#2021/04/30 : 2.1r1 (1.0.0-235.595)

• BUG/MINORmux-fcgiDon't send normalized uri to FCGI application
• MINORNo longer rely on deprecated sample fetches for predefined ACLs
• DOCclarify that compression works for HTTP/2
• MINORpeersadd informative flags about resync process for debugging
• BUG/MEDIUMpeersreset tables stage flags stages on new conns
• BUG/MEDIUMpeersre-work updates lookup during the sync on the fly
• BUG/MEDIUMpeersreset commitupdate value in new conns
• BUG/MEDIUMpeersreset starting point if peers appears longly disconnected
• BUG/MEDIUMpeersstop considering ack messages teaching a full resync
• BUG/MEDIUMpeersregister last acked value as origin receiving a resync req
• BUG/MEDIUMpeersinitialize resync timer to get an initial full resync
• BUG/MINORappletNotify the other side if data were consumed by an applet
• BUG/MINORhtxPreserve HTX flags when draining data from an HTX message
• BUG/MEDIUMpeersre-work refcnt on table to protect against flush
• BUG/MEDIUMpeersre-work connection to new process during reload.
• BUG/MINORpeersremove useless table check if initial resync is finished
• BUG/MEDIUMmux-h2Properly handle shutdowns when received with data
• BUG/MINORmworkerdon't use oldpids[] anymore for reload
• BUG/MINORmworker/initdon't reset nb_oldpids in non-mworker cases
• BUG/MEDIUMconfigfix cpu-map notation with both process and threads
• BUG/MEDIUMmux-h2Fix dfl calculation when merging CONTINUATION frames
• BUG/MAJORmux-h2Properly detect too large frames when decoding headers
• BUG/MINORserverfree srv.lb_nodes in free_server
• BUG/MINORmux-h1Release idle server H1 connection if data are received
• BUG/MINORlogsReport the true number of retries if there was no connection
• BUG/MINORhttp_htxRemove BUG_ON() from http_get_stline() function
• BUG/MINORhttp-fetchMake method smp safe if headers were already forwarded
• BUG/MINORconnectionFix fc_http_major and bc_http_major for TCP connections
• BUG/MEDIUMthreadsIgnore current thread to end its harmless period
• DOCsslCertificate hot update only works on fronted certificates
• BUG/MEDIUMsampleFix adjusting size in field converter
• BUG/MINORtoolsfix parsing us unit for timers
• MINOR/BUGmworker/clido not use the unix_bind prefix for the master CLI socket

#2021/04/14 : 2.1r1 (1.0.0-235.562)

• BUG/MEDIUMtaskclose a possible data race condition on a tasklet's list link
• MINORtaskremove __tasklet_remove_from_tasklet_list()

#2021/04/09 : 2.1r1 (1.0.0-235.560)

• BUG/MINORstatsApply proper styles in HTML status page.
• BUG/MEDIUMluaAlways init the lua stack before referencing the context
• BUG/MEDIUMdebug/luaUse internal hlua function to dump the lua traceback
• MINORluaSlightly improve function dumping the lua traceback
• DOCtuneexplain the origin of block size for ssl.cachesize
• DOCExplicitly state only IPv4 are supported by forwardfor/originalto options

#2021/04/02 : 2.1r1 (1.0.0-235.554)

• BUG/MINORhttp_fetchmake hdr_ip() resistant to empty fields
• BUILDtcpuse IPPROTO_IPV6 instead of SOL_IPV6 on FreeBSD/MacOS
• BUG/MINORtcpfix silent-drop workaround for IPv6
• BUG/MEDIUMmux-h1make h1_shutw_conn() idempotent
• BUG/MINORhttp_fetchmake hdr_ip() reject trailing characters
• MINORtoolsmake url2ipv4 return the exact number of bytes parsed
• BUG/MEDIUMthreadFix a deadlock if an isolated thread is marked as harmless
• BUG/MEDIUMtimemake sure to always initialize the global tick

#2021/03/24 : 2.1r1 (1.0.0-234.546)

• BUG/MEDIUMfreq_ctr/threadsuse the global_now_ms variable
• MINORtimealso provide a global, monotonic global_now_ms timer

#2021/03/18 : 2.1r1 (1.0.0-234.544)

