4ebe6dcb31
248 Commits
Author | SHA1 | Message | Date | |
---|---|---|---|---|
Christopher Faulet
|
c2c009086d |
[RELEASE] Released version 3.0.6
Released version 3.0.6 with the following main changes : - MINOR: connection: No longer include stconn type header in connection-t.h - BUG/MINOR: h1: do not forward h2c upgrade header token - BUG/MINOR: h2: reject extended connect for h2c protocol - MINOR: mux-h1: Set EOI on SE during demux when both side are in DONE state - BUG/MEDIUM: mux-h1/mux-h2: Reject upgrades with payload on H2 side only - REGTESTS: h1/h2: Update script testing H1/H2 protocol upgrades - REGTESTS: shorten a bit the delay for the h1/h2 upgrade test - BUG/MINOR: mux-quic: report glitches to session - BUG/MEDIUM: cli: Be sure to catch immediate client abort - BUG/MEDIUM: cli: Deadlock when setting frontend maxconn - BUG/MINOR: server: make sure the HMAINT state is part of MAINT - BUG/MINOR: cfgparse-global: fix allowed args number for setenv - BUILD: tools: only include execinfo.h for the real backtrace() function - MINOR: tools: do not attempt to use backtrace() on linux without glibc - MINOR: task: define two new one-shot events for use with WOKEN_OTHER or MSG - BUG/MEDIUM: stream: make stream_shutdown() async-safe - BUG/MINOR: queue: make sure that maintenance redispatches server queue - MINOR: server: make srv_shutdown_sessions() call pendconn_redistribute() - BUG/MEDIUM: queue: always dequeue the backend when redistributing the last server - BUG/MINOR: mux-h1: Fix condition to set EOI on SE during zero-copy forwarding - BUG/MINOR: http-ana: Disable fast-fwd for unfinished req waiting for upgrade - MINOR: debug: make mark_tainted() return the previous value - MINOR: chunk: drop the global thread_dump_buffer - MINOR: debug: split ha_thread_dump() in two parts - MINOR: debug: slightly change the thread_dump_pointer signification - MINOR: debug: make ha_thread_dump_done() take the pointer to be used - MINOR: debug: replace ha_thread_dump() with its two components - MEDIUM: debug: on panic, make the target thread automatically allocate its buf - BUG/MEDIUM: server: server stuck in maintenance after FQDN change - BUG/MEDIUM: hlua: make hlua_ctx_renew() safe - BUG/MEDIUM: hlua: properly handle sample func errors in hlua_run_sample_{fetch,conv}() - BUG/MEDIUM: mux-quic: ensure timeout server is active for short requests - BUG/MEDIUM: queue: make sure never to queue when there's no more served conns - BUG/MINOR: httpclient: return NULL when no proxy available during httpclient_new() - BUG/MEDIUM: stconn: Wait iobuf is empty to shut SE down during a check send - BUG/MINOR: http-ana: Don't report a server abort if response payload is invalid - BUG/MEDIUM: stconn: Check FF data of SC to perform a shutdown in sc_notify() - BUG/MAJOR: filters/htx: Add a flag to state the payload is altered by a filter - REGTESTS: Never reuse server connection in http-messaging/truncated.vtc - BUG/MINOR: quic: avoid leaking post handshake frames - BUG/MEDIUM: quic: avoid freezing 0RTT connections - DOC: config: fix rfc7239 forwarded typo in desc - BUG/MINOR: mworker: fix mworker-max-reloads parser - BUG/MINOR: mux-quic: do not close STREAM with empty FIN if no data sent - BUG/MEDIUM: stats-html: Never dump more data than expected during 0-copy FF - BUG/MEDIUM: mux-h2: Remove H2S from send list if data are sent via 0-copy FF - BUG/MEDIUM: connection/http-reuse: fix address collision on unhandled address families - MINOR: activity/memprofile: always return "other" bin on NULL return address - MINOR: activity/memprofile: show per-DSO stats - BUG/MINOR: server: fix dynamic server leak with check on failed init - BUG/MEDIUM: stconn: Report blocked send if sends are blocked by an error - BUG/MINOR: http-ana: Fix wrong client abort reports during responses forwarding - BUG/MINOR: stconn: Don't disable 0-copy FF if EOS was reported on consumer side - BUG/MEDIUM: server: fix race on servers_list during server deletion - BUILD: debug: silence a build warning with threads disabled - MINOR: pools: export the pools variable - MINOR: debug: place a magic pattern at the beginning of post_mortem - MINOR: debug: place the post_mortem struct in its own section. - MINOR: debug: store important pointers in post_mortem - MINOR: cli: remove non-printable characters from 'debug dev fd' - BUG/MINOR: trace: stop rewriting argv with -dt - BUG/MINOR: ssl/cli: 'set ssl cert' does not check the transaction name correctly - DOC: config: add missing glitch_{cnt,rate} data types - DOC: config: add missing glitch_{cnt,rate} sample definitions - BUG/MEDIUM: mux-h1: Fix how timeouts are applied on H1 connections - BUG/MINOR: http-ana: Report internal error if an action yields on a final eval - MINOR: stream: Save last evaluated rule on invalid yield - BUG/MEDIUM: promex: Fix dump of extra counters - DOC: config: document connection error 44 (reverse connect failure) - CLEANUP: connection: properly name the CO_ER_SSL_FATAL enum entry - BUG/MINOR: quic: fix malformed probing packet building - MINOR: cli/debug: show dev: add cmdline and version - MINOR: stream/stats: Expose the current number of streams in stats - MINOR: stream/stats: Expose the total number of streams ever created in stats - BUG/MINOR: stats: Fix the name for the total number of streams created - MINOR: connection: add more connection error codes to cover common errno - MINOR: rawsock: set connection error codes when returning from recv/send/splice - MINOR: connection: add new sample fetch functions fc_err_name and bc_err_name - MINOR: debug: print gdb hints when crashing - MINOR: debug: do not limit backtraces to stuck threads - MINOR: debug: also add a pointer to struct global to post_mortem - MINOR: debug: also add fdtab and acitvity to struct post_mortem - MINOR: debug: remove the redundant process.thread_info array from post_mortem - MINOR: wdt: move the local timers to a struct - MINOR: debug: add a function to dump a stuck thread - DEBUG: wdt: better detect apparently locked up threads and warn about them - DEBUG: cli: make it possible for "debug dev loop" to trigger warnings - DEBUG: wdt: make the blocked traffic warning delay configurable - DEBUG: wdt: add a stats counter "BlockedTrafficWarnings" in show info - BUILD: debug: also declare strlen() in __ABORT_NOW() - BUILD: Missing inclusion header for ssize_t type - MINOR: debug: move the "recover now" warn message after the optional notes |
||
Christopher Faulet
|
8e879a52e2 |
[RELEASE] Released version 3.0.5
Released version 3.0.5 with the following main changes : - BUG/MEDIUM: server/addr: fix tune.events.max-events-at-once event miss and leak - BUG/MEDIUM: stconn: Report error on SC on send if a previous SE error was set - BUG/MEDIUM: mux-pt/mux-h1: Release the pipe on connection error on sending path - BUILD: mux-pt: Use the right name for the sedesc variable - BUG/MINOR: stconn: bs.id and fs.id had their dependencies incorrect - BUG/MEDIUM: ssl: reactivate 0-RTT for AWS-LC - BUG/MEDIUM: ssl: 0-RTT initialized at the wrong place for AWS-LC - BUG/MEDIUM: quic: prevent conn freeze on 0RTT undeciphered content - BUG/MEDIUM: http-ana: Report error on write error waiting for the response - BUG/MEDIUM: h2: Only report early HTX EOM for tunneled streams - BUG/MEDIUM: mux-h2: Propagate term flags to SE on error in h2s_wake_one_stream - BUG/MEDIUM: peer: Notify the applet won't consume data when it waits for sync - BUG/MINOR: fcgi-app: handle a possible strdup() failure - DOC: configuration: fix alphabetical ordering of {bs,fs}.aborted - BUG/MINOR: trace/quic: enable conn/session pointer recovery from quic_conn - BUG/MINOR: trace/quic: permit to lock on frontend/connect/session etc - BUG/MEDIUM: trace: fix null deref in lockon mechanism since TRACE_ENABLED() - BUG/MINOR: trace: automatically start in waiting mode with "start <evt>" - BUG/MINOR: trace/quic: make "qconn" selectable as a lockon criterion - BUG/MINOR: quic/trace: make quic_conn_enc_level_init() emit NEW not CLOSE - BUG/MINOR: proto_tcp: delete fd from fdtab if listen() fails - BUG/MINOR: proto_tcp: keep error msg if listen() fails - MINOR: channel: implement ci_insert() function - BUG/MEDIUM: mworker/cli: fix pipelined modes on master CLI - REGTESTS: mcli: test the pipelined commands on master CLI - BUG/MINOR: mux-quic: do not send too big MAX_STREAMS ID - BUG/MINOR: proto_uxst: delete fd from fdtab if listen() fails - BUG/MINOR: h3: properly reject too long header responses - BUG/MINOR: pattern: pat_ref_set: fix UAF reported by coverity - BUG/MINOR: pattern: pat_ref_set: return 0 if err was found - DOC: config: correct the table for option tcplog - BUG/MINOR: cfgparse-global: remove tune.fast-forward from common_kw_list - BUILD: quic: 32bits build broken by wrong integer conversions for printf() - BUG/MEDIUM: clock: also update the date offset on time jumps - MINOR: tools: Implement ipaddrcpy(). - MINOR: quic: Implement quic_tls_derive_token_secret(). - MEDIUM: ssl/quic: implement quic crypto with EVP_AEAD - MINOR: quic: Token for future connections implementation. - BUG/MINOR: quic: Missing incrementation in NEW_TOKEN frame builder - MINOR: quic: Modify NEW_TOKEN frame structure (qf_new_token struct) - MINOR: quic: Implement qc_ssl_eary_data_accepted(). - MINOR: quic: Add trace for QUIC_EV_CONN_IO_CB event. - BUG/MEDIUM: quic: always validate sender address on 0-RTT - BUG/MINOR: quic: Crash from trace dumping SSL eary data status (AWS-LC) - BUG/MINOR: quic: Too short datagram during packet building failures (aws-lc only) - DOC: configuration: place the HAPROXY_HTTP_LOG_FMT example on the correct line - REGTESTS: fix random failures with wrong_ip_port_logging.vtc under load - BUG/MEDIUM: clock: detect and cover jumps during execution - BUG/MINOR: pattern: prevent const sample from being tampered in pat_match_beg() - BUG/MEDIUM: pattern: prevent UAF on reused pattern expr - BUG/MAJOR: mux-h1: Wake SC to perform 0-copy forwarding in CLOSING state - BUG/MINOR: h1-htx: Don't flag response as bodyless when a tunnel is established - BUG/MINOR: pattern: do not leave a leading comma on "set" error messages - MEDIUM: h1: Accept invalid T-E values with accept-invalid-http-response option - BUG/MINOR: polling: fix time reporting when using busy polling - BUG/MINOR: clock: make time jump corrections a bit more accurate - BUG/MINOR: clock: validate that now_offset still applies to the current date - BUG/MEDIUM: queue: implement a flag to check for the dequeuing - BUG/MINOR: peers: local entries updates may not be advertised after resync - DOC: config: Explicitly list relaxing rules for accept-invalid-http-* options - BUG/MEDIUM: sc_strm/applet: Wake applet after a successfull synchronous send - BUG/MEDIUM: cache/stats: Wait to have the request before sending the response - BUG/MEDIUM: promex: Wait to have the request before sending the response - BUG/MINOR: cfgparse-listen: fix option httpslog override warning message - MINOR: quic: convert qc_stream_desc release field to flags - MINOR: quic: implement function to check if STREAM is fully acked - BUG/MEDIUM: quic: handle retransmit for standalone FIN STREAM - BUG/MINOR: quic: prevent freeze after early QCS closure |
||
Willy Tarreau
|
7a59afa93b |
[RELEASE] Released version 3.0.4
Released version 3.0.4 with the following main changes : - MINOR: proto: extend connection thread rebind API - BUILD: listener: silence a build warning about unused value without threads - BUG/MEDIUM: quic: prevent crash on accept queue full - CLEANUP: proto: rename TID affinity callbacks - CLEANUP: quic: rename TID affinity elements - BUG/MINOR: session: Eval L4/L5 rules defined in the default section - BUG/MEDIUM: debug/cli: fix "show threads" crashing with low thread counts - DOC: install: don't reference removed CPU arg - BUG/MEDIUM: ssl_sock: fix deadlock in ssl_sock_load_ocsp() on error path - BUG/MAJOR: mux-h2: force a hard error upon short read with pending error - DOC: configuration: issuers-chain-path not compatible with OCSP - DOC: config: improve the http-keep-alive section - BUG/MINOR: stick-table: fix crash for src_inc_gpc() without stkcounter - BUG/MINOR: server: Don't warn fallback IP is used during init-addr resolution - BUG/MINOR: cli: Atomically inc the global request counter between CLI commands - BUG/MINOR: quic: Non optimal first datagram. - MEDIUM: sink: don't set NOLINGER flag on the outgoing stream interface - BUG/MINOR: quic: Lack of precision when computing K (cubic only cc) - BUG/MEDIUM: jwt: Clear SSL error queue on error when checking the signature - MINOR: quic: Dump TX in flight bytes vs window values ratio. - MINOR: quic: Add information to "show quic" for CUBIC cc. - MEDIUM: h1: allow to preserve keep-alive on T-E + C-L - MINOR: queue: add a function to check for TOCTOU after queueing - BUG/MEDIUM: queue: deal with a rare TOCTOU in assign_server_and_queue() - MEDIUM: init: set default for fd_hard_limit via DEFAULT_MAXFD (take #2) - BUG/MEDIUM: init: fix fd_hard_limit default in compute_ideal_maxconn - Revert "MEDIUM: sink: don't set NOLINGER flag on the outgoing stream interface" - MEDIUM: log: relax some checks and emit diag warnings instead in lf_expr_postcheck() - DOC: quic: fix default minimal value for max window size - MINOR: proxy: Add support of 429-Too-Many-Requests in retry-on status - BUG/MEDIUM: mux-h2: Set ES flag when necessary on 0-copy data forwarding - BUG/MEDIUM: stream: Prevent mux upgrades if client connection is no longer ready - BUG/MINIR: proxy: Match on 429 status when trying to perform a L7 retry - BUG/MEDIUM: mux-pt: Never fully close the connection on shutdown - BUG/MEDIUM: cli: Always release back endpoint between two commands on the mcli - BUG/MINOR: quic: unexploited retransmission cases for Initial pktns. - BUG/MEDIUM: mux-h1: Properly handle empty message when an error is triggered - MINOR: mux-h2: try to clear DEM_MROOM and MUX_MFULL at more places - BUG/MAJOR: mux-h2: always clear MUX_MFULL and DEM_MROOM when clearing the mbuf - BUG/MINOR: quic: Too shord datagram during O-RTT handshakes (aws-lc only) - BUG/MINOR: Crash on O-RTT RX packet after dropping Initial pktns - BUG/MEDIUM: mux-pt: Fix condition to perform a shutdown for writes in mux_pt_shut() |
||
Willy Tarreau
|
95a607c4b3 |
[RELEASE] Released version 3.0.3
Released version 3.0.3 with the following main changes : - BUG/MINOR: log: fix broken '+bin' logformat node option - DEBUG: hlua: distinguish burst timeout errors from exec timeout errors - REGTESTS: ssl: fix some regtests 'feature cmd' start condition - BUG/MEDIUM: proxy: fix email-alert invalid free - DOC: configuration: fix alphabetical order of bind options - DOC: management: document ptr lookup for table commands - BUG/MAJOR: quic: fix padding with short packets - SCRIPTS: git-show-backports: do not truncate git-show output - DOC: api/event_hdl: small updates, fix an example and add some precisions - BUG/MINOR: h3: fix crash on STOP_SENDING receive after GOAWAY emission - BUG/MINOR: mux-quic: fix crash on qcs SD alloc failure - BUG/MINOR: h3: fix BUG_ON() crash on control stream alloc failure - BUG/MINOR: quic: fix BUG_ON() on Tx pkt alloc failure - DEV: flags/show-fd-to-flags: adapt to recent versions - BUG/MINOR: hlua: report proper context upon error in hlua_cli_io_handler_fct() - BUG/MEDIUM: stick-table: Decrement the ref count inside lock to kill a session - DOC: configuration: add details about crt-store in bind "crt" keyword - BUG/MINOR: server: fix first server template name lookup UAF - MINOR: activity: make the memory profiling hash size configurable at build time - BUG/MEDIUM: server/dns: prevent DOWN/UP flap upon resolution timeout or error - BUG/MEDIUM: h3: ensure the ":method" pseudo header is totally valid - BUG/MEDIUM: h3: ensure the ":scheme" pseudo header is totally valid - BUG/MEDIUM: quic: fix race-condition in quic_get_cid_tid() - BUG/MINOR: quic: fix race condition in qc_check_dcid() - BUG/MINOR: quic: fix race-condition on trace for CID retrieval - BUG/MEDIUM: quic: fix possible exit from qc_check_dcid() without unlocking - BUG/MINOR: promex: Remove Help prefix repeated twice for each metric - BUG/MEDIUM: hlua/cli: Fix lua CLI commands to work with applet's buffers - DOC: configuration: more details about the master-worker mode - BUG/MEDIUM: server: fix race on server_atomic_sync() - BUG/MINOR: jwt: don't try to load files with HMAC algorithm - MEDIUM: init: set default for fd_hard_limit via DEFAULT_MAXFD - DOC: configuration: update maxconn description - BUG/MEDIUM: peers: Fix crash when syncing learn state of a peer without appctx - Revert "MEDIUM: init: set default for fd_hard_limit via DEFAULT_MAXFD" - BUG/MINOR: jwt: fix variable initialisation - BUG/MINOR: h1: Fail to parse empty transfer coding names - BUG/MINOR: h1: Reject empty coding name as last transfer-encoding value - BUG/MEDIUM: h1: Reject empty Transfer-encoding header - BUG/MEDIUM: spoe: Be sure to create a SPOE applet if none on the current thread - DEV: flags/quic: decode quic_conn flags - BUG/MEDIUM: bwlim: Be sure to never set the analyze expiration date in past |
||
Christopher Faulet
|
a45a8e6235 |
[RELEASE] Released version 3.0.2
Released version 3.0.2 with the following main changes : - MINOR: log: fix "http-send-name-header" ignore warning message - BUG/MINOR: proxy: fix server_id_hdr_name leak on deinit() - BUG/MINOR: proxy: fix log_tag leak on deinit() - BUG/MINOR: proxy: fix email-alert leak on deinit() - BUG/MINOR: proxy: fix check_{command,path} leak on deinit() - BUG/MINOR: proxy: fix dyncookie_key leak on deinit() - BUG/MINOR: proxy: fix source interface and usesrc leaks on deinit() - BUG/MINOR: proxy: fix header_unique_id leak on deinit() - BUG/MEDIUM: log: fix lf_expr_postcheck() behavior with default section - DOC: config: move "hash-key" from proxy to server options - DOC: config: add missing section hint for "guid" proxy keyword - DOC: config: add missing context hint for new server and proxy keywords - BUG/MINOR: promex: Skip resolvers metrics when there is no resolver section - MINOR: proxy: add proxy_free_common() helper function - BUG/MEDIUM: proxy: fix UAF with {tcp,http}checks logformat expressions - CLEANUP: log/proxy: fix comment in proxy_free_common() - BUG/MAJOR: mux-h1: Prevent any UAF on H1 connection after draining a request - BUG/MINOR: quic: fix padding of INITIAL packets - DOC/MINOR: management: add missed -dR and -dv options - DOC/MINOR: management: add -dZ option - DOC: management: rename show stats domain cli "dns" to "resolvers" |
||
Christopher Faulet
|
471a1b2f11 |
[RELEASE] Released version 3.0.1
Released version 3.0.1 with the following main changes : - BUG/MINOR: cfgparse: remove the correct option on httpcheck send-state warning - BUG/MINOR: tcpcheck: report correct error in tcp-check rule parser - BUG/MINOR: tools: fix possible null-deref in env_expand() on out-of-memory - DOC: configuration: add an example for keywords from crt-store - BUG/MINOR: hlua: use CertCache.set() from various hlua contexts - BUG/MEDIUM: h1-htx: Don't state interim responses are bodyless - MEDIUM: stconn: Be able to unblock zero-copy data forwarding from done_fastfwd - BUG/MEDIUM: mux-quic: Unblock zero-copy forwarding if the txbuf can be released - BUG/MINOR: quic: prevent crash on qc_kill_conn() - CLEANUP: hlua: use hlua_pusherror() where relevant - BUG/MINOR: hlua: don't use lua_pushfstring() when we don't expect LJMP - BUG/MINOR: hlua: fix unsafe hlua_pusherror() usage - BUG/MINOR: hlua: prevent LJMP in hlua_traceback() - BUG/MINOR: hlua: fix leak in hlua_ckch_set() error path - CLEANUP: hlua: simplify ambiguous lua_insert() usage in hlua_ctx_resume() - BUG/MEDIUM: mux-quic: Don't unblock zero-copy fwding if blocked during nego - BUG/MEDIUM: ssl: wrong priority whem limiting ECDSA ciphers in ECDSA+RSA configuration - BUG/MEDIUM: ssl: bad auth selection with TLS1.2 and WolfSSL - BUG/MINOR: quic: fix computed length of emitted STREAM frames - BUG/MINOR: quic: ensure Tx buf is always purged - BUG/MEDIUM: stconn/mux-h1: Fix suspect change causing timeouts - BUG/MAJOR: mux-h1: Properly copy chunked input data during zero-copy nego - BUG/MINOR: mux-h1: Use the right variable to set NEGO_FF_FL_EXACT_SIZE flag |
||
Willy Tarreau
|
5590ada473 |
[RELEASE] Released version 3.0.0
Released version 3.0.0 with the following main changes : - MINOR: sample: implement the uptime sample fetch - CI: scripts: fix build of vtest regarding option -C - CI: scripts: build vtest using multiple CPUs - MINOR: log: rename 'log-format tag' to 'log-format alias' - DOC: config: document logformat item naming and typecasting features - BUILD: makefile: yearly reordering of objects by build time - BUILD: fd: errno is also needed without poll() - DOC: config: fix two typos "RST_STEAM" vs "RST_STREAM" - DOC: config: refer to the non-deprecated keywords in ocsp-update on/off - DOC: streamline http-reuse and connection naming definition - REGTESTS: complete http-reuse test with pool-conn-name - DOC: config: add %ID logformat alias alternative - CLEANUP: ssl/ocsp: readable ifdef in ssl_sock_load_ocsp - BUG/MINOR: ssl/ocsp: init callback func ptr as NULL - CLEANUP: ssl_sock: move dirty openssl-1.0.2 wrapper to openssl-compat - BUG/MINOR: activity: fix Delta_calls and Delta_bytes count - CI: github: upgrade the WolfSSL job to 5.7.0 - DOC: install: update quick build reminders with some missing options - DOC: install: update the range of tested openssl version to cover 3.3 - DEV: patchbot: prepare for new version 3.1-dev - MINOR: version: mention that it's 3.0 LTS now. |
||
Willy Tarreau
|
f76e73511a |
[RELEASE] Released version 3.0-dev13
Released version 3.0-dev13 with the following main changes : - CLEANUP: ssl/cli: remove unused code in dump_crtlist_conf - MINOR: ssl: check parameter in ckch_conf_cmp() - BUG/MINOR: ring: free ring's allocated area not ring's usable area when using maps - DOC: configuration: rework the crt-store load documentation - DEBUG: tools: add vma_set_name() helper - DEBUG: shctx: name shared memory using vma_set_name() - DEBUG: sink: add name hint for memory area used by memory-backed sinks - DEBUG: pollers: add name hint for large memory areas used by pollers - DEBUG: errors: add name hint for startup-logs memory area - DEBUG: fd: add name hint for large memory areas - MEDIUM: ssl: don't load file by discovering them in crt-store - DOC: configuration: update the crt-list documentation - DOC: configuration: add the supported crt-store options in crt-list - BUG/MEDIUM: proto: fix fd leak in <proto>_connect_server - MINOR: sock: set conn->err_code in case of EPERM - BUG/MINOR: http-ana: Don't crush stream termination condition on internal error - MAJOR: spoe: Let the SPOE back into the game - BUG/MINOR: connection: parse PROXY TLV for LOCAL mode - BUG/MINOR: server: free PROXY v2 TLVs on srv drop - MINOR: rhttp: add log on connection allocation failure - BUG/MEDIUM: rhttp: fix preconnect on single-thread - BUG/MINOR: rhttp: prevent listener suspend - BUG/MINOR: rhttp: fix task_wakeup state - MINOR: session: define flag to explicitely release listener on free - MEDIUM: rhttp: create session for active preconnect - MINOR: rhttp: support PROXY emission on preconnect - MINOR: connection: support PROXY v2 TLV emission without stream - MINOR: traces: enumerate the list of levels/verbosities when not found - BUG/MINOR: sock: fix sock_create_server_socket - MINOR: proto: fix coding style - BUG/MAJOR: quic: Crash with TLS_AES_128_CCM_SHA256 (libressl only) - REGTESTS: scripts: allow to change the vtest timeout - BUG/MEDIUM: quic_tls: prevent LibreSSL < 4.0 from negotiating CHACHA20_POLY1305 - CI: scripts/build-ssl.sh: loudly fail on unsupported platforms - BUG/MEDIUM: mux-quic: Create sedesc in same time of the QUIC stream - MINOR: mux-quic: Set abort info for SC-less QCS on STOP_SENDING frame - CI: scripts/build-ssl: add a DESTDIR and TMPDIR variable - CI: scripts/buil-ssl: cleanup the boringssl and quictls build - MINOR: config: add thread-hard-limit to set an upper bound to nbthread - BUILD: quic: fix unused variable warning when threads are disabled - BUG/MEDIUM: stick-tables: Fix race with peers when trashing oldest entries - BUG/MEDIUM: stick-tables: Fix race with peers when killing a sticky session - BUG/MEDIUM: stick-tables: make sure never to create two same remote entries - CLEANUP: stick-tables: remove a few unneeded tests for use_wrlock - MINOR: stick-tables: remove the uneeded read lock in stksess_free() - CLEANUP: tools: fix vma_set_name() function comment - DEBUG: tools: add vma_set_name_id() helper - DEBUG: pollers/fd: add thread id suffix to per-thread memory areas name hints - DOC: config: fix aes_gcm_enc() description text - BUILD: trace: fix warning on null dereference - MEDIUM: config: prevent communication with privileged ports - MAJOR: config: prevent QUIC with clients privileged port by default - BUG/MINOR: quic: adjust restriction for stateless reset emission - MINOR: quic: clarify doc for quic_recv() - MINOR: server: generalize sni expr parsing - MINOR: server: define pool-conn-name keyword - MEDIUM: connection: use pool-conn-name instead of sni on reuse - BUG/MINOR: rhttp: initialize session origin after preconnect reversal - BUG/MEDIUM: server/dns: preserve server's port upon resolution timeout or error - BUG/MINOR: http-htx: Support default path during scheme based normalization - BUG/MINOR: server: Don't reset resolver options on a new default-server line - DOC: quic: specify that connection migration is not supported - DOC: config: fix incorrect section reference about custom log format - DOC: config: uniformize the naming and description of custom log format args - DOC: config: clarify the fact that custom log format is not just for logging - REGTESTS: acl_cli_spaces: avoid a warning caused by undefined logs |
||
Willy Tarreau
|
d236b43da7 |
[RELEASE] Released version 3.0-dev12
Released version 3.0-dev12 with the following main changes : - CI: drop asan.log umbrella completely - BUG/MINOR: log: fix leak in add_sample_to_logformat_list() error path - BUG/MINOR: log: smp_rgs array issues with inherited global log directives - MINOR: rhttp: Don't require SSL when attach-srv name parsing - REGTESTS: ssl: be more verbose with ocsp_compat_check.vtc - DOC: Update UUID references to RFC 9562 - MINOR: hlua: add hlua_nb_instruction getter - MEDIUM: hlua: take nbthread into account in hlua_get_nb_instruction() - BUG/MEDIUM: server: clear purgeable conns before server deletion - BUG/MINOR: mux-quic: fix error code on shutdown for non HTTP/3 - BUG/MINOR: qpack: fix error code reported on QPACK decoding failure - BUG/MEDIUM: htx: mark htx_sl as packed since it may be realigned - BUG/MEDIUM: stick-tables: properly mark stktable_data as packed - SCRIPTS: run-regtests: fix a few occurrences of extended regexes - BUG/MINOR: ssl_sock: fix xprt_set_used() to properly clear the TASK_F_USR1 bit - MINOR: dynbuf: provide a b_dequeue() variant for multi-thread - BUG/MEDIUM: muxes: enforce buf_wait check in takeover() - BUG/MINOR: h1: Check authority for non-CONNECT methods only if a scheme is found - BUG/MEDIUM: h1: Reject CONNECT request if the target has a scheme - BUG/MAJOR: h1: Be stricter on request target validation during message parsing - MINOR: qpack: prepare error renaming - MINOR: h3/qpack: adjust naming for errors - MINOR: h3: adjust error reporting on sending - MINOR: h3: adjust error reporting on receive - MINOR: mux-quic: support glitches - MINOR: h3: report glitch on RFC violation - BUILD: stick-tables: better mark the stktable_data as 32-bit aligned - MINOR: ssl: rename tune.ssl.ocsp-update.mode in ocsp-update.mode - REGTESTS: update the ocsp-update tests - BUILD: stats: remove non portable getline() usage - MEDIUM: ssl: add ocsp-update.mindelay and ocsp-update.maxdelay - BUILD: log: get rid of non-portable strnlen() func - BUG/MEDIUM: fd: prevent memory waste in fdtab array - CLEANUP: compat: make the MIN/MAX macros more reliable - Revert: MEDIUM: evports: permit to report multiple events at once" - BUG/MINOR: stats: Don't state the 303 redirect response is chunked - MINOR: mux-h1: Add a flag to ignore the request payload - REORG: mux-h1: Group H1S_F_BODYLESS_* flags - CLEANUP: mux-h1: Remove unused H1S_F_ERROR_MASK mask value - MEDIUM: mux-h1: Support C-L/T-E header suppressions when sending messages - MINOR: ssl: ckch_store_new_load_files_conf() loads filenames from ckch_conf - MEDIUM: ssl/crtlist: loading crt-store keywords from a crt-list - CLEANUP: ssl/ocsp: remove the deprecated parsing code for "ocsp-update" - MINOR: ssl: pass ckch_store instead of ckch_data to ssl_sock_load_ocsp() - MEDIUM: ssl: ckch_conf_parse() uses -1/0/1 for off/default/on - MINOR: ssl: handle PARSE_TYPE_INT and PARSE_TYPE_ONOFF in ckch_store_load_files() - MINOR: ssl/ocsp: use 'ocsp-update' in crt-store - MINOR: ssl: ckch_conf_clean() utility function for ckch_conf - MEDIUM: ssl: add ocsp-update.disable global option - MEDIUM: ssl/cli: handle crt-store keywords in crt-list over the CLI - MINOR: ssl: ckch_conf_cmp() compare multiple ckch_conf structures - MEDIUM: ssl: temporarily load files by detecting their presence in crt-store - REGTESTS: ocsp-update: change the reg-test to support the new crt-store mode - DOC: capabilities: fix chapter header rendering |
||
Willy Tarreau
|
7217a9e9b9 |
[RELEASE] Released version 3.0-dev11
