Search filters

Type

Section

Actions

Changelog - HAProxy Enterprise latest

#2025/04/17 : 3.1r1 (1.0.0-347.338)

  • BUG/MEDIUMhluafix hlua_applet_{http,tcp}_fct() yield regression (lost data)
  • BUG/MINORh3reject request URI with invalid characters
  • BUG/MINORh3reject invalid :path in request
  • BUG/MINORh3filter upgrade connection header
  • BUG/MEDIUMh3trim whitespaces in header value prior to QPACK encoding
  • BUG/MEDIUMh3trim whitespaces when parsing headers value
  • MINORdebugdetect call instructions and show the branch target in backtraces
  • MINORdebugin call traces, dump the 8 bytes before the return address, not after
  • MINORtoolslet dump_addr_and_bytes() support dumping before the offset
  • BUILDquicfix overflow in global tune
  • MINORquicdefine quic_tune
  • MINORquictransform pacing settings into a global option
  • MINORquicallow BBR testing without pacing
  • MINORquicremove references to burst in quic-cc-algo parsing
  • BUG/MEDIUMhttp-anaReport 502 from req analyzer only during rsp forwarding
  • BUG/MINORhttp-anaProperly detect client abort when forwarding the response
  • DOCconfigadd the missing force-cfg-parser-pause to the global kw index
  • DOCconfigadd the missing profiling.memory to the global kw index
  • BUG/MINORdebugremove the trailing \n from BUG_ON() statements
  • BUG/MINORhluafix invalid errmsg use in hlua_init()
  • BUG/MINORbackenddo not use the source port when hashing clientip
  • BUG/MEDIUMsamplefix risk of overflow when replacing multiple regex back-refs
  • BUG/MINORlogfix CBOR encoding with LOG_VARTEXT_START() + lf_encode_chunk()
  • CLEANUPlogadjust _lf_cbor_encode_byte() comment
  • BUG/MINORhlua_fcnfix potential UAF with Queue:pop_wait()
  • MINORtaskadd thread safe notification_new and notification_wake variants
  • TESTSFix build for filltab25.c
  • BUG/MEDIUMstreamFix a possible freeze during a forced shut on a stream
  • DOCupdate INSTALL to reflect the minimum compiler version
  • BUILDquic_sockaddress a strict-aliasing build warning with gcc 5 and 6
  • BUG/MEDIUMbackendfix reuse with set-dst/set-dst-port
  • BUG/MINORbackenddo not overwrite srv dst address on reuse
  • BUG/MINORrhttpfix incorrect dst/dst_port values
  • BUILDcompilerundefine the CONCAT() macro if already defined
  • DOCconfigfix two missing content in tcp-request examples
  • BUG/MINORconfigsilence .notice/.warning/.alert in discovery mode
  • BUG/MINORlogfix gcc warn about truncating NUL terminator while init char arrays
  • BUG/MINORmux-quicremove extra BUG_ON() in _qcc_send_stream()
  • BUG/MEDIUMmux-quicfix crash on RS/SS emission if already close local

#2025/04/03 : 3.1r1 (1.0.0-347.299)

  • BUG/MEDIUMpeersprevent learning expiration too far in futur from unsync node
  • BUG/MINORpeersfix expire learned from a peer not converted from ms to ticks
  • MINORlogsupport raw logformat node typecast
  • BUG/MINORlogprevent saddr NULL deref in syslog_io_handler()
  • MINORloghandle log-forward option host
  • MINORlogadd option host log-forward option
  • MINORtoolsonly print address in sa2str() when port == -1
  • MINORlogprovide source address information in syslog_process_message()
  • MINORproxyadd proxy->options3
  • CLEANUPlogadd syslog_process_message() helper
  • MINORlogdetach prepare from parse message
  • MINORstktableimplement recv-only table option

#2025/03/20 : 3.1r1 (1.0.0-346.287)