• MINORhapeeUpdate the list of backported/hapee/dropped patches
• BUG/MINORresolversAdd missing case-insensitive comparisons of DNS hostnames
• MINORresolversDon't try to match immediatly renewed ADD items
• MINORresolversUse milliseconds for cached items in resolver responses
• BUG/MEDIUMresolversSkip DNS resolution at startup if SRV resolution is set
• BUG/MEDIUMresolversDon't release resolution from a requester callbacks
• MINORresolversDirectly call srvrq_update_srv_state() when possible
• MINORresolversAdd function to change the srv status based on SRV resolution
• MINORresolversPurge answer items when a SRV resolution triggers an error
• MINORresolversUse a function to remove answers attached to a resolution
• BUG/MEDIUMresolversTrigger a DNS resolution if an ADD item is obsolete
• MINORresolversnew function find_srvrq_answer_record()
• BUG/MEDIUMresolversFix the loop looking for an existing ADD item
• BUG/MEDIUMresolversDon't set an address-less server as UP
• BUG/MINORresolversUnlink DNS resolution to set RMAINT on SRV resolution
• BUG/MINORresolversReset server address on DNS error only on status change
• BUG/MINORresolversConsider server to have no IP on DNS resolution error
• BUG/MEDIUMresolversReset address for unresolved servers
• BUG/MEDIUMresolversReset server address and port for obselete SRV records
• BUG/MINORresolversnew callback to properly handle SRV record errors
• BUG/MINORresolversOnly renew TTL for SRV records with an additional record
• BUG/MINORresolversFix condition to release received ARs if not assigned
• BUG/MINORfreq_ctr/threadsmake use of the last updated global time
• MINORtimeexport the global_now variable
• CLEANUPtcp-rulesadd missing actions in the tcp-request error message
• BUG/MINORsessionAdd some forgotten tests on session's listener
• BUG/MINORproxy/sessionBe sure to have a listener to increment its counters
• BUG/MEDIUMfiltersSet CF_FL_ANALYZE on channels when filters are attached
• BUG/MEDIUMsessionNULL dereference possible when accessing the listener
• BUG/MINORssldon't truncate the file descriptor to 16 bits in debug mode
• BUG/MINORhluaDon't strip last non-LWS char in hlua_pushstrippedstring()
• BUG/MEDIUMlistsAvoid an infinite loop in MT_LIST_TRY_ADDQ().
• BUG/MEDIUMlistsLock the element while we check if it is in a list.
• BUG/MINORhttp-anaDon't increment HTTP error counter on read error/timeout
• BUG/MINORmux-h2Fix typo in scheme adjustment
• DOCspoeAdd a note about fragmentation support in HAProxy
• BUG/MEDIUMspoeKill applets if there are pending connections and nbthread > 1
• BUG/MINORconnectionUse the client's dst family for adressless servers
• BUG/MINORtcp-actDon't forget to set the original port for IPv4 set-dst rule
• BUG/MINORhttp-anaOnly consider dst address to process originalto option
• BUG/MINORmux-h1Immediately report H1C errors from h1_snd_buf()
• BUG/MINORproxywake up all threads when sending the hard-stop signal
• BUG/MEDIUMcli/shutdown sessions: make it thread-safe
• BUG/MEDIUMproxyuse thread-safe stream killing on hard-stop
• BUG/MEDIUMvarsmake functions vars_get_by_{name,desc} thread-safe
• BUG/MINORsamplesecure convs that accept base64 string and var name as args
• BUG/MINORssl/clipotential null pointer dereference in set ssl cert
• BUG/MEDIUMmux-h1Fix handling of responses to CONNECT other than 200-ok
• BUG/MINORserverBe sure to cut the last parsed field of a server-state line
• BUG/MINORserverInit params before parsing a new server-state line
• BUG/MINORsampleAlways consider zero size string samples as unsafe
• BUG/MINORchecksproperly handle wrapping time in __health_adjust()
• BUG/MINORsessionatomically increment the tracked sessions counter
• BUG/MINORserverRemove RMAINT from admin state when loading server state
• CLEANUPchannelfix comment in ci_putblk.
• BUG/MINORserverDon't call fopen() with server-state filepath set to NULL
• BUG/MINORcfgparsedo not mention addr:port as supported on proxy lines
• BUG/MINORstatsrevert the change on ST_CONVDONE
• BUG/MEDIUMconfigdon't pick unset values from last defaults section
• CLEANUPdeinitrelease global and per-proxy server-state variables on deinit
• BUG/MINORserverFix server-state-file-name directive
• BUG/MINORbackendhold correctly lock when killing idle conn
• BUG/MINORtoolsFix a memory leak on error path in parse_dotted_uints()
• BUG/MINORserverre-align state file fields number
• BUG/MEDIUMmux-h1Always set CS_FL_EOI for response in MSG_DONE state
• BUG/MINORhttp-anaDon't increment HTTP error counter on internal errors

#2021/03/16 : 2.1r1 (1.0.0-234.476)

#2021/02/05 : 2.1r1 (1.0.0-232.476)

• BUG/MEDIUMmux-h2do not quit the demux loop before setting END_REACHED
• BUG/MEDIUMmux-h2handle remaining read0 cases
• BUILDMakefilemove REGTESTST_TYPE default setting
• BUG/MEDIUMssl/cliabort ssl cert is freeing the old store
• BUG/MINORsslinit tmp chunk correctly in ssl_sock_load_sctl_from_file()
• BUG/MINORxxhashmake sure armv6 uses memcpy()
• BUG/MEDIUMsslcheck a connection's status before computing a handshake
• BUG/MINORstick-tableAlways call smp_fetch_src() with a valid arg list
• DOCmanagementfix show resolvers alphabetical ordering
• MINORcontribMake the wireshark peers dissector compile for more distribs.
• BUG/MINORconfigfix leak on proxy.conn_src.bind_hdr_name

#2021/02/01 : 2.1r1 (1.0.0-231.465)

• BUG/MEDIUMfilters/htxFix data forwarding when payload length is unknown

#2021/01/28 : 2.1r1 (1.0.0-231.464)

• BUG/MEDIUMstatsadd missing INF_BUILD_INFO definition
• MINORhapeeUpdate the list of backported/hapee patches
• BUG/MINORdnsSRV records ignores duplicated AR records (v2)
• BUILD/MINORluadefine _GNU_SOURCE for LLONG_MAX
• BUG/MEDIUMmux-h2fix read0 handling on partial frames
• BUG/MINORmworkerdefine _GNU_SOURCE for strsignal()
• BUG/MINORmux_h2missing space between st and .flg in the show fd helper
• BUG/MINORpeersWrong new_conn value for show peers CLI command.
• BUG/MINORthreadsFixes the number of possible cpus report for Mac.
• BUG/MINORinitUse a dynamic buffer to set HAPROXY_CFGFILES env variable
• BUG/MINORinitenforce strict-limits when using master-worker
• BUG/MINORsampleMemory leak of sample_expr structure in case of error
• BUG/MINORsamplecheck alloc_trash_chunk return value in concat()