Released version 3.0-dev11 with the following main changes : - BUILD: clock: improve check for pthread_getcpuclockid() - CI: add Illumos scheduled workflow - CI: netbsd: limit scheduled workflow to parent repo only - OPTIM: log: resolve logformat options during postparsing - BUG/MINOR: haproxy: only tid 0 must not sleep if got signal - REGTEST: add tests for acl() sample fetch - BUG/MINOR: acl: support built-in ACLs with acl() sample - BUG/MINOR: cfgparse: use curproxy global var from config post validation - MEDIUM: stconn/muxes: Add an abort reason for SE shutdowns on muxes - MINOR: mux-h2: Set the SE abort reason when a RST_STREAM frame is received - MEDIUM: mux-h2: Forward h2 client cancellations to h2 servers - MINOR: mux-quic: Set tha SE abort reason when a STOP_SENDING frame is received - MINOR: stconn: Add samples to retrieve about stream aborts - MINOR: mux-quic: Add .ctl callback function to get info about a mux connection - MINOR: muxes: Add ctl commands to get info on streams for a connection - MINOR: connection: Add samples to retrieve info on streams for a connection - BUG/MEDIUM: log/ring: broken syslog octet counting - BUG/MEDIUM: mux-quic: fix crash on STOP_SENDING received without SD - DOC: lua: fix filters.txt file location - MINOR: dynbuf: pass a criticality argument to b_alloc() - MINOR: dynbuf: add functions to help queue/requeue buffer_wait fields - MINOR: dynbuf: use the b_queue()/b_requeue() functions everywhere - MEDIUM: dynbuf: make the buffer_wq an array of list heads - CLEANUP: tinfo: better align fields in thread_ctx - MINOR: dynbuf: provide a b_dequeue() function to detach a bw from the queue - MEDIUM: dynbuf: generalize the use of b_dequeue() to detach buffer_wait - MEDIUM: dynbuf/stream: re-enable queueing upon failed buffer allocation - MEDIUM: dynbuf/stream: do not allocate the buffers in the callback - MEDIUM: applet: make appctx_buf_available() only wake the applet up, not allocate - MINOR: applet: set the blocking flag in the buffer allocation function - MINOR: applet: adjust the allocation criticity based on the requested buffer - MINOR: dynbuf/mux-h1: use different criticalities for buffer allocations - MEDIUM: dynbuf/mux-h1: do not allocate the buffers in the callback - MEDIUM: dynbuf: refrain from offering a buffer if more critical ones are waiting - MINOR: stconn: report that a buffer allocation succeeded - MINOR: stream: report that a buffer allocation succeeded - MINOR: applet: report about buffer allocation success - MINOR: mux-h1: report that a buffer allocation succeeded - MEDIUM: stream: allocate without queuing when retrying - MEDIUM: channel: allocate without queuing when retrying - MEDIUM: mux-h1: allocate without queuing when retrying - MEDIUM: dynbuf: implement emergency buffers - MEDIUM: dynbuf: use emergency buffers upon failed memory allocations |
||
Willy Tarreau
|
22ff8aa97c |
[RELEASE] Released version 3.0-dev10
Released version 3.0-dev10 with the following main changes : - BUG/MEDIUM: cache: Vary not working properly on anything other than accept-encoding - REGTESTS: cache: Add test on 'vary' other than accept-encoding - BUG/MINOR: stats: replace objt_* by __objt_* macros - CLEANUP: tools/cbor: rename cbor_encode_ctx struct members - MINOR: log/cbor: _lf_cbor_encode_byte() explicitly requires non-NULL ctx - BUG/MINOR: log: fix global lf_expr node options behavior - CLEANUP: log: add a macro to know if a lf_node is configurable - MINOR: httpclient: allow to use absolute URI with new flag HC_F_HTTPROXY - MINOR: ssl: introduce ocsp_update.http_proxy for ocsp-update keyword - BUG/MINOR: log/encode: consider global options for key encoding - BUG/MINOR: log/encode: fix potential NULL-dereference in LOGCHAR() - BUG/MINOR: log: fix global lf_expr node options behavior (2nd try) - MINOR: log/cbor: _lf_cbor_encode_byte() explicitly requires non-NULL ctx (again) - BUG/MEDIUM: log: don't ignore disabled node's options - BUG/MINOR: stconn: don't wake up an applet waiting on buffer allocation - MINOR: sock: rename sock to sock_fd in sock_create_server_socket - MEDIUM: proto_uxst: take in account server namespace - MEIDUM: unix sock: use my_socketat to create bind socket - MINOR: sock_set_mark: take sock family in account - MEDIUM: proto: make common fd checks in sock_create_server_socket - MINOR: sock: add EPERM case in sock_handle_system_err - MINOR: capabilities: add cap_sys_admin support - CLEANUP: ssl: clean the includes in ssl_ocsp.c - CLEANUP: ssl: move the global ocsp-update options parsing to ssl_ocsp.c - MINOR: stats: fix visual alignment for stat_cols_px definition - MINOR: stats: convert req_tot as generic column - MINOR: stats: prepare stats-file support for values other than FN_COUNTER - MINOR: counters: move freq-ctr from proxy/server into counters struct - MINOR: stats: support rate in stats-file - MINOR: stats: convert rate as generic column for proxy stats - MINOR: counters: move last_change into counters struct - MINOR: stats: support age in stats-file - MINOR: stats: convert age as generic column for proxy stat - CLEANUP: ssl: rename new_ckch_store_load_files_path() to ckch_store_new_load_files_path() - MINOR: ssl: rename ocsp_update.http_proxy into ocsp-update.httpproxy - REORG: stats: define stats-proxy source module - MINOR: stats: extract proxy clear-counter in a dedicated function - REGTESTS: stats: add test stats-file counters preload - CI: netbsd: adjust packages after NetBSD-10 released - CLEANUP: assorted typo fixes in the code and comments - REGTESTS: replace REQUIRE_VERSION by version_atleast - MEDIUM: log: optimizing tmp->type handling in sess_build_logline() - BUG/MINOR: log: prevent double spaces emission in sess_build_logline() - OPTIM: log: declare empty buffer as global variable - OPTIM: log: use thread local lf_buildctx to stop pushing it on the stack - OPTIM: log: use lf_buildctx's buffer instead of temporary stack buffers - OPTIM: log: speedup date printing in sess_build_logline() when no encoding is used |
||
Willy Tarreau
|
ba0f8b5330 |
[RELEASE] Released version 3.0-dev9
Released version 3.0-dev9 with the following main changes : - BUILD: ssl: use %zd for sizeof() in ssl_ckch.c - MINOR: backend: use be_counters for health down accounting - BUG/MINOR: backend: use cum_sess counters instead of cum_conn - BUG/MINOR: stats: fix stot metric for listeners - REGTESTS: use -dI for insecure fork by default in the regtest scripts - MINOR: stats: rename proxy stats - MINOR: stats: rename ambiguous stat_l and stat_count - MINOR: stats: rename info stats - MINOR: stats: use stricter naming stats/field/line - MINOR: stats: use STAT_F_* prefix for flags - BUG/MEDIUM: applet: Let's applets decide if they have more data to deliver - BUILD: stick-tables: silence build warnings when threads are disabled - MINOR: tools: Rename `ha_generate_uuid` to `ha_generate_uuid_v4` - MINOR: Add `ha_generate_uuid_v7` - MINOR: Add support for UUIDv7 to the `uuid` sample fetch - MEDIUM: shctx: Naming shared memory context - BUG/MINOR: h1: fix detection of upper bytes in the URI - MINOR: intops: add a pair of functions to check multi-byte ranges - TESTS: add a unit test for the multi-byte range checks - CLEANUP: h1: make use of the multi-byte matching functions - REGTESTS: ssl: Remove "sleep" calls from ocsp auto update test - BUG/MEDIUM: peers: Automatically start to learn on local peer - BUG/MEDIUM: peers: Reprocess peer state after all session shutdowns - MINOR: peers: Remove unused PEERS_F_RESYNC_REQUESTED flag - MINOR: peers: Don't set TEACH flags on a peer from the sync task - MINOR: peers: Use a peer flag to block the applet waiting ack of the sync task - BUG/MEDIUM: peers: Wait for sync task ack when a resynchro is finished - MINOR: peers: Remove unused PEERS_F_RESYNC_PROCESS flag - MINOR: applet: Add a function to know the side where an applet was created - MEDIUM: peers: Simplify the peer flags dealing with the connection state - MEDIUM: peers: Use true states for the peer applets as seen from outside - MEDIUM: peers: Use true states for the learn state of a peer - MINOR: peers: Start learning for local peer before receiving messages - MINOR: peers: Rename PEERS_F_TEACH_COMPLETE to PEERS_F_LOCAL_TEACH_COMPLETE - MINOR: peers: Reorder and slightly rename PEER flags - MINOR: peers: Reorder and rename PEERS flags - REORG: peers: Move peer and peers flags in the corresponding header file - DEV: flags/peers: Decode PEER and PEERS flags - MINOR: peers: Add comment on processing functions of the sync task - MINOR: peers: Use a static variable to wait a resync on reload - BUG/MEDIUM: peers: Use atomic operations on peers flags when necessary - REORG: peers: Rename all occurrences to 'ps' variable - BUG/MINOR: peers: Don't wait for a remote resync if there no remote peer - MINOR: stats: update ambiguous "metrics" naming to "stat_cols" - MINOR: stats: introduce a more expressive stat definition method - MINOR: stats: implement automatic metric generation from stat_col - MINOR: stats: hide some columns in output - MEDIUM: stats: convert counters to new column definition - MINOR: stats: define stats-file output format support - MEDIUM: stats: implement dump stats-file CLI - MINOR: ist: define iststrip() new function - MINOR: guid: define guid_is_valid_fmt() - MINOR: stats: apply stats-file on process startup - MINOR: stats: parse header lines from stats-file - MINOR: stats: parse values from stats-file - MEDIUM: stats: define stats-file keyword - BUG/MINOR: mworker: reintroduce way to disable seamless reload with -x /dev/null - CLEANUP: log: remove unused checks for encode_{chunk,string} - MINOR: log: store lf_expr nodes inside substruct - MINOR: log: global lf_expr node options - CLEANUP: log: simplify complex values usages in sess_build_logline() - MINOR: log: skip custom logformat_node name if empty - MINOR: log: add lf_int() wrapper to print integers - MINOR: log: add lf_rawtext{_len}() functions - MEDIUM: log: pass date strings to lf_rawtext() - MEDIUM: log: write raw strings using lf_rawtext() - MEDIUM: log: use lf_rawtext for lf_ip() and lf_port() hex strings - MINOR: log: explicitly handle %ts and %tsc as text strings - MINOR: log: use LOG_VARTEXT_{START,END} to enclose text strings - MINOR: log: make all lf_* sess build helper static - MINOR: log: merge lf_encode_string() and lf_encode_chunk() logic - MEDIUM: log: lf_* build helpers now take a ctx argument - MINOR: log: expose node typecast in lf_buildctx struct - MINOR: log: postpone conversion for sample expressions in sess_build_logline() - MINOR: log: add LOG_OPT_NONE flag - MINOR: log: add no_escape_map to bypass escape with _lf_encode_bytes() - MINOR: log: add +bin logformat node option - MINOR: log: add +json encoding option - MINOR: tools: add cbor encode helpers - MINOR: log: add +cbor encoding option - MINOR: log: support true cbor binary encoding - CLEANUP: dynbuf: move the reserve and limit parsers to dynbuf.c - MINOR: list: add a macro to detect that a list contains at most one element - MINOR: cli/wait: rename the condition "srv-unused" to "srv-removable" |
||
Willy Tarreau
|
ad6760b9bd |
[RELEASE] Released version 3.0-dev8
Released version 3.0-dev8 with the following main changes :
- BUG/MINOR: cli: Don't warn about a too big command for incomplete commands
- BUG/MINOR: listener: always assign distinct IDs to shards
- BUG/MINOR: log: fix lf_text_len() truncate inconsistency
- BUG/MINOR: tools/log: invalid encode_{chunk,string} usage
- BUG/MINOR: log: invalid snprintf() usage in sess_build_logline()
- CLEANUP: log: lf_text_len() returns a pointer not an integer
- MINOR: quic: simplify qc_send_hdshk_pkts() return
- MINOR: quic: uniformize sending methods for handshake
- MINOR: quic: improve sending API on retransmit
- MINOR: quic: use qc_send_hdshk_pkts() in handshake IO cb
- MEDIUM: quic: remove duplicate hdshk/app send functions
- OPTIM: quic: do not call qc_send() if nothing to emit
- OPTIM: quic: do not call qc_prep_pkts() if everything sent
- BUG/MEDIUM: http-ana: Deliver 502 on keep-alive for fressh server connection
- BUG/MINOR: http-ana: Fix TX_L7_RETRY and TX_D_L7_RETRY values
- BUILD: makefile: warn about unknown USE_* variables
- BUILD: makefile: support USE_xxx=0 as well
- BUG/MINOR: guid: fix crash on invalid guid name
- BUILD: atomic: fix peers build regression on gcc < 4.7 after recent changes
- BUG/MINOR: debug: make sure DEBUG_STRICT=0 does work as documented
- BUILD: cache: fix non-inline vs inline declaration mismatch to silence a warning
- BUILD: debug: make DEBUG_STRICT=1 the default
- BUILD: pools: make DEBUG_MEMORY_POOLS=1 the default option
- CI: update the build options to get rid of unneeded DEBUG options
- BUILD: makefile: get rid of the config CFLAGS variable
- BUILD: makefile: allow to use CFLAGS to append build options
- BUILD: makefile: drop the SMALL_OPTS settings
- BUILD: makefile: move -O2 from CPU_CFLAGS to OPT_CFLAGS
- BUILD: makefile: get rid of the CPU variable
- BUILD: makefile: drop the ARCH variable and better document ARCH_FLAGS
- BUILD: makefile: extract ARCH_FLAGS out of LDFLAGS
- BUILD: makefile: move the fwrapv option to STD_CFLAGS
- BUILD: makefile: make the ERR variable also support 0
- BUILD: makefile: add FAILFAST to select the -Wfatal-errors behavior
- BUILD: makefile: extract -Werror/-Wfatal-errors from automatic CFLAGS
- BUILD: makefile: split WARN_CFLAGS from SPEC_CFLAGS
- BUILD: makefile: rename SPEC_CFLAGS to NOWARN_CFLAGS
- BUILD: makefile: do not pass warnings to VERBOSE_CFLAGS
- BUILD: makefile: also drop DEBUG_CFLAGS
- CLEANUP: makefile: make the output of the "opts" target more readable
- DOC: install: clarify the build process by splitting it into subsections
- BUG/MINOR: server: fix slowstart behavior
- BUG/MEDIUM: cache/stats: Handle inbuf allocation failure in the I/O handler
- MINOR: ssl: add the section parser for 'crt-store'
- DOC: configuration: Add 3.12 Certificate Storage
- REGTESTS: ssl: test simple case of crt-store
- MINOR: ssl: rename ckchs_load_cert_file to new_ckch_store_load_files_path
- MINOR: ssl/crtlist: alloc ssl_conf only when a valid keyword is found
- BUG/MEDIUM: stick-tables: fix the task's next expiration date
- CLEANUP: stick-tables: always respect the to_batch limit when trashing
- BUG/MEDIUM: peers/trace: fix crash when listing event types
- BUG/MAJOR: stick-tables: fix race with peers in entry expiration
- DEBUG: pool: improve decoding of corrupted pools
- REORG: pool: move the area dump with symbol resolution to tools.c
- DEBUG: pools: report the data around the offending area in case of mismatch
- MINOR: listener/protocol: add proto name in alerts
- MINOR: proto_quic: add proto name in alert
- BUG/MINOR: lru: fix the standalone test case for invalid revision
- DOC: management: fix typos
- CI: revert kernel addr randomization introduced in
|
||
Willy Tarreau
|
0046922aed |
[RELEASE] Released version 3.0-dev7
Released version 3.0-dev7 with the following main changes : - BUG/MINOR: ssl: Wrong ocsp-update "incompatibility" error message - BUG/MINOR: ssl: Detect more 'ocsp-update' incompatibilities - MEDIUM: ssl: Add 'tune.ssl.ocsp-update.mode' global option - REGTESTS: ssl: Add OCSP update compatibility tests - REGTESTS: ssl: Add functional test for global ocsp-update option - BUG/MINOR: server: reject enabled for dynamic server - BUG/MINOR: server: fix persistence cookie for dynamic servers - MINOR: server: allow cookie for dynamic servers - REGTESTS: Fix script about OCSP update compatibility tests - BUG/MINOR: cli: Report an error to user if command or payload is too big - MINOR: sc_strm: Add generic version to perform sync receives and sends - MEDIUM: stream: Use generic version to perform sync receives and sends - MEDIUM: buf: Add b_getline() and b_getdelim() functions - MEDIUM: applet: Handle applets with their own buffers in put functions - MEDIUM: cli/applet: Stop to test opposite SC in I/O handler of CLI commands - MINOR: applet: Always use applet API to set appctx flags - BUG/MEDIUM: applet: State appctx have more data if its EOI/EOS/ERROR flag is set - MAJOR: cli: Update the CLI applet to handle its own buffers - MINOR: applet: Let's applets .snd_buf function deal with full input buffers - MINOR: stconn: Add a connection flag to notify sending data are the last ones - MAJOR: cli: Use a custom .snd_buf function to only copy the current command - DOC: config: balance 'first' not usable in LOG mode - BUG/MINOR: log/balance: detect if user tries to use unsupported algo - MINOR: lbprm: implement true "sticky" balance algo - MEDIUM: log/balance: leverage lbprm api for log load-balancing - BUG/BUILD: debug: fix unused variable error - MEDIUM: lb-chash: Deterministic node hashes based on server address - BUG/MEDIUM: stick-tables: fix a small remaining race in expiration task - REGTESTS: Do not use REQUIRE_VERSION for HAProxy 2.5+ (4) - REGTESTS: Remove REQUIRE_VERSION=1.9 from all tests (2) - CLEANUP: Reapply ist.cocci (3) - CLEANUP: Reapply strcmp.cocci (2) - CLEANUP: Reapply xalloc_cast.cocci - CLEANUP: Reapply ha_free.cocci - CI: vtest: show coredumps if any - REGTESTS: ssl: disable ssl/ocsp_auto_update.vtc - BUG/MINOR: backend: properly handle redispatch 0 - MINOR: quic: HyStart++ implementation (RFC 9406) - BUG/MEDIUM: stconn: Don't forward shutdown to SE if iobuf is not empty - BUG/MEDIUM: stick-table: use the update lock when reading tables from peers - BUG/MAJOR: applet: fix a MIN vs MAX usage in appctx_raw_rcv_buf() - OPTIM: peers: avoid the locking dance around peer_send_teach_process_msgs() - BUILD: quic: 32 bits compilation issue (QUIC_MIN() usage) - BUG/MEDIUM: server/lbprm: fix crash in _srv_set_inetaddr_port() - MEDIUM: mworker: get rid of libsystemd - BUILD: systemd: fix build error on non-systemd systems with USE_SYSTEMD=1 - BUG/MINOR: bwlim/config: fix missing '\n' after error messages - MINOR: stick-tables: mark the seen stksess with a flag "seen" - OPTIM: stick-tables: check the stksess without taking the read lock - MAJOR: stktable: split the keys across multiple shards to reduce contention - CI: extend Fedora Rawhide, add m32 mode - BUG/MINOR: stick-tables: Missing stick-table key nullity check - BUILD: systemd: enable USE_SYSTEMD by default with TARGET=linux-glibc - MINOR: systemd: Include MONOTONIC_USEC field in RELOADING=1 message - BUG/MINOR: proxy: fix logformat expression leak in use_backend rules - MEDIUM: log: rename logformat var to logformat tag - MINOR: log: expose logformat_tag struct - MEDIUM: log: carry tag context in logformat node - MEDIUM: tree-wide: add logformat expressions wrapper - MINOR: proxy: add PR_FL_CHECKED flag - MAJOR: log: implement proper postparsing for logformat expressions - MEDIUM: log: add compiling logic to logformat expressions - MEDIUM: proxy/log: leverage lf_expr API for logformat preparsing - MINOR: guid: introduce global UID module - MINOR: guid: restrict guid format - MINOR: proxy: implement GUID support - MINOR: server: implement GUID support - MINOR: listener: implement GUID support - DOC: configuration: grammar fixes for strict-sni - BUG/MINOR: init: relax LSTCHK_NETADM checks for non root - MEDIUM: capabilities: check process capabilities sets - CLEANUP: global: remove LSTCHK_CAP_BIND - BUG/MEDIUM: quic: don't blindly rely on unaligned accesses |
||
Willy Tarreau
|
9cf3d1fcc0 |
[RELEASE] Released version 3.0-dev6
Released version 3.0-dev6 with the following main changes : - MINOR: mux-h2: always use h2c_report_glitch() - MEDIUM: mux-h2: allow to set the glitches threshold to kill a connection - MINOR: quic: simplify rescheduling for handshake - MINOR: quic: remove qc_treat_rx_crypto_frms() - DOC: configuration: clarify ciphersuites usage (V2) - MINOR: tools: use public interface for FreeBSD get_exec_path() - BUG/MINOR: ssl: fix possible ctx memory leak in sample_conv_aes_gcm() - BUG/MINOR: ssl: do not set the aead_tag flags in sample_conv_aes_gcm() - BUG/MINOR: server: fix first server template not being indexed - MEDIUM: ssl: initialize the SSL stack explicitely - MEDIUM: ssl: allow to change the OpenSSL security level from global section - CLEANUP: ssl: remove useless #ifdef in openssl-compat.h - CI: github: add -DDEBUG_LIST to the default builds - BUG/MINOR: hlua: segfault when loading the same filter from different contexts - BUG/MINOR: hlua: missing lock in hlua_filter_new() - BUG/MINOR: hlua: fix missing lock in hlua_filter_delete() - DEBUG: lua: precisely identify if stream is stuck inside lua or not - MINOR: hlua: use accessors for stream hlua ctx - BUG/MEDIUM: hlua: streams don't support mixing lua-load with lua-load-per-thread (2nd try) - MINOR: debug: enable insecure fork on the command line - CI: github: add -dI to haproxy arguments - BUG/MINOR: listener: Wake proxy's mngmt task up if necessary on session release - BUG/MINOR: listener: Don't schedule frontend without task in listener_release() - MINOR: session: rename private conns elements - BUG/MAJOR: server: do not delete srv referenced by session - BUG/MEDIUM: spoe: Don't rely on stream's expiration to detect processing timeout - BUG/MINOR: spoe: Be sure to be able to quickly close IDLE applets on soft-stop - MAJOR: spoe: Deprecate the SPOE filter - MINOR: cfgparse: Add a global option to expose deprecated directives - MINOR: spoe: Add SPOE filters in the exposed deprecated directives - CLEANUP: assorted typo fixes in the code and comments - CI: temporarily adjust kernel entropy to work with ASAN/clang - BUG/MEDIUM: spoe: Return an invalid frame on recv if size is too small - BUG/MINOR: session: ensure conn owner is set after insert into session - BUG/MEDIUM: http_ana: ignore NTLM for reuse aggressive/always and no H1 - BUG/MAJOR: connection: fix server used_conns with H2 + reuse safe - BUG/MAJOR: ocsp: Separate refcount per instance and per store - REGTESTS: ssl: Add OCSP related tests - BUG/MEDIUM: ssl: Fix crash when calling "update ssl ocsp-response" when an update is ongoing - BUG/MEDIUM: ssl: Fix crash in ocsp-update log function - MEDIUM: ssl: Change output of ocsp-update log - MINOR: ssl: Change level of ocsp-update logs - CLEANUP: ssl: Remove undocumented ocsp fetches - REGTESTS: ssl: Add checks on ocsp-update log format - MINOR: connection: implement conn_release() - MINOR: connection: extend takeover with release option - MEDIUM: server: close idle conn on server deletion - MEDIUM: mux: prepare for takeover on private connections - MEDIUM: server: close private idle connection before server deletion - BUG/MINOR: mux-quic: close all QCS before freeing QCC tasklet - BUG/MEDIUM: mux-fcgi: Properly handle EOM flag on end-of-trailers HTX block - BUILD: server: fix build regression on old compilers (<= gcc-4.4) - OPTIM: http_ext: avoid useless copy in http_7239_extract_{ipv4,ipv6} - MINOR: debug: add "debug dev trace" to flood with traces - MINOR: atomic: add a read-specific variant of __ha_cpu_relax() - MINOR: applet: add new function applet_append_line() - MINOR: log/applet: add new function syslog_applet_append_event() - MEDIUM: ring/sink: use applet_append_line()/syslog_applet_append_event() for readers - REORG: dns/ring: split the ring between the generic one and the DNS one - MEDIUM: ring: move the ring reader code to ring_dispatch_messages() - MEDIUM: sink: move the generic ring forwarder code use ring_dispatch_messages() - MEDIUM: log/sink: make the log forwarder code use ring_dispatch_messages() - MINOR: buf: add b_add_ofs() to add a count to an absolute position - MINOR: buf: add b_rel_ofs() to turn an absolute offset into a relative one - MINOR: buf: add b_putblk_ofs() to copy a block at a specific position - MINOR: buf: add b_getblk_ofs() that works relative to area and not head - MINOR: ring: make the ring reader use only absolute offsets - MINOR: ring: reserve one special value for the readers count - MINOR: vecpair: add new vector pair based data manipulation mechanisms - MINOR: vecpair: add necessary functions to use vecpairss from/to ring APIs - MINOR: ring: rename totlen vs msglen in ring_write() - MINOR: ring: add ring_data() to report the amount of data in a ring - MINOR: ring: add ring_size() to return the ring's size - MINOR: ring: add ring_dup() to copy a ring into another one - MINOR: ring: also add ring_area(), ring_head(), ring_tail() - MINOR: ring: make callers use ring_data() and ring_size(), not ring->buf - MINOR: errors: use ring_dup() to duplicate the startup_logs - MINOR: ring: use ring_size(), ring_area(), ring_head() and ring_tail() - MINOR: ring: add a flag to indicate a mapped file - MAJOR: ring: insert an intermediary ring_storage level - MINOR: ring: resize only under thread isolation - MINOR: ring: allow to reduce a ring size - MEDIUM: ring: replace the buffer API in ring_write() with the vec<->ring API - MEDIUM: ring: change the ring reader to use the new vector-based API now - MEDIUM: ring: remove the struct buffer from the ring - MEDIUM: ring: align the head and tail fields in the ring_storage structure - MINOR: ring: make the reader check the readers count before inc/dec - MEDIUM: ring: lock the tail's readers counters before proceeding with the changes - MEDIUM: ring: protect the reader's positions against writers - MEDIUM: ring: use the topmost bit of the tail as a lock - MEDIUM: move the ring's lock to only protect the readers list - MEDIUM: ring: unlock the ring's tail earlier - MINOR: ring: don't take the readers lock if there are no readers - MEDIUM: ring/applet: turn the wait_entry list to an mt_list instead - MEDIUM: ring: protect the initialization of the initial reader offset - MINOR: ring: make sure ring_dispatch waits when facing a changing message - MAJOR: ring: drop the now unneeded lock - OPTIM: ring: don't even try to update offset when failed to read - OPTIM: ring: have only one thread at a time wake up all readers - MINOR: ring: keep a few frequently used pointers in the local stack - MINOR: ring: add the definition of a ring waiting cell - MINOR: ring: make the number of queues configurable - MAJOR: ring: implement a waiting queue in front of the ring - MEDIUM: ring: significant boost in the loop by checking the ring queue ptr first - MEDIUM: ring: improve speed in the queue waiting loop on x86_64 - MINOR: ring: simplify the write loop a little bit - CLEANUP: ring: further simplify the write loop - MINOR: ring: it's not x86 but all non-ARMv8.1 which needs the read before OR - MINOR: ring: avoid writes to cells during copy - OPTIM: ring: use relaxed stores to release the threads - CLEANUP: ring: use only curr_cell and not next_cell in the main write loop - BUILD: ssl: fix build error on older compilers with openssl-3.2 - BUG/MINOR: server: 'source' interface ignored from 'default-server' directive - BUG/MAJOR: ring: free the ring storage not the ring itself when using maps |
||
Willy Tarreau
|
db1a7513b7 |
[RELEASE] Released version 3.0-dev5
Released version 3.0-dev5 with the following main changes : - BUG/MEDIUM: applet: Fix HTX .rcv_buf callback function to release outbuf buffer - BUG/MAJOR: ssl/ocsp: crash with ocsp when old process exit or using ocsp CLI - BUG/MEDIUM: server: fix dynamic servers initial settings - BUG/MINOR: ssl/cli: duplicate cleaning code in cli_parse_del_crtlist - LICENSE: event_hdl: fix GPL license version - LICENSE: http_ext: fix GPL license version - BUG/MEDIUM: mux-h1: Fix again 0-copy forwarding of chunks with an unknown size - BUG/MINOR: mux-h1: Properly report when mux is blocked during a nego - MINOR: mux-h1: Move checks performed before a shutdown in a dedicated function - MINOR: mux-h1: Move all stuff to detach a stream in an internal function - MAJOR: mux-h1: Drain requests on client side before shut a stream down - MEDIUM: htx/http-ana: No longer close connection on early HAProxy response - MINOR: quic: filter show quic by address - MINOR: quic: specify show quic output fields - MINOR: quic: add MUX output for show quic - CLEANUP: mux-h2: Fix h2s_make_data() comment about the return value - DOC: configuration: clarify ciphersuites usage - BUG/MINOR: config/quic: Alert about PROXY protocol use on a QUIC listener - BUG/MINOR: hlua: Fix log level to the right value when set via TXN:set_loglevel - MINOR: hlua: Be able to disable logging from lua - BUG/MINOR: tools: seed the statistical PRNG slightly better - BUG/MINOR: hlua: fix unsafe lua_tostring() usage with empty stack - BUG/MINOR: hlua: don't use lua_tostring() from unprotected contexts - BUG/MINOR: hlua: fix possible crash in hlua_filter_new() under load - BUG/MINOR: hlua: improper lock usage in hlua_filter_callback() - BUG/MINOR: hlua: improper lock usage in hlua_filter_new() - BUG/MEDIUM: hlua: improper lock usage with SET_SAFE_LJMP() - BUG/MAJOR: hlua: improper lock usage with hlua_ctx_resume() - BUG/MINOR: hlua: don't call ha_alert() in hlua_event_subscribe() - MINOR: hlua: use SEND_ERR to report errors in hlua_event_runner() - CLEANUP: hlua: txn class functions may LJMP - BUG/MINOR: sink: fix a race condition in the TCP log forwarding code - BUILD: thread: move lock label definitions to thread-t.h - BUILD: tree-wide: fix a few missing includes in a few files - BUILD: buf: make b_ncat() take a const for the source - CLEANUP: assorted typo fixes in the code and comments - CLEANUP: fix typo in naming for variable "unused" - CI: run more smoke tests on config syntax to check memory related issues - CI: enable monthly build only test on netbsd-9.3 - CI: skip scheduled builds on forks - BUG/MINOR: ssl/cli: typo in new ssl crl-file CLI description - BUG/MEDIUM: quic: fix connection freeze on post handshake - BUG/MINOR: mux-quic: fix crash on aborting uni remote stream - CLEANUP: log: fix obsolete comment for add_sample_to_logformat_list() - CLEANUP: tree-wide: use proper ERR_* return values for PRE_CHECK fcts - BUG/MINOR: cfgparse: report proper location for log-format-sd errors - MINOR: vars: export var_set and var_unset functions - MINOR: Add aes_gcm_enc converter - BUG/MEDIUM: quic: fix handshake freeze under high traffic - MINOR: quic: always use ncbuf for rx CRYPTO - BUILD: ssl: define EVP_CTRL_AEAD_GET_TAG for older versions - DOC: design: write first notes about ring-v2 - OPTIM: sink: try to merge "dropped" messages faster - OPTIM: sink: drop the sink lock used to count drops - DEV: haring: make haring not depend on the struct ring itself - DEV: haring: split the code between ring and buffer - DEV: haring: automatically use the advertised ring header size - BUILD: solaris: fix compilation errors |
||
Willy Tarreau
|
dec017575d |
[RELEASE] Released version 3.0-dev4
