| ChangeLog : |
| =========== |
| |
| 2020/12/11 : 2.4-dev3 |
| - MINOR: log: Logging HTTP path only with %HPO |
| - BUG/MINOR: mux-h2/stats: make stream/connection proto errors more accurate |
| - MINOR: traces: add a new level "error" below the "user" level |
| - MINOR: mux-h2/trace: add traces at level ERROR for protocol errors |
| - BUG/MINOR: mux-h2/stats: not all GOAWAY frames are errors |
| - BUG/MINOR: lua: missing "\n" in error message |
| - BUG/MINOR: lua: lua-load doesn't check its parameters |
| - BUG/MINOR: lua: Post init register function are not executed beyond the first one |
| - BUG/MINOR: lua: Some lua init operation are processed unsafe |
| - MINOR: actions: Export actions lookup functions |
| - MINOR: actions: add a function returning a service pointer from its name |
| - MINOR: cli: add a function to look up a CLI service description |
| - BUG/MINOR: lua: warn when registering action, conv, sf, cli or applet multiple times |
| - MINOR: cache: Improve accept_encoding_normalizer |
| - MINOR: cache: Add entry to the tree as soon as possible |
| - BUG/MINOR: trace: Wrong displayed trace level |
| - BUG/MAJOR: ring: tcp forward on ring can break the reader counter. |
| - MINOR: lua: simplify hlua_alloc() to only rely on realloc() |
| - MEDIUM: lua-thread: use atomics for memory accounting |
| - MINOR: lua-thread: remove struct hlua from function hlua_prepend_path() |
| - MEDIUM: lua-thread: make hlua_post_init() no longer use the runtime execution function |
| - MINOR: lua-thread: hlua_ctx_renew() is never called with main gL lua state |
| - MINOR: lua-thread: Use NULL context for main lua state |
| - MINOR: lua-thread: Stop usage of struct hlua for the global lua state |
| - MINOR: lua-thread: Replace embedded struct hlua_function by a pointer |
| - MINOR: lua-thread: Split hlua_init() function in two parts |
| - MINOR: lua-thread: make hlua_ctx_init() get L from its caller |
| - MINOR: lua-thread: Split hlua_load function in two parts |
| - MINOR: lua-thread: Split hlua_post_init() function in two parts |
| - MINOR: lua-thread: Add the "thread" core variable |
| - MEDIUM: lua-thread: No longer use locked context in initialization parts |
| - MEDIUM: lua-thread: Apply lock only if the parent state is the main thread |
| - MINOR: lua-thread: Replace global gL var with an array of states |
| - MINOR: lua-thread: Replace "struct hlua_function" allocation by dedicated function |
| - MINOR: lua-thread: Replace state_from by state_id |
| - MINOR: lua-thread: Store each function reference and init reference in array |
| - MEDIUM: lua-thread: Add the lua-load-per-thread directive |
| - MINOR: lua-thread: Add verbosity in errors |
| - REGTESTS: add a test for the threaded Lua code |
| - BUILD/MINOR: haproxy DragonFlyBSD affinity build update. |
| - DOC/MINOR: Fix formatting in Management Guide |
| - MINOR: cache: Do not store stale entry |
| - MINOR: cache: Add extra "cache-control" value checks |
| - MEDIUM: cache: Remove cache entry in case of POST on the same resource |
| - MINOR: cache: Consider invalid Age values as stale |
| - BUG/MEDIUM: lua-thread: some parts must be initialized once |
| - BUG/MINOR: lua-thread: close all states on deinit |
| - BUG/MINOR: listener: use sockaddr_in6 for IPv6 |
| - BUG/MINOR: mux-h1: Handle keep-alive timeout for idle frontend connections |
| - MINOR: session: Add the idle duration field into the session |
| - MINOR: mux-h1: Update session idle duration when data are received |
| - MINOR: mux-h1: Reset session dates and durations info when the CS is detached |
| - MINOR: logs: Use session idle duration when no stream is provided |
| - MINOR: stream: Always get idle duration from the session |
| - MINOR: stream: Don't retrieve anymore timing info from the mux csinfo |
| - MINOR: mux-h1: Don't provide anymore timing info using cs_info structure |
| - MINOR: muxes: Remove get_cs_info callback function now useless |
| - MINOR: stream: Pass an optional input buffer when a stream is created |
| - MINOR: mux-h1: Add a flag to disable reads to wait opposite side |
| - MEDIUM: mux-h1: Use a h1c flag to block reads when splicing is in-progress |
| - MINOR: mux-h1: Introduce H1C_F_IS_BACK flag on the H1 connection |
| - MINOR: mux-h1: Separate parsing and formatting errors at H1 stream level |
| - MINOR: mux-h1: Split front/back h1 stream creation in 2 functions |
| - MINOR: mux-h1: Add a rxbuf into the H1 stream |
| - MINOR: mux-h1: Don't set CS flags in internal parsing functions |
| - MINOR: mux-h1: Add embryonic and attached states on the H1 connection |
| - MINOR: mux-h1: rework the h1_timeout_task() function |
| - MINOR: mux-h1: Reset more H1C flags when a H1 stream is destroyed |
| - MINOR: mux-h1: Disable reads if an error was reported on the H1 stream |
| - MINOR: mux-h1: Rework how shutdowns are handled |
| - MINOR: mux-h1: Rework h1_refresh_timeout to be easier to read |
| - MINOR: mux-h1: Process next request for IDLE connection only |
| - MINOR: mux-h1: Add a idle expiration date on the H1 connection |
| - MINOR: stick-tables: Add functions to update some values of a tracked counter |
| - MINOR: session: Add functions to increase http values of tracked counters |
| - MINOR: mux: Add a ctl parameter to get the exit status of the multiplexers |
| - MINOR: logs: Get the multiplexer exist status when no stream is provided |
| - MINOR: mux-h1: Add functions to send HTTP errors from the mux |
| - MAJOR: mux-h1: Create the client stream as later as possible |
| - DOC: config: Add notes about errors emitted by H1 mux |
| - CLEANUP: mux-h1: Rename H1C_F_CS_* flags and reorder H1C flags |
| - MINOR: http-ana: Remove useless update of t_idle duration of the stream |
| - CLEANUP: htx: Remove HTX_FL_UPGRADE unsued flag |
| - MEDIUM: http-ana: Don't process partial or empty request anymore |
| - CLEANUP: http-ana: Remove TX_WAIT_NEXT_RQ unsued flag |
| - CLEANUP: connection: Remove CS_FL_READ_PARTIAL flag |
| - REGTESTS: Fix proxy_protocol_tlv_validation |
| - MINOR: http-ana: Properly set message flags from the start-line flags |
| - MINOR: h1-htx/http-ana: Set BODYLESS flag on message in TUNNEL state |
| - MINOR: protocol: add a ->set_port() helper to address families |
| - MINOR: listener: automatically set the port when creating listeners |
| - MINOR: listener: now use a generic add_listener() function |
| - MEDIUM: ssl: fatal error with bundle + openssl < 1.1.1 |
| - BUG/MEDIUM: stream: Xfer the input buffer to a fully created stream |
| - BUG/MINOR: stream: Don't use input buffer after the ownership xfer |
| - MINOR: protocol: remove the redundant ->sock_domain field |
| - MINOR: protocol: export protocol definitions |
| - CLEANUP: protocol: group protocol struct members by usage |
| - MINOR: protocol: add a set of ctrl_init/ctrl_close methods for setup/teardown |
| - MINOR: connection: use the control layer's init/close |
| - MINOR: udp: export udp_suspend_receiver() and udp_resume_receiver() |
| - BUG/MAJOR: spoa/python: Fixing return None |
| - DOC: spoa/python: Fixing typo in IP related error messages |
| - DOC: spoa/python: Rephrasing memory related error messages |
| - DOC: spoa/python: Fixing typos in comments |
| - BUG/MINOR: spoa/python: Cleanup references for failed Module Addobject operations |
| - BUG/MINOR: spoa/python: Cleanup ipaddress objects if initialization fails |
| - BUG/MEDIUM: spoa/python: Fixing PyObject_Call positional arguments |
| - BUG/MEDIUM: spoa/python: Fixing references to None |
| - DOC: email change of the DeviceAtlas maintainer |
| - MINOR: cache: Dump secondary entries in "show cache" |
| - CLEANUP: connection: use fd_stop_both() instead of conn_stop_polling() |
| - MINOR: stream-int: don't touch polling anymore on shutdown |
| - MINOR: connection: implement cs_drain_and_close() |
| - MINOR: mux-pt: take care of CS_SHR_DRAIN in shutr() |
| - MINOR: checks: use cs_drain_and_close() instead of draining the connection |
| - MINOR: checks: don't call conn_cond_update_polling() anymore |
| - CLEANUP: connection: open-code conn_cond_update_polling() and update the comment |
| - CLEANUP: connection: remove the unused conn_{stop,cond_update}_polling() |
| - BUG/MINOR: http-check: Use right condition to consider HTX message as full |
| - BUG/MINOR: tcpcheck: Don't rearm the check timeout on each read |
| - MINOR: tcpcheck: Only wait for more payload data on HTTP expect rules |
| - BUG/MINOR: tools: make parse_time_err() more strict on the timer validity |
| - BUG/MINOR: tools: Reject size format not starting by a digit |
| - MINOR: action: define enum for timeout type of the set-timeout rule |
| - MINOR: stream: prepare the hot refresh of timeouts |
| - MEDIUM: stream: support a dynamic server timeout |
| - MEDIUM: stream: support a dynamic tunnel timeout |
| - MEDIUM: http_act: define set-timeout server/tunnel action |
| - MINOR: frontend: add client timeout sample fetch |
| - MINOR: backend: add timeout sample fetches |
| - MINOR: stream: add sample fetches |
| - MINOR: stream: add timeout sample fetches |
| - REGTESTS: add regtest for http-request set-timeout |
| - CLEANUP: remove the unused fd_stop_send() in conn_xprt_shutw{,_hard}() |
| - CLEANUP: connection: remove the unneeded fd_stop_{recv,send} on read0/shutw |
| - MINOR: connection: remove sock-specific code from conn_sock_send() |
| - REORG: connection: move the socket iocb (conn_fd_handler) to sock.c |
| - MINOR: protocol: add a ->drain() function at the connection control layer |
| - MINOR: connection: make conn_sock_drain() use the control layer's ->drain() |
| - MINOR: protocol: add a pair of check_events/ignore_events functions at the ctrl layer |
| - MEDIUM: connection: make use of the control layer check_events/ignore_events |
| |
| 2020/12/01 : 2.4-dev2 |
| - BUILD: Make DEBUG part of .build_opts |
| - BUILD: Show the value of DEBUG= in haproxy -vv |
| - CI: Set DEBUG=-DDEBUG_STRICT=1 in GitHub Actions |
| - MINOR: stream: Add level 7 retries on http error 401, 403 |
| - CLEANUP: remove unused function "ssl_sock_is_ckch_valid" |
| - BUILD: SSL: add BoringSSL guarding to "RAND_keep_random_devices_open" |
| - BUILD: SSL: do not "update" BoringSSL version equivalent anymore |
| - BUG/MEDIUM: http_act: Restore init of log-format list |
| - DOC: better describes how to configure a fallback crt |
| - BUG/MAJOR: filters: Always keep all offsets up to date during data filtering |
| - MINOR: cache: Prepare helper functions for Vary support |
| - MEDIUM: cache: Add the Vary header support |
| - MINOR: cache: Add a process-vary option that can enable/disable Vary processing |
| - BUG/CRITICAL: cache: Fix trivial crash by sending accept-encoding header |
| - BUG/MAJOR: peers: fix partial message decoding |
| - DOC: cache: Add new caching limitation information |
| - DOC: cache: Add information about Vary support |
| - DOC: better document the config file format and escaping/quoting rules |
| - DOC: Clarify %HP description in log-format |
| - CI: github actions: update LibreSSL to 3.3.0 |
| - CI: github actions: enable 51degrees feature |
| - MINOR: fd/threads: silence a build warning with threads disabled |
| - BUG/MINOR: tcpcheck: Don't forget to reset tcp-check flags on new kind of check |
| - MINOR: tcpcheck: Don't handle anymore in-progress send rules in tcpcheck_main |
| - BUG/MAJOR: tcpcheck: Allocate input and output buffers from the buffer pool |
| - MINOR: tcpcheck: Don't handle anymore in-progress connect rules in tcpcheck_main |
| - MINOR: config: Deprecate and ignore tune.chksize global option |
| - MINOR: config: Add a warning if tune.chksize is used |
| - REORG: tcpcheck: Move check option parsing functions based on tcp-check |
| - MINOR: check: Always increment check health counter on CONPASS |
| - MINOR: tcpcheck: Add support of L7OKC on expect rules error-status argument |
| - DOC: config: Make disable-on-404 option clearer on transition conditions |
| - DOC: config: Move req.hdrs and req.hdrs_bin in L7 samples fetches section |
| - BUG/MINOR: http-fetch: Fix smp_fetch_body() when called from a health-check |
| - MINOR: plock: use an ARMv8 instruction barrier for the pause instruction |
| - MINOR: debug: add "debug dev sched" to stress the scheduler. |
| - MINOR: debug: add a trivial PRNG for scheduler stress-tests |
| - BUG/MEDIUM: lists: Lock the element while we check if it is in a list. |
| - MINOR: task: remove tasklet_insert_into_tasklet_list() |
| - MINOR: task: perform atomic counter increments only once per wakeup |
| - MINOR: task: remove __tasklet_remove_from_tasklet_list() |
| - BUG/MEDIUM: task: close a possible data race condition on a tasklet's list link |
| - BUG/MEDIUM: local log format regression. |
| |
| 2020/11/21 : 2.4-dev1 |
| - MINOR: ist: Add istend() function to return a pointer to the end of the string |
| - MINOR: sample: Add converters to parse FIX messages |
| - REGTEST: converter: Add a regtest for fix converters |
| - MINOR: sample: Add converts to parses MQTT messages |
| - REGTEST: converter: Add a regtest for MQTT converters |
| - MINOR: compat: automatically include malloc.h on glibc |
| - MEDIUM: pools: call malloc_trim() from pool_gc() |
| - MEDIUM: pattern: call malloc_trim() on pat_ref_reload() |
| - MINOR: pattern: move the update revision to the pat_ref, not the expression |
| - CLEANUP: pattern: delete the back refs at once during pat_ref_reload() |
| - MINOR: pattern: new sflag PAT_SF_REGFREE indicates regex_free() is needed |
| - MINOR: pattern: make the delete and prune functions more generic |
| - MEDIUM: pattern: link all final elements from the reference |
| - MEDIUM: pattern: change the pat_del_* functions to delete from the references |
| - MINOR: pattern: remerge the list and tree deletion functions |
| - MINOR: pattern: perform a single call to pat_delete_gen() under the expression |
| - CLEANUP: acl: don't reference the generic pattern deletion function anymore |
| - CLEANUP: pattern: remove pat_delete_fcts[] and pattern_head->delete() |
| - MINOR: pattern: introduce pat_ref_delete_by_ptr() to delete a valid reference |
| - MINOR: pattern: store a generation number in the reference patterns |
| - MEDIUM: pattern: only match patterns that match the current generation |
| - MINOR: pattern: add pat_ref_commit() to commit a previously inserted element |
| - MINOR: pattern: implement pat_ref_load() to load a pattern at a given generation |
| - MINOR: pattern: add pat_ref_purge_older() to purge old entries |
| - MEDIUM: pattern: make pat_ref_prune() rely on pat_ref_purge_older() |
| - MINOR: pattern: during reload, delete elements frem the ref, not the expression |
| - MINOR: pattern: prepare removal of a pattern from the list head |
| - MEDIUM: pattern: turn the pattern chaining to single-linked list |
| - CLEANUP: cfgparse: remove duplicate registration for transparent build options |
| - BUG/MINOR: ssl: don't report 1024 bits DH param load error when it's higher |
| - MINOR: http-htx: Add understandable errors for the errorfiles parsing |
| - MINOR: ssl: instantiate stats module |
| - MINOR: ssl: count client hello for stats |
| - MINOR: ssl: add counters for ssl sessions |
| - DOC: config: Fix a typo on ssl_c_chain_der |
| - MINOR: server: remove idle lock in srv_cleanup_connections |
| - BUILD: ssl: silence build warning on uninitialised counters |
| - BUILD: http-htx: fix build warning regarding long type in printf |
| - REGTEST: ssl: test wildcard and multi-type + exclusions |
| - BUG/MEDIUM: ssl/crt-list: correctly insert crt-list line if crt already loaded |
| - CI: Expand use of GitHub Actions for CI |
| - REGTEST: ssl: mark reg-tests/ssl/ssl_crt-list_filters.vtc as broken |
| - BUG/MINOR: pattern: a sample marked as const could be written |
| - BUG/MINOR: lua: set buffer size during map lookups |
| - MEDIUM: cache: Change caching conditions |
| - BUG/MINOR: stats: free dynamically stats fields/lines on shutdown |
| - BUG/MEDIUM: stats: prevent crash if counters not alloc with dummy one |
| - MINOR: peers: Add traces to peer_treat_updatemsg(). |
| - BUG/MINOR: peers: Do not ignore a protocol error for dictionary entries. |
| - BUG/MINOR: peers: Missing TX cache entries reset. |
| - BUG/MEDIUM: peers: fix decoding of multi-byte length in stick-table messages |
| - BUG/MINOR: http-fetch: Extract cookie value even when no cookie name |
| - BUG/MINOR: http-fetch: Fix calls w/o parentheses of the cookie sample fetches |
| - BUG/MEDIUM: check: reuse srv proto only if using same mode |
| - MINOR: check: report error on incompatible proto |
| - MINOR: check: report error on incompatible connect proto |
| - BUG/MINOR: http-htx: Handle warnings when parsing http-error and http-errors |
| - BUG/MAJOR: spoe: Be sure to remove all references on a released spoe applet |
| - MINOR: spoe: Don't close connection in sync mode on processing timeout |
| - BUG/MINOR: tcpcheck: Don't warn on unused rules if check option is after |
| - MINOR: init: Fix the prototype for per-thread free callbacks |
| - MINOR: config/mux-h2: Return ERR_ flags from init_h2() instead of a status |
| - CLEANUP: config: Return ERR_NONE from config callbacks instead of 0 |
| - MINOR: cfgparse: tighten the scope of newnameserver variable, free it on error. |
| - REGTEST: make ssl_client_samples and ssl_server_samples require to 2.2 |
| - REGTESTS: Add sample_fetches/cook.vtc |
| - BUG/MEDIUM: filters: Forward all filtered data at the end of http filtering |
| - BUG/MINOR: http-ana: Don't wait for the body of CONNECT requests |
| - CLEANUP: flt-trace: Remove unused random-parsing option |
| - MINOR: flt-trace: Add an option to inhibits trace messages |
| - MINOR: flt-trace: Use a bitfield for the trace options |
| - REGTESTS: Add a script to test the random forwarding with several filters |
| - REGTESTS: mark the abns test as broken again |
| - REGTESTS: converter: add url_dec test |
| - CI: Stop hijacking the hosts file |
| - CI: Make the h2spec workflow more consistent with the VTest workflow |
| - CI: travis-ci: remove amd64, osx builds |
| - CI: travis-ci: arm64 are not allowed to fail anymore |
| - DOC: add missing 3.10 in the summary |
| - MINOR: ssl: remove client hello counters |
| - MEDIUM: stats: add counters for failed handshake |
| - MINOR: ssl: create common ssl_ctx init |
| - MEDIUM: cli/ssl: configure ssl on server at runtime |
| - REGTEST: server/cli_set_ssl.vtc requires OpenSSL |
| - DOC: coding-style: update a few rules about pointers |
| - BUG/MINOR: ssl: segv on startup when AKID but no keyid |
| - BUILD: ssl: use SSL_MODE_ASYNC macro instead of OPENSSL_VERSION |
| - BUG/MEDIUM: http-ana: Don't eval http-after-response ruleset on empty messages |
| - BUG/MEDIUM: ssl/crt-list: bundle support broken in crt-list |
| - BUG/MEDIUM: ssl: error when no certificate are found |
| - BUG/MINOR: ssl/crt-list: load bundle in crt-list only if activated |
| - BUG/MEDIUM: ssl/crt-list: fix error when no file found |
| - CI: Github Actions: enable prometheus exporter |
| - CI: Github Actions: remove LibreSSL-3.0.2 builds |
| - CI: Github Actions: enable BoringSSL builds |
| - CI: travis-ci: remove builds migrated to GH actions |
| - BUILD: makefile: enable crypt(3) for OpenBSD |
| - CI: Github Action: run "apt-get update" before packages restore |
| - BUILD: SSL: guard TLS13 ciphersuites with HAVE_SSL_CTX_SET_CIPHERSUITES |
| - CI: Pass the github.event_name to matrix.py |
| - CI: Clean up Windows CI |
| - DOC: clarify how to create a fallback crt |
| - CLEANUP: connection: do not use conn->owner when the session is known |
| - BUG/MAJOR: connection: reset conn->owner when detaching from session list |
| - REGTESTS: mark proxy_protocol_random_fail as broken |
| - BUG/MINOR: http_htx: Fix searching headers by substring |
| - MINOR: http_act: Add -m flag for del-header name matching method |
| |
| 2020/11/05 : 2.4-dev0 |
| - MINOR: version: it's development again. |
| - DOC: mention in INSTALL that it's development again |
| |
| 2020/11/05 : 2.3.0 |
| - CLEANUP: pattern: remove unused entry "tree" in pattern.val |
| - BUILD: ssl: use SSL_CTRL_GET_RAW_CIPHERLIST instead of OpenSSL versions |
| - BUG/MEDIUM: filters: Don't try to init filters for disabled proxies |
| - BUG/MINOR: proxy/server: Skip per-proxy/server post-check for disabled proxies |
| - BUG/MINOR: checks: Report a socket error before any connection attempt |
| - BUG/MINOR: server: Set server without addr but with dns in RMAINT on startup |
| - MINOR: server: Copy configuration file and line for server templates |
| - BUG/MEDIUM: mux-pt: Release the tasklet during an HTTP upgrade |
| - BUILD: ssl: use HAVE_OPENSSL_KEYLOG instead of OpenSSL versions |
| - MINOR: debug: don't count free(NULL) in memstats |
| - BUG/MINOR: filters: Skip disabled proxies during startup only |
| - MINOR: mux_h2: capitalize frame type in stats |
| - MINOR: mux_h2: add stat for total count of connections/streams |
| - MINOR: stats: do not display empty stat module title on html |
| - BUG/MEDIUM: stick-table: limit the time spent purging old entries |
| - BUG/MEDIUM: listener: only enable a listening listener if needed |
| - BUG/MEDIUM: listener: never suspend inherited sockets |
| - BUG/MEDIUM: listener: make the master also keep workers' inherited FDs |
| - MINOR: fd: add fd_want_recv_safe() |
| - MEDIUM: listeners: make use of fd_want_recv_safe() to enable early receivers |
| - REGTESTS: mark abns_socket as working now |
| - CLEANUP: mux-h2: Remove the h1 parser state from the h2 stream |
| - MINOR: sock: add a check against cross worker<->master socket activities |
| - CI: github actions: limit OpenSSL no-deprecated builds to "default,bug,devel" reg-tests |
| - BUG/MEDIUM: server: make it possible to kill last idle connections |
| - MINOR: mworker/cli: the master CLI use its own applet |
| - MINOR: ssl: define SSL_CTX_set1_curves_list to itself on BoringSSL |
| - BUILD: ssl: use feature macros for detecting ec curves manipulation support |
| - DOC: Add dns as an available domain to show stat |
| - BUILD: makefile: usual reorder of objects for faster builds |
| - DOC: update INSTALL to mention that TCC is supported |
| - DOC: mention in INSTALL that haproxy 2.3 is a stable version |
| - MINOR: version: mention that it's stable now |
| |
| 2020/10/31 : 2.3-dev9 |
| - CLEANUP: http_ana: remove unused assignation of `att_beg` |
| - BUG/MEDIUM: ssl: OCSP must work with BoringSSL |
| - BUG/MINOR: log: fix memory leak on logsrv parse error |
| - BUG/MINOR: log: fix risk of null deref on error path |
| - BUILD: ssl: more elegant OpenSSL early data support check |
| - CI: github actions: update h2spec to 2.6.0 |
| - BUG/MINOR: cache: Check the return value of http_replace_res_status |
| - MINOR: cache: Store the "Last-Modified" date in the cache_entry |
| - MINOR: cache: Process the If-Modified-Since header in conditional requests |
| - MINOR: cache: Create res.cache_hit and res.cache_name sample fetches |
| - MINOR: mux-h2: register a stats module |
| - MINOR: mux-h2: add counters instance to h2c |
| - MINOR: mux-h2: add stats for received frame types |
| - MINOR: mux-h2: report detected error on stats |
| - MINOR: mux-h2: count open connections/streams on stats |
| - BUG/MINOR: server: fix srv downtime calcul on starting |
| - BUG/MINOR: server: fix down_time report for stats |
| - BUG/MINOR: lua: initialize sample before using it |
| - MINOR: cache: Add Expires header value parsing |
| - MINOR: ist: Add a case insensitive istmatch function |
| - BUG/MINOR: cache: Manage multiple values in cache-control header value |
| - BUG/MINOR: cache: Inverted variables in http_calc_maxage function |
| - MINOR: pattern: make pat_ref_append() return the newly added element |
| - MINOR: pattern: make pat_ref_add() rely on pat_ref_append() |
| - MINOR: pattern: export pat_ref_push() |
| - CLEANUP: pattern: use calloc() rather than malloc for structures |
| - CLEANUP: pattern: fix spelling/grammatical/copy-paste in comments |
| |
| 2020/10/24 : 2.3-dev8 |
| - MINOR: backend: replace the lbprm lock with an rwlock |
| - MINOR: lb/map: use seek lock and read locks where appropriate |
| - MINOR: lb/leastconn: only take a read lock in fwlc_get_next_server() |
| - MINOR: lb/first: use a read lock in fas_get_next_server() |
| - MINOR: lb/chash: use a read lock in chash_get_server_hash() |
| - BUG/MINOR: disable dynamic OCSP load with BoringSSL |
| - BUILD: ssl: make BoringSSL use its own version numbers |
| - CLEANUP: threads: don't register an initcall when not debugging |
| - MINOR: threads: change lock_t to an unsigned int |
| - CLEANUP: tree-wide: reorder a few structures to plug some holes around locks |
| - CLEANUP: task: remove the unused and mishandled global_rqueue_size |
| - BUG/MEDIUM: connection: Never cleanup server lists when freeing private conns |
| - MEDIUM: config: report that "nbproc" is deprecated |
| - BUG/MINOR: listener: close before free in `listener_accept` |
| - MINOR: ssl: 'ssl-load-extra-del-ext' removes the certificate extension |
| - BUG/MINOR: queue: properly report redistributed connections |
| - CONTRIB: tcploop: remove unused local variables in tcp_pause() |
| - BUILD: makefile: add entries to build common debugging tools |
| - BUG/MEDIUM: server: support changing the slowstart value from state-file |
| - MINOR: http: Add `enum etag_type http_get_etag_type(const struct ist)` |
| - MINOR: http: Add etag comparison function |
| - MEDIUM: cache: Store the ETag information in the cache_entry |
| - MEDIUM: cache: Add support for 'If-None-Match' request header |
| - REGTEST: cache: Add if-none-match test case |
| - CLEANUP: compression: Make use of http_get_etag_type() |
| - BUG/MINOR: http-ana: Don't send payload for internal responses to HEAD requests |
| - BUG/MAJOR: mux-h2: Don't try to send data if we know it is no longer possible |
| - MINOR: threads/debug: only report used lock stats |
| - MINOR: threads/debug: only report lock stats for used operations |
| - MINOR: proxy; replace the spinlock with an rwlock |
| - MINOR: server: read-lock the cookie during srv_set_dyncookie() |
| - MINOR: proxy/cli: only take a read lock in "show errors" |
| - OPTIM: queue: don't call pendconn_unlink() when the pendconn is not queued |
| - MINOR: queue: split __pendconn_unlink() in per-srv and per-prx |
| - MINOR: queue: reduce the locked area in pendconn_add() |
| - OPTIM: queue: make the nbpend counters atomic |
| - OPTIM: queue: decrement the nbpend and totpend counters outside of the lock |
| - MINOR: leastconn: take the queue length into account when queuing servers |
| - MEDIUM: fwlc: re-enable per-server queuing up to maxqueue |
| - Revert "OPTIM: queue: don't call pendconn_unlink() when the pendconn is not queued" |
| - MINOR: stats: support the "up" output modifier for "show stat" |
| - MINOR: stats: also support a "no-maint" show stat modifier |
| - MINOR: stats: indicate the number of servers in a backend's status |
| - MEDIUM: ssl: ssl-load-extra-del-ext work only with .crt |
| - REGTEST: ssl: test "set ssl cert" with separate key / crt |
| - DOC: management: apply the "show stat" modifiers to "show stat", not "show info" |
| - MINOR: stats: report server's user-configured weight next to effective weight |
| - CI: travis-ci: switch to Ubuntu 20.04 |
| - CONTRIB: release-estimator: Add release estimating tool |
| - BUG/MEDIUM: queue: fix unsafe proxy pointer when counting nbpend |
| - BUG/MINOR: extcheck: add missing checks on extchk_setenv() |
| |
| 2020/10/17 : 2.3-dev7 |
| - CI: travis-ci: replace not defined SSL_LIB, SSL_INC for BotringSSL builds |
| - BUG/MINOR: init: only keep rlim_fd_cur if max is unlimited |
| - BUG/MINOR: mux-h2: do not stop outgoing connections on stopping |
| - MINOR: fd: report an error message when failing initial allocations |
| - MINOR: proto-tcp: make use of connect(AF_UNSPEC) for the pause |
| - MINOR: sock: add sock_accept_conn() to test a listening socket |
| - MINOR: protocol: make proto_tcp & proto_uxst report listening sockets |
| - MINOR: sockpair: implement the .rx_listening function |
| - CLEANUP: tcp: make use of sock_accept_conn() where relevant |
| - CLEANUP: unix: make use of sock_accept_conn() where relevant |
| - BUG/MINOR: listener: detect and handle shared sockets stopped in other processes |
| - CONTRIB: tcploop: implement a disconnect operation 'D' |
| - CLEANUP: protocol: intitialize all of the sockaddr when disconnecting |
| - BUG/MEDIUM: deinit: check fdtab before fdtab[fd].owner |
| - BUG/MINOR: connection: fix loop iter on connection takeover |
| - BUG/MEDIUM: connection: fix srv idle count on conn takeover |
| - MINOR: connection: improve list api usage |
| - MINOR: mux/connection: add a new mux flag for HOL risk |
| - MINOR: connection: don't check priv flag on free |
| - MEDIUM: backend: add new conn to session if mux marked as HOL blocking |
| - MEDIUM: backend: add reused conn to sess if mux marked as HOL blocking |
| - MEDIUM: h2: remove conn from session on detach |
| - MEDIUM: fcgi: remove conn from session on detach |
| - DOC: Describe reuse safe for HOL handling |
| - MEDIUM: proxy: remove obsolete "mode health" |
| - MEDIUM: proxy: remove obsolete "monitor-net" |
| - CLEANUP: protocol: remove the ->drain() function |
| - CLEANUP: fd: finally get rid of fd_done_recv() |
| - MINOR: connection: make sockaddr_alloc() take the address to be copied |
| - MEDIUM: listener: allocate the connection before queuing a new connection |
| - MINOR: session: simplify error path in session_accept_fd() |
| - MINOR: connection: add new error codes for accept_conn() |
| - MINOR: sock: rename sock_accept_conn() to sock_accepting_conn() |
| - MINOR: protocol: add a new function accept_conn() |
| - MINOR: sock: implement sock_accept_conn() to accept a connection |
| - MINOR: sockpair: implement sockpair_accept_conn() to accept a connection |
| - MEDIUM: listener: use protocol->accept_conn() to accept a connection |
| - MEDIUM: listener: remove the second pass of fd manipulation at the end |
| - MINOR: protocol: add a default I/O callback and put it into the receiver |
| - MINOR: log: set the UDP receiver's I/O handler in the receiver |
| - MINOR: protocol: register the receiver's I/O handler and not the protocol's |
| - CLEANUP: protocol: remove the now unused <handler> field of proto_fam->bind() |
| - DOC: improve the documentation for "option nolinger" |
| - BUG/MEDIUM: proxy: properly stop backends |
| - BUG/MEDIUM: task: bound the number of tasks picked from the wait queue at once |
| - MINOR: threads: augment rwlock debugging stats to report seek lock stats |
| - MINOR: threads: add the transitions to/from the seek state |
| - MEDIUM: task: use an upgradable seek lock when scanning the wait queue |
| - BUILD: listener: avoir a build warning when threads are disabled |
| - BUG/MINOR: peers: Possible unexpected peer seesion reset after collisions. |
| - MINOR: ssl: add volatile flags to ssl samples |
| - MEDIUM: backend: reuse connection if using a static sni |
| - BUG/MEDIUM: spoe: Unset variable instead of set it if no data provided |
| - BUG/MEDIUM: mux-h1: Get the session from the H1S when capturing bad messages |
| - BUG/MEDIUM: lb: Always lock the server when calling server_{take,drop}_conn |
| - DOC: fix typo in MAX_SESS_STKCTR |
| |
| 2020/10/10 : 2.3-dev6 |
| - REGTESTS: use "command" instead of "which" for better POSIX compatibility |
| - BUILD: makefile: Update feature flags for OpenBSD |
| - DOC: agent-check: fix typo in "fail" word expected reply |
| - DOC: crt: advise to move away from cert bundle |
| - BUG/MINOR: ssl/crt-list: exit on warning out of crtlist_parse_line() |
| - REGTEST: fix host part in balance-uri-path-only.vtc |
| - REGTEST: make ssl_client_samples and ssl_server_samples requiret to 2.3 |
| - REGTEST: the iif converter test requires 2.3 |
| - REGTEST: make agent-check.vtc require 1.8 |
| - REGTEST: make abns_socket.vtc require 1.8 |
| - REGTEST: make map_regm_with_backref require 1.7 |
| - BUILD: makefile: Update feature flags for FreeBSD |
| - OPTIM: backend/random: never queue on the server, always on the backend |
| - OPTIM: backend: skip LB when we know the backend is full |
| - BUILD: makefile: Fix building with closefrom() support enabled |
| - BUILD: makefile: add an EXTRAVERSION variable to ease local naming |
| - MINOR: tools: support for word expansion of environment in parse_line |
| - BUILD: tools: fix minor build issue on isspace() |
| - BUILD: makefile: Enable closefrom() support on Solaris |
| - CLEANUP: ssl: Use structured format for error line report during crt-list parsing |
| - MINOR: ssl: Add error if a crt-list might be truncated |
| - MINOR: ssl: remove uneeded check in crtlist_parse_file |
| - BUG/MINOR: Fix several leaks of 'log_tag' in init(). |
| - DOC: tcp-rules: Refresh details about L7 matching for tcp-request content rules |
| - MEDIUM: tcp-rules: Warn if a track-sc* content rule doesn't depend on content |
| - BUG/MINOR: tcpcheck: Set socks4 and send-proxy flags before the connect call |
| - DOC: ssl: new "cert bundle" behavior |
| - BUG/MEDIUM: queue: make pendconn_cond_unlink() really thread-safe |
| - CLEANUP: ssl: "bundle" is not an OpenSSL wording |
| - MINOR: counters: fix a typo in comment |
| - BUG/MINOR: stats: fix validity of the json schema |
| - REORG: stats: export some functions |
| - MINOR: stats: add stats size as a parameter for csv/json dump |
| - MINOR: stats: hide px/sv/li fields in applet struct |
| - REORG: stats: extract proxy json dump |
| - REORG: stats: extract proxies dump loop in a function |
| - MINOR: hlua: Display debug messages on stderr only in debug mode |
| - MINOR: stats: define the concept of domain for statistics |
| - MINOR: stats: define additional flag px cap on domain |
| - MEDIUM: stats: add delimiter for static proxy stats on csv |
| - MEDIUM: stats: define an API to register stat modules |
| - MEDIUM: stats: add abstract type to store counters |
| - MEDIUM: stats: integrate static proxies stats in new stats |
| - MINOR: stats: support clear counters for dynamic stats |
| - MINOR: stats: display extra proxy stats on the html page |
| - MINOR: stats: add config "stats show modules" |
| - MINOR: dns/stats: integrate dns counters in stats |
| - MINOR: stats: remove for loop declaration |
| - DOC: ssl: fix typo about ocsp files |
| - BUG/MINOR: peers: Inconsistency when dumping peer status codes. |
| - DOC: update INSTALL with supported OpenBSD / FreeBSD versions |
| - BUG/MINOR: proto_tcp: Report warning messages when listeners are bound |
| - CLEANUP: cache: Fix leak of cconf->c.name during config check |
| - CLEANUP: ssl: Release cached SSL sessions on deinit |
| - BUG/MINOR: mux-h1: Be sure to only set CO_RFL_READ_ONCE for the first read |
| - BUG/MINOR: mux-h1: Always set the session on frontend h1 stream |
| - MINOR: mux-h1: Don't wakeup the H1C when output buffer become available |
| - CLEANUP: sock-unix: Remove an unreachable goto clause |
| - BUG/MINOR: proxy: inc req counter on new syslog messages. |
| - BUG/MEDIUM: log: old processes with log foward section don't die on soft stop. |
| - MINOR: stats: inc req counter on listeners. |
| - MINOR: channel: new getword and getchar functions on channel. |
| - MEDIUM: log: syslog TCP support on log forward section. |
| - BUG/MINOR: proxy/log: frontend/backend and log forward names must differ |
| - DOC: re-work log forward bind statement documentation. |
| - DOC: fix a confusing typo on a regsub example |
| - BUILD: Add a DragonFlyBSD target |
| - BUG/MINOR: makefile: fix a tiny typo in the target list |
| - BUILD: makefile: Update feature flags for NetBSD |
| - CI: travis-ci: help Coverity to detect BUG_ON() as a real stop |
| - DOC: Add missing stats fields in the management doc |
| - BUG/MEDIUM: mux-fcgi: Don't handle pending read0 too early on streams |
| - BUG/MEDIUM: mux-h2: Don't handle pending read0 too early on streams |
| - DOC: Fix typos in configuration.txt |
| - BUG/MINOR: http: Fix content-length of the default 500 error |
| - BUG/MINOR: http-htx: Expect no body for 204/304 internal HTTP responses |
| - REGTESTS: mark abns_socket as broken |
| - MEDIUM: fd: always wake up one thread when enabling a foreing FD |
| - MEDIUM: listeners: don't bounce listeners management between queues |
| - MEDIUM: init: stop disabled proxies after initializing fdtab |
| - MEDIUM: listeners: make unbind_listener() converge if needed |
| - MEDIUM: deinit: close all receivers/listeners before scanning proxies |
| - MEDIUM: listeners: remove the now unused ZOMBIE state |
| - MINOR: listeners: do not uselessly try to close zombie listeners in soft_stop() |
| - CLEANUP: proxy: remove the first_to_listen hack in zombify_proxy() |
| - MINOR: listeners: introduce listener_set_state() |
| - MINOR: proxy: maintain per-state counters of listeners |
| - MEDIUM: proxy: remove the unused PR_STFULL state |
| - MEDIUM: proxy: remove the PR_STERROR state |
| - MEDIUM: proxy: remove state PR_STPAUSED |
| - MINOR: startup: don't rely on PR_STNEW to check for listeners |
| - CLEANUP: peers: don't use the PR_ST* states to mark enabled/disabled |
| - MEDIUM: proxy: replace proxy->state with proxy->disabled |
| - MEDIUM: proxy: remove start_proxies() |
| - MEDIUM: proxy: merge zombify_proxy() with stop_proxy() |
| - MINOR: listeners: check the current listener state in pause_listener() |
| - MINOR: listeners: check the current listener earlier state in resume_listener() |
| - MEDIUM: listener/proxy: make the listeners notify about proxy pause/resume |
| - MINOR: protocol: introduce protocol_{pause,resume}_all() |
| - MAJOR: signals: use protocol_pause_all() and protocol_resume_all() |
| - CLEANUP: proxy: remove the now unused pause_proxies() and resume_proxies() |
| - MEDIUM: proto_tcp: make the pause() more robust in multi-process |
| - BUG/MEDIUM: listeners: correctly report pause() errors |
| - MINOR: listeners: move fd_stop_recv() to the receiver's socket code |
| - CLEANUP: protocol: remove the ->disable_all method |
| - CLEANUP: listeners: remove unused disable_listener and disable_all_listeners |
| - MINOR: listeners: export enable_listener() |
| - MINOR: protocol: directly call enable_listener() from protocol_enable_all() |
| - CLEANUP: protocol: remove the ->enable_all method |
| - CLEANUP: listeners: remove the now unused enable_all_listeners() |
| - MINOR: protocol: rename the ->listeners field to ->receivers |
| - MINOR: protocol: replace ->pause(listener) with ->rx_suspend(receiver) |
| - MINOR: protocol: implement an ->rx_resume() method |
| - MINOR: listener: use the protocol's ->rx_resume() method when available |
| - MINOR: sock: provide a set of generic enable/disable functions |
| - MINOR: protocol: add a new pair of rx_enable/rx_disable methods |
| - MINOR: protocol: add a new pair of enable/disable methods for listeners |
| - MEDIUM: listeners: now use the listener's ->enable/disable |
| - MINOR: listeners: split delete_listener() in two versions |
| - MINOR: listeners: count unstoppable jobs on creation, not deletion |
| - MINOR: listeners: add a new stop_listener() function |
| - MEDIUM: proxy: make stop_proxy() now use stop_listener() |
| - MEDIUM: proxy: add mode PR_MODE_PEERS to flag peers frontends |
| - MEDIUM: proxy: centralize proxy status update and reporting |
| - MINOR: protocol: add protocol_stop_now() to instant-stop listeners |
| - MEDIUM: proxy: make soft_stop() stop most listeners using protocol_stop_now() |
| - MEDIUM: udp: implement udp_suspend() and udp_resume() |
| - MINOR: listener: add a few BUG_ON() statements to detect inconsistencies |
| - MEDIUM: listeners: always close master vs worker listeners |
| - BROKEN/MEDIUM: listeners: rework the unbind logic to make it idempotent |
| - MEDIUM: listener: let do_unbind_listener() decide whether to close or not |
| - CLEANUP: listeners: remove the do_close argument to unbind_listener() |
| - MINOR: listeners: move the LI_O_MWORKER flag to the receiver |
| - MEDIUM: receivers: add an rx_unbind() method in the protocols |
| - MINOR: listeners: split do_unbind_listener() in two |
| - MEDIUM: listeners: implement protocol level ->suspend/resume() calls |
| - MEDIUM: config: mark "grace" as deprecated |
| - MEDIUM: config: remove the deprecated and dangerous global "debug" directive |
| - BUG/MINOR: proxy: respect the proper format string in sig_pause/sig_listen |
| - MINOR: peers: heartbeat, collisions and handshake information for "show peers" command. |
| - BUILD: makefile: Enable getaddrinfo() on OS/X |
| |
| 2020/09/25 : 2.3-dev5 |
| - DOC: Fix typo in iif() example |
| - CLEANUP: Update .gitignore |
| - BUILD: introduce possibility to define ABORT_NOW() conditionally |
| - CI: travis-ci: help Coverity to recognize abort() |
| - BUG/MINOR: Fix type passed of sizeof() for calloc() |
| - CLEANUP: Do not use a fixed type for 'sizeof' in 'calloc' |
| - CLEANUP: tree-wide: use VAR_ARRAY instead of [0] in various definitions |
| - BUILD: connection: fix build on clang after the VAR_ARRAY cleanup |
| - BUG/MINOR: ssl: verifyhost is case sensitive |
| - BUILD: makefile: change default value of CC from gcc to cc |
| - CI: travis-ci: split asan step out of running tests |
| - BUG/MINOR: server: report correct error message for invalid port on "socks4" |
| - BUG/MEDIUM: ssl: Don't call ssl_sock_io_cb() directly. |
| - BUG/MINOR: ssl/crt-list: crt-list could end without a \n |
| - BUG/MINOR: log-forward: fail on unknown keywords |
| - MEDIUM: log-forward: use "dgram-bind" instead of "bind" for the listener |
| - BUG/MEDIUM: log-forward: always quit on parsing errors |
| - MEDIUM: ssl: remove bundle support in crt-list and directories |
| - MEDIUM: ssl/cli: remove support for multi certificates bundle |
| - MINOR: ssl: crtlist_dup_ssl_conf() duplicates a ssl_bind_conf |
| - MINOR: ssl: crtlist_entry_dup() duplicates a crtlist_entry |
| - MEDIUM: ssl: emulates the multi-cert bundles in the crtlist |
| - MEDIUM: ssl: emulate multi-cert bundles loading in standard loading |
| - CLEANUP: ssl: remove test on "multi" variable in ckch functions |
| - CLEANUP: ssl/cli: remove test on 'multi' variable in CLI functions |
| - CLEANUP: ssl: remove utility functions for bundle |
| - DOC: explain bundle emulation in configuration.txt |
| - BUILD: fix build with openssl < 1.0.2 since bundle removal |
| - BUG/MINOR: log: gracefully handle the "udp@" address format for log servers |
| - BUG/MINOR: dns: gracefully handle the "udp@" address format for nameservers |
| - MINOR: listener: create a new struct "settings" in bind_conf |
| - MINOR: listener: move bind_proc and bind_thread to struct settings |
| - MINOR: listener: move the interface to the struct settings |
| - MINOR: listener: move the network namespace to the struct settings |
| - REORG: listener: create a new struct receiver |
| - REORG: listener: move the listening address to a struct receiver |
| - REORG: listener: move the receiving FD to struct receiver |
| - REORG: listener: move the listener's proto to the receiver |
| - MINOR: listener: make sock_find_compatible_fd() check the socket type |
| - REORG: listener: move the receiver part to a new file |
| - MINOR: receiver: link the receiver to its settings |
| - MINOR: receiver: link the receiver to its owner |
| - MINOR: listener: prefer to retrieve the socket's settings via the receiver |
| - MINOR: receiver: add a receiver-specific flag to indicate the socket is bound |
| - MINOR: listener: move the INHERITED flag down to the receiver |
| - MINOR: receiver: move the FOREIGN and V6ONLY options from listener to settings |
| - MINOR: sock: make sock_find_compatible_fd() only take a receiver |
| - MINOR: protocol: rename the ->bind field to ->listen |
| - MINOR: protocol: add a new ->bind() entry to bind the receiver |
| - MEDIUM: sock_inet: implement sock_inet_bind_receiver() |
| - MEDIUM: tcp: make use of sock_inet_bind_receiver() |
| - MEDIUM: udp: make use of sock_inet_bind_receiver() |
| - MEDIUM: sock_unix: implement sock_unix_bind_receiver() |
| - MEDIUM: uxst: make use of sock_unix_bind_receiver() |
| - MEDIUM: sockpair: implement sockpair_bind_receiver() |
| - MEDIUM: proto_sockpair: make use of sockpair_bind_receiver() |
| - MEDIUM: protocol: explicitly start the receiver before the listener |
| - MEDIUM: protocol: do not call proto->bind() anymore from bind_listener() |
| - MINOR: protocol: add a new proto_fam structure for protocol families |
| - MINOR: protocol: retrieve the family-specific fields from the family |
| - CLEANUP: protocol: remove family-specific fields from struct protocol |
| - MINOR: protocol: add a real family for existing FDs |
| - CLEANUP: tools: make str2sa_range() less awful for fd@ and sockpair@ |
| - MINOR: tools: make str2sa_range() take more options than just resolve |
| - MINOR: tools: add several PA_O_PORT_* flags in str2sa_range() callers |
| - MEDIUM: tools: make str2sa_range() validate callers' port specifications |
| - MEDIUM: config: remove all checks for missing/invalid ports/ranges |
| - MINOR: tools: add several PA_O_* flags in str2sa_range() callers |
| - MINOR: listener: remove the inherited arg to create_listener() |
| - MINOR: tools: make str2sa_range() optionally return the fd |
| - MINOR: log: detect LOG_TARGET_FD from the fd and not from the syntax |
| - MEDIUM: tools: make str2sa_range() resolve pre-bound listeners |
| - MINOR: config: do not test an inherited socket again |
| - MEDIUM: tools: make str2sa_range() check for the sockpair's FD usability |
| - MINOR: tools: start to distinguish stream and dgram in str2sa_range() |
| - MEDIUM: tools: make str2sa_range() only report AF_CUST_UDP on listeners |
| - MINOR: tools: remove the central test for "udp" in str2sa_range() |
| - MINOR: cfgparse: add str2receiver() to parse dgram receivers |
| - MINOR: log-forward: use str2receiver() to parse the dgram-bind address |
| - MEDIUM: config: make str2listener() not accept datagram sockets anymore |
| - MINOR: listener: pass the chosen protocol to create_listeners() |
| - MINOR: tools: make str2sa_range() directly return the protocol |
| - MEDIUM: tools: make str2sa_range() check that the protocol has ->connect() |
| - MINOR: protocol: add the control layer type in the protocol struct |
| - MEDIUM: protocol: store the socket and control type in the protocol array |
| - MEDIUM: tools: make str2sa_range() use protocol_lookup() |
| - MEDIUM: proto_udp: replace last AF_CUST_UDP* with AF_INET* |
| - MINOR: tools: drop listener detection hack from str2sa_range() |
| - BUILD: sock_unix: add missing errno.h |
| - MINOR: sock_inet: report the errno string in binding errors |
| - MINOR: sock_unix: report the errno string in binding errors |
| - BUILD: sock_inet: include errno.h |
| - MINOR: h2/trace: also display the remaining frame length in traces |
| - BUG/MINOR: h2/trace: do not display "stream error" after a frame ACK |
| - BUG/MEDIUM: h2: report frame bits only for handled types |
| - BUG/MINOR: http-fetch: Don't set the sample type during the htx prefetch |
| - BUG/MINOR: Fix memory leaks cfg_parse_peers |
| - BUG/MINOR: config: Fix memory leak on config parse listen |
| - MINOR: backend: make the "whole" option of balance uri take only one bit |
| - MINOR: backend: add a new "path-only" option to "balance uri" |
| - REGTESTS: add a few load balancing tests |
| - BUG/MEDIUM: listeners: do not pause foreign listeners |
| - BUG/MINOR: listeners: properly close listener FDs |
| - BUILD: trace: include tools.h |
| |
| 2020/09/11 : 2.3-dev4 |
| - MINOR: hlua: Add error message relative to the Channel manipulation and HTTP mode |
| - BUG/MEDIUM: ssl: crt-list negative filters don't work |
| - DOC: overhauling github issue templates |
| - MEDIUM: cfgparse: Emit hard error on truncated lines |
| - DOC: cache: Use '<name>' instead of '<id>' in error message |
| - MINOR: cache: Reject duplicate cache names |
| - REGTEST: remove stray leading spaces in converteers_ref_cnt_never_dec.vtc |
| - MINOR: stats: prevent favicon.ico requests for stats page |
| - BUILD: tools: include auxv a bit later |
| - BUILD: task: work around a bogus warning in gcc 4.7/4.8 at -O1 |
| - MEDIUM: ssl: Support certificate chaining for certificate generation |
| - MINOR: ssl: Support SAN extension for certificate generation |
| - MINOR: tcp: don't try to set/clear v6only on inherited sockets |
| - BUG/MINOR: reload: detect the OS's v6only status before choosing an old socket |
| - MINOR: reload: determine the foreing binding status from the socket |
| - MEDIUM: reload: stop passing listener options along with FDs |
| - BUG/MEDIUM: ssl: fix ssl_bind_conf double free w/ wildcards |
| - MEDIUM: fd: replace usages of fd_remove() with fd_stop_both() |
| - CLEANUP: fd: remove fd_remove() and rename fd_dodelete() to fd_delete() |
| - MINOR: fd: add a new "exported" flag and use it for all regular listeners |
| - MEDIUM: reload: pass all exportable FDs, not just listeners |
| - DOC: add description of pidfile in master-worker mode |
| - BUG/MINOR: reload: do not fail when no socket is sent |
| - REORG: tcp: move TCP actions from proto_tcp.c to tcp_act.c |
| - CLEANUP: tcp: stop exporting smp_fetch_src() |
| - REORG: tcp: move TCP sample fetches from proto_tcp.c to tcp_sample.c |
| - REORG: tcp: move TCP bind/server keywords from proto_tcp.c to cfgparse-tcp.c |
| - REORG: unix: move UNIX bind/server keywords from proto_uxst.c to cfgparse-unix.c |
| - REORG: sock: start to move some generic socket code to sock.c |
| - MINOR: sock: introduce sock_inet and sock_unix |
| - MINOR: tcp/udp/unix: make use of proto->addrcmp() to compare addresses |
| - MINOR: sock_inet: implement sock_inet_get_dst() |
| - REORG: inet: replace tcp_is_foreign() with sock_inet_is_foreign() |
| - REORG: sock_inet: move v6only_default from proto_tcp.c to sock_inet.c |
| - REORG: sock_inet: move default_tcp_maxseg from proto_tcp.c |
| - REORG: listener: move xfer_sock_list to sock.{c,h}. |
| - MINOR: sock: add interface and namespace length to xfer_sock_list |
| - MINOR: sock: implement sock_find_compatible_fd() |
| - MINOR: sock_inet: move the IPv4/v6 transparent mode code to sock_inet |
| - REORG: sock: move get_old_sockets() from haproxy.c |
| - MINOR: sock: do not use LI_O_* in xfer_sock_list anymore |
| - MINOR: sock: distinguish dgram from stream types when retrieving old sockets |
| - BUILD: sock_unix: fix build issue with isdigit() |
| - BUG/MEDIUM: http-ana: Don't wait to send 1xx responses received from servers |
| - MINOR: http-htx: Add an option to eval query-string when the path is replaced |
| - BUG/MINOR: http-rules: Replace path and query-string in "replace-path" action |
| - MINOR: http-htx: Handle an optional reason when replacing the response status |
| - MINOR: contrib/spoa-server: allow MAX_FRAME_SIZE override |
| - BUG/MAJOR: contrib/spoa-server: Fix unhandled python call leading to memory leak |
| - BUG/MINOR: contrib/spoa-server: Ensure ip address references are freed |
| - BUG/MINOR: contrib/spoa-server: Do not free reference to NULL |
| - BUG/MINOR: contrib/spoa-server: Updating references to free in case of failure |
| - BUG/MEDIUM: contrib/spoa-server: Fix ipv4_address used instead of ipv6_address |
| - CLEANUP: http: silence a cppcheck warning in get_http_auth() |
| - REGTEST: increase some short timeouts to make tests more reliable |
| - BUG/MINOR: threads: work around a libgcc_s issue with chrooting |
| - BUILD: thread: limit the libgcc_s workaround to glibc only |
| - MINOR: protocol: do not call proto->bind_all() anymore |
| - MINOR: protocol: do not call proto->unbind_all() anymore |
| - CLEANUP: protocol: remove all ->bind_all() and ->unbind_all() functions |
| - MAJOR: init: start all listeners via protocols and not via proxies anymore |
| - BUG/MINOR: startup: haproxy -s cause 100% cpu |
| - Revert "BUG/MINOR: http-rules: Replace path and query-string in "replace-path" action" |
| - BUG/MEDIUM: doc: Fix replace-path action description |
| - MINOR: http-rules: Add set-pathq and replace-pathq actions |
| - MINOR: http-fetch: Add pathq sample fetch |
| - REGTEST: Add a test for request path manipulations, with and without the QS |
| - MINOR: Commit .gitattributes |
| - CLEANUP: Update .gitignore |
| - BUG/MEDIUM: dns: Don't store additional records in a linked-list |
| - BUG/MEDIUM: dns: Be sure to renew IP address for already known servers |
| - MINOR: server: Improve log message sent when server address is updated |
| - DOC: ssl-load-extra-files only applies to certificates on bind lines |
| - BUG/MINOR: auth: report valid crypto(3) support depending on build options |
| - BUG/MEDIUM: mux-h1: always apply the timeout on half-closed connections |
| - BUILD: threads: better workaround for late loading of libgcc_s |
| - BUILD: compiler: reserve the gcc version checks to the gcc compiler |
| - BUILD: compiler: workaround a glibc madness around __attribute__() |
| - BUILD: intops: on x86_64, the bswap instruction is called bswapq |
| - BUILD: trace: always have an argument before variadic args in macros |
| - BUILD: traces: don't pass an empty argument for missing ones |
| - BUG/MINOR: haproxy: Free uri_auth->scope during deinit |
| - CLEANUP: Free old_argv on deinit |
| - CLEANUP: haproxy: Free post_proxy_check_list in deinit() |
| - CLEANUP: haproxy: Free per_thread_*_list in deinit() |
| - CLEANUP: haproxy: Free post_check_list in deinit() |
| - BUG/MEDIUM: pattern: Renew the pattern expression revision when it is pruned |
| - REORG: tools: move PARSE_OPT_* from tools.h to tools-t.h |
| - MINOR: sample: Add iif(<true>,<false>) converter |
| |
| 2020/08/14 : 2.3-dev3 |
| - SCRIPTS: git-show-backports: make -m most only show the left branch |
| - SCRIPTS: git-show-backports: emit the shell command to backport a commit |
| - BUILD: Makefile: require SSL_LIB, SSL_INC to be explicitly set |
| - CI: travis-ci: specify SLZ_LIB, SLZ_INC for travis builds |
| - BUG/MEDIUM: mux-h1: Refresh H1 connection timeout after a synchronous send |
| - CLEANUP: dns: typo in reported error message |
| - BUG/MAJOR: dns: disabled servers through SRV records never recover |
| - BUG/MINOR: spoa-server: fix size_t format printing |
| - DOC: spoa-server: fix false friends `actually` |
| - BUG/MINOR: ssl: fix memory leak at OCSP loading |
| - BUG/MEDIUM: ssl: memory leak of ocsp data at SSL_CTX_free() |
| - BUG/MEDIUM: map/lua: Return an error if a map is loaded during runtime |
| - MINOR: arg: Add an argument type to keep a reference on opaque data |
| - BUG/MINOR: converters: Store the sink in an arg pointer for debug() converter |
| - BUG/MINOR: lua: Duplicate map name to load it when a new Map object is created |
| - BUG/MINOR: arg: Fix leaks during arguments validation for fetches/converters |
| - BUG/MINOR: lua: Check argument type to convert it to IPv4/IPv6 arg validation |
| - BUG/MINOR: lua: Check argument type to convert it to IP mask in arg validation |
| - MINOR: hlua: Don't needlessly copy lua strings in trash during args validation |
| - BUG/MINOR: lua: Duplicate lua strings in sample fetches/converters arg array |
| - MEDIUM: lua: Don't filter exported fetches and converters |
| - MINOR: lua: Add support for userlist as fetches and converters arguments |
| - MINOR: lua: Add support for regex as fetches and converters arguments |
| - MINOR: arg: Use chunk_destroy() to release string arguments |
| - BUG/MINOR: snapshots: leak of snapshots on deinit() |
| - CLEANUP: ssl: ssl_sock_crt2der semicolon and spaces |
| - MINOR: ssl: add ssl_{c,s}_chain_der fetch methods |
| - CLEANUP: fix all duplicated semicolons |
| - BUG/MEDIUM: ssl: fix the ssl-skip-self-issued-ca option |
| - BUG/MINOR: ssl: ssl-skip-self-issued-ca requires >= 1.0.2 |
| - BUG/MINOR: stats: use strncmp() instead of memcmp() on health states |
| - BUILD: makefile: don't disable -Wstringop-overflow anymore |
| - BUG/MINOR: ssl: double free w/ smp_fetch_ssl_x_chain_der() |
| - BUG/MEDIUM: htx: smp_prefetch_htx() must always validate the direction |
| - BUG/MEDIUM: ssl: never generates the chain from the verify store |
| - OPTIM: regex: PCRE2 use JIT match when JIT optimisation occured. |
| - BUG/MEDIUM: ssl: does not look for all SNIs before chosing a certificate |
| - CLEANUP: ssl: remove poorly readable nested ternary |
| |
| 2020/07/31 : 2.3-dev2 |
| - DOC: ssl: req_ssl_sni needs implicit TLS |
| - BUG/MEDIUM: arg: empty args list must be dropped |
| - BUG/MEDIUM: resolve: fix init resolving for ring and peers section. |
| - BUG/MAJOR: tasks: don't requeue global tasks into the local queue |
| - MINOR: tasks/debug: make the thread affinity BUG_ON check a bit stricter |
| - MINOR: tasks/debug: add a few BUG_ON() to detect use of wrong timer queue |
| - MINOR: tasks/debug: add a BUG_ON() check to detect requeued task on free |
| - BUG/MAJOR: dns: Make the do-resolve action thread-safe |
| - BUG/MEDIUM: dns: Release answer items when a DNS resolution is freed |
| - MEDIUM: htx: Add a flag on a HTX message when no more data are expected |
| - BUG/MEDIUM: stream-int: Don't set MSG_MORE flag if no more data are expected |
| - BUG/MEDIUM: http-ana: Only set CF_EXPECT_MORE flag on data filtering |
| - CLEANUP: dns: remove 45 "return" statements from dns_validate_dns_response() |
| - BUG/MINOR: htx: add two missing HTX_FL_EOI and remove an unexpected one |
| - BUG/MINOR: mux-fcgi: Don't url-decode the QUERY_STRING parameter anymore |
| - BUILD: tools: fix build with static only toolchains |
| - DOC: Use gender neutral language |
| - BUG/MINOR: debug: Don't dump the lua stack if it is not initialized |
| - BUG/MAJOR: dns: fix null pointer dereference in snr_update_srv_status |
| - BUG/MAJOR: dns: don't treat Authority records as an error |
| - CI : travis-ci : prepare for using stock OpenSSL |
| - CI: travis-ci : switch to stock openssl when openssl-1.1.1 is used |
| - MEDIUM: lua: Add support for the Lua 5.4 |
| - BUG/MEDIUM: dns: Don't yield in do-resolve action on a final evaluation |
| - BUG/MINOR: lua: Abort execution of actions that yield on a final evaluation |
| - MINOR: tcp-rules: Return an internal error if an action yields on a final eval |
| - BUG/MINOR: tcp-rules: Preserve the right filter analyser on content eval abort |
| - BUG/MINOR: tcp-rules: Set the inspect-delay when a tcp-response action yields |
| - MEDIUM: tcp-rules: Use a dedicated expiration date for tcp ruleset |
| - MEDIUM: lua: Set the analyse expiration date with smaller wake_time only |
| - BUG/MEDIUM: connection: Be sure to always install a mux for sync connect |
| - MINOR: connection: Preinstall the mux for non-ssl connect |
| - MINOR: stream-int: Be sure to have a mux to do sends and receives |
| - BUG/MINOR: lua: Fix a possible null pointer deref on lua ctx |
| - SCRIPTS: announce-release: add the link to the wiki in the announce messages |
| - CI: travis-ci: use better name for Coverity scan job |
| - CI: travis-ci: use proper linking flags for SLZ build |
| - BUG/MEDIUM: backend: always attach the transport before installing the mux |
| - BUG/MEDIUM: tcp-checks: always attach the transport before installing the mux |
| - MINOR: connection: avoid a useless recvfrom() on outgoing connections |
| - MINOR: mux-h1: do not even try to receive if the connection is not fully set up |
| - MINOR: mux-h1: do not try to receive on backend before sending a request |
| - CLEANUP: assorted typo fixes in the code and comments |
| - BUG/MEDIUM: ssl: check OCSP calloc in ssl_sock_load_ocsp() |
| |
| 2020/07/17 : 2.3-dev1 |
| - MINOR: config: make strict limits enabled by default |
| - BUG/MINOR: acl: Fix freeing of expr->smp in prune_acl_expr |
| - BUG/MINOR: sample: Fix freeing of conv_exprs in release_sample_expr |
| - BUG/MINOR: haproxy: Free proxy->format_unique_id during deinit |
| - BUG/MINOR: haproxy: Add missing free of server->(hostname|resolvers_id) |
| - BUG/MINOR: haproxy: Free proxy->unique_id_header during deinit |
| - BUG/MINOR: haproxy: Free srule->file during deinit |
| - BUG/MINOR: haproxy: Free srule->expr during deinit |
| - BUG/MINOR: sample: Free str.area in smp_check_const_bool |
| - BUG/MINOR: sample: Free str.area in smp_check_const_meth |
| - CLEANUP: haproxy: Free proxy_deinit_list in deinit() |
| - CLEANUP: haproxy: Free post_deinit_list in deinit() |
| - CLEANUP: haproxy: Free server_deinit_list in deinit() |
| - CLEANUP: haproxy: Free post_server_check_list in deinit() |
| - CLEANUP: Add static void vars_deinit() |
| - CLEANUP: Add static void hlua_deinit() |
| - CLEANUP: contrib/prometheus-exporter: typo fixes for ssl reuse metric |
| - BUG/MEDIUM: lists: add missing store barrier on MT_LIST_BEHEAD() |
| - BUG/MEDIUM: lists: add missing store barrier in MT_LIST_ADD/MT_LIST_ADDQ |
| - MINOR: tcp: Support TCP keepalive parameters customization |
| - BUILD: tcp: condition TCP keepalive settings to platforms providing them |
| - MINOR: lists: rename some MT_LIST operations to clarify them |
| - MINOR: buffer: use MT_LIST_ADDQ() for buffer_wait lists additions |
| - MINOR: connection: use MT_LIST_ADDQ() to add connections to idle lists |
| - MINOR: tasks: use MT_LIST_ADDQ() when killing tasks. |
| - CONTRIB: da: fix memory leak in dummy function da_atlas_open() |
| - CI: travis-ci: speed up osx build by running brew scripted, switch to latest osx image |
| - BUG/MEDIUM: mux-h2: Don't add private connections in available connection list |
| - BUG/MEDIUM: mux-fcgi: Don't add private connections in available connection list |
| - MINOR: connection: Set the SNI on server connections before installing the mux |
| - MINOR: connection: Set new connection as private on reuse never |
| - MINOR: connection: Add a wrapper to mark a connection as private |
| - MEDIUM: connection: Add private connections synchronously in session server list |
| - MINOR: connection: Use a dedicated function to look for a session's connection |
| - MINOR: connection: Set the conncetion target during its initialisation |
| - MINOR: session: Take care to decrement idle_conns counter in session_unown_conn |
| - MINOR: server: Factorize code to deal with reuse of server idle connections |
| - MINOR: server: Factorize code to deal with connections removed from an idle list |
| - CLEANUP: connection: remove unused field idle_time from the connection struct |
| - BUG/MEDIUM: mux-h1: Continue to process request when switching in tunnel mode |
| - MINOR: raw_sock: Report the number of bytes emitted using the splicing |
| - MINOR: contrib/prometheus-exporter: Add missing global and per-server metrics |
| - MINOR: backend: Add sample fetches to get the server's weight |
| - BUG/MINOR: mux-fcgi: Handle empty STDERR record |
| - BUG/MINOR: mux-fcgi: Set conn state to RECORD_P when skipping the record padding |
| - BUG/MINOR: mux-fcgi: Set flags on the right stream field for empty FCGI_STDOUT |
| - BUG/MINOR: backend: fix potential null deref on srv_conn |
| - BUG/MEDIUM: log: issue mixing sampled to not sampled log servers. |
| - MEDIUM: udp: adds minimal proto udp support for message listeners. |
| - MEDIUM: log/sink: re-work and merge of build message API. |
| - MINOR: log: adds syslog udp message handler and parsing. |
| - MEDIUM: log: adds log forwarding section. |
| - MINOR: log: adds counters on received syslog messages. |
| - BUG/MEDIUM: fcgi-app: fix memory leak in fcgi_flt_http_headers |
| - BUG/MEDIUM: server: resolve state file handle leak on reload |
| - BUG/MEDIUM: server: fix possibly uninitialized state file on close |
| - BUG/MEDIUM: channel: Be aware of SHUTW_NOW flag when output data are peeked |
| - BUILD: config: address build warning on raspbian+rpi4 |
| - BUG/MAJOR: tasks: make sure to always lock the shared wait queue if needed |
| - BUILD: config: fix again bugs gcc warnings on calloc |
| |
| 2020/07/07 : 2.3-dev0 |
| - [RELEASE] Released version 2.3-dev0 |
| - MINOR: version: back to development, update status message |
| |
| 2020/07/07 : 2.3-dev0 |
| - exact copy of 2.2.0 |
| |
| 2020/07/07 : 2.2.0 |
| - BUILD: mux-h2: fix typo breaking build when using DEBUG_LOCK |
| - CLEANUP: makefile: update the outdated list of DEBUG_xxx options |
| - BUILD: tools: make resolve_sym_name() return a const |
| - CLEANUP: auth: fix useless self-include of auth-t.h |
| - BUILD: tree-wide: cast arguments to tolower/toupper to unsigned char |
| - CLEANUP: assorted typo fixes in the code and comments |
| - WIP/MINOR: ssl: add sample fetches for keylog in frontend |
| - DOC: fix tune.ssl.keylog sample fetches array |
| - BUG/MINOR: ssl: check conn in keylog sample fetch |
| - DOC: configuration: various typo fixes |
| - MINOR: log: Remove unused case statement during the log-format string parsing |
| - BUG/MINOR: mux-h1: Fix the splicing in TUNNEL mode |
| - BUG/MINOR: mux-h1: Don't read data from a pipe if the mux is unable to receive |
| - BUG/MINOR: mux-h1: Disable splicing only if input data was processed |
| - BUG/MEDIUM: mux-h1: Disable splicing for the conn-stream if read0 is received |
| - MINOR: mux-h1: Improve traces about the splicing |
| - BUG/MINOR: backend: Remove CO_FL_SESS_IDLE if a client remains on the last server |
| - BUG/MEDIUM: connection: Don't consider new private connections as available |
| - BUG/MINOR: connection: See new connection as available only on reuse always |
| - DOC: configuration: remove obsolete mentions of H2 being converted to HTTP/1.x |
| - CLEANUP: ssl: remove unrelevant comment in smp_fetch_ssl_x_keylog() |
| - DOC: update INSTALL with new compiler versions |
| - DOC: minor update to coding style file |
| - MINOR: version: mention that it's an LTS release now |
| |
| 2020/07/04 : 2.2-dev12 |
| - BUG/MINOR: mux_h2: don't lose the leaving trace in h2_io_cb() |
| - MINOR: cli: make "show sess" stop at the last known session |
| - CLEANUP: buffers: remove unused buffer_wq_lock lock |
| - BUG/MEDIUM: buffers: always allocate from the local cache first |
| - MINOR: connection: align toremove_{lock,connections} and cleanup into idle_conns |
| - CONTRIB: debug: add missing flags SI_FL_L7_RETRY & SI_FL_D_L7_RETRY |
| - BUG/MEDIUM: connections: Don't increase curr_used_conns for shared connections. |
| - BUG/MEDIUM: checks: Increment the server's curr_used_conns |
| - REORG: buffer: rename buffer.c to dynbuf.c |
| - REORG: includes: create tinfo.h for the thread_info struct |
| - CLEANUP: pool: only include the type files from types |
| - MINOR: pools: move the LRU cache heads to thread_info |
| - BUG/MINOR: debug: fix "show fd" null-deref when built with DEBUG_FD |
| - MINOR: stats: add 3 new output values for the per-server idle conn state |
| - MINOR: activity: add per-thread statistics on FD takeover |
| - BUG/MINOR: server: start cleaning idle connections from various points |
| - MEDIUM: server: improve estimate of the need for idle connections |
| - MINOR: stats: add the estimated need of concurrent connections per server |
| - BUG/MINOR: threads: Don't forget to init each thread toremove_lock. |
| - BUG/MEDIUM: lists: Lock the element while we check if it is in a list. |
| - Revert "BUG/MEDIUM: lists: Lock the element while we check if it is in a list." |
| - BUG/MINOR: haproxy: don't wake already stopping threads on exit |
| - BUG/MINOR: server: always count one idle slot for current thread |
| - MEDIUM: server: use the two thresholds for the connection release algorithm |
| - BUG/MINOR: http-rules: Fix ACLs parsing for http deny rules |
| - BUG/MINOR: sched: properly cover for a rare MT_LIST_ADDQ() race |
| - MINOR: mux-h1: avoid taking the toremove_lock in on dying tasks |
| - MINOR: mux-h2: avoid taking the toremove_lock in on dying tasks |
| - MINOR: mux-fcgi: avoid taking the toremove_lock in on dying tasks |
| - MINOR: pools: increase MAX_BASE_POOLS to 64 |
| - DOC: ssl: add "allow-0rtt" and "ciphersuites" in crt-list |
| - BUG/MEDIUM: pattern: Add a trailing \0 to match strings only if possible |
| - BUG/MEDIUM: log-format: fix possible endless loop in parse_logformat_string() |
| - BUG/MINOR: proxy: fix dump_server_state()'s misuse of the trash |
| - BUG/MINOR: proxy: always initialize the trash in show servers state |
| - MINOR: cli/proxy: add a new "show servers conn" command |
| - MINOR: server: skip servers with no idle conns earlier |
| - BUG/MINOR: server: fix the connection release logic regarding nearly full conditions |
| - MEDIUM: server: add a new pool-low-conn server setting |
| - BUG/MEDIUM: backend: always search in the safe list after failing on the idle one |
| - MINOR: backend: don't always takeover from the same threads |
| - MINOR: sched: make sched->task_list_size atomic |
| - MEDIUM: sched: create a new TASK_KILLED task flag |
| - MEDIUM: sched: implement task_kill() to kill a task |
| - MEDIUM: mux-h1: use task_kill() during h1_takeover() instead of task_wakeup() |
| - MEDIUM: mux-h2: use task_kill() during h2_takeover() instead of task_wakeup() |
| - MEDIUM: mux-fcgi: use task_kill() during fcgi_takeover() instead of task_wakeup() |
| - MINOR: list: Add MT_LIST_DEL_SAFE_NOINIT() and MT_LIST_ADDQ_NOCHECK() |
| - CLEANUP: connections: rename the toremove_lock to takeover_lock |
| - MEDIUM: connections: Don't use a lock when moving connections to remove. |
| - DOC: configuration: add missing index entries for tune.pool-{low,high}-fd-ratio |
| - DOC: configuration: fix alphabetical ordering for tune.pool-{high,low}-fd-ratio |
| - MINOR: config: add a new tune.idle-pool.shared global setting. |
| - MINOR: 51d: silence a warning about null pointer dereference |
| - MINOR: debug: add a new "debug dev memstats" command |
| - MINOR: log-format: allow to preserve spacing in log format strings |
| - BUILD: debug: avoid build warnings with DEBUG_MEM_STATS |
| - BUG/MAJOR: sched: make sure task_kill() always queues the task |
| - BUG/MEDIUM: muxes: Make sure nobody stole the connection before using it. |
| - BUG/MEDIUM: cli/proxy: don't try to dump idle connection state if there's none |
| - BUILD: haproxy: fix build error when RLIMIT_AS is not set |
| - BUG/MAJOR: sched: make it work also when not building with DEBUG_STRICT |
| - MINOR: log: add time second fraction field to rfc5424 log timestamp. |
| - BUG/MINOR: log: missing timezone on iso dates. |
| - BUG/MEDIUM: server: don't kill all idle conns when there are not enough |
| - MINOR: sched: split tasklet_wakeup() into tasklet_wakeup_on() |
| - BUG/MEDIUM: connections: Set the tid for the old tasklet on takeover. |
| - BUG/MEDIUM: connections: Let the xprt layer know a takeover happened. |
| - BUG/MINOR: http_act: don't check capture id in backend (2) |
| - BUILD: makefile: disable threads by default on OpenBSD |
| - BUILD: peers: fix build warning with gcc 4.2.1 |
| - CI: cirrus-ci: exclude slow reg-tests |
| |
| 2020/06/26 : 2.2-dev11 |
| - REGTEST: Add a simple script to tests errorfile directives in proxy sections |
| - BUG/MEDIUM: fcgi-app: Resolve the sink if a fcgi-app logs in a ring buffer |
| - BUG/MINOR: spoe: correction of setting bits for analyzer |
| - BUG/MINOR: cfgparse: Support configurations without newline at EOF |
| - MINOR: cfgparse: Warn on truncated lines / files |
| - BUG/MINOR: http_ana: clarify connection pointer check on L7 retry |
| - MINOR: debug: add a new DEBUG_FD build option |
| - BUG/MINOR: tasks: make sure never to exceed max_processed |
| - MINOR: task: add a new pointer to current tasklet queue |
| - BUG/MEDIUM: task: be careful not to run too many tasks at TL_URGENT |
| - BUG/MINOR: cfgparse: Fix argument reference in PARSE_ERR_TOOMANY message |
| - BUG/MINOR: cfgparse: Fix calculation of position for PARSE_ERR_TOOMANY message |
| - BUG/MEDIUM: ssl: fix ssl_bind_conf double free |
| - MINOR: ssl: free bind_conf_node in crtlist_free() |
| - MINOR: ssl: free the crtlist and the ckch during the deinit() |
| - BUG/MINOR: ssl: fix build with ckch_deinit() and crtlist_deinit() |
| - BUG/MINOR: ssl/cli: certs added from the CLI can't be deleted |
| - MINOR: ssl: move the ckch/crtlist deinit to ssl_sock.c |
| - MEDIUM: tasks: apply a fair CPU distribution between tasklet classes |
| - MINOR: tasks: make current_queue an index instead of a pointer |
| - MINOR: tasks: add a mask of the queues with active tasklets |
| - MINOR: tasks: pass the queue index to run_task_from_list() |
| - MINOR: tasks: make run_tasks_from_lists() scan the queues itself |
| - MEDIUM: tasks: add a tune.sched.low-latency option |
| - BUG/MEDIUM: ssl/cli: 'commit ssl cert' crashes when no private key |
| - BUG/MINOR: cfgparse: don't increment linenum on incomplete lines |
| - MINOR: tools: make parse_line() always terminate the args list |
| - BUG/MINOR: cfgparse: report extraneous args *after* the string is allocated |
| - MINOR: cfgparse: sanitize the output a little bit |
| - MINOR: cli/ssl: handle trailing slashes in crt-list commands |
| - MINOR: ssl: add the ssl_s_* sample fetches for server side certificate |
| - BUG/MEDIUM: http-ana: Don't loop trying to generate a malformed 500 response |
| - BUG/MINOR: stream-int: Don't wait to send truncated HTTP messages |
| - BUG/MINOR: http-ana: Set CF_EOI on response channel for generated responses |
| - BUG/MINOR: http-ana: Don't wait to send 1xx responses generated by HAProxy |
| - MINOR: spoe: Don't systematically create new applets if processing rate is low |
| - DOC: fix some typos in the ssl_s_{s|i}_dn documentation |
| - BUILD: fix ssl_sample.c when building against BoringSSL |
| - CI: travis-ci: switch BoringSSL builds to ninja |
| - CI: extend spellchecker whitelist |
| - DOC: assorted typo fixes in the documentation |
| - CLEANUP: assorted typo fixes in the code and comments |
| - MINOR: http: Add support for http 413 status |
| - REGTEST: ssl: tests the ssl_f_* sample fetches |
| - REGTEST: ssl: add some ssl_c_* sample fetches test |
| - DOC: ssl: update the documentation of "commit ssl cert" |
| - BUG/MINOR: cfgparse: correctly deal with empty lines |
| - BUG/MEDIUM: fetch: Fix hdr_ip misparsing IPv4 addresses due to missing NUL |
| |
| 2020/06/19 : 2.2-dev10 |
| - BUILD: include: add sys/types before netinet/tcp.h |
| - BUG/MEDIUM: log: don't hold the log lock during writev() on a file descriptor |
| - BUILD: Remove nowarn for warnings that do not trigger |
| - BUG/MEDIUM: pattern: fix thread safety of pattern matching |
| - BUILD: Re-enable -Wimplicit-fallthrough |
| - BUG/MINOR: ssl: fix ssl-{min,max}-ver with openssl < 1.1.0 |
| - BUILD: thread: add parenthesis around values of locking macros |
| - BUILD: proto_uxst: shut up yet another gcc's absurd warning |
| - BUG/MEDIUM: checks: Fix off-by-one in allocation of SMTP greeting cmd |
| - CI: travis-ci: use "-O1" for clang builds |
| - MINOR: haproxy: Add void deinit_and_exit(int) |
| - MINOR: haproxy: Make use of deinit_and_exit() for clean exits |
| - BUG/MINOR: haproxy: Free rule->arg.vars.expr during deinit_act_rules |
| - BUILD: compression: make gcc 10 happy with free_zlib() |
| - BUILD: atomic: add string.h for memcpy() on ARM64 |
| - BUG/MINOR: http: make smp_fetch_body() report that the contents may change |
| - BUG/MINOR: tcp-rules: tcp-response must check the buffer's fullness |
| - BUILD: haproxy: mark deinit_and_exit() as noreturn |
| - BUG/MAJOR: vars: Fix bogus free() during deinit() for http-request rules |
| - BUG/MEDIUM: ebtree: use a byte-per-byte memcmp() to compare memory blocks |
| - MINOR: tools: add a new configurable line parse, parse_line() |
| - BUG/MEDIUM: cfgparse: use parse_line() to expand/unquote/unescape config lines |
| - BUG/MEDIUM: cfgparse: stop after a reasonable amount of fatal error |
| - MINOR: http: do not close connections anymore after internal responses |
| - BUG/MINOR: cfgparse: Add missing fatal++ in PARSE_ERR_HEX case |
| - BUG/MINOR: spoe: add missing key length check before checking key names |
| - MINOR: version: put the compiler version output into version.c not haproxy.c |
| - MINOR: compiler: always define __has_feature() |
| - MINOR: version: report the presence of the compiler's address sanitizer |
| - BUILD: Fix build by including haproxy/global.h |
| - BUG/MAJOR: connection: always disable ready events once reported |
| - CLEANUP: activity: remove unused counter fd_lock |
| - DOC: fd: make it clear that some fields ordering must absolutely be respected |
| - MINOR: activity: report the number of times poll() reports I/O |
| - MINOR: activity: rename confusing poll_* fields in the output |
| - MINOR: fd: Fix a typo in a coment. |
| - BUG/MEDIUM: fd: Don't fd_stop_recv() a fd we don't own. |
| - BUG/MEDIUM: fd: Call fd_stop_recv() when we just got a fd. |
| - MINOR: activity: group the per-loop counters at the top |
| - MINOR: activity: rename the "stream" field to "stream_calls" |
| - MEDIUM: fd: refine the fd_takeover() migration lock |
| - MINOR: fd: slightly optimize the fd_takeover double-CAS loop |
| - MINOR: fd: factorize the fd_takeover() exit path to make it safer |
| - MINOR: peers: do not use localpeer as an array anymore |
| - MEDIUM: peers: add the "localpeer" global option |
| - MEDIUM: fd: add experimental support for edge-triggered polling |
| - CONTRIB: debug: add the missing flags CO_FL_SAFE_LIST and CO_FL_IDLE_LIST |
| - MINOR: haproxy: process signals before runnable tasks |
| - MEDIUM: tasks: clean up the front side of the wait queue in wake_expired_tasks() |
| - MEDIUM: tasks: also process late wakeups in process_runnable_tasks() |
| - BUG/MINOR: cli: allow space escaping on the CLI |
| - BUG/MINOR: mworker/cli: fix the escaping in the master CLI |
| - BUG/MINOR: mworker/cli: fix semicolon escaping in master CLI |
| - REGTEST: http-rules: test spaces in ACLs |
| - REGTEST: http-rules: test spaces in ACLs with master CLI |
| - BUG/MAJOR: init: properly compute the default global.maxpipes value |
| - MEDIUM: map: make the "clear map" operation yield |
| - BUG/MEDIUM: stream-int: fix loss of CO_SFL_MSG_MORE flag in forwarding |
| - MINOR: mux_h1: Set H1_F_CO_MSG_MORE if we know we have more to send. |
| - BUG/MINOR: systemd: Wait for network to be online |
| - DOC: configuration: Unindent non-code sentences in the protobuf example |
| - DOC: configuration: http-check send was missing from matrix |
| |
| 2020/06/11 : 2.2-dev9 |
| - BUG/MINOR: http-htx: Don't forget to release the http reply in release function |
| - BUG/MINOR: http-htx: Fix a leak on error path during http reply parsing |
| - MINOR: checks: Remove dead code from process_chk_conn() |
| - REGTESTS: checks: Fix tls_health_checks when IPv6 addresses are used |
| - REGTESTS: Add missing OPENSSL to REQUIRE_OPTIONS for lua/txn_get_priv |
| - MINOR: lua: Use vars_unset_by_name_ifexist() |
| - CLEANUP: vars: Remove void vars_unset_by_name(const char*, size_t, struct sample*) |
| - MINOR: vars: Make vars_(un|)set_by_name(_ifexist|) return a success value |
| - MINOR: lua: Make `set_var()` and `unset_var()` return success |
| - MEDIUM: lua: Add `ifexist` parameter to `set_var` |
| - MEDIUM: ring: new section ring to declare custom ring buffers. |
| - REGTESTS: Add missing OPENSSL to REQUIRE_OPTIONS for compression/lua_validation |
| - REGTESTS: Require the version 2.2 to execute lua/set_var |
| - BUG/MEDIUM: checks: Refresh the conn-stream and the connection after a connect |
| - MINOR: checks: Remove useless tests on the connection and conn-stream |
| - BUG/MEDIUM: contrib/spoa: do not register python3.8 if --embed fail |
| - BUG/MEDIUM: connection: Ignore PP2 unique ID for stream-less connections |
| - BUG/MINOR: connection: Always get the stream when available to send PP2 line |
| - BUG/MEDIUM: backend: set the connection owner to the session when using alpn. |
| - MINOR: pools: compute an estimate of each pool's average needed objects |
| - MEDIUM: pools: directly free objects when pools are too much crowded |
| - REGTEST: Add connection/proxy_protocol_send_unique_id_alpn |
| - MINOR: http-ana: Make the function http_reply_to_htx() public |
| - MINOR: http-ana: Use proxy's error replies to emit 401/407 responses |
| - MINOR: http-rules: Use an action function to eval http-request auth rules |
| - CLEANUP: http: Remove unused HTTP message templates |
| - BUG/MEDIUM: checks: Don't blindly subscribe for receive if waiting for connect |
| - MINOR: checks: I/O callback function only rely on the data layer wake callback |
| - BUG/MINOR: lua: Add missing string length for lua sticktable lookup |
| - BUG/MEDIUM: logs: fix trailing zeros on log message. |
| - CI: cirrus-ci: skip reg-tests/connection/proxy_protocol_send_unique_id_alpn.vtc on CentOS 6 |
| - BUG/MINOR: nameservers: fix error handling in parsing of resolv.conf |
| - BUG/MEDIUM: checks: Don't add a tcpcheck ruleset twice in the shared tree |
| - MEDIUM: ssl: use TLSv1.2 as the minimum default on bind lines |
| - CLEANUP: pools: use the regular lock for the flush operation on lockless pools |
| - SCRIPTS: publish-release: pass -n to gzip to remove timestamp |
| - MINOR: ring: re-work ring attach generic API. |
| - BUG/MINOR: error on unknown statement in ring section. |
| - MEDIUM: ring: add server statement to forward messages from a ring |
| - MEDIUM: ring: add new srv statement to support octet counting forward |
| - MINOR: ssl: set ssl-min-ver in ambiguous configurations |
| - CLEANUP: ssl: remove comment from dump_crtlist_sslconf() |
| - BUILD: sink: address build warning on 32-bit architectures |
| - BUG/MINOR: peers: fix internal/network key type mapping. |
| - CLEANUP: regex: remove outdated support for regex actions |
| - Revert "MINOR: ssl: rework add cert chain to CTX to be libssl independent" |
| - MINOR: mux-h1/proxy: Add a proxy option to disable clear h2 upgrade |
| - BUG/MEDIUM: lua: Reset analyse expiration timeout before executing a lua action |
| - DOC: add a line about comments in crt-list |
| - BUG/MEDIUM: hlua: Lock pattern references to perform set/add/del operations |
| - BUG/MINOR: checks: Fix test on http-check rulesets during config validity check |
| - BUG/MEDIUM: contrib/prometheus-exporter: Properly set flags to dump metrics |
| - BUG/MEDIUM: mworker: fix the copy of options in copy_argv() |
| - BUG/MINOR: init: -x can have a parameter starting with a dash |
| - BUG/MINOR: init: -S can have a parameter starting with a dash |
| - BUG/MEDIUM: mworker: fix the reload with an -- option |
| - BUG/MINOR: ssl: fix a trash buffer leak in some error cases |
| - BUG/MINOR: mworker: fix a memleak when execvp() failed |
| - MINOR: sample: Add secure_memcmp converter |
| - REORG: ebtree: move the C files from ebtree/ to src/ |
| - REORG: ebtree: move the include files from ebtree to include/import/ |
| - REORG: ebtree: clean up remains of the ebtree/ directory |
| - REORG: include: create new file haproxy/api-t.h |
| - REORG: include: create new file haproxy/api.h |
| - REORG: include: update all files to use haproxy/api.h or api-t.h if needed |
| - CLEANUP: include: remove common/config.h |
| - CLEANUP: include: remove unused template.h |
| - REORG: include: move MIN/MAX from tools.h to compat.h |
| - REORG: include: move SWAP/MID_RANGE/MAX_RANGE from tools.h to standard.h |
| - CLEANUP: include: remove unused common/tools.h |
| - REORG: include: move the base files from common/ to haproxy/ |
| - REORG: include: move version.h to haproxy/ |
| - REORG: include: move base64.h, errors.h and hash.h from common to to haproxy/ |
| - REORG: include: move openssl-compat.h from common/ to haproxy/ |
| - REORG: include: move ist.h from common/ to import/ |
| - REORG: include: move the BUG_ON() code to haproxy/bug.h |
| - REORG: include: move debug.h from common/ to haproxy/ |
| - CLEANUP: debug: drop unused function p_malloc() |
| - REORG: include: split buf.h into haproxy/buf-t.h and haproxy/buf.h |
| - REORG: include: move istbuf.h to haproxy/ |
| - REORG: include: split mini-clist into haproxy/list and list-t.h |
| - REORG: threads: extract atomic ops from hathreads.h |
| - CLEANUP: threads: remove a few needless includes of hathreads.h |
| - REORG: include: split hathreads into haproxy/thread.h and haproxy/thread-t.h |
| - CLEANUP: thread: rename __decl_hathreads() to __decl_thread() |
| - REORG: include: move time.h from common/ to haproxy/ |
| - REORG: include: move integer manipulation functions from standard.h to intops.h |
| - CLEANUP: include: remove excessive includes of common/standard.h |
| - REORG: include: move freq_ctr to haproxy/ |
| - CLEANUP: pool: include freq_ctr.h and remove locally duplicated functions |
| - REORG: memory: move the pool type definitions to haproxy/pool-t.h |
| - REORG: memory: move the OS-level allocator to haproxy/pool-os.h |
| - MINOR: memory: don't let __pool_get_first() pick from the cache |
| - MEDIUM: memory: don't let pool_put_to_cache() free the objects itself |
| - MINOR: memory: move pool-specific path of the locked pool_free() to __pool_free() |
| - MEDIUM: memory: make local pools independent on lockless pools |
| - REORG: include: move common/memory.h to haproxy/pool.h |
| - REORG: include: move common/chunk.h to haproxy/chunk.h |
| - REORG: include: move activity to haproxy/ |
| - REORG: include: move common/buffer.h to haproxy/dynbuf{,-t}.h |
| - REORG: include: move common/net_helper.h to haproxy/net_helper.h |
| - REORG: include: move common/namespace.h to haproxy/namespace{,-t}.h |
| - REORG: include: split common/regex.h into haproxy/regex{,-t}.h |
| - REORG: include: split common/xref.h into haproxy/xref{,-t}.h |
| - REORG: include: move common/ticks.h to haproxy/ticks.h |
| - REORG: include: split common/http.h into haproxy/http{,-t}.h |
| - REORG: include: split common/http-hdr.h into haproxy/http-hdr{,-t}.h |
| - REORG: include: move common/h1.h to haproxy/h1.h |
| - REORG: include: split common/htx.h into haproxy/htx{,-t}.h |
| - REORG: include: move hpack*.h to haproxy/ and split hpack-tbl |
| - REORG: include: move common/h2.h to haproxy/h2.h |
| - REORG: include: move common/fcgi.h to haproxy/ |
| - REORG: include: move protocol.h to haproxy/protocol{,-t}.h |
| - REORG: tools: split common/standard.h into haproxy/tools{,-t}.h |
| - REORG: include: move dict.h to hparoxy/dict{,-t}.h |
| - REORG: include: move shctx to haproxy/shctx{,-t}.h |
| - REORG: include: move port_range.h to haproxy/port_range{,-t}.h |
| - REORG: include: move fd.h to haproxy/fd{,-t}.h |
| - REORG: include: move ring to haproxy/ring{,-t}.h |
| - REORG: include: move sink.h to haproxy/sink{,-t}.h |
| - REORG: include: move pipe.h to haproxy/pipe{,-t}.h |
| - CLEANUP: include: remove empty raw_sock.h |
| - REORG: include: move proto_udp.h to haproxy/proto_udp{,-t}.h |
| - REORG: include: move proto/proto_sockpair.h to haproxy/proto_sockpair.h |
| - REORG: include: move compression.h to haproxy/compression{,-t}.h |
| - REORG: include: move h1_htx.h to haproxy/h1_htx.h |
| - REORG: include: move http_htx.h to haproxy/http_htx{,-t}.h |
| - REORG: include: move hlua.h to haproxy/hlua{,-t}.h |
| - REORG: include: move hlua_fcn.h to haproxy/hlua_fcn.h |
| - REORG: include: move action.h to haproxy/action{,-t}.h |
| - REORG: include: move arg.h to haproxy/arg{,-t}.h |
| - REORG: include: move auth.h to haproxy/auth{,-t}.h |
| - REORG: include: move dns.h to haproxy/dns{,-t}.h |
| - REORG: include: move flt_http_comp.h to haproxy/ |
| - REORG: include: move counters.h to haproxy/counters-t.h |
| - REORG: include: split mailers.h into haproxy/mailers{,-t}.h |
| - REORG: include: move capture.h to haproxy/capture{,-t}.h |
| - REORG: include: move frontend.h to haproxy/frontend.h |
| - REORG: include: move obj_type.h to haproxy/obj_type{,-t}.h |
| - REORG: include: move http_rules.h to haproxy/http_rules.h |
| - CLEANUP: include: remove unused mux_pt.h |
| - REORG: include: move mworker.h to haproxy/mworker{,-t}.h |
| - REORG: include: move ssl_utils.h to haproxy/ssl_utils.h |
| - REORG: include: move ssl_ckch.h to haproxy/ssl_ckch{,-t}.h |
| - REORG: move ssl_crtlist.h to haproxy/ssl_crtlist{,-t}.h |
| - REORG: include: move lb_chash.h to haproxy/lb_chash{,-t}.h |
| - REORG: include: move lb_fas.h to haproxy/lb_fas{,-t}.h |
| - REORG: include: move lb_fwlc.h to haproxy/lb_fwlc{,-t}.h |
| - REORG: include: move lb_fwrr.h to haproxy/lb_fwrr{,-t}.h |
| - REORG: include: move listener.h to haproxy/listener{,-t}.h |
| - REORG: include: move pattern.h to haproxy/pattern{,-t}.h |
| - REORG: include: move map to haproxy/map{,-t}.h |
| - REORG: include: move payload.h to haproxy/payload.h |
| - REORG: include: move sample.h to haproxy/sample{,-t}.h |
| - REORG: include: move protocol_buffers.h to haproxy/protobuf{,-t}.h |
| - REORG: include: move vars.h to haproxy/vars{,-t}.h |
| - REORG: include: split global.h into haproxy/global{,-t}.h |
| - REORG: include: move task.h to haproxy/task{,-t}.h |
| - REORG: include: move proto_tcp.h to haproxy/proto_tcp.h |
| - REORG: include: move signal.h to haproxy/signal{,-t}.h |
| - REORG: include: move tcp_rules.h to haproxy/tcp_rules.h |
| - REORG: include: move connection.h to haproxy/connection{,-t}.h |
| - REORG: include: move checks.h to haproxy/check{,-t}.h |
| - REORG: include: move http_fetch.h to haproxy/http_fetch.h |
| - REORG: include: move peers.h to haproxy/peers{,-t}.h |
| - REORG: include: move stick_table.h to haproxy/stick_table{,-t}.h |
| - REORG: include: move session.h to haproxy/session{,-t}.h |
| - REORG: include: move trace.h to haproxy/trace{,-t}.h |
| - REORG: include: move acl.h to haproxy/acl.h{,-t}.h |
| - REORG: include: split common/uri_auth.h into haproxy/uri_auth{,-t}.h |
| - REORG: move applet.h to haproxy/applet{,-t}.h |
| - REORG: include: move stats.h to haproxy/stats{,-t}.h |
| - REORG: include: move cli.h to haproxy/cli{,-t}.h |
| - REORG: include: move lb_map.h to haproxy/lb_map{,-t}.h |
| - REORG: include: move ssl_sock.h to haproxy/ssl_sock{,-t}.h |
| - REORG: include: move stream_interface.h to haproxy/stream_interface{,-t}.h |
| - REORG: include: move channel.h to haproxy/channel{,-t}.h |
| - REORG: include: move http_ana.h to haproxy/http_ana{,-t}.h |
| - REORG: include: move filters.h to haproxy/filters{,-t}.h |
| - REORG: include: move fcgi-app.h to haproxy/fcgi-app{,-t}.h |
| - REORG: include: move log.h to haproxy/log{,-t}.h |
| - REORG: include: move proxy.h to haproxy/proxy{,-t}.h |
| - REORG: include: move spoe.h to haproxy/spoe{,-t}.h |
| - REORG: include: move backend.h to haproxy/backend{,-t}.h |
| - REORG: include: move queue.h to haproxy/queue{,-t}.h |
| - REORG: include: move server.h to haproxy/server{,-t}.h |
| - REORG: include: move stream.h to haproxy/stream{,-t}.h |
| - REORG: include: move cfgparse.h to haproxy/cfgparse.h |
| - CLEANUP: hpack: export debug functions and move inlines to .h |
| - REORG: check: move the e-mail alerting code to mailers.c |
| - REORG: check: move tcpchecks away from check.c |
| - REORG: check: move email_alert* from proxy-t.h to mailers-t.h |
| - REORG: check: extract the external checks from check.{c,h} |
| - CLEANUP: include: don't include stddef.h directly |
| - CLEANUP: include: don't include proxy-t.h in global-t.h |
| - CLEANUP: include: move sample_data out of sample-t.h |
| - REORG: include: move the error reporting functions to from log.h to errors.h |
| - BUILD: reorder objects in the Makefile for faster builds |
| - CLEANUP: compiler: add a THREAD_ALIGNED macro and use it where appropriate |
| - CLEANUP: include: make atomic.h part of the base API |
| - REORG: include: move MAX_THREADS to defaults.h |
| - REORG: include: move THREAD_LOCAL and __decl_thread() to compiler.h |
| - CLEANUP: include: tree-wide alphabetical sort of include files |
| - REORG: include: make list-t.h part of the base API |
| - REORG: dgram: rename proto_udp to dgram |
| |
| 2020/05/22 : 2.2-dev8 |
| - MINOR: checks: Improve report of unexpected errors for expect rules |
| - MEDIUM: checks: Add matching on log-format string for expect rules |
| - DOC: Fix req.body and co documentation to be accurate |
| - MEDIUM: checks: Remove dedicated sample fetches and use response ones instead |
| - CLEANUP: checks: sort and rename tcpcheck_expect_type types |
| - MINOR: checks: Use dedicated actions to send log-format strings in send rules |
| - MINOR: checks: Simplify matching on HTTP headers in HTTP expect rules |
| - MINOR: checks/sample: Remove unnecessary tests on the sample session |
| - REGTEST: checks: Adapt SSL error message reported when connection is rejected |
| - MINOR: mworker: replace ha_alert by ha_warning when exiting successfuly |
| - MINOR: checks: Support log-format string to set the URI for HTTP send rules |
| - MINOR: checks: Support log-format string to set the body for HTTP send rules |
| - DOC: Be more explicit about configurable check ok/error/timeout status |
| - MINOR: checks: Make matching on HTTP headers for expect rules less obscure |
| - BUG/MEDIUM: lua: Fix dumping of stick table entries for STD_T_DICT |
| - BUG/MINOR: config: Make use_backend and use-server post-parsing less obscur |
| - REGTESTS: make the http-check-send test require version 2.2 |
| - BUG/MINOR: http-ana: fix NTLM response parsing again |
| - BUG/MEDIUM: http_ana: make the detection of NTLM variants safer |
| - BUG/MINOR: cfgparse: Abort parsing the current line if an invalid \x sequence is encountered |
| - MINOR: cfgparse: Improve error message for invalid \x sequences |
| - CI: travis-ci: enable arm64 builds again |
| - MEDIUM: ssl: increase default-dh-param to 2048 |
| - CI: travis-ci: skip pcre2 on arm64 build |
| - CI: travis-ci: extend the build time for SSL to 60 minutes |
| - CLEANUP: config: drop unused setting CONFIG_HAP_MEM_OPTIM |
| - CLEANUP: config: drop unused setting CONFIG_HAP_INLINE_FD_SET |
| - CLENAUP: config: move CONFIG_HAP_LOCKLESS_POOLS out of config.h |
| - CLEANUP: remove THREAD_LOCAL from config.h |
| - CI: travis-ci: upgrade LibreSSL versions |
| - DOC: assorted typo fixes in the documentation |
| - CI: extend spellchecker whitelist |
| - CLEANUP: assorted typo fixes in the code and comments |
| - MAJOR: contrib: porting spoa_server to support python3 |
| - BUG/MEDIUM: checks: Subscribe to I/O events on an unfinished connect |
| - BUG/MINOR: checks: Don't subscribe to I/O events if it is already done |
| - BUG/MINOR: checks: Rely on next I/O oriented rule when waiting for a connection |
| - MINOR: checks: Don't try to send outgoing data if waiting to be able to send |
| - MINOR: sample: Move aes_gcm_dec implementation into sample.c |
| - MINOR: sample: Add digest and hmac converters |
| - BUG/MEDIUM: checks: Subscribe to I/O events only if a mux was installed |
| - BUG/MINOR: sample/ssl: Fix digest converter for openssl < 1.1.0 |
| - BUG/MINOR: pools: use %u not %d to report pool stats in "show pools" |
| - BUG/MINOR: pollers: remove uneeded free in global init |
| - CLEANUP: select: enhance readability in init |
| - BUG/MINOR: soft-stop: always wake up waiting threads on stopping |
| - MINOR: soft-stop: let the first stopper only signal other threads |
| - BUILD: select: only declare existing local labels to appease clang |
| - BUG/MEDIUM: streams: Remove SF_ADDR_SET if we're retrying due to L7 retry. |
| - BUG/MEDIUM: stream: Only allow L7 retries when using HTTP. |
| - DOC: retry-on can only be used with mode http |
| - MEDIUM: ssl: allow to register callbacks for SSL/TLS protocol messages |
| - MEDIUM: ssl: split ssl_sock_msgcbk() and use a new callback mechanism |
| - MINOR: ssl: add a new function ssl_sock_get_ssl_object() |
| - MEDIUM: ssl: use ssl_sock_get_ssl_object() in fetchers where appropriate |
| - REORG: ssl: move macros and structure definitions to ssl_sock.h |
| - CLEANUP: ssl: remove the shsess_* macros |
| - REORG: move the crt-list structures in their own .h |
| - REORG: ssl: move the ckch structures to types/ssl_ckch.h |
| - CLEANUP: ssl: add ckch prototypes in proto/ssl_ckch.h |
| - REORG: ssl: move crtlist functions to src/ssl_crtlist.c |
| - CLEANUP: ssl: avoid circular dependencies in ssl_crtlist.h |
| - REORG: ssl: move the ckch_store related functions to src/ssl_ckch.c |
| - REORG: ssl: move ckch_inst functions to src/ssl_ckch.c |
| - REORG: ssl: move the crt-list CLI functions in src/ssl_crtlist.c |
| - REORG: ssl: move the CLI 'cert' functions to src/ssl_ckch.c |
| - REORG: ssl: move ssl configuration to cfgparse-ssl.c |
| - MINOR: ssl: remove static keyword in some SSL utility functions |
| - REORG: ssl: move ssl_sock_ctx and fix cross-dependencies issues |
| - REORG: ssl: move sample fetches to src/ssl_sample.c |
| - REORG: ssl: move utility functions to src/ssl_utils.c |
| - DOC: ssl: update MAINTAINERS file |
| - CI: travis-ci: switch arm64 builds to use openssl from distro |
| - MINOR: stats: Prepare for more accurate moving averages |
| - MINOR: stats: Expose native cum_req metric for a server |
| - MEDIUM: stats: Enable more accurate moving average calculation for stats |
| - BUILD: ssl: include buffer common headers for ssl_sock_ctx |
| - BUILD: ssl: include errno.h in ssl_crtlist.c |
| - CLEANUP: acl: remove unused assignment |
| - DOC/MINOR: halog: Add long help info for ic flag |
| - BUILD: ssl: fix build without OPENSSL_NO_ENGINE |
| - DOC: SPOE is no longer experimental |
| - BUG/MINOR: cache: Don't needlessly test "cache" keyword in parse_cache_flt() |
| - MINOR: config: Don't dump keywords if argument is NULL |
| - MEDIUM: checks: Make post-41 the default mode for mysql checks |
| - BUG/MINOR: logs: prevent double line returns in some events. |
| - MEDIUM: sink: build header in sink_write for log formats |
| - MEDIUM: logs: buffer targets now rely on new sink_write |
| - MEDIUM: sink: add global statement to create a new ring (sink buffer) |
| - MEDIUM: hpack: use a pool for the hpack table |
| - BUG/MAJOR: mux-fcgi: Stop sending loop if FCGI stream is blocked for any reason |
| - BUG/MEDIUM: ring: write-lock the ring while attaching/detaching |
| - MINOR: applet: adopt the wait list entry from the CLI |
| - MINOR: ring: make the applet code not depend on the CLI |
| - Revert "MEDIUM: sink: add global statement to create a new ring (sink buffer)" |
| - CI: travis-ci: fix libslz download URL |
| - MINOR: ssl: split config and runtime variable for ssl-{min,max}-ver |
| - CLEANUP: http_ana: Remove unused TXN flags |
| - BUG/MINOR: http-rules: Mark http return rules as final |
| - MINOR: http-htx: Add http_reply type based on what is used for http return rules |
| - CLEANUP: http-htx: Rename http_error structure into http_error_msg |
| - MINOR: http-rules: Use http_reply structure for http return rules |
| - MINOR: http-htx: Use a dedicated function to release http_reply objects |
| - MINOR: http-htx: Use a dedicated function to parse http reply arguments |
| - MINOR: http-htx: Use a dedicated function to check http reply validity |
| - MINOR: http-ana: Use a dedicated function to send a response from an http reply |
| - MEDIUM: http-rules: Rely on http reply for http deny/tarpit rules |
| - MINOR: http-htx: Store default error messages in a global http reply array |
| - MINOR: http-htx: Store messages of an http-errors section in a http reply array |
| - MINOR: http-htx: Store errorloc/errorfile messages in http replies |
| - MINOR: proxy: Add references on http replies for proxy error messages |
| - MINOR: http-htx: Use http reply from the http-errors section |
| - MINOR: http-ana: Use a TXN flag to prevent after-response ruleset evaluation |
| - MEDIUM: http-ana: Use http replies for HTTP error messages |
| - CLEANUP: http-htx: Remove unused storage of error messages in buffers |
| - MINOR: htx: Add a function to copy a buffer in an HTX message |
| - CLEANUP: channel: Remove channel_htx_copy_msg() function |
| - MINOR: http-ana: Add a function to write an http reply in an HTX message |
| - MINOR: http-htx/proxy: Add http-error directive using http return syntax |
| - DOC: Fix "errorfile" description in the configuration manual |
| - BUG/MINOR: checks: Respect check-ssl param when a port or an addr is specified |
| - BUILD: hpack: make sure the hpack table can still be built standalone |
| - CONTRIB: hpack: make use of the simplified standalone HPACK API |
| - MINOR: connection: add pp2-never-send-local to support old PP2 behavior |
| |
| 2020/05/05 : 2.2-dev7 |
| - MINOR: version: Show uname output in display_version() |
| - CI: run weekly OpenSSL "no-deprecated" builds |
| - CLEANUP: log: fix comment of parse_logformat_string() |
| - DOC: Improve documentation on http-request set-src |
| - MINOR: ssl/cli: disallow SSL options for directory in 'add ssl crt-list' |
| - MINOR: ssl/cli: restrain certificate path when inserting into a directory |
| - MINOR: ssl: add ssl-skip-self-issued-ca global option |
| - BUG/MINOR: ssl: default settings for ssl server options are not used |
| - MINOR: config: add a global directive to set default SSL curves |
| - BUG/MEDIUM: http-ana: Handle NTLM messages correctly. |
| - DOC: internals: update the SSL architecture schema |
| - BUG/MINOR: tools: fix the i386 version of the div64_32 function |
| - BUG/MINOR: mux-fcgi/trace: fix wrong set of trace flags in fcgi_strm_add_eom() |
| - BUG/MINOR: http: make url_decode() optionally convert '+' to SP |
| - DOC: option logasap does not depend on mode |
| - MEDIUM: memory: make pool_gc() run under thread isolation |
| - MINOR: contrib: make the peers wireshark dissector a plugin |
| - BUG/MINOR: http-ana: Throw a 500 error if after-response ruleset fails on errors |
| - BUG/MINOR: check: Update server address and port to execute an external check |
| - MINOR: mini-clist: Add functions to iterate backward on a list |
| - MINOR: checks: Add a way to send custom headers and payload during http chekcs |
| - MINOR: server: respect warning and alert semantic |
| - BUG/MINOR: checks: Respect the no-check-ssl option |
| - BUG/MEDIUM: server/checks: Init server check during config validity check |
| - CLEANUP: checks: Don't export anymore init_check and srv_check_healthcheck_port |
| - BUG/MINOR: checks: chained expect will not properly wait for enough data |
| - BUG/MINOR: checks: Forbid tcp-check lines in default section as documented |
| - MINOR: checks: Use an enum to describe the tcp-check rule type |
| - MINOR: checks: Simplify connection flag parsing in tcp-check connect |
| - MEDIUM: checks: rewind to the first inverse expect rule of a chain on new data |
| - MINOR: checks: simplify tcp expect config parser |
| - MINOR: checks: add min-recv tcp-check expect option |
| - MINOR: checks: add linger option to tcp connect |
| - MINOR: checks: define a tcp expect type |
| - MEDIUM: checks: rewrite tcp-check expect block |
| - MINOR: checks: Stop xform buffers to null-terminated string for tcp-check rules |
| - MINOR: checks: add rbinary expect match type |
| - MINOR: checks: Simplify functions to get step id and comment |
| - MEDIUM: checks: capture groups in expect regexes |
| - MINOR: checks: Don't use a static tcp rule list head |
| - MEDIUM: checks: Use a non-comment rule iterator to get next rule |
| - MEDIUM: proxy/checks: Register a keyword to parse tcp-check rules |
| - MINOR: checks: Set the tcp-check rule index during parsing |
| - MINOR: checks: define tcp-check send type |
| - MINOR: checks: define a tcp-check connect type |
| - MEDIUM: checks: Add implicit tcp-check connect rule |
| - MAJOR: checks: Refactor and simplify the tcp-check loop |
| - MEDIUM: checks: Associate a session to each tcp-check healthcheck |
| - MINOR: checks/vars: Add a check scope for variables |
| - MEDIUM: checks: Parse custom action rules in tcp-checks |
| - MINOR: checks: Add support to set-var and unset-var rules in tcp-checks |
| - MINOR: checks: Add the sni option for tcp-check connect rules |
| - MINOR: checks: Add the via-socks4 option for tcp-check connect rules |
| - MINOR: checks: Add the alpn option for tcp-check connect rules |
| - MINOR: ssl: Export a generic function to parse an alpn string |
| - MINOR: checks: Add the default option for tcp-check connect rules |
| - MINOR: checks: Add the addr option for tcp-check connect rule |
| - MEDIUM: checks: Support expression to set the port |
| - MEDIUM: checks: Support log-format strings for tcp-check send rules |
| - MINOR: log: Don't depends on a stream to process samples in log-format string |
| - MINOR: log: Don't systematically set LW_REQ when a sample expr is added |
| - MEDIUM: checks: Add a shared list of tcp-check rules |
| - MINOR: sample: add htonl converter |
| - MINOR: sample: add cut_crlf converter |
| - MINOR: sample: add ltrim converter |
| - MINOR: sample: add rtrim converter |
| - MINOR: checks: Use a name for the healthcheck status enum |
| - MINOR: checks: Add option to tcp-check expect rules to customize error status |
| - MINOR: checks: Merge tcp-check comment rules with the others at config parsing |
| - MINOR: checks: Add a sample fetch to extract a block from the input check buffer |
| - MEDIUM: checks: Add on-error/on-success option on tcp-check expect rules |
| - MEDIUM: checks: Add status-code sample expression on tcp-check expect rules |
| - MINOR: checks: Relax the default option for tcp-check connect rules |
| - MEDIUM: checks: Add a list of vars to set before executing a tpc-check ruleset |
| - MINOR: checks: Export the tcpcheck_eval_ret enum |
| - MINOR: checks: Use dedicated function to handle onsuccess/onerror messages |
| - MINOR: checks: Support custom functions to eval a tcp-check expect rules |
| - MEDIUM: checks: Implement redis check using tcp-check rules |
| - MEDIUM: checks: Implement ssl-hello check using tcp-check rules |
| - MEDIUM: checks: Implement smtp check using tcp-check rules |
| - MEDIUM: checks: Implement postgres check using tcp-check rules |
| - MEDIUM: checks: Implement MySQL check using tcp-check rules |
| - MEDIUM: checks: Implement LDAP check using tcp-check rules |
| - MEDIUM: checks: Implement SPOP check using tcp-check rules |
| - MINOR: server/checks: Move parsing of agent keywords in checks.c |
| - MINOR: server/checks: Move parsing of server check keywords in checks.c |
| - MEDIUM: checks: Implement agent check using tcp-check rules |
| - REGTEST: Adapt regtests about checks to recent changes |
| - MINOR: Produce tcp-check info message for pure tcp-check rules only |
| - MINOR: checks: Add an option to set success status of tcp-check expect rules |
| - MINOR: checks: Improve log message of tcp-checks on success |
| - MINOR: proxy/checks: Move parsing of httpchk option in checks.c |
| - MINOR: proxy/checks: Move parsing of tcp-check option in checks.c |
| - MINOR: proxy/checks: Register a keyword to parse http-check rules |
| - MINOR: proxy/checks: Move parsing of external-check option in checks.c |
| - MINOR: proxy/checks: Register a keyword to parse external-check rules |
| - MEDIUM: checks: Use a shared ruleset to store tcp-check rules |
| - MINOR: checks: Use an indirect string to represent the expect matching string |
| - MINOR: checks: Introduce flags to configure in tcp-check expect rules |
| - MINOR: standard: Add my_memspn and my_memcspn |
| - MINOR: checks: Add a reverse non-comment rule iterator to get last rule |
| - MAJOR: checks: Implement HTTP check using tcp-check rules |
| - MINOR: checks: Make resume conditions more explicit in tcpcheck_main() |
| - MINOR: connection: Add macros to know if a conn or a cs uses an HTX mux |
| - MEDIUM: checks: Refactor how data are received in tcpcheck_main() |
| - MINOR: checks/obj_type: Add a new object type for checks |
| - BUG/MINOR: obj_type: Handle stream object in obj_base_ptr() function |
| - MINOR: checks: Use the check as origin when a session is created |
| - MINOR: checks: Add a mux proto to health-check and tcp-check connect rule |
| - MINOR: connection: Add a function to install a mux for a health-check |
| - MAJOR: checks: Use the best mux depending on the protocol for health checks |
| - MEDIUM: checks: Implement default TCP check using tcp-check rules |
| - MINOR: checks: Remove unused code about pure TCP checks |
| - CLEANUP: checks: Reorg checks.c file to be more readable |
| - REGTEST: Fix reg-tests about health-checks to adapt them to recent changes |
| - MINOR: ist: Add a function to retrieve the ist pointer |
| - MINOR: checks: Use ist API as far as possible |
| - BUG/MEDIUM: checks: Be sure to subscribe for sends if outgoing data remains |
| - MINOR: checks: Use a tree instead of a list to store tcp-check rulesets |
| - BUG/MINOR: checks: Send the right amount of outgoing data for HTTP checks |
| - REGTEST: Add scripts to test based tcp-check health-checks |