#2021/01/08 : 2.1r1 (1.0.0-231.451)

• BUG/MINORsamplefix concat() converter's corruption with non-string variables
• DOCAdd maintainers for the Prometheus exporter
• SCRIPTSannounce-releasefix typo in help message
• DOCfix some spelling issues over multiple files
• MINORcontrib/prometheus-exporterexport build_info
• BUILDMakefileexclude broken tests by default
• BUG/MINORsrvdo not init address if backend is disabled
• SCRIPTSmake announce release support preparing announces before tag exists
• SCRIPTSimprove announce-release to support different tag and versions
• BUG/MINORcfgparseFail if the strdup() for `rule->be.name` for `use_backend` fails
• MINORatomicdon't use ; to separate instruction on aarch64.
• BUILDhpackhpack-tbl-t.h uses VAR_ARRAY but does not include compiler.h
• BUG/MEDIUMmux_h2Add missing braces in h2_snd_buf()around trace+wakeup
• BUILDplockremove dead code that causes a warning in gcc 11
• CONTRIBdebugaddress poll utility build on non-linux platforms
• CONTRIBhalogfix signed/unsigned build warnings on counts and timestamps
• CONTRIBhalogmark the has_zero* functions unused
• CONTRIBhalogfix build issue caused by %L printf format
• BUG/MEDIUMhttp-anaNever for sending data in TUNNEL mode
• BUG/MINORmux-h1Don't set CS_FL_EOI too early for protocol upgrade requests
• BUILDMakefilehave make clean destroy .o/.a/.s in contrib subdirs as well
• REGTESTSmake use of HAPROXY_ARGS and pass -dM by default
• CLEANUPcontrib/prometheus-exportertypo fixes for ssl reuse metric
• CLEANUPluaRemove declaration of an inexistant function

#2020/12/14 : 2.1r1 (1.0.0-230.427)

• BUG/MEDIUMlb-leastconnReposition a server using the right eweight
• BUG/MINORtoolsReject size format not starting by a digit
• BUG/MINORtoolsmake parse_time_err() more strict on the timer validity
• DOCemail change of the DeviceAtlas maintainer
• BUG/MEDIUMspoa/pythonFixing references to None
• BUG/MEDIUMspoa/pythonFixing PyObject_Call positional arguments
• BUG/MINORspoa/pythonCleanup ipaddress objects if initialization fails
• BUG/MINORspoa/pythonCleanup references for failed Module Addobject operations
• DOCspoa/pythonFixing typos in comments
• DOCspoa/pythonRephrasing memory related error messages
• DOCspoa/pythonFixing typo in IP related error messages
• BUG/MAJORspoa/pythonFixing return None
• DOC/MINORFix formatting in Management Guide
• BUG/MINORluawarn when registering action, conv, sf, cli or applet multiple times
• MINORcliadd a function to look up a CLI service description
• MINORactionsadd a function returning a service pointer from its name
• MINORactionsExport actions lookup functions
• BUG/MINORluaSome lua init operation are processed unsafe
• BUG/MINORluaPost init register function are not executed beyond the first one
• BUG/MINORlualua-load doesn't check its parameters
• BUG/MINORluamissing \n in error message
• MINORplockuse an ARMv8 instruction barrier for the pause instruction
• DOCconfigMove req.hdrs and req.hdrs_bin in L7 samples fetches section
• DOCClarify %HP description in log-format
• BUG/MAJORpeersfix partial message decoding

#2020/11/24 : 2.1r1 (1.0.0-229.402)

• BUG/MAJORfiltersAlways keep all offsets up to date during data filtering

#2020/11/20 : 2.1r1 (1.0.0-229.401)

• MINORhapeeUpdate the list of backported/hapee patches
• BUG/MEDIUMhttp-anaDon't eval http-after-response ruleset on empty messages

#2020/11/18 : 2.1r1 (1.0.0-229.399)

• BUG/MINORhttp-anaDon't wait for the body of CONNECT requests
• BUG/MEDIUMfiltersForward all filtered data at the end of http filtering
• BUILDhttp-htxfix build warning regarding long type in printf
• MINORcfgparsetighten the scope of newnameserver variable, free it on error.
• MINORspoeDon't close connection in sync mode on processing timeout
• BUG/MAJORspoeBe sure to remove all references on a released spoe applet
• BUG/MINORhttp-fetchFix calls w/o parentheses of the cookie sample fetches
• BUG/MINORhttp-fetchExtract cookie value even when no cookie name
• BUG/MEDIUMpeersfix decoding of multi-byte length in stick-table messages
• BUG/MINORpeersMissing TX cache entries reset.
• BUG/MINORpeersDo not ignore a protocol error for dictionary entries.
• BUG/MINORluaset buffer size during map lookups
• BUG/MINORpatterna sample marked as const could be written
• BUG/MINORhttp-htxJust warn if payload of an errorfile doesn't match the C-L
• MINORhttp-htxAdd understandable errors for the errorfiles parsing

#2020/11/04 : 2.1r1 (1.0.0-228.384)