Released version 3.0-dev4 with the following main changes : - BUG/MEDIUM: ssl: Fix crash when calling "update ssl ocsp-response" when an update is ongoing - BUG/MEDIUM: quic: Wrong K CUBIC calculation. - MINOR: quic: Update K CUBIC calculation (RFC 9438) - MINOR: quic: Dynamic packet reordering threshold - MINOR: quic: Add a counter for reordered packets - BUG/MAJOR: mux-h1: Fix zero-copy forwarding when sending chunks of unknown size - MINOR: stats: Use a dedicated function to check if output is almost full - BUG/MEDIUM: applet: Add a flag to state an applet is using zero-copy forwarding - BUG/MEDIUM: stconn/applet: Block 0-copy forwarding if producer needs more room - MINOR: applet: Remove uselelss test on SE_FL_SHR/SHW flags - MEDIUM: applet: Add notion of shutdown for write for applets - MINOR: cli: No longer check SC for shutdown to interrupt wait command - BUG/MEDIUM: stconn: Allow expiration update when READ/WRITE event is pending - BUG/MEDIUM: stconn: Don't check pending shutdown to wake an applet up - CLEANUP: stconn: Move SE flags set by app layer at the end of the bitfield - MINOR: stconn: Rename SE_FL_MAY_FASTFWD and reorder bitfield - MINOR: stconn: Add SE flag to announce zero-copy forwarding on consumer side - MINOR: muxes: Announce support for zero-copy forwarding on consumer side - BUG/MAJOR: stconn: Check support for zero-copy forwarding on both sides - MINOR: muxes/applet: Simplify checks on options to disable zero-copy forwarding - BUG/MINOR: quic: reject unknown frame type - MINOR: quic: handle all frame types on reception - BUG/MINOR: quic: reject HANDSHAKE_DONE as server - BUG/MINOR: qpack: reject invalid increment count decoding - BUG/MINOR: qpack: reject invalid dynamic table capacity - DOC/MINOR: userlists: mention solutions to high cpu with hashes - DOC: quic: Missing tuning setting in "Global parameters" - BUG/MEDIUM: applet: Immediately free appctx on early error - BUG/MEDIUM: hlua: Be able to garbage collect uninitialized lua sockets - BUG/MEDIUM: hlua: Don't loop if a lua socket does not consume received data - BUG/MEDIUM: quic: fix transient send error with listener socket - MINOR: log: custom name for logformat node - MINOR: sample: add type_to_smp() helper function - MINOR: log: explicit typecasting for logformat nodes - MINOR: log: simplify last_isspace in sess_build_logline() - MINOR: log: simplify quotes handling in sess_build_logline() - MINOR: log: print metadata prefixes separately in sess_build_logline() - MINOR: log: automate string array construction in sess_build_logline() - DOC: quic: fix recommandation for bind on multiple address - MINOR: quic: warn on bind on multiple addresses if no IP_PKTINFO support - OPTIM: quic: improve slightly qc_snd_buf() internal - MINOR: quic: move IP_PKTINFO on send on a dedicated function - MINOR: quic: remove sendto() usage variant - MINOR: quic: only use sendmsg() syscall variant - BUILD: applet: fix build on some 32-bit archs - BUG/MINOR: quic: initialize msg_flags before sendmsg - BUG/MEDIUM: mux-h1: Don't emit 0-CRLF chunk in h1_done_ff() when iobuf is empty - CLEANUP: proxy/log: remove unused proxy flag - CLEANUP: log: fix process_send_log() indentation - CLEANUP: log: use free_logformat_list() in parse_logformat_string() - MINOR: log: add free_logformat_node() helper function - BUG/MINOR: log: fix potential lf->name memory leak - BUG/MINOR: ist: allocate nul byte on istdup - BUG/MINOR: stats: drop srv refcount on early release - BUG/MAJOR: promex: fix crash on deleted server - BUG/MAJOR: server: fix stream crash due to deleted server - BUG/MEDIUM: mux-quic: do not crash on qcs_destroy for connection error - MINOR: cli: Remove useless loop on commands to find unescaped semi-colon - BUG/MEDIUM: cli: Warn if pipelined commands are delimited by a \n - BUG/MAJOR: cli: Restore non-interactive mode behavior with pipelined commands - BUG/MINOR: quic: fix output of show quic - MINOR: ssl: Call callback function after loading SSL CRL data - BUG/MINOR: ist: only store NUL byte on succeeded alloc |
||
Willy Tarreau
|
c7ce5281c4 |
[RELEASE] Released version 3.0-dev3
Released version 3.0-dev3 with the following main changes : - DOC: configuration: clarify http-request wait-for-body - BUG/MAJOR: ssl_sock: Always clear retry flags in read/write functions - MINOR: h3: add traces for stream sending function - BUG/MEDIUM: h3: do not crash on invalid response status code - BUG/MEDIUM: qpack: allow 6xx..9xx status codes - BUG/MEDIUM: quic: fix crash on invalid qc_stream_buf_free() BUG_ON - CLEANUP: log: deinitialization of the log buffer in one function - BUG/MINOR: h1: Don't support LF only at the end of chunks - BUG/MEDIUM: h1: Don't support LF only to mark the end of a chunk size - MINOR: ssl: add HAVE_SSL_0RTT constant - MINOR: ssl: rename HA_OPENSSL_HAVE_0RTT_SUPPORT constant to HAVE_SSL_0RTT_QUIC - MEDIUM: ssl/quic: always compile the ssl_conf.early_data test - DOC: httpclient: add dedicated httpclient section - BUG/MINOR: h1-htx: properly initialize the err_pos field - BUG/MEDIUM: h1: always reject the NUL character in header values - CLEANUP: h1: remove unused function h1_measure_trailers() - BUG/MINOR: ssl/quic: fix 0RTT define - MINOR: mux-quic: prepare for earlier flow control update - MINOR: mux-quic: define a flow control related type - MEDIUM: mux-quic: limit stream flow control on snd_buf - MEDIUM: mux-quic: limit conn flow control on snd_buf - MINOR: mux-quic: remove unneeded sent-offset fields - MINOR: mux-quic: check fctl during STREAM frame build - MAJOR: mux-quic: remove intermediary Tx buffer - MEDIUM: mux-quic: simplify sending API - MEDIUM: mux-quic: release Tx buf on too small room - MEDIUM: mux-quic: properly handle conn Tx buf exhaustion - MINOR: mux-quic: realign Tx buffer if possible - CLEANUP: connection: remove obsolete comment in header file - OPTIM: connection: progressive hash for conn_calculate_hash() - MINOR: tcp_act: fix alphabetical ordering of tcp request content actions - MINOR: tcp-act: Rename "set-{mark,tos}" to "set-fc-{mark,tos}" - MINOR: hlua: Rename set_{tos, mark} to set_fc_{tos, mark} - MEDIUM: tcp-act: <expr> support for set-fc-{mark,tos} actions - MEDIUM: tcp-act/backend: support for set-bc-{mark,tos} actions - MINOR: stats: Be able to access to registered stats modules from anywhere - MEDIUM: stats: Be able to access a specific field into a stats module - MINOR: promex: Add a param to override the description when a metric is dumped - MINOR: promex: Add info in the promex context to dump extra counters - MEDIUM: promex: Dump frontends extra counters if requested - MEDIUM: promex: Dump backends extra counters if requested - MEDIUM: promex: Dump servers extra counters if requested - MEDIUM: promex: Dump listeners extra counters if requested - DOC: promex: Add documentation about extra-counters - MINOR: promex: Always limit the number of labels dumped for each metric - MEDIUM: promex: Simplify the context using generic pointers for restart points - MINOR: promex: Remove unsued htx parameter when a metric is dumped - MEDIUM: promex: Add a registration mechanism to support modules - MEDIUM: promex: Dump metrics of registered modules with a way to filter them - MEDIUM: promex/stick-table: Dump stick-table metrics via a promex module - MEDIUM: promex/resolvers: Dump resolvers metrics via a promex module - MINOR: promex: Rename dump functions to use the right wording - MINOR: promex: Always pass the final name and description to promex_dmp_ts() - MEDIUM: promex: Add support for filters on metric names - REGTESTS: promex: Adapt script to be less verbose - MINOR: compiler: add a new DO_NOT_FOLD() macro to prevent code folding - MINOR: debug: make sure calls to ha_crash_now() are never merged - MINOR: debug: make ABORT_NOW() store the caller's line number when using abort - BUG/MINOR: diag: always show the version before dumping a diag warning - BUG/MINOR: diag: run the final diags before quitting when using -c - MINOR: acl: add extra diagnostics about suspicious string patterns - BUG/MINOR: quic: Wrong ack ranges handling when reaching the limit. - BUILD: quic: Variable name typo inside a BUG_ON(). - DOC: config: fix typo for '%ms' log format alternative - DOC: config: fix ordering for "txn.*" fetches - MINOR: stream: add "txn.redispatch" fetch - BUILD: debug: remove leftover parentheses in ABORT_NOW() - MINOR: debug: make BUG_ON() catch build errors even without DEBUG_STRICT - BUG/MINOR: ssl: Fix error message after ssl_sock_load_ocsp call - MINOR: debug: support passing an optional message in ABORT_NOW() - MINOR: debug: add an optional message argument to the BUG_ON() family - DEBUG: make the "debug dev {debug|warn|check}" command print a message - CLEANUP: quic: Code clarifications for QUIC CUBIC (RFC 9438) - BUG/MINOR: quic: fix possible integer wrap around in cubic window calculation - MINOR: quic: Stop using 1024th of a second. - CI: github: abandon asan matrix.py helper - CI: ssl: add yet another OpenSSL download fallback - DOC: install: clarify WolfSSL chroot requirements - MINOR: task: Move wait_event in the task header file - MINOR: stconn: Be able to detect applets using HTX - MINOR: stconn: Explicitly use an appctx to attach a stconn on it - MINOR: stconn: Be prepared to handle error when a SC is attached to an applet - MINOR: applet: Add dedicated IN/OUT buffers for appctx - MINOR: applet: Add traces to debug receive/send and block/wake events - MINOR: applet: Add support for callback functions to exchange data with channels - MINOR: applet: Implement default functions to exchange data with channels - MEDIUM: stconn: Add functions to handle applets I/O from the SC layer - MEDIM: applet: Add the applet handler based on IN/OUT buffers - MINOR: applet: Show IN/OUT buffers in trace messages when used - MINOR: applet: Add flags on the appctx and stop abusing its state - MINIOR: applet: Add flags to deal with ends of input, ends of stream and errors - MINOR: applet: Remove appctx state field to only used the flags - MINOR: applet: Add an appctx flag to report shutdown to applets - MEDIUM: applet: Use appctx flags to report EOS/EOI/ERROR to SE - MINOR: applet: Add callback function to deal with zero-copy forwarding - MEDIUM: applet: Add support for zero-copy forwarding from an applet - MINOR: applet: Automatically handle applets having more data for the stream - MEDIUM: stats: Don't interrupt processing on partial post - MAJOR: stats: Update HTTP stats applet to handle its own buffers - MEDIUM: cache: Temporarily remove zero-copy forwarding support - MAJOR: cache: Update HTTP cache applet to handle its own buffers - MAJOR: cache: Send cached objects using zero-copy forwarding - MINOR: stconn: Add support for flags during zero-copy forwarding negotiation - MINOR: mux-h1: Be able to define the length of a chunk size when it is prepended - MEDIUM: stconn: Nofify requested size during zero-copy forwarding nego is exact - MINOR: mux-h1: Stop zero-copy forwarding during nego for too big requested size - MEDIUM: mux-h1: Support zero-copy forwarding for chunks with an unknown size - MAJOR: stats: Send stats dump over HTTP using zero-copy forwarding - MEDIUM: applet: Simplify a bit API to exchange data with applets - MINOR: cache: Remove unsed .data_sent field from the cache applet context - MINOR: applet: Use an option to disable zero-copy forwarding for all applets - MINOR: applet: Identify applets using their own buffers via a flag - BUG/MINOR: ssl: Duplicate ocsp update mode when dup'ing ckch - MINOR: ssl: Use OCSP_CERTID instead of ckch_store in ckch_store_build_certid - BUG/MINOR: ssl: Clear the ckch instance when deleting a crt-list line - BUG/MEDIUM: ocsp: Separate refcount per instance and per store - BUG/MINOR: ssl: Destroy ckch instances before the store during deinit - BUG/MINOR: ssl: Reenable ocsp auto-update after an "add ssl crt-list" - REGTESTS: ssl: Add OCSP related tests - REGTESTS: ssl: Fix empty line in cli command input - DOC: install: recommend pcre2 - DOC: config: fix misplaced "txn.conn_retries" - DOC: config: fix typos for "bytes_{in,out}" - DOC: config: fix misplaced "bytes_{in,out}" - DOC: config: add more custom log format table alternatives - MINOR: stream: rename "txn.redispatch" to "txn.redispatched" - MINOR: sample: implement bc_{be,srv}_queue samples - BUG/MINOR: mux-h2: count rejected DATA frames against the connection's flow control - MINOR: mux-h2: count excess of CONTINUATION frames as a glitch - MINOR: mux-h2: count late reduction of INITIAL_WINDOW_SIZE as a glitch - DOC: internal: update missing data types in peers-v2.0.txt - MEDIUM: stick-tables: add a new stored type for glitch_cnt and glitch_rate - MINOR: session: add the necessary functions to update the per-session glitches - MEDIUM: mux-h2: update session trackers with number of glitches - BUG/MINOR: server/cli: add missing LF at the end of certain notice/error lines - BUG/MINOR: vars/cli: fix missing LF after "get var" output - BUG/MEDIUM: cli: fix once for all the problem of missing trailing LFs - MINOR: cli: make sure to always print a pending message after release() - MINOR: cli: always reset the applet task's timeout - MINOR: cli: add a new "wait" command to wait for a certain delay - BUG/MINOR: applet: Always release empty appctx buffers after processing - MINOR: server: split the server deletion code in two parts - MINOR: cli/wait: make the wait command support a more detailed help message - MINOR: cli/wait: also support an unrecoverable failure status - MINOR: cli/wait: also pass up to 4 arguments to the external conditions - MINOR: cli/wait: add a condition to wait on a server to become unused - CI: Update to actions/cache@v4 - BUILD: address a few remaining calloc(size, n) cases - BUG/MEDIUM: pool: fix rare risk of deadlock in pool_flush() |
||
Willy Tarreau
|
535b247bf6 |
[RELEASE] Released version 3.0-dev2
Released version 3.0-dev2 with the following main changes : - MINOR: ot: logsrv struct becomes logger - MINOR: ssl: Update ssl_fc_curve/ssl_bc_curve to use SSL_get0_group_name - CLEANUP: ssl: fix indentation in smp_fetch_ssl_fc_ec() - DEV: patchbot: produce a verdict for too long commit messages - CLEANUP: ssl: fix indentation in smp_fetch_ssl_fc_ec() (part 2) - CLEANUP: quic: Double quic_dgram_parse() prototype declaration. - BUG/MINOR: map: list-based matching potential ordering regression - REGTESTS: add a test to ensure map-ordering is preserved - DOC: config: fix typo about map_*_key converters - DOC: configuration: corrected description of keyword tune.ssl.ocsp-update.mindelay - MINOR: map: mapfile ordering also matters for tree-based match types - DEV: phash: add a trivial perfect hash generator for integers - OPTIM: http: simplify http_get_status_idx() using a hash - CLEANUP: http: avoid duplicating literals in find_http_meth() - MINOR: http: add infrastructure to choose status codes for err / fail - MEDIUM: http_act: check status codes against the bit fields for err/fail - MEDIUM: http: add the ability to redefine http-err-codes and http-fail-codes - CI: codespell: ignore some words in URLs - CI: codespell: add more words to whitelist - CLEANUP: fix spelling of "occured" in src/h3.c - BUILD: quic: missing include for quic_tp - BUG/MINOR: mux-quic: do not prevent non-STREAM sending on flow control - MEDIUM: ssl: allow multiple fallback certificate to allow ECDSA/RSA selection - MEDIUM: ssl: generate '*' SNI filters for default certificates - MEDIUM: ssl: does not use default_ctx for 'generate-certificate' option - REORG: ssl: move 'generate-certificates' code to ssl_gencert.c - DOC: configuration: update configuration on how to have multiple default certs - MEDIUM: ssl: implements 'default-crt' keyword for bind Lines - CI: github: update wolfSSL to 5.6.6 - DOC: INSTALL: require at least WolfSSL 5.6.6 - DEV: h2: add support for multiple flags in mkhdr - DEV: h2: support hex-encoded data sequences in mkhdr - BUG/MINOR: mux-h2: also count streams for refused ones - BUG/MEDIUM: quic: keylog callback not called (USE_OPENSSL_COMPAT) - MINOR: vars: fix indentation in var_clear_buffer() - DOC: configuration: fix set-dst in actions keywords matrix - BUG/MEDIUM: mux-h2: refine connection vs stream error on headers - MINOR: mux-h2/traces: add a missing trace on connection WU with negative inc - MINOR: mux-h2: add a counter of "glitches" on a connection - MINOR: connection: add a new mux_ctl to report number of connection glitches - MINOR: mux-h2: implement MUX_CTL_GET_GLITCHES - MINOR: connection: add sample fetches to report per-connection glitches - BUILD: stick-table: fix build error on 32-bit platforms - MINOR: quic: Transport parameters encoding without version_information - MINOR: quic: Enable early data at SSL session level (aws-lc) - MINOR: ssl_sock: Early data disabled during SSL_CTX switching (aws-lc) - MINOR: quic: Correctly wait for the completion of handshakes with early data (aws-lc) - BUG/MEDIUM: cli: some err/warn msg dumps add LR into CSV output on stat's CLI - BUG/MINOR: jwt: fix jwt_verify crash on 32-bit archs - BUILD: quic: fix build error when using the compatibility layer - BUILD: quic: Fix build error when building QUIC against wolfssl. - BUILD: quic: Fix build error when building QUIC against libressl. - BUG/MINOR: hlua: fix uninitialized var in hlua_core_get_var() - CLEANUP: hlua: fix indent, remove extra return in hlua_core_get_var() - BUG/MEDIUM: cache: Fix crash when deleting secondary entry - BUG/MINOR: quic: newreno QUIC congestion control algorithm no more available - CLEANUP: quic: Remove unused CUBIC_BETA_SCALE_FACTOR_SHIFT macro. - MINOR: quic: Stop hardcoding a scale shifting value (CUBIC_BETA_SCALE_FACTOR_SHIFT) - MINOR: quic: extract qc_stream_buf free in a dedicated function - BUG/MEDIUM: quic: remove unsent data from qc_stream_desc buf - CLEANUP: fix spelling of "elemt" - CI: extend spell check white list - CI: enable spell check on git push - BUILD: makefile: also define cmd_CXX to pretty-print C++ build commands - BUILD/MEDIUM: deviceatlas: addon build rework. - DOC: deviceatlas: update to be in line with the v3 api. - BUILD/MEDIUM: deviceatlas: updating the addon part. - BUILD: deviceatlas: remove unneeded depenency on libcurl / libzip - BUILD: deviceatlas: fix empty "-I" left on CFLAGS - Revert "CI: enable spell check on git push" |
||
Willy Tarreau
|
2b930aa7c3 |
[RELEASE] Released version 3.0-dev1
Released version 3.0-dev1 with the following main changes : - MINOR: channel: Use dedicated functions to deal with STREAMER flags - MEDIUM: applet: Handle channel's STREAMER flags on applets size - MINOR: applets: Use channel's field to compute amount of data received - MEDIUM: cache: Save body size of cached objects and track it on delivery - MEDIUM: cache: Add support for endp-to-endp fast-forwarding - MINOR: cache: Add global option to enable/disable zero-copy forwarding - MINOR: pattern: Use reference name as filename to read patterns from a file - MEDIUM: pattern: Add support for virtual and optional files for patterns - DOC: config: Add section about name format for maps and ACLs - DOC: management/lua: Update commands about map and acl - MINOR: promex: Add support for specialized front/back/li/srv metric names - MINOR: promex: Export active/backup metrics per-server - BUG/MINOR: ssl: Double free of OCSP Certificate ID - MINOR: ssl/cli: Add ha_(warning|alert) msgs to CLI ckch callback - BUG/MINOR: ssl: Wrong OCSP CID after modifying an SSL certficate - BUG/MINOR: lua: Wrong OCSP CID after modifying an SSL certficate (LUA) - DOC: configuration: typo req.ssl_hello_type - MINOR: hq-interop: add fastfwd support - CLEANUP: mux_quic: rename ffwd function with prefix qmux_strm_ - MINOR: mux-quic: add traces for 0-copy/fast-forward - BUG/MINOR: mworker/cli: fix set severity-output support - CLEANUP: mworker/cli: add comments about pcli_find_and_exec_kw() - BUG/MEDIUM: quic: Possible buffer overflow when building TLS records - BUILD: ssl: update types in wolfssl cert selection callback - MINOR: ssl: activate the certificate selection callback for WolfSSL - CI: github: switch to wolfssl git-c4b77ad for new PR - BUG/MEDIUM: map/acl: pat_ref_{set,delete}_by_id regressions - BUG/MINOR: ext-check: cannot use without preserve-env - CLEANUP: mux-quic: remove unused prototype - MINOR: mux-quic: clean up qcs Rx buffer allocation API - MINOR: mux-quic: clean up qcs Tx buffer allocation API - CLEANUP: mux-quic: clean up app ops callback definitions - MINOR: mux-quic: factorize QC_SF_UNKNOWN_PL_LENGTH set - MINOR: h3: complete traces for sending - MINOR: h3: adjust zero-copy sending related code - MINOR: hq-interop: use zero-copy to transfer single HTX data block - BUG/MEDIUM: quic: QUIC CID removed from tree without locking - BUG/MEDIUM: stconn: Block zero-copy forwarding if EOS/ERROR on consumer side - BUG/MEDIUM: mux-h1: Cound data from input buf during zero-copy forwarding - BUG/MEDIUM: mux-h1: Explicitly skip request's C-L header if not set originally - CLEANUP: mux-h1: Fix a trace message about C-L header addition - BUG/MEDIUM: mux-h2: Report too large HEADERS frame only when rxbuf is empty - BUG/MEDIUM: mux-quic: report early error on stream - DOC: config: add arguments to sample fetch methods in the table - DOC: config: also add arguments to the converters in the table - BUG/MINOR: resolvers: default resolvers fails when network not configured - SCRIPTS: mk-patch-list: produce a list of patches - DEV: patchbot: add the AI-based bot to pre-select candidate patches to backport - BUG/MEDIUM: mux-h2: Switch pending error to error if demux buffer is empty - BUG/MEDIUM: mux-h2: Only Report H2C error on read error if demux buffer is empty - BUG/MEDIUM: mux-h2: Don't report error on SE if error is only pending on H2C - BUG/MEDIUM: mux-h2: Don't report error on SE for closed H2 streams - DOC: config: Update documentation about local haproxy response - DEV: patchbot: use checked buttons as reference instead of internal table - DEV: patchbot: allow to show/hide backported patches - MINOR: h3: remove quic_conn only reference - BUG/MINOR: server: Use the configured address family for the initial resolution - MINOR: mux-quic: remove qcc_shutdown() from qcc_release() - MINOR: mux-quic: use qcc_release in case of init failure - MINOR: mux-quic: adjust error code in init failure - MINOR: h3: add traces for connection init stage - BUG/MINOR: h3: properly handle alloc failure on finalize - MINOR: h3: use INTERNAL_ERROR code for init failure - BUG/MAJOR: stconn: Disable zero-copy forwarding if consumer is shut or in error - MINOR: stats: store the parent proxy in stats ctx (http) - BUG/MEDIUM: stats: unhandled switching rules with TCP frontend - MEDIUM: proxy: set PR_O_HTTP_UPG on implicit upgrades - MINOR: proxy: monitor-uri works with tcp->http upgrades - OPTIM: server: eb lookup for server_find_by_name() - OPTIM: server: ebtree lookups for findserver_unique_* functions - MINOR: server/event_hdl: add server_inetaddr struct to facilitate event data usage - MINOR: server/event_hdl: update _srv_event_hdl_prepare_inetaddr prototype - BUG/MINOR: server/event_hdl: propagate map port info through inetaddr event - MINOR: server: ensure connection cleanup on server addr changes - CLEANUP: server/event_hdl: remove purge_conn hint in INETADDR event - MEDIUM: server: merge srv_update_addr() and srv_update_addr_port() logic - CLEANUP: server: remove unused server_parse_addr_change_request() function - CLEANUP: resolvers: remove duplicate func prototype - MINOR: resolvers: add unique numeric id to nameservers - MEDIUM: server: make server_set_inetaddr() updater serializable - MINOR: server/event_hdl: expose updater info through INETADDR event - MINOR: server: add dns hint in server_inetaddr_updater struct - MEDIUM: server/dns: clear RMAINT when addr resolves again - BUG/MINOR: server/dns: use server_set_inetaddr() to unset srv addr from DNS - BUG/MEDIUM: server/dns: perform svc_port updates atomically from SRV records - MEDIUM: peers: use server as stream target - CLEANUP: peers: remove unused sock_init_arg struct member - CLEANUP: peers: remove unused "proto" and "xprt" struct members - MINOR: peers: rely on srv->addr and remove peer->addr - DOC: config: add context hint for server keywords - MINOR: stktable: add table_process_entry helper function - MINOR: stktable: use {show,set,clear} table with ptr - MINOR: map: add map_*_key converters to provide the matching key - DOC: fix typo for fastfwd QUIC option - BUG/MINOR: mux-quic: always report error to SC on RESET_STREAM emission - MEDIUM: mux-quic: add BUG_ON if sending on locally closed QCS - BUG/MINOR: mux-quic: disable fast-fwd if connection on error - BUG/MINOR: quic: Wrong keylog callback setting. - BUG/MINOR: quic: Missing call to TLS message callbacks - MINOR: h3: check connection error during sending - BUG/MINOR: h3: close connection on header list too big - BUG/MINOR: h3: close connection on sending alloc errors - BUG/MINOR: h3: disable fast-forward on buffer alloc failure - Revert "MINOR: mux-quic: Disable zero-copy forwarding for send by default" - MINOR: stktable: stktable_data_ptr() cannot fail in table_process_entry() - CLEANUP: assorted typo fixes in the code and comments - CI: use semantic version compare for determing "latest" OpenSSL - CLEANUP: server: remove ambiguous check in srv_update_addr_port() - CLEANUP: resolvers: remove unused RSLV_UPD_OBSOLETE_IP flag - CLEANUP: resolvers: remove some more unused RSLV_UDP flags - MEDIUM: server: simplify snr_set_srv_down() to prevent confusions - MINOR: backend: export get_server_*() functions - MINOR: tcpcheck: export proxy_parse_tcpcheck() - MEDIUM: udp: allow to retrieve the frontend destination address - MINOR: global: export a way to list build options - MINOR: debug: add features and build options to "show dev" - BUG/MINOR: server: fix server_find_by_name() usage during parsing - REGTESTS: check attach-srv out of order declaration - CLEANUP: quic: Remaining useless code into server part - BUILD: quic: Missing quic_ssl.h header protection - BUG/MEDIUM: h3: fix incorrect snd_buf return value - MINOR: h3: do not consider missing buf room as error on trailers - BUG/MEDIUM: stconn: Forward shutdown on write timeout only if it is forwardable - BUG/MEDIUM: stconn: Set fsb date if zero-copy forwarding is blocked during nego - BUG/MEDIUM: spoe: Never create new spoe applet if there is no server up - MINOR: mux-h2: support limiting the total number of H2 streams per connection - CLEANUP: mux-h2: remove the printfs from previous commit on h2 streams limit. - DEV: h2: add the ability to emit literals in mkhdr - DEV: h2: add the preface as well in supported output types - DEV: h2: support passing raw data for a frame - IMPORT: ebtree: implement and use flsnz_long() to count bits - IMPORT: ebtree: switch the sizes and offsets to size_t and ssize_t - IMPORT: ebtree: rework the fls macros to better deal with arch-specific ones - IMPORT: ebtree: make string_equal_bits turn back to unsigned char - IMPORT: ebtree: use unsigned ints for flznz() - IMPORT: ebtree: make string_equal_bits() return an unsigned |
||
Willy Tarreau
|
eb67d63456 |
[RELEASE] Released version 3.0-dev0
Released version 3.0-dev0 with the following main changes : - exact copy of 2.9.0 |
||
Willy Tarreau
|
fddb8c13b6 |
[RELEASE] Released version 2.9.0
Released version 2.9.0 with the following main changes : - DOC: config: add missing colon to "bytes_out" sample fetch keyword (2) - BUG/MINOR: cfgparse-listen: fix warning being reported as an alert - DOC: config: add matrix entry for "max-session-srv-conns" - DOC: config: fix monitor-fail typo - DOC: config: add context hint for proxy keywords - DEBUG: stream: Report lra/fsb values for front end back SC in stream dump - REGTESTS: sample: Test the behavior of consecutive delimiters for the field converter - BUG/MINOR: sample: Make the `word` converter compatible with `-m found` - DOC: Clarify the differences between field() and word() - BUG/MINOR: server/event_hdl: properly handle AF_UNSPEC for INETADDR event - BUILD: http_htx: silence uninitialized warning on some gcc versions - MINOR: acme.sh: don't use '*' in the filename for wildcard domain - MINOR: global: Use a dedicated bitfield to customize zero-copy fast-forwarding - MINOR: mux-pt: Add global option to enable/disable zero-copy forwarding - MINOR: mux-h1: Add global option to enable/disable zero-copy forwarding - MINOR: mux-h2: Add global option to enable/disable zero-copy forwarding - MINOR: mux-quic: Add global option to enable/disable zero-copy forwarding - MINOR: mux-quic: Disable zero-copy forwarding for send by default - DOC: config: update the reminder on the HTTP model and add some terminology - DOC: config: add a few more differences between HTTP/1 and 2+ - DOC: config: clarify session vs stream - DOC: config: fix typo abandonned -> abandoned - DOC: management: fix two latest typos (optionally, exception) - BUG/MEDIUM: peers: fix partial message decoding - DOC: management: update stream vs session |
||
Willy Tarreau
|
7ed737d5a7 |
[RELEASE] Released version 2.9-dev12