| - Revert "MEDIUM: checks: capture groups in expect regexes" |
| - DOC: Add documentation about comments for tcp-check and http-check directives |
| - DOC: Fix the tcp-check and http-check directives layout |
| - BUG/MEDIUM: checks: Use the mux protocol specified on the server line |
| - MINOR: checks: Support mux protocol definition for tcp and http health checks |
| - BUG/MINOR: mux-fcgi: Be sure to have a connection as session's origin to use it |
| - MINOR: checks: Support list of status codes on http-check expect rules |
| - BUG/MEDIUM: checks: Unsubscribe to mux events when a conn-stream is destroyed |
| - REGTEST: Add a script to validate agent checks |
| - BUG/MINOR: server: Fix server_finalize_init() to avoid unused variable |
| - BUG/MEDIUM: checks: unsubscribe for events on the old conn-stream on connect |
| - BUG/MINOR: checks: Only use ssl_sock_is_ssl() if compiled with SSL support |
| - BUG/MINOR: checks/server: use_ssl member must be signed |
| - BUG/MEDIUM: sessions: Always pass the mux context as argument to destroy a mux |
| - BUG/MEDIUM: checks: Destroy the conn-stream before the session |
| - BUG/MINOR: checks: Fix PostgreSQL regex on the authentication packet |
| - CI: cirrus-ci: remove reg-tests/checks/tcp-check-ssl.vtc on CentOS 6 |
| - MINOR: checks: Support HTTP/2 version (without '.0') for http-check send rules |
| - MINOR: checks: Use ver keyword to specify the HTTP version for http checks |
| - BUG/MINOR: checks: Remove wrong variable redeclaration |
| - BUG/MINOR: checks: Properly handle truncated mysql server messages |
| - CLEANUP: checks: Remove unused code when ldap server message is parsed |
| - MINOR: checks: Make the use of the check's server more explicit on connect |
| - BUG/MINOR: checks: Avoid incompatible cast when a binary string is parsed |
| - BUG/MINOR: checks: Remove bad call to free() when an expect rule is parsed |
| - BUG/MINOR: checks: Don't lose warning on proxy capability |
| - MINOR: log: Add "Tu" timer |
| - BUG/MINOR: checks: Set the output buffer length before calling parse_binary() |
| - BUG/MEDIUM: mux-h1: make sure we always have a timeout on front connections |
| - REGTEST: ssl: test the client certificate authentication |
| - DOC: give a more accurate description of what check does |
| - BUG/MEDIUM: capture: capture-req/capture-res converters crash without a stream |
| - BUG/MEDIUM: capture: capture.{req,res}.* crash without a stream |
| - BUG/MEDIUM: http: the "http_first_req" sample fetch could crash without a steeam |
| - BUG/MEDIUM: http: the "unique-id" sample fetch could crash without a steeam |
| - CLEANUP: http: add a few comments on certain functions' assumptions about streams |
| - BUG/MEDIUM: sample: make the CPU and latency sample fetches check for a stream |
| - MINOR: http-htx: Export functions to update message authority and host |
| - MINOR: checks: Don't support multiple host header for http-check send rule |
| - MINOR: checks: Skip some headers for http-check send rules |
| - MINOR: checks: Keep the Host header and the request uri synchronized |
| - CLEANUP: checks: Fix checks includes |
| - DOC: Fix send rules in the http-check connect example |
| - DOC: Add more info about request formatting in http-check send description |
| - REGTEST: http-rules: Require PCRE or PCRE2 option to run map_redirect script |
| - REGTEST: ssl: remove curl from the "add ssl crt-list" test |
| - REGTEST: ssl: improve the "set ssl cert" test |
| - CLEANUP: ssl: silence a build warning when threads are disabled |
| - BUG/MEDIUM: listener: mark the thread as not stuck inside the loop |
| - MINOR: threads: export the POSIX thread ID in panic dumps |
| - BUG/MINOR: debug: properly use long long instead of long for the thread ID |
| - BUG/MEDIUM: shctx: really check the lock's value while waiting |
| - BUG/MEDIUM: shctx: bound the number of loops that can happen around the lock |
| - MINOR: stream: report the list of active filters on stream crashes |
| - BUG/MEDIUM: mux-fcgi: Return from detach if server don't keep the connection |
| - BUG/MEDIUM: mux_fcgi: Free the FCGI connection at the end of fcgi_release() |
| - BUG/MEDIUM: mux-fcgi: Fix wrong test on FCGI_CF_KEEP_CONN in fcgi_detach() |
| - BUG/MEDIUM: connections: force connections cleanup on server changes |
| - BUG/MEDIUM: h1: Don't compare host and authority if only h1 headers are parsed |
| - BUG/MEDIUM: ssl: fix the id length check within smp_fetch_ssl_fc_session_id() |
| - CLEANUP: connections: align function declaration |
| - BUG/MINOR: sample: Set the correct type when a binary is converted to a string |
| - MEDIUM: checks/http-fetch: Support htx prefetch from a check for HTTP samples |
| - DOC: Document the log-format parameter for tcp-check send/send-binary rules |
| - MINOR: checks: Add support of payload-based sample fetches |
| - MINOR: checks: Add support of be_id, be_name, srv_id and srv_name sample fetches |
| - MINOR: checks: Add support of server side ssl sample fetches |
| - MINOR: checks: Add support of HTTP response sample fetches |
| - MINOR: http-htx: Support different methods to look for header names |
| - MINOR: checks: Set by default expect rule status to UNKNOWN during parsing |
| - BUG/MINOR: checks: Support multiple HTTP expect rules |
| - REGTEST: checks: Fix sync condition for agent-check |
| - MEDIUM: checks: Support matching on headers for http-check expect rules |
| - MINOR: lua: allow changing port with set_addr |
| - BUG/MINOR: da: Fix HTX message prefetch |
| - BUG/MINOR: wurfl: Fix HTX message prefetch |
| - BUG/MINOR: 51d: Fix HTX message prefetch |
| - MINOR: ist: add istadv() function |
| - MINOR: ist: add istissame() function |
| - MINOR: istbuf: add ist2buf() function |
| - BUG/MINOR: threads: fix multiple use of argument inside HA_ATOMIC_CAS() |
| - BUG/MINOR: threads: fix multiple use of argument inside HA_ATOMIC_UPDATE_{MIN,MAX}() |
| - DOC: update intro.txt for 2.2 |
| - DOC: intro: add a contacts section |
| |
| 2020/04/17 : 2.2-dev6 |
| - BUG/MINOR: ssl: memory leak when find_chain is NULL |
| - CLEANUP: ssl: rename ssl_get_issuer_chain to ssl_get0_issuer_chain |
| - MINOR: ssl: rework add cert chain to CTX to be libssl independent |
| - BUG/MINOR: peers: init bind_proc to 1 if it wasn't initialized |
| - BUG/MINOR: peers: avoid an infinite loop with peers_fe is NULL |
| - BUG/MINOR: peers: Use after free of "peers" section. |
| - CI: github actions: add weekly h2spec test |
| - BUG/MEDIUM: mux_h1: Process a new request if we already received it. |
| - MINOR: build: Fix build in mux_h1 |
| - CLEANUP: remove obsolete comments |
| - BUG/MEDIUM: dns: improper parsing of aditional records |
| - MINOR: ssl: skip self issued CA in cert chain for ssl_ctx |
| - MINOR: listener: add so_name sample fetch |
| - MEDIUM: stream: support use-server rules with dynamic names |
| - MINOR: servers: Add a counter for the number of currently used connections. |
| - MEDIUM: connections: Revamp the way idle connections are killed |
| - MINOR: cli: add a general purpose pointer in the CLI struct |
| - MINOR: ssl: add a list of bind_conf in struct crtlist |
| - REORG: ssl: move SETCERT enum to ssl_sock.h |
| - BUG/MINOR: ssl: ckch_inst wrongly inserted in crtlist_entry |
| - REORG: ssl: move some functions above crtlist_load_cert_dir() |
| - MINOR: ssl: use crtlist_free() upon error in directory loading |
| - MINOR: ssl: add a list of crtlist_entry in ckch_store |
| - MINOR: ssl: store a ptr to crtlist in crtlist_entry |
| - MINOR: ssl/cli: update pointer to store in 'commit ssl cert' |
| - MEDIUM: ssl/cli: 'add ssl crt-list' command |
| - REGTEST: ssl/cli: test the 'add ssl crt-list' command |
| - BUG/MINOR: ssl: entry->ckch_inst not initialized |
| - REGTEST: ssl/cli: change test type to devel |
| - REGTEST: make the PROXY TLV validation depend on version 2.2 |
| - CLEANUP: assorted typo fixes in the code and comments |
| - BUG/MINOR: stats: Fix color of draining servers on stats page |
| - DOC: internals: Fix spelling errors in filters.txt |
| - MINOR: connections: Don't mark conn flags 0x00000001 and 0x00000002 as unused. |
| - REGTEST: make the unique-id test depend on version 2.0 |
| - BUG/MEDIUM: dns: Consider the fact that dns answers are case-insensitive |
| - MINOR: ssl: split the line parsing of the crt-list |
| - MINOR: ssl/cli: support filters and options in add ssl crt-list |
| - MINOR: ssl: add a comment above the ssl_bind_conf keywords |
| - REGTEST: ssl/cli: tests options and filters w/ add ssl crt-list |
| - REGTEST: ssl: pollute the crt-list file |
| - BUG/CRITICAL: hpack: never index a header into the headroom after wrapping |
| - BUG/MINOR: protocol_buffer: Wrong maximum shifting. |
| - CLEANUP: src/fd.c: mask setsockopt with DISGUISE |
| - BUG/MINOR: ssl/cli: initialize fcount int crtlist_entry |
| - REGTEST: ssl/cli: add other cases of 'add ssl crt-list' |
| - CLEANUP: assorted typo fixes in the code and comments |
| - DOC: management: add the new crt-list CLI commands |
| - BUG/MINOR: ssl/cli: fix spaces in 'show ssl crt-list' |
| - MINOR: ssl/cli: 'del ssl crt-list' delete an entry |
| - MINOR: ssl/cli: replace dump/show ssl crt-list by '-n' option |
| - CI: use better SSL library definition |
| - CI: travis-ci: enable DEBUG_STRICT=1 for CI builds |
| - CI: travis-ci: upgrade openssl to 1.1.1f |
| - MINOR: ssl: improve the errors when a crt can't be open |
| - CI: cirrus-ci: rename openssl package after it is renamed in FreeBSD |
| - CI: adopt openssl download script to download all versions |
| - BUG/MINOR: ssl/cli: lock the ckch structures during crt-list delete |
| - MINOR: ssl/cli: improve error for bundle in add/del ssl crt-list |
| - MINOR: ssl/cli: 'del ssl cert' deletes a certificate |
| - BUG/MINOR: ssl: trailing slashes in directory names wrongly cached |
| - BUG/MINOR: ssl/cli: memory leak in 'set ssl cert' |
| - CLEANUP: ssl: use the refcount for the SSL_CTX' |
| - CLEANUP: ssl/cli: use the list of filters in the crtlist_entry |
| - BUG/MINOR: ssl: memleak of the struct cert_key_and_chain |
| - CLEANUP: ssl: remove a commentary in struct ckch_inst |
| - MINOR: ssl: initialize all list in ckch_inst_new() |
| - MINOR: ssl: free instances and SNIs with ckch_inst_free() |
| - MINOR: ssl: replace ckchs_free() by ckch_store_free() |
| - BUG/MEDIUM: ssl/cli: trying to access to free'd memory |
| - MINOR: ssl: ckch_store_new() alloc and init a ckch_store |
| - MINOR: ssl: crtlist_new() alloc and initialize a struct crtlist |
| - REORG: ssl: move some free/new functions |
| - MINOR: ssl: crtlist_entry_{new, free} |
| - BUG/MINOR: ssl: ssl_conf always set to NULL on crt-list parsing |
| - MINOR: ssl: don't alloc ssl_conf if no option found |
| - BUG/MINOR: connection: always send address-less LOCAL PROXY connections |
| - BUG/MINOR: peers: Incomplete peers sections should be validated. |
| - MINOR: init: report in "haproxy -c" whether there were warnings or not |
| - MINOR: init: add -dW and "zero-warning" to reject configs with warnings |
| - MINOR: init: report the compiler version in haproxy -vv |
| - CLEANUP: assorted typo fixes in the code and comments |
| - MINOR: init: report the haproxy version and executable path once on errors |
| - DOC: Make how "option redispatch" works more explicit |
| - BUILD: Makefile: add linux-musl to TARGET |
| - CLEANUP: assorted typo fixes in the code and comments |
| - CLEANUP: http: Fixed small typo in parse_http_return |
| - DOC: hashing: update link to hashing functions |
| |
| 2020/03/23 : 2.2-dev5 |
| - CLEANUP: ssl: is_default is a bit in ckch_inst |
| - BUG/MINOR: ssl/cli: sni_ctx' mustn't always be used as filters |
| - DOC: ssl: clarify security implications of TLS tickets |
| - CLEANUP: remove support for Linux i686 vsyscalls |
| - CLEANUP: drop support for USE_MY_ACCEPT4 |
| - CLEANUP: remove support for USE_MY_EPOLL |
| - CLEANUP: remove support for USE_MY_SPLICE |
| - CLEANUP: remove the now unused common/syscall.h |
| - BUILD: make dladdr1 depend on glibc version and not __USE_GNU |
| - BUILD: wdt: only test for SI_TKILL when compiled with thread support |
| - BUILD: Makefile: the compiler-specific flags should all be in SPEC_CFLAGS |
| - CLEANUP: ssl: separate the directory loading in a new function |
| - BUG/MINOR: buffers: MT_LIST_DEL_SAFE() expects the temporary pointer. |
| - BUG/MEDIUM: mt_lists: Make sure we set the deleted element to NULL; |
| - MINOR: init: move the maxsock calculation code to compute_ideal_maxsock() |
| - MEDIUM: init: always try to push the FD limit when maxconn is set from -m |
| - BUG/MAJOR: list: fix invalid element address calculation |
| - BUILD: stream-int: fix a few includes dependencies |
| - MINOR: mt_lists: Appease gcc. |
| - MINOR: lists: Implement function to convert list => mt_list and mt_list => list |
| - MINOR: servers: Kill priv_conns. |
| - MINOR: lists: fix indentation. |
| - BUG/MEDIUM: random: align the state on 2*64 bits for ARM64 |
| - BUG/MEDIUM: connections: Don't assume the connection has a valid session. |
| - BUG/MEDIUM: pools: Always update free_list in pool_gc(). |
| - BUG/MINOR: haproxy: always initialize sleeping_thread_mask |
| - BUG/MINOR: listener/mq: do not dispatch connections to remote threads when stopping |
| - BUG/MINOR: haproxy/threads: try to make all threads leave together |
| - Revert "BUILD: travis-ci: enable s390x builds" |
| - BUILD: travis-ci: enable regular s390x builds |
| - DOC: proxy_protocol: Reserve TLV type 0x05 as PP2_TYPE_UNIQUE_ID |
| - MINOR: proxy_protocol: Ingest PP2_TYPE_UNIQUE_ID on incoming connections |
| - MEDIUM: proxy_protocol: Support sending unique IDs using PPv2 |
| - CLEANUP: connection: Add blank line after declarations in PP handling |
| - CLEANUP: assorted typo fixes in the code and comments |
| - CI: add spellcheck github action |
| - DOC: correct typo in alert message about rspirep |
| - CI: travis: switch linux builds to clang-9 |
| - MINOR: debug: add a new DISGUISE() macro to pass a value as identity |
| - MINOR: debug: consume the write() result in BUG_ON() to silence a warning |
| - MINOR: use DISGUISE() everywhere we deliberately want to ignore a result |
| - BUILD: pools: silence build warnings with DEBUG_MEMORY_POOLS and DEBUG_UAF |
| - CLEANUP: connection: Stop directly setting an ist's .ptr |
| - CI: travis: revert to clang-7 for BoringSSL tests |
| - BUILD: on ARM, must be linked to libatomic. |
| - BUILD: makefile: fix regex syntax in ARM platform detection |
| - BUG/MEDIUM: peers: resync ended with RESYNC_PARTIAL in wrong cases. |
| - REORG: ssl: move ssl_sock_load_cert() |
| - MINOR: ssl: pass ckch_inst to ssl_sock_load_ckchs() |
| - MEDIUM: ssl: allow crt-list caching |
| - MINOR: ssl: directories are loaded like crt-list |
| - BUG/MINOR: ssl: can't open directories anymore |
| - BUG/MEDIUM: spoe: dup agent's engine_id string from trash.area |
| - MINOR: fd: Use a separate lock for logs instead of abusing the fd lock. |
| - MINOR: mux_pt: Don't try to remove the connection from the idle list. |
| - MINOR: ssl/cli: show/dump ssl crt-list |
| - BUG/MINOR: ssl/cli: free the trash chunk in dump_crtlist |
| - MEDIUM: fd: Introduce a running mask, and use it instead of the spinlock. |
| - BUG/MINOR: ssl: memory leak in crtlist_parse_file() |
| - MINOR: tasks: Provide the tasklet to the callback. |
| - BUG/MINOR: ssl: memleak of struct crtlist_entry |
| - BUG/MINOR: pattern: Do not pass len = 0 to calloc() |
| - BUILD: makefile: fix expression again to detect ARM platform |
| - CI: travis: re-enable ASAN on clang |
| - CI: travis: proper group output redirection together with travis_wait |
| - DOC: assorted typo fixes in the documentation |
| - MINOR: wdt: Move the definitions of WDTSIG and DEBUGSIG into types/signal.h. |
| - BUG/MEDIUM: wdt: Don't ignore WDTSIG and DEBUGSIG in __signal_process_queue(). |
| - MINOR: memory: Change the flush_lock to a spinlock, and don't get it in alloc. |
| - MINOR: ssl/cli: 'new ssl cert' command |
| - MINOR: ssl/cli: show certificate status in 'show ssl cert' |
| - MEDIUM: sessions: Don't be responsible for connections anymore. |
| - MEDIUM: servers: Split the connections into idle, safe, and available. |
| - MINOR: fd: Implement fd_takeover(). |
| - MINOR: connections: Add a new mux method, "takeover". |
| - MINOR: connections: Make the "list" element a struct mt_list instead of list. |
| - MINOR: connections: Add a flag to know if we're in the safe or idle list. |
| - MEDIUM: connections: Attempt to get idle connections from other threads. |
| - MEDIUM: mux_h1: Implement the takeover() method. |
| - MEDIUM: mux_h2: Implement the takeover() method. |
| - MEDIUM: mux_fcgi: Implement the takeover() method. |
| - MEDIUM: connections: Kill connections even if we are reusing one. |
| - BUG/MEDIUM: connections: Don't forget to decrement idle connection counters. |
| - BUG/MINOR: ssl: Do not free garbage pointers on memory allocation failure |
| - BUG/MINOR: ssl: Correctly add the 1 for the sentinel to the number of elements |
| - BUG/MINOR: ssl: crtlist_dup_filters() must return NULL with fcount == 0 |
| - BUG/MEDIUM: build: Fix compilation by spelling decl correctly. |
| - BUILD/MEDIUM: fd: Declare fd_mig_lock as extern. |
| - CI: run travis-ci builds on push only, skip pull requests |
| - CI: temporarily disable unstable travis arm64 builds |
| - BUG/MINOR: ssl/cli: free BIO upon error in 'show ssl cert' |
| - BUG/MINOR: connections: Make sure we free the connection on failure. |
| - BUG/MINOR: ssl/cli: fix a potential NULL dereference |
| - BUG/MEDIUM: h1: Make sure we subscribe before going into idle list. |
| - BUG/MINOR: connections: Set idle_time before adding to idle list. |
| - MINOR: muxes: Note that we can't usee a connection when added to the srv idle. |
| - REGTEST: increase timeouts on the seamless-reload test |
| - BUG/MINOR: haproxy/threads: close a possible race in soft-stop detection |
| - CLEANUP: haproxy/threads: don't check global_tasks_mask twice |
| |
| 2020/03/09 : 2.2-dev4 |
| - MEDIUM: buffer: remove the buffer_wq lock |
| - MINOR: ssl: move find certificate chain code to its own function |
| - MINOR: ssl: resolve issuers chain later |
| - MINOR: ssl: resolve ocsp_issuer later |
| - MINOR: ssl/cli: "show ssl cert" command should print the "Chain Filename:" |
| - BUG/MINOR: h2: reject again empty :path pseudo-headers |
| - MINOR: wdt: always clear sigev_value to make valgrind happy |
| - MINOR: epoll: always initialize all of epoll_event to please valgrind |
| - BUG/MINOR: sample: Make sure to return stable IDs in the unique-id fetch |
| - BUG/MEDIUM: ssl: chain must be initialized with sk_X509_new_null() |
| - BUILD: cirrus-ci: suppress OS version check when installing packages |
| - BUG/MINOR: http_ana: make sure redirect flags don't have overlapping bits |
| - CLEANUP: fd: remove the FD_EV_STATUS aggregate |
| - CLEANUP: fd: remove some unneeded definitions of FD_EV_* flags |
| - MINOR: fd: merge the read and write error bits into RW error |
| - BUG/MINOR: dns: ignore trailing dot |
| - MINOR: contrib/prometheus-exporter: Add the last heathcheck duration metric |
| - BUG/MINOR: http-htx: Do case-insensive comparisons on Host header name |
| - MINOR: mux-h1: Remove useless case-insensitive comparisons |
| - MINOR: rawsock: always mark the FD not ready when we're certain it happens |
| - MEDIUM: connection: make the subscribe() call able to wakeup if ready |
| - MEDIUM: connection: don't stop receiving events in the FD handler |
| - MEDIUM: mux-h1: do not blindly wake up the tasklet at end of request anymore |
| - BUG/MINOR: arg: don't reject missing optional args |
| - MINOR: tools: make sure to correctly check the returned 'ms' in date2std_log |
| - MINOR: debug: report the task handler's pointer relative to main |
| - BUG/MEDIUM: debug: make the debug_handler check for the thread in threads_to_dump |
| - MINOR: haproxy: export main to ease access from debugger |
| - MINOR: haproxy: export run_poll_loop |
| - MINOR: task: export run_tasks_from_list |
| - BUILD: tools: remove obsolete and conflicting trace() from standard.c |
| - MINOR: tools: add new function dump_addr_and_bytes() |
| - MINOR: tools: add resolve_sym_name() to resolve function pointers |
| - MINOR: debug: use resolve_sym_name() to dump task handlers |
| - MINOR: cli: make "show fd" rely on resolve_sym_name() |
| - MEDIUM: debug: add support for dumping backtraces of stuck threads |
| - MINOR: debug: call backtrace() once upon startup |
| - MINOR: ssl: add "ca-verify-file" directive |
| - BUG/MINOR: wdt: do not return an error when the watchdog couldn't be enabled |
| - BUILD: Makefile: include librt before libpthread |
| - MEDIUM: wdt: fall back to CLOCK_REALTIME if CLOCK_THREAD_CPUTIME is not available |
| - MINOR: wdt: do not depend on USE_THREAD |
| - MINOR: debug: report the number of entries in the backtrace |
| - MINOR: debug: improve backtrace() on aarch64 and possibly other systems |
| - MINOR: debug: use our own backtrace function on clang+x86_64 |
| - MINOR: debug: dump the whole trace if we can't spot the starting point |
| - BUILD: tools: unbreak resolve_sym_name() on non-GNU platforms |
| - BUILD: tools: rely on __ELF__ not USE_DL to enable use of dladdr() |
| - CLEANUP: contrib/spoa_example: Fix several typos |
| - BUILD: makefile: do not modify the build options during make reg-tests |
| - BUG/MEDIUM: connection: stop polling for sending when the event is ready |
| - MEDIUM: stream-int: make sure to try to immediately validate the connection |
| - MINOR: tcp/uxst/sockpair: only ask for I/O when really waiting for a connect() |
| - MEDIUM: connection: only call ->wake() for connect() without I/O |
| - OPTIM: connection: disable receiving on disabled events when the run queue is too high |
| - OPTIM: mux-h1: subscribe rather than waking up at a few other places |
| - REGTEST: Add unique-id reg-test |
| - MINOR: stream: Add stream_generate_unique_id function |
| - MINOR: stream: Use stream_generate_unique_id |
| - BUG/MINOR: connection/debug: do not enforce !event_type on subscribe() anymore |
| - MINOR: ssl/cli: support crt-list filters |
| - MINOR: ssl: reach a ckch_store from a sni_ctx |
| - DOC: fix incorrect indentation of http_auth_* |
| - BUG/MINOR: ssl-sock: do not return an uninitialized pointer in ckch_inst_sni_ctx_to_sni_filters |
| - MINOR: debug: add CLI command "debug dev write" to write an arbitrary size |
| - MINOR: ist: Add `IST_NULL` macro |
| - MINOR: ist: Add `int isttest(const struct ist)` |
| - MINOR: ist: Add `struct ist istalloc(size_t)` and `void istfree(struct ist*)` |
| - CLEANUP: Use `isttest()` and `istfree()` |
| - MINOR: ist: Add `struct ist istdup(const struct ist)` |
| - MINOR: proxy: Make `header_unique_id` a `struct ist` |
| - MEDIUM: stream: Make the `unique_id` member of `struct stream` a `struct ist` |
| - OPTIM: startup: fast unique_id allocation for acl. |
| - DOC: configuration.txt: fix various typos |
| - DOC: assorted typo fixes in the documentation and Makefile |
| - BUG/MINOR: init: make the automatic maxconn consider the max of soft/hard limits |
| - BUG/MAJOR: proxy_protocol: Properly validate TLV lengths |
| - CLEANUP: proxy_protocol: Use `size_t` when parsing TLVs |
| - MINOR: buf: Add function to insert a string at an absolute offset in a buffer |
| - MINOR: htx: Add a function to return a block at a specific offset |
| - MINOR: htx: Use htx_find_offset() to truncate an HTX message |
| - MINOR: flt_trace: Use htx_find_offset() to get the available payload length |
| - BUG/MINOR: filters: Use filter offset to decude the amount of forwarded data |
| - BUG/MINOR: filters: Forward everything if no data filters are called |
| - BUG/MEDIUM: cache/filters: Fix loop on HTX blocks caching the response payload |
| - BUG/MEDIUM: compression/filters: Fix loop on HTX blocks compressing the payload |
| - BUG/MINOR: http-ana: Reset request analysers on a response side error |
| - BUG/MINOR: lua: Abort when txn:done() is called from a Lua action |
| - BUG/MINOR: lua: Ignore the reserve to know if a channel is full or not |
| - MINOR: lua: Add function to know if a channel is a response one |
| - MINOR: lua: Stop using the lua txn in hlua_http_get_headers() |
| - MINOR: lua: Stop using the lua txn in hlua_http_rep_hdr() |
| - MINOR: lua: Stop using lua txn in hlua_http_del_hdr() and hlua_http_add_hdr() |
| - MINOR: lua: Remove the flag HLUA_TXN_HTTP_RDY |
| - MINOR: lua: Rename hlua_action_wake_time() to hlua_set_wake_time() |
| - BUG/MINOR: lua: Init the lua wake_time value before calling a lua function |
| - BUG/MINOR: http-rules: Return ACT_RET_ABRT to abort a transaction |
| - BUG/MINOR: http-rules: Preserve FLT_END analyzers on reject action |
| - BUG/MINOR: http-rules: Fix a typo in the reject action function |
| - MINOR: cache/filters: Initialize the cache filter when stream is created |
| - MINOR: compression/filters: Initialize the comp filter when stream is created |
| - BUG/MINOR: rules: Preserve FLT_END analyzers on silent-drop action |
| - BUG/MINOR: rules: Return ACT_RET_ABRT when a silent-drop action is executed |
| - BUG/MINOR: rules: Increment be_counters if backend is assigned for a silent-drop |
| - BUG/MINOR: http-rules: Abort transaction when a redirect is applied on response |
| - BUILD: buffer: types/{ring.h,checks.h} should include buf.h, not buffer.h |
| - BUILD: ssl: include mini-clist.h |
| - BUILD: global: must not include common/standard.h but only types/freq_ctr.h |
| - BUILD: freq_ctr: proto/freq_ctr needs to include common/standard.h |
| - BUILD: listener: types/listener.h must not include standard.h |
| - BUG/MEDIUM: random: initialize the random pool a bit better |
| - BUG/MEDIUM: random: implement per-thread and per-process random sequences |
| - Revert "BUG/MEDIUM: random: implement per-thread and per-process random sequences" |
| - BUILD: cirrus-ci: get rid of unstable freebsd images |
| - MINOR: tools: add 64-bit rotate operators |
| - BUG/MEDIUM: random: implement a thread-safe and process-safe PRNG |
| - MINOR: backend: use a single call to ha_random32() for the random LB algo |
| - BUG/MINOR: checks/threads: use ha_random() and not rand() |
| - MINOR: sample: make all bits random on the rand() sample fetch |
| - MINOR: tools: add a generic function to generate UUIDs |
| - DOC: fix typo about no-tls-tickets |
| - DOC: improve description of no-tls-tickets |
| - DOC: assorted typo fixes in the documentation |
| - CLEANUP: remove unused code in 'my_ffsl/my_flsl' functions |
| |
| 2020/02/25 : 2.2-dev3 |
| - SCRIPTS: announce-release: place the send command in the mail's header |
| - SCRIPTS: announce-release: allow the user to force to overwrite old files |
| - SCRIPTS: backport: fix the master branch detection |
| - BUG/MINOR: http-act: Set stream error flag before returning an error |
| - BUG/MINOR: http-act: Fix bugs on error path during parsing of return actions |
| - BUG/MEDIUM: ssl/cli: 'commit ssl cert' wrong SSL_CTX init |
| - BUG/MEDIUM: tcp-rules: Fix track-sc* actions for L4/L5 TCP rules |
| - DOC: schematic of the SSL certificates architecture |
| - BUG/MAJOR: mux-h2: don't wake streams after connection was destroyed |
| - BUG/MINOR: unix: better catch situations where the unix socket path length is close to the limit |
| - BUILD: cirrus-ci: switch to "snap" images to unify openssl naming |
| - BUILD: cirrus-ci: workaround "pkg install" bug |
| - BUILD: cirrus-ci: add ERR=1 to freebsd builds |
| - BUG/MINOR: connection: correctly retry I/O on signals |
| - CLEANUP: mini-clist: simplify nested do { while(1) {} } while (0) |
| - BUILD: http_act: cast file sizes when reporting file size error |
| - BUG/MEDIUM: listener: only consider running threads when resuming listeners |
| - BUG/MINOR: listener: enforce all_threads_mask on bind_thread on init |
| - BUG/MINOR: tcp: avoid closing fd when socket failed in tcp_bind_listener |
| - MINOR: build: add aix72-gcc build TARGET and power{8,9} CPUs |
| - BUILD: travis-ci: no more allowed failures for openssl-1.0.2 |
| - BUILD: travis-ci: harden builds, add ERR=1 (warning ought to be errors) |
| - BUILD: scripts/build-ssl.sh: use "uname" instead of ${TRAVIS_OS_NAME} |
| - BUG/MINOR: tcp: don't try to set defaultmss when value is negative |
| - SCRIPTS: make announce-release executable again |
| - BUG/MINOR: namespace: avoid closing fd when socket failed in my_socketat |
| - BUG/MEDIUM: muxes: Use the right argument when calling the destroy method. |
| - BUG/MINOR: mux-fcgi: Forbid special characters when matching PATH_INFO param |
| - CLEANUP: ssl: remove unused functions in openssl-compat.h |
| - MINOR: mux-fcgi: Make the capture of the path-info optional in pathinfo regex |
| - MINOR: tools: add is_idchar() to tell if a char may belong to an identifier |
| - MINOR: chunk: implement chunk_strncpy() to copy partial strings |
| - MINOR: sample/acl: use is_idchar() to locate the fetch/conv name |
| - MEDIUM: arg: make make_arg_list() stop after its own arguments |
| - MEDIUM: arg: copy parsed arguments into the trash instead of allocating them |
| - MEDIUM: arg: make make_arg_list() support quotes in arguments |
| - MINOR: sample: make sample_parse_expr() able to return an end pointer |
| - MEDIUM: log-format: make the LF parser aware of sample expressions' end |
| - BUG/MINOR: arg: report an error if an argument is larger than bufsize |
| - SCRIPTS: announce-release: use mutt -H instead of -i to include the draft |
| - BUILD: enable ERR=1 in github cygwin builds |
| - BUG/MINOR: arg: fix again incorrect argument length check |
| - MINOR: sample: regsub now supports backreferences |
| - BUG/MINOR: tools: also accept '+' as a valid character in an identifier |
| - MINOR: http-htx: Add a function to retrieve the headers size of an HTX message |
| - MINOR: filters: Forward data only if the last filter forwards something |
| - BUG/MINOR: filters: Count HTTP headers as filtered data but don't forward them |
| - BUG/MINOR: http-htx: Don't return error if authority is updated without changes |
| - BUG/MINOR: stream: Don't incr frontend cum_req counter when stream is closed |
| - BUG/MINOR: sample: exit regsub() in case of trash allocation error |
| - MINOR: ssl: add "issuers-chain-path" directive. |
| - REGTESTS: use "command -v" instead of "which" |
| - BUG/MINOR: http-ana: Matching on monitor-uri should be case-sensitive |
| - MINOR: http-ana: Match on the path if the monitor-uri starts by a / |
| - BUG/MINOR: ssl: Stop passing dynamic strings as format arguments |
| - BUG/MAJOR: http-ana: Always abort the request when a tarpit is triggered |
| - BUG/MINOR: mux: do not call conn_xprt_stop_recv() on buffer shortage |
| - MINOR: checks: do not call conn_xprt_stop_send() anymore |
| - CLEANUP: epoll: place the struct epoll_event in the stack |
| - MEDIUM: connection: remove the intermediary polling state from the connection |
| - MINOR: raw_sock: directly call fd_stop_send() and not conn_xprt_stop_send() |
| - MINOR: tcp/uxst/sockpair: use fd_want_send() instead of conn_xprt_want_send() |
| - MINOR: connection: remove the last calls to conn_xprt_{want,stop}_* |
| - CLEANUP: connection: remove the definitions of conn_xprt_{stop,want}_{send,recv} |
| - MINOR: connection: introduce a new receive flag: CO_RFL_READ_ONCE |
| - MINOR: mux-h1: pass CO_RFL_READ_ONCE to the lower layers when relevant |
| - MINOR: ist: add an iststop() function |
| - BUG/MINOR: http: http-request replace-path duplicates the query string |
| - CLEANUP: sample: use iststop instead of a for loop |
| - BUG/MEDIUM: shctx: make sure to keep all blocks aligned |
| - MINOR: compiler: move CPU capabilities definition from config.h and complete them |
| - BUG/MEDIUM: ebtree: don't set attribute packed without unaligned access support |
| - CLEANUP: http/h1: rely on HA_UNALIGNED_LE instead of checking for CPU families |
| - BUILD: fix recent build failure on unaligned archs |
| - MINOR: ssl: load the key from a dedicated file |
| - BUG/MINOR: ssl: load .key in a directory only after PEM |
| - MINOR: compiler: drop special cases of likely/unlikely for older compilers |
| - CLEANUP: conn: Do not pass a pointer to likely |
| - CLEANUP: net_helper: Do not negate the result of unlikely |
| - BUILD: remove obsolete support for -mregparm / USE_REGPARM |
| - CLEANUP: cfgparse: Fix type of second calloc() parameter |
| - BUILD: ssl: only pass unsigned chars to isspace() |
| - BUILD: general: always pass unsigned chars to is* functions |
| - BUG/MINOR: sample: fix the json converter's endian-sensitivity |
| - BUG/MEDIUM: ssl: fix several bad pointer aliases in a few sample fetch functions |
| - CLEANUP: fd: use a union in fd_rm_from_fd_list() to shut aliasing warnings |
| - CLEANUP: cache: use read_u32/write_u32 to access the cache entry's hash |
| - CLEANUP: stick-tables: use read_u32() to display a node's key |
| - CLEANUP: sample: use read_u64() in ipmask() to apply an IPv6 mask |
| - MINOR: pattern: fix all remaining strict aliasing issues |
| - CLEANUP: lua: fix aliasing issues in the address matching code |
| - CLEANUP: connection: use read_u32() instead of a cast in the netscaler parser |
| - BUILD: makefile: re-enable strict aliasing |
| - BUG/MINOR: connection: make sure to correctly tag local PROXY connections |
| - MINOR: compiler: add new alignment macros |
| - BUILD: ebtree: improve architecture-specific alignment |
| - MINOR: config: mark global.debug as deprecated |
| - BUILD: travis-ci: enable s390x builds |
| - MINOR: ssl/cli: 'show ssl cert' displays the chain |
| - MINOR: ssl/cli: 'show ssl cert'displays the issuer in the chain |
| - MINOR: ssl/cli: reorder 'show ssl cert' output |
| - CLEANUP: ssl: move issuer_chain tree and definition |
| - DOC: proxy-protocol: clarify IPv6 address representation in the spec |
| |
| 2020/02/07 : 2.2-dev2 |
| - BUILD: CI: temporarily mark openssl-1.0.2 as allowed failure |
| - MEDIUM: cli: Allow multiple filter entries for "show table" |
| - BUG/MEDIUM: netscaler: Don't forget to allocate storage for conn->src/dst. |
| - BUG/MINOR: ssl: ssl_sock_load_pem_into_ckch is not consistent |
| - BUILD: stick-table: fix build errors introduced by last stick-table change |
| - BUG/MINOR: cli: Missing arg offset for filter data values. |
| - MEDIUM: streams: Always create a conn_stream in connect_server(). |
| - MEDIUM: connections: Get ride of the xprt_done callback. |
| - CLEANUP: changelog: remove the duplicate entry for 2.2-dev1 |
| - BUILD: CI: move cygwin builds to Github Actions |
| - MINOR: cli: Report location of errors or any extra data for "show table" |
| - BUG/MINOR: ssl/cli: free the previous ckch content once a PEM is loaded |
| - CLEANUP: backend: remove useless test for inexistent connection |
| - CLEANUP: backend: shut another false null-deref in back_handle_st_con() |
| - CLEANUP: stats: shut up a wrong null-deref warning from gcc 9.2 |
| - BUG/MINOR: ssl: increment issuer refcount if in chain |
| - BUG/MINOR: ssl: memory leak w/ the ocsp_issuer |
| - BUG/MINOR: ssl: typo in previous patch |
| - BUG/MEDIUM: connections: Set CO_FL_CONNECTED in conn_complete_session(). |
| - BUG/MINOR: ssl/cli: ocsp_issuer must be set w/ "set ssl cert" |
| - MEDIUM: connection: remove CO_FL_CONNECTED and only rely on CO_FL_WAIT_* |
| - BUG/MEDIUM: 0rtt: Only consider the SSL handshake. |
| - MINOR: stream-int: always report received shutdowns |
| - MINOR: connection: remove CO_FL_SSL_WAIT_HS from CO_FL_HANDSHAKE |
| - MEDIUM: connection: use CO_FL_WAIT_XPRT more consistently than L4/L6/HANDSHAKE |
| - MINOR: connection: remove checks for CO_FL_HANDSHAKE before I/O |
| - MINOR: connection: do not check for CO_FL_SOCK_RD_SH too early |
| - MINOR: connection: don't check for CO_FL_SOCK_WR_SH too early in handshakes |
| - MINOR: raw-sock: always check for CO_FL_SOCK_WR_SH before sending |
| - MINOR: connection: remove some unneeded checks for CO_FL_SOCK_WR_SH |
| - BUG/MINOR: stktable: report the current proxy name in error messages |
| - BUG/MEDIUM: mux-h2: make sure we don't emit TE headers with anything but "trailers" |
| - MINOR: lua: Add hlua_prepend_path function |
| - MINOR: lua: Add lua-prepend-path configuration option |
| - MINOR: lua: Add HLUA_PREPEND_C?PATH build option |
| - BUILD: cfgparse: silence a bogus gcc warning on 32-bit machines |
| - BUG/MINOR: http-ana: Increment the backend counters on the backend |
| - BUG/MINOR: stream: Be sure to have a listener to increment its counters |
| - BUG/MEDIUM: streams: Move the conn_stream allocation outside #IF USE_OPENSSL. |
| - REGTESTS: make the set_ssl_cert test require version 2.2 |
| - BUG/MINOR: ssl: Possible memleak when allowing the 0RTT data buffer. |
| - MINOR: ssl: Remove dead code. |
| - BUG/MEDIUM: ssl: Don't forget to free ctx->ssl on failure. |
| - BUG/MEDIUM: stream: Don't install the mux in back_handle_st_con(). |
| - MEDIUM: streams: Don't close the connection in back_handle_st_con(). |
| - MEDIUM: streams: Don't close the connection in back_handle_st_rdy(). |
| - BUILD: CI: disable slow regtests on Travis |
| - BUG/MINOR: tcpchecks: fix the connect() flags regarding delayed ack |
| - BUG/MINOR: http-rules: Always init log-format expr for common HTTP actions |
| - BUG/MINOR: connection: fix ip6 dst_port copy in make_proxy_line_v2 |
| - BUG/MINOR: dns: allow 63 char in hostname |
| - MINOR: proxy: clarify number of connections log when stopping |
| - DOC: word converter ignores delimiters at the start or end of input string |
| - MEDIUM: raw-sock: remove obsolete calls to fd_{cant,cond,done}_{send,recv} |
| - BUG/MINOR: ssl/cli: fix unused variable with openssl < 1.0.2 |
| - MEDIUM: pipe/thread: reduce the locking overhead |
| - MEDIUM: pipe/thread: maintain a per-thread local cache of recently used pipes |
| - BUG/MEDIUM: pipe/thread: fix atomicity of pipe counters |
| - MINOR: tasks: move the list walking code to its own function |
| - MEDIUM: tasks: implement 3 different tasklet classes with their own queues |
| - MEDIUM: tasks: automatically requeue into the bulk queue an already running tasklet |
| - OPTIM: task: refine task classes default CPU bandwidth ratios |
| - BUG/MEDIUM: connections: Don't forget to unlock when killing a connection. |
| - MINOR: task: permanently flag tasklets waking themselves up |
| - MINOR: task: make sched->current also reflect tasklets |
| - MINOR: task: detect self-wakeups on tl==sched->current instead of TASK_RUNNING |
| - OPTIM: task: readjust CPU bandwidth distribution since last update |
| - MINOR: task: don't set TASK_RUNNING on tasklets |
| - BUG/MEDIUM: memory_pool: Update the seq number in pool_flush(). |
| - MINOR: memory: Only init the pool spinlock once. |
| - BUG/MEDIUM: memory: Add a rwlock before freeing memory. |
| - BUG/MAJOR: memory: Don't forget to unlock the rwlock if the pool is empty. |
| - MINOR: ssl: ssl-load-extra-files configure loading of files |
| - SCRIPTS: add a new "backport" script to simplify long series of backports |
| - BUG/MINOR: ssl: we may only ignore the first 64 errors |
| - SCRIPTS: use /usr/bin/env bash instead of /bin/bash for scripts |
| - BUG/MINOR: ssl: clear the SSL errors on DH loading failure |
| - CLEANUP: hpack: remove a redundant test in the decoder |
| - CLEANUP: peers: Remove unused static function `free_dcache` |
| - CLEANUP: peers: Remove unused static function `free_dcache_tx` |
| - CONTRIB: debug: add missing flags SF_HTX and SF_MUX |
| - CONTRIB: debug: add the possibility to decode the value as certain types only |
| - CONTRIB: debug: support reporting multiple values at once |
| - BUG/MINOR: http-act: Use the good message to test strict rewritting mode |
| - MINOR: global: Set default tune.maxrewrite value during global structure init |
| - MINOR: http-rules: Set SF_ERR_PRXCOND termination flag when a header rewrite fails |
| - MINOR: http-htx: Emit a warning if an error file runs over the buffer's reserve |
| - MINOR: htx: Add a function to append an HTX message to another one |
| - MINOR: htx/channel: Add a function to copy an HTX message in a channel's buffer |
| - BUG/MINOR: http-ana: Don't overwrite outgoing data when an error is reported |
| - MINOR: dns: Dynamically allocate dns options to reduce the act_rule size |
| - MINOR: dns: Add function to release memory allocated for a do-resolve rule |
| - BUG/MINOR: http-ana: Reset HTX first index when HAPRoxy sends a response |
| - BUG/MINOR: http-ana: Set HTX_FL_PROXY_RESP flag if a server perform a redirect |
| - MINOR: http-rules: Add a flag on redirect rules to know the rule direction |
| - MINOR: http-rules: Handle the rule direction when a redirect is evaluated |
| - MINOR: http-ana: Rely on http_reply_and_close() to handle server error |
| - MINOR: http-ana: Add a function for forward internal responses |
| - MINOR: http-ana/http-rules: Use dedicated function to forward internal responses |
| - MEDIUM: http: Add a ruleset evaluated on all responses just before forwarding |
| - MEDIUM: http-rules: Add the return action to HTTP rules |
| - MEDIUM: http-rules: Support extra headers for HTTP return actions |
| - CLEANUP: lua: Remove consistency check for sample fetches and actions |
| - BUG/MINOR: http-ana: Increment failed_resp counters on invalid response |
| - MINOR: lua: Get the action return code on the stack when an action finishes |
| - MINOR: lua: Create the global 'act' object to register all action return codes |
| - MINOR: lua: Add act:wake_time() function to set a timeout when an action yields |
| - MEDIUM: lua: Add ability for actions to intercept HTTP messages |
| - REGTESTS: Add reg tests for the HTTP return action |
| - REGTESTS: Add a reg test for http-after-response rulesets |
| - BUILD: lua: silence a warning on systems where longjmp is not marked as noreturn |
| - MINOR: acl: Warn when an ACL is named 'or' |
| - CONTRIB: debug: also support reading values from stdin |
| - SCRIPTS: backport: use short revs and resolve the initial commit |
| - BUG/MINOR: acl: Fix type of log message when an acl is named 'or' |
| |
| 2020/01/22 : 2.2-dev1 |
| - DOC: this is development again |
| - MINOR: version: this is development again, update the status |
| - SCRIPTS: update create-release to fix the changelog on new branches |
| - CLEANUP: ssl: Clean up error handling |
| - BUG/MINOR: contrib/prometheus-exporter: decode parameter and value only |
| - BUG/MINOR: h1: Don't test the host header during response parsing |
| - BUILD/MINOR: trace: fix use of long type in a few printf format strings |
| - DOC: Clarify behavior of server maxconn in HTTP mode |
| - MINOR: ssl: deduplicate ca-file |
| - MINOR: ssl: compute ca-list from deduplicate ca-file |
| - MINOR: ssl: deduplicate crl-file |
| - CLEANUP: dns: resolution can never be null |
| - BUG/MINOR: http-htx: Don't make http_find_header() fail if the value is empty |
| - DOC: ssl/cli: set/commit/abort ssl cert |
| - BUG/MINOR: ssl: fix SSL_CTX_set1_chain compatibility for openssl < 1.0.2 |
| - BUG/MINOR: fcgi-app: Make the directive pass-header case insensitive |
| - BUG/MINOR: stats: Fix HTML output for the frontends heading |
| - BUG/MINOR: ssl: fix X509 compatibility for openssl < 1.1.0 |
| - DOC: clarify matching strings on binary fetches |
| - DOC: Fix ordered list in summary |
| - DOC: move the "group" keyword at the right place |
| - MEDIUM: init: prevent process and thread creation at runtime |
| - BUG/MINOR: ssl/cli: 'ssl cert' cmd only usable w/ admin rights |
| - BUG/MEDIUM: stream-int: don't subscribed for recv when we're trying to flush data |
| - BUG/MINOR: stream-int: avoid calling rcv_buf() when splicing is still possible |
| - BUG/MINOR: ssl/cli: don't overwrite the filters variable |
| - BUG/MEDIUM: listener/thread: fix a race when pausing a listener |
| - BUG/MINOR: ssl: certificate choice can be unexpected with openssl >= 1.1.1 |
| - BUG/MEDIUM: mux-h1: Never reuse H1 connection if a shutw is pending |
| - BUG/MINOR: mux-h1: Don't rely on CO_FL_SOCK_RD_SH to set H1C_F_CS_SHUTDOWN |
| - BUG/MINOR: mux-h1: Fix conditions to know whether or not we may receive data |
| - BUG/MEDIUM: tasks: Make sure we switch wait queues in task_set_affinity(). |
| - BUG/MEDIUM: checks: Make sure we set the task affinity just before connecting. |
| - MINOR: debug: replace popen() with pipe+fork() in "debug dev exec" |
| - MEDIUM: init: set NO_NEW_PRIVS by default when supported |
| - BUG/MINOR: mux-h1: Be sure to set CS_FL_WANT_ROOM when EOM can't be added |
| - BUG/MEDIUM: mux-fcgi: Handle cases where the HTX EOM block cannot be inserted |
| - BUG/MINOR: proxy: make soft_stop() also close FDs in LI_PAUSED state |
| - BUG/MINOR: listener/threads: always use atomic ops to clear the FD events |
| - BUG/MINOR: listener: also clear the error flag on a paused listener |
| - BUG/MEDIUM: listener/threads: fix a remaining race in the listener's accept() |
| - MINOR: listener: make the wait paths cleaner and more reliable |
| - MINOR: listener: split dequeue_all_listener() in two |
| - REORG: listener: move the global listener queue code to listener.c |
| - DOC: document the listener state transitions |
| - BUG/MEDIUM: kqueue: Make sure we report read events even when no data. |
| - BUG/MAJOR: dns: add minimalist error processing on the Rx path |
| - BUG/MEDIUM: proto_udp/threads: recv() and send() must not be exclusive. |
| - DOC: listeners: add a few missing transitions |
| - BUG/MINOR: tasks: only requeue a task if it was already in the queue |
| - MINOR: tasks: split wake_expired_tasks() in two parts to avoid useless wakeups |
| - DOC: proxies: HAProxy only supports 3 connection modes |
| - DOC: remove references to the outdated architecture.txt |
| - BUG/MINOR: log: fix minor resource leaks on logformat error path |
| - BUG/MINOR: mworker: properly pass SIGTTOU/SIGTTIN to workers |
| - BUG/MINOR: listener: do not immediately resume on transient error |
| - BUG/MINOR: server: make "agent-addr" work on default-server line |
| - BUG/MINOR: listener: fix off-by-one in state name check |
| - BUILD/MINOR: unix sockets: silence an absurd gcc warning about strncpy() |
| - MEDIUM: h1-htx: Add HTX EOM block when the message is in H1_MSG_DONE state |
| - MINOR: http-htx: Add some htx sample fetches for debugging purpose |
| - REGTEST: Add an HTX reg-test to check an edge case |
| - DOC: clarify the fact that replace-uri works on a full URI |
| - BUG/MINOR: sample: fix the closing bracket and LF in the debug converter |
| - BUG/MINOR: sample: always check converters' arguments |
| - MINOR: sample: Validate the number of bits for the sha2 converter |
| - BUG/MEDIUM: ssl: Don't set the max early data we can receive too early. |
| - MINOR: ssl/cli: 'show ssl cert' give information on the certificates |
| - BUG/MINOR: ssl/cli: fix build for openssl < 1.0.2 |
| - MINOR: debug: support logging to various sinks |
| - MINOR: http: add a new "replace-path" action |
| - REGTEST: ssl: test the "set ssl cert" CLI command |
| - REGTEST: run-regtests: implement #REQUIRE_BINARIES |
| - MINOR: task: only check TASK_WOKEN_ANY to decide to requeue a task |
| - BUG/MAJOR: task: add a new TASK_SHARED_WQ flag to fix foreing requeuing |
| - BUG/MEDIUM: ssl: Revamp the way early data are handled. |
| - MINOR: fd/threads: make _GET_NEXT()/_GET_PREV() use the volatile attribute |
| - BUG/MEDIUM: fd/threads: fix a concurrency issue between add and rm on the same fd |
| - REGTEST: make the "set ssl cert" require version 2.1 |
| - BUG/MINOR: ssl: openssl-compat: Fix getm_ defines |
| - BUG/MEDIUM: state-file: do not allocate a full buffer for each server entry |
| - BUG/MINOR: state-file: do not store duplicates in the global tree |
| - BUG/MINOR: state-file: do not leak memory on parse errors |
| - BUG/MAJOR: mux-h1: Don't pretend the input channel's buffer is full if empty |
| - BUG/MEDIUM: stream: Be sure to never assign a TCP backend to an HTX stream |
| - BUILD: ssl: improve SSL_CTX_set_ecdh_auto compatibility |
| - BUILD: travis-ci: link with ssl libraries using rpath instead of LD_LIBRARY_PATH/DYLD_LIBRARY_PATH |
| - BUILD: travis-ci: reenable address sanitizer for clang builds |
| - BUG/MINOR: checks: refine which errno values are really errors. |
| - BUG/MINOR: connection: only wake send/recv callbacks if the FD is active |
| - CLEANUP: connection: conn->xprt is never NULL |
| - MINOR: pollers: add a new flag to indicate pollers reporting ERR & HUP |
| - MEDIUM: tcp: make tcp_connect_probe() consider ERR/HUP |
| - REORG: connection: move tcp_connect_probe() to conn_fd_check() |
| - MINOR: connection: check for connection validation earlier |
| - MINOR: connection: remove the double test on xprt_done_cb() |
| - CLEANUP: connection: merge CO_FL_NOTIFY_DATA and CO_FL_NOTIFY_DONE |
| - MINOR: poller: do not call the IO handler if the FD is not active |
| - OPTIM: epoll: always poll for recv if neither active nor ready |
| - OPTIM: polling: do not create update entries for FD removal |
| - BUG/MEDIUM: checks: Only attempt to do handshakes if the connection is ready. |
| - BUG/MEDIUM: connections: Hold the lock when wanting to kill a connection. |
| - BUILD: CI: modernize cirrus-ci |
| - MINOR: config: disable busy polling on old processes |
| - MINOR: ssl: Remove unused variable "need_out". |
| - BUG/MINOR: h1: Report the right error position when a header value is invalid |
| - BUG/MINOR: proxy: Fix input data copy when an error is captured |
| - BUG/MEDIUM: http-ana: Truncate the response when a redirect rule is applied |
| - BUG/MINOR: channel: inject output data at the end of output |
| - BUG/MEDIUM: session: do not report a failure when rejecting a session |
| - MEDIUM: dns: implement synchronous send |
| - MINOR: raw_sock: make sure to disable polling once everything is sent |
| - MINOR: http: Add 410 to http-request deny |
| - MINOR: http: Add 404 to http-request deny |
| - CLEANUP: mux-h2: remove unused goto "out_free_h2s" |
| - BUILD: cirrus-ci: choose proper openssl package name |
| - BUG/MAJOR: listener: do not schedule a task-less proxy |
| - CLEANUP: server: remove unused err section in server_finalize_init |
| - REGTEST: set_ssl_cert.vtc: replace "echo" with "printf" |
| - BUG/MINOR: stream-int: Don't trigger L7 retry if max retries is already reached |
| - BUG/MEDIUM: tasks: Use the MT macros in tasklet_free(). |
| - BUG/MINOR: mux-h2: use a safe list_for_each_entry in h2_send() |
| - BUG/MEDIUM: mux-h2: fix missing test on sending_list in previous patch |
| - CLEANUP: ssl: remove opendir call in ssl_sock_load_cert |
| - MEDIUM: lua: don't call the GC as often when dealing with outgoing connections |
| - BUG/MEDIUM: mux-h2: don't stop sending when crossing a buffer boundary |
| - BUG/MINOR: cli/mworker: can't start haproxy with 2 programs |
| - REGTEST: mcli/mcli_start_progs: start 2 programs |
| - BUG/MEDIUM: mworker: remain in mworker mode during reload |
| - DOC: clarify crt-base usage |
| - CLEANUP: compression: remove unused deinit_comp_ctx section |
| - BUG/MEDIUM: mux_h1: Don't call h1_send if we subscribed(). |
| - BUG/MEDIUM: raw_sock: Make sur the fd and conn are sync. |
| - CLEANUP: proxy: simplify proxy_parse_rate_limit proxy checks |
| - BUG/MAJOR: hashes: fix the signedness of the hash inputs |
| - REGTEST: add sample_fetches/hashes.vtc to validate hashes |
| - BUG/MEDIUM: cli: _getsocks must send the peers sockets |
| - CLEANUP: cli: deduplicate the code in _getsocks |
| - BUG/MINOR: stream: don't mistake match rules for store-request rules |
| - BUG/MEDIUM: connection: add a mux flag to indicate splice usability |
| - BUG/MINOR: pattern: handle errors from fgets when trying to load patterns |
| - MINOR: connection: move the CO_FL_WAIT_ROOM cleanup to the reader only |
| - MINOR: stream-int: remove dependency on CO_FL_WAIT_ROOM for rcv_buf() |
| - MEDIUM: connection: get rid of CO_FL_CURR_* flags |
| - BUILD: pattern: include errno.h |
| - MEDIUM: mux-h2: do not try to stop sending streams on blocked mux |
| - MEDIUM: mux-fcgi: do not try to stop sending streams on blocked mux |
| - MEDIUM: mux-h2: do not make an h2s subscribe to itself on deferred shut |
| - MEDIUM: mux-fcgi: do not make an fstrm subscribe to itself on deferred shut |
| - REORG: stream/backend: move backend-specific stuff to backend.c |
| - MEDIUM: backend: move the connection finalization step to back_handle_st_con() |
| - MEDIUM: connection: merge the send_wait and recv_wait entries |
| - MEDIUM: xprt: merge recv_wait and send_wait in xprt_handshake |
| - MEDIUM: ssl: merge recv_wait and send_wait in ssl_sock |
| - MEDIUM: mux-h1: merge recv_wait and send_wait |
| - MEDIUM: mux-h2: merge recv_wait and send_wait event notifications |
| - MEDIUM: mux-fcgi: merge recv_wait and send_wait event notifications |
| - MINOR: connection: make the last arg of subscribe() a struct wait_event* |
| - MINOR: ssl: Add support for returning the dn samples from ssl_(c|f)_(i|s)_dn in LDAP v3 (RFC2253) format. |
| - DOC: Fix copy and paste mistake in http-response replace-value doc |
| - BUG/MINOR: cache: Fix leak of cache name in error path |
| - BUG/MINOR: dns: Make dns_query_id_seed unsigned |
| - BUG/MINOR: 51d: Fix bug when HTX is enabled |
| - MINOR: http-htx: Move htx sample fetches in the scope "internal" |
| - MINOR: http-htx: Rename 'internal.htx_blk.val' to 'internal.htx_blk.data' |
| - MINOR: http-htx: Make 'internal.htx_blk_data' return a binary string |
| - DOC: Add a section to document the internal sample fetches |
| - MINOR: mux-h1: Inherit send flags from the upper layer |
| - MINOR: contrib/prometheus-exporter: Add heathcheck status/code in server metrics |
| - BUG/MINOR: http-ana/filters: Wait end of the http_end callback for all filters |
| - BUG/MINOR: http-rules: Remove buggy deinit functions for HTTP rules |
| - BUG/MINOR: stick-table: Use MAX_SESS_STKCTR as the max track ID during parsing |
| - MEDIUM: http-rules: Register an action keyword for all http rules |
| - MINOR: tcp-rules: Always set from which ruleset a rule comes from |
| - MINOR: actions: Use ACT_RET_CONT code to ignore an error from a custom action |
| - MINOR: tcp-rules: Kill connections when custom actions return ACT_RET_ERR |
| - MINOR: http-rules: Return an error when custom actions return ACT_RET_ERR |
| - MINOR: counters: Add a counter to report internal processing errors |
| - MEDIUM: http-ana: Properly handle internal processing errors |
| - MINOR: http-rules: Add a rule result to report internal error |
| - MINOR: http-rules: Handle internal errors during HTTP rules evaluation |
| - MINOR: http-rules: Add more return codes to let custom actions act as normal ones |
| - MINOR: tcp-rules: Handle denied/aborted/invalid connections from TCP rules |
| - MINOR: http-rules: Handle denied/aborted/invalid connections from HTTP rules |
| - MINOR: stats: Report internal errors in the proxies/listeners/servers stats |
| - MINOR: contrib/prometheus-exporter: Export internal errors per proxy/server |
| - MINOR: counters: Remove failed_secu counter and use denied_resp instead |
| - MINOR: counters: Review conditions to increment counters from analysers |
| - MINOR: http-ana: Add a txn flag to support soft/strict message rewrites |
| - MINOR: http-rules: Handle all message rewrites the same way |
| - MINOR: http-rules: Add a rule to enable or disable the strict rewriting mode |
| - MEDIUM: http-rules: Enable the strict rewriting mode by default |
| - REGTEST: Fix format of set-uri HTTP request rule in h1or2_to_h1c.vtc |
| - MINOR: actions: Add a function pointer to release args used by actions |
| - MINOR: actions: Regroup some info about HTTP rules in the same struct |
| - MINOR: http-rules/tcp-rules: Call the defined action function first if defined |
| - MINOR: actions: Rename the act_flag enum into act_opt |
| - MINOR: actions: Add flags to configure the action behaviour |
| - MINOR: actions: Use an integer to set the action type |
| - MINOR: http-rules: Use a specific action type for some custom HTTP actions |
| - MINOR: http-rules: Make replace-header and replace-value custom actions |
| - MINOR: http-rules: Make set-header and add-header custom actions |
| - MINOR: http-rules: Make set/del-map and add/del-acl custom actions |
| - MINOR: http-rules: Group all processing of early-hint rule in its case clause |
| - MEDIUM: http-rules: Make early-hint custom actions |
| - MINOR: http-rule/tcp-rules: Make track-sc* custom actions |
| - MINOR: tcp-rules: Make tcp-request capture a custom action |
| - MINOR: http-rules: Add release functions for existing HTTP actions |
| - BUG/MINOR: http-rules: Fix memory releases on error path during action parsing |
| - MINOR: tcp-rules: Add release functions for existing TCP actions |
| - BUG/MINOR: tcp-rules: Fix memory releases on error path during action parsing |
| - MINOR: http-htx: Add functions to read a raw error file and convert it in HTX |
| - MINOR: http-htx: Add functions to create HTX redirect message |
| - MINOR: config: Use dedicated function to parse proxy's errorfiles |
| - MINOR: config: Use dedicated function to parse proxy's errorloc |
| - MEDIUM: http-htx/proxy: Use a global and centralized storage for HTTP error messages |
| - MINOR: proxy: Register keywords to parse errorfile and errorloc directives |
| - MINOR: http-htx: Add a new section to create groups of custom HTTP errors |
| - MEDIUM: proxy: Add a directive to reference an http-errors section in a proxy |
| - MINOR: http-rules: Update txn flags and status when a deny rule is executed |
| - MINOR: http-rules: Support an optional status on deny rules for http reponses |
| - MINOR: http-rules: Use same function to parse request and response deny actions |
| - MINOR: http-ana: Add an error message in the txn and send it when defined |
| - MEDIUM: http-rules: Support an optional error message in http deny rules |
| - REGTEST: Add a strict rewriting mode reg test |
| - REGEST: Add reg tests about error files |
| - MINOR: ssl: accept 'verify' bind option with 'set ssl cert' |
| - BUG/MINOR: ssl: ssl_sock_load_ocsp_response_from_file memory leak |
| - BUG/MINOR: ssl: ssl_sock_load_issuer_file_into_ckch memory leak |
| - BUG/MINOR: ssl: ssl_sock_load_sctl_from_file memory leak |
| - BUG/MINOR: http_htx: Fix some leaks on error path when error files are loaded |
| - CLEANUP: http-ana: Remove useless test on txn when the error message is retrieved |
| - BUILD: CI: introduce ARM64 builds |
| - BUILD: ssl: more elegant anti-replay feature presence check |
| - MINOR: proxy/http-ana: Add support of extra attributes for the cookie directive |
| - MEDIUM: dns: use Additional records from SRV responses |
| - CLEANUP: Consistently `unsigned int` for bitfields |
| - CLEANUP: pattern: remove the pat_time definition |
| - BUG/MINOR: http_act: don't check capture id in backend |
| - BUG/MINOR: ssl: fix build on development versions of openssl-1.1.x |
| |
| 2019/11/25 : 2.2-dev0 |
| - exact copy of 2.1.0 |
| |
| 2019/11/25 : 2.1.0 |
| - BUG/MINOR: init: fix set-dumpable when using uid/gid |
| - MINOR: init: avoid code duplication while setting identify |
| - BUG/MINOR: ssl: ssl_pkey_info_index ex_data can store a dereferenced pointer |
| - BUG/MINOR: ssl: fix crt-list neg filter for openssl < 1.1.1 |
| - MINOR: peers: Alway show the table info for disconnected peers. |
| - MINOR: peers: Add TX/RX heartbeat counters. |
| - MINOR: peers: Add debugging information to "show peers". |
| - BUG/MINOR: peers: Wrong null "server_name" data field handling. |
| - MINOR: ssl/cli: 'abort ssl cert' deletes an on-going transaction |
| - BUG/MEDIUM: mworker: don't fill the -sf argument with -1 during the reexec |
| - BUG/MINOR: peers: "peer alive" flag not reset when deconnecting. |
| - BUILD/MINOR: ssl: fix compiler warning about useless statement |
| - BUG/MEDIUM: stream-int: Don't loose events on the CS when an EOS is reported |
| - MINOR: contrib/prometheus-exporter: filter exported metrics by scope |
| - MINOR: contrib/prometheus-exporter: Add a param to ignore servers in maintenance |
| - BUILD: debug: Avoid warnings in dev mode with -02 because of some BUG_ON tests |
| - BUG/MINOR: mux-h1: Fix tunnel mode detection on the response path |
| - BUG/MINOR: http-ana: Properly catch aborts during the payload forwarding |
| - DOC: Update http-buffer-request description to remove the part about chunks |
| - BUG/MINOR: stream-int: Fix si_cs_recv() return value |
| - DOC: internal: document the init calls |
| - MEDIUM: dns: Add resolve-opts "ignore-weight" |
| - MINOR: ssl: ssl_sock_prepare_ctx() return an error code |
| - MEDIUM: ssl/cli: apply SSL configuration on SSL_CTX during commit |
| - MINOR: ssl/cli: display warning during 'commit ssl cert' |
| - MINOR: version: report the version status in "haproxy -v" |
| - MINOR: version: emit the link to the known bugs in output of "haproxy -v" |
| - DOC: Add documentation about the use-service action |
| - MINOR: ssl: fix possible null dereference in error handling |
| - BUG/MINOR: ssl: fix curve setup with LibreSSL |
| - BUG/MINOR: ssl: Stop passing dynamic strings as format arguments |
| - CLEANUP: ssl: check if a transaction exists once before setting it |
| - BUG/MINOR: cli: fix out of bounds in -S parser |
| - MINOR: ist: add ist_find_ctl() |
| - BUG/MAJOR: h2: reject header values containing invalid chars |
| - BUG/MAJOR: h2: make header field name filtering stronger |
| - BUG/MAJOR: mux-h2: don't try to decode a response HEADERS frame in idle state |
| - MINOR: h2: add a function to report H2 error codes as strings |
| - MINOR: mux-h2/trace: report the connection and/or stream error code |
| - SCRIPTS: create-release: show the correct origin name in suggested commands |
| - SCRIPTS: git-show-backports: add "-s" to proposed cherry-pick commands |
| - BUG/MEDIUM: trace: fix a typo causing an incorrect startup error |
| - BUILD: reorder the objects in the makefile |
| - DOC: mention in INSTALL haproxy 2.1 is a stable stable version |
| - MINOR: version: indicate that this version is stable |
| |
| 2019/11/15 : 2.1-dev5 |
| - BUG/MEDIUM: ssl/cli: don't alloc path when cert not found |
| - BUG/MINOR: ssl/cli: unable to update a certificate without bundle extension |
| - BUG/MINOR: ssl/cli: fix an error when a file is not found |
| - MINOR: ssl/cli: replace the default_ctx during 'commit ssl cert' |
| - DOC: fix date and http_date keywords syntax |
| - MINOR: peers: Add "log" directive to "peers" section. |
| - BUG/MEDIUM: mux-h1: Disable splicing for chunked messages |
| - BUG/MEDIUM: stream: Be sure to support splicing at the mux level to enable it |
| - MINOR: flt_trace: Rename macros to print trace messages |
| - MINOR: trace: Add a set of macros to trace events if HA is compiled with debug |
| - MEDIUM: stream/trace: Register a new trace source with its events |
| - MINOR: doc: http-reuse connection pool fix |
| - BUG/MEDIUM: stream: Be sure to release allocated captures for TCP streams |
| - MINOR: http-ana: Remove the unused function http_reset_txn() |
| - BUG/MINOR: action: do-resolve now use cached response |
| - BUG: dns: timeout resolve not applied for valid resolutions |
| - DOC: management: fix typo on "cache_lookups" stats output |
| - BUG/MINOR: stream: init variables when the list is empty |
| - BUG/MEDIUM: tasks: Make tasklet_remove_from_tasklet_list() no matter the tasklet. |
| - BUG/MINOR: queue/threads: make the queue unlinking atomic |
| - BUG/MEDIUM: Make sure we leave the session list in session_free(). |
| - CLEANUP: session: slightly simplify idle connection cleanup logic |
| - MINOR: memory: also poison the area on freeing |
| - CLEANUP: cli: use srv_shutdown_streams() instead of open-coding it |
| - CLEANUP: stats: use srv_shutdown_streams() instead of open-coding it |
| - BUG/MEDIUM: listeners: always pause a listener on out-of-resource condition |
| - BUILD: contrib/da: remove an "unused" warning |
| - BUG/MEDIUM: filters: Don't call TCP callbacks for HTX streams |
| - MEDIUM: filters: Adapt filters API to allow again TCP filtering on HTX streams |
| - MINOR: freq_ctr: Make the sliding window sums thread-safe |
| - MINOR: stream: Remove the lock on the proxy to update time stats |
| - MINOR: counters: Add fields to store the max observed for {q,c,d,t}_time |
| - MINOR: stats: Report max times in addition of the averages for sessions |
| - MINOR: contrib/prometheus-exporter: Report metrics about max times for sessions |
| - BUG/MINOR: contrib/prometheus-exporter: Rename some metrics |
| - MINOR: contrib/prometheus-exporter: report the number of idle conns per server |
| - DOC: Add missing stats fields in the management manual |
| - BUG/MINOR: mux-h1: Properly catch parsing errors on payload and trailers |
| - BUG/MINOR: mux-h1: Don't set CS_FL_EOS on a read0 when receiving data to pipe |
| - MINOR: mux-h1: Set EOI on the conn-stream when EOS is reported in TUNNEL state |
| - MINOR: sink: Set the default max length for a message to BUFSIZE |
| - MINOR: ring: make the parse function automatically set the handler/release |
| - BUG/MINOR: log: make "show startup-log" use a ring buffer instead |
| - MINOR: stick-table: allow sc-set-gpt0 to set value from an expression |
| |
| 2019/11/03 : 2.1-dev4 |
| - BUG/MINOR: cli: don't call the kw->io_release if kw->parse failed |
| - BUG/MINOR: mux-h2: Don't pretend mux buffers aren't full anymore if nothing sent |
| - BUG/MAJOR: stream-int: Don't receive data from mux until SI_ST_EST is reached |
| - DOC: remove obsolete section about header manipulation |
| - BUG/MINOR: ssl/cli: cleanup on cli_parse_set_cert error |
| - MINOR: ssl/cli: rework the 'set ssl cert' IO handler |
| - BUILD: CI: comment out cygwin build, upgrade various ssl libraries |
| - DOC: Improve documentation of http-re(quest|sponse) replace-(header|value|uri) |
| - BUILD/MINOR: tools: shut up the format truncation warning in get_gmt_offset() |
| - BUG/MINOR: spoe: fix off-by-one length in UUID format string |
| - BUILD/MINOR: ssl: shut up a build warning about format truncation |
| - BUILD: do not disable -Wformat-truncation anymore |
| - MINOR: chunk: add chunk_istcat() to concatenate an ist after a chunk |
| - Revert "MINOR: istbuf: add b_fromist() to make a buffer from an ist" |
| - MINOR: mux: Add a new method to get informations about a mux. |
| - BUG/MEDIUM: stream_interface: Only use SI_ST_RDY when the mux is ready. |
| - BUG/MEDIUM: servers: Only set SF_SRV_REUSED if the connection if fully ready. |
| - MINOR: doc: fix busy-polling performance reference |
| - MINOR: config: allow no set-dumpable config option |
| - MINOR: init: always fail when setrlimit fails |
| - MINOR: ssl/cli: rework 'set ssl cert' as 'set/commit' |
| - CLEANUP: ssl/cli: remove leftovers of bundle/certs (it < 2) |
| - REGTEST: vtest can now enable mcli with its own flag |
| - BUG/MINOR: config: Update cookie domain warn to RFC6265 |
| - MINOR: sample: add us/ms support to date/http_date |
| - BUG/MINOR: ssl/cli: check trash allocation in cli_io_handler_commit_cert() |
| - BUG/MEDIUM: mux-h2: report no available stream on a connection having errors |
| - BUG/MEDIUM: mux-h2: immediately remove a failed connection from the idle list |
| - BUG/MEDIUM: mux-h2: immediately report connection errors on streams |
| - BUG/MINOR: stats: properly check the path and not the whole URI |
| - BUG/MINOR: ssl: segfault in cli_parse_set_cert with old openssl/boringssl |
| - BUG/MINOR: ssl: ckch->chain must be initialized |
| - BUG/MINOR: ssl: double free on error for ckch->{key,cert} |
| - MINOR: ssl: BoringSSL ocsp_response does not need issuer |
| - BUG/MEDIUM: ssl/cli: fix dot research in cli_parse_set_cert |
| - MINOR: backend: Add srv_name sample fetche |
| - DOC: Add GitHub issue config.yml |
| |
| 2019/10/25 : 2.1-dev3 |
| - MINOR: mux-h2/trace: missing conn pointer in demux full message |
| - MINOR: mux-h2: add a per-connection list of blocked streams |
| - BUILD: ebtree: make eb_is_empty() and eb_is_dup() take a const |
| - BUG/MEDIUM: mux-h2: do not enforce timeout on long connections |
| - BUG/MEDIUM: tasks: Don't forget to decrement tasks_run_queue. |
| - BUG/MINOR: peers: crash on reload without local peer. |
| - BUG/MINOR: mux-h2/trace: Fix traces on h2c initialization |
| - MINOR: h1-htx: Update h1_copy_msg_data() to ease the traces in the mux-h1 |
| - MINOR: htx: Adapt htx_dump() to be used from traces |
| - MINOR: mux-h1/trace: register a new trace source with its events |
| - MINOR: proxy: Store http-send-name-header in lower case |
| - MINOR: http: Remove headers matching the name of http-send-name-header option |
| - BUG/MINOR: mux-h1: Adjust header case when the server name is add to a request |
| - BUG/MINOR: mux-h1: Adjust header case when chunked encoding is add to a message |
| - MINOR: mux-h1: Try to wakeup the stream on output buffer allocation |
| - MINOR: fcgi: Add function to get the string representation of a record type |
| - MINOR: mux-fcgi/trace: Register a new trace source with its events |
| - BUG/MEDIUM: cache: make sure not to cache requests with absolute-uri |
| - DOC: clarify some points around http-send-name-header's behavior |
| - MEDIUM: mux-h2: support emitting CONTINUATION frames after HEADERS |
| - BUG/MINOR: mux-h1/mux-fcgi/trace: Fix position of the 4th arg in some traces |
| - DOC: fix typo in Prometheus exporter doc |
| - MINOR: h2: clarify the rules for how to convert an H2 request to HTX |
| - MINOR: htx: Add 2 flags on the start-line to have more info about the uri |
| - MINOR: http: Add a function to get the authority into a URI |
| - MINOR: h1-htx: Set the flag HTX_SL_F_HAS_AUTHORITY during the request parsing |
| - MEDIUM: http-htx: Keep the Host header and the request start-line synchronized |
| - MINOR: h1-htx: Only use the path of a normalized URI to format a request line |
| - MEDIUM: h2: make the request parser rebuild a complete URI |
| - MINOR: h2: report in the HTX flags when the request has an authority |
| - MEDIUM: mux-h2: do not map Host to :authority on output |
| - MEDIUM: h2: use the normalized URI encoding for absolute form requests |
| - MINOR: stats: mention in the help message support for "json" and "typed" |
| - MINOR: stats: get rid of the ST_CONVDONE flag |
| - MINOR: stats: replace the ST_* uri_auth flags with STAT_* |
| - MINOR: stats: always merge the uri_auth flags into the appctx flags |
| - MINOR: stats: set the appctx flags when initializing the applet only |
| - MINOR: stats: get rid of the STAT_SHOWADMIN flag |
| - MINOR: stats: make stats_dump_fields_json() directly take flags |
| - MINOR: stats: uniformize the calling convention of the dump functions |
| - MINOR: stats: support the "desc" output format modifier for info and stat |
| - MINOR: stats: prepare to add a description with each stat/info field |
| - MINOR: stats: make "show stat" and "show info" |
| - MINOR: stats: fill all the descriptions for "show info" and "show stat" |
| - BUG/MEDIUM: applet: always check a fast running applet's activity before killing |
| - BUILD: stats: fix missing '=' sign in array declaration |
| - MINOR: lists: add new macro LIST_SPLICE_END_DETACHED |
| - MINOR: list: add new macro MT_LIST_BEHEAD |
| - MEDIUM: task: Split the tasklet list into two lists. |
| - MINOR: h2: Document traps to be avoided on multithread. |
| - MINOR: lists: Try to use local variables instead of macro arguments. |
| - MINOR: lists: Fix alignement of \ when relevant. |
| - MINOR: mux-h2: also support emitting CONTINUATION on trailers |
| - MINOR: ssl: crt-list do ckchn_lookup |
| - REORG: ssl: rename ckch_node to ckch_store |
| - REORG: ssl: move structures to ssl_sock.h |
| - MINOR: ssl: initialize the sni_keytypes_map as EB_ROOT |
| - MINOR: ssl: initialize explicitly the sni_ctx trees |
| - BUG/MINOR: ssl: abort on sni allocation failure |
| - BUG/MINOR: ssl: free the sni_keytype nodes |
| - BUG/MINOR: ssl: abort on sni_keytypes allocation failure |
| - MEDIUM: ssl: introduce the ckch instance structure |
| - MEDIUM: ssl: split ssl_sock_add_cert_sni() |
| - MINOR: ssl: ssl_sock_load_ckchn() can properly fail |
| - MINOR: ssl: ssl_sock_load_multi_ckchs() can properly fail |
| - MEDIUM: ssl: ssl_sock_load_ckchs() alloc a ckch_inst |
| - MINOR: ssl: ssl_sock_load_crt_file_into_ckch() is filling from a BIO |
| - MEDIUM: ssl/cli: 'set ssl cert' updates a certificate from the CLI |
| - MINOR: ssl: load the sctl in/from the ckch |
| - MINOR: ssl: load the ocsp in/from the ckch |
| - BUG/MEDIUM: ssl: NULL dereference in ssl_sock_load_cert_sni() |
| - BUG/MINOR: ssl: fix build without SSL |
| - BUG/MINOR: ssl: fix build without multi-cert bundles |
| - BUILD: ssl: wrong #ifdef for SSL engines code |
| - BUG/MINOR: ssl: fix OCSP build with BoringSSL |
| - BUG/MEDIUM: htx: Catch chunk_memcat() failures when HTX data are formatted to h1 |
| - BUG/MINOR: chunk: Fix tests on the chunk size in functions copying data |
| - BUG/MINOR: mux-h1: Mark the output buffer as full when the xfer is interrupted |
| - MINOR: mux-h1: Xfer as much payload data as possible during output processing |
| - CLEANUP: h1-htx: Move htx-to-h1 formatting functions from htx.c to h1_htx.c |
| - BUG/MINOR: mux-h1: Capture ignored parsing errors |
| - MINOR: h1: Reject requests with different occurrences of the header host |
| - MINOR: h1: Reject requests if the authority does not match the header host |
| - REGTESTS: Send valid URIs in peers reg-tests and fix HA config to avoid warnings |
| - REGTESTS: Adapt proxy_protocol_random_fail.vtc to match normalized URI too |
| - BUG/MINOR: WURFL: fix send_log() function arguments |
| - BUG/MINOR: ssl: fix error messages for OCSP loading |
| - BUG/MINOR: ssl: can't load ocsp files |
| - MINOR: version: make the version strings variables, not constants |
| - BUG/MINOR: http-htx: Properly set htx flags on error files to support keep-alive |
| - MINOR: htx: Add a flag on HTX to known when a response was generated by HAProxy |
| - MINOR: mux-h1: Force close mode for proxy responses with an unfinished request |
| - BUILD: travis-ci: limit build to branches "master" and "next" |
| - BUILD/MEDIUM: threads: rename thread_info struct to ha_thread_info |
| - BUILD/SMALL: threads: enable threads on osx |
| - BUILD/MEDIUM: threads: enable cpu_affinity on osx |
| - MINOR: istbuf: add b_fromist() to make a buffer from an ist |
| - BUG/MINOR: cache: also cache absolute URIs |
| - BUG/MINOR: mworker/ssl: close openssl FDs unconditionally |
| - BUG/MINOR: tcp: Don't alter counters returned by tcp info fetchers |
| - BUG/MEDIUM: lists: Handle 1-element-lists in MT_LIST_BEHEAD(). |
| - BUG/MEDIUM: mux_pt: Make sure we don't have a conn_stream before freeing. |
| - BUG/MEDIUM: tasklet: properly compute the sleeping threads mask in tasklet_wakeup() |
| - BUG/MAJOR: idle conns: schedule the cleanup task on the correct threads |
| - BUG/MEDIUM: task: make tasklets either local or shared but not both at once |
| - Revert e8826ded5fea3593d89da2be5c2d81c522070995. |
| - BUG/MEDIUM: mux_pt: Don't destroy the connection if we have a stream attached. |
| - BUG/MEDIUM: mux_pt: Only call the wake emthod if nobody subscribed to receive. |
| - REGTEST: mcli/mcli_show_info: launch a 'show info' on the master CLI |
| - CLEANUP: ssl: make ssl_sock_load_cert*() return real error codes |
| - CLEANUP: ssl: make ssl_sock_load_ckchs() return a set of ERR_* |
| - CLEANUP: ssl: make cli_parse_set_cert handle errcode and warnings. |
| - CLEANUP: ssl: make ckch_inst_new_load_(multi_)store handle errcode/warn |
| - CLEANUP: ssl: make ssl_sock_put_ckch_into_ctx handle errcode/warn |
| - CLEANUP: ssl: make ssl_sock_load_dh_params handle errcode/warn |
| - CLEANUP: bind: handle warning label on bind keywords parsing. |
| - BUG/MEDIUM: ssl: 'tune.ssl.default-dh-param' value ignored with openssl > 1.1.1 |
| - BUG/MINOR: mworker/cli: reload fail with inherited FD |
| - BUG/MINOR: ssl: Fix fd leak on error path when a TLS ticket keys file is parsed |
| - BUG/MINOR: stick-table: Never exceed (MAX_SESS_STKCTR-1) when fetching a stkctr |
| - BUG/MINOR: cache: alloc shctx after check config |
| - BUG/MINOR: sample: Make the `field` converter compatible with `-m found` |
| - BUG/MINOR: server: check return value of fopen() in apply_server_state() |
| - REGTESTS: make seamless-reload depend on 1.9 and above |
| - REGTESTS: server/cli_set_fqdn requires version 1.8 minimum |
| - BUG/MINOR: dns: allow srv record weight set to 0 |
| - BUG/MINOR: ssl: fix memcpy overlap without consequences. |
| - BUG/MINOR: stick-table: fix an incorrect 32 to 64 bit key conversion |
| - BUG/MEDIUM: pattern: make the pattern LRU cache thread-local and lockless |
| - BUG/MINOR: mux-h2: do not emit logs on backend connections |
| - CLEANUP: ssl: remove old TODO commentary |
| - CLEANUP: ssl: fix SNI/CKCH lock labels |
| - MINOR: ssl: OCSP functions can load from file or buffer |
| - MINOR: ssl: load sctl from buf OR from a file |
| - MINOR: ssl: load issuer from file or from buffer |
| - MINOR: ssl: split ssl_sock_load_crt_file_into_ckch() |
| - BUG/MINOR: ssl/cli: fix looking up for a bundle |
| - MINOR: ssl/cli: update ocsp/issuer/sctl file from the CLI |
| - MINOR: ssl: update ssl_sock_free_cert_key_and_chain_contents |
| - MINOR: ssl: copy a ckch from src to dst |
| - MINOR: ssl: new functions duplicate and free a ckch_store |
| - MINOR: ssl/cli: assignate a new ckch_store |
| - MEDIUM: cli/ssl: handle the creation of SSL_CTX in an IO handler |
| - BUG/MINOR: ssl/cli: fix build of SCTL and OCSP |
| - BUG/MINOR: ssl/cli: out of bounds when built without ocsp/sctl |
| - BUG/MINOR: ssl: fix build with openssl < 1.1.0 |
| - BUG/MINOR: ssl: fix build of X509_chain_up_ref() w/ libreSSL |
| - MINOR: tcp: avoid confusion in time parsing init |
| - MINOR: debug: add a new "debug dev stream" command |
| - MINOR: cli/debug: validate addresses using may_access() in "debug dev stream" |
| - REORG: move CLI access level definitions to cli.h |
| - MINOR: cli: add an expert mode to hide dangerous commands |
| - MINOR: debug: make most debug CLI commands accessible in expert mode |
| - MINOR: stats/debug: maintain a counter of debug commands issued |
| - BUG/MEDIUM: debug: address a possible null pointer dereference in "debug dev stream" |
| |
| 2019/10/01 : 2.1-dev2 |
| - DOC: management: document reuse and connect counters in the CSV format |
| - DOC: management: document cache_hits and cache_lookups in the CSV format |
| - BUG/MINOR: dns: remove irrelevant dependency on a client connection |
| - MINOR: applet: make appctx use their own pool |
| - BUG/MEDIUM: checks: Don't attempt to receive data if we already subscribed. |
| - BUG/MEDIUM: http/htx: unbreak option http_proxy |
| - BUG/MINOR: backend: do not try to install a mux when the connection failed |
| - MINOR: mux-h2: Don't adjust anymore the amount of data sent in h2_snd_buf() |
| - BUG/MINOR: http_fetch: Fix http_auth/http_auth_group when called from TCP rules |
| - BUG/MINOR: http_htx: Initialize HTX error messages for TCP proxies |
| - BUG/MINOR: cache/htx: Make maxage calculation HTX aware |
| - BUG/MINOR: hlua: Make the function txn:done() HTX aware |
| - MINOR: proto_htx: Directly call htx_check_response_for_cacheability() |
| - MINOR: proto_htx: Rely on the HTX function to apply a redirect rules |
| - MINOR: proto_htx: Add the function htx_return_srv_error() |
| - MINOR: backend/htx: Don't rewind output data to set the sni on a srv connection |
| - MINOR: proto_htx: Don't stop forwarding when there is a post-connect processing |
| - DOC: htx: Update comments in HTX files |
| - CLEANUP: htx: Remove the unsued function htx_add_blk_type_size() |
| - MINOR: htx: Deduce the number of used blocks from tail and head values |
| - MINOR: htx: Use an array of char to store HTX blocks |
| - MINOR: htx: Slightly update htx_dump() to report better messages |
| - DOC: htx: Add internal documentation about the HTX |
| - MAJOR: http: Deprecate and ignore the option "http-use-htx" |
| - MEDIUM: mux-h2: Remove support of the legacy HTTP mode |
| - CLEANUP: h2: Remove functions converting h2 requests to raw HTTP/1.1 ones |
| - MINOR: connection: Remove the multiplexer protocol PROTO_MODE_HTX |
| - MINOR: stream: Rely on HTX analyzers instead of legacy HTTP ones |
| - MEDIUM: http_fetch: Remove code relying on HTTP legacy mode |
| - MINOR: config: Remove tests on the option 'http-use-htx' |
| - MINOR: stream: Remove tests on the option 'http-use-htx' in stream_new() |
| - MINOR: proxy: Remove tests on the option 'http-use-htx' during H1 upgrade |
| - MINOR: hlua: Remove tests on the option 'http-use-htx' to reject TCP applets |
| - MINOR: cache: Remove tests on the option 'http-use-htx' |
| - MINOR: contrib/prometheus-exporter: Remove tests on the option 'http-use-htx' |
| - CLEANUP: proxy: Remove the flag PR_O2_USE_HTX |
| - MINOR: proxy: Don't adjust connection mode of HTTP proxies anymore |
| - MEDIUM: backend: Remove code relying on the HTTP legacy mode |
| - MEDIUM: hlua: Remove code relying on the legacy HTTP mode |
| - MINOR: http_act: Remove code relying on the legacy HTTP mode |
| - MEDIUM: cache: Remove code relying on the legacy HTTP mode |
| - MEDIUM: compression: Remove code relying on the legacy HTTP mode |
| - MINOR: flt_trace: Remove code relying on the legacy HTTP mode |
| - MINOR: stats: Remove code relying on the legacy HTTP mode |
| - MAJOR: filters: Remove code relying on the legacy HTTP mode |
| - MINOR: stream: Remove code relying on the legacy HTTP mode |
| - MAJOR: http: Remove the HTTP legacy code |
| - MINOR: hlua: Remove useless test on TX_CON_WANT_* flags |
| - MINOR: proto_http: Remove unused http txn flags |
| - MINOR: proto_http: Remove the unused flag HTTP_MSGF_WAIT_CONN |
| - CLEANUP: proto_http: Group remaining flags of the HTTP transaction |
| - CLEANUP: channel: Remove the unused flag CF_WAKE_CONNECT |
| - CLEANUP: proto_http: Remove unecessary includes and comments |
| - CLEANUP: proto_http: Move remaining code from proto_http.c to proto_htx.c |
| - REORG: proto_htx: Move HTX analyzers & co to http_ana.{c,h} files |
| - BUG/MINOR: debug: Remove flags CO_FL_SOCK_WR_ENA/CO_FL_SOCK_RD_ENA |
| - MINOR: proxy: Remove support of the option 'http-tunnel' |
| - DOC: config: Update as a result of the legacy HTTP removal |
| - MEDIUM: config: Remove parsing of req* and rsp* directives |
| - MINOR: proxy: Remove the unused list of block rules |
| - MINOR: proxy/http_ana: Remove unused req_exp/rsp_exp and req_add/rsp_add lists |
| - DOC: config: Remove unsupported req* and rsp* keywords |
| - MINOR: global: Preset tune.max_http_hdr to its default value |
| - MINOR: http: Don't store raw HTTP errors in chunks anymore |
| - BUG/MINOR: session: Emit an HTTP error if accept fails only for H1 connection |
| - BUG/MINOR: session: Send a default HTTP error if accept fails for a H1 socket |
| - CLEANUP: mux-h2: Remove unused flags H2_SF_CHNK_* |
| - BUG/MINOR: checks: do not exit tcp-checks from the middle of the loop |
| - MINOR: config: Warn only if the option http-use-htx is used with "no" prefix |
| - BUG/MEDIUM: mux-h1: Trim excess server data at the end of a transaction |
| - MINOR: connection: add conn_get_src() and conn_get_dst() |
| - MINOR: frontend: switch to conn_get_{src,dst}() for logging and debugging |
| - MINOR: backend: switch to conn_get_{src,dst}() for port and address mapping |
| - MINOR: ssl: switch to conn_get_dst() to retrieve the destination address |
| - MINOR: tcp: replace various calls to conn_get_{from,to}_addr with conn_get_{src,dst} |
| - MINOR: stream-int: use conn_get_{src,dst} in conn_si_send_proxy() |
| - MINOR: stream/cli: use conn_get_{src,dst} in "show sess" and "show peers" output |
| - MINOR: log: use conn_get_{dst,src}() to retrieve the cli/frt/bck/srv/ addresses |
| - MINOR: http/htx: use conn_get_dst() to retrieve the destination address |
| - MINOR: lua: use conn_get_{src,dst} to retrieve connection addresses |
| - MINOR: http: check the source address via conn_get_src() in sample fetch functions |
| - CLEANUP: connection: remove the now unused conn_get_{from,to}_addr() |
| - MINOR: connection: add new src and dst fields |
| - MINOR: connection: use conn->{src,dst} instead of &conn->addr.{from,to} |
| - MINOR: ssl-sock: use conn->dst instead of &conn->addr.to |
| - MINOR: lua: switch to conn->dst for a connection's target address |
| - MINOR: peers: use conn->dst for the peer's target address |
| - MINOR: htx: switch from conn->addr.{from,to} to conn->{src,dst} |
| - MINOR: stream: switch from conn->addr.{from,to} to conn->{src,dst} |
| - MINOR: proxy: switch to conn->src in error snapshots |
| - MINOR: session: use conn->src instead of conn->addr.from |
| - MINOR: tcp: replace conn->addr.{from,to} with conn->{src,dst} |
| - MINOR: unix: use conn->dst for the target address in ->connect() |
| - MINOR: sockpair: use conn->dst for the target address in ->connect() |
| - MINOR: log: use conn->{src,dst} instead of conn->addr.{from,to} |
| - MINOR: checks: replace conn->addr.to with conn->dst |
| - MINOR: frontend: switch from conn->addr.{from,to} to conn->{src,dst} |
| - MINOR: http: convert conn->addr.from to conn->src in sample fetches |
| - MEDIUM: backend: turn all conn->addr.{from,to} to conn->{src,dst} |
| - MINOR: connection: create a new pool for struct sockaddr_storage |
| - MEDIUM: connection: make sure all address producers allocate their address |
| - MAJOR: connection: remove the addr field |
| - MINOR: connection: don't use clear_addr() anymore, just release the address |
| - MINOR: stream: add a new target_addr entry in the stream structure |
| - MAJOR: stream: store the target address into s->target_addr |
| - MINOR: peers: now remove the remote connection setup code |
| - MEDIUM: lua: do not allocate the remote connection anymore |
| - MEDIUM: backend: always release any existing prior connection in connect_server() |
| - MEDIUM: backend: remove impossible cases from connect_server() |
| - BUG/MINOR: mux-h1: Close server connection if input data remains in h1_detach() |
| - BUG/MEDIUM: tcp-checks: do not dereference inexisting conn_stream |
| - BUG/MINOR: http_ana: Be sure to have an allocated buffer to generate an error |
| - BUG/MINOR: http_htx: Support empty errorfiles |
| - BUG/CRITICAL: http_ana: Fix parsing of malformed cookies which start by a delimiter |
| - BUG/MEDIUM: protocols: add a global lock for the init/deinit stuff |
| - BUG/MINOR: proxy: always lock stop_proxy() |
| - MEDIUM: mux-h1: Add the support of headers adjustment for bogus HTTP/1 apps |
| - BUILD: threads: add the definition of PROTO_LOCK |
| - BUG/MEDIUM: lb-chash: Fix the realloc() when the number of nodes is increased |
| - BUG/MEDIUM: streams: Don't switch the SI to SI_ST_DIS if we have data to send. |
| - BUG/MINOR: log: make sure writev() is not interrupted on a file output |
| - DOC: improve the wording in CONTRIBUTING about how to document a bug fix |
| - MEDIUM: h1: Don't try to subscribe if we managed to read data. |
| - MEDIUM: h1: Don't wake the H1 tasklet if we got the whole request. |
| - REGTESTS: checks: exclude freebsd target for tcp-check_multiple_ports.vtc |
| - BUG/MINOR: hlua/htx: Reset channels analyzers when txn:done() is called |
| - BUG/MEDIUM: hlua: Check the calling direction in lua functions of the HTTP class |
| - MINOR: hlua: Don't set request analyzers on response channel for lua actions |
| - MINOR: hlua: Add a flag on the lua txn to know in which context it can be used |
| - BUG/MINOR: hlua: Only execute functions of HTTP class if the txn is HTTP ready |
| - BUG/MINOR: htx: Fix free space addresses calculation during a block expansion |
| - MINOR: ssl: merge ssl_sock_load_cert_file() and ssl_sock_load_cert_chain_file() |
| - MEDIUM: ssl: use cert_key_and_chain struct in ssl_sock_load_cert_file() |
| - MEDIUM: ssl: split the loading of the certificates |
| - MEDIUM: ssl: lookup and store in a ckch_node tree |
| - MEDIUM: ssl: load DH param in struct cert_key_and_chain |
| - BUG/MAJOR: queue/threads: avoid an AB/BA locking issue in process_srv_queue() |
| - MINOR: ssl: use STACK_OF for chain certs |
| - MINOR: ssl: add extra chain compatibility |
| - MINOR: ssl: check private key consistency in loading |
| - MINOR: ssl: do not look at DHparam with OPENSSL_NO_DH |
| - CLEANUP: ssl: ssl_sock_load_crt_file_into_ckch |
| - MINOR: ssl: clean ret variable in ssl_sock_load_ckchn |
| - MAJOR: fd: Get rid of the fd cache. |
| - MEDIUM: pollers: Remember the state for read and write for each threads. |
| - MEDIUM: mux-h2: don't try to read more than needed |
| - BUG/BUILD: ssl: fix build with openssl < 1.0.2 |
| - BUG/MEDIUM: ssl: does not try to free a DH in a ckch |
| - BUG/MINOR: debug: fix a small race in the thread dumping code |
| - MINOR: wdt: also consider that waiting in the thread dumper is normal |
| - REGTESTS: checks: make 4be_1srv_health_checks more reliable |
| - BUILD: ssl: BoringSSL add EVP_PKEY_base_id |
| - BUG/MEDIUM: ssl: don't free the ckch in multi-cert bundle |
| - BUG/MINOR: ssl: fix ressource leaks on error |
| - BUG/MEDIUM: lb-chash: Ensure the tree integrity when server weight is increased |
| - BUG/MAJOR: http/sample: use a static buffer for raw -> htx conversion |
| - BUG/MINOR: stream-int: make sure to always release empty buffers after sending |
| - BUG/MEDIUM: ssl: open the right path for multi-cert bundle |
| - BUG/MINOR: stream-int: also update analysers timeouts on activity |
| - BUG/MEDIUM: mux-h2: unbreak receipt of large DATA frames |
| - BUG/MEDIUM: mux-h2: split the stream's and connection's window sizes |
| - BUG/MEDIUM: proxy: Make sure to destroy the stream on upgrade from TCP to H2 |
| - DOC: Add 'Question.md' issue template, discouraging asking questions |
| - BUG/MEDIUM: fd: Always reset the polled_mask bits in fd_dodelete(). |
| - BUG/MEDIUM: pollers: Clear the poll_send bits as well. |
| - BUILD: travis-ci: enable daily Coverity scan |
| - BUG/MINOR: mux-h2: don't refrain from sending an RST_STREAM after another one |
| - BUG/MINOR: mux-h2: use CANCEL, not STREAM_CLOSED in h2c_frt_handle_data() |
| - BUG/MINOR: mux-h2: do not send REFUSED_STREAM on aborted uploads |
| - BUG/MEDIUM: mux-h2: do not recheck a frame type after a state transition |
| - BUG/MINOR: mux-h2: always send stream window update before connection's |
| - BUG/MINOR: mux-h2: always reset rcvd_s when switching to a new frame |
| - BUG/MEDIUM: checks: make sure to close nicely when we're the last to speak |
| - BUG/MEDIUM: stick-table: Wrong stick-table backends parsing. |
| - CLEANUP: mux-h2: move the demuxed frame check code in its own function |
| - MINOR: cache: add method to cache hash |
| - MINOR: cache: allow caching of OPTIONS request |
| - BUG/MINOR: ssl: fix 0-RTT for BoringSSL |
| - MINOR: ssl: ssl_fc_has_early should work for BoringSSL |
| - BUG/MINOR: pools: don't mark the thread harmless if already isolated |
| - BUG/MINOR: buffers/threads: always clear a buffer's head before releasing it |
| - CLEANUP: buffer: replace b_drop() with b_free() |
| - CLEANUP: task: move the cpu_time field to the task-only part |
| - MINOR: cli: add two new states to print messages on the CLI |
| - MINOR: cli: add cli_msg(), cli_err(), cli_dynmsg(), cli_dynerr() |
| - CLEANUP: cli: replace all occurrences of manual handling of return messages |
| - BUG/MEDIUM: proxy: Don't forget the SF_HTX flag when upgrading TCP=>H1+HTX. |
| - BUG/MEDIUM: proxy: Don't use cs_destroy() when freeing the conn_stream. |
| - BUG/MINOR: lua: fix setting netfilter mark |
| - BUG/MINOR: Fix prometheus '# TYPE' and '# HELP' headers |
| - BUG/MEDIUM: lua: Fix test on the direction to set the channel exp timeout |
| - BUG/MINOR: stats: Wait the body before processing POST requests |
| - MINOR: fd: make sure to mark the thread as not stuck in fd_update_events() |
| - BUG/MEDIUM: mux_pt: Don't call unsubscribe if we did not subscribe. |
| - BUILD: travis-ci: trigger non-mainstream configurations only on daily builds. |
| - MINOR: debug: indicate the applet name when the task is task_run_applet() |
| - MINOR: tools: add append_prefixed_str() |
| - MINOR: lua: export applet and task handlers |
| - MEDIUM: debug: make the thread dump code show Lua backtraces |
| - BUG/MEDIUM: h1: Always try to receive more in h1_rcv_buf(). |
| - MINOR: list: add LIST_SPLICE() to merge one list into another |
| - MINOR: tools: add a DEFNULL() macro to use NULL for empty args |
| - REORG: trace: rename trace.c to calltrace.c and mention it's not thread-safe |
| - MINOR: sink: create definitions a minimal code for event sinks |
| - MINOR: sink: add a support for file descriptors |
| - MINOR: trace: start to create a new trace subsystem |
| - MINOR: trace: add allocation of buffer-sized trace buffers |
| - MINOR: trace/cli: register the "trace" CLI keyword to list the sources |
| - MINOR: trace/cli: parse the "level" argument to configure the trace verbosity |
| - MINOR: trace/cli: add "show trace" to report trace state and statistics |
| - MINOR: trace: implement a very basic trace() function |
| - MINOR: trace: add the file name and line number in the prefix |
| - MINOR: trace: make trace() now also take a level in argument |
| - MINOR: trace: implement a call to a decode function |
| - MINOR: trace: add per-level macros to produce traces |
| - MINOR: trace: add a definition of typed arguments to trace() |
| - MINOR: trace: make sure to always stop the locking when stopping or pausing |
| - MINOR: trace: add the possibility to lock on some arguments |
| - MINOR: trace: parse the "lock" argument to trace |
| - MINOR: trace: retrieve useful pointers and enforce lock-on |
| - DOC: management: document the "trace" and "show trace" commands |
| - BUILD: trace: make the lockon_ptr const to silence a warning without threads |
| - BUG/MEDIUM: mux-h1: do not truncate trailing 0CRLF on buffer boundary |
| - BUG/MEDIUM: mux-h1: do not report errors on transfers ending on buffer full |
| - DOC: fixed typo in management.txt |
| - BUG/MINOR: mworker: disable SIGPROF on re-exec |
| - BUG/MEDIUM: listener/threads: fix an AB/BA locking issue in delete_listener() |
| - BUG/MEDIUM: url32 does not take the path part into account in the returned hash. |
| - MINOR: backend: Add srv_queue converter |
| - MINOR: sink: set the fd-type sinks to non-blocking |
| - MINOR: tools: add a function varint_bytes() to report the size of a varint |
| - MINOR: buffer: add functions to read/write varints from/to buffers |
| - MINOR: fd: add fd_write_frag_line() to send a fragmented line to an fd |
| - MINOR: sink: now call the generic fd write function |
| - MINOR: ring: add a new mechanism for retrieving/storing ring data in buffers |
| - MINOR: ring: add a ring_write() function |
| - MINOR: ring: add a generic CLI io_handler to dump a ring buffer |
| - MINOR: sink: add support for ring buffers |
| - MINOR: sink: implement "show events" to show supported sinks and dump the rings |
| - MINOR: sink: now report the number of dropped events on output |
| - MINOR: trace: support a default callback for the source |
| - MINOR: trace: extend the source location to 13 chars |
| - MINOR: trace: show thread number and source name in the trace |
| - MINOR: trace: change the TRACE() calling convention to put the args and cb last |
| - MINOR: connection: add the fc_pp_authority fetch -- authority TLV, from PROXYv2 |
| - MINOR: tools: add a generic struct "name_desc" for name-description pairs |
| - MINOR: trace: replace struct trace_lockon_args with struct name_desc |
| - MINOR: trace: change the "payload" level to "data" and move it |
| - MINOR: trace: prepend the function name for developer level traces |
| - MINOR: trace: also report the trace level in the output |
| - MINOR: trace: change the detail_level to per-source verbosity |
| - MINOR: mux-h2/trace: register a new trace source with its events |
| - MINOR: mux-h2/trace: add the default decoding callback |
| - MEDIUM: mux-h2/trace: add lots of traces all over the code |
| - MINOR: mux-h2: add functions to convert an h2c/h2s state to a string |
| - MINOR: mux-h2/trace: add a new verbosity level "clean" |
| - MINOR: mux-h2/trace: only decode the start-line at verbosity other than "minimal" |
| - MINOR: mux-h2/trace: always report the h2c/h2s state and flags |
| - MINOR: mux-h2/trace: report h2s->id before h2c->dsi for the stream ID |
| - CLEANUP: mux-h2/trace: reformat the "received" messages for better alignment |
| - CLEANUP: mux-h2/trace: lower-case event names |
| - MINOR: trace: extend default event names to 12 chars |
| - BUG/MINOR: ring: fix the way watchers are counted |
| - MINOR: cli: extend the CLI context with a list and two offsets |
| - MINOR: mux-h2/trace: report the connection pointer and state before FRAME_H |
| - MEDIUM: ring: implement a wait mode for watchers |
| - BUG/MEDIUM: mux-h2/trace: do not dereference h2c->conn after failed idle |
| - BUG/MEDIUM: mux-h2/trace: fix missing braces added with traces |
| - BUG/MINOR: ring: b_peek_varint() returns a uint64_t, not a size_t |
| - CLEANUP: fd: remove leftovers of the fdcache |
| - MINOR: fd: add a new "initialized" bit in the fdtab struct |
| - MINOR: fd/log/sink: make the non-blocking initialization depend on the initialized bit |
| - MEDIUM: log: use the new generic fd_write_frag_line() function |
| - MINOR: log: add a target type instead of hacking the address family |
| - MEDIUM: log: add support for logging to a ring buffer |
| - MINOR: send-proxy-v2: sends authority TLV according to TLV received |
| - MINOR: build: add linux-glibc-legacy build TARGET |
| - BUG/MEDIUM: peers: local peer socket not bound. |
| - BUILD: connection: silence gcc warning with extra parentheses |
| - BUG/MINOR: http-ana: Reset response flags when 1xx messages are handled |
| - BUG/MINOR: h1: Properly reset h1m when parsing is restarted |
| - BUG/MINOR: mux-h1: Fix size evaluation of HTX messages after headers parsing |
| - BUG/MINOR: mux-h1: Don't stop anymore input processing when the max is reached |
| - BUG/MINOR: mux-h1: Be sure to update the count before adding EOM after trailers |
| - BUG/MEDIUM: cache: Properly copy headers splitted on several shctx blocks |
| - BUG/MEDIUM: cache: Don't cache objects if the size of headers is too big |
| - BUG/MINOR: mux-h1: Fix a possible null pointer dereference in h1_subscribe() |
| - MEDIUM: fd: remove the FD_EV_POLLED status bit |
| - MEDIUM: fd: simplify the fd_*_{recv,send} functions using BTS/BTR |
| - MINOR: fd: make updt_fd_polling() a normal function |
| - CONTRIB: debug: add new program "poll" to test poll() events |
| - BUG/MINOR: checks: stop polling for write when we have nothing left to send |
| - BUG/MINOR: checks: start sending the request right after connect() |
| - BUG/MINOR: checks: make __event_chk_srv_r() report success before closing |
| - BUG/MINOR: checks: do not uselessly poll for reads before the connection is up |
| - BUG/MINOR: mux-h1: Fix a UAF in cfg_h1_headers_case_adjust_postparser() |
| - BUILD: CI: add basic CentOS 6 cirrus build |
| - MINOR: contrib/prometheus-exporter: Report DRAIN/MAINT/NOLB status for servers |
| - BUG/MINOR: lb/leastconn: ignore the server weights for empty servers |
| - BUG/MAJOR: ssl: ssl_sock was not fully initialized. |
| - MEDIUM: fd: mark the FD as ready when it's inserted |
| - MINOR: fd: add two new calls fd_cond_{recv,send}() |
| - MEDIUM: connection: enable reading only once the connection is confirmed |
| - MINOR: fd: add two flags ERR and SHUT to describe FD states |
| - MEDIUM: fd: do not use the FD_POLL_* flags in the pollers anymore |
| - BUG/MEDIUM: connection: don't keep more idle connections than ever needed |
| - MINOR: stats: report the number of idle connections for each server |
| - BUILD: CI: skip reg-tests/connection/proxy_protocol_random_fail.vtc on CentOS 6 |
| - BUILD/MINOR: auth: enabling for osx |
| - BUG/MINOR: listener: Fix a possible null pointer dereference |
| - BUG/MINOR: ssl: always check for ssl connection before getting its XPRT context |
| - MINOR: stats: Add JSON export from the stats page |
| - BUG/MINOR: filters: Properly set the HTTP status code on analysis error |
| - MINOR: sample: Add UUID-fetch |
| - CLEANUP: mux-h2: Remove unused flag H2_SF_DATA_CHNK |
| - BUG/MINOR: acl: Fix memory leaks when an ACL expression is parsed |
| - BUG/MINOR: backend: Fix a possible null pointer dereference |
| - BUG/MINOR: Missing stat_field_names (since f21d17bb) |
| - BUG/MEDIUM: stick-table: Properly handle "show table" with a data type argument |
| - BUILD: CI: temporarily disable ASAN |
| - MINOR: htx: Add a flag on HTX message to report processing errors |
| - MINOR: mux-h1: Report a processing error during output processing |
| - MINOR: http-ana: Handle HTX errors first during message analysis |
| - MINOR: http-ana: Remove err_state field from http_msg |
| - MINOR: config: Support per-proxy and per-server deinit functions callbacks |
| - MINOR: config: Support per-proxy and per-server post-check functions callbacks |
| - MINOR: http_fetch: Add sample fetches to get auth method/user/pass |
| - MINOR: istbuf: Add the function b_isteqi() |
| - MINOR: log: Provide a function to emit a log for an application |
| - MINOR: http: Add function to parse value of the header Status |
| - MEDIUM: mux-h1/h1-htx: move HTX convertion of H1 messages in dedicated file |
| - MINOR: h1-htx: Use the same function to copy message payload in all cases |
| - MINOR: muxes/htx: Ignore pseudo header during message formatting |
| - MINOR: fcgi: Add code related to FCGI protocol |
| - MEDIUM: fcgi-app: Add FCGI application and filter |
| - MEDIUM: mux-fcgi: Add the FCGI multiplexer |
| - MINOR: doc: Add documentation about the FastCGI support |
| - BUG/MINOR: build: Fix compilation of mux_fcgi.c when compiled without SSL |
| - BUILD: CI: install golang-1.13 when building BoringSSL |
| - BUG/MINOR: mux-h2: Be sure to have a connection to unsubcribe |
| - BUG/MINOR: mux-fcgi: Be sure to have a connection to unsubcribe |
| - CLEANUP: fcgi-app: Remove useless test on fcgi_conf pointer |
| - BUG/MINOR: mux-fcgi: Don't compare the filter name in its parsing callback |
| - BUG/MAJOR: mux-h2: Handle HEADERS frames received after a RST_STREAM frame |
| - BUG/MEDIUM: check/threads: make external checks run exclusively on thread 1 |
| - MEDIUM: list: Separate "locked" list from regular list. |
| - MINOR: mt_lists: Add new macroes. |
| - MEDIUM: servers: Use LIST_DEL_INIT() instead of LIST_DEL(). |
| - MINOR: mt_lists: Do nothing in MT_LIST_ADD/MT_LIST_ADDQ if already in list. |
| - MINOR: mt_lists: Give MT_LIST_ADD, MT_LIST_ADDQ and MT_LIST_DEL a return value. |
| - MEDIUM: tasklets: Make the tasklet list a struct mt_list. |
| - TESTS: Add a stress-test for mt_lists. |
| - BUILD: travis-ci: add PCRE2, SLZ build |
| - BUG/MINOR: build: fix event ports (Solaris) |
| - BUG/MEDIUM: namespace: fix fd leak in master-worker mode |
| - OPTIM: listeners: use tasklets for the multi-queue rings |
| - BUILD: makefile: work around yet another GCC fantasy (-Wstring-plus-int) |
| - BUG/MINOR: stream-int: Process connection/CS errors first in si_cs_send() |
| - BUG/MEDIUM: stream-int: Process connection/CS errors during synchronous sends |
| - BUG/MEDIUM: checks: make sure the connection is ready before trying to recv |
| - CLEANUP: task: remove impossible test |
| - CLEANUP: task: cache the task_per_thread pointer |
| - MINOR: task: split the tasklet vs task code in process_runnable_tasks() |
| - MINOR: task: introduce a thread-local "sched" variable for local scheduler stuff |
| - CLEANUP: mux-fcgi: Remove the unused function fcgi_strm_id() |
| - BUG/MINOR: mux-fcgi: Use a literal string as format in app_log() |
| - BUG/MEDIUM: tasklets: Make sure we're waking the target thread if it sleeps. |
| - MINOR: h2/trace: indicate 'F' or 'B' to locate the side of an h2c in traces |
| - MINOR: h2/trace: report the frame type when known |
| - BUG/MINOR: mux-h2: do not wake up blocked streams before the mux is ready |
| - BUG/MEDIUM: namespace: close open namespaces during soft shutdown |
| - MINOR: time: add timeofday_as_iso_us() to return instant time as ISO |
| - MINOR: sink: finally implement support for SINK_FMT_{TIMED,ISO} |
| - MINOR: sink: change ring buffer "buf0"'s format to "timed" |
| - BUG/MEDIUM: mux-h2: don't reject valid frames on closed streams |
| - BUG/MINOR: mux-fcgi: silence a gcc warning about null dereference |
| - BUG/MINOR: mux-h2: Fix missing braces because of traces in h2_detach() |
| - BUG/MINOR: mux-h2: Use the dummy error when decoding headers for a closed stream |
| - BUG/MAJOR: mux_h2: Don't consume more payload than received for skipped frames |
| - BUG/MINOR: mux-h1: Do h2 upgrade only on the first request |
| - BUG/MEDIUM: spoe: Use a different engine-id per process |
| - MINOR: spoe: Improve generation of the engine-id |
| - MINOR: spoe: Support the async mode with several threads |
| - MINOR: http: Add server name header from HTTP multiplexers |
| - CLEANUP: http-ana: Remove the unused function http_send_name_header() |
| - MINOR: stats: Add the support of float fields in stats |
| - BUG/MINOR: contrib/prometheus-exporter: Return the time averages in seconds |
| - DOC: Fix documentation about the cli command to get resolver stats |
| - BUG/MEDIUM: fcgi: fix missing list tail in sample fetch registration |
| - BUG/MINOR: stats: Add a missing break in a switch statement |
| - BUG/MINOR: lua: Properly initialize the buffer's fields for string samples in hlua_lua2(smp|arg) |
| - CLEANUP: lua: Get rid of obsolete (size_t *) cast in hlua_lua2(smp|arg) |
| - BUG/MEDIUM: lua: Store stick tables into the sample's `t` field |
| - CLEANUP: proxy: Remove `proxy_tbl_by_name` |
| - BUILD: ssl: fix a warning when built with openssl < 1.0.2 |
| - DOC: replace utf-8 quotes by ascii ones |
| - BUG/MEDIUM: fd: HUP is an error only when write is active |
| - BUG/MINOR: action: do-resolve does not yield on requests with body |
| - Revert "MINOR: cache: allow caching of OPTIONS request" |
| |
| 2019/07/16 : 2.1-dev1 |
| - BUG/MEDIUM: h2/htx: Update data length of the HTX when the cookie list is built |
| - DOC: this is a development branch again. |
| - MEDIUM: Make 'block' directive fatal |
| - MEDIUM: Make 'redispatch' directive fatal |
| - MEDIUM: Make '(cli|con|srv)timeout' directive fatal |
| - MEDIUM: Remove 'option independant-streams' |
| - MINOR: sample: Add sha2([<bits>]) converter |
| - MEDIUM: server: server-state global file stored in a tree |
| - BUG/MINOR: lua/htx: Make txn.req_req_* and txn.res_rep_* HTX aware |
| - BUG/MINOR: mux-h1: Add the header connection in lower case in outgoing messages |
| - BUG/MEDIUM: compression: Set Vary: Accept-Encoding for compressed responses |
| - MINOR: htx: Add the function htx_change_blk_value_len() |
| - BUG/MEDIUM: htx: Fully update HTX message when the block value is changed |
| - BUG/MEDIUM: mux-h2: Reset padlen when several frames are demux |
| - BUG/MEDIUM: mux-h2: Remove the padding length when a DATA frame size is checked |
| - BUG/MEDIUM: lb_fwlc: Don't test the server's lb_tree from outside the lock |
| - BUG/MAJOR: sample: Wrong stick-table name parsing in "if/unless" ACL condition. |
| - BUILD: mworker: silence two printf format warnings around getpid() |
| - BUILD: makefile: use :space: instead of digits to count commits |
| - BUILD: makefile: adjust the sed expression of "make help" for solaris |
| - BUILD: makefile: do not rely on shell substitutions to determine git version |
| - BUG/MINOR: mworker-prog: Fix segmentation fault during cfgparse |
| - BUG/MINOR: spoe: Fix memory leak if failing to allocate memory |
| - BUG/MEDIUM: mworker: don't call the thread and fdtab deinit |
| - BUG/MEDIUM: stream_interface: Don't add SI_FL_ERR the state is < SI_ST_CON. |
| - BUG/MEDIUM: connections: Always add the xprt handshake if needed. |
| - BUG/MEDIUM: ssl: Don't do anything in ssl_subscribe if we have no ctx. |
| - BUG/MEDIUM: mworker/cli: command pipelining doesn't work anymore |
| - BUG/MINOR: htx: Save hdrs_bytes when the HTX start-line is replaced |
| - BUG/MAJOR: mux-h1: Don't crush trash chunk area when outgoing message is formatted |
| - BUG/MINOR: memory: Set objects size for pools in the per-thread cache |
| - BUG/MINOR: log: Detect missing sampling ranges in config |
| - BUG/MEDIUM: proto_htx: Don't add EOM on 1xx informational messages |
| - BUG/MEDIUM: mux-h1: Use buf_room_for_htx_data() to detect too large messages |
| - BUG/MINOR: mux-h1: Make format errors during output formatting fatal |
