[RELEASE] Released version 2.6.8

Released version 2.6.8 with the following main changes : - BUG/MINOR: http-htx: Don't consider an URI as normalized after a set-uri action - BUG/MEDIIM: stconn: Flush output data before forwarding close to write side - CI: github: reintroduce openssl 1.1.1 - CI: github: split ssl lib selection based on git branch - BUILD: peers: peers-t.h depends on stick-table-t.h - BUG/MEDIUM: ssl: Verify error codes can exceed 63 - BUG/MINOR: ssl: Fix potential overflow - MINOR: mworker: display an alert upon a wait-mode exit - BUG/MEDIUM: mworker: fix segv in early failure of mworker mode with peers - BUILD: makefile/da: also clean Os/ in Device Atlas dummy lib dir - BUG/MEDIUM: httpclient/lua: double LIST_DELETE on end of lua task - BUG/MINOR: promex: create haproxy_backend_agg_server_status - MINOR: promex: introduce haproxy_backend_agg_check_status - DOC: promex: Add missing backend metrics - BUG/MAJOR: fcgi: Fix uninitialized reserved bytes - REGTESTS: fix the race conditions in iff.vtc - REGTESTS: startup: check maxconn computation - BUG/MINOR: startup: don't use internal proxies to compute the maxconn - CI: github: set ulimit -n to a greater value - REGTESTS: startup: activate automatic_maxconn.vtc - BUG/MEDIUM: resolvers: Use tick_first() to update the resolvers task timeout - REGTESTS: startup: change the expected maxconn to 11000 - REGTESTS: startup: add alternatives values in automatic_maxconn.vtc - BUG/MEDIUM: h3: reject request with invalid header name - BUG/MEDIUM: h3: reject request with invalid pseudo header - MINOR: http: extract content-length parsing from H2 - BUG/MEDIUM: h3: parse content-length and reject invalid messages - CI: github: remove redundant ASAN loop - CI: github: split matrix for development and stable branches - BUG/MINOR: quic: properly handle alloc failure in qc_new_conn() - BUG/MINOR: mux-quic: remove qcs from opening-list on free - BUG/MINOR: mux-quic: handle properly alloc error in qcs_new() - LICENSE: wurfl: clarify the dummy library license. - BUG/MEDIUM: h3: fix cookie header parsing - BUG/MINOR: h3: fix memleak on HEADERS parsing failure - BUG/MINOR: ssl: Fix memory leak of find_chain in ssl_sock_load_cert_chain - MINOR: stats: provide ctx for dumping functions - MINOR: stats: introduce stats field ctx - BUG/MINOR: stats: fix show stat json buffer limitation - BUG/MINOR: quic: fix crash on PTO rearm if anti-amplification reset - REGTESTS: startup: disable automatic_maxconn.vtc - BUG/MEDIUM: tests: use tmpdir to create UNIX socket - BUG/MEDIUM: stats: Rely on a local trash buffer to dump the stats - OPTIM: pool: split the read_mostly from read_write parts in pool_head - BUG/MEDIUM: mux-quic: fix double delete from qcc.opening_list - BUG/MEDIUM: mux-h2: Refuse interim responses with end-stream flag set - BUG/MINOR: pool/stats: Use ullong to report total pool usage in bytes in stats - BUG/MINOR: mux-quic: ignore remote unidirectional stream close - BUILD: makefile: build the features list dynamically - BUILD: makefile: sort the features list - BUG/MINOR: stick-table: report the correct action name in error message - BUG/MINOR: http-fetch: Only fill txn status during prefetch if not already set - BUG/MAJOR: buf: Fix copy of wrapping output data when a buffer is realigned - DOC: config: fix alphabetical ordering of http-after-response rules - DOC: config: remove duplicated "http-response sc-set-gpt0" directive - BUG/MINOR: proxy: free orgto_hdr_name in free_proxy() - REGTEST: fix the race conditions in json_query.vtc - REGTEST: fix the race conditions in add_item.vtc - REGTEST: fix the race conditions in digest.vtc - REGTEST: fix the race conditions in hmac.vtc - BUG/MINOR: http: Memory leak of http redirect rules' format string - CLEANUP: htx: fix a typo in an error message of http_str_to_htx - DOC: management: add details on "Used" status - DOC: management: add details about @system-ca in "show ssl ca-file" - BUG/MINOR: mux-quic: fix transfer of empty HTTP response - MINOR: mux-quic: add traces for flow-control limit reach - BUG/MINOR: h1-htx: Remove flags about protocol upgrade on non-101 responses - BUG/MINOR: hlua: Fix Channel.line