Released version 2.9-dev12 with the following main changes : - BUG/MINOR: global: Fix tune.disable-(fast-forward/zero-copy-forwarding) options - DOC: config: removing "log-balance" references - MINOR: server/event_hdl: add SERVER_INETADDR event - MINOR: tools: use const for read only pointers in ip{cmp,cpy} - MINOR: server/ip: centralize server ip updates - MINOR: backend: remove invalid mode test for "hash-balance-factor" - Revert "MINOR: cfgparse-listen: warn when use-server rules is used in wrong mode" - MINOR: proxy: add free_logformat_list() helper function - MINOR: proxy: add free_server_rules() helper function - MINOR: log/backend: prevent "use-server" rules use with LOG mode - MINOR: log/balance: set lbprm tot_weight on server on queue/dequeue - DOC: config: specify supported sections for "max-session-srv-conns" - DOC: config: fix timeout check inheritance restrictions - REGTESTS: connection: disable http_reuse_be_transparent.vtc if !TPROXY - DOC: lua: add sticktable class reference from Proxy.stktable - DOC: lua: fix Proxy.get_mode() output - DOC: lua: add "syslog" to Proxy.get_mode() output - MEDIUM: ssl: implement rsa/ecdsa selection with WolfSSL - MINOR: ssl: replace 'trash.area' by 'servername' in ssl_sock_switchctx_cbk() - MINOR: ssl: move certificate selection in a dedicate function - MEDIUM: ssl: use ssl_sock_chose_sni_ctx() in the clienthello callback - MINOR: mworker/cli: implement hard-reload over the master CLI - BUG/MEDIUM: mux-h1: Properly ignore trailers when a content-length is announced - MINOR: task/profiling: do not record task_drop_running() as a caller - OPTIM: pattern: save memory and time using ebst instead of ebis - BUILD: map: fix build warning - MINOR: trace: define simple -dt argument - MINOR: trace: parse level in a function - MINOR: trace: parse verbosity in a function - MINOR: trace: support -dt optional format - OPTIM: mux-h2/zero-copy: don't allocate more buffers per connections than streams - BUG/MINOR: quic: fix CONNECTION_CLOSE_APP encoding - BUG/MEDIUM: stconn: Don't perform zero-copy FF if opposite SC is blocked - BUG/MEDIUM: mux-h2: Remove H2_SF_NOTIFIED flag for H2S blocked on fast-forward - CLEANUP: quic: Remove dead definitions/declarations - REORG: quic: Move some QUIC CLI code to its C file - REORG: quic: Add a new module to handle QUIC connection IDs - REORG: quic: QUIC connection types header cleaning - BUILD: quic: Missing RX header inclusions - REORG: quic: Move CRYPTO data buffer defintions to QUIC TLS module - REORG: quic: Move QUIC CRYPTO stream definitions/declarations to QUIC TLS - REORG: quic: Move several inlined functions from quic_conn.h - REORG: quic: Move QUIC SSL BIO method related functions to quic_ssl.c - REORG: quic: Move the QUIC DCID parser to quic_sock.c - REORG: quic: Rename some functions used upon ACK receipt - REORG: quic: Move QUIC path definitions/declarations to quic_cc module - REORG: quic: Move qc_handle_conn_migration() to quic_conn.c - REORG: quic: Move quic_build_post_handshake_frames() to quic_conn module - REORG: quic: Move qc_may_probe_ipktns() to quic_tls.h - REORG: quic: Move qc_pkt_long() to quic_rx.h - REORG: quic: Rename some (quic|qc)_conn* objects to quic_conn_closed - REORG: quic: Move NEW_CONNECTION_ID frame builder to quic_cid - REORG: quic: Move ncbuf related function from quic_rx to quic_conn - REORG: quic: Add a new module for QUIC retry - BUILD: quic: Several compiler warns fixes after retry module creation - REORG: quic: Move qc_notify_send() to quic_conn - REORG: quic: Add a new module for retransmissions - REORG: quic: Remove qc_pkt_insert() implementation - REORG: quic: Move quic_increment_curr_handshake() to quic_sock - BUG/MINOR: cache: Remove incomplete entries from the cache when stream is closed - MEDIUM: cli: allow custom pattern for payload - CLEANUP: mworker/cli: use a label to return errors - MINOR: mworker/cli: implements the customized payload pattern for master CLI - DOC: management: add documentation about customized payload pattern - BUG/MEDIUM: server/event_hdl: memory overrun in _srv_event_hdl_prepare_inetaddr() - MINOR: event_hdl: add global tunables - BUG/MAJOR: server/addr: fix a race during server addr:svc_port updates - MEDIUM: log/balance: support FQDN for UDP log servers - BUG/MINOR: compression: possible NULL dereferences in comp_prepare_compress_request() - BUG/MEDIUM: master/cli: Properly pin the master CLI on thread 1 / group 1 - BUG/MEDIUM: mux-quic: Stop zero-copy FF during nego if input is not empty - CLEANUP: log: Fix %rc comment in sess_build_logline() - BUG/MINOR: h3: fix TRAILERS encoding - BUG/MINOR: h3: always reject PUSH_PROMISE - MINOR: h3: use correct error code for missing SETTINGS - MINOR: http-fetch: Add a sample to retrieve the server status code - DOC: config: Improve 'status' sample documentation - MINOR: http-fetch: Add a sample to get the transaction status code - MEDIUM: http-ana: Set termination state before returning haproxy response - MINOR: stream: Expose session terminate state via a new sample fetch - MINOR: stream: add a sample fetch to get the number of connection retries - MINOR: stream: Expose the stream's uniq_id via a new sample fetch - MINOR: muxes: Rename mux_ctl_type values to use MUX_CTL_ prefix - MINOR: muxes: Add a callback function to send commands to mux streams - MINOR: muxes: Implement ->sctl() callback for muxes and return the stream id - MINOR: Add sample fetches to get the frontend and backend stream ID - BUG/MEDIUM: cli: Don't look for payload pattern on empty commands - DOC: config: Add argument for tune.lua.maxmem - DOC: config: fix mention of request slot in http-response capture - DOC: config: fix remaining mention of @reverse for attach-srv action - DOC: config: fix missing characters in set-spoe-group action - DOC: config: reorganize actions into their own section - BUG/MINOR: acme.sh: update the deploy script - MINOR: rhttp: mark reverse HTTP as experimental - CLEANUP: quic_cid: remove unused listener arg - BUG/MINOR: quic_tp: fix preferred_address decoding - MINOR: quic_tp: use in_addr/in6_addr for preferred_address - MINOR: acme.sh: use the master CLI for hot update - DOC: config: move the cache-use and cache-store actions to the proper section - DOC: config: fix alphabetical ordering of converter keywords - DOC: config: add missing colon to "bytes_out" sample fetch keyword - DOC: config: add an index of converter keywords - DOC: config: add an index of sample fetch keywords - BUG/MINOR: config: Stopped parsing upon unmatched environment variables - DEBUG: unstatify a few functions that are often present in backtraces - BUILD: server: shut a bogus gcc warning on certain ubuntu |
||
Willy Tarreau
|
2fb1776f5c |
[RELEASE] Released version 2.9-dev11
Released version 2.9-dev11 with the following main changes : - BUG/MINOR: startup: set GTUNE_SOCKET_TRANSFER correctly - BUG/MINOR: sock: mark abns sockets as non-suspendable and always unbind them - BUILD: cache: fix build error on older compilers - BUG/MAJOR: quic: complete thread migration before tcp-rules - BUG/MEDIUM: quic: Possible crash for connections to be killed - MINOR: quic: remove unneeded QUIC specific stopping function - MINOR: acl: define explicit HTTP_3.0 - DEBUG: connection/flags: update flags for reverse HTTP - BUILD: log: silence a build warning when threads are disabled - MINOR: quic: Add traces to debug frames handling during retransmissions - BUG/MEDIUM: quic: Possible crash during retransmissions and heavy load - BUG/MINOR: quic: Possible leak of TX packets under heavy load - BUG/MINOR: quic: Possible RX packet memory leak under heavy load - BUG/MINOR: server: do not leak default-server in defaults sections - DEBUG: tinfo: store the pthread ID and the stack pointer in tinfo - MINOR: debug: start to create a new struct post_mortem - MINOR: debug: add OS/hardware info to the post_mortem struct - MINOR: debug: report in port_mortem whether a container was detected - MINOR: debug: report in post_mortem if the container techno used is docker - MINOR: debug: detect CPU model and store it in post_mortem - MINOR: debug: report any detected hypervisor in post_mortem - MINOR: debug: collect some boot-time info related to the process - MINOR: debug: copy the thread info into the post_mortem struct - MINOR: debug: dump the mapping of the libs into post_mortem - MINOR: debug: add the ability to enter components in the post_mortem struct - MINOR: init: add info about the main program to the post_mortem struct - DOC: management: document "show dev" - CLEANUP: assorted typo fixes in the code and comments - CI: limit codespell checks to main repo, not forks - DOC: 51d: updated 51Degrees repo URL for v3.2.10 - DOC: install: update the list of openssl versions - MINOR: ext-check: add an option to preserve environment variables - BUG/MEDIUM: mux-h1: Don't set CO_SFL_MSG_MORE flag on last fast-forward send - MINOR: rhttp: rename proto_reverse_connect - MINOR: rhttp: large renaming to use rhttp prefix - MINOR: rhttp: add count of active conns per thread - MEDIUM: rhttp: support multi-thread active connect - MINOR: listener: allow thread kw for rhttp bind - DOC: rhttp: replace maxconn by nbconn - MINOR: log/balance: rename "log-sticky" to "sticky" - MEDIUM: mux-quic: Add consumer-side fast-forwarding support - MAJOR: h3: Implement zero-copy support to send DATA frame |
||
Willy Tarreau
|
db09cd6ad4 |
[RELEASE] Released version 2.9-dev10
Released version 2.9-dev10 with the following main changes : - CLEANUP: Re-apply xalloc_size.cocci (3) - BUG/MEDIUM: stconn: Report send activity during mux-to-mux fast-forward - BUG/MEDIUM: stconn: Don't report rcv/snd expiration date if SC cannot epxire - MINOR: stconn: Don't queue stream task in past in sc_notify() - BUG/MEDIUM: Don't apply a max value on room_needed in sc_need_room() - BUG/MINOR: stconn: Sanitize report for read activity - CLEANUP: htx: Properly indent htx_reserve_max_data() function - DOC: stconn: Improve comments about lra and fsb usage - BUG/MEDIUM: quic: fix actconn on quic_conn alloc failure - BUG/MEDIUM: quic: fix sslconns on quic_conn alloc failure - BUG/MEDIUM: mux-h1: Be sure xprt support splicing to use it during fast-forward - MINOR: proto_reverse_connect: use connect timeout - BUG/MINOR: mux-h1: Release empty ibuf during data fast-forwarding - BUG/MINOR: stick-table/cli: Check for invalid ipv4 key - MEDIUM: stktable/cli: simplify entry key handling - MINOR: stktable/cli: support v6tov4 and v4tov6 conversions - BUG/MINOR: mux-h1: Properly handle http-request and http-keep-alive timeouts - BUG/MEDIUM: freq-ctr: Don't report overshoot for long inactivity period - BUG/MEDIUM: pool: fix releasable pool calculation when overloaded - BUG/MINOR: pool: check one other random bucket on alloc conflict - BUG/MEDIUM: pool: try once to allocate from another bucket if empty - MEDIUM: stconn/muxes: Loop on data fast-forwarding to forward at least a buffer - MINOR: stconn/mux-h2: Use a iobuf flag to report EOI to consumer side during FF - MEDIUM: quic: Heavy task mode during handshake - MEDIUM: quic: Heavy task mode with non contiguously bufferized CRYPTO data - MINOR: quic: release the TLS context asap from quic_conn_release() - MINOR: quic: Add idle timer task pointer to traces - BUG/MINOR: quic: idle timer task requeued in the past - CLEANUP: quic: Indentation fix in qc_do_build_pkt() - MINOR: quic: Avoid zeroing frame structures - BUG/MEDIUM: quic: Too short Initial packet sent (enc. level allocation failed) - BUG/MEDIUM: quic: Avoid trying to send ACK frames from an empty ack ranges tree - BUG/MEDIUM: quic: Possible crashes when sending too short Initial packets - BUG/MEDIUM: quic: Avoid some crashes upon TX packet allocation failures - BUG/MEDIUM: quic: Possible crashes during secrets allocations (heavy load) - BUG/MEDIUM: stconn: Don't update stream expiration date if already expired - MINOR: errors: ha_alert() and ha_warning() uses warn_exec_path() - MINOR: errors: does not check MODE_STARTING for log emission - MEDIUM: errors: move the MODE_QUIET test in print_message() - DOC: management: -q is quiet all the time - MEDIUM: mworker: -W is mandatory when using -S - BUG/MEDIUM: mux-h1: Exit early if fast-forward is not supported by opposite SC - MEDIUM: quic: adjust address validation - MINOR: quic: reduce half open counters scope - MEDIUM: quic: limit handshake per listener - MEDIUM: quic: define an accept queue limit - BUG/MINOR: quic: fix retry token check inconsistency - MINOR: task/debug: explicitly support passing a null caller to wakeup functions - MINOR: task/debug: make task_queue() and task_schedule() possible callers - OPTIM: mux-h2: don't allocate more buffers per connections than streams - BUG/MINOR: quic: remove dead code in error path - MEDIUM: quic: respect closing state even on soft-stop - MEDIUM: quic: release conn socket before using quic_cc_conn - DOC: config: use the word 'backend' instead of 'proxy' in 'track' description - BUG/MEDIUM: applet: Remove appctx from buffer wait list on release - MINOR: tools: make str2sa_range() directly return type hints - BUG/MEDIUM: server: invalid address (post)parsing checks - BUG/MINOR: sink: don't learn srv port from srv addr - CLEANUP: sink: bad indent in sink_new_from_logger() - CLEANUP: sink: useless leftover in sink_add_srv() - BUG/MINOR: quic: Useless use of non-contiguous buffer for in order CRYPTO data - MINOR: server: always initialize pp_tlvs for default servers - BUG/MEDIUM: proxy: always initialize the default settings after init - MEDIUM: startup: 'haproxy -c' is quiet when valid - BUG/MINOR: sample: Fix bytes converter if offset is bigger than sample length - BUG/MINOR: log: keep the ref in dup_logger() - BUG/MINOR: quic: fix crash on qc_new_conn alloc failure - BUG/MINOR: quic: fix decrement of half_open counter on qc alloc failure - BUG/MEDIUM: quic: fix FD for quic_cc_conn - DOC: config: Fix name for tune.disable-zero-copy-forwarding global param - REGTESTS: startup: -conf-OK requires -V with current VTest - BUG/MEDIUM: quic: Non initialized CRYPTO data stream deferencing - MINOR: quic: Add a max window parameter to congestion control algorithms - MINOR: quic: Maximum congestion control window for each algo - DOC: quic: Wrong syntax for "quic-cc-algo" keyword. - DOC: quic: Maximum congestion control window configuration - BUG/MINOR: quic: maximum window limits do not match the doc - BUG/MEDIUM: connection: report connection errors even when no mux is installed - BUG/MINOR: stconn: Handle abortonclose if backend connection was already set up - MINOR: connection: Add a CTL flag to notify mux it should wait for reads again - MEDIUM: mux-h1: Handle MUX_SUBS_RECV flag in h1_ctl() and susbscribe for reads - BUG/MEDIUM: stream: Properly handle abortonclose when set on backend only - MINOR: stconn: Use SC to detect frontend connections in sc_conn_recv() - REGTESTS: http: Improve script testing abortonclose option - MINOR: activity: report profiling duration and age in "show profiling" - BUG/MEDIUM: mworker: set the master variable earlier - BUG/MEDIUM: stream: Don't call mux .ctl() callback if not implemented - MINOR: connection: update rhttp flags usage - BUG/MINOR: mux_h2: reject passive reverse conn if error on add to idle - MINOR: server: force add to idle on reverse - MINOR: shctx: Set last_append to NULL when reserving block in hot list - MEDIUM: shctx: Move list between hot and avail list in O(1) - MEDIUM: shctx: Simplify shctx_row_reserve_hot loop - MINOR: shctx: Remove explicit 'from' param from shctx_row_data_append - MEDIUM: cache: Use dedicated cache tree lock alongside shctx lock - MINOR: cache: Remove expired entry delete in "show cache" command - MINOR: cache: Add option to avoid removing expired entries in lookup function - MEDIUM: cache: Use rdlock on cache in cache_use - MEDIUM: shctx: Remove 'hot' list from shared_context - MINOR: cache: Use dedicated trash for "show cache" cli command - MEDIUM: cache: Switch shctx spinlock to rwlock and restrict its scope - MEDIUM: cache: Add refcount on cache_entry - MEDIUM: shctx: Descend shctx_lock calls into the shctx_row_reserve_hot - MINOR: shctx: Add new reserve_finish callback call to shctx_row_reserve_hot - MAJOR: cache: Delay cache entry delete in reserve_hot function - MINOR: shctx: Remove redundant arg from free_block callback - MINOR: shctx: Remove 'use_shared_mem' variable - DOC: cache: Specify when function expects a cache lock - BUG/MEDIUM: stconn: Update fsb date on partial sends - MINOR: htx: Use a macro for overhead induced by HTX - MINOR: channel: Add functions to get info on buffers and deal with HTX streams - BUG/MINOR: stconn: Fix streamer detection for HTX streams - BUG/MINOR: stconn: Use HTX-aware channel's functions to get info on buffer - BUG/MINOR: stconn/applet: Report send activity only if there was output data - BUG/MINOR: stconn: Report read activity on non-indep streams for partial sends - BUG/MINOR: shctx: Remove old HA_SPIN_INIT - REGTESTS: try to activate again the seamless reload test with the master CLI - MINOR: proxy: Add "handshake" new timeout (frontend side) - MEDIUM: quic: Add support for "handshake" timeout setting. - MINOR: quic: Dump the expiration date of the idle timer task - BUG/MINOR: quic: Malformed CONNECTION_CLOSE frame - MEDIUM: session: handshake timeout (TCP) - DOC: proxy: Add "handshake" timeout documentation. - MINOR: quic: Rename "handshake" timeout to "client-hs" - CLEANUP: haproxy: remove old comment from 1.1 from the file header - BUG/MEDIUM: mux-h2: fail earlier on malloc in takeover() - BUG/MEDIUM: mux-h1: fail earlier on malloc in takeover() - BUG/MEDIUM: mux-fcgi: fail earlier on malloc in takeover() - MINOR: rhttp: remove the unused outgoing connect() function - MINOR: backend: without ->connect(), allow to pick another thread's connection - BUG/MINOR: stream/cli: report correct stream age in "show sess" - MINOR: stream/cli: add an optional "older" filter for "show sess" - MINOR: stream/cli: add another filter "susp" to "show sess" - MINOR: stktable: add stktable_deinit function - BUG/MINOR: proxy/stktable: missing frees on proxy cleanup - CLEANUP: backend: removing unused LB param - MEDIUM: lbprm: store algo params on 32bits - MEDIUM: log/balance: merge tcp/http algo with log ones - Revert "MINOR: proxy: report a warning for max_ka_queue in proxy_cfg_ensure_no_http()" - Revert "MINOR: tcp_rules: tcp-{request,response} requires TCP or HTTP mode" - Revert "MINOR: stktable: "stick" requires TCP or HTTP mode" - Revert "MINOR: cfgparse-listen: "http-send-name-header" requires TCP or HTTP mode" - Revert "MINOR: cfgparse-listen: "dynamic-cookie-key" requires TCP or HTTP mode" - Revert "MINOR: cfgparse-listen: "http-reuse" requires TCP or HTTP mode" - Revert "MINOR: fcgi-app: "use-fcgi-app" requires TCP or HTTP mode" - Revert "MINOR: http_htx/errors: prevent the use of some keywords when not in tcp/http mode" - Revert "MINOR: flt_http_comp: "compression" requires TCP or HTTP mode" - Revert "MINOR: filter: "filter" requires TCP or HTTP mode" - MINOR: log/backend: ensure log exclusive params are not used in other modes - MINOR: log/backend: prevent tcp-{request,response} use with LOG mode - MINOR: log/backend: prevent stick table and stick rules with LOG mode - MINOR: log/backend: prevent "http-send-name-header" use with LOG mode - MINOR: log/backend: prevent "dynamic-cookie-key" use with LOG mode - REGTESTS: http: add a test to validate chunked responses delivery |
||
Willy Tarreau
|
ff3dcb20f2 |
[RELEASE] Released version 2.9-dev9
Released version 2.9-dev9 with the following main changes : - DOC: internal: filters: fix reference to entities.pdf - BUG/MINOR: ssl: load correctly @system-ca when ca-base is define - MINOR: lua: Add flags to configure logging behaviour - MINOR: lua: change tune.lua.log.stderr default from 'on' to 'auto' - BUG/MINOR: backend: fix wrong BUG_ON for avail conn - BUG/MAJOR: backend: fix idle conn crash under low FD - MINOR: backend: refactor insertion in avail conns tree - DEBUG: mux-h2/flags: fix list of h2c flags used by the flags decoder - BUG/MEDIUM: server/log: "mode log" after server keyword causes crash - MINOR: connection: add conn_pr_mode_to_proto_mode() helper func - BUG/MEDIUM: server: "proto" not working for dynamic servers - MINOR: server: add helper function to detach server from proxy list - DEBUG: add a tainted flag when ha_panic() is called - DEBUG: lua: add tainted flags for stuck Lua contexts - DEBUG: pools: detect that malloc_trim() is in progress - BUG/MINOR: quic: do not consider idle timeout on CLOSING state - MINOR: frontend: implement a dedicated actconn increment function - BUG/MINOR: ssl: use a thread-safe sslconns increment - MEDIUM: quic: count quic_conn instance for maxconn - MEDIUM: quic: count quic_conn for global sslconns - BUG/MINOR: ssl: suboptimal certificate selection with TLSv1.3 and dual ECDSA/RSA - REGTESTS: ssl: update the filters test for TLSv1.3 and sigalgs - BUG/MINOR: mux-quic: fix early close if unset client timeout - BUG/MEDIUM: ssl: segfault when cipher is NULL - BUG/MINOR: tcpcheck: Report hexstring instead of binary one on check failure - MEDIUM: systemd: be more verbose about the reload - MINOR: sample: Add fetcher for getting all cookie names - BUG/MINOR: proto_reverse_connect: support SNI on active connect - MINOR: proxy/stktable: add resolve_stick_rule helper function - BUG/MINOR: stktable: missing free in parse_stick_table() - BUG/MINOR: cfgparse/stktable: fix error message on stktable_init() failure - MINOR: stktable: stktable_init() sets err_msg on error - MINOR: stktable: check if a type should be used as-is - MEDIUM: stktable/peers: "write-to" local table on peer updates - CI: github: update wolfSSL to 5.6.4 - DOC: install: update the wolfSSL required version - MINOR: server: Add parser support for set-proxy-v2-tlv-fmt - MINOR: connection: Send out generic, user-defined server TLVs - BUG/MEDIUM: pattern: don't trim pools under lock in pat_ref_purge_range() - MINOR: mux-h2: always use h2_send() in h2_done_ff(), not h2_process() - OPTIM: mux-h2: call h2_send() directly from h2_snd_buf() - BUG/MINOR: server: remove some incorrect free() calls on null elements |
||
Willy Tarreau
|
c1ad57f0de |
[RELEASE] Released version 2.9-dev8
Released version 2.9-dev8 with the following main changes : - MINOR: ssl: add an explicit error when 'ciphersuites' are not supported - BUILD: ssl: enable 'ciphersuites' for WolfSSL - BUILD: ssl: add 'ssl_c_r_dn' fetch for WolfSSL - BUILD: ssl: add 'secure_memcmp' converter for WolfSSL and awslc - BUILD: ssl: enable keylog for awslc - CLEANUP: ssl: remove compat functions for openssl < 1.0.0 - BUILD: ssl: enable keylog for WolfSSL - REGTESTS: pki: add a pki for SSL tests - REGTESTS: ssl: update common.pem with the new pki - REGTESTS: ssl: disable ssl_dh.vtc for WolfSSL - REGTESTS: wolfssl: temporarly disable some failing reg-tests - CI: ssl: add wolfssl to build-ssl.sh - CI: ssl: add git id support for wolfssl download - CI: github: add a wolfssl entry to the CI - CI: github: update wolfssl to git revision d83f2fa - CI: github: add awslc 1.16.0 to the push CI - BUG/MINOR: quic: Avoid crashing with unsupported cryptographic algos - REORG: quic: cleanup traces definition - BUG/MINOR: quic: reject packet with no frame - BUG/MEDIUM: mux-quic: fix RESET_STREAM on send-only stream - BUG/MINOR: mux-quic: support initial 0 max-stream-data - BUG/MINOR: h3: strengthen host/authority header parsing - CLEANUP: connection: drop an uneeded leftover cast - BUG/MAJOR: connection: make sure to always remove a connection from the tree - BUG/MINOR: quic: fix qc.cids access on quic-conn fail alloc - BUG/MINOR: quic: fix free on quic-conn fail alloc - BUG/MINOR: mux-quic: fix free on qcs-new fail alloc - BUG/MEDIUM: quic-conn: free unsent frames on retransmit to prevent crash - MEDIUM: tree-wide: logsrv struct becomes logger - MEDIUM: log: introduce log target - DOC: config: log <address> becomes log <target> in "log" related doc - MEDIUM: sink/log: stop relying on AF_UNSPEC for rings - MINOR: log: support explicit log target as argument in __do_send_log() - MINOR: log: remove the logger dependency in do_send_log() - MEDIUM: log/sink: simplify log header handling - MEDIUM: sink: inherit from caller fmt in ring_write() when rings didn't set one - MINOR: sink: add sink_new_from_srv() function - MAJOR: log: introduce log backends - MINOR: log/balance: support for the "sticky" lb algorithm - MINOR: log/balance: support for the "random" lb algorithm - MINOR: lbprm: support for the "none" hash-type function - MINOR: lbprm: compute the hash avalanche in gen_hash() - MINOR: sample: add sample_process_cnv() function - MEDIUM: log/balance: support for the "hash" lb algorithm - REGTEST: add a test for log-backend used as a log target - MINOR: server: introduce "log-bufsize" kw - BUG/MEDIUM: stconn: Report a send activity everytime data were sent - BUG/MEDIUM: applet: Report a send activity everytime data were sent - BUG/MINOR: mux-h1: Send a 400-bad-request on shutdown before the first request - MINOR: support for http-response set-timeout - BUG/MINOR: mux-h2: make up other blocked streams upon removal from list - DEBUG: pool: store the memprof bin on alloc() and update it on free() - BUG/MEDIUM: quic_conn: let the scheduler kill the task when needed - CLEANUP: hlua: Remove dead-code on error path in hlua_socket_new() - BUG/MEDIUM: mux-h1: do not forget TLR/EOT even when no data is sent - BUG/MINOR: htpp-ana/stats: Specify that HTX redirect messages have a C-L header - BUG/MEDIUM: mux-h2: Don't report an error on shutr if a shutw is pending - MEDIUM: stconn/channel: Move pipes used for the splicing in the SE descriptors - MINOR: stconn: Start to introduce mux-to-mux fast-forwarding notion - MINOR: stconn: Extend iobuf to handle a buffer in addition to a pipe - MINOR: connection: Add new mux callbacks to perform data fast-forwarding - MINOR: stconn: Temporarily remove kernel splicing support - MINOR: mux-pt: Temporarily remove splicing support - MINOR: mux-h1: Temporarily remove splicing support - MINOR: connection: Remove mux callbacks about splicing - MEDIUM: stconn: Add mux-to-mux fast-forward support - MINOR: mux-h1: Use HTX extra field only for responses with known length - MEDIUM: mux-h1: Properly handle state transitions of chunked outgoing messages - MEDIUM: raw-sock: Specifiy amount of data to send via snd_pipe callback - MINOR: mux-h1: Add function to add size of a chunk to an outgoind message - MEDIUM: mux-h1: Simplify zero-copy on sending path - MEDIUM: mux-h1: Simplify payload formatting based on HTX blocks on sending path - MEDIUM: mux-h1: Add fast-forwarding support - MINOR: h2: Set the BODYLESS_RESP flag on the HTX start-line if necessary - MEDIUM: mux-h2: Add consumer-side fast-forwarding support - MEDIUM: channel: don't look at iobuf to report an empty channel - MINOR: tree-wide: Only rely on co_data() to check channel emptyness - REGTESTS: Reenable HTTP tests about splicing - CLEAN: mux-h1: Remove useless __maybe_unused attribute on h1_make_chunk() - MEDIUM: mux-pt: Add fast-forwarding support - MINOR: global: Add an option to disable the zero-copy forwarding - BUILD: mux-h1: Fix build without kernel splicing support - REORG: stconn/muxes: Rename init step in fast-forwarding - MINOR: dgram: allow to set rcv/sndbuf for dgram sockets as well - BUG/MINOR: mux-h2: fix http-request and http-keep-alive timeouts again - BUG/MINOR: trace: fix trace parser error reporting - BUG/MEDIUM: peers: Be sure to always refresh recconnect timer in sync task - BUG/MEDIUM: peers: Fix synchro for huge number of tables - MINOR: cfgparse: forbid mixing reverse and standard listeners - MINOR: listener: add nbconn kw for reverse connect - MINOR: server: convert @reverse to rev@ standard format - MINOR: cfgparse: rename "rev@" prefix to "rhttp@" - REGTESTS: remove maxconn from rhttp bind line - MINOR: listener: forbid most keywords for reverse HTTP bind - MINOR: sample: Added support for Arrays in sample_conv_json_query in sample.c - MINOR: mux-h2/traces: explicitly show the error/refused stream states - MINOR: mux-h2/traces: clarify the "rejected H2 request" event - BUG/MINOR: mux-h2: commit the current stream ID even on reject - BUG/MINOR: mux-h2: update tracked counters with req cnt/req err |
||
Willy Tarreau
|
7f1a3ee5d7 |
[RELEASE] Released version 2.9-dev7
Released version 2.9-dev7 with the following main changes : - MINOR: support for http-request set-timeout client - BUG/MINOR: mux-quic: remove full demux flag on ncbuf release - CLEANUP: freq_ctr: make all freq_ctr readers take a const - CLEANUP: stream: make the dump code not depend on the CLI appctx - MINOR: stream: split stats_dump_full_strm_to_buffer() in two - CLEANUP: stream: use const filters in the dump function - CLEANUP: stream: make strm_dump_to_buffer() take a const stream - MINOR: stream: make strm_dump_to_buffer() take an arbitrary buffer - MINOR: stream: make strm_dump_to_buffer() show the list of filters - MINOR: stream: make stream_dump() always multi-line - MINOR: streams: add support for line prefixes to strm_dump_to_buffer() - MEDIUM: stream: now provide full stream dumps in case of loops - MINOR: debug: use the more detailed stream dump in panics - CLEANUP: stream: remove the now unused stream_dump() function - Revert "BUG/MEDIUM: quic: missing check of dcid for init pkt including a token" - MINOR: stream: fix output alignment of stuck thread dumps - BUG/MINOR: proto_reverse_connect: fix FD leak on connection error - BUG/MINOR: tcp_act: fix attach-srv rule ACL parsing - MINOR: connection: define error for reverse connect - MINOR: connection: define mux flag for reverse support - MINOR: tcp_act: remove limitation on protocol for attach-srv - BUG/MINOR: proto_reverse_connect: fix FD leak upon connect - BUG/MAJOR: plock: fix major bug in pl_take_w() introduced with EBO - Revert "MEDIUM: sample: Small fix in function check_operator for eror reporting" - DOC: sample: Add a comment in 'check_operator' to explain why 'vars_check_arg' should ignore the 'err' buffer - DEV: sslkeylogger: handle file opening error - MINOR: quic: define quic-socket bind setting - MINOR: quic: handle perm error on bind during runtime - MINOR: backend: refactor specific source address allocation - MINOR: proto_reverse_connect: support source address setting - BUILD: pool: Fix GCC error about potential null pointer dereference - MINOR: hlua: Set context's appctx when the lua socket is created - MINOR: hlua: Don't preform operations on a not connected socket - MINOR: hlua: Save the lua socket's timeout in its context - MINOR: hlua: Save the lua socket's server in its context - MINOR: hlua: Test the hlua struct first when the lua socket is connecting - BUG/MEDIUM: hlua: Initialize appctx used by a lua socket on connect only - DEBUG: mux-h1: Fix event label from trace messages about payload formatting - BUG/MINOR: mux-h1: Handle read0 in rcv_pipe() only when data receipt was tried - BUG/MINOR: mux-h1: Ignore C-L when sending H1 messages if T-E is also set - BUG/MEDIUM: h1: Ignore C-L value in the H1 parser if T-E is also set - REGTESTS: filters: Don't set C-L header in the successful response to CONNECT - MINOR: mux-h1: Add flags if outgoing msg contains a header about its payload - MINOR: mux-h1: Rely on H1S_F_HAVE_CHNK to add T-E in outgoing messages - BUG/MEDIUM: mux-h1: Add C-L header in outgoing message if it was removed - BUG/MEDIUM: mux-h1; Ignore headers modifications about payload representation - BUG/MINOR: h1-htx: Keep flags about C-L/T-E during HEAD response parsing - MINOR: h1-htx: Declare successful tunnel establishment as bodyless - BUILD: quic: allow USE_QUIC to work with AWSLC - CI: github: add USE_QUIC=1 to aws-lc build - BUG/MINOR: hq-interop: simplify parser requirement - MEDIUM: cache: Add "Origin" header to secondary cache key - MINOR: haproxy: permit to register features during boot - MINOR: tcp_rules: tcp-{request,response} requires TCP or HTTP mode - MINOR: stktable: "stick" requires TCP or HTTP mode - MINOR: filter: "filter" requires TCP or HTTP mode - MINOR: backend/balance: "balance" requires TCP or HTTP mode - MINOR: flt_http_comp: "compression" requires TCP or HTTP mode - MINOR: http_htx/errors: prevent the use of some keywords when not in tcp/http mode - MINOR: fcgi-app: "use-fcgi-app" requires TCP or HTTP mode - MINOR: cfgparse-listen: "http-send-name-header" requires TCP or HTTP mode - MINOR: cfgparse-listen: "dynamic-cookie-key" requires TCP or HTTP mode - MINOR: proxy: dynamic-cookie CLIs require TCP or HTTP mode - MINOR: cfgparse-listen: "http-reuse" requires TCP or HTTP mode - MINOR: proxy: report a warning for max_ka_queue in proxy_cfg_ensure_no_http() - MINOR: cfgparse-listen: warn when use-server rules is used in wrong mode - DOC: config: unify "log" directive doc - MINOR: sink/log: fix some typos around postparsing logic - MINOR: sink: remove useless check after sink creation - MINOR: sink: don't rely on p->parent in sink appctx - MINOR: sink: don't rely on forward_px to init sink forwarding - MINOR: sink: refine forward_px usage - MINOR: sink: function to add new sink servers - BUG/MEDIUM: stconn: Fix comparison sign in sc_need_room() - BUG/MEDIUM: actions: always apply a longest match on prefix lookup |