| - BUG/MEDIUM: ssl: Don't attempt to set alpn if we're not using SSL. |
| - BUG/MEDIUM: mux-h1: Always release H1C if a shutdown for writes was reported |
| - BUG/MINOR: mworker/cli: don't output a \n before the response |
| - BUG/MEDIUM: checks: unblock signals in external checks |
| - BUG/MINOR: mux-h1: Skip trailers for non-chunked outgoing messages |
| - BUG/MINOR: mux-h1: Don't return the empty chunk on HEAD responses |
| - BUG/MEDIUM: connections: Always call shutdown, with no linger. |
| - BUG/MEDIUM: checks: Make sure the tasklet won't run if the connection is closed. |
| - BUG/MINOR: contrib/prometheus-exporter: Don't use channel_htx_recv_max() |
| - BUG/MINOR: hlua: Don't use channel_htx_recv_max() |
| - BUG/MEDIUM: channel/htx: Use the total HTX size in channel_htx_recv_limit() |
| - BUG/MINOR: hlua/htx: Respect the reserve when HTX data are sent |
| - BUG/MINOR: contrib/prometheus-exporter: Respect the reserve when data are sent |
| - BUG/MEDIUM: connections: Make sure we're unsubscribe before upgrading the mux. |
| - BUG/MEDIUM: servers: Authorize tfo in default-server. |
| - BUG/MEDIUM: sessions: Don't keep an extra idle connection in sessions. |
| - MINOR: server: Add "no-tfo" option. |
| - BUG/MINOR: contrib/prometheus-exporter: Don't try to add empty data blocks |
| - MINOR: action: Add the return code ACT_RET_DONE for actions |
| - BUG/MEDIUM: http/applet: Finish request processing when a service is registered |
| - BUG/MEDIUM: lb_fas: Don't test the server's lb_tree from outside the lock |
| - BUG/MEDIUM: mux-h1: Handle TUNNEL state when outgoing messages are formatted |
| - BUG/MINOR: mux-h1: Don't process input or ouput if an error occurred |
| - MINOR: stream-int: Factorize processing done after sending data in si_cs_send() |
| - BUG/MEDIUM: stream-int: Don't rely on CF_WRITE_PARTIAL to unblock opposite si |
| - DOC: contrib: spoa_server Add some hints for building spoa_server |
| - DOC: Fix typo in intro.txt |
| - BUG/MEDIUM: servers: Don't forget to set srv_cs to NULL if we can't reuse it. |
| - BUG/MINOR: ssl: revert empty handshake detection in OpenSSL <= 1.0.2 |
| - MINOR: pools: release the pool's lock during the malloc/free calls |
| - MINOR: pools: always pre-initialize allocated memory outside of the lock |
| - MINOR: pools: make the thread harmless during the mmap/munmap syscalls |
| - BUG/MEDIUM: fd/threads: fix excessive CPU usage on multi-thread accept |
| - BUG/MINOR: server: Be really able to keep "pool-max-conn" idle connections |
| - BUG/MEDIUM: checks: Don't attempt to read if we destroyed the connection. |
| - BUG/MEDIUM: da: cast the chunk to string. |
| - DOC: Fix typos and grammer in configuration.txt |
| - CLEANUP: proto_tcp: Remove useless header inclusions. |
| - BUG/MEDIUM: servers: Fix a race condition with idle connections. |
| - MINOR: task: introduce work lists |
| - BUG/MAJOR: listener: fix thread safety in resume_listener() |
| - BUG/MEDIUM: mux-h1: Don't release h1 connection if there is still data to send |
| - BUG/MINOR: mux-h1: Correctly report Ti timer when HTX and keepalives are used |
| - BUG/MEDIUM: streams: Don't give up if we couldn't send the request. |
| - BUG/MEDIUM: streams: Don't redispatch with L7 retries if redispatch isn't set. |
| - BUG/MINOR: mux-pt: do not pretend there's more data after a read0 |
| - BUG/MEDIUM: tcp-check: unbreak multiple connect rules again |
| - MEDIUM: mworker-prog: Add user/group options to program section |
| - REGTESTS: checks: tcp-check connect to multiple ports |
| - BUG/MEDIUM: threads: cpu-map designating a single thread/process are ignored |
| |
| 2019/06/16 : 2.1-dev0 |
| - exact copy of 2.0.0 |
| |
| 2019/06/16 : 2.0.0 |
| - MINOR: fd: Don't use atomic operations when it's not needed. |
| - DOC: mworker-prog: documentation for the program section |
| - MINOR: http: add a new "http-request replace-uri" action |
| - BUG/MINOR: 51d/htx: The _51d_fetch method, and the methods it calls are now HTX aware. |
| - MINOR: 51d: Added dummy libraries for the 51Degrees module for testing. |
| - MINOR: mworker: change formatting in uptime field of "show proc" |
| - MINOR: mworker: add the HAProxy version in "show proc" |
| - MINOR: doc: Remove -Ds option in man page |
| - MINOR: doc: add master-worker in the man page |
| - MINOR: doc: mention HAPROXY_LOCALPEER in the man |
| - BUILD: Silence gcc warning about unused return value |
| - CLEANUP: 51d: move the 51d dummy lib to contrib/51d/src to match the real lib |
| - BUILD: travis-ci: add 51Degree device detection, update openssl to 1.1.1c |
| - MINOR: doc: update the manpage and usage message about -S |
| - BUILD/MINOR: 51d: Updated build registration output to indicate thatif the library is a dummy one or not. |
| - BUG/MEDIUM: h1: Don't wait for handshake if we had an error. |
| - BUG/MEDIUM: h1: Wait for the connection if the handshake didn't complete. |
| - BUG/MINOR: task: prevent schedulable tasks from starving under high I/O activity |
| - BUG/MINOR: fl_trace/htx: Be sure to always forward trailers and EOM |
| - BUG/MINOR: channel/htx: Call channel_htx_full() from channel_full() |
| - BUG/MINOR: http: Use the global value to limit the number of parsed headers |
| - BUG/MINOR: htx: Detect when tail_addr meet end_addr to maximize free rooms |
| - BUG/MEDIUM: htx: Don't change position of the first block during HTX analysis |
| - CLEANUP: channel: Remove channel_htx_fwd_payload() and channel_htx_fwd_all() |
| - BUG/MEDIUM: proto_htx: Introduce the state ENDING during forwarding |
| - MINOR: htx: Add 3 flags on the start-line to deal with the request schemes |
| - MINOR: h2: Set flags about the request's scheme on the start-line |
| - MINOR: mux-h1: Set flags about the request's scheme on the start-line |
| - MINOR: mux-h2: Forward clients scheme to servers checking start-line flags |
| - MEDIUM: server: server-state only rely on server name |
| - CLEANUP: connection: rename the wait_event.task field to .tasklet |
| - CLEANUP: tasks: rename task_remove_from_tasklet_list() to tasklet_remove_* |
| - BUG/MEDIUM: connections: Don't call shutdown() if we want to disable linger. |
| - DOC: add some environment variables in section 2.3 |
| - BUILD: makefile: clarify the "help" output and list options |
| - BUG/MINOR: mux-h1: Wake busy mux for I/O when message is fully sent |
| - BUG: tasks: fix bug introduced by latest scheduler cleanup |
| - BUG/MEDIUM: mux-h2: fix early close with option abortonclose |
| - BUG/MEDIUM: connections: Don't use ALPN to pick mux when in mode TCP. |
| - BUG/MEDIUM: connections: Don't try to send early data if we have no mux. |
| - BUG/MEDIUM: mux-h2: properly account for the appended data in HTX |
| - BUILD: makefile: further clarify the "help" output and list targets |
| - BUILD: makefile: rename "linux2628" to "linux-glibc" and remove older targets |
| - BUILD: travis-ci: switch to linux-glibc instead of linux2628 |
| - DOC: update few references to the linux* targets and change them to linux-glibc |
| - BUILD: makefile: detect and reject recently removed linux targets |
| - BUILD: makefile: enable linux namespaces by default on linux |
| - BUILD: makefile: enable TFO on linux platforms |
| - BUILD: makefile: enable getaddrinfo on the linux-glibc target |
| - DOC: small updates to the CONTRIBUTING file |
| - BUG/MEDIUM: ssl: Make sure we initiate the handshake after using early data. |
| - CLEANUP: removed obsolete examples an move a few to better places |
| - DOC: Fix typos in CONTRIBUTING |
| - DOC: update the outdated ROADMAP file |
| - DOC: create a BRANCHES file to explain the life cycle |
| - DOC: mention in INSTALL haproxy 2.0 is a long-term supported stable version |
| - BUILD: travis-ci: TFO and GETADDRINFO are now enabled by default |
| - BUILD: makefile: make the obsolete target detection compatible with make-3.80 |
| - BUILD: tools: work around an internal compiler bug in gcc-3.4 |
| - BUILD: pattern: work around an internal compiler bug in gcc-3.4 |
| - BUILD: makefile: enable USE_RT on Solaris |
| - BUILD: makefile: do not use echo -n |
| - DOC: mention a few common build errors in the INSTALL file |
| |
| 2019/06/11 : 2.0-dev7 |
| - BUG/MEDIUM: mux-h2: make sure the connection timeout is always set |
| - MINOR: tools: add new bitmap manipulation functions |
| - MINOR: logs: use the new bitmap functions instead of fd_sets for encoding maps |
| - MINOR: chunks: Make sure trash_size is only set once. |
| - Revert "MINOR: chunks: Make sure trash_size is only set once." |
| - MINOR: threads: serialize threads initialization |
| - MINOR peers: data structure simplifications for server names dictionary cache. |
| - DOC: peers: Update for dictionary cache entries for peers protocol. |
| - MINOR: dict: Store the length of the dictionary entries. |
| - MINOR: peers: A bit of optimization when encoding cached server names. |
| - MINOR: peers: Optimization for dictionary cache lookup. |
| - MEDIUM: tools: improve time format error detection |
| - BUG/MEDIUM: H1: When upgrading, make sure we don't free the buffer too early. |
| - BUG/MEDIUM: stream_interface: Make sure we call si_cs_process() if CS_FL_EOI. |
| - MINOR: threads: avoid clearing harmless twice in thread_release() |
| - MEDIUM: threads: add thread_sync_release() to synchronize steps |
| - BUG/MEDIUM: init/threads: prevent initialized threads from starting before others |
| - OPTIM/MINOR: init/threads: only call protocol_enable_all() on first thread |
| - BUG/MINOR: dict: race condition fix when inserting dictionary entries. |
| - MEDIUM: init/threads: don't use spinlocks during the init phase |
| - BUG/MINOR: cache/htx: Fix the counting of data already sent by the cache applet |
| - BUG/MEDIUM: compression/htx: Fix the adding of the last data block |
| - MINOR: flt_trace: Don't scrash the original offset during the random forwarding |
| - MAJOR: htx: Rework how free rooms are tracked in an HTX message |
| - MINOR: htx: Add the function htx_move_blk_before() |
| - Revert "BUG/MEDIUM: H1: When upgrading, make sure we don't free the buffer too early." |
| - BUG/MINOR: http-rules: mention "deny_status" for "deny" in the error message |
| - MINOR: http: turn default error files to HTTP/1.1 |
| - BUG/MEDIUM: h1: Don't try to subscribe if we had a connection error. |
| - BUG/MEDIUM: h1: Don't consider we're connected if the handshake isn't done. |
| - MINOR: contrib/spoa_server: Upgrade SPOP to 2.0 |
| - BUG/MEDIUM: contrib/spoa_server: Set FIN flag on agent frames |
| - MINOR: contrib/spoa_server: Add random IP score |
| - DOC/MINOR: contrib/spoa_server: Fix typo in README |
| |
| 2019/06/07 : 2.0-dev6 |
| - BUG/MEDIUM: connection: fix multiple handshake polling issues |
| - MINOR: connection: also stop receiving after a SOCKS4 response |
| - MINOR: mux-h1: don't try to recv() before the connection is ready |
| - BUG/MEDIUM: mux-h1: only check input data for the current stream, not next one |
| - MEDIUM: mux-h1: don't use CS_FL_REOS anymore |
| - CLEANUP: connection: remove the now unused CS_FL_REOS flag |
| - CONTRIB: debug: add 4 missing connection/conn_stream flags |
| - MEDIUM: stream: make a full process_stream() loop when completing I/O on exit |
| - MINOR: server: increase the default pool-purge-delay to 5 seconds |
| - BUILD: tools: do not use the weak attribute for trace() on obsolete linkers |
| - BUG/MEDIUM: vars: make sure the scope is always valid when accessing vars |
| - BUG/MEDIUM: vars: make the tcp/http unset-var() action support conditions |
| - BUILD: task: fix a build warning when threads are disabled |
| - CLEANUP: peers: Remove tabs characters. |
| - CLEANUP: peers: Replace hard-coded values by macros. |
| - BUG/MINOR: peers: Wrong stick-table update message building. |
| - MINOR: dict: Add dictionary new data structure. |
| - MINOR: peers: Add a LRU cache implementation for dictionaries. |
| - MINOR: stick-table: Add "server_name" new data type. |
| - MINOR: cfgparse: Space allocation for "server_name" stick-table data type. |
| - MINOR: proxy: Add a "server by name" tree to proxy. |
| - MINOR: server: Add a dictionary for server names. |
| - MINOR: stream: Stickiness server lookup by name. |
| - MINOR: peers: Make peers protocol support new "server_name" data type. |
| - MINOR: stick-table: Make the CLI stick-table handler support dictionary entry data type. |
| - REGTEST: Add a basic server by name stickiness reg test. |
| - MINOR: peers: Add dictionary cache information to "show peers" CLI command. |
| - MINOR: peers: Replace hard-coded for peer protocol 64-bits value encoding by macros. |
| - MINOR: peers: Replace hard-coded values for peer protocol messaging by macros. |
| - CLEANUP: ssl: remove unneeded defined(OPENSSL_IS_BORINGSSL) |
| - BUILD: travis-ci improvements |
| - MINOR: SSL: add client/server random sample fetches |
| - BUG/MINOR: channel/htx: Don't alter channel during forward for empty HTX message |
| - BUG/MINOR: contrib/prometheus-exporter: Add HTX data block in one time |
| - BUG/MINOR: mux-h1: errflag must be set on H1S and not H1M during output processing |
| - MEDIUM: mux-h1: refactor output processing |
| - MINOR: mux-h1: Add the flag HAVE_O_CONN on h1s |
| - MINOR: mux-h1: Add h1_eval_htx_hdrs_size() to estimate size of the HTX headers |
| - MINOR: mux-h1: Don't count the EOM in the estimated size of headers |
| - MEDIUM: cache/htx: Always store info about HTX blocks in the cache |
| - MEDIUM: htx: Add the parsing of trailers of chunked messages |
| - MINOR: htx: Don't use end-of-data blocks anymore |
| - BUG/MINOR: mux-h1: Don't send more data than expected |
| - BUG/MINOR: flt_trace/htx: Only apply the random forwarding on the message body. |
| - BUG/MINOR: peers: Wrong "server_name" decoding. |
| - BUG/MEDIUM: servers: Don't attempt to destroy idle connections if disabled. |
| - MEDIUM: checks: Make sure we unsubscribe before calling cs_destroy(). |
| - MEDIUM: connections: Wake the upper layer even if sending/receiving is disabled. |
| - MEDIUM: ssl: Handle subscribe by itself. |
| - MINOR: ssl: Make ssl_sock_handshake() static. |
| - MINOR: connections: Add a new xprt method, remove_xprt. |
| - MINOR: connections: Add a new xprt method, add_xprt(). |
| - MEDIUM: connections: Introduce a handshake pseudo-XPRT. |
| - MEDIUM: connections: Remove CONN_FL_SOCK* |
| - BUG/MEDIUM: ssl: Don't forget to initialize ctx->send_recv and ctx->recv_wait. |
| - BUG/MINOR: peers: Wrong server name parsing. |
| - MINOR: server: really increase the pool-purge-delay default to 5 seconds |
| - BUG/MINOR: stream: don't emit a send-name-header in conn error or disconnect states |
| - MINOR: stream-int: use bit fields to match multiple stream-int states at once |
| - MEDIUM: stream-int: remove dangerous interval checks for stream-int states |
| - MEDIUM: stream-int: introduce a new state SI_ST_RDY |
| - MAJOR: stream-int: switch from SI_ST_CON to SI_ST_RDY on I/O |
| - MEDIUM: stream-int: make idle-conns switch to ST_RDY |
| - MEDIUM: stream: re-arrange the connection setup status reporting |
| - MINOR: stream-int: split si_update() into si_update_rx() and si_update_tx() |
| - MINOR: stream-int: make si_sync_send() from the send code of si_update_both() |
| - MEDIUM: stream: rearrange the events to remove the loop |
| - MEDIUM: stream: only loop on flags relevant to the analysers |
| - MEDIUM: stream: don't abusively loop back on changes on CF_SHUT*_NOW |
| - BUILD: stream-int: avoid a build warning in dev mode in si_state_bit() |
| - BUILD: peers: fix a build warning about an incorrect intiialization |
| - BUG/MINOR: time: make sure only one thread sets global_now at boot |
| - BUG/MEDIUM: tcp: Make sure we keep the polling consistent in tcp_probe_connect. |
| |
| 2019/06/02 : 2.0-dev5 |
| - BUILD: watchdog: use si_value.sival_int, not si_int for the timer's value |
| - BUILD: signals: FreeBSD has SI_LWP instead of SI_TKILL |
| - BUILD: watchdog: condition it to USE_RT |
| - MINOR: raw_sock: report global traffic statistics |
| - MINOR: stats: report the global output bit rate in human readable form |
| - BUG/MINOR: proto-htx: Try to keep connections alive on redirect |
| - BUG/MEDIUM: spoe: Don't use the SPOE applet after releasing it |
| - BUG/MINOR: lua: Set right direction and flags on new HTTP objects |
| - BUG/MINOR: mux-h2: Count EOM in bytes sent when a HEADERS frame is formatted |
| - BUG/MINOR: mux-h1: Report EOI instead EOS on parsing error or H2 upgrade |
| - BUG/MEDIUM: proto-htx: Not forward too much data when 1xx reponses are handled |
| - BUG/MINOR: htx: Remove a forgotten while loop in htx_defrag() |
| - DOC: fix typos |
| - BUG/MINOR: ssl_sock: Fix memory leak when disabling compression |
| - OPTIM: freq-ctr: don't take the date lock for most updates |
| - MEDIUM: mux-h2: avoid doing expensive buffer realigns when not absolutely needed |
| - CLEANUP: debug: remove the TRACE() macro |
| - MINOR: buffer: introduce b_make() to make a buffer from its parameters |
| - MINOR: buffer: add a new buffer ring API to manipulate rings of buffers |
| - MEDIUM: mux-h2: replace all occurrences of mbuf with a buffer ring |
| - MEDIUM: mux-h2: make the conditions to send based on mbuf, not just its tail |
| - MINOR: mux-h2: introduce h2_release_mbuf() to release all buffers in the mbuf ring |
| - MEDIUM: mux-h2: make the send() function iterate over all mux buffers |
| - CLEANUP: mux-h2: consistently use a local variable for the mbuf |
| - MINOR: mux-h2: report the mbuf's head and tail in "show fd" |
| - MAJOR: mux-h2: switch to next mux buffer on buffer full condition. |
| - BUILD: connections: shut up gcc about impossible out-of-bounds warning |
| - BUILD: ssl: fix latest LibreSSL reg-test error |
| - MINOR: cli/activity: remove "fd_del" and "fd_skip" from show activity |
| - MINOR: cli/activity: add 3 general purpose counters in development mode |
| - BUG/MAJOR: lb/threads: make sure the avoided server is not full on second pass |
| - BUG/MEDIUM: queue: fix the tree walk in pendconn_redistribute. |
| - BUG/MEDIUM: threads: fix double-word CAS on non-optimized 32-bit platforms |
| - MEDIUM: config: now alert when two servers have the same name |
| - MINOR: htx: Remove the macro IS_HTX_SMP() and always use IS_HTX_STRM() instead |
| - MINOR: htx: Move the macro IS_HTX_STRM() in proto/stream.h |
| - MINOR: htx: Store the head position instead of the wrap one |
| - MINOR: htx: Store start-line block's position instead of address of its payload |
| - MINOR: htx: Add functions to get the first block of an HTX message |
| - MINOR: mux-h2/htx: Get the start-line from the head when HEADERS frame is built |
| - MINOR: htx: Replace the function http_find_stline() by http_get_stline() |
| - CLEANUP: htx: Remove unused function htx_get_stline() |
| - MINOR: http/htx: Use sl_pos directly to replace the start-line |
| - MEDIUM: http/htx: Perform analysis relatively to the first block |
| - MINOR: channel/htx: Call channel_htx_recv_max() from channel_recv_max() |
| - MINOR: htx: Add function htx_get_max_blksz() |
| - BUG/MINOR: htx: Change htx_xfer_blk() to also count metadata |
| - MEDIUM: mux-h1: Use the count value received from the SI in h1_rcv_buf() |
| - MINOR: mux-h2: Use the count value received from the SI in h2_rcv_buf() |
| - MINOR: stream-int: Don't use the flag CO_RFL_KEEP_RSV anymore in si_cs_recv() |
| - MINOR: connection: Remove the unused flag CO_RFL_KEEP_RSV |
| - MINOR: mux-h2/htx: Support zero-copy when possible in h2_rcv_buf() |
| - MINOR: htx: Add a field to set the memory used by headers in the HTX start-line |
| - MINOR: h2/htx: Set hdrs_bytes on the SL when an HTX message is produced |
| - MINOR: mux-h1: Set hdrs_bytes on the SL when an HTX message is produced |
| - MINOR: htx: Be sure to xfer all headers in one time in htx_xfer_blks() |
| - MEDIUM: htx: 1xx messages are now part of the final reponses |
| - MINOR: channel/htx: Add function to forward headers of an HTX message |
| - MINOR: filters/htx: Use channel_htx_fwd_headers() after headers filtering |
| - MINOR: proto-htx: Use channel_htx_fwd_headers() to forward 1xx responses |
| - MEDIUM: htx: Store the first block position instead of the start-line one |
| - MINOR: stats/htx: don't use the first block position but the head one |
| - MINOR: channel/htx: Add functions to forward a part or all HTX payload |
| - MINOR: proto-htx: Use channel_htx_fwd_all() when unfiltered body are forwarded |
| - MEDIUM: filters/htx: Filter body relatively to the first block |
| - MINOR: htx: Optimize htx_drain() when all data are drained |
| - MINOR: htx: don't rely on htx_find_blk() anymore in the function htx_truncate() |
| - MINOR: htx: remove the unused function htx_find_blk() |
| - MINOR: htx: Remove support of pseudo headers because it is unused |
| - BUG/MEDIUM: http: fix "http-request reject" when not final |
| - MINOR: ssl: Make sure the underlying xprt's init method doesn't fail. |
| - MINOR: ssl: Don't forget to call the close method of the underlying xprt. |
| - MINOR: htx: rename htx_append_blk_value() to htx_add_data_atonce() |
| - MINOR: htx: make htx_add_data() return the transmitted byte count |
| - MEDIUM: htx: make htx_add_data() never defragment the buffer |
| - MINOR: activity: write totals on the "show activity" output |
| - MINOR: activity: report totals and average separately |
| - MEDIUM: poller: separate the wait time from the wake events |
| - MINOR: activity: report the number of failed pool/buffer allocations |
| - MEDIUM: buffers: relax the buffer lock a little bit |
| - MINOR: task: turn the WQ lock to an RW_LOCK |
| - MEDIUM: task: don't grab the WR lock just to check the WQ |
| - BUG/MEDIUM: mux-h1: Don't skip the TCP splicing when there is no more data to read |
| - MEDIUM: sessions: Introduce session flags. |
| - BUG/MEDIUM: h2: Don't forget to set h2s->cs to NULL after having free'd cs. |
| - BUG/MEDIUM: mux-h2: fix the conditions to end the h2_send() loop |
| - BUG/MEDIUM: mux-h2: don't refrain from offering oneself a used buffer |
| - BUG/MEDIUM: connection: Use the session to get the origin address if needed. |
| - MEDIUM: tasks: Get rid of active_tasks_mask. |
| - MEDIUM: connection: Upstream SOCKS4 proxy support |
| - BUILD: contrib/prometheus: fix build breakage caused by move of idle_pct |
| - BUG/MINOR: deinit/threads: make hard-stop-after perform a clean exit |
| |
| 2019/05/22 : 2.0-dev4 |
| - BUILD: enable freebsd builds on cirrus-ci |
| - BUG/MINOR: http_fetch: Rely on the smp direction for "cookie()" and "hdr()" |
| - MEDIUM: Make 'option forceclose' actually warn |
| - MEDIUM: Make 'resolution_pool_size' directive fatal |
| - DOC: management: place "show activity" at the right place |
| - MINOR: cli/activity: show the dumping thread ID starting at 1 |
| - MINOR: task: export global_task_mask |
| - MINOR: cli/debug: add a thread dump function |
| - BUG/MEDIUM: streams: Don't use CF_EOI to decide if the request is complete. |
| - BUG/MEDIUM: streams: Try to L7 retry before aborting the connection. |
| - BUG/MINOR: debug: make ha_task_dump() always check the task before dumping it |
| - BUG/MINOR: debug: make ha_task_dump() actually dump the requested task |
| - MINOR: debug: make ha_thread_dump() and ha_task_dump() take a buffer |
| - BUG/MINOR: debug: don't check the call date on tasklets |
| - MINOR: thread: implement ha_thread_relax() |
| - MINOR: task: put barriers after each write to curr_task |
| - MINOR: task: always reset curr_task when freeing a task or tasklet |
| - MINOR: stream: detach the stream from its own task on stream_free() |
| - MEDIUM: debug/threads: implement an advanced thread dump system |
| - REGTEST: extend the check duration on tls_health_checks and mark it slow |
| - DOC: fix "successful" typo |
| - MINOR: init: setenv HAPROXY_CFGFILES |
| - MINOR: threads/init: synchronize the threads startup |
| - MEDIUM: init/mworker: make the pipe register function a regular initcall |
| - CLEANUP: memory: make the fault injection code use the OTHER_LOCK label |
| - CLEANUP: threads: remove the now unused START_LOCK label |
| - MINOR: init/threads: make the global threads an array of structs |
| - MINOR: threads: add each thread's clockid into the global thread_info |
| - CLEANUP: stream: remove an obsolete debugging test |
| - MINOR: tools: add dump_hex() |
| - MINOR: debug: implement ha_panic() |
| - MINOR: debug/cli: add some debugging commands for developers |
| - MINOR: tools: provide a may_access() function and make dump_hex() use it |
| - MINOR: debug: make ha_panic() report threads starting at 1 |
| - REORG: compat: move some integer limit definitions from standard.h to compat.h |
| - REORG: threads: move the struct thread_info from global.h to hathreads.h |
| - MINOR: compat: make sure to always define clockid_t |
| - MINOR: threads: always place the clockid in the struct thread_info |
| - MINOR: threads: add a thread-local thread_info pointer "ti" |
| - MINOR: time: move the cpu, mono, and idle time to thread_info |
| - MINOR: time: add a function to retrieve another thread's cputime |
| - MINOR: debug: report each thread's cpu usage in "show thread" |
| - BUILD: threads: only assign the clock_id when supported |
| - BUILD: makefile: use USE_OBSOLETE_LINKER for solaris |
| - BUILD: makefile: remove -fomit-frame-pointer optimisation (solaris) |
| - MAJOR: polling: add event ports support (Solaris) |
| - BUG/MEDIUM: streams: Don't switch from SI_ST_CON to SI_ST_DIS on read0. |
| - CLEANUP: time: refine the test on _POSIX_TIMERS |
| - MINOR: compat: define a new empty type empty_t for non-implemented fields |
| - CLEANUP: time: switch clockid_t to empty_t when not available |
| - BUG/MINOR: mworker: Fix memory leak of mworker_proc members |
| - CLEANUP: objtype: make obj_type() and obj_type_name() take consts |
| - MINOR: debug: switch to SIGURG for thread dumps |
| - CLEANUP: threads: really move thread_info to hathreads.c |
| - MINOR: threads: make threads_{harmless|want_rdv}_mask constant 0 without threads |
| - CLEANUP: debug: always report harmless/want_rdv even without threads |
| - MINOR: threads: implement ha_tkill() and ha_tkillall() |
| - CLEANUP: debug: make use of ha_tkill() and remove ifdefs |
| - MINOR: stream: introduce a stream_dump() function and use it in stream_dump_and_crash() |
| - MINOR: debug: dump streams when an applet, iocb or stream is known |
| - MINOR: threads: add a "stuck" flag to the thread_info struct |
| - MINOR: threads: add a timer_t per thread in thread_info |
| - MAJOR: watchdog: implement a thread lockup detection mechanism |
| - MINOR: stream: remove the cpu time detection from process_stream() |
| - MINOR: connection: report the mux names in "haproxy -vv" |
| - CLEANUP: mux-h1: use "H1" and not "h1" as the mux's name |
| - BUG/MEDIUM: WURFL: segfault in wurfl-get() with missing info. |
| - MINOR: WURFL: call header_retireve_callback() in dummy library |
| - MINOR: WURFL: fixed Engine load failed error when wurfl-information-list contains wurfl_root_id |
| - MINOR: WURFL: shows log messages during module initialization |
| - MINOR: WURFL: removes heading wurfl-information-separator from wurfl-get-all() and wurfl-get() results |
| - MINOR: WURFL: wurfl_get() and wurfl_get_all() now return an empty string if device detection fails |
| - MEDIUM: WURFL: HTX awareness. |
| - MINOR: WURFL: module version bump to 2.0 |
| - MINOR: WURFL: do not emit warnings when not configured |
| - CONTRIB: wurfl: address 3 build issues in the wurfl dummy library |
| - BUG/MEDIUM: init/threads: provide per-thread alloc/free function callbacks |
| - BUILD: travis: add sanitizers to travis-ci builds |
| - BUILD: time: remove the test on _POSIX_C_SOURCE |
| - CLEANUP: build: rename some build macros to use the USE_* ones |
| - CLEANUP: raw_sock: remove support for very old linux splice bug workaround |
| - BUG/MEDIUM: dns: make the port numbers unsigned |
| - MEDIUM: config: deprecate the antique req* and rsp* commands |
| |
| 2019/05/15 : 2.0-dev3 |
| - BUG/MINOR: peers: Really close the sessions with no heartbeat. |
| - CLEANUP: peers: remove useless annoying tabulations. |
| - CLEANUP: peers: replace timeout constants by macros. |
| - REGTEST: Enable again reg tests with HEAD HTTP method usage. |
| - DOC: The option httplog is no longer valid in a backend. |
| - DOC: peers: Peers protocol documentation update. |
| - REGTEST: remove unexpected "nbthread" statement from Lua test cases |
| - BUILD: Makefile: remove 11-years old workarounds for deprecated options |
| - BUILD: remove 10-years old error message for obsolete option USE_TCPSPLICE |
| - BUILD: Makefile: remove outdated support for dlmalloc |
| - BUILD: Makefile: consider a variable's origin and not its value for the options list |
| - BUILD: Makefile: also report disabled options in the BUILD_OPTIONS variable |
| - BUILD: Makefile: shorten default settings declaration |
| - BUILD: Makefile: clean up the target declarations |
| - BUILD: report the whole feature set with their status in haproxy -vv |
| - BUILD: pass all "USE_*" variables as -DUSE_* to the compiler |
| - REGTEST: script: make the script use the new features list |
| - REGTEST: script: remove platform-specific assigments of OPTIONS |
| - BUG/MINOR: peers: Missing initializations after peer session shutdown. |
| - BUG/MINOR: contrib/prometheus-exporter: Fix applet accordingly to recent changes |
| - BUILD/MINOR: listener: Silent a few signedness warnings. |
| - BUG/MINOR: mux-h1: Only skip invalid C-L headers on output |
| - BUG/MEDIUM: mworker: don't free the wrong child when not found |
| - BUG/MEDIUM: checks: Don't bother subscribing if we have a connection error. |
| - BUG/MAJOR: checks: segfault during tcpcheck_main |
| - BUILD: makefile: work around an old bug in GNU make-3.80 |
| - BUILD: makefile: work around another bug in make 3.80 |
| - BUILD: http: properly mark some struct as extern |
| - BUILD: chunk: properly declare pool_head_trash as extern |
| - BUILD: cache: avoid a build warning with some compilers/linkers |
| - MINOR: tools: make memvprintf() never pass a NULL target to vsnprintf() |
| - MINOR: tools: add an unsetenv() implementation |
| - BUILD: re-implement an initcall variant without using executable sections |
| - BUILD: use inttypes.h instead of stdint.h |
| - BUILD: connection: fix naming of ip_v field |
| - BUILD: makefile: fix build of IPv6 header on aix51 |
| - BUILD: makefile: add _LINUX_SOURCE_COMPAT to build on AIX-51 |
| - BUILD: define unsetenv on AIX 5.1 |
| - BUILD: Makefile: disable shared cache on AIX 5.1 |
| - MINOR: ssl: Add aes_gcm_dec converter |
| - REORG: mworker: move serializing functions to mworker.c |
| - REORG: mworker: move signals functions to mworker.c |
| - REORG: mworker: move IPC functions to mworker.c |
| - REORG: mworker: move signal handlers and related functions |
| - REORG: mworker: move mworker_cleanlisteners to mworker.c |
| - MINOR: mworker: calloc mworker_proc structures |
| - MINOR: mworker: don't use children variable anymore |
| - MINOR: cli: export cli_parse_default() definition in cli.h |
| - REORG: mworker/cli: move CLI functions to mworker.c |
| - MEDIUM: mworker-prog: implement program for master-worker |
| - MINOR: mworker/cli: show programs in 'show proc' |
| - BUG/MINOR: cli: correctly handle abns in 'show cli sockets' |
| - MINOR: cli: start addresses by a prefix in 'show cli sockets' |
| - MINOR: cli: export HAPROXY_CLI environment variable |
| - BUG/MINOR: htx: Preserve empty HTX messages with an unprocessed parsing error |
| - BUG/MINOR: proto_htx: Reset to_forward value when a message is set to DONE |
| - REGTEST: http-capture/h00000: Relax a regex matching the log message |
| - REGTEST: http-messaging/h00000: Fix the test when the HTX is enabled |
| - REGTEST: http-rules/h00003: Use a different client for requests expecting a 301 |
| - REGTEST: log/b00000: Be sure the client always hits its timeout |
| - REGTEST: lua/b00003: Relax the regex matching the log message |
| - REGTEST: lua/b00003: Specify the HAProxy pid when the command ss is executed |
| - BUG/MEDIUM: peers: fix a case where peer session is not cleanly reset on release. |
| - BUG/MEDIUM: h2: Don't attempt to recv from h2_process_demux if we subscribed. |
| - BUG/MEDIUM: htx: fix random premature abort of data transfers |
| - BUG/MEDIUM: streams: Don't remove the SI_FL_ERR flag in si_update_both(). |
| - BUG/MEDIUM: streams: Store prev_state before calling si_update_both(). |
| - BUG/MEDIUM: stream: Don't clear the stream_interface flags in si_update_both. |
| - MINOR: initcall: Don't forget to define the __start/stop_init_##stg symbols. |
| - MINOR: threads: Implement thread_cpus_enabled() for FreeBSD. |
| - BUG/MEDIUM: pattern: assign pattern IDs after checking the config validity |
| - MINOR: skip get_gmtime where tm is unused |
| - MINOR: ssl: Activate aes_gcm_dec converter for BoringSSL |
| - BUG/MEDIUM: streams: Only re-run process_stream if we're in a connected state. |
| - BUG/MEDIUM: stream_interface: Don't bother doing chk_rcv/snd if not connected. |
| - BUG/MEDIUM: task/threads: address a fairness issue between local and global tasks |
| - BUG/MINOR: tasks: make sure the first task to be queued keeps its nice value |
| - BUG/MINOR: listener: renice the accept ring processing task |
| - MINOR: cli/listener: report the number of accepts on "show activity" |
| - MINOR: cli/activity: report the accept queue sizes in "show activity" |
| - BUG/MEDIUM: spoe: Queue message only if no SPOE applet is attached to the stream |
| - BUG/MEDIUM: spoe: Return an error if nothing is encoded for fragmented messages |
| - BUG/MINOR: spoe: Be sure to set tv_request when each message fragment is encoded |
| - BUG/MEDIUM: htx: Defrag if blocks position is changed and the payloads wrap |
| - BUG/MEDIUM: htx: Don't crush blocks payload when append is done on a data block |
| - MEDIUM: htx: Deprecate the option 'http-tunnel' and ignore it in HTX |
| - MINOR: proto_htx: Don't adjust transaction mode anymore in HTX analyzers |
| - BUG/MEDIUM: htx: Fix the process of HTTP CONNECT with h2 connections |
| - MINOR: mux-h1: Simplify handling of 1xx responses |
| - MINOR: stats/htx: Don't add "Connection: close" header anymore in stats responses |
| - MEDIUM: h1: Add an option to sanitize connection headers during parsing |
| - MEDIUM: mux-h1: Simplify the connection mode management by sanitizing headers |
| - MINOR: mux-h1: Don't release the conn_stream anymore when h1s is destroyed |
| - BUG/MINOR: mux-h1: Handle the flag CS_FL_KILL_CONN during a shutdown read/write |
| - MINOR: mux-h2: Add a mux_ops dedicated to the HTX mode |
| - MINOR: muxes: Add a flag to specify a multiplexer uses the HTX |
| - MINOR: stream: Set a flag when the stream uses the HTX |
| - MINOR: http: update the macro IS_HTX_STRM() to check the stream flag SF_HTX |
| - MINOR: http_fetch/htx: Use stream flags instead of px mode in smp_prefetch_htx |
| - MINOR: filters/htx: Use stream flags instead of px mode to instanciate a filter |
| - MINOR: muxes: Rely on conn_is_back() during init to handle front/back conn |
| - MEDIUM: muxes: Add an optional input buffer during mux initialization |
| - MINOR: muxes: Pass the context of the mux to destroy() instead of the connection |
| - MEDIUM: muxes: Be prepared to don't own connection during the release |
| - MEDIUM: connection: Add conn_upgrade_mux_fe() to handle mux upgrades |
| - MEDIUM: htx: Allow the option http-use-htx to be used on TCP proxies too |
| - MAJOR: proxy/htx: Handle mux upgrades from TCP to HTTP in HTX mode |
| - MAJOR: muxes/htx: Handle inplicit upgrades from h1 to h2 |
| - MAJOR: htx: Enable the HTX mode by default for all proxies |
| - REGTEST: Use HTX by default and add '--no-htx' option to disable it |
| - BUG/MEDIUM: muxes: Don't dereference mux context if null in release functions |
| - CLEANUP: task: do not export rq_next anymore |
| - MEDIUM: tasks: improve fairness between the local and global queues |
| - MEDIUM: tasks: only base the nice offset on the run queue depth |
| - MINOR: tasks: restore the lower latency scheduling when niced tasks are present |
| - BUG/MEDIUM: map: Fix memory leak in the map converter |
| - BUG/MINOR: ssl: Fix 48 byte TLS ticket key rotation |
| - BUILD: task/thread: fix single-threaded build of task.c |
| - BUILD: cli/threads: fix build in single-threaded mode |
| - BUG/MEDIUM: muxes: Make sure we unsubcribed when destroying mux ctx. |
| - BUG/MEDIUM: h2: Make sure we're not already in the send_list in h2_subscribe(). |
| - BUG/MEDIUM: h2: Revamp the way send subscriptions works. |
| - MINOR: connections: Remove the SUB_CALL_UNSUBSCRIBE flag. |
| - BUG/MEDIUM: Threads: Only use the gcc >= 4.7 builtins when using gcc >= 4.7. |
| - BUILD: address a few cases of "static <type> inline foo()" |
| - BUILD: do not specify "const" on functions returning structs or scalars |
| - BUILD: htx: fix a used uninitialized warning on is_cookie2 |
| - MINOR: peers: Add a new command to the CLI for peers. |
| - DOC: update for "show peers" CLI command. |
| - BUG/MAJOR: lb/threads: fix insufficient locking on round-robin LB |
| - MEDIUM: mworker: store the leaving state of a process |
| - MEDIUM: mworker-prog: implements 'option start-on-reload' |
| - CLEANUP: mworker: remove the type field in mworker_proc |
| - MEDIUM: mworker/cli: export the HAPROXY_MASTER_CLI variable |
| - MINOR: cli: don't add a semicolon at the end of HAPROXY_CLI |
| - MINOR: mworker: export HAPROXY_MWORKER=1 when running in mworker mode |
| - MINOR: init: add a "set-dumpable" global directive to enable core dumps |
| - BUG/MINOR: listener/mq: correctly scan all bound threads under low load |
| - BUG/MINOR: mworker: mworker_kill should apply on every children |
| - BUG/MINOR: mworker: don't exit with an ambiguous value |
| - BUG/MINOR: mworker: ensure that we still quits with SIGINT |
| - REGTESTS: exclude tests that require ssl, pcre if no such feature is enabled |
| - BUG/MINOR: mux-h1: Process input even if the input buffer is empty |
| - BUG/MINOR: mux-h1: Don't switch the parser in busy mode if other side has done |
| - BUG/MEDIUM: mux-h1: Notify the stream waiting for TCP splicing if ibuf is empty |
| - BUG/MEDIUM: mux-h1: Enable TCP splicing to exchange data only |
| - MINOR: mux-h1: Handle read0 during TCP splicing |
| - BUG/MEDIUM: htx: Don't return the start-line if the HTX message is empty |
| - BUG/MAJOR: http_fetch: Get the channel depending on the keyword used |
| - BUG/MINOR: http_fetch/htx: Allow permissive sample prefetch for the HTX |
| - BUG/MINOR: http_fetch/htx: Use HTX versions if the proxy enables the HTX mode |
| - BUG/MEDIUM: tasks: Make sure we set TASK_QUEUED before adding a task to the rq. |
| - BUG/MEDIUM: tasks: Make sure we modify global_tasks_mask with the rq_lock. |
| - MINOR: tasks: Don't consider we can wake task with tasklet_wakeup(). |
| - MEDIUM: tasks: No longer use rq.node.leaf_p as a lock. |
| - MINOR: tasks: Don't set the TASK_RUNNING flag when adding in the tasklet list. |
| - BUG/MEDIUM: applets: Don't use task_in_rq(). |
| - BUG/MAJOR: task: make sure never to delete a queued task |
| - MINOR: task/thread: factor out a wake-up condition |
| - CLEANUP: task: remain consistent when using the task's handler |
| - MEDIUM: tasks: Merge task_delete() and task_free() into task_destroy(). |
| - MEDIUM: tasks: Don't account a destroyed task as a runned task. |
| - BUG/MINOR: contrib/prometheus-exporter: Fix a typo in the run-queue metric type |
| - MINOR: contrib/prometheus-exporter: Remove usless rate metrics |
| - MINOR: contrib/prometheus-exporter: Rename some metrics to be more usable |
| - MINOR: contrib/prometheus-exporter: Follow best practices about metrics type |
| - BUG/MINOR: mworker: disable busy polling in the master process |
| - MEDIUM: tasks: Use __ha_barrier_store after modifying global_tasks_mask. |
| - MEDIUM: ssl: Give ssl_sock its own context. |
| - MEDIUM: connections: Move some fields from struct connection to ssl_sock_ctx. |
| - MEDIUM: ssl: provide its own subscribe/unsubscribe function. |
| - MEDIUM: connections: Provide a xprt_ctx for each xprt method. |
| - MEDIUM: ssl: provide our own BIO. |
| - BUILD/medium: ssl: Fix build with OpenSSL < 1.1.0 |
| - MINOR: peers: adds counters on show peers about tasks calls. |
| - MEDIUM: enable travis-ci builds |
| - MINOR: fd: Add a counter of used fds. |
| - MEDIUM: connections: Add a way to control the number of idling connections. |
| - BUG/MEDIUM: maps: only try to parse the default value when it's present |
| - BUG/MINOR: acl: properly detect pattern type SMP_T_ADDR |
| - REGTEST: Missing REQUIRE_VERSION declarations. |
| - MINOR: proto_tcp: tcp-request content: enable set-dst and set-dst-var |
| - BUG/MEDIUM: h1: Don't parse chunks CRLF if not enough data are available |
| - BUG/MEDIUM: thread/http: Add missing locks in set-map and add-acl HTTP rules |
| - BUG/MEDIUM: stream: Don't request a server connection if a shutw was scheduled |
| - BUG/MINOR: 51d: Get the request channel to call CHECK_HTTP_MESSAGE_FIRST() |
| - BUG/MINOR: da: Get the request channel to call CHECK_HTTP_MESSAGE_FIRST() |
| - MINOR: gcc: Fix a silly gcc warning in connect_server() |
| - MINOR: ssl/cli: async fd io-handlers printable on show fd |
| - Revert "CLEANUP: wurfl: remove dead, broken and unmaintained code" |
| - BUILD: add USE_WURFL to the list of known build options |
| - MINOR: wurfl: indicate in haproxy -vv the wurfl version in use |
| - BUILD: wurfl: build fix for 1.9/2.0 code base |
| - CLEANUP: wurfl: removed deprecated methods |
| - DOC: wurfl: added point of contact in MAINTAINERS file |
| - MINOR: wurfl: enabled multithreading mode |
| - MINOR: contrib: dummy wurfl library |
| - MINOR: dns: dns_requester structures are now in a memory pool |
| - MINOR: dns: move callback affection in dns_link_resolution() |
| - MINOR: obj_type: new object type for struct stream |
| - MINOR: action: new '(http-request|tcp-request content) do-resolve' action |
| - MINOR: log: Extract some code to send syslog messages. |
| - REGTEST: replace LEVEL option by a more human readable one. |
| - REGTEST: rename the reg test files. |
| - REGTEST: adapt some reg tests after renaming. |
| - REGTEST: make the "run-regtests" script search for tests in reg-tests by default |
| - BUG/MAJOR: stream: Missing DNS context initializations. |
| - BUG/MEDIUM: stream: Fix the way early aborts on the client side are handled |
| - BUG/MINOR: spoe: Don't systematically wakeup SPOE stream in the applet handler |
| - BUG/MEDIUM: ssl: Return -1 on recv/send if we got EAGAIN. |
| - BUG/MAJOR: lb/threads: fix AB/BA locking issue in round-robin LB |
| - BUG/MAJOR: muxes: Use the HTX mode to find the best mux for HTTP proxies only |
| - BUG/MINOR: htx: Exclude TCP proxies when the HTX mode is handled during startup |
| - CLEANUP: task: report calls as unsigned in show sess |
| - MINOR: tasks/activity: report the context switch and task wakeup rates |
| - MINOR: stream: measure and report a stream's call rate in "show sess" |
| - MINOR: applet: measure and report an appctx's call rate in "show sess" |
| - BUILD: extend Travis CI config to support more platforms |
| - REGTEST: exclude osx and generic targets for 40be_2srv_odd_health_checks |
| - REGTEST: relax the IPv6 address format checks in converters_ipmask_concat_strcmp_field_word |
| - REGTEST: exclude OSX and generic targets from abns_socket.vtc |
| - BUILD: travis: remove the "allow_failures" entry |
| - BUG/MINOR: activity: always initialize the profiling variable |
| - MINOR: activity: make the profiling status per thread and not global |
| - MINOR: activity: enable automatic profiling turn on/off |
| - CLEANUP: standard: use proper const to addr_to_str() and port_to_str() |
| - BUG/MINOR: proto_http: properly reset the stream's call rate on keep-alive |
| - MINOR: connection: make the debugging helper functions safer |
| - MINOR: stream/debug: make a stream dump and crash function |
| - MEDIUM: appctx/debug: force a crash if an appctx spins over itself forever |
| - MEDIUM: stream/debug: force a crash if a stream spins over itself forever |
| - MEDIUM: streams: measure processing time and abort when detecting bugs |
| - BUILD/MEDIUM: contrib: Dummy DeviceAtlas API. |
| - MEDIUM: da: HTX mode support. |
| - BUG/MEDIUM: mux-h2: properly deal with too large headers frames |
| - BUG/MINOR: http: Call stream_inc_be_http_req_ctr() only one time per request |
| - BUG/MEDIUM: spoe: arg len encoded in previous frag frame but len changed |
| - MINOR: spoe: Use the sample context to pass frag_ctx info during encoding |
| - DOC: contrib/modsecurity: Typos and fix the reject example |
| - BUG/MEDIUM: contrib/modsecurity: If host header is NULL, don't try to strdup it |
| - MINOR: log: Add "sample" new keyword to "log" lines. |
| - MINOR: log: Enable the log sampling and load-balancing feature. |
| - DOC: log: Document the sampling and load-balancing logging feature. |
| - REGTEST: Add a new reg test for log load-balancing feature. |
| - BUG/MAJOR: map/acl: real fix segfault during show map/acl on CLI |
| - REGTEST: Make this reg test be Linux specific. |
| - CLEANUP: task: move the task_per_thread definition to task.h |
| - MINOR: activity: report context switch counts instead of rates |
| - MINOR: threads: Implement HA_ATOMIC_LOAD(). |
| - BUG/MEDIUM: port_range: Make the ring buffer lock-free. |
| - BUG/MEDIUM: listener: Fix how unlimited number of consecutive accepts is handled |
| - MINOR: config: Test validity of tune.maxaccept during the config parsing |
| - CLEANUP: config: Don't alter listener->maxaccept when nbproc is set to 1 |
| - BUG/MEDIUM: servers: fix typo "src" instead of "srv" |
| - BUG/MEDIUM: ssl: Don't pretend we can retry a recv/send if we got a shutr/w. |
| - BUG/MINOR: haproxy: fix rule->file memory leak |
| - BUG/MINOR: log: properly free memory on logformat parse error and deinit() |
| - BUG/MINOR: checks: free memory allocated for tasklets |
| - BUG/MEDIUM: pattern: fix memory leak in regex pattern functions |
| - BUG/MEDIUM: channels: Don't forget to reset output in channel_erase(). |
| - BUG/MEDIUM: connections: Make sure we remove CO_FL_SESS_IDLE on disown. |
| - MINOR: threads: flatten the per-thread cpu-map |
| - MINOR: init/threads: remove the useless tids[] array |
| - MINOR: init/threads: make the threads array global |
| - BUG/MEDIUM: ssl: Use the early_data API the right way. |
| - BUG/MEDIUM: streams: Don't add CF_WRITE_ERROR if early data were rejected. |
| - MEDIUM: streams: Add the ability to retry a request on L7 failure. |
| - MEDIUM: streams: Add a way to replay failed 0rtt requests. |
| - MEDIUM: streams: Add a new keyword for retry-on, "junk-response" |
| - BUG/MINOR: stream: also increment the retry stats counter on L7 retries |
| - BUG/MEDIUM: checks: make sure the warmup task takes the server lock |
| - BUG/MINOR: logs/threads: properly split the log area upon startup |
| - BUILD: extend travis-ci matrix |
| - CLEANUP: Remove appsession documentation |
| - DOC: Fix typo in keyword matrix |
| - BUILD: remove "build_libressl" duplicate declaration |
| - BUILD: travis-ci: get back to osx without openssl support |
| - BUILD: enable several LibreSSL hacks, including |
| - BUILD: temporarily mark LibreSSL builds as allowed to fail |
| - BUILD: travis: TMPDIR replacement. |
| - BUG/MEDIUM: ssl: Don't attempt to use early data with libressl. |
| - MINOR: doc: Document allow-0rtt on the server line. |
| - MINOR: doc: Document the interaction of allow-0rtt and retry-on 0rtt-rejected. |
| - MEDIUM: proto: Change the prototype of the connect() method. |
| - MEDIUM: tcp: add the "tfo" option to support TCP fastopen on the server |
| - MINOR: config: Extract the code of "stick-table" line parsing. |
| - BUILD/MINOR: stick-table: Compilation fix. |
| - MEDIUM: stick-table: Stop handling stick-tables as proxies. |
| - MINOR: stick-tables: Add peers process binding computing. |
| - MINOR: stick-table: Add prefixes to stick-table names. |
| - MINOR: peers: Do not emit global stick-table names. |
| - DOC: Update for "table" lines in "peers" section. |
| - REGTEST: Add reg tests for "table" lines in "peers" sections. |
| - MEDIUM: regex: modify regex_comp() to atomically allocate/free the my_regex struct |
| - REGTEST: make the tls_health_checks test much faster |
| - REGTEST: make the "table in peers" test require v2.0 |
| - BUG/MINOR: mux-h2: rely on trailers output not input to turn them to empty data |
| - BUG/MEDIUM: h2/htx: always fail on too large trailers |
| - MEDIUM: mux-h2: discard contents that are to be sent after a shutdown |
| - BUG/MEDIUM: mux-h2/htx: never wait for EOM when processing trailers |
| - BUG/MEDIUM: h2/htx: never leave a trailers block alone with no EOM block |
| - REGTEST: Flag some slow reg tests. |
| - REGTEST: Reg tests file renaming. |
| - REGTEST: Wrong renaming for one reg test. |
| - REGTEST: Wrong assumption in IP:port logging test. |
| - BUG/MINOR: mworker/ssl: close OpenSSL FDs on reload |
| - MINOR: systemd: Use the variables from /etc/default/haproxy |
| - MINOR: systemd: Make use of master socket in systemd unit |
| - MINOR: systemd: support /etc/sysconfig/ for redhat based distrib |
| - BUG/MEDIUM: stick-table: fix regression caused by a change in proxy struct |
| - BUG/MEDIUM: tasks: fix possible segfault on task_destroy() |
| - CLEANUP: task: remove unneeded tests before task_destroy() |
| - MINOR: mworker: support a configurable maximum number of reloads |
| - BUG/MINOR: mux-h2: fix the condition to close a cs-less h2s on the backend |
| - BUG/MEDIUM: spoe: Be sure the sample is found before setting its context |
| - BUG/MINOR: mux-h1: Fix the parsing of trailers |
| - BUG/MINOR: htx: Never transfer more than expected in htx_xfer_blks() |
| - MINOR: htx: Split on DATA blocks only when blocks are moved to an HTX message |
| - MINOR: htx: Don't try to append a trailer block with the previous one |
| - MINOR: htx: Remove support for unused OOB HTX blocks |
| - BUILD: travis-ci bugfixes and improvements |
| - BUG/MEDIUM: servers: Don't use the same srv flag for cookie-set and TFO. |
| - BUG/MEDIUM: h2: Make sure we set send_list to NULL in h2_detach(). |
| - BUILD: ssl: fix again a libressl build failure after the openssl FD leak fix |
| - CLEANUP: ssl-sock: use HA_OPENSSL_VERSION_NUMBER instead of OPENSSL_VERSION_NUMBER |
| - BUILD: ssl: make libressl use its own version numbers |
| - CLEANUP: ssl: remove 57 occurrences of useless tests on LIBRESSL_VERSION_NUMBER |
| - MINOR: ssl: enable aes_gcm_dec on LibreSSL |
| - BUILD: ssl: fix libressl build again after aes-gcm-enc |
| - REORG: ssl: move openssl-compat from proto to common |
| - REORG: ssl: move some OpenSSL defines from ssl_sock to openssl-compat |
| - CLEANUP: ssl: never include openssl/*.h outside of openssl-compat.h anymore |
| - CLEANUP: ssl: make inclusion of openssl headers safe |
| - BUILD: add BoringSSL to travis-ci build matrix |
| - BUILD: threads: Add __ha_cas_dw fallback for single threaded builds |
| - BUG/MINOR: stream: Attach the read side on the response as soon as possible |
| - BUG/MEDIUM: http: Use pointer to the begining of input to parse message headers |
| - BUG/MEDIUM: h2: Don't check send_wait to know if we're in the send_list. |
| - BUG/MEDIUM: streams: Make sur SI_FL_L7_RETRY is set before attempting a retry. |
| - MEDIUM: streams: Add a new http action, disable-l7-retry. |
| - MINOR: streams: Introduce a new retry-on keyword, all-retryable-errors. |
| - BUG/MINOR: vars: Fix memory leak in vars_check_arg |
| - BUILD: travis-ci: make TMPDIR global variable in travis-ci |
| - CLEANUP: ssl: move the SSL_OP_* and SSL_MODE_* definitions to openssl-compat |
| - CLEANUP: ssl: remove ifdef around SSL_CTX_get_extra_chain_certs() |
| - CLEANUP: ssl: move all BIO_* definitions to openssl-compat |
| - BUILD: threads: fix again the __ha_cas_dw() definition |
| - BUG/MAJOR: mux-h2: do not add a stream twice to the send list |
| - Revert "BUG/MINOR: vars: Fix memory leak in vars_check_arg" |
| - BUG/MINOR: peers: Fix memory leak in cfg_parse_peers |
| - BUG/MINOR: htx: make sure to always initialize the HTTP method when parsing a buffer |
| - REGTEST: fix tls_health_checks random failures on MacOS in Travis-CI |
| - MINOR: spoe: Set the argument chunk size to 0 when SPOE variables are checked |
| - BUG/MINOR: vars: Fix memory leak in vars_check_arg |
| - BUG/MAJOR: ssl: segfault upon an heartbeat request |
| - MINOR: spoa-server: Clone the v1.7 spoa-example project |
| - MINOR: spoa-server: move some definition from spoa_server.c to spoa_server.h |
| - MINOR: spoa-server: Externalise debug functions |
| - MINOR: spoe-server: rename "worker" functions |
| - MINOR: spoa-server: Replace the thread init system by processes |
| - MINOR: spoa-server: With debug mode, start only one process |
| - MINOR: spoa-server: Allow registering external processes |
| - MINOR: spoa-server: Allow registering message processors |
| - MINOR: spoa-server: Load files |
| - MINOR: spoa-server: Prepare responses |
| - MINOR: spoa-server: Execute registered callbacks |
| - MINOR: spoa-server: Add Lua processing |
| - MINOR: spoa-server: Add python |
| - MINOR/DOC: spoe-server: Add documentation |
| - BUG/MEDIUM: connections: Don't forget to set xprt_ctx to NULL on close. |
| - MINOR: lists: add LIST_ADDED() to check if an element belongs to a list |
| - CLEANUP: mux-h2: use LIST_ADDED() instead of LIST_ISEMPTY() where relevant |
| - MINOR: mux-h2: add two H2S flags to report the need for shutr/shutw |
| - CLEANUP: mux-h2: simply use h2s->flags instead of ret in h2_deferred_shut() |
| - CLEANUP: connection: remove the handle field from the wait_event struct |
| - BUG/MINOR: log: Wrong log format initialization. |
| - BUG/MINOR: mux-h2: make the do_shut{r,w} functions more robust against retries |
| - BUG/MINOR: mworker: use after free when the PID not assigned |
| - MINOR: mux-h2: remove useless test on stream ID vs last in wake function |
| - MINOR: mux-h2: make h2_wake_some_streams() not depend on the CS flags |
| - MINOR: mux-h2: make h2s_wake_one_stream() the only function to deal with CS |
| - MINOR: mux-h2: make h2s_wake_one_stream() not depend on temporary CS flags |
| - BUG/MINOR: mux-h2: make sure to honor KILL_CONN in do_shut{r,w} |
| - CLEANUP: mux-h2: don't test for impossible CS_FL_REOS conditions |
| - MINOR: mux-h2: add macros to check multiple stream states at once |
| - MINOR: mux-h2: stop relying on CS_FL_REOS |
| - BUG/MEDIUM: mux-h2: Set EOI on the conn_stream during h2_rcv_buf() |
| - BUILD: debug: make gcc not complain on the ABORT_NOW() macro |
| - MINOR: debug: add a new BUG_ON macro |
| - MINOR: h2: Use BUG_ON() to enforce rules in subscribe/unsubscribe. |
| - MINOR: h1: Use BUG_ON() to enforce rules in subscribe/unsubscribe. |
| - MINOR: connections: Use BUG_ON() to enforce rules in subscribe/unsubscribe. |
| - BUILD: ist: turn the lower/upper case tables to literal on obsolete linkers |
| |
| 2019/03/26 : 2.0-dev2 |
| - CLEANUP: http: Remove unreachable code in parse_http_req_capture |
| - CLEANUP: stream: Remove bogus loop in conn_si_send_proxy |
| - MINOR: lists: Implement locked variations. |
| - MEDIUM: servers: Used a locked list for idle_orphan_conns. |
| - MEDIUM: servers: Reorganize the way idle connections are cleaned. |
| - BUG/MEDIUM: lists: Properly handle the case we're removing the first elt. |
| - MINOR: cfgparse: Add a cast to make gcc happier. |
| - BUG/MEDIUM: standard: Wrong reallocation size. |
| - BUG/MINOR: listener: keep accept rate counters accurate under saturation |
| - DOC: fix alphabetic ordering for "tune.fail-alloc" setting |
| - MAJOR: config: disable support for nbproc and nbthread in parallel |
| - MEDIUM: listener: keep a single thread-mask and warn on "process" misuse |
| - MAJOR: listener: do not hold the listener lock in listener_accept() |
| - MINOR: listener: maintain a per-thread count of the number of connections on a listener |
| - MINOR: tools: implement functions to look up the nth bit set in a mask |
| - MINOR: listener: pre-compute some thread counts per bind_conf |
| - MINOR: listener: implement multi-queue accept for threads |
| - MAJOR: listener: use the multi-queue for multi-thread listeners |
| - MINOR: activity: add accept queue counters for pushed and overflows |
| - MINOR: config: add global tune.listener.multi-queue setting |
| - MAJOR: threads: enable one thread per CPU by default |
| - DOC: update management.txt to reflect that threads are used by default |
| - BUG/MINOR: config: don't over-count the global maxsock value |
| - BUG/MEDIUM: list: fix the rollback on addq in the locked liss |
| - BUG/MEDIUM: list: fix LIST_POP_LOCKED's removal of the last pointer |
| - BUG/MEDIUM: list: add missing store barriers when updating elements and head |
| - MINOR: list: make the delete and pop operations idempotent |
| - MINOR: server: remove a few unneeded LIST_INIT calls after LIST_DEL_LOCKED |
| - BUG/MEDIUM: listener: use a self-locked list for the dequeue lists |
| - BUG/MEDIUM: listener: make sure the listener never accepts too many conns |
| - BUG/MEDIUM: list: correct fix for LIST_POP_LOCKED's removal of last element |
| - MINOR: listener: introduce listener_backlog() to report the backlog value |
| - MINOR: listener: do not needlessly set l->maxconn |
| - MINOR: proxy: do not change the listeners' maxconn when updating the frontend's |
| - MEDIUM: config: don't enforce a low frontend maxconn value anymore |
| - MINOR: peers: Add a message for heartbeat. |
| - MINOR: global: keep a copy of the initial rlim_fd_cur and rlim_fd_max values |
| - BUG/MINOR: init: never lower rlim_fd_max |
| - BUG/MINOR: checks: make external-checks restore the original rlim_fd_cur/max |
| - BUG/MINOR: mworker: be careful to restore the original rlim_fd_cur/max on reload |
| - MINOR: init: make the maxpipe computation more accurate |
| - MINOR: init: move some maxsock updates earlier |
| - MEDIUM: init: make the global maxconn default to what rlim_fd_cur permits |
| - REGTEST: fix a spurious "nbthread 4" in the connection test |
| - DOC: update the text related to the global maxconn value |
| - BUG/MAJOR: mux-h2: fix race condition between close on both ends |
| - MINOR: sample: Replace "req.ungrpc" smp fetch by a "ungrpc" converter. |
| - BUG/MEDIUM: list: fix again LIST_ADDQ_LOCKED |
| - MINOR: htx: unconditionally handle parsing errors in requests or responses |
| - MINOR: mux-h2: always pass HTX_FL_PARSING_ERROR between h2s and buf on RX |
| - BUG/MEDIUM: h2/htx: verify that :path doesn't contain invalid chars |
| - MINOR: sample: Code factorization "ungrpc" converter. |
| - MINOR: sample: Rework gRPC converter code. |
| - CLEANUP: wurfl: remove dead, broken and unmaintained code |
| - MINOR: config: relax the range checks on cpu-map |
| - BUG/MINOR: ssl: fix warning about ssl-min/max-ver support |
| - MINOR: sample: Extract some protocol buffers specific code. |
| - DOC: Remove tabs and fixed punctuation. |
| - MINOR: sample: Add a protocol buffers specific converter. |
| - REGTEST: Peers reg tests. |
| - REGTEST: Enable reg tests with HEAD HTTP method usage. |
| - MINOR: lists: add a LIST_DEL_INIT() macro |
| - MINOR: task: use LIST_DEL_INIT() to remove a task from the queue |
| - MINOR: listener: improve incoming traffic distribution |
| - MINOR: tools: implement my_flsl() |
| - MEDIUM: listener: change the LB algorithm again to use two round robins instead |
| - CLEANUP: listener: remove old thread bit mapping |
| - MINOR: listener: move thr_idx from the bind_conf to the listener |
| - BUG/MEDIUM: logs: Only attempt to free startup_logs once. |
| - BUG/MAJOR: config: Wrong maxconn adjustment. |
| - BUG/MEDIUM: 51d: fix possible segfault on deinit_51degrees() |
| - OPTIM: task: limit the impact of memory barriers in taks_remove_from_task_list() |
| - MINOR: fd: Remove debugging code. |
| - BUG/MEDIUM: listeners: Don't call fd_stop_recv() if fd_updt is NULL. |
| - MINOR: threads: Implement __ha_barrier_atomic*. |
| - MEDIUM: threads: Use __ATOMIC_SEQ_CST when using the newer atomic API. |
| - MINOR: threads: Add macros to do atomic operation with no memory barrier. |
| - MEDIUM: various: Use __ha_barrier_atomic* when relevant. |
| - MEDIUM: applets: Use the new _HA_ATOMIC_* macros. |
| - MEDIUM: xref: Use the new _HA_ATOMIC_* macros. |
| - MEDIUM: fd: Use the new _HA_ATOMIC_* macros. |
| - MEDIUM: freq_ctr: Use the new _HA_ATOMIC_* macros. |
| - MEDIUM: proxy: Use the new _HA_ATOMIC_* macros. |
| - MEDIUM: server: Use the new _HA_ATOMIC_* macros. |
| - MEDIUM: task: Use the new _HA_ATOMIC_* macros. |
| - MEDIUM: activity: Use the new _HA_ATOMIC_* macros. |
| - MEDIUM: backend: Use the new _HA_ATOMIC_* macros. |
| - MEDIUM: cache: Use the new _HA_ATOMIC_* macros. |
| - MEDIUM: checks: Use the new _HA_ATOMIC_* macros. |
| - MEDIUM: pollers: Use the new _HA_ATOMIC_* macros. |
| - MEDIUM: compression: Use the new _HA_ATOMIC_* macros. |
| - MEDIUM: spoe: Use the new _HA_ATOMIC_* macros. |
| - MEDIUM: threads: Use the new _HA_ATOMIC_* macros. |
| - MEDIUM: http: Use the new _HA_ATOMIC_* macros. |
| - MEDIUM: lb/threads: Use the new _HA_ATOMIC_* macros. |
| - MEDIUM: listeners: Use the new _HA_ATOMIC_* macros. |
| - MEDIUM: logs: Use the new _HA_ATOMIC_* macros. |
| - MEDIUM: memory: Use the new _HA_ATOMIC_* macros. |
| - MEDIUM: peers: Use the new _HA_ATOMIC_* macros. |
| - MEDIUM: proto_tcp: Use the new _HA_ATOMIC_* macros. |
| - MEDIUM: queues: Use the new _HA_ATOMIC_* macros. |
| - MEDIUM: sessions: Use the new _HA_ATOMIC_* macros. |
| - MEDIUM: ssl: Use the new _HA_ATOMIC_* macros. |
| - MEDIUM: stream: Use the new _HA_ATOMIC_* macros. |
| - MEDIUM: tcp_rules: Use the new _HA_ATOMIC_* macros. |
| - MEDIUM: time: Use the new _HA_ATOMIC_* macros. |
| - MEDIUM: vars: Use the new _HA_ATOMIC_* macros. |
| - MINOR: config: remove obsolete use of DEFAULT_MAXCONN at various places |
| - MINOR: config: continue to rely on DEFAULT_MAXCONN to set the minimum maxconn |
| - BUG/MEDIUM: list: fix incorrect pointer unlocking in LIST_DEL_LOCKED() |
| - BUG/MEDIUM: listener: make sure we don't pick stopped threads |
| - MEDIUM: list: Remove useless barriers. |
| - MEDIUM: list: Use _HA_ATOMIC_* |
| - MEDIUM: connections: Use _HA_ATOMIC_* |
| - BUG/MAJOR: tasks: Use the TASK_GLOBAL flag to know if we're in the global rq. |
| - BUG/MEDIUM: threads/fd: do not forget to take into account epoll_fd/pipes |
| - BUG/MEDIUM: init/threads: consider epoll_fd/pipes for automatic maxconn calculation |
| - BUG/MEDIUM: tasks: Make sure we wake sleeping threads if needed. |
| - BUG/MINOR: mux-h1: Don't report an error on EOS if no message was received |
| - BUG/MINOR: stats/htx: Call channel_add_input() when response headers are sent |
| - BUG/MINOR: lua/htx: Use channel_add_input() when response data are added |
| - BUG/MINOR: lua/htx: Don't forget to call htx_to_buf() when appropriate |
| - MINOR: stats: Add the status code STAT_STATUS_IVAL to handle invalid requests |
| - MINOR: stats: Move stuff about the stats status codes in stats files |
| - BUG/MINOR: stats: Be more strict on what is a valid request to the stats applet |
| - Revert "REGTEST: Enable reg tests with HEAD HTTP method usage." |
| - BUILD: listener: shut up a build warning when threads are disabled |
| - BUILD: Makefile: allow the reg-tests target to be verbose |
| - BUILD: Makefile: resolve LEVEL before calling run-regtests |
| - BUG/MAJOR: spoe: Fix initialization of thread-dependent fields |
| - BUG/MAJOR: stats: Fix how huge POST data are read from the channel |
| - BUG/MINOR: http/counters: fix missing increment of fe->srv_aborts |
| - BUG/MEDIUM: mux-h2: Always wakeup streams with no id to avoid frozen streams |
| - MINOR: mux-h2: Set REFUSED_STREAM error to reset a stream if no data was never sent |
| - MINOR: muxes: Report the Last read with a dedicated flag |
| - MINOR: proto-http/proto-htx: Make error handling clearer during data forwarding |
| - BUILD: tools: fix a build warning on some 32-bit archs |
| - MINOR: init: report the list of optionally available services |
| - MEDIUM: proto_htx: Switch to infinite forwarding if there is no data filter |
| - BUG/MINOR: cache: Fully consume large requests in the cache applet |
| - BUG/MINOR: stats: Fully consume large requests in the stats applet |
| - BUG/MEDIUM: lua: Fully consume large requests when an HTTP applet ends |
| - MINOR: proto_http: Add function to handle the header "Expect: 100-continue" |
| - MINOR: proto_htx: Add function to handle the header "Expect: 100-continue" |
| - MINOR: stats/cache: Handle the header Expect when applets are registered |
| - MINOR: http/applets: Handle all applets intercepting HTTP requests the same way |
| - CLEANUP: cache: don't export http_cache_applet anymore |
| - MINOR: lua: Don't handle the header Expect in lua HTTP applets anymore |
| - BUG/MINOR: doc: Be accurate on the behavior on pool-purge-delay. |
| - Revert "MEDIUM: proto_htx: Switch to infinite forwarding if there is no data filter" |
| - BUG/MEDIUM: mux-h2: Make sure we destroyed the h2s once shutr/shutw is done. |
| - BUG/MEDIUM: mux-h2: Don't bother keeping the h2s if detaching and nothing to send. |
| - BUG/MEDIUM: mux-h2: Use the right list in h2_stop_senders(). |
| - MINOR: mux-h2: copy small data blocks more often and reduce the number of pauses |
| - CLEANUP: mux-h2: add some comments to help understand the code |
| - BUG/MEDIUM: ssl: ability to set TLS 1.3 ciphers using ssl-default-server-ciphersuites |
| - BUG/MINOR: log: properly format IPv6 address when LOG_OPT_HEXA modifier is used. |
| - BUG/MEDIUM: h2: Try to be fair when sending data. |
| - BUG/MINOR: proto-http: Don't forward request body anymore on error |
| - MINOR: mux-h2: Remove useless test on ES flag in h2_frt_transfer_data() |
| - MINOR: connection: and new flag to mark end of input (EOI) |
| - MINOR: channel: Report EOI on the input channel if it was reached in the mux |
| - MEDIUM: mux-h2: Don't mix the end of the message with the end of stream |
| - MINOR: mux-h1: Set CS_FL_EOI the end of the message is reached |
| - BUG/MEDIUM: http/htx: Fix handling of the option abortonclose |
| - CLEANUP: muxes/stream-int: Remove flags CS_FL_READ_NULL and SI_FL_READ_NULL |
| - MEDIUM: proto_htx: Reintroduce the infinite forwarding on data |
| - BUG/MEDIUM: h2: only destroy the h2s if h2s->cs is NULL. |
| - BUG/MEDIUM: h2: Use the new sending_list in h2s_notify_send(). |
| - BUG/MEDIUM: h2: Follow the same logic in h2_deferred_shut than in h2_snd_buf. |
| - BUG/MEDIUM: h2: Remove the tasklet from the task list if unsubscribing. |
| - BUG/MEDIUM: task/h2: add an idempotent task removal fucntion |
| - CLEANUP: task: only perform a LIST_DEL() when the list is not empty |
| - BUG/MEDIUM: mux-h2: make sure to always notify streams of EOS condition |
| - CONTRIB: debug: report the CS and CF's EOI flags |
| - MINOR: channel: don't unset CF_SHUTR_NOW after shutting down. |
| |
| 2019/02/26 : 2.0-dev1 |
| - MINOR: mux-h2: only increase the connection window with the first update |
| - REGTESTS: remove the expected window updates from H2 handshakes |
| - BUG/MINOR: mux-h2: make empty HEADERS frame return a connection error |
| - BUG/MEDIUM: mux-h2: mark that we have too many CS once we have more than the max |
| - MEDIUM: mux-h2: remove padlen during headers phase |
| - MINOR: h2: add a bit-based frame type representation |
| - MINOR: mux-h2: remove useless check for empty frame length in h2s_decode_headers() |
| - MEDIUM: mux-h2: decode HEADERS frames before allocating the stream |
| - MINOR: mux-h2: make h2c_send_rst_stream() use the dummy stream's error code |
| - MINOR: mux-h2: add a new dummy stream for the REFUSED_STREAM error code |
| - MINOR: mux-h2: fail stream creation more cleanly using RST_STREAM |
| - MINOR: buffers: add a new b_move() function |
| - MINOR: mux-h2: make h2_peek_frame_hdr() support an offset |
| - MEDIUM: mux-h2: handle decoding of CONTINUATION frames |
| - CLEANUP: mux-h2: remove misleading comments about CONTINUATION |
| - BUG/MEDIUM: servers: Don't try to reuse connection if we switched server. |
| - BUG/MEDIUM: tasks: Decrement tasks_run_queue in tasklet_free(). |
| - BUG/MINOR: htx: send the proper authenticate header when using http-request auth |
| - BUG/MEDIUM: mux_h2: Don't add to the idle list if we're full. |
| - BUG/MEDIUM: servers: Fail if we fail to allocate a conn_stream. |
| - BUG/MAJOR: servers: Use the list api correctly to avoid crashes. |
| - BUG/MAJOR: servers: Correctly use LIST_ELEM(). |
| - BUG/MAJOR: sessions: Use an unlimited number of servers for the conn list. |
| - BUG/MEDIUM: servers: Flag the stream_interface on handshake error. |
| - MEDIUM: servers: Be smarter when switching connections. |
| - MEDIUM: sessions: Keep track of which connections are idle. |
| - MINOR: payload: add sample fetch for TLS ALPN |
| - BUG/MEDIUM: log: don't mark log FDs as non-blocking on terminals |
| - MINOR: channel: Add the function channel_add_input |
| - MINOR: stats/htx: Call channel_add_input instead of updating channel state by hand |
| - BUG/MEDIUM: cache: Be sure to end the forwarding when XFER length is unknown |
| - BUG/MAJOR: htx: Return the good block address after a defrag |
| - MINOR: lb: allow redispatch when using consistent hash |
| - CLEANUP: mux-h2: fix end-of-stream flag name when processing headers |
| - BUG/MEDIUM: mux-h2: always restart reading if data are available |
| - BUG/MINOR: mux-h2: set the stream-full flag when leaving h2c_decode_headers() |
| - BUG/MINOR: mux-h2: don't check the CS count in h2c_bck_handle_headers() |
| - BUG/MINOR: mux-h2: mark end-of-stream after processing response HEADERS, not before |
| - BUG/MINOR: mux-h2: only update rxbuf's length for H1 headers |
| - BUG/MEDIUM: mux-h1: use per-direction flags to indicate transitions |
| - BUG/MEDIUM: mux-h1: make HTX chunking consistent with H2 |
| - BUG/MAJOR: stream-int: Update the stream expiration date in stream_int_notify() |
| - BUG/MEDIUM: proto-htx: Set SI_FL_NOHALF on server side when request is done |
| - BUG/MEDIUM: mux-h1: Add a task to handle connection timeouts |
| - MINOR: mux-h2: make h2c_decode_headers() return a status, not a count |
| - MINOR: mux-h2: add a new dummy stream : h2_error_stream |
| - MEDIUM: mux-h2: make h2c_decode_headers() support recoverable errors |
| - BUG/MINOR: mux-h2: detect when the HTX EOM block cannot be added after headers |
| - MINOR: mux-h2: remove a misleading and impossible test |
| - CLEANUP: mux-h2: clean the stream error path on HEADERS frame processing |
| - MINOR: mux-h2: check for too many streams only for idle streams |
| - MINOR: mux-h2: set H2_SF_HEADERS_RCVD when a HEADERS frame was decoded |
| - BUG/MEDIUM: mux-h2: decode trailers in HEADERS frames |
| - MINOR: h2: add h2_make_h1_trailers to turn H2 headers to H1 trailers |
| - MEDIUM: mux-h2: pass trailers to H1 (legacy mode) |
| - MINOR: htx: add a new function to add a block without filling it |
| - MINOR: h2: add h2_make_htx_trailers to turn H2 headers to HTX trailers |
| - MEDIUM: mux-h2: pass trailers to HTX |
| - MINOR: mux-h1: parse the content-length header on output and set H1_MF_CLEN |
| - BUG/MEDIUM: mux-h1: don't enforce chunked encoding on requests |
| - MINOR: mux-h2: make HTX_BLK_EOM processing idempotent |
| - MINOR: h1: make the H1 headers block parser able to parse headers only |
| - MEDIUM: mux-h2: emit HEADERS frames when facing HTX trailers blocks |
| - MINOR: stream/htx: Add info about the HTX structs in "show sess all" command |
| - MINOR: stream: Add the subscription events of SIs in "show sess all" command |
| - MINOR: mux-h1: Add the subscription events in "show fd" command |
| - BUG/MEDIUM: h1: Get the h1m state when restarting the headers parsing |
| - BUG/MINOR: cache/htx: Be sure to count partial trailers |
| - BUG/MEDIUM: h1: In h1_init(), wake the tasklet instead of calling h1_recv(). |
| - BUG/MEDIUM: server: Defer the mux init until after xprt has been initialized. |
| - MINOR: connections: Remove a stall comment. |
| - BUG/MEDIUM: cli: make "show sess" really thread-safe |
| - BUILD: add a new file "version.c" to carry version updates |
| - MINOR: stream/htx: add the HTX flags output in "show sess all" |
| - MINOR: stream/cli: fix the location of the waiting flag in "show sess all" |
| - MINOR: stream/cli: report more info about the HTTP messages on "show sess all" |
| - BUG/MINOR: lua: bad args are returned for Lua actions |
| - BUG/MEDIUM: lua: dead lock when Lua tasks are trigerred |
| - MINOR: htx: Add an helper function to get the max space usable for a block |
| - MINOR: channel/htx: Add HTX version for some helper functions |
| - BUG/MEDIUM: cache/htx: Respect the reserve when cached objects are served |
| - BUG/MINOR: stats/htx: Respect the reserve when the stats page is dumped |
| - DOC: regtest: make it clearer what the purpose of the "broken" series is |
| - REGTEST: mailers: add new test for 'mailers' section |
| - REGTEST: Add a reg test for health-checks over SSL/TLS. |
| - BUG/MINOR: mux-h1: Close connection on shutr only when shutw was really done |
| - MEDIUM: mux-h1: Clarify how shutr/shutw are handled |
| - BUG/MINOR: compression: Disable it if another one is already in progress |
| - BUG/MINOR: filters: Detect cache+compression config on legacy HTTP streams |
| - BUG/MINOR: cache: Disable the cache if any compression filter precedes it |
| - REGTEST: Add some informatoin to test results. |
| - MINOR: htx: Add a function to truncate all blocks after a specific offset |
| - MINOR: channel/htx: Add the HTX version of channel_truncate/erase |
| - BUG/MINOR: proto_htx: Use HTX versions to truncate or erase a buffer |
| - BUG/CRITICAL: mux-h2: re-check the frame length when PRIORITY is used |
| - DOC: Fix typo in req.ssl_alpn example (commit 4afdd138424ab...) |
| - DOC: http-request cache-use / http-response cache-store expects cache name |
| - REGTEST: "capture (request|response)" regtest. |
| - BUG/MINOR: lua/htx: Respect the reserve when data are send from an HTX applet |
| - REGTEST: filters: add compression test |
| - BUG/MEDIUM: init: Initialize idle_orphan_conns for first server in server-template |
| - BUG/MEDIUM: ssl: Disable anti-replay protection and set max data with 0RTT. |
| - DOC: Be a bit more explicit about allow-0rtt security implications. |
| - MINOR: mux-h1: make the mux_h1_ops struct static |
| - BUILD: makefile: add an EXTRA_OBJS variable to help build optional code |
| - BUG/MEDIUM: connection: properly unregister the mux on failed initialization |
| - BUG/MAJOR: cache: fix confusion between zero and uninitialized cache key |
| - REGTESTS: test case for map_regm commit 271022150d |
| - REGTESTS: Basic tests for concat,strcmp,word,field,ipmask converters |
| - REGTESTS: Basic tests for using maps to redirect requests / select backend |
| - DOC: REGTESTS README varnishtest -Dno-htx= define. |
| - MINOR: spoe: Make the SPOE filter compatible with HTX proxies |
| - MINOR: checks: Store the proxy in checks. |
| - BUG/MEDIUM: checks: Avoid having an associated server for email checks. |
| - REGTEST: Switch to vtest. |
| - REGTEST: Adapt reg test doc files to vtest. |
| - BUG/MEDIUM: h1: Make sure we destroy an inactive connectin that did shutw. |
| - BUG/MINOR: base64: dec func ignores padding for output size checking |
| - BUG/MEDIUM: ssl: missing allocation failure checks loading tls key file |
| - MINOR: ssl: add support of aes256 bits ticket keys on file and cli. |
| - BUG/MINOR: backend: don't use url_param_name as a hint for BE_LB_ALGO_PH |
| - BUG/MINOR: backend: balance uri specific options were lost across defaults |
| - BUG/MINOR: backend: BE_LB_LKUP_CHTREE is a value, not a bit |
| - MINOR: backend: move url_param_name/len to lbprm.arg_str/len |
| - MINOR: backend: make headers and RDP cookie also use arg_str/len |
| - MINOR: backend: add new fields in lbprm to store more LB options |
| - MINOR: backend: make the header hash use arg_opt1 for use_domain_only |
| - MINOR: backend: remap the balance uri settings to lbprm.arg_opt{1,2,3} |
| - MINOR: backend: move hash_balance_factor out of chash |
| - MEDIUM: backend: move all LB algo parameters into an union |
| - MINOR: backend: make the random algorithm support a number of draws |
| - BUILD/MEDIUM: da: Necessary code changes for new buffer API. |
| - BUG/MINOR: stick_table: Prevent conn_cur from underflowing |
| - BUG: 51d: Changes to the buffer API in 1.9 were not applied to the 51Degrees code. |
| - BUG/MEDIUM: stats: Get the right scope pointer depending on HTX is used or not |
| - DOC: add a missing space in the documentation for bc_http_major |
| - REGTEST: checks basic stats webpage functionality |
| - BUG/MEDIUM: servers: Make assign_tproxy_address work when ALPN is set. |
| - BUG/MEDIUM: connections: Add the CO_FL_CONNECTED flag if a send succeeded. |
| - DOC: add github issue templates |
| - MINOR: cfgparse: Extract some code to be re-used. |
| - CLEANUP: cfgparse: Return asap from cfg_parse_peers(). |
| - CLEANUP: cfgparse: Code reindentation. |
| - MINOR: cfgparse: Useless frontend initialization in "peers" sections. |
| - MINOR: cfgparse: Rework peers frontend init. |
| - MINOR: cfgparse: Simplication. |
| - MINOR: cfgparse: Make "peer" lines be parsed as "server" lines. |
| - MINOR: peers: Make outgoing connection to SSL/TLS peers work. |
| - MINOR: cfgparse: SSL/TLS binding in "peers" sections. |
| - DOC: peers: SSL/TLS documentation for "peers" |
| - BUG/MINOR: startup: certain goto paths in init_pollers fail to free |
| - BUG/MEDIUM: checks: fix recent regression on agent-check making it crash |
| - BUG/MINOR: server: don't always trust srv_check_health when loading a server state |
| - BUG/MINOR: check: Wake the check task if the check is finished in wake_srv_chk() |
| - BUG/MEDIUM: ssl: Fix handling of TLS 1.3 KeyUpdate messages |
| - DOC: mention the effect of nf_conntrack_tcp_loose on src/dst |
| - BUG/MINOR: proto-htx: Return an error if all headers cannot be received at once |
| - BUG/MEDIUM: mux-h2/htx: Respect the channel's reserve |
| - BUG/MINOR: mux-h1: Apply the reserve on the channel's buffer only |
| - BUG/MINOR: mux-h1: avoid copying output over itself in zero-copy |
| - BUG/MAJOR: mux-h2: don't destroy the stream on failed allocation in h2_snd_buf() |
| - BUG/MEDIUM: backend: also remove from idle list muxes that have no more room |
| - BUG/MEDIUM: mux-h2: properly abort on trailers decoding errors |
| - MINOR: h2: declare new sets of frame types |
| - BUG/MINOR: mux-h2: CONTINUATION in closed state must always return GOAWAY |
| - BUG/MINOR: mux-h2: headers-type frames in HREM are always a connection error |
| - BUG/MINOR: mux-h2: make it possible to set the error code on an already closed stream |
| - BUG/MINOR: hpack: return a compression error on invalid table size updates |
| - MINOR: server: make sure pool-max-conn is >= -1 |
| - BUG/MINOR: stream: take care of synchronous errors when trying to send |
| - CLEANUP: server: fix indentation mess on idle connections |
| - BUG/MINOR: mux-h2: always check the stream ID limit in h2_avail_streams() |
| - BUG/MINOR: mux-h2: refuse to allocate a stream with too high an ID |
| - BUG/MEDIUM: backend: never try to attach to a mux having no more stream available |
| - MINOR: server: add a max-reuse parameter |
| - MINOR: mux-h2: always consider a server's max-reuse parameter |
| - MEDIUM: stream-int: always mark pending outgoing SI_ST_CON |
| - MINOR: stream: don't wait before retrying after a failed connection reuse |
| - MEDIUM: h2: always parse and deduplicate the content-length header |
| - BUG/MINOR: mux-h2: always compare content-length to the sum of DATA frames |
| - CLEANUP: h2: Remove debug printf in mux_h2.c |
| - MINOR: cfgparse: make the process/thread parser support a maximum value |
| - MINOR: threads: make MAX_THREADS configurable at build time |
| - DOC: nbthread is no longer experimental. |
| - BUG/MINOR: listener: always fill the source address for accepted socketpairs |
| - BUG/MINOR: mux-h2: do not report available outgoing streams after GOAWAY |
| - BUG/MINOR: spoe: corrected fragmentation string size |
| - BUG/MINOR: task: fix possibly missed event in inter-thread wakeups |
| - BUG/MEDIUM: servers: Attempt to reuse an unfinished connection on retry. |
| - BUG/MEDIUM: backend: always call si_detach_endpoint() on async connection failure |
| - SCRIPTS: add the issue tracker URL to the announce script |
| - MINOR: peers: Extract some code to be reused. |
| - CLEANUP: peers: Indentation fixes. |
| - MINOR: peers: send code factorization. |
| - MINOR: peers: Add new functions to send code and reduce the I/O handler. |
| - MEDIUM: peers: synchronizaiton code factorization to reduce the size of the I/O handler. |
| - MINOR: peers: Move update receive code to reduce the size of the I/O handler. |
| - MINOR: peers: Move ack, switch and definition receive code to reduce the size of the I/O handler. |
| - MINOR: peers: Move high level receive code to reduce the size of I/O handler. |
| - CLEANUP: peers: Be more generic. |
| - MINOR: peers: move error handling to reduce the size of the I/O handler. |
| - MINOR: peers: move messages treatment code to reduce the size of the I/O handler. |
| - MINOR: peers: move send code to reduce the size of the I/O handler. |
| - CLEANUP: peers: Remove useless statements. |
| - MINOR: peers: move "hello" message treatment code to reduce the size of the I/O handler. |
| - MINOR: peers: move peer initializations code to reduce the size of the I/O handler. |
| - CLEANUP: peers: factor the error handling code in peer_treet_updatemsg() |
| - CLEANUP: peers: factor error handling in peer_treat_definedmsg() |
| - BUILD/MINOR: peers: shut up a build warning introduced during last cleanup |
| - BUG/MEDIUM: mux-h2: only close connection on request frames on closed streams |
| - CLEANUP: mux-h2: remove two useless but misleading assignments |
| - BUG/MEDIUM: checks: Check that conn_install_mux succeeded. |
| - BUG/MEDIUM: servers: Only destroy a conn_stream we just allocated. |
| - BUG/MEDIUM: servers: Don't add an incomplete conn to the server idle list. |
| - BUG/MEDIUM: checks: Don't try to set ALPN if connection failed. |
| - BUG/MEDIUM: h2: In h2_send(), stop the loop if we failed to alloc a buf. |
| - BUG/MEDIUM: peers: Handle mux creation failure. |
| - BUG/MEDIUM: servers: Close the connection if we failed to install the mux. |
| - BUG/MEDIUM: compression: Rewrite strong ETags |
| - BUG/MINOR: deinit: tcp_rep.inspect_rules not deinit, add to deinit |
| - CLEANUP: mux-h2: remove misleading leftover test on h2s' nullity |
| - BUG/MEDIUM: mux-h2: wake up flow-controlled streams on initial window update |
| - BUG/MEDIUM: mux-h2: fix two half-closed to closed transitions |
| - BUG/MEDIUM: mux-h2: make sure never to send GOAWAY on too old streams |
| - BUG/MEDIUM: mux-h2: do not abort HEADERS frame before decoding them |
| - BUG/MINOR: mux-h2: make sure response HEADERS are not received in other states than OPEN and HLOC |
| - MINOR: h2: add a generic frame checker |
| - MEDIUM: mux-h2: check the frame validity before considering the stream state |
| - CLEANUP: mux-h2: remove stream ID and frame length checks from the frame parsers |
| - BUG/MINOR: mux-h2: make sure request trailers on aborted streams don't break the connection |
| - DOC: compression: Update the reasons for disabled compression |
| - BUG/MEDIUM: buffer: Make sure b_is_null handles buffers waiting for allocation. |
| - DOC: htx: make it clear that htxbuf() and htx_from_buf() always return valid pointers |
| - MINOR: htx: never check for null htx pointer in htx_is_{,not_}empty() |
| - MINOR: mux-h2: consistently rely on the htx variable to detect the mode |
| - BUG/MEDIUM: peers: Peer addresses parsing broken. |
| - BUG/MEDIUM: mux-h1: Don't add "transfer-encoding" if message-body is forbidden |
| - BUG/MEDIUM: connections: Don't forget to remove CO_FL_SESS_IDLE. |
| - BUG/MINOR: stream: don't close the front connection when facing a backend error |
| - BUG/MEDIUM: mux-h2: wait for the mux buffer to be empty before closing the connection |
| - MINOR: stream-int: add a new flag to mention that we want the connection to be killed |
| - MINOR: connstream: have a new flag CS_FL_KILL_CONN to kill a connection |
| - BUG/MEDIUM: mux-h2: do not close the connection on aborted streams |
| - BUG/MINOR: server: fix logic flaw in idle connection list management |
| - MINOR: mux-h2: max-concurrent-streams should be unsigned |
| - MINOR: mux-h2: make sure to only check concurrency limit on the frontend |
| - MINOR: mux-h2: learn and store the peer's advertised MAX_CONCURRENT_STREAMS setting |
| - BUG/MEDIUM: mux-h2: properly consider the peer's advertised max-concurrent-streams |
| - MINOR: xref: Add missing barriers. |
| - MINOR: muxes: Don't bother to LIST_DEL(&conn->list) before calling conn_free(). |
| - MINOR: debug: Add an option that causes random allocation failures. |
| - BUG/MEDIUM: backend: always release the previous connection into its own target srv_list |
| - BUG/MEDIUM: htx: check the HTX compatibility in dynamic use-backend rules |
| - BUG/MINOR: tune.fail-alloc: Don't forget to initialize ret. |
| - BUG/MINOR: backend: check srv_conn before dereferencing it |
| - BUG/MEDIUM: mux-h2: always omit :scheme and :path for the CONNECT method |
| - BUG/MEDIUM: mux-h2: always set :authority on request output |
| - BUG/MEDIUM: stream: Don't forget to free s->unique_id in stream_free(). |
| - BUG/MINOR: threads: fix the process range of thread masks |
| - BUG/MINOR: config: fix bind line thread mask validation |
| - CLEANUP: threads: fix misleading comment about all_threads_mask |
| - CLEANUP: threads: use nbits to calculate the thread mask |
| - OPTIM: listener: optimize cache-line packing for struct listener |
| - MINOR: tools: improve the popcount() operation |
| - MINOR: config: keep an all_proc_mask like we have all_threads_mask |
| - MINOR: global: add proc_mask() and thread_mask() |
| - MINOR: config: simplify bind_proc processing using proc_mask() |
| - MINOR: threads: make use of thread_mask() to simplify some thread calculations |
| - BUG/MINOR: compression: properly report compression stats in HTX mode |
| - BUG/MINOR: task: close a tiny race in the inter-thread wakeup |
| - BUG/MAJOR: config: verify that targets of track-sc and stick rules are present |
| - BUG/MAJOR: spoe: verify that backends used by SPOE cover all their callers' processes |
| - BUG/MAJOR: htx/backend: Make all tests on HTTP messages compatible with HTX |
| - BUG/MINOR: config: make sure to count the error on incorrect track-sc/stick rules |
| - DOC: ssl: Clarify when pre TLSv1.3 cipher can be used |
| - DOC: ssl: Stop documenting ciphers example to use |
| - BUG/MINOR: spoe: do not assume agent->rt is valid on exit |
| - BUG/MINOR: lua: initialize the correct idle conn lists for the SSL sockets |
| - BUG/MEDIUM: spoe: initialization depending on nbthread must be done last |
| - BUG/MEDIUM: server: initialize the idle conns list after parsing the config |
| - BUG/MEDIUM: server: initialize the orphaned conns lists and tasks at the end |
| - MINOR: config: make MAX_PROCS configurable at build time |
| - BUG/MAJOR: spoe: Don't try to get agent config during SPOP healthcheck |
| - BUG/MINOR: config: Reinforce validity check when a process number is parsed |
| - BUG/MEDIUM: peers: check that p->srv actually exists before using p->srv->use_ssl |
| - CONTRIB: contrib/prometheus-exporter: Add a Prometheus exporter for HAProxy |
| - BUG/MINOR: mux-h1: verify the request's version before dropping connection: keep-alive |
| - BUG: 51d: In Hash Trie, multi header matching was affected by the header names stored globaly. |
| - MEDIUM: 51d: Enabled multi threaded operation in the 51Degrees module. |
| - BUG/MAJOR: stream: avoid double free on unique_id |
| - BUILD/MINOR: stream: avoid a build warning with threads disabled |
| - BUILD/MINOR: tools: fix build warning in the date conversion functions |
| - BUILD/MINOR: peers: remove an impossible null test in intencode() |
| - BUILD/MINOR: htx: fix some potential null-deref warnings with http_find_stline |
| - BUG/MEDIUM: peers: Missing peer initializations. |
| - BUG/MEDIUM: http_fetch: fix the "base" and "base32" fetch methods in HTX mode |
| - BUG/MEDIUM: proto_htx: Fix data size update if end of the cookie is removed |
| - BUG/MEDIUM: http_fetch: fix "req.body_len" and "req.body_size" fetch methods in HTX mode |
| - BUILD/MEDIUM: initcall: Fix build on MacOS. |
| - BUG/MEDIUM: mux-h2/htx: Always set CS flags before exiting h2_rcv_buf() |
| - MINOR: h2/htx: Set the flag HTX_SL_F_BODYLESS for messages without body |
| - BUG/MINOR: mux-h1: Add "transfer-encoding" header on outgoing requests if needed |
| - BUG/MINOR: mux-h2: Don't add ":status" pseudo-header on trailers |
| - BUG/MINOR: proto-htx: Consider a XFER_LEN message as chunked by default |
| - BUG/MEDIUM: h2/htx: Correctly handle interim responses when HTX is enabled |
| - MINOR: mux-h2: Set HTX extra value when possible |
| - BUG/MEDIUM: htx: count the amount of copied data towards the final count |
| - MINOR: mux-h2: make the H2 MAX_FRAME_SIZE setting configurable |
| - BUG/MEDIUM: mux-h2/htx: send an empty DATA frame on empty HTX trailers |
| - BUG/MEDIUM: servers: Use atomic operations when handling curr_idle_conns. |
| - BUG/MEDIUM: servers: Add a per-thread counter of idle connections. |
| - MINOR: fd: add a new my_closefrom() function to close all FDs |
| - MINOR: checks: use my_closefrom() to close all FDs |
| - MINOR: fd: implement an optimised my_closefrom() function |
| - BUG/MINOR: fd: make sure my_closefrom() doesn't miss some FDs |
| - BUG/MAJOR: fd/threads, task/threads: ensure all spin locks are unlocked |
| - BUG/MAJOR: listener: Make sure the listener exist before using it. |
| - MINOR: fd: Use closefrom() as my_closefrom() if supported. |
| - BUG/MEDIUM: mux-h1: Report the right amount of data xferred in h1_rcv_buf() |
| - BUG/MINOR: channel: Set CF_WROTE_DATA when outgoing data are skipped |
| - MINOR: htx: Add function to drain data from an HTX message |
| - MINOR: channel/htx: Add function to skips output bytes from an HTX channel |
| - BUG/MAJOR: cache/htx: Set the start-line offset when a cached object is served |
| - BUG/MEDIUM: cache: Get objects from the cache only for GET and HEAD requests |
| - BUG/MINOR: cache/htx: Return only the headers of cached objects to HEAD requests |
| - BUG/MINOR: mux-h1: Always initilize h1m variable in h1_process_input() |
| - BUG/MEDIUM: proto_htx: Fix functions applying regex filters on HTX messages |
| - BUG/MEDIUM: h2: advertise to servers that we don't support push |
| - MINOR: standard: Add a function to parse uints (dotted notation). |
| - MINOR: arg: Add support for ARGT_PBUF_FNUM arg type. |
| - MINOR: http_fetch: add "req.ungrpc" sample fetch for gRPC. |
| - MINOR: sample: Add two sample converters for protocol buffers. |
| - DOC: sample: Add gRPC related documentation. |
| |
| 2018/12/22 : 2.0-dev0 |
| - BUG/MAJOR: connections: Close the connection before freeing it. |
| - REGTEST: Require the option LUA to run lua tests |
| - REGTEST: script: Process script arguments before everything else |
| - REGTEST: script: Evaluate the varnishtest command to allow quoted parameters |
| - REGTEST: script: Add the option --clean to remove previous log direcotries |
| - REGTEST: script: Add the option --debug to show logs on standard ouput |
| - REGTEST: script: Add the option --keep-logs to keep all log directories |
| - REGTEST: script: Add the option --use-htx to enable the HTX in regtests |
| - REGTEST: script: Print only errors in the results report |
| - REGTEST: Add option to use HTX prefixed by the macro 'no-htx' |
| - REGTEST: Make reg-tests target support argument. |
| - REGTEST: Fix a typo about barrier type. |
| - REGTEST: Be less Linux specific with a syslog regex. |
| - REGTEST: Missing enclosing quotes for ${tmpdir} macro. |
| - REGTEST: Exclude freebsd target for some reg tests. |
| - BUG/MEDIUM: h2: Don't forget to quit the sending_list if SUB_CALL_UNSUBSCRIBE. |
| - BUG/MEDIUM: mux-h2: Don't forget to quit the send list on error reports |
| - BUG/MEDIUM: dns: Don't prevent reading the last byte of the payload in dns_validate_response() |
| - BUG/MEDIUM: dns: overflowed dns name start position causing invalid dns error |
| - BUG/MINOR: compression/htx: Don't compress responses with unknown body length |
| - BUG/MINOR: compression/htx: Don't add the last block of data if it is empty |
| - MEDIUM: mux_h1: Implement h1_show_fd. |
| - REGTEST: script: Add support of alternatives in requited options list |
| - REGTEST: Add a basic test for the compression |
| - BUG/MEDIUM: mux-h2: don't needlessly wake up the demux on short frames |
| - REGTEST: A basic test for "http-buffer-request" |
| - BUG/MEDIUM: server: Also copy "check-sni" for server templates. |
| - MINOR: ssl: Add ssl_sock_set_alpn(). |
| - MEDIUM: checks: Add check-alpn. |
| - wip |
| |
| 2018/12/19 : 1.9.0 |
| - BUG/MEDIUM: compression: Use the right buffer pointers to compress input data |
| - BUG/MINOR: mux_pt: Set CS_FL_WANT_ROOM when count is zero in rcv_buf() callback |
| - BUG/MEDIUM: connection: Add a new CS_FL_ERR_PENDING flag to conn_streams. |
| - CONTRIB: debug: teach the "flags" utility about new conn_stream flags |
| - BUG/MEDIUM: stream-int: always clear CS_FL_WANT_ROOM before receiving |
| - BUG/MEDIUM: mux-h2: also restart demuxing when data are pending in demux |
| - BUG/MEDIUM: mux-h2: restart demuxing as soon as demux data are available |
| - BUG/MEDIUM: h2: fix aggregated cookie length computation in HTX mode |
| - MINOR: mux-h2: report more h2c, last h2s and cs information on "show fd" |
| - CONTRIB: debug: report stream-int's flag SI_FL_CLEAN_ABRT |
| - MINOR: cli/stream: add the conn_stream in "show sess" output |
| - BUG/MINOR: mux-h2: don't report a fantom h2s in "show fd" |
| - BUG/MINOR: cli/fd: don't isolate the thread for each individual fd |
| - MINOR: objtype: report a few missing types in names and base pointers |
| - BUG/MEDIUM: mux-h2: make sure to report synchronous errors after EOS |
| - BUG/MEDIUM: mux-h2: report asynchronous errors in h2_wake_some_streams() |
| - BUG/MEDIUM: mux-h2: make sure the demux also wakes streams up on errors |
| - BUG/MINOR: mux-h1: report the correct frontend in error captures |
| - BUG/MEDIUM: stream-int: also wake the stream up on end of transfer |
| - MEDIUM: h2: properly check and deduplicate the content-length header in HTX |
| - BUG/MEDIUM: stream: Forward the right amount of data before infinite forwarding |
| - BUG/MINOR: proto_htx: Call the HTX version of the function managing client cookies |
| - BUG/MEDIUM: lua/htx: Handle EOM in receive/get_line calls in HTTP applets |
| - BUG/MINOR: lua: Return an error if a legacy HTTP applet doesn't send anything |
| - MINOR: compression: Remove the thread_local variable buf_output |
| - CLEANUP: connection: rename subscription events values and event field |
| - CLEANUP: connection: rename conn->mux_ctx to conn->ctx |
| - MINOR: connection: remove an unwelcome dependency on struct stream |
| - CLEANUP: stream-int: consistently call the si/stream_int functions |
| - BUG/MEDIUM: h1: Don't shutw/shutr the connection if we have keepalive. |
| - BUG/MEDIUM: H2: Make sure htx is set even on empty frames. |
| - BUG/MEDIUM: mux-h2: pass CS_FL_ERR_PENDING to h2_wake_some_streams() |
| - MEDIUM: stream-int: always consider all CS errors on the send side |
| - BUG/MEDIUM: h2: Make sure we don't set CS_FL_ERROR if there's still data. |
| - CLEANUP: mux-h2: implement h2s_notify_{send,recv} to report events to subscribers |
| - MINOR: mux-h2: add a new function h2s_alert() to call the data layer |
| - BUG/MEDIUM: mux-h2: make use of h2s_alert() to report aborts |
| - MINOR: connection: add cs_set_error() to set the error bits |
| - CLEANUP: mux-h2: make use of cs_set_error() |
| - BUG/MINOR: mux-h2: make sure we check the conn_stream in early data |
| - BUG/MEDIUM: h2: Don't wait for flow control if the connection had a shutr. |
| - MINOR: cli/show_fd: report that a connection is back or not |
| - SCRIPTS: add the slack channel URL to the announce script |
| - CLEANUP: remove my name and address from the copyright banner |
| - DOC: mention in the readme that 1.9 is a stable version now |
| |
| 2018/12/16 : 1.9-dev11 |
| - BUG/MEDIUM: connection: Don't use the provided conn_stream if it was tried. |
| - REGTEST/MINOR: remove double body specification for server txresp |
| - BUG/MEDIUM: connections: Remove error flags when retrying. |
| - REGTEST/MINOR: skip seamless-reload test with abns socket on freebsd |
| - REGTEST/MINOR: remove health-check that can make the test fail |
| - DOC: clarify that check-sni needs an argument. |
| - DOC: refer to check-sni in the documentation of sni |
| - BUG/MEDIUM: mux-h2: fix encoding of non-GET/POST methods |
| - BUG/MINOR: mux-h1: Fix conn_mode processing for headerless outgoing messages |
| - BUG/MEDIUM: mux-h1: Add a BUSY mode to not loop on pipelinned requests |
| - BUG/MEDIUM: mux-h1: Don't loop on the headers parsing if the read0 was received |
| - BUG/MEDIUM: htx: Always do a defrag if a block value is replace by a bigger one |
| - BUG/MEDIUM: mux-h2: Don't forget to set the CS_FL_EOS flag with htx. |
| - BUG/MINOR: hpack: fix off-by-one in header name encoding length calculation |
| - CLEANUP: hpack: no need to include chunk.h, only include buf.h |
| - MINOR: hpack: simplify the len to bytes conversion |
| - MINOR: hpack: use ist2bin() to copy header names in hpack_encode_header() |
| - MINOR: hpack: optimize header encoding for short names |
| - CONTRIB: hpack: add a compressed stream generator for the encoder |
| - MEDIUM: hpack: make it possible to encode any static header name |
| - MINOR: hpack: move the length computation and encoding functions to .h |
| - MINOR: hpack: provide a function to encode a short indexed header |
| - MINOR: hpack: provide a function to encode a long indexed header |
| - MINOR: hpack: provide new functions to encode the ":status" header |
| - MEDIUM: mux-h2: make use of standard HPACK encoding functions for the status |
| - MINOR: hpack: provide a function to encode an HTTP method |
| - MEDIUM: mux-h2: make use of hpack_encode_method() to encode the method |
| - MINOR: hpack: provide a function to encode an HTTP scheme |
| - MEDIUM: mux-h2: make use of hpack_encode_scheme() to encode the scheme |
| - MINOR: hpack: provide a function to encode an HTTP path |
| - MEDIUM: mux-h2: make use of hpack_encode_path() to encode the path |
| - REGTEST: add the HTTP rules test involving HTX processing |
| - REORG: connection: centralize the conn_set_{tos,mark,quickack} functions |
| - MEDIUM: cli: rework the CLI proxy parser |
| - MINOR: cli: parse prompt command in the CLI proxy |
| - MINOR: cli: implements 'quit' in the CLI proxy |
| - BUG/MINOR: cli: wait for payload data even without prompt |
| - MEDIUM: cli: handle payload in CLI proxy |
| - MINOR: cli: use pcli_flags for prompt activation |
| - MINOR: compression: Rename the function check_legacy_http_comp_flt() |
| - MINOR: cache/htx: Don't use the same cache on HTX and legacy HTTP proxies |
| - MINOR: cache: Register the cache as a data filter only if response is cacheable |
| - MEDIUM: cache/htx: Add the HTX support into the cache |
| - MINOR: cache: Improve and simplify the cache configuration check |
| - MINOR: filters: Export the name of known filters |
| - MEDIUM: cache/compression: Add a way to safely combined compression and cache |
| - MEDIUM: cache: Require an explicit filter declaration if other filters are used |
| - REORG: htx: merge types+proto into common/htx.h |
| - REORG: http: create http_msg.c to place there some legacy HTTP parts |
| - REORG: h1: move legacy http functions to http_msg.c |
| - REORG: h1: move the h1_state definition to proto_http |
| - CLEANUP: h1: remove some occurrences of unneeded h1.h inclusions |
| - REORG: h1: merge types+proto into common/h1.h |
| - CLEANUP: stream: remove SF_TUNNEL, SF_INITIALIZED, SF_CONN_TAR |
| - MEDIUM: mux-h1: implement true zero-copy of DATA blocks |
| - MINOR: config: round up global.tune.bufsize to the next multiple of 2 void* |
| - BUG/MINOR: mux-h2: refrain from muxing during the preface |
| - BUG/MINOR: mux-h2: advertise a larger connection window size |
| - DOC: master CLI documentation in management.txt |
| - MINOR: mux-h2: avoid copying large blocks into full buffers |
| - MEDIUM: mux-h2: implement true zero-copy send of large HTX DATA blocks |
| - MINOR: mux-h2: force reads to be HTX-aligned in HTX mode |
| - MINOR: cli: change 'show proc' output of old processes |
| - BUG/MEDIUM: mux-h1: Fix the zero-copy on output for chunked messages |
| - BUG: dns: Prevent stack-exhaustion via recursion loop in dns_read_name |
| - BUG: dns: Prevent out-of-bounds read in dns_read_name() |
| - BUG: dns: Prevent out-of-bounds read in dns_validate_dns_response() |
| - BUG: dns: Fix out-of-bounds read via signedness error in dns_validate_dns_response() |
| - BUG: dns: Fix off-by-one write in dns_validate_dns_response() |
| - REGTEST: the cache regtest requires haproxy 1.9 |
| - MEDIUM: cli: store CLI level in the appctx |
| - MEDIUM: cli: show and change CLI permissions |
| - CLEANUP: cli: use dedicated define instead of appctx ones |
| - MEDIUM: cli: handle CLI level from the master CLI |
| - BUG/MEDIUM: cli: handle correctly prefix and payload |
| - BUILD: Makefile: Implements the help target |
| - REGTESTS: adjust the http-rules regtest to support window updates |
| - BUG/MEDIUM: connections: Remove CS_FL_EOS | CS_FL_REOS on retry. |
| - BUG/MEDIUM: stream_interface: Don't report read0 if we were not connected. |
| - BUG/MEDIUM: connection: Just make sure we closed the fd on connection failure. |
| - MEDIUM: mux: Add an optional "reset" method. |
| - BUG/MEDIUM: mux-h1: Fix loop if server closes its connection with unparsed data |
| - MINOR: mux-h1: Add helper functions to wake a stream from recv or send |
| - BUG/MEDIUM: mux-h1: Wake the stream for send once the connection is established |
| - BUG/MEDIUM: connections: Don't attempt to reuse an unusable connection. |
| - MEDIUM: htx: Try to take a connection over if it has no owner. |
| - REGTEST: Reg testing improvements. |
| - REGTEST: Add a first test for health-checks. |
| - REGTEST: Reg test for "check" health-check option. |
| - REGTEST: level 1 health-check test 2. |
| - REGTEST: Add miscellaneous reg tests for health-checks. |
| - REGTEST: add a few HTTP messaging tests |
| - MINOR: lb: make the leastconn algorithm more accurate |
| - REGTEST: fix missing space in checks/s00001 |
| - REGTEST: http-messaging: add "option http-buffer-request" for H2 tests |
| - BUG/MEDIUM: cache: fix random crash on filter parser's error path |
| - MINOR: connection: realign empty buffers in muxes, not transport layers |
| - MINOR: mux_h1/h2: simplify the zero-copy Rx alignment |
| - MINOR: backend: count the number of connect and reuse per server and per backend |
| - BUG/MINOR: stats: fix inversion of failed header rewrites and other statuses |
| - MINOR: tools: increase the number of ITOA strings to 16 |
| - MINOR: cache: report the number of cache lookups and cache hits |
| - MEDIUM: tasks: check the global task mask instead of the thread number |
| - MINOR: mworker: set all_threads_mask and pid_bit to 1 |
| - BUG/MINOR: proto_htx: Fix htx_res_set_status to also set the reason |
| - BUG/MINOR: stats: Parse post data for HTX streams |
| - MINOR: payload/htx: Adapt smp_fetch_len to be HTX aware |
| - MINOR: http_fecth: Implement body_len and body_size sample fetches for the HTX |
| - MAJOR: lua: Forbid calls to Channel functions for LUA scripts in HTTP proxies |
| - MEDIUM: lua/htx: Adapt functions of the HTTP to be compatible with HTX |
| - MINOR: lua/htx: Adapt the functions get_in_length and is_full to be HTX aware |
| - MAJOR: lua/htx: Adapt HTTP applets to support HTX messages |
| - MINOR: lua: Remove useless check on the messages state in HTTP functions |
| - BUG/MEDIUM: htx: When performing zero-copy, start from the right offset. |
| - BUG/MINOR: mworker: don't use unitialized mworker_proc struct |
| - MINOR: mworker/cli: indicate in the master prompt when a reload failed |
| - MINOR: cli: implements 'reload' on master CLI |
| - BUG/MEDIUM: log: Don't call sample_fetch_as_type if we don't have a stream. |
| - BUG/MEDIUM: mux-h1: make sure we always have at least one HTX block to send |
| - BUG/MAJOR: backend: only update server's counters when the server exists |
| - MINOR: tools: preset the port of fd-based "sockets" to zero |
| - BUG/MINOR: log: fix logging to both FD and IP |
| - REGTEST: Add a reg test for HTTP cookies. |
| - BUILD: ssl: Fix compilation without deprecated OpenSSL 1.1 APIs |
| - BUILD: thread: properly report multi-thread support |
| - BUG/MINOR: logs: leave startup-logs global and not per-thread |
| - BUG/MEDIUM: threads: don't close the thread waker pipe if not init |
| - BUG/MAJOR: compression/cache: Make it really works with these both filters |
| - BUG/MEDIUM: h2: Don't forget to destroy the h2s after deferred shut. |
| - MEDIUM: proxy: Set http-reuse safe as default. |
| - MEDIUM: servers: Add a command to limit the number of idling connections. |
| - MEDIUM: servers: Replace idle-timeout with pool-purge-delay. |
| - MEDIUM: mux: Destroy the stream before trying to add the conn to the idle list. |
| - MEDIUM: mux: provide the session to the init() and attach() method. |
| - MEDIUM: sessions: Don't keep an infinite number of idling connections. |
| - MEDIUM: servers: Be more agressive when adding H2 connection to idle lists. |
| - MEDIUM: mux_h2: Always set CS_FL_NOT_FIRST for new conn_streams. |
| - BUG/MEDIUM: htx/cache: use the correct class of error codes on abort |
| - BUG/MINOR: cache: also consider CF_SHUTR to abort delivery |
| - MINOR: pools: Cast to volatile int * instead of int *. |
| - MINOR: debug: make the ABORT_NOW macro use a volatile int |
| - BUG/MEDIUM: h2: Don't destroy the h2s if it still has a cs attached. |
| - BUG/MEDIUM: mux-h1: don't try to process an empty input buffer |
| - DOC: clarify the agent-check status line syntax |
| - BUG/MAJOR: hpack: fix length check for short names encoding |
| - DOC: split the README into README + INSTALL |
| |
| 2018/12/08 : 1.9-dev10 |
| - MINOR: htx: Rename functions htx_*_to_str() to be H1 specific |
| - BUG/MINOR: htx: Force HTTP/1.1 on H1 formatting when version is 1.1 or above |
| - BUG/MINOR: fix ssl_fc_alpn and actually add ssl_bc_alpn |
| - BUG/MEDIUM: mworker: stop proxies which have no listener in the master |
| - BUG/MEDIUM: h1: Destroy a connection after detach if it has no owner. |
| - BUG/MEDIUM: h2: Don't forget to wake the tasklet after shutr/shutw. |
| - BUG/MINOR: flt_trace/compression: Use the right flag to add the HTX support |
| - BUG/MEDIUM: stream_interface: Make REALLY sure we read all the data. |
| - MEDIUM: mux-h1: Revamp the way subscriptions are handled. |
| - BUG/MEDIUM: mux-h1: Always set CS_FL_RCV_MORE when data are received in h1_recv() |
| - MINOR: mux-h1: Make sure to return 1 in h1_recv() when needed |
| - BUG/MEDIUM: mux-h1: Release the mux H1 in h1_process() if there is no h1s |
| - BUG/MINOR: proto_htx: Truncate the request when an error is detected |
| - BUG/MEDIUM: h2: When sending in HTX, make sure the caller knows we sent all. |
| - BUG/MEDIUM: mux-h2: properly update the window size in HTX mode |
| - BUG/MEDIUM: mux-h2: make sure to always report HTX EOM when consumed by headers |
| - BUG/MEDIUM: mux-h2: stop sending HTX once the mux is blocked |
| - BUG/MEDIUM: mux-h2: don't send more HTX data than requested |
| - MINOR: mux-h2: stop on non-DATA and non-EOM HTX blocks |
| - BUG/MEDIUM: h1: Correctly report used data with no len. |
| - MEDIUM: h1: Realign the ibuf before calling rcv_buf if needed. |
| - BUG/MEDIUM: mux_pt: Always set CS_FL_RCV_MORE. |
| - MINOR: htx: make htx_from_buf() adjust the size only on new buffers |
| - MINOR: htx: add buf_room_for_htx_data() to help optimize buffer transfers |
| - MEDIUM: mux-h1: make use of buf_room_for_htx_data() instead of b_room() |