  • BUILDtoolsavoid a build warning on gcc-4.8 in resolve_sym_name()
  • MINORtoolsteach resolve_sym_name() a few more common symbols
  • MINORtoolsease the declaration of known symbols in resolve_sym_name()
  • MINORtoolsimprove symbol resolution without dl_addr
  • MINORcliexport cli_io_handler() to ease symbol resolution
  • BUG/MEDIUMstreamdon't use localtime in dumps from a signal handler
  • MINORtinfosplit the signal handler report flags into 3
  • IMPORTplockuse cpu_relax() for a shorter time in EBO
  • IMPORTplocklower the slope of the exponential back-off
  • IMPORTplockgive higher precedence to W than S
  • BUG/MINORmux-h2Reset streams with NO_ERROR code if full response was already sent
  • BUG/MEDIUMhlua/clifix cli applet UAF in hlua_applet_wakeup()
  • BUG/MINORlimitscompute_ideal_maxconn: don't cap remain if fd_hard_limit=0

#2025/03/13 : 3.1r1 (1.0.0-346.274)

  • BUILDtoolssilence a build warning when USE_THREAD=0
  • MINORtoolsuse only opportunistic symbols resolution
  • BUG/MINORstatsfix capabilities and hide settings for some generic metrics
  • DOCmanagementrename some last occurences from domain dns to resolvers
  • MINORcompileradd a new __decl_thread_var() macro to declare local variables
  • MINORcompileradd a simple macro to concatenate resolved strings
  • BUG/MEDIUMthreaduse pthread_self() not ha_pthread[tid] in set_affinity
  • MINORstartupadjust alert messages, when capabilities are missed
  • BUG/MINORcfgparse-tcprelax namespace bind check
  • MINORstream/climake show sess support filtering on front/back/server
  • MINORstream/clirework show sess to better consider optional arguments
  • BUG/MINORstreamfix age calculation in show sess output
  • MINORcfgparse/peersprovide more info when ignoring invalid peer or server lines
  • BUG/MINORserverdont return immediately from parse_server() when skipping checks
  • BUG/MINORcfgparse/peersproperly handle ignored local peer case
  • BUG/MINORcfgparse/peersfix inconsistent check for missing peer server
  • BUG/MEIDUMstartupreturn to initial cwd only after check_config_validity()
  • BUG/MINORlogset proper smp size for balance log-hash
  • CLEANUPlogremoving log-balance references
  • CIgithubfix h2spec.config proxy names
  • TESTSistfix wrong array size
  • BUG/MINORservercheck for either proxy-protocol v1 or v2 to send hedaer
  • BUG/MEDIUMmux-fcgiTry to fully fill demux buffer on receive if not empty
  • CLEANUPh3fix documentation of h3_rcv_buf()
  • BUG/MINORh3do not report transfer as aborted on preemptive response
  • BUG/MINORserverfix the server-template prefix memory leak
  • BUG/MEDIUMserverproperly initialize PROXY v2 TLVs
  • BUG/MINORh2always trim leading and trailing LWS in header values
  • BUG/MEDIUMstreamuse non-blocking freq_ctr calls from the stream dumper
  • MINORfreq_ctrprovide non-blocking read functions
  • BUG/MEDIUMstreamnever allocate connection addresses from signal handler
  • MINORtinfoadd a new thread flag to indicate a call from a sig handler
  • BUG/MINORmux-h1always make sure h1s->sd exists in h1_dump_h1s_info()
  • BUG/MINORstreamdo not call co_data() from __strm_dump_to_buffer()
  • MINORclockalways use atomic ops for global_now_ms
  • BUG/MINORsinkadd tempo between 2 connection attempts for sft servers
  • BUG/MINORlogfix outgoing abns address family
  • BUG/MEDIUMuxstfix outgoing abns address family in connect()
  • BUG/MINORcfgparsefix NULL ptr dereference in cfg_parse_peers
  • BUG/MEDIUMspoe/mux-spopIntroduce an NOOP action to deal with empty ACK
  • BUG/MEDIUMappletDon't handle EOI/EOS/ERROR is applet is waiting for room

#2025/02/19 : 3.1r1 (1.0.0-345.233)