||
Willy Tarreau
|
f75a369009 |
[RELEASE] Released version 2.9-dev6
Released version 2.9-dev6 with the following main changes : - BUG/MINOR: quic: fdtab array underflow access - DEBUG: pools: always record the caller for uncached allocs as well - DEBUG: pools: pass the caller pointer to the check functions and macros - DEBUG: pools: make pool_check_pattern() take a pointer to the pool - DEBUG: pools: inspect pools on fatal error and dump information found - BUG/MEDIUM: quic: quic_cc_conn ->cntrs counters unreachable - DEBUG: pools: also print the item's pointer when crashing - DEBUG: pools: also print the value of the tag when it doesn't match - DEBUG: pools: print the contents surrounding the expected tag location - MEDIUM: pools: refine pool size rounding - BUG/MEDIUM: hlua: don't pass stale nargs argument to lua_resume() - BUG/MINOR: hlua/init: coroutine may not resume itself - BUG/MEDIUM: mux-fcgi: Don't swap trash and dbuf when handling STDERR records - BUG/MINOR: promex: fix backend_agg_check_status - BUG/MEDIUM: master/cli: Pin the master CLI on the first thread of the group 1 - MAJOR: import: update mt_list to support exponential back-off - CLEANUP: pools: simplify the pool expression when no pool was matched in dump - MINOR: samples: implement bytes_in and bytes_out samples - DOC: configuration: add %[req.ver] sample to %HV - BUG/MINOR: quic: Leak of frames to send. - DOC: configuration: add %[query] to %HQ - BUG/MINOR: freq_ctr: fix possible negative rate with the scaled API - BUG/MAJOR: mux-h2: Report a protocol error for any DATA frame before headers - BUILD: quic: fix build on centos 8 and USE_QUIC_OPENSSL_COMPAT - Revert "MAJOR: import: update mt_list to support exponential back-off" - BUG/MINOR: server: add missing free for server->rdr_pfx - REGTESTS: ssl: skip OCSP test w/ WolfSSL - REGTESTS: ssl: skip generate-certificates test w/ wolfSSL - MINOR: logs: clarify the check of the log range - MINOR: log: remove the unused curr_idx in struct smp_log_range - CLEANUP: logs: rename a confusing local variable "curr_rg" to "smp_rg" - MINOR: logs: use a single index to store the current range and index - MEDIUM: logs: atomically check and update the log sample index - CLEANUP: ring: rename the ring lock "RING_LOCK" instead of "LOGSRV_LOCK" - BUG/MEDIUM: http-ana: Try to handle response before handling server abort - MEDIUM: tools/ip: v4tov6() and v6tov4() rework - MINOR: pattern/ip: offload ip conversion logic to helper functions - MINOR: pattern: fix pat_{parse,match}_ip() function comments - MINOR: pattern/ip: simplify pat_match_ip() function - BUG/MEDIUM: server/cli: don't delete a dynamic server that has streams - MINOR: hlua: Add support for the "http-after-res" action - BUG/MINOR: proto_reverse_connect: fix preconnect with startup name resolution - MINOR: proto_reverse_connect: prevent transparent server for pre-connect - CI: cirrus-ci: display gdb bt if any - MEDIUM: sample: Enhances converter "bytes" to take variable names as arguments - MEDIUM: sample: Small fix in function check_operator for eror reporting - MINOR: quic: handle external extra CIDs generator. - BUG/MINOR: proto_reverse_connect: set default maxconn - MINOR: proto_reverse_connect: refactor preconnect failure - MINOR: proto_reverse_connect: remove unneeded wakeup - MINOR: proto_reverse_connect: emit log for preconnect |
||
Willy Tarreau
|
8b7841ff7a |
[RELEASE] Released version 2.9-dev5
Released version 2.9-dev5 with the following main changes : - BUG/MEDIUM: mux-h2: fix crash when checking for reverse connection after error - BUILD: import: guard plock.h against multiple inclusion - BUILD: pools: import plock.h to build even without thread support - BUG/MINOR: ssl/cli: can't find ".crt" files when replacing a certificate - BUG/MINOR: stream: protect stream_dump() against incomplete streams - DOC: config: mention uid dependency on the tune.quic.socket-owner option - MEDIUM: capabilities: enable support for Linux capabilities - CLEANUP/MINOR: connection: Improve consistency of PPv2 related constants - MEDIUM: connection: Generic, list-based allocation and look-up of PPv2 TLVs - MEDIUM: sample: Add fetch for arbitrary TLVs - MINOR: sample: Refactor fc_pp_authority by wrapping the generic TLV fetch - MINOR: sample: Refactor fc_pp_unique_id by wrapping the generic TLV fetch - MINOR: sample: Add common TLV types as constants for fc_pp_tlv - MINOR: ssl_sock: avoid iterating realloc(+1) on stored context - DOC: ssl: add some comments about the non-obvious session allocation stuff - CLEANUP: ssl: keep a pointer to the server in ssl_sock_init() - MEDIUM: ssl_sock: always use the SSL's server name, not the one from the tid - MEDIUM: server/ssl: place an rwlock in the per-thread ssl server session - MINOR: server/ssl: maintain an index of the last known valid SSL session - MINOR: server/ssl: clear the shared good session index on failure - MEDIUM: server/ssl: pick another thread's session when we have none yet - MINOR: activity: report the current run queue size - BUG/MINOR: checks: do not queue/wake a bounced check - MINOR: checks: start the checks in sleeping state - MINOR: checks: pin the check to its thread upon wakeup - MINOR: check: remember when we migrate a check - MINOR: check/activity: collect some per-thread check activity stats - MINOR: checks: maintain counters of active checks per thread - MINOR: check: also consider the random other thread's active checks - MEDIUM: checks: search more aggressively for another thread on overload - MEDIUM: checks: implement a queue in order to limit concurrent checks - MINOR: checks: also consider the thread's queue for rebalancing - DEBUG: applet: Properly report opposite SC expiration dates in traces - BUG/MEDIUM: stconn: Update stream expiration date on blocked sends - BUG/MINOR: stconn: Don't report blocked sends during connection establishment - BUG/MEDIUM: stconn: Wake applets on sending path if there is a pending shutdown - BUG/MEDIUM: stconn: Don't block sends if there is a pending shutdown - BUG/MINOR: quic: Possible skipped RTT sampling - MINOR: quic: Add a trace to quic_release_frm() - BUG/MAJOR: quic: Really ignore malformed ACK frames. - BUG/MINOR: quic: Unchecked pointer to packet number space dereferenced - BUG/MEDIUM: connection: fix pool free regression with recent ppv2 TLV patches - BUG/MEDIUM: h1-htx: Ensure chunked parsing with full output buffer - BUG/MINOR: stream: further protect stream_dump() against incomplete sessions - DOC: configuration: update examples for req.ver - MINOR: properly mark the end of the CLI command in error messages - BUILD: ssl: Build with new cryptographic library AWS-LC - REGTESTS: ssl: skip ssl_dh test with AWS-LC - BUILD: bug: make BUG_ON() void to avoid a rare warning - BUILD: checks: shut up yet another stupid gcc warning - MINOR: cpuset: add ha_cpuset_isset() to check for the presence of a CPU in a set - MINOR: cpuset: add ha_cpuset_or() to bitwise-OR two CPU sets - MINOR: cpuset: centralize a reliable bound cpu detection - MEDIUM: threads: detect incomplete CPU bindings - MEDIUM: threads: detect excessive thread counts vs cpu-map - BUILD: quic: Compilation issue on 32-bits systems with quic_may_send_bytes() - BUG/MINOR: quic: Unchecked pointer to Handshake packet number space - MINOR: global: export the display_version() symbol - MEDIUM: mworker: display a more accessible message when a worker crash - MINOR: httpclient: allow to configure the retries - MINOR: httpclient: allow to configure the timeout.connect - BUG/MINOR: quic: Wrong RTT adjusments - BUG/MINOR: quic: Wrong RTT computation (srtt and rrt_var) - BUG/MINOR: stconn: Don't inhibit shutdown on connection on error - BUG/MEDIUM: applet: Fix API for function to push new data in channels buffer - BUG/MEDIUM: stconn: Report read activity when a stream is attached to front SC - BUG/MEDIUM: applet: Report an error if applet request more room on aborted SC - BUG/MEDIUM: stconn/stream: Forward shutdown on write timeout - NUG/MEDIUM: stconn: Always update stream's expiration date after I/O - BUG/MINOR: applet: Always expect data when CLI is waiting for a new command - BUG/MINOR: ring/cli: Don't expect input data when showing events - BUG/MINOR: quic: Dereferenced unchecked pointer to Handshke packet number space - BUG/MINOR: hlua/action: incorrect message on E_YIELD error - MINOR: http_ana: position the FINAL flag for http_after_res execution - CI: scripts: add support to build-ssl.sh to download and build AWS-LC - CI: add support to matrix.py to determine the latest AWS-LC release - CI: Update matrix.py so all code is contained in functions. - CI: github: Add a weekly CI run building with AWS-LC - MINOR: ring: add a function to compute max ring payload - BUG/MEDIUM: ring: adjust maxlen consistency check - MINOR: sink: simplify post_sink_resolve function - MINOR: log/sink: detect when log maxlen exceeds sink size - MINOR: sink: inform the user when logs will be implicitly truncated - MEDIUM: sink: don't perform implicit truncations when maxlen is not set - MINOR: log: move log-forwarders cleanup in log.c - MEDIUM: httpclient/logs: rely on per-proxy post-check instead of global one - MINOR: log: add dup_logsrv() helper function - MEDIUM: log/sink: make logsrv postparsing more generic - MEDIUM: fcgi-app: properly postresolve logsrvs - MEDIUM: spoe-agent: properly postresolve log rings - MINOR: sink: add helper function to deallocate sink struct - MEDIUM: sink/ring: introduce high level ring creation helper function - MEDIUM: sink: add sink_finalize() function - CLEANUP: log: remove unnecessary trim in __do_send_log - MINOR: cache: Change hash function in default normalizer used in case of "vary" - MINOR: tasks/stats: report the number of niced tasks in "show info" - CI: Update to actions/checkout@v4 - MINOR: ssl: add support for 'curves' keyword on server lines - BUG/MINOR: quic: Wrong cluster secret initialization - CLEANUP: quic: Remove useless free_quic_tx_pkts() function. - MEDIUM: init: initialize the trash earlier - MINOR: tools: add function read_line_to_trash() to read a line of a file - MINOR: cfgparse: use read_line_from_trash() to read from /sys - MEDIUM: cfgparse: assign NUMA affinity to cpu-maps - MINOR: cpuset: dynamically allocate cpu_map - REORG: cpuset: move parse_cpu_set() and parse_cpumap() to cpuset.c - CI: musl: highlight section if there are coredumps - CI: musl: drop shopt in workflow invocation |
||
Willy Tarreau
|
518349f08a |
[RELEASE] Released version 2.9-dev4
Released version 2.9-dev4 with the following main changes : - DEV: flags/show-sess-to-flags: properly decode fd.state - BUG/MINOR: stktable: allow sc-set-gpt(0) from tcp-request connection - BUG/MINOR: stktable: allow sc-add-gpc from tcp-request connection - DOC: typo: fix sc-set-gpt references - SCRIPTS: git-show-backports: automatic ref and base detection with -m - REGTESTS: Do not use REQUIRE_VERSION for HAProxy 2.5+ (3) - DOC: jwt: Add explicit list of supported algorithms - BUILD: Makefile: add the USE_QUIC option to make help - BUILD: Makefile: add USE_QUIC_OPENSSL_COMPAT to make help - BUILD: Makefile: realigned USE_* options in make help - DEV: makefile: fix POSIX compatibility for "range" target - IMPORT: plock: also support inlining the int code - IMPORT: plock: always expose the inline version of the lock wait function - IMPORT: lorw: support inlining the wait call - MINOR: threads: inline the wait function for pthread_rwlock emulation - MINOR: atomic: make sure to always relax after a failed CAS - MINOR: pools: use EBO to wait for unlock during pool_flush() - BUILD/IMPORT: fix compilation with PLOCK_DISABLE_EBO=1 - MINOR: quic+openssl_compat: Do not start without "limited-quic" - MINOR: quic+openssl_compat: Emit an alert for "allow-0rtt" option - BUG/MINOR: quic: allow-0rtt warning must only be emitted with quic bind - BUG/MINOR: quic: ssl_quic_initial_ctx() uses error count not error code - MINOR: pattern: do not needlessly lookup the LRU cache for empty lists - IMPORT: xxhash: update xxHash to version 0.8.2 - MINOR: proxy: simplify parsing 'backend/server' - MINOR: connection: centralize init/deinit of backend elements - MEDIUM: connection: implement passive reverse - MEDIUM: h2: reverse connection after SETTINGS reception - MINOR: server: define reverse-connect server - MINOR: backend: only allow reuse for reverse server - MINOR: tcp-act: parse 'tcp-request attach-srv' session rule - REGTESTS: provide a reverse-server test - MINOR: tcp-act: define optional arg name for attach-srv - MINOR: connection: use attach-srv name as SNI reuse parameter on reverse - REGTESTS: provide a reverse-server test with name argument - MINOR: proto: define dedicated protocol for active reverse connect - MINOR: connection: extend conn_reverse() for active reverse - MINOR: proto_reverse_connect: parse rev@ addresses for bind - MINOR: connection: prepare init code paths for active reverse - MEDIUM: proto_reverse_connect: bootstrap active reverse connection - MINOR: proto_reverse_connect: handle early error before reversal - MEDIUM: h2: implement active connection reversal - MEDIUM: h2: prevent stream opening before connection reverse completed - REGTESTS: write a full reverse regtest - BUG/MINOR: h2: fix reverse if no timeout defined - CI: fedora: fix "dnf" invocation syntax - BUG/MINOR: hlua_fcn: potentially unsafe stktable_data_ptr usage - DOC: lua: fix Sphinx warning from core.get_var() - DOC: lua: fix core.register_action typo - BUG/MINOR: ssl_sock: fix possible memory leak on OOM - MEDIUM: map/acl: Improve pat_ref_set() efficiency (for "set-map", "add-acl" action perfs) - MEDIUM: map/acl: Improve pat_ref_set_elt() efficiency (for "set-map", "add-acl"action perfs) - MEDIUM: map/acl: Accelerate several functions using pat_ref_elt struct ->head list - MEDIUM: map/acl: Replace map/acl spin lock by a read/write lock. - DOC: map/acl: Remove the comments about map/acl performance issue - DOC: Explanation of be_name and be_id fetches - MINOR: connection: simplify removal of idle conns from their trees - MINOR: server: move idle tree insert in a dedicated function - MAJOR: connection: purge idle conn by last usage |
||
Willy Tarreau
|
75028bcba6 |
[RELEASE] Released version 2.9-dev3
Released version 2.9-dev3 with the following main changes : - BUG/MINOR: ssl: OCSP callback only registered for first SSL_CTX - BUG/MEDIUM: h3: Properly report a C-L header was found to the HTX start-line - MINOR: sample: add pid sample - MINOR: sample: implement act_conn sample fetch - MINOR: sample: accept_date / request_date return %Ts / %tr timestamp values - MEDIUM: sample: implement us and ms variant of utime and ltime - BUG/MINOR: sample: check alloc_trash_chunk() in conv_time_common() - DOC: configuration: describe Td in Timing events - MINOR: sample: implement the T* timer tags from the log-format as fetches - DOC: configuration: add sample fetches for timing events - BUG/MINOR: quic: Possible crash when acknowledging Initial v2 packets - MINOR: quic: Export QUIC traces code from quic_conn.c - MINOR: quic: Export QUIC CLI code from quic_conn.c - MINOR: quic: Move TLS related code to quic_tls.c - MINOR: quic: Add new "QUIC over SSL" C module. - MINOR: quic: Add a new quic_ack.c C module for QUIC acknowledgements - CLEANUP: quic: Defined but no more used function (quic_get_tls_enc_levels()) - MINOR: quic: Split QUIC connection code into three parts - CLEANUP: quic: quic_conn struct cleanup - MINOR: quic; Move the QUIC frame pool to its proper location - BUG/MINOR: chunk: fix chunk_appendf() to not write a zero if buffer is full - BUG/MEDIUM: h3: Be sure to handle fin bit on the last DATA frame - DOC: configuration: rework the custom log format table - BUG/MINOR: quic+openssl_compat: Non initialized TLS encryption levels - CLEANUP: acl: remove cache_idx from acl struct - REORG: cfgparse: extract curproxy as a global variable - MINOR: acl: add acl() sample fetch - BUILD: cfgparse: keep a single "curproxy" - BUG/MEDIUM: bwlim: Reset analyse expiration date when then channel analyse ends - MEDIUM: stream: Reset response analyse expiration date if there is no analyzer - BUG/MINOR: htx/mux-h1: Properly handle bodyless responses when splicing is used - BUG/MEDIUM: quic: consume contig space on requeue datagram - BUG/MINOR: http-client: Don't forget to commit changes on HTX message - CLEANUP: stconn: Move comment about sedesc fields on the field line - REGTESTS: http: Create a dedicated script to test spliced bodyless responses - REGTESTS: Test SPLICE feature is enabled to execute script about splicing - BUG/MINOR: quic: reappend rxbuf buffer on fake dgram alloc error - BUILD: quic: fix wrong potential NULL dereference - MINOR: h3: abort request if not completed before full response - BUG/MAJOR: http-ana: Get a fresh trash buffer for each header value replacement - CLEANUP: quic: Remove quic_path_room(). - MINOR: quic: Amplification limit handling sanitization. - MINOR: quic: Move some counters from [rt]x quic_conn anonymous struct - MEDIUM: quic: Send CONNECTION_CLOSE packets from a dedicated buffer. - MINOR: quic: Use a pool for the connection ID tree. - MEDIUM: quic: Allow the quic_conn memory to be asap released. - MINOR: quic: Release asap quic_conn memory (application level) - MINOR: quic: Release asap quic_conn memory from ->close() xprt callback. - MINOR: quic: Warning for OpenSSL wrapper QUIC bindings without "limited-quic" - REORG: http: move has_forbidden_char() from h2.c to http.h - BUG/MAJOR: h3: reject header values containing invalid chars - MINOR: mux-h2/traces: also suggest invalid header upon parsing error - MINOR: ist: add new function ist_find_range() to find a character range - MINOR: http: add new function http_path_has_forbidden_char() - MINOR: h2: pass accept-invalid-http-request down the request parser - REGTESTS: http-rules: add accept-invalid-http-request for normalize-uri tests - BUG/MINOR: h1: do not accept '#' as part of the URI component - BUG/MINOR: h2: reject more chars from the :path pseudo header - BUG/MINOR: h3: reject more chars from the :path pseudo header - REGTESTS: http-rules: verify that we block '#' by default for normalize-uri - DOC: clarify the handling of URL fragments in requests - BUG/MAJOR: http: reject any empty content-length header value - BUG/MINOR: http: skip leading zeroes in content-length values - BUG/MEDIUM: mux-h1: fix incorrect state checking in h1_process_mux() - BUG/MEDIUM: mux-h1: do not forget EOH even when no header is sent - BUILD: mux-h1: shut a build warning on clang from previous commit - DEV: makefile: add a new "range" target to iteratively build all commits - CI: do not use "groupinstall" for Fedora Rawhide builds - CI: get rid of travis-ci wrapper for Coverity scan - BUG/MINOR: quic: mux started when releasing quic_conn - BUG/MINOR: quic: Possible crash in quic_cc_conn_io_cb() traces. - MINOR: quic: Add a trace for QUIC conn fd ready for receive - BUG/MINOR: quic: Possible crash when issuing "show fd/sess" CLI commands - BUG/MINOR: quic: Missing tasklet (quic_cc_conn_io_cb) memory release (leak) - BUG/MEDIUM: quic: fix tasklet_wakeup loop on connection closing - BUG/MINOR: hlua: fix invalid use of lua_pop on error paths - MINOR: hlua: add hlua_stream_ctx_prepare helper function - BUG/MEDIUM: hlua: streams don't support mixing lua-load with lua-load-per-thread - MAJOR: threads/plock: update the embedded library again - MINOR: stick-table: move the task_queue() call outside of the lock - MINOR: stick-table: move the task_wakeup() call outside of the lock - MEDIUM: stick-table: change the ref_cnt atomically - MINOR: stick-table: better organize the struct stktable - MEDIUM: peers: update ->commitupdate out of the lock using a CAS - MEDIUM: peers: drop then re-acquire the wrlock in peer_send_teachmsgs() - MEDIUM: peers: only read-lock peer_send_teachmsgs() - MEDIUM: stick-table: use a distinct lock for the updates tree - MEDIUM: stick-table: touch updates under an upgradable read lock - MEDIUM: peers: drop the stick-table lock before entering peer_send_teachmsgs() - MINOR: stick-table: move the update lock into its own cache line - CLEANUP: stick-table: slightly reorder the stktable struct - BUILD: defaults: use __WORDSIZE not LONGBITS for MAX_THREADS_PER_GROUP - MINOR: tools: make ptr_hash() support 0-bit outputs - MINOR: tools: improve ptr hash distribution on 64 bits - OPTIM: tools: improve hash distribution using a better prime seed - OPTIM: pools: use exponential back-off on shared pool allocation/release - OPTIM: pools: make pool_get_from_os() / pool_put_to_os() not update ->allocated - MINOR: pools: introduce the use of multiple buckets - MEDIUM: pools: spread the allocated counter over a few buckets - MEDIUM: pools: move the used counter over a few buckets - MEDIUM: pools: move the needed_avg counter over a few buckets - MINOR: pools: move the failed allocation counter over a few buckets - MAJOR: pools: move the shared pool's free_list over multiple buckets - MINOR: pools: make pool_evict_last_items() use pool_put_to_os_no_dec() - BUILD: pools: fix build error on clang with inline vs forceinline |
||
Willy Tarreau
|
80cef0c02d |
[RELEASE] Released version 2.9-dev2
Released version 2.9-dev2 with the following main changes : - BUG/MINOR: quic: Possible leak when allocating an encryption level - BUG/MINOR: quic: Missing QUIC connection path member initialization - BUILD: quic: Compilation fixes for some gcc warnings with -O1 - DOC: ssl: Fix typo in 'ocsp-update' option - DOC: ssl: Add ocsp-update troubleshooting clues and emphasize on crt-list only aspect - BUG/MINOR: tcp_sample: bc_{dst,src} return IP not INT - MEDIUM: acl/sample: unify sample conv parsing in a single function - MINOR: sample: introduce c_pseudo() conv function - MEDIUM: sample: add missing ADDR=>? compatibility matrix entries - MINOR: sample: fix ipmask sample definition - MEDIUM: tree-wide: fetches that may return IPV4+IPV6 now return ADDR - MEDIUM: sample: introduce 'same' output type - BUG/MINOR: quic: Possible crash in "show quic" dumping packet number spaces - BUG/MINOR: cache: A 'max-age=0' cache-control directive can be overriden by a s-maxage - BUG/MEDIUM: sink: invalid server list in sink_new_from_logsrv() - BUG/MINOR: http_ext: unhandled ERR_ABORT in proxy_http_parse_7239() - BUG/MINOR: sink: missing sft free in sink_deinit() - BUG/MINOR: ring: size warning incorrectly reported as fatal error - BUG/MINOR: ring: maxlen warning reported as alert - BUG/MINOR: log: LF upsets maxlen for UDP targets - MINOR: sink/api: pass explicit maxlen parameter to sink_write() - BUG/MEDIUM: log: improper use of logsrv->maxlen for buffer targets - BUG/MINOR: log: fix missing name error message in cfg_parse_log_forward() - BUG/MINOR: log: fix multiple error paths in cfg_parse_log_forward() - BUG/MINOR: log: free errmsg on error in cfg_parse_log_forward() - BUG/MINOR: sink: invalid sft free in sink_deinit() - BUG/MINOR: sink: fix errors handling in cfg_post_parse_ring() - BUG/MINOR: server: set rid default value in new_server() - MINOR: hlua_fcn/mailers: handle timeout mail from mailers section - BUG/MINOR: sink/log: properly deinit srv in sink_new_from_logsrv() - EXAMPLES: maintain haproxy 2.8 retrocompatibility for lua mailers script - BUG/MINOR: hlua_fcn/queue: use atomic load to fetch queue size - BUG/MINOR: config: Remove final '\n' in error messages - BUG/MINOR: config: Lenient port configuration parsing - BUG/MEDIUM: quic: token IV was not computed using a strong secret - BUG/MINOR: quic: retry token remove one useless intermediate expand - BUG/MEDIUM: quic: missing check of dcid for init pkt including a token - BUG/MEDIUM: quic: timestamp shared in token was using internal time clock - CLEANUP: quic: remove useless parameter 'key' from quic_packet_encrypt - BUG/MINOR: hlua: hlua_yieldk ctx argument should support pointers - BUG/MEDIUM: hlua_fcn/queue: bad pop_wait sequencing - DOC: config: Fix fc_src description to state the source address is returned - BUG/MINOR: sample: Fix wrong overflow detection in add/sub conveters - BUG/MINOR: http: Return the right reason for 302 - MEDIUM: ssl: new sample fetch method to get curve name - CI: add naming convention documentation - CI: explicitely highlight VTest result section if there's something - BUG/MINOR: quic: Unckecked encryption levels availability - BUILD: quic: fix warning during compilation using gcc-6.5 - BUG/MINOR: hlua: add check for lua_newstate - BUG/MINOR: h1-htx: Return the right reason for 302 FCGI responses - MINOR: lua: Allow reading "proc." scoped vars from LUA core. - MINOR: cpuset: add cpu_map_configured() to know if a cpu-map was found - BUG/MINOR: config: do not detect NUMA topology when cpu-map is configured - BUG/MINOR: cpuset: remove the bogus "proc" from the cpu_map struct - BUG/MINOR: init: set process' affinity even in foreground - CLEANUP: cpuset: remove the unused proc_t1 field in cpu_map - CLEANUP: config: make parse_cpu_set() return documented values - BUG/MINOR: server: Don't warn on server resolution failure with init-addr none - MINOR: peers: add peers keyword registration - MINOR: quic: Stop storing the TX encoded transport parameters - MINOR: quic: Dynamic allocation for negotiated Initial TLS cipher context. - MINOR: quic: Release asap the negotiated Initial TLS context. - MINOR: quic: Add traces to qc_may_build_pkt() - MEDIUM: quic: Packet building rework. - CLEANUP: quic: Remove a useless TLS related variable from quic_conn_io_cb(). - MEDIUM: quic: Handshake I/O handler rework. - MINOR: quic: Add traces for qc_frm_free() - MINOR: quic: add trace about pktns packet/frames releasing - BUG/MINOR: quic: Missing parentheses around PTO probe variable. - MINOR: quic: Ping from Initial pktns before reaching anti-amplification limit - BUG/MINOR: server-state: Ignore empty files - BUG/MINOR: server-state: Avoid warning on 'file not found' - BUG/MEDIUM: listener: Acquire proxy's lock in relax_listener() if necessary - MINOR: quic: QUIC openssl wrapper implementation - MINOR: quic: Include QUIC opensssl wrapper header from TLS stacks compatibility header - MINOR: quic: Do not enable O-RTT with USE_QUIC_OPENSSL_COMPAT - MINOR: quic: Set the QUIC connection as extra data before calling SSL_set_quic_method() - MINOR: quic: Do not enable 0RTT with SSL_set_quic_early_data_enabled() - MINOR: quic: Add a compilation option for the QUIC OpenSSL wrapper - MINOR: quic: Export some KDF functions (QUIC-TLS) - MINOR: quic: Make ->set_encryption_secrets() be callable two times - MINOR: quic: Initialize TLS contexts for QUIC openssl wrapper - MINOR: quic: Call the keylog callback for QUIC openssl wrapper from SSL_CTX_keylog() - MINOR: quic: Add a quic_openssl_compat struct to quic_conn struct - MINOR: quic: Useless call to SSL_CTX_set_quic_method() - MINOR: quic: SSL context initialization with QUIC OpenSSL wrapper. - MINOR: quic: Missing encoded transport parameters for QUIC OpenSSL wrapper - MINOR: quic: Add "limited-quic" new tuning setting - DOC: quic: Add "limited-quic" new tuning setting - DOC: install: Document how to build a limited support for QUIC |
||
Willy Tarreau
|
fdc57c4021 |
[RELEASE] Released version 2.9-dev1
Released version 2.9-dev1 with the following main changes : - BUG/MINOR: stats: Fix Lua's `get_stats` function - MINOR: stats: protect against future stats fields omissions - BUG/MINOR: stream: do not use client-fin/server-fin with HTX - BUG/MINOR: quic: Possible crash when SSL session init fails - CONTRIB: Add vi file extensions to .gitignore - BUG/MINOR: spoe: Only skip sending new frame after a receive attempt - BUG/MINOR: peers: Improve detection of config errors in peers sections - REG-TESTS: stickiness: Delay haproxys start to properly resolv variables - DOC: quic: fix misspelled tune.quic.socket-owner - DOC: config: fix jwt_verify() example using var() - DOC: config: fix rfc7239 converter examples (again) - BUG/MINOR: cfgparse-tcp: leak when re-declaring interface from bind line - BUG/MINOR: proxy: add missing interface bind free in free_proxy - BUG/MINOR: proxy/server: free default-server on deinit - BUG/MEDIUM: hlua: Use front SC to detect EOI in HTTP applets' receive functions - BUG/MINOR: ssl: log message non thread safe in SSL Hanshake failure - BUG/MINOR: quic: Wrong encryption level flags checking - BUG/MINOR: quic: Address inversion in "show quic full" - BUG/MINOR: server: inherit from netns in srv_settings_cpy() - BUG/MINOR: namespace: missing free in netns_sig_stop() - BUG/MINOR: quic: Missing initialization (packet number space probing) - BUG/MINOR: quic: Possible crash in quic_conn_prx_cntrs_update() - BUG/MINOR: quic: Possible endless loop in quic_lstnr_dghdlr() - MINOR: quic: Remove pool_zalloc() from qc_new_conn() - MINOR: quic: Remove pool_zalloc() from qc_conn_alloc_ssl_ctx() - MINOR: quic: Remove pool_zalloc() from quic_dgram_parse() - BUG/MINOR: quic: Missing transport parameters initializations - BUG/MEDIUM: mworker: increase maxsock with each new worker - BUG/MINOR: quic: ticks comparison without ticks API use - BUG/MINOR: quic: Missing TLS secret context initialization - DOC: Add tune.h2.be.* and tune.h2.fe.* options to table of contents - DOC: Add tune.h2.max-frame-size option to table of contents - DOC: Attempt to fix dconv parsing error for tune.h2.fe.initial-window-size - REGTESTS: h1_host_normalization : Add a barrier to not mix up log messages - MEDIUM: mux-h1: Split h1_process_mux() to make code more readable - REORG: mux-h1: Rename functions to emit chunk size/crlf in the output buffer - MINOR: mux-h1: Add function to append the chunk size to the output buffer - MINOR: mux-h1: Add function to prepend the chunk crlf to the output buffer - MEDIUM: filters/htx: Don't rely on HTX extra field if payload is filtered - MEDIIM: mux-h1: Add splicing support for chunked messages - REGTESTS: Add a script to test the kernel splicing with chunked messages - CLEANUP: mux-h1: Remove useless __maybe_unused statement - BUG/MINOR: http_ext: fix if-none regression in forwardfor option - REGTEST: add an extra testcase for ifnone-forwardfor - BUG/MINOR: mworker: leak of a socketpair during startup failure - BUG/MINOR: quic: Prevent deadlock with CID tree lock - MEDIUM: ssl: handle the SSL_ERROR_ZERO_RETURN during the handshake - BUG/MINOR: ssl: SSL_ERROR_ZERO_RETURN returns CO_ER_SSL_EMPTY - BUILD: mux-h1: silence a harmless fallthrough warning - BUG/MEDIUM: quic: error checking buffer large enought to receive the retry tag - MINOR: ssl: allow to change the server signature algorithm on server lines - MINOR: ssl: allow to change the client-sigalgs on server lines - BUG/MINOR: config: fix stick table duplicate name check - BUG/MINOR: quic: Missing random bits in Retry packet header - BUG/MINOR: quic: Wrong Retry paquet version field endianess - BUG/MINOR: quic: Wrong endianess for version field in Retry token - IMPORT: slz: implement a synchronous flush() operation - MINOR: compression/slz: add support for a pure flush of pending bytes - MINOR: quic: Move QUIC TLS encryption level related code (quic_conn_enc_level_init()) - MINOR: quic: Move QUIC encryption level structure definition - MINOR: quic: Implement a packet number space identification function - MINOR: quic: Move packet number space related functions - MEDIUM: quic: Dynamic allocations of packet number spaces - CLEANUP: quic: Remove qc_list_all_rx_pkts() defined but not used - MINOR: quic: Add a pool for the QUIC TLS encryption levels - MEDIUM: quic: Dynamic allocations of QUIC TLS encryption levels - MINOR: quic: Reduce the maximum length of TLS secrets - CLEANUP: quic: Remove two useless pools a low QUIC connection level - MEDIUM: quic: Handle the RX in one pass - MINOR: quic: Remove call to qc_rm_hp_pkts() from I/O callback - CLEANUP: quic: Remove server specific about Initial packet number space - MEDIUM: quic: Release encryption levels and packet number spaces asap - CLEANUP: quic: Remove a useless test about discarded pktns (qc_handle_crypto_frm()) - MINOR: quic: Move the packet number space status at quic_conn level - MINOR: quic: Drop packet with type for discarded packet number space. - BUILD: quic: Add a DISGUISE() to please some compiler to qc_prep_hpkts() 1st parameter - BUILD: debug: avoid a build warning related to epoll_wait() in debug code |