| - MEDIUM: mux-h1: attempt to zero-copy Rx DATA transfers |
| - MEDIUM: mux-h1: avoid a double copy on the Tx path whenever possible |
| - BUG/MEDIUM: stream-int: don't mark as blocked an empty buffer on Rx |
| - BUG/MINOR: mux-h1: Check h1m flags to set the server conn_mode on request path |
| - MEDIUM: htx: Rework conversion from a buffer to an htx structure |
| - MEDIUM: channel/htx: Add functions for forward HTX data |
| - MINOR: mux-h1: Don't adjust anymore the amount of data sent in h1_snd_buf() |
| - CLEANUP: htx: Fix indentation here and there in HTX files |
| - MINOR: mux-h1: Allow partial data consumption during outgoing data processing |
| - BUG/MEDIUM: mux-h2: use the correct offset for the HTX start line |
| - BUG/MEDIUM: mux-h2: stop sending using HTX on errors |
| - MINOR: mux-h1: Drain obuf if the output is closed after sending data |
| - BUG/MEDIUM: mworker: stop every tasks in the master |
| - BUG/MEDIUM: htx: Set the right start-line offset after a defrag |
| - BUG/MEDIUM: stream: Don't dereference s->txn when it is not there yet. |
| - BUG/MEDIUM: connections: Reuse an already attached conn_stream. |
| - MINOR: stream-int: add a new blocking condition on the remote connection |
| - BUG/MEDIUM: stream-int: don't attempt to receive if the connection is not established |
| - BUG/MEDIUM: lua: block on remote connection establishment |
| - BUG/MEDIUM: mworker: fix several typos in mworker_cleantasks() |
| - SCRIPTS/REGTEST: merge grep+sed into sed in run-regtests |
| - BUG/MEDIUM: connections: Split CS_FL_RCV_MORE into 2 flags. |
| - BUG/MEDIUM: h1: Don't free the connection if it's an outgoing connection. |
| - BUG/MEDIUM: h1: Set CS_FL_REOS if we had a read0. |
| - BUG/MEDIUM: mux-h1: Be sure to have a conn_stream to set CS_FL_REOS in h1_recv |
| - REGTEST: Move LUA reg test 4 to level 1. |
| - MINOR: ist: add functions to copy/uppercase/lowercase into a buffer or string |
| - MEDIUM: ist: always turn header names to lower case |
| - MINOR: h2: don't turn HTX header names to lower case anymore |
| - MEDIUM: ist: use local conversion arrays to case conversion |
| - MINOR: htx: switch to case sensitive search of lower case header names |
| - MINOR: mux-h1: Set CS_FL_EOS when read0 is detected and no data are pending |
| - BUG/MINOR: stream-int: Process read0 even if no data was received in si_cs_recv |
| - REGTEST: fix the Lua test file name in test lua/h00002 :-) |
| - REGTEST: add a basic test for HTTP rules manipulating headers |
| - BUG/MEDIUM: sample: Don't treat SMP_T_METH as SMP_T_STR. |
| - MINOR: sample: add bc_http_major |
| - BUG/MEDIUM: htx: fix typo in htx_replace_stline() making it fail all the time |
| - REGTEST: make the HTTP rules test compatible with HTTP/2 as well |
| - BUG/MEDIUM: h2: Don't try to chunk data when using HTX. |
| - MINOR: compiler: add a new macro ALREADY_CHECKED() |
| - BUILD: h2: mark the start line already checked to avoid warnings |
| - BUG/MINOR: mux-h1: Remove the connection header when it is useless |
| |
| 2018/12/02 : 1.9-dev9 |
| - BUILD/MINOR: ssl: fix build with non-alpn/non-npn libssl |
| - BUG/MINOR: mworker: Do not attempt to close(2) fd -1 |
| - BUILD: compression: fix build error with DEFAULT_MAXZLIBMEM |
| - MINOR: compression: always create the compression pool |
| - BUG/MEDIUM: mworker: fix FD leak upon reload |
| - BUILD: htx: fix fprintf format inconsistency on 32-bit platforms |
| - BUILD: buffers: buf.h requires unistd to get ssize_t on libmusl |
| - MINOR: initcall: introduce a way to register init functions to call at boot |
| - MINOR: init: process all initcalls in order at boot time |
| - MEDIUM: init: convert all trivial registration calls to initcalls |
| - MINOR: thread: provide a set of lock initialisers |
| - MINOR: threads: add new macros to declare self-initializing locks |
| - MEDIUM: init: use self-initializing spinlocks and rwlocks |
| - MINOR: initcall: apply initcall to all register_build_opts() calls |
| - MINOR: initcall: use initcalls for most post_{check,deinit} and per_thread* |
| - MINOR: initcall: use initcalls for section parsers |
| - MINOR: memory: add a callback function to create a pool |
| - MEDIUM: init: use initcall for all fixed size pool creations |
| - MEDIUM: memory: use pool_destroy_all() to destroy all pools on deinit() |
| - MEDIUM: initcall: use initcalls for a few initialization functions |
| - MEDIUM: memory: make the pool cache an array and not a thread_local |
| - MINOR: ssl: free ctx when libssl doesn't support NPN |
| - BUG/MINOR: proto_htx: only mark connections private if NTLM is detected |
| - MINOR: h2: make struct h2_ops static |
| - BUG/MEDIUM: mworker: avoid leak of client socket |
| - REORG: mworker: declare master variable in global.h |
| - BUG/MEDIUM: listeners: CLOEXEC flag is not correctly set |
| - CLEANUP: http: Fix typo in init_http's comment |
| - BUILD: Makefile: Disable -Wcast-function-type if it exists. |
| - BUG/MEDIUM: h2: Don't bogusly error if the previous stream was closed. |
| - REGTEST/MINOR: script: add run-regtests.sh script |
| - REGTEST: Add a basic test for the cache. |
| - BUG/MEDIUM: mux_pt: Don't forget to unsubscribe() on attach. |
| - BUG/MINOR: ssl: ssl_sock_parse_clienthello ignores session id |
| - BUG/MEDIUM: connections: Wake the stream once the mux is chosen. |
| - BUG/MEDIUM: connections: Don't forget to detach the connection from the SI. |
| - BUG/MEDIUM: stream_interface: Don't check if the handshake is done. |
| - BUG/MEDIUM: stream_interface: Make sure we read all the data available. |
| - BUG/MEDIUM: h2: Call h2_process() if there's an error on the connection. |
| - REGTEST: Fix several issues. |
| - REGTEST: lua: check socket functionality from a lua-task |
| - BUG/MEDIUM: session: Remove the session from the session_list in session_free. |
| - BUG/MEDIUM: streams: Don't assume we have a CS in sess_update_st_con_tcp. |
| - BUG/MEDIUM: connections: Don't assume we have a mux in connect_server(). |
| - BUG/MEDIUM: connections: Remove the connection from the idle list before destroy. |
| - BUG/MEDIUM: session: properly clean the outgoing connection before freeing. |
| - BUG/MEDIUM: mux_pt: Don't try to send if handshake is not done. |
| - MEDIUM: connections: Put H2 connections in the idle list if http-reuse always. |
| - MEDIUM: h2: Destroy a connection with no stream if it has no owner. |
| - MAJOR: sessions: Store multiple outgoing connections in the session. |
| - MEDIUM: session: Steal owner-less connections on end of transaction. |
| - MEDIUM: server: Be smarter about deciding to reuse the last server. |
| - BUG/MEDIUM: Special-case http_proxy when dealing with outgoing connections. |
| - BUG/MINOR: cfgparse: Fix transition between 2 sections with the same name |
| - BUG/MINOR: http: Use out buffer instead of trash to display error snapshot |
| - BUG/MINOR: htx: Fix block size calculation when a start-line is added/replaced |
| - BUG/MINOR: mux-h1: Fix processing of "Connection: " header on outgoing messages |
| - BUG/MEDIUM: mux-h1: Reset the H1 parser when an outgoing message is processed |
| - BUG/MINOR: proto_htx: Send outgoing data to client to start response processing |
| - BUG/MINOR: htx: Stop a header or a start line lookup on the first EOH or EOM |
| - BUG/MINOR: connection: report mux modes when HTX is supported |
| - MINOR: htx: add a function to cut the beginning of a DATA block |
| - MEDIUM: conn_stream: Add a way to get mux's info on a CS from the upper layer |
| - MINOR: mux-h1: Implement get_cs_info() callback |
| - MINOR: stream: Rely on CS's info if it exists and fallback on session's ones |
| - MINOR: proto_htx: Use conn_stream's info to set t_idle duration when possible |
| - MINOR: mux-h1: Don't rely on the stream anymore in h1_set_srv_conn_mode() |
| - MINOR: mux-h1: Write last chunk and trailers if not found in the HTX message |
| - MINOR: mux-h1: Be prepare to fail when EOM is added during trailers parsing |
| - MINOR: mux-h1: Subscribe to send in h1_snd_buf() when not all data have been sent |
| - MINOR: mux-h1: Consume channel's data in a loop in h1_snd_buf() |
| - MEDIUM: mux-h1: Add keep-alive outgoing connections in connections list |
| - MINOR: htx: Add function to add an HTX block just before another one |
| - MINOR: htx: Add function to iterate on an HTX message using HTX blocks |
| - MINOR: htx: Add a function to find the HTX block corresponding to a data offset |
| - MINOR: stats: Don't add end-of-data marker and trailers in the HTX response |
| - MEDIUM: htx: Change htx_sl to be a struct instead of an union |
| - MINOR: htx: Add the start-line offset for the HTX message in the HTX structure |
| - MEDIUM: htx: Don't rely on h1_sl anymore except during H1 header parsing |
| - MINOR: proto-htx: Use the start-line flags to set the HTTP messsage ones |
| - MINOR: htx: Add BODYLESS flags on the HTX start-line and the HTTP message |
| - MINOR: proto_htx: Use full HTX messages to send 100-Continue responses |
| - MINOR: proto_htx: Use full HTX messages to send 103-Early-Hints responses |
| - MINOR: proto_htx: Use full HTX messages to send 401 and 407 responses |
| - MINOR: proto_htx: Send valid HTX message when redir mode is enabled on a server |
| - MINOR: proto_htx: Send valid HTX message to send 30x responses |
| - MEDIUM: proto_htx: Convert all HTTP error messages into HTX |
| - MINOR: mux-h1: Process conn_mode on the EOH when no connection header is found |
| - MINOR: mux-h1: Change client conn_mode on an explicit close for the response |
| - MINOR: mux-h1: Capture bad H1 messages |
| - MAJOR: filters: Adapt filters API to be compatible with the HTX represenation |
| - MEDIUM: proto_htx/filters: Add data filtering during the forwarding |
| - MINOR: flt_trace: Adapt to be compatible with the HTX representation |
| - MEDIUM: compression: Adapt to be compatible with the HTX representation |
| - MINOR: h2: implement H2->HTX request header frame transcoding |
| - MEDIUM: mux-h2: register mux for both HTTP and HTX modes |
| - MEDIUM: mux-h2: make h2_rcv_buf() support HTX transfers |
| - MEDIUM: mux-h2: make h2_snd_buf() HTX-aware |
| - MEDIUM: mux-h2: add basic H2->HTX transcoding support for headers |
| - MEDIUM: mux-h2: implement emission of H2 headers frames from HTX blocks |
| - MEDIUM: mux-h2: implement the emission of DATA frames from HTX DATA blocks |
| - MEDIUM: mux-h2: support passing H2 DATA frames to HTX blocks |
| - BUG/MINOR: cfgparse: Fix the call to post parser of the last sections parsed |
| - BUG/MEDIUM: mux-h2: don't lose the first response header in HTX mode |
| - BUG/MEDIUM: mux-h2: remove the HTX EOM block on H2 response headers |
| - MINOR: listener: the mux_proto entry in the bind_conf is const |
| - MINOR: connection: create conn_get_best_mux_entry() |
| - MINOR: server: the mux_proto entry in the server is const |
| - MINOR: config: make sure to associate the proper mux to bind and servers |
| - MINOR: hpack: add ":path" to the list of common header fields |
| - MINOR: h2: add new functions to produce an HTX message from an H2 response |
| - MINOR: mux-h2: mention that the mux is compatible with both sides |
| - MINOR: mux-h2: implement an outgoing stream allocator : h2c_bck_stream_new() |
| - MEDIUM: mux-h2: start to create the outgoing mux |
| - MEDIUM: mux-h2: implement encoding of H2 request on the backend side |
| - MEDIUM: mux-h2: make h2_frt_decode_headers() direction-agnostic |
| - MEDIUM: mux-h2: make h2_process_demux() capable of processing responses as well |
| - MEDIUM: mux-h2: Implement h2_attach(). |
| - MEDIUM: mux-h2: Don't bother flagging outgoing connections as TOOMANY. |
| - REGTEST: Fix LEVEL 4 script 0 of "connection" module. |
| - MINOR: connection: Fix a comment. |
| - MINOR: mux: add a "max_streams" method. |
| - MEDIUM: servers: Add a way to keep idle connections alive. |
| - CLEANUP: fix typos in the htx subsystem |
| - CLEANUP: Fix typo in the chunk headers file |
| - CLEANUP: Fix typos in the h1 subsystem |
| - CLEANUP: Fix typos in the h2 subsystem |
| - CLEANUP: Fix a typo in the mini-clist header |
| - CLEANUP: Fix a typo in the proto_htx subsystem |
| - CLEANUP: Fix typos in the proto_tcp subsystem |
| - CLEANUP: Fix a typo in the signal subsystem |
| - CLEANUP: Fix a typo in the session subsystem |
| - CLEANUP: Fix a typo in the queue subsystem |
| - CLEANUP: Fix typos in the shctx subsystem |
| - CLEANUP: Fix typos in the socket pair protocol subsystem |
| - CLEANUP: Fix typos in the map management functions |
| - CLEANUP: Fix typo in the fwrr subsystem |
| - CLEANUP: Fix typos in the cli subsystem |
| - CLEANUP: Fix typo in the 51d subsystem |
| - CLEANUP: Fix a typo in the base64 subsystem |
| - CLEANUP: Fix a typo in the connection subsystem |
| - CLEANUP: Fix a typo in the protocol header file |
| - CLEANUP: Fix a typo in the checks header file |
| - CLEANUP: Fix typos in the file descriptor subsystem |
| - CLEANUP: Fix a typo in the listener subsystem |
| - BUG/MINOR: lb-map: fix unprotected update to server's score |
| - BUILD: threads: fix minor build warnings when threads are disabled |
| |
| 2018/11/25 : 1.9-dev8 |
| - REORG: config: extract the global section parser into cfgparse-global |
| - REORG: config: extract the proxy parser into cfgparse-listen.c |
| - BUILD: update the list of supported targets and compilers in makefile and readme |
| - BUILD: reorder the objects in the makefile |
| - BUILD: Makefile: make "V=1" show some of the commands that are executed |
| - BUILD: Makefile: add the quiet mode to a few more targets |
| - BUILD: Makefile: add "$(Q)" to clean, tags and cscope targets |
| - BUILD: Makefile: switch to quiet mode by default for CC/LD/AR |
| - MINOR: cli: format `show proc` to be more readable |
| - MINOR: cli: displays uptime in `show proc` |
| - MINOR: cli: show master information in 'show proc' |
| - BUG/MEDIUM: hpack: fix encoding of "accept-ranges" field |
| - MAJOR: mux-h1: Remove the rxbuf and decode HTTP messages in channel's buffer |
| - BUG/MINOR: mux-h1: Enable keep-alive on server side |
| - BUG/MEDIUM: mux-h1: Fix freeze when the kernel splicing is used |
| - BUG/MEDIUM: mux-h1: Don't set the flag CS_FL_RCV_MORE when nothing was parsed |
| - BUG/MINOR: stats/htx: Remove channel's output when the request is eaten |
| - BUG/MINOR: proto_htx: Fix request/response synchronisation on error |
| - MINOR: stream-int: Notify caller when an error is reported after a rcv_pipe() |
| - MINOR: stream-int: Notify caller when an error is reported after a rcv_buf() |
| - BUG/MINOR: stream-int: Don't call snd_buf() if there are still data in the pipe |
| - MINOR: stream-int: remove useless checks on CS and conn flags in si_cs_send() |
| - BUG/MINOR: config: Be aware of the HTX during the check of mux protocols |
| - BUG/MINOR: mux-htx: Fix bad test on h1c flags in h1_recv_allowed() |
| - MEDIUM: mworker: wait mode use standard init code path |
| - MINOR: log: introduce ha_notice() |
| - MINOR: mworker: use ha_notice to announce a new worker |
| - BUG/MEDIUM: http_fetch: Make sure name is initialized before http_find_header. |
| - MINOR: cli: add mworker_accept_wrapper to 'show fd' |
| - MEDIUM: signal: signal_unregister() removes every handlers |
| - BUG/MEDIUM: mworker: unregister the signals of main() |
| - MINOR: cli: add a few missing includes in proto/cli.h |
| - REORG: time/activity: move activity measurements to activity.{c,h} |
| - MINOR: activity: report the average loop time in "show activity" |
| - MINOR: activity: add configuration and CLI support for "profiling.tasks" |
| - MEDIUM: tasks: collect per-task CPU time and latency |
| - MINOR: sample: add cpu_calls, cpu_ns_avg, cpu_ns_tot, lat_ns_avg, lat_ns_tot |
| - MINOR: cli/activity: rename the stolen CPU time fields to mention milliseconds |
| - BUG/MINOR: cli: Fix memory leak |
| - BUG/MINOR: mworker: fix FD leak and memory leak in error path |
| - MINOR: poller: move the call of tv_update_date() back to the pollers |
| - MINOR: polling: add an option to support busy polling |
| - MINOR: server: Add "alpn" and "npn" keywords. |
| - MEDIUM: connection: Don't bother reactivating polling after connection retry. |
| - MAJOR: connections: Defer mux creation for outgoing connection if alpn is set. |
| - MEDIUM: ssl: Add ssl_bc_alpn and ssl_bc_npn sample fetches. |
| - MINOR: servers: Free [idle|safe|priv]_conns on exit. |
| - REGTEST: add the option to test only a specific set of files |
| - REGTEST: add a test for connections to a "dispatch" address |
| - BUG/MEDIUM: connections: Don't reset the conn flags in *connect_server(). |
| - MINOR: server: Only defined conn_complete_server if USE_OPENSSL is set. |
| - BUG/MEDIUM: servers: Don't check if we have a conn_stream too soon. |
| - BUG/MEDIUM: sessions: Set sess->origin to NULL if the origin was destroyed. |
| - MEDIUM: servers: Store the connection in the SI until we have a mux. |
| - BUG/MEDIUM: h2: wake the processing task up after demuxing |
| - BUG/MEDIUM: h2: restart demuxing after releasing buffer space |
| |
| 2018/11/18 : 1.9-dev7 |
| - BUILD: cache: fix a build warning regarding too large an integer for the age |
| - CLEANUP: fix typos in the comments of the Makefile |
| - CLEANUP: fix a typo in a comment for the contrib/halog subsystem |
| - CLEANUP: fix typos in comments for the contrib/modsecurity subsystem |
| - CLEANUP: fix typos in comments for contrib/spoa_example |
| - CLEANUP: fix typos in comments for contrib/wireshark-dissectors |
| - DOC: Fix typos in README and CONTRIBUTING |
| - MINOR: log: slightly improve error message syntax on log failure |
| - DOC: logs: the format directive was missing from the second log part |
| - MINOR: log: report the number of dropped logs in the stats |
| - MEDIUM: log: add support for logging to existing file descriptors |
| - MEDIUM: log: support a new "short" format |
| - MEDIUM: log: add a new "raw" format |
| - BUG/MEDIUM: stream-int: change the way buffer room is requested by a stream-int |
| - BUG/MEDIUM: stream-int: convert some co_data() checks to channel_is_empty() |
| - MINOR: namespaces: don't build namespace.c if disabled |
| - BUILD/MEDIUM: threads/affinity: DragonFly build fix |
| - MINOR: http: Add new "early-hint" http-request action. |
| - MINOR: http: Make new "early-hint" http-request action really be parsed. |
| - MINOR: http: Implement "early-hint" http request rules. |
| - MINOR: doc: Add information about "early-hint" http-request action. |
| - DOC: early-hints: fix truncated line. |
| - MINOR: mworker: only close std{in,out,err} in daemon mode |
| - BUG/MEDIUM: log: don't CLOEXEC the inherited FDs |
| - BUG/MEDIUM: Make sure stksess is properly aligned. |
| - BUG/MEDIUM: stream-int: make failed splice_in always subscribe to recv |
| - BUG/MEDIUM: stream-int: clear CO_FL_WAIT_ROOM after splicing data in |
| - BUG/MINOR: stream-int: make sure not to go through the rcv_buf path after splice() |
| - CONTRIB: debug: fix build related to conn_stream flags change |
| - REGTEST: fix scripts 1 and 3 to accept development version |
| - BUG/MINOR: http_fetch: Remove the version part when capturing the request uri |
| - MINOR: http: Regroup return statements of http_req_get_intercept_rule at the end |
| - MINOR: http: Regroup return statements of http_res_get_intercept_rule at the end |
| - BUG/MINOR: http: Be sure to sent fully formed HTTP 103 responses |
| - MEDIUM: jobs: support unstoppable jobs for soft stop |
| - MEDIUM: listeners: support unstoppable listener |
| - MEDIUM: cli: worker socketpair is unstoppable |
| - BUG/MINOR: stream-int: set SI_FL_WANT_PUT in sess_establish() |
| - MINOR: stream: move the conn_stream specific calls to the stream-int |
| - BUG/MINOR: config: Copy default error messages when parsing of a backend starts |
| - CLEANUP: h2: minimum documentation for recent API changes |
| - MINOR: mux: implement a get_first_cs() method |
| - MINOR: stream-int: make conn_si_send_proxy() use cs_get_first() |
| - MINOR: stream-int: relax the forwarding rules in stream_int_notify() |
| - MINOR: stream-int: expand the flags to 32-bit |
| - MINOR: stream-int: rename SI_FL_WAIT_ROOM to SI_FL_RXBLK_ROOM |
| - MINOR: stream-int: introduce new SI_FL_RXBLK flags |
| - MINOR: stream-int: add new functions si_{rx,tx}_{blocked,endp_ready}() |
| - MINOR: stream-int: replace SI_FL_WANT_PUT with !SI_FL_RX_WAIT_EP |
| - MINOR: stream-int: use si_rx_blocked()/si_tx_blocked() to check readiness |
| - MEDIUM: stream-int: use si_rx_buff_{rdy,blk} to report buffer readiness |
| - MINOR: stream-int: replace si_{want,stop}_put() with si_rx_endp_{more,done}() |
| - MEDIUM: stream-int: update the endp polling status only at the end of si_cs_recv() |
| - MINOR: stream-int: make si_sync_recv() simply check ENDP before si_cs_recv() |
| - MINOR: stream-int: automatically mark applets as ready if they block on the channel |
| - MEDIUM: stream-int: fix the si_cant_put() calls used for end point readiness |
| - MEDIUM: stream-int: fix the si_cant_put() calls used for buffer readiness |
| - MEDIUM: stream-int: use si_rx_shut_blk() to indicate the SI is closed |
| - MEDIUM: stream-int: unconditionally call si_chk_rcv() in update and notify |
| - MEDIUM: stream-int: make use of si_rx_chan_{rdy,blk} to control the stream-int from the channel |
| - MINOR: stream-int: replace si_cant_put() with si_rx_room_{blk,rdy}() |
| - MEDIUM: connections: Wait until the connection is established to try to recv. |
| - MEDIUM: mux: Teach the mux_pt how to deal with idle connections. |
| - MINOR: mux: Add a new "avail_streams" method. |
| - MINOR: mux: Add a destroy() method. |
| - MINOR: sessions: Start to store the outgoing connection in sessions. |
| - MAJOR: connections: Detach connections from streams. |
| - MINOR: conn_stream: Add a flag to notify the mux it should flush its buffers |
| - MINOR: htx: Add proto_htx.c file |
| - MINOR: conn_stream: Add a flag to notify the mux it must respect the reserve |
| - MINOR: http: Add standalone functions to parse a start-line or a header |
| - MINOR: http: Call http_send_name_header with the stream instead of the txn |
| - MINOR: conn_stream: Add a flag to notify the SI some data were received |
| - MINOR: http: Add macros to check if a stream uses the HTX representation |
| - MEDIUM: proto_htx: Add HTX analyzers and use it when the mux H1 is used |
| - MEDIUM: mux-h1: Add dummy mux to handle HTTP/1.1 connections |
| - MEDIUM: mux-h1: Add parsing of incoming and ougoing HTTP messages |
| - MAJOR: mux-h1/proto_htx: Handle keep-alive connections in the mux |
| - MEDIUM: mux-h1: Add support of the kernel TCP splicing to forward data |
| - MEDIUM: htx: Add API to deal with the internal representation of HTTP messages |
| - MINOR: http_htx: Add functions to manipulate HTX messages in http_htx.c |
| - MINOR: proto_htx: Add some functions to handle HTX messages |
| - MAJOR: mux-h1/proto_htx: Switch mux-h1 and HTX analyzers on the HTX representation |
| - MINOR: http_htx: Add functions to replace part of the start-line |
| - MINOR: http_htx: Add functions to retrieve a specific occurrence of a header |
| - MINOR: proto_htx: Rewrite htx_apply_redirect_rule to handle HTX messages |
| - MINOR: proto_htx: Add the internal function htx_del_hdr_value |
| - MINOR: proto_htx: Add the internal function htx_fmt_res_line |
| - MINOR: proto_htx: Add functions htx_transform_header and htx_transform_header_str |
| - MINOR: proto_htx: Add functions htx_req_replace_stline and htx_res_set_status |
| - MINOR: proto_htx: Add function to build and send HTTP 103 responses |
| - MINOR: proto_htx: Add functions htx_req_get_intercept_rule and htx_res_get_intercept_rule |
| - MINOR: proto_htx: Add functions to apply req* and rsp* rules on HTX messages |
| - MINOR: proto_htx: Add functions to manage cookies on HTX messages |
| - MINOR: proto_htx: Add functions to check the cacheability of HTX messages |
| - MINOR: proto_htx: Add functions htx_send_name_header |
| - MINOR: proto_htx: Add functions htx_perform_server_redirect |
| - MINOR: proto_htx: Add functions to handle the stats applet |
| - MEDIUM: proto_htx: Adapt htx_process_req_common to handle HTX messages |
| - MEDIUM: proto_htx: Adapt htx_process_request to handle HTX messages |
| - MINOR: proto_htx: Adapt htx_process_tarpit to handle HTX messages |
| - MEDIUM: proto_htx: Adapt htx_wait_for_request_body to handle HTX messages |
| - MEDIUM: proto_htx: Adapt htx_process_res_common to handle HTX messages |
| - MINOR: http_fetch: Add smp_prefetch_htx |
| - MEDIUM: http_fetch: Adapt all fetches to handle HTX messages |
| - MEDIUM: mux-h1: Wait for connection establishment before consuming channel's data |
| - MINOR: stats/htx: Adapt the stats applet to handle HTX messages |
| - MINOR: stream: Don't reset sov value with HTX messages |
| - MEDIUM: mux-h1: Handle errors and timeouts in the stream |
| - MINOR: filters/htx: Forbid filters when the HTX is enabled on a proxy |
| - MINOR: lua/htx: Forbid lua usage when the HTX is enabled on a proxy |
| - CLEANUP: Fix some typos in the haproxy subsystem |
| - CLEANUP: Fix typos in the dns subsystem |
| - CLEANUP: Fix typos in the pattern subsystem |
| - CLEANUP: fix 2 typos in the xxhash subsystem |
| - CLEANUP: fix a few typos in the comments of the server subsystem |
| - CLEANUP: fix a misspell in tests/filltab25.c |
| - CLEANUP: fix a typo found in the stream subsystem |
| - CLEANUP: fix typos in comments in ebtree |
| - CLEANUP: fix typos in reg-tests |
| - CLEANUP: fix typos in the comments of the vars subsystem |
| - CLEANUP: fix typos in the hlua_fcn subsystem |
| - CLEANUP: fix typos in the proto_http subsystem |
| - CLEANUP: fix typos in the proxy subsystem |
| - CLEANUP: fix typos in the ssl_sock subsystem |
| - DOC: Fix typos in different subsections of the documentation |
| - DOC: fix a few typos in the documentation |
| - MINOR: Fix an error message thrown when we run out of memory |
| - MINOR: Fix typos in error messages in the proxy subsystem |
| - MINOR: fix typos in the examples files |
| - CLEANUP: Fix a typo in the stats subsystem |
| - CLEANUP: Fix typos in the acl subsystem |
| - CLEANUP: Fix typos in the cache subsystem |
| - CLEANUP: Fix typos in the cfgparse subsystem |
| - CLEANUP: Fix typos in the filters subsystem |
| - CLEANUP: Fix typos in the http subsystem |
| - CLEANUP: Fix typos in the log subsystem |
| - CLEANUP: Fix typos in the peers subsystem |
| - CLEANUP: Fix typos in the regex subsystem |
| - CLEANUP: Fix typos in the sample subsystem |
| - CLEANUP: Fix typos in the spoe subsystem |
| - CLEANUP: Fix typos in the standard subsystem |
| - CLEANUP: Fix typos in the stick_table subsystem |
| - CLEANUP: Fix typos in the task subsystem |
| - MINOR: Fix typo in error message in the standard subsystem |
| - CLEANUP: fix typos in the comments of hlua |
| - MINOR: Fix typo in the error 500 output of hlua |
| - MINOR: Fix a typo in a warning message in the spoe subsystem |
| |
| 2018/11/11 : 1.9-dev6 |
| - BUG/MEDIUM: tools: fix direction of my_ffsl() |
| - BUG/MINOR: cli: forward the whole command on master CLI |
| - BUG/MEDIUM: auth/threads: use of crypt() is not thread-safe |
| - MINOR: compat: automatically detect support for crypt_r() |
| - MEDIUM: auth/threads: make use of crypt_r() on systems supporting it |
| - DOC: split the http-request actions in their own section |
| - DOC: split the http-response actions in their own section |
| - BUG/MAJOR: stream-int: don't call si_cs_recv() in stream_int_chk_rcv_conn() |
| - BUG/MINOR: tasks: make sure wakeup events are properly reported to subscribers |
| - MINOR: stats: report the number of active jobs and listeners in "show info" |
| - MINOR: stats: report the number of active peers in "show info" |
| - MINOR: stats: report the number of currently connected peers |
| - MINOR: cli: show the number of reload in 'show proc' |
| - MINOR: cli: can't connect to the target CLI |
| - MEDIUM: mworker: does not create the CLI proxy when no listener |
| - MINOR: mworker: displays more information when leaving |
| - MEDIUM: mworker: exit with the incriminated exit code |
| - MINOR: mworker: displays a message when a worker is forked |
| - MEDIUM: mworker: leave when the master die |
| - CLEANUP: stream-int: retro-document si_cs_io_cb() |
| - BUG/MEDIUM: mworker: does not abort() in mworker_pipe_register() |
| - BUG/MEDIUM: stream-int: don't wake up for nothing during SI_ST_CON |
| - BUG/MEDIUM: cli: crash when trying to access a worker |
| - DOC: restore note about "independant" typo |
| - MEDIUM: stream: implement stream_buf_available() |
| - MEDIUM: appctx: check for allocation attempts in buffer allocation callbacks |
| - MINOR: stream-int: rename si_applet_{want|stop|cant}_{get|put} |
| - MINOR: stream-int: add si_done_{get,put} to indicate that we won't do it anymore |
| - MINOR: stream-int: use si_cant_put() instead of setting SI_FL_WAIT_ROOM |
| - MINOR: stream-int: make use of si_done_{get,put}() in shut{w,r} |
| - MINOR: stream-int: make it clear that si_ops cannot be null |
| - MEDIUM: stream-int: temporarily make si_chk_rcv() take care of SI_FL_WAIT_ROOM |
| - MINOR: stream-int: factor the SI_ST_EST state test into si_chk_rcv() |
| - MEDIUM: stream-int: make SI_FL_WANT_PUT reflect CF_DONT_READ |
| - MEDIUM: stream-int: always call si_chk_rcv() when we make room in the buffer |
| - MEDIUM: stream-int: make si_chk_rcv() check that SI_FL_WAIT_ROOM is cleared |
| - MINOR: stream-int: replace si_update() with si_update_both() |
| - MEDIUM: stream-int: make stream_int_update() aware of the lower layers |
| - CLEANUP: stream-int: remove the now unused si->update() function |
| - MEDIUM: stream-int: Rely only on SI_FL_WAIT_ROOM to stop data receipt |
| - MEDIUM: stream-int: Try to read data even if channel's buffer seems to be full |
| - BUG/MINOR: config: better detect the presence of the h2 pattern in npn/alpn |
| |
| 2018/10/28 : 1.9-dev5 |
| - BUILD: Makefile: add the new ERR variable to force -Werror |
| - MINOR: freq_ctr: add swrate_add_scaled() to work with large samples |
| - MINOR: stream_interface: Avoid calling si_cs_send/recv if not needed. |
| - CLEANUP: http: Remove the unused function http_find_header |
| - MINOR: h1: Export some functions parsing the value of some HTTP headers |
| - BUG/MEDIUM: stream-int: don't set SI_FL_WAIT_ROOM on CF_READ_DONTWAIT |
| - MINOR: proxy: add a new option "http-use-htx" |
| - BUG/MEDIUM: pools: fix the minimum allocation size |
| - MINOR: shctx: Shared objects block by block allocation. |
| - MINOR: cache: Larger HTTP objects caching. |
| - MINOR: shctx: Add a maximum object size parameter. |
| - MINOR: cache: Add "max-object-size" option. |
| - DOC: Update about the cache support for big objects. |
| - BUG/MINOR: cache: Crashes with "total-max-size" > 2047(MB). |
| - BUG/MINOR: cache: Wrong usage of shctx_init(). |
| - BUG/MINOR: ssl: Wrong usage of shctx_init(). |
| - MINOR: cache: Avoid usage of atoi() when parsing "max-object-size". |
| - MINOR: shctx: Change max. object size type to unsigned int. |
| - DOC: cache: Missing information about "total-max-size" and "max-object-size" |
| - CLEANUP: tools: fix misleading comment above function LIM2A |
| - MEDIUM: channel: merge back flags CF_WRITE_PARTIAL and CF_WRITE_EVENT |
| - BUG/MINOR: only mark connections private if NTLM is detected |
| - BUG/MINOR: only auto-prefer last server if lb-alg is non-deterministic |
| - MINOR: stream: don't prune variables if the list is empty |
| - MINOR: stream-int: add si_alloc_ibuf() to ease input buffer allocation |
| - MEDIUM: stream-int: replace channel_alloc_buffer() with si_alloc_ibuf() everywhere |
| - MEDIUM: stream: always call si_cs_recv() after a failed buffer allocation |
| - MEDIUM: stream: don't try to send first in process_stream() |
| - MEDIUM: stream-int: make si_update() synchronize flag changes before the I/O |
| - MEDIUM: stream-int: call si_cs_process() in stream_int_update_conn |
| - MINOR: stream-int: don't needlessly call tasklet_wakeup() in stream_int_chk_snd_conn() |
| - MINOR: stream-int: make stream_int_notify() not wake the tasklet up |
| - MINOR: stream-int: don't needlessly call si_cs_send() in si_cs_process() |
| - MINOR: mworker: number of reload in the life of a worker |
| - MEDIUM: mworker: each worker socketpair is a CLI listener |
| - REORG: mworker: move struct mworker_proc to global.h |
| - MINOR: server: export new_server() function |
| - MEDIUM: mworker: move proc_list gen before proxies startup |
| - MEDIUM: mworker: add proc_list in global.h |
| - MEDIUM: mworker: proxy for the master CLI |
| - MEDIUM: mworker: create CLI listeners from argv[] |
| - MEDIUM: cli: disable some keywords in the master |
| - MEDIUM: mworker: find the server ptr using a CLI prefix |
| - MEDIUM: cli: 'show proc' displays processus |
| - MEDIUM: cli: implement 'mode cli' proxy analyzers |
| - MINOR: cli: displays sockpair@ in "show cli sockets" |
| - MEDIUM: cli: enable "show cli sockets" for the master |
| - MINOR: cli: put @master @<relative pid> @!<pid> in the help |
| - MEDIUM: listeners: set O_CLOEXEC on the accepted FDs |
| - MEDIUM: mworker: stop the master proxy in the workers |
| - MEDIUM: channel: reorder the channel analyzers for the cli |
| - MEDIUM: cli: write a prompt for the CLI proxy of the master |
| - MINOR: cli: helper to write an response message and close |
| - MINOR: cache: Add "Age" header. |
| - REGTEST: make the IP+port logging test more reliable |
| - BUG/MINOR: memory: make the thread-local cache allocator set the debugging link |
| - BUG/MAJOR: http: http_txn_get_path() may deference an inexisting buffer |
| - BUG/MINOR: backend: assign the wait list after the error check |
| |
| 2018/10/21 : 1.9-dev4 |
| - BUILD: Allow configuration of pcre-config path |
| - DOC: clarify force-private-cache is an option |
| - BUG/MINOR: connection: avoid null pointer dereference in send-proxy-v2 |
| - REORG: http: move the code to different files |
| - REORG: http: move HTTP rules parsing to http_rules.c |
| - CLEANUP: http: remove some leftovers from recent cleanups |
| - BUILD: Makefile: add a "make opts" target to simply show the build options |
| - BUILD: Makefile: speed up compiler options detection |
| - BUG/MINOR: backend: check that the mux installed properly |
| - BUG/MEDIUM: h2: check that the connection is still valid at the end of init() |
| - BUG/MEDIUM: h2: make h2_stream_new() return an error on memory allocation failure |
| - REGTEST/MINOR: compatibility: use unix@ instead of abns@ sockets |
| - MINOR: ssl: cleanup old openssl API call |
| - MINOR: ssl: generate-certificates for BoringSSL |
| - BUG/MEDIUM: buffers: Make sure we don't wrap in ci_insert_line2/b_rep_blk. |
| - MEDIUM: ssl: add support for ciphersuites option for TLSv1.3 |
| - CLEANUP: haproxy: Remove unused variable |
| - CLEANUP: h1: Fix debug warnings for h1 headers |
| - CLEANUP: stick-tables: Remove unneeded double (()) around conditional clause |
| - MEDIUM: task: perform a single tree lookup per run queue batch |
| - BUG/MEDIUM: Cur/CumSslConns counters not threadsafe. |
| - BUG/MINOR: threads: move declaration of capabilities to config.h |
| - OPTIM: tools: optimize my_ffsl() for x86_64 |
| - BUG/MINOR: h2: null-deref |
| - BUG/MINOR: checks: queues null-deref |
| - MINOR: connections: Introduce an unsubscribe method. |
| - MEDIUM: connections: Change struct wait_list to wait_event. |
| - BUG/MEDIUM: h2: Make sure we're not in the send list on flow control. |
| - BUG/MEDIUM: mworker: segfault receiving SIGUSR1 followed by SIGTERM. |
| - BUG/MEDIUM: stream: Make sure to unsubscribe before si_release_endpoint. |
| - MINOR: http: Move comment about some HTTP macros in the right header file |
| - MINOR: stats: Add missing include |
| - MINOR: http: Export some functions and do cleanup to prepare HTTP refactoring |
| - MEDIUM: http: Ignore http-pretend-keepalive option on frontend |
| - MEDIUM: http: Ignore http-tunnel option on backend |
| - MINOR: http: Use same flag for httpclose and forceclose options |
| - MINOR: h1: Add EOH marker during headers parsing |
| - MINOR: conn-stream: Add CL_FL_NOT_FIRST flag |
| - MINOR: h1: Change the union h1_sl to use indirect strings to store infos |
| - MINOR: h1: Add the flag H1_MF_NO_PHDR to not add pseudo-headers during parsing |
| - MINOR: log: make sess_log() support sess=NULL |
| - MINOR: chunk: add chunk_cpy() and chunk_cat() |
| - MEDIUM: h2: stop relying on H2_SS_IDLE / H2_SS_CLOSED |
| - CLEANUP: h2: rename h2c_snd_settings() to h2c_send_settings() |
| - MINOR: h2: don't try to send data before preface |
| - MINOR: h2: unify the mux init function |
| - MINOR: h2: retrieve the front proxy from the caller instead of the session |
| - MINOR: h2: split h2c_stream_new() into h2s_new() + h2c_frt_stream_new() |
| - MINOR: h2: add a new flag to quickly distinguish front vs back connection |
| - BUG/MEDIUM: mworker: don't poll on LI_O_INHERITED listeners |
| - BUG/MEDIUM: stream: don't crash on out-of-memory |
| - BUILD: compiler: add a new statement "__unreachable()" |
| - BUILD: lua: silence some compiler warnings about potential null derefs |
| - BUILD: ssl: fix null-deref warning in ssl_fc_cipherlist_str sample fetch |
| - BUILD: ssl: fix another null-deref warning in ssl_sock_switchctx_cbk() |
| - BUILD: stick-table: make sure not to fail on task_new() during initialization |
| - BUILD: peers: check allocation error during peers_init_sync() |
| - MINOR: tools: add a new function atleast2() to test masks for more than 1 bit |
| - MINOR: config: use atleast2() instead of my_popcountl() where relevant |
| - MEDIUM: fd/threads: only grab the fd's lock if the FD has more than one thread |
| - MAJOR: tasks: create per-thread wait queues |
| - OPTIM: tasks: group all tree roots per cache line |
| - DOC: Fix a few typos |
| - MINOR: pools: allocate most memory pools from an array |
| - MINOR: pools: split pool_free() in the lockfree variant |
| - MEDIUM: pools: implement a thread-local cache for pool entries |
| - BUG/MEDIUM: threads: fix thread_release() at the end of the rendez-vous point |
| - Revert "BUILD: lua: silence some compiler warnings about potential null derefs" |
| - BUILD: lua: silence some compiler warnings about potential null derefs (#2) |
| - MINOR: lua: all functions calling lua_yieldk() may return |
| - BUILD: lua: silence some compiler warnings after WILL_LJMP |
| - BUILD: Makefile: silence an option conflict warning with clang |
| - MINOR: server: Use memcpy() instead of strncpy(). |
| - CLEANUP: state-file: make the path concatenation code a bit more consistent |
| - MINOR: build: Disable -Wstringop-overflow. |
| - MINOR: cfgparse: Write 130 as 128 as 0x82 and 0x80. |
| - MINOR: peers: use defines instead of enums to appease clang. |
| - DOC: fix reference to map files in MAINTAINERS |
| - MINOR: fd: centralize poll timeout computation in compute_poll_timeout() |
| - MINOR: poller: move time and date computation out of the pollers |
| - BUILD: memory: fix pointer declaration for atomic CAS |
| - BUILD: Makefile: add USE_RT to pass -lrt for clock_gettime() and friends |
| - MINOR: time: add now_mono_time() and now_cpu_time() |
| - MEDIUM: time: measure the time stolen by other threads |
| - BUILD: memory: fix free_list pointer declaration again for atomic CAS |
| - BUILD: compiler: rename __unreachable() to my_unreachable() |
| - BUG/MEDIUM: pools: Fix the usage of mmap()) with DEBUG_UAF. |
| - BUILD: memory: fix free_list pointer declaration again for atomic CAS |
| - BUG/MEDIUM: h2: Close connection if no stream is left an GOAWAY was sent. |
| - BUG/MEDIUM: connections: Remove subscription if going in idle mode. |
| - BUG/MEDIUM: stream: Make sure polling is right on retry. |
| - MINOR: h2: Make sure to return 1 in h2_recv() when needed. |
| - MEDIUM: connections: Don't directly mess with the polling from the upper layers. |
| - MINOR: streams: Call tasklet_free() after si_release_endpoint(). |
| - MINOR: connection: Add a SUB_CALL_UNSUBSCRIBE event. |
| - MINOR: h2: Don't run tasks that are waiting to send if mux in full. |
| - MINOR: ebtree: save 8 bytes in struct eb32sc_node |
| |
| 2018/09/29 : 1.9-dev3 |
| - BUG/MINOR: h1: don't consider the status for each header |
| - MINOR: h1: report in the h1m struct if the HTTP version is 1.1 or above |
| - MINOR: h1: parse the Connection header field |
| - DOC: Fix typos in lua documentation |
| - MINOR: h1: Add H1_MF_XFER_LEN flag |
| - MINOR: http: add http_hdr_del() to remove a header from a list |
| - MINOR: h1: add headers to the list after controls, not before |
| - MEDIUM: h1: better handle transfer-encoding vs content-length |
| - MEDIUM: h1: deduplicate the content-length header |
| - BUG/MEDIUM: patterns: fix possible double free when reloading a pattern list |
| - BUG/MEDIUM: h1: Really skip all updates when incomplete messages are parsed |
| - CLEANUP/CONTRIB: hpack: remove some h1 build warnings |
| - BUG/MINOR: tools: fix set_net_port() / set_host_port() on IPv4 |
| - BUG/MINOR: cli: make sure the "getsock" command is only called on connections |
| - MINOR: stktable: provide an unchecked version of stktable_data_ptr() |
| - MINOR: stream-int: make si_appctx() never fail |
| - BUILD: ssl_sock: remove build warnings on potential null-derefs |
| - BUILD: stats: remove build warnings on potential null-derefs |
| - BUILD: stream: address null-deref build warnings at -Wextra |
| - BUILD: http: address a couple of null-deref warnings at -Wextra |
| - BUILD: log: silent build warnings due to unchecked __objt_{server,applet} |
| - BUILD: dns: fix null-deref build warning at -Wextra |
| - BUILD: checks: silence a null-deref build warning at -Wextra |
| - BUILD: connection: silence a couple of null-deref build warnings at -Wextra |
| - BUILD: backend: fix 3 build warnings related to null-deref at -Wextra |
| - BUILD: sockpair: silence a build warning at -Wextra |
| - BUILD: build with -Wextra and sort out certain warnings |
| - BUG/CRITICAL: hpack: fix improper sign check on the header index value |
| - BUG/MEDIUM: http: Don't parse chunked body if there is no input data |
| - DOC: Update configuration doc about the maximum number of stick counters. |
| - BUG/MEDIUM: process_stream: Don't use si_cs_io_cb() in process_stream(). |
| - MINOR: h2/stream_interface: Reintroduce te wake() method. |
| - BUG/MEDIUM: h2: Wake the task instead of calling h2_recv()/h2_process(). |
| - BUG/MEDIUM: process_stream(): Don't wake the task if no new data was received. |
| - MEDIUM: lua: Add stick table support for Lua. |
| |
| 2018/09/12 : 1.9-dev2 |
| - BUG/MINOR: buffers: Fix b_slow_realign when a buffer is realign without output |
| - BUG/MEDIUM: threads: fix the no-thread case after the change to the sync point |
| - BUG/MEDIUM: servers: check the queues once enabling a server |
| - BUG/MEDIUM: queue: prevent a backup server from draining the proxy's connections |
| - MEDIUM: mux: Remove const on the buffer in mux->snd_buf() |
| - CLEANUP: backend: Move mux install to call it at only one place |
| - MINOR: conn_stream: add an tx buffer to the conn_stream |
| - MINOR: conn_stream: add cs_send() as a default snd_buf() function |
| - MINOR: backend: Try to find the best mux for outgoing connections |
| - MEDIUM: backend: don't rely on mux_pt_ops in connect_server() |
| - MINOR: mux: Add info about the supported side in alpn_mux_list structure |
| - MINOR: mux: Unlink ALPN and multiplexers to rather speak of mux protocols |
| - MINOR: mux: Print the list of existing mux protocols during HA startup |
| - MEDIUM: checks: use the new rendez-vous point to spread check result |
| - MEDIUM: haproxy: don't use sync_poll_loop() anymore in the main loop |
| - MINOR: threads: remove the previous synchronization point |
| - MAJOR: server: make server state changes synchronous again |
| - CLEANUP: server: remove the update list and the update lock |
| - BUG/MINOR: threads: Remove the unexisting lock label "UPDATED_SERVERS_LOCK" |
| - BUG/MEDIUM: stream_int: Don't check CO_FL_SOCK_RD_SH flag to trigger cs receive |
| - MINOR: mux: Change get_mux_proto to get an ist as parameter |
| - MINOR: mux: Improve the message with the list of existing mux protocols |
| - MINOR: mux/frontend: Add 'proto' keyword to force the mux protocol |
| - MINOR: mux/server: Add 'proto' keyword to force the multiplexer's protocol |
| - MEDIUM: mux: Use the mux protocol specified on bind/server lines |
| - BUG/MEDIUM: connection/mux: take care of serverless proxies |
| - MINOR: queue: make sure the pendconn is released before logging |
| - MINOR: stream: rename {srv,prx}_queue_size to *_queue_pos |
| - MINOR: queue: store the queue index in the stream when enqueuing |
| - MINOR: queue: replace the linked list with a tree |
| - MEDIUM: add set-priority-class and set-priority-offset |
| - MEDIUM: queue: adjust position based on priority-class and priority-offset |
| - DOC: update the roadmap about priority queues |
| - BUG/MINOR: ssl: empty connections reported as errors. |
| - MINOR: connections: Make rcv_buf mandatory and nuke cs_recv(). |
| - MINOR: connections: Move rxbuf from the conn_stream to the h2s. |
| - MINOR: connections: Get rid of txbuf. |
| - MINOR: tasks: Allow tasklet_wakeup() to wakeup a task. |
| - MINOR: connections/mux: Add the wait reason(s) to wait_list. |
| - MINOR: stream_interface: Don't use si_cs_send() as a task handler. |
| - MINOR: stream_interface: Give stream_interface its own wait_list. |
| - MINOR: mux_h2: Don't use h2_send() as a callback. |
| - MINOR: checks: Add event_srv_chk_io(). |
| - BUG/MEDIUM: tasks: Don't insert in the global rqueue if nbthread == 1 |
| - BUG/MEDIUM: sessions: Don't use t->state. |
| - BUG/MEDIUM: ssl: fix missing error loading a keytype cert from a bundle. |
| - BUG/MEDIUM: ssl: loading dh param from certifile causes unpredictable error. |
| - BUG/MINOR: map: fix map_regm with backref |
| - DOC: dns: explain set server ... fqdn requires resolver |
| - DOC: add documentation for prio_class and prio_offset sample fetches. |
| - DOC: ssl: Use consistent naming for TLS protocols |
| - DOC: update the layering design notes |
| - MINOR: tasks: Don't special-case when nbthreads == 1 |
| - MINOR: fd cache: And the thread_mask with all_threads_mask. |
| - BUG/MEDIUM: lua: socket timeouts are not applied |
| - BUG/MINOR: lua: fix extra 500ms added to socket timeouts |
| - BUG/MEDIUM: server: update our local state before propagating changes |
| - BUG/MEDIUM: cli/threads: protect all "proxy" commands against concurrent updates |
| - DOC: server/threads: document which functions need to be called with/without locks |
| - BUG/MEDIUM: cli/threads: protect some server commands against concurrent operations |
| - BUG/MEDIUM: streams: Don't forget to remove the si from the wait list. |
| - BUG/MEDIUM: tasklets: Add the thread as active when waking a tasklet. |
| - BUG/MEDIUM: stream-int: Check if the conn_stream exist in si_cs_io_cb. |
| - BUG/MEDIUM: H2: Activate polling after successful h2_snd_buf(). |
| - BUG/MEDIUM: stream_interface: Call the wake callback after sending. |
| - BUG/MAJOR: queue/threads: make pendconn_redistribute not lock the server |
| - BUG/MEDIUM: connection: don't forget to always delete the list's head |
| - BUG/MEDIUM: lb/threads: always properly lock LB algorithms on maintenance operations |
| - BUG/MEDIUM: check/threads: do not involve the rendez-vous point for status updates |
| - BUG/MINOR: chunks: do not store -1 into chunk_printf() in case of error |
| - BUG/MEDIUM: http: don't store exp_replace() result in the trash's length |
| - BUG/MEDIUM: http: don't store url_decode() result in the samples's length |
| - BUG/MEDIUM: dns: don't store dns_build_query() result in the trash's length |
| - BUG/MEDIUM: map: don't store exp_replace() result in the trash's length |
| - BUG/MEDIUM: connection: don't store recv() result into trash.data |
| - BUG/MEDIUM: cli/ssl: don't store base64dec() result in the trash's length |
| - MINOR: chunk: remove impossible tests on negative chunk->data |
| - MINOR: sample: remove impossible tests on negative smp->data.u.str.data |
| - DOC: Fix spelling error in configuration doc |
| - REGTEST/MINOR: Missing mandatory "ignore_unknown_macro". |
| - REGTEST/MINOR: Add a new class of regression testing files. |
| - BUG/MEDIUM: unix: provide a ->drain() function |
| - MINOR: connection: make conn_sock_drain() work for all socket families |
| - BUG/MINOR: lua: Bad HTTP client request duration. |
| - REGEST/MINOR: Add reg testing files. |
| - BUG/MEDIUM: mux_pt: dereference the connection with care in mux_pt_wake() |
| - REGTEST/MINOR: Add a reg testing file for b406b87 commit. |
| - BUG/MEDIUM: lua: reset lua transaction between http requests |
| - MINOR: add be_conn_free sample fetch |
| - MINOR: Add srv_conn_free sample fetch |
| - BUG/MEDIUM: hlua: Make sure we drain the output buffer when done. |
| - MINOR: checks: Call wake_srv_chk() when we can finally send data. |
| - BUG/MEDIUM: stream_interface: try to call si_cs_send() earlier. |
| - BUG/MAJOR: thread: lua: Wrong SSL context initialization. |
| - REGTEST/MINOR: Add a reg testing file for 3e60b11. |
| - BUG/MEDIUM: hlua: Don't call RESET_SAFE_LJMP if SET_SAFE_LJMP returns 0. |
| - REGTEST/MINOR: lua: Add reg testing files for 70d318c. |
| - BUG/MEDIUM: dns/server: fix incomatibility between SRV resolution and server state file |
| - BUG/MEDIUM: ECC cert should work with TLS < v1.2 and openssl >= 1.1.1 |
| - MINOR: tools: make date2str_log() take some consts |
| - MINOR: thread: implement HA_ATOMIC_XADD() |
| - BUG/MINOR: stream: use atomic increments for the request counter |
| - BUG/MEDIUM: session: fix reporting of handshake processing time in the logs |
| - BUG/MEDIUM: h2: fix risk of memory leak on malformated wrapped frames |
| - BUG/MAJOR: buffer: fix incorrect check in __b_putblk() |
| - MINOR: log: move the log code to sess_build_logline() to add extra arguments |
| - MINOR: log: make the backend fall back to the frontend when there's no stream |
| - MINOR: log: make sess_build_logline() not dereference a NULL stream for txn |
| - MINOR: log: don't unconditionally pick log info from s->logs |
| - CLEANUP: log: make the low_level lf_{ip,port,text,text_len} functions take consts |
| - MINOR: log: keep a copy of the backend connection early in sess_build_logline() |
| - MINOR: log: do not dereference a null stream to access captures |
| - MINOR: log: be sure not to dereference a null stream for a target |
| - MINOR: log: don't check the stream-int's conn_retries if the stream is NULL |
| - MINOR: log: use NULL for the unique_id if there is no stream |
| - MINOR: log: keep a copy of s->flags early to avoid a dereference |
| - MINOR: log: use zero as the request counter if there is no stream |
| - MEDIUM: log: make sess_build_logline() support being called with no stream |
| - MINOR: log: provide a function to emit a log for a session |
| - MEDIUM: h2: produce some logs on early errors that prevent streams from being created |
| - BUG/MINOR: h1: fix buffer shift after realignment |
| - MINOR: connection: make the initialization more consistent |
| - MINOR: connection: add new function conn_get_proxy() |
| - MINOR: connection: add new function conn_is_back() |
| - MINOR: log: One const should be enough. |
| - BUG/MINOR: dns: check and link servers' resolvers right after config parsing |
| - BUG/MINOR: http/threads: atomically increment the error snapshot ID |
| - MINOR: snapshot: restart on the event ID and not the stream ID |
| - MINOR: snapshot: split the error snapshots into common and proto-specific parts |
| - MEDIUM: snapshot: start to reorder the HTTP snapshot output a little bit |
| - MEDIUM: snapshot: implement a show() callback and use it for HTTP |
| - MINOR: proxy: add a new generic proxy_capture_error() |
| - MINOR: http: make the HTTP error capture rely on the generic proxy code |
| - MINOR: http: remove the pointer to the error snapshot in http_capture_bad_message() |
| - REORG: cli: move the "show errors" handler from http to proxy |
| - BUG/MEDIUM: snapshot: take the proxy's lock while dumping errors |
| - MEDIUM: snapshots: dynamically allocate the snapshots |
| - MEDIUM: snapshot: merge the captured data after the descriptor |
| - MEDIUM: mworker: remove register/unregister signal functions |
| - MEDIUM: mworker: use the haproxy poll loop |
| - BUG/MINOR: mworker: no need to stop peers for each proxy |
| - MINOR: mworker: mworker_cleanlisteners() delete the listeners |
| - MEDIUM: mworker: block SIGCHLD until the master is ready |
| - MEDIUM: mworker: never block SIG{TERM,INT} during reload |
| - MEDIUM: startup: unify signal init between daemon and mworker mode |
| - MINOR: mworker: don't deinit the poller fd when in wait mode |
| - MEDIUM: mworker: master wait mode use its own initialization |
| - MEDIUM: mworker: replace the master pipe by socketpairs |
| - MINOR: mworker: keep and clean the listeners |
| - MEDIUM: threads: close the thread-waker pipe during deinit |
| - MEDIUM: mworker: call per_thread deinit in mworker_reload() |
| - REORG: http: move the HTTP semantics definitions to http.h/http.c |
| - REORG: http: move http_get_path() to http.c |
| - REORG: http: move error codes production and processing to http.c |
| - REORG: http: move the log encoding tables to log.c |
| - REORG: http: move some header value processing functions to http.c |
| - BUG/MAJOR: kqueue: Don't reset the changes number by accident. |
| - MEDIUM: protocol: use a custom AF_MAX to help protocol parser |
| - MEDIUM: protocol: sockpair protocol |
| - TESTS: add a python wrapper for sockpair@ |
| - BUG/MINOR: server: Crash when setting FQDN via CLI. |
| - BUG/MINOR: h2: report asynchronous end of stream on closed connections |
| - BUILD: fix build without thread |
| - BUG/MEDIUM: tasks: Don't forget to decrement task_list_size in tasklet_free(). |
| - MEDIUM: connections: Don't reset the polling flags in conn_fd_handler(). |
| - MEDIUM: connections/mux: Add a recv and a send+recv wait list. |
| - MEDIUM: connections: Get rid of the recv() method. |
| - MINOR: h2: Let user of h2_recv() and h2_send() know xfer has been done. |
| - MEDIUM: h2: always subscribe to receive if allowed. |
| - MEDIUM: h2: Don't use a wake() method anymore. |
| - MEDIUM: stream_interface: Make recv() subscribe when more data is needed. |
| - MINOR: connections: Add a "handle" field to wait_list. |
| - MEDIUM: mux_h2: Revamp the send path when blocking. |
| - MEDIUM: stream_interfaces: Starts receiving from the upper layers. |
| - MINOR: checks: Give checks their own wait_list. |
| - MINOR: conn_streams: Remove wait_list from conn_streams. |
| - REORG: h1: create a new h1m_state |
| - MINOR: h1: add the restart offsets into struct h1m |
| - MINOR: h1: remove the unused states from h1m_state |
| - MINOR: h1: provide a distinct init() function for request and response |
| - MINOR: h1: add a message flag to indicate that a message carries a response |
| - MINOR: h2: make sure h1m->err_pos field is correct on chunk error |
| - MINOR: h1: properly pre-initialize err_pos to -2 |
| - MINOR: mux_h2: replace the req,res h1 messages with a single h1 message |
| - MINOR: h2: pre-initialize h1m->err_pos to -1 on the output path |
| - MEDIUM: h1: consider err_pos before deciding to accept a header name or not |
| - MEDIUM: h1: make the parser support a pointer to a start line |
| - MEDIUM: h1: let the caller pass the initial parser's state |
| - MINOR: h1: make the message parser support a null <hdr> argument |
| - MEDIUM: h1: support partial message parsing |
| - MEDIUM: h1: remove the useless H1_MSG_BODY state |
| - MINOR: h2: store the HTTP status into the H2S, not the H1M |
| - MINOR: h1: remove the HTTP status from the H1M struct |
| - MEDIUM: h1: implement the request parser as well |
| - MINOR: h1: add H1_MF_TOLOWER to decide when to turn header names to lower case |
| - MINOR: connection: pass the proxy when creating a connection |
| - BUG/MEDIUM: h2: Don't forget to empty the wait lists on destroy. |
| - BUG/MEDIUM: h2: Don't forget to set recv_wait_list to NULL in h2_detach. |
| - BUG/MAJOR: h2: reset the parser's state on mux buffer full |
| |
| 2018/08/02 : 1.9-dev1 |
| - BUG/MEDIUM: kqueue: Don't bother closing the kqueue after fork. |
| - DOC: cache: update sections and fix some typos |
| - BUILD/MINOR: deviceatlas: enable thread support |
| - BUG/MEDIUM: tcp-check: Don't lock the server in tcpcheck_main |
| - BUG/MEDIUM: ssl: don't allocate shctx several time |
| - BUG/MEDIUM: cache: bad computation of the remaining size |
| - BUILD: checks: don't include server.h |
| - BUG/MEDIUM: stream: fix session leak on applet-initiated connections |
| - BUILD/MINOR: haproxy : FreeBSD/cpu affinity needs pthread_np header |
| - BUILD/MINOR: Makefile : enabling USE_CPU_AFFINITY |
| - BUG/MINOR: ssl: CO_FL_EARLY_DATA removal is managed by stream |
| - BUG/MEDIUM: threads/peers: decrement, not increment jobs on quitting |
| - BUG/MEDIUM: h2: don't report an error after parsing a 100-continue response |
| - BUG/MEDIUM: peers: fix some track counter rules dont register entries for sync. |
| - BUG/MAJOR: thread/peers: fix deadlock on peers sync. |
| - BUILD/MINOR: haproxy: compiling config cpu parsing handling when needed |
| - MINOR: config: report when "monitor fail" rules are misplaced |
| - BUG/MINOR: mworker: fix validity check for the pipe FDs |
| - BUG/MINOR: mworker: detach from tty when in daemon mode |
| - MINOR: threads: Fix pthread_setaffinity_np on FreeBSD. |
| - BUG/MAJOR: thread: Be sure to request a sync between threads only once at a time |
| - BUILD: Fix LDFLAGS vs. LIBS re linking order in various makefiles |
| - BUG/MEDIUM: checks: Be sure we have a mux if we created a cs. |
| - BUG/MINOR: hpack: fix debugging output of pseudo header names |
| - BUG/MINOR: hpack: must reject huffman literals padded with more than 7 bits |
| - BUG/MINOR: hpack: reject invalid header index |
| - BUG/MINOR: hpack: dynamic table size updates are only allowed before headers |
| - BUG/MAJOR: h2: correctly check the request length when building an H1 request |
| - BUG/MINOR: h2: immediately close if receiving GOAWAY after the last stream |
| - BUG/MINOR: h2: try to abort closed streams as soon as possible |
| - BUG/MINOR: h2: ":path" must not be empty |
| - BUG/MINOR: h2: fix a typo causing PING/ACK to be responded to |
| - BUG/MINOR: h2: the TE header if present may only contain trailers |
| - BUG/MEDIUM: h2: enforce the per-connection stream limit |
| - BUG/MINOR: h2: do not accept SETTINGS_ENABLE_PUSH other than 0 or 1 |
| - BUG/MINOR: h2: reject incorrect stream dependencies on HEADERS frame |
| - BUG/MINOR: h2: properly check PRIORITY frames |
| - BUG/MINOR: h2: reject response pseudo-headers from requests |
| - BUG/MEDIUM: h2: remove connection-specific headers from request |
| - BUG/MEDIUM: h2: do not accept upper case letters in request header names |
| - BUG/MINOR: h2: use the H2_F_DATA_* macros for DATA frames |
| - BUG/MINOR: action: Don't check http capture rules when no id is defined |
| - BUG/MAJOR: hpack: don't pretend large headers fit in empty table |
| - BUG/MINOR: ssl: support tune.ssl.cachesize 0 again |
| - BUG/MEDIUM: mworker: also close peers sockets in the master |
| - BUG/MEDIUM: ssl engines: Fix async engines fds were not considered to fix fd limit automatically. |
| - BUG/MEDIUM: checks: a down server going to maint remains definitely stucked on down state. |
| - BUG/MEDIUM: peers: set NOLINGER on the outgoing stream interface |
| - BUG/MEDIUM: h2: fix handling of end of stream again |
| - MINOR: mworker: Update messages referencing exit-on-failure |
| - MINOR: mworker: Improve wording in `void mworker_wait()` |
| - CONTRIB: halog: Add help text for -s switch in halog program |
| - BUG/MEDIUM: email-alert: don't set server check status from a email-alert task |
| - BUG/MEDIUM: threads/vars: Fix deadlock in register_name |
| - MINOR: systemd: remove comment about HAPROXY_STATS_SOCKET |
| - DOC: notifications: add precisions about thread usage |
| - BUG/MEDIUM: lua/notification: memory leak |
| - MINOR: conn_stream: add new flag CS_FL_RCV_MORE to indicate pending data |
| - BUG/MEDIUM: stream-int: always set SI_FL_WAIT_ROOM on CS_FL_RCV_MORE |
| - BUG/MEDIUM: h2: automatically set CS_FL_RCV_MORE when the output buffer is full |
| - BUG/MEDIUM: h2: enable recv polling whenever demuxing is possible |
| - BUG/MEDIUM: h2: work around a connection API limitation |
| - BUG/MEDIUM: h2: debug incoming traffic in h2_wake() |
| - MINOR: h2: store the demux padding length in the h2c struct |
| - BUG/MEDIUM: h2: support uploading partial DATA frames |
| - MINOR: h2: don't demand that a DATA frame is complete before processing it |
| - BUG/MEDIUM: h2: don't switch the state to HREM before end of DATA frame |
| - BUG/MEDIUM: h2: don't close after the first DATA frame on tunnelled responses |
| - BUG/MEDIUM: http: don't disable lingering on requests with tunnelled responses |
| - BUG/MEDIUM: h2: fix stream limit enforcement |
| - BUG/MINOR: stream-int: don't try to receive again after receiving an EOS |
| - MINOR: sample: add len converter |
| - BUG: MAJOR: lb_map: server map calculation broken |
| - BUG: MINOR: http: don't check http-request capture id when len is provided |
| - MINOR: sample: rename the "len" converter to "length" |
| - BUG/MEDIUM: mworker: Set FD_CLOEXEC flag on log fd |
| - DOC/MINOR: intro: typo, wording, formatting fixes |
| - MINOR: netscaler: respect syntax |
| - MINOR: netscaler: remove the use of cip_magic only used once |
| - MINOR: netscaler: rename cip_len to clarify its uage |
| - BUG/MEDIUM: netscaler: use the appropriate IPv6 header size |
| - BUG/MAJOR: netscaler: address truncated CIP header detection |
| - MINOR: netscaler: check in one-shot if buffer is large enough for IP and TCP header |
| - MEDIUM: netscaler: do not analyze original IP packet size |
| - MEDIUM: netscaler: add support for standard NetScaler CIP protocol |
| - MINOR: spoe: add force-set-var option in spoe-agent configuration |
| - CONTRIB: iprange: Fix compiler warning in iprange.c |
| - CONTRIB: halog: Fix compiler warnings in halog.c |
| - BUG/MINOR: h2: properly report a stream error on RST_STREAM |
| - MINOR: mux: add flags to describe a mux's capabilities |
| - MINOR: stream-int: set flag SI_FL_CLEAN_ABRT when mux supports clean aborts |
| - BUG/MEDIUM: stream: don't consider abortonclose on muxes which close cleanly |
| - BUG/MEDIUM: checks: a server passed in maint state was not forced down. |
| - BUG/MEDIUM: lua: fix crash when using bogus mode in register_service() |
| - MINOR: http: adjust the list of supposedly cacheable methods |
| - MINOR: http: update the list of cacheable status codes as per RFC7231 |
| - MINOR: http: start to compute the transaction's cacheability from the request |
| - BUG/MINOR: http: do not ignore cache-control: public |
| - BUG/MINOR: http: properly detect max-age=0 and s-maxage=0 in responses |
| - BUG/MINOR: cache: do not force the TX_CACHEABLE flag before checking cacheability |
| - MINOR: http: add a function to check request's cache-control header field |
| - BUG/MEDIUM: cache: do not try to retrieve host-less requests from the cache |
| - BUG/MEDIUM: cache: replace old object on store |
| - BUG/MEDIUM: cache: respect the request cache-control header |
| - BUG/MEDIUM: cache: don't cache the response on no-cache="set-cookie" |
| - BUG/MAJOR: connection: refine the situations where we don't send shutw() |
| - BUG/MEDIUM: checks: properly set servers to stopping state on 404 |
| - BUG/MEDIUM: h2: properly handle and report some stream errors |
| - BUG/MEDIUM: h2: improve handling of frames received on closed streams |
| - DOC/MINOR: configuration: typo, formatting fixes |
| - BUG/MEDIUM: h2: ensure we always know the stream before sending a reset |
| - BUG/MEDIUM: mworker: don't close stdio several time |
| - MINOR: don't close stdio anymore |
| - BUG/MEDIUM: http: don't automatically forward request close |
| - BUG/MAJOR: hpack: don't return direct references to the dynamic headers table |
| - MINOR: h2: add a function to report pseudo-header names |
| - DEBUG: hpack: make hpack_dht_dump() expose the output file |
| - DEBUG: hpack: add more traces to the hpack decoder |
| - CONTRIB: hpack: add an hpack decoder |
| - MEDIUM: h2: prepare a graceful shutdown when the frontend is stopped |
| - BUG/MEDIUM: h2: properly handle the END_STREAM flag on empty DATA frames |
| - BUILD: ssl: silence a warning when building without NPN nor ALPN support |
| - CLEANUP: rbtree: remove |
| - BUG/MEDIUM: ssl: cache doesn't release shctx blocks |
| - BUG/MINOR: lua: Fix default value for pattern in Socket.receive |
| - DOC: lua: Fix typos in comments of hlua_socket_receive |
| - BUG/MEDIUM: lua: Fix IPv6 with separate port support for Socket.connect |
| - BUG/MINOR: lua: Fix return value of Socket.settimeout |
| - MINOR: dns: Handle SRV record weight correctly. |
| - BUG/MEDIUM: mworker: execvp failure depending on argv[0] |
| - MINOR: hathreads: add support for gcc < 4.7 |
| - BUILD/MINOR: ancient gcc versions atomic fix |
| - BUG/MEDIUM: stream: properly handle client aborts during redispatch |
| - MINOR: spoe: add register-var-names directive in spoe-agent configuration |
| - MINOR: spoe: Don't queue a SPOE context if nothing is sent |
| - DOC: clarify the scope of ssl_fc_is_resumed |
| - CONTRIB: debug: fix a few flags definitions |
| - BUG/MINOR: poll: too large size allocation for FD events |
| - MINOR: sample: add date_us sample |
| - BUG/MEDIUM: peers: fix expire date wasn't updated if entry is modified remotely. |
| - MINOR: servers: Don't report duplicate dyncookies for disabled servers. |
| - MINOR: global/threads: move cpu_map at the end of the global struct |
| - MINOR: threads: add a MAX_THREADS define instead of LONGBITS |
| - MINOR: global: add some global activity counters to help debugging |
| - MINOR: threads/fd: Use a bitfield to know if there are FDs for a thread in the FD cache |
| - BUG/MEDIUM: threads/polling: Use fd_cache_mask instead of fd_cache_num |
| - BUG/MEDIUM: fd: maintain a per-thread update mask |
| - MINOR: fd: add a bitmask to indicate that an FD is known by the poller |
| - BUG/MEDIUM: epoll/threads: use one epoll_fd per thread |
| - BUG/MEDIUM: kqueue/threads: use one kqueue_fd per thread |
| - BUG/MEDIUM: threads/mworker: fix a race on startup |
| - BUG/MINOR: mworker: only write to pidfile if it exists |
| - MINOR: threads: Fix build when we're not compiling with threads. |
| - BUG/MINOR: threads: always set an owner to the thread_sync pipe |
| - BUG/MEDIUM: threads/server: Fix deadlock in srv_set_stopping/srv_set_admin_flag |
| - BUG/MEDIUM: checks: Don't try to release undefined conn_stream when a check is freed |
| - BUG/MINOR: kqueue/threads: Don't forget to close kqueue_fd[tid] on each thread |
| - MINOR: threads: Use __decl_hathreads instead of #ifdef/#endif |
| - BUILD: epoll/threads: Add test on MAX_THREADS to avoid warnings when complied without threads |
| - BUILD: kqueue/threads: Add test on MAX_THREADS to avoid warnings when complied without threads |
| - CLEANUP: sample: Fix comment encoding of sample.c |
| - CLEANUP: sample: Fix outdated comment about sample casts functions |
| - BUG/MINOR: sample: Fix output type of c_ipv62ip |
| - CLEANUP: Fix typo in ARGT_MSK6 comment |
| - CLEANUP: standard: Use len2mask4 in str2mask |
| - MINOR: standard: Add str2mask6 function |
| - MINOR: config: Add support for ARGT_MSK6 |
| - MEDIUM: sample: Add IPv6 support to the ipmask converter |
| - MINOR: config: Enable tracking of up to MAX_SESS_STKCTR stick counters. |
| - BUG/MINOR: cli: use global.maxsock and not maxfd to list all FDs |
| - MINOR: polling: make epoll and kqueue not depend on maxfd anymore |
| - MINOR: fd: don't report maxfd in alert messages |
| - MEDIUM: polling: start to move maxfd computation to the pollers |
| - CLEANUP: fd/threads: remove the now unused fdtab_lock |
| - MINOR: poll: more accurately compute the new maxfd in the loop |
| - CLEANUP: fd: remove the unused "new" field |
| - MINOR: fd: move the hap_fd_{clr,set,isset} functions to fd.h |
| - MEDIUM: select: make use of hap_fd_* functions |
| - MEDIUM: fd: use atomic ops for hap_fd_{clr,set} and remove poll_lock |
| - MEDIUM: select: don't use the old FD state anymore |
| - MEDIUM: poll: don't use the old FD state anymore |
| - MINOR: fd: pass the iocb and owner to fd_insert() |
| - BUG/MINOR: threads: Update labels array because of changes in lock_label enum |
| - MINOR: stick-tables: Adds support for new "gpc1" and "gpc1_rate" counters. |
| - BUG/MINOR: epoll/threads: only call epoll_ctl(DEL) on polled FDs |
| - DOC: don't suggest using http-server-close |
| - MINOR: introduce proxy-v2-options for send-proxy-v2 |
| - BUG/MEDIUM: spoe: Always try to receive or send the frame to detect shutdowns |
| - BUG/MEDIUM: spoe: Allow producer to read and to forward shutdown on request side |
| - MINOR: spoe: Remove check on min_applets number when a SPOE context is queued |
| - MINOR: spoe: Always link a SPOE context with the applet processing it |
| - MINOR: spoe: Replace sending_rate by a frequency counter |
| - MINOR: spoe: Count the number of frames waiting for an ack for each applet |
| - MEDIUM: spoe: Use an ebtree to manage idle applets |
| - MINOR: spoa_example: Count the number of frames processed by each worker |
| - MINOR: spoe: Add max-waiting-frames directive in spoe-agent configuration |
| - MINOR: init: make stdout unbuffered |
| - MINOR: early data: Don't rely on CO_FL_EARLY_DATA to wake up streams. |
| - MINOR: early data: Never remove the CO_FL_EARLY_DATA flag. |
| - MINOR: compiler: introduce offsetoff(). |
| - MINOR: threads: Introduce double-width CAS on x86_64 and arm. |
| - MINOR: threads: add test and set/reset operations |
| - MINOR: pools/threads: Implement lockless memory pools. |
| - MAJOR: fd/threads: Make the fdcache mostly lockless. |
| - MEDIUM: fd/threads: Make sure we don't miss a fd cache entry. |
| - MAJOR: fd: compute the new fd polling state out of the fd lock |
| - MINOR: epoll: get rid of the now useless fd_compute_new_polled_status() |
| - MINOR: kqueue: get rid of the now useless fd_compute_new_polled_status() |
| - MINOR: poll: get rid of the now useless fd_compute_new_polled_status() |
| - MINOR: select: get rid of the now useless fd_compute_new_polled_status() |
| - CLEANUP: fd: remove the now unused fd_compute_new_polled_status() function |
| - MEDIUM: fd: make updt_fd_polling() use atomics |
| - MEDIUM: poller: use atomic ops to update the fdtab mask |
| - MINOR: fd: move the fd_{add_to,rm_from}_fdlist functions to fd.c |
| - BUG/MINOR: fd/threads: properly dereference fdcache as volatile |
| - MINOR: fd: remove the unneeded last CAS when adding an fd to the list |
| - MINOR: fd: reorder fd_add_to_fd_list() |
| - BUG/MINOR: time/threads: ensure the adjusted time is always correct |
| - BUG/MEDIUM: standard: Fix memory leak in str2ip2() |
| - MINOR: init: emit warning when -sf/-sd cannot parse argument |
| - BUILD: fd/threads: fix breakage build breakage without threads |
| - DOC: Describe routing impact of using interface keyword on bind lines |
| - DOC: Mention -Ws in the list of available options |
| - BUG/MINOR: config: don't emit a warning when global stats is incompletely configured |
| - BUG/MINOR: fd/threads: properly lock the FD before adding it to the fd cache. |
| - BUG/MEDIUM: threads: fix the double CAS implementation for ARMv7 |
| - BUG/MEDIUM: ssl: Don't always treat SSL_ERROR_SYSCALL as unrecovarable. |
| - BUILD/MINOR: memory: stdint is needed for uintptr_t |
| - BUG/MINOR: init: Add missing brackets in the code parsing -sf/-st |
| - DOC: lua: new prototype for function "register_action()" |
| - DOC: cfgparse: Warn on option (tcp|http)log in backend |
| - BUG/MINOR: ssl/threads: Make management of the TLS ticket keys files thread-safe |
| - MINOR: sample: add a new "concat" converter |
| - BUG/MEDIUM: ssl: Shutdown the connection for reading on SSL_ERROR_SYSCALL |
| - BUG/MEDIUM: http: Switch the HTTP response in tunnel mode as earlier as possible |
| - BUG/MEDIUM: ssl/sample: ssl_bc_* fetch keywords are broken. |
| - MINOR: ssl/sample: adds ssl_bc_is_resumed fetch keyword. |
| - CLEANUP: cfgparse: Remove unused label end |
| - CLEANUP: spoe: Remove unused label retry |
| - CLEANUP: h2: Remove unused labels from mux_h2.c |
| - CLEANUP: pools: Remove unused end label in memory.h |
| - CLEANUP: standard: Fix typo in IPv6 mask example |
| - BUG/MINOR: pools/threads: don't ignore DEBUG_UAF on double-word CAS capable archs |
| - BUG/MINOR: debug/pools: properly handle out-of-memory when building with DEBUG_UAF |
| - MINOR: debug/pools: make DEBUG_UAF also detect underflows |
| - MINOR: stats: display the number of threads in the statistics. |
| - BUG/MINOR: h2: Set the target of dbuf_wait to h2c |
| - BUG/MEDIUM: h2: always consume any trailing data after end of output buffers |
| - BUG/MEDIUM: buffer: Fix the wrapping case in bo_putblk |
| - BUG/MEDIUM: buffer: Fix the wrapping case in bi_putblk |
| - BUG/MEDIUM: spoe: Remove idle applets from idle list when HAProxy is stopping |
| - Revert "BUG/MINOR: send-proxy-v2: string size must include ('\0')" |
| - MINOR: ssl: extract full pkey info in load_certificate |
| - MINOR: ssl: add ssl_sock_get_pkey_algo function |
| - MINOR: ssl: add ssl_sock_get_cert_sig function |
| - MINOR: connection: add proxy-v2-options ssl-cipher,cert-sig,cert-key |
| - MINOR: connection: add proxy-v2-options authority |
| - MINOR: systemd: Add section for SystemD sandboxing to unit file |
| - MINOR: systemd: Add SystemD's Protect*= options to the unit file |
| - MINOR: systemd: Add SystemD's SystemCallFilter option to the unit file |
| - CLEANUP: h2: rename misleading h2c_stream_close() to h2s_close() |
| - MINOR: h2: provide and use h2s_detach() and h2s_free() |
| - MEDIUM: h2: use a single buffer allocator |
| - MINOR/BUILD: fix Lua build on Mac OS X |
| - BUILD/MINOR: fix Lua build on Mac OS X (again) |
| - BUG/MINOR: session: Fix tcp-request session failure if handshake. |
| - CLEANUP: .gitignore: Ignore binaries from the contrib directory |
| - BUG/MINOR: unix: Don't mess up when removing the socket from the xfer_sock_list. |
| - DOC: buffers: clarify the purpose of the <from> pointer in offer_buffers() |
| - BUG/MEDIUM: h2: also arm the h2 timeout when sending |
| - BUG/MINOR: cli: Fix a crash when passing a negative or too large value to "show fd" |
| - CLEANUP: ssl: Remove a duplicated #include |
| - CLEANUP: cli: Remove a leftover debug message |
| - BUG/MINOR: cli: Fix a typo in the 'set rate-limit' usage |
| - BUG/MEDIUM: fix a 100% cpu usage with cpu-map and nbthread/nbproc |
| - BUG/MINOR: force-persist and ignore-persist only apply to backends |
| - BUG/MEDIUM: threads/unix: Fix a deadlock when a listener is temporarily disabled |
| - BUG/MAJOR: threads/queue: Fix thread-safety issues on the queues management |
| - BUG/MINOR: dns: don't downgrade DNS accepted payload size automatically |
| - TESTS: Add a testcase for multi-port + multi-server listener issue |
| - CLEANUP: dns: remove duplicate code in src/dns.c |
| - BUG/MINOR: seemless reload: Fix crash when an interface is specified. |
| - BUG/MINOR: cli: Ensure all command outputs end with a LF |
| - BUG/MINOR: cli: Fix a crash when sending a command with too many arguments |
| - BUILD: ssl: Fix build with OpenSSL without NPN capability |
| - BUG/MINOR: spoa-example: unexpected behavior for more than 127 args |
| - BUG/MINOR: lua: return bad error messages |
| - CLEANUP: lua/syntax: lua is a name and not an acronym |
| - BUG/MEDIUM: tcp-check: single connect rule can't detect DOWN servers |
| - BUG/MINOR: tcp-check: use the server's service port as a fallback |
| - BUG/MEDIUM: threads/queue: wake up other threads upon dequeue |
| - MINOR: log: stop emitting alerts when it's not possible to write on the socket |
| - BUILD/BUG: enable -fno-strict-overflow by default |
| - BUG/MEDIUM: fd/threads: ensure the fdcache_mask always reflects the cache contents |
| - DOC: log: more than 2 log servers are allowed |
| - MINOR: hash: add new function hash_crc32c |
| - MINOR: proxy-v2-options: add crc32c |
| - MINOR: accept-proxy: support proxy protocol v2 CRC32c checksum |
| - REORG: compact "struct server" |
| - MINOR: samples: add crc32c converter |
| - BUG/MEDIUM: h2: properly account for DATA padding in flow control |
| - BUG/MINOR: h2: ensure we can never send an RST_STREAM in response to an RST_STREAM |
| - BUG/MINOR: listener: Don't decrease actconn twice when a new session is rejected |
| - CLEANUP: map, stream: remove duplicate code in src/map.c, src/stream.c |
| - BUG/MINOR: lua: the function returns anything |
| - BUG/MINOR: lua funtion hlua_socket_settimeout don't check negative values |
| - CLEANUP: lua: typo fix in comments |
| - BUILD/MINOR: fix build when USE_THREAD is not defined |
| - MINOR: lua: allow socket api settimeout to accept integers, float, and doubles |
| - BUG/MINOR: hpack: fix harmless use of uninitialized value in hpack_dht_insert |
| - MINOR: cli/threads: make "show fd" report thread_sync_io_handler instead of "unknown" |
| - MINOR: cli: make "show fd" report the mux and mux_ctx pointers when available |
| - BUILD/MINOR: cli: fix a build warning introduced by last commit |
| - BUG/MAJOR: h2: remove orphaned streams from the send list before closing |
| - MINOR: h2: always call h2s_detach() in h2_detach() |
| - MINOR: h2: fuse h2s_detach() and h2s_free() into h2s_destroy() |
| - BUG/MEDIUM: h2/threads: never release the task outside of the task handler |
| - BUG/MEDIUM: h2: don't consider pending data on detach if connection is in error |
| - BUILD/MINOR: threads: always export thread_sync_io_handler() |
| - MINOR: mux: add a "show_fd" function to dump debugging information for "show fd" |
| - MINOR: h2: implement a basic "show_fd" function |
| - MINOR: cli: report cache indexes in "show fd" |
| - BUG/MINOR: h2: remove accidental debug code introduced with show_fd function |
| - BUG/MEDIUM: h2: always add a stream to the send or fctl list when blocked |
| - BUG/MINOR: checks: check the conn_stream's readiness and not the connection |
| - BUG/MINOR: fd: Don't clear the update_mask in fd_insert. |
| - BUG/MINOR: email-alert: Set the mailer port during alert initialization |
| - BUG/MINOR: cache: fix "show cache" output |
| - BUG/MAJOR: cache: fix random crashes caused by incorrect delete() on non-first blocks |
| - BUG/MINOR: spoe: Initialize variables used during conf parsing before any check |
| - BUG/MINOR: spoe: Don't release the context buffer in .check_timeouts callbaclk |
| - BUG/MINOR: spoe: Register the variable to set when an error occurred |
| - BUG/MINOR: spoe: Don't forget to decrement fpa when a processing is interrupted |
| - MINOR: spoe: Add metrics in to know time spent in the SPOE |
| - MINOR: spoe: Add options to store processing times in variables |
| - MINOR: log: move 'log' keyword parsing in dedicated function |
| - MINOR: log: Keep the ref when a log server is copied to avoid duplicate entries |
| - MINOR: spoe: Add loggers dedicated to the SPOE agent |
| - MINOR: spoe: Add support for option dontlog-normal in the SPOE agent section |
| - MINOR: spoe: use agent's logger to log SPOE messages |
| - MINOR: spoe: Add counters to log info about SPOE agents |
| - BUG/MAJOR: cache: always initialize newly created objects |
| - MINOR: servers: Support alphanumeric characters for the server templates names |
| - BUG/MEDIUM: threads: Fix the max/min calculation because of name clashes |
| - BUG/MEDIUM: connection: Make sure we have a mux before calling detach(). |
| - BUG/MINOR: http: Return an error in proxy mode when url2sa fails |
| - MINOR: proxy: Add fe_defbe fetcher |
| - MINOR: config: Warn if resolvers has no nameservers |
| - BUG/MINOR: cli: Guard against NULL messages when using CLI_ST_PRINT_FREE |
| - MINOR: cli: Ensure the CLI always outputs an error when it should |
| - MEDIUM: sample: Extend functionality for field/word converters |
| - MINOR: export localpeer as an environment variable |
| - BUG/MEDIUM: kqueue: When adding new events, provide an output to get errors. |
| - BUILD: sample: avoid build warning in sample.c |
| - BUG/CRITICAL: h2: fix incorrect frame length check |
| - DOC: lua: update the links to the config and Lua API |
| - BUG/MINOR: pattern: Add a missing HA_SPIN_INIT() in pat_ref_newid() |
| - BUG/MAJOR: channel: Fix crash when trying to read from a closed socket |
| - BUG/MINOR: log: t_idle (%Ti) is not set for some requests |
| - BUG/MEDIUM: lua: Fix segmentation fault if a Lua task exits |
| - MINOR: h2: detect presence of CONNECT and/or content-length |
| - BUG/MEDIUM: h2: implement missing support for chunked encoded uploads |
| - BUG/MINOR: spoe: Fix counters update when processing is interrupted |
| - BUG/MINOR: spoe: Fix parsing of dontlog-normal option |
| - MEDIUM: cli: Add payload support |
| - MINOR: map: Add payload support to "add map" |
| - MINOR: ssl: Add payload support to "set ssl ocsp-response" |
| - BUG/MINOR: lua/threads: Make lua's tasks sticky to the current thread |
| - MINOR: sample: Add strcmp sample converter |
| - MINOR: http: Add support for 421 Misdirected Request |
| - BUG/MINOR: config: disable http-reuse on TCP proxies |
| - MINOR: ssl: disable SSL sample fetches when unsupported |
| - MINOR: ssl: add fetch 'ssl_fc_session_key' and 'ssl_bc_session_key' |
| - BUG/MINOR: checks: Fix check->health computation for flapping servers |
| - BUG/MEDIUM: threads: Fix the sync point for more than 32 threads |
| - BUG/MINOR, BUG/MINOR: lua: Put tasks to sleep when waiting for data |
| - MINOR: backend: implement random-based load balancing |
| - DOC/MINOR: clean up LUA documentation re: servers & array/table. |
| - MINOR: lua: Add server name & puid to LUA Server class. |
| - MINOR: lua: add get_maxconn and set_maxconn to LUA Server class. |
| - BUG/MINOR: map: correctly track reference to the last ref_elt being dumped |
| - BUG/MEDIUM: task: Don't free a task that is about to be run. |
| - MINOR: fd: Make the lockless fd list work with multiple lists. |
| - BUG/MEDIUM: pollers: Use a global list for fd shared between threads. |
| - MINOR: pollers: move polled_mask outside of struct fdtab. |
| - BUG/MINOR: lua: schedule socket task upon lua connect() |
| - BUG/MINOR: lua: ensure large proxy IDs can be represented |
| - BUG/MEDIUM: pollers/kqueue: use incremented position in event list |
| - BUG/MINOR: cli: don't stop cli_gen_usage_msg() when kw->usage == NULL |
| - BUG/MEDIUM: http: don't always abort transfers on CF_SHUTR |
| - BUG/MEDIUM: ssl: properly protect SSL cert generation |
| - BUG/MINOR: lua: Socket.send threw runtime error: 'close' needs 1 arguments. |
| - BUG/MINOR: spoe: Mistake in error message about SPOE configuration |
| - BUG/MEDIUM: spoe: Flags are not encoded in network order |
| - CLEANUP: spoe: Remove unused variables the agent structure |
| - DOC: spoe: fix a typo |
| - BUG/MEDIUM: contrib/mod_defender: Use network order to encode/decode flags |
| - BUG/MEDIUM: contrib/modsecurity: Use network order to encode/decode flags |
| - DOC: add some description of the pending rework of the buffer structure |
| - BUG/MINOR: ssl/lua: prevent lua from affecting automatic maxconn computation |
| - MINOR: lua: Improve error message |
| - BUG/MEDIUM: cache: don't cache when an Authorization header is present |
| - MINOR: ssl: set SSL_OP_PRIORITIZE_CHACHA |
| - BUG/MEDIUM: dns: Delay the attempt to run a DNS resolution on check failure. |
| - BUG/BUILD: threads: unbreak build without threads |
| - BUG/MEDIUM: servers: Add srv_addr default placeholder to the state file |
| - BUG/MEDIUM: lua/socket: Length required read doesn't work |
| - MINOR: tasks: Change the task API so that the callback takes 3 arguments. |
| - MAJOR: tasks: Create a per-thread runqueue. |
| - MAJOR: tasks: Introduce tasklets. |
| - MINOR: tasks: Make the number of tasks to run at once configurable. |
| - MAJOR: applets: Use tasks, instead of rolling our own scheduler. |
| - BUG/MEDIUM: stick-tables: Decrement ref_cnt in table_* converters |
| - MINOR: http: Log warning if (add|set)-header fails |
| - DOC: management: add the new wrew stats column |
| - MINOR: stats: also report the failed header rewrites warnings on the stats page |
| - BUG/MEDIUM: tasks: Don't forget to increase/decrease tasks_run_queue. |
| - BUG/MEDIUM: task: Don't forget to decrement max_processed after each task. |
| - MINOR: task: Also consider the task list size when getting global tasks. |
| - MINOR: dns: Implement `parse-resolv-conf` directive |
| - BUG/MEDIUM: spoe: Return an error when the wrong ACK is received in sync mode |
| - MINOR: task/notification: Is notifications registered ? |
| - BUG/MEDIUM: lua/socket: wrong scheduling for sockets |
| - BUG/MAJOR: lua: Dead lock with sockets |
| - BUG/MEDIUM: lua/socket: Notification error |
| - BUG/MEDIUM: lua/socket: Sheduling error on write: may dead-lock |
| - BUG/MEDIUM: lua/socket: Buffer error, may segfault |
| - DOC: contrib/modsecurity: few typo fixes |
| - DOC: SPOE.txt: fix a typo |
| - MAJOR: spoe: upgrade the SPOP version to 2.0 and remove the support for 1.0 |
| - BUG/MINOR: contrib/spoa_example: Don't reset the status code during disconnect |
| - BUG/MINOR: contrib/mod_defender: Don't reset the status code during disconnect |
| - BUG/MINOR: contrib/modsecurity: Don't reset the status code during disconnect |
| - BUG/MINOR: contrib/mod_defender: update pointer on the end of the frame |
| - BUG/MINOR: contrib/modsecurity: update pointer on the end of the frame |
| - MINOR: task: Fix a compiler warning by adding a cast. |
| - MINOR: stats: also report the nice and number of calls for applets |
| - MINOR: applet: assign the same nice value to a new appctx as its owner task |
| - MINOR: task: Fix compiler warning. |
| - BUG/MEDIUM: tasks: Use the local runqueue when building without threads. |
| - MINOR: tasks: Don't define rqueue if we're building without threads. |
| - BUG/MINOR: unix: Make sure we can transfer abns sockets on seamless reload. |
| - MINOR: lua: Increase debug information |
| - BUG/MEDIUM: threads: handle signal queue only in thread 0 |
| - BUG/MINOR: don't ignore SIG{BUS,FPE,ILL,SEGV} during signal processing |
| - BUG/MINOR: signals: ha_sigmask macro for multithreading |
| - BUG/MAJOR: map: fix a segfault when using http-request set-map |
| - DOC: regression testing: Add a short starting guide. |
| - MINOR: tasks: Make sure we correctly init and deinit a tasklet. |
| - BUG/MINOR: tasklets: Just make sure we don't pass a tasklet to the handler. |
| - BUG/MINOR: lua: Segfaults with wrong usage of types. |
| - BUG/MAJOR: ssl: Random crash with cipherlist capture |
| - BUG/MAJOR: ssl: OpenSSL context is stored in non-reserved memory slot |
| - BUG/MEDIUM: ssl: do not store pkinfo with SSL_set_ex_data |
| - MINOR: tests: First regression testing file. |
| - MINOR: reg-tests: Add reg-tests/README file. |
| - MINOR: reg-tests: Add a few regression testing files. |
| - DOC: Add new REGTEST tag info about reg testing. |
| - BUG/MEDIUM: fd: Don't modify the update_mask in fd_dodelete(). |
| - MINOR: Some spelling cleanup in the comments. |
| - BUG/MEDIUM: threads: Use the sync point to check active jobs and exit |
| - MINOR: threads: Be sure to remove threads from all_threads_mask on exit |
| - REGTEST/MINOR: Wrong URI in a reg test for SSL/TLS. |
| - REGTEST/MINOR: Set HAPROXY_PROGRAM default value. |
| - REGTEST/MINOR: Add levels to reg-tests target. |
| - BUG/MAJOR: Stick-tables crash with segfault when the key is not in the stick-table |
| - BUG/BUILD: threads: unbreak build without threads |
| - BUG/MAJOR: stick_table: Complete incomplete SEGV fix |
| - MINOR: stick-tables: make stktable_release() do nothing on NULL |
| - BUG/MEDIUM: lua: possible CLOSE-WAIT state with '\n' headers |
| - MINOR: startup: change session/process group settings |
| - MINOR: systemd: consider exit status 143 as successful |
| - REGTEST/MINOR: Wrong URI syntax. |
| - CLEANUP: dns: remove obsolete macro DNS_MAX_IP_REC |
| - CLEANUP: dns: inacurate comment about prefered IP score |
| - MINOR: dns: fix wrong score computation in dns_get_ip_from_response |
| - MINOR: dns: new DNS options to allow/prevent IP address duplication |
| - REGTEST/MINOR: Unexpected curl URL globling. |
| - BUG/MINOR: ssl: properly ref-count the tls_keys entries |
| - MINOR: h2: keep a count of the number of conn_streams attached to the mux |
| - BUG/MEDIUM: h2: don't accept new streams if conn_streams are still in excess |
| - MINOR: h2: add the mux and demux buffer lengths on "show fd" |
| - BUG/MEDIUM: h2: never leave pending data in the output buffer on close |
| - BUG/MEDIUM: h2: make sure the last stream closes the connection after a timeout |
| - MINOR: tasklet: Set process to NULL. |
| - MINOR: buffer: implement a new file for low-level buffer manipulation functions |
| - MINOR: buffer: switch buffer sizes and offsets to size_t |
| - MINOR: buffer: add a few basic functions for the new API |
| - MINOR: buffer: Introduce b_sub(), b_add(), and bo_add() |
| - MINOR: buffer: Add b_set_data(). |
| - MINOR: buffer: introduce b_realign_if_empty() |
| - MINOR: compression: pass the channel to http_compression_buffer_end() |
| - MINOR: channel: add a few basic functions for the new buffer API |
| - MINOR: channel/buffer: use c_realign_if_empty() instead of buffer_realign() |
| - MINOR: channel/buffer: replace buffer_slow_realign() with channel_slow_realign() and b_slow_realign() |
| - MEDIUM: channel: make channel_slow_realign() take a swap buffer |
| - MINOR: h2: use b_slow_realign() with the trash as a swap buffer |
| - MINOR: buffer: remove buffer_slow_realign() and the swap_buffer allocation code |
| - MINOR: channel/buffer: replace b_{adv,rew} with c_{adv,rew} |
| - MINOR: buffer: replace calls to buffer_space_wraps() with b_space_wraps() |
| - MINOR: buffer: remove bi_getblk() and bi_getblk_nc() |
| - MINOR: buffer: split bi_contig_data() into ci_contig_data and b_config_data() |
| - MINOR: buffer: remove bi_ptr() |
| - MINOR: buffer: remove bo_ptr() |
| - MINOR: buffer: remove bo_end() |
| - MINOR: buffer: remove bi_end() |
| - MINOR: buffer: remove bo_contig_data() |
| - MINOR: buffer: merge b{i,o}_contig_space() |
| - MINOR: buffer: replace bo_getblk() with direction agnostic b_getblk() |
| - MINOR: buffer: replace bo_getblk_nc() with b_getblk_nc() which takes an offset |
| - MINOR: buffer: replace bi_del() and bo_del() with b_del() |
| - MINOR: buffer: convert most b_ptr() calls to c_ptr() |
| - MINOR: h1: make h1_measure_trailers() take the byte count in argument |
| - MINOR: h2: clarify the fact that the send functions are unsigned |
| - MEDIUM: h2: prevent the various mux encoders from modifying the buffer |
| - MINOR: h1: make h1_skip_chunk_crlf() not depend on b_ptr() anymore |
| - MINOR: h1: make h1_parse_chunk_size() not depend on b_ptr() anymore |
| - MINOR: h1: make h1_measure_trailers() use an offset and a count |
| - MEDIUM: h2: do not use buf->o anymore inside h2_snd_buf's loop |
| - MEDIUM: h2: don't use b_ptr() nor b_end() anymore |
| - MINOR: buffer: get rid of b_end() and b_to_end() |
| - MINOR: buffer: make b_getblk_nc() take const pointers |
| - MINOR: buffer: make b_getblk_nc() take size_t for the block sizes |
| - MEDIUM: connection: make xprt->snd_buf() take the byte count in argument |
| - MEDIUM: mux: make mux->snd_buf() take the byte count in argument |
| - MEDIUM: connection: make xprt->rcv_buf() use size_t for the count |
| - MEDIUM: mux: make mux->rcv_buf() take a size_t for the count |
| - MINOR: connection: add a flags argument to rcv_buf() |
| - MINOR: connection: add a new receive flag : CO_RFL_BUF_WET |
| - MINOR: buffer: get rid of b_ptr() and convert its last users |
| - MINOR: buffer: use b_room() to determine available space in a buffer |
| - MINOR: buffer: replace buffer_not_empty() with b_data() or c_data() |
| - MINOR: buffer: replace buffer_empty() with b_empty() or c_empty() |
| - MINOR: buffer: make bo_putchar() use b_tail() |
| - MINOR: buffer: replace buffer_full() with channel_full() |
| - MINOR: buffer: replace bi_space_for_replace() with ci_space_for_replace() |
| - MINOR: buffer: replace buffer_pending() with ci_data() |
| - MINOR: buffer: replace buffer_flush() with c_adv(chn, ci_data(chn)) |
| - MINOR: buffer: use c_head() instead of buffer_wrap_sub(c->buf, p-o) |
| - MINOR: buffer: use b_orig() to replace most references to b->data |
| - MINOR: buffer: Use b_add()/bo_add() instead of accessing b->i/b->o. |
| - MINOR: channel: remove almost all references to buf->i and buf->o |
| - MINOR: channel: Add co_set_data(). |
| - MEDIUM: channel: adapt to the new buffer API |
| - MINOR: checks: adapt to the new buffer API |
| - MEDIUM: h2: update to the new buffer API |
| - MINOR: buffer: remove unused bo_add() |
| - MEDIUM: spoe: use the new buffer API for the SPOE buffer |
| - MINOR: stats: adapt to the new buffers API |
| - MINOR: cli: use the new buffer API |
| - MINOR: cache: use the new buffer API |
| - MINOR: stream-int: use the new buffer API |
| - MINOR: stream: use wrappers instead of directly manipulating buffers |
| - MINOR: backend: use new buffer API |
| - MEDIUM: http: use wrappers instead of directly manipulating buffers states |
| - MINOR: filters: convert to the new buffer API |
| - MINOR: payload: convert to the new buffer API |
| - MEDIUM: h1: port to new buffer API. |
| - MINOR: flt_trace: adapt to the new buffer API |
| - MEDIUM: compression: start to move to the new buffer API |
| - MINOR: lua: use the wrappers instead of directly manipulating buffer states |
| - MINOR: buffer: convert part bo_putblk() and bi_putblk() to the new API |
| - MINOR: buffer: adapt buffer_slow_realign() and buffer_dump() to the new API |
| - MAJOR: start to change buffer API |
| - MINOR: buffer: remove the check for output on b_del() |
| - MINOR: buffer: b_set_data() doesn't truncate output data anymore |
| - MINOR: buffer: rename the "data" field to "area" |
| - MEDIUM: buffers: move "output" from struct buffer to struct channel |
| - MINOR: buffer: replace bi_fast_delete() with b_del() |
| - MINOR: buffer: replace b{i,o}_put* with b_put* |
| - MINOR: buffer: add a new file for ist + buffer manipulation functions |
| - MINOR: checks: use b_putist() instead of b_putstr() |
| - MINOR: buffers: remove b_putstr() |
| - CLEANUP: buffer: minor cleanups to buffer.h |
| - MINOR: buffers/channel: replace buffer_insert_line2() with ci_insert_line2() |
| - MINOR: buffer: replace buffer_replace2() with b_rep_blk() |
| - MINOR: buffer: rename the data length member to '->data' |
| - MAJOR: buffer: finalize buffer detachment |
| - MEDIUM: chunks: make the chunk struct's fields match the buffer struct |
| - MAJOR: chunks: replace struct chunk with struct buffer |
| - DOC: buffers: document the new buffers API |
| - DOC: buffers: remove obsolete docs about buffers |
| - MINOR: tasklets: Don't attempt to add a tasklet in the list twice. |
| - MINOR: connections/mux: Add a new "subscribe" method. |
| - MEDIUM: connections/mux: Revamp the send direction. |
| - MINOR: connection: simplify subscription by adding a registration function |
| - BUG/MINOR: http: Set brackets for the unlikely macro at the right place |
| - BUG/MINOR: build: Fix compilation with debug mode enabled |
| - BUILD: Generate sha256 checksums in publish-release |
| - MINOR: debug: Add check for CO_FL_WILL_UPDATE |
| - MINOR: debug: Add checks for conn_stream flags |
| - MINOR: ist: Add the function isteqi |
| - BUG/MEDIUM: threads: Fix the exit condition of the thread barrier |
| - BUG/MEDIUM: mux_h2: Call h2_send() before updating polling. |
| - MINOR: buffers: simplify b_contig_space() |
| - MINOR: buffers: split b_putblk() into __b_putblk() |
| - MINOR: buffers: add b_xfer() to transfer data between buffers |
| - DOC: add some design notes about the new layering model |
| - MINOR: conn_stream: add a new CS_FL_REOS flag |
| - MINOR: conn_stream: add an rx buffer to the conn_stream |
| - MEDIUM: conn_stream: add cs_recv() as a default rcv_buf() function |
| - MEDIUM: stream-int: automatically call si_cs_recv_cb() if the cs has data on wake() |
| - MINOR: h2: make each H2 stream support an intermediary input buffer |
| - MEDIUM: h2: make h2_frt_decode_headers() use an intermediary buffer |
| - MEDIUM: h2: make h2_frt_transfer_data() copy via an intermediary buffer |
| - MEDIUM: h2: centralize transfer of decoded frames in h2_rcv_buf() |
| - MEDIUM: h2: move headers and data frame decoding to their respective parsers |
| - MEDIUM: buffers: make b_xfer() automatically swap buffers when possible |
| - MEDIUM: h2: perform a single call to the data layer in demux() |
| - MEDIUM: h2: don't call data_cb->recv() anymore |
| - MINOR: h2: make use of CS_FL_REOS to indicate that end of stream was seen |
| - MEDIUM: h2: use the default conn_stream's receive function |
| - DOC: add more design feedback on the new layering model |
| - MINOR: h2: add the error code and the max/last stream IDs to "show fd" |
| - BUG/MEDIUM: stream-int: don't immediately enable reading when the buffer was reportedly full |
| - BUG/MEDIUM: stats: don't ask for more data as long as we're responding |
| - BUG/MINOR: servers: Don't make "server" in a frontend fatal. |
| - BUG/MEDIUM: tasks: make sure we pick all tasks in the run queue |
| - BUG/MEDIUM: tasks: Decrement rqueue_size at the right time. |
| - BUG/MEDIUM: tasks: use atomic ops for active_tasks_mask |
| - BUG/MEDIUM: tasks: Make sure there's no task left before considering inactive. |
| - MINOR: signal: don't pass the signal number anymore as the wakeup reason |
| - MINOR: tasks: extend the state bits from 8 to 16 and remove the reason |
| - MINOR: tasks: Add a flag that tells if we're in the global runqueue. |
| - BUG/MEDIUM: tasks: make __task_unlink_rq responsible for the rqueue size. |
| - MINOR: queue: centralize dequeuing code a bit better |
| - MEDIUM: queue: make pendconn_free() work on the stream instead |
| - DOC: queue: document the expected locking model for the server's queue |
| - MINOR: queue: make sure pendconn->strm->pend_pos is always valid |
| - MINOR: queue: use a distinct variable for the assigned server and the queue |
| - MINOR: queue: implement pendconn queue locking functions |
| - MEDIUM: queue: get rid of the pendconn lock |
| - MINOR: tasks: Make active_tasks_mask volatile. |
| - MINOR: tasks: Make global_tasks_mask volatile. |
| - MINOR: pollers: Add a way to wake a thread sleeping in the poller. |
| - MINOR: threads/queue: Get rid of THREAD_WANT_SYNC in the queue code. |
| - BUG/MEDIUM: threads/sync: use sched_yield when available |
| - MINOR: ssl: BoringSSL matches OpenSSL 1.1.0 |
| - BUG/MEDIUM: h2: prevent orphaned streams from blocking a connection forever |
| - BUG/MINOR: config: stick-table is not supported in defaults section |
| - BUILD/MINOR: threads: unbreak build with threads disabled |
| - BUG/MINOR: threads: Handle nbthread == MAX_THREADS. |
| - BUG/MEDIUM: threads: properly fix nbthreads == MAX_THREADS |
| - MINOR: threads: move "nbthread" parsing to hathreads.c |
| - BUG/MEDIUM: threads: unbreak "bind" referencing an incorrect thread number |
| - MEDIUM: proxy_protocol: Convert IPs to v6 when protocols are mixed |
| - BUILD/MINOR: compiler: fix offsetof() on older compilers |
| - SCRIPTS: git-show-backports: add missing quotes to "echo" |
| - MINOR: threads: add more consistency between certain variables in no-thread case |
| - MEDIUM: hathreads: implement a more flexible rendez-vous point |
| - BUG/MEDIUM: cli: make "show fd" thread-safe |
| |
| 2017/11/26 : 1.9-dev0 |
| |
| 2017/11/26 : 1.8.0 |
| - BUG/MEDIUM: stream: don't automatically forward connect nor close |
| - BUG/MAJOR: stream: ensure analysers are always called upon close |
| - BUG/MINOR: stream-int: don't try to read again when CF_READ_DONTWAIT is set |
| - MEDIUM: mworker: Add systemd `Type=notify` support |
| - BUG/MEDIUM: cache: free callback to remove from tree |
| - CLEANUP: cache: remove unused struct |
| - MEDIUM: cache: enable the HTTP analysers |
| - CLEANUP: cache: remove wrong comment |
| - MINOR: threads/atomic: rename local variables in macros to avoid conflicts |
| - MINOR: threads/plock: rename local variables in macros to avoid conflicts |
| - MINOR: threads/atomic: implement pl_mb() in asm on x86 |
| - MINOR: threads/atomic: implement pl_bts() on non-x86 |
| - MINOR: threads/build: atomic: replace the few inlines with macros |
| - BUILD: threads/plock: fix a build issue on Clang without optimization |
| - BUILD: ebtree: don't redefine types u32/s32 in scope-aware trees |
| - BUILD: compiler: add a new type modifier __maybe_unused |
| - BUILD: h2: mark some inlined functions "unused" |
| - BUILD: server: check->desc always exists |
| - BUG/MEDIUM: h2: properly report connection errors in headers and data handlers |
| - MEDIUM: h2: add a function to emit an HTTP/1 request from a headers list |
| - MEDIUM: h2: change hpack_decode_headers() to only provide a list of headers |
| - BUG/MEDIUM: h2: always reassemble the Cookie request header field |
| - BUG/MINOR: systemd: ignore daemon mode |
| - CONTRIB: spoa_example: allow to compile outside HAProxy. |
| - CONTRIB: spoa_example: remove bref, wordlist, cond_wordlist |
| - CONTRIB: spoa_example: remove last dependencies on type "sample" |
| - CONTRIB: spoa_example: remove SPOE enums that are useless for clients |
| - CLEANUP: cache: reorder includes |
| - MEDIUM: shctx: use unsigned int for len and block_count |
| - MEDIUM: cache: "show cache" on the cli |
| - BUG/MEDIUM: cache: use key=0 as a condition for freeing |
| - BUG/MEDIUM: cache: refcount forbids to free the objects |
| - BUG/MEDIUM: cache fix cli_kws structure |
| - BUG/MEDIUM: deinit: correctly deinitialize the proxy and global listener tasks |
| - BUG/MINOR: ssl: Always start the handshake if we can't send early data. |
| - MINOR: ssl: Don't disable early data handling if we could not write. |
| - MINOR: pools: prepare functions to override malloc/free in pools |
| - MINOR: pools: implement DEBUG_UAF to detect use after free |
| - BUG/MEDIUM: threads/time: fix time drift correction |
| - BUG/MEDIUM: threads/time: maintain a common time reference between all threads |
| - MINOR: sample: Add "thread" sample fetch |
| - BUG/MINOR: Use crt_base instead of ca_base when crt is parsed on a server line |
| - BUG/MINOR: stream: fix tv_request calculation for applets |
| - BUG/MAJOR: h2: always remove a stream from the send list before freeing it |
| - BUG/MAJOR: threads/task: dequeue expired tasks under the WQ lock |
| - MINOR: ssl: Handle reading early data after writing better. |
| - MINOR: mux: Make sure every string is woken up after the handshake. |
| - MEDIUM: cache: store sha1 for hashing the cache key |
| - MINOR: http: implement the "http-request reject" rule |
| - MINOR: h2: send RST_STREAM before GOAWAY on reject |
| - MEDIUM: h2: don't gracefully close the connection anymore on Connection: close |
| - MINOR: h2: make use of client-fin timeout after GOAWAY |
| - MEDIUM: config: ensure that tune.bufsize is at least 16384 when using HTTP/2 |
| - MINOR: ssl: Handle early data with BoringSSL |
| - BUG/MEDIUM: stream: always release the stream-interface on abort |
| - BUG/MEDIUM: cache: free ressources in chn_end_analyze |
| - MINOR: cache: move the refcount decrease in the applet release |
| - BUG/MINOR: listener: Allow multiple "process" options on "bind" lines |
| - MINOR: config: Support a range to specify processes in "cpu-map" parameter |
| - MINOR: config: Slightly change how parse_process_number works |
| - MINOR: config: Export parse_process_number and use it wherever it's applicable |
| - MINOR: standard: Add my_ffsl function to get the position of the bit set to one |
| - MINOR: config: Add auto-increment feature for cpu-map |
| - MINOR: config: Support partial ranges in cpu-map directive |
| - MINOR:: config: Remove thread-map directive |
| - MINOR: config: Add the threads support in cpu-map directive |
| - MINOR: config: Add threads support for "process" option on "bind" lines |
| - MEDIUM: listener: Bind listeners on a thread subset if specified |
| - CLEANUP: debug: Use DPRINTF instead of fprintf into #ifdef DEBUG_FULL/#endif |
| - CLEANUP: log: Rename Alert/Warning in ha_alert/ha_warning |
| - MINOR/CLEANUP: proxy: rename "proxy" to "proxies_list" |
| - CLEANUP: pools: rename all pool functions and pointers to remove this "2" |
| - DOC: update the roadmap file with the latest changes merged in 1.8 |
| - DOC: fix mangled version in peers protocol documentation |
| - DOC: add initial peers protovol v2.0 documentation. |
| - DOC: mention William as maintainer of the cache and master-worker |
| - DOC: add Christopher and Emeric as maintainers of the threads |
| - MINOR: cache: replace a fprint() by an abort() |
| - MEDIUM: cache: max-age configuration keyword |
| - DOC: explain HTTP2 timeout behavior |
| - DOC: cache: configuration and management |
| - MAJOR: mworker: exits the master on failure |
| - BUG/MINOR: threads: don't drop "extern" on the lock in include files |
| - MINOR: task: keep a pointer to the currently running task |
| - MINOR: task: align the rq and wq locks |
| - MINOR: fd: cache-align fdtab and fdcache locks |
| - MINOR: buffers: cache-align buffer_wq_lock |
| - CLEANUP: server: reorder some fields in struct server to save 40 bytes |
| - CLEANUP: proxy: slightly reorder the struct proxy to reduce holes |
| - CLEANUP: checks: remove 16 bytes of holes in struct check |
| - CLEANUP: cache: more efficiently pack the struct cache |
| - CLEANUP: fd: place the lock at the beginning of struct fdtab |
| - CLEANUP: pools: align pools on a cache line |
| - DOC: config: add a few bits about how to configure HTTP/2 |
| - BUG/MAJOR: threads/queue: avoid recursive locking in pendconn_get_next_strm() |
| - BUILD: Makefile: reorder object files by size |
| |
| 2017/11/19 : 1.8-rc4 |
| - BUG/MEDIUM: cache: does not cache if no Content-Length |
| - BUILD: thread/pipe: fix build without threads |
| - BUG/MINOR: spoe: check buffer size before acquiring or releasing it |
| - MINOR: debug/flags: Add missing flags |
| - MINOR: threads: Use __decl_hathreads to declare locks |
| - BUG/MINOR: buffers: Fix b_alloc_margin to be "fonctionnaly" thread-safe |
| - BUG/MAJOR: ebtree/scope: fix insertion and removal of duplicates in scope-aware trees |
| - BUG/MAJOR: ebtree/scope: fix lookup of next node in scope-aware trees |
| - MINOR: ebtree/scope: add a function to find next node from a parent |
| - MINOR: ebtree/scope: simplify the lookup functions by using eb32sc_next_with_parent() |
| - BUG/MEDIUM: mworker: Fix re-exec when haproxy is started from PATH |
| - BUG/MEDIUM: cache: use msg->sov to forward header |
| - MINOR: cache: forward data with headers |
| - MINOR: cache: disable cache if shctx_row_data_append fail |
| - BUG/MINOR: threads: tid_bit must be a unsigned long |
| - CLEANUP: tasks: Remove useless double test on rq_next |
| - BUG/MEDIUM: standard: itao_str/idx and quote_str/idx must be thread-local |
| - MINOR: tools: add a function to dump a scope-aware tree to a file |
| - MINOR: tools: improve the DOT dump of the ebtree |
| - MINOR: tools: emphasize the node being worked on in the tree dump |
| - BUG/MAJOR: ebtree/scope: properly tag upper nodes during insertion |
| - DOC: peers: Add a first version of peers protocol v2.1. |
| - CONTRIB: Wireshark dissector for HAProxy Peer Protocol. |
| - MINOR: mworker: display an accurate error when the reexec fail |
| - BUG/MEDIUM: mworker: wait again for signals when execvp fail |
| - BUG/MEDIUM: mworker: does not deinit anymore |
| - BUG/MEDIUM: mworker: does not close inherited FD |
| - MINOR: tests: add a python wrapper to test inherited fd |
| - BUG/MINOR: Allocate the log buffers before the proxies startup |
| - MINOR: tasks: Use a bitfield to track tasks activity per-thread |
| - MAJOR: polling: Use active_tasks_mask instead of tasks_run_queue |
| - MINOR: applets: Use a bitfield to track applets activity per-thread |
| - MAJOR: polling: Use active_appels_mask instead of applets_active_queue |