• CLEANUPmux-h2Remove the h1 parser state from the h2 stream
• BUG/MEDIUMstick-tablelimit the time spent purging old entries
• BUG/MINORfiltersSkip disabled proxies during startup only
• BUG/MEDIUMmux-ptRelease the tasklet during an HTTP upgrade
• MINORserverCopy configuration file and line for server templates
• BUG/MINORserverSet server without addr but with dns in RMAINT on startup
• BUG/MINORproxy/serverSkip per-proxy/server post-check for disabled proxies
• BUG/MEDIUMfiltersDon't try to init filters for disabled proxies
• BUG/MINORcacheInverted variables in http_calc_maxage function
• BUG/MINORcacheManage multiple values in cache-control header value
• MINORistAdd a case insensitive istmatch function
• BUG/MINORluainitialize sample before using it
• BUG/MINORserverfix down_time report for stats
• BUG/MINORserverfix srv downtime calcul on starting
• BUG/MINORlogfix memory leak on logsrv parse error
• BUG/MINORextcheckadd missing checks on extchk_setenv()
• BUG/MAJORmux-h2Don't try to send data if we know it is no longer possible
• BUG/MINORhttp-anaDon't send payload for internal responses to HEAD requests
• BUG/MEDIUMserversupport changing the slowstart value from state-file
• BUG/MINORqueueproperly report redistributed connections
• BUG/MEDIUMsslOCSP must work with BoringSSL
• BUG/MINORdisable dynamic OCSP load with BoringSSL
• BUILDsslmake BoringSSL use its own version numbers

#2020/10/19 : 2.1r1 (1.0.0-228.361)

• MINORhapeeUpdate the list of backported/hapee patches
• MINORbackendAdd sample fetches to get the server's weight
• BUG/MINORpeersPossible unexpected peer seesion reset after collisions.
• BUG/MEDIUMlbAlways lock the server when calling server_{take,drop}_conn
• BUG/MEDIUMmux-h1Get the session from the H1S when capturing bad messages
• BUG/MEDIUMspoeUnset variable instead of set it if no data provided
• BUG/MEDIUMtaskbound the number of tasks picked from the wait queue at once
• MINORfdreport an error message when failing initial allocations
• BUG/MINORmux-h2do not stop outgoing connections on stopping
• BUG/MINORinitonly keep rlim_fd_cur if max is unlimited
• BUG/MINORhttp-htxExpect no body for 204/304 internal HTTP responses
• BUG/MEDIUMmux-h2Don't handle pending read0 too early on streams
• BUG/MEDIUMmux-fcgiDon't handle pending read0 too early on streams

#2020/10/08 : 2.1r1 (1.0.0-226.348)

• BUG/MINORmux-h1Always set the session on frontend h1 stream
• BUG/MINORpeersInconsistency when dumping peer status codes.
• MINORhluaDisplay debug messages on stderr only in debug mode
• BUG/MINORstatsfix validity of the json schema
• MINORcountersfix a typo in comment
• BUG/MEDIUMqueuemake pendconn_cond_unlink() really thread-safe
• DOCtcp-rulesRefresh details about L7 matching for tcp-request content rules
• BUG/MINORFix several leaks of 'log_tag' in init().
• BUILDmakefileFix building with closefrom() support enabled
• MINORsslreach a ckch_store from a sni_ctx
• BUG/MEDIUMsslcrt-list negative filters don't work

#2020/10/02 : 2.1r1 (1.0.0-226.337)

• MINORhapeeadd a .hapee directory to list backporting notes
• BUILDmakefileadd an EXTRAVERSION variable to ease local naming
• REGTESTmake map_regm_with_backref require 1.7
• REGTESTmake abns_socket.vtc require 1.8
• REGTESTfix host part in balance-uri-path-only.vtc
• DOCagent-checkfix typo in fail word expected reply
• BUG/MEDIUMlistenersdo not pause foreign listeners
• BUG/MINORconfigFix memory leak on config parse listen
• DOCspoa-serverfix false friends `actually`
• REGTESTSadd a few load balancing tests
• MINORbackendadd a new path-only option to balance uri
• MINORbackendmake the whole option of balance uri take only one bit
• BUG/MINORFix memory leaks cfg_parse_peers
• MINORh2/tracealso display the remaining frame length in traces
• BUG/MEDIUMh2report frame bits only for handled types
• BUG/MINORhttp-fetchDon't set the sample type during the htx prefetch
• BUG/MINORh2/tracedo not display stream error after a frame ACK
• BUG/MINORserverreport correct error message for invalid port on socks4
• BUG/MINORsslverifyhost is case sensitive
• BUG/MEDIUMssldoes not look for all SNIs before chosing a certificate
• BUG/MEDIUMhttp-anaDon't wait to send 1xx responses received from servers

#2020/09/18 : 2.1r1 (1.0.0-226.316)

• MEDIUMdnsimplement synchronous send
• BUG/MEDIUMdnsBe sure to renew IP address for already known servers
• BUG/MEDIUMdnsDon't store additional records in a linked-list
• CLEANUPremove obsolete comments
• CLEANUPdnsremove 45 return statements from dns_validate_dns_response()
• BUG/MEDIUMdnsConsider the fact that dns answers are case-insensitive
• BUG/MAJORdnsdisabled servers through SRV records never recover
• CLEANUPdnstypo in reported error message
• MINORargUse chunk_destroy() to release string arguments
• BUG/MEDIUMpatternRenew the pattern expression revision when it is pruned
• BUILDthreadsbetter workaround for late loading of libgcc_s
• BUG/MEDIUMmux-h1always apply the timeout on half-closed connections
• BUG/MINORauthreport valid crypto(3) support depending on build options
• CLEANUPUpdate .gitignore
• MINORCommit .gitattributes
• BUILDthreadlimit the libgcc_s workaround to glibc only
• BUG/MINORthreadswork around a libgcc_s issue with chrooting
• BUG/MEDIUMsslcheck OCSP calloc in ssl_sock_load_ocsp()
• BUG/MEDIUMdocFix replace-path action description
• BUG/MINORstartuphaproxy -s cause 100% cpu
• BUG/MEDIUMcontrib/spoa-serverFix ipv4_address used instead of ipv6_address
• BUG/MINORcontrib/spoa-serverUpdating references to free in case of failure
• BUG/MINORcontrib/spoa-serverDo not free reference to NULL
• BUG/MINORcontrib/spoa-serverEnsure ip address references are freed
• BUG/MAJORcontrib/spoa-serverFix unhandled python call leading to memory leak
• DOCcacheUse '<name>' instead of '<id>' in error message
• MINORhttp-htxAdd an option to eval query-string when the path is replaced
• BUG/MINORreloaddo not fail when no socket is sent