||
Willy Tarreau
|
cb6a35fdc1 |
[RELEASE] Released version 2.9-dev0
Released version 2.9-dev0 with the following main changes : - MINOR: version: mention that it's development again |
||
Willy Tarreau
|
fdd8154ed3 |
[RELEASE] Released version 2.8.0
Released version 2.8.0 with the following main changes : - MINOR: compression: Improve the way Vary header is added - BUILD: makefile: search for SSL_INC/wolfssl before SSL_INC - MINOR: init: pre-allocate kernel data structures on init - DOC: install: add details about WolfSSL - BUG/MINOR: ssl_sock: add check for ha_meth - BUG/MINOR: thread: add a check for pthread_create - BUILD: init: print rlim_cur as regular integer - DOC: install: specify the minimum openssl version recommended - CLEANUP: mux-quic: remove unneeded fields in qcc - MINOR: mux-quic: remove nb_streams from qcc - MINOR: quic: fix stats naming for flow control BLOCKED frames - BUG/MEDIUM: mux-quic: only set EOI on FIN - BUG/MEDIUM: threads: fix a tiny race in thread_isolate() - DOC: config: fix rfc7239 converter examples - DOC: quic: remove experimental status for QUIC - CLEANUP: mux-quic: rename functions for mux_ops - CLEANUP: mux-quic: rename internal functions - BUG/MINOR: mux-h2: refresh the idle_timer when the mux is empty - DOC: config: Fix bind/server/peer documentation in the peers section - BUILD: Makefile: use -pthread not -lpthread when threads are enabled - CLEANUP: doc: remove 21 totally obsolete docs - DOC: install: mention the common strict-aliasing warning on older compilers - DOC: install: clarify a few points on the wolfSSL build method - MINOR: quic: Add QUIC connection statistical counters values to "show quic" - EXAMPLES: update the basic-config-edge file for 2.8 - MINOR: quic/cli: clarify the "show quic" help message - MINOR: version: mention that it's LTS now. |
||
Willy Tarreau
|
c8bb9aeb07 |
[RELEASE] Released version 2.8-dev13
Released version 2.8-dev13 with the following main changes : - DOC: add size format section to manual - CLEANUP: mux-quic/h3: complete BUG_ON with comments - MINOR: quic: remove return val of quic_aead_iv_build() - MINOR: quic: use WARN_ON for encrypt failures - BUG/MINOR: quic: handle Tx packet allocation failure properly - MINOR: quic: fix alignment of oneline show quic - MEDIUM: stconn/applet: Allow SF_SL_EOS flag alone - MEDIUM: stconn: make the SE_FL_ERR_PENDING to ERROR transition systematic - DOC: internal: add a bit of documentation for the stconn closing conditions - DOC/MINOR: config: Fix typo in description for `ssl_bc` in configuration.txt - BUILD: quic: re-enable chacha20_poly1305 for libressl - MINOR: mux-quic: set both EOI EOS for stream fin - MINOR: mux-quic: only set EOS on RESET_STREAM recv - MINOR: mux-quic: report error on stream-endpoint earlier - BUILD: makefile: fix build issue on GNU make < 3.82 - BUG/MINOR: mux-h2: Check H2_SF_BODY_TUNNEL on H2S flags and not demux frame ones - MINOR: mux-h2: Set H2_SF_ES_RCVD flag when decoding the HEADERS frame - MINOR: mux-h2: Add a function to propagate termination flags from h2s to SE - BUG/MEDIUM: mux-h2: Propagate termination flags when frontend SC is created - DEV: add a Lua helper script for SSL keys logging - CLEANUP: makefile: don't display a dummy features list without a target - BUILD: makefile: do not erase build options for some build options - MINOR: quic: Add low level traces (addresses, DCID) - BUG/MINOR: quic: Wrong token length check (quic_generate_retry_token()) - BUG/MINOR: quic: Missing Retry token length on receipt - MINOR: quic: Align "show quic" command help information - CLEANUP: quic: Indentation fix quic_rx_pkt_retrieve_conn() - CLEANUP: quic: Useless tests in qc_rx_pkt_handle() - MINOR: quic: Add some counters at QUIC connection level - MINOR: quic: Add a counter for sent packets - MINOR: hlua: hlua_smp2lua_str() may LJMP - MINOR: hlua: hlua_smp2lua() may LJMP - MINOR: hlua: hlua_arg2lua() may LJMP - DOC: hlua: document hlua_lua2arg() function - DOC: hlua: document hlua_lua2smp() function - BUG/MINOR: hlua: unsafe hlua_lua2smp() usage - BUILD: makefile: commit the tiny FreeBSD makefile stub - BUILD: makefile: fix build options when building tools first - BUILD: ist: do not put a cast in an array declaration - BUILD: ist: use the literal declaration for ist_lc/ist_uc under TCC - BUILD: compiler: systematically set USE_OBSOLETE_LINKER with TCC - DOC: install: update reference to known supported versions - SCRIPTS: publish-release: update the umask to keep group write access |
||
Christopher Faulet
|
f48b23f5da |
[RELEASE] Released version 2.8-dev12
Released version 2.8-dev12 with the following main changes : - BUILD: mjson: Fix warning about unused variables - MINOR: spoe: Don't stop disabled proxies - BUG/MEDIUM: filters: Don't deinit filters for disabled proxies during startup - BUG/MINOR: hlua_fcn/queue: fix broken pop_wait() - BUG/MINOR: hlua_fcn/queue: fix reference leak - CLEANUP: hlua_fcn/queue: make queue:push() easier to read - BUG/MINOR: quic: Buggy acknowlegments of acknowlegments function - DEBUG: list: add DEBUG_LIST to purposely corrupt list heads after delete - MINOR: stats: report the total number of warnings issued - MINOR: stats: report the number of times the global maxconn was reached - BUG/MINOR: mux-quic: do not prevent shutw on error - BUG/MINOR: mux-quic: do not free frame already released by quic-conn - BUG/MINOR: mux-quic: no need to subscribe for detach streams - MINOR: mux-quic: add traces for stream wake - MINOR: mux-quic: do not send STREAM frames if already subscribe - MINOR: mux-quic: factorize send subscribing - MINOR: mux-quic: simplify return path of qc_send() - MEDIUM: quic: streamline error notification - MEDIUM: mux-quic: adjust transport layer error handling - MINOR: stats: report the listener's protocol along with the address in stats - BUG/MEDIUM: mux-fcgi: Never set SE_FL_EOS without SE_FL_EOI or SE_FL_ERROR - BUG/MEDIUM: mux-fcgi: Don't request more room if mux is waiting for more data - MINOR: stconn: Add a cross-reference between SE descriptor - BUG/MINOR: proxy: missing free in free_proxy for redirect rules - MINOR: proxy: add http_free_redirect_rule() function - BUG/MINOR: http_rules: fix errors paths in http_parse_redirect_rule() - CLEANUP: http_act: use http_free_redirect_rule() to clean redirect act - MINOR: tree-wide: use free_acl_cond() where relevant - CLEANUP: acl: discard prune_acl_cond() function - BUG/MINOR: cli: don't complain about empty command on empty lines - MINOR: cli: add an option to display the uptime in the CLI's prompt - MINOR: master/cli: also implement the timed prompt on the master CLI - MINOR: cli: make "show fd" identify QUIC connections and listeners - MINOR: httpclient: allow to disable the DNS resolvers of the httpclient - BUILD: debug: fix build issue on 32-bit platforms in "debug dev task" - MINOR: ncbuf: missing malloc checks in standalone code - DOC: lua: fix core.{proxies,frontends,backends} visibility - EXAMPLES: fix race condition in lua mailers script - BUG/MINOR: errors: handle malloc failure in usermsgs_put() - BUG/MINOR: log: fix memory error handling in parse_logsrv() - BUG/MINOR: quic: Wrong redispatch for external data on connection socket - MINOR: htx: add function to set EOM reliably - MINOR: mux-quic: remove dedicated function to handle standalone FIN - BUG/MINOR: mux-quic: properly handle buf alloc failure - BUG/MINOR: mux-quic: handle properly recv ncbuf alloc failure - BUG/MINOR: quic: do not alloc buf count on alloc failure - BUG/MINOR: mux-quic: differentiate failure on qc_stream_desc alloc - BUG/MINOR: mux-quic: free task on qc_init() app ops failure - MEDIUM: session/ssl: return the SSL error string during a SSL handshake error - CI: enable monthly Fedora Rawhide clang builds - MEDIUM: mworker/cli: does not disconnect the master CLI upon error - MINOR: stconn: Remove useless test on sedesc on detach to release the xref - MEDIUM: proxy: stop emitting logs for internal proxies when stopping - MINOR: ssl: add new sample ssl_c_r_dn - BUG/MEDIUM: mux-h2: make sure control frames do not refresh the idle timeout - BUILD: ssl: ssl_c_r_dn fetches uses functiosn only available since 1.1.1 - BUG/MINOR: mux-quic: handle properly Tx buf exhaustion - BUG/MINOR: h3: missing goto on buf alloc failure - BUILD: ssl: get0_verified chain is available on libreSSL - BUG/MINOR: makefile: use USE_LIBATOMIC instead of USE_ATOMIC - MINOR: mux-quic: add trace to stream rcv_buf operation - MINOR: mux-quic: properly report end-of-stream on recv - MINOR: mux-quic: uninline qc_attach_sc() - BUG/MEDIUM: mux-quic: fix EOI for request without payload - MINOR: checks: make sure spread-checks is used also at boot time - BUG/MINOR: tcp-rules: Don't shortened the inspect-delay when EOI is set - REGTESTS: log: Reduce response inspect-delay for last_rule.vtc - DOC: config: Clarify conditions to shorten the inspect-delay for TCP rules - CLEANUP: server: remove useless tmptrash assigments in srv_update_status() - BUG/MINOR: server: memory leak in _srv_update_status_op() on server DOWN - CLEANUP: check; Remove some useless assignments to NULL - CLEANUP: stats: update the trash chunk where it's used - MINOR: clock: measure the total boot time - MINOR: stats: report the boot time in "show info" - BUG/MINOR: checks: postpone the startup of health checks by the boot time - MINOR: clock: provide a function to automatically adjust now_offset - BUG/MINOR: clock: automatically adjust the internal clock with the boot time - CLEANUP: fcgi-app; Remove useless assignment to NULL - REGTESTS: log: Reduce again response inspect-delay for last_rule.vtc - CI: drop Fedora m32 pipeline in favour of cross matrix - MEDIUM: checks: Stop scheduling healthchecks during stopping stage - MEDIUM: resolvers: Stop scheduling resolution during stopping stage - BUG/MINOR: hlua: SET_SAFE_LJMP misuse in hlua_event_runner() - BUG/MINOR: debug: fix pointer check in debug_parse_cli_task() |
||
Willy Tarreau
|
f0e8e79b3b |
[RELEASE] Released version 2.8-dev11
Released version 2.8-dev11 with the following main changes : - BUILD: debug: do not check the isolated_thread variable in non-threaded builds - BUILD: quic: fix build warning when threads are disabled - CI: more granular failure on generating build matrix - CLEANUP: quic: No more used q_buf structure - CLEANUP: quic: Rename several <buf> variables in quic_frame.(c|h) - CLEANUP: quic: Typo fix for quic_connection_id pool - BUG/MINOR: quic: Wrong key update cipher context initialization for encryption - BUG/MEDIUM: cache: Don't request more room than the max allowed - MEDIUM: stconn: Be sure to always be able to unblock a SC that needs room - EXAMPLES: fix IPV6 support for lua mailers script - BUILD: ssl: buggy -Werror=dangling-pointer since gcc 13.0 - DOC: stconn: Update comments about ABRT/SHUT for stconn structure - BUG/MEDIUM: stats: Require more room if buffer is almost full - DOC: configuration: add info about ssl-engine for 2.6 - BUG/MINOR: mux-quic: fix transport VS app CONNECTION_CLOSE - BUG/MEDIUM: mux-quic: wakeup tasklet to close on error - DEV: flags: add a script to decode most flags in the "show sess all" output - BUG/MINOR: quic: Possible crash when dumping version information - BUG/MINOR: config: make compression work again in defaults section - BUG/MEDIUM: stream: Forward shutdowns when unhandled errors are caught - MEDIUM: stream: Resync analyzers at the end of process_stream() on change - DEV: flags: add missing stream flags to show-sess-to-flags - DEV: flags/show-sess-to-flags: only retrieve hex digits from hex fields - DEV: flags/show-sess-to-flags: add support for color output - CLEANUP: src/listener.c: remove redundant NULL check |
||
Willy Tarreau
|
d8cbfa5ad5 |
[RELEASE] Released version 2.8-dev10
Released version 2.8-dev10 with the following main changes : - BUG/MINOR: stats: fix typo in `TotalSplicedBytesOut` field name - REGTESTS: add success test, "set server" via fqdn - MINOR: ssl: disable CRL checks with WolfSSL when no CRL file - BUG/MINOR: stream/cli: fix stream age calculation in "show sess" - MINOR: debug: clarify "debug dev stream" help message - DEBUG: cli: add "debug dev task" to show/wake/expire/kill tasks and tasklets - BUG/MINOR: ssl/sample: x509_v_err_str converter output when not found - REGTESTS: ssl: simplify X509_V code check in ssl_client_auth.vtc - BUILD: cli: fix build on Windows due to isalnum() implemented as a macro - MINOR: activity: use a single macro to iterate over all fields - MINOR: activity: show the line header inside the SHOW_VAL macro - MINOR: activity: iterate over all fields in a main loop for dumping - MINOR: activity: allow "show activity" to restart dumping on any line - MINOR: activity: allow "show activity" to restart in the middle of a line - DEV: haring: automatically disable DEBUG_STRICT - DEV: haring: update readme to suggest using the same build options for haring - BUG/MINOR: debug: fix incorrect profiling status reporting in show threads - MINOR: debug: permit the "debug dev loop" to run under isolation - BUG/MEDIUM: mux-h2: Properly handle end of request to expect data from server - BUG/MINOR: mux-quic: prevent quic_conn error code to be overwritten - MINOR: mux-quic: add trace event for local error - MINOR: mux-quic: wake up after recv only if avail data - MINOR: mux-quic: adjust local error API - MINOR: mux-quic: report local error on stream endpoint asap - MINOR: mux-quic: close connection asap on local error - BUG/MINOR: debug: do not emit empty lines in thread dumps - BUG/MINOR: mux-h2: Also expect data when waiting for a tunnel establishment - BUG/MINOR: time: fix NS_TO_TV macro - MEDIUM: debug: simplify the thread dump mechanism - MINOR: debug: write panic dump to stderr one thread at a time - MINOR: debug: make "show threads" properly iterate over all threads - CLEANUP: debug: remove the now unused ha_thread_dump_all_to_trash() - MINOR: ssl: allow to change the server signature algorithm - MINOR: ssl: allow to change the signature algorithm for client authentication - MINOR: cli: Use applet API to write output message - MINOR: stats: Use the applet API to write data - MINOR: peers: Use the applet API to send message - MINOR: stconn: Add a field to specify the room needed by the SC to progress - MEDIUM: tree-wide: Change sc API to specify required free space to progress - BUG/MEDIUM: stconn: Unblock SC from stream if there is enough room to progrees - MEDIUM: applet: Check room needed to unblock opposite SC when data was consumed - MEDIUM: stconn: Check room needed to unblock SC on fast-forward - MEDIUM: stconn: Check room needed to unblock opposite SC when data was sent - MINOR: hlua_fcn: fix Server.is_draining() return type - MINOR: hlua_fcn: add Server.is_backup() - MINOR: hlua_fcn: add Server.is_dynamic() - MINOR: hlua_fcn: add Server.tracking() - MINOR: hlua_fcn: add Server.get_trackers() - MINOR: hlua_fcn: add Server.get_proxy() - MINOR: hlua_fcn: add Server.get_pend_conn() and Server.get_cur_sess() - MINOR: hlua_fcn: add Proxy.get_srv_act() and Proxy.get_srv_bck() - DOC: lua/event: add ServerEvent class header - MINOR: server/event_hdl: publish macro helper - MINOR: server/event_hdl: add SERVER_STATE event - OPTIM: server: publish UP/DOWN events from STATE change - MINOR: hlua: expose SERVER_STATE event - MINOR: server/event_hdl: add SERVER_ADMIN event - MINOR: hlua: expose SERVER_ADMIN event - MINOR: checks/event_hdl: SERVER_CHECK event - MINOR: hlua/event_hdl: expose SERVER_CHECK event - MINOR: mailers/hlua: disable email sending from lua - MINOR: hlua: expose proxy mailers - EXAMPLES: add lua mailers script to replace tcpcheck mailers - BUG/MINOR: hlua: spinning loop in hlua_socket_handler() - MINOR: server: fix message report when IDRAIN is set and MAINT is cleared - CLEANUP: hlua: hlua_register_task() may longjmp - REGTESTS: use lua mailer script for mailers tests - MINOR: hlua: declare hlua_{ref,pushref,unref} functions - MINOR: hlua: declare hlua_gethlua() function - MINOR: hlua: declare hlua_yieldk() function - MINOR: hlua_fcn: add Queue class - EXAMPLES: mailqueue for lua mailers script - MINOR: quic: add format argument for "show quic" - MINOR: quic: implement oneline format for "show quic" - MINOR: config: allow cpu-map to take commas in lists of ranges - CLEANUP: fix a few reported typos in code comments - DOC: fix a few reported typos in the config and install doc |
||
Willy Tarreau
|
9de10ce478 |
[RELEASE] Released version 2.8-dev9
Released version 2.8-dev9 with the following main changes : - MINOR: quic: Move traces at proto level - BUG/MINOR: quic: Possible memory leak from TX packets - BUG/MINOR: quic: Possible leak during probing retransmissions - BUG/MINOR: quic: Useless probing retransmission in draining or killing state - BUG/MINOR: quic: Useless I/O handler task wakeups (draining, killing state) - CLEANUP: quic: rename frame types with an explicit prefix - CLEANUP: quic: rename frame variables - CLEANUP: quic: Remove useless parameters passes to qc_purge_tx_buf() - CLEANUP: quic: Rename <buf> variable to <token> in quic_generate_retry_token() - CLEANUP: quic: Rename <buf> variable into quic_padding_check() - CLEANUP: quic: Rename <buf> variable into quic_rx_pkt_parse() - CLEANUP: quic: Rename <buf> variable for several low level functions - CLEANUP: quic: Make qc_build_pkt() be more readable - CLEANUP: quic: Rename quic_get_dgram_dcid() <buf> variable - CLEANUP: quic: Rename several <buf> variables at low level - CLEANUP: quic: Rename <buf> variable into quic_packet_read_long_header() - CLEANUP: quic: Rename <buf> variable into qc_parse_hd_form() - CLEANUP: quic: Rename several <buf> variables into quic_sock.c - DEBUG: crash using an invalid opcode on x86/x86_64 instead of an invalid access - DEBUG: crash using an invalid opcode on aarch64 instead of an invalid access - DEV: h2: add a script "mkhdr" to build h2 frames from scratch - DEV: h2: support reading frame payload from a file - MINOR: acme.sh: add the deploy script for acme.sh in admin directory - BUG/MEDIUM: mux-quic: do not emit RESET_STREAM for unknown length - BUG/MEDIUM: mux-quic: improve streams fairness to prevent early timeout - BUG/MINOR: quic: prevent buggy memcpy for empty STREAM - MINOR: mux-quic: do not set buffer for empty STREAM frame - MINOR: mux-quic: do not allocate Tx buf for empty STREAM frame - MINOR: quic: finalize affinity change as soon as possible - BUG/MINOR: quic: fix race on quic_conns list during affinity rebind - CI: switch to Fastly CDN to download LibreSSL - BUILD: ssl: switch LibreSSL to Fastly CDN - BUG/MINOR: clock: fix a few occurrences of 'now' being used in place of 'date' - BUG/MINOR: spoe: use "date" not "now" in debug messages - BUG/MINOR: activity: show wall-clock date, not internal date in show activity - BUG/MINOR: opentracing: use 'date' instead of 'now' in debug output - Revert "BUG/MINOR: clock: fix a few occurrences of 'now' being used in place of 'date'" - BUG/MINOR: calltrace: fix 'now' being used in place of 'date' - BUG/MINOR: trace: show wall-clock date, not internal date in show activity - BUG/MINOR: hlua: return wall-clock date, not internal date in core.now() - BUG/MEDIUM: spoe: Don't start new applet if there are enough idle ones - BUG/MINOR: stconn: Fix SC flags with same value - BUG/MINOR: resolvers: Use sc_need_room() to wait more room when dumping stats - BUG/MEDIUM: tcpcheck: Don't eval custom expect rule on an empty buffer - BUG/MINOR: stats: report the correct start date in "show info" - MINOR: time: add conversions to/from nanosecond timestamps - MINOR: time: replace calls to tv_ms_elapsed() with a linear subtract - MINOR: spoe: switch the timeval-based timestamps to nanosecond timestamps - MEDIUM: tree-wide: replace timeval with nanoseconds in tv_accept and tv_request - MINOR: stats: use nanoseconds, not timeval to compute uptime - MINOR: activity: use nanoseconds, not timeval to compute uptime - MINOR: checks: use a nanosecond counters instead of timeval for checks->start - MINOR: clock: do not use now.tv_sec anymore - MEDIUM: clock: replace timeval "now" with integer "now_ns" - MINOR: clock: replace the timeval start_time with start_time_ns - MINOR: sample: Add bc_rtt and bc_rttvar - MINOR: quic: use real sending rate measurement - MINOR: proxy: factorize send rate measurement |
||
Willy Tarreau
|
3b50e5c164 |
[RELEASE] Released version 2.8-dev8
Released version 2.8-dev8 with the following main changes : - BUG/MEDIUM: cli: Set SE_FL_EOI flag for '_getsocks' and 'quit' commands - BUG/MEDIUM: cli: Eat output data when waiting for appctx shutdown - BUG/MEDIUM: http-client: Eat output data when waiting for appctx shutdown - BUG/MEDIUM: stats: Eat output data when waiting for appctx shutdown - BUG/MEDIUM: log: Eat output data when waiting for appctx shutdown - BUG/MEDIUM: dns: Kill idle DNS sessions during stopping stage - BUG/MINOR: resolvers: Wakeup DNS idle task on stopping - BUG/MEDIUM: resolvers: Force the connect timeout for DNS resolutions - MINOR: hlua: Stop to check the SC state when executing a hlua cli command - BUG/MEDIUM: mux-h1: Report EOI when a TCP connection is upgraded to H2 - BUG/MEDIUM: mux-h2: Never set SE_FL_EOS without SE_FL_EOI or SE_FL_ERROR - MINOR: quic: Trace fix in quic_pto_pktns() (handshaske status) - BUG/MINOR: quic: Wrong packet number space probing before confirmed handshake - MINOR: quic: Modify qc_try_rm_hp() traces - MINOR: quic: Dump more information at proto level when building packets - MINOR: quic: Add a trace for packet with an ACK frame - MINOR: activity: add a line reporting the average CPU usage to "show activity" - BUG/MINOR: stick_table: alert when type len has incorrect characters - MINOR: thread: keep a bitmask of enabled groups in thread_set - MINOR: fd: optimize fd_claim_tgid() for use in fd_insert() - MINOR: fd: add a lock bit with the tgid - MINOR: fd: implement fd_migrate_on() to migrate on a non-local thread - MINOR: receiver: reserve special values for "shards" - MINOR: bind-conf: support a new shards value: "by-group" - BUG/MEDIUM: fd: don't wait for tmask to stabilize if we're not in it. - MINOR: quic: Add packet loss and maximum cc window to "show quic" - BUG/MINOR: quic: Ignored less than 1ms RTTs - MINOR: quic: Add connection flags to traces - BUG/MEDIUM: quic: Code sanitization about acknowledgements requirements - BUG/MINOR: quic: Possible wrapped values used as ACK tree purging limit. - BUG/MINOR: quic: SIGFPE in quic_cubic_update() - MINOR: quic: Display the packet number space flags in traces - MINOR: quic: Remove a useless test about probing in qc_prep_pkts() - BUG/MINOR: quic: Wrong Application encryption level selection when probing - CI: bump "actions/checkout" to v3 for cross zoo matrix - CI: enable monthly test on Fedora Rawhide - BUG/MINOR: stream: Fix test on SE_FL_ERROR on the wrong entity - BUG/MEDIUM: stream: Report write timeouts before testing the flags - BUG/MEDIUM: stconn: Do nothing in sc_conn_recv() when the SC needs more room - MINOR: stream: Uninline and export sess_set_term_flags() function - MINOR: filters: Review and simplify errors handling - REGTESTS: fix the race conditions in log_uri.vtc - MINOR: channel: Forwad close to other side on abort - MINOR: stream: Introduce stream_abort() to abort on both sides in same time - MINOR: stconn: Rename SC_FL_SHUTR_NOW in SC_FL_ABRT_WANTED - MINOR: channel/stconn: Replace channel_shutr_now() by sc_schedule_abort() - MINOR: stconn: Rename SC_FL_SHUTW_NOW in SC_FL_SHUT_WANTED - MINOR: channel/stconn: Replace channel_shutw_now() by sc_schedule_shutdown() - MINOR: stconn: Rename SC_FL_SHUTR in SC_FL_ABRT_DONE - MINOR: channel/stconn: Replace sc_shutr() by sc_abort() - MINOR: stconn: Rename SC_FL_SHUTW in SC_FL_SHUT_DONE - MINOR: channel/stconn: Replace sc_shutw() by sc_shutdown() - MINOR: tree-wide: Replace several chn_cons() by the corresponding SC - MINOR: tree-wide: Replace several chn_prod() by the corresponding SC - BUG/MINOR: cli: Don't close when SE_FL_ERR_PENDING is set in cli analyzer - MINOR: stconn: Stop to set SE_FL_ERROR on sending path - MEDIUM: stconn: Forbid applets with more to deliver if EOI was reached - MINOR: stconn: Don't clear SE_FL_ERROR when endpoint is reset - MINOR: stconn: Add a flag to ack endpoint errors at SC level - MINOR: backend: Set SC_FL_ERROR on connection error - MINOR: stream: Set SC_FL_ERROR on channels' buffer allocation error - MINOR: tree-wide: Test SC_FL_ERROR with SE_FL_ERROR from upper layer - MEDIUM: tree-wide: Stop to set SE_FL_ERROR from upper layer - MEDIUM: backend: Stop to use SE flags to detect connection errors - MEDIUM: stream: Stop to use SE flags to detect read errors from analyzers - MEDIUM: stream: Stop to use SE flags to detect endpoint errors - MEDIUM: stconn: Rely on SC flags to handle errors instead of SE flags - BUG/MINOR: stconn: Don't set SE_FL_ERROR at the end of sc_conn_send() - BUG/MINOR: quic: Do not use ack delay during the handshakes - CLEANUP: use "offsetof" where appropriate - MINOR: ssl: remove OpenSSL 1.0.2 mention into certificate loading error - BUG/MEDIUM: http-ana: Properly switch the request in tunnel mode on upgrade - BUG/MEDIUM: log: Properly handle client aborts in syslog applet - MINOR: stconn: Add a flag to report EOS at the stream-connector level - MINOR: stconn: Propagate EOS from a mux to the attached stream-connector - MINOR: stconn: Propagate EOS from an applet to the attached stream-connector - MINOR: mux-h2: make the initial window size configurable per side - MINOR: mux-h2: make the max number of concurrent streams configurable per side - BUG/MINOR: task: allow to use tasklet_wakeup_after with tid -1 - CLEANUP: quic: remove unused QUIC_LOCK label - CLEANUP: quic: remove unused scid_node - CLEANUP: quic: remove unused qc param on stateless reset token - CLEANUP: quic: rename quic_connection_id vars - MINOR: quic: remove uneeded tasklet_wakeup after accept - MINOR: quic: adjust Rx packet type parsing - MINOR: quic: adjust quic CID derive API - MINOR: quic: remove TID ref from quic_conn - MEDIUM: quic: use a global CID trees list - MINOR: quic: remove TID encoding in CID - MEDIUM: quic: handle conn bootstrap/handshake on a random thread - MINOR: quic: do not proceed to accept for closing conn - MINOR: protocol: define new callback set_affinity - MINOR: quic: delay post handshake frames after accept - MEDIUM: quic: implement thread affinity rebinding - BUG/MINOR: quic: transform qc_set_timer() as a reentrant function - MINOR: quic: properly finalize thread rebinding - MAJOR: quic: support thread balancing on accept - MINOR: listener: remove unneeded local accept flag - BUG/MINOR: http-ana: Update analyzers on both sides when switching in TUNNEL mode - CLEANUP: backend: Remove useless debug message in assign_server() - CLEANUP: cli: Remove useless debug message in cli_io_handler() - BUG/MEDIUM: stconn: Propagate error on the SC on sending path - MINOR: config: add "no-alpn" support for bind lines - REGTESTS: add a new "ssl_alpn" test to test ALPN negotiation - DOC: add missing documentation for "no-alpn" on bind lines - MINOR: ssl: do not set ALPN callback with the empty string - MINOR: ssl_crtlist: dump "no-alpn" on "show crtlist" when "no-alpn" was set - MEDIUM: config: set useful ALPN defaults for HTTPS and QUIC - BUG/MEDIUM: quic: prevent crash on Retry sending - BUG/MINOR: cfgparse: make sure to include openssl-compat - MINOR: clock: add now_mono_time_fast() function - MINOR: clock: add now_cpu_time_fast() function - MEDIUM: hlua: reliable timeout detection - MEDIUM: hlua: introduce tune.lua.burst-timeout - CLEANUP: hlua: avoid confusion between internal timers and tick based timers - MINOR: hlua: hook yield on known lua state - MINOR: hlua: safe coroutine.create() - BUG/MINOR: quic: Stop removing ACK ranges when building packets - MINOR: quic: Do not allocate too much ack ranges - BUG/MINOR: quic: Unchecked buffer length when