| - MEDIUM: applets: Don't process more than 200 active applets at once |
| - MINOR: stream: Add thread-mask of tasks/FDs/applets in "show sess all" command |
| - MINOR: SSL: Store the ASN1 representation of client sessions. |
| - MINOR: ssl: Make sure we don't shutw the connection before the handshake. |
| - BUG/MEDIUM: deviceatlas: ignore not valuable HTTP request data |
| |
| 2017/11/11 : 1.8-rc3 |
| - BUILD: use MAXPATHLEN instead of NAME_MAX. |
| - BUG/MAJOR: threads/checks: add 4 missing spin_unlock() in various functions |
| - BUG/MAJOR: threads/server: missing unlock in CLI fqdn parser |
| - BUG/MINOR: cli: do not perform an invalid action on "set server check-port" |
| - BUG/MAJOR: threads/checks: wrong use of SPIN_LOCK instead of SPIN_UNLOCK |
| - CLEANUP: checks: remove return statements in locked functions |
| - BUG/MINOR: cli: add severity in "set server addr" parser |
| - CLEANUP: server: get rid of return statements in the CLI parser |
| - BUG/MAJOR: cli/streams: missing unlock on exit "show sess" |
| - BUG/MAJOR: threads/dns: add missing unlock on allocation failure path |
| - BUG/MAJOR: threads/lb: fix missing unlock on consistent hash LB |
| - BUG/MAJOR: threads/lb: fix missing unlock on map-based hash LB |
| - BUG/MEDIUM: threads/stick-tables: close a race condition on stktable_trash_expired() |
| - BUG/MAJOR: h2: set the connection's task to NULL when no client timeout is set |
| - BUG/MAJOR: thread/listeners: enable_listener must not call unbind_listener() |
| - BUG/MEDIUM: threads: don't try to free build option message on exit |
| - MINOR: applets: no need to check for runqueue's emptiness in appctx_res_wakeup() |
| - MINOR: add master-worker in the warning about nbproc |
| - MINOR: mworker: allow pidfile in mworker + foreground |
| - MINOR: mworker: write parent pid in the pidfile |
| - MINOR: mworker: do not store child pid anymore in the pidfile |
| - MINOR: ebtree: implement the scope-aware functions for eb32 |
| - MEDIUM: ebtree: specify the scope of every node inserted via eb32sc |
| - MINOR: ebtree: update the eb32sc parent node's scope on delete |
| - MEDIUM: ebtree: only consider the branches matching the scope in lookups |
| - MINOR: ebtree: implement eb32sc_lookup_ge_or_first() |
| - MAJOR: task: make use of the scope-aware ebtree functions |
| - MINOR: task: simplify wake_expired_tasks() to avoid unlocking in the loop |
| - MEDIUM: task: change the construction of the loop in process_runnable_tasks() |
| - MINOR: threads: use faster locks for the spin locks |
| - MINOR: tasks: only visit filled task slots after processing them |
| - MEDIUM: tasks: implement a lockless scheduler for single-thread usage |
| - BUG/MINOR: dns: Don't try to get the server lock if it's already held. |
| - BUG/MINOR: dns: Don't lock the server lock in snr_check_ip_callback(). |
| - DOC: Add note about encrypted password CPU usage |
| - BUG/MINOR: h2: set the "HEADERS_SENT" flag on stream, not connection |
| - BUG/MEDIUM: h2: properly send an RST_STREAM on mux stream error |
| - BUG/MEDIUM: h2: properly send the GOAWAY frame in the mux |
| - BUG/MEDIUM: h2: don't try (and fail) to send non-existing data in the mux |
| - MEDIUM: h2: remove the H2_SS_RESET intermediate state |
| - BUG/MEDIUM: h2: fix some wrong error codes on connections |
| - BUILD: threads: Rename SPIN/RWLOCK macros using HA_ prefix |
| - BUILD: enable USE_THREAD for Solaris build. |
| - BUG/MEDIUM: h2: don't close the connection is there are data left |
| - MINOR: h2: don't re-enable the connection's task when we're closing |
| - BUG/MEDIUM: h2: properly set H2_SF_ES_SENT when sending the final frame |
| - BUG/MINOR: h2: correctly check for H2_SF_ES_SENT before closing |
| - MINOR: h2: add new stream flag H2_SF_OUTGOING_DATA |
| - BUG/MINOR: h2: don't send GOAWAY on failed response |
| - BUG/MEDIUM: splice/threads: pipe reuse list was not protected. |
| - BUG/MINOR: comp: fix compilation warning compiling without compression. |
| - BUG/MINOR: stream-int: don't set MSG_MORE on closed request path |
| - BUG/MAJOR: threads/tasks: fix the scheduler again |
| - BUG/MINOR; ssl: Don't assume we have a ssl_bind_conf because a SNI is matched. |
| - MINOR: ssl: Handle session resumption with TLS 1.3 |
| - MINOR: ssl: Spell 0x10101000L correctly. |
| - MINOR: ssl: Handle sending early data to server. |
| - BUILD: ssl: fix build of backend without ssl |
| - BUILD: shctx: do not depend on openssl anymore |
| - BUG/MINOR: h1: the HTTP/1 make status code parser check for digits |
| - BUG/MEDIUM: h2: reject non-3-digit status codes |
| - BUG/MEDIUM: stream-int: Don't loss write's notifs when a stream is woken up |
| - BUG/MINOR: pattern: Rely on the sample type to copy it in pattern_exec_match |
| - BUG/MEDIUM: h2: split the function to send RST_STREAM |
| - BUG/MEDIUM: h1: ensure the chunk size parser can deal with full buffers |
| - MINOR: tools: don't use unlikely() in hex2i() |
| - BUG/MEDIUM: h2: support orphaned streams |
| - BUG/MEDIUM: threads/cli: fix "show sess" locking on release |
| - CLEANUP: mux: remove the unused "release()" function |
| - MINOR: cli: make "show fd" report the fd's thread mask |
| - BUG/MEDIUM: stream: don't ignore res.analyse_exp anymore |
| - CLEANUP: global: introduce variable pid_bit to avoid shifts with relative_pid |
| - MEDIUM: http: always reject the "PRI" method |
| |
| 2017/11/03 : 1.8-rc2 |
| - BUG/MINOR: send-proxy-v2: fix dest_len in make_tlv call |
| - BUG/MINOR: send-proxy-v2: string size must include ('\0') |
| - MINOR: mux: Only define pipe functions on linux. |
| - MINOR: cache: Remove useless test for nonzero. |
| - MINOR: cache: Don't confuse act_return and act_parse_ret. |
| - BUG/MEDIUM: h2: don't try to parse incomplete H1 responses |
| - BUG/MEDIUM: checks/mux: always enable send-polling after connecting |
| - BUG/MAJOR: fix deadlock on healthchecks. |
| - BUG/MINOR: thread: fix a typo in the debug code |
| - BUILD: shctx: allow to be built without openssl |
| - BUG/MEDIUM: cache: don't try to resolve wrong filters |
| - BUG/MAJOR: buffers: fix get_buffer_nc() for data at end of buffer |
| - BUG/MINOR: freq: fix infinite loop on freq_ctr_period. |
| - BUG/MINOR: stdarg.h inclusion |
| - BUG/MINOR: dns: fix missing lock protection on server. |
| - BUG/MINOR: lua: fix missing lock protection on server. |
| - BUILD: enable USE_THREAD for OpenBSD build. |
| - BUG/MAJOR: mux_pt: don't dereference a connstream after ->wake() |
| - MINOR: thread: report multi-thread support in haproxy -vv |
| |
| 2017/10/31 : 1.8-rc1 |
| - BUG/MEDIUM: server: Allocate tmptrash before using it. |
| - CONTRIB: trace: add the possibility to place trace calls in the code |
| - CONTRIB: trace: try to display the function's return value on exit |
| - CONTRIB: trace: report the base name only for file names |
| - BUILD: ssl: support OPENSSL_NO_ASYNC #define |
| - MINOR: ssl: build with recent BoringSSL library |
| - BUG/MINOR: ssl: OCSP_single_get0_status can return -1 |
| - BUG/MINOR: cli: restore "set ssl tls-key" command |
| - CLEANUP: cli: remove undocumented "set ssl tls-keys" command |
| - IMPORT: sha1: import SHA1 functions |
| - MINOR: sample: add the sha1 converter |
| - MINOR: sample: add the hex2i converter |
| - MINOR: stream-int: stop checking for useless connection flags in chk_snd_conn |
| - MINOR: ssl: don't abort after sending 16kB |
| - MINOR: connection: move the cleanup of flag CO_FL_WAIT_ROOM |
| - MINOR: connection: add flag CO_FL_WILL_UPDATE to indicate when updates are granted |
| - MEDIUM: connection: make use of CO_FL_WILL_UPDATE in conn_sock_shutw() |
| - MINOR: raw_sock: make use of CO_FL_WILL_UPDATE |
| - MINOR: ssl_sock: make use of CO_FL_WILL_UPDATE |
| - BUG/MINOR: checks: Don't forget to release the connection on error case. |
| - MINOR: buffer: add the buffer input manipulation functions |
| - BUG/MEDIUM: prevent buffers being overwritten during build_logline() execution |
| - MEDIUM: cfgparse: post section callback |
| - MEDIUM: cfgparse: post parsing registration |
| - MINOR: lua: add uuid to the Class Proxy |
| - MINOR: hlua: Add regex class |
| - MINOR: http: Mark the 425 code as "Too Early". |
| - MEDIUM: ssl: convert CBS (BoringSSL api) usage to neutral code |
| - MINOR: ssl: support Openssl 1.1.1 early callback for switchctx |
| - MINOR: ssl: generated certificate is missing in switchctx early callback |
| - MEDIUM: ssl: Handle early data with OpenSSL 1.1.1 |
| - BUILD: Makefile: disable -Wunused-label |
| - MINOR: ssl/proto_http: Add keywords to take care of early data. |
| - BUG/MINOR: lua: const attribute of a string is overridden |
| - MINOR: ssl: Don't abuse ssl_options. |
| - MINOR: update proxy-protocol-v2 #define |
| - MINOR: merge ssl_sock_get calls for log and ppv2 |
| - MINOR: add ALPN information to send-proxy-v2 |
| - MEDIUM: h1: ensure that 1xx, 204 and 304 don't have a payload body |
| - CLEANUP: shctx: get ride of the shsess_packet{_hdr} structures |
| - MEDIUM: lists: list_for_each_entry{_safe}_from functions |
| - REORG: shctx: move lock functions and struct |
| - MEDIUM: shctx: allow the use of multiple shctx |
| - REORG: shctx: move ssl functions to ssl_sock.c |
| - MEDIUM: shctx: separate ssl and shctx |
| - MINOR: shctx: rename lock functions |
| - MINOR: h1: store the status code in the H1 message |
| - BUG/MINOR: spoe: Don't compare engine name and SPOE scope when both are NULL |
| - BUG/MINOR: spoa: Update pointer on the end of the frame when a reply is encoded |
| - MINOR: action: Add trk_idx inline function |
| - MINOR: action: Use trk_idx instead of tcp/http_trk_idx |
| - MINOR: action: Add a function pointer in act_rule struct to check its validity |
| - MINOR: action: Add function to check rules using an action ACT_ACTION_TRK_* |
| - MINOR: action: Add a functions to check http capture rules |
| - MINOR: action: Factorize checks on rules calling check_ptr if defined |
| - MINOR: acl: Pass the ACLs as an explicit parameter of build_acl_cond |
| - MEDIUM: spoe: Add support of ACLS to enable or disable sending of SPOE messages |
| - MINOR: spoe: Check uniqness of SPOE engine names during config parsing |
| - MEDIUM: spoe: Parse new "spoe-group" section in SPOE config file |
| - MEDIUM: spoe/rules: Add "send-spoe-group" action for tcp/http rules |
| - MINOR: spoe: Move message encoding in its own function |
| - MINOR: spoe: Add a type to qualify the message list during encoding |
| - MINOR: spoe: Add a generic function to encode a list of SPOE message |
| - MEDIUM: spoe/rules: Process "send-spoe-group" action |
| - BUG/MINOR: dns: Fix CLI keyword declaration |
| - MAJOR: dns: Refactor the DNS code |
| - BUG/MINOR: mailers: Fix a memory leak when email alerts are released |
| - MEDIUM: mailers: Init alerts during conf parsing and refactor their processing |
| - MINOR: mailers: Use pools to allocate email alerts and its tcpcheck_rules |
| - MINOR: standard: Add memvprintf function |
| - MINOR: log: Save alerts and warnings emitted during HAProxy startup |
| - MINOR: cli: Add "show startup-logs" command |
| - MINOR: startup: Extend the scope the MODE_STARTING flag |
| - MINOR: threads: Prepare makefile to link with pthread |
| - MINOR: threads: Add THREAD_LOCAL macro |
| - MINOR: threads: Add atomic-ops and plock includes in import dir |
| - MEDIUM: threads: Add hathreads header file |
| - MINOR: threads: Add mechanism to register per-thread init/deinit functions |
| - MINOR: threads: Add nbthread parameter |
| - MEDIUM: threads: Adds a set of functions to handle sync-point |
| - MAJOR: threads: Start threads to experiment multithreading |
| - MINOR: threads: Define the sync-point inside run_poll_loop |
| - MEDIUM: threads/buffers: Define and register per-thread init/deinit functions |
| - MEDIUM: threads/chunks: Transform trash chunks in thread-local variables |
| - MEDIUM: threads/time: Many global variables from time.h are now thread-local |
| - MEDIUM: threads/logs: Make logs thread-safe |
| - MEDIUM: threads/pool: Make pool thread-safe by locking all access to a pool |
| - MAJOR: threads/fd: Make fd stuffs thread-safe |
| - MINOR: threads/fd: Add a mask of threads allowed to process on each fd in fdtab array |
| - MEDIUM: threads/fd: Initialize the process mask during the call to fd_insert |
| - MINOR: threads/fd: Process cached events of FDs depending on the process mask |
| - MINOR: threads/polling: pollers now handle FDs depending on the process mask |
| - WIP: SQUASH WITH SYNC POINT |
| - MAJOR: threads/task: handle multithread on task scheduler |
| - MEDIUM: threads/signal: Add a lock to make signals thread-safe |
| - MEDIUM: threads/listeners: Make listeners thread-safe |
| - MEDIUM: threads/proxy: Add a lock per proxy and atomically update proxy vars |
| - MEDIUM: threads/server: Make connection list (priv/idle/safe) thread-safe |
| - MEDIUM: threads/server: Add a lock per server and atomically update server vars |
| - MINOR: threads/server: Add a lock to deal with insert in updates_servers list |
| - MEDIUM: threads/lb: Make LB algorithms (lb_*.c) thread-safe |
| - MEDIUM: threads/stick-tables: handle multithreads on stick tables |
| - MINOR: threads/sample: Change temp_smp into a thread local variable |
| - MEDIUM: threads/http: Make http_capture_bad_message thread-safe |
| - MINOR: threads/regex: Change Regex trash buffer into a thread local variable |
| - MAJOR: threads/applet: Handle multithreading for applets |
| - MAJOR: threads/peers: Make peers thread safe |
| - MAJOR: threads/buffer: Make buffer wait queue thread safe |
| - MEDIUM: threads/stream: Make streams list thread safe |
| - MAJOR: threads/ssl: Make SSL part thread-safe |
| - MEDIUM: threads/queue: Make queues thread-safe |
| - MAJOR: threads/map: Make acls/maps thread safe |
| - MEDIUM: threads/freq_ctr: Make the frequency counters thread-safe |
| - MEDIUM: thread/vars: Make vars thread-safe |
| - MEDIUM: threads/filters: Add init/deinit callback per thread |
| - MINOR: threads/filters: Update trace filter to add _per_thread callbacks |
| - MEDIUM: threads/compression: Make HTTP compression thread-safe |
| - MEDIUM: threads/lua: Makes the jmpbuf and some other buffers local to the current thread. |
| - MEDIUM: threads/lua: Add locks around the Lua execution parts. |
| - MEDIUM: threads/lua: Ensure that the launched tasks runs on the same threads than me |
| - MEDIUM: threads/lua: Cannot acces to the socket if we try to access from another thread. |
| - MEDIUM: threads/xref: Convert xref function to a thread safe model |
| - MEDIUM: threads/tasks: Add lock around notifications |
| - MEDIUM: thread/spoe: Make the SPOE thread-safe |
| - MEDIUM: thread/dns: Make DNS thread-safe |
| - MINOR: threads: Add thread-map config parameter in the global section |
| - MINOR: threads/checks: Add a lock to protect the pid list used by external checks |
| - MINOR: threads/checks: Set the task process_mask when a check is executed |
| - MINOR: threads/mailers: Add a lock to protect queues of email alerts |
| - MEDIUM: threads/server: Use the server lock to protect health check and cli concurrency |
| - MINOR: threads: Don't start when device a detection module is used |
| - BUG/MEDIUM: threads: Run the poll loop on the main thread too |
| - BUG/MINOR: threads: Add missing THREAD_LOCAL on static here and there |
| - MAJOR: threads: Offically enable the threads support in HAProxy |
| - BUG/MAJOR: threads/freq_ctr: fix lock on freq counters. |
| - BUG/MAJOR: threads/time: Store the time deviation in an 64-bits integer |
| - BUILD: stick-tables: silence an uninitialized variable warning |
| - BUG/MINOR: dns: Fix SRV records with the new thread code. |
| - MINOR: ssl: Remove the global allow-0rtt option. |
| - CLEANUP: threads: replace the last few 1UL<<tid with tid_bit |
| - CLEANUP: threads: rename process_mask to thread_mask |
| - MINOR: h1: add a function to measure the trailers length |
| - MINOR: threads: add a portable barrier for threads and non-threads |
| - BUG/MAJOR: threads/freq_ctr: use a memory barrier to detect changes |
| - BUG/MEDIUM: threads: Initialize the sync-point |
| - MEDIUM: connection: start to introduce a mux layer between xprt and data |
| - MINOR: connection: implement alpn registration of muxes |
| - MINOR: mux: register the pass-through mux for any ALPN string |
| - MEDIUM: session: use the ALPN token and proxy mode to select the mux |
| - MINOR: connection: report the major HTTP version from the MUX for logging (fc_http_major) |
| - MINOR: connection: introduce conn_stream |
| - MINOR: mux: add more methods to mux_ops |
| - MINOR: connection: introduce the conn_stream manipulation functions |
| - MINOR: mux_pt: implement remaining mux_ops methods |
| - MAJOR: connection : Split struct connection into struct connection and struct conn_stream. |
| - MINOR: connection: make conn_stream users also check for per-stream error flag |
| - MINOR: conn_stream: new shutr/w status flags |
| - MINOR: conn_stream: modify cs_shut{r,w} API to pass the desired mode |
| - MEDIUM: connection: make conn_sock_shutw() aware of lingering |
| - MINOR: connection: add cs_close() to close a conn_stream |
| - MEDIUM: mux_pt: make cs_shutr() / cs_shutw() properly close the connection |
| - MEDIUM: connection: replace conn_full_close() with cs_close() |
| - MEDIUM: connection: make mux->detach() release the connection |
| - MEDIUM: stream: do not forcefully close the client connection anymore |
| - MEDIUM: checks: exclusively use cs_destroy() to release a connection |
| - MEDIUM: connection: add a destroy callback |
| - MINOR: session: release the listener with the session, not the stream |
| - MEDIUM: session: make use of the connection's destroy callback |
| - CONTRIB: hpack: implement a reverse huffman table generator for hpack |
| - MINOR: hpack: implement the HPACK Huffman table decoder |
| - MINOR: hpack: implement the header tables management |
| - MINOR: hpack: implement the decoder |
| - MEDIUM: hpack: implement basic hpack encoding |
| - MINOR: h2: centralize all HTTP/2 protocol elements and constants |
| - MINOR: h2: create a very minimalistic h2 mux |
| - MINOR: h2: expose tune.h2.header-table-size to configure the table size |
| - MINOR: h2: expose tune.h2.initial-window-size to configure the window size |
| - MINOR: h2: expose tune.h2.max-concurrent-streams to limit the number of streams |
| - MINOR: h2: create the h2c struct and allocate its pool |
| - MINOR: h2: create the h2s struct and the associated pool |
| - MINOR: h2: handle two extra stream states for errors |
| - MINOR: h2: add a frame header descriptor for incoming frames |
| - MEDIUM: h2: allocate and release the h2c context on connection init/end |
| - MEDIUM: h2: implement basic recv/send/wake functions |
| - MEDIUM: h2: dynamically allocate the demux buffer on Rx |
| - MEDIUM: h2: implement the mux buffer allocator |
| - MINOR: h2: add the connection and stream flags listing the causes for blocking |
| - MINOR: h2: add function h2s_id() to report a stream's ID |
| - MINOR: h2: small function to know when the mux is busy |
| - MINOR: h2: new function h2c_error to mark an error on the connection |
| - MINOR: h2: new function h2s_error() to mark an error on a stream |
| - MINOR: h2: add h2_set_frame_size() to update the size in a binary frame |
| - MINOR: h2: new function h2_peek_frame_hdr() to retrieve a new frame header |
| - MINOR: h2: add a few functions to retrieve contents from a wrapping buffer |
| - MINOR: h2: add stream lookup function based on the stream ID |
| - MINOR: h2: create dummy idle and closed streams |
| - MINOR: h2: add the function to create a new stream |
| - MINOR: h2: update the {MUX,DEM}_{M,D}ALLOC flags on buffer availability |
| - MEDIUM: h2: start to consider the H2_CF_{MUX,DEM}_* flags for polling |
| - MINOR: h2: also terminate the connection on shutr |
| - MEDIUM: h2: properly consider all conditions for end of connection |
| - MEDIUM: h2: wake the connection up for send on pending streams |
| - MEDIUM: h2: start to implement the frames processing loop |
| - MINOR: h2: add a function to send a GOAWAY error frame |
| - MINOR: h2: match the H2 connection preface on init |
| - MEDIUM: h2: enable connection polling for send when a cs wants to emit |
| - MEDIUM: h2: enable reading again on the connection if it was blocked on stream buffer full |
| - MEDIUM: h2: process streams pending for sending |
| - MINOR: h2: send a real SETTINGS frame based on the configuration |
| - MEDIUM: h2: detect the presence of the first settings frame |
| - MINOR: h2: create a stream parser for the demuxer |
| - MINOR: h2: implement PING frames |
| - MEDIUM: h2: decode SETTINGS frames and extract relevant settings |
| - MINOR: h2: lookup the stream during demuxing |
| - MEDIUM: h2: honor WINDOW_UPDATE frames |
| - MINOR: h2: implement h2_send_rst_stream() to send RST_STREAM frames |
| - MINOR: h2: handle CONTINUATION frames |
| - MEDIUM: h2: partial implementation of h2_detach() |
| - MEDIUM: h2: unblock a connection when its current stream detaches |
| - MEDIUM: h2: basic processing of HEADERS frame |
| - MEDIUM: h2: don't use trash to decode headers! |
| - MEDIUM: h2: implement the response HEADERS frame to encode the H1 response |
| - MEDIUM: h2: send the H1 response body as DATA frames |
| - MEDIUM: h2: skip the response trailers if any |
| - MEDIUM: h2: properly continue to parse header block when facing a 1xx response |
| - MEDIUM: h2: send WINDOW_UPDATE frames for connection |
| - MEDIUM: h2: handle request body in DATA frames |
| - MINOR: h2: handle RST_STREAM frames |
| - MEDIUM: h2: send DATA+ES or RST_STREAM on shutw/shutr |
| - MINOR: h2: use a common function to signal some and all streams. |
| - MEDIUM: h2: handle GOAWAY frames |
| - MINOR: h2: centralize the check for the idle streams |
| - MINOR: h2: centralize the check for the half-closed(remote) streams |
| - MEDIUM: h2: silently ignore frames higher than last_id after GOAWAY |
| - MINOR: h2: properly reject PUSH_PROMISE frames coming from the client |
| - MEDIUM: h2: perform a graceful shutdown on "Connection: close" |
| - MEDIUM: h2: send a GOAWAY frame when dealing with an empty response |
| - MEDIUM: h2: apply a timeout to h2 connections |
| - BUG/MEDIUM: h2: fix incorrect timeout handling on the connection |
| - MEDIUM: shctx: forbid shctx to read more than expected |
| - MEDIUM: cache: configuration parsing and initialization |
| - MEDIUM: cache: store objects in cache |
| - MEDIUM: cache: deliver objects from cache |
| |
| 2017/10/22 : 1.8-dev3 |
| - REORG: ssl: move defines and methodVersions table upper |
| - MEDIUM: ssl: ctx_set_version/ssl_set_version func for methodVersions table |
| - MINOR: ssl: support ssl-min-ver and ssl-max-ver with crt-list |
| - MEDIUM: ssl: disable SSLv3 per default for bind |
| - BUG/MAJOR: ssl: fix segfault on connection close using async engines. |
| - BUG/MAJOR: ssl: buffer overflow using offloaded ciphering on async engine |
| - BUG/MINOR: ssl: do not call directly the conn_fd_handler from async_fd_handler |
| - BUG/MINOR: haproxy/cli : fix for solaris/illumos distros for CMSG* macros |
| - BUG/MEDIUM: build without openssl broken |
| - BUG/MINOR: warning: need_resend may be used uninitialized |
| - BUG/MEDIUM: misplaced exit and wrong exit code |
| - BUG/MINOR: Makefile: fix compile error with USE_LUA=1 in ubuntu16.04 |
| - BUILD: scripts: make publish-release support bare repositories |
| - BUILD: scripts: add an automatic mode for publish-release |
| - BUILD: scripts: add a "quiet" mode to publish-release |
| - BUG/MAJOR: http: call manage_client_side_cookies() before erasing the buffer |
| - BUG/MINOR: buffers: Fix bi/bo_contig_space to handle full buffers |
| - CONTRIB: plug qdiscs: Plug queuing disciplines mini HOWTO. |
| - BUG/MINOR: acls: Set the right refflag when patterns are loaded from a map |
| - BUG/MINOR: ssl: Be sure that SSLv3 connection methods exist for openssl < 1.1.0 |
| - BUG/MINOR: http/filters: Be sure to wait if a filter loops in HTTP_MSG_ENDING |
| - BUG/MEDIUM: peers: Peers CLOSE_WAIT issue. |
| - BUG/MAJOR: server: Segfault after parsing server state file. |
| - BUG/MEDIUM: unix: never unlink a unix socket from the file system |
| - scripts: create-release pass -n to tail |
| - SCRIPTS: create-release: enforce GIT_COMMITTER_{NAME|EMAIL} validity |
| - BUG/MEDIUM: fix segfault when no argument to -x option |
| - MINOR: warning on multiple -x |
| - MINOR: mworker: don't copy -x argument anymore in copy_argv() |
| - BUG/MEDIUM: mworker: don't reuse PIDs passed to the master |
| - BUG/MINOR: Wrong peer task expiration handling during synchronization processing. |
| - BUG/MINOR: cfgparse: Check if tune.http.maxhdr is in the range 1..32767 |
| - BUG/MINOR: log: pin the front connection when front ip/ports are logged |
| - DOC: fix references to the section about the unix socket |
| - BUG/MINOR: stream: flag TASK_WOKEN_RES not set if task in runqueue |
| - MAJOR: task: task scheduler rework. |
| - MINOR: task/stream: tasks related to a stream must be init by the caller. |
| - MINOR: queue: Change pendconn_get_next_strm into private function |
| - MINOR: backends: Change get_server_sh/get_server_uh into private function |
| - MINOR: queue: Change pendconn_from_srv/pendconn_from_px into private functions |
| - MEDIUM: stream: make stream_new() always set the target and analysers |
| - MINOR: frontend: initialize HTTP layer after the debugging code |
| - MINOR: connection: add a .get_alpn() method to xprt_ops |
| - MINOR: ssl: add a get_alpn() method to ssl_sock |
| - MINOR: frontend: retrieve the ALPN name when available |
| - MINOR: frontend: report the connection's ALPN in the debug output |
| - MINOR: stream: don't set backend's nor response analysers on SF_TUNNEL |
| - MINOR: connection: send data before receiving |
| - MAJOR: applet: applet scheduler rework. |
| - BUG/MAJOR: frontend: don't dereference a null conn on outgoing connections |
| - BUG/MAJOR: cli: fix custom io_release was crushed by NULL. |
| - BUG/MAJOR: map: fix segfault during 'show map/acl' on cli. |
| - BUG/MAJOR: compression: Be sure to release the compression state in all cases |
| - MINOR: compression: Use a memory pool to allocate compression states |
| - BUG/MAJOR: applet: fix a freeze if data is immedately forwarded. |
| - DOC: fix references to the section about time format. |
| - BUG/MEDIUM: map/acl: fix unwanted flags inheritance. |
| - BUG/MAJOR: http: fix buffer overflow on loguri buffer. |
| - MINOR: ssl: compare server certificate names to the SNI on outgoing connections |
| - BUG/MINOR: stream: Don't forget to remove CF_WAKE_ONCE flag on response channel |
| - BUG/MINOR: http: Don't reset the transaction if there are still data to send |
| - BUG/MEDIUM: filters: Be sure to call flt_end_analyze for both channels |
| - MINOR: peers: Add additional information to stick-table definition messages. |
| - BUG/MINOR: http: properly handle all 1xx informational responses |
| - OPTIM: ssl: don't consider a small ssl_read() as an indication of end of buffer |
| - BUG/MINOR: peers: peer synchronization issue (with several peers sections). |
| - CLEANUP: hdr_idx: make some function arguments const where possible |
| - BUG/MINOR: Prevent a use-after-free on error scenario on option "-x". |
| - BUG/MINOR: lua: In error case, the safe mode is not removed |
| - BUG/MINOR: lua: executes the function destroying the Lua session in safe mode |
| - BUG/MAJOR: lua/socket: resources not detroyed when the socket is aborted |
| - BUG/MEDIUM: lua: bad memory access |
| - BUG/MINOR: Lua: variable already initialized |
| - DOC: update CONTRIBUTING regarding optional parts and message format |
| - DOC: update the list of OpenSSL versions in the README |
| - BUG/MINOR: http: Set the response error state in http_sync_res_state |
| - MINOR: http: Reorder/rewrite checks in http_resync_states |
| - MINOR: http: Switch requests/responses in TUNNEL mode only by checking txn flags |
| - BUG/MEDIUM: http: Switch HTTP responses in TUNNEL mode when body length is undefined |
| - MINOR: http: Rely on analyzers mask to end processing in forward_body functions |
| - BUG/MINOR: http: Fix bug introduced in previous patch in http_resync_states |
| - BUG/MINOR: contrib/modsecurity: BSD build fix |
| - BUG/MINOR: contrib/mod_defender: build fix |
| - BUG/MINOR: ssl: remove haproxy SSLv3 support when ssl lib have no SSLv3 |
| - MINOR: ssl: remove an unecessary SSL_OP_NO_* dependancy |
| - BUILD: ssl: fix compatibility with openssl without TLSEXT_signature_* |
| - MINOR: tools: add a portable timegm() alternative |
| - BUILD: lua: replace timegm() with my_timegm() to fix build on Solaris 10 |
| - DOC: Updated 51Degrees git URL to point to a stable version. |
| - BUG/MAJOR: http: Fix possible infinity loop in http_sync_(req|res)_state |
| - MINOR: memory: remove macros |
| - BUG/MINOR: lua: Fix Server.get_addr() port values |
| - BUG/MINOR: lua: Correctly use INET6_ADDRSTRLEN in Server.get_addr() |
| - MINOR: samples: Handle the type SMP_T_METH when we duplicate a sample in smp_dup |
| - MINOR: samples: Handle the type SMP_T_METH in smp_is_safe and smp_is_rw |
| - MINOR: samples: Don't allocate memory for SMP_T_METH sample when method is known |
| - BUG/MINOR: lua: always detach the tcp/http tasks before freeing them |
| - MINOR: task: always preinitialize the task's timeout in task_init() |
| - CLEANUP: task: remove all initializations to TICK_ETERNITY after task_new() |
| - BUG/MAJOR: lua: properly dequeue hlua_applet_wakeup() for new scheduler |
| - MINOR: lua: Add proxy as member of proxy object. |
| - DOC: lua: Proxy class doc update |
| - MINOR: lua: Add lists of frontends and backends |
| - BUG/MINOR: ssl: Fix check against SNI during server certificate verification |
| - BUG/MINOR: ssl: make use of the name in SNI before verifyhost |
| - MINOR: ssl: add a new error codes for wrong server certificates |
| - BUG/MEDIUM: stream: don't retry SSL connections which fail the SNI name check |
| - MINOR: ssl: add "no-ca-names" parameter for bind |
| - BUG/MINOR: lua: Fix bitwise logic for hlua_server_check_* functions. |
| - DOC: fix alphabetical order of "show commands" in management.txt |
| - MINOR: listener: add a function to return a listener's state as a string |
| - MINOR: cli: add a new "show fd" command |
| - BUG/MEDIUM: ssl: Fix regression about certificates generation |
| - MINOR: Add server port field to server state file. |
| - MINOR: ssl: allow to start without certificate if strict-sni is set |
| - MINOR: dns: Cache previous DNS answers. |
| - MINOR: obj: Add a new type of object, OBJ_TYPE_SRVRQ. |
| - Add a few functions to do unaligned access. |
| - MINOR: dns: Handle SRV records. |
| - MINOR: check: Fix checks when using SRV records. |
| - MINOR: doc: Document SRV label usage. |
| - BUILD/MINOR: cli: shut a minor gcc warning in "show fd" |
| - BUILD: ssl: replace SSL_CTX_get0_privatekey for openssl < 1.0.2 |
| - BUILD/MINOR: build without openssl still broken |
| - BUG/MAJOR: stream: in stream_free(), close the front endpoint and not the origin |
| - CLEANUP: raw_sock: Use a better name for the constructor than __ssl_sock_deinit() |
| - MINOR: init: Fix CPU affinity setting on FreeBSD. |
| - MINOR: dns: Update analysis of TRUNCATED response for SRV records |
| - MINOR: dns: update record dname matching for SRV query types |
| - MINOR: dns: update dns response buffer reading pointer due to SRV record |
| - MINOR: dns: duplicate entries in resolution wait queue for SRV records |
| - MINOR: dns: make debugging function dump_dns_config() compatible with SRV records |
| - MINOR: dns: ability to use a SRV resolution for multiple backends |
| - MINOR: dns: enable caching of responses for server set by a SRV record |
| - MINOR: dns: new dns record type (RTYPE) for OPT |
| - MINOR: dns: enabled edns0 extension and make accpeted payload size tunable |
| - MINOR: dns: default "hold obsolete" timeout set to 0 |
| - MINOR: chunks: add chunk_memcpy() and chunk_memcat() |
| - MINOR: session: add a streams field to the session struct |
| - MINOR: stream: link the stream to its session |
| - MEDIUM: session: do not free a session until no stream references it |
| - MINOR: ist: implement very simple indirect strings |
| - TESTS: ist: add a test file for the functions |
| - MINOR: http: export some of the HTTP parser macros |
| - BUG/MINOR: Wrong type used as argument for spoe_decode_buffer(). |
| - BUG/MINOR: dns: server set by SRV records stay in "no resolution" status |
| - MINOR: dns: Maximum DNS udp payload set to 8192 |
| - MINOR: dns: automatic reduction of DNS accpeted payload size |
| - MINOR: dns: make SRV record processing more verbose |
| - CLEANUP: dns: remove duplicated code in dns_resolve_recv() |
| - CLEANUP: dns: remove duplicated code in dns_validate_dns_response() |
| - BUG/MINOR: dns: wrong resolution interval lead to 100% CPU |
| - BUG/MEDIUM: dns: fix accepted_payload_size parser to avoid integer overflow |
| - BUG/MAJOR: lua: fix the impact of the scheduler changes again |
| - BUG/MEDIUM: lua: HTTP services must take care of body-less status codes |
| - MINOR: lua: properly process the contents of the content-length field |
| - BUG/MEDIUM: stream: properly set the required HTTP analysers on use-service |
| - OPTIM: lua: don't use expensive functions to parse headers in the HTTP applet |
| - OPTIM: lua: don't add "Connection: close" on the response |
| - REORG/MEDIUM: connection: introduce the notion of connection handle |
| - BUG/MINOR: stream-int: don't check the CO_FL_CURR_WR_ENA flag |
| - MEDIUM: connection: get rid of data->init() which was not for data |
| - MEDIUM: stream: make stream_new() allocate its own task |
| - CLEANUP: listener: remove the unused handler field |
| - MEDIUM: session: add a pointer to a struct task in the session |
| - MINOR: stream: provide a new stream creation function for connections |
| - MEDIUM: connection: remove useless flag CO_FL_DATA_RD_SH |
| - CLEANUP: connection: remove the unused conn_sock_shutw_pending() |
| - MEDIUM: connection: remove useless flag CO_FL_DATA_WR_SH |
| - DOC: add CLI info on privilege levels |
| - DOC: Refer to Mozilla TLS info / config generator |
| - MINOR: ssl: remove duplicate ssl_methods in struct bind_conf |
| - BUG/MEDIUM: http: Fix a regression bug when a HTTP response is in TUNNEL mode |
| - DOC: Add note about "* " prefix in CSV stats |
| - CLEANUP: memory: Remove unused function pool_destroy |
| - MINOR: listeners: Change listener_full and limit_listener into private functions |
| - MINOR: listeners: Change enable_listener and disable_listener into private functions |
| - MINOR: fd: Don't forget to reset fdtab[fd].update when a fd is added/removed |
| - MINOR: fd: Set owner and iocb field before inserting a new fd in the fdtab |
| - MINOR: backends: Make get_server_* functions explicitly static |
| - MINOR: applet: Check applets_active_queue before processing applets queue |
| - MINOR: chunks: Use dedicated function to init/deinit trash buffers |
| - MEDIUM: chunks: Realloc trash buffers only after the config is parsed and checked |
| - MINOR: logs: Use dedicated function to init/deinit log buffers |
| - MINOR: logs: Realloc log buffers only after the config is parsed and checked |
| - MINOR: buffers: Move swap_buffer into buffer.c and add deinit_buffer function |
| - MINOR: stick-tables: Make static_table_key a struct variable instead of a pointer |
| - MINOR: http: Use a trash chunk to store decoded string of the HTTP auth header |
| - MINOR: fd: Add fd_active function |
| - MINOR: fd: Use inlined functions to check fd state in fd_*_send/recv functions |
| - MINOR: fd: Move (de)allocation of fdtab and fdinfo in (de)init_pollers |
| - MINOR: freq_ctr: Return the new value after an update |
| - MEDIUM: check: server states and weight propagation re-work |
| - BUG/MEDIUM: epoll: ensure we always consider HUP and ERR |
| - MINOR: fd: Add fd_update_events function |
| - MINOR: polling: Use fd_update_events to update events seen for a fd |
| - BUG/MINOR: server: Remove FQDN requirement for using init-addr and state file |
| - Revert "BUG/MINOR: server: Remove FQDN requirement for using init-addr and state file" |
| - MINOR: ssl: rework smp_fetch_ssl_fc_cl_str without internal ssl use |
| - BUG/MEDIUM: http: Close streams for connections closed before a redirect |
| - BUG/MINOR: Lua: The socket may be destroyed when we try to access. |
| - MINOR: xref: Add a new xref system |
| - MEDIUM: xref/lua: Use xref for referencing cosocket relation between stream and lua |
| - MINOR: tasks: Move Lua notification from Lua to tasks |
| - MINOR: net_helper: Inline functions meant to be inlined. |
| - MINOR: cli: add socket commands and config to prepend informational messages with severity |
| - MINOR: add severity information to cli feedback messages |
| - BUILD: Makefile: add a function to detect support by the compiler of certain options |
| - BUILD: Makefile: shut certain gcc/clang stupid warnings |
| - BUILD: Makefile: improve detection of support for compiler warnings |
| - MINOR: peers: don't reference the incoming listener on outgoing connections |
| - MINOR: frontend: don't retrieve ALPN on the critical path |
| - MINOR: protocols: always pass a "port" argument to the listener creation |
| - MINOR: protocols: register the ->add function and stop calling them directly |
| - MINOR: unix: remove the now unused proto_uxst.h file |
| - MINOR: listeners: new function create_listeners |
| - MINOR: listeners: make listeners count consistent with reality |
| - MEDIUM: session: take care of incrementing/decrementing jobs |
| - MINOR: listener: new function listener_release |
| - MINOR: session: small cleanup of conn_complete_session() |
| - MEDIUM: session: factor out duplicated code for conn_complete_session |
| - MEDIUM: session: count the frontend's connections at a single place |
| - BUG/MEDIUM: compression: Fix check on txn in smp_fetch_res_comp_algo |
| - BUG/MINOR: compression: Check response headers before http-response rules eval |
| - BUG/MINOR: spoe: Don't rely on SPOE ctx in debug message when its creation failed |
| - BUG/MINOR: dns: Fix check on nameserver in snr_resolution_cb |
| - MINOR: ssl: Remove useless checks on bind_conf or bind_conf->is_ssl |
| - BUG/MINOR: contrib/mod_defender: close the va_list argp before return |
| - BUG/MINOR: contrib/modsecurity: close the va_list ap before return |
| - MINOR: tools: make my_htonll() more efficient on x86_64 |
| - MINOR: buffer: add b_del() to delete a number of characters |
| - MINOR: buffer: add b_end() and b_to_end() |
| - MINOR: net_helper: add functions to read from vectors |
| - MINOR: net_helper: add write functions |
| - MINOR: net_helper: add 64-bit read/write functions |
| - MINOR: connection: adjust CO_FL_NOTIFY_DATA after removal of flags |
| - MINOR: ist: add a macro to ease const array initialization |
| - BUG/MEDIUM: server: unwanted behavior leaving maintenance mode on tracked stopping server |
| - BUG/MEDIUM: server: unwanted behavior leaving maintenance mode on tracked stopping server (take2) |
| - BUG/MINOR: log: fixing small memory leak in error code path. |
| - BUG/MINOR: contrib/halog: fixing small memory leak |
| - BUG/MEDIUM: tcp/http: set-dst-port action broken |
| - CLEANUUP: checks: don't set conn->handle.fd to -1 |
| - BUG/MEDIUM: tcp-check: properly indicate polling state before performing I/O |
| - BUG/MINOR: tcp-check: don't quit with pending data in the send buffer |
| - BUG/MEDIUM: tcp-check: don't call tcpcheck_main() from the I/O handlers! |
| - BUG/MINOR: unix: properly check for octal digits in the "mode" argument |
| - MINOR: checks: make chk_report_conn_err() take a check, not a connection |
| - CLEANUP: checks: remove misleading comments and statuses for external process |
| - CLEANUP: checks: don't report report the fork() error twice |
| - CLEANUP: checks: do not allocate a connection for process checks |
| - TESTS: checks: add a simple test config for external checks |
| - BUG/MINOR: tcp-check: don't initialize then break a connection starting with a comment |
| - TESTS: checks: add a simple test config for tcp-checks |
| - MINOR: tcp-check: make tcpcheck_main() take a check, not a connection |
| - MINOR: checks: don't create then kill a dummy connection before tcp-checks |
| - MEDIUM: checks: make tcpcheck_main() indicate if it recycled a connection |
| - MEDIUM: checks: do not allocate a permanent connection anymore |
| - BUG/MEDIUM: cli: fix "show fd" crash when dumping closed FDs |
| - BUG/MEDIUM: http: Return an error when url_dec sample converter failed |
| - BUG/MAJOR: stream-int: don't re-arm recv if send fails |
| - BUILD/MINOR: 51d: fix warning when building with 51Degrees release version 3.2.12.12 |
| - DOC: 51d: add 51Degrees git URL that points to release version 3.2.12.12 |
| - DOC: 51d: Updated git URL and instructions for getting Hash Trie data files. |
| - MINOR: compiler: restore the likely() wrapper for gcc 5.x |
| - MINOR: session: remove the list of streams from struct session |
| - DOC: fix some typos |
| - MINOR: server: add the srv_queue() sample fetch method |
| - MINOR: payload: add new sample fetch functions to process distcc protocol |
| - MAJOR: servers: propagate server status changes asynchronously. |
| - BUG/MEDIUM: ssl: fix OCSP expiry calculation |
| - BUG/MINOR: stream-int: don't set MSG_MORE on SHUTW_NOW without AUTO_CLOSE |
| - MINOR: server: Handle weight increase in consistent hash. |
| - MINOR: checks: Add a new keyword to specify a SNI when doing SSL checks. |
| - BUG/MINOR: tools: fix my_htonll() on x86_64 |
| - BUG/MINOR: stats: Clear a bit more counters with in cli_parse_clear_counters(). |
| - BUG/MAJOR: lua: scheduled task is freezing. |
| - MINOR: buffer: add bo_del() to delete a number of characters from output |
| - MINOR: buffer: add a function to match against string patterns |
| - MINOR: buffer: add two functions to inject data into buffers |
| - MINOR: buffer: add buffer_space_wraps() |
| - REORG: channel: finally rename the last bi_* / bo_* functions |
| - MINOR: buffer: add bo_getblk() and bo_getblk_nc() |
| - MINOR: channel: make use of bo_getblk{,_nc} for their channel equivalents |
| - MINOR: channel: make the channel be a const in all {ci,co}_get* functions |
| - MINOR: ist: add ist0() to add a trailing zero to a string. |
| - BUG/MEDIUM: log: check result details truncated. |
| - MINOR: buffer: make bo_getblk_nc() not return 2 for a full buffer |
| - REORG: http: move some very http1-specific parts to h1.{c,h} |
| - REORG: http: move the HTTP/1 chunk parser to h1.{c,h} |
| - REORG: http: move the HTTP/1 header block parser to h1.c |
| - MEDIUM: http: make the chunk size parser only depend on the buffer |
| - MEDIUM: http: make the chunk crlf parser only depend on the buffer |
| - MINOR: h1: add struct h1m for basic HTTP/1 messages |
| - MINOR: http: add very simple header management based on double strings |
| - MEDIUM: h1: reimplement the http/1 response parser for the gateway |
| - REORG: connection: rename CO_FL_DATA_* -> CO_FL_XPRT_* |
| - MEDIUM: connection: make conn_sock_shutw() aware of lingering |
| - MINOR: connection: ensure conn_ctrl_close() also resets the fd |
| - MINOR: connection: add conn_stop_tracking() to disable tracking |
| - MINOR: tcp: use conn_full_close() instead of conn_force_close() |
| - MINOR: unix: use conn_full_close() instead of conn_force_close() |
| - MINOR: checks: use conn_full_close() instead of conn_force_close() |
| - MINOR: session: use conn_full_close() instead of conn_force_close() |
| - MINOR: stream: use conn_full_close() instead of conn_force_close() |
| - MINOR: stream: use conn_full_close() instead of conn_force_close() |
| - MINOR: backend: use conn_full_close() instead of conn_force_close() |
| - MINOR: stream-int: use conn_full_close() instead of conn_force_close() |
| - MINOR: connection: remove conn_force_close() |
| - BUG/MINOR: ssl: ocsp response with 'revoked' status is correct |
| |
| 2017/06/02 : 1.8-dev2 |
| - CLEANUP: server: moving netinet/tcp.h inclusion |
| - DOC: changed "block"(deprecated) examples to http-request deny |
| - DOC: add few comments to examples. |
| - DOC: update sample code for PROXY protocol |
| - DOC: mention lighttpd 1.4.46 implements PROXY |
| - MINOR server: Restrict dynamic cookie check to the same proxy. |
| - DOC: stick-table is available in frontend sections |
| - BUG/MINOR: server : no transparent proxy for DragonflyBSD |
| - BUILD/MINOR: stats: remove unexpected argument to stats_dump_json_header() |
| - BUILD/MINOR: tools: fix build warning in debug_hexdump() |
| - BUG/MINOR: dns: Wrong address family used when creating IPv6 sockets. |
| - BUG/MINOR: config: missing goto out after parsing an incorrect ACL character |
| - BUG/MINOR: arg: don't try to add an argument on failed memory allocation |
| - MEDIUM: server: Inherit CLI weight changes and agent-check weight responses |
| - BUG/MEDIUM: arg: ensure that we properly unlink unresolved arguments on error |
| - BUG/MEDIUM: acl: don't free unresolved args in prune_acl_expr() |
| - BUG/MEDIUM: servers: unbreak server weight propagation |
| - MINOR: lua: ensure the memory allocator is used all the time |
| - MINOR: cli: Add a command to send listening sockets. |
| - MINOR: global: Add an option to get the old listening sockets. |
| - MINOR: tcp: When binding socket, attempt to reuse one from the old proc. |
| - MINOR: doc: document the -x flag |
| - MINOR: proxy: Don't close FDs if not our proxy. |
| - MINOR: socket transfer: Set a timeout on the socket. |
| - MINOR: systemd wrapper: add support for passing the -x option. |
| - BUG/MINOR: server: Fix a wrong error message during 'usesrc' keyword parsing. |
| - BUG/MAJOR: Broken parsing for valid keywords provided after 'source' setting. |
| - CLEANUP: logs: typo: simgle => single |
| - BUG/MEDIUM: acl: proprely release unused args in prune_acl_expr() |
| - MEDIUM: config: don't check config validity when there are fatal errors |
| - BUG/MAJOR: Use -fwrapv. |
| - BUG/MINOR: server: don't use "proxy" when px is really meant. |
| - BUG/MEDIUM: http: Drop the connection establishment when a redirect is performed |
| - BUG/MINOR: server: missing default server 'resolvers' setting duplication. |
| - MINOR: server: Extract the code responsible of copying default-server settings. |
| - MINOR: server: Extract the code which finalizes server initializations after 'server' lines parsing. |
| - MINOR: server: Add 'server-template' new keyword supported in backend sections. |
| - MINOR: server: Add server_template_init() function to initialize servers from a templates. |
| - DOC: Add documentation for new "server-template" keyword. |
| - DOC: add layer 4 links/cross reference to "block" keyword. |
| - DOC: errloc/errorloc302/errorloc303 missing status codes. |
| - BUG/MEDIUM: lua: memory leak |
| - CLEANUP: lua: remove test |
| - BUG/MINOR: hash-balance-factor isn't effective in certain circumstances |
| - BUG/MINOR: change header-declared function to static inline |
| - REORG: spoe: move spoe_encode_varint / spoe_decode_varint from spoe to common |
| - MINOR: Add binary encoding request header sample fetch |
| - MINOR: proto-http: Add sample fetch wich returns all HTTP headers |
| - MINOR: Add ModSecurity wrapper as contrib |
| - BUG/MINOR: ssl: fix warnings about methods for opensslv1.1. |
| - DOC: update RFC references |
| - CONTRIB: tcploop: add action "X" to execute a command |
| - MINOR: server: cli: Add server FQDNs to server-state file and stats socket. |
| - BUG/MINOR: contrib/mod_security: fix build on FreeBSD |
| - BUG/MINOR: checks: don't send proxy protocol with agent checks |
| - MINOR: ssl: add prefer-client-ciphers |
| - MEDIUM: ssl: revert ssl/tls version settings relative to default-server. |
| - MEDIUM: ssl: ssl_methods implementation is reworked and factored for min/max tlsxx |
| - MEDIUM: ssl: calculate the real min/max TLS version and find holes |
| - MINOR: ssl: support TLSv1.3 for bind and server |
| - MINOR: ssl: show methods supported by openssl |
| - MEDIUM: ssl: add ssl-min-ver and ssl-max-ver parameters for bind and server |
| - MEDIUM: ssl: ssl-min-ver and ssl-max-ver compatibility. |
| - CLEANUP: retire obsoleted USE_GETSOCKNAME build option |
| - BUG/MAJOR: dns: Broken kqueue events handling (BSD systems). |
| - MINOR: sample: Add b64dec sample converter |
| - BUG/MEDIUM: lua: segfault if a converter or a sample doesn't return anything |
| - MINOR: cli: add ACCESS_LVL_MASK to store the access level |
| - MINOR: cli: add 'expose-fd listeners' to pass listeners FDs |
| - MEDIUM: proxy: zombify proxies only when the expose-fd socket is bound |
| - MEDIUM: ssl: add basic support for OpenSSL crypto engine |
| - MAJOR: ssl: add openssl async mode support |
| - MEDIUM: ssl: handle multiple async engines |
| - MINOR: boringssl: basic support for OCSP Stapling |
| - MEDIUM: mworker: replace systemd mode by master worker mode |
| - MEDIUM: mworker: handle reload and signals |
| - MEDIUM: mworker: wait mode on reload failure |
| - MEDIUM: mworker: try to guess the next stats socket to use with -x |
| - MEDIUM: mworker: exit-on-failure option |
| - MEDIUM: mworker: workers exit when the master leaves |
| - DOC: add documentation for the master-worker mode |
| - MEDIUM: systemd: Type=forking in unit file |
| - MAJOR: systemd-wrapper: get rid of the wrapper |
| - MINOR: log: Add logurilen tunable. |
| - CLEANUP: server.c: missing prototype of srv_free_dns_resolution |
| - MINOR: dns: smallest DNS fqdn size |
| - MINOR: dns: functions to manage memory for a DNS resolution structure |
| - MINOR: dns: parse_server() now uses srv_alloc_dns_resolution() |
| - REORG: dns: dns_option structure, storage of hostname_dn |
| - MINOR: dns: new snr_check_ip_callback function |
| - MAJOR: dns: save a copy of the DNS response in struct resolution |
| - MINOR: dns: implement a LRU cache for DNS resolutions |
| - MINOR: dns: make 'ancount' field to match the number of saved records |
| - MINOR: dns: introduce roundrobin into the internal cache (WIP) |
| - MAJOR/REORG: dns: DNS resolution task and requester queues |
| - BUILD: ssl: fix build with OPENSSL_NO_ENGINE |
| - MINOR: Add Mod Defender integration as contrib |
| - CLEANUP: str2mask return code comment: non-zero -> zero. |
| - MINOR: tools: make debug_hexdump() use a const char for the string |
| - MINOR: tools: make debug_hexdump() take a string prefix |
| - CLEANUP: connection: remove unused CO_FL_WAIT_DATA |
| |
| 2017/04/03 : 1.8-dev1 |
| - BUG/MEDIUM: proxy: return "none" and "unknown" for unknown LB algos |
| - BUG/MINOR: stats: make field_str() return an empty string on NULL |
| - DOC: Spelling fixes |
| - BUG/MEDIUM: http: Fix tunnel mode when the CONNECT method is used |
| - BUG/MINOR: http: Keep the same behavior between 1.6 and 1.7 for tunneled txn |
| - BUG/MINOR: filters: Protect args in macros HAS_DATA_FILTERS and IS_DATA_FILTER |
| - BUG/MINOR: filters: Invert evaluation order of HTTP_XFER_BODY and XFER_DATA analyzers |
| - BUG/MINOR: http: Call XFER_DATA analyzer when HTTP txn is switched in tunnel mode |
| - BUG/MAJOR: stream: fix session abort on resource shortage |
| - OPTIM: stream-int: don't disable polling anymore on DONT_READ |
| - BUG/MINOR: cli: allow the backslash to be escaped on the CLI |
| - BUG/MEDIUM: cli: fix "show stat resolvers" and "show tls-keys" |
| - DOC: Fix map table's format |
| - DOC: Added 51Degrees conv and fetch functions to documentation. |
| - BUG/MINOR: http: don't send an extra CRLF after a Set-Cookie in a redirect |
| - DOC: mention that req_tot is for both frontends and backends |
| - BUG/MEDIUM: variables: some variable name can hide another ones |
| - MINOR: lua: Allow argument for actions |
| - BUILD: rearrange target files by build time |
| - CLEANUP: hlua: just indent functions |
| - MINOR: lua: give HAProxy variable access to the applets |
| - BUG/MINOR: stats: fix be/sessions/max output in html stats |
| - MINOR: proxy: Add fe_name/be_name fetchers next to existing fe_id/be_id |
| - DOC: lua: Documentation about some entry missing |
| - DOC: lua: Add documentation about variable manipulation from applet |
| - MINOR: Do not forward the header "Expect: 100-continue" when the option http-buffer-request is set |
| - DOC: Add undocumented argument of the trace filter |
| - DOC: Fix some typo in SPOE documentation |
| - MINOR: cli: Remove useless call to bi_putchk |
| - BUG/MINOR: cli: be sure to always warn the cli applet when input buffer is full |
| - MINOR: applet: Count number of (active) applets |
| - MINOR: task: Rename run_queue and run_queue_cur counters |
| - BUG/MEDIUM: stream: Save unprocessed events for a stream |
| - BUG/MAJOR: Fix how the list of entities waiting for a buffer is handled |
| - BUILD/MEDIUM: Fixing the build using LibreSSL |
| - BUG/MEDIUM: lua: In some case, the return of sample-fetches is ignored (2) |
| - SCRIPTS: git-show-backports: fix a harmless typo |
| - SCRIPTS: git-show-backports: add -H to use the hash of the commit message |
| - BUG/MINOR: stream-int: automatically release SI_FL_WAIT_DATA on SHUTW_NOW |
| - CLEANUP: applet/lua: create a dedicated ->fcn entry in hlua_cli context |
| - CLEANUP: applet/table: add an "action" entry in ->table context |
| - CLEANUP: applet: remove the now unused appctx->private field |
| - DOC: lua: documentation about time parser functions |
| - DOC: lua: improve links |
| - DOC: lua: section declared twice |
| - MEDIUM: cli: 'show cli sockets' list the CLI sockets |
| - BUG/MINOR: cli: "show cli sockets" wouldn't list all processes |
| - BUG/MINOR: cli: "show cli sockets" would always report process 64 |
| - CLEANUP: lua: rename one of the lua appctx union |
| - BUG/MINOR: lua/cli: bad error message |
| - MEDIUM: lua: use memory pool for hlua struct in applets |
| - MINOR: lua/signals: Remove Lua part from signals. |
| - DOC: cli: show cli sockets |
| - MINOR: cli: automatically enable a CLI I/O handler when there's no parser |
| - CLEANUP: memory: remove the now unused cli_parse_show_pools() function |
| - CLEANUP: applet: group all CLI contexts together |
| - CLEANUP: stats: move a misplaced stats context initialization |
| - MINOR: cli: add two general purpose pointers and integers in the CLI struct |
| - MINOR: appctx/cli: remove the cli_socket entry from the appctx union |
| - MINOR: appctx/cli: remove the env entry from the appctx union |
| - MINOR: appctx/cli: remove the "be" entry from the appctx union |
| - MINOR: appctx/cli: remove the "dns" entry from the appctx union |
| - MINOR: appctx/cli: remove the "server_state" entry from the appctx union |
| - MINOR: appctx/cli: remove the "tlskeys" entry from the appctx union |
| - CONTRIB: tcploop: add limits.h to fix build issue with some compilers |
| - MINOR/DOC: lua: just precise one thing |
| - DOC: fix small typo in fe_id (backend instead of frontend) |
| - BUG/MINOR: Fix the sending function in Lua's cosocket |
| - BUG/MINOR: lua: memory leak executing tasks |
| - BUG/MINOR: lua: bad return code |
| - BUG/MINOR: lua: memleak when Lua/cli fails |
| - MEDIUM: lua: remove Lua struct from session, and allocate it with memory pools |
| - CLEANUP: haproxy: statify unexported functions |
| - MINOR: haproxy: add a registration for build options |
| - CLEANUP: wurfl: use the build options list to report it |
| - CLEANUP: 51d: use the build options list to report it |
| - CLEANUP: da: use the build options list to report it |
| - CLEANUP: namespaces: use the build options list to report it |
| - CLEANUP: tcp: use the build options list to report transparent modes |
| - CLEANUP: lua: use the build options list to report it |
| - CLEANUP: regex: use the build options list to report the regex type |
| - CLEANUP: ssl: use the build options list to report the SSL details |
| - CLEANUP: compression: use the build options list to report the algos |
| - CLEANUP: auth: use the build options list to report its support |
| - MINOR: haproxy: add a registration for post-check functions |
| - CLEANUP: checks: make use of the post-init registration to start checks |
| - CLEANUP: filters: use the function registration to initialize all proxies |
| - CLEANUP: wurfl: make use of the late init registration |
| - CLEANUP: 51d: make use of the late init registration |
| - CLEANUP: da: make use of the late init registration code |
| - MINOR: haproxy: add a registration for post-deinit functions |
| - CLEANUP: wurfl: register the deinit function via the dedicated list |
| - CLEANUP: 51d: register the deinitialization function |
| - CLEANUP: da: register the deinitialization function |
| - CLEANUP: wurfl: move global settings out of the global section |
| - CLEANUP: 51d: move global settings out of the global section |
| - CLEANUP: da: move global settings out of the global section |
| - MINOR: cfgparse: add two new functions to check arguments count |
| - MINOR: cfgparse: move parsing of "ca-base" and "crt-base" to ssl_sock |
| - MEDIUM: cfgparse: move all tune.ssl.* keywords to ssl_sock |
| - MEDIUM: cfgparse: move maxsslconn parsing to ssl_sock |
| - MINOR: cfgparse: move parsing of ssl-default-{bind,server}-ciphers to ssl_sock |
| - MEDIUM: cfgparse: move ssl-dh-param-file parsing to ssl_sock |
| - MEDIUM: compression: move the zlib-specific stuff from global.h to compression.c |
| - BUG/MEDIUM: ssl: properly reset the reused_sess during a forced handshake |
| - BUG/MEDIUM: ssl: avoid double free when releasing bind_confs |
| - BUG/MINOR: stats: fix be/sessions/current out in typed stats |
| - MINOR: tcp-rules: check that the listener exists before updating its counters |
| - MEDIUM: spoe: don't create a dummy listener for outgoing connections |
| - MINOR: listener: move the transport layer pointer to the bind_conf |
| - MEDIUM: move listener->frontend to bind_conf->frontend |
| - MEDIUM: ssl: remote the proxy argument from most functions |
| - MINOR: connection: add a new prepare_bind_conf() entry to xprt_ops |
| - MEDIUM: ssl_sock: implement ssl_sock_prepare_bind_conf() |
| - MINOR: connection: add a new destroy_bind_conf() entry to xprt_ops |
| - MINOR: ssl_sock: implement ssl_sock_destroy_bind_conf() |
| - MINOR: server: move the use_ssl field out of the ifdef USE_OPENSSL |
| - MINOR: connection: add a minimal transport layer registration system |
| - CLEANUP: connection: remove all direct references to raw_sock and ssl_sock |
| - CLEANUP: connection: unexport raw_sock and ssl_sock |
| - MINOR: connection: add new prepare_srv()/destroy_srv() entries to xprt_ops |
| - MINOR: ssl_sock: implement and use prepare_srv()/destroy_srv() |
| - CLEANUP: ssl: move tlskeys_finalize_config() to a post_check callback |
| - CLEANUP: ssl: move most ssl-specific global settings to ssl_sock.c |
| - BUG/MINOR: backend: nbsrv() should return 0 if backend is disabled |
| - BUG/MEDIUM: ssl: for a handshake when server-side SNI changes |
| - BUG/MINOR: systemd: potential zombie processes |
| - DOC: Add timings events schemas |
| - BUILD: lua: build failed on FreeBSD. |
| - MINOR: samples: add xx-hash functions |
| - MEDIUM: regex: pcre2 support |
| - BUG/MINOR: option prefer-last-server must be ignored in some case |
| - MINOR: stats: Support "select all" for backend actions |
| - BUG/MINOR: sample-fetches/stick-tables: bad type for the sample fetches sc*_get_gpt0 |
| - BUG/MAJOR: channel: Fix the definition order of channel analyzers |
| - BUG/MINOR: http: report real parser state in error captures |
| - BUILD: scripts: automatically update the branch in version.h when releasing |
| - MINOR: tools: add a generic hexdump function for debugging |
| - BUG/MAJOR: http: fix risk of getting invalid reports of bad requests |
| - MINOR: http: custom status reason. |
| - MINOR: connection: add sample fetch "fc_rcvd_proxy" |
| - BUG/MINOR: config: emit a warning if http-reuse is enabled with incompatible options |
| - BUG/MINOR: tools: fix off-by-one in port size check |
| - BUG/MEDIUM: server: consider AF_UNSPEC as a valid address family |
| - MEDIUM: server: split the address and the port into two different fields |
| - MINOR: tools: make str2sa_range() return the port in a separate argument |
| - MINOR: server: take the destination port from the port field, not the addr |
| - MEDIUM: server: disable protocol validations when the server doesn't resolve |
| - BUG/MEDIUM: tools: do not force an unresolved address to AF_INET:0.0.0.0 |
| - BUG/MINOR: ssl: EVP_PKEY must be freed after X509_get_pubkey usage |
| - BUG/MINOR: ssl: assert on SSL_set_shutdown with BoringSSL |
| - MINOR: Use "500 Internal Server Error" for 500 error/status code message. |
| - MINOR: proto_http.c 502 error txt typo. |
| - DOC: add deprecation notice to "block" |
| - MINOR: compression: fix -vv output without zlib/slz |
| - BUG/MINOR: Reset errno variable before calling strtol(3) |
| - MINOR: ssl: don't show prefer-server-ciphers output |
| - OPTIM/MINOR: config: Optimize fullconn automatic computation loading configuration |
| - BUG/MINOR: stream: Fix how backend-specific analyzers are set on a stream |
| - MAJOR: ssl: bind configuration per certificat |
| - MINOR: ssl: add curve suite for ECDHE negotiation |
| - MINOR: checks: Add agent-addr config directive |
| - MINOR: cli: Add possiblity to change agent config via CLI/socket |
| - MINOR: doc: Add docs for agent-addr configuration variable |
| - MINOR: doc: Add docs for agent-addr and agent-send CLI commands |
| - BUILD: ssl: fix to build (again) with boringssl |
| - BUILD: ssl: fix build on OpenSSL 1.0.0 |
| - BUILD: ssl: silence a warning reported for ERR_remove_state() |
| - BUILD: ssl: eliminate warning with OpenSSL 1.1.0 regarding RAND_pseudo_bytes() |
| - BUILD: ssl: kill a build warning introduced by BoringSSL compatibility |
| - BUG/MEDIUM: tcp: don't poll for write when connect() succeeds |
| - BUG/MINOR: unix: fix connect's polling in case no data are scheduled |
| - MINOR: server: extend the flags to 32 bits |
| - BUG/MINOR: lua: Map.end are not reliable because "end" is a reserved keyword |
| - MINOR: dns: give ability to dns_init_resolvers() to close a socket when requested |
| - BUG/MAJOR: dns: restart sockets after fork() |
| - MINOR: chunks: implement a simple dynamic allocator for trash buffers |
| - BUG/MEDIUM: http: prevent redirect from overwriting a buffer |
| - BUG/MEDIUM: filters: Do not truncate HTTP response when body length is undefined |
| - BUG/MEDIUM: http: Prevent replace-header from overwriting a buffer |
| - BUG/MINOR: http: Return an error when a replace-header rule failed on the response |
| - BUG/MINOR: sendmail: The return of vsnprintf is not cleanly tested |
| - BUG/MAJOR: ssl: fix a regression in ssl_sock_shutw() |
| - BUG/MAJOR: lua segmentation fault when the request is like 'GET ?arg=val HTTP/1.1' |
| - BUG/MEDIUM: config: reject anything but "if" or "unless" after a use-backend rule |
| - MINOR: http: don't close when redirect location doesn't start with "/" |
| - MEDIUM: boringssl: support native multi-cert selection without bundling |
| - BUG/MEDIUM: ssl: fix verify/ca-file per certificate |
| - BUG/MEDIUM: ssl: switchctx should not return SSL_TLSEXT_ERR_ALERT_WARNING |
| - MINOR: ssl: removes SSL_CTX_set_ssl_version call and cleanup CTX creation. |
| - BUILD: ssl: fix build with -DOPENSSL_NO_DH |
| - MEDIUM: ssl: add new sample-fetch which captures the cipherlist |
| - MEDIUM: ssl: remove ssl-options from crt-list |
| - BUG/MEDIUM: ssl: in bind line, ssl-options after 'crt' are ignored. |
| - BUG/MINOR: ssl: fix cipherlist captures with sustainable SSL calls |
| - MINOR: ssl: improved cipherlist captures |
| - BUG/MINOR: spoe: Fix soft stop handler using a specific id for spoe filters |
| - BUG/MINOR: spoe: Fix parsing of arguments in spoe-message section |
| - MAJOR: spoe: Add support of pipelined and asynchronous exchanges with agents |
| - MINOR: spoe: Add support for pipelining/async capabilities in the SPOA example |
| - MINOR: spoe: Remove SPOE details from the appctx structure |
| - MINOR: spoe: Add status code in error variable instead of hardcoded value |
| - MINOR: spoe: Send a log message when an error occurred during event processing |
| - MINOR: spoe: Check the scope of sample fetches used in SPOE messages |
| - MEDIUM: spoe: Be sure to wakeup the good entity waiting for a buffer |
| - MINOR: spoe: Use the min of all known max_frame_size to encode messages |
| - MAJOR: spoe: Add support of payload fragmentation in NOTIFY frames |
| - MINOR: spoe: Add support for fragmentation capability in the SPOA example |
| - MAJOR: spoe: refactor the filter to clean up the code |
| - MINOR: spoe: Handle NOTIFY frames cancellation using ABORT bit in ACK frames |
| - REORG: spoe: Move struct and enum definitions in dedicated header file |
| - REORG: spoe: Move low-level encoding/decoding functions in dedicated header file |
| - MINOR: spoe: Improve implementation of the payload fragmentation |
| - MINOR: spoe: Add support of negation for options in SPOE configuration file |
| - MINOR: spoe: Add "pipelining" and "async" options in spoe-agent section |
| - MINOR: spoe: Rely on alertif_too_many_arg during configuration parsing |
| - MINOR: spoe: Add "send-frag-payload" option in spoe-agent section |
| - MINOR: spoe: Add "max-frame-size" statement in spoe-agent section |
| - DOC: spoe: Update SPOE documentation to reflect recent changes |
| - MINOR: config: warn when some HTTP rules are used in a TCP proxy |
| - BUG/MEDIUM: ssl: Clear OpenSSL error stack after trying to parse OCSP file |
| - BUG/MEDIUM: cli: Prevent double free in CLI ACL lookup |
| - BUG/MINOR: Fix "get map <map> <value>" CLI command |
| - MINOR: Add nbsrv sample converter |
| - CLEANUP: Replace repeated code to count usable servers with be_usable_srv() |
| - MINOR: Add hostname sample fetch |
| - CLEANUP: Remove comment that's no longer valid |
| - MEDIUM: http_error_message: txn->status / http_get_status_idx. |
| - MINOR: http-request tarpit deny_status. |
| - CLEANUP: http: make http_server_error() not set the status anymore |
| - MEDIUM: stats: Add JSON output option to show (info|stat) |
| - MEDIUM: stats: Add show json schema |
| - BUG/MAJOR: connection: update CO_FL_CONNECTED before calling the data layer |
| - MINOR: server: Add dynamic session cookies. |
| - MINOR: cli: Let configure the dynamic cookies from the cli. |
| - BUG/MINOR: checks: attempt clean shutw for SSL check |
| - CONTRIB: tcploop: make it build on FreeBSD |
| - CONTRIB: tcploop: fix time format to silence build warnings |
| - CONTRIB: tcploop: report action 'K' (kill) in usage message |
| - CONTRIB: tcploop: fix connect's address length |
| - CONTRIB: tcploop: use the trash instead of NULL for recv() |
| - BUG/MEDIUM: listener: do not try to rebind another process' socket |
| - BUG/MEDIUM server: Fix crash when dynamic is defined, but not key is provided. |
| - CLEANUP: config: Typo in comment. |
| - BUG/MEDIUM: filters: Fix channels synchronization in flt_end_analyze |
| - TESTS: add a test configuration to stress handshake combinations |
| - BUG/MAJOR: stream-int: do not depend on connection flags to detect connection |
| - BUG/MEDIUM: connection: ensure to always report the end of handshakes |
| - MEDIUM: connection: don't test for CO_FL_WAKE_DATA |
| - CLEANUP: connection: completely remove CO_FL_WAKE_DATA |
| - BUG: payload: fix payload not retrieving arbitrary lengths |
| - BUILD: ssl: simplify SSL_CTX_set_ecdh_auto compatibility |
| - BUILD: ssl: fix OPENSSL_NO_SSL_TRACE for boringssl and libressl |
| - BUG/MAJOR: http: fix typo in http_apply_redirect_rule |
| - MINOR: doc: 2.4. Examples should be 2.5. Examples |
| - BUG/MEDIUM: stream: fix client-fin/server-fin handling |
| - MINOR: fd: add a new flag HAP_POLL_F_RDHUP to struct poller |
| - BUG/MINOR: raw_sock: always perfom the last recv if RDHUP is not available |
| - OPTIM: poll: enable support for POLLRDHUP |
| - MINOR: kqueue: exclusively rely on the kqueue returned status |
| - MEDIUM: kqueue: take care of EV_EOF to improve polling status accuracy |
| - MEDIUM: kqueue: only set FD_POLL_IN when there are pending data |
| - DOC/MINOR: Fix typos in proxy protocol doc |
| - DOC: Protocol doc: add checksum, TLV type ranges |
| - DOC: Protocol doc: add SSL TLVs, rename CHECKSUM |
| - DOC: Protocol doc: add noop TLV |
| - MEDIUM: global: add a 'hard-stop-after' option to cap the soft-stop time |
| - MINOR: dns: improve DNS response parsing to use as many available records as possible |
| - BUG/MINOR: cfgparse: loop in tracked servers lists not detected by check_config_validity(). |
| - MINOR: server: irrelevant error message with 'default-server' config file keyword. |
| - MINOR: server: Make 'default-server' support 'backup' keyword. |
| - MINOR: server: Make 'default-server' support 'check-send-proxy' keyword. |
| - CLEANUP: server: code alignement. |
| - MINOR: server: Make 'default-server' support 'non-stick' keyword. |
| - MINOR: server: Make 'default-server' support 'send-proxy' and 'send-proxy-v2 keywords. |
| - MINOR: server: Make 'default-server' support 'check-ssl' keyword. |
| - MINOR: server: Make 'default-server' support 'force-sslv3' and 'force-tlsv1[0-2]' keywords. |
| - CLEANUP: server: code alignement. |
| - MINOR: server: Make 'default-server' support 'no-ssl*' and 'no-tlsv*' keywords. |
| - MINOR: server: Make 'default-server' support 'ssl' keyword. |
| - MINOR: server: Make 'default-server' support 'send-proxy-v2-ssl*' keywords. |
| - CLEANUP: server: code alignement. |
| - MINOR: server: Make 'default-server' support 'verify' keyword. |
| - MINOR: server: Make 'default-server' support 'verifyhost' setting. |
| - MINOR: server: Make 'default-server' support 'check' keyword. |
| - MINOR: server: Make 'default-server' support 'track' setting. |
| - MINOR: server: Make 'default-server' support 'ca-file', 'crl-file' and 'crt' settings. |
| - MINOR: server: Make 'default-server' support 'redir' keyword. |
| - MINOR: server: Make 'default-server' support 'observe' keyword. |
| - MINOR: server: Make 'default-server' support 'cookie' keyword. |
| - MINOR: server: Make 'default-server' support 'ciphers' keyword. |
| - MINOR: server: Make 'default-server' support 'tcp-ut' keyword. |
| - MINOR: server: Make 'default-server' support 'namespace' keyword. |
| - MINOR: server: Make 'default-server' support 'source' keyword. |
| - MINOR: server: Make 'default-server' support 'sni' keyword. |
| - MINOR: server: Make 'default-server' support 'addr' keyword. |
| - MINOR: server: Make 'default-server' support 'disabled' keyword. |
| - MINOR: server: Add 'no-agent-check' server keyword. |
| - DOC: server: Add docs for "server" and "default-server" new "no-*" and other settings. |
| - MINOR: doc: fix use-server example (imap vs mail) |
| - BUG/MEDIUM: tcp: don't require privileges to bind to device |
| - BUILD: make the release script use shortlog for the final changelog |
| - BUILD: scripts: fix typo in announce-release error message |
| - CLEANUP: time: curr_sec_ms doesn't need to be exported |
| - BUG/MEDIUM: server: Wrong server default CRT filenames initialization. |
| - BUG/MEDIUM: peers: fix buffer overflow control in intdecode. |
| - BUG/MEDIUM: buffers: Fix how input/output data are injected into buffers |
| - BUG/MINOR: http: Fix conditions to clean up a txn and to handle the next request |
| - CLEANUP: http: Remove channel_congested function |
| - CLEANUP: buffers: Remove buffer_bounce_realign function |
| - CLEANUP: buffers: Remove buffer_contig_area and buffer_work_area functions |
| - MINOR: http: remove useless check on HTTP_MSGF_XFER_LEN for the request |
| - MINOR: http: Add debug messages when HTTP body analyzers are called |
| - BUG/MEDIUM: http: Fix blocked HTTP/1.0 responses when compression is enabled |
| - BUG/MINOR: filters: Don't force the stream's wakeup when we wait in flt_end_analyze |
| - DOC: fix parenthesis and add missing "Example" tags |
| - DOC: update the contributing file |
| - DOC: log-format/tcplog/httplog update |
| - MINOR: config parsing: add warning when log-format/tcplog/httplog is overriden in "defaults" sections |
| |
| 2016/11/25 : 1.8-dev0 |
| |
| 2016/11/25 : 1.7.0 |
| - SCRIPTS: make publish-release also copy the new SPOE doc |
| - BUILD: http: include types/sample.h in proto_http.h |
| - BUILD: debug/flags: remove test for SF_COMP_READY |
| - CONTRIB: debug/flags: add check for SF_ERR_CHK_PORT |
| - MINOR: lua: add function which return true if the channel is full. |
| - MINOR: lua: add ip addresses and network manipulation function |
| - CONTRIB: tcploop: scriptable TCP I/O for debugging purposes |
| - CONTRIB: tcploop: implement fork() |
| - CONTRIB: tcploop: implement logging when called with -v |
| - CONTRIB: tcploop: update the usage output |
| - CONTRIB: tcploop: support sending plain strings |
| - CONTRIB: tcploop: don't report failed send() or recv() |
| - CONTRIB: tcploop: add basic loops via a jump instruction |
| - BUG/MEDIUM: channel: bad unlikely macro |
| - CLEANUP: lua: move comment |
| - CLEANUP: lua: control executed twice |
| - BUG/MEDIUM: ssl: Store certificate filename in a variable |
| - BUG/MINOR: ssl: Print correct filename when error occurs reading OCSP |
| - CLEANUP: ssl: Remove goto after return dead code |
| - CLEANUP: ssl: Fix bind keywords name in comments |
| - DOC: ssl: Use correct wording for ca-sign-pass |
| - CLEANUP: lua: avoid directly calling getsockname/getpeername() |
| - BUG/MINOR: stick-table: handle out-of-memory condition gracefully |
| - MINOR: cli: add private pointer and release function |
| - MEDIUM: lua: Add cli handler for Lua |
| - BUG/MEDIUM: connection: check the control layer before stopping polling |
| - DEBUG: connection: mark the closed FDs with a value that is easier to detect |
| - BUG/MEDIUM: stick-table: fix regression caused by recent fix for out-of-memory |
| - BUG/MINOR: cli: properly decrement ref count on tables during failed dumps |
| - BUG/MEDIUM: lua: In some case, the return of sample-fetche is ignored |
| - MINOR: filters: Add check_timeouts callback to handle timers expiration on streams |
| - MINOR: spoe: Add 'timeout processing' option to limit time to process an event |
| - MINOR: spoe: Remove useless 'timeout ack' option |
| - MINOR: spoe: Add 'option continue-on-error' statement in spoe-agent section |
| - MINOR: spoe: Add "maxconnrate" and "maxerrrate" statements |
| - MINOR: spoe: Add "option set-on-error" statement |
| - MINOR: stats: correct documentation of process ID for typed output |
| - BUILD: contrib: fix ip6range build on Centos 7 |
| - BUILD: fix build on Solaris 10/11 |
| - BUG/MINOR: cli: fix pointer size when reporting data/transport layer name |
| - BUG/MINOR: cli: dequeue from the proxy when changing a maxconn |
| - BUG/MINOR: cli: wake up the CLI's task after a timeout update |
| - MINOR: connection: add a few functions to report the data and xprt layers' names |
| - MINOR: connection: add names for transport and data layers |
| - REORG: cli: split dumpstats.c in src/cli.c and src/stats.c |
| - REORG: cli: split dumpstats.h in stats.h and cli.h |
| - REORG: cli: move ssl CLI functions to ssl_sock.c |
| - REORG: cli: move map and acl code to map.c |
| - REORG: cli: move show stat resolvers to dns.c |
| - MINOR: cli: create new function cli_has_level() to validate permissions |
| - MINOR: server: create new function cli_find_server() to find a server |
| - MINOR: proxy: create new function cli_find_frontend() to find a frontend |
| - REORG: cli: move 'set server' to server.c |
| - REORG: cli: move 'show pools' to memory.c |
| - REORG: cli: move 'show servers' to proxy.c |
| - REORG: cli: move 'show sess' to stream.c |
| - REORG: cli: move 'show backend' to proxy.c |
| - REORG: cli: move get/set weight to server.c |
| - REORG: cli: move "show stat" to stats.c |
| - REORG: cli: move "show info" to stats.c |
| - REORG: cli: move dump_text(), dump_text_line(), and dump_binary() to standard.c |
| - REORG: cli: move table dump/clear/set to stick_table.c |
| - REORG: cli: move "show errors" out of cli.c |
| - REORG: cli: make "show env" also use the generic keyword registration |
| - REORG: cli: move "set timeout" to its own handler |
| - REORG: cli: move "clear counters" to stats.c |
| - REORG: cli: move "set maxconn global" to its own handler |
| - REORG: cli: move "set maxconn server" to server.c |
| - REORG: cli: move "set maxconn frontend" to proxy.c |
| - REORG: cli: move "shutdown sessions server" to stream.c |
| - REORG: cli: move "shutdown session" to stream.c |
| - REORG: cli: move "shutdown frontend" to proxy.c |
| - REORG: cli: move "{enable|disable} frontend" to proxy.c |
| - REORG: cli: move "{enable|disable} server" to server.c |
| - REORG: cli: move "{enable|disable} health" to server.c |
| - REORG: cli: move "{enable|disable} agent" to server.c |
| - REORG: cli: move the "set rate-limit" functions to their own parser |
| - CLEANUP: cli: rename STAT_CLI_* to CLI_ST_* |
| - CLEANUP: cli: simplify the request parser a little bit |
| - CLEANUP: cli: remove assignments to st0 and st2 in keyword parsers |
| - BUILD: server: remove a build warning introduced by latest series |
| - BUG/MINOR: log-format: uncatched memory allocation functions |
| - CLEANUP: log-format: useless file and line in json converter |
| - CLEANUP/MINOR: log-format: unexport functions parse_logformat_var_args() and parse_logformat_var() |
| - CLEANUP: log-format: fix return code of the function parse_logformat_var() |
| - CLEANUP: log-format: fix return code of function parse_logformat_var_args() |
| - CLEANUP: log-format: remove unused arguments |
| - MEDIUM: log-format: strict parsing and enable fail |
| - MEDIUM: log-format/conf: take into account the parse_logformat_string() return code |
| - BUILD: ssl: make the SSL layer build again with openssl 0.9.8 |
| - BUILD: vars: remove a build warning on vars.c |
| - MINOR: lua: add utility function for check boolean argument |
| - MINOR: lua: Add tokenize function. |
| - BUG/MINOR: conf: calloc untested |
| - MINOR: http/conf: store the use_backend configuration file and line for logs |
| - MEDIUM: log-format: Use standard HAProxy log system to report errors |
| - CLEANUP: sample: report "converter" instead of "conv method" in error messages |
| - BUG: spoe: Fix parsing of SPOE actions in ACK frames |
| - MINOR: cli: make "show stat" support a proxy name |
| - MINOR: cli: make "show errors" support a proxy name |
| - MINOR: cli: make "show errors" capable of dumping only request or response |
| - BUG/MINOR: freq-ctr: make swrate_add() support larger values |
| - CLEANUP: counters: move from 3 types to 2 types |
| - CLEANUP: cfgparse: cascade the warnif_misplaced_* rules |
| - REORG: tcp-rules: move tcp rules processing to their own file |
| - REORG: stkctr: move all the stick counters processing to stick-tables.c |
| - DOC: update the roadmap file with the latest changes |
| |
| 2016/11/09 : 1.7-dev6 |
| - DOC: fix the entry for hash-balance-factor config option |
| - DOC: Fix typo in description of `-st` parameter in man page |
| - CLEANUP: cfgparse: Very minor spelling correction |
| - MINOR: examples: Update haproxy.spec URLs to haproxy.org |
| - BUG/MEDIUM: peers: on shutdown, wake up the appctx, not the stream |
| - BUG/MEDIUM: peers: fix use after free in peer_session_create() |
| - MINOR: peers: make peer_session_forceshutdown() use the appctx and not the stream |
| - MINOR: peers: remove the pointer to the stream |
| - BUG/MEDIUM: systemd-wrapper: return correct exit codes |
| - DOC: stats: provide state details for show servers state |
| - MEDIUM: tools: make str2ip2() preserve existing ports |
| - CLEANUP: tools: make ipcpy() preserve the original port |
| - OPTIM: http: move all http character classs tables into a single one |
| - OPTIM: http: improve parsing performance of long header lines |
| - OPTIM: http: improve parsing performance of long URIs |
| - OPTIM: http: optimize lookup of comma and quote in header values |
| - BUG/MEDIUM: srv-state: properly restore the DRAIN state |
| - BUG/MINOR: srv-state: allow to have both CMAINT and FDRAIN flags |
| - MINOR: server: do not emit warnings/logs/alerts on server state changes at boot |
| - BUG/MEDIUM: servers: properly propagate the maintenance states during startup |
| - MEDIUM: wurfl: add Scientiamobile WURFL device detection module |
| - DOC: move the device detection modules documentation to their own files |
| - CLEANUP: wurfl: reduce exposure in the rest of the code |
| - MEDIUM: ssl: Add support for OpenSSL 1.1.0 |
| - MINOR: stream: make option contstats usable again |
| - MEDIUM: tools: make str2sa_range() return the FQDN even when not resolving |
| - MINOR: init: move apply_server_state in haproxy.c before MODE_CHECK |
| - MAJOR: server: postpone address resolution |
| - MINOR: new srv_admin flag: SRV_ADMF_RMAINT |
| - MINOR: server: indicate in the logs when RMAINT is cleared |
| - MINOR: stats: indicate it when a server is down due to resolution |
| - MINOR: server: make srv_set_admin_state() capable of telling why this happens |
| - MINOR: dns: implement extra 'hold' timers. |
| - MAJOR: dns: runtime resolution can change server admin state |
| - MEDIUM: cli: leave the RMAINT state when setting an IP address on the CLI |
| - MEDIUM: server: add a new init-addr server line setting |
| - MEDIUM: server: make use of init-addr |
| - MINOR: server: implement init-addr none |
| - MEDIUM: server: make libc resolution failure non-fatal |
| - MINOR: server: add support for explicit numeric address in init-addr |
| - DOC: add some documentation for the "init-addr" server keyword |
| - MINOR: init: add -dr to ignore server address resolution failures |
| - MEDIUM: server: do not restrict anymore usage of IP address from the state file |
| - BUG: vars: Fix 'set-var' converter because of a typo |
| - CLEANUP: remove last references to 'ruleset' section |
| - MEDIUM: filters: Add attch/detach and stream_set_backend callbacks |
| - MINOR: filters: Update filters documentation accordingly to recent changes |
| - MINOR: filters: Call stream_set_backend callbacks before updating backend stats |
| - MINOR: filters: Remove backend filters attached to a stream only for HTTP streams |
| - MINOR: flt_trace: Add hexdump option to dump forwarded data |
| - MINOR: cfgparse: Add functions to backup and restore registered sections |
| - MINOR: cfgparse: Parse scope lines and save the last one parsed |
| - REORG: sample: move code to release a sample expression in sample.c |
| - MINOR: vars: Allow '.' in variable names |
| - MINOR: vars: Add vars_set_by_name_ifexist function |
| - MEDIUM: vars: Add a per-process scope for variables |
| - MINOR: vars: Add 'unset-var' action/converter |
| - MAJOR: spoe: Add an experimental Stream Processing Offload Engine |
| - MINOR: spoe: add random ip-reputation service as SPOA example |
| - MINOR: spoe/checks: Add support for SPOP health checks |
| - DOC: update ROADMAP file |
| |
| 2016/10/25 : 1.7-dev5 |
| - MINOR: cfgparse: few memory leaks fixes. |
| - MEDIUM: log: Decompose %Tq in %Th %Ti %TR |
| - CLEANUP: logs: remove unused log format field definitions |
| - BUILD/MAJOR:updated 51d Trie implementation to incorperate latest update to 51Degrees.c |
| - BUG/MAJOR: stream: properly mark the server address as unset on connect retry |
| - CLEANUP: proto_http: Removing useless variable assignation |
| - CLEANUP: dumpstats: Removing useless variables allocation |
| - CLEANUP: dns: Removing usless variable & assignation |
| - BUG/MINOR: payload: fix SSLv2 version parser |
| - MINOR: cli: allow the semi-colon to be escaped on the CLI |
| - MINOR: cli: change a server health check port through the stats socket |
| - BUG/MINOR: Fix OSX compilation errors |
| - MAJOR: check: find out which port to use for health check at run time |
| - MINOR: server: introduction of 3 new server flags |
| - MINOR: new update_server_addr_port() function to change both server's ADDR and service PORT |
| - MINOR: cli: ability to change a server's port |
| - CLEANUP/MINOR dns: comment do not follow up code update |
| - MINOR: chunk: new strncat function |
| - MINOR: dns: wrong DNS_MAX_UDP_MESSAGE value |
| - MINOR: dns: new MAX values |
| - MINOR: dns: new macro to compute DNS header size |
| - MINOR: dns: new DNS structures to store received packets |
| - MEDIUM: dns: new DNS response parser |
| - MINOR: dns: query type change when last record is a CNAME |
| - MINOR: dns: proper domain name validation when receiving DNS response |
| - MINOR: dns: comments in types/dns.h about structures endianness |
| - BUG/MINOR: displayed PCRE version is running release |
| - MINOR: show Built with PCRE version |
| - MINOR: show Running on zlib version |
| - MEDIUM: make SO_REUSEPORT configurable |
| - MINOR: enable IP_BIND_ADDRESS_NO_PORT on backend connections |
| - BUG/MEDIUM: http/compression: Fix how chunked data are copied during the HTTP body parsing |
| - BUG/MINOR: stats: report the correct conn_time in backend's html output |
| - BUG/MEDIUM: dns: don't randomly crash on out-of-memory |
| - MINOR: Add fe_req_rate sample fetch |
| - MEDIUM: peers: Fix a peer stick-tables synchronization issue. |
| - MEDIUM: cli: register CLI keywords with cli_register_kw() |
| - BUILD: Make use of accept4() on OpenBSD. |
| - MINOR: tcp: make set-src/set-src-port and set-dst/set-dst-port commutative |
| - DOC: fix missed entry for "set-{src,dst}{,-port}" |
| - BUG/MINOR: vars: use sess and not s->sess in action_store() |
| - BUG/MINOR: vars: make smp_fetch_var() more robust against misuses |
| - BUG/MINOR: vars: smp_fetch_var() doesn't depend on HTTP but on the session |
| - MINOR: stats: output dcon |
| - CLEANUP: tcp rules: mention everywhere that tcp-conn rules are L4 |
| - MINOR: counters: add new fields for denied_sess |
| - MEDIUM: tcp: add registration and processing of TCP L5 rules |
| - MINOR: stats: emit dses |
| - DOC: document tcp-request session |
| - MINOR: ssl: add debug traces |
| - BUILD/CLEANUP: ssl: Check BIO_reset() return code |
| - BUG/MINOR: ssl: Check malloc return code |
| - BUG/MINOR: ssl: prevent multiple entries for the same certificate |
| - BUG/MINOR: systemd: make the wrapper return a non-null status code on error |
| - BUG/MINOR: systemd: always restore signals before execve() |
| - BUG/MINOR: systemd: check return value of calloc() |
| - MINOR: systemd: report it when execve() fails |
| - BUG/MEDIUM: systemd: let the wrapper know that haproxy has completed or failed |
| - MINOR: proxy: add 'served' field to proxy, equal to total of all servers' |
| - MINOR: backend: add hash-balance-factor option for hash-type consistent |
| - MINOR: server: compute a "cumulative weight" to allow chash balancing to hit its target |
| - MEDIUM: server: Implement bounded-load hash algorithm |
| - SCRIPTS: make git-show-backports also dump a "git show" command |
| - MINOR: build: Allow linking to device-atlas library file |
| - MINOR: stats: Escape equals sign on socket dump |
| |
| 2016/08/14 : 1.7-dev4 |
| - MINOR: add list_append_word function |
| - MEDIUM: init: use list_append_word in haproxy.c |
| - MEDIUM: init: allow directory as argument of -f |
| - CLEANUP: config: detect double registration of a config section |
| - MINOR: log: add the %Td log-format specifier |
| - MEDIUM: filters: Move HTTP headers filtering in its own callback |
| - MINOR: filters: Simplify calls to analyzers using 2 new macros |
| - MEDIUM: filters: Add pre and post analyzer callbacks |
| - DOC: filters: Update the filters documentation accordingly to recent changes |
| - BUG/MEDIUM: init: don't use environment locale |
| - SCRIPTS: teach git-show-backports how to report upstream commits |
| - SCRIPTS: make git-show-backports capable of limiting its history |
| - BUG/MAJOR: fix listening IP address storage for frontends |
| - BUG/MINOR: fix listening IP address storage for frontends (cont) |
| - DOC: Fix typo so fetch is properly parsed by Cyril's converter |
| - BUG/MAJOR: http: fix breakage of "reqdeny" causing random crashes |
| - BUG/MEDIUM: stick-tables: fix breakage in table converters |
| - MINOR: stick-table: change all stick-table converters' inputs to SMP_T_ANY |
| - BUG/MEDIUM: dns: unbreak DNS resolver after header fix |
| - BUILD: fix build on Solaris 11 |
| - BUG/MEDIUM: config: fix multiple declaration of section parsers |
| - BUG/MEDIUM: stats: show servers state may show an servers from another backend |
| - BUG/MEDIUM: fix risk of segfault with "show tls-keys" |
| - MEDIUM: dumpstats: 'show tls-keys' is now able to show secrets |
| - DOC: update doc about tls-tickets-keys dump |
| - MEDIUM: tcp: add 'set-src' to 'tcp-request connection' |
| - MINOR: set the CO_FL_ADDR_FROM_SET flags with 'set-src' |
| - MEDIUM: tcp/http: add 'set-src-port' action |
| - MEDIUM: tcp/http: new set-dst/set-dst-port actions |
| - BUG/MEDIUM: sticktables: segfault in some configuration error cases |
| - BUILD/MEDIUM: rebuild everything when an include file is changed |
| - BUILD/MEDIUM: force a full rebuild if some build options change |
| - BUG/MEDIUM: lua: converters doesn't work |
| - BUG/MINOR: http: add-header: header name copied twice |
| - BUG/MEDIUM: http: add-header: buffer overwritten |
| - BUG/MINOR: ssl: fix potential memory leak in ssl_sock_load_dh_params() |
| - MINOR: stream: export the function 'smp_create_src_stkctr' |
| - BUG/MEDIUM: dumpstats: undefined behavior in stats_tlskeys_list() |
| - MEDIUM: dumpstats: make stats_tlskeys_list() yield-aware during tls-keys dump |
| - BUG/MINOR: http: url32+src should use the big endian version of url32 |
| - BUG/MINOR: http: url32+src should check cli_conn before using it |
| - DOC: http: add documentation for url32 and url32+src |
| - BUG/MINOR: fix http-response set-log-level parsing error |
| - MINOR: systemd: Use variable for config and pidfile paths |
| - MINOR: systemd: Perform sanity check on config before reload |
| - MEDIUM: ssl: support SNI filters with multicerts |
| - MINOR: ssl: crt-list parsing factor |
| - BUILD: ssl: fix typo causing a build failure in the multicert patch |
| - MINOR: listener: add the "accept-netscaler-cip" option to the "bind" keyword |
| - MINOR: tcp: add "tcp-request connection expect-netscaler-cip layer4" |
| - BUG/MINOR: init: always ensure that global.rlimit_nofile matches actual limits |
| - BUG/MINOR: init: ensure that FD limit is raised to the max allowed |
| - BUG/MEDIUM: external-checks: close all FDs right after the fork() |
| - BUG/MAJOR: external-checks: use asynchronous signal delivery |
| - BUG/MINOR: external-checks: do not unblock undesired signals |
| - CLEANUP: external-check: don't block/unblock SIGCHLD when manipulating the list |
| - BUG/MEDIUM: filters: Fix data filtering when data are modified |
| - BUG/MINOR: filters: Fix HTTP parsing when a filter loops on data forwarding |
| - BUG/MINOR: srv-state: fix incorrect output of state file |
| - BUG/MINOR: ssl: close ssl key file on error |
| - BUG/MINOR: http: fix misleading error message for response captures |
| - BUG/BUILD: don't automatically run "make" on "make install" |
| - DOC: add missing doc for http-request deny [deny_status <status>] |
| - CLEANUP: dumpstats: u64 field is an unsigned type. |
| - BUG/MEDIUM: http: unbreak uri/header/url_param hashing |
| - BUG/MINOR: Rework slightly commit 9962f8fc to clean code and avoid mistakes |
| - MINOR: new function my_realloc2 = realloc + free upon failure |
| - CLEANUP: fixed some usages of realloc leading to memory leak |
| - Revert "BUG/MINOR: ssl: fix potential memory leak in ssl_sock_load_dh_params()" |
| - CLEANUP: connection: using internal struct to hold source and dest port. |
| - DOC: spelling fixes |
| - BUG/MINOR: ssl: fix potential memory leak in ssl_sock_load_dh_params() |
| - BUG/MEDIUM: dns: fix alignment issues in the DNS response parser |
| - BUG/MINOR: Fix endiness issue in DNS header creation code |
| - BUG/MEDIUM: lua: the function txn_done() from sample fetches can crash |
| - BUG/MEDIUM: lua: the function txn_done() from action wrapper can crash |
| - MEDIUM: http: implement http-response track-sc* directive |
| - BUG/MINOR: peers: Fix peers data decoding issue |
| - BUG/MINOR: peers: don't count track-sc multiple times on errors |
| - MINOR: standard: add function "escape_string" |
| - BUG/MEDIUM: log: use function "escape_string" instead of "escape_chunk" |
| - MINOR: tcp: Return TCP statistics like RTT and RTT variance |
| - DOC: lua: remove old functions |
| - BUG/MEDIUM: lua: somme HTTP manipulation functions are called without valid requests |
| - DOC: fix json converter example and error message |
| - BUG/MEDIUM: stream-int: completely detach connection on connect error |
| - DOC: minor typo fixes to improve HTML parsing by haproxy-dconv |
| - BUILD: make proto_tcp.c compatible with musl library |
| - BUG/MAJOR: compression: initialize avail_in/next_in even during flush |
| - BUG/MEDIUM: samples: make smp_dup() always duplicate the sample |
| - MINOR: sample: implement smp_is_safe() and smp_make_safe() |
| - MINOR: sample: provide smp_is_rw() and smp_make_rw() |
| - BUG/MAJOR: server: the "sni" directive could randomly cause trouble |
| - BUG/MEDIUM: stick-tables: do not fail on string keys with no allocated size |
| - BUG/MEDIUM: stick-table: properly convert binary samples to keys |
| - MINOR: sample: use smp_make_rw() in upper/lower converters |
| - MINOR: tcp: add dst_is_local and src_is_local |
| - BUG/MINOR: peers: some updates are pushed twice after a resync. |
| - BUILD: protocol: fix some build errors on OpenBSD |
| - BUILD: log: iovec requires to include sys/uio.h on OpenBSD |
| - BUILD: tcp: do not include netinet/ip.h for IP_TTL |
| - BUILD: connection: fix build breakage on openbsd due to missing in_systm.h |
| - BUILD: checks: remove the last strcat and eliminate a warning on OpenBSD |
| - BUILD: tcp: define SOL_TCP when only IPPROTO_TCP exists |
| - BUILD: compression: remove a warning when no compression lib is used |
| - BUILD: poll: remove unused hap_fd_isset() which causes a warning with clang |
| - MINOR: tcp: add further tcp info fetchers |
| - BUG/MINOR: peers: empty chunks after a resync. |
| - BUG/MAJOR: stick-counters: possible crash when using sc_trackers with wrong table |
| - MINOR: standard.c: ipcmp() function to compare 2 IP addresses stored in 2 struct sockaddr_storage |
| - MINOR: standard.c: ipcpy() function to copy an IP address from a struct sockaddr_storage into an other one |
| - MAJOR: listen section: don't use first bind port anymore when no server ports are provided |
| |
| 2016/05/10 : 1.7-dev3 |
| - MINOR: sample: Moves ARGS underlying type from 32 to 64 bits. |
| - BUG/MINOR: log: Don't use strftime() which can clobber timezone if chrooted |
| - BUILD: namespaces: fix a potential build warning in namespaces.c |
| - MINOR: da: Using ARG12 macro for the sample fetch and the convertor. |
| - DOC: add encoding to json converter example |
| - BUG/MINOR: conf: "listener id" expects integer, but its not checked |
| - DOC: Clarify tunes.vars.xxx-max-size settings |
| - CLEANUP: chunk: adding NULL check to chunk_dup allocation. |
| - CLEANUP: connection: fix double negation on memcmp() |
| - BUG/MEDIUM: peers: fix incorrect age in frequency counters |
| - BUG/MEDIUM: Fix RFC5077 resumption when more than TLS_TICKETS_NO are present |
| - BUG/MAJOR: Fix crash in http_get_fhdr with exactly MAX_HDR_HISTORY headers |
| - BUG/MINOR: lua: can't load external libraries |
| - BUG/MINOR: prevent the dump of uninitialized vars |
| - CLEANUP: map: it seems that the map were planed to be chained |
| - MINOR: lua: move class registration facilities |
| - MINOR: lua: remove some useless checks |
| - CLEANUP: lua: Remove two same functions |
| - MINOR: lua: refactor the Lua object registration |
| - MINOR: lua: precise message when a critical error is catched |
| - MINOR: lua: post initialization |
| - MINOR: lua: Add internal function which strip spaces |
| - MINOR: lua: convert field to lua type |
| - DOC: "addr" parameter applies to both health and agent checks |
| - DOC: timeout client: pointers to timeout http-request |
| - DOC: typo on stick-store response |
| - DOC: stick-table: amend paragraph blaming the loss of table upon reload |
| - DOC: typo: ACL subdir match |
| - DOC: typo: maxconn paragraph is wrong due to a wrong buffer size |
| - DOC: regsub: parser limitation about the inability to use closing square brackets |
| - DOC: typo: req.uri is now replaced by capture.req.uri |
| - DOC: name set-gpt0 mismatch with the expected keyword |
| - MINOR: http: sample fetch which returns unique-id |
| - MINOR: dumpstats: extract stats fields enum and names |
| - MINOR: dumpstats: split stats_dump_info_to_buffer() in two parts |
| - MINOR: dumpstats: split stats_dump_fe_stats() in two parts |
| - MINOR: dumpstats: split stats_dump_li_stats() in two parts |
| - MINOR: dumpstats: split stats_dump_sv_stats() in two parts |
| - MINOR: dumpstats: split stats_dump_be_stats() in two parts |
| - MINOR: lua: dump general info |
| - MINOR: lua: add class proxy |
| - MINOR: lua: add class server |
| - MINOR: lua: add class listener |
| - BUG/MEDIUM: stick-tables: some sample-fetch doesn't work in the connection state. |
| - MEDIUM: proxy: use dynamic allocation for error dumps |
| - CLEANUP: remove unneeded casts |
| - CLEANUP: uniformize last argument of malloc/calloc |
| - DOC: fix "needed" typo |
| - BUG/MINOR: dumpstats: fix write to global chunk |
| - BUG/MINOR: dns: inapropriate way out after a resolution timeout |
| - BUG/MINOR: dns: trigger a DNS query type change on resolution timeout |
| - CLEANUP: proto_http: few corrections for gcc warnings. |
| - BUG/MINOR: DNS: resolution structure change |
| - BUG/MINOR : allow to log cookie for tarpit and denied request |
| - BUG/MEDIUM: ssl: rewind the BIO when reading certificates |
| - OPTIM/MINOR: session: abort if possible before connecting to the backend |
| - DOC: http: rename the unique-id sample and add the documentation |
| - BUG/MEDIUM: trace.c: rdtsc() is defined in two files |
| - BUG/MEDIUM: channel: fix miscalculation of available buffer space (2nd try) |
| - BUG/MINOR: server: risk of over reading the pref_net array. |
| - BUG/MINOR: cfgparse: couple of small memory leaks. |
| - BUG/MEDIUM: sample: initialize the pointer before parse_binary call. |
| - DOC: fix discrepancy in the example for http-request redirect |
| - MINOR: acl: Add predefined METH_DELETE, METH_PUT |
| - CLEANUP: .gitignore cleanup |
| - DOC: Clarify IPv4 address / mask notation rules |
| - CLEANUP: fix inconsistency between fd->iocb, proto->accept and accept() |
| - BUG/MEDIUM: fix maxaccept computation on per-process listeners |
| - BUG/MINOR: listener: stop unbound listeners on startup |
| - BUG/MINOR: fix maxaccept computation according to the frontend process range |
| - TESTS: add blocksig.c to run tests with all signals blocked |
| - MEDIUM: unblock signals on startup. |
| - MINOR: filters: Print the list of existing filters during HA startup |
| - MINOR: filters: Typo in an error message |
| - MINOR: filters: Filters must define the callbacks struct during config parsing |
| - DOC: filters: Add filters documentation |
| - BUG/MEDIUM: channel: don't allow to overwrite the reserve until connected |
| - BUG/MEDIUM: channel: incorrect polling condition may delay event delivery |
| - BUG/MEDIUM: channel: fix miscalculation of available buffer space (3rd try) |
| - BUG/MEDIUM: log: fix risk of segfault when logging HTTP fields in TCP mode |
| - MINOR: Add ability for agent-check to set server maxconn |
| - CLEANUP: Use server_parse_maxconn_change_request for maxconn CLI updates |
| - MINOR: filters: add opaque data |
| - BUG/MEDIUM: lua: protects the upper boundary of the argument list for converters/fetches. |
| - MINOR: lua: migrate the argument mask to 64 bits type. |
| - BUG/MINOR: dumpstats: Fix the "Total bytes saved" counter in backends stats |
| - BUG/MINOR: log: fix a typo that would cause %HP to log <BADREQ> |
| - BUG/MEDIUM: http: fix incorrect reporting of server errors |
| - MINOR: channel: add new function channel_congested() |
| - BUG/MEDIUM: http: fix risk of CPU spikes with pipelined requests from dead client |
| - BUG/MAJOR: channel: fix miscalculation of available buffer space (4th try) |
| - BUG/MEDIUM: stream: ensure the SI_FL_DONT_WAKE flag is properly cleared |
| - BUG/MEDIUM: channel: fix inconsistent handling of 4GB-1 transfers |
| - BUG/MEDIUM: stats: show servers state may show an empty or incomplete result |
| - BUG/MEDIUM: stats: show backend may show an empty or incomplete result |
| - MINOR: stats: fix typo in help messages |
| - MINOR: stats: show stat resolvers missing in the help message |
| - BUG/MINOR: dns: fix DNS header definition |
| - BUG/MEDIUM: dns: fix alignment issue when building DNS queries |
| - CLEANUP: don't ignore scripts in .gitignore |
| - BUILD: add a few release and backport scripts in scripts/ |
| |
| 2016/03/14 : 1.7-dev2 |
| - DOC: lua: fix lua API |
| - DOC: mailers: typo in 'hostname' description |
| - DOC: compression: missing mention of libslz for compression algorithm |
| - BUILD/MINOR: regex: missing header |
| - BUG/MINOR: stream: bad return code |
| - DOC: lua: fix somme errors and add implicit types |
| - MINOR: lua: add set/get priv for applets |
| - BUG/MINOR: http: fix several off-by-one errors in the url_param parser |
| - BUG/MINOR: http: Be sure to process all the data received from a server |
| - MINOR: filters/http: Use a wrapper function instead of stream_int_retnclose |
| - BUG/MINOR: chunk: make chunk_dup() always check and set dst->size |
| - DOC: ssl: fixed some formatting errors in crt tag |
| - MINOR: chunks: ensure that chunk_strcpy() adds a trailing zero |
| - MINOR: chunks: add chunk_strcat() and chunk_newstr() |
| - MINOR: chunk: make chunk_initstr() take a const string |
| - MEDIUM: tools: add csv_enc_append() to preserve the original chunk |
| - MINOR: tools: make csv_enc_append() always start at the first byte of the chunk |
| - MINOR: lru: new function to delete <nb> least recently used keys |
| - DOC: add Ben Shillito as the maintainer of 51d |
| - BUG/MINOR: 51d: Ensures a unique domain for each configuration |
| - BUG/MINOR: 51d: Aligns Pattern cache implementation with HAProxy best practices. |
| - BUG/MINOR: 51d: Releases workset back to pool. |
| - BUG/MINOR: 51d: Aligned const pointers to changes in 51Degrees. |
| - CLEANUP: 51d: Aligned if statements with HAProxy best practices and removed casts from malloc. |
| - MINOR: rename master process name in -Ds (systemd mode) |
| - DOC: fix a few spelling mistakes |
| - DOC: fix "workaround" spelling |
| - BUG/MINOR: examples: Fixing haproxy.spec to remove references to .cfg files |
| - MINOR: fix the return type for dns_response_get_query_id() function |
| - MINOR: server state: missing LF (\n) on error message printed when parsing server state file |
| - BUG/MEDIUM: dns: no DNS resolution happens if no ports provided to the nameserver |
| - BUG/MAJOR: servers state: server port is erased when dns resolution is enabled on a server |
| - BUG/MEDIUM: servers state: server port is used uninitialized |
| - BUG/MEDIUM: config: Adding validation to stick-table expire value. |
| - BUG/MEDIUM: sample: http_date() doesn't provide the right day of the week |
| - BUG/MEDIUM: channel: fix miscalculation of available buffer space. |
| - MEDIUM: pools: add a new flag to avoid rounding pool size up |
| - BUG/MEDIUM: buffers: do not round up buffer size during allocation |
| - BUG/MINOR: stream: don't force retries if the server is DOWN |
| - BUG/MINOR: counters: make the sc-inc-gpc0 and sc-set-gpt0 touch the table |
| - MINOR: unix: don't mention free ports on EAGAIN |
| - BUG/CLEANUP: CLI: report the proper field states in "show sess" |
| - MINOR: stats: send content-length with the redirect to allow keep-alive |
| - BUG: stream_interface: Reuse connection even if the output channel is empty |
| - DOC: remove old tunnel mode assumptions |
| - BUG/MAJOR: http-reuse: fix risk of orphaned connections |
| - BUG/MEDIUM: http-reuse: do not share private connections across backends |
| - BUG/MINOR: ssl: Be sure to use unique serial for regenerated certificates |
| - BUG/MINOR: stats: fix missing comma in stats on agent drain |
| - MAJOR: filters: Add filters support |
| - MINOR: filters: Do not reset stream analyzers if the client is gone |
| - REORG: filters: Prepare creation of the HTTP compression filter |
| - MAJOR: filters/http: Rewrite the HTTP compression as a filter |
| - MEDIUM: filters: Use macros to call filters callbacks to speed-up processing |
| - MEDIUM: filters: remove http_start_chunk, http_last_chunk and http_chunk_end |
| - MEDIUM: filters: Replace filter_http_headers callback by an analyzer |
| - MEDIUM: filters/http: Move body parsing of HTTP messages in dedicated functions |
| - MINOR: filters: Add stream_filters structure to hide filters info |
| - MAJOR: filters: Require explicit registration to filter HTTP body and TCP data |
| - MINOR: filters: Remove unused or useless stuff and do small optimizations |
| - MEDIUM: filters: Optimize the HTTP compression for chunk encoded response |
| - MINOR: filters/http: Slightly update the parsing of chunks |
| - MINOR: filters/http: Forward remaining data when a channel has no "data" filters |
| - MINOR: filters: Add an filter example |
| - MINOR: filters: Extract proxy stuff from the struct filter |
| - MINOR: map: Add regex matching replacement |
| - BUG/MINOR: lua: unsafe initialization |
| - DOC: lua: fix somme errors |
| - MINOR: lua: file dedicated to unsafe functions |
| - MINOR: lua: add "now" time function |
| - MINOR: standard: add RFC HTTP date parser |
| - MINOR: lua: Add date functions |
| - MINOR: lua: move common function |
| - MINOR: lua: merge function |
| - MINOR: lua: Add concat class |
| - MINOR: standard: add function "escape_chunk" |
| - MEDIUM: log: add a new log format flag "E" |
| - DOC: add server name at rate-limit sessions example |
| - BUG/MEDIUM: ssl: fix off-by-one in ALPN list allocation |
| - BUG/MEDIUM: ssl: fix off-by-one in NPN list allocation |
| - DOC: LUA: fix some typos and syntax errors |
| - MINOR: cli: add a new "show env" command |
| - MEDIUM: config: allow to manipulate environment variables in the global section |
| - MEDIUM: cfgparse: reject incorrect 'timeout retry' keyword spelling in resolvers |
| - MINOR: mailers: increase default timeout to 10 seconds |
| - MINOR: mailers: use <CRLF> for all line endings |
| - BUG/MAJOR: lua: segfault using Concat object |
| - DOC: lua: copyrights |
| - MINOR: common: mask conversion |
| - MEDIUM: dns: extract options |
| - MEDIUM: dns: add a "resolve-net" option which allow to prefer an ip in a network |
| - MINOR: mailers: make it possible to configure the connection timeout |
| - BUG/MAJOR: lua: applets can't sleep. |
| - BUG/MINOR: server: some prototypes are renamed |
| - BUG/MINOR: lua: Useless copy |
| - BUG/MEDIUM: stats: stats bind-process doesn't propagate the process mask correctly |
| - BUG/MINOR: server: fix the format of the warning on address change |
| - CLEANUP: server: add "const" to some message strings |
| - MINOR: server: generalize the "updater" source |
| - BUG/MEDIUM: chunks: always reject negative-length chunks |
| - BUG/MINOR: systemd: ensure we don't miss signals |
| - BUG/MINOR: systemd: report the correct signal in debug message output |
| - BUG/MINOR: systemd: propagate the correct signal to haproxy |
| - MINOR: systemd: ensure a reload doesn't mask a stop |
| - BUG/MEDIUM: cfgparse: wrong argument offset after parsing server "sni" keyword |
| - CLEANUP: stats: Avoid computation with uninitialized bits. |
| - CLEANUP: pattern: Ignore unknown samples in pat_match_ip(). |
| - CLEANUP: map: Avoid memory leak in out-of-memory condition. |
| - BUG/MINOR: tcpcheck: fix incorrect list usage resulting in failure to load certain configs |
| - BUG/MAJOR: samples: check smp->strm before using it |
| - MINOR: sample: add a new helper to initialize the owner of a sample |
| - MINOR: sample: always set a new sample's owner before evaluating it |