#2020/08/13 : 2.1r1 (1.0.0-226.288)

• BUG/MEDIUMhtxsmp_prefetch_htx() must always validate the direction
• BUG/MINORstatsuse strncmp() instead of memcmp() on health states
• BUG/MINORsnapshotsleak of snapshots on deinit()
• MEDIUMluaDon't filter exported fetches and converters
• BUG/MINORluaDuplicate lua strings in sample fetches/converters arg array
• MINORhluaDon't needlessly copy lua strings in trash during args validation
• BUG/MINORluaCheck argument type to convert it to IP mask in arg validation
• BUG/MINORluaCheck argument type to convert it to IPv4/IPv6 arg validation
• BUG/MINORargFix leaks during arguments validation for fetches/converters
• BUG/MINORluaDuplicate map name to load it when a new Map object is created
• BUG/MINORconvertersStore the sink in an arg pointer for debug() converter
• MINORargAdd an argument type to keep a reference on opaque data
• BUG/MEDIUMmap/luaReturn an error if a map is loaded during runtime
• BUG/MEDIUMsslmemory leak of ocsp data at SSL_CTX_free()
• BUG/MINORsslfix memory leak at OCSP loading
• BUG/MEDIUMmux-h1Refresh H1 connection timeout after a synchronous send

#2020/07/31 : 2.1r1 (1.0.0-223.272)

• SCRIPTSgit-show-backportsemit the shell command to backport a commit
• SCRIPTSgit-show-backportsmake -m most only show the left branch
• BUG/MEDIUMbackendalways attach the transport before installing the mux
• SCRIPTSannounce-releaseadd the link to the wiki in the announce messages
• MINORstream-intBe sure to have a mux to do sends and receives
• MINORconnectionPreinstall the mux for non-ssl connect
• BUG/MINORtcp-rulesPreserve the right filter analyser on content eval abort
• BUG/MAJORdnsdon't treat Authority records as an error
• BUG/MAJORdnsfix null pointer dereference in snr_update_srv_status
• BUG/MINORtcp-rulesSet the inspect-delay when a tcp-response action yields
• BUG/MEDIUMdnsDon't yield in do-resolve action on a final evaluation
• MEDIUMluaAdd support for the Lua 5.4
• BUG/MINORdebugDon't dump the lua stack if it is not initialized
• BUILDtoolsfix build with static only toolchains
• BUG/MEDIUMmux-h1Disable the splicing when nothing is received
• BUG/MEDIUMmux-h1Wakeup the H1C in h1_rcv_buf() if more data are expected
• BUG/MINORmux-fcgiDon't url-decode the QUERY_STRING parameter anymore
• BUG/MEDIUMdnsRelease answer items when a DNS resolution is freed
• BUG/MAJORdnsMake the do-resolve action thread-safe
• BUG/MEDIUMresolvefix init resolving for ring and peers section.
• BUG/MINORcfgparsedon't increment linenum on incomplete lines
• BUILDthreadadd parenthesis around values of locking macros
• BUILDebtreefix build on libmusl after recent introduction of eb_memcmp()
• BUG/MEDIUMchannelBe aware of SHUTW_NOW flag when output data are peeked

#2020/07/17 : 2.1r1 (1.0.0-223.248)

• MINORssladd a new function ssl_sock_get_ssl_object()
• MEDIUMsslsplit ssl_sock_msgcbk() and use a new callback mechanism
• MEDIUMsslallow to register callbacks for SSL/TLS protocol messages

#2020/07/16 : 2.1r1 (1.0.0-223.245)