  • DOCoption redispatch should mention persist options
  • BUG/MINORstats-jsonDefine JSON_INT_MAX as a signed integer
  • BUG/MINORflt-traceSupport only one name option
  • BUG/MINORauthFix a leak on error path when parsing user's groups
  • BUG/MINORconfig/userlistSupport one 'users' option for 'group' directive
  • BUG/MINORcliFix a possible infinite loop in _getsocks()
  • BUG/MINORcliFix memory leak on error for _getsocks command
  • BUG/MINORcliDon't set SE flags from the cli applet
  • MINORmux-spopSet SPOP_CF_ERROR flag on connection error only
  • MINORmux-spopReport EOI on the SE when a ACK is received for a stream
  • MINORflt-spoeReport end of input immediately after applet init
  • BUG/MEDIUMflt-spoeProperly handle end of stream from the SPOE applet
  • BUG/MEDIUMappletDon't pretend to have more data to handle EOI/EOS/ERROR
  • BUG/MEDIUMflt-spoeSet/test applet flags instead of SE flags from I/O handler
  • BUG/MINORhttp-checkDon't pretend a C-L heeader is set before adding it
  • BUG/MINORtcp-rulesDon't forward close during tcp-response content rules eval
  • BUG/MEDIUMmux-fcgiProperly handle read0 on partial records
  • DOChtxclarify <mark> parameter for htx_xfer_blks()
  • BUG/MEDIUMhtxwrong count computation in htx_xfer_blks()
  • MEDIUMepollskip reports of stale file descriptors
  • DEBUGepollstore and compare the FD's generation count with reported event
  • MINORfdadd a generation number to file descriptors
  • DEBUGfdadd a counter of takeovers of an FD since it was last opened
  • BUG/MEDIUMchunkmake sure to flush the trash pool before resizing
  • MINORquicadapt credit based pacing to BBR
  • MINORquicremove unused pacing burst in bind_conf/quic_cc_path
  • MEDIUMquicuse dynamic credit for pacing
  • MEDIUMmux-quicreduce pacing CPU usage with passive wait
  • MEDIUMquicimplement credit based pacing
  • MINORmux-quicincrement pacing retry counter on expired
  • MINORquicrename pacing_rate cb to pacing_inter
  • BUG/MINORstktableinvalid use of stkctr_set_entry() with mixed table types
  • BUG/MINORmux-h2Properly handle full or truncated HTX messages on shut
  • REGTESTSFix truncated.vtc to send 0-CRLF
  • BUG/MINORmux-quicprevent crash after MUX init failure
  • BUG/MINORquicprevent crash on conn access after MUX init failure
  • BUG/MINORfcgiDon't set the status to 302 if it is already set
  • BUG/MEDIUMfiltersHandle filters registered on data with no payload callback
  • BUG/MINORcliWait for the last ACK when FDs are xferred from the old worker
  • BUG/MEDIUMcliBe sure to drop all input data in END state
  • BUG/MINORssl/clishow ssl crt-list lacks sigals
  • BUG/MINORssl/clishow ssl crt-list lacks client-sigals
  • BUG/MEDIUMfdmark FD transferred to another process as FD_CLONED
  • BUG/MINORmworkerpost_section_parser for the last section in discovery
  • BUG/MINORmworkersection ignored in discovery after a post_section_parser
  • BUG/MINORquicfix CRYPTO payload size calcul for encoding
  • BUG/MINORquicreserve length field for long header encoding
  • BUG/MEDIUMdebugclose a possible race between thread dump and panic()
  • BUG/MEDIUMsslchosing correct certificate using RSA-PSS with TLSv1.3
  • BUILDsslmore cleaner approach to WolfSSL without renegotiation
  • BUILDsslallow to build without the renegotiation API of WolfSSL
  • HAPEEsslenable USE_ENGINE automatically when OpenSSL < 3.0
  • BUG/MINORstartuphap_register_feature() fix for partial feature name
  • MINORstartupallow hap_register_feature() to enable a feature in the list
  • MINORhapee/WURFLtransfer error status from the _wurfl_reload() function
  • MINORhapee/WURFLadded live update database function
  • MINORhapee/WURFLadded custom API log function
  • MINORhapee/WURFLadded function to check correct module initialization