| - BUG/MAJOR: vars: always retrieve the stream and session from the sample |
| - CLEANUP: payload: remove useless and confusing nullity checks for channel buffer |
| - BUG/MINOR: ssl: fix usage of the various sample fetch functions |
| - MINOR: stats: create fields types suitable for all CSV output data |
| - MINOR: stats: add all the "show info" fields in a table |
| - MEDIUM: stats: fill all the show info elements prior to displaying them |
| - MINOR: stats: add a function to emit fields into a chunk |
| - MINOR: stats: add stats_dump_info_fields() to dump one field per line |
| - MEDIUM: stats: make use of stats_dump_info_fields() for "show info" |
| - MINOR: stats: add a declaration of all stats fields |
| - MINOR: stats: don't hard-code the CSV fields list anymore |
| - MINOR: stats: create stats fields storage and CSV dump function |
| - MEDIUM: stats: convert stats_dump_fe_stats() to use stats_dump_fields_csv() |
| - MEDIUM: stats: make stats_dump_fe_stats() use stats fields for HTML dump |
| - MEDIUM: stats: convert stats_dump_li_stats() to use stats_dump_fields_csv() |
| - MEDIUM: stats: make stats_dump_li_stats() use stats fields for HTML dump |
| - MEDIUM: stats: convert stats_dump_be_stats() to use stats_dump_fields_csv() |
| - MEDIUM: stats: make stats_dump_be_stats() use stats fields for HTML dump |
| - MEDIUM: stats: convert stats_dump_sv_stats() to use stats_dump_fields_csv() |
| - MEDIUM: stats: make stats_dump_sv_stats() use the stats field for HTML |
| - MEDIUM: stats: move the server state coloring logic to the server dump function |
| - MINOR: stats: do not use srv->admin & STATS_ADMF_MAINT in HTML dumps |
| - MINOR: stats: do not check srv->state for SRV_ST_STOPPED in HTML dumps |
| - MINOR: stats: make CSV report server check status only when enabled |
| - MINOR: stats: only report backend's down time if it has servers |
| - MINOR: stats: prepend '*' in front of the check status when in progress |
| - MINOR: stats: make HTML stats dump rely on the table for the check status |
| - MINOR: stats: add agent_status, agent_code, agent_duration to output |
| - MINOR: stats: add check_desc and agent_desc to the output fields |
| - MINOR: stats: add check and agent's health values in the output |
| - MEDIUM: stats: make the HTML server state dump use the CSV states |
| - MEDIUM: stats: only report observe errors when observe is set |
| - MEDIUM: stats: expose the same flags for CLI and HTTP accesses |
| - MEDIUM: stats: report server's address in the CSV output |
| - MEDIUM: stats: report the cookie value in the server & backend CSV dumps |
| - MEDIUM: stats: compute the color code only in the HTML form |
| - MEDIUM: stats: report the listeners' address in the CSV output |
| - MEDIUM: stats: make it possible to report the WAITING state for listeners |
| - REORG: stats: dump the frontend's HTML stats via a generic function |
| - REORG: stats: dump the socket stats via the generic function |
| - REORG: stats: dump the server stats via the generic function |
| - REORG: stats: dump the backend stats via the generic function |
| - MEDIUM: stats: add a new "mode" column to report the proxy mode |
| - MINOR: stats: report the load balancing algorithm in CSV output |
| - MINOR: stats: add 3 fields to report the frontend-specific connection stats |
| - MINOR: stats: report number of intercepted requests for frontend and backends |
| - MINOR: stats: introduce stats_dump_one_line() to dump one stats line |
| - CLEANUP: stats: make stats_dump_fields_html() not rely on proxy anymore |
| - MINOR: stats: add ST_SHOWADMIN to pass the admin info in the regular flags |
| - MINOR: stats: make stats_dump_fields_html() not use &trash by default |
| - MINOR: stats: add functions to emit typed fields into a chunk |
| - MEDIUM: stats: support "show info typed" on the CLI |
| - MEDIUM: stats: implement a typed output format for stats |
| - DOC: document the "show info typed" and "show stat typed" output formats |
| - MINOR: cfgparse: warn when uid parameter is not a number |
| - MINOR: cfgparse: warn when gid parameter is not a number |
| - BUG/MINOR: standard: Avoid free of non-allocated pointer |
| - BUG/MINOR: pattern: Avoid memory leak on out-of-memory condition |
| - CLEANUP: http: fix a build warning introduced by a recent fix |
| - BUG/MINOR: log: GMT offset not updated when entering/leaving DST |
| |
| 2015/12/20 : 1.7-dev1 |
| - DOC: specify that stats socket doc (section 9.2) is in management |
| - BUILD: install only relevant and existing documentation |
| - CLEANUP: don't ignore debian/ directory if present |
| - BUG/MINOR: dns: parsing error of some DNS response |
| - BUG/MEDIUM: namespaces: don't fail if no namespace is used |
| - BUG/MAJOR: ssl: free the generated SSL_CTX if the LRU cache is disabled |
| - MEDIUM: dns: Don't use the ANY query type |
| - BUILD: ssl: fix build error introduced in commit 7969a3 with OpenSSL < 1.0.0 |
| - DOC: fix a typo for a "deviceatlas" keyword |
| - FIX: small typo in an example using the "Referer" header |
| - MINOR: cli: ability to set per-server maxconn |
| - DEBUG/MINOR: memory: add a build option to disable memory pools sharing |
| - DEBUG/MEDIUM: memory: optionally protect free data in pools |
| - DEBUG/MEDIUM: memory: add optional control pool memory operations |
| - MEDIUM: memory: add accounting for failed allocations |
| - BUG/MEDIUM: config: count memory limits on 64 bits, not 32 |
| - BUG/MAJOR: dns: first DNS response packet not matching queried hostname may lead to a loop |
| - BUG/MINOR: dns: unable to parse CNAMEs response |
| - BUG/MINOR: examples/haproxy.init: missing brace in quiet_check() |
| - DOC: deviceatlas: more example use cases. |
| - MINOR: config: allow IPv6 bracketed literals |
| - BUG/BUILD: replace haproxy-systemd-wrapper with $(EXTRA) in install-bin. |
| - BUILD: add Haiku as supported target. |
| - BUG/MAJOR: http: don't requeue an idle connection that is already queued |
| - DOC: typo on capture.res.hdr and capture.req.hdr |
| - BUG/MINOR: dns: check for duplicate nameserver id in a resolvers section was missing |
| - CLEANUP: use direction names in place of numeric values |
| - BUG/MEDIUM: lua: sample fetches based on response doesn't work |
| - MINOR: check: add agent-send server parameter |
| - BUG/MINOR: http rule: http capture 'id' rule points to a non existing id |
| - BUG/MINOR: server: check return value of fgets() in apply_server_state() |
| - BUG/MINOR: acl: don't use record layer in req_ssl_ver |
| - BUILD: freebsd: double declaration |
| - BUG/MEDIUM: lua: clean output buffer |
| - BUILD: check for libressl to be able to build against it |
| - DOC: lua-api/index.rst small example fixes, spelling correction. |
| - DOC: lua: architecture and first steps |
| - DOC: relation between timeout http-request and option http-buffer-request |
| - BUILD: Make deviceatlas require PCRE |
| - BUG: http: do not abort keep-alive connections on server timeout |
| - BUG/MEDIUM: http: switch the request channel to no-delay once done. |
| - BUG/MINOR: lua: don't force-sslv3 LUA's SSL socket |
| - BUILD/MINOR: http: proto_http.h needs sample.h |
| - BUG/MEDIUM: http: don't enable auto-close on the response side |
| - BUG/MEDIUM: stream: fix half-closed timeout handling |
| - CLEANUP: compression: don't allocate DEFAULT_MAXZLIBMEM without USE_ZLIB |
| - BUG/MEDIUM: cli: changing compression rate-limiting must require admin level |
| - BUG/MEDIUM: sample: urlp can't match an empty value |
| - BUILD: dumpstats: silencing warning for printf format specifier / time_t |
| - CLEANUP: proxy: calloc call inverted arguments |
| - MINOR: da: silent logging by default and displaying DeviceAtlas support if built. |
| - BUG/MEDIUM: da: stop DeviceAtlas processing in the convertor if there is no input. |
| - DOC: Edited 51Degrees section of README/ |
| - BUG/MEDIUM: checks: email-alert not working when declared in defaults |
| - BUG/MINOR: checks: email-alert causes a segfault when an unknown mailers section is configured |
| - BUG/MINOR: checks: typo in an email-alert error message |
| - BUG/MINOR: tcpcheck: conf parsing error when no port configured on server and last rule is a CONNECT with no port |
| - BUG/MINOR: tcpcheck: conf parsing error when no port configured on server and first rule(s) is (are) COMMENT |
| - BUG/MEDIUM: http: fix http-reuse when frontend and backend differ |
| - DOC: prefer using http-request/response over reqXXX/rspXXX directives |
| - CLEANUP: haproxy: using _GNU_SOURCE instead of __USE_GNU macro. |
| - MINOR: ssl: Added cert_key_and_chain struct |
| - MEDIUM: ssl: Added support for creating SSL_CTX with multiple certs |
| - MINOR: ssl: Added multi cert support for crt-list config keyword |
| - MEDIUM: ssl: Added multi cert support for loading crt directories |
| - MEDIUM: ssl: Added support for Multi-Cert OCSP Stapling |
| - BUILD: ssl: set SSL_SOCK_NUM_KEYTYPES with openssl < 1.0.2 |
| - MINOR: config: make tune.recv_enough configurable |
| - BUG/MEDIUM: config: properly adjust maxconn with nbproc when memmax is forced |
| - DOC: ssl: Adding docs for Multi-Cert bundling |
| - BUG/MEDIUM: peers: table entries learned from a remote are pushed to others after a random delay. |
| - BUG/MEDIUM: peers: old stick table updates could be repushed. |
| - MINOR: lua: service/applet can have access to the HTTP headers when a POST is received |
| - REORG/MINOR: lua: convert boolean "int" to bitfield |
| - BUG/MEDIUM: lua: Lua applets must not fetch samples using http_txn |
| - BUG/MINOR: lua: Lua applets must not use http_txn |
| - BUG/MEDIUM: lua: Forbid HTTP applets from being called from tcp rulesets |
| - BUG/MAJOR: lua: Do not force the HTTP analysers in use-services |
| - CLEANUP: lua: bad error messages |
| - CONTRIB: initiate a debugging suite to make debugging easier |
| |
| 2015/10/13 : 1.7-dev0 |
| - exact copy of 1.6.0 |
| |
| 2015/10/13 : 1.6.0 |
| - BUG/MINOR: Handle interactive mode in cli handler |
| - DOC: global section missing parameters |
| - DOC: backend section missing parameters |
| - DOC: stats paramaters available in frontend |
| - MINOR: lru: do not allocate useless memory in lru64_lookup |
| - BUG/MINOR: http: Add OPTIONS in supported http methods (found by find_http_meth) |
| - BUG/MINOR: ssl: fix management of the cache where forged certificates are stored |
| - MINOR: ssl: Release Servers SSL context when HAProxy is shut down |
| - MINOR: ssl: Read the file used to generate certificates in any order |
| - MINOR: ssl: Add support for EC for the CA used to sign generated certificates |
| - MINOR: ssl: Add callbacks to set DH/ECDH params for generated certificates |
| - BUG/MEDIUM: logs: fix time zone offset format in RFC5424 |
| - BUILD: Fix the build on OSX (htonll/ntohll) |
| - BUILD: enable build on Linux/s390x |
| - BUG/MEDIUM: lua: direction test failed |
| - MINOR: lua: fix a spelling error in some error messages |
| - CLEANUP: cli: ensure we can never double-free error messages |
| - BUG/MEDIUM: lua: force server-close mode on Lua services |
| - MEDIUM: init: support more command line arguments after pid list |
| - MEDIUM: init: support a list of files on the command line |
| - MINOR: debug: enable memory poisonning to use byte 0 |
| - BUILD: ssl: fix build error introduced by recent commit |
| - BUG/MINOR: config: make the stats socket pass the correct proxy to the parsers |
| - MEDIUM: server: implement TCP_USER_TIMEOUT on the server |
| - DOC: mention the "namespace" options for bind and server lines |
| - DOC: add the "management" documentation |
| - DOC: move the stats socket documentation from config to management |
| - MINOR: examples: update haproxy.spec to mention new docs |
| - DOC: mention management.txt in README |
| - DOC: remove haproxy-{en,fr}.txt |
| - BUILD: properly report when USE_ZLIB and USE_SLZ are used together |
| - MINOR: init: report use of libslz instead of "no compression" |
| - CLEANUP: examples: remove some obsolete and confusing files |
| - CLEANUP: examples: remove obsolete configuration file samples |
| - CLEANUP: examples: fix the example file content-sw-sample.cfg |
| - CLEANUP: examples: update sample file option-http_proxy.cfg |
| - CLEANUP: examples: update sample file ssl.cfg |
| - CLEANUP: tests: move a test file from examples/ to tests/ |
| - CLEANUP: examples: shut up warnings in transparent proxy example |
| - CLEANUP: tests: removed completely obsolete test files |
| - DOC: update ROADMAP to remove what was done in 1.6 |
| - BUG/MEDIUM: pattern: fixup use_after_free in the pat_ref_delete_by_id |
| |
| 2015/10/06 : 1.6-dev7 |
| - MINOR: cli: Dump all resolvers stats if no resolver section is given |
| - BUG: config: external-check command validation is checking for incorrect arguments. |
| - DOC: documentation format cleanups |
| - DOC: lua: few typos. |
| - BUG/MEDIUM: str2ip: make getaddrinfo() consider local address selection policy |
| - BUG/MEDIUM: logs: segfault writing to log from Lua |
| - DOC: fix lua use-service example |
| - MINOR: payload: add support for tls session ticket ext |
| - MINOR: lua: remove the run flag |
| - MEDIUM: lua: change the timeout execution |
| - MINOR: lua: rename the tune.lua.applet-timeout |
| - DOC: lua: update Lua doc |
| - DOC: lua: update doc according with the last Lua changes |
| - MINOR: http/tcp: fill the avalaible actions |
| - DOC: reorder misplaced res.ssl_hello_type in the doc |
| - BUG/MINOR: tcp: make silent-drop always force a TCP reset |
| - CLEANUP: tcp: silent-drop: only drain the connection when quick-ack is disabled |
| - BUILD: tcp: use IPPROTO_IP when SOL_IP is not available |
| - BUILD: server: fix build warnings introduced by load-server-state |
| - BUG/MEDIUM: server: fix misuse of format string in load-server-state's warnings |
| |
| 2015/09/28 : 1.6-dev6 |
| - BUG/MAJOR: can't enable a server through the stat socket |
| - MINOR: server: Macro definition for server-state |
| - MINOR: cli: new stats socket command: show servers state |
| - DOC: stats socket command: show servers state |
| - MINOR: config: new global directive server-state-base |
| - DOC: global directive server-state-base |
| - MINOR: config: new global section directive: server-state-file |
| - DOC: new global directive: server-state-file |
| - MINOR: config: new backend directives: load-server-state-from-file and server-state-file-name |
| - DOC: load-server-state-from-file |
| - MINOR: init: server state loaded from file |
| - MINOR: server: startup slowstart task when using seamless reload of HAProxy |
| - MINOR: cli: new stats socket command: show backend |
| - DOC: servers state seamless reload example |
| - BUG: dns: can't connect UDP socket on FreeBSD |
| - MINOR: cfgparse: New function cfg_unregister_sections() |
| - MINOR: chunk: New function free_trash_buffers() |
| - BUG/MEDIUM: main: Freeing a bunch of static pointers |
| - MINOR: proto_http: Externalisation of previously internal functions |
| - MINOR: global: Few new struct fields for da module |
| - MAJOR: da: Update of the DeviceAtlas API module |
| - DOC: DeviceAtlas new keywords |
| - DOC: README: DeviceAtlas sample configuration updates |
| - MEDIUM: log: replace sendto() with sendmsg() in __send_log() |
| - MEDIUM: log: use a separate buffer for the header and for the message |
| - MEDIUM: logs: remove the hostname, tag and pid part from the logheader |
| - MEDIUM: logs: add support for RFC5424 header format per logger |
| - MEDIUM: logs: add a new RFC5424 log-format for the structured-data |
| - DOC: mention support for the RFC5424 syslog message format |
| - MEDIUM: logs: have global.log_send_hostname not contain the trailing space |
| - MEDIUM: logs: pass the trailing "\n" as an iovec |
| - BUG/MEDIUM: peers: some table updates are randomly not pushed. |
| - BUG/MEDIUM: peers: same table updates re-pushed after a re-connect |
| - BUG/MINOR: fct peer_prepare_ackmsg should not use trash. |
| - MINOR: http: made CHECK_HTTP_MESSAGE_FIRST accessible to other functions |
| - MINOR: global: Added new fields for 51Degrees device detection |
| - DOC: Added more explanation for 51Degrees V3.2 |
| - BUILD: Changed 51Degrees option to support V3.2 |
| - MAJOR: 51d: Upgraded to support 51Degrees V3.2 and new features |
| - MINOR: 51d: Improved string handling for LRU cache |
| - DOC: add references to rise/fall for the fastinter explanation |
| - MINOR: support cpu-map feature through the compile option USE_CPU_AFFINITY on FreeBSD |
| - BUG/MAJOR: lua: potential unexpected aborts() |
| - BUG/MINOR: lua: breaks the log message if his size exceed one buffer |
| - MINOR: action: add private configuration |
| - MINOR: action: add reference to the original keywork matched for the called parser. |
| - MINOR: lua: change actions registration |
| - MEDIUM: proto_http: smp_prefetch_http initialize txn |
| - MINOR: channel: rename function chn_sess to chn_strm |
| - CLEANUP: lua: align defines |
| - MINOR: http: export http_get_path() function |
| - MINOR: http: export the get_reason() function |
| - MINOR: http: export function http_msg_analyzer() |
| - MINOR: http: split initialization |
| - MINOR: lua: reset pointer after use |
| - MINOR: lua: identify userdata objects |
| - MEDIUM: lua: use the function lua_rawset in place of lua_settable |
| - BUG/MAJOR: lua: segfault after the channel data is modified by some Lua action. |
| - CLEANUP: lua: use calloc in place of malloc |
| - BUG/MEDIUM: lua: longjmp function must be unregistered |
| - BUG/MEDIUM: lua: forces a garbage collection |
| - BUG/MEDIUM: lua: wakeup task on bad conditions |
| - MINOR: standard: avoid DNS resolution from the function str2sa_range() |
| - MINOR: lua: extend socket address to support non-IP families |
| - MINOR: lua/applet: the cosocket applet should use appctx_wakeup in place of task_wakeup |
| - BUG/MEDIUM: lua: socket destroy before reading pending data |
| - MEDIUM: lua: change the GC policy |
| - OPTIM/MEDIUM: lua: executes the garbage collector only when using cosocket |
| - BUG/MEDIUM: lua: don't reset undesired flags in hlua_ctx_resume |
| - MINOR: applet: add init function |
| - MINOR: applet: add an execution timeout |
| - MINOR: stream/applet: add use-service action |
| - MINOR: lua: add AppletTCP class and service |
| - MINOR: lua: add AppletHTTP class and service |
| - DOC: lua: some documentation update |
| - DOC: add the documentation about internal circular lists |
| - DOC: add a CONTRIBUTING file |
| - DOC: add a MAINTAINERS file |
| - BUG/MAJOR: peers: fix a crash when stopping peers on unbound processes |
| - DOC: update coding-style to reference checkpatch.pl |
| - BUG/MEDIUM: stick-tables: fix double-decrement of tracked entries |
| - BUG/MINOR: args: add name for ARGT_VAR |
| - DOC: add more entries to MAINTAINERS |
| - DOC: add more entries to MAINTAINERS |
| - CLEANUP: stream-int: remove obsolete function si_applet_call() |
| - BUG/MAJOR: cli: do not dereference strm_li()->proto->name |
| - BUG/MEDIUM: http: do not dereference strm_li(stream) |
| - BUG/MEDIUM: proxy: do not dereference strm_li(stream) |
| - BUG/MEDIUM: stream: do not dereference strm_li(stream) |
| - MINOR: stream-int: use si_release_endpoint() to close idle conns |
| - BUG/MEDIUM: payload: make req.payload and payload_lv aware of dynamic buffers |
| - BUG/MEDIUM: acl: always accept match "found" |
| - MINOR: applet: rename applet_runq to applet_active_queue |
| - BUG/MAJOR: applet: use a separate run queue to maintain list integrity |
| - MEDIUM: stream-int: split stream_int_update_conn() into si- and conn-specific parts |
| - MINOR: stream-int: implement a new stream_int_update() function |
| - MEDIUM: stream-int: factor out the stream update functions |
| - MEDIUM: stream-int: call stream_int_update() from si_update() |
| - MINOR: stream-int: export stream_int_update_* |
| - MINOR: stream-int: move the applet_pause call out of the stream updates |
| - MEDIUM: stream-int: clean up the conditions to enable reading in si_conn_wake_cb |
| - MINOR: stream-int: implement the stream_int_notify() function |
| - MEDIUM: stream-int: use the same stream notification function for applets and conns |
| - MEDIUM: stream-int: completely remove stream_int_update_embedded() |
| - MINOR: stream-int: rename si_applet_done() to si_applet_wake_cb() |
| - BUG/MEDIUM: applet: fix reporting of broken write situation |
| - BUG/MINOR: stats: do not call cli_release_handler 3 times |
| - BUG/MEDIUM: cli: properly handle closed output |
| - MINOR: cli: do not call the release handler on internal error. |
| - BUG/MEDIUM: stream-int: avoid double-call to applet->release |
| - DEBUG: add p_malloc() to return a poisonned memory area |
| - CLEANUP: lua: remove unneeded memset(0) after calloc() |
| - MINOR: lua: use the proper applet wakeup mechanism |
| - BUG/MEDIUM: lua: better fix for the protocol check |
| - BUG/MEDIUM: lua: properly set the target on the connection |
| - MEDIUM: actions: pass a new "flags" argument to custom actions |
| - MEDIUM: actions: add new flag ACT_FLAG_FINAL to notify about last call |
| - MEDIUM: http: pass ACT_FLAG_FINAL to custom actions |
| - MEDIUM: lua: only allow actions to yield if not in a final call |
| - DOC: clarify how to make use of abstract sockets in socat |
| - CLEANUP: config: make the errorloc/errorfile messages less confusing |
| - MEDIUM: action: add a new flag ACT_FLAG_FIRST |
| - BUG/MINOR: config: check that tune.bufsize is always positive |
| - MEDIUM: config: set tune.maxrewrite to 1024 by default |
| - DOC: add David Carlier as maintainer of da.c |
| - DOC: fix some broken unexpected unicode chars in the Lua doc. |
| - BUG/MEDIUM: proxy: ignore stopped peers |
| - BUG/MEDIUM: proxy: do not wake stopped proxies' tasks during soft_stop() |
| - MEDIUM: init: completely deallocate unused peers |
| - BUG/MEDIUM: tcp: fix inverted condition to call custom actions |
| - DOC: remove outdated actions lists on tcp-request/response |
| - MEDIUM: tcp: add new tcp action "silent-drop" |
| - DOC: add URLs to optional libraries in the README |
| |
| 2015/09/14 : 1.6-dev5 |
| - MINOR: dns: dns_resolution structure update: time_t to unsigned int |
| - BUG/MEDIUM: dns: DNS resolution doesn't start |
| - BUG/MAJOR: dns: dns client resolution infinite loop |
| - MINOR: dns: coding style update |
| - MINOR: dns: new bitmasks to use against DNS flags |
| - MINOR: dns: dns_nameserver structure update: new counter for truncated response |
| - MINOR: dns: New DNS response analysis code: DNS_RESP_TRUNCATED |
| - MEDIUM: dns: handling of truncated response |
| - MINOR: DNS client query type failover management |
| - MINOR: dns: no expected DNS record type found |
| - MINOR: dns: new flag to report that no IP can be found in a DNS response packet |
| - BUG/MINOR: DNS request retry counter used for retry only |
| - DOC: DNS documentation updated |
| - MEDIUM: actions: remove ACTION_STOP |
| - BUG/MEDIUM: lua: outgoing connection was broken since 1.6-dev2 (bis) |
| - BUG/MINOR: lua: last log character truncated. |
| - CLEANUP: typo: bad indent |
| - CLEANUP: actions: missplaced includes |
| - MINOR: build: missing header |
| - CLEANUP: lua: Merge log functions |
| - BUG/MAJOR: http: don't manipulate the server connection if it's killed |
| - BUG/MINOR: http: remove stupid HTTP_METH_NONE entry |
| - BUG/MAJOR: http: don't call http_send_name_header() after an error |
| - MEDIUM: tools: make str2sa_range() optionally return the FQDN |
| - BUG/MINOR: tools: make str2sa_range() report unresolvable addresses |
| - BUG/MEDIUM: dns: use the correct server hostname when resolving |
| |
| 2015/08/30 : 1.6-dev4 |
| - MINOR: log: Add log-format variable %HQ, to log HTTP query strings |
| - DOC: typo in 'redirect', 302 code meaning |
| - DOC: typos in tcp-check expect examples |
| - DOC: resolve-prefer default value and default-server update |
| - MINOR: DNS counters: increment valid counter |
| - BUG/MEDIUM: DNS resolution response parsing broken |
| - MINOR: server: add new SRV_ADMF_CMAINT flag |
| - MINOR: server SRV_ADMF_CMAINT flag doesn't imply SRV_ADMF_FMAINT |
| - BUG/MEDIUM: dns: wrong first time DNS resolution |
| - BUG/MEDIUM: lua: Lua tasks fail to start. |
| - BUILD: add USE_LUA to BUILD_OPTIONS when it's used |
| - DOC/MINOR: fix OpenBSD versions where haproxy works |
| - MINOR: 51d: unable to start haproxy without "51degrees-data-file" |
| - BUG/MEDIUM: peers: fix wrong message id on stick table updates acknowledgement. |
| - BUG/MAJOR: peers: fix current table pointer not re-initialized on session release. |
| - BUILD: ssl: Allow building against libssl without SSLv3. |
| - DOC: clarify some points about SSL and the proxy protocol |
| - DOC: mention support for RFC 5077 TLS Ticket extension in starter guide |
| - BUG/MEDIUM: mailer: DATA part must be terminated with <CRLF>.<CRLF> |
| - DOC: match several lua configuration option names to those implemented in code |
| - MINOR cfgparse: Correct the mailer warning text to show the right names to the user |
| - BUG/MINOR: ssl: TLS Ticket Key rotation broken via socket command |
| - MINOR: stream: initialize the current_rule field to NULL on stream init |
| - BUG/MEDIUM: lua: timeout error with converters, wrapper and actions. |
| - CLEANUP: proto_http: remove useless initialisation |
| - CLEANUP: http/tcp actions: remove the scope member |
| - BUG/MINOR: proto_tcp: custom action continue is ignored |
| - MINOR: proto_tcp: add session in the action prototype |
| - MINOR: vars: reduce the code size of some wrappers |
| - MINOR: Move http method enum from proto_http to sample |
| - MINOR: sample: Add ipv6 to ipv4 and sint to ipv6 casts |
| - MINOR: sample/proto_tcp: export "smp_fetch_src" |
| - MEDIUM: cli: rely on the map's output type instead of the sample type |
| - BUG/MEDIUM: stream: The stream doen't inherit SC from the session |
| - BUG/MEDIUM: vars: segfault during the configuration parsing |
| - BUG/MEDIUM: stick-tables: refcount error after copying SC for the session to the stream |
| - BUG/MEDIUM: lua: bad error processing |
| - MINOR: samples: rename a struct from sample_storage to sample_data |
| - MINOR: samples: rename some struct member from "smp" to "data" |
| - MEDIUM: samples: Use the "struct sample_data" in the "struct sample" |
| - MINOR: samples: extract the anonymous union and create the union sample_value |
| - MINOR: samples: rename union from "data" to "u" |
| - MEDIUM: 51degrees: Adapt the 51Degrees library |
| - MINOR: samples: data assignation simplification |
| - MEDIUM: pattern/map: Maps can returns various types |
| - MINOR: map: The map can return IPv4 and IPv6 |
| - MEDIUM: actions: Merge (http|tcp)-(request|reponse) action structs |
| - MINOR: actions: Remove the data opaque pointer |
| - MINOR: lua: use the hlua_rule type in place of opaque type |
| - MINOR: vars: use the vars types as argument in place of opaque type |
| - MINOR: proto_http: use an "expr" type in place of generic opaque type. |
| - MINOR: proto_http: replace generic opaque types by real used types for the actions on thr request line |
| - MINOR: proto_http: replace generic opaque types by real used types in "http_capture" |
| - MINOR: proto_http: replace generic opaque types by real used types in "http_capture" by id |
| - MEDIUM: track-sc: Move the track-sc configuration storage in the union |
| - MEDIUM: capture: Move the capture configuration storage in the union |
| - MINOR: actions: add "from" information |
| - MINOR: actions: remove the mark indicating the last entry in enum |
| - MINOR: actions: Declare all the embedded actions in the same header file |
| - MINOR: actions: change actions names |
| - MEDIUM: actions: Add standard return code for the action API |
| - MEDIUM: actions: Merge (http|tcp)-(request|reponse) keywords structs |
| - MINOR: proto_tcp: proto_tcp.h is now useles |
| - MINOR: actions: mutualise the action keyword lookup |
| - MEDIUM: actions: Normalize the return code of the configuration parsers |
| - MINOR: actions: Remove wrappers |
| - MAJOR: stick-tables: use sample types in place of dedicated types |
| - MEDIUM: stick-tables: use the sample type names |
| - MAJOR: stick-tables: remove key storage from the key struct |
| - MEDIUM: stick-tables: Add GPT0 in the stick tables |
| - MINOR: stick-tables: Add GPT0 access |
| - MINOR: stick-tables: Add GPC0 actions |
| - BUG/MEDIUM: lua: the lua fucntion Channel:close() causes a segfault |
| - DOC: ssl: missing LF |
| - MINOR: lua: add core.done() function |
| - DOC: fix function name |
| - BUG/MINOR: lua: in some case a sample may remain undefined |
| - DOC: fix "http_action_set_req_line()" comments |
| - MINOR: http: Action for manipulating the returned status code. |
| - MEDIUM: lua: turns txn:close into txn:done |
| - BUG/MEDIUM: lua: cannot process more Lua hooks after a "done()" function call |
| - BUILD: link with libdl if needed for Lua support |
| - CLEANUP: backend: factor out objt_server() in connect_server() |
| - MEDIUM: backend: don't call si_alloc_conn() when we reuse a valid connection |
| - MEDIUM: stream-int: simplify si_alloc_conn() |
| - MINOR: stream-int: add new function si_detach_endpoint() |
| - MINOR: server: add a list of private idle connections |
| - MINOR: connection: add a new list member in the connection struct |
| - MEDIUM: stream-int: queue idle connections at the server |
| - MINOR: stream-int: make si_idle_conn() only accept valid connections |
| - MINOR: server: add a list of already used idle connections |
| - MINOR: connection: add a new flag CO_FL_PRIVATE |
| - MINOR: config: add new setting "http-reuse" |
| - MAJOR: backend: initial work towards connection reuse |
| - MAJOR: backend: improve the connection reuse mechanism |
| - MEDIUM: backend: implement "http-reuse safe" |
| - MINOR: server: add a list of safe, already reused idle connections |
| - MEDIUM: backend: add the "http-reuse aggressive" strategy |
| - DOC: document the new http-reuse directive |
| - DOC: internals: document next steps for HTTP connection reuse |
| - DOC: mention that %ms is left-padded with zeroes. |
| - MINOR: init: indicate to check 'bind' lines when no listeners were found. |
| - MAJOR: http: remove references to appsession |
| - CLEANUP: config: remove appsession initialization |
| - CLEANUP: appsession: remove appsession.c and sessionhash.c |
| - CLEANUP: tests: remove sessionhash_test.c and test-cookie-appsess.cfg |
| - CLEANUP: proxy: remove last references to appsession |
| - CLEANUP: appsession: remove the last include files |
| - DOC: remove documentation about appsession |
| - CLEANUP: .gitignore: ignore more test files |
| - CLEANUP: .gitignore: finally ignore everything but what is known. |
| - MEDIUM: config: emit a warning on a frontend without listener |
| - DOC: add doc/internals/entities-v2.txt |
| - DOC: add doc/linux-syn-cookies.txt |
| - DOC: add design thoughts on HTTP/2 |
| - DOC: add some thoughts on connection sharing for HTTP/2 |
| - DOC: add design thoughts on dynamic buffer allocation |
| - BUG/MEDIUM: counters: ensure that src_{inc,clr}_gpc0 creates a missing entry |
| - DOC: add new file intro.txt |
| - MAJOR: tproxy: remove support for cttproxy |
| - BUG/MEDIUM: lua: outgoing connection was broken since 1.6-dev2 |
| - DOC: lua: replace txn:close with txn:done in lua-api |
| - DOC: intro: minor updates and fixes |
| - DOC: intro: fix too long line. |
| - DOC: fix example of http-request using ssl_fc_session_id |
| - BUG/MEDIUM: lua: txn:done() still causes a segfault in TCP mode |
| - CLEANUP: lua: fix some indent issues |
| - BUG/MEDIUM: lua: fix a segfault in txn:done() if called twice |
| - DOC: lua: mention than txn:close was renamed txn:done. |
| |
| 2015/07/22 : 1.6-dev3 |
| - CLEANUP: sample: generalize sample_fetch_string() as sample_fetch_as_type() |
| - MEDIUM: http: Add new 'set-src' option to http-request |
| - DOC usesrc root privileges requirments |
| - BUG/MINOR: dns: wrong time unit for some DNS default parameters |
| - MINOR: proxy: bit field for proxy_find_best_match diff status |
| - MINOR: server: new server flag: SRV_F_FORCED_ID |
| - MINOR: server: server_find functions: id, name, best_match |
| - DOC: dns: fix chapters syntax |
| - BUILD/MINOR: tools: rename popcount to my_popcountl |
| - BUILD: add netbsd TARGET |
| - MEDIUM: 51Degrees code refactoring and cleanup |
| - MEDIUM: 51d: add LRU-based cache on User-Agent string detection |
| - DOC: add notes about the "51degrees-cache-size" parameter |
| - BUG/MEDIUM: 51d: possible incorrect operations on smp->data.str.str |
| - BUG/MAJOR: connection: fix TLV offset calculation for proxy protocol v2 parsing |
| - MINOR: Add sample fetch to detect Supported Elliptic Curves Extension |
| - BUG/MINOR: payload: Add volatile flag to smp_fetch_req_ssl_ec_ext |
| - BUG/MINOR: lua: type error in the arguments wrapper |
| - CLEANUP: vars: remove unused struct |
| - BUG/MINOR: http/sample: gmtime/localtime can fail |
| - MINOR: standard: add 64 bits conversion functions |
| - MAJOR: sample: converts uint and sint in 64 bits signed integer |
| - MAJOR: arg: converts uint and sint in sint |
| - MEDIUM: sample: switch to saturated arithmetic |
| - MINOR: vars: returns variable content |
| - MEDIUM: vars/sample: operators can use variables as parameter |
| - BUG/MINOR: ssl: fix smp_fetch_ssl_fc_session_id |
| - BUILD/MINOR: lua: fix a harmless build warning |
| - BUILD/MINOR: stats: fix build warning due to condition always true |
| - BUG/MAJOR: lru: fix unconditional call to free due to unexpected semi-colon |
| - BUG/MEDIUM: logs: fix improper systematic use of quotes with a few tags |
| - BUILD/MINOR: lua: ensure that hlua_ctx_destroy is properly defined |
| - BUG/MEDIUM: lru: fix possible memory leak when ->free() is used |
| - MINOR: vars: make the accounting not depend on the stream |
| - MEDIUM: vars: move the session variables to the session, not the stream |
| - BUG/MEDIUM: vars: do not freeze the connection when the expression cannot be fetched |
| - BUG/MAJOR: buffers: make the buffer_slow_realign() function respect output data |
| - BUG/MAJOR: tcp: tcp rulesets were still broken |
| - MINOR: stats: improve compression stats reporting |
| - MINOR: ssl: make self-generated certs also work with raw IPv6 addresses |
| - CLEANUP: ssl: make ssl_sock_generated_cert_serial() take a const |
| - CLEANUP: ssl: make ssl_sock_generate_certificate() use ssl_sock_generated_cert_serial() |
| - BUG/MINOR: log: missing some ARGC_* entries in fmt_directives() |
| - MINOR: args: add new context for servers |
| - MINOR: stream: maintain consistence between channel_forward and HTTP forward |
| - MINOR: ssl: provide ia function to set the SNI extension on a connection |
| - MEDIUM: ssl: add sni support on the server lines |
| - CLEANUP: stream: remove a useless call to si_detach() |
| - CLEANUP: stream-int: fix a few outdated comments about stream_int_register_handler() |
| - CLEANUP: stream-int: remove stream_int_unregister_handler() and si_detach() |
| - MINOR: stream-int: only use si_release_endpoint() to release a connection |
| - MINOR: standard: provide htonll() and ntohll() |
| - CLEANUP/MINOR: dns: dns_str_to_dn_label() only needs a const char |
| - BUG/MAJOR: dns: fix the length of the string to be copied |
| |
| 2015/06/17 : 1.6-dev2 |
| - BUG/MINOR: ssl: Display correct filename in error message |
| - MEDIUM: logs: Add HTTP request-line log format directives |
| - BUG/MEDIUM: check: tcpcheck regression introduced by e16c1b3f |
| - BUG/MINOR: check: fix tcpcheck error message |
| - MINOR: use an int instead of calling tcpcheck_get_step_id |
| - MINOR: tcpcheck_rule structure update |
| - MINOR: include comment in tcpcheck error log |
| - DOC: tcpcheck comment documentation |
| - MEDIUM: server: add support for changing a server's address |
| - MEDIUM: server: change server ip address from stats socket |
| - MEDIUM: protocol: add minimalist UDP protocol client |
| - MEDIUM: dns: implement a DNS resolver |
| - MAJOR: server: add DNS-based server name resolution |
| - DOC: server name resolution + proto DNS |
| - MINOR: dns: add DNS statistics |
| - MEDIUM: http: configurable http result codes for http-request deny |
| - BUILD: Compile clean when debug options defined |
| - MINOR: lru: Add the possibility to free data when an item is removed |
| - MINOR: lru: Add lru64_lookup function |
| - MEDIUM: ssl: Add options to forge SSL certificates |
| - MINOR: ssl: Export functions to manipulate generated certificates |
| - MEDIUM: config: add DeviceAtlas global keywords |
| - MEDIUM: global: add the DeviceAtlas required elements to struct global |
| - MEDIUM: sample: add the da-csv converter |
| - MEDIUM: init: DeviceAtlas initialization |
| - BUILD: Makefile: add options to build with DeviceAtlas |
| - DOC: README: explain how to build with DeviceAtlas |
| - BUG/MEDIUM: http: fix the url_param fetch |
| - BUG/MEDIUM: init: segfault if global._51d_property_names is not initialized |
| - MAJOR: peers: peers protocol version 2.0 |
| - MINOR: peers: avoid re-scheduling of pending stick-table's updates still not pushed. |
| - MEDIUM: peers: re-schedule stick-table's entry for sync when data is modified. |
| - MEDIUM: peers: support of any stick-table data-types for sync |
| - BUG/MAJOR: sample: regression on sample cast to stick table types. |
| - CLEANUP: deinit: remove codes for cleaning p->block_rules |
| - DOC: Fix L4TOUT typo in documentation |
| - DOC: set-log-level in Logging section preamble |
| - BUG/MEDIUM: compat: fix segfault on FreeBSD |
| - MEDIUM: check: include server address and port in the send-state header |
| - MEDIUM: backend: Allow redispatch on retry intervals |
| - MINOR: Add TLS ticket keys reference and use it in the listener struct |
| - MEDIUM: Add support for updating TLS ticket keys via socket |
| - DOC: Document new socket commands "show tls-keys" and "set ssl tls-key" |
| - MINOR: Add sample fetch which identifies if the SSL session has been resumed |
| - DOC: Update doc about weight, act and bck fields in the statistics |
| - BUG/MEDIUM: ssl: fix tune.ssl.default-dh-param value being overwritten |
| - MINOR: ssl: add a destructor to free allocated SSL ressources |
| - MEDIUM: ssl: add the possibility to use a global DH parameters file |
| - MEDIUM: ssl: replace standards DH groups with custom ones |
| - MEDIUM: stats: Add enum srv_stats_state |
| - MEDIUM: stats: Separate server state and colour in stats |
| - MEDIUM: stats: Only report drain state in stats if server has SRV_ADMF_DRAIN set |
| - MEDIUM: stats: Differentiate between DRAIN and DRAIN (agent) |
| - MEDIUM: Lower priority of email alerts for log-health-checks messages |
| - MEDIUM: Send email alerts when servers are marked as UP or enter the drain state |
| - MEDIUM: Document when email-alerts are sent |
| - BUG/MEDIUM: lua: bad argument number in analyser and in error message |
| - MEDIUM: lua: automatically converts strings in proxy, tables, server and ip |
| - BUG/MINOR: utf8: remove compilator warning |
| - MEDIUM: map: uses HAProxy facilities to store default value |
| - BUG/MINOR: lua: error in detection of mandatory arguments |
| - BUG/MINOR: lua: set current proxy as default value if it is possible |
| - BUG/MEDIUM: http: the action set-{method|path|query|uri} doesn't run. |
| - BUG/MEDIUM: lua: undetected infinite loop |
| - BUG/MAJOR: http: don't read past buffer's end in http_replace_value |
| - BUG/MEDIUM: http: the function "(req|res)-replace-value" doesn't respect the HTTP syntax |
| - MEDIUM/CLEANUP: http: rewrite and lighten http_transform_header() prototype |
| - BUILD: lua: it miss the '-ldl' directive |
| - MEDIUM: http: allows 'R' and 'S' in the protocol alphabet |
| - MINOR: http: split the function http_action_set_req_line() in two parts |
| - MINOR: http: split http_transform_header() function in two parts. |
| - MINOR: http: export function inet_set_tos() |
| - MINOR: lua: txn: add function set_(loglevel|tos|mark) |
| - MINOR: lua: create and register HTTP class |
| - DOC: lua: fix some typos |
| - MINOR: lua: add log functions |
| - BUG/MINOR: lua: Fix SSL initialisation |
| - DOC: lua: some fixes |
| - MINOR: lua: (req|res)_get_headers return more than one header value |
| - MINOR: lua: map system integration in Lua |
| - BUG/MEDIUM: http: functions set-{path,query,method,uri} breaks the HTTP parser |
| - MINOR: sample: add url_dec converter |
| - MEDIUM: sample: fill the struct sample with the session, proxy and stream pointers |
| - MEDIUM: sample change the prototype of sample-fetches and converters functions |
| - MINOR: sample: fill the struct sample with the options. |
| - MEDIUM: sample: change the prototype of sample-fetches functions |
| - MINOR: http: split the url_param in two parts |
| - CLEANUP: http: bad indentation |
| - MINOR: http: add body_param fetch |
| - MEDIUM: http: url-encoded parsing function can run throught wrapped buffer |
| - DOC: http: req.body_param documentation |
| - MINOR: proxy: custom capture declaration |
| - MINOR: capture: add two "capture" converters |
| - MEDIUM: capture: Allow capture with slot identifier |
| - MINOR: http: add array of generic pointers in http_res_rules |
| - MEDIUM: capture: adds http-response capture |
| - MINOR: common: escape CSV strings |
| - MEDIUM: stats: escape some strings in the CSV dump |
| - MINOR: tcp: add custom actions that can continue tcp-(request|response) processing |
| - MINOR: lua: Lua tcp action are not final action |
| - DOC: lua: schematics about lua socket organization |
| - BUG/MINOR: debug: display (null) in place of "meth" |
| - DOC: mention the "lua action" in documentation |
| - MINOR: standard: add function that converts signed int to a string |
| - BUG/MINOR: sample: wrong conversion of signed values |
| - MEDIUM: sample: Add type any |
| - MINOR: debug: add a special converter which display its input sample content. |
| - MINOR: tcp: increase the opaque data array |
| - MINOR: tcp/http/conf: extends the keyword registration options |
| - MINOR: build: fix build dependency |
| - MEDIUM: vars: adds support of variables |
| - MINOR: vars: adds get and set functions |
| - MINOR: lua: Variable access |
| - MINOR: samples: add samples which returns constants |
| - BUG/MINOR: vars/compil: fix some warnings |
| - BUILD: add 51degrees options to makefile. |
| - MINOR: global: add several 51Degrees members to global |
| - MINOR: config: add 51Degrees config parsing. |
| - MINOR: init: add 51Degrees initialisation code |
| - MEDIUM: sample: add fiftyone_degrees converter. |
| - MEDIUM: deinit: add cleanup for 51Degrees to deinit |
| - MEDIUM: sample: add trie support to 51Degrees |
| - DOC: add 51Degrees notes to configuration.txt. |
| - DOC: add build indications for 51Degrees to README. |
| - MEDIUM: cfgparse: introduce weak and strong quoting |
| - BUG/MEDIUM: cfgparse: incorrect memmove in quotes management |
| - MINOR: cfgparse: remove line size limitation |
| - MEDIUM: cfgparse: expand environment variables |
| - BUG/MINOR: cfgparse: fix typo in 'option httplog' error message |
| - BUG/MEDIUM: cfgparse: segfault when userlist is misused |
| - CLEANUP: cfgparse: remove reference to 'ruleset' section |
| - MEDIUM: cfgparse: check section maximum number of arguments |
| - MEDIUM: cfgparse: max arguments check in the global section |
| - MEDIUM: cfgparse: check max arguments in the proxies sections |
| - CLEANUP: stream-int: remove a redundant clearing of the linger_risk flag |
| - MINOR: connection: make conn_sock_shutw() actually perform the shutdown() call |
| - MINOR: stream-int: use conn_sock_shutw() to shutdown a connection |
| - MINOR: connection: perform the call to xprt->shutw() in conn_data_shutw() |
| - MEDIUM: stream-int: replace xprt->shutw calls with conn_data_shutw() |
| - MINOR: checks: use conn_data_shutw_hard() instead of call via xprt |
| - MINOR: connection: implement conn_sock_send() |
| - MEDIUM: stream-int: make conn_si_send_proxy() use conn_sock_send() |
| - MEDIUM: connection: make conn_drain() perform more controls |
| - REORG: connection: move conn_drain() to connection.c and rename it |
| - CLEANUP: stream-int: remove inclusion of fd.h that is not used anymore |
| - MEDIUM: channel: don't always set CF_WAKE_WRITE on bi_put* |
| - CLEANUP: lua: don't use si_ic/si_oc on known stream-ints |
| - BUG/MEDIUM: peers: correctly configure the client timeout |
| - MINOR: peers: centralize configuration of the peers frontend |
| - MINOR: proxy: store the default target into the frontend's configuration |
| - MEDIUM: stats: use frontend_accept() as the accept function |
| - MEDIUM: peers: use frontend_accept() instead of peer_accept() |
| - CLEANUP: listeners: remove unused timeout |
| - MEDIUM: listener: store the default target per listener |
| - BUILD: fix automatic inclusion of libdl. |
| - MEDIUM: lua: implement a simple memory allocator |
| - MEDIUM: compression: postpone buffer adjustments after compression |
| - MEDIUM: compression: don't send leading zeroes with chunk size |
| - BUG/MINOR: compression: consider the expansion factor in init |
| - MINOR: http: check the algo name "identity" instead of the function pointer |
| - CLEANUP: compression: statify all algo-specific functions |
| - MEDIUM: compression: add a distinction between UA- and config- algorithms |
| - MEDIUM: compression: add new "raw-deflate" compression algorithm |
| - MEDIUM: compression: split deflate_flush() into flush and finish |
| - CLEANUP: compression: remove unused reset functions |
| - MAJOR: compression: integrate support for libslz |
| - BUG/MEDIUM: http: hdr_cnt would not count any header when called without name |
| - BUG/MAJOR: http: null-terminate the http actions keywords list |
| - CLEANUP: lua: remove the unused hlua_sleep memory pool |
| - BUG/MAJOR: lua: use correct object size when initializing a new converter |
| - CLEANUP: lua: remove hard-coded sizeof() in object creations and mallocs |
| - CLEANUP: lua: fix confusing local variable naming in hlua_txn_new() |
| - CLEANUP: hlua: stop using variable name "s" alternately for hlua_txn and hlua_smp |
| - CLEANUP: lua: get rid of the last "*ht" for struct hlua_txn. |
| - CLEANUP: lua: rename last occurrences of "*s" to "*htxn" for hlua_txn |
| - CLEANUP: lua: rename variable "sc" for struct hlua_smp |
| - CLEANUP: lua: get rid of the last two "*hs" for hlua_smp |
| - REORG/MAJOR: session: rename the "session" entity to "stream" |
| - REORG/MEDIUM: stream: rename stream flags from SN_* to SF_* |
| - MINOR: session: start to reintroduce struct session |
| - MEDIUM: stream: allocate the session when a stream is created |
| - MEDIUM: stream: move the listener's pointer to the session |
| - MEDIUM: stream: move the frontend's pointer to the session |
| - MINOR: session: add a pointer to the session's origin |
| - MEDIUM: session: use the pointer to the origin instead of s->si[0].end |
| - CLEANUP: sample: remove useless tests in fetch functions for l4 != NULL |
| - MEDIUM: http: move header captures from http_txn to struct stream |
| - MINOR: http: create a dedicated pool for http_txn |
| - MAJOR: http: move http_txn out of struct stream |
| - MAJOR: sample: don't pass l7 anymore to sample fetch functions |
| - CLEANUP: lua: remove unused hlua_smp->l7 and hlua_txn->l7 |
| - MEDIUM: http: remove the now useless http_txn from {req/res} rules |
| - CLEANUP: lua: don't pass http_txn anymore to hlua_request_act_wrapper() |
| - MAJOR: sample: pass a pointer to the session to each sample fetch function |
| - MINOR: stream: provide a few helpers to retrieve frontend, listener and origin |
| - CLEANUP: stream: don't set ->target to the incoming connection anymore |
| - MINOR: stream: move session initialization before the stream's |
| - MINOR: session: store the session's accept date |
| - MINOR: session: don't rely on s->logs.logwait in embryonic sessions |
| - MINOR: session: implement session_free() and use it everywhere |
| - MINOR: session: add stick counters to the struct session |
| - REORG: stktable: move the stkctr_* functions from stream to sticktable |
| - MEDIUM: streams: support looking up stkctr in the session |
| - MEDIUM: session: update the session's stick counters upon session_free() |
| - MEDIUM: proto_tcp: track the session's counters in the connection ruleset |
| - MAJOR: tcp: make tcp_exec_req_rules() only rely on the session |
| - MEDIUM: stream: don't call stream_store_counters() in kill_mini_session() nor session_accept() |
| - MEDIUM: stream: move all the session-specific stuff of stream_accept() earlier |
| - MAJOR: stream: don't initialize the stream anymore in stream_accept |
| - MEDIUM: session: remove the task pointer from the session |
| - REORG: session: move the session parts out of stream.c |
| - MINOR: stream-int: make appctx_new() take the applet in argument |
| - MEDIUM: peers: move the appctx initialization earlier |
| - MINOR: session: introduce session_new() |
| - MINOR: session: make use of session_new() when creating a new session |
| - MINOR: peers: make use of session_new() when creating a new session |
| - MEDIUM: peers: initialize the task before the stream |
| - MINOR: session: set the CO_FL_CONNECTED flag on the connection once ready |
| - CLEANUP: stream.c: do not re-attach the connection to the stream |
| - MEDIUM: stream: isolate connection-specific initialization code |
| - MEDIUM: stream: also accept appctx as origin in stream_accept_session() |
| - MEDIUM: peers: make use of stream_accept_session() |
| - MEDIUM: frontend: make ->accept only return +/-1 |
| - MEDIUM: stream: return the stream upon accept() |
| - MEDIUM: frontend: move some stream initialisation to stream_new() |
| - MEDIUM: frontend: move the fd-specific settings to session_accept_fd() |
| - MEDIUM: frontend: don't restrict frontend_accept() to connections anymore |
| - MEDIUM: frontend: move some remaining stream settings to stream_new() |
| - CLEANUP: frontend: remove one useless local variable |
| - MEDIUM: stream: don't rely on the session's listener anymore in stream_new() |
| - MEDIUM: lua: make use of stream_new() to create an outgoing connection |
| - MINOR: lua: minor cleanup in hlua_socket_new() |
| - MINOR: lua: no need for setting timeouts / conn_retries in hlua_socket_new() |
| - MINOR: peers: no need for setting timeouts / conn_retries in peer_session_create() |
| - CLEANUP: stream-int: swap stream-int and appctx declarations |
| - CLEANUP: namespaces: fix protection against multiple inclusions |
| - MINOR: session: maintain the session count stats in the session, not the stream |
| - MEDIUM: session: adjust the connection flags before stream_new() |
| - MINOR: stream: pass the pointer to the origin explicitly to stream_new() |
| - CLEANUP: poll: move the conditions for waiting out of the poll functions |
| - BUG/MEDIUM: listener: don't report an error when resuming unbound listeners |
| - BUG/MEDIUM: init: don't limit cpu-map to the first 32 processes only |
| - BUG/MAJOR: tcp/http: fix current_rule assignment when restarting over a ruleset |
| - BUG/MEDIUM: stream-int: always reset si->ops when si->end is nullified |
| - DOC: update the entities diagrams |
| - BUG/MEDIUM: http: properly retrieve the front connection |
| - MINOR: applet: add a new "owner" pointer in the appctx |
| - MEDIUM: applet: make the applet not depend on a stream interface anymore |
| - REORG: applet: move the applet definitions out of stream_interface |
| - CLEANUP: applet: rename struct si_applet to applet |
| - REORG: stream-int: create si_applet_ops dedicated to applets |
| - MEDIUM: applet: add basic support for an applet run queue |
| - MEDIUM: applet: implement a run queue for active appctx |
| - MEDIUM: stream-int: add a new function si_applet_done() |
| - MAJOR: applet: now call si_applet_done() instead of si_update() in I/O handlers |
| - MAJOR: stream: use a regular ->update for all stream interfaces |
| - MEDIUM: dumpstats: don't unregister the applet anymore |
| - MEDIUM: applet: centralize the call to si_applet_done() in the I/O handler |
| - MAJOR: stream: do not allocate request buffers anymore when the left side is an applet |
| - MINOR: stream-int: add two flags to indicate an applet's wishes regarding I/O |
| - MEDIUM: applet: make the applets only use si_applet_{cant|want|stop}_{get|put} |
| - MEDIUM: stream-int: pause the appctx if the task is woken up |
| - BUG/MAJOR: tcp: only call registered actions when they're registered |
| - BUG/MEDIUM: peers: fix applet scheduling |
| - BUG/MEDIUM: peers: recent applet changes broke peers updates scheduling |
| - MINOR: tools: provide an rdtsc() function for time comparisons |
| - IMPORT: lru: import simple ebtree-based LRU functions |
| - IMPORT: hash: import xxhash-r39 |
| - MEDIUM: pattern: add a revision to all pattern expressions |
| - MAJOR: pattern: add LRU-based cache on pattern matching |
| - BUG/MEDIUM: http: remove content-length from chunked messages |
| - DOC: http: update the comments about the rules for determining transfer-length |
| - BUG/MEDIUM: http: do not restrict parsing of transfer-encoding to HTTP/1.1 |
| - BUG/MEDIUM: http: incorrect transfer-coding in the request is a bad request |
| - BUG/MEDIUM: http: remove content-length form responses with bad transfer-encoding |
| - MEDIUM: http: restrict the HTTP version token to 1 digit as per RFC7230 |
| - MEDIUM: http: disable support for HTTP/0.9 by default |
| - MEDIUM: http: add option-ignore-probes to get rid of the floods of 408 |
| - BUG/MINOR: config: clear proxy->table.peers.p for disabled proxies |
| - MEDIUM: init: don't stop proxies in parent process when exiting |
| - MINOR: stick-table: don't attach to peers in stopped state |
| - MEDIUM: config: initialize stick-tables after peers, not before |
| - MEDIUM: peers: add the ability to disable a peers section |
| - MINOR: peers: store the pointer to the signal handler |
| - MEDIUM: peers: unregister peers that were never started |
| - MEDIUM: config: propagate the table's process list to the peers sections |
| - MEDIUM: init: stop any peers section not bound to the correct process |
| - MEDIUM: config: validate that peers sections are bound to exactly one process |
| - MAJOR: peers: allow peers section to be used with nbproc > 1 |
| - DOC: relax the peers restriction to single-process |
| - DOC: document option http-ignore-probes |
| - DOC: fix the comments about the meaning of msg->sol in HTTP |
| - BUG/MEDIUM: http: wait for the exact amount of body bytes in wait_for_request_body |
| - BUG/MAJOR: http: prevent risk of reading past end with balance url_param |
| - MEDIUM: stream: move HTTP request body analyser before process_common |
| - MEDIUM: http: add a new option http-buffer-request |
| - MEDIUM: http: provide 3 fetches for the body |
| - DOC: update the doc on the proxy protocol |
| - BUILD: pattern: fix build warnings introduced in the LRU cache |
| - BUG/MEDIUM: stats: properly initialize the scope before dumping stats |
| - CLEANUP: config: fix misleading information in error message. |
| - MINOR: config: report the number of processes using a peers section in the error case |
| - BUG/MEDIUM: config: properly compute the default number of processes for a proxy |
| - MEDIUM: http: add new "capture" action for http-request |
| - BUG/MEDIUM: http: fix the http-request capture parser |
| - BUG/MEDIUM: http: don't forward client shutdown without NOLINGER except for tunnels |
| - BUILD/MINOR: ssl: fix build failure introduced by recent patch |
| - BUG/MAJOR: check: fix breakage of inverted tcp-check rules |
| - CLEANUP: checks: fix double usage of cur / current_step in tcp-checks |
| - BUG/MEDIUM: checks: do not dereference head of a tcp-check at the end |
| - CLEANUP: checks: simplify the loop processing of tcp-checks |
| - BUG/MAJOR: checks: always check for end of list before proceeding |
| - BUG/MEDIUM: checks: do not dereference a list as a tcpcheck struct |
| - BUG/MAJOR: checks: break infinite loops when tcp-checks starts with comment |
| - MEDIUM: http: make url_param iterate over multiple occurrences |
| - BUG/MEDIUM: peers: apply a random reconnection timeout |
| - MEDIUM: config: reject invalid config with name duplicates |
| - MEDIUM: config: reject conflicts in table names |
| - CLEANUP: proxy: make the proxy lookup functions more user-friendly |
| - MINOR: proxy: simply ignore duplicates in proxy name lookups |
| - MINOR: config: don't open-code proxy name lookups |
| - MEDIUM: config: clarify the conflicting modes detection for backend rules |
| - CLEANUP: proxy: remove now unused function findproxy_mode() |
| - MEDIUM: stick-table: remove the now duplicate find_stktable() function |
| - MAJOR: config: remove the deprecated reqsetbe / reqisetbe actions |
| - MINOR: proxy: add a new function proxy_find_by_id() |
| - MINOR: proxy: add a flag to memorize that the proxy's ID was forced |
| - MEDIUM: proxy: add a new proxy_find_best_match() function |
| - CLEANUP: http: explicitly reference request in http_apply_redirect_rules() |
| - MINOR: http: prepare support for parsing redirect actions on responses |
| - MEDIUM: http: implement http-response redirect rules |
| - MEDIUM: http: no need to close the request on redirect if data was parsed |
| - BUG/MEDIUM: http: fix body processing for the stats applet |
| - BUG/MINOR: da: fix log-level comparison to emove annoying warning |
| - CLEANUP: global: remove one ifdef USE_DEVICEATLAS |
| - CLEANUP: da: move the converter registration to da.c |
| - CLEANUP: da: register the config keywords in da.c |
| - CLEANUP: adjust the envelope name in da.h to reflect the file name |
| - CLEANUP: da: remove ifdef USE_DEVICEATLAS from da.c |
| - BUILD: make 51D easier to build by defaulting to 51DEGREES_SRC |
| - BUILD: fix build warning when not using 51degrees |
| - BUILD: make DeviceAtlas easier to build by defaulting to DEVICEATLAS_SRC |
| - BUILD: ssl: fix recent build breakage on older SSL libs |
| |
| 2015/03/11 : 1.6-dev1 |
| - CLEANUP: extract temporary $CFG to eliminate duplication |
| - CLEANUP: extract temporary $BIN to eliminate duplication |
| - CLEANUP: extract temporary $PIDFILE to eliminate duplication |
| - CLEANUP: extract temporary $LOCKFILE to eliminate duplication |
| - CLEANUP: extract quiet_check() to avoid duplication |
| - BUG/MINOR: don't start haproxy on reload |
| - DOC: Address issue where documentation is excluded due to a gitignore rule. |
| - BUG/MEDIUM: systemd: set KillMode to 'mixed' |
| - BUILD: fix "make install" to support spaces in the install dirs |
| - BUG/MINOR: config: http-request replace-header arg typo |
| - BUG: config: error in http-response replace-header number of arguments |
| - DOC: missing track-sc* in http-request rules |
| - BUILD: lua: missing ifdef related to SSL when enabling LUA |
| - BUG/MEDIUM: regex: fix pcre_study error handling |
| - MEDIUM: regex: Use pcre_study always when PCRE is used, regardless of JIT |
| - BUG/MINOR: Fix search for -p argument in systemd wrapper. |
| - MEDIUM: Improve signal handling in systemd wrapper. |
| - DOC: fix typo in Unix Socket commands |
| - BUG/MEDIUM: checks: external checks can't change server status to UP |
| - BUG/MEDIUM: checks: segfault with external checks in a backend section |
| - BUG/MINOR: checks: external checks shouldn't wait for timeout to return the result |
| - BUG/MEDIUM: auth: fix segfault with http-auth and a configuration with an unknown encryption algorithm |
| - BUG/MEDIUM: config: userlists should ensure that encrypted passwords are supported |
| - BUG/MINOR: config: don't propagate process binding for dynamic use_backend |
| - BUG/MINOR: log: fix request flags when keep-alive is enabled |
| - BUG/MEDIUM: checks: fix conflicts between agent checks and ssl healthchecks |
| - MINOR: checks: allow external checks in backend sections |
| - MEDIUM: checks: provide environment variables to the external checks |
| - MINOR: checks: update dynamic environment variables in external checks |
| - DOC: checks: environment variables used by "external-check command" |
| - BUG/MEDIUM: backend: correctly detect the domain when use_domain_only is used |
| - MINOR: ssl: load certificates in alphabetical order |
| - BUG/MINOR: checks: prevent http keep-alive with http-check expect |
| - MINOR: lua: typo in an error message |
| - MINOR: report the Lua version in -vv |
| - MINOR: lua: add a compilation error message when compiled with an incompatible version |
| - BUG/MEDIUM: lua: segfault when calling haproxy sample fetches from lua |
| - BUILD: try to automatically detect the Lua library name |
| - BUILD/CLEANUP: systemd: avoid a warning due to mixed code and declaration |
| - BUG/MEDIUM: backend: Update hash to use unsigned int throughout |
| - BUG/MEDIUM: connection: fix memory corruption when building a proxy v2 header |
| - MEDIUM: connection: add new bit in Proxy Protocol V2 |
| - BUG/MINOR: ssl: rejects OCSP response without nextupdate. |
| - BUG/MEDIUM: ssl: Fix to not serve expired OCSP responses. |
| - BUG/MINOR: ssl: Fix OCSP resp update fails with the same certificate configured twice. |
| - BUG/MINOR: ssl: Fix external function in order not to return a pointer on an internal trash buffer. |
| - MINOR: add fetchs 'ssl_c_der' and 'ssl_f_der' to return DER formatted certs |
| - MINOR: ssl: add statement to force some ssl options in global. |
| - BUG/MINOR: ssl: correctly initialize ssl ctx for invalid certificates |
| - BUG/MEDIUM: ssl: fix bad ssl context init can cause segfault in case of OOM. |
| - BUG/MINOR: samples: fix unnecessary memcopy converting binary to string. |
| - MINOR: samples: adds the bytes converter. |
| - MINOR: samples: adds the field converter. |
| - MINOR: samples: add the word converter. |
| - BUG/MINOR: server: move the directive #endif to the end of file |
| - BUG/MAJOR: buffer: check the space left is enough or not when input data in a buffer is wrapped |
| - DOC: fix a few typos |
| - CLEANUP: epoll: epoll_events should be allocated according to global.tune.maxpollevents |
| - BUG/MINOR: http: fix typo: "401 Unauthorized" => "407 Unauthorized" |
| - BUG/MINOR: parse: refer curproxy instead of proxy |
| - BUG/MINOR: parse: check the validity of size string in a more strict way |
| - BUILD: add new target 'make uninstall' to support uninstalling haproxy from OS |
| - DOC: expand the docs for the provided stats. |
| - BUG/MEDIUM: unix: do not unlink() abstract namespace sockets upon failure. |
| - MEDIUM: ssl: Certificate Transparency support |
| - MEDIUM: stats: proxied stats admin forms fix |
| - MEDIUM: http: Compress HTTP responses with status codes 201,202,203 in addition to 200 |
| - BUG/MEDIUM: connection: sanitize PPv2 header length before parsing address information |
| - MAJOR: namespace: add Linux network namespace support |
| - MINOR: systemd: Check configuration before start |
| - BUILD: ssl: handle boringssl in openssl version detection |
| - BUILD: ssl: disable OCSP when using boringssl |
| - BUILD: ssl: don't call get_rfc2409_prime when using boringssl |
| - MINOR: ssl: don't use boringssl's cipher_list |
| - BUILD: ssl: use OPENSSL_NO_OCSP to detect OCSP support |
| - MINOR: stats: fix minor typo in HTML page |
| - MINOR: Also accept SIGHUP/SIGTERM in systemd-wrapper |
| - MEDIUM: Add support for configurable TLS ticket keys |
| - DOC: Document the new tls-ticket-keys bind keyword |
| - DOC: clearly state that the "show sess" output format is not fixed |
| - MINOR: stats: fix minor typo fix in stats_dump_errors_to_buffer() |
| - DOC: httplog does not support 'no' |
| - BUG/MEDIUM: ssl: Fix a memory leak in DHE key exchange |
| - MINOR: ssl: use SSL_get_ciphers() instead of directly accessing the cipher list. |
| - BUG/MEDIUM: Consistently use 'check' in process_chk |
| - MEDIUM: Add external check |
| - BUG/MEDIUM: Do not set agent health to zero if server is disabled in config |
| - MEDIUM/BUG: Only explicitly report "DOWN (agent)" if the agent health is zero |
| - MEDIUM: Remove connect_chk |
| - MEDIUM: Refactor init_check and move to checks.c |
| - MEDIUM: Add free_check() helper |
| - MEDIUM: Move proto and addr fields struct check |
| - MEDIUM: Attach tcpcheck_rules to check |
| - MEDIUM: Add parsing of mailers section |
| - MEDIUM: Allow configuration of email alerts |
| - MEDIUM: Support sending email alerts |
| - DOC: Document email alerts |
| - MINOR: Remove trailing '.' from email alert messages |
| - MEDIUM: Allow suppression of email alerts by log level |
| - BUG/MEDIUM: Do not consider an agent check as failed on L7 error |
| - MINOR: deinit: fix memory leak |
| - MINOR: http: export the function 'smp_fetch_base32' |
| - BUG/MEDIUM: http: tarpit timeout is reset |
| - MINOR: sample: add "json" converter |
| - BUG/MEDIUM: pattern: don't load more than once a pattern list. |
| - MINOR: map/acl/dumpstats: remove the "Done." message |
| - BUG/MAJOR: ns: HAProxy segfault if the cli_conn is not from a network connection |
| - BUG/MINOR: pattern: error message missing |
| - BUG/MEDIUM: pattern: some entries are not deleted with case insensitive match |
| - BUG/MINOR: ARG6 and ARG7 don't fit in a 32 bits word |
| - MAJOR: poll: only rely on wake_expired_tasks() to compute the wait delay |
| - MEDIUM: task: call session analyzers if the task is woken by a message. |
| - MEDIUM: protocol: automatically pick the proto associated to the connection. |
| - MEDIUM: channel: wake up any request analyzer on response activity |
| - MINOR: converters: add a "void *private" argument to converters |
| - MINOR: converters: give the session pointer as converter argument |
| - MINOR: sample: add private argument to the struct sample_fetch |
| - MINOR: global: export function and permits to not resolve DNS names |
| - MINOR: sample: add function for browsing samples. |
| - MINOR: global: export many symbols. |
| - MINOR: includes: fix a lot of missing or useless includes |
| - MEDIUM: tcp: add register keyword system. |
| - MEDIUM: buffer: make bo_putblk/bo_putstr/bo_putchk return the number of bytes copied. |
| - MEDIUM: http: change the code returned by the response processing rule functions |
| - MEDIUM: http/tcp: permit to resume http and tcp custom actions |
| - MINOR: channel: functions to get data from a buffer without copy |
| - MEDIUM: lua: lua integration in the build and init system. |
| - MINOR: lua: add ease functions |
| - MINOR: lua: add runtime execution context |
| - MEDIUM: lua: "com" signals |
| - MINOR: lua: add the configuration directive "lua-load" |
| - MINOR: lua: core: create "core" class and object |
| - MINOR: lua: post initialisation bindings |
| - MEDIUM: lua: add coroutine as tasks. |
| - MINOR: lua: add sample and args type converters |
| - MINOR: lua: txn: create class TXN associated with the transaction. |
| - MINOR: lua: add shared context in the lua stack |
| - MINOR: lua: txn: import existing sample-fetches in the class TXN |
| - MINOR: lua: txn: add lua function in TXN that returns an array of http headers |
| - MINOR: lua: register and execute sample-fetches in LUA |
| - MINOR: lua: register and execute converters in LUA |
| - MINOR: lua: add bindings for tcp and http actions |
| - MINOR: lua: core: add sleep functions |
| - MEDIUM: lua: socket: add "socket" class for TCP I/O |
| - MINOR: lua: core: pattern and acl manipulation |
| - MINOR: lua: channel: add "channel" class |
| - MINOR: lua: txn: object "txn" provides two objects "channel" |
| - MINOR: lua: core: can set the nice of the current task |
| - MINOR: lua: core: can yield an execution stack |
| - MINOR: lua: txn: add binding for closing the client connection. |
| - MEDIUM: lua: Lua initialisation "on demand" |
| - BUG/MAJOR: lua: send function fails and return bad bytes |
| - MINOR: remove unused declaration. |
| - MINOR: lua: remove some #define |
| - MINOR: lua: use bitfield and macro in place of integer and enum |
| - MINOR: lua: set skeleton for Lua execution expiration |
| - MEDIUM: lua: each yielding function returns a wake up time. |
| - MINOR: lua: adds "forced yield" flag |
| - MEDIUM: lua: interrupt the Lua execution for running other process |
| - MEDIUM: lua: change the sleep function core |
| - BUG/MEDIUM: lua: the execution timeout is ignored in yield case |
| - DOC: lua: Lua configuration documentation |
| - MINOR: lua: add the struct session in the lua channel struct |
| - BUG/MINOR: lua: set buffer if it is nnot avalaible. |
| - BUG/MEDIUM: lua: reset flags before resuming execution |
| - BUG/MEDIUM: lua: fix infinite loop about channel |
| - BUG/MEDIUM: lua: the Lua process is not waked up after sending data on requests side |
| - BUG/MEDIUM: lua: many errors when we try to send data with the channel API |
| - MEDIUM: lua: use the Lua-5.3 version of the library |
| - BUG/MAJOR: lua: some function are not yieldable, the forced yield causes errors |
| - BUG/MEDIUM: lua: can't handle the response bytes |
| - BUG/MEDIUM: lua: segfault with buffer_replace2 |
| - BUG/MINOR: lua: check buffers before initializing socket |
| - BUG/MINOR: log: segfault if there are no proxy reference |
| - BUG/MEDIUM: lua: sockets don't have buffer to write data |
| - BUG/MEDIUM: lua: cannot connect socket |
| - BUG/MINOR: lua: sockets receive behavior doesn't follows the specs |
| - BUG/BUILD: lua: The strict Lua 5.3 version check is not done. |
| - BUG/MEDIUM: buffer: one byte miss in buffer free space check |
| - MEDIUM: lua: make the functions hlua_gethlua() and hlua_sethlua() faster |
| - MINOR: replace the Core object by a simple model. |
| - MEDIUM: lua: change the objects configuration |
| - MEDIUM: lua: create a namespace for the fetches |
| - MINOR: converters: add function to browse converters |
| - MINOR: lua: wrapper for converters |
| - MINOR: lua: replace function (req|get)_channel by a variable |
| - MINOR: lua: fetches and converters can return an empty string in place of nil |
| - DOC: lua api |
| - BUG/MEDIUM: sample: fix random number upper-bound |
| - BUG/MINOR: stats:Fix incorrect printf type. |
| - BUG/MAJOR: session: revert all the crappy client-side timeout changes |
| - BUG/MINOR: logs: properly initialize and count log sockets |
| - BUG/MEDIUM: http: fetch "base" is not compatible with set-header |
| - BUG/MINOR: counters: do not untrack counters before logging |
| - BUG/MAJOR: sample: correctly reinitialize sample fetch context before calling sample_process() |
| - MINOR: stick-table: make stktable_fetch_key() indicate why it failed |
| - BUG/MEDIUM: counters: fix track-sc* to wait on unstable contents |
| - BUILD: remove TODO from the spec file and add README |
| - MINOR: log: make MAX_SYSLOG_LEN overridable at build time |
| - MEDIUM: log: support a user-configurable max log line length |
| - DOC: provide an example of how to use ssl_c_sha1 |
| - BUILD: checks: external checker needs signal.h |
| - BUILD: checks: kill a minor warning on Solaris in external checks |
| - BUILD: http: fix isdigit & isspace warnings on Solaris |
| - BUG/MINOR: listener: set the listener's fd to -1 after deletion |
| - BUG/MEDIUM: unix: failed abstract socket binding is retryable |
| - MEDIUM: listener: implement a per-protocol pause() function |
| - MEDIUM: listener: support rebinding during resume() |
| - BUG/MEDIUM: unix: completely unbind abstract sockets during a pause() |
| - DOC: explicitly mention the limits of abstract namespace sockets |
| - DOC: minor fix on {sc,src}_kbytes_{in,out} |
| - DOC: fix alphabetical sort of converters |
| - MEDIUM: stick-table: implement lookup from a sample fetch |
| - MEDIUM: stick-table: add new converters to fetch table data |
| - MINOR: samples: add two converters for the date format |
| - BUG/MAJOR: http: correctly rewind the request body after start of forwarding |
| - DOC: remove references to CPU=native in the README |
| - DOC: mention that "compression offload" is ignored in defaults section |
| - DOC: mention that Squid correctly responds 400 to PPv2 header |
| - BUILD: fix dependencies between config and compat.h |
| - MINOR: session: export the function 'smp_fetch_sc_stkctr' |
| - MEDIUM: stick-table: make it easier to register extra data types |
| - BUG/MINOR: http: base32+src should use the big endian version of base32 |
| - MINOR: sample: allow IP address to cast to binary |
| - MINOR: sample: add new converters to hash input |
| - MINOR: sample: allow integers to cast to binary |
| - BUILD: report commit ID in git versions as well |
| - CLEANUP: session: move the stick counters declarations to stick_table.h |
| - MEDIUM: http: add the track-sc* actions to http-request rules |
| - BUG/MEDIUM: connection: fix proxy v2 header again! |
| - BUG/MAJOR: tcp: fix a possible busy spinning loop in content track-sc* |
| - OPTIM/MINOR: proxy: reduce struct proxy by 48 bytes on 64-bit archs |
| - MINOR: log: add a new field "%lc" to implement a per-frontend log counter |
| - BUG/MEDIUM: http: fix inverted condition in pat_match_meth() |
| - BUG/MEDIUM: http: fix improper parsing of HTTP methods for use with ACLs |
| - BUG/MINOR: pattern: remove useless allocation of unused trash in pat_parse_reg() |
| - BUG/MEDIUM: acl: correctly compute the output type when a converter is used |
| - CLEANUP: acl: cleanup some of the redundancy and spaghetti after last fix |
| - BUG/CRITICAL: http: don't update msg->sov once data start to leave the buffer |
| - MEDIUM: http: enable header manipulation for 101 responses |
| - BUG/MEDIUM: config: propagate frontend to backend process binding again. |
| - MEDIUM: config: properly propagate process binding between proxies |
| - MEDIUM: config: make the frontends automatically bind to the listeners' processes |
| - MEDIUM: config: compute the exact bind-process before listener's maxaccept |
| - MEDIUM: config: only warn if stats are attached to multi-process bind directives |
| - MEDIUM: config: report it when tcp-request rules are misplaced |
| - DOC: indicate in the doc that track-sc* can wait if data are missing |
| - MINOR: config: detect the case where a tcp-request content rule has no inspect-delay |
| - MEDIUM: systemd-wrapper: support multiple executable versions and names |
| - BUG/MEDIUM: remove debugging code from systemd-wrapper |
| - BUG/MEDIUM: http: adjust close mode when switching to backend |
| - BUG/MINOR: config: don't propagate process binding on fatal errors. |
| - BUG/MEDIUM: check: rule-less tcp-check must detect connect failures |
| - BUG/MINOR: tcp-check: report the correct failed step in the status |
| - DOC: indicate that weight zero is reported as DRAIN |
| - BUG/MEDIUM: config: avoid skipping disabled proxies |
| - BUG/MINOR: config: do not accept more track-sc than configured |
| - BUG/MEDIUM: backend: fix URI hash when a query string is present |
| - BUG/MEDIUM: http: don't dump debug headers on MSG_ERROR |
| - BUG/MAJOR: cli: explicitly call cli_release_handler() upon error |
| - BUG/MEDIUM: tcp: fix outgoing polling based on proxy protocol |
| - BUILD/MINOR: ssl: de-constify "ciphers" to avoid a warning on openssl-0.9.8 |
| - BUG/MEDIUM: tcp: don't use SO_ORIGINAL_DST on non-AF_INET sockets |
| - BUG/BUILD: revert accidental change in the makefile from latest SSL fix |
| - BUG/MEDIUM: ssl: force a full GC in case of memory shortage |
| - MEDIUM: ssl: add support for smaller SSL records |
| - MINOR: session: release a few other pools when stopping |
| - MINOR: task: release the task pool when stopping |
| - BUG/MINOR: config: don't inherit the default balance algorithm in frontends |
| - BUG/MAJOR: frontend: initialize capture pointers earlier |
| - BUG/MINOR: stats: correctly set the request/response analysers |
| - MAJOR: polling: centralize calls to I/O callbacks |
| - DOC: fix typo in the body parser documentation for msg.sov |
| - BUG/MINOR: peers: the buffer size is global.tune.bufsize, not trash.size |
| - MINOR: sample: add a few basic internal fetches (nbproc, proc, stopping) |
| - DEBUG: pools: apply poisonning on every allocated pool |
| - BUG/MAJOR: sessions: unlink session from list on out of memory |
| - BUG/MEDIUM: patterns: previous fix was incomplete |
| - BUG/MEDIUM: payload: ensure that a request channel is available |
| - BUG/MINOR: tcp-check: don't condition data polling on check type |
| - BUG/MEDIUM: tcp-check: don't rely on random memory contents |
| - BUG/MEDIUM: tcp-checks: disable quick-ack unless next rule is an expect |
| - BUG/MINOR: config: fix typo in condition when propagating process binding |
| - BUG/MEDIUM: config: do not propagate processes between stopped processes |
| - BUG/MAJOR: stream-int: properly check the memory allocation return |
| - BUG/MEDIUM: memory: fix freeing logic in pool_gc2() |
| - BUG/MAJOR: namespaces: conn->target is not necessarily a server |
| - BUG/MEDIUM: compression: correctly report zlib_mem |
| - CLEANUP: lists: remove dead code |
| - CLEANUP: memory: remove dead code |
| - CLEANUP: memory: replace macros pool_alloc2/pool_free2 with functions |
| - MINOR: memory: cut pool allocator in 3 layers |
| - MEDIUM: memory: improve pool_refill_alloc() to pass a refill count |
| - MINOR: stream-int: retrieve session pointer from stream-int |
| - MINOR: buffer: reset a buffer in b_reset() and not channel_init() |
| - MEDIUM: buffer: use b_alloc() to allocate and initialize a buffer |
| - MINOR: buffer: move buffer initialization after channel initialization |
| - MINOR: buffer: only use b_free to release buffers |
| - MEDIUM: buffer: always assign a dummy empty buffer to channels |
| - MEDIUM: buffer: add a new buf_wanted dummy buffer to report failed allocations |
| - MEDIUM: channel: do not report full when buf_empty is present on a channel |
| - MINOR: session: group buffer allocations together |
| - MINOR: buffer: implement b_alloc_fast() |
| - MEDIUM: buffer: implement b_alloc_margin() |
| - MEDIUM: session: implement a basic atomic buffer allocator |
| - MAJOR: session: implement a wait-queue for sessions who need a buffer |
| - MAJOR: session: only allocate buffers when needed |
| - MINOR: stats: report a "waiting" flags for sessions |
| - MAJOR: session: only wake up as many sessions as available buffers permit |
| - MINOR: config: implement global setting tune.buffers.reserve |
| - MINOR: config: implement global setting tune.buffers.limit |
| - MEDIUM: channel: implement a zero-copy buffer transfer |
| - MEDIUM: stream-int: support splicing from applets |
| - OPTIM: stream-int: try to send pending spliced data |
| - CLEANUP: session: remove session_from_task() |
| - DOC: add missing entry for log-format and clarify the text |
| - MINOR: logs: add a new per-proxy "log-tag" directive |
| - BUG/MEDIUM: http: fix header removal when previous header ends with pure LF |
| - MINOR: config: extend the default max hostname length to 64 and beyond |
| - BUG/MEDIUM: channel: fix possible integer overflow on reserved size computation |
| - BUG/MINOR: channel: compare to_forward with buf->i, not buf->size |
| - MINOR: channel: add channel_in_transit() |
| - MEDIUM: channel: make buffer_reserved() use channel_in_transit() |
| - MEDIUM: channel: make bi_avail() use channel_in_transit() |
| - BUG/MEDIUM: channel: don't schedule data in transit for leaving until connected |
| - CLEANUP: channel: rename channel_reserved -> channel_is_rewritable |
| - MINOR: channel: rename channel_full() to !channel_may_recv() |
| - MINOR: channel: rename buffer_reserved() to channel_reserved() |
| - MINOR: channel: rename buffer_max_len() to channel_recv_limit() |
| - MINOR: channel: rename bi_avail() to channel_recv_max() |
| - MINOR: channel: rename bi_erase() to channel_truncate() |
| - BUG/MAJOR: log: don't try to emit a log if no logger is set |
| - MINOR: tools: add new round_2dig() function to round integers |
| - MINOR: global: always export some SSL-specific metrics |
| - MINOR: global: report information about the cost of SSL connections |
| - MAJOR: init: automatically set maxconn and/or maxsslconn when possible |
| - MINOR: http: add a new fetch "query" to extract the request's query string |
| - MINOR: hash: add new function hash_crc32 |
| - MINOR: samples: provide a "crc32" converter |
| - MEDIUM: backend: add the crc32 hash algorithm for load balancing |
| - BUG/MINOR: args: add missing entry for ARGT_MAP in arg_type_names |
| - BUG/MEDIUM: http: make http-request set-header compute the string before removal |
| - MEDIUM: args: use #define to specify the number of bits used by arg types and counts |
| - MEDIUM: args: increase arg type to 5 bits and limit arg count to 5 |
| - MINOR: args: add type-specific flags for each arg in a list |
| - MINOR: args: implement a new arg type for regex : ARGT_REG |
| - MEDIUM: regex: add support for passing regex flags to regex_exec_match() |
| - MEDIUM: samples: add a regsub converter to perform regex-based transformations |
| - BUG/MINOR: sample: fix case sensitivity for the regsub converter |
| - MEDIUM: http: implement http-request set-{method,path,query,uri} |
| - DOC: fix missing closing brackend on regsub |
| - MEDIUM: samples: provide basic arithmetic and bitwise operators |
| - MEDIUM: init: continue to enforce SYSTEM_MAXCONN with auto settings if set |
| - BUG/MINOR: http: fix incorrect header value offset in replace-hdr/replace-value |
| - BUG/MINOR: http: abort request processing on filter failure |
| - MEDIUM: tcp: implement tcp-ut bind option to set TCP_USER_TIMEOUT |
| - MINOR: ssl/server: add the "no-ssl-reuse" server option |
| - BUG/MAJOR: peers: initialize s->buffer_wait when creating the session |
| - MINOR: http: add a new function to iterate over each header line |
| - MINOR: http: add the new sample fetches req.hdr_names and res.hdr_names |
| - MEDIUM: task: always ensure that the run queue is consistent |
| - BUILD: Makefile: add -Wdeclaration-after-statement |
| - BUILD/CLEANUP: ssl: avoid a warning due to mixed code and declaration |
| - BUILD/CLEANUP: config: silent 3 warnings about mixed declarations with code |
| - MEDIUM: protocol: use a family array to index the protocol handlers |
| - BUILD: lua: cleanup many mixed occurrences declarations & code |
| - BUG/MEDIUM: task: fix recently introduced scheduler skew |
| - BUG/MINOR: lua: report the correct function name in an error message |
| - BUG/MAJOR: http: fix stats regression consecutive to HTTP_RULE_RES_YIELD |
| - Revert "BUG/MEDIUM: lua: can't handle the response bytes" |
| - MINOR: lua: convert IP addresses to type string |
| - CLEANUP: lua: use the same function names in C and Lua |
| - REORG/MAJOR: move session's req and resp channels back into the session |
| - CLEANUP: remove now unused channel pool |
| - REORG/MEDIUM: stream-int: introduce si_ic/si_oc to access channels |
| - MEDIUM: stream-int: add a flag indicating which side the SI is on |
| - MAJOR: stream-int: only rely on SI_FL_ISBACK to find the requested channel |
| - MEDIUM: stream-interface: remove now unused pointers to channels |
| - MEDIUM: stream-int: make si_sess() use the stream int's side |
| - MEDIUM: stream-int: use si_task() to retrieve the task from the stream int |
| - MEDIUM: stream-int: remove any reference to the owner |
| - CLEANUP: stream-int: add si_ib/si_ob to dereference the buffers |
| - CLEANUP: stream-int: add si_opposite() to find the other stream interface |
| - REORG/MEDIUM: channel: only use chn_prod / chn_cons to find stream-interfaces |
| - MEDIUM: channel: add a new flag "CF_ISRESP" for the response channel |
| - MAJOR: channel: only rely on the new CF_ISRESP flag to find the SI |
| - MEDIUM: channel: remove now unused ->prod and ->cons pointers |
| - CLEANUP: session: simplify references to chn_{prod,cons}(&s->{req,res}) |
| - CLEANUP: session: use local variables to access channels / stream ints |
| - CLEANUP: session: don't needlessly pass a pointer to the stream-int |
| - CLEANUP: session: don't use si_{ic,oc} when we know the session. |
| - CLEANUP: stream-int: limit usage of si_ic/si_oc |
| - CLEANUP: lua: limit usage of si_ic/si_oc |
| - MINOR: channel: add chn_sess() helper to retrieve session from channel |
| - MEDIUM: session: simplify receive buffer allocator to only use the channel |
| - MEDIUM: lua: use CF_ISRESP to detect the channel's side |
| - CLEANUP: lua: remove the session pointer from hlua_channel |
| - CLEANUP: lua: hlua_channel_new() doesn't need the pointer to the session anymore |
| - MEDIUM: lua: remove struct hlua_channel |
| - MEDIUM: lua: remove hlua_sample_fetch |
| |
| 2014/06/19 : 1.6-dev0 |
| - exact copy of 1.5.0 |
| |
| 2014/06/19 : 1.5.0 |
| - MEDIUM: ssl: ignored file names ending as '.issuer' or '.ocsp'. |
| - MEDIUM: ssl: basic OCSP stapling support. |
| - MINOR: ssl/cli: Fix unapropriate comment in code on 'set ssl ocsp-response' |
| - MEDIUM: ssl: add 300s supported time skew on OCSP response update. |
| - MINOR: checks: mysql-check: Add support for v4.1+ authentication |
| - MEDIUM: ssl: Add the option to use standardized DH parameters >= 1024 bits |
| - MEDIUM: ssl: fix detection of ephemeral diffie-hellman key exchange by using the cipher description. |
| - MEDIUM: http: add actions "replace-header" and "replace-values" in http-req/resp |
| - MEDIUM: Break out check establishment into connect_chk() |
| - MEDIUM: Add port_to_str helper |
| - BUG/MEDIUM: fix ignored values for half-closed timeouts (client-fin and server-fin) in defaults section. |
| - BUG/MEDIUM: Fix unhandled connections problem with systemd daemon mode and SO_REUSEPORT. |
| - MINOR: regex: fix a little configuration memory leak. |
| - MINOR: regex: Create JIT compatible function that return match strings |
| - MEDIUM: regex: replace all standard regex function by own functions |
| - MEDIUM: regex: Remove null terminated strings. |
| - MINOR: regex: Use native PCRE API. |
| - MINOR: missing regex.h include |
| - DOC: Add Exim as Proxy Protocol implementer. |
| - BUILD: don't use type "uint" which is not portable |
| - BUILD: stats: workaround stupid and bogus -Werror=format-security behaviour |
| - BUG/MEDIUM: http: clear CF_READ_NOEXP when preparing a new transaction |
| - CLEANUP: http: don't clear CF_READ_NOEXP twice |
| - DOC: fix proxy protocol v2 decoder example |
| - DOC: fix remaining occurrences of "pattern extraction" |
| - MINOR: log: allow the HTTP status code to be logged even in TCP frontends |
| - MINOR: logs: don't limit HTTP header captures to HTTP frontends |
| - MINOR: sample: improve sample_fetch_string() to report partial contents |
| - MINOR: capture: extend the captures to support non-header keys |
| - MINOR: tcp: prepare support for the "capture" action |
| - MEDIUM: tcp: add a new tcp-request capture directive |
| - MEDIUM: session: allow shorter retry delay if timeout connect is small |
| - MEDIUM: session: don't apply the retry delay when redispatching |
| - MEDIUM: session: redispatch earlier when possible |
| - MINOR: config: warn when tcp-check rules are used without option tcp-check |
| - BUG/MINOR: connection: make proxy protocol v1 support the UNKNOWN protocol |
| - DOC: proxy protocol example parser was still wrong |
| - DOC: minor updates to the proxy protocol doc |
| - CLEANUP: connection: merge proxy proto v2 header and address block |
| - MEDIUM: connection: add support for proxy protocol v2 in accept-proxy |
| - MINOR: tools: add new functions to quote-encode strings |
| - DOC: clarify the CSV format |
| - MEDIUM: stats: report the last check and last agent's output on the CSV status |
| - MINOR: freq_ctr: introduce a new averaging method |
| - MEDIUM: session: maintain per-backend and per-server time statistics |
| - MEDIUM: stats: report per-backend and per-server time stats in HTML and CSV outputs |
| - BUG/MINOR: http: fix typos in previous patch |
| - DOC: remove the ultra-obsolete TODO file |
| - DOC: update roadmap |
| - DOC: minor updates to the README |
| - DOC: mention the maxconn limitations with the select poller |
| - DOC: commit a few old design thoughts files |
| |
| 2014/05/28 : 1.5-dev26 |
| - BUG/MEDIUM: polling: fix possible CPU hogging of worker processes after receiving SIGUSR1. |
| - BUG/MINOR: stats: fix a typo on a closing tag for a server tracking another one |
| - OPTIM: stats: avoid the calculation of a useless link on tracking servers in maintenance |
| - MINOR: fix a few memory usage errors |
| - CONTRIB: halog: Filter input lines by date and time through timestamp |
| - MINOR: ssl: SSL_CTX_set_options() and SSL_CTX_set_mode() take a long, not an int |
| - BUG/MEDIUM: regex: fix risk of buffer overrun in exp_replace() |
| - MINOR: acl: set "str" as default match for strings |
| - DOC: Add some precisions about acl default matching method |
| - MEDIUM: acl: strenghten the option parser to report invalid options |
| - BUG/MEDIUM: config: a stats-less config crashes in 1.5-dev25 |
| - BUG/MINOR: checks: tcp-check must not stop on '\0' for binary checks |
| - MINOR: stats: improve alignment of color codes to save one line of header |
| - MINOR: checks: simplify and improve reporting of state changes when using log-health-checks |
| - MINOR: server: remove the SRV_DRAIN flag which can always be deduced |
| - MINOR: server: use functions to detect state changes and to update them |
| - MINOR: server: create srv_was_usable() from srv_is_usable() and use a pointer |
| - BUG/MINOR: stats: do not report "100%" in the thottle column when server is draining |
| - BUG/MAJOR: config: don't free valid regex memory |
| - BUG/MEDIUM: session: don't clear CF_READ_NOEXP if analysers are not called |
| - BUG/MINOR: stats: tracking servers may incorrectly report an inherited DRAIN status |
| - MEDIUM: proxy: make timeout parser a bit stricter |
| - REORG/MEDIUM: server: split server state and flags in two different variables |
| - REORG/MEDIUM: server: move the maintenance bits out of the server state |
| - MAJOR: server: use states instead of flags to store the server state |
| - REORG: checks: put the functions in the appropriate files ! |
| - MEDIUM: server: properly support and propagate the maintenance status |
| - MEDIUM: server: allow multi-level server tracking |
| - CLEANUP: checks: rename the server_status_printf function |
| - MEDIUM: checks: simplify server up/down/nolb transitions |
| - MAJOR: checks: move health checks changes to set_server_check_status() |
| - MINOR: server: make the status reporting function support a reason |
| - MINOR: checks: simplify health check reporting functions |
| - MINOR: server: implement srv_set_stopped() |
| - MINOR: server: implement srv_set_running() |
| - MINOR: server: implement srv_set_stopping() |
| - MEDIUM: checks: simplify failure notification using srv_set_stopped() |
| - MEDIUM: checks: simplify success notification using srv_set_running() |
| - MEDIUM: checks: simplify stopping mode notification using srv_set_stopping() |
| - MEDIUM: stats: report a server's own state instead of the tracked one's |
| - MINOR: server: make use of srv_is_usable() instead of checking eweight |
| - MAJOR: checks: add support for a new "drain" administrative mode |
| - MINOR: stats: use the admin flags for soft enable/disable/stop/start on the web page |
| - MEDIUM: stats: introduce new actions to simplify admin status management |
| - MINOR: cli: introduce a new "set server" command |
| - MINOR: stats: report a distinct output for DOWN caused by agent |
| - MINOR: checks: support specific check reporting for the agent |
| - MINOR: checks: support a neutral check result |
| - BUG/MINOR: cli: "agent" was missing from the "enable"/"disable" help message |
| - MEDIUM: cli: add support for enabling/disabling health checks. |
| - MEDIUM: stats: report down caused by agent prior to reporting up |
| - MAJOR: agent: rework the response processing and support additional actions |
| - MINOR: stats: improve the stats web page to support more actions |
| - CONTRIB: halog: avoid calling time/localtime/mktime for each line |
| - DOC: document the workarouds for Google Chrome's bogus pre-connect |
| - MINOR: stats: report SSL key computations per second |
| - MINOR: stats: add counters for SSL cache lookups and misses |
| |
| 2014/05/10 : 1.5-dev25 |
| - MEDIUM: connection: Implement and extented PROXY Protocol V2 |
| - MINOR: ssl: clean unused ACLs declarations |
| - MINOR: ssl: adds fetchs and ACLs for ssl back connection. |
| - MINOR: ssl: merge client's and frontend's certificate functions. |
| - MINOR: ssl: adds ssl_f_sha1 fetch to return frontend's certificate fingerprint |
| - MINOR: ssl: adds sample converter base64 for binary type. |
| - MINOR: ssl: convert to binary ssl_fc_unique_id and ssl_bc_unique_id. |
| - BUG/MAJOR: ssl: Fallback to private session cache if current lock mode is not supported. |
| - MAJOR: ssl: Change default locks on ssl session cache. |
| - BUG/MINOR: chunk: Fix function chunk_strcmp and chunk_strcasecmp match a substring. |
| - MINOR: ssl: add global statement tune.ssl.force-private-cache. |
| - MINOR: ssl: remove fallback to SSL session private cache if lock init fails. |
| - BUG/MEDIUM: patterns: last fix was still not enough |
| - MINOR: http: export the smp_fetch_cookie function |
| - MINOR: http: generic pointer to rule argument |
| - BUG/MEDIUM: pattern: a typo breaks automatic acl/map numbering |
| - BUG/MAJOR: patterns: -i and -n are ignored for inlined patterns |
| - BUG/MINOR: proxy: unsafe initialization of HTTP transaction when switching from TCP frontend |
| - BUG/MINOR: http: log 407 in case of proxy auth |
| - MINOR: http: rely on the message body parser to send 100-continue |
| - MEDIUM: http: move reqadd after execution of http_request redirect |
| - MEDIUM: http: jump to dedicated labels after http-request processing |
| - BUG/MINOR: http: block rules forgot to increment the denied_req counter |
| - BUG/MINOR: http: block rules forgot to increment the session's request counter |
| - MEDIUM: http: move Connection header processing earlier |
| - MEDIUM: http: remove even more of the spaghetti in the request path |
| - MINOR: http: silently support the "block" action for http-request |
| - CLEANUP: proxy: rename "block_cond" to "block_rules" |
| - MEDIUM: http: emulate "block" rules using "http-request" rules |
| - MINOR: http: remove the now unused loop over "block" rules |
| - MEDIUM: http: factorize the "auth" action of http-request and stats |
| - MEDIUM: http: make http-request rules processing return a verdict instead of a rule |
| - MINOR: config: add minimum support for emitting warnings only once |
| - MEDIUM: config: inform the user about the deprecatedness of "block" rules |
| - MEDIUM: config: inform the user that "reqsetbe" is deprecated |
| - MEDIUM: config: inform the user only once that "redispatch" is deprecated |
| - MEDIUM: config: warn that '{cli,con,srv}timeout' are deprecated |
| - BUG/MINOR: auth: fix wrong return type in pat_match_auth() |
| - BUILD: config: remove a warning with clang |
| - BUG/MAJOR: http: connection setup may stall on balance url_param |
| - BUG/MEDIUM: http/session: disable client-side expiration only after body |
| - BUG/MEDIUM: http: correctly report request body timeouts |
| - BUG/MEDIUM: http: disable server-side expiration until client has sent the body |
| - MEDIUM: listener: make the accept function more robust against pauses |
| - BUILD: syscalls: remove improper inline statement in front of syscalls |
| - BUILD: ssl: SSL_CTX_set_msg_callback() needs openssl >= 0.9.7 |
| - BUG/MAJOR: session: recover the correct connection pointer in half-initialized sessions |
| - DOC: add some explanation on the shared cache build options in the readme. |
| - MEDIUM: proxy: only adjust the backend's bind-process when already set |
| - MEDIUM: config: limit nbproc to the machine's word size |
| - MEDIUM: config: check the bind-process settings according to nbproc |
| - MEDIUM: listener: parse the new "process" bind keyword |
| - MEDIUM: listener: inherit the process mask from the proxy |
| - MAJOR: listener: only start listeners bound to the same processes |
| - MINOR: config: only report a warning when stats sockets are bound to more than 1 process |
| - CLEANUP: config: set the maxaccept value for peers listeners earlier |
| - BUG/MINOR: backend: only match IPv4 addresses with RDP cookies |
| - BUG/MINOR: checks: correctly configure the address family and protocol |
| - MINOR: tools: split is_addr() and is_inet_addr() |
| - MINOR: protocols: use is_inet_addr() when only INET addresses are desired |
| - MEDIUM: unix: add preliminary support for connecting to servers over UNIX sockets |
| - MEDIUM: checks: only complain about the missing port when the check uses TCP |
| - MEDIUM: unix: implement support for Linux abstract namespace sockets |
| - DOC: map_beg was missing from the table of map_* converters |
| - DOC: ebtree: indicate that prefix insertion/lookup may be used with strings |
| - MEDIUM: pattern: use ebtree's longest match to index/lookup string beginning |
| - BUILD: remove the obsolete BSD and OSX makefiles |
| - MEDIUM: unix: avoid a double connect probe when no data are sent |
| - DOC: stop referencing the slow git repository in the README |
| - BUILD: only build the systemd wrapper on Linux 2.6 and above |
| - DOC: update roadmap with completed tasks |
| - MEDIUM: session: implement half-closed timeouts (client-fin and server-fin) |
| |
| 2014/04/26 : 1.5-dev24 |
| - MINOR: pattern: find element in a reference |
| - MEDIUM: http: ACL and MAP updates through http-(request|response) rules |
| - MEDIUM: ssl: explicitly log failed handshakes after a heartbeat |
| - DOC: Full section dedicated to the converters |
| - MEDIUM: http: register http-request and http-response keywords |
| - BUG/MINOR: compression: correctly report incoming byte count |
| - BUG/MINOR: http: don't report server aborts as client aborts |
| - BUG/MEDIUM: channel: bi_putblk() must not wrap before the end of buffer |
| - CLEANUP: buffers: remove unused function buffer_contig_space_with_res() |
| - MEDIUM: stats: reimplement HTTP keep-alive on the stats page |
| - BUG/MAJOR: http: fix timeouts during data forwarding |
| - BUG/MEDIUM: http: 100-continue responses must process the next part immediately |
| - MEDIUM: http: move skipping of 100-continue earlier |
| - BUILD: stats: let gcc know that last_fwd cannot be used uninitialized... |
| - CLEANUP: general: get rid of all old occurrences of "session *t" |
| - CLEANUP: http: remove the useless "if (1)" inherited from version 1.4 |
| - BUG/MEDIUM: stats: mismatch between behaviour and doc about front/back |
| - MEDIUM: http: enable analysers to have keep-alive on stats |
| - REORG: http: move HTTP Connection response header parsing earlier |
| - MINOR: stats: always emit HTTP/1.1 in responses |
| - MINOR: http: add capture.req.ver and capture.res.ver |
| - MINOR: checks: add a new global max-spread-checks directive |
| - BUG/MAJOR: http: fix the 'next' pointer when performing a redirect |
| - MINOR: http: implement the max-keep-alive-queue setting |
| - DOC: fix alphabetic order of tcp-check |
| - MINOR: connection: add a new error code for SSL with heartbeat |
| - MEDIUM: ssl: implement a workaround for the OpenSSL heartbleed attack |
| - BUG/MEDIUM: Revert "MEDIUM: ssl: Add standardized DH parameters >= 1024 bits" |
| - BUILD: http: remove a warning on strndup |
| - BUILD: ssl: avoid a warning about conn not used with OpenSSL < 1.0.1 |
| - BUG/MINOR: ssl: really block OpenSSL's response to heartbleed attack |
| - MINOR: ssl: finally catch the heartbeats missing the padding |
| |
| 2014/04/23 : 1.5-dev23 |
| - BUG/MINOR: reject malformed HTTP/0.9 requests |
| - MINOR: systemd wrapper: re-execute on SIGUSR2 |
| - MINOR: systemd wrapper: improve logging |
| - MINOR: systemd wrapper: propagate exit status |
| - BUG/MINOR: tcpcheck connect wrong behavior |
| - MEDIUM: proxy: support use_backend with dynamic names |
| - MINOR: stats: Enhancement to stats page to provide information of last session time. |
| - BUG/MEDIUM: peers: fix key consistency for integer stick tables |
| - DOC: fix a typo on http-server-close and encapsulate options with double-quotes |
| - DOC: fix fetching samples syntax |
| - MINOR: ssl: add ssl_fc_unique_id to fetch TLS Unique ID |
| - MEDIUM: ssl: Use ALPN support as it will be available in OpenSSL 1.0.2 |
| - DOC: fix typo |
| - CLEANUP: code style: use tabs to indent codes instead of spaces |
| - DOC: fix a few config typos. |
| - BUG/MINOR: raw_sock: also consider ENOTCONN in addition to EAGAIN for recv() |
| - DOC: lowercase format string in unique-id |
| - MINOR: set IP_FREEBIND on IPv6 sockets in transparent mode |
| - BUG/MINOR: acl: req_ssl_sni fails with SSLv3 record version |
| - BUG/MINOR: build: add missing objects in osx and bsd Makefiles |
| - BUG/MINOR: build: handle whitespaces in wc -l output |
| - BUG/MINOR: Fix name lookup ordering when compiled with USE_GETADDRINFO |
| - MEDIUM: ssl: Add standardized DH parameters >= 1024 bits |
| - BUG/MEDIUM: map: The map parser includes blank lines. |
| - BUG/MINOR: log: The log of quotted capture header has been terminated by 2 quotes. |
| - MINOR: standard: add function "encode_chunk" |
| - BUG/MINOR: http: fix encoding of samples used in http headers |
| - MINOR: sample: add hex converter |
| - MEDIUM: sample: change the behavior of the bin2str cast |
| - MAJOR: auth: Change the internal authentication system. |
| - MEDIUM: acl/pattern: standardisation "of pat_parse_int()" and "pat_parse_dotted_ver()" |
| - MEDIUM: pattern: The pattern parser no more uses <opaque> and just takes one string. |
| - MEDIUM: pattern: Change the prototype of the function pattern_register(). |
| - CONTRIB: ip6range: add a network IPv6 range to mask converter |
| - MINOR: pattern: separe list element from the data part. |
| - MEDIUM: pattern: add indexation function. |
| - MEDIUM: pattern: The parse functions just return "struct pattern" without memory allocation |
| - MINOR: pattern: Rename "pat_idx_elt" to "pattern_tree" |
| - MINOR: sample: dont call the sample cast function "c_none" |
| - MINOR: standard: Add function for converting cidr to network mask. |
| - MEDIUM: sample: Remove types SMP_T_CSTR and SMP_T_CBIN, replace it by SMP_F_CONST flags |
| - MEDIUM: sample/http_proto: Add new type called method |
| - MINOR: dumpstats: Group map inline help |
| - MEDIUM: pattern: The function pattern_exec_match() returns "struct pattern" if the patten match. |
| - MINOR: dumpstats: change map inline sentences |
| - MINOR: dumpstats: change the "get map" display management |
| - MINOR: map/dumpstats: The cli cmd "get map ..." display the "int" format. |
| - MEDIUM: pattern: The match function browse itself the list or the tree. |
| - MEDIUM: pattern: Index IPv6 addresses in a tree. |
| - MEDIUM: pattern: add delete functions |
| - MEDIUM: pattern: add prune function |
| - MEDIUM: pattern: add sample lookup function. |
| - MEDIUM: pattern/dumpstats: The function pattern_lookup() is no longer used |
| - MINOR: map/pattern: The sample parser is stored in the pattern |
| - MAJOR: pattern/map: Extends the map edition system in the patterns |
| - MEDIUM: pattern: merge same pattern |
| - MEDIUM: pattern: The expected type is stored in the pattern head, and conversion is executed once. |
| - MINOR: pattern: Each pattern is identified by unique id. |
| - MINOR: pattern/acl: Each pattern of each acl can be load with specified id |
| - MINOR: pattern: The function "pattern_register()" is no longer used. |
| - MINOR: pattern: Merge function pattern_add() with pat_ref_push(). |
| - MINOR: pattern: store configuration reference for each acl or map pattern. |
| - MINOR: pattern: Each pattern expression element store the reference struct. |
| - MINOR: dumpstats: display the reference for th key/pattern and value. |
| - MEDIUM: pattern: delete() function uses the pat_ref_elt to find the element to be removed |
| - MEDIUM: pattern_find_smp: functions find_smp uses the pat_ref_elt to find the element to be removed |
| - MEDIUM: dumpstats/pattern: display and use each pointer of each pattern dumped |
| - MINOR: pattern/map/acl: Centralization of the file parsers |
| - MINOR: pattern: Check if the file reference is not used with acl and map |
| - MINOR: acl/pattern: Acl "-M" option force to load file as map file with two columns |
| - MEDIUM: dumpstats: Display error message during add of values. |
| - MINOR: pattern: The function pat_ref_set() have now atomic behavior |
| - MINOR: regex: The pointer regstr in the struc regex is no longer used. |
| - MINOR: cli: Block the usage of the command "acl add" in many cases. |
| - MINOR: doc: Update the documentation about the map and acl |
| - MINOR: pattern: index duplicates |
| - MINOR: configuration: File and line propagation |
| - MINOR: dumpstat/conf: display all the configuration lines that using pattern reference |
| - MINOR: standard: Disable ip resolution during the runtime |
| - MINOR: pattern: Remove the flag "PAT_F_FROM_FILE". |
| - MINOR: pattern: forbid dns resolutions |
| - DOC: document "get map" / "get acl" on the CLI |
| - MEDIUM: acl: Change the acl register struct |
| - BUG/MEDIUM: acl: boolean only matches were broken by recent changes |
| - DOC: pattern: pattern organisation schematics |
| - MINOR: pattern/cli: Update used terms in documentation and cli |
| - MINOR: cli: remove information about acl or map owner. |
| - MINOR: session: don't always assume there's a listener |
| - MINOR: pattern: Add function to prune and reload pattern list. |
| - MINOR: standard: Add ipv6 support in the function url2sa(). |
| - MEDIUM: config: Dynamic sections. |
| - BUG/MEDIUM: stick-table: fix IPv4-to-IPv6 conversion in src_* fetches |
| - MINOR: http: Add the "language" converter to for use with accept-language |
| - BUG/MINOR: log: Don't dump empty unique-id |
| - BUG/MAJOR: session: fix a possible crash with src_tracked |
| - DOC: Update "language" documentation |
| - MINOR: http: add the function "del-header" to the directives http-request and http-response |
| - DOC: add some information on capture.(req|res).hdr |
| - MINOR: http: capture.req.method and capture.req.uri |
| - MINOR: http: optimize capture.req.method and capture.req.uri |
| - MINOR: session: clean up the connection free code |
| - BUG/MEDIUM: checks: immediately report a connection success |
| - MEDIUM: connection: don't use real send() flags in snd_buf() |
| - OPTIM: ssl: implement dynamic record size adjustment |
| - MINOR: stats: report exact last session time in backend too |
| - BUG/MEDIUM: stats: the "lastsess" field must appear last in the CSV. |
| - BUG/MAJOR: check: fix memory leak in "tcp-check connect" over SSL |
| - BUG/MINOR: channel: initialize xfer_small/xfer_large on new buffers |
| - MINOR: channel: add the date of last read in the channel |
| - MEDIUM: stream-int: automatically disable CF_STREAMER flags after idle |
| - MINOR: ssl: add DEFAULT_SSL_MAX_RECORD to set the record size at build time |
| - MINOR: config: make the stream interface idle timer user-configurable |
| - MINOR: config: add global directives to set default SSL ciphers |
| - MINOR: sample: add a rand() sample fetch to return a sample. |
| - BUG/MEDIUM: config: immediately abort if peers section has no name |
| - BUG/MINOR: ssl: fix syntax in config error message |
| - BUG/MEDIUM: ssl: always send a full buffer after EAGAIN |
| - BUG/MINOR: config: server on-marked-* statement is ignored in default-server |
| - BUG/MEDIUM: backend: prefer-last-server breaks redispatch |
| - BUG/MEDIUM: http: continue to emit 503 on keep-alive to different server |
| - MEDIUM: acl: fix pattern type for payload / payload_lv |
| - BUG/MINOR: config: fix a crash on startup when a disabled backend references a peer |
| - BUG/MEDIUM: compression: fix the output type of the compressor name |
| - BUG/MEDIUM: http: don't start to forward request data before the connect |
| - MINOR: http: release compression context only in http_end_txn() |
| - MINOR: protect ebimtree/ebistree against multiple inclusions |
| - MEDIUM: proxy: create a tree to store proxies by name |
| - MEDIUM: proxy: make findproxy() use trees to look up proxies |
| - MEDIUM: proxy: make get_backend_server() use findproxy() to lookup proxies |
| - MEDIUM: stick-table: lookup table names using trees. |
| - MEDIUM: config: faster lookup for duplicated proxy name |
| - CLEANUP: acl: remove obsolete test in parse_acl_expr() |