• BUG/MEDIUMserverfix possibly uninitialized state file on close
• BUG/MEDIUMserverresolve state file handle leak on reload
• BUG/MEDIUMfcgi-appfix memory leak in fcgi_flt_http_headers
• BUG/MEDIUMlogissue mixing sampled to not sampled log servers.
• BUG/MINORmux-fcgiSet flags on the right stream field for empty FCGI_STDOUT
• BUG/MINORmux-fcgiSet conn state to RECORD_P when skipping the record padding
• BUG/MINORmux-fcgiHandle empty STDERR record
• BUG/MEDIUMmux-h1Continue to process request when switching in tunnel mode
• CONTRIBdafix memory leak in dummy function da_atlas_open()
• BUG/MEDIUMlistsadd missing store barrier in MT_LIST_ADD/MT_LIST_ADDQ
• BUG/MEDIUMlistsadd missing store barrier on MT_LIST_BEHEAD()
• BUG/MINORsampleFree str.area in smp_check_const_meth
• BUG/MINORsampleFree str.area in smp_check_const_bool
• DOCconfigurationremove obsolete mentions of H2 being converted to HTTP/1.x
• MINORpoolsincrease MAX_BASE_POOLS to 64
• BUG/MINORthreadsDon't forget to init each thread toremove_lock.
• MINORhttpAdd support for http 413 status
• BUG/MINORbackendRemove CO_FL_SESS_IDLE if a client remains on the last server
• BUG/MEDIUMconnectionContinue to recv data to a pipe when the FD is not ready
• MINORconnectionmove the CO_FL_WAIT_ROOM cleanup to the reader only
• BUG/MEDIUMmux-h1Subscribe rather than waking up in h1_rcv_buf()
• MINORmux-h1Improve traces about the splicing
• BUG/MEDIUMmux-h1Disable splicing for the conn-stream if read0 is received
• BUG/MINORmux-h1Disable splicing only if input data was processed
• BUG/MINORmux-h1Don't read data from a pipe if the mux is unable to receive
• BUG/MINORmux-h1Fix the splicing in TUNNEL mode
• BUG/MINORhttp_actdon't check capture id in backend (2)
• BUILDhaproxyfix build error when RLIMIT_AS is not set
• DOCconfigurationfix alphabetical ordering for tune.pool-{high,low}-fd-ratio
• DOCconfigurationadd missing index entries for tune.pool-{low,high}-fd-ratio
• BUG/MINORproxyalways initialize the trash in show servers state
• BUG/MINORproxyfix dump_server_state()'s misuse of the trash
• BUG/MEDIUMpatternAdd a trailing \0 to match strings only if possible
• DOCssladd allow-0rtt and ciphersuites in crt-list
• MINORclimake show sess stop at the last known session
• BUG/MEDIUMfetchFix hdr_ip misparsing IPv4 addresses due to missing NUL
• REGTESTssladd some ssl_c_* sample fetches test
• REGTESTssltests the ssl_f_* sample fetches
• MINORspoeDon't systematically create new applets if processing rate is low
• BUG/MINORhttp_anaclarify connection pointer check on L7 retry
• BUG/MINORspoecorrection of setting bits for analyzer
• REGTESTAdd a simple script to tests errorfile directives in proxy sections
• BUG/MINORsystemdWait for network to be online
• MEDIUMmapmake the clear map operation yield
• REGTESThttp-rulestest spaces in ACLs with master CLI
• REGTESThttp-rulestest spaces in ACLs
• BUG/MINORmworker/clifix semicolon escaping in master CLI
• BUG/MINORmworker/clifix the escaping in the master CLI
• BUG/MINORcliallow space escaping on the CLI
• BUG/MINORspoeadd missing key length check before checking key names
• BUG/MEDIUMebtreeuse a byte-per-byte memcmp() to compare memory blocks
• BUG/MINORtcp-rulestcp-response must check the buffer's fullness
• BUG/MINORhttpmake smp_fetch_body() report that the contents may change
• BUG/MEDIUMsslcrt-list must continue parsing on ERR_WARN
• BUG/MINORsslfix ssl-{min,max}-ver with openssl < 1.1.0
• REGTESTSAdd missing OPENSSL to REQUIRE_OPTIONS for compression/lua_validation
• REGTESTSAdd missing OPENSSL to REQUIRE_OPTIONS for lua/txn_get_priv
• BUILDmake dladdr1 depend on glibc version and not __USE_GNU
• BUG/MEDIUMpatternfix thread safety of pattern matching
• BUG/MEDIUMlogdon't hold the log lock during writev() on a file descriptor

#2020/06/30 : 2.1r1 (1.0.0-223.185)

• MEDIUMpeersadd the localpeer global option
• MINORpeersdo not use localpeer as an array anymore

#2020/06/08 : 2.1r1 (1.0.0-223.183)

• BUG/MINORmworkerfix a memleak when execvp() failed
• BUG/MINORsslfix a trash buffer leak in some error cases
• BUG/MEDIUMmworkerfix the reload with an -- option
• BUG/MINORinit-S can have a parameter starting with a dash
• BUG/MINORinit-x can have a parameter starting with a dash
• BUG/MEDIUMmworkerfix the copy of options in copy_argv()

#2020/06/05 : 2.1r1 (1.0.0-223.177)

• BUG/MEDIUMcontrib/prometheus-exporterProperly set flags to dump metrics
• BUG/MEDIUMhluaLock pattern references to perform set/add/del operations
• BUG/MEDIUMluaReset analyse expiration timeout before executing a lua action
• BUG/MINORpeersfix internal/network key type mapping.
• SCRIPTSpublish-releasepass -n to gzip to remove timestamp
• BUG/MINORnameserversfix error handling in parsing of resolv.conf
• BUG/MINORluaAdd missing string length for lua sticktable lookup
• BUG/MEDIUMlogsfix trailing zeros on log message.
• REGTESTSchecksFix tls_health_checks when IPv6 addresses are used
• BUG/MINORlogsprevent double line returns in some events.
• DOCSPOE is no longer experimental
• DOC/MINORhalogAdd long help info for ic flag
• DOCretry-on can only be used with mode http

#2020/05/26 : 2.1r1 (1.0.0-223.163)