and Channel.data behavior regarding the doc - BUG/MINOR: resolvers: Wait the resolution execution for a do_resolv action - BUG/MEDIUM: peers: make "show peers" more careful about partial initialization - BUG/MINOR: promex: Don't forget to consume the request on error - BUG/MINOR: http-ana: Report SF_FINST_R flag on error waiting the request body - BUG/MINOR: http-fetch: Don't block HTTP sample fetch eval in HTTP_MSG_ERROR state - BUG/MINOR: http-ana: make set-status also update txn->status - BUG/MINOR: listeners: fix suspend/resume of inherited FDs - DOC: config: fix wrong section number for "protocol prefixes" - DOC: config: fix aliases for protocol prefixes "udp4@" and "udp6@" - DOC: config: mention the missing "quic4@" and "quic6@" in protocol prefixes - BUG/MINOR: mux-fcgi: Correctly set pathinfo - DOC: config: fix "Address formats" chapter syntax - BUG/MEDIUM: jwt: Properly process ecdsa signatures (concatenated R and S params) - BUG/MINOR: ssl: Fix compilation with OpenSSL 1.0.2 (missing ECDSA_SIG_set0) - BUG/MINOR: listener: close tiny race between resume_listener() and stopping - BUG/MINOR: h3: properly handle connection headers - BUG/MINOR: mux-h2: make sure to produce a log on invalid requests - BUG/MINOR: mux-h2: add missing traces on failed headers decoding - BUILD: hpack: include global.h for the trash that is needed in debug mode - BUG/MINOR: jwt: Wrong return value checked - BUG/MINOR: quic: Do not request h3 clients to close its unidirection streams - MINOR: h1: Consider empty port as invalid in authority for CONNECT - MINOR: http: Considere empty ports as valid default ports - BUG/MINOR: h1: Replace authority validation to conform RFC3986 - REG-TESTS: http: Add more tests about authority/host matching - BUG/MINOR: http-htx: Normalized absolute URIs with an empty port
2023-01-24 09:46:44 +01:00 · 2023-01-24 09:46:44 +01:00 · ab6ee7fdbe
commit ab6ee7fdbe
parent 21a488e6f5
5 changed files with 100 additions and 4 deletions
--- a/96
+++ b/96
@ -1,6 +1,102 @@
 ChangeLog :
 ===========

+2023/01/24 : 2.6.8
+    - BUG/MINOR: http-htx: Don't consider an URI as normalized after a set-uri action
+    - BUG/MEDIIM: stconn: Flush output data before forwarding close to write side
+    - CI: github: reintroduce openssl 1.1.1
+    - CI: github: split ssl lib selection based on git branch
+    - BUILD: peers: peers-t.h depends on stick-table-t.h
+    - BUG/MEDIUM: ssl: Verify error codes can exceed 63
+    - BUG/MINOR: ssl: Fix potential overflow
+    - MINOR: mworker: display an alert upon a wait-mode exit
+    - BUG/MEDIUM: mworker: fix segv in early failure of mworker mode with peers
+    - BUILD: makefile/da: also clean Os/ in Device Atlas dummy lib dir
+    - BUG/MEDIUM: httpclient/lua: double LIST_DELETE on end of lua task
+    - BUG/MINOR: promex: create haproxy_backend_agg_server_status
+    - MINOR: promex: introduce haproxy_backend_agg_check_status
+    - DOC: promex: Add missing backend metrics
+    - BUG/MAJOR: fcgi: Fix uninitialized reserved bytes
+    - REGTESTS: fix the race conditions in iff.vtc
+    - REGTESTS: startup: check maxconn computation
+    - BUG/MINOR: startup: don't use internal proxies to compute the maxconn
+    - CI: github: set ulimit -n to a greater value
+    - REGTESTS: startup: activate automatic_maxconn.vtc
+    - BUG/MEDIUM: resolvers: Use tick_first() to update the resolvers task timeout
+    - REGTESTS: startup: change the expected maxconn to 11000
+    - REGTESTS: startup: add alternatives values in automatic_maxconn.vtc
+    - BUG/MEDIUM: h3: reject request with invalid header name
+    - BUG/MEDIUM: h3: reject request with invalid pseudo header
+    - MINOR: http: extract content-length parsing from H2
+    - BUG/MEDIUM: h3: parse content-length and reject invalid messages
+    - CI: github: remove redundant ASAN loop
+    - CI: github: split matrix for development and stable branches
+    - BUG/MINOR: quic: properly handle alloc failure in qc_new_conn()
+    - BUG/MINOR: mux-quic: remove qcs from opening-list on free
+    - BUG/MINOR: mux-quic: handle properly alloc error in qcs_new()
+    - LICENSE: wurfl: clarify the dummy library license.