building the token - BUG/MINOR: quic: Wrong Retry token generation timestamp computing - BUG/MINOR: mux-quic: fix crash with app ops install failure - BUG/MINOR: mux-quic: properly handle STREAM frame alloc failure - BUG/MINOR: h3: fix crash on h3s alloc failure - BUG/MINOR: quic: prevent crash on qc_new_conn() failure - BUG/MINOR: quic: consume Rx datagram even on error - CLEANUP: errors: fix obsolete function comments - CLEANUP: server: fix update_status() function comment - MINOR: server/event_hdl: add proxy_uuid to event_hdl_cb_data_server - MINOR: hlua/event_hdl: rely on proxy_uuid instead of proxy_name for lookups - MINOR: hlua/event_hdl: expose proxy_uuid variable in server events - MINOR: hlua/event_hdl: fix return type for hlua_event_hdl_cb_data_push_args - MINOR: server/event_hdl: prepare for upcoming refactors - BUG/MINOR: event_hdl: don't waste 1 event subtype slot - CLEANUP: event_hdl: updating obsolete comment for EVENT_HDL_CB_DATA - CLEANUP: event_hdl: fix comment typo about _sync assertion - MINOR: event_hdl: dynamically allocated event data members - MINOR: event_hdl: provide event->when for advanced handlers - MINOR: hlua/event_hdl: timestamp for events - DOC: lua: restore 80 char limitation - BUG/MINOR: server: incorrect report for tracking servers leaving drain - MINOR: server: explicitly commit state change in srv_update_status() - BUG/MINOR: server: don't miss proxy stats update on server state transitions - BUG/MINOR: server: don't miss server stats update on server state transitions - BUG/MINOR: server: don't use date when restoring last_change from state file - MINOR: server: central update for server counters on state change - MINOR: server: propagate server state change to lb through single function - MINOR: server: propagate lb changes through srv_lb_propagate() - MINOR: server: change adm_st_chg_cause storage type - MINOR: server: srv_append_status refacto - MINOR: server: change srv_op_st_chg_cause storage type - CLEANUP: server: remove unused variables in srv_update_status() - CLEANUP: server: fix srv_set_{running, stopping, stopped} function comment - MINOR: server: pass adm and op cause to srv_update_status() - MEDIUM: server: split srv_update_status() in two functions - MINOR: server/event_hdl: prepare for server event data wrapper - MINOR: quic: support migrating the listener as well - MINOR: quic_sock: index li->per_thr[] on local thread id, not global one - MINOR: listener: support another thread dispatch mode: "fair" - MINOR: receiver: add a struct shard_info to store info about each shard - MINOR: receiver: add RX_F_MUST_DUP to indicate that an rx must be duped - MEDIUM: proto: duplicate receivers marked RX_F_MUST_DUP - MINOR: proto: skip socket setup for duped FDs - MEDIUM: config: permit to start a bind on multiple groups at once - MINOR: listener: make accept_queue index atomic - MEDIUM: listener: rework thread assignment to consider all groups - MINOR: listener: use a common thr_idx from the reference listener - MINOR: listener: resync with the thread index before heavy calculations - MINOR: listener: make sure to avoid ABA updates in per-thread index - MINOR: listener: always compare the local thread as well - MINOR: Make `tasklet_free()` safe to be called with `NULL` - CLEANUP: Stop checking the pointer before calling `tasklet_free()` - CLEANUP: Stop checking the pointer before calling `pool_free()` - CLEANUP: Stop checking the pointer before calling `task_free()` - CLEANUP: Stop checking the pointer before calling `ring_free()` - BUG/MINOR: cli: clarify error message about stats bind-process - CI: cirrus-ci: bump FreeBSD image to 13-1 - REGTESTS: remove unsupported "stats bind-process" keyword - CI: extend spellchecker whitelist, add "clen" as well - CLEANUP: assorted typo fixes in the code and comments - BUG/MINOR: sock_inet: use SO_REUSEPORT_LB where available - BUG/MINOR: tools: check libssl and libcrypto separately - BUG/MINOR: config: fix NUMA topology detection on FreeBSD - BUILD: sock_inet: forward-declare struct receiver - BUILD: proto_tcp: export the correct names for proto_tcpv[46] - CLEANUP: protocol: move the l3_addrlen to plug a hole in proto_fam - CLEANUP: protocol: move the nb_receivers to plug a hole in protocol - REORG: listener: move the bind_conf's thread setup code to listener.c - MINOR: proxy: make proxy_type_str() recognize peers sections - MEDIUM: peers: call bind_complete_thread_setup() to finish the config - MINOR: protocol: add a flags field to store info about protocols - MINOR: protocol: move the global reuseport flag to the protocols - MINOR: listener: automatically adjust shards based on support for SO_REUSEPORT - MINOR: protocol: add a function to check if some features are supported - MINOR: sock: add a function to check for SO_REUSEPORT support at runtime - MINOR: protocol: perform a live check for SO_REUSEPORT support - MINOR: listener: do not restrict CLI to first group anymore - MINOR: listener: add a new global tune.listener.default-shards setting - MEDIUM: listener: switch the default sharding to by-group |
||
Willy Tarreau
|
768b62857e |
[RELEASE] Released version 2.8-dev7
Released version 2.8-dev7 with the following main changes : - BUG/MINOR: stats: Don't replace sc_shutr() by SE_FL_EOS flag yet - BUG/MEDIUM: mux-h2: Be able to detect connection error during handshake - BUG/MINOR: quic: Missing padding in very short probe packets - MINOR: proxy/pool: prevent unnecessary calls to pool_gc() - CLEANUP: proxy: remove stop_time related dead code - DOC/MINOR: reformat configuration.txt's "quoting and escaping" table - MINOR: http_fetch: Add support for empty delim in url_param - MINOR: http_fetch: add case insensitive support for smp_fetch_url_param - MINOR: http_fetch: Add case-insensitive argument for url_param/urlp_val - REGTESTS : Add test support for case insentitive for url_param - BUG/MEDIUM: proxy/sktable: prevent watchdog trigger on soft-stop - BUG/MINOR: backend: make be_usable_srv() consistent when stopping - BUG/MINOR: ssl: Remove dead code in cli_parse_update_ocsp_response - BUG/MINOR: ssl: Fix potential leak in cli_parse_update_ocsp_response - BUG/MINOR: ssl: ssl-(min|max)-ver parameter not duplicated for bundles in crt-list - BUG/MINOR: quic: Wrong use of now_ms timestamps (cubic algo) - MINOR: quic: Add recovery related information to "show quic" - BUG/MINOR: quic: Wrong use of now_ms timestamps (newreno algo) - BUG/MINOR: quic: Missing max_idle_timeout initialization for the connection - MINOR: quic: Implement cubic state trace callback - MINOR: quic: Adjustments for generic control congestion traces - MINOR: quic: Traces adjustments at proto level. - MEDIUM: quic: Ack delay implementation - BUG/MINOR: quic: Wrong rtt variance computing - MINOR: cli: support filtering on FD types in "show fd" - MINOR: quic: Add a fake congestion control algorithm named "nocc" - CI: run smoke tests on config syntax to check memory related issues - CLEANUP: assorted typo fixes in the code and comments - CI: exclude doc/{design-thoughts,internals} from spell check - BUG/MINOR: quic: Remaining useless statements in cubic slow start callback - BUG/MINOR: quic: Cubic congestion control window may wrap - MINOR: quic: Add missing traces in cubic algorithm implementation - BUG/MAJOR: quic: Congestion algorithms states shared between the connection - BUG/MINOR: ssl: Undefined reference when building with OPENSSL_NO_DEPRECATED - BUG/MINOR: quic: Remove useless BUG_ON() in newreno and cubic algo implementation - MINOR: http-act: emit a warning when a header field name contains forbidden chars - DOC: config: strict-sni allows to start without certificate - MINOR: quic: Add trace to debug idle timer task issues - BUG/MINOR: quic: Unexpected connection closures upon idle timer task execution - BUG/MINOR: quic: Wrong idle timer expiration (during 20s) - BUILD: quic: 32bits compilation issue in cli_io_handler_dump_quic() - BUG/MINOR: quic: Possible wrong PTO computing - BUG/MINOR: tcpcheck: Be able to expect an empty response - BUG/MEDIUM: stconn: Add a missing return statement in sc_app_shutr() - BUG/MINOR: stream: Fix test on channels flags to set clientfin/serverfin touts - MINOR: applet: Uninline appctx_free() - MEDIUM: applet/trace: Register a new trace source with its events - CLEANUP: stconn: Remove remaining debug messages - BUG/MEDIUM: channel: Improve reports for shut in co_getblk() - BUG/MEDIUM: dns: Properly handle error when a response consumed - MINOR: stconn: Remove unecessary test on SE_FL_EOS before receiving data - MINOR: stconn/channel: Move CF_READ_DONTWAIT into the SC and rename it - MINOR: stconn/channel: Move CF_SEND_DONTWAIT into the SC and rename it - MINOR: stconn/channel: Move CF_NEVER_WAIT into the SC and rename it - MINOR: stconn/channel: Move CF_EXPECT_MORE into the SC and rename it - MINOR: mux-pt: Report end-of-input with the end-of-stream after a read - BUG/MINOR: mux-h1: Properly report EOI/ERROR on read0 in h1_rcv_pipe() - CLEANUP: mux-h1/mux-pt: Remove useless test on SE_FL_SHR/SE_FL_SHW flags - MINOR: mux-h1: Report an error to the SE descriptor on truncated message - MINOR: stconn: Always ack EOS at the end of sc_conn_recv() - MINOR: stconn/applet: Handle EOI in the applet .wake callback function - MINOR: applet: No longer set EOI on the SC - MINOR: stconn/applet: Handle EOS in the applet .wake callback function - MEDIUM: cache: Use the sedesc to report and detect end of processing - MEDIUM: cli: Use the sedesc to report and detect end of processing - MINOR: dns: Remove the test on the opposite SC state to send requests - MEDIUM: dns: Use the sedesc to report and detect end of processing - MEDIUM: spoe: Use the sedesc to report and detect end of processing - MEDIUM: hlua/applet: Use the sedesc to report and detect end of processing - MEDIUM: log: Use the sedesc to report and detect end of processing - MEDIUM: peers: Use the sedesc to report and detect end of processing - MINOR: sink: Remove the tests on the opposite SC state to process messages - MEDIUM: sink: Use the sedesc to report and detect end of processing - MEDIUM: stats: Use the sedesc to report and detect end of processing - MEDIUM: promex: Use the sedesc to report and detect end of processing - MEDIUM: http_client: Use the sedesc to report and detect end of processing - MINOR: stconn/channel: Move CF_EOI into the SC and rename it - MEDIUM: tree-wide: Move flags about shut from the channel to the SC - MINOR: tree-wide: Simplifiy some tests on SHUT flags by accessing SCs directly - MINOR: stconn/applet: Add BUG_ON_HOT() to be sure SE_FL_EOS is never set alone - MINOR: server: add SRV_F_DELETED flag - BUG/MINOR: server/del: fix srv->next pointer consistency - BUG/MINOR: stats: properly handle server stats dumping resumption - BUG/MINOR: sink: free forward_px on deinit() - BUG/MINOR: log: free log forward proxies on deinit() - MINOR: server: always call ssl->destroy_srv when available - MINOR: server: correctly free servers on deinit() - BUG/MINOR: hlua: hook yield does not behave as expected - MINOR: hlua: properly handle hlua_process_task HLUA_E_ETMOUT - BUG/MINOR: hlua: enforce proper running context for register_x functions - MINOR: hlua: Fix two functions that return nothing useful - MEDIUM: hlua: Dynamic list of frontend/backend in Lua - MINOR: hlua_fcn: alternative to old proxy and server attributes - MEDIUM: hlua_fcn: dynamic server iteration and indexing - MEDIUM: hlua_fcn/api: remove some old server and proxy attributes - CLEANUP: hlua: fix conflicting comment in hlua_ctx_destroy() - MINOR: hlua: add simple hlua reference handling API - MINOR: hlua: fix return type for hlua_checkfunction() and hlua_checktable() - BUG/MINOR: hlua: fix reference leak in core.register_task() - BUG/MINOR: hlua: fix reference leak in hlua_post_init_state() - BUG/MINOR: hlua: prevent function and table reference leaks on errors - CLEANUP: hlua: use hlua_ref() instead of luaL_ref() - CLEANUP: hlua: use hlua_pushref() instead of lua_rawgeti() - CLEANUP: hlua: use hlua_unref() instead of luaL_unref() - MINOR: hlua: simplify lua locking - BUG/MEDIUM: hlua: prevent deadlocks with main lua lock - MINOR: hlua_fcn: add server->get_rid() method - MINOR: hlua: support for optional arguments to core.register_task() - DOC: lua: silence "literal block ends without a blank line" Sphinx warnings - DOC: lua: silence "Unexpected indentation" Sphinx warnings - BUG/MINOR: event_hdl: fix rid storage type - BUG/MINOR: event_hdl: make event_hdl_subscribe thread-safe - MINOR: event_hdl: global sublist management clarification - BUG/MEDIUM: event_hdl: clean soft-stop handling - BUG/MEDIUM: event_hdl: fix async data refcount issue - MINOR: event_hdl: normal tasks support for advanced async mode - MINOR: event_hdl: add event_hdl_async_equeue_isempty() function - MINOR: event_hdl: add event_hdl_async_equeue_size() function - MINOR: event_hdl: pause/resume for subscriptions - MINOR: proxy: add findserver_unique_id() and findserver_unique_name() - MEDIUM: hlua/event_hdl: initial support for event handlers - MINOR: hlua/event_hdl: per-server event subscription - EXAMPLES: add basic event_hdl lua example script - MINOR: http-ana: Add a HTTP_MSGF flag to state the Expect header was checked - BUG/MINOR: http-ana: Don't switch message to DATA when waiting for payload - BUG/MINOR: quic: Possible crashes in qc_idle_timer_task() - MINOR: quic: derive first DCID from client ODCID - MINOR: quic: remove ODCID dedicated tree - MINOR: quic: remove address concatenation to ODCID - BUG/MINOR: mworker: unset more internal variables from program section - BUG/MINOR: errors: invalid use of memprintf in startup_logs_init() - MINOR: applet: Use unsafe version to get stream from SC in the trace function - BUG/MUNOR: http-ana: Use an unsigned integer for http_msg flags - MINOR: compression: Make compression offload a flag - MINOR: compression: Prepare compression code for request compression - MINOR: compression: Store algo and type for both request and response - MINOR: compression: Count separately request and response compression - MEDIUM: compression: Make it so we can compress requests as well. - BUG/MINOR: lua: remove incorrect usage of strncat() - CLEANUP: tcpcheck: remove the only occurrence of sprintf() in the code - CLEANUP: ocsp: do no use strpcy() to copy a path! - CLEANUP: tree-wide: remove strpcy() from constant strings - CLEANUP: opentracing: remove the last two occurrences of strncat() - BUILD: compiler: fix __equals_1() on older compilers - MINOR: compiler: define a __attribute__warning() macro - BUILD: bug.h: add a warning in the base API when unsafe functions are used - BUG/MEDIUM: listeners: Use the right parameters for strlcpy2(). |
||
Willy Tarreau
|
4c7588dd22 |
[RELEASE] Released version 2.8-dev6
Released version 2.8-dev6 with the following main changes : - BUG/MEDIUM: mux-pt: Set EOS on error on sending path if read0 was received - MINOR: ssl: Change the ocsp update log-format - MINOR: ssl: Use ocsp update task for "update ssl ocsp-response" command - BUG/MINOR: ssl: Fix double free in ocsp update deinit - MINOR: ssl: Accept certpath as param in "show ssl ocsp-response" CLI command - MINOR: ssl: Add certificate path to 'show ssl ocsp-response' output - BUG/MEDIUM: proxy: properly stop backends on soft-stop - BUG/MEDIUM: resolvers: Properly stop server resolutions on soft-stop - DEBUG: cli/show_fd: Display connection error code - DEBUG: ssl-sock/show_fd: Display SSL error code - BUG/MEDIUM: mux-h1: Don't block SE_FL_ERROR if EOS is not reported on H1C - BUG/MINOR: tcp_sample: fix a bug in fc_dst_port and fc_dst_is_local sample fetches - BUG/MINOR: quic: Missing STREAM frame length updates - BUG/MEDIUM: connection: Preserve flags when a conn is removed from an idle list - BUG/MINOR: mux-h2: make sure the h2c task exists before refreshing it - MINOR: buffer: add br_count() to return the number of allocated bufs - MINOR: buffer: add br_single() to check if a buffer ring has more than one buf - BUG/MEDIUM: mux-h2: only restart sending when mux buffer is decongested - BUG/MINOR: mux-h2: set CO_SFL_STREAMER when sending lots of data - BUG/MINOR: quic: Missing STREAM frame data pointer updates - MINOR: stick-table: add sc-add-gpc() to http-after-response - MINOR: doc: missing entries for sc-add-gpc() - BUG/MAJOR: qpack: fix possible read out of bounds in static table - OPTIM: mux-h1: limit first read size to avoid wrapping - MINOR: mux-h2: set CO_SFL_MSG_MORE when sending multiple buffers - MINOR: ssl-sock: pass the CO_SFL_MSG_MORE info down the stack - MINOR: quic: Stop stressing the acknowledgments process (RX ACK frames) - BUG/MINOR: quic: Dysfunctional 01RTT packet number space probing - BUG/MEDIUM: stream: do not try to free a failed stream-conn - BUG/MEDIUM: mux-h2: do not try to free an unallocated h2s->sd - BUG/MEDIUM: mux-h2: erase h2c->wait_event.tasklet on error path - BUG/MEDIUM: stconn: don't set the type before allocation succeeds - BUG/MINOR: stconn: fix sedesc memory leak on stream allocation failure - MINOR: dynbuf: set POOL_F_NO_FAIL on buffer allocation - MINOR: pools: preset the allocation failure rate to 1% with -dMfail - BUG/MEDIUM: mux-h1: properly destroy a partially allocated h1s - BUG/MEDIUM: applet: only set appctx->sedesc on successful allocation - BUG/MINOR: quic: wake up MUX on probing only for 01RTT - BUG/MINOR: quic: ignore congestion window on probing for MUX wakeup - BUILD: thread: implement thread_harmless_end_sig() for threadless builds - BUILD: thread: silence a build warning when threads are disabled - MINOR: debug: support dumping the libs addresses when running in verbose mode - BUG/MINOR: illegal use of the malloc_trim() function if jemalloc is used - BUG/MINOR: trace: fix hardcoded level for TRACE_PRINTF - BUG/MEDIUM: mux-quic: release data from conn flow-control on qcs reset - MINOR: mux-quic: complete traces for qcs emission - MINOR: mux-quic: adjust trace level for MAX_DATA/MAX_STREAM_DATA recv - MINOR: mux-quic: add flow-control info to minimal trace level - MINOR: pools: make sure 'no-memory-trimming' is always used - MINOR: pools: intercept malloc_trim() instead of trying to plug holes - MEDIUM: pools: move the compat code from trim_all_pools() to malloc_trim() - MINOR: pools: export trim_all_pools() - MINOR: pattern: use trim_all_pools() instead of a conditional malloc_trim() - MINOR: tools: relax dlopen() on malloc/free checks - MEDIUM: tools: further relax dlopen() checks too consider grouped symbols - BUG/MINOR: pools: restore detection of built-in allocator - MINOR: pools: report a replaced memory allocator instead of just malloc_trim() - BUG/MINOR: h3: properly handle incomplete remote uni stream type - BUG/MINOR: mux-quic: prevent CC status to be erased by shutdown - MINOR: mux-quic: interrupt qcc_recv*() operations if CC scheduled - MINOR: mux-quic: ensure CONNECTION_CLOSE is scheduled once per conn - MINOR: mux-quic: close on qcs allocation failure - MINOR: mux-quic: close on frame alloc failure - BUG/MINOR: syslog: Request for more data if message was not fully received - BUG/MEDIUM: stats: Consume the request except when parsing the POST payload - DOC: config: set-var() dconv rendering issues - BUG/MEDIUM: mux-h1: Wakeup H1C on shutw if there is no I/O subscription - BUG/MINOR: applet/new: fix sedesc freeing logic - BUG/MINOR: quic: Missing STREAM frame type updated - BUILD: da: extends CFLAGS to support API v3 from 3.1.7 and onwards. - BUG/MINOR: ssl: Stop leaking `err` in ssl_sock_load_ocsp() |
||
Willy Tarreau
|
fc0ad29c29 |
[RELEASE] Released version 2.8-dev5
Released version 2.8-dev5 with the following main changes : - MINOR: ssl: rename confusing ssl_bind_kws - BUG/MINOR: config: crt-list keywords mistaken for bind ssl keywords - BUG/MEDIUM: http-ana: Detect closed SC on opposite side during body forwarding - BUG/MEDIUM: stconn: Don't rearm the read expiration date if EOI was reached - MINOR: global: Add an option to disable the data fast-forward - MINOR: haproxy: Add an command option to disable data fast-forward - REGTESTS: Remove unsupported feature command in http_splicing.vtc - BUG/MEDIUM: wdt: fix wrong thread being checked for sleeping - BUG/MINOR: sched: properly report long_rq when tasks remain in the queue - BUG/MEDIUM: sched: allow a bit more TASK_HEAVY to be processed when needed - MINOR: threads: add flags to know if a thread is started and/or running - MINOR: h3/hq-interop: handle no data in decode_qcs() with FIN set - BUG/MINOR: mux-quic: transfer FIN on empty STREAM frame - BUG/MINOR: mworker: prevent incorrect values in uptime - MINOR: h3: add traces on decode_qcs callback - BUG/MINOR: quic: Possible unexpected counter incrementation on send*() errors - MINOR: quic: Add new traces about by connection RX buffer handling - MINOR: quic: Move code to wakeup the timer task to avoid anti-amplication deadlock - BUG/MINOR: quic: Really cancel the connection timer from qc_set_timer() - MINOR: quic: Simplication for qc_set_timer() - MINOR: quic: Kill the connections on ICMP (port unreachable) packet receipt - MINOR: quic: Add traces to qc_kill_conn() - MINOR: quic: Make qc_dgrams_retransmit() return a status. - BUG/MINOR: quic: Missing call to task_queue() in qc_idle_timer_do_rearm() - MINOR: quic: Add a trace to identify connections which sent Initial packet. - MINOR: quic: Add <pto_count> to the traces - BUG/MINOR: quic: Do not probe with too little Initial packets - BUG/MINOR: quic: Wrong initialization for io_cb_wakeup boolean - BUG/MINOR: quic: Do not drop too small datagrams with Initial packets - BUG/MINOR: quic: Missing padding for short packets - MINOR: quic: adjust request reject when MUX is already freed - BUG/MINOR: quic: also send RESET_STREAM if MUX released - BUG/MINOR: quic: acknowledge STREAM frame even if MUX is released - BUG/MINOR: h3: prevent hypothetical demux failure on int overflow - MEDIUM: h3: enforce GOAWAY by resetting higher unhandled stream - MINOR: mux-quic: define qc_shutdown() - MINOR: mux-quic: define qc_process() - MINOR: mux-quic: implement client-fin timeout - MEDIUM: mux-quic: properly implement soft-stop - MINOR: quic: mark quic-conn as jobs on socket allocation - MEDIUM: quic: trigger fast connection closing on process stopping - MINOR: mux-h2/traces: do not log h2s pointer for dummy streams - MINOR: mux-h2/traces: add a missing TRACE_LEAVE() in h2s_frt_handle_headers() - BUG/MEDIUM: quic: Missing TX buffer draining from qc_send_ppkts() - DEBUG: stream: Add a BUG_ON to never exit process_stream with an expired task - DOC: config: Fix description of options about HTTP connection modes - MINOR: proxy: Only consider backend httpclose option for server connections - BUG/MINOR: haproxy: Fix option to disable the fast-forward - DOC: config: Add the missing tune.fail-alloc option from global listing - MINOR: cfgcond: Implement strstr condition expression - MINOR: cfgcond: Implement enabled condition expression - REGTESTS: Skip http_splicing.vtc script if fast-forward is disabled - REGTESTS: Fix ssl_errors.vtc script to wait for connections close - BUG/MINOR: mworker: stop doing strtok directly from the env - BUG/MEDIUM: mworker: prevent inconsistent reload when upgrading from old versions - BUG/MEDIUM: mworker: don't register mworker_accept_wrapper() when master FD is wrong - MINOR: startup: HAPROXY_STARTUP_VERSION contains the version used to start - BUG/MINOR: cache: Cache response even if request has "no-cache" directive - BUG/MINOR: cache: Check cache entry is complete in case of Vary - MINOR: compiler: add a TOSTR() macro to turn a value into a string - BUG/MINOR: lua/httpclient: missing free in hlua_httpclient_send() - BUG/MEDIUM: httpclient/lua: fix a race between lua GC and hlua_ctx_destroy - MEDIUM: channel: Remove CF_READ_NOEXP flag - MAJOR: channel: Remove flags to report READ or WRITE errors - DEBUG: stream/trace: Add sedesc flags in trace messages - MINOR: channel/stconn: Move rto/wto from the channel to the stconn - MEDIUM: channel/stconn: Move rex/wex timer from the channel to the sedesc - MEDIUM: stconn: Don't requeue the stream's task after I/O - MEDIUM: stconn: Replace read and write timeouts by a unique I/O timeout - MEDIUM: stconn: Add two date to track successful reads and blocked sends - MINOR: applet/stconn: Add a SE flag to specify an endpoint does not expect data - MAJOR: stream: Use SE descriptor date to detect read/write timeouts - MINOR: stream: Dump the task expiration date in trace messages - MINOR: stream: Report rex/wex value using the sedesc date in trace messages - MINOR: stream: Use relative expiration date in trace messages - MINOR: stconn: Always report READ/WRITE event on shutr/shutw - CLEANUP: stconn: Remove old read and write expiration dates - MINOR: stconn: Set half-close timeout using proxy settings - MINOR: stconn: Remove half-closed timeout - REGTESTS: cache: Use rxresphdrs to only get headers for 304 responses - MINOR: stconn: Add functions to set/clear SE_FL_EXP_NO_DATA flag from endpoint - BUG/MINOR: proto_ux: report correct error when bind_listener fails - BUG/MINOR: protocol: fix minor memory leak in protocol_bind_all() - MINOR: proto_uxst: add resume method - MINOR: listener/api: add lli hint to listener functions - MINOR: listener: add relax_listener() function - MINOR: listener: workaround for closing a tiny race between resume_listener() and stopping - MINOR: listener: make sure we don't pause/resume bypassed listeners - BUG/MEDIUM: listener: fix pause_listener() suspend return value handling - BUG/MINOR: listener: fix resume_listener() resume return value handling - BUG/MEDIUM: resume from LI_ASSIGNED in default_resume_listener() - MINOR: listener: pause_listener() becomes suspend_listener() - BUG/MEDIUM: listener/proxy: fix listeners notify for proxy resume - BUG/MINOR: sock_unix: match finalname with tempname in sock_unix_addrcmp() - MEDIUM: proto_ux: properly suspend named UNIX listeners - MINOR: proto_ux: ability to dump ABNS names in error messages - MINOR: haproxy: always protocol unbind on startup error path - BUILD: quic: 32-bits compilation issue with %zu in quic_rx_pkts_del() - BUG/MINOR: ring: do not realign ring contents on resize - MEDIUM: ring: make the offset relative to the head/tail instead of absolute - CLEANUP: ring: remove the now unused ring's offset - MINOR: config: add HAPROXY_BRANCH environment variable - BUILD: thead: Fix several 32 bits compilation issues with uint64_t variables - BUG/MEDIUM: fd: avoid infinite loops in fd_add_to_fd_list and fd_rm_from_fd_list - BUG/MEDIUM: h1-htx: Never copy more than the max data allowed during parsing - BUG/MINOR: stream: Remove BUG_ON about the task expiration in process_stream() - MINOR: stream: Handle stream's timeouts in a dedicated function - MEDIUM: stream: Eventually handle stream timeouts when exiting process_stream() - MINOR: stconn: Report a send activity when endpoint is willing to consume data - BUG/MEDIUM: stconn: Report a blocked send if some output data are not consumed - MEDIUM: mux-h1: Don't expect data from server as long as request is unfinished - MEDIUM: mux-h2: Don't expect data from server as long as request is unfinished - MEDIUM: mux-quic: Don't expect data from server as long as request is unfinished - DOC: config: Clarify the meaning of 'hold' in the 'resolvers' section - DOC: config: Replace TABs by spaces - BUG/MINOR: fd: used the update list from the fd's group instead of tgid - BUG/MEDIUM: fd: make fd_delete() support being called from a different group - CLEANUP: listener: only store conn counts for local threads - MINOR: tinfo: make thread_set functions return nth group/mask instead of first - MEDIUM: quic: improve fatal error handling on send - MINOR: quic: consider EBADF as critical on send() - BUG/MEDIUM: connection: Clear flags when a conn is removed from an idle list - BUG/MINOR: mux-h1: Don't report an error on an early response close - BUG/MINOR: http-check: Don't set HTX_SL_F_BODYLESS flag with a log-format body - BUG/MINOR: http-check: Skip C-L header for empty body when it's not mandatory - BUG/MINOR: http-fetch: recognize IPv6 addresses in square brackets in req.hdr_ip() - REGTEST: added tests covering smp_fetch_hdr_ip() - MINOR: quic: simplify return path in send functions - MINOR: quic: implement qc_notify_send() - MINOR: quic: purge txbuf before preparing new packets - MEDIUM: quic: implement poller subscribe on sendto error - MINOR: quic: notify on send ready - BUG/MINOR: http-ana: Don't increment conn_retries counter before the L7 retry - BUG/MINOR: http-ana: Do a L7 retry on read error if there is no response - BUG/MEDIUM: http-ana: Don't close request side when waiting for response - BUG/MINOR: mxu-h1: Report a parsing error on abort with pending data - MINOR: ssl: Destroy ocsp update http_client during cleanup - MINOR: ssl: Reinsert ocsp update entries later in case of unknown error - MINOR: ssl: Add ocsp update success/failure counters - MINOR: ssl: Store specific ocsp update errors in response and update ctx - MINOR: ssl: Add certificate's path to certificate_ocsp structure - MINOR: ssl: Add 'show ssl ocsp-updates' CLI command - MINOR: ssl: Add sample fetches related to OCSP update - MINOR: ssl: Use dedicated proxy and log-format for OCSP update - MINOR: ssl: Reorder struct certificate_ocsp members - MINOR: ssl: Increment OCSP update replay delay in case of failure - MINOR: ssl: Add way to dump ocsp response in base64 - MINOR: ssl: Add global options to modify ocsp update min/max delay - REGTESTS: ssl: Fix ocsp update crt-lists - REGTESTS: ssl: Add test for new ocsp update cli commands - MINOR: ssl: Add ocsp-update information to "show ssl crt-list" - BUG/MINOR: ssl: Fix ocsp-update when using "add ssl crt-list" - MINOR: ssl: Replace now.tv_sec with date.tv_sec in ocsp update task - BUG/MINOR: ssl: Use 'date' instead of 'now' in ocsp stapling callback - BUG/MEDIUM: quic: properly handle duplicated STREAM frames - BUG/MINOR: cli: fix CLI handler "set anon global-key" call - MINOR: http_ext: adding some documentation, forgot to inline function - BUG/MINOR: quic: Do not send too small datagrams (with Initial packets) - MINOR: quic: Add a BUG_ON_HOT() call for too small datagrams - BUG/MINOR: quic: Ensure to be able to build datagrams to be retransmitted - BUG/MINOR: quic: v2 Initial packets decryption failed - MINOR: quic: Add traces about QUIC TLS key update - BUG/MINOR: quic: Remove force_ack for Initial,Handshake packets - BUG/MINOR: quic: Ensure not to retransmit packets with no ack-eliciting frames - BUG/MINOR: quic: Do not resend already acked frames - BUG/MINOR: quic: Missing detections of amplification limit reached - MINOR: quic: Send PING frames when probing Initial packet number space - BUG/MEDIUM: quic: do not crash when handling STREAM on released MUX - BUG/MAJOR: fd/thread: fix race between updates and closing FD - BUG/MEDIUM: dns: ensure ring offset is properly reajusted to head - BUG/MINOR: mux-quic: properly init STREAM frame as not duplicated - MINOR: quic: Do not accept wrong active_connection_id_limit values - MINOR: quic: Store the next connection IDs sequence number in the connection - MINOR: quic: Typo fix for ACK_ECN frame - MINOR: quic: RETIRE_CONNECTION_ID frame handling (RX) - MINOR: quic: Useless TLS context allocations in qc_do_rm_hp() - MINOR: quic: Add spin bit support - MINOR: quic: Add transport parameters to "show quic" - BUG/MEDIUM: sink/forwarder: ensure ring offset is properly readjusted to head - BUG/MINOR: dns: fix ring offset calculation on first read - BUG/MINOR: dns: fix ring offset calculation in dns_resolve_send() - MINOR: jwt: Add support for RSA-PSS signatures (PS256 algorithm) - MINOR: h3: add traces on h3_init_uni_stream() error paths - MINOR: quic: create a global list dedicated for closing QUIC conns - MINOR: quic: handle new closing list in show quic - MEDIUM: quic: release closing connections on stopping - BUG/MINOR: quic: Wrong RETIRE_CONNECTION_ID sequence number check - MINOR: fd/cli: report the polling mask in "show fd" - CLEANUP: sock: always perform last connection updates before wakeup - MINOR: quic: Do not stress the peer during retransmissions of lost packets - BUG/MINOR: init: properly detect NUMA bindings on large systems - BUG/MINOR: thread: report thread and group counts in the correct order - BUG/MAJOR: fd/threads: close a race on closing connections after takeover - MINOR: debug: add random delay injection with "debug dev delay-inj" - BUG/MINOR: mworker: use MASTER_MAXCONN as default maxconn value - BUG/MINOR: quic: Missing listener accept queue tasklet wakeups - MINOR: quic_sock: un-statify quic_conn_sock_fd_iocb() - DOC: config: fix typo "dependeing" in bind thread description - DOC/CLEANUP: fix typos |