• BUG/MINORserverFix server_finalize_init() to avoid unused variable
• BUG/MINORchecksRespect check-ssl param when a port or an addr is specified
• BUG/MEDIUMringwrite-lock the ring while attaching/detaching
• BUG/MAJORmux-fcgiStop sending loop if FCGI stream is blocked for any reason
• BUG/MINORcacheDon't needlessly test cache keyword in parse_cache_flt()
• BUG/MEDIUMstreamOnly allow L7 retries when using HTTP.
• BUG/MEDIUMstreamsRemove SF_ADDR_SET if we're retrying due to L7 retry.
• BUILDselectonly declare existing local labels to appease clang
• BUG/MINORsoft-stopalways wake up waiting threads on stopping
• BUG/MINORpollersremove uneeded free in global init
• BUG/MINORpoolsuse %u not %d to report pool stats in show pools
• BUG/MINORcfgparseAbort parsing the current line if an invalid \x sequence is encountered
• BUG/MEDIUMhttp_anamake the detection of NTLM variants safer
• BUG/MINORhttp-anafix NTLM response parsing again
• BUG/MINORconfigMake use_backend and use-server post-parsing less obscur
• BUG/MEDIUMluaFix dumping of stick table entries for STD_T_DICT
• BUG/MINORthreadsfix multiple use of argument inside HA_ATOMIC_UPDATE_{MIN,MAX}()
• BUG/MINORthreadsfix multiple use of argument inside HA_ATOMIC_CAS()
• BUG/MINORsampleSet the correct type when a binary is converted to a string
• CLEANUPconnectionsalign function declaration
• BUG/MEDIUMsslfix the id length check within smp_fetch_ssl_fc_session_id()
• BUG/MEDIUMh1Don't compare host and authority if only h1 headers are parsed
• BUG/MEDIUMconnectionsforce connections cleanup on server changes
• BUG/MEDIUMmux-fcgiFix wrong test on FCGI_CF_KEEP_CONN in fcgi_detach()
• BUG/MEDIUMmux_fcgiFree the FCGI connection at the end of fcgi_release()
• BUG/MINORchecksRemove a warning about http health checks
• BUG/MINORchecksCompute the right HTTP request length for HTTP health checks
• BUG/MINORchecks/serveruse_ssl member must be signed

#2020/05/19 : 2.1r1 (1.0.0-223.133)

• MEDIUMstatsEnable more accurate moving average calculation for stats
• MINORstatsExpose native cum_req metric for a server
• MINORstatsPrepare for more accurate moving averages

#2020/05/06 : 2.1r1 (1.0.0-223.130)

#2020/05/04 : 2.1r1 (1.0.0-222.130)

• REGTESThttp-rulesRequire PCRE or PCRE2 option to run map_redirect script
• REGTESTssltest the client certificate authentication
• BUILDMakefileadd linux-musl to TARGET
• MINORstreamreport the list of active filters on stream crashes
• BUG/MEDIUMshctxbound the number of loops that can happen around the lock
• BUG/MEDIUMshctxreally check the lock's value while waiting
• BUG/MINORdebugproperly use long long instead of long for the thread ID
• MINORthreadsexport the POSIX thread ID in panic dumps
• BUG/MEDIUMlistenermark the thread as not stuck inside the loop
• BUG/MEDIUMsamplemake the CPU and latency sample fetches check for a stream
• BUG/MEDIUMhttpthe unique-id sample fetch could crash without a steeam
• BUG/MEDIUMhttpthe http_first_req sample fetch could crash without a steeam
• BUG/MEDIUMcapturecapture.{req,res}.* crash without a stream
• BUG/MEDIUMcapturecapture-req/capture-res converters crash without a stream
• BUG/MINORmux-fcgiBe sure to have a connection as session's origin to use it
• BUG/MINORobj_typeHandle stream object in obj_base_ptr() function
• BUG/MINORcheckschained expect will not properly wait for enough data
• BUG/MEDIUMserver/checksInit server check during config validity check
• BUG/MINORchecksRespect the no-check-ssl option
• MINORchecksAdd a way to send custom headers and payload during http chekcs
• BUG/MINORcheckUpdate server address and port to execute an external check
• MINORcontribmake the peers wireshark dissector a plugin
• MEDIUMmemorymake pool_gc() run under thread isolation
• DOCoption logasap does not depend on mode
• BUG/MINORhttpmake url_decode() optionally convert '+' to SP
• BUG/MINORtoolsfix the i386 version of the div64_32 function
• BUG/MEDIUMhttp-anaHandle NTLM messages correctly.
• BUG/MINORssldefault settings for ssl server options are not used
• DOCImprove documentation on http-request set-src
• MINORversionShow uname output in display_version()
• DOChashingupdate link to hashing functions
• BUG/MINORpeersIncomplete peers sections should be validated.
• BUG/MINORconnectionalways send address-less LOCAL PROXY connections
• BUG/MINORsslmemleak of the struct cert_key_and_chain
• BUG/MINORssl/climemory leak in 'set ssl cert'
• MINORsslimprove the errors when a crt can't be open
• BUG/MINORprotocol_bufferWrong maximum shifting.

#2020/04/21 : 2.1r1 (1.0.0-222.93)

#2020/04/01 : 2.1r1 (1.0.0-221.93)