  • BUG/MINORhapee/WURFLcorrected version check of used wurfl library
  • MINORhapee/daalert in case of incorrect data version
  • BUG/MINORhapee/daenabling use of precompiled json database in 'deviceatlas-json-file'
  • BUG/MINORhapee/dafixed bug when using binary version of database
  • BUG/BUILDhapee/daadded preprocessed source code generation for *.cpp files
  • BUILDhapee/darepaired build in case of using old DeviceAtlas library
  • MINORhapee/daadd function that allow data reload
  • MINORhapee/daadd spin locking
  • MINORhapee/daadd support for loading a precompiled json data
  • MEDIUMhapee/daRevert MEDIUM: da: update module to handle schedule mode.
  • MEDIUMhapee/51dsupport data reload for 51Degrees V4 engine
  • MINORhapee/51dadd function that returns path to 51Degrees data file
  • MINORhapee/51dadd function that allow data reload
  • BUG/MINORhapee/51dadd spin locking
  • BUILDhapee/51dfix error when building with 51Degrees enabled
  • BUG/MEDIUMhapee/51dfix a segfault on exit when 51d configuration is not loaded
  • MEDIUMhapee/51duse fiftyoneDegreesProvider to access the pool and dataset
  • MINORhapeeUpdate backports list
  • MINORepollpermit to mask certain specific events
  • CLEANUPquicremove unused prototype
  • BUG/MINORstreamProperly handle on-marked-up shutdown-backup-sessions
  • BUG/MINORsslput ssl_sock_load_ca under SSL_NO_GENERATE_CERTIFICATES
  • BUG/MINORquicdo not increase congestion window if app limited
  • BUG/MEDIUMmux-h1Properly close H1C if an error is reported before sending data
  • BUILDquicMove an ASSUME_NONNULL() for variable which is not null
  • MINORquicAdd a BUG_ON() on quic_tx_packet refcount
  • BUG/MINORquicensure a detached coalesced packet can't access its neighbours
  • BUG/MINORinitset HAPROXY_STARTUP_VERSION from the variable, not the macro
  • BUG/MAJORlog/sinkpossible sink collision in sink_new_from_srv()
  • BUG/MAJORquicreject too large CRYPTO frames
  • BUG/MEDIUMpromexUse right context pointers to dump backends extra-counters
  • BUG/MEDIUMstktablefix missing lock on some table converters
  • BUG/MINORquicreject NEW_TOKEN frames from clients
  • BUG/MINORstktablefix big-endian compatiblity in smp_to_stkey()
  • BUG/MEDIUMhapee/modulesfix invalid pool_free() in stream_new()
  • BUILDhapeeERR=1 broken with cfgcond.c
  • MINORhapeeadd a .hapee directory to list backporting notes
  • BUG/MEDIUMh1-htxProperly handle bodyless messages
  • BUG/MEDIUMpromex/resolversDon't dump metrics if no nameserver is defined
  • BUG/MINORmux-quichandle closure of uni-stream
  • MINORmux-quicchange return value of qcs_attach_sc()
  • MINORmux-quicadd traces on sd attach
  • BUG/MINORmux-quicfix wakeup on qcc_set_error()
  • MINORconfigAlert about extra arguments for errorfile and errorloc
  • BUG/MINORlogAllow to use if/unless conditionnals for do-log action
  • BUG/MEDIUMmux-quicdo not attach on already closed stream
  • BUG/MAJORmux-quicproperly fix BUG_ON on empty STREAM emission
  • BUG/MEDIUMmux-h2Count copied data when looping on RX bufs in h2_rcv_buf()
  • BUG/MAJORmux-quicfix BUG_ON on empty STREAM emission
  • DOCconfigadd missing track-sc0 in action keywords matrix
  • BUG/MINORstatsfix segfault caused by uninitialized value in show schema json
  • BUG/MEDIUMqueueMake process_srv_queue return the number of streams
  • MINORhluarename tune.lua.preserve-smp-bool to tune.lua.bool-sample-conversion
  • BUG/MINORh2/rhttpfix HTTP2 conn counters on reverse
  • CLEANUPmux-quicremove dead err label in qcc_build_frms()
  • BUG/MEDIUMmux-quicprevent BUG_ON() by refreshing frms on MAX_DATA
  • REGTESTSfix lua-based regtests using tune.lua.smp-preserve-bool
  • MINORhluaadd option to preserve bool type from smp to lua
  • DOCconfigadd tune.lua.burst-timeout to the list of global parameters