+    - BUG/MEDIUM: h3: fix cookie header parsing
+    - BUG/MINOR: h3: fix memleak on HEADERS parsing failure
+    - BUG/MINOR: ssl: Fix memory leak of find_chain in ssl_sock_load_cert_chain
+    - MINOR: stats: provide ctx for dumping functions
+    - MINOR: stats: introduce stats field ctx
+    - BUG/MINOR: stats: fix show stat json buffer limitation
+    - BUG/MINOR: quic: fix crash on PTO rearm if anti-amplification reset
+    - REGTESTS: startup: disable automatic_maxconn.vtc
+    - BUG/MEDIUM: tests: use tmpdir to create UNIX socket
+    - BUG/MEDIUM: stats: Rely on a local trash buffer to dump the stats
+    - OPTIM: pool: split the read_mostly from read_write parts in pool_head
+    - BUG/MEDIUM: mux-quic: fix double delete from qcc.opening_list
+    - BUG/MEDIUM: mux-h2: Refuse interim responses with end-stream flag set
+    - BUG/MINOR: pool/stats: Use ullong to report total pool usage in bytes in stats
+    - BUG/MINOR: mux-quic: ignore remote unidirectional stream close
+    - BUILD: makefile: build the features list dynamically
+    - BUILD: makefile: sort the features list
+    - BUG/MINOR: stick-table: report the correct action name in error message
+    - BUG/MINOR: http-fetch: Only fill txn status during prefetch if not already set
+    - BUG/MAJOR: buf: Fix copy of wrapping output data when a buffer is realigned
+    - DOC: config: fix alphabetical ordering of http-after-response rules
+    - DOC: config: remove duplicated "http-response sc-set-gpt0" directive
+    - BUG/MINOR: proxy: free orgto_hdr_name in free_proxy()
+    - REGTEST: fix the race conditions in json_query.vtc
+    - REGTEST: fix the race conditions in add_item.vtc
+    - REGTEST: fix the race conditions in digest.vtc
+    - REGTEST: fix the race conditions in hmac.vtc
+    - BUG/MINOR: http: Memory leak of http redirect rules' format string
+    - CLEANUP: htx: fix a typo in an error message of http_str_to_htx
+    - DOC: management: add details on "Used" status
+    - DOC: management: add details about @system-ca in "show ssl ca-file"
+    - BUG/MINOR: mux-quic: fix transfer of empty HTTP response
+    - MINOR: mux-quic: add traces for flow-control limit reach
+    - BUG/MINOR: h1-htx: Remove flags about protocol upgrade on non-101 responses
+    - BUG/MINOR: hlua: Fix Channel.line and Channel.data behavior regarding the doc
+    - BUG/MINOR: resolvers: Wait the resolution execution for a do_resolv action
+    - BUG/MEDIUM: peers: make "show peers" more careful about partial initialization
+    - BUG/MINOR: promex: Don't forget to consume the request on error
+    - BUG/MINOR: http-ana: Report SF_FINST_R flag on error waiting the request body
+    - BUG/MINOR: http-fetch: Don't block HTTP sample fetch eval in HTTP_MSG_ERROR state
+    - BUG/MINOR: http-ana: make set-status also update txn->status
+    - BUG/MINOR: listeners: fix suspend/resume of inherited FDs
+    - DOC: config: fix wrong section number for "protocol prefixes"
+    - DOC: config: fix aliases for protocol prefixes "udp4@" and "udp6@"
+    - DOC: config: mention the missing "quic4@" and "quic6@" in protocol prefixes
+    - BUG/MINOR: mux-fcgi: Correctly set pathinfo
+    - DOC: config: fix "Address formats" chapter syntax
+    - BUG/MEDIUM: jwt: Properly process ecdsa signatures (concatenated R and S params)
+    - BUG/MINOR: ssl: Fix compilation with OpenSSL 1.0.2 (missing ECDSA_SIG_set0)
+    - BUG/MINOR: listener: close tiny race between resume_listener() and stopping
+    - BUG/MINOR: h3: properly handle connection headers
+    - BUG/MINOR: mux-h2: make sure to produce a log on invalid requests
+    - BUG/MINOR: mux-h2: add missing traces on failed headers decoding
+    - BUILD: hpack: include global.h for the trash that is needed in debug mode
+    - BUG/MINOR: jwt: Wrong return value checked
+    - BUG/MINOR: quic: Do not request h3 clients to close its unidirection streams
+    - MINOR: h1: Consider empty port as invalid in authority for CONNECT
+    - MINOR: http: Considere empty ports as valid default ports
+    - BUG/MINOR: h1: Replace authority validation to conform RFC3986
+    - REG-TESTS: http: Add more tests about authority/host matching
+    - BUG/MINOR: http-htx: Normalized absolute URIs with an empty port
+
 2022/12/02 : 2.6.7
    - REGTESTS: 4be_1srv_smtpchk_httpchk_layer47errors: Return valid SMTP replies
    - BUG/MINOR: hlua: Remove \n in Lua error message built with memprintf
--- a/2
+++ b/2
@ -1,2 +1,2 @@
 $Format:%ci$
-2022/12/02
+2023/01/24
--- a/2
+++ b/2
@ -1 +1 @@
-2.6.7
+2.6.8
--- a/doc/configuration.txt
+++ b/doc/configuration.txt
@ -3,7 +3,7 @@
                          Configuration Manual
                         ----------------------
                              version 2.6
-                              2022/12/02
+                              2023/01/24


 This document covers the configuration language as implemented in the version
--- a/src/haproxy.c
+++ b/src/haproxy.c
@ -1,6 +1,6 @@
 /*
 * HAProxy : High Availability-enabled HTTP/TCP proxy
- * Copyright 2000-2022 Willy Tarreau <willy@haproxy.org>.
+ * Copyright 2000-2023 Willy Tarreau <willy@haproxy.org>.
 *
 * This program is free software; you can redistribute it and/or
 * modify it under the terms of the GNU General Public License
 @ -1 +1 @@
 .6.7
 .6.8