• BUG/CRITICALhpacknever index a header into the headroom after wrapping
• BUG/MINORhttp-anaReset request analysers on error when waiting for response
• BUG/MINORhttp_anamake sure redirect flags don't have overlapping bits
• DOCinternalsFix spelling errors in filters.txt
• BUG/MINORstatsFix color of draining servers on stats page
• BUILDsslonly pass unsigned chars to isspace()
• MINORlisteneradd so_name sample fetch
• BUG/MINORpeersUse after free of peers section.
• BUG/MINORpeersavoid an infinite loop with peers_fe is NULL
• BUG/MINORpeersinit bind_proc to 1 if it wasn't initialized
• BUG/MINORhaproxy/threadsclose a possible race in soft-stop detection
• REGTESTincrease timeouts on the seamless-reload test
• REGTESTSuse command -v instead of which
• BUG/MINORconnectionsMake sure we free the connection on failure.
• MINORmemoryChange the flush_lock to a spinlock, and don't get it in alloc.
• BUG/MEDIUMwdtDon't ignore WDTSIG and DEBUGSIG in __signal_process_queue().
• MINORwdtMove the definitions of WDTSIG and DEBUGSIG into types/signal.h.
• DOCassorted typo fixes in the documentation
• BUG/MEDIUMpeersresync ended with RESYNC_PARTIAL in wrong cases.
• BUILDmakefilefix expression again to detect ARM platform
• BUILDmakefilefix regex syntax in ARM platform detection
• BUILDon ARM, must be linked to libatomic.
• DOCcorrect typo in alert message about rspirep
• DOCproxy_protocolReserve TLV type 0x05 as PP2_TYPE_UNIQUE_ID
• BUG/MINORhaproxy/threadstry to make all threads leave together
• BUG/MINORlistener/mqdo not dispatch connections to remote threads when stopping
• BUG/MINORhaproxyalways initialize sleeping_thread_mask
• BUG/MEDIUMpoolsAlways update free_list in pool_gc().
• BUG/MEDIUMrandomalign the state on 2*64 bits for ARM64
• MINORmt_listsAppease gcc.
• BUG/MEDIUMmt_listsMake sure we set the deleted element to NULL;
• BUILDwdtonly test for SI_TKILL when compiled with thread support
• DOCsslclarify security implications of TLS tickets
• DOCassorted typo fixes in the documentation
• DOCimprove description of no-tls-tickets
• DOCfix typo about no-tls-tickets
• BUG/MINORrulesIncrement be_counters if backend is assigned for a silent-drop
• BUG/MINORrulesPreserve FLT_END analyzers on silent-drop action
• BUG/MINORhttp-rulesFix a typo in the reject action function
• BUG/MINORhttp-rulesPreserve FLT_END analyzers on reject action
• BUG/MINORluaIgnore the reserve to know if a channel is full or not
• BUG/MINORhttp-anaReset request analysers on a response side error
• BUG/MEDIUMcompression/filtersFix loop on HTX blocks compressing the payload
• BUG/MEDIUMcache/filtersFix loop on HTX blocks caching the response payload
• MINORhtxAdd a function to return a block at a specific offset
• BUG/MINORfiltersForward everything if no data filters are called
• BUG/MINORfiltersUse filter offset to decude the amount of forwarded data
• REGTESTmake the PROXY TLV validation depend on version 2.2
• BUG/MAJORproxy_protocolProperly validate TLV lengths
• BUG/MINORinitmake the automatic maxconn consider the max of soft/hard limits
• DOCassorted typo fixes in the documentation and Makefile
• DOCconfiguration.txtfix various typos
• BUG/MINORpatternDo not pass len = 0 to calloc()
• OPTIMstartupfast unique_id allocation for acl.
• DOCfix incorrect indentation of http_auth_*

#2020/03/31 : 2.1r1 (1.0.0-221.38)

• BUG/MEDIUMdnsimproper parsing of aditional records

#2020/03/27 : 2.1r1 (1.0.0-220.37)

#2020/03/18 : 2.1r1 (1.0.0-219.37)

• BUG/MAJORlistfix invalid element address calculation
• BUG/MINORchecks/threadsuse ha_random() and not rand()
• MINORbackenduse a single call to ha_random32() for the random LB algo
• BUG/MEDIUMrandomimplement a thread-safe and process-safe PRNG
• BUG/MEDIUMrandomimplement a thread-safe and process-safe PRNG
• MINORtoolsadd 64-bit rotate operators
• BUG/MEDIUMrandominitialize the random pool a bit better
• MINORcontrib/prometheus-exporterAdd the last heathcheck duration metric
• BUG/MINORhttp-htxDo case-insensive comparisons on Host header name
• BUG/MINORdnsignore trailing dot
• BUG/MINORsampleMake sure to return stable IDs in the unique-id fetch
• BUG/MINORh2reject again empty :path pseudo-headers
• BUILDebtreeimprove architecture-specific alignment
• MINORcompileradd new alignment macros
• BUG/MINORconnectionmake sure to correctly tag local PROXY connections
• BUG/MEDIUMsslfix several bad pointer aliases in a few sample fetch functions
• BUG/MINORsamplefix the json converter's endian-sensitivity
• CLEANUPcfgparseFix type of second calloc() parameter
• BUILDfix recent build failure on unaligned archs
• BUG/MEDIUMebtreedon't set attribute packed without unaligned access support
• MINORcompilermove CPU capabilities definition from config.h and complete them
• BUG/MEDIUMshctxmake sure to keep all blocks aligned
• BUG/MINORhttphttp-request replace-path duplicates the query string
• MINORistadd an iststop() function
• BUG/MAJORhttp-anaAlways abort the request when a tarpit is triggered
• MINORhttp-anaMatch on the path if the monitor-uri starts by a /
• BUG/MINORhttp-anaMatching on monitor-uri should be case-sensitive
• BUG/MINORhttp-htxDon't return error if authority is updated without changes
• BUG/MINORfiltersCount HTTP headers as filtered data but don't forward them
• MINORfiltersForward data only if the last filter forwards something
• MINORhttp-htxAdd a function to retrieve the headers size of an HTX message
• SCRIPTSannounce-releaseuse mutt -H instead of -i to include the draft
• MINORmux-fcgiMake the capture of the path-info optional in pathinfo regex
• BUG/MINORmux-fcgiForbid special characters when matching PATH_INFO param
• BUG/MEDIUMmuxesUse the right argument when calling the destroy method.
• BUG/MINORnamespaceavoid closing fd when socket failed in my_socketat

#2020/03/06 : 2.1r1 (1.0.0-217.0)