  • DOCconfigreorder tune.lua.* keywords by alphabetical order
  • DOCconfigadd example for server track keyword
  • MINORmux-quichide traces when woken up on pacing only
  • MINORtraceimplement tracing disabling API
  • MEDIUMmux-quicremove pacing specific code on qcc_io_cb
  • MEDIUM/OPTIMmux-quicdo not rebuild frms list on every send
  • MINORmux-quicsplit STREAM and RS/SS emission
  • MINORmux-quicextract code to build STREAM frames list
  • MEDIUM/OPTIMmux-quicimplement purg_list
  • MEDIUM/OPTIMmux-quicdefine a recv_list for demux resumption
  • MINORmux-quicrefactor wait-for-handshake support
  • MINORquicadd traces
  • CLEANUPmux-quicremove unused qcc member send_retry_list
  • BUG/MEDIUMmux-quicdo not mix qcc_io_send() return codes with pacing
  • BUILDdebugonly dump/reset glitch counters when really defined
  • BUG/MEDIUMqueuesDo not use pendconn_grab_from_px().
  • BUG/MEDIUMqueuesMake sure we call process_srv_queue() when leaving
  • BUG/MEDIUMstconnOnly consider I/O timers to update stream's expiration date
  • CLEANUPquicRename some BBR functions in relation with bw probing
  • BUG/MINORquicmissing Startup accelerating probing bw states
  • REGTESTSssladd a PEM with mix of LF and CRLF line endings
  • BUG/MINORclicli_snd_buf: preserve \r\n for payload lines
  • BUG/MINORquictoo permissive exit condition for high loss detection in Startup (BBR)
  • BUG/MINORquicfix the wrong tracked recovery start time value
  • CLEANUPquicremove a wrong comment about ->app_limited (drs)
  • MINORquicreduce the private data size of QUIC cc algos
  • BUG/MINORquicreduce packet losses at least during ProbeBW_CRUISE (BBR)
  • BUG/MINORquicunderflow issue for bbr_inflight_hi_from_lost_packet()
  • BUG/MINORquicremove max_bw filter from delivery rate sampling
  • BUG/MINORquicwrong bbr_target_inflight() implementation
  • BUG/MINORquicfix BBB max bandwidth oscillation issue.
  • BUG/MINORquicwrong logical statement in in_recovery_period() (BBR)
  • MINORwindow_filterrely on the time to update the filter samples (QUIC/BBR)
  • MINORhapeeadd the module() predicate
  • MINORssl/cliadd -A to the 'show ssl sni' command description
  • MINORssl/cliallow to filter expired certificates with 'show ssl sni'
  • MINORssladd utils functions to extract X509 notAfter date
  • MINORssl/cliadd negative filters to show ssl sni
  • CLEANUPsslfix comment in 'show ssl sni'
  • DOCmanagementfix typos and paragraph ordering in 'show ssl sni'
  • MEDIUMssl/clishow ssl sni list the loaded SNI in frontends
  • MINORssladd notBefore and notAfter utility functions
  • BUG/MINORhlua_fcnrestore server pairs iterator pointer consistency
  • BUG/MINORserver-stateFix expiration date of srvrq_check tasks
  • BUG/MINORhttp-fetchIgnore empty argument string for query()
  • BUG/MEDIUMstats/serveruse watcher to track server during stats dump
  • MINORlistdefine a watcher type
  • BUG/MINORstatsdecrement srv refcount on stats-file release
  • BUG/MINORresolvershandle a possible strdup() failure
  • BUG/MINORssl_crtlisthandle a possible strdup() failure
  • BUG/MINORnamespacehandle a possible strdup() failure
  • BUG/MEDIUMmworkerreport status, if daemonized master fails
  • BUG/MEDIUMstartupreport status if daemonized process fails
  • BUG/MEDIUMstartupdon't daemonize if started with -c
  • BUG/MINORstartupfix error path for master, if can't open pidfile
  • BUG/MINORmworkerfix -D -W -sf/-st modes
  • BUG/MINORmworkerdon't save program PIDs in oldpids
  • BUG/MINORmux-h2fix expression when detecting excess of CONTINUATION frames
  • MINORmux-h2/glitchesadd a description to the H2 glitches
  • CLEANUPmux-h2/tracesreword certain ambiguous traces
  • MINORmux-h2/tracesadd a missing trace on negative initial window size
  • BUILDdebugfix build issues in COUNT_IF() with -Wunused-value
