to describe a mux's capabilities - BUG/MINOR: h2: properly report a stream error on RST_STREAM - CONTRIB: halog: Fix compiler warnings in halog.c - CONTRIB: iprange: Fix compiler warning in iprange.c - BUG/MAJOR: netscaler: address truncated CIP header detection - BUG/MEDIUM: netscaler: use the appropriate IPv6 header size - MINOR: netscaler: rename cip_len to clarify its uage - MINOR: netscaler: remove the use of cip_magic only used once - MINOR: netscaler: respect syntax - DOC/MINOR: intro: typo, wording, formatting fixes - BUG/MEDIUM: mworker: Set FD_CLOEXEC flag on log fd - BUILD/MINOR: Makefile : enabling USE_CPU_AFFINITY - BUG: MINOR: http: don't check http-request capture id when len is provided - BUG: MAJOR: lb_map: server map calculation broken - BUG/MINOR: stream-int: don't try to receive again after receiving an EOS - BUG/MEDIUM: h2: fix stream limit enforcement - BUG/MEDIUM: http: don't disable lingering on requests with tunnelled responses - BUG/MEDIUM: h2: don't close after the first DATA frame on tunnelled responses - BUG/MEDIUM: h2: don't switch the state to HREM before end of DATA frame - MINOR: h2: don't demand that a DATA frame is complete before processing it - BUG/MEDIUM: h2: support uploading partial DATA frames - MINOR: h2: store the demux padding length in the h2c struct - BUG/MEDIUM: h2: debug incoming traffic in h2_wake() - BUG/MEDIUM: h2: work around a connection API limitation - BUG/MEDIUM: h2: enable recv polling whenever demuxing is possible - BUG/MEDIUM: h2: automatically set CS_FL_RCV_MORE when the output buffer is full - BUG/MEDIUM: stream-int: always set SI_FL_WAIT_ROOM on CS_FL_RCV_MORE - MINOR: conn_stream: add new flag CS_FL_RCV_MORE to indicate pending data - BUG/MEDIUM: lua/notification: memory leak - DOC: notifications: add precisions about thread usage - MINOR: systemd: remove comment about HAPROXY_STATS_SOCKET - BUG/MEDIUM: threads/vars: Fix deadlock in register_name - BUG/MEDIUM: email-alert: don't set server check status from a email-alert task - CONTRIB: halog: Add help text for -s switch in halog program - MINOR: mworker: Improve wording in `void mworker_wait()` - MINOR: mworker: Update messages referencing exit-on-failure - BUG/MEDIUM: h2: fix handling of end of stream again - BUG/MEDIUM: peers: set NOLINGER on the outgoing stream interface - BUG/MEDIUM: checks: a down server going to maint remains definitely stucked on down state. - BUG/MEDIUM: ssl engines: Fix async engines fds were not considered to fix fd limit automatically. - BUG/MEDIUM: mworker: also close peers sockets in the master - BUG/MINOR: ssl: support tune.ssl.cachesize 0 again - BUG/MAJOR: hpack: don't pretend large headers fit in empty table - BUG/MINOR: action: Don't check http capture rules when no id is defined - BUG/MINOR: h2: use the H2_F_DATA_* macros for DATA frames - BUG/MEDIUM: h2: do not accept upper case letters in request header names - BUG/MEDIUM: h2: remove connection-specific headers from request - BUG/MINOR: h2: reject response pseudo-headers from requests - BUG/MINOR: h2: properly check PRIORITY frames - BUG/MINOR: h2: reject incorrect stream dependencies on HEADERS frame - BUG/MINOR: h2: do not accept SETTINGS_ENABLE_PUSH other than 0 or 1 - BUG/MEDIUM: h2: enforce the per-connection stream limit - BUG/MINOR: h2: the TE header if present may only contain trailers - BUG/MINOR: h2: fix a typo causing PING/ACK to be responded to - BUG/MINOR: h2: ":path" must not be empty - BUG/MINOR: h2: try to abort closed streams as soon as possible - BUG/MINOR: h2: immediately close if receiving GOAWAY after the last stream - BUG/MAJOR: h2: correctly check the request length when building an H1 request - BUG/MINOR: hpack: dynamic table size updates are only allowed before headers - BUG/MINOR: hpack: reject invalid header index - BUG/MINOR: hpack: must reject huffman literals padded with more than 7 bits - BUG/MINOR: hpack: fix debugging output of pseudo header names - BUG/MEDIUM: checks: Be sure we have a mux if we created a cs. - BUILD: Fix LDFLAGS vs. LIBS re linking order in various makefiles - BUG/MAJOR: thread: Be sure to request a sync between threads only once at a time - MINOR: threads: Fix pthread_setaffinity_np on FreeBSD. - BUG/MINOR: mworker: detach from tty when in daemon mode - BUG/MINOR: mworker: fix validity check for the pipe FDs - BUILD/MINOR: haproxy: compiling config cpu parsing handling when needed - BUG/MAJOR: thread/peers: fix deadlock on peers sync. - BUG/MEDIUM: peers: fix some track counter rules dont register entries for sync. - BUG/MEDIUM: h2: don't report an error after parsing a 100-continue response - BUG/MEDIUM: threads/peers: decrement, not increment jobs on quitting - BUG/MINOR: ssl: CO_FL_EARLY_DATA removal is managed by stream - BUILD/MINOR: haproxy : FreeBSD/cpu affinity needs pthread_np header - BUG/MEDIUM: stream: fix session leak on applet-initiated connections - BUILD: checks: don't include server.h - BUG/MEDIUM: cache: bad computation of the remaining size - BUG/MEDIUM: ssl: don't allocate shctx several time - BUG/MEDIUM: tcp-check: Don't lock the server in tcpcheck_main - BUILD/MINOR: deviceatlas: enable thread support - DOC: cache: update sections and fix some typos - BUG/MEDIUM: kqueue: Don't bother closing the kqueue after fork.


HAPEE-LB 1.8r2 – Changelog