| - MINOR: sample: move smp_to_type to sample.c |
| - MEDIUM: compression: consider the "q=" attribute in Accept-Encoding |
| - REORG: cfgparse: move server keyword parsing to server.c |
| - BUILD: adjust makefile for AIX 5.1 |
| - BUG/MEDIUM: pattern: fix wrong definition of the pat_prune_fcts array |
| - CLEANUP: pattern: move array definitions to proto/ and not types/ |
| - BUG/MAJOR: counters: check for null-deref when looking up an alternate table |
| - BUILD: ssl: previous patch failed |
| - BUILD/MEDIUM: standard: get rid of the last strcpy() |
| - BUILD/MEDIUM: standard: get rid of sprintf() |
| - BUILD/MEDIUM: cfgparse: get rid of sprintf() |
| - BUILD/MEDIUM: checks: get rid of sprintf() |
| - BUILD/MEDIUM: http: remove calls to sprintf() |
| - BUG/MEDIUM: systemd-wrapper: fix locating of haproxy binary |
| - BUILD/MINOR: ssl: remove one call to sprintf() |
| - MEDIUM: http: don't reject anymore message bodies not containing the url param |
| - MEDIUM: http: wait for the first chunk or message body length in http_process_body |
| - CLEANUP: http: rename http_process_request_body() |
| - CLEANUP: http: prepare dedicated processing for chunked encoded message bodies |
| - MINOR: http: make msg->eol carry the last CRLF length |
| - MAJOR: http: do not use msg->sol while processing messages or forwarding data |
| - MEDIUM: http: http_parse_chunk_crlf() must not advance the buffer pointer |
| - MAJOR: http: don't update msg->sov anymore while processing the body |
| - MINOR: http: add a small helper to compute the amount of body bytes present |
| - MEDIUM: http: add a small helper to compute how far to rewind to find headers |
| - MINOR: http: add a small helper to compute how far to rewind to find URI |
| - MEDIUM: http: small helpers to compute how far to rewind to find BODY and DATA |
| - MAJOR: http: reset msg->sov after headers are forwarded |
| - MEDIUM: http: forward headers again while waiting for connection to complete |
| - BUG/MINOR: http: deinitialize compression after a parsing error |
| - BUG/MINOR: http: deinitialize compression after a compression error |
| - MEDIUM: http: headers must be forwarded even if data was already inspected |
| - MAJOR: http: re-enable compression on chunked encoding |
| - MAJOR: http/compression: fix chunked-encoded response processing |
| - MEDIUM: http: cleanup: centralize a little bit HTTP compression end |
| - MEDIUM: http: start to centralize the forwarding code |
| - MINOR: http: further cleanups of response forwarding function |
| - MEDIUM: http: only allocate the temporary compression buffer when needed |
| - MAJOR: http: centralize data forwarding in the request path |
| - CLEANUP: http: document the response forwarding states |
| - CLEANUP: http: remove all calls to http_silent_debug() |
| - DOC: internal: add some reminders about HTTP parsing and pointer states |
| - BUG/MAJOR: http: fix bug in parse_qvalue() when selecting compression algo |
| - BUG/MINOR: stats: last session was not always set |
| - DOC: add pointer to the Cyril's HTML doc in the README |
| - MEDIUM: config: relax use_backend check to make the condition optional |
| - MEDIUM: config: report misplaced http-request rules |
| - MEDIUM: config: report misplaced use-server rules |
| - DOC: update roadmap with what was done. |
| |
| 2014/02/03 : 1.5-dev22 |
| - MEDIUM: tcp-check new feature: connect |
| - MEDIUM: ssl: Set verify 'required' as global default for servers side. |
| - MINOR: ssl: handshake optim for long certificate chains. |
| - BUG/MINOR: pattern: pattern comparison executed twice |
| - BUG/MEDIUM: map: segmentation fault with the stats's socket command "set map ..." |
| - BUG/MEDIUM: pattern: Segfault in binary parser |
| - MINOR: pattern: move functions for grouping pat_match_* and pat_parse_* and add documentation. |
| - MINOR: standard: The parse_binary() returns the length consumed and his documentation is updated |
| - BUG/MINOR: payload: the patterns of the acl "req.ssl_ver" are no parsed with the good function. |
| - BUG/MEDIUM: pattern: "pat_parse_dotted_ver()" set bad expect_type. |
| - BUG/MINOR: sample: The c_str2int converter does not fail if the entry is not an integer |
| - BUG/MEDIUM: http/auth: Sometimes the authentication credentials can be mix between two requests |
| - MINOR: doc: Bad cli function name. |
| - MINOR: http: smp_fetch_capture_header_* fetch captured headers |
| - BUILD: last release inadvertently prepended a "+" in front of the date |
| - BUG/MEDIUM: stream-int: fix the keep-alive idle connection handler |
| - BUG/MEDIUM: backend: do not re-initialize the connection's context upon reuse |
| - BUG: Revert "OPTIM/MEDIUM: epoll: fuse active events into polled ones during polling changes" |
| - BUG/MINOR: checks: successful check completion must not re-enable MAINT servers |
| - MINOR: http: try to stick to same server after status 401/407 |
| - BUG/MINOR: http: always disable compression on HTTP/1.0 |
| - OPTIM: poll: restore polling after a poll/stop/want sequence |
| - OPTIM: http: don't stop polling for read on the client side after a request |
| - BUG/MEDIUM: checks: unchecked servers could not be enabled anymore |
| - BUG/MEDIUM: stats: the web interface must check the tracked servers before enabling |
| - BUG/MINOR: channel: CHN_INFINITE_FORWARD must be unsigned |
| - BUG/MINOR: stream-int: do not clear the owner upon unregister |
| - MEDIUM: stats: add support for HTTP keep-alive on the stats page |
| - BUG/MEDIUM: stats: fix HTTP/1.0 breakage introduced in previous patch |
| - Revert "MEDIUM: stats: add support for HTTP keep-alive on the stats page" |
| - MAJOR: channel: add a new flag CF_WAKE_WRITE to notify the task of writes |
| - OPTIM: session: set the READ_DONTWAIT flag when connecting |
| - BUG/MINOR: http: don't clear the SI_FL_DONT_WAKE flag between requests |
| - MINOR: session: factor out the connect time measurement |
| - MEDIUM: session: prepare to support earlier transitions to the established state |
| - MEDIUM: stream-int: make si_connect() return an established state when possible |
| - MINOR: checks: use an inline function for health_adjust() |
| - OPTIM: session: put unlikely() around the freewheeling code |
| - MEDIUM: config: report a warning when multiple servers have the same name |
| - BUG: Revert "OPTIM: poll: restore polling after a poll/stop/want sequence" |
| - BUILD/MINOR: listener: remove a glibc warning on accept4() |
| - BUG/MAJOR: connection: fix mismatch between rcv_buf's API and usage |
| - BUILD: listener: fix recent accept4() again |
| - BUG/MAJOR: ssl: fix breakage caused by recent fix abf08d9 |
| - BUG/MEDIUM: polling: ensure we update FD status when there's no more activity |
| - MEDIUM: listener: fix polling management in the accept loop |
| - MINOR: protocol: improve the proto->drain() API |
| - MINOR: connection: add a new conn_drain() function |
| - MEDIUM: tcp: report in tcp_drain() that lingering is already disabled on close |
| - MEDIUM: connection: update callers of ctrl->drain() to use conn_drain() |
| - MINOR: connection: add more error codes to report connection errors |
| - MEDIUM: tcp: report connection error at the connection level |
| - MEDIUM: checks: make use of chk_report_conn_err() for connection errors |
| - BUG/MEDIUM: unique_id: HTTP request counter is not stable |
| - DOC: fix misleading information about SIGQUIT |
| - BUG/MAJOR: fix freezes during compression |
| - BUG/MEDIUM: stream-interface: don't wake the task up before end of transfer |
| - BUILD: fix VERDATE exclusion regex |
| - CLEANUP: polling: rename "spec_e" to "state" |
| - DOC: add a diagram showing polling state transitions |
| - REORG: polling: rename "spec_e" to "state" and "spec_p" to "cache" |
| - REORG: polling: rename "fd_spec" to "fd_cache" |
| - REORG: polling: rename the cache allocation functions |
| - REORG: polling: rename "fd_process_spec_events()" to "fd_process_cached_events()" |
| - MAJOR: polling: rework the whole polling system |
| - MAJOR: connection: remove the CO_FL_WAIT_{RD,WR} flags |
| - MEDIUM: connection: remove conn_{data,sock}_poll_{recv,send} |
| - MEDIUM: connection: add check for readiness in I/O handlers |
| - MEDIUM: stream-interface: the polling flags must always be updated in chk_snd_conn |
| - MINOR: stream-interface: no need to call fd_stop_both() on error |
| - MEDIUM: connection: no need to recheck FD state |
| - CLEANUP: connection: use conn_ctrl_ready() instead of checking the flag |
| - CLEANUP: connection: use conn_xprt_ready() instead of checking the flag |
| - CLEANUP: connection: fix comments in connection.h to reflect new behaviour. |
| - OPTIM: raw-sock: don't speculate after a short read if polling is enabled |
| - MEDIUM: polling: centralize polled events processing |
| - MINOR: polling: create function fd_compute_new_polled_status() |
| - MINOR: cli: add more information to the "show info" output |
| - MEDIUM: listener: add support for limiting the session rate in addition to the connection rate |
| - MEDIUM: listener: apply a limit on the session rate submitted to SSL |
| - REORG: stats: move the stats socket states to dumpstats.c |
| - MINOR: cli: add the new "show pools" command |
| - BUG/MEDIUM: counters: flush content counters after each request |
| - BUG/MEDIUM: counters: fix stick-table entry leak when using track-sc2 in connection |
| - MINOR: tools: add very basic support for composite pointers |
| - MEDIUM: counters: stop relying on session flags at all |
| - BUG/MINOR: cli: fix missing break in command line parser |
| - BUG/MINOR: config: correctly report when log-format headers require HTTP mode |
| - MAJOR: http: update connection mode configuration |
| - MEDIUM: http: make keep-alive + httpclose be passive mode |
| - MAJOR: http: switch to keep-alive mode by default |
| - BUG/MEDIUM: http: fix regression caused by recent switch to keep-alive by default |
| - BUG/MEDIUM: listener: improve detection of non-working accept4() |
| - BUILD: listener: add fcntl.h and unistd.h |
| - BUG/MINOR: raw_sock: correctly set the MSG_MORE flag |
| |
| 2013/12/17 : 1.5-dev21 |
| - MINOR: stats: don't use a monospace font to report numbers |
| - MINOR: session: remove debugging code |
| - BUG/MAJOR: patterns: fix double free caused by loading strings from files |
| - MEDIUM: http: make option http_proxy automatically rewrite the URL |
| - BUG/MEDIUM: http: cook_cnt() forgets to set its output type |
| - BUG/MINOR: stats: correctly report throttle rate of low weight servers |
| - BUG/MEDIUM: checks: servers must not start in slowstart mode |
| - BUG/MINOR: acl: parser must also stop at comma on ACL-only keywords |
| - MEDIUM: stream-int: implement a very simplistic idle connection manager |
| - DOC: update the ROADMAP file |
| |
| 2013/12/16 : 1.5-dev20 |
| - DOC: add missing options to the manpage |
| - DOC: add manpage references to all system calls |
| - DOC: update manpage reference to haproxy-en.txt |
| - DOC: remove -s and -l options from the manpage |
| - DOC: missing information for the "description" keyword |
| - DOC: missing http-send-name-header keyword in keyword table |
| - MINOR: tools: function my_memmem() to lookup binary contents |
| - MEDIUM: checks: add send/expect tcp based check |
| - MEDIUM: backend: Enhance hash-type directive with an algorithm options |
| - MEDIUM: backend: Implement avalanche as a modifier of the hashing functions. |
| - DOC: Documentation for hashing function, with test results. |
| - BUG/MEDIUM: ssl: potential memory leak using verifyhost |
| - BUILD: ssl: compilation issue with openssl v0.9.6. |
| - BUG/MINOR: ssl: potential memory leaks using ssl_c_key_alg or ssl_c_sig_alg. |
| - MINOR: ssl: optimization of verifyhost on wildcard certificates. |
| - BUG/MINOR: ssl: verifyhost does not match empty strings on wildcard. |
| - MINOR: ssl: Add statement 'verifyhost' to "server" statements |
| - CLEANUP: session: remove event_accept() which was not used anymore |
| - BUG/MINOR: deinit: free fdinfo while doing cleanup |
| - DOC: minor typo fix in documentation |
| - BUG/MEDIUM: server: set the macro for server's max weight SRV_UWGHT_MAX to SRV_UWGHT_RANGE |
| - BUG/MINOR: use the same check condition for server as other algorithms |
| - DOC: fix typo in comments |
| - BUG/MINOR: deinit: free server map which is allocated in init_server_map() |
| - CLEANUP: stream_interface: cleanup loop information in si_conn_send_loop() |
| - MINOR: buffer: align the last output line of buffer_dump() |
| - MINOR: buffer: align the last output line if there are less than 8 characters left |
| - DOC: stick-table: modify the description |
| - OPTIM: stream_interface: return directly if the connection flag CO_FL_ERROR has been set |
| - CLEANUP: code style: use tabs to indent codes |
| - DOC: checkcache: block responses with cacheable cookies |
| - BUG/MINOR: check_config_validity: check the returned value of stktable_init() |
| - MEDIUM: haproxy-systemd-wrapper: Use haproxy in same directory |
| - MEDIUM: systemd-wrapper: Kill child processes when interrupted |
| - LOW: systemd-wrapper: Write debug information to stdout |
| - BUG/MINOR: http: fix "set-tos" not working in certain configurations |
| - MEDIUM: http: add IPv6 support for "set-tos" |
| - DOC: ssl: update build instructions to use new SSL_* variables |
| - BUILD/MINOR: systemd: fix compiler warning about unused result |
| - url32+src - like base32+src but whole url including parameters |
| - BUG/MINOR: fix forcing fastinter in "on-error" |
| - CLEANUP: Make parameters of srv_downtime and srv_getinter const |
| - CLEANUP: Remove unused 'last_slowstart_change' field from struct peer |
| - MEDIUM: Split up struct server's check element |
| - MEDIUM: Move result element to struct check |
| - MEDIUM: Paramatise functions over the check of a server |
| - MEDIUM: cfgparse: Factor out check initialisation |
| - MEDIUM: Add state to struct check |
| - MEDIUM: Move health element to struct check |
| - MEDIUM: Add helper for task creation for checks |
| - MEDIUM: Add helper function for failed checks |
| - MEDIUM: Log agent fail, stopped or down as info |
| - MEDIUM: Remove option lb-agent-chk |
| - MEDIUM: checks: Add supplementary agent checks |
| - MEDIUM: Do not mark a server as down if the agent is unavailable |
| - MEDIUM: Set rise and fall of agent checks to 1 |
| - MEDIUM: Add enable and disable agent unix socket commands |
| - MEDIUM: Add DRAIN state and report it on the stats page |
| - BUILD/MINOR: missing header file |
| - CLEANUP: regex: Create regex_comp function that compiles regex using compilation options |
| - CLEANUP: The function "regex_exec" needs the string length but in many case they expect null terminated char. |
| - MINOR: http: some exported functions were not in the header file |
| - MINOR: http: change url_decode to return the size of the decoded string. |
| - BUILD/MINOR: missing header file |
| - BUG/MEDIUM: sample: The function v4tov6 cannot support input and output overlap |
| - BUG/MINOR: arg: fix error reporting for add-header/set-header sample fetch arguments |
| - MINOR: sample: export the generic sample conversion parser |
| - MINOR: sample: export sample_casts |
| - MEDIUM: acl: use the fetch syntax 'fetch(args),conv(),conv()' into the ACL keyword |
| - MINOR: stick-table: use smp_expr_output_type() to retrieve the output type of a "struct sample_expr" |
| - MINOR: sample: provide the original sample_conv descriptor struct to the argument checker function. |
| - MINOR: tools: Add a function to convert buffer to an ipv6 address |
| - MINOR: acl: export acl arrays |
| - MINOR: acl: Extract the pattern parsing and indexation from the "acl_read_patterns_from_file()" function |
| - MINOR: acl: Extract the pattern matching function |
| - MINOR: sample: Define new struct sample_storage |
| - MEDIUM: acl: associate "struct sample_storage" to each "struct acl_pattern" |
| - REORG: acl/pattern: extract pattern matching from the acl file and create pattern.c |
| - MEDIUM: pattern: create pattern expression |
| - MEDIUM: pattern: rename "acl" prefix to "pat" |
| - MEDIUM: sample: let the cast functions set their output type |
| - MINOR: sample: add a private field to the struct sample_conv |
| - MINOR: map: Define map types |
| - MEDIUM: sample: add the "map" converter |
| - MEDIUM: http: The redirect strings follows the log format rules. |
| - BUG/MINOR: acl: acl parser does not recognize empty converter list |
| - BUG/MINOR: map: The map list was declared in the map.h file |
| - MINOR: map: Cleanup the initialisation of map descriptors. |
| - MEDIUM: map: merge identical maps |
| - BUG/MEDIUM: pattern: Pattern node has type of "struct pat_idx_elt" in place of "struct eb_node" |
| - BUG/MEDIUM: map: Bad map file parser |
| - CLEANUP/MINOR: standard: use the system define INET6_ADDRSTRLEN in place of MAX_IP6_LEN |
| - BUG/MEDIUM: sample: conversion from str to ipv6 may read data past end |
| - MINOR: map: export map_get_reference() function |
| - MINOR: pattern: Each pattern sets the expected input type |
| - MEDIUM: acl: Last patch change the output type |
| - MEDIUM: pattern: Extract the index process from the pat_parse_*() functions |
| - MINOR: standard: The function parse_binary() can use preallocated buffer |
| - MINOR: regex: Change the struct containing regex |
| - MINOR: regex: Copy the original regex expression into string. |
| - MINOR: pattern: add support for compiling patterns for lookups |
| - MINOR: pattern: make the pattern matching function return a pointer to the matched element |
| - MINOR: map: export parse output sample functions |
| - MINOR: pattern: add function to lookup a specific entry in pattern list |
| - MINOR: pattern/map: Each pattern must free the associated sample |
| - MEDIUM: dumpstat: make the CLI parser understand the backslash as an escape char |
| - MEDIUM: map: dynamic manipulation of maps |
| - BUG/MEDIUM: unique_id: junk in log on empty unique_id |
| - BUG/MINOR: log: junk at the end of syslog packet |
| - MINOR: Makefile: provide cscope rule |
| - DOC: compression: chunk are not compressed anymore |
| - MEDIUM: session: disable lingering on the server when the client aborts |
| - BUG/MEDIUM: prevent gcc from moving empty keywords lists into BSS |
| - DOC: remove the comment saying that SSL certs are not checked on the server side |
| - BUG: counters: third counter was not stored if others unset |
| - BUG/MAJOR: http: don't emit the send-name-header when no server is available |
| - BUG/MEDIUM: http: "option checkcache" fails with the no-cache header |
| - BUG/MAJOR: http: sample prefetch code was not properly migrated |
| - BUG/MEDIUM: splicing: fix abnormal CPU usage with splicing |
| - BUG/MINOR: stream_interface: don't call chk_snd() on polled events |
| - OPTIM: splicing: use splice() for the last block when relevant |
| - MEDIUM: sample: handle comma-delimited converter list |
| - MINOR: sample: fix sample_process handling of unstable data |
| - CLEANUP: acl: move the 3 remaining sample fetches to samples.c |
| - MINOR: sample: add a new "date" fetch to return the current date |
| - MINOR: samples: add the http_date([<offset>]) sample converter. |
| - DOC: minor improvements to the part on the stats socket. |
| - MEDIUM: sample: systematically pass the keyword pointer to the keyword |
| - MINOR: payload: split smp_fetch_rdp_cookie() |
| - MINOR: counters: factor out smp_fetch_sc*_tracked |
| - MINOR: counters: provide a generic function to retrieve a stkctr for sc* and src. |
| - MEDIUM: counters: factor out smp_fetch_sc*_get_gpc0 |
| - MEDIUM: counters: factor out smp_fetch_sc*_gpc0_rate |
| - MEDIUM: counters: factor out smp_fetch_sc*_inc_gpc0 |
| - MEDIUM: counters: factor out smp_fetch_sc*_clr_gpc0 |
| - MEDIUM: counters: factor out smp_fetch_sc*_conn_cnt |
| - MEDIUM: counters: factor out smp_fetch_sc*_conn_rate |
| - MEDIUM: counters: factor out smp_fetch_sc*_conn_cur |
| - MEDIUM: counters: factor out smp_fetch_sc*_sess_cnt |
| - MEDIUM: counters: factor out smp_fetch_sc*_sess_rate |
| - MEDIUM: counters: factor out smp_fetch_sc*_http_req_cnt |
| - MEDIUM: counters: factor out smp_fetch_sc*_http_req_rate |
| - MEDIUM: counters: factor out smp_fetch_sc*_http_err_cnt |
| - MEDIUM: counters: factor out smp_fetch_sc*_http_err_rate |
| - MEDIUM: counters: factor out smp_fetch_sc*_kbytes_in |
| - MEDIUM: counters: factor out smp_fetch_sc*_bytes_in_rate |
| - MEDIUM: counters: factor out smp_fetch_sc*_kbytes_out |
| - MEDIUM: counters: factor out smp_fetch_sc*_bytes_out_rate |
| - MEDIUM: counters: factor out smp_fetch_sc*_trackers |
| - MINOR: session: make the number of stick counter entries more configurable |
| - MEDIUM: counters: support passing the counter number as a fetch argument |
| - MEDIUM: counters: support looking up a key in an alternate table |
| - MEDIUM: cli: adjust the method for feeding frequency counters in tables |
| - MINOR: cli: make it possible to enter multiple values at once with "set table" |
| - MINOR: payload: allow the payload sample fetches to retrieve arbitrary lengths |
| - BUG/MINOR: cli: "clear table" must not kill entries that don't match condition |
| - MINOR: ssl: use MAXPATHLEN instead of PATH_MAX |
| - MINOR: config: warn when a server with no specific port uses rdp-cookie |
| - BUG/MEDIUM: unique_id: HTTP request counter must be unique! |
| - DOC: add a mention about the limited chunk size |
| - BUG/MEDIUM: fix broken send_proxy on FreeBSD |
| - MEDIUM: stick-tables: flush old entries upon soft-stop |
| - MINOR: tcp: add new "close" action for tcp-response |
| - MINOR: payload: provide the "res.len" fetch method |
| - BUILD: add SSL_INC/SSL_LIB variables to force the path to openssl |
| - MINOR: http: compute response time before processing headers |
| - BUG/MINOR: acl: fix improper string size assignment in proxy argument |
| - BUG/MEDIUM: http: accept full buffers on smp_prefetch_http |
| - BUG/MINOR: acl: implicit arguments of ACL keywords were not properly resolved |
| - BUG/MEDIUM: session: risk of crash on out of memory conditions |
| - BUG/MINOR: peers: set the accept date in outgoing connections |
| - BUG/MEDIUM: tcp: do not skip tracking rules on second pass |
| - BUG/MEDIUM: acl: do not evaluate next terms after a miss |
| - MINOR: acl: add a warning when an ACL keyword is used without any value |
| - MINOR: tcp: don't use tick_add_ifset() when timeout is known to be set |
| - BUG/MINOR: acl: remove patterns from the tree before freeing them |
| - MEDIUM: backend: add support for the wt6 hash |
| - OPTIM/MEDIUM: epoll: fuse active events into polled ones during polling changes |
| - OPTIM/MINOR: mark the source address as already known on accept() |
| - BUG/MINOR: stats: don't count tarpitted connections twice |
| - CLEANUP: http: homogenize processing of denied req counter |
| - CLEANUP: http: merge error handling for req* and http-request * |
| - BUG/MEDIUM: http: fix possible parser crash when parsing erroneous "http-request redirect" rules |
| - BUG/MINOR: http: fix build warning introduced with url32/url32_src |
| - BUG/MEDIUM: checks: fix slow start regression after fix attempt |
| - BUG/MAJOR: server: weight calculation fails for map-based algorithms |
| - MINOR: stats: report correct throttling percentage for servers in slowstart |
| - OPTIM: connection: fold the error handling with handshake handling |
| - MINOR: peers: accept to learn strings of different lengths |
| - BUG/MAJOR: fix haproxy crash when using server tracking instead of checks |
| - BUG/MAJOR: check: fix haproxy crash during soft-stop/soft-start |
| - BUG/MINOR: stats: do not report "via" on tracking servers in maintenance |
| - BUG/MINOR: connection: fix typo in error message report |
| - BUG/MINOR: backend: fix target address retrieval in transparent mode |
| - BUG/MINOR: config: report the correct track-sc number in tcp-rules |
| - BUG/MINOR: log: fix log-format parsing errors |
| - DOC: add some information about how to apply converters to samples |
| - MINOR: acl/pattern: use types different from int to clarify who does what. |
| - MINOR: pattern: import acl_find_match_name() into pattern.h |
| - MEDIUM: stick-tables: support automatic conversion from ipv4<->ipv6 |
| - MEDIUM: log-format: relax parsing of '%' followed by unsupported characters |
| - BUG/MINOR: http: usual deinit stuff in last commit |
| - BUILD: log: silent a warning about isblank() with latest patches |
| - BUG/MEDIUM: checks: fix health check regression causing them to depend on declaration order |
| - BUG/MEDIUM: checks: fix a long-standing issue with reporting connection errors |
| - BUG/MINOR: checks: don't consider errno and use conn->err_code |
| - BUG/MEDIUM: checks: also update the DRAIN state from the web interface |
| - MINOR: stats: remove some confusion between the DRAIN state and NOLB |
| - BUG/MINOR: tcp: check that no error is pending during a connect probe |
| - BUG/MINOR: connection: check EINTR when sending a PROXY header |
| - MEDIUM: connection: set the socket shutdown flags on socket errors |
| - BUG/MEDIUM: acl: fix regression introduced by latest converters support |
| - MINOR: connection: clear errno prior to checking for errors |
| - BUG/MINOR: checks: do not trust errno in write event before any syscall |
| - MEDIUM: checks: centralize error reporting |
| - OPTIM: checks: don't poll on recv when using plain TCP connects |
| - OPTIM: checks: avoid setting SO_LINGER twice |
| - MINOR: tools: add a generic binary hex string parser |
| - BUG/MEDIUM: checks: tcp-check: do not poll when there's nothing to send |
| - BUG/MEDIUM: check: tcp-check might miss some outgoing data when socket buffers are full |
| - BUG/MEDIUM: args: fix double free on error path in argument expression parser |
| - BUG/MINOR: acl: fix sample expression error reporting |
| - BUG/MINOR: checks: tcp-check actions are enums, not flags |
| - MEDIUM: checks: make tcp-check perform multiple send() at once |
| - BUG/MEDIUM: stick: completely remove the unused flag from the store entries |
| - OPTIM: ebtree: pack the struct eb_node to avoid holes on 64-bit |
| - BUG/MEDIUM: stick-tables: complete the latest fix about store-responses |
| - CLEANUP: stream_interface: remove unused field err_loc |
| - MEDIUM: stats: don't use conn->xprt_st anymore |
| - MINOR: session: add a simple function to retrieve a session from a task |
| - MEDIUM: stats: don't use conn->xprt_ctx anymore |
| - MEDIUM: peers: don't rely on conn->xprt_ctx anymore |
| - MINOR: http: prevent smp_fetch_url_{ip,port} from using si->conn |
| - MINOR: connection: make it easier to emit proxy protocol for unknown addresses |
| - MEDIUM: stats: prepare the HTTP stats I/O handler to support more states |
| - MAJOR: stats: move the HTTP stats handling to its applet |
| - MEDIUM: stats: move request argument processing to the final step |
| - MEDIUM: session: detect applets from the session by using s->target |
| - MAJOR: session: check for a connection to an applet in sess_prepare_conn_req() |
| - MAJOR: session: pass applet return traffic through the response analysers |
| - MEDIUM: stream-int: split the shutr/shutw functions between applet and conn |
| - MINOR: stream-int: make the shutr/shutw functions void |
| - MINOR: obj: provide a safe and an unsafe access to pointed objects |
| - MINOR: connection: add a field to store an object type |
| - MINOR: connection: always initialize conn->objt_type to OBJ_TYPE_CONN |
| - MEDIUM: stream interface: move the peers' ptr into the applet context |
| - MINOR: stream-interface: move the applet context to its own struct |
| - MINOR: obj: introduce a new type appctx |
| - MINOR: stream-int: rename ->applet to ->appctx |
| - MINOR: stream-int: split si_prepare_embedded into si_prepare_none and si_prepare_applet |
| - MINOR: stream-int: add a new pointer to the end point |
| - MEDIUM: stream-interface: set the pointer to the applet into the applet context |
| - MAJOR: stream interface: remove the ->release function pointer |
| - MEDIUM: stream-int: make ->end point to the connection or the appctx |
| - CLEANUP: stream-int: remove obsolete si_ctrl function |
| - MAJOR: stream-int: stop using si->conn and use si->end instead |
| - MEDIUM: stream-int: do not allocate a connection in parallel to applets |
| - MEDIUM: session: attach incoming connection to target on embryonic sessions |
| - MINOR: connection: add conn_init() to (re)initialize a connection |
| - MINOR: checks: call conn_init() to properly initialize the connection. |
| - MINOR: peers: make use of conn_init() to initialize the connection |
| - MINOR: session: use conn_init() to initialize the connections |
| - MINOR: http: use conn_init() to reinitialize the server connection |
| - MEDIUM: connection: replace conn_prepare with conn_assign |
| - MINOR: get rid of si_takeover_conn() |
| - MINOR: connection: add conn_new() / conn_free() |
| - MAJOR: connection: add two new flags to indicate readiness of control/transport |
| - MINOR: stream-interface: introduce si_reset() and si_set_state() |
| - MINOR: connection: reintroduce conn_prepare to set the protocol and transport |
| - MINOR: connection: replace conn_assign with conn_attach |
| - MEDIUM: stream-interface: introduce si_attach_conn to replace si_prepare_conn |
| - MAJOR: stream interface: dynamically allocate the outgoing connection |
| - MEDIUM: connection: move the send_proxy offset to the connection |
| - MINOR: connection: check for send_proxy during the connect(), not the SI |
| - MEDIUM: connection: merge the send_proxy and local_send_proxy calls |
| - MEDIUM: stream-int: replace occurrences of si->appctx with si_appctx() |
| - MEDIUM: stream-int: return the allocated appctx in stream_int_register_handler() |
| - MAJOR: stream-interface: dynamically allocate the applet context |
| - MEDIUM: session: automatically register the applet designated by the target |
| - MEDIUM: stats: delay appctx initialization |
| - CLEANUP: peers: use less confusing state/status code names |
| - MEDIUM: peers: delay appctx initialization |
| - MINOR: stats: provide some appctx information in "show sess all" |
| - DIET/MINOR: obj: pack the obj_type enum to 8 bits |
| - DIET/MINOR: connection: rearrange a few fields to save 8 bytes in the struct |
| - DIET/MINOR: listener: rearrange a few fields in struct listener to save 16 bytes |
| - DIET/MINOR: proxy: rearrange a few fields in struct proxy to save 16 bytes |
| - DIET/MINOR: session: reduce the struct session size by 8 bytes |
| - DIET/MINOR: stream-int: rearrange a few fields in struct stream_interface to save 8 bytes |
| - DIET/MINOR: http: reduce the size of struct http_txn by 8 bytes |
| - MINOR: http: switch the http state to an enum |
| - MINOR: http: use an enum for the auth method in http_auth_data |
| - DIET/MINOR: task: reduce struct task size by 8 bytes |
| - MINOR: stream_interface: add reporting of ressouce allocation errors |
| - MINOR: session: report lack of resources using the new stream-interface's error code |
| - BUILD: simplify the date and version retrieval in the makefile |
| - BUILD: prepare the makefile to skip format lines in SUBVERS and VERDATE |
| - BUILD: use format tags in VERDATE and SUBVERS files |
| - BUG/MEDIUM: channel: bo_getline() must wait for \n until buffer is full |
| - CLEANUP: check: server port is unsigned |
| - BUG/MEDIUM: checks: agent doesn't get the response if server does not closes |
| - MINOR: tools: buf2ip6 must not modify output on failure |
| - MINOR: pattern: do not assign SMP_TYPES by default to patterns |
| - MINOR: sample: make sample_parse_expr() use memprintf() to report parse errors |
| - MINOR: arg: improve wording on error reporting |
| - BUG/MEDIUM: sample: simplify and fix the argument parsing |
| - MEDIUM: acl: fix the argument parser to let the lower layer report detailed errors |
| - MEDIUM: acl: fix the initialization order of the ACL expression |
| - CLEANUP: acl: remove useless blind copy-paste from sample converters |
| - TESTS: add regression tests for ACL and sample expression parsers |
| - BUILD: time: adapt the type of TV_ETERNITY to the local system |
| - MINOR: chunks: allocate the trash chunks before parsing the config |
| - BUILD: definitely silence some stupid GCC warnings |
| - MINOR: chunks: always initialize the output chunk in get_trash_chunk() |
| - MINOR: checks: improve handling of the servers tracking chain |
| - REORG: checks: retrieve the check-specific defines from server.h to checks.h |
| - MINOR: checks: use an enum instead of flags to report a check result |
| - MINOR: checks: rename the state flags |
| - MINOR: checks: replace state DISABLED with CONFIGURED and ENABLED |
| - MINOR: checks: use check->state instead of srv->state & SRV_CHECKED |
| - MINOR: checks: fix agent check interval computation |
| - MINOR: checks: add a PAUSED state for the checks |
| - MINOR: checks: create the agent tasks even when no check is configured |
| - MINOR: checks: add a flag to indicate what check is an agent |
| - MEDIUM: checks: enable agent checks even if health checks are disabled |
| - BUG/MEDIUM: checks: ensure we can enable a server after boot |
| - BUG/MEDIUM: checks: tracking servers must not inherit the MAINT flag |
| - BUG/MAJOR: session: repair tcp-request connection rules |
| - BUILD: fix SUBVERS extraction in the Makefile |
| - BUILD: pattern: silence a warning about uninitialized value |
| - BUILD: log: fix build warning on Solaris |
| - BUILD: dumpstats: fix build error on Solaris |
| - DOC: move option pgsql-check to the correct place |
| - DOC: move option tcp-check to the proper place |
| - MINOR: connection: add simple functions to report connection readiness |
| - MEDIUM: connection: centralize handling of nolinger in fd management |
| - OPTIM: http: set CF_READ_DONTWAIT on response message |
| - OPTIM: http: do not re-enable reading on client side while closing the server side |
| - MINOR: config: add option http-keep-alive |
| - MEDIUM: connection: inform si_alloc_conn() whether existing conn is OK or not |
| - MAJOR: stream-int: handle the connection reuse in si_connect() |
| - MAJOR: http: add the keep-alive transition on the server side |
| - MAJOR: backend: enable connection reuse |
| - MINOR: http: add option prefer-last-server |
| - MEDIUM: http: do not report connection errors for second and further requests |
| |
| 2013/06/17 : 1.5-dev19 |
| - MINOR: stats: remove the autofocus on the scope input field |
| - BUG/MEDIUM: Fix crt-list file parsing error: filtered name was ignored. |
| - BUG/MEDIUM: ssl: EDH ciphers are not usable if no DH parameters present in pem file. |
| - BUG/MEDIUM: shctx: makes the code independent on SSL runtime version. |
| - MEDIUM: ssl: improve crt-list format to support negation |
| - BUG: ssl: fix crt-list for clients not supporting SNI |
| - MINOR: stats: show soft-stopped servers in different color |
| - BUG/MINOR: config: "source" does not work in defaults section |
| - BUG: regex: fix pcre compile error when using JIT |
| - MINOR: ssl: add pattern fetch 'ssl_c_sha1' |
| - BUG: ssl: send payload gets corrupted if tune.ssl.maxrecord is used |
| - MINOR: show PCRE version and JIT status in -vv |
| - BUG/MINOR: jit: don't rely on USE flag to detect support |
| - DOC: readme: add suggestion to link against static openssl |
| - DOC: examples: provide simplified ssl configuration |
| - REORG: tproxy: prepare the transparent proxy defines for accepting other OSes |
| - MINOR: tproxy: add support for FreeBSD |
| - MINOR: tproxy: add support for OpenBSD |
| - DOC: examples: provide an example of transparent proxy configuration for FreeBSD 8 |
| - CLEANUP: fix minor typo in error message. |
| - CLEANUP: fix missing include <string.h> in proto/listener.h |
| - CLEANUP: protect checks.h from multiple inclusions |
| - MINOR: compression: acl "res.comp" and fetch "res.comp_algo" |
| - BUG/MINOR: http: add-header/set-header did not accept the ACL condition |
| - BUILD: mention in the Makefile that USE_PCRE_JIT is for libpcre >= 8.32 |
| - BUG/MEDIUM: splicing is broken since 1.5-dev12 |
| - BUG/MAJOR: acl: add implicit arguments to the resolve list |
| - BUG/MINOR: tcp: fix error reporting for TCP rules |
| - CLEANUP: peers: remove a bit of spaghetti to prepare for the next bugfix |
| - MINOR: stick-table: allow to allocate an entry without filling it |
| - BUG/MAJOR: peers: fix an overflow when syncing strings larger than 16 bytes |
| - MINOR: session: only call http_send_name_header() when changing the server |
| - MINOR: tcp: report the erroneous word in tcp-request track* |
| - BUG/MAJOR: backend: consistent hash can loop forever in certain circumstances |
| - BUG/MEDIUM: log: fix regression on log-format handling |
| - MEDIUM: log: report file name, line number, and directive name with log-format errors |
| - BUG/MINOR: cli: "clear table" did not work anymore without a key |
| - BUG/MINOR: cli: "clear table xx data.xx" does not work anymore |
| - BUG/MAJOR: http: compression still has defects on chunked responses |
| - BUG/MINOR: stats: fix confirmation links on the stats interface |
| - BUG/MINOR: stats: the status bar does not appear anymore after a change |
| - BUG/MEDIUM: stats: allocate the stats frontend also on "stats bind-process" |
| - BUG/MEDIUM: stats: fix a regression when dealing with POST requests |
| - BUG/MINOR: fix unterminated ACL array in compression |
| - BUILD: last fix broke non-linux platforms |
| - MINOR: init: indicate the SSL runtime version on -vv. |
| - BUG/MEDIUM: compression: the deflate algorithm must use global settings as well |
| - BUILD: stdbool is not portable (again) |
| - DOC: readme: add a small reminder about restrictions to respect in the code |
| - MINOR: ebtree: add new eb_next_dup/eb_prev_dup() functions to visit duplicates |
| - BUG/MINOR: acl: fix a double free during exit when using PCRE_JIT |
| - DOC: fix wrong copy-paste in the rspdel example |
| - MINOR: counters: make it easier to extend the amount of tracked counters |
| - MEDIUM: counters: add support for tracking a third counter |
| - MEDIUM: counters: add a new "gpc0_rate" counter in stick-tables |
| - BUG/MAJOR: http: always ensure response buffer has some room for a response |
| - MINOR: counters: add fetch/acl sc*_tracked to indicate whether a counter is tracked |
| - MINOR: defaults: allow REQURI_LEN and CAPTURE_LEN to be redefined |
| - MINOR: log: add a new flag 'L' for locally processed requests |
| - MINOR: http: add full-length header fetch methods |
| - MEDIUM: protocol: implement a "drain" function in protocol layers |
| - MEDIUM: http: add a new "http-response" ruleset |
| - MEDIUM: http: add the "set-nice" action to http-request and http-response |
| - MEDIUM: log: add a log level override value in struct session |
| - MEDIUM: http: add support for action "set-log-level" in http-request/http-response |
| - MEDIUM: http: add support for "set-tos" in http-request/http-response |
| - MEDIUM: http: add the "set-mark" action on http-request/http-response rules |
| - MEDIUM: tcp: add "tcp-request connection expect-proxy layer4" |
| - MEDIUM: acl: automatically detect the type of certain fetches |
| - MEDIUM: acl: remove a lot of useless ACLs that are equivalent to their fetches |
| - MEDIUM: acl: remove 15 additional useless ACLs that are equivalent to their fetches |
| - DOC: major reorg of ACL + sample fetch |
| - CLEANUP: http: remove the bogus urlp_ip ACL match |
| - MINOR: acl: add the new "env()" fetch method to retrieve an environment variable |
| - BUG/MINOR: acl: correctly consider boolean fetches when doing casts |
| - BUG/CRITICAL: fix a possible crash when using negative header occurrences |
| - DOC: update ROADMAP file |
| - MEDIUM: counters: use sc0/sc1/sc2 instead of sc1/sc2/sc3 |
| - MEDIUM: stats: add proxy name filtering on the statistic page |
| |
| 2013/04/03 : 1.5-dev18 |
| - DOCS: Add explanation of intermediate certs to crt paramater |
| - DOC: typo and minor fixes in compression paragraph |
| - MINOR: config: http-request configuration error message misses new keywords |
| - DOC: minor typo fix in documentation |
| - BUG/MEDIUM: ssl: ECDHE ciphers not usable without named curve configured. |
| - MEDIUM: ssl: add bind-option "strict-sni" |
| - MEDIUM: ssl: add mapping from SNI to cert file using "crt-list" |
| - MEDIUM: regex: Use PCRE JIT in acl |
| - DOC: simplify bind option "interface" explanation |
| - DOC: tfo: bump required kernel to linux-3.7 |
| - BUILD: add explicit support for TFO with USE_TFO |
| - MEDIUM: New cli option -Ds for systemd compatibility |
| - MEDIUM: add haproxy-systemd-wrapper |
| - MEDIUM: add systemd service |
| - BUG/MEDIUM: systemd-wrapper: don't leak zombie processes |
| - BUG/MEDIUM: remove supplementary groups when changing gid |
| - BUG/MEDIUM: config: fix parser crash with bad bind or server address |
| - BUG/MINOR: Correct logic in cut_crlf() |
| - CLEANUP: checks: Make desc argument to set_server_check_status const |
| - CLEANUP: dumpstats: Make cli_release_handler() static |
| - MEDIUM: server: Break out set weight processing code |
| - MEDIUM: server: Allow relative weights greater than 100% |
| - MEDIUM: server: Tighten up parsing of weight string |
| - MEDIUM: checks: Add agent health check |
| - BUG/MEDIUM: ssl: openssl 0.9.8 doesn't open /dev/random before chroot |
| - BUG/MINOR: time: frequency counters are not totally accurate |
| - BUG/MINOR: http: don't process abortonclose when request was sent |
| - BUG/MEDIUM: stream_interface: don't close outgoing connections on shutw() |
| - BUG/MEDIUM: checks: ignore late resets after valid responses |
| - DOC: fix bogus recommendation on usage of gpc0 counter |
| - BUG/MINOR: http-compression: lookup Cache-Control in the response, not the request |
| - MINOR: signal: don't block SIGPROF by default |
| - OPTIM: epoll: make use of EPOLLRDHUP |
| - OPTIM: splice: detect shutdowns and avoid splice() == 0 |
| - OPTIM: splice: assume by default that splice is working correctly |
| - BUG/MINOR: log: temporary fix for lost SSL info in some situations |
| - BUG/MEDIUM: peers: only the last peers section was used by tables |
| - BUG/MEDIUM: config: verbosely reject peers sections with multiple local peers |
| - BUG/MINOR: epoll: use a fix maxevents argument in epoll_wait() |
| - BUG/MINOR: config: fix improper check for failed memory alloc in ACL parser |
| - BUG/MINOR: config: free peer's address when exiting upon parsing error |
| - BUG/MINOR: config: check the proper variable when parsing log minlvl |
| - BUG/MEDIUM: checks: ensure the health_status is always within bounds |
| - BUG/MINOR: cli: show sess should always validate s->listener |
| - BUG/MINOR: log: improper NULL return check on utoa_pad() |
| - CLEANUP: http: remove a useless null check |
| - CLEANUP: tcp/unix: remove useless NULL check in {tcp,unix}_bind_listener() |
| - BUG/MEDIUM: signal: signal handler does not properly check for signal bounds |
| - BUG/MEDIUM: tools: off-by-one in quote_arg() |
| - BUG/MEDIUM: uri_auth: missing NULL check and memory leak on memory shortage |
| - BUG/MINOR: unix: remove the 'level' field from the ux struct |
| - CLEANUP: http: don't try to deinitialize http compression if it fails before init |
| - CLEANUP: config: slowstart is never negative |
| - CLEANUP: config: maxcompcpuusage is never negative |
| - BUG/MEDIUM: log: emit '-' for empty fields again |
| - BUG/MEDIUM: checks: fix a race condition between checks and observe layer7 |
| - BUILD: fix a warning emitted by isblank() on non-c99 compilers |
| - BUILD: improve the makefile's support for libpcre |
| - MEDIUM: halog: add support for counting per source address (-ic) |
| - MEDIUM: tools: make str2sa_range support all address syntaxes |
| - MEDIUM: config: make use of str2sa_range() instead of str2sa() |
| - MEDIUM: config: use str2sa_range() to parse server addresses |
| - MEDIUM: config: use str2sa_range() to parse peers addresses |
| - MINOR: tests: add a config file to ease address parsing tests. |
| - MINOR: ssl: add a global tunable for the max SSL/TLS record size |
| - BUG/MINOR: syscall: fix NR_accept4 system call on sparc/linux |
| - BUILD/MINOR: syscall: add definition of NR_accept4 for ARM |
| - MINOR: config: report missing peers section name |
| - BUG/MEDIUM: tools: fix bad character handling in str2sa_range() |
| - BUG/MEDIUM: stats: never apply "unix-bind prefix" to the global stats socket |
| - MINOR: tools: prepare str2sa_range() to return an error message |
| - BUG/MEDIUM: checks: don't call connect() on unsupported address families |
| - MINOR: tools: prepare str2sa_range() to accept a prefix |
| - MEDIUM: tools: make str2sa_range() parse unix addresses too |
| - MEDIUM: config: make str2listener() use str2sa_range() to parse unix addresses |
| - MEDIUM: config: use a single str2sa_range() call to parse bind addresses |
| - MEDIUM: config: use str2sa_range() to parse log addresses |
| - CLEANUP: tools: remove str2sun() which is not used anymore. |
| - MEDIUM: config: add complete support for str2sa_range() in dispatch |
| - MEDIUM: config: add complete support for str2sa_range() in server addr |
| - MEDIUM: config: add complete support for str2sa_range() in 'server' |
| - MEDIUM: config: add complete support for str2sa_range() in 'peer' |
| - MEDIUM: config: add complete support for str2sa_range() in 'source' and 'usesrc' |
| - CLEANUP: minor cleanup in str2sa_range() and str2ip() |
| - CLEANUP: config: do not use multiple errmsg at once |
| - MEDIUM: tools: support specifying explicit address families in str2sa_range() |
| - MAJOR: listener: support inheriting a listening fd from the parent |
| - MAJOR: tools: support environment variables in addresses |
| - BUG/MEDIUM: http: add-header should not emit "-" for empty fields |
| - BUG/MEDIUM: config: ACL compatibility check on "redirect" was wrong |
| - BUG/MEDIUM: http: fix another issue caused by http-send-name-header |
| - DOC: mention the new HTTP 307 and 308 redirect statues |
| - MEDIUM: poll: do not use FD_* macros anymore |
| - BUG/MAJOR: ev_select: disable the select() poller if maxsock > FD_SETSIZE |
| - BUG/MINOR: acl: ssl_fc_{alg,use}_keysize must parse integers, not strings |
| - BUG/MINOR: acl: ssl_c_used, ssl_fc{,_has_crt,_has_sni} take no pattern |
| - BUILD: fix usual isdigit() warning on solaris |
| - BUG/MEDIUM: tools: vsnprintf() is not always reliable on Solaris |
| - OPTIM: buffer: remove one jump in buffer_count() |
| - OPTIM: http: improve branching in chunk size parser |
| - OPTIM: http: optimize the response forward state machine |
| - BUILD: enable poll() by default in the makefile |
| - BUILD: add explicit support for Mac OS/X |
| - BUG/MAJOR: http: use a static storage for sample fetch context |
| - BUG/MEDIUM: ssl: improve error processing and reporting in ssl_sock_load_cert_list_file() |
| - BUG/MAJOR: http: fix regression introduced by commit a890d072 |
| - BUG/MAJOR: http: fix regression introduced by commit d655ffe |
| - BUG/CRITICAL: using HTTP information in tcp-request content may crash the process |
| - MEDIUM: acl: remove flag ACL_MAY_LOOKUP which is improperly used |
| - MEDIUM: samples: use new flags to describe compatibility between fetches and their usages |
| - MINOR: log: indicate it when some unreliable sample fetches are logged |
| - MEDIUM: samples: move payload-based fetches and ACLs to their own file |
| - MINOR: backend: rename sample fetch functions and declare the sample keywords |
| - MINOR: frontend: rename sample fetch functions and declare the sample keywords |
| - MINOR: listener: rename sample fetch functions and declare the sample keywords |
| - MEDIUM: http: unify acl and sample fetch functions |
| - MINOR: session: rename sample fetch functions and declare the sample keywords |
| - MAJOR: acl: make all ACLs reference the fetch function via a sample. |
| - MAJOR: acl: remove the arg_mask from the ACL definition and use the sample fetch's |
| - MAJOR: acl: remove fetch argument validation from the ACL struct |
| - MINOR: http: add new direction-explicit sample fetches for headers and cookies |
| - MINOR: payload: add new direction-explicit sample fetches |
| - CLEANUP: acl: remove ACL hooks which were never used |
| - MEDIUM: proxy: remove acl_requires and just keep a flag "http_needed" |
| - MINOR: sample: provide a function to report the name of a sample check point |
| - MAJOR: acl: convert all ACL requires to SMP use+val instead of ->requires |
| - CLEANUP: acl: remove unused references to ACL_USE_* |
| - MINOR: http: replace acl_parse_ver with acl_parse_str |
| - MEDIUM: acl: move the ->parse, ->match and ->smp fields to acl_expr |
| - MAJOR: acl: add option -m to change the pattern matching method |
| - MINOR: acl: remove the use_count in acl keywords |
| - MEDIUM: acl: have a pointer to the keyword name in acl_expr |
| - MEDIUM: acl: support using sample fetches directly in ACLs |
| - MEDIUM: http: remove val_usr() to validate user_lists |
| - MAJOR: sample: maintain a per-proxy list of the fetch args to resolve |
| - MINOR: ssl: add support for the "alpn" bind keyword |
| - MINOR: http: status code 303 is HTTP/1.1 only |
| - MEDIUM: http: implement redirect 307 and 308 |
| - MINOR: http: status 301 should not be marked non-cacheable |
| |
| 2012/12/28 : 1.5-dev17 |
| - MINOR: ssl: Setting global tune.ssl.cachesize value to 0 disables SSL session cache. |
| - BUG/MEDIUM: stats: fix stats page regression introduced by commit 20b0de5 |
| - BUG/MINOR: stats: last fix was still wrong |
| - BUG/MINOR: stats: http-request rules still don't cope with stats |
| - BUG/MINOR: http: http-request add-header emits a corrupted header |
| - BUG/MEDIUM: stats: disable request analyser when processing POST or HEAD |
| - BUG/MINOR: log: make log-format, unique-id-format and add-header more independant |
| - BUILD: log: unused variable svid |
| - CLEANUP: http: rename the misleading http_check_access_rule |
| - MINOR: http: move redirect rule processing to its own function |
| - REORG: config: move the http redirect rule parser to proto_http.c |
| - MEDIUM: http: add support for "http-request redirect" rules |
| - MEDIUM: http: add support for "http-request tarpit" rule |
| |
| 2012/12/24 : 1.5-dev16 |
| - BUG/MEDIUM: ssl: Prevent ssl error from affecting other connections. |
| - BUG/MINOR: ssl: error is not reported if it occurs simultaneously with peer close detection. |
| - MINOR: ssl: add fetch and acl "ssl_c_used" to check if current SSL session uses a client certificate. |
| - MINOR: contrib: make the iprange tool grep for addresses |
| - CLEANUP: polling: gcc doesn't always optimize constants away |
| - OPTIM: poll: optimize fd management functions for low register count CPUs |
| - CLEANUP: poll: remove a useless double-check on fdtab[fd].owner |
| - OPTIM: epoll: use a temp variable for intermediary flag computations |
| - OPTIM: epoll: current fd does not count as a new one |
| - BUG/MINOR: poll: the I/O handler was called twice for polled I/Os |
| - MINOR: http: make resp_ver and status ACLs check for the presence of a response |
| - BUG/MEDIUM: stream-interface: fix possible stalls during transfers |
| - BUG/MINOR: stream_interface: don't return when the fd is already set |
| - BUG/MEDIUM: connection: always update connection flags prior to computing polling |
| - CLEANUP: buffer: use buffer_empty() instead of buffer_len()==0 |
| - BUG/MAJOR: stream_interface: fix occasional data transfer freezes |
| - BUG/MEDIUM: stream_interface: fix another case where the reader might not be woken up |
| - BUG/MINOR: http: don't abort client connection on premature responses |
| - BUILD: no need to clean up when making git-tar |
| - MINOR: log: add a tag for amount of bytes uploaded from client to server |
| - BUG/MEDIUM: log: fix possible segfault during config parsing |
| - MEDIUM: log: change a few log tokens to make them easier to remember |
| - BUG/MINOR: log: add_to_logformat_list() used the wrong constants |
| - MEDIUM: log-format: make the format parser more robust and more extensible |
| - MINOR: sample: support cast from bool to string |
| - MINOR: samples: add a function to fetch and convert any sample to a string |
| - MINOR: log: add lf_text_len |
| - MEDIUM: log: add the ability to include samples in logs |
| - REORG: stats: massive code reorg and cleanup |
| - REORG: stats: move the HTTP header injection to proto_http |
| - REORG: stats: functions are now HTTP/CLI agnostic |
| - BUG/MINOR: log: fix regression introduced by commit 8a3f52 |
| - MINOR: chunks: centralize the trash chunk allocation |
| - MEDIUM: stats: use hover boxes instead of title to report details |
| - MEDIUM: stats: use multi-line tips to display detailed counters |
| - MINOR: tools: simplify the use of the int to ascii macros |
| - MINOR: stats: replace STAT_FMT_CSV with STAT_FMT_HTML |
| - MINOR: http: prepare to support more http-request actions |
| - MINOR: log: make parse_logformat_string() take a const char * |
| - MEDIUM: http: add http-request 'add-header' and 'set-header' to build headers |
| |
| 2012/12/12 : 1.5-dev15 |
| - DOC: add a few precisions on compression |
| - BUG/MEDIUM: ssl: Fix handshake failure on session resumption with client cert. |
| - BUG/MINOR: ssl: One free session in cache remains unused. |
| - BUG/MEDIUM: ssl: first outgoing connection would fail with {ca,crt}-ignore-err |
| - MEDIUM: ssl: manage shared cache by blocks for huge sessions. |
| - MINOR: acl: add fetch for server session rate |
| - BUG/MINOR: compression: Content-Type is case insensitive |
| - MINOR: compression: disable on multipart or status != 200 |
| - BUG/MINOR: http: don't report client aborts as server errors |
| - MINOR: stats: compute the ratio of compressed response based on 2xx responses |
| - MINOR: http: factor out the content-type checks |
| - BUG/MAJOR: stats: correctly check for a possible divide error when showing compression ratios |
| - BUILD: ssl: OpenSSL 0.9.6 has no renegociation |
| - BUG/MINOR: http: disable compression when message has no body |
| - MINOR: compression: make the stats a bit more robust |
| - BUG/MEDIUM: comp: DEFAULT_MAXZLIBMEM was expressed in bytes and not megabytes |
| - MINOR: connection: don't remove failed handshake flags |
| - MEDIUM: connection: add an error code in connections |
| - MEDIUM: connection: add minimal error reporting in logs for incomplete connections |
| - MEDIUM: connection: add error reporting for the PROXY protocol header |
| - MEDIUM: connection: add error reporting for the SSL |
| - DOC: document the connection error format in logs |
| - BUG/MINOR: http: don't log a 503 on client errors while waiting for requests |
| - BUILD: stdbool is not portable |
| - BUILD: ssl: NAME_MAX is not portable, use MAXPATHLEN instead |
| - BUG/MAJOR: raw_sock: must check error code on hangup |
| - BUG/MAJOR: polling: do not set speculative events on ERR nor HUP |
| - BUG/MEDIUM: session: fix FD leak when transport layer logging is enabled |
| - MINOR: stats: add a few more information on session dump |
| - BUG/MINOR: tcp: set the ADDR_TO_SET flag on outgoing connections |
| - CLEANUP: connection: remove unused server/proxy/task/si_applet declarations |
| - BUG/MEDIUM: tcp: process could theorically crash on lack of source ports |
| - MINOR: cfgparse: mention "interface" in the list of allowed "source" options |
| - MEDIUM: connection: introduce "struct conn_src" for servers and proxies |
| - CLEANUP: proto_tcp: use the same code to bind servers and backends |
| - CLEANUP: backend: use the same tproxy address selection code for servers and backends |
| - BUG/MEDIUM: stick-tables: conversions to strings were broken in dev13 |
| - MEDIUM: proto_tcp: add support for tracking L7 information |
| - MEDIUM: counters: add sc1_trackers/sc2_trackers |
| - MINOR: http: add the "base32" pattern fetch function |
| - MINOR: http: add the "base32+src" fetch method. |
| - CLEANUP: session: use an array for the stick counters |
| - BUG/MINOR: proto_tcp: fix parsing of "table" in track-sc1/2 |
| - BUG/MINOR: proto_tcp: bidirectional fetches not supported anymore in track-sc1/2 |
| - BUG/MAJOR: connection: always recompute polling status upon I/O |
| - BUG/MINOR: connection: remove a few synchronous calls to polling updates |
| - MINOR: config: improve error checking on TCP stick-table tracking |
| - DOC: add some clarifications to the readme |
| |
| 2012/11/26 : 1.5-dev14 |
| - DOC: fix minor typos |
| - BUG/MEDIUM: compression: does not forward trailers |
| - MINOR: buffer_dump with ASCII |
| - BUG/MEDIUM: checks: mark the check as stopped after a connect error |
| - BUG/MEDIUM: checks: ensure we completely disable polling upon success |
| - BUG/MINOR: checks: don't mark the FD as closed before transport close |
| - MEDIUM: checks: avoid accumulating TIME_WAITs during checks |
| - MINOR: cli: report the msg state in full text in "show sess $PTR" |
| - CLEANUP: checks: rename some server check flags |
| - MAJOR: checks: rework completely bogus state machine |
| - BUG/MINOR: checks: slightly clean the state machine up |
| - MEDIUM: checks: avoid waking the application up for pure TCP checks |
| - MEDIUM: checks: close the socket as soon as we have a response |
| - BUG/MAJOR: checks: close FD on all timeouts |
| - MINOR: checks: fix recv polling after connect() |
| - MEDIUM: connection: provide a common conn_full_close() function |
| - BUG/MEDIUM: checks: prevent TIME_WAITs from appearing also on timeouts |
| - BUG/MAJOR: peers: the listener's maxaccept was not set and caused loops |
| - MINOR: listeners: make the accept loop more robust when maxaccept==0 |
| - BUG/MEDIUM: acl: correctly resolve all args, not just the first one |
| - BUG/MEDIUM: acl: make prue_acl_expr() correctly free ACL expressions upon exit |
| - BUG/MINOR: stats: fix inversion of the report of a check in progress |
| - MEDIUM: tcp: add explicit support for delayed ACK in connect() |
| - BUG/MEDIUM: connection: always disable polling upon error |
| - MINOR: connection: abort earlier when errors are detected |
| - BUG/MEDIUM: checks: report handshake failures |
| - BUG/MEDIUM: connection: local_send_proxy must wait for connection to establish |
| - MINOR: tcp: add support for the "v6only" bind option |
| - MINOR: stats: also report the computed compression savings in html stats |
| - MINOR: stats: report the total number of compressed responses per front/back |
| - MINOR: tcp: add support for the "v4v6" bind option |
| - DOC: stats: document the comp_rsp stats column |
| - BUILD: buffer: fix another isprint() warning on solaris |
| - MINOR: cli: add support for the "show sess all" command |
| - BUG/MAJOR: cli: show sess <id> may randomly corrupt the back-ref list |
| - MINOR: cli: improve output format for show sess $ptr |
| |
| 2012/11/22 : 1.5-dev13 |
| - BUILD: fix build issue without USE_OPENSSL |
| - BUILD: fix compilation error with DEBUG_FULL |
| - DOC: ssl: remove prefer-server-ciphers documentation |
| - DOC: ssl: surround keywords with quotes |
| - DOC: fix minor typo on http-send-name-header |
| - BUG/MEDIUM: acls using IPv6 subnets patterns incorrectly match IPs |
| - BUG/MAJOR: fix a segfault on option http_proxy and url_ip acl |
| - MEDIUM: http: accept IPv6 values with (s)hdr_ip acl |
| - BUILD: report zlib support in haproxy -vv |
| - DOC: compression: add some details and clean up the formatting |
| - DOC: Change is_ssl acl to ssl_fc acl in example |
| - DOC: make it clear what the HTTP request size is |
| - MINOR: ssl: try to load Diffie-Hellman parameters from cert file |
| - DOC: ssl: update 'crt' statement on 'bind' about Diffie-Hellman parameters loading |
| - MINOR: ssl: add elliptic curve Diffie-Hellman support for ssl key generation |
| - DOC: ssl: add 'ecdhe' statement on 'bind' |
| - MEDIUM: ssl: add client certificate authentication support |
| - DOC: ssl: add 'verify', 'cafile' and 'crlfile' statements on 'bind' |
| - MINOR: ssl: add fetch and ACL 'client_crt' to test a client cert is present |
| - DOC: ssl: add fetch and ACL 'client_cert' |
| - MINOR: ssl: add ignore verify errors options |
| - DOC: ssl: add 'ca-ignore-err' and 'crt-ignore-err' statements on 'bind' |
| - MINOR: ssl: add fetch and ACL 'ssl_verify_result' |
| - DOC: ssl: add fetch and ACL 'ssl_verify_result' |
| - MINOR: ssl: add fetches and ACLs to return verify errors |
| - DOC: ssl: add fetches and ACLs 'ssl_verify_crterr', 'ssl_verify_caerr', and 'ssl_verify_crterr_depth' |
| - MINOR: ssl: disable shared memory and locks on session cache if nbproc == 1 |
| - MINOR: ssl: add build param USE_PRIVATE_CACHE to build cache without shared memory |
| - MINOR: ssl : add statements 'notlsv11' and 'notlsv12' and rename 'notlsv1' to 'notlsv10'. |
| - DOC: ssl : add statements 'notlsv11' and 'notlsv12' and rename 'notlsv1' to 'notlsv10'. |
| - MEDIUM: config: authorize frontend and listen without bind. |
| - MINOR: ssl: add statement 'no-tls-tickets' on bind to disable stateless session resumption |
| - DOC: ssl: add 'no-tls-tickets' statement documentation. |
| - BUG/MINOR: ssl: Fix CRL check was not enabled when crlfile was specified. |
| - BUG/MINOR: build: Fix compilation issue on openssl 0.9.6 due to missing CRL feature. |
| - BUG/MINOR: conf: Fix 'maxsslconn' statement error if built without OPENSSL. |
| - BUG/MINOR: build: Fix failure with USE_OPENSSL=1 and USE_FUTEX=1 on archs i486 and i686. |
| - MINOR: ssl: remove prefer-server-ciphers statement and set it as the default on ssl listeners. |
| - BUG/MEDIUM: ssl: subsequent handshakes fail after server configuration changes |
| - MINOR: ssl: add 'crt-base' and 'ca-base' global statements. |
| - MEDIUM: conf: rename 'nosslv3' and 'notlsvXX' statements 'no-sslv3' and 'no-tlsvXX'. |
| - MEDIUM: conf: rename 'cafile' and 'crlfile' statements 'ca-file' and 'crl-file' |
| - MINOR: ssl: use bit fields to store ssl options instead of one int each |
| - MINOR: ssl: add 'force-sslv3' and 'force-tlsvXX' statements on bind. |
| - MINOR: ssl: add 'force-sslv3' and 'force-tlsvXX' statements on server |
| - MINOR: ssl: add defines LISTEN_DEFAULT_CIPHERS and CONNECT_DEFAULT_CIPHERS. |
| - BUG/MINOR: ssl: Fix issue on server statements 'no-tls*' and 'no-sslv3' |
| - MINOR: ssl: move ssl context init for servers from cfgparse.c to ssl_sock.c |
| - MEDIUM: ssl: reject ssl server keywords in default-server statement |
| - MINOR: ssl: add statement 'no-tls-tickets' on server side. |
| - MINOR: ssl: add statements 'verify', 'ca-file' and 'crl-file' on servers. |
| - DOC: Fix rename of options cafile and crlfile to ca-file and crl-file. |
| - MINOR: sample: manage binary to string type convertion in stick-table and samples. |
| - MINOR: acl: add parse and match primitives to use binary type on ACLs |
| - MINOR: sample: export 'sample_get_trash_chunk(void)' |
| - MINOR: conf: rename all ssl modules fetches using prefix 'ssl_fc' and 'ssl_c' |
| - MINOR: ssl: add pattern and ACLs fetches 'ssl_fc_protocol', 'ssl_fc_cipher', 'ssl_fc_use_keysize' and 'ssl_fc_alg_keysize' |
| - MINOR: ssl: add pattern fetch 'ssl_fc_session_id' |
| - MINOR: ssl: add pattern and ACLs fetches 'ssl_c_version' and 'ssl_f_version' |
| - MINOR: ssl: add pattern and ACLs fetches 'ssl_c_s_dn', 'ssl_c_i_dn', 'ssl_f_s_dn' and 'ssl_c_i_dn' |
| - MINOR: ssl: add pattern and ACLs 'ssl_c_sig_alg' and 'ssl_f_sig_alg' |
| - MINOR: ssl: add pattern and ACLs fetches 'ssl_c_key_alg' and 'ssl_f_key_alg' |
| - MINOR: ssl: add pattern and ACLs fetches 'ssl_c_notbefore', 'ssl_c_notafter', 'ssl_f_notbefore' and 'ssl_f_notafter' |
| - MINOR: ssl: add 'crt' statement on server. |
| - MINOR: ssl: checks the consistency of a private key with the corresponding certificate |
| - BUG/MEDIUM: ssl: review polling on reneg. |
| - BUG/MEDIUM: ssl: Fix some reneg cases not correctly handled. |
| - BUG/MEDIUM: ssl: Fix sometimes reneg fails if requested by server. |
| - MINOR: build: allow packagers to specify the ssl cache size |
| - MINOR: conf: add warning if ssl is not enabled and a certificate is present on bind. |
| - MINOR: ssl: Add tune.ssl.lifetime statement in global. |
| - MINOR: compression: Enable compression for IE6 w/SP2, IE7 and IE8 |
| - BUG: http: revert broken optimisation from 82fe75c1a79dac933391501b9d293bce34513755 |
| - DOC: duplicate ssl_sni section |
| - MEDIUM: HTTP compression (zlib library support) |
| - CLEANUP: use struct comp_ctx instead of union |
| - BUILD: remove dependency to zlib.h |
| - MINOR: compression: memlevel and windowsize |
| - MEDIUM: use pool for zlib |
| - MINOR: compression: try init in cfgparse.c |
| - MINOR: compression: init before deleting headers |
| - MEDIUM: compression: limit RAM usage |
| - MINOR: compression: tune.comp.maxlevel |
| - MINOR: compression: maximum compression rate limit |
| - MINOR: log-format: check number of arguments in cfgparse.c |
| - BUG/MEDIUM: compression: no Content-Type header but type in configuration |
| - BUG/MINOR: compression: deinit zlib only when required |
| - MEDIUM: compression: don't compress when no data |
| - MEDIUM: compression: use pool for comp_ctx |
| - MINOR: compression: rate limit in 'show info' |
| - MINOR: compression: report zlib memory usage |
| - BUG/MINOR: compression: dynamic level increase |
| - DOC: compression: unsupported cases. |
| - MINOR: compression: CPU usage limit |
| - MEDIUM: http: add "redirect scheme" to ease HTTP to HTTPS redirection |
| - BUG/MAJOR: ssl: missing tests in ACL fetch functions |
| - MINOR: config: add a function to indent error messages |
| - REORG: split "protocols" files into protocol and listener |
| - MEDIUM: config: replace ssl_conf by bind_conf |
| - CLEANUP: listener: remove unused conf->file and conf->line |
| - MEDIUM: listener: add a minimal framework to register "bind" keyword options |
| - MEDIUM: config: move the "bind" TCP parameters to proto_tcp |
| - MEDIUM: move bind SSL parsing to ssl_sock |
| - MINOR: config: improve error reporting for "bind" lines |
| - MEDIUM: config: move the common "bind" settings to listener.c |
| - MEDIUM: config: move all unix-specific bind keywords to proto_uxst.c |
| - MEDIUM: config: enumerate full list of registered "bind" keywords upon error |
| - MINOR: listener: add a scope field in the bind keyword lists |
| - MINOR: config: pass the file and line to config keyword parsers |
| - MINOR: stats: fill the file and line numbers in the stats frontend |
| - MINOR: config: set the bind_conf entry on listeners created from a "listen" line. |
| - MAJOR: listeners: use dual-linked lists to chain listeners with frontends |
| - REORG: listener: move unix perms from the listener to the bind_conf |
| - BUG: backend: balance hdr was broken since 1.5-dev11 |
| - MINOR: standard: make memprintf() support a NULL destination |
| - MINOR: config: make str2listener() use memprintf() to report errors. |
| - MEDIUM: stats: remove the stats_sock struct from the global struct |
| - MINOR: ssl: set the listeners' data layer to ssl during parsing |
| - MEDIUM: stats: make use of the standard "bind" parsers to parse global socket |
| - DOC: move bind options to their own section |
| - DOC: stats: refer to "bind" section for "stats socket" settings |
| - DOC: fix index to reference bind and server options |
| - BUG: http: do not print garbage on invalid requests in debug mode |
| - BUG/MINOR: config: check the proper pointer to report unknown protocol |
| - CLEANUP: connection: offer conn_prepare() to set up a connection |
| - CLEANUP: config: fix typo inteface => interface |
| - BUG: stats: fix regression introduced by commit 4348fad1 |
| - MINOR: cli: allow to set frontend maxconn to zero |
| - BUG/MAJOR: http: chunk parser was broken with buffer changes |
| - MEDIUM: monitor: simplify handling of monitor-net and mode health |
| - MINOR: connection: add a pointer to the connection owner |
| - MEDIUM: connection: make use of the owner instead of container_of |
| - BUG/MINOR: ssl: report the L4 connection as established when possible |
| - BUG/MEDIUM: proxy: must not try to stop disabled proxies upon reload |
| - BUG/MINOR: config: use a copy of the file name in proxy configurations |
| - BUG/MEDIUM: listener: don't pause protocols that do not support it |
| - MEDIUM: proxy: add the global frontend to the list of normal proxies |
| - BUG/MINOR: epoll: correctly disable FD polling in fd_rem() |
| - MINOR: signal: really ignore signals configured with no handler |
| - MINOR: buffers: add a few functions to write chars, strings and blocks |
| - MINOR: raw_sock: always report asynchronous connection errors |
| - MEDIUM: raw_sock: improve connection error reporting |
| - REORG: connection: rename the data layer the "transport layer" |
| - REORG: connection: rename app_cb "data" |
| - MINOR: connection: provide a generic data layer wakeup callback |
| - MINOR: connection: split conn_prepare() in two functions |
| - MINOR: connection: add an init callback to the data_cb struct |
| - MEDIUM: session: use a specific data_cb for embryonic sessions |
| - MEDIUM: connection: use a generic data-layer init() callback |
| - MEDIUM: connection: reorganize connection flags |
| - MEDIUM: connection: only call the data->wake callback on activity |
| - MEDIUM: connection: make it possible for data->wake to return an error |
| - MEDIUM: session: register a data->wake callback to process errors |
| - MEDIUM: connection: don't call the data->init callback upon error |
| - MEDIUM: connection: it's not the data layer's role to validate the connection |
| - MEDIUM: connection: automatically disable polling on error |
| - REORG: connection: move the PROXY protocol management to connection.c |
| - MEDIUM: connection: add a new local send-proxy transport callback |
| - MAJOR: checks: make use of the connection layer to send checks |
| - REORG: server: move the check-specific parts into a check subsection |
| - MEDIUM: checks: use real buffers to store requests and responses |
| - MEDIUM: check: add the ctrl and transport layers in the server check structure |
| - MAJOR: checks: completely use the connection transport layer |
| - MEDIUM: checks: add the "check-ssl" server option |
| - MEDIUM: checks: enable the PROXY protocol with health checks |
| - CLEANUP: checks: remove minor warnings for assigned but not used variables |
| - MEDIUM: tcp: enable TCP Fast Open on systems which support it |
| - BUG: connection: fix regression from commit 9e272bf9 |
| - CLEANUP: cttproxy: remove a warning on undeclared close() |
| - BUG/MAJOR: ensure that hdr_idx is always reserved when L7 fetches are used |
| - MEDIUM: listener: add support for linux's accept4() syscall |
| - MINOR: halog: sort output by cookie code |
| - BUG/MINOR: halog: -ad/-ac report the correct number of output lines |
| - BUG/MINOR: halog: fix help message for -ut/-uto |
| - MINOR: halog: add a parameter to limit output line count |
| - BUILD: accept4: move the socketcall declaration outside of accept4() |
| - MINOR: server: add minimal infrastructure to parse keywords |
| - MINOR: standard: make indent_msg() support empty messages |
| - MEDIUM: server: check for registered keywords when parsing unknown keywords |
| - MEDIUM: server: move parsing of keyword "id" to server.c |
| - BUG/MEDIUM: config: check-send-proxy was ignored if SSL was not builtin |
| - MEDIUM: ssl: move "server" keyword SSL options parsing to ssl_sock.c |
| - MEDIUM: log: suffix the frontend's name with '~' when using SSL |
| - MEDIUM: connection: always unset the transport layer upon close |
| - BUG/MINOR: session: fix some leftover from debug code |
| - BUG/MEDIUM: session: enable the conn_session_update() callback |
| - MEDIUM: connection: add a flag to hold the transport layer |
| - MEDIUM: log: add a new LW_XPRT flag to pin the transport layer |
| - MINOR: log: make lf_text use a const char * |
| - MEDIUM: log: report SSL ciphers and version in logs using logformat %sslc/%sslv |
| - REORG: http: rename msg->buf to msg->chn since it's a channel |
| - CLEANUP: http: use 'chn' to name channel variables, not 'buf' |
| - CLEANUP: channel: use 'chn' instead of 'buf' as local variable names |
| - CLEANUP: tcp: use 'chn' instead of 'buf' or 'b' for channel pointer names |
| - CLEANUP: stream_interface: use 'chn' instead of 'b' to name channel pointers |
| - CLEANUP: acl: use 'chn' instead of 'b' to name channel pointers |
| - MAJOR: channel: replace the struct buffer with a pointer to a buffer |
| - OPTIM: channel: reorganize struct members to improve cache efficiency |
| - CLEANUP: session: remove term_trace which is not used anymore |
| - OPTIM: session: reorder struct session fields |
| - OPTIM: connection: pack the struct target |
| - DOC: document relations between internal entities |
| - MINOR: ssl: add 'ssl_npn' sample/acl to extract TLS/NPN information |
| - BUILD: ssl: fix shctx build on older compilers |
| - MEDIUM: ssl: add support for the "npn" bind keyword |
| - BUG: ssl: fix ssl_sni ACLs to correctly process regular expressions |
| - MINOR: chunk: provide string compare functions |
| - MINOR: sample: accept fetch keywords without parenthesis |
| - MEDIUM: sample: pass an empty list instead of a null for fetch args |
| - MINOR: ssl: improve socket behaviour upon handshake abort. |
| - BUG/MEDIUM: http: set DONTWAIT on data when switching to tunnel mode |
| - MEDIUM: listener: provide a fallback for accept4() when not supported |
| - BUG/MAJOR: connection: risk of crash on certain tricky close scenario |
| - MEDIUM: cli: allow the stats socket to be bound to a specific set of processes |
| - OPTIM: channel: inline channel_forward's fast path |
| - OPTIM: http: inline http_parse_chunk_size() and http_skip_chunk_crlf() |
| - OPTIM: tools: inline hex2i() |
| - CLEANUP: http: rename HTTP_MSG_DATA_CRLF state |
| - MINOR: compression: automatically disable compression for older browsers |
| - MINOR: compression: optimize memLevel to improve byte rate |
| - BUG/MINOR: http: compression should consider all Accept-Encoding header values |
| - BUILD: fix coexistence of openssl and zlib |
| - MINOR: ssl: add pattern and ACLs fetches 'ssl_c_serial' and 'ssl_f_serial' |
| - BUG/MEDIUM: command-line option -D must have precedence over "debug" |
| - MINOR: tools: add a clear_addr() function to unset an address |
| - BUG/MEDIUM: tcp: transparent bind to the source only when address is set |
| - CLEANUP: remove trashlen |
| - MAJOR: session: detach the connections from the stream interfaces |
| - DOC: update document describing relations between internal entities |
| - BUILD: make it possible to specify ZLIB path |
| - MINOR: compression: add an offload option to remove the Accept-Encoding header |
| - BUG: compression: disable auto-close and enable MSG_MORE during transfer |
| - CLEANUP: completely remove trashlen |
| - MINOR: chunk: add a function to reset a chunk |
| - CLEANUP: replace chunk_printf() with chunk_appendf() |
| - MEDIUM: make the trash be a chunk instead of a char * |
| - MEDIUM: remove remains of BUFSIZE in HTTP auth and sample conversions |
| - MEDIUM: stick-table: allocate the table key of size buffer size |
| - BUG/MINOR: stream_interface: don't loop over ->snd_buf() |
| - BUG/MINOR: session: ensure that we don't retry connection if some data were sent |
| - OPTIM: session: don't process the whole session when only timers need a refresh |
| - BUG/MINOR: session: mark the handshake as complete earlier |
| - MAJOR: connection: remove the CO_FL_CURR_*_POL flag |
| - BUG/MAJOR: always clear the CO_FL_WAIT_* flags after updating polling flags |
| - MAJOR: sepoll: make the poller totally event-driven |
| - OPTIM: stream_interface: disable reading when CF_READ_DONTWAIT is set |
| - BUILD: compression: remove a build warning |
| - MEDIUM: fd: don't unset fdtab[].updated upon delete |
| - REORG: fd: move the speculative I/O management from ev_sepoll |
| - REORG: fd: move the fd state management from ev_sepoll |
| - REORG: fd: centralize the processing of speculative events |
| - BUG: raw_sock: also consider ENOTCONN in addition to EAGAIN |
| - BUILD: stream_interface: remove si_fd() and its references |
| - BUILD: compression: enable build in BSD and OSX Makefiles |
| - MAJOR: ev_select: make the poller support speculative events |
| - MAJOR: ev_poll: make the poller support speculative events |
| - MAJOR: ev_kqueue: make the poller support speculative events |
| - MAJOR: polling: replace epoll with sepoll and remove sepoll |
| - MAJOR: polling: remove unused callbacks from the poller struct |
| - MEDIUM: http: refrain from sending "Connection: close" when Upgrade is present |
| - CLEANUP: channel: remove any reference of the hijackers |
| - CLEANUP: stream_interface: remove the external task type target |
| - MAJOR: connection: replace struct target with a pointer to an enum |
| - BUG: connection: fix typo in previous commit |
| - BUG: polling: don't skip polled events in the spec list |
| - MINOR: splice: disable it when the system returns EBADF |
| - MINOR: build: allow packagers to specify the default maxzlibmem |
| - BUG: halog: fix broken output limitation |
| - BUG: proxy: fix server name lookup in get_backend_server() |
| - BUG: compression: do not always increment the round counter on allocation failure |
| - BUG/MEDIUM: compression: release the zlib pools between keep-alive requests |
| - MINOR: global: don't prevent nbproc from being redefined |
| - MINOR: config: support process ranges for "bind-process" |
| - MEDIUM: global: add support for CPU binding on Linux ("cpu-map") |
| - MINOR: ssl: rename and document the tune.ssl.cachesize option |
| - DOC: update the PROXY protocol spec to support v2 |
| - MINOR: standard: add a simple popcount function |
| - MEDIUM: adjust the maxaccept per listener depending on the number of processes |
| - BUG: compression: properly disable compression when content-type does not match |
| - MINOR: cli: report connection status in "show sess xxx" |
| - BUG/MAJOR: stream_interface: certain workloads could cause get stuck |
| - BUILD: cli: fix build when SSL is enabled |
| - MINOR: cli: report the fd state in "show sess xxx" |
| - MINOR: cli: report an error message on missing argument to compression rate |
| - MINOR: http: add some debugging functions to pretty-print msg state names |
| - BUG/MAJOR: stream_interface: read0 not always handled since dev12 |
| - DOC: documentation on http header capture is wrong |
| - MINOR: http: allow the cookie capture size to be changed |
| - DOC: http header capture has not been limited in size for a long time |
| - DOC: update readme with build methods for BSD |
| - BUILD: silence a warning on Solaris about usage of isdigit() |
| - MINOR: stats: report HTTP compression stats per frontend and per backend |
| - MINOR: log: add '%Tl' to log-format |
| - MINOR: samples: update the url_param fetch to match parameters in the path |
| |
| 2012/09/10 : 1.5-dev12 |
| - CONTRIB: halog: sort URLs by avg bytes_read or total bytes_read |
| - MEDIUM: ssl: add support for prefer-server-ciphers option |
| - MINOR: IPv6 support for transparent proxy |
| - MINOR: protocol: add SSL context to listeners if USE_OPENSSL is defined |
| - MINOR: server: add SSL context to servers if USE_OPENSSL is defined |
| - MEDIUM: connection: add a new handshake flag for SSL (CO_FL_SSL_WAIT_HS). |
| - MEDIUM: ssl: add new files ssl_sock.[ch] to provide the SSL data layer |
| - MEDIUM: config: add the 'ssl' keyword on 'bind' lines |
| - MEDIUM: config: add support for the 'ssl' option on 'server' lines |
| - MEDIUM: ssl: protect against client-initiated renegociation |
| - BUILD: add optional support for SSL via the USE_OPENSSL flag |
| - MEDIUM: ssl: add shared memory session cache implementation. |
| - MEDIUM: ssl: replace OpenSSL's session cache with the shared cache |
| - MINOR: ssl add global setting tune.sslcachesize to set SSL session cache size. |
| - MEDIUM: ssl: add support for SNI and wildcard certificates |
| - DOC: Typos cleanup |
| - DOC: fix name for "option independant-streams" |
| - DOC: specify the default value for maxconn in the context of a proxy |
| - BUG/MINOR: to_log erased with unique-id-format |
| - LICENSE: add licence exception for OpenSSL |
| - BUG/MAJOR: cookie prefix doesn't support cookie-less servers |
| - BUILD: add an AIX 5.2 (and later) target. |
| - MEDIUM: fd/si: move peeraddr from struct fdinfo to struct connection |
| - MINOR: halog: use the more recent dual-mode fgets2 implementation |
| - BUG/MEDIUM: ebtree: ebmb_insert() must not call cmp_bits on full-length matches |
| - CLEANUP: halog: make clean should also remove .o files |
| - OPTIM: halog: make use of memchr() on platforms which provide a fast one |
| - OPTIM: halog: improve cold-cache behaviour when loading a file |
| - BUG/MINOR: ACL implicit arguments must be created with unresolved flag |
| - MINOR: replace acl_fetch_{path,url}* with smp_fetch_* |
| - MEDIUM: pattern: add the "base" sample fetch method |
| - OPTIM: i386: make use of kernel-mode-linux when available |
| - BUG/MINOR: tarpit: fix condition to return the HTTP 500 message |
| - BUG/MINOR: polling: some events were not set in various pollers |
| - MINOR: http: add the urlp_val ACL match |
| - BUG: stktable: tcp_src_to_stktable_key() must return NULL on invalid families |
| - MINOR: stats/cli: add plans to support more stick-table actions |
| - MEDIUM: stats/cli: add support for "set table key" to enter values |
| - REORG/MEDIUM: fd: remove FD_STCLOSE from struct fdtab |
| - REORG/MEDIUM: fd: remove checks for FD_STERROR in ev_sepoll |
| - REORG/MEDIUM: fd: get rid of FD_STLISTEN |
| - REORG/MINOR: connection: move declaration to its own include file |
| - REORG/MINOR: checks: put a struct connection into the server |
| - MINOR: connection: add flags to the connection struct |
| - MAJOR: get rid of fdtab[].state and use connection->flags instead |
| - MINOR: fd: add a new I/O handler to fdtab |
| - MEDIUM: polling: prepare to call the iocb() function when defined. |
| - MEDIUM: checks: make use of fdtab->iocb instead of cb[] |
| - MEDIUM: protocols: use the generic I/O callback for accept callbacks |
| - MINOR: connection: add a handler for fd-based connections |
| - MAJOR: connection: replace direct I/O callbacks with the connection callback |
| - MINOR: fd: make fdtab->owner a connection and not a stream_interface anymore |
| - MEDIUM: connection: remove the FD_POLL_* flags only once |
| - MEDIUM: connection: extract the send_proxy callback from proto_tcp |
| - MAJOR: tcp: remove the specific I/O callbacks for TCP connection probes |
| - CLEANUP: remove the now unused fdtab direct I/O callbacks |
| - MAJOR: remove the stream interface and task management code from sock_* |
| - MEDIUM: stream_interface: pass connection instead of fd in sock_ops |
| - MEDIUM: stream_interface: centralize the SI_FL_ERR management |
| - MAJOR: connection: add a new CO_FL_CONNECTED flag |
| - MINOR: rearrange tcp_connect_probe() and fix wrong return codes |
| - MAJOR: connection: call data layer handshakes from the handler |
| - MEDIUM: fd: remove the EV_FD_COND_* primitives |
| - MINOR: sock_raw: move calls to si_data_close upper |
| - REORG: connection: replace si_data_close() with conn_data_close() |
| - MEDIUM: sock_raw: introduce a read0 callback that is different from shutr |
| - MAJOR: stream_int: use a common stream_int_shut*() functions regardless of the data layer |
| - MAJOR: fd: replace all EV_FD_* macros with new fd_*_* inline calls |
| - MEDIUM: fd: add fd_poll_{recv,send} for use when explicit polling is required |
| - MEDIUM: connection: add definitions for dual polling mechanisms |
| - MEDIUM: connection: make use of the new polling functions |
| - MAJOR: make use of conn_{data|sock}_{poll|stop|want}* in connection handlers |
| - MEDIUM: checks: don't use FD_WAIT_* anymore |
| - MINOR: fd: get rid of FD_WAIT_* |
| - MEDIUM: stream_interface: offer a generic function for connection updates |
| - MEDIUM: stream-interface: offer a generic chk_rcv function for connections |
| - MEDIUM: stream-interface: add a snd_buf() callback to sock_ops |
| - MEDIUM: stream-interface: provide a generic stream_int_chk_snd_conn() function |
| - MEDIUM: stream-interface: provide a generic si_conn_send_cb callback |
| - MEDIUM: stream-interface: provide a generic stream_sock_read0() function |
| - REORG/MAJOR: use "struct channel" instead of "struct buffer" |
| - REORG/MAJOR: extract "struct buffer" from "struct channel" |
| - MINOR: connection: provide conn_{data|sock}_{read0|shutw} functions |
| - REORG: sock_raw: rename the files raw_sock* |
| - MAJOR: raw_sock: extract raw_sock_to_buf() from raw_sock_read() |
| - MAJOR: raw_sock: temporarily disable splicing |
| - MINOR: stream-interface: add an rcv_buf callback to sock_ops |
| - REORG: stream-interface: move sock_raw_read() to si_conn_recv_cb() |
| - MAJOR: connection: split the send call into connection and stream interface |
| - MAJOR: stream-interface: restore splicing mechanism |
| - MAJOR: stream-interface: make conn_notify_si() more robust |
| - MEDIUM: proxy-proto: don't use buffer flags in conn_si_send_proxy() |
| - MAJOR: stream-interface: don't commit polling changes in every callback |
| - MAJOR: stream-interface: fix splice not to call chk_snd by itself |
| - MEDIUM: stream-interface: don't remove WAIT_DATA when a handshake is in progress |
| - CLEANUP: connection: split sock_ops into data_ops, app_cp and si_ops |
| - REORG: buffers: split buffers into chunk,buffer,channel |
| - MAJOR: channel: remove the BF_OUT_EMPTY flag |
| - REORG: buffer: move buffer_flush, b_adv and b_rew to buffer.h |
| - MINOR: channel: rename bi_full to channel_full as it checks the whole channel |
| - MINOR: buffer: provide a new buffer_full() function |
| - MAJOR: channel: stop relying on BF_FULL to take action |
| - MAJOR: channel: remove the BF_FULL flag |
| - REORG: channel: move buffer_{replace,insert_line}* to buffer.{c,h} |
| - CLEANUP: channel: usr CF_/CHN_ prefixes instead of BF_/BUF_ |
| - CLEANUP: channel: use "channel" instead of "buffer" in function names |
| - REORG: connection: move the target pointer from si to connection |
| - MAJOR: connection: move the addr field from the stream_interface |
| - MEDIUM: stream_interface: remove CAP_SPLTCP/CAP_SPLICE flags |
| - MEDIUM: proto_tcp: remove any dependence on stream_interface |
| - MINOR: tcp: replace tcp_src_to_stktable_key with addr_to_stktable_key |
| - MEDIUM: connection: add an ->init function to data layer |
| - MAJOR: session: introduce embryonic sessions |
| - MAJOR: connection: make the PROXY decoder a handshake handler |
| - CLEANUP: frontend: remove the old proxy protocol decoder |
| - MAJOR: connection: rearrange the polling flags. |
| - MEDIUM: connection: only call tcp_connect_probe when nothing was attempted yet |
| - MEDIUM: connection: complete the polling cleanups |
| - MEDIUM: connection: avoid calling handshakes when polling is required |
| - MAJOR: stream_interface: continue to update data polling flags during handshakes |
| - CLEANUP: fd: remove fdtab->flags |
| - CLEANUP: fdtab: flatten the struct and merge the spec struct with the rest |
| - CLEANUP: includes: fix includes for a number of users of fd.h |
| - MINOR: ssl: disable TCP quick-ack by default on SSL listeners |
| - MEDIUM: config: add a "ciphers" keyword to set SSL cipher suites |
| - MEDIUM: config: add "nosslv3" and "notlsv1" on bind and server lines |
| - BUG: ssl: mark the connection as waiting for an SSL connection during the handshake |
| - BUILD: http: rename error_message http_error_message to fix conflicts on RHEL |
| - BUILD: ssl: fix shctx build on RHEL with futex |
| - BUILD: include sys/socket.h to fix build failure on FreeBSD |
| - BUILD: fix build error without SSL (ssl_cert) |
| - BUILD: ssl: use MAP_ANON instead of MAP_ANONYMOUS |
| - BUG/MEDIUM: workaround an eglibc bug which truncates the pidfiles when nbproc > 1 |
| - MEDIUM: config: support per-listener backlog and maxconn |
| - MINOR: session: do not send an HTTP/500 error on SSL sockets |
| - MEDIUM: config: implement maxsslconn in the global section |
| - BUG: tcp: close socket fd upon connect error |
| - MEDIUM: connection: improve error handling around the data layer |
| - MINOR: config: make the tasks "nice" value configurable on "bind" lines. |
| - BUILD: shut a gcc warning introduced by commit 269ab31 |
| - MEDIUM: config: centralize handling of SSL config per bind line |
| - BUILD: makefile: report USE_OPENSSL status in build options |
| - BUILD: report openssl build settings in haproxy -vv |
| - MEDIUM: ssl: add sample fetches for is_ssl, ssl_has_sni, ssl_sni_* |
| - DOC: add a special acknowledgement for the stud project |
| - DOC: add missing SSL options for servers and listeners |
| - BUILD: automatically add -lcrypto for SSL |
| - DOC: add some info about openssl build in the README |
| |
| 2012/06/04 : 1.5-dev11 |
| - BUG/MEDIUM: option forwardfor if-none doesn't work with some configurations |
| - BUG/MAJOR: trash must always be the size of a buffer |
| - DOC: fix minor regex example issue and improve doc on stats |
| - MINOR: stream_interface: add a pointer to the listener for TARG_TYPE_CLIENT |
| - MEDIUM: protocol: add a pointer to struct sock_ops to the listener struct |
| - MINOR: checks: add on-marked-up option |
| - MINOR: balance uri: added 'whole' parameter to include query string in hash calculation |
| - MEDIUM: stream_interface: remove the si->init |
| - MINOR: buffers: add a rewind function |
| - BUG/MAJOR: fix regression on content-based hashing and http-send-name-header |
| - MAJOR: http: stop using msg->sol outside the parsers |
| - CLEANUP: http: make it more obvious that msg->som is always null outside of chunks |
| - MEDIUM: http: get rid of msg->som which is not used anymore |
| - MEDIUM: http: msg->sov and msg->sol will never wrap |
| - BUG/MAJOR: checks: don't call set_server_status_* when no LB algo is set |
| - BUG/MINOR: stop connect timeout when connect succeeds |
| - REORG: move the send-proxy code to tcp_connect_write() |
| - REORG/MINOR: session: detect the TCP monitor checks at the protocol accept |
| - MINOR: stream_interface: introduce a new "struct connection" type |
| - REORG/MINOR: stream_interface: move si->fd to struct connection |
| - REORG/MEDIUM: stream_interface: move applet->state and private to connection |
| - MINOR: stream_interface: add a data channel close function |
| - MEDIUM: stream_interface: call si_data_close() before releasing the si |
| - MINOR: peers: use the socket layer operations from the peer instead of sock_raw |
| - BUG/MINOR: checks: expire on timeout.check if smaller than timeout.connect |
| - MINOR: add a new function call tracer for debugging purposes |
| - BUG/MINOR: perform_http_redirect also needs to rewind the buffer |
| - BUG/MAJOR: b_rew() must pass a signed offset to b_ptr() |
| - BUG/MEDIUM: register peer sync handler in the proper order |
| - BUG/MEDIUM: buffers: fix bi_putchr() to correctly advance the pointer |
| - BUG/MINOR: fix option httplog validation with TCP frontends |
| - BUG/MINOR: log: don't report logformat errors in backends |
| - REORG/MINOR: use dedicated proxy flags for the cookie handling |
| - BUG/MINOR: config: do not report twice the incompatibility between cookie and non-http |
| - MINOR: http: add support for "httponly" and "secure" cookie attributes |
| - BUG/MEDIUM: ensure that unresolved arguments are freed exactly once |
| - BUG/MINOR: commit 196729ef used wrong condition resulting in freeing constants |
| - MEDIUM: stats: add support for soft stop/soft start in the admin interface |
| - MEDIUM: stats: add the ability to kill sessions from the admin interface |
| - BUILD: add support for linux kernels >= 2.6.28 |
| |
| 2012/05/14 : 1.5-dev10 |
| - BUG/MINOR: stats admin: "Unexpected result" was displayed unconditionally |
| - BUG/MAJOR: acl: http_auth_group() must not accept any user from the userlist |
| - CLEANUP: auth: make the code build again with DEBUG_AUTH |
| - BUG/MEDIUM: config: don't crash at config load time on invalid userlist names |
| - REORG: use the name sock_raw instead of stream_sock |
| - MINOR: stream_interface: add a client target : TARG_TYPE_CLIENT |
| - BUG/MEDIUM: stream_interface: restore get_src/get_dst |
| - CLEANUP: sock_raw: remove last references to stream_sock |
| - CLEANUP: stream_interface: stop exporting socket layer functions |
| - MINOR: stream_interface: add an init callback to sock_ops |
| - MEDIUM: stream_interface: derive the socket operations from the target |
| - MAJOR: fd: remove the need for the socket layer to recheck the connection |
| - MINOR: session: call the socket layer init function when a session establishes |
| - MEDIUM: session: add support for tunnel timeouts |
| - MINOR: standard: add a new debug macro : fddebug() |
| - CLEANUP: fd: remove unused cb->b pointers in the struct fdtab |
| - OPTIM: proto_http: don't enable quick-ack on empty buffers |
| - OPTIM/MAJOR: ev_sepoll: process spec events after polled events |
| - OPTIM/MEDIUM: stream_interface: add a new SI_FL_NOHALF flag |
| |
| 2012/05/08 : 1.5-dev9 |
| - MINOR: Add release callback to si_applet |
| - CLEANUP: Fix some minor typos |
| - MINOR: Add TO/FROM_SET flags to struct stream_interface |
| - CLEANUP: Fix some minor whitespace issues |
| - MINOR: stats admin: allow unordered parameters in POST requests |
| - CLEANUP: fix typo in findserver() log message |
| - MINOR: stats admin: use the backend id instead of its name in the form |
| - MINOR: stats admin: reduce memcmp()/strcmp() calls on status codes |
| - DOC: cleanup indentation, alignment, columns and chapters |
| - DOC: fix some keywords arguments documentation |
| - MINOR: cli: display the 4 IP addresses and ports on "show sess XXX" |
| - BUG/MAJOR: log: possible segfault with logformat |
| - MEDIUM: log: split of log_format generation |
| - MEDIUM: log: New format-log flags: %Fi %Fp %Si %Sp %Ts %rt %H %pid |
| - MEDIUM: log: Unique ID |
| - MINOR: log: log-format: usable without httplog and tcplog |
| - BUG/MEDIUM: balance source did not properly hash IPv6 addresses |
| - MINOR: contrib/iprange: add a network IP range to mask converter |
| - MEDIUM: session: implement the "use-server" directive |
| - MEDIUM: log: add a new cookie flag 'U' to report situations where cookie is not used |
| - MEDIUM: http: make extract_cookie_value() iterate over cookie values |
| - MEDIUM: http: add cookie and scookie ACLs |
| - CLEANUP: lb_first: add reference to a paper describing the original idea |
| - MEDIUM: stream_sock: add a get_src and get_dst callback and remove SN_FRT_ADDR_SET |
| - BUG/MINOR: acl: req_ssl_sni would randomly fail if a session ID is present |
| - BUILD: http: make extract_cookie_value() return an int not size_t |
| - BUILD: http: stop gcc-4.1.2 from complaining about possibly uninitialized values |
| - CLEANUP: http: message parser must ignore HTTP_MSG_ERROR |
| - MINOR: standard: add a memprintf() function to build formatted error messages |
| - CLEANUP: remove a few warning about unchecked return values in debug code |
| - MEDIUM: move message-related flags from transaction to message |
| - DOC: add a diagram to explain how circular buffers work |
| - MAJOR: buffer rework: replace ->send_max with ->o |
| - MAJOR: buffer: replace buf->l with buf->{o+i} |
| - MINOR: buffers: provide simple pointer normalization functions |
| - MINOR: buffers: remove unused function buffer_contig_data() |
| - MAJOR: buffers: replace buf->w with buf->p - buf->o |
| - MAJOR: buffers: replace buf->r with buf->p + buf->i |
| - MAJOR: http: move buffer->lr to http_msg->next |
| - MAJOR: http: change msg->{som,col,sov,eoh} to be relative to buffer origin |
| - CLEANUP: http: remove unused http_msg->col |
| - MAJOR: http: turn http_msg->eol to a buffer-relative offset |
| - MEDIUM: http: add a pointer to the buffer in http_msg |
| - MAJOR: http: make http_msg->sol relative to buffer's origin |
| - MEDIUM: http: http_send_name_header: remove references to msg and buffer |
| - MEDIUM: http: remove buffer arg in a few header manipulation functions |
| - MEDIUM: http: remove buffer arg in http_capture_bad_message |
| - MEDIUM: http: remove buffer arg in http_msg_analyzer |
| - MEDIUM: http: remove buffer arg in http_upgrade_v09_to_v10 |
| - MEDIUM: http: remove buffer arg in http_buffer_heavy_realign |
| - MEDIUM: http: remove buffer arg in chunk parsing functions |
| - MINOR: http: remove useless wrapping checks in http_msg_analyzer |
| - MEDIUM: buffers: fix unsafe use of buffer_ignore at some places |
| - MEDIUM: buffers: add new pointer wrappers and get rid of almost all buffer_wrap_add calls |
| - MEDIUM: buffers: implement b_adv() to advance a buffer's pointer |
| - MEDIUM: buffers: rename a number of buffer management functions |
| - MEDIUM: http: add a prefetch function for ACL pattern fetch |
| - MEDIUM: http: make all ACL fetch function use acl_prefetch_http() |
| - BUG/MINOR: http_auth: ACLs are volatile, not permanent |
| - MEDIUM: http/acl: merge all request and response ACL fetches of headers and cookies |
| - MEDIUM: http/acl: make acl_fetch_hdr_{ip,val} rely on acl_fetch_hdr() |
| - MEDIUM: add a new typed argument list parsing framework |
| - MAJOR: acl: make use of the new argument parsing framework |
| - MAJOR: acl: store the ACL argument types in the ACL keyword declaration |
| - MEDIUM: acl: acl_find_target() now resolves arguments based on their types |
| - MAJOR: acl: make acl_find_targets also resolve proxy names at config time |
| - MAJOR: acl: ensure that implicit table and proxies are valid |
| - MEDIUM: acl: remove unused tests for missing args when args are mandatory |
| - MEDIUM: pattern: replace type pattern_arg with type arg |
| - MEDIUM: pattern: get rid of arg_i in all functions making use of arguments |
| - MEDIUM: pattern: use the standard arg parser |
| - MEDIUM: pattern: add an argument validation callback to pattern descriptors |
| - MEDIUM: pattern: report the precise argument parsing error when known. |
| - MEDIUM: acl: remove the ACL_TEST_F_NULL_MATCH flag |
| - MINOR: pattern: add a new 'sample' type to store fetched data |
| - MEDIUM: pattern: add new sample types to replace pattern types |
| - MAJOR: acl: make use of the new sample struct and get rid of acl_test |
| - MEDIUM: pattern/acl: get rid of temp_pattern in ACLs |
| - MEDIUM: acl: get rid of the SET_RES flags |
| - MEDIUM: get rid of SMP_F_READ_ONLY and SMP_F_MUST_FREE |
| - MINOR: pattern: replace struct pattern with struct sample |
| - MEDIUM: pattern: integrate pattern_data into sample and use sample everywhere |
| - MEDIUM: pattern: retrieve the sample type in the sample, not in the keyword description |
| - MEDIUM: acl/pattern: switch rdp_cookie functions stack up-down |
| - MEDIUM: acl: replace acl_expr with args in acl fetch_* functions |
| - MINOR: tcp: replace acl_fetch_rdp_cookie with smp_fetch_rdp_cookie |
| - MEDIUM: acl/pattern: use the same direction scheme |
| - MEDIUM: acl/pattern: start merging common sample fetch functions |
| - MEDIUM: pattern: ensure that sample types always cast into other types. |
| - MEDIUM: acl/pattern: factor out the src/dst address fetches |
| - MEDIUM: acl: implement payload and payload_lv |
| - CLEANUP: pattern: ensure that payload and payload_lv always stay in the buffer |
| - MINOR: stick_table: centralize the handling of empty keys |
| - MINOR: pattern: centralize handling of unstable data in pattern_process() |
| - MEDIUM: pattern: use smp_fetch_rdp_cookie instead of the pattern specific version |
| - MINOR: acl: set SMP_OPT_ITERATE on fetch functions |
| - MINOR: acl: add a val_args field to keywords |
| - MINOR: proto_tcp: validate arguments of payload and payload_lv ACLs |
| - MEDIUM: http: merge acl and pattern header fetch functions |
| - MEDIUM: http: merge ACL and pattern cookie fetches into a single one |
| - MEDIUM: acl: report parsing errors to the caller |
| - MINOR: arg: improve error reporting on invalid arguments |
| - MINOR: acl: report errors encountered when loading patterns from files |
| - MEDIUM: acl: extend the pattern parsers to report meaningful errors |
| - REORG: use the name "sample" instead of "pattern" to designate extracted data |
| - REORG: rename "pattern" files |
| - MINOR: acl: add types to ACL patterns |
| - MINOR: standard: add an IPv6 parsing function (str62net) |
| - MEDIUM: acl: support IPv6 address matching |
| - REORG: stream_interface: create a struct sock_ops to hold socket operations |
| - REORG/MEDIUM: move protocol->{read,write} to sock_ops |
| - REORG/MEDIUM: stream_interface: initialize socket ops from descriptors |
| - REORG/MEDIUM: replace stream interface protocol functions by a proto pointer |
| - REORG/MEDIUM: move the default accept function from sockstream to protocols.c |
| - MEDIUM: proto_tcp: remove src6 and dst6 pattern fetch methods |
| - BUG/MINOR: http: error snapshots are wrong if buffer wraps |
| - BUG/MINOR: http: ensure that msg->err_pos is always relative to buf->p |
| - MEDIUM: http: improve error capture reports |
| - MINOR: acl: add the cook_val() match to match a cookie against an integer |
| - BUG/MEDIUM: send_proxy: fix initialisation of send_proxy_ofs |
| - MEDIUM: memory: add the ability to poison memory at run time |
| - BUG/MEDIUM: log: ensure that unique_id is properly initialized |
| - MINOR: cfgparse: use a common errmsg pointer for all parsers |
| - MEDIUM: cfgparse: make backend_parse_balance() use memprintf to report errors |
| - MEDIUM: cfgparse: use the new error reporting framework for remaining cfg_keywords |
| - MINOR: http: replace http_message_realign() with buffer_slow_realign() |
| |
| 2012/03/26 : 1.5-dev8 |
| - MINOR: patch for minor typo (ressources/resources) |
| - MEDIUM: http: add support for sending the server's name in the outgoing request |
| - DOC: mention that default checks are TCP connections |
| - BUG/MINOR: fix options forwardfor if-none when an alternative header name is specified |
| - CLEANUP: Make check_statuses, analyze_statuses and process_chk static |
| - CLEANUP: Fix HCHK spelling errors |
| - BUG/MINOR: fix typo in processing of http-send-name-header |
| - MEDIUM: log: Use linked lists for loggers |
| - BUILD: fix declaration inside a scope block |
| - REORG: log: split send_log function |
| - MINOR: config: Parse the string of the log-format config keyword |
| - MINOR: add ultoa, ulltoa, ltoa, lltoa implementations |
| - MINOR: Date and time fonctions that don't use snprintf |
| - MEDIUM: log: make http_sess_log use log_format |
| - DOC: log-format documentation |
| - MEDIUM: log: use log_format for mode tcplog |
| - MEDIUM: log-format: backend source address %Bi %Bp |
| - BUG/MINOR: log-format: fix %o flag |
| - BUG/MEDIUM: bad length in log_format and __send_log |
| - MINOR: logformat %st is signed |
| - BUILD/MINOR: fix the source URL in the spec file |
| - DOC: acl is http_first_req, not http_req_first |
| - BUG/MEDIUM: don't trim last spaces from headers consisting only of spaces |
| - MINOR: acl: add new matches for header/path/url length |
| - BUILD: halog: make halog build on solaris |
| - BUG/MINOR: don't use a wrong port when connecting to a server with mapped ports |
| - MINOR: remove the client/server side distinction in SI addresses |
| - MINOR: halog: add support for matching queued requests |
| - DOC: indicate that cookie "prefix" and "indirect" should not be mixed |
| - OPTIM/MINOR: move struct sockaddr_storage to the tail of structs |
| - OPTIM/MINOR: make it possible to change pipe size (tune.pipesize) |
| - BUILD/MINOR: silent a build warning in src/pipe.c (fcntl) |
| - OPTIM/MINOR: move the hdr_idx pools out of the proxy struct |
| - MEDIUM: tune.http.maxhdr makes it possible to configure the maximum number of HTTP headers |
| - BUG/MINOR: fix a segfault when parsing a config with undeclared peers |
| - CLEANUP: rename possibly confusing struct field "tracked" |
| - BUG/MEDIUM: checks: fix slowstart behaviour when server tracking is in use |
| - MINOR: config: tolerate server "cookie" setting in non-HTTP mode |
| - MEDIUM: buffers: add some new primitives and rework existing ones |
| - BUG: buffers: don't return a negative value on buffer_total_space_res() |
| - MINOR: buffers: make buffer_pointer() support negative pointers too |
| - CLEANUP: kill buffer_replace() and use an inline instead |
| - BUG: tcp: option nolinger does not work on backends |
| - CLEANUP: ebtree: remove a few annoying signedness warnings |
| - CLEANUP: ebtree: clarify licence and update to 6.0.6 |
| - CLEANUP: ebtree: remove 4-year old harmless typo in duplicates insertion code |
| - CLEANUP: ebtree: remove another typo, a wrong initialization in insertion code |
| - BUG: ebtree: ebst_lookup() could return the wrong entry |
| - OPTIM: stream_sock: reduce the amount of in-flight spliced data |
| - OPTIM: stream_sock: save a failed recv syscall when splice returns EAGAIN |
| - MINOR: acl: add support for TLS server name matching using SNI |
| - BUG: http: re-enable TCP quick-ack upon incomplete HTTP requests |
| - BUG: proto_tcp: don't try to bind to a foreign address if sin_family is unknown |
| - MINOR: pattern: export the global temporary pattern |
| - CLEANUP: patterns: get rid of pattern_data_setstring() |
| - MEDIUM: acl: use temp_pattern to store fetched information in the "method" match |
| - MINOR: acl: include pattern.h to make pattern migration more transparent |
| - MEDIUM: pattern: change the pattern data integer from unsigned to signed |
| - MEDIUM: acl: use temp_pattern to store any integer-type information |
| - MEDIUM: acl: use temp_pattern to store any address-type information |
| - CLEANUP: acl: integer part of acl_test is not used anymore |
| - MEDIUM: acl: use temp_pattern to store any string-type information |
| - CLEANUP: acl: remove last data fields from the acl_test struct |
| - MEDIUM: http: replace get_ip_from_hdr2() with http_get_hdr() |
| - MEDIUM: patterns: the hdr() pattern is now of type string |
| - DOC: add minimal documentation on how ACLs work internally |
| - DOC: add a coding-style file |
| - OPTIM: halog: keep a fast path for the lines-count only |
| - CLEANUP: silence a warning when building on sparc |
| - BUG: http: tighten the list of allowed characters in a URI |
| - MEDIUM: http: block non-ASCII characters in URIs by default |
| - DOC: add some documentation from RFC3986 about URI format |
| - BUG/MINOR: cli: correctly remove the whole table on "clear table" |
| - BUG/MEDIUM: correctly disable servers tracking another disabled servers. |
| - BUG/MEDIUM: zero-weight servers must not dequeue requests from the backend |
| - MINOR: halog: add some help on the command line |
| - BUILD: fix build error on FreeBSD |
| - BUG: fix double free in peers config error path |
| - MEDIUM: improve config check return codes |
| - BUILD: make it possible to look for pcre in the default system paths |
| - MINOR: config: emit a warning when 'default_backend' masks servers |
| - MINOR: backend: rework the LC definition to support other connection-based algos |
| - MEDIUM: backend: add the 'first' balancing algorithm |
| - BUG: fix httplog trailing LF |
| - MEDIUM: increase chunk-size limit to 2GB-1 |
| - BUG: queue: fix dequeueing sequence on HTTP keep-alive sessions |
| - BUG: http: disable TCP delayed ACKs when forwarding content-length data |
| - BUG: checks: fix server maintenance exit sequence |
| - BUG/MINOR: stream_sock: don't remove BF_EXPECT_MORE and BF_SEND_DONTWAIT on partial writes |
| - DOC: enumerate valid status codes for "observe layer7" |
| - MINOR: buffer: switch a number of buffer args to const |
| - CLEANUP: silence signedness warning in acl.c |
| - BUG: stream_sock: si->release was not called upon shutw() |
| - MINOR: log: use "%ts" to log term status only and "%tsc" to log with cookie |
| - BUG/CRITICAL: log: fix risk of crash in development snapshot |
| - BUG/MAJOR: possible crash when using capture headers on TCP frontends |
| - MINOR: config: disable header captures in TCP mode and complain |
| |
| 2011/09/10 : 1.5-dev7 |
| - [BUG] fix binary stick-tables |
| - [MINOR] http: *_dom matching header functions now also split on ":" |
| - [BUG] checks: fix support of Mysqld >= 5.5 for mysql-check |