  • BUG/MINORdebugCOUNT_IF() should return true/false
  • DOCconfigfix confusing init-state examples
  • BUG/MINORconfigFix parsing of accept-invalid-http-{request,response}
  • BUG/MEDIUMmux-h2make sure not to touch dummy streams when sending WU
  • BUG/MINORquicremove startup alert if GSO unsupported
  • BUG/MINORquicremove startup alert if conn socket-owner unsupported
  • BUG/MEDIUMmux-quicremove pacing status when everything is sent
  • BUG/MINORinitdo not call fork_poller() for non-forked processes
  • BUG/MEDIUMinitmake sure only daemonized processes change their session
  • BUG/MINORquicfix bbr_inflight() calls with wrong gain value
  • BUG/MINORstartupfix pidfile creation
  • BUG/MINORstartupclose pidfd and free global.pidfile in handle_pidfile()
  • BUG/MINORsignalregister default handler for SIGINT in signal_init()
  • BUILDquicfix a build error about an non initialized timestamp
  • BUG/MINORh1-htxUse default reason if not set when formatting the response
  • BUG/MEDIUMhttp-anaReset request flag about data sent to perform a L7 retry
  • BUG/MEDIUMquicprevent stream freeze on pacing
  • BUG/MEDIUMevent_hdlfix uninitialized value in async mode when no data is provided
  • BUG/MINORimprove BBR throughput on very fast links
  • BUG/MINORlogfix lf_text() behavior with empty string
  • MINORproxyAdd support of 421-Misdirected-Request in retry-on status
  • BUG/MEDIUMsockRemove FD_POLL_HUP during connect() if FD_POLL_ERR is not set
  • MINORhapee/modulesreport the per-stream allocated size for each module
  • BUG/MEDIUMhapeeprevent the module file name being overwritten
  • MEDIUMhapeeHAPEE_MODULE_DECLARE() allows to declare an HAPEE module
  • BUG/MINORhapeeMakefile: bad substitution for MODVERSION variable
  • BUG/MINORhapeerelax __vers symbol check
  • BUG/MINORhapee/modulescan't load modules with USE_OBSOLETE_LINKER
  • BUG/MINORhapeeremove leading \n on __vers error
  • MEDIUMhapeewarn on unsupported initcalls
  • BUG/MINORhapeeforbid to load a module twice
  • HAPEEudpupdate structs and functions required for the UDP module
  • HAPEEmakefileautomatically build objects in addons/hapee_*
  • HAPEEmakefileupdate the cleanup rule to also remove *.i from addons
  • HAPEEaddonsquic CID in -vv
  • HAPEEaddonsadds quic CID generator to interop with packetshield
  • MEDIUMhapeedoes not pass OPTION_LDFLAGS to modules
  • MINORhapee/modulescheck if we generate the API hash correctly
  • BUG/MINORhapee/modulesadjust include match() in gen-modules-config-h.awk
  • BUG/MINORhapee/modulesinitialize the module head list
  • BUILDhapee/modulesselect either md5 or md5sum
  • MEDIUMhapee/modulesload the STG_REGISTER initcalls
  • BUG/MINORhapee/modulesdisplay detailed error message on mod_init() failure
  • MINORhapee/modulesadd a new label MODULES_LOCK to the lock_label enum
  • MINORhapee/modulesadd the ability to register variable and functions.
  • MEDIUMhapee/modules'modules list' on the cli shows currently loaded modules
  • MINORhapee/modulesterminate properly loaded modules if possible
  • MEDIUMhapee/modulesadd memory reservation support for the modules
  • MINORhapeechange URLs for 3.1r1
  • BUILDhapee/modulesupdate HAPEE version macro to 3.1r1
  • BUILDhapee/modulesadd macros to compute numerical value of a HAPEE version
  • BUILDhapee/modulesadd version of the module in the defines
  • MEDIUMhapee/modulesadd modules support
×

About the new layout

For 2025, we're happy to introduce a redesigned HAProxy Configuration Manual!

The new manual enhances the user experience by providing more help for keywords, including more details about context, usage, and syntax. New search filters help you find keywords faster, with separate coverage for each variant.

If you would prefer to use the older layout click here.