||
Willy Tarreau
|
c80560bae7 |
[RELEASE] Released version 2.8-dev4
Released version 2.8-dev4 with the following main changes : - BUG/MINOR: stats: fix source buffer size for http dump - BUG/MEDIUM: stats: fix resolvers dump - BUG/MINOR: stats: fix ctx->field update in stats_dump_proxy_to_buffer() - BUG/MINOR: stats: fix show stats field ctx for servers - BUG/MINOR: stats: fix STAT_STARTED behavior with full htx - MINOR: quic: Update version_information transport parameter to draft-14 - BUG/MINOR: stats: Prevent HTTP "other sessions" counter underflows - BUG/MEDIUM: thread: fix extraneous shift in the thread_set parser - BUG/MEDIUM: listener/thread: bypass shards setting on failed thread resolution - BUG/MINOR: ssl/crt-list: warn when a line is malformated - BUG/MEDIUM: stick-table: do not leave entries in end of window during purge - BUG/MINOR: clock: do not mix wall-clock and monotonic time in uptime calculation - BUG/MEDIUM: cache: use the correct time reference when comparing dates - MEDIUM: clock: force internal time to wrap early after boot - BUILD: ssl/ocsp: ssl_ocsp-t.h depends on ssl_sock-t.h - MINOR: ssl/ocsp: add a function to check the OCSP update configuration - MINOR: cfgparse/server: move (min/max)conn postparsing logic into dedicated function - BUG/MINOR: server/add: ensure minconn/maxconn consistency when adding server - BUG/MEDIUM: stconn: Schedule a shutw on shutr if data must be sent first - BUG/MEDIUM: quic: fix crash when "option nolinger" is set in the frontend - MINOR: quic: implement a basic "show quic" CLI handler - MINOR: quic: display CIDs and state in "show quic" - MINOR: quic: display socket info on "show quic" - MINOR: quic: display infos about various encryption level on "show quic" - MINOR: quic: display Tx stream info on "show quic" - MINOR: quic: filter closing conn on "show quic" - BUG/MINOR: quic: fix filtering of closing connections on "show quic" - BUG/MEDIUM: stconn: Don't needlessly wake the stream on send during fast-forward - BUG/MINOR: quic: fix type bug on "show quic" for 32-bits arch - BUG/MINOR: mworker: fix uptime for master process - BUG/MINOR: clock/stats: also use start_time not start_date in HTML info - BUG/MEDIUM: stconn: stop to enable/disable reads from streams via si_update_rx - BUG/MEDIUM: quic: Buffer overflow when looking through QUIC CLI keyword list - DOC: proxy-protocol: fix wrong byte in provided example - MINOR: ssl-ckch: Stop to test CF_WRITE_ERROR to commit CA/CRL file - MINOR: bwlim: Remove useless test on CF_READ_ERROR to detect the last packet - BUG/MINOR: http-ana: Fix condition to set LAST termination flag - BUG/MINOR: mux-h1: Don't report an H1C error on client timeout - BUG/MEDIUM: spoe: Don't set the default traget for the SPOE agent frontend - BUG/MINOR: quic: Wrong datagram dispatch because of qc_check_dcid() - BUG/CRITICAL: http: properly reject empty http header field names |
||
Willy Tarreau
|
e74d77b301 |
[RELEASE] Released version 2.8-dev3
Released version 2.8-dev3 with the following main changes : - BUG/MINOR: sink: make sure to always properly unmap a file-backed ring - DEV: haring: add a new option "-r" to automatically repair broken files - BUG/MINOR: ssl: Fix leaks in 'update ssl ocsp-response' CLI command - MINOR: ssl: Remove debug fprintf in 'update ssl ocsp-response' cli command - MINOR: connection: add a BUG_ON() to detect destroying connection in idle list - MINOR: mux-quic/h3: send SETTINGS as soon as transport is ready - BUG/MINOR: h3: fix GOAWAY emission - BUG/MEDIUM: mux-quic: fix crash on H3 SETTINGS emission - BUG/MEDIUM: hpack: fix incorrect huffman decoding of some control chars - BUG/MINOR: log: release global log servers on exit - BUG/MINOR: ring: release the backing store name on exit - BUG/MINOR: sink: free the forwarding task on exit - CLEANUP: trace: remove the QUIC-specific ifdefs - MINOR: trace: add a TRACE_ENABLED() macro to determine if a trace is active - MINOR: trace: add a trace_no_cb() dummy callback for when to use no callback - MINOR: trace: add the long awaited TRACE_PRINTF() - MINOR: h2: add h2_phdr_to_ist() to make ISTs from pseudo headers - MEDIUM: mux-h2/trace: add tracing support for headers - CLEANUP: mux-h2/trace: shorten the name of the header enc/dec functions - DEV: hpack: fix `trash` build regression - MINOR: http_htx: add http_append_header() to append value to header - MINOR: http_htx: add http_prepend_header() to prepend value to header - MINOR: sample: add ARGC_OPT - MINOR: proxy: introduce http only options - MINOR: proxy/http_ext: introduce proxy forwarded option - REGTEST: add ifnone-forwardfor test - MINOR: proxy: move 'forwardfor' option to http_ext - MINOR: proxy: move 'originalto' option to http_ext - MINOR: http_ext: introduce http ext converters - MINOR: http_ext: add rfc7239_is_valid converter - MINOR: http_ext: add rfc7239_field converter - MINOR: http_ext: add rfc7239_n2nn converter - MINOR: http_ext: add rfc7239_n2np converter - REGTEST: add RFC7239 forwarded header tests - OPTIM: http_ext/7239: introduce c_mode to save some space - MINOR: http_ext/7239: warn the user when fetch is not available - MEDIUM: proxy/http_ext: implement dynamic http_ext - MINOR: cfgparse/http_ext: move post-parsing http_ext steps to http_ext - DOC: config: fix option spop-check proxy compatibility - BUG/MINOR: fcgi-app: prevent 'use-fcgi-app' in default section - DOC: config: 'http-send-name-header' option may be used in default section - BUG/MINOR: mux-h2: Fix possible null pointer deref on h2c in _h2_trace_header() - BUG/MINOR: http_ext/7239: ipv6 dumping relies on out of scope variables - BUG/MEDIUM: h3: do not crash if no buf space for trailers - OPTIM: h3: skip buf realign if no trailer to encode - MINOR: mux-quic/h3: define stream close callback - BUG/MEDIUM: h3: handle STOP_SENDING on control stream - BUG/MINOR: h3: reject RESET_STREAM received for control stream - MINOR: h3: add missing traces on closure - BUG/MEDIUM: ssl: wrong eviction from the session cache tree - BUG/MINOR: h3: fix crash due to h3 traces - BUG/MINOR: h3: fix crash due to h3 traces - BUG/MEDIUM: thread: consider secondary threads as idle+harmless during boot - BUG/MINOR: stats: use proper buffer size for http dump - BUILD: makefile: fix PCRE overriding specific lib path - MINOR: quic: remove fin from quic_stream frame type - MINOR: quic: ensure offset is properly set for STREAM frames - MINOR: quic: define new functions for frame alloc - MINOR: quic: refactor frame deallocation - MEDIUM: quic: implement a retransmit limit per frame - MINOR: quic: add config for retransmit limit - OPTIM: htx: inline the most common memcpy(8) - CLEANUP: quic: no need for atomics on packet refcnt - MINOR: stats: add by HTTP version cumulated number of sessions and requests - BUG/MINOR: quic: Possible stream truncations under heavy loss - BUG/MINOR: quic: Too big PTO during handshakes - MINOR: quic: Add a trace about variable states in qc_prep_fast_retrans() - BUG/MINOR: quic: Do not ignore coalesced packets in qc_prep_fast_retrans() - MINOR: quic: When probing Handshake packet number space, also probe the Initial one - BUG/MAJOR: quic: Possible crash when processing 1-RTT during 0-RTT session - MEDIUM: quic: Remove qc_conn_finalize() from the ClientHello TLS callbacks - BUG/MINOR: quic: Unchecked source connection ID - MEDIUM: listener: move the analysers mask to the bind_conf - MINOR: listener: move maxseg and tcp_ut to bind_conf - MINOR: listener: move maxaccept from listener to bind_conf - MINOR: listener: move the backlog setting from listener to bind_conf - MINOR: listener: move the maxconn parameter to the bind_conf - MINOR: listener: move the ->accept callback to the bind_conf - MINOR: listener: remove the useless ->default_target field - MINOR: listener: move the nice field to the bind_conf - MINOR: listener: move the NOLINGER option to the bind_conf - MINOR: listener: move the NOQUICKACK option to the bind_conf - MINOR: listener: move the DEF_ACCEPT option to the bind_conf - MINOR: listener: move TCP_FO to bind_conf - MINOR: listener: move the ACC_PROXY and ACC_CIP options to bind_conf - MINOR: listener: move LI_O_UNLIMITED and LI_O_NOSTOP to bind_conf - MINOR: listener: get rid of LI_O_TCP_L4_RULES and LI_O_TCP_L5_RULES - CLEANUP: listener: remove the now unused options field - MINOR: listener: remove the now useless LI_F_QUIC_LISTENER flag - CLEANUP: config: remove test for impossible case regarding bind thread mask - MINOR: thread: add a simple thread_set API - MEDIUM: listener/config: make the "thread" parser rely on thread_sets - CLEANUP: config: stop using bind_tgroup and bind_thread - CLEANUP: listener/thread: remove now unused bind_conf's bind_tgroup/bind_thread - CLEANUP: listener/config: remove the special case for shards==1 - MEDIUM: config: restrict shards, not bind_conf to one group each - BUG/MEDIUM: quic: do not split STREAM frames if no space - BUILD: thread: fix build warnings with older gcc compilers |
||
Willy Tarreau
|
0f29b34e0a |
[RELEASE] Released version 2.8-dev2
Released version 2.8-dev2 with the following main changes : - CLEANUP: htx: fix a typo in an error message of http_str_to_htx - DOC: config: added optional rst-ttl argument to silent-drop in action lists - BUG/MINOR: ssl: Fix crash in 'update ssl ocsp-response' CLI command - BUG/MINOR: ssl: Crash during cleanup because of ocsp structure pointer UAF - MINOR: ssl: Create temp X509_STORE filled with cert chain when checking ocsp response - MINOR: ssl: Only set ocsp->issuer if issuer not in cert chain - MINOR: ssl: Release ssl_ocsp_task_ctx.cur_ocsp when destroying task - MINOR: ssl: Detect more OCSP update inconsistencies - BUG/MINOR: ssl: Fix OCSP_CERTID leak when same certificate is used multiple times - MINOR: ssl: Limit ocsp_uri buffer size to minimum - MINOR: ssl: Remove mention of ckch_store in error message of cli command - MINOR: channel: Don't test CF_READ_NULL while CF_SHUTR is enough - REORG: channel: Rename CF_READ_NULL to CF_READ_EVENT - REORG: channel: Rename CF_WRITE_NULL to CF_WRITE_EVENT - MEDIUM: channel: Use CF_READ_EVENT instead of CF_READ_PARTIAL - MEDIUM: channel: Use CF_WRITE_EVENT instead of CF_WRITE_PARTIAL - MINOR: channel: Remove CF_READ_ACTIVITY - MINOR: channel: Remove CF_WRITE_ACTIVITY - MINOR: channel: Remove CF_ANA_TIMEOUT and report CF_READ_EVENT instead - MEDIUM: channel: Remove CF_READ_ATTACHED and report CF_READ_EVENT instead - MINOR: channel: Stop to test CF_READ_ERROR flag if CF_SHUTR is enough - MINOR: channel/applets: Stop to test CF_WRITE_ERROR flag if CF_SHUTW is enough - DOC: management: add details on "Used" status - DOC: management: add details about @system-ca in "show ssl ca-file" - BUG/MINOR: mux-quic: fix transfer of empty HTTP response - MINOR: mux-quic: add traces for flow-control limit reach - MAJOR: mux-quic: rework stream sending priorization - MEDIUM: h3: send SETTINGS before STREAM frames - MINOR: mux-quic: use send-list for STOP_SENDING/RESET_STREAM emission - MINOR: mux-quic: use send-list for immediate sending retry - BUG/MINOR: h1-htx: Remove flags about protocol upgrade on non-101 responses - BUG/MINOR: hlua: Fix Channel.line and Channel.data behavior regarding the doc - BUG/MINOR: resolvers: Wait the resolution execution for a do_resolv action - BUG/MINOR: ssl: Remove unneeded pointer check in ocsp cli release function - BUG/MINOR: ssl: Missing ssl_conf pointer check when checking ocsp update inconsistencies - DEV: tcploop: add minimal support for unix sockets - BUG/MEDIUM: listener: duplicate inherited FDs if needed - BUG/MINOR: ssl: OCSP minimum update threshold not properly set - MINOR: ssl: Treat ocsp-update inconsistencies as fatal errors - MINOR: ssl: Do not wake ocsp update task if update tree empty - MINOR: ssl: Reinsert updated ocsp response later in tree in case of http error - REGTEST: ssl: Add test for 'update ssl ocsp-response' CLI command - OPTIM: global: move byte counts out of global and per-thread - BUG/MEDIUM: peers: make "show peers" more careful about partial initialization - BUG/MINOR: promex: Don't forget to consume the request on error - MINOR: http-ana: Add a function to set HTTP termination flags - MINOR: http-ana: Use http_set_term_flags() in most of HTTP analyzers - BUG/MINOR: http-ana: Report SF_FINST_R flag on error waiting the request body - MINOR: http-ana: Use http_set_term_flags() when waiting the request body - BUG/MINOR: http-fetch: Don't block HTTP sample fetch eval in HTTP_MSG_ERROR state - MAJOR: http-ana: Review error handling during HTTP payload forwarding - CLEANUP: http-ana: Remove HTTP_MSG_ERROR state - BUG/MEDIUM: mux-h2: Don't send CANCEL on shutw when response length is unkown - MINOR: htx: Add an HTX value for the extra field is payload length is unknown - BUG/MINOR: http-ana: make set-status also update txn->status - BUG/MINOR: listeners: fix suspend/resume of inherited FDs - DOC: config: fix wrong section number for "protocol prefixes" - DOC: config: fix aliases for protocol prefixes "udp4@" and "udp6@" - DOC: config: mention the missing "quic4@" and "quic6@" in protocol prefixes - MINOR: listener: also support "quic+" as an address prefix - CLEANUP: stconn: always use se_fl_set_error() to set the pending error - BUG/MEDIUM: stconn: also consider SE_FL_EOI to switch to SE_FL_ERROR - MINOR: quic: Useless test about datagram destination addresses - MINOR: quic: Disable the active connection migrations - MINOR: quic: Add "no-quic" global option - MINOR: sample: Add "quic_enabled" sample fetch - MINOR: quic: Replace v2 draft definitions by those of the final 2 version - BUG/MINOR: mux-fcgi: Correctly set pathinfo - DOC: config: fix "Address formats" chapter syntax - BUG/MEDIUM: jwt: Properly process ecdsa signatures (concatenated R and S params) - BUILD: ssl: add ECDSA_SIG_set0() for openssl < 1.1 or libressl < 2.7 - Revert "BUILD: ssl: add ECDSA_SIG_set0() for openssl < 1.1 or libressl < 2.7" - BUG/MINOR: ssl: Fix compilation with OpenSSL 1.0.2 (missing ECDSA_SIG_set0) - BUG/MINOR: listener: close tiny race between resume_listener() and stopping - BUG/MINOR: h3: properly handle connection headers - MINOR: h3: extend function for QUIC varint encoding - MINOR: h3: implement TRAILERS encoding - BUG/MINOR: bwlim: Check scope for period expr for set-bandwitdh-limit actions - MEDIUM: bwlim: Support constants limit or period on set-bandwidth-limit actions - BUG/MINOR: bwlim: Fix parameters check for set-bandwidth-limit actions - MINOR: h3: implement TRAILERS decoding - BUG/MEDIUM: fd/threads: fix again incorrect thread selection in wakeup broadcast - BUG/MINOR: thread: always reload threads_enabled in loops - MINOR: threads: add a thread_harmless_end() version that doesn't wait - BUG/MEDIUM: debug/thread: make the debug handler not wait for !rdv_requests - BUG/MINOR: mux-h2: make sure to produce a log on invalid requests - BUG/MINOR: mux-h2: add missing traces on failed headers decoding - BUILD: hpack: include global.h for the trash that is needed in debug mode - BUG/MINOR: jwt: Wrong return value checked - BUG/MINOR: quic: Do not request h3 clients to close its unidirection streams - MEDIUM: quic-sock: fix udp source address for send on listener socket |
||
Willy Tarreau
|
40c88f997f |
[RELEASE] Released version 2.8-dev1
Released version 2.8-dev1 with the following main changes : - MEDIUM: 51d: add support for 51Degrees V4 with Hash algorithm - MINOR: debug: support pool filtering on "debug dev memstats" - MINOR: debug: add a balance of alloc - free at the end of the memstats dump - LICENSE: wurfl: clarify the dummy library license. - MINOR: event_hdl: add event handler base api - DOC/MINOR: api: add documentation for event_hdl feature - MEDIUM: ssl: rename the struct "cert_key_and_chain" to "ckch_data" - MINOR: quic: remove qc from quic_rx_packet - MINOR: quic: complete traces in qc_rx_pkt_handle() - MINOR: quic: extract datagram parsing code - MINOR: tools: add port for ipcmp as optional criteria - MINOR: quic: detect connection migration - MINOR: quic: ignore address migration during handshake - MINOR: quic: startup detect for quic-conn owned socket support - MINOR: quic: test IP_PKTINFO support for quic-conn owned socket - MINOR: quic: define config option for socket per conn - MINOR: quic: allocate a socket per quic-conn - MINOR: quic: use connection socket for emission - MEDIUM: quic: use quic-conn socket for reception - MEDIUM: quic: move receive out of FD handler to quic-conn io-cb - MINOR: mux-quic: rename duplicate function names - MEDIUM: quic: requeue datagrams received on wrong socket - MINOR: quic: reconnect quic-conn socket on address migration - MINOR: quic: activate socket per conn by default - BUG/MINOR: ssl: initialize SSL error before parsing - BUG/MINOR: ssl: initialize WolfSSL before parsing - BUG/MINOR: quic: fix fd leak on startup check quic-conn owned socket - BUG/MEDIIM: stconn: Flush output data before forwarding close to write side - MINOR: server: add srv->rid (revision id) value - MINOR: stats: add server revision id support - MINOR: server/event_hdl: add support for SERVER_ADD and SERVER_DEL events - MINOR: server/event_hdl: add support for SERVER_UP and SERVER_DOWN events - BUG/MEDIUM: checks: do not reschedule a possibly running task on state change - BUG/MINOR: checks: make sure fastinter is used even on forced transitions - CLEANUP: assorted typo fixes in the code and comments - MINOR: mworker: display an alert upon a wait-mode exit - BUG/MEDIUM: mworker: fix segv in early failure of mworker mode with peers - BUG/MEDIUM: mworker: create the mcli_reload socketpairs in case of upgrade - BUG/MINOR: checks: restore legacy on-error fastinter behavior - MINOR: check: use atomic for s->consecutive_errors - MINOR: stats: properly handle ST_F_CHECK_DURATION metric - MINOR: mworker: remove unused legacy code in mworker_cleanlisteners - MINOR: peers: unused code path in process_peer_sync - BUG/MINOR: init/threads: continue to limit default thread count to max per group - CLEANUP: init: remove useless assignment of nbthread - BUILD: atomic: atomic.h may need compiler.h on ARMv8.2-a - BUILD: makefile/da: also clean Os/ in Device Atlas dummy lib dir - BUG/MEDIUM: httpclient/lua: double LIST_DELETE on end of lua task - CLEANUP: pools: move the write before free to the uaf-only function - CLEANUP: pool: only include pool-os from pool.c not pool.h - REORG: pool: move all the OS specific code to pool-os.h - CLEANUP: pools: get rid of CONFIG_HAP_POOLS - DEBUG: pool: show a few examples in -dMhelp - MINOR: pools: make DEBUG_UAF a runtime setting - BUG/MINOR: promex: create haproxy_backend_agg_server_status - MINOR: promex: introduce haproxy_backend_agg_check_status - DOC: promex: Add missing backend metrics - BUG/MAJOR: fcgi: Fix uninitialized reserved bytes - REGTESTS: fix the race conditions in iff.vtc - CI: github: reintroduce openssl 1.1.1 - BUG/MINOR: quic: properly handle alloc failure in qc_new_conn() - BUG/MINOR: quic: handle alloc failure on qc_new_conn() for owned socket - CLEANUP: mux-quic: remove unused attribute on qcs_is_close_remote() - BUG/MINOR: mux-quic: remove qcs from opening-list on free - BUG/MINOR: mux-quic: handle properly alloc error in qcs_new() - CI: github: split ssl lib selection based on git branch - REGTESTS: startup: check maxconn computation - BUG/MINOR: startup: don't use internal proxies to compute the maxconn - REGTESTS: startup: change the expected maxconn to 11000 - CI: github: set ulimit -n to a greater value - REGTESTS: startup: activate automatic_maxconn.vtc - MINOR: sample: add param converter - CLEANUP: ssl: remove check on srv->proxy - BUG/MEDIUM: freq-ctr: Don't compute overshoot value for empty counters - BUG/MEDIUM: resolvers: Use tick_first() to update the resolvers task timeout - REGTESTS: startup: add alternatives values in automatic_maxconn.vtc - BUG/MEDIUM: h3: reject request with invalid header name - BUG/MEDIUM: h3: reject request with invalid pseudo header - MINOR: http: extract content-length parsing from H2 - BUG/MEDIUM: h3: parse content-length and reject invalid messages - CI: github: remove redundant ASAN loop - CI: github: split matrix for development and stable branches - BUG/MEDIUM: mux-h1: Don't release H1 stream upgraded from TCP on error - BUG/MINOR: mux-h1: Fix test instead a BUG_ON() in h1_send_error() - MINOR: http-htx: add BUG_ON to prevent API error on http_cookie_register - BUG/MEDIUM: h3: fix cookie header parsing - BUG/MINOR: h3: fix memleak on HEADERS parsing failure - MINOR: h3: check return values of htx_add_* on headers parsing - MINOR: ssl: Remove unneeded buffer allocation in show ocsp-response - MINOR: ssl: Remove unnecessary alloc'ed trash chunk in show ocsp-response - BUG/MINOR: ssl: Fix memory leak of find_chain in ssl_sock_load_cert_chain - MINOR: stats: provide ctx for dumping functions - MINOR: stats: introduce stats field ctx - BUG/MINOR: stats: fix show stat json buffer limitation - MINOR: stats: make show info json future-proof - BUG/MINOR: quic: fix crash on PTO rearm if anti-amplification reset - BUILD: 51d: fix build issue with recent compilers - REGTESTS: startup: disable automatic_maxconn.vtc - BUILD: peers: peers-t.h depends on stick-table-t.h - BUG/MEDIUM: tests: use tmpdir to create UNIX socket - BUG/MINOR: mux-h1: Report EOS on parsing/internal error for not running stream - BUG/MINOR:: mux-h1: Never handle error at mux level for running connection - BUG/MEDIUM: stats: Rely on a local trash buffer to dump the stats - OPTIM: pool: split the read_mostly from read_write parts in pool_head - MINOR: pool: make the thread-local hot cache size configurable - MINOR: freq_ctr: add opportunistic versions of swrate_add() - MINOR: pool: only use opportunistic versions of the swrate_add() functions - REGTESTS: ssl: enable the ssl_reuse.vtc test for WolfSSL - BUG/MEDIUM: mux-quic: fix double delete from qcc.opening_list - BUG/MEDIUM: quic: properly take shards into account on bind lines - BUG/MINOR: quic: do not allocate more rxbufs than necessary - MINOR: ssl: Add a lock to the OCSP response tree - MINOR: httpclient: Make the CLI flags public for future use - MINOR: ssl: Add helper function that extracts an OCSP URI from a certificate - MINOR: ssl: Add OCSP request helper function - MINOR: ssl: Add helper function that checks the validity of an OCSP response - MINOR: ssl: Add "update ssl ocsp-response" cli command - MEDIUM: ssl: Add ocsp_certid in ckch structure and discard ocsp buffer early - MINOR: ssl: Add ocsp_update_tree and helper functions - MINOR: ssl: Add crt-list ocsp-update option - MINOR: ssl: Store 'ocsp-update' mode in the ckch_data and check for inconsistencies - MEDIUM: ssl: Insert ocsp responses in update tree when needed - MEDIUM: ssl: Add ocsp update task main function - MEDIUM: ssl: Start update task if at least one ocsp-update option is set to on - DOC: ssl: Add documentation for ocsp-update option - REGTESTS: ssl: Add tests for ocsp auto update mechanism - MINOR: ssl: Move OCSP code to a dedicated source file - BUG/MINOR: ssl/ocsp: check chunk_strcpy() in ssl_ocsp_get_uri_from_cert() - CLEANUP: ssl/ocsp: add spaces around operators - BUG/MEDIUM: mux-h2: Refuse interim responses with end-stream flag set - BUG/MINOR: pool/stats: Use ullong to report total pool usage in bytes in stats - BUG/MINOR: ssl/ocsp: httpclient blocked when doing a GET - MINOR: httpclient: don't add body when istlen is empty - MEDIUM: httpclient: change the default log format to skip duplicate proxy data - BUG/MINOR: httpclient/log: free of invalid ptr with httpclient_log_format - MEDIUM: mux-quic: implement shutw - MINOR: mux-quic: do not count stream flow-control if already closed - MINOR: mux-quic: handle RESET_STREAM reception - MEDIUM: mux-quic: implement STOP_SENDING emission - MINOR: h3: use stream error when needed instead of connection - CI: github: enable github api authentication for OpenSSL tags read - BUG/MINOR: mux-quic: ignore remote unidirectional stream close - CI: github: use the GITHUB_TOKEN instead of a manually generated token - BUILD: makefile: build the features list dynamically - BUILD: makefile: move common options-oriented macros to include/make/options.mk - BUILD: makefile: sort the features list - BUILD: makefile: initialize all build options' variables at once - BUILD: makefile: add a function to collect all options' CFLAGS/LDFLAGS - BUILD: makefile: start to automatically collect CFLAGS/LDFLAGS - BUILD: makefile: ensure that all USE_* handlers appear before CFLAGS are used - BUILD: makefile: clean the wolfssl include and lib generation rules - BUILD: makefile: make sure to also ignore SSL_INC when using wolfssl - BUILD: makefile: reference libdl only once - BUILD: makefile: make sure LUA_INC and LUA_LIB are always initialized - BUILD: makefile: do not restrict Lua's prepend path to empty LUA_LIB_NAME - BUILD: makefile: never force -latomic, set USE_LIBATOMIC instead - BUILD: makefile: add an implicit USE_MATH variable for -lm - BUILD: makefile: properly report USE_PCRE/USE_PCRE2 in features - CLEANUP: makefile: properly indent ifeq/ifneq conditional blocks - BUILD: makefile: rework 51D to split v3/v4 - BUILD: makefile: support LIBCRYPT_LDFLAGS - BUILD: makefile: support RT_LDFLAGS - BUILD: makefile: support THREAD_LDFLAGS - BUILD: makefile: support BACKTRACE_LDFLAGS - BUILD: makefile: support SYSTEMD_LDFLAGS - BUILD: makefile: support ZLIB_CFLAGS and ZLIB_LDFLAGS - BUILD: makefile: support ENGINE_CFLAGS - BUILD: makefile: support OPENSSL_CFLAGS and OPENSSL_LDFLAGS - BUILD: makefile: support WOLFSSL_CFLAGS and WOLFSSL_LDFLAGS - BUILD: makefile: support LUA_CFLAGS and LUA_LDFLAGS - BUILD: makefile: support DEVICEATLAS_CFLAGS and DEVICEATLAS_LDFLAGS - BUILD: makefile: support PCRE[2]_CFLAGS and PCRE[2]_LDFLAGS - BUILD: makefile: refactor support for 51DEGREES v3/v4 - BUILD: makefile: support WURFL_CFLAGS and WURFL_LDFLAGS - BUILD: makefile: make all OpenSSL variants use the same settings - BUILD: makefile: remove the special case of the SSL option - BUILD: makefile: only consider settings from enabled options - BUILD: makefile: also list per-option settings in 'make opts' - BUG/MINOR: debug: don't mask the TH_FL_STUCK flag before dumping threads - MINOR: cfgparse-ssl: avoid a possible crash on OOM in ssl_bind_parse_npn() - BUG/MINOR: ssl: Missing goto in error path in ocsp update code - BUG/MINOR: stick-table: report the correct action name in error message - CI: Improve headline in matrix.py - CI: Add in-memory cache for the latest OpenSSL/LibreSSL - CI: Use proper `if` blocks instead of conditional expressions in matrix.py - CI: Unify the `GITHUB_TOKEN` name across matrix.py and vtest.yml - CI: Explicitly check environment variable against `None` in matrix.py - CI: Reformat `matrix.py` using `black` - MINOR: config: add environment variables for default log format - REGTESTS: Remove REQUIRE_VERSION=1.9 from all tests - REGTESTS: Remove REQUIRE_VERSION=2.0 from all tests - REGTESTS: Remove tests with REQUIRE_VERSION_BELOW=1.9 - BUG/MINOR: http-fetch: Only fill txn status during prefetch if not already set - BUG/MAJOR: buf: Fix copy of wrapping output data when a buffer is realigned - DOC: config: fix alphabetical ordering of http-after-response rules - MINOR: http-rules: Add missing actions in http-after-response ruleset - DOC: config: remove duplicated "http-response sc-set-gpt0" directive - BUG/MINOR: proxy: free orgto_hdr_name in free_proxy() - REGTEST: fix the race conditions in json_query.vtc - REGTEST: fix the race conditions in add_item.vtc - REGTEST: fix the race conditions in digest.vtc - REGTEST: fix the race conditions in hmac.vtc - BUG/MINOR: fd: avoid bad tgid assertion in fd_delete() from deinit() - BUG/MINOR: http: Memory leak of http redirect rules' format string - MEDIUM: stick-table: set the track-sc limit at boottime via tune.stick-counters - MINOR: stick-table: implement the sc-add-gpc() action |
||
Willy Tarreau
|
eaded987ee |
[RELEASE] Released version 2.8-dev0
Released version 2.8-dev0 with the following main changes : - MINOR: version: mention that it's development again |