| - [MINOR] acl: add srv_conn acl to count connections on a specific backend server |
| - [MINOR] check: add redis check support |
| - [DOC] small fixes to clearly distinguish between keyword and variables |
| - [MINOR] halog: add support for termination code matching (-tcn/-TCN) |
| - [DOC] Minor spelling fixes and grammatical enhancements |
| - [CLEANUP] dumpstats: make symbols static where possible |
| - [MINOR] Break out dumping table |
| - [MINOR] Break out processing of clear table |
| - [MINOR] Allow listing of stick table by key |
| - [MINOR] Break out all stick table socat command parsing |
| - [MINOR] More flexible clearing of stick table |
| - [MINOR] Allow showing and clearing by key of ipv6 stick tables |
| - [MINOR] Allow showing and clearing by key of integer stick tables |
| - [MINOR] Allow showing and clearing by key of string stick tables |
| - [CLEANUP] Remove assigned but unused variables |
| - [CLEANUP] peers.h: fix declarations |
| - [CLEANUP] session.c: Make functions static where possible |
| - [MINOR] Add active connection list to server |
| - [MINOR] Allow shutdown of sessions when a server becomes unavailable |
| - [MINOR] Add down termination condition |
| - [MINOR] Make appsess{,ion}_refresh static |
| - [MINOR] Add rdp_cookie pattern fetch function |
| - [CLEANUP] Remove unnecessary casts |
| - [MINOR] Add non-stick server option |
| - [MINOR] Consistently use error in tcp_parse_tcp_req() |
| - [MINOR] Consistently free expr on error in cfg_parse_listen() |
| - [MINOR] Free rdp_cookie_name on denint() |
| - [MINOR] Free tcp rules on denint() |
| - [MINOR] Free stick table pool on denint() |
| - [MINOR] Free stick rules on denint() |
| - [MEDIUM] Fix stick-table replication on soft-restart |
| - [MEDIUM] Correct ipmask() logic |
| - [MINOR] Correct type in table dump examples |
| - [MINOR] Fix build error in stream_int_register_handler() |
| - [MINOR] Use DPRINTF in assign_server() |
| - [BUG] checks: http-check expect could fail a check on multi-packet responses |
| - [DOC] fix minor typo in the "dispatch" doc |
| - [BUG] proto_tcp: fix address binding on remote source |
| - [MINOR] http: don't report the "haproxy" word on the monitoring response |
| - [REORG] http: move HTTP error codes back to proto_http.h |
| - [MINOR] http: make the "HTTP 200" status code configurable. |
| - [MINOR] http: partially revert the chunking optimization for now |
| - [MINOR] stream_sock: always clear BF_EXPECT_MORE upon complete transfer |
| - [CLEANUP] stream_sock: remove unneeded FL_TCP and factor out test |
| - [MEDIUM] http: add support for "http-no-delay" |
| - [OPTIM] http: optimize chunking again in non-interactive mode |
| - [OPTIM] stream_sock: avoid fast-forwarding of partial data |
| - [OPTIM] stream_sock: don't use splice on too small payloads |
| - [MINOR] config: make it possible to specify a cookie even without a server |
| - [BUG] stats: support url-encoded forms |
| - [MINOR] config: automatically compute a default fullconn value |
| - [CLEANUP] config: remove some left-over printf debugging code from previous patch |
| - [DOC] add missing entry or stick store-response |
| - [MEDIUM] http: add support for 'cookie' and 'set-cookie' patterns |
| - [BUG] halog: correctly handle truncated last line |
| - [MINOR] halog: make SKIP_CHAR stop on field delimiters |
| - [MINOR] halog: add support for HTTP log matching (-H) |
| - [MINOR] halog: gain back performance before SKIP_CHAR fix |
| - [OPTIM] halog: cache some common fields positions |
| - [OPTIM] halog: check once for correct line format and reuse the pointer |
| - [OPTIM] halog: remove many 'if' by using a function pointer for the filters |
| - [OPTIM] halog: remove support for tab delimiters in input data |
| - [BUG] session: risk of crash on out of memory (1.5-dev regression) |
| - [MINOR] session: try to emit a 500 response on memory allocation errors |
| - [OPTIM] stream_sock: reduce the default number of accepted connections at once |
| - [BUG] stream_sock: disable listener when system resources are exhausted |
| - [MEDIUM] proxy: add a PAUSED state to listeners and move socket tricks out of proxy.c |
| - [BUG] stream_sock: ensure orphan listeners don't accept too many connections |
| - [MINOR] listeners: add listen_full() to mark a listener full |
| - [MINOR] listeners: add support for queueing resource limited listeners |
| - [MEDIUM] listeners: put listeners in queue upon resource shortage |
| - [MEDIUM] listeners: queue proxy-bound listeners at the proxy's |
| - [MEDIUM] listeners: don't stop proxies when global maxconn is reached |
| - [MEDIUM] listeners: don't change listeners states anymore in maintain_proxies |
| - [CLEANUP] proxy: rename a few proxy states (PR_STIDLE and PR_STRUN) |
| - [MINOR] stats: report a "WAITING" state for sockets waiting for resource |
| - [MINOR] proxy: make session rate-limit more accurate |
| - [MINOR] sessions: only wake waiting listeners up if rate limit is OK |
| - [BUG] proxy: peers must only be stopped once, not upon every call to maintain_proxies |
| - [CLEANUP] proxy: merge maintain_proxies() operation inside a single loop |
| - [MINOR] task: new function task_schedule() to schedule a wake up |
| - [MAJOR] proxy: finally get rid of maintain_proxies() |
| - [BUG] proxy: stats frontend and peers were missing many initializers |
| - [MEDIUM] listeners: add a global listener management task |
| - [MINOR] proxy: make findproxy() return proxies from numeric IDs too |
| - [DOC] fix typos, "#" is a sharp, not a dash |
| - [MEDIUM] stats: add support for changing frontend's maxconn at runtime |
| - [MEDIUM] checks: group health checks methods by values and save option bits |
| - [MINOR] session-counters: add the ability to clear the counters |
| - [BUG] check: http-check expect + regex would crash in defaults section |
| - [MEDIUM] http: make x-forwarded-for addition conditional |
| - [REORG] build: move syscall redefinition to specific places |
| - [CLEANUP] update the year in the copyright banner |
| - [BUG] possible crash in 'show table' on stats socket |
| - [BUG] checks: use the correct destination port for sending checks |
| - [BUG] backend: risk of picking a wrong port when mapping is used with crossed families |
| - [MINOR] make use of set_host_port() and get_host_port() to get rid of family mismatches |
| - [DOC] fixed a few "sensible" -> "sensitive" errors |
| - [MINOR] make use of addr_to_str() and get_host_port() to replace many inet_ntop() |
| - [BUG] http: trailing white spaces must also be trimmed after headers |
| - [MINOR] stats: display "<NONE>" instead of the frontend name when unknown |
| - [MINOR] http: take a capture of too large requests and responses |
| - [MINOR] http: take a capture of truncated responses |
| - [MINOR] http: take a capture of bad content-lengths. |
| - [DOC] add a few old and uncommitted docs |
| - [CLEANUP] cfgparse: fix reported options for the "bind" keyword |
| - [MINOR] halog: add -hs/-HS to filter by HTTP status code range |
| - [MINOR] halog: support backslash-escaped quotes |
| - [CLEANUP] remove dirty left-over of a debugging message |
| - [MEDIUM] stats: disable complex socket reservation for stats socket |
| - [CLEANUP] remove a useless test in manage_global_listener_queue() |
| - [MEDIUM] stats: add the "set maxconn" setting to the command line interface |
| - [MEDIUM] add support for global.maxconnrate to limit the per-process conn rate. |
| - [MINOR] stats: report the current and max global connection rates |
| - [MEDIUM] stats: add the ability to adjust the global maxconnrate |
| - [BUG] peers: don't pre-allocate 65000 connections to each peer |
| - [MEDIUM] don't limit peers nor stats socket to maxconn nor maxconnrate |
| - [BUG] peers: the peer frontend must not emit any log |
| - [CLEANUP] proxy: make pause_proxy() perform the required controls and emit the logs |
| - [BUG] peers: don't keep a peers section which has a NULL frontend |
| - [BUG] peers: ensure the peers are resumed if they were paused |
| - [MEDIUM] stats: add the ability to enable/disable/shutdown a frontend at runtime |
| - [MEDIUM] session: make session_shutdown() an independant function |
| - [MEDIUM] stats: offer the possibility to kill a session from the CLI |
| - [CLEANUP] stats: centralize tests for backend/server inputs on the CLI |
| - [MEDIUM] stats: offer the possibility to kill sessions by server |
| - [MINOR] halog: do not consider byte 0x8A as end of line |
| - [MINOR] frontend: ensure debug message length is always initialized |
| - [OPTIM] halog: make fgets parse more bytes by blocks |
| - [OPTIM] halog: add assembly version of the field lookup code |
| - [MEDIUM] poll: add a measurement of idle vs work time |
| - [CLEANUP] startup: report only the basename in the usage message |
| - [MINOR] startup: add an option to change to a new directory |
| - [OPTIM] task: don't scan the run queue if we know it's empty |
| - [BUILD] stats: stdint is not present on solaris |
| - [DOC] update the README file to reflect new naming rules for patches |
| - [MINOR] stats: report the number of requests intercepted by the frontend |
| - [DOC] update ROADMAP file |
| |
| 2011/04/08 : 1.5-dev6 |
| - [BUG] stream_sock: use get_addr_len() instead of sizeof() on sockaddr_storage |
| - [BUG] TCP source tracking was broken with IPv6 changes |
| - [BUG] stick-tables did not work when converting IPv6 to IPv4 |
| - [CRITICAL] fix risk of crash when dealing with space in response cookies |
| |
| 2011/03/29 : 1.5-dev5 |
| - [BUG] standard: is_addr return value for IPv4 was inverted |
| - [MINOR] update comment about IPv6 support for server |
| - [MEDIUM] use getaddrinfo to resolve names if gethostbyname fail |
| - [DOC] update IPv6 support for bind |
| - [DOC] document IPv6 support for server |
| - [DOC] fix a minor typo |
| - [MEDIUM] IPv6 support for syslog |
| - [DOC] document IPv6 support for syslog |
| - [MEDIUM] IPv6 support for stick-tables |
| - [DOC] document IPv6 support for stick-tables |
| - [DOC] update ROADMAP file |
| - [BUG] session: src_conn_cur was returning src_conn_cnt instead |
| - [MINOR] frontend: add a make_proxy_line function |
| - [MEDIUM] stream_sock: add support for sending the proxy protocol header line |
| - [MEDIUM] server: add support for the "send-proxy" option |
| - [DOC] update the spec on the proxy protocol |
| - [BUILD] proto_tcp: fix build issue with CTTPROXY |
| - [DOC] update ROADMAP file |
| - [MEDIUM] config: rework the IPv4/IPv6 address parser to support host-only addresses |
| - [MINOR] cfgparse: better report wrong listening addresses and make use of str2sa_range |
| - [BUILD] add the USE_GETADDRINFO build option |
| - [TESTS] provide a test case for various address formats |
| - [BUG] session: conn_retries was not always initialized |
| - [BUG] log: retrieve the target from the session, not the SI |
| - [BUG] http: fix possible incorrect forwarded wrapping chunk size (take 2) |
| - [MINOR] tools: add two macros MID_RANGE and MAX_RANGE |
| - [BUG] http: fix content-length handling on 32-bit platforms |
| - [OPTIM] buffers: uninline buffer_forward() |
| - [BUG] stream_sock: fix handling for server side PROXY protocol |
| - [MINOR] acl: add support for table_cnt and table_avl matches |
| - [DOC] update ROADMAP file |
| |
| 2011/03/13 : 1.5-dev4 |
| - [MINOR] cfgparse: Check whether the path given for the stats socket actually fits into the sockaddr_un structure to avoid truncation. |
| - [MINOR] unix sockets : inherits the backlog size from the listener |
| - [CLEANUP] unix sockets : move create_uxst_socket() in uxst_bind_listener() |
| - [DOC] fix a minor typo |
| - [DOC] fix ignore-persist documentation |
| - [MINOR] add warnings on features not compatible with multi-process mode |
| - [BUG] http: fix http-pretend-keepalive and httpclose/tunnel mode |
| - [MINOR] stats: add support for several packets in stats admin |
| - [BUG] stats: admin commands must check the proxy state |
| - [BUG] stats: admin web interface must check the proxy state |
| - [MINOR] http: add pattern extraction method to stick on query string parameter |
| - [MEDIUM] add internal support for IPv6 server addresses |
| - [MINOR] acl: add be_id/srv_id to match backend's and server's id |
| - [MINOR] log: add support for passing the forwarded hostname |
| - [MINOR] log: ability to override the syslog tag |
| - [MINOR] checks: add PostgreSQL health check |
| - [DOC] update ROADMAP file |
| - [BUILD] pattern: use 'int' instead of 'int32_t' |
| - [OPTIM] linux: add support for bypassing libc to force using vsyscalls |
| - [BUG] debug: report the correct poller list in verbose mode |
| - [BUG] capture: do not capture a cookie if there is no memory left |
| - [BUG] appsession: fix possible double free in case of out of memory |
| - [CRITICAL] cookies: mixing cookies in indirect mode and appsession can crash the process |
| - [BUG] http: correctly update the header list when removing two consecutive headers |
| - [BUILD] add the CPU=native and ARCH=32/64 build options |
| - [BUILD] add -fno-strict-aliasing to fix warnings with gcc >= 4.4 |
| - [CLEANUP] hash: move the avalanche hash code globally available |
| - [MEDIUM] hash: add support for an 'avalanche' hash-type |
| - [DOC] update roadmap file |
| - [BUG] http: do not re-enable the PROXY analyser on keep-alive |
| - [OPTIM] http: don't send each chunk in a separate packet |
| - [DOC] fix minor typos reported recently in the peers section |
| - [DOC] fix another typo in the doc |
| - [MINOR] stats: report HTTP message state and buffer flags in error dumps |
| - [BUG] http chunking: don't report a parsing error on connection errors |
| - [BUG] stream_interface: truncate buffers when sending error messages |
| - [MINOR] http: support wrapping messages in error captures |
| - [MINOR] http: capture incorrectly chunked message bodies |
| - [MINOR] stats: add global event ID and count |
| - [BUG] http: analyser optimizations broke pipelining |
| - [CLEANUP] frontend: only apply TCP-specific settings to TCP/TCP6 sockets |
| - [BUG] http: fix incorrect error reporting during data transfers |
| - [CRITICAL] session: correctly leave turn-around and queue states on abort |
| - [BUG] session: release slot before processing pending connections |
| - [MINOR] tcp: add support for dynamic MSS setting |
| - [BUG] stick-table: correctly terminate string keys during lookups |
| - [BUG] acl: fix handling of empty lines in pattern files |
| - [BUG] stick-table: use the private buffer when padding strings |
| - [BUG] ebtree: fix ebmb_lookup() with len smaller than the tree's keys |
| - [OPTIM] ebtree: ebmb_lookup: reduce stack usage by moving the return code out of the loop |
| - [OPTIM] ebtree: inline ebst_lookup_len and ebis_lookup_len |
| - [REVERT] undo the stick-table string key lookup fixes |
| - [MINOR] http: improve url_param pattern extraction to ignore empty values |
| - [BUILD] frontend: shut a warning with TCP_MAXSEG |
| - [BUG] http: update the header list's tail when removing the last header |
| - [DOC] fix minor typo in the proxy protocol doc |
| - [DOC] fix typos (http-request instead of http-check) |
| - [BUG] http: use correct ACL pointer when evaluating authentication |
| - [BUG] cfgparse: correctly count one socket per port in ranges |
| - [BUG] startup: set the rlimits before binding ports, not after. |
| - [BUG] acl: srv_id must return no match when the server is NULL |
| - [MINOR] acl: add ability to check for internal response-only parameters |
| - [MINOR] acl: srv_id is only valid in responses |
| - [MINOR] config: warn if response-only conditions are used in "redirect" rules |
| - [BUG] acl: fd leak when reading patterns from file |
| - [DOC] fix minor typo in "usesrc" |
| - [BUG] http: fix possible incorrect forwarded wrapping chunk size |
| - [BUG] http: fix computation of message body length after forwarding has started |
| - [BUG] http: balance url_param did not work with first parameters on POST |
| - [TESTS] update the url_param regression test to test check_post too |
| - [DOC] update ROADMAP |
| - [DOC] internal: reflect the fact that SI_ST_ASS is transient |
| - [BUG] config: don't crash on empty pattern files. |
| - [MINOR] stream_interface: make use of an applet descriptor for IO handlers |
| - [REORG] stream_interface: move the st0, st1 and private members to the applet |
| - [REORG] stream_interface: split the struct members in 3 parts |
| - [REORG] session: move client and server address to the stream interface |
| - [REORG] tcp: make tcpv4_connect_server() take the target address from the SI |
| - [MEDIUM] stream_interface: store the target pointer and type |
| - [CLEANUP] stream_interface: remove the applet.handler pointer |
| - [MEDIUM] log: take the logged server name from the stream interface |
| - [CLEANUP] session: remove data_source from struct session |
| - [CLEANUP] stats: make all dump functions only rely on the stream interface |
| - [REORG] session: move the data_ctx struct to the stream interface's applet |
| - [MINOR] proxy: add PR_O2_DISPATCH to detect dispatch mode |
| - [MINOR] cfgparse: only keep one of dispatch, transparent, http_proxy |
| - [MINOR] session: add a pointer to the new target into the session |
| - [MEDIUM] session: remove s->prev_srv which is not needed anymore |
| - [CLEANUP] stream_interface: use inline functions to manipulate targets |
| - [MAJOR] session: remove the ->srv pointer from struct session |
| - [MEDIUM] stats: split frontend and backend stats |
| - [MEDIUM] http: always evaluate http-request rules before stats http-request |
| - [REORG] http: move the http-request rules to proto_http |
| - [BUG] http: stats were not incremented on http-request deny |
| - [MINOR] checks: report it if checks fail due to socket creation error |
| |
| 2010/11/11 : 1.5-dev3 |
| - [DOC] fix http-request documentation |
| - [MEDIUM] enable/disable servers from the stats web interface |
| - [MEDIUM] stats: add an admin level |
| - [DOC] stats: document the "stats admin" statement |
| - [MINOR] startup: print the proxy socket which caused an error |
| - [CLEANUP] Remove unneeded chars allocation |
| - [MINOR] config: detect options not supported due to compilation options |
| - [MINOR] Add pattern's fetchs payload and payload_lv |
| - [MINOR] frontend: improve accept-proxy header parsing |
| - [MINOR] frontend: add tcpv6 support on accept-proxy bind |
| - [MEDIUM] Enhance message errors management on binds |
| - [MINOR] Manage unix socket source field on logs |
| - [MINOR] Manage unix socket source field on session dump on sock stats |
| - [MINOR] Support of unix listener sockets for debug and log event messages on frontend.c |
| - [MINOR] Add some tests on sockets family for port remapping and mode transparent. |
| - [MINOR] Manage socket type unix for some logs |
| - [MINOR] Enhance controls of socket's family on acls and pattern fetch |
| - [MINOR] Support listener's sockets unix on http logs. |
| - [MEDIUM] Add supports of bind on unix sockets. |
| - [BUG] stick table purge failure if size less than 255 |
| - [BUG] stick table entries expire on counters updates/read or show table, even if there is no "expire" parameter |
| - [MEDIUM] Implement tcp inspect response rules |
| - [DOC] tcp-response content and inspect |
| - [MINOR] new acls fetch req_ssl_hello_type and rep_ssl_hello_type |
| - [DOC] acls rep_ssl_hello and req_ssl_hello |
| - [MEDIUM] Create new protected pattern types CONSTSTRING and CONSTDATA to force memcpy if data from protected areas need to be manipulated. |
| - [DOC] new type binary in stick-table |
| - [DOC] stick store-response and new patterns payload and payload_lv |
| - [MINOR] Manage all types (ip, integer, string, binary) on cli "show table" command |
| - [MEDIUM] Create updates tree on stick table to manage sync. |
| - [MAJOR] Add new files src/peer.c, include/proto/peers.h and include/types/peers.h for sync stick table management |
| - [MEDIUM] Manage peers section parsing and stick table registration on peers. |
| - [MEDIUM] Manage soft stop on peers proxy |
| - [DOC] add documentation for peers section |
| - [MINOR] checks: add support for LDAPv3 health checks |
| - [MINOR] add better support to "mysql-check" |
| - [BUG] Restore info about available active/backup servers |
| - [CONTRIB] Update haproxy.pl |
| - [CONTRIB] Update Cacti Tempates |
| - [CONTRIB] add templates for Cacti. |
| - [BUG] http: don't consider commas as a header delimitor within quotes |
| - [MINOR] support a global jobs counter |
| - [DOC] add a summary about cookie incompatibilities between specs and browsers |
| - [DOC] fix description of cookie "insert" and "indirect" modes |
| - [MEDIUM] http: fix space handling in the request cookie parser |
| - [MEDIUM] http: fix space handling in the response cookie parser |
| - [DOC] fix typo in the queue() definition (backend, not frontend) |
| - [BUG] deinit: unbind listeners before freeing them |
| - [BUG] stream_interface: only call si->release when both dirs are closed |
| - [MEDIUM] buffers: rework the functions to exchange between SI and buffers |
| - [DOC] fix typo in the avg_queue() and be_conn() definition (backend, not frontend) |
| - [MINOR] halog: add '-tc' to sort by termination codes |
| - [MINOR] halog: skip non-traffic logs for -st and -tc |
| - [BUG] stream_sock: cleanly disable the listener in case of resource shortage |
| - [BUILD] stream_sock: previous fix lacked the #include, causing a warning. |
| - [DOC] bind option is "defer-accept", not "defer_accept" |
| - [DOC] missing index entry for http-check send-state |
| - [DOC] tcp-request inspect-delay is for backends too |
| - [BUG] ebtree: string_equal_bits() could return garbage on identical strings |
| - [BUG] stream_sock: try to flush any extra pending request data after a POST |
| - [BUILD] proto_http: eliminate some build warnings with gcc-2.95 |
| - [MEDIUM] make it possible to combine http-pretend-keepalived with httpclose |
| - [MEDIUM] tcp-request : don't wait for inspect-delay to expire when the buffer is full |
| - [MEDIUM] checks: add support for HTTP contents lookup |
| - [TESTS] add test-check-expect to test various http-check methods |
| - [MINOR] global: add "tune.chksize" to change the default check buffer size |
| - [MINOR] cookie: add options "maxidle" and "maxlife" |
| - [MEDIUM] cookie: support client cookies with some contents appended to their value |
| - [MINOR] http: make some room in the transaction flags to extend cookies |
| - [MINOR] cookie: add the expired (E) and old (O) flags for request cookies |
| - [MEDIUM] cookie: reassign set-cookie status flags to store more states |
| - [MINOR] add encode/decode function for 30-bit integers from/to base64 |
| - [MEDIUM] cookie: check for maxidle and maxlife for incoming dated cookies |
| - [MEDIUM] cookie: set the date in the cookie if needed |
| - [DOC] document the cookie maxidle and maxlife parameters |
| - [BUG] checks: don't log backend down for all zero-weight servers |
| - [MEDIUM] checks: set server state to one state from failure when leaving maintenance |
| - [BUG] config: report correct keywords for "observe" |
| - [MINOR] checks: ensure that we can inherit binary checks from the defaults section |
| - [MINOR] acl: add the http_req_first match |
| - [DOC] fix typos about bind-process syntax |
| - [BUG] cookie: correctly unset default cookie parameters |
| - [MINOR] cookie: add support for the "preserve" option |
| - [BUG] ebtree: fix duplicate strings insertion |
| - [CONTRIB] halog: report per-url counts, errors and times |
| - [CONTRIB] halog: minor speed improvement in timer parser |
| - [MINOR] buffers: add a new request analyser flag for PROXY mode |
| - [MINOR] listener: add the "accept-proxy" option to the "bind" keyword |
| - [MINOR] standard: add read_uint() to parse a delimited unsigned integer |
| - [MINOR] standard: change arg type from const char* to char* |
| - [MINOR] frontend: add a new analyser to parse a proxied connection |
| - [MEDIUM] session: call the frontend_decode_proxy analyser on proxied connections |
| - [DOC] add the proxy protocol's specifications |
| - [DOC] document the 'accept-proxy' bind option |
| - [MINOR] cfgparse: report support of <path> for the 'bind' statements |
| - [DOC] add references to unix socket handling |
| - [MINOR] move MAXPATHLEN definition to compat.h |
| - [MEDIUM] unix sockets: cleanup the error reporting path |
| - [BUG] session: don't stop forwarding of data upon last packet |
| - [CLEANUP] accept: replace some inappropriate Alert() calls with send_log() |
| - [BUILD] peers: shut a printf format warning (key_size is a size_t) |
| - [BUG] accept: don't close twice upon error |
| - [OPTIM] session: don't recheck analysers when buffer flags have not changed |
| - [OPTIM] stream_sock: don't clear FDs that are already cleared |
| - [BUG] proto_tcp: potential bug on pattern fetch dst and dport |
| |
| 2010/08/28 : 1.5-dev2 |
| - [MINOR] startup: release unused structs after forking |
| - [MINOR] startup: don't wait for nothing when no old pid remains |
| - [CLEANUP] reference product branch 1.5 |
| - [MEDIUM] signals: add support for registering functions and tasks |
| - [MEDIUM] signals: support redistribution of signal zero when stopping |
| - [BUG] http: don't set auto_close if more data are expected |
| |
| 2010/08/25 : 1.5-dev1 |
| - [BUG] stats: session rate limit gets garbaged in the stats |
| - [DOC] mention 'option http-server-close' effect in Tq section |
| - [DOC] summarize and highlight persistent connections behaviour |
| - [DOC] add configuration samples |
| - [BUG] http: dispatch and http_proxy modes were broken for a long time |
| - [BUG] http: the transaction must be initialized even in TCP mode |
| - [BUG] tcp: dropped connections must be counted as "denied" not "failed" |
| - [BUG] consistent hash: balance on all servers, not only 2 ! |
| - [CONTRIB] halog: report per-server status codes, errors and response times |
| - [BUG] http: the transaction must be initialized even in TCP mode (part 2) |
| - [BUG] client: always ensure to zero rep->analysers |
| - [BUG] session: clear BF_READ_ATTACHED before next I/O |
| - [BUG] http: automatically close response if req is aborted |
| - [BUG] proxy: connection rate limiting was eating lots of CPU |
| - [BUG] http: report correct flags in case of client aborts during body |
| - [TESTS] refine non-regression tests and add 4 new tests |
| - [BUG] debug: wrong pointer was used to report a status line |
| - [BUG] debug: correctly report truncated messages |
| - [DOC] document the "dispatch" keyword |
| - [BUG] stick_table: fix possible memory leak in case of connection error |
| - [CLEANUP] acl: use 'L6' instead of 'L4' in ACL flags relying on contents |
| - [MINOR] accept: count the incoming connection earlier |
| - [CLEANUP] tcp: move some non tcp-specific layer6 processing out of proto_tcp |
| - [CLEANUP] client: move some ACLs away to their respective locations |
| - [CLEANUP] rename client -> frontend |
| - [MEDIUM] separate protocol-level accept() from the frontend's |
| - [MINOR] proxy: add a list to hold future layer 4 rules |
| - [MEDIUM] config: parse tcp layer4 rules (tcp-request accept/reject) |
| - [MEDIUM] tcp: check for pure layer4 rules immediately after accept() |
| - [OPTIM] frontend: tell the compiler that errors are unlikely to occur |
| - [MEDIUM] frontend: check for LI_O_TCP_RULES in the listener |
| - [MINOR] frontend: only check for monitor-net rules if LI_O_CHK_MONNET is set |
| - [CLEANUP] buffer->cto is not used anymore |
| - [MEDIUM] session: finish session establishment sequence in with I/O handlers |
| - [MEDIUM] session: initialize server-side timeouts after connect() |
| - [MEDIUM] backend: initialize the server stream_interface upon connect() |
| - [MAJOR] frontend: don't initialize the server-side stream_int anymore |
| - [MEDIUM] session: move the conn_retries attribute to the stream interface |
| - [MEDIUM] session: don't assign conn_retries upon accept() anymore |
| - [MINOR] frontend: rely on the frontend and not the backend for INDEPSTR |
| - [MAJOR] frontend: reorder the session initialization upon accept |
| - [MINOR] proxy: add an accept() callback for the application layer |
| - [MAJOR] frontend: split accept() into frontend_accept() and session_accept() |
| - [MEDIUM] stats: rely on the standard session_accept() function |
| - [MINOR] buffer: refine the flags that may wake an analyser up. |
| - [MINOR] stream_sock: don't dereference a non-existing frontend |
| - [MINOR] session: differenciate between accepted connections and received connections |
| - [MEDIUM] frontend: count the incoming connection earlier |
| - [MINOR] frontend: count denied TCP requests separately |
| - [CLEANUP] stick_table: add/clarify some comments |
| - [BUILD] memory: add a few missing parenthesis to the pool management macros |
| - [MINOR] stick_table: add support for variable-sized data |
| - [CLEANUP] stick_table: rename some stksess struct members to avoid confusion |
| - [CLEANUP] stick_table: move pattern to key functions to stick_table.c |
| - [MEDIUM] stick_table: add room for extra data types |
| - [MINOR] stick_table: add support for "conn_cum" data type. |
| - [MEDIUM] stick_table: don't overwrite data when storing an entry |
| - [MINOR] config: initialize stick tables after all the parsing |
| - [MINOR] stick_table: provide functions to return stksess data from a type |
| - [MEDIUM] stick_table: move the server ID to a generic data type |
| - [MINOR] stick_table: enable it for frontends too |
| - [MINOR] stick_table: export the stick_table_key |
| - [MINOR] tcp: add per-source connection rate limiting |
| - [MEDIUM] stick_table: separate storage and update of session entries |
| - [MEDIUM] stick-tables: add a reference counter to each entry |
| - [MINOR] session: add a pointer to the tracked counters for the source |
| - [CLEANUP] proto_tcp: make the config parser a little bit more flexible |
| - [BUG] config: report the correct proxy type in tcp-request errors |
| - [MINOR] config: provide a function to quote args in a more friendly way |
| - [BUG] stick_table: the fix for the memory leak caused a regression |
| - [MEDIUM] backend: support servers on 0.0.0.0 |
| - [BUG] stick-table: correctly refresh expiration timers |
| - [MEDIUM] stream-interface: add a ->release callback |
| - [MINOR] proxy: add a "parent" member to the structure |
| - [MEDIUM] session: make it possible to call an I/O handler on both SI |
| - [MINOR] tools: add a fast div64_32 function |
| - [MINOR] freq_ctr: add new types and functions for periods different from 1s |
| - [MINOR] errors: provide new status codes for config parsing functions |
| - [BUG] http: denied requests must not be counted as denied resps in listeners |
| - [MINOR] tools: add a get_std_op() function to parse operators |
| - [MEDIUM] acl: make use of get_std_op() to parse intger ranges |
| - [MAJOR] stream_sock: better wakeup conditions on read() |
| - [BUG] session: analysers must be checked when SI state changes |
| - [MINOR] http: reset analysers to listener's, not frontend's |
| - [MEDIUM] session: support "tcp-request content" rules in backends |
| - [BUILD] always match official tags when doing git-tar |
| - [MAJOR] stream_interface: fix the wakeup conditions for embedded iohandlers |
| - [MEDIUM] buffer: make buffer_feed* support writing non-contiguous chunks |
| - [MINOR] tcp: src_count acl does not have a permanent result |
| - [MAJOR] session: add track-counters to track counters related to the session |
| - [MINOR] stick-table: provide a table lookup function |
| - [MINOR] stick-table: use suffix "_cnt" for cumulated counts |
| - [MEDIUM] session: move counter ACL fetches from proto_tcp |
| - [MEDIUM] session: add concurrent connections counter |
| - [MEDIUM] session: add data in and out volume counters |
| - [MINOR] session: add the trk_conn_cnt ACL keyword to track connection counts |
| - [MEDIUM] session-counters: automatically update tracked connection count |
| - [MINOR] session: add the trk_conn_cur ACL keyword to track concurrent connection |
| - [MINOR] session: add trk_kbytes_* ACL keywords to track data size |
| - [MEDIUM] session: add a counter on the cumulated number of sessions |
| - [MINOR] config: support a comma-separated list of store data types in stick-table |
| - [MEDIUM] stick-tables: add support for arguments to data_types |
| - [MEDIUM] stick-tables: add stored data argument type checking |
| - [MEDIUM] session counters: add conn_rate and sess_rate counters |
| - [MEDIUM] session counters: add bytes_in_rate and bytes_out_rate counters |
| - [MINOR] stktable: add a stktable_update_key() function |
| - [MINOR] session-counters: add a general purpose counter (gpc0) |
| - [MEDIUM] session-counters: add HTTP req/err tracking |
| - [MEDIUM] stats: add "show table [<name>]" to dump a stick-table |
| - [MEDIUM] stats: add "clear table <name> key <value>" to clear table entries |
| - [CLEANUP] stick-table: declare stktable_data_types as extern |
| - [MEDIUM] stick-table: make use of generic types for stored data |
| - [MINOR] stats: correctly report errors on "show table" and "clear table" |
| - [MEDIUM] stats: add the ability to dump table entries matching criteria |
| - [DOC] configuration: document all the new tracked counters |
| - [DOC] stats: document "show table" and "clear table" |
| - [MAJOR] session-counters: split FE and BE track counters |
| - [MEDIUM] tcp: accept the "track-counters" in "tcp-request content" rules |
| - [MEDIUM] session counters: automatically remove expired entries. |
| - [MEDIUM] config: replace 'tcp-request <action>' with "tcp-request connection" |
| - [MEDIUM] session-counters: make it possible to count connections from frontend |
| - [MINOR] session-counters: use "track-sc{1,2}" instead of "track-{fe,be}-counters" |
| - [MEDIUM] session-counters: correctly unbind the counters tracked by the backend |
| - [CLEANUP] stats: use stksess_kill() to remove table entries |
| - [DOC] update the references to session counters and to tcp-request connection |
| - [DOC] cleanup: split a few long lines |
| - [MEDIUM] http: forward client's close when abortonclose is set |
| - [BUG] queue: don't dequeue proxy-global requests on disabled servers |
| - [BUG] stats: global stats timeout may be specified before stats socket. |
| - [BUG] conf: add tcp-request content rules to the correct list |
| |
| 2010/05/23 : 1.5-dev0 |
| - exact copy of 1.4.6 |
| |
| 2010/05/16 : 1.4.6 |
| - [BUILD] ebtree: update to v6.0.1 to remove references to dprintf() |
| - [CLEANUP] acl: make use of eb_is_empty() instead of open coding the tree's emptiness test |
| - [MINOR] acl: add srv_is_up() to check that a specific server is up or not |
| - [DOC] add a few precisions about the use of RDP cookies |
| |
| 2010/05/13 : 1.4.5 |
| - [DOC] report minimum kernel version for tproxy in the Makefile |
| - [MINOR] add the "ignore-persist" option to conditionally ignore persistence |
| - [DOC] add the "ignore-persist" option to conditionally ignore persistence |
| - [DOC] fix ignore-persist/force-persist documentation |
| - [BUG] cttproxy: socket fd leakage in check_cttproxy_version |
| - [DOC] doc/configuration.txt: fix typos |
| - [MINOR] option http-pretend-keepalive is both for FEs and BEs |
| - [MINOR] fix possible crash in debug mode with invalid responses |
| - [MINOR] halog: add support for statisticts on status codes |
| - [OPTIM] halog: use a faster zero test in fgets() |
| - [OPTIM] halog: minor speedup by using unlikely() |
| - [OPTIM] halog: speed up fgets2-64 by about 10% |
| - [DOC] refresh the README file and merge the CONTRIB file into it |
| - [MINOR] acl: support loading values from files |
| - [MEDIUM] ebtree: upgrade to version 6.0 |
| - [MINOR] acl trees: add flags and union members to store values in trees |
| - [MEDIUM] acl: add ability to insert patterns in trees |
| - [MEDIUM] acl: add tree-based lookups of exact strings |
| - [MEDIUM] acl: add tree-based lookups of networks |
| - [MINOR] acl: ignore empty lines and comments in pattern files |
| - [MINOR] stick-tables: add support for "stick on hdr" |
| |
| 2010/04/07 : 1.4.4 |
| - [BUG] appsession should match the whole cookie name |
| - [CLEANUP] proxy: move PR_O_SSL3_CHK to options2 to release one flag |
| - [MEDIUM] backend: move the transparent proxy address selection to backend |
| - [MINOR] add very fast IP parsing functions |
| - [MINOR] add new tproxy flags for dynamic source address binding |
| - [MEDIUM] add ability to connect to a server from an IP found in a header |
| - [BUILD] config: last patch breaks build without CONFIG_HAP_LINUX_TPROXY |
| - [MINOR] http: make it possible to pretend keep-alive when doing close |
| - [MINOR] config: report "default-server" instead of "(null)" in error messages |
| |
| 2010/03/30 : 1.4.3 |
| - [CLEANUP] stats: remove printf format warning in stats_dump_full_sess_to_buffer() |
| - [MEDIUM] session: better fix for connection to servers with closed input |
| - [DOC] indicate in the doc how to bind to port ranges |
| - [BUG] backend: L7 hashing must not be performed on incomplete requests |
| - [TESTS] add a simple program to test connection resets |
| - [MINOR] cli: "show errors" should display "backend <NONE>" when backend was not used |
| - [MINOR] config: emit warnings when HTTP-only options are used in TCP mode |
| - [MINOR] config: allow "slowstart 0s" |
| - [BUILD] 'make tags' did not consider files ending in '.c' |
| - [MINOR] checks: add the ability to disable a server in the config |
| |
| 2010/03/17 : 1.4.2 |
| - [CLEANUP] product branch update |
| - [DOC] Some more documentation cleanups |
| - [BUG] clf logs segfault when capturing a non existant header |
| - [OPTIM] config: only allocate check buffer when checks are enabled |
| - [MEDIUM] checks: support multi-packet health check responses |
| - [CLEANUP] session: remove duplicate test |
| - [BUG] http: don't wait for response data to leave buffer is client has left |
| - [MINOR] proto_uxst: set accept_date upon accept() to the wall clock time |
| - [MINOR] stats: don't send empty lines in "show errors" |
| - [MINOR] stats: make the data dump function reusable for other purposes |
| - [MINOR] stats socket: add show sess <id> to dump details about a session |
| - [BUG] stats: connection reset counters must be plain ascii, not HTML |
| - [BUG] url_param hash may return a down server |
| - [MINOR] force null-termination of hostname |
| - [MEDIUM] connect to servers even when the input has already been closed |
| - [BUG] don't merge anonymous ACLs ! |
| - [BUG] config: fix endless loop when parsing "on-error" |
| - [MINOR] http: don't mark a server as failed when it returns 501/505 |
| - [OPTIM] checks: try to detect the end of response without polling again |
| - [BUG] checks: don't report an error when recv() returns an error after data |
| - [BUG] checks: don't abort when second poll returns an error |
| - [MINOR] checks: make shutdown() silently fail |
| - [BUG] http: fix truncated responses on chunk encoding when size divides buffer size |
| - [BUG] init: unconditionally catch SIGPIPE |
| - [BUG] checks: don't wait for a close to start parsing the response |
| |
| 2010/03/04 : 1.4.1 |
| - [BUG] Clear-cookie path issue |
| - [DOC] fix typo on stickiness rules |
| - [BUILD] fix BSD and OSX makefiles for missing files |
| - [BUILD] includes order breaks OpenBSD build |
| - [BUILD] fix some build warnings on Solaris with is* macros |
| - [BUG] logs: don't report "last data" when we have just closed after an error |
| - [BUG] logs: don't report "proxy request" when server closes early |
| - [BUILD] fix platform-dependant build issues related to crypt() |
| - [STATS] count transfer aborts caused by client and by server |
| - [STATS] frontend requests were not accounted for failed requests |
| - [MINOR] report total number of processed connections when stopping a proxy |
| - [DOC] be more clear about the limitation to one single monitor-net entry |
| |
| 2010/02/26 : 1.4.0 |
| - [MINOR] stats: report maint state for tracking servers too |
| - [DOC] fix summary to add pattern extraction |
| - [DOC] Documentation cleanups |
| - [BUG] cfgparse memory leak and missing free calls in deinit() |
| - [BUG] pxid/puid/luid: don't shift IDs when some of them are forced |
| - [EXAMPLES] add auth.cfg |
| - [BUG] uri_auth: ST_SHLGNDS should be 0x00000008 not 0x0000008 |
| - [BUG] uri_auth: do not attemp to convert uri_auth -> http-request more than once |
| - [BUILD] auth: don't use unnamed unions |
| - [BUG] config: report unresolvable host names as errors |
| - [BUILD] fix build breakage with DEBUG_FULL |
| - [DOC] fix a typo about timeout check and clarify the explanation. |
| - [MEDIUM] http: don't use trash to realign large buffers |
| - [STATS] report HTTP requests (total and rate) in frontends |
| - [STATS] separate frontend and backend HTTP stats |
| - [MEDIUM] http: revert to use a swap buffer for realignment |
| - [MINOR] stats: report the request rate in frontends as cell titles |
| - [MINOR] stats: mark areas with an underline when tooltips are available |
| - [DOC] reorder some entries to maintain the alphabetical order |
| - [DOC] cleanup of the keyword matrix |
| |
| 2010/02/02 : 1.4-rc1 |
| - [MEDIUM] add a maintenance mode to servers |
| - [MINOR] http-auth: last fix was wrong |
| - [CONTRIB] add base64rev-gen.c that was used to generate the base64rev table. |
| - [MINOR] Base64 decode |
| - [MINOR] generic auth support with groups and encrypted passwords |
| - [MINOR] add ACL_TEST_F_NULL_MATCH |
| - [MINOR] http-request: allow/deny/auth support for frontend/backend/listen |
| - [MINOR] acl: add http_auth and http_auth_group |
| - [MAJOR] use the new auth framework for http stats |
| - [DOC] add info about userlists, http-request and http_auth/http_auth_group acls |
| - [STATS] make it possible to change a CLI connection timeout |
| - [BUG] patterns: copy-paste typo in type conversion arguments |
| - [MINOR] pattern: make the converter more flexible by supporting void* and int args |
| - [MINOR] standard: str2mask: string to netmask converter |
| - [MINOR] pattern: add support for argument parsers for converters |
| - [MINOR] pattern: add the "ipmask()" converting function |
| - [MINOR] config: off-by-one in "stick-table" after list of converters |
| - [CLEANUP] acl, patterns: make use of my_strndup() instead of malloc+memcpy |
| - [BUG] restore accidentely removed line in last patch ! |
| - [MINOR] checks: make the HTTP check code add the CRLF itself |
| - [MINOR] checks: add the server's status in the checks |
| - [BUILD] halog: make without arch-specific optimizations |
| - [BUG] halog: fix segfault in case of empty log in PCT mode (cherry picked from commit fe362fe4762151d209b9656639ee1651bc2b329d) |
| - [MINOR] http: disable keep-alive when process is going down |
| - [MINOR] acl: add build_acl_cond() to make it easier to add ACLs in config |
| - [CLEANUP] config: use build_acl_cond() instead of parse_acl_cond() |
| - [CLEANUP] config: use warnif_cond_requires_resp() to check for bad ACLs |
| - [MINOR] prepare req_*/rsp_* to receive a condition |
| - [CLEANUP] config: specify correct const char types to warnif_* functions |
| - [MEDIUM] config: factor out the parsing of 20 req*/rsp* keywords |
| - [MEDIUM] http: make the request filter loop check for optional conditions |
| - [MEDIUM] http: add support for conditional request filter execution |
| - [DOC] add some build info about the AIX platform (cherry picked from commit e41914c77edbc40aebf827b37542d37d758e371e) |
| - [MEDIUM] http: add support for conditional request header addition |
| - [MEDIUM] http: add support for conditional response header rewriting |
| - [DOC] add some missing ACLs about response header matching |
| - [MEDIUM] http: add support for proxy authentication |
| - [MINOR] http-auth: make the 'unless' keyword work as expected |
| - [CLEANUP] config: use build_acl_cond() to simplify http-request ACL parsing |
| - [MEDIUM] add support for anonymous ACLs |
| - [MEDIUM] http: switch to tunnel mode after status 101 responses |
| - [MEDIUM] http: stricter processing of the CONNECT method |
| - [BUG] config: reset check request to avoid double free when switching to ssl/sql |
| - [MINOR] config: fix too large ssl-hello-check message. |
| - [BUG] fix error response in case of server error |
| |
| 2010/01/25 : 1.4-dev8 |
| - [CLEANUP] Keep in sync "defaults" support between documentation and code |
| - [MEDIUM] http: add support for Proxy-Connection header |
| - [CRITICAL] buffers: buffer_insert_line2 must not change the ->w entry |
| - [MINOR] http: remove a copy-paste typo in transaction cleaning |
| - [BUG] http: trim any excess buffer data when recycling a connection |
| |
| 2010/01/25 : 1.4-dev7 |
| - [BUG] appsession: possible memory leak in case of out of memory condition |
| - [MINOR] config: don't accept 'appsession' in defaults section |
| - [MINOR] Add function to parse a size in configuration |
| - [MEDIUM] Add stick table (persistence) management functions and types |
| - [MEDIUM] Add pattern fetch management types and functions |
| - [MEDIUM] Add src dst and dport pattern fetches. |
| - [MEDIUM] Add stick table configuration and init. |
| - [MEDIUM] Add stick and store rules analysers. |
| - [MINOR] add option "mysql-check" to use MySQL health checks |
| - [BUG] health checks: fix requeued message |
| - [OPTIM] remove SSP_O_VIA and SSP_O_STATUS |
| - [BUG] checks: fix newline termination |
| - [MINOR] acl: add fe_id/so_id to match frontend's and socket's id |
| - [BUG] appsession's sessid must be reset at end of transaction |
| - [BUILD] appsession did not build anymore under gcc-2.95 |
| - [BUG] server redirection used an uninitialized string. |
| - [MEDIUM] http: fix handling of message pointers |
| - [MINOR] http: fix double slash prefix with server redirect |
| - [MINOR] http redirect: add the ability to append a '/' to the URL |
| - [BUG] stream_interface: fix retnclose and remove cond_close |
| - [MINOR] http redirect: don't explicitly state keep-alive on 1.1 |
| - [MINOR] http: move appsession 'sessid' from session to http_txn |
| - [OPTIM] reorder http_txn to optimize cache lines placement |
| - [MINOR] http: differentiate waiting for new request and waiting for a complete requst |
| - [MINOR] http: add a separate "http-keep-alive" timeout |
| - [MINOR] config: remove undocumented and buggy 'timeout appsession' |
| - [DOC] fix various too large lines |
| - [DOC] remove several trailing spaces |
| - [DOC] add the doc about stickiness |
| - [BUILD] remove a warning in standard.h on AIX |
| - [BUG] checks: chars are unsigned on AIX, check was always true |
| - [CLEANUP] stream_sock: MSG_NOSIGNAL is only for send(), not recv() |
| - [BUG] check: we must not check for error before reading a response |
| - [BUG] buffers: remove remains of wrong obsolete length check |
| - [OPTIM] stream_sock: don't shutdown(write) when the socket is in error |
| - [BUG] http: don't count req errors on client resets or t/o during keep-alive |
| - [MEDIUM] http: don't switch to tunnel mode upon close |
| - [DOC] add documentation about connection header processing |
| - [MINOR] http: add http_remove_header2() to remove a header value. |
| - [MINOR] tools: add a "word_match()" function to match words and ignore spaces |
| - [MAJOR] http: rework request Connection header handling |
| - [MAJOR] http: rework response Connection header handling |
| - [MINOR] add the ability to force kernel socket buffer size. |
| - [BUG] http_server_error() must not purge a previous pending response |
| - [OPTIM] http: don't delay response if next request is incomplete |
| - [MINOR] add the "force-persist" statement to force persistence on down servers |
| - [MINOR] http: logs must report persistent connections to down servers |
| - [BUG] buffer_replace2 must never change the ->w entry |
| |
| 2010/01/08 : 1.4-dev6 |
| - [BUILD] warning in stream_interface.h |
| - [BUILD] warning ultoa_r returns char * |
| - [MINOR] hana: only report stats if it is enabled |
| - [MINOR] stats: add "a link" & "a href" for sockets |
| - [MINOR]: stats: add show-legends to report additional informations |
| - [MEDIUM] default-server support |
| - [BUG]: add 'observer', 'on-error', 'error-limit' to supported options list |
| - [MINOR] stats: add href to tracked server |
| - [BUG] stats: show UP/DOWN status also in tracking servers |
| - [DOC] Restore ability to search a keyword at the beginning of a line |
| - [BUG] stats: cookie should be reported under backend not under proxy |
| - [BUG] cfgparser/stats: fix error message |
| - [BUG] http: disable auto-closing during chunk analysis |
| - [BUG] http: fix hopefully last closing issue on data forwarding |
| - [DEBUG] add an http_silent_debug function to debug HTTP states |
| - [MAJOR] http: fix again the forward analysers |
| - [BUG] http_process_res_common() must not skip the forward analyser |
| - [BUG] http: some possible missed close remain in the forward chain |
| - [BUG] http: redirect needed to be updated after recent changes |
| - [BUG] http: don't set no-linger on response in case of forced close |
| - [MEDIUM] http: restore the original behaviour of option httpclose |
| - [TESTS] add a file to test various connection modes |
| - [BUG] http: check options before the connection header |
| - [MAJOR] session: fix the order by which the analysers are run |
| - [MEDIUM] session: also consider request analysers added during response |
| - [MEDIUM] http: make safer use of the DONT_READ and AUTO_CLOSE flags |
| - [BUG] http: memory leak with captures when using keep-alive |
| - [BUG] http: fix for capture memory leak was incorrect |
| - [MINOR] http redirect: use proper call to return last response |
| - [MEDIUM] http: wait for some flush of the response buffer before a new request |
| - [MEDIUM] session: limit the number of analyser loops |
| |
| 2010/01/03 : 1.4-dev5 |
| - [MINOR] server tracking: don't care about the tracked server's mode |
| - [MEDIUM] appsession: add "len", "prefix" and "mode" options |
| - [MEDIUM] appsession: add the "request-learn" option |
| - [BUG] Configuration parser bug when escaping characters |
| - [MINOR] CSS & HTML fun |
| - [MINOR] Collect & provide http response codes received from servers |
| - [BUG] Fix silly typo: hspr_other -> hrsp_other |
| - [MINOR] Add "a name" to stats page |
| - [MINOR] add additional "a href"s to stats page |
| - [MINOR] Collect & provide http response codes for frontends, fix backends |
| - [DOC] some small spell fixes and unifications |
| - [MEDIUM] Decrease server health based on http responses / events, version 3 |
| - [BUG] format '%d' expects type 'int', but argument 5 has type 'long int' |
| - [BUG] config: fix erroneous check on cookie domain names, again |
| - [BUG] Healthchecks: get a proper error code if connection cannot be completed immediately |
| - [DOC] trivial fix for man page |
| - [MINOR] config: report all supported options for the "bind" keyword |
| - [MINOR] tcp: add support for the defer_accept bind option |
| - [MINOR] unix socket: report the socket path in case of bind error |
| - [CONTRIB] halog: support searching by response time |
| - [DOC] add a reminder about obsolete documents |
| - [DOC] point to 1.4 doc, not 1.3 |
| - [DOC] option tcp-smart-connect was missing from index |
| - [MINOR] http: detect connection: close earlier |
| - [CLEANUP] sepoll: clean up the fd_clr/fd_set functions |
| - [OPTIM] move some rarely used fields out of fdtab |
| - [MEDIUM] fd: merge fd_list into fdtab |
| - [MAJOR] buffer: flag BF_DONT_READ to disable reads when not required |
| - [MINOR] http: add new transaction flags for keep-alive and content-length |
| - [MEDIUM] http request: parse connection, content-length and transfer-encoding |
| - [MINOR] http request: update the TX_SRV_CONN_KA flag on rewrite |
| - [MINOR] http request: simplify the test of no-data |
| - [MEDIUM] http request: simplify POST length detection |
| - [MEDIUM] http request: make use of pre-parsed transfer-encoding header |
| - [MAJOR] http: create the analyser which waits for a response |
| - [MINOR] http: pre-set the persistent flags in the transaction |
| - [MEDIUM] http response: check body length and set transaction flags |
| - [MINOR] http response: update the TX_CLI_CONN_KA flag on rewrite |
| - [MINOR] http: remove the last call to stream_int_return |
| - [IMPORT] import ebtree v5.0 into directory ebtree/ |
| - [MEDIUM] build: switch ebtree users to use new ebtree version |
| - [CLEANUP] ebtree: remove old unused files |
| - [BUG] definitely fix regparm issues between haproxy core and ebtree |
| - [CLEANUP] ebtree: cast to char * to get rid of gcc warning |
| - [BUILD] missing #ifndef in ebmbtree.h |
| - [BUILD] missing #ifndef in ebsttree.h |
| - [MINOR] tools: add hex2i() function to convert hex char to int |
| - [MINOR] http: create new MSG_BODY sub-states |
| - [BUG] stream_sock: BUF_INFINITE_FORWARD broke splice on 64-bit platforms |
| - [DOC] option is "defer-accept", not "defer_accept" |
| - [MINOR] http: keep pointer to beginning of data |
| - [BUG] x-original-to: name was not set in default instance |
| - [MINOR] http: detect tunnel mode and set it in the session |
| - [BUG] config: fix error message when config file is not found |
| - [BUG] config: fix wrong handling of too large argument count |
| - [BUG] config: disable 'option httplog' on TCP proxies |
| - [BUG] config: fix erroneous check on cookie domain names |
| - [BUG] config: cookie domain was ignored in defaults sections |
| - [MINOR] config: support passing multiple "domain" statements to cookies |
| - [MINOR] ebtree: add functions to lookup non-null terminated strings |
| - [MINOR] config: don't report error on all subsequent files on failure |
| - [BUG] second fix for the printf format warning |
| - [BUG] check_post: limit analysis to the buffer length |
| - [MEDIUM] http: process request body in a specific analyser |
| - [MEDIUM] backend: remove HTTP POST parsing from get_server_ph_post() |
| - [MAJOR] http: completely process the "connection" header |
| - [MINOR] http: only consider chunk encoding with HTTP/1.1 |
| - [MAJOR] buffers: automatically compute the maximum buffer length |
| - [MINOR] http: move the http transaction init/cleanup code to proto_http |
| - [MINOR] http: move 1xx handling earlier to eliminate a lot of ifs |
| - [MINOR] http: introduce a new synchronisation state : HTTP_MSG_DONE |
| - [MEDIUM] http: rework chunk-size parser |
| - [MEDIUM] http: add a new transaction flags indicating if we know the transfer length |
| - [MINOR] buffers: add buffer_ignore() to skip some bytes |
| - [BUG] http: offsets are relative to the buffer, not to ->som |
| - [MEDIUM] http: automatically re-aling request buffer |
| - [BUG] http: body parsing must consider the start of message |
| - [MINOR] new function stream_int_cond_close() |
| - [MAJOR] http: implement body parser |
| - [BUG] http: typos on several unlikely() around header insertion |
| - [BUG] stream_sock: wrong max computation on recv |
| - [MEDIUM] http: rework the buffer alignment logic |
| - [BUG] buffers: wrong size calculation for displaced data |
| - [MINOR] stream_sock: prepare for closing when all pending data are sent |
| - [MEDIUM] http: add two more states for the closing period |
| - [MEDIUM] http: properly handle "option forceclose" |
| - [MINOR] stream_sock: add SI_FL_NOLINGER for faster close |
| - [MEDIUM] http: make forceclose use SI_FL_NOLINGER |
| - [MEDIUM] session: set SI_FL_NOLINGER when aborting on write timeouts |
| - [MEDIUM] http: add some SI_FL_NOLINGER around server errors |
| - [MINOR] config: option forceclose is valid in frontends too |
| - [BUILD] halog: insufficient include path in makefile |
| - [MEDIUM] http: make the analyser not rely on msg being initialized anymore |
| - [MEDIUM] http: make the parsers able to wait for a buffer flush |
| - [MAJOR] http: add support for option http-server-close |
| - [BUG] http: ensure we abort data transfer on write error |
| - [BUG] last fix was overzealous and disabled server-close |
| - [BUG] http: fix erroneous trailers size computation |
| - [MINOR] stream_sock: enable MSG_MORE when forwarding finite amount of data |
| - [OPTIM] http: set MSG_MORE on response when a pipelined request is pending |
| - [BUG] http: redirects were broken by chunk changes |
| - [BUG] http: the request URI pointer is relative to the buffer |
| - [OPTIM] http: don't immediately enable reading on request |
| - [MINOR] http: move redirect messages to HTTP/1.1 with a content-length |
| - [BUG] http: take care of errors, timeouts and aborts during the data phase |
| - [MINOR] http: don't wait for sending requests to the server |
| - [MINOR] http: make the conditional redirect support keep-alive |
| - [BUG] http: fix cookie parser to support spaces and commas in values |
| - [MINOR] config: some options were missing for "redirect" |
| - [MINOR] redirect: add support for unconditional rules |
| - [MINOR] config: centralize proxy struct initialization |
| - [MEDIUM] config: remove the limitation of 10 reqadd/rspadd statements |
| - [MEDIUM] config: remove the limitation of 10 config files |
| - [CLEANUP] http: remove a remaining impossible condition |
| - [OPTIM] http: optimize a bit the construct of the forward loops |
| |
| 2009/10/12 : 1.4-dev4 |
| - [DOC] add missing rate_lim and rate_max |
| - [MAJOR] struct chunk rework |
| - [MEDIUM] Health check reporting code rework + health logging, v3 |
| - [BUG] check if rise/fall has an argument and it is > 0 |
| - [MINOR] health checks logging unification |
| - [MINOR] add "description", "node" and show-node"/"show-desc", remove "node-name", v2 |
| - [MINOR] Allow dots in show-node & add "white-space: nowrap" in th.pxname. |
| - [DOC] Add information about http://haproxy.1wt.eu/contrib.html |
| - [MINOR] Introduce include/types/counters.h |
| - [CLEANUP] Move counters to dedicated structures |
| - [MINOR] Add "clear counters" to clear statistics counters |
| - [MEDIUM] Collect & provide separate statistics for sockets, v2 |
| - [BUG] Fix NULL pointer dereference in stats_check_uri_auth(), v2 |
| - [MINOR] acl: don't report valid acls as potential mistakes |
| - [MINOR] Add cut_crlf(), ltrim(), rtrim() and alltrim() |
| - [MINOR] Add chunk_htmlencode and chunk_asciiencode |
| - [MINOR] Capture & display more data from health checks, v2 |
| - [BUG] task.c: don't assing last_timer to node-less entries |
| - [BUG] http stats: large outputs sometimes got some parts chopped off |
| - [MINOR] backend: export some functions to recount servers |
| - [MINOR] backend: uninline some LB functions |
| - [MINOR] include time.h from freq_ctr.h as is uses "now". |
| - [CLEANUP] backend: move LB algos to individual files |
| - [MINOR] lb_map: reorder code in order to ease integration of new hash functions |
| - [CLEANUP] proxy: move last lb-specific bits to their respective files |
| - [MINOR] backend: separate declarations of LB algos from their lookup method |
| - [MINOR] backend: reorganize the LB algorithm selection |
| - [MEDIUM] backend: introduce the "static-rr" LB algorithm |
| - [MINOR] report list of supported pollers with -vv |
| - [DOC] log-health-checks is an option, not a directive |
| - [MEDIUM] new option "independant-streams" to stop updating read timeout on writes |
| - [BUG] stats: don't call buffer_shutw(), but ->shutw() instead |
| - [MINOR] stats: strip CR and LF from the input command line |
| - [BUG] don't refresh timeouts late after detected activity |
| - [MINOR] stats_dump_errors_to_buffer: use buffer_feed_chunk() |
| - [MINOR] stats_dump_sess_to_buffer: use buffer_feed_chunk() |
| - [MINOR] stats: make stats_dump_raw_to_buffer() use buffer_feed_chunk |
| - [MEDIUM] stats: don't use s->ana_state anymore |
| - [MINOR] remove now obsolete ana_state from the session struct |
| - [MEDIUM] stats: make HTTP stats use an I/O handler |
| - [MEDIUM] stream_int: adjust WAIT_ROOM handling |
| - [BUG] config: look for ID conflicts in all sockets, not only last ones. |
| - [MINOR] config: reference file and line with any listener/proxy/server declaration |
| - [MINOR] config: report places of duplicate names or IDs |
| - [MINOR] config: add pointer to file name in block/redirect/use_backend/monitor rules |
| - [MINOR] tools: add a new get_next_id() function |
| - [MEDIUM] config: automatically find unused IDs for proxies, servers and listeners |
| - [OPTIM] counters: move some max numbers to the counters struct |
| - [BUG] counters: fix segfault on missing counters for a listener |
| - [MEDIUM] backend: implement consistent hashing variation |
| - [MINOR] acl: add fe_conn, be_conn, queue, avg_queue |
| - [MINOR] stats: use 'clear counters all' to clear all values |
| - [MEDIUM] add access restrictions to the stats socket |
| - [MINOR] buffers: add buffer_feed2() and make buffer_feed() measure string length |
| - [MINOR] proxy: provide function to retrieve backend/server pointers |
| - [MINOR] add the "initial weight" to the server struct. |
| - [MEDIUM] stats: add the "get weight" command to report a server's weight |
| - [MEDIUM] stats: add the "set weight" command |
| - [BUILD] add a 'make tags' target |
| - [MINOR] stats: add support for numeric IDs in set weight/get weight |
| - [MINOR] stats: use a dedicated state to output static data |
| - [OPTIM] stats: check free space before trying to print |
| |
| 2009/09/24 : 1.4-dev3 |
| - [BUILD] compilation of haproxy-1.4-dev2 on FreeBSD |
| - [MEDIUM] Collect & show information about last health check, v3 |
| - [MINOR] export the hostname variable so that all the code can access it |
| - [MINOR] stats: add a new node-name setting |
| - [MEDIUM] remove old experimental tcpsplice option |
| - [BUILD] fix build for systems without SOL_TCP |
| - [MEDIUM] move connection establishment from backend to the SI. |
| - [MEDIUM] make the global stats socket part of a frontend |
| - [MEDIUM] session: account per-listener connections |
| - [MINOR] session: switch to established state if no connect function |
| - [MEDIUM] make the unix stats sockets use the generic session handler |
| - [CLEANUP] unix: remove uxst_process_session() |
| - [CLEANUP] move remaining stats sockets code to dumpstats |
| - [MINOR] move the initial task's nice value to the listener |
| - [MINOR] cleanup set_session_backend by using pre-computed analysers |
| - [MINOR] set s->srv_error according to the analysers |
| - [MEDIUM] set rep->analysers from fe and be analysers |
| - [MEDIUM] replace BUFSIZE with buf->size in computations |
| - [MEDIUM] make it possible to change the buffer size in the configuration |
| - [MEDIUM] report error on buffer writes larger than buffer size |
| - [MEDIUM] stream_interface: add and use ->update function to resync |
| - [CLEANUP] remove ifdef MSG_NOSIGNAL and define it instead |
| - [MEDIUM] remove TCP_CORK and make use of MSG_MORE instead |
| - [BUG] tarpit did not work anymore |
| - [MINOR] acl: add support for hdr_ip to match IP addresses in headers |
| - [MAJOR] buffers: fix misuse of the BF_SHUTW_NOW flag |
| - [MINOR] buffers: provide more functions to handle buffer data |
| - [MEDIUM] buffers: provide new buffer_feed*() function |
| - [MINOR] buffers: add peekchar and peekline functions for stream interfaces |
| - [MINOR] buffers: provide buffer_si_putchar() to send a char from a stream interface |
| - [BUG] buffer_forward() would not correctly consider data already scheduled |
| - [MINOR] buffers: add buffer_cut_tail() to cut only unsent data |
| - [MEDIUM] stream_interface: make use of buffer_cut_tail() to report errors |
| - [MAJOR] http: add support for HTTP 1xx informational responses |
| - [MINOR] buffers: inline buffer_si_putchar() |
| - [MAJOR] buffers: split BF_WRITE_ENA into BF_AUTO_CONNECT and BF_AUTO_CLOSE |
| - [MAJOR] buffers: fix the BF_EMPTY flag's meaning |
| - [BUG] stream_interface: SI_ST_CLO must have buffers SHUT |
| - [MINOR] stream_sock: don't set SI_FL_WAIT_DATA if BF_SHUTW_NOW is set |
| - [MEDIUM] add support for infinite forwarding |
| - [BUILD] stream_interface: fix conflicting declaration |
| - [BUG] buffers: buffer_forward() must not always clear BF_OUT_EMPTY |
| - [BUG] variable buffer size ignored at initialization time |
| - [MINOR] ensure that buffer_feed() and buffer_skip() set BF_*_PARTIAL |
| - [BUG] fix buffer_skip() and buffer_si_getline() to correctly handle wrap-arounds |
| - [MINOR] stream_interface: add SI_FL_DONT_WAKE flag |
| - [MINOR] stream_interface: add iohandler callback |
| - [MINOR] stream_interface: add functions to support running as internal/external tasks |
| - [MEDIUM] session: call iohandler for embedded tasks (applets) |
| - [MINOR] add a ->private member to the stream_interface |
| - [MEDIUM] stats: prepare the connection for closing before dumping |
| - [MEDIUM] stats: replace the stats socket analyser with an SI applet |
| |
| 2009/08/09 : 1.4-dev2 |
| - [BUG] task: fix possible crash when some timeouts are not configured |
| - [BUG] log: option tcplog would log to global if no logger was defined |
| |
| 2009/07/29 : 1.4-dev1 |
| - [MINOR] acl: add support for matching of RDP cookies |
| - [MEDIUM] add support for RDP cookie load-balancing |
| - [MEDIUM] add support for RDP cookie persistence |
| - [MINOR] add a new CLF log format |
| - [MINOR] startup: don't imply -q with -D |
| - [BUG] ensure that we correctly re-start old process in case of error |
| - [MEDIUM] add support for binding to source port ranges during connect |
| - [MINOR] config: track "no option"/"option" changes |
| - [MINOR] config: support resetting options do default values |
| - [MEDIUM] implement option tcp-smart-accept at the frontend |
| - [MEDIUM] stream_sock: implement tcp-cork for use during shutdowns on Linux |
| - [MEDIUM] implement tcp-smart-connect option at the backend |
| - [MEDIUM] add support for TCP MSS adjustment for listeners |
| - [MEDIUM] support setting a server weight to zero |
| - [MINOR] make DEFAULT_MAXCONN user-configurable at build time |
| - [MAJOR] session: don't clear buffer status flags anymore |
| - [MAJOR] session: only check for timeouts when they have just occurred. |
| - [MAJOR] session: simplify buffer error handling |
| - [MEDIUM] config: split parser and checker in two functions |
| - [MEDIUM] config: support loading multiple configuration files |
| - [MEDIUM] stream_sock: don't close prematurely when nolinger is set |
| - [MEDIUM] session: rework buffer analysis to permit permanent analysers |
| - [MEDIUM] splice: set the capability on each stream_interface |
| - [BUG] http: redirect rules were processed too early |
| - [CLEANUP] remove unused DEBUG_PARSE_NO_SPEEDUP define |
| - [MEDIUM] http: split request waiter from request processor |
| - [MEDIUM] session: tell analysers what bit they were called for |
| - [MAJOR] http: complete splitting of the remaining stages |
| - [MINOR] report in the proxies the requirements for ACLs |
| - [MINOR] http: rely on proxy->acl_requires to allocate hdr_idx |
| - [MINOR] acl: add HTTP protocol detection (req_proto_http) |
| - [MINOR] prepare callers of session_set_backend to handle errors |
| - [BUG] default ACLs did not properly set the ->requires flag |
| - [MEDIUM] allow a TCP frontend to switch to an HTTP backend |
| - [MINOR] ensure we can jump from swiching rules to http without data |
| - [MINOR] http: take http request timeout from the backend |
| - [MINOR] allow TCP inspection rules to make use of HTTP ACLs |
| - [BUILD] report commit date and not author's date as build date |
| - [MINOR] acl: don't complain anymore when using L7 acls in TCP |
| - [BUG] stream_sock: always shutdown(SHUT_WR) before closing |
| - [BUG] stream_sock: don't stop reading when the poller reports an error |
| - [BUG] config: tcp-request content only accepts "if" or "unless" |
| - [BUG] task: fix possible timer drift after update |
| - [MINOR] apply tcp-smart-connect option for the checks too |
| - [MINOR] stats: better displaying in MSIE |
| - [MINOR] config: improve error reporting in global section |
| - [MINOR] config: improve error reporting in listen sections |
| - [MINOR] config: the "capture" keyword is not allowed in backends |
| - [MINOR] config: improve error reporting when checking configuration |
| - [BUILD] fix a minor build warning on AIX |
| - [BUILD] use "git cmd" instead of "git-cmd" |
| - [CLEANUP] report 2009 not 2008 in the copyright banner. |
| - [MINOR] print usage on the stats sockets upon invalid commands |
| - [MINOR] acl: detect and report potential mistakes in ACLs |
| - [BUILD] fix incorrect printf arg count with tcp_splice |
| - [BUG] fix random pauses on last segment of a series |
| - [BUILD] add support for build under Cygwin |
| |
| 2009/06/09 : 1.4-dev0 |
| - exact copy of 1.3.18 |
| |
| 2009/05/10 : 1.3.18 |
| - [MEDIUM] add support for "balance hdr(name)" |
| - [CLEANUP] give a little bit more information in error message |
| - [MINOR] add X-Original-To: header |
| - [BUG] x-original-to: fix missing initialization to default value |
| - [BUILD] spec file: fix broken pipe during rpmbuild and add man file |
| - [MINOR] improve reporting of misplaced acl/reqxxx rules |
| - [MEDIUM] http: add options to ignore invalid header names |
| - [MEDIUM] http: capture invalid requests/responses even if accepted |
| - [BUILD] add format(printf) to printf-like functions |
| - [MINOR] fix several printf formats and missing arguments |
| - [BUG] stats: total and lbtot are unsigned |
| - [MINOR] fix a few remaining printf-like formats on 64-bit platforms |
| - [CLEANUP] remove unused make option from haproxy.spec |
| - [BUILD] make it possible to pass alternative arch at build time |
| - [MINOR] switch all stat counters to 64-bit |
| - [MEDIUM] ensure we don't recursively call pool_gc2() |
| - [CRITICAL] uninitialized response field can sometimes cause crashes |
| - [BUG] fix wrong pointer arithmetics in HTTP message captures |
| - [MINOR] rhel init script : support the reload operation |
| - [MINOR] add basic signal handling functions |
| - [BUILD] add signal.o to all makefiles |
| - [MEDIUM] call signal_process_queue from run_poll_loop |
| - [MEDIUM] pollers: don't wait if a signal is pending |
| - [MEDIUM] convert all signals to asynchronous signals |
| - [BUG] O(1) pollers should check their FD before closing it |
| - [MINOR] don't close stdio fds twice |
| - [MINOR] add options dontlog-normal and log-separate-errors |
| - [DOC] minor fixes and rearrangements |
| - [BUG] fix parser crash on unconditional tcp content rules |
| - [DOC] rearrange the configuration manual and add a summary |
| - [MINOR] standard: provide a new 'my_strndup' function |
| - [MINOR] implement per-logger log level limitation |
| - [MINOR] compute the max of sessions/s on fe/be/srv |
| - [MINOR] stats: report max sessions/s and limit in CSV export |
| - [MINOR] stats: report max sessions/s and limit in HTML stats |
| - [MINOR] stats/html: use the arial font before helvetica |
| |
| 2009/03/29 : 1.3.17 |
| - Update specfile to build for v2.6 kernel. |
| - [BUG] reset the stream_interface connect timeout upon connect or error |
| - [BUG] reject unix accepts when connection limit is reached |
| - [MINOR] show sess: report number of calls to each task |
| - [BUG] don't call epoll_ctl() on closed sockets |
| - [BUG] stream_sock: disable I/O on fds reporting an error |
| - [MINOR] sepoll: don't count two events on the same FD. |
| - [MINOR] show sess: report a lot more information about sessions |
| - [BUG] stream_sock: check for shut{r,w} before refreshing some timeouts |
| - [BUG] don't set an expiration date directly from now_ms |
| - [MINOR] implement ulltoh() to write HTML-formatted numbers |
| - [MINOR] stats/html: group digits by 3 to clarify numbers |
| - [BUILD] remove haproxy-small.spec |
| - [BUILD] makefile: remove unused references to linux24eold and EPOLL_CTL_WORKAROUND |
| |
| 2009/03/22 : 1.3.16 |
| - [BUILD] Fixed Makefile for linking pcre |
| - [CONTRIB] selinux policy for haproxy |
| - [MINOR] show errors: encode backslash as well as non-ascii characters |
| - [MINOR] cfgparse: some cleanups in the consistency checks |
| - [MINOR] cfgparse: set backends to "balance roundrobin" by default |
| - [MINOR] tcp-inspect: permit the use of no-delay inspection |
| - [MEDIUM] reverse internal proxy declaration order to match configuration |
| - [CLEANUP] config: catch and report some possibly wrong rule ordering |
| - [BUG] connect timeout is in the stream interface, not the buffer |
| - [BUG] session: errors were not reported in termination flags in TCP mode |
| - [MINOR] tcp_request: let the caller take care of errors and timeouts |
| - [CLEANUP] http: remove some commented out obsolete code in process_response |
| - [MINOR] update ebtree to version 4.1 |
| - [MEDIUM] scheduler: get rid of the 4 trees thanks and use ebtree v4.1 |
| - [BUG] sched: don't leave 3 lasts tasks unprocessed when niced tasks are present |
| - [BUG] scheduler: fix improper handling of duplicates __task_queue() |
| - [MINOR] sched: permit a task to stay up between calls |
| - [MINOR] task: keep a task count and clean up task creators |
| - [MINOR] stats: report number of tasks (active and running) |
| - [BUG] server check intervals must not be null |
| - [OPTIM] stream_sock: don't retry to read after a large read |
| - [OPTIM] buffer: new BF_READ_DONTWAIT flag reduces EAGAIN rates |
| - [MEDIUM] session: don't resync FSMs on non-interesting changes |
| - [BUG] check for global.maxconn before doing accept() |
| - [OPTIM] sepoll: do not re-check whole list upon accepts |
| |
| 2009/03/09 : 1.3.16-rc2 |
| - [BUG] stream_sock: write timeout must be updated when forwarding ! |
| |
| 2009/03/09 : 1.3.16-rc1 |
| - appsessions: cleanup DEBUG_HASH and initialize request_counter |
| - [MINOR] acl: add new keyword "connslots" |
| - [MINOR] cfgparse: fix off-by 2 in error message size |
| - [BUILD] fix build with gcc 4.3 |
| - [BUILD] fix MANDIR default location to match documentation |
| - [TESTS] add a debug patch to help trigger the stats bug |
| - [BUG] Flush buffers also where there are exactly 0 bytes left |
| - [MINOR] Allow to specify a domain for a cookie |
| - [BUG/CLEANUP] cookiedomain -> cookie_domain rename + free(p->cookie_domain) |
| - [MEDIUM] Fix memory freeing at exit |
| - [MEDIUM] Fix memory freeing at exit, part 2 |
| - [BUG] Fix listen & more of 2 couples <ip>:<port> |
| - [DOC] remove buggy comment for use_backend |
| - [CRITICAL] fix server state tracking: it was O(n!) instead of O(n) |
| - [MEDIUM] add support for URI hash depth and length limits |
| - [MINOR] permit renaming of x-forwarded-for header |
| - [BUILD] fix Makefile.bsd and Makefile.osx for stream_interface |
| - [BUILD] Haproxy won't compile if DEBUG_FULL is defined |
| - [MEDIUM] upgrade to ebtree v4.0 |
| - [DOC] update the README file with new build options |
| - [MEDIUM] reduce risk of event starvation in ev_sepoll |
| - [MEDIUM] detect streaming buffers and tag them as such |
| - [MEDIUM] add support for conditional HTTP redirection |
| - [BUILD] make install should depend on haproxy not "all" |
| - [DEBUG] add a TRACE macro to facilitate runtime data extraction |
| - [BUG] event pollers must not wait if a task exists in the run queue |
| - [BUG] queue management: wake oldest request in queues |
| - [BUG] log: reported queue position was offed-by-one |
| - [BUG] fix the dequeuing logic to ensure that all requests get served |
| - [DOC] documentation for the "retries" parameter was missing. |
| - [MEDIUM] implement a monotonic internal clock |
| - [MEDIUM] further improve monotonic clock by check forward jumps |
| - [OPTIM] add branch prediction hints in list manipulations |
| - [MAJOR] replace ultree with ebtree in wait-queues |
| - [BUG] we could segfault during exit while freeing uri_auths |
| - [BUG] wqueue: perform proper timeout comparisons with wrapping values |
| - [MINOR] introduce now_ms, the current date in milliseconds |
| - [BUG] disable buffer read timeout when reading stats |
| - [MEDIUM] rework the wait queue mechanism |
| - [BUILD] change declaration of base64tab to fix build with Intel C++ |
| - [OPTIM] shrink wake_expired_tasks() by using task_wakeup() |
| - [MAJOR] use an ebtree instead of a list for the run queue |
| - [MEDIUM] introduce task->nice and boot access to statistics |
| - [OPTIM] task_queue: assume most consecutive timers are equal |
| - [BUILD] silent a warning in unlikely() with gcc 4.x |
| - [MAJOR] convert all expiration timers from timeval to ticks |
| - [BUG] use_backend would not correctly consider "unless" |
| - [TESTS] added test-acl.cfg to test some ACL combinations |
| - [MEDIUM] add support for configuration keyword registration |
| - [MEDIUM] modularize the global "stats" keyword configuration parser |
| - [MINOR] cfgparse: add support for warnings in external functions |
| - [MEDIUM] modularize the "timeout" keyword configuration parser |
| - [MAJOR] implement tcp request content inspection |
| - [MINOR] acl: add a new parsing function: parse_dotted_ver |
| - [MINOR] acl: add req_ssl_ver in TCP, to match an SSL version |
| - [CLEANUP] remove unused include/types/client.h |
| - [CLEANUP] remove many #include <types/xxx> from C files |
| - [CLEANUP] remove dependency on obsolete INTBITS macro |
| - [DOC] document the new "tcp-request" keyword and associated ACLs |
| - [MINOR] acl: add REQ_CONTENT to the list of default acls |
| - [MEDIUM] acl: permit fetch() functions to set the result themselves |
| - [MEDIUM] acl: get rid of dummy values in always_true/always_false |
| - [MINOR] acl: add the "wait_end" acl verb |
| - [MEDIUM] acl: enforce ACL type checking |
| - [MEDIUM] acl: set types on all currently known ACL verbs |
| - [MEDIUM] acl: when possible, report the name and requirements of ACLs in warnings |
| - [CLEANUP] remove 65 useless NULL checks before free |
| - [MEDIUM] memory: update pool_free2() to support NULL pointers |
| - [MEDIUM] buffers: ensure buffer_shut* are properly called upon shutdowns |
| - [MEDIUM] process_srv: rely on buffer flags for client shutdown |
| - [MEDIUM] process_srv: don't rely at all on client state |
| - [MEDIUM] process_cli: don't rely at all on server state |
| - [BUG] fix segfault with url_param + check_post |
| - [BUG] server timeout was not considered in some circumstances |
| - [BUG] client timeout incorrectly rearmed while waiting for server |
| - [MAJOR] kill CL_STINSPECT and CL_STHEADERS (step 1) |
| - [MAJOR] get rid of SV_STANALYZE (step 2) |
| - [MEDIUM] simplify and centralize request timeout cancellation and request forwarding |
| - [MAJOR] completely separate HTTP and TCP states on the request path |
| - [BUG] fix recently introduced loop when client closes early |
| - [MAJOR] get rid of the SV_STHEADERS state |
| - [MAJOR] better separation of response processing and server state |
| - [MAJOR] clearly separate HTTP response processing from TCP server state |
| - [MEDIUM] remove unused references to {CL|SV}_STSHUT* |
| - [MINOR] term_trace: add better instrumentations to trace the code |
| - [BUG] ev_sepoll: closed file descriptors could persist in the spec list |
| - [BUG] process_response must not enable the read FD |
| - [BUG] buffers: remove BF_MAY_CONNECT and fix forwarding issue |
| - [BUG] process_response: do not touch srv_state |
| - [BUG] maintain_proxies must not disable backends |
| - [CLEANUP] get rid of BF_SHUT*_PENDING |
| - [MEDIUM] buffers: add BF_EMPTY and BF_FULL to remove dependency on req/rep->l |
| - [MAJOR] process_session: rely only on buffer flags |
| - [MEDIUM] use buffer->wex instead of buffer->cex for connect timeout |
| - [MEDIUM] centralize buffer timeout checks at the top of process_session |
| - [MINOR] ensure the termination flags are set by process_xxx |
| - [MEDIUM] session: move the analysis bit field to the buffer |
| - [OPTIM] process_cli/process_srv: reduce the number of tests |
| - [BUG] regparm is broken on gcc < 3 |
| - [BUILD] fix warning in proto_tcp.c with gcc >= 4 |
| - [MEDIUM] merge inspect_exp and txn->exp into request buffer |
| - [BUG] process_cli/process_srv: don't call shutdown when already done |
| - [BUG] process_request: HTTP body analysis must return zero if missing data |
| - [TESTS] test-fsm: 22 regression tests for state machines |
| - [BUG] Fix empty X-Forwarded-For header name when set in defaults section |
| - [BUG] fix harmless but wrong fd insertion sequence |
| - [MEDIUM] make it possible for analysers to follow the whole session |
| - [MAJOR] rework of the server FSM |
| - [OPTIM] remove useless fd_set(read) upon shutdown(write) |
| - [MEDIUM] massive cleanup of process_srv() |
| - [MEDIUM] second level of code cleanup for process_srv_data |
| - [MEDIUM] third cleanup and optimization of process_srv_data() |
| - [MEDIUM] process_srv_data: ensure that we always correctly re-arm timeouts |
| - [MEDIUM] stream_sock_process_data moved to stream_sock.c |
| - [MAJOR] make the client side use stream_sock_process_data() |
| - [MEDIUM] split stream_sock_process_data |
| - [OPTIM] stream_sock_read must check for null-reads more often |
| - [MINOR] only call flow analysers when their read side is connected. |
| - [MEDIUM] reintroduce BF_HIJACK with produce_content |
| - [MINOR] re-arrange buffer flags and rename some of them |
| - [MINOR] do not check for BF_SHUTR when computing write timeout |
| - [OPTIM] ev_sepoll: detect newly created FDs and check them once |
| - [OPTIM] reduce the number of calls to task_wakeup() |
| - [OPTIM] force inlining of large functions with gcc >= 3 |
| - [MEDIUM] indicate a reason for a task wakeup |
| - [MINOR] change type of fdtab[]->owner to void* |
| - [MAJOR] make stream sockets aware of the stream interface |
| - [MEDIUM] stream interface: add the ->shutw method as well as in and out buffers |
| - [MEDIUM] buffers: add BF_READ_ATTACHED and BF_ANA_TIMEOUT |
| - [MEDIUM] process_session: make use of the new buffer flags |
| - [CLEANUP] process_session: move debug outputs out of the critical loop |
| - [MEDIUM] move QUEUE and TAR timers to stream interfaces |
| - [OPTIM] add compiler hints in tick_is_expired() |
| - [MINOR] add buffer_check_timeouts() to check what timeouts have fired. |
| - [MEDIUM] use buffer_check_timeouts instead of stream_sock_check_timeouts() |
| - [MINOR] add an expiration flag to the stream_sock_interface |
| - [MAJOR] migrate the connection logic to stream interface |
| - [MAJOR] add a connection error state to the stream_interface |
| - [MEDIUM] add the SN_CURR_SESS flag to the session to track open sessions |
| - [MEDIUM] continue layering cleanups. |
| - [MEDIUM] stream_interface: added a DISconnected state between CON/EST and CLO |
| - [MEDIUM] remove stream_sock_update_data() |
| - [MINOR] maintain a global session list in order to ease debugging |
| - [BUG] shutw must imply close during a connect |
| - [MEDIUM] process shutw during connection attempt |
| - [MEDIUM] make the stream interface control the SHUT{R,W} bits |
| - [MAJOR] complete layer4/7 separation |
| - [CLEANUP] move the session-related functions to session.c |
| - [MINOR] call session->do_log() for logging |
| - [MINOR] replace the ambiguous client_return function by stream_int_return |
| - [MINOR] replace client_retnclose() with stream_int_retnclose() |
| - [MINOR] replace srv_close_with_err() with http_server_error() |
| - [MEDIUM] make the http server error function a pointer in the session |
| - [CLEANUP] session.c: removed some migration left-overs in sess_establish() |
| - [MINOR] stream_sock_data_finish() should not expose fd |
| - [MEDIUM] extract TCP request processing from HTTP |
| - [MEDIUM] extract the HTTP tarpit code from process_request(). |
| - [MEDIUM] move the HTTP request body analyser out of process_request(). |
| - [MEDIUM] rename process_request to http_process_request |
| - [BUG] fix forgotten server session counter |
| - [MINOR] declare process_session in session.h, not proto_http.h |
| - [MEDIUM] first pass of lifting to proto_uxst.c:uxst_event_accept() |
| - [MINOR] add an analyser code for UNIX stats request |
| - [MINOR] pre-set analyser flags on the listener at registration time |
| - [BUG] do not forward close from cons to prod with analysers |
| - [MEDIUM] ensure that sock->shutw() also closes read for init states |
| - [MINOR] add an analyser state in struct session |
| - [MAJOR] make unix sockets work again with stats |
| - [MEDIUM] remove cli_fd, srv_fd, cli_state and srv_state from the session |
| - [MINOR] move the listener reference from fd to session |
| - [MEDIUM] reference the current hijack function in the buffer itself |
| - [MINOR] slightly rebalance stats_dump_{raw,http} |
| - [MINOR] add a new back-reference type : struct bref |
| - [MINOR] add back-references to sessions for later use by a dumper. |
| - [MEDIUM] add support for "show sess" in unix stats socket |
| - [BUG] do not release the connection slot during a retry |
| - [BUG] dynamic connection throttling could return a max of zero conns |
| - [BUG] do not try to pause backends during reload |
| - [BUG] ensure that listeners from disabled proxies are correctly unbound. |
| - [BUG] acl-related keywords are not allowed in defaults sections |
| - [BUG] cookie capture is declared in the frontend but checked on the backend |
| - [BUG] critical errors should be reported even in daemon mode |
| - [MINOR] redirect: add support for the "drop-query" option |
| - [MINOR] redirect: add support for "set-cookie" and "clear-cookie" |
| - [MINOR] redirect: in prefix mode a "/" means not to change the URI |
| - [BUG] do not dequeue requests on a dead server |
| - [BUG] do not dequeue the backend's pending connections on a dead server |
| - [MINOR] stats: indicate if a task is running in "show sess" |
| - [BUG] check timeout must not be changed if timeout.check is not set |
| - [BUG] "option transparent" is for backend, not frontend ! |
| - [MINOR] transfer errors were not reported anymore in data phase |
| - [MEDIUM] add a send limit to a buffer |
| - [MEDIUM] don't report buffer timeout when there is I/O activity |
| - [MEDIUM] indicate when we don't care about read timeout |
| - [MINOR] add flags to indicate when a stream interface is waiting for space/data |
| - [MEDIUM] enable inter-stream_interface wakeup calls |
| - [MAJOR] implement autonomous inter-socket forwarding |
| - [MINOR] add the splice_len member to the buffer struct in preparation of splice support |
| - [MEDIUM] stream_sock: factor out the return path in case of no-writes |
| - [MEDIUM] i/o: rework ->to_forward and ->send_max |
| - [OPTIM] stream_sock: do not ask for polling on EAGAIN if we have read |
| - [OPTIM] buffer: replace rlim by max_len |
| - [OPTIM] stream_sock: factor out the buffer full handling out of the loop |
| - [CLEANUP] replace a few occurrences of (flags & X) && !(flags & Y) |
| - [CLEANUP] stream_sock: move the write-nothing condition out of the loop |
| - [MEDIUM] split stream_sock_write() into callback and core functions |
| - [MEDIUM] stream_sock_read: call ->chk_snd whenever there are data pending |
| - [MINOR] stream_sock: fix a few wrong empty calculations |
| - [MEDIUM] stream_sock: try to send pending data on chk_snd() |
| - [MINOR] global.maxpipes: add the ability to reserve file descriptors for pipes |
| - [MEDIUM] splice: add configuration options and set global.maxpipes |
| - [MINOR] introduce structures required to support Linux kernel splicing |
| - [MEDIUM] add definitions for Linux kernel splicing |
| - [MAJOR] complete support for linux 2.6 kernel splicing |
| - [BUG] reserve some pipes for backends with splice enabled |
| - [MEDIUM] splice: add hints to support older buggy kernels |
| - [MEDIUM] introduce pipe pools |
| - [MEDIUM] splice: make use of pipe pools |
| - [STATS] report pipe usage in the statistics |
| - [OPTIM] make global.maxpipes default to global.maxconn/4 when not specified |
| - [BUILD] fix snapshot date extraction with negative timezones |
| - [MEDIUM] move global tuning options to the global structure |
| - [MEDIUM] splice: add the global "nosplice" option |
| - [BUILD] add USE_LINUX_SPLICE to enable LINUX_SPLICE on linux 2.6 |
| - [BUG] we must not exit if protocol binding only returns a warning |
| - [MINOR] add support for bind interface name |
| - [BUG] inform the user when root is expected but not set |
| - [MEDIUM] add support for source interface binding |
| - [MEDIUM] add support for source interface binding at the server level |
| - [MEDIUM] implement bind-process to limit service presence by process |
| - [DOC] document maxpipes, nosplice, option splice-{auto,request,response} |
| - [DOC] filled the logging section of the configuration manual |
| - [DOC] document HTTP status codes |
| - [DOC] document a few missing info about errorfile |
| - [BUG] fix random memory corruption using "show sess" |
| - [BUG] fix unix socket processing of interrupted output |
| - [DOC] add diagrams of queuing and future ACL design |
| - [BUILD] proto_http did not build on gcc-2.95 |
| - [BUG] the "source" keyword must first clear optional settings |
| - [BUG] global.tune.maxaccept must be limited even in mono-process mode |
| - [MINOR] ensure that http_msg_analyzer updates pointer to invalid char |
| - [MEDIUM] store a complete dump of request and response errors in proxies |
| - [MEDIUM] implement error dump on unix socket with "show errors" |
| - [DOC] document "show errors" |
| - [MINOR] errors dump must use user-visible date, not internal date. |
| - [MINOR] time: add __usec_to_1024th to convert usecs to 1024th of second |
| - [MINOR] add curr_sec_ms and curr_sec_ms_scaled for current second. |
| - [MEDIUM] measure and report session rate on frontend, backends and servers |
| - [BUG] the "connslots" keyword was matched as "connlots" |
| - [MINOR] acl: add 2 new verbs: fe_sess_rate and be_sess_rate |
| - [MEDIUM] implement "rate-limit sessions" for the frontend |
| - [BUG] interface binding: length must include the trailing zero |
| - [BUG] typo in timeout error reporting : report *res and not *err |
| - [OPTIM] maintain_proxies: only wake up when the frontend will be ready |
| - [OPTIM] rate-limit: cleaner behaviour on low rates and reduce consumption |
| - [BUG] switch server-side stream interface to close in case of abort |
| - [CLEANUP] remove last references to term_trace |
| - [OPTIM] freq_ctr: do not rotate the counters when reading |
| - [BUG] disable any analysers for monitoring requests |
| - [BUG] rate-limit in defaults section was ignored |
| - [BUG] task: fix handling of duplicate keys |
| - [OPTIM] task: don't unlink a task from a wait queue when waking it up |
| - [OPTIM] displace tasks in the wait queue only if absolutely needed |
| - [MEDIUM] minor update to the task api: let the scheduler queue itself |
| - [BUG] event_accept() must always wake the task up, even in health mode |
| - [CLEANUP] task: distinguish between clock ticks and timers |
| - [OPTIM] task: reduce the number of calls to task_queue() |
| - [OPTIM] do not re-check req buffer when only response has changed |
| - [CLEANUP] don't enable kernel splicing when socket is closed |
| - [CLEANUP] buffer_flush() was misleading, rename it as buffer_erase |
| - [MINOR] buffers: implement buffer_flush() |
| - [MEDIUM] rearrange forwarding condition to enable splice during analysis |
| - [BUILD] build fixes for Solaris |
| - [BUILD] proto_http did not build on gcc-2.95 (again) |
| - [CONTRIB] halog: fast log parser for haproxy |
| - [CONTRIB] halog: faster fgets() and add support for percentile reporting |
| |
| 2008/04/19 : 1.3.15 |
| - [BUILD] Added support for 'make install' |
| - [BUILD] Added 'install-man' make target for installing the man page |
| - [BUILD] Added 'install-bin' make target |
| - [BUILD] Added 'install-doc' make target |
| - [BUILD] Removed "/" after '$(DESTDIR)' in install targets |
| - [BUILD] Changed 'install' target to install the binaries first |
| - [BUILD] Replace hardcoded 'LD = gcc' with 'LD = $(CC)' |
| - [MEDIUM]: Inversion for options |
| - [MEDIUM]: Count retries and redispatches also for servers, fix redistribute_pending, extend logs, %d->%u cleanup |
| - [BUG]: Restore clearing t->logs.bytes |
| - [MEDIUM]: rework checks handling |
| - [DOC] Update a "contrib" file with a hint about a scheme used for formathing subjects |
| - [MEDIUM] Implement "track [<backend>/]<server>" |
| - [MINOR] Implement persistent id for proxies and servers |
| - [BUG] Don't increment server connections too much + fix retries |
| - [MEDIUM]: Prevent redispatcher from selecting the same server, version #3 |
| - [MAJOR] proto_uxst rework -> SNMP support |
| - [BUG] appsession lookup in URL does not work |
| - [BUG] transparent proxy address was ignored in backend |
| - [BUG] hot reconfiguration failed because of a wrong error check |
| - [DOC] big update to the configuration manual |
| - [DOC] large update to the configuration manual |
| - [DOC] document more options |
| - [BUILD] major rework of the GNU Makefile |
| - [STATS] add support for "show info" on the unix socket |
| - [DOC] document options forwardfor to logasap |
| - [MINOR] add support for the "backlog" parameter |
| - [OPTIM] introduce global parameter "tune.maxaccept" |
| - [MEDIUM] introduce "timeout http-request" in frontends |
| - [MINOR] tarpit timeout is also allowed in backends |
| - [BUG] increment server connections for each connect() |
| - [MEDIUM] add a turn-around state of one second after a connection failure |
| - [BUG] fix typo in redispatched connection |
| - [DOC] document options nolinger to ssl-hello-chk |
| - [DOC] added documentation for "option tcplog" to "use_backend" |
| - [BUG] connect_server: server might not exist when sending error report |
| - [MEDIUM] support fully transparent proxy on Linux (USE_LINUX_TPROXY) |
| - [MEDIUM] add non-local bind to connect() on Linux |
| - [MINOR] add transparent proxy support for balabit's Tproxy v4 |
| - [BUG] use backend's source and not server's source with tproxy |
| - [BUG] fix overlapping server flags |
| - [MEDIUM] fix server health checks source address selection |
| - [BUG] build failed on CONFIG_HAP_LINUX_TPROXY without CONFIG_HAP_CTTPROXY |
| - [DOC] added "server", "source" and "stats" keywords |
| - [DOC] all server parameters have been documented |
| - [DOC] document all req* and rsp* keywords. |
| - [DOC] added documentation about HTTP header manipulations |
| - [BUG] log response byte count, not request |
| - [BUILD] code did not build in full debug mode |
| - [BUG] fix truncated responses with sepoll |
| - [MINOR] use s->frt_addr as the server's address in transparent proxy |
| - [MINOR] fix configuration hint about timeouts |
| - [DOC] minor cleanup of the doc and notice to contributors |
| - [MINOR] report correct section type for unknown keywords. |
| - [BUILD] update MacOS Makefile to build on newer versions |
| - [DOC] fix erroneous "useallbackups" option in the doc |
| - [DOC] applied small fixes from early readers |
| - [MINOR] add configuration support for "redir" server keyword |
| - [MEDIUM] completely implement the server redirection method |
| - [TESTS] add a test case for the server redirection mechanism |
| - [DOC] add a configuration entry for "server ... redir <prefix>" |
| - [BUILD] backend.c and checks.c did not build without tproxy ! |
| - Revert "[BUILD] backend.c and checks.c did not build without tproxy !" |
| - [BUILD] backend.c and checks.c did not build without tproxy ! |
| - [OPTIM] used unsigned ints for HTTP state and message offsets |
| - [OPTIM] GCC4's builtin_expect() is suboptimal |
| - [BUG] failed conns were sometimes incremented in the frontend! |
| - [BUG] timeout.check was not pre-set to eternity |
| - [TESTS] add test-pollers.cfg to easily report pollers in use |
| - [BUG] do not apply timeout.connect in checks if unset |
| - [BUILD] ensure that makefile understands USE_DLMALLOC=1 |
| - [MINOR] silent gcc for a wrong warning |
| - [CLEANUP] update .gitignore to ignore more temporary files |
| - [CLEANUP] report dlmalloc's source path only if explictly specified |
| - [BUG] str2sun could leak a small buffer in case of error during parsing |
| - [BUG] option allbackups was not working anymore in roundrobin mode |
| - [MAJOR] implementation of the "leastconn" load balancing algorithm |
| - [BUILD] ensure that users don't build without setting the target anymore. |
| - [DOC] document the leastconn LB algo |
| - [MEDIUM] fix stats socket limitation to 16 kB |
| - [DOC] fix unescaped space in httpchk example. |
| - [BUG] fix double-decrement of server connections |
| - [TESTS] add a test case for port mapping |
| - [TESTS] add a benchmark for integer hashing |
| - [TESTS] add new methods in ip-hash test file |
| - [MAJOR] implement parameter hashing for POST requests |
| |
| 2007/12/06 : 1.3.14 |
| - New option http_proxy (Alexandre Cassen) |
| - add support for "maxqueue" to limit server queue overload (Elijah Epifanov) |
| - Check for duplicated conflicting proxies (Krzysztof Oledzki) |
| - stats: report server and backend cumulated downtime (Krzysztof Oledzki) |
| - use backends only with use_backend directive (Krzysztof Oledzki) |
| - Handle long lines properly (Krzysztof Oledzki) |
| - Implement and use generic findproxy and relax duplicated proxy check (Krzysztof Oledzki) |
| - continous statistics (Krzysztof Oledzki) |
| - add support for logging via a UNIX socket (Robert Tsai) |
| - fix error checking in strl2ic/strl2uic() |
| - fix calls to localtime() |
| - provide easier-to-use ultoa_* functions |
| - provide easy-to-use limit_r and LIM2A* macros |
| - add a simple test for the status page |
| - move error codes to common/errors.h |
| - silent warning about LIST_* being redefined on OpenBSD |
| - add socket address length to the protocols |
| - group PR_O_BALANCE_* bits into a checkable value |
| - externalize the "balance" option parser to backend.c |
| - introduce the "url_param" balance method |
| - make default_backend work in TCP mode too |
| - disable warning about localtime_r on Solaris |
| - adjust error messages about conflicting proxies |
| - avoid calling some layer7 functions if not needed |
| - simplify error path in event_accept() |
| - add an options field to the listeners |
| - added a new state to listeners |
| - unbind_listener() must use fd_delete() and not close() |
| - add a generic unbind_listener() primitive |
| - add a generic delete_listener() primitive |
| - add a generic unbind_all_listeners() primitive |
| - create proto_tcp and move initialization of proxy listeners |
| - stats: report numerical process ID, proxy ID and server ID |
| - relative_pid was not initialized |
| - missing header names in raw stats output |
| - fix missing parenthesis in check_response_for_cacheability |
| - small optimization on session_process_counters() |
| - merge ebtree version 3.0 |
| - make ebtree headers multiple-include compatible |
| - ebtree: include config.h for REGPRM* |
| - differentiate between generic LB params and map-specific ones |
| - add a weight divisor to the struct proxy |
| - implement the Fast Weighted Round Robin (FWRR) algo |
| - include filltab25.c to experiment on FWRR for dynamic weights |
| - merge test-fwrr.cfg to validate dynamic weights |
| - move the load balancing algorithm to be->lbprm.algo |
| - change server check result to a bit field |
| - implement "http-check disable-on-404" for graceful shutdown |
| - secure the calling conditions of ->set_server_status_{up,down} |
| - report disabled servers as "NOLB" when they are still UP |
| - document the "http-check disable-on-404" option |
| - http-check disable-on-404 is not limited to HTTP mode |
| - add a test file for disable-on-404 |
| - use distinct bits per load-balancing algorithm type |
| - implement the slowstart parameter for servers |
| - document the server's slowstart parameter |
| - stats: report the server warm up status in a "throttle" column |
| - fix 2 minor issues on AIX |
| - add the "nbsrv" ACL verb |
| - add the "fail" condition to monitor requests |
| - remove a warning from gcc due to htons() in standard.c |
| - fwrr: ensure that we never overflow in placements |
| - store the build options to report with -vv |
| - fix the status return of the init script (R.I. Pienaar) |
| - stats: real time monitoring script for unix socket (Prizee) |
| - document "nbsrv" and "monitor fail" |
| - restrict the set of allowed characters for identifiers |
| - implement a time parsing function |
| - add support for time units in the configuration |
| - add a bit of documentation about timers |
| - introduce separation between contimeout, and tarpit + queue |
| - introduce the "timeout" keyword |
| - grouped all timeouts in one structure |
| - slowstart is in ms, not seconds |
| - slowstart: ensure we don't start with a null weight |
| - report the number of times each server was selected |
| - fix build on AIX due to recent log changes |
| - fix build on Solaris due to recent log changes |
| |
| 2007/10/18 : 1.3.13 |
| - replace the code under O'Reilly license (Arnaud Cornet) |
| - add a small man page (Arnaud Cornet) |
| - stats: report haproxy's version by default (Krzysztof Oledzki) |
| - stats: count server retries and redispatches (Krzysztof Oledzki) |
| - core: added easy support for Doug Lea's malloc (dlmalloc) |
| - core: fade out memory usage when stopping proxies |
| - core: moved the sockaddr pointer to the fdtab structure |
| - core: add generic protocol support |
| - core: implement client-side support for PF_UNIX sockets |
| - stats: implement the CSV output |
| - stats: add a link to the CSV export HTML page |
| - stats: implement the statistics output on a unix socket |
| - config: introduce the "stats" keyword in global section |
| - build: centralize version and date into one file for each |
| - tests: added a new hash algorithm |
| |
| 2007/10/18 : 1.3.12.3 |
| - add the "nolinger" option to disable data lingering (Alexandre Cassen) |
| - fix double-free during clean exit (Krzysztof Oledzki) |
| - prevent the system from sending an RST when closing health-checks |
| (Krzysztof Oledzki) |
| - do not add a cache-control header when on non-cacheable responses |
| (Krzysztof Oledzki) |
| - spread health checks even more (Krzysztof Oledzki) |
| - stats: scope "." must match the backend and not the frontend |
| - fixed call to chroot() during startup |
| - fix wrong timeout computation in event_accept() |
| - remove condition for exit() under fork() failure |
| |
| 2007/09/20 : 1.3.12.2 |
| - fix configuration sanity checks for TCP listeners |
| - set the log socket receive window to zero bytes |
| - pre-initialize timeouts to infinity, not zero |
| - fix the SIGHUP message not to alert on server-less proxies |
| - timeouts and retries could be ignored when switching backend |
| - added a file to check that "retries" works. |
| - O'Reilly has clarified its license |
| |
| 2007/09/05 : 1.3.12.1 |
| - spec I/O: fix allocations of spec entries for an FD |
| - ensure we never overflow in chunk_printf() |
| - improve behaviour with large number of servers per proxy |
| - add support for "stats refresh <interval>" |
| - stats page: added links for 'refresh' and 'hide down' |
| - fix backend's weight in the stats page. |
| - the "stats" keyword is not allowed in a pure frontend. |
| - provide a test configuration file for stats and checks |
| |
| 2007/06/17 : 1.3.12 |
| - fix segfault at exit when using captures |
| - bug: negation in ACL conds was not cleared between terms |
| - errorfile: use a local file to feed error messages |
| - acl: support '-i' to ignore case when matching |
| - acl: smarter integer comparison with operators eq,lt,gt,le,ge |
| - acl: support maching on 'path' component |
| - acl: implement matching on header values |
| - acl: distinguish between request and response headers |
| - acl: permit to return any header when no name specified |
| - acl: provide default ACLs |
| - added the 'use_backend' keyword for full content-switching |
| - acl: specify the direction during fetches |
| - acl: provide the argument length for fetch functions |
| - acl: provide a reference to the expr to fetch() |
| - improve memory freeing upon exit |
| - str2net() must not change the const char * |
| - shut warnings 'is*' macros from ctype.h on solaris |
| |
| 2007/06/03 : 1.3.11.4 |
| - do not re-arm read timeout in SHUTR state ! |
| - optimize I/O by detecting system starvation |
| - the epoll FD must not be shared between processes |
| - limit the number of events returned by *poll* |
| |
| 2007/05/14 : 1.3.11.3 |
| - pre-initialize timeouts with tv_eternity during parsing |
| |
| 2007/05/14 : 1.3.11.2 |
| - fixed broken health-checks since switch to timeval |
| |
| 2007/05/14 : 1.3.11.1 |
| - fixed ev_kqueue which was forgotten during the switch to timeval |
| - allowed null timeouts for past events in select |
| |
| 2007/05/14 : 1.3.11 |
| - fixed ev_sepoll again by rewriting the state machine |
| - switched all timeouts to timevals instead of milliseconds |
| - improved memory management using mempools v2. |
| - several minor optimizations |
| |
| 2007/05/09 : 1.3.10.2 |
| - fixed build on OpenBSD (missing types.h) |
| |
| 2007/05/09 : 1.3.10.1 |
| - fixed sepoll transition matrix (two states were missing) |
| |
| 2007/05/08 : 1.3.10 |
| - several fixes in ev_sepoll |
| - fixed some expiration dates on some tasks |
| - fixed a bug in connection establishment detection due to speculative I/O |
| - fixed rare bug occuring on TCP with early close (reported by Andy Smith) |
| - implemented URI hashing algorithm (Guillaume Dallaire) |
| - implemented SMTP health checks (Peter van Dijk) |
| - replaced the rbtree with ul2tree from old scheduler project |
| - new framework for generic ACL support |
| - added the 'acl' and 'block' keywords to the config language |
| - added several ACL criteria and matches (IP, port, URI, ...) |
| - cleaned up and better modularization for some time functions |
| - fixed list macros |
| - fixed useless memory allocation in str2net() |
| - store the original destination address in the session |
| |
| 2007/04/15 : 1.3.9 |
| - modularized the polling mechanisms and use function pointers instead |
| of macros at many places |
| - implemented support for FreeBSD's kqueue() polling mechanism |
| - fixed a warning on OpenBSD : MIN/MAX redefined |
| - change socket registration order at startup to accomodate kqueue. |
| - several makefile cleanups to support old shells |
| - fix build with limits.h once for all |
| - ev_epoll: do not rely on fd_sets anymore, use changes stacks instead. |
| - fdtab now holds the results of polling |
| - implemented support for speculative I/O processing with epoll() |
| - remove useless calls to shutdown(SHUT_RD), resulting in small speed boost |
| - auto-registering of pollers at load time |
| |
| 2007/04/03 : 1.3.8.2 |
| - rewriting either the status line or request line could crash the |
| process due to a pointer which ought to be reset before parsing. |
| - rewriting the status line in the response did not work, it caused |
| a 502 Bad Gateway due to an erroneous state during parsing |
| |
| 2007/04/01 : 1.3.8.1 |
| - fix reqadd when no option httpclose is used. |
| - removed now unused fiprm and beprm from proxies |
| - split logs into two versions : TCP and HTTP |
| - added some docs about http headers storage and acls |
| - added a VIM script for syntax color highlighting (Bruno Michel) |
| |
| 2007/03/25 : 1.3.8 |
| - fixed several bugs which might have caused a crash with bad configs |
| - several optimizations in header processing |
| - many progresses towards transaction-based processing |
| - option forwardfor may be used in frontends |
| - completed HTTP response processing |
| - some code refactoring between request and response processing |
| - new HTTP header manipulation functions |
| - optimizations on the recv() patch to reduce CPU usage under very |
| high data rates. |
| - more user-friendly help about the 'usesrc' keyword (CTTPROXY) |
| - username/groupname support from Marcus Rueckert |
| - added the "except" keyword to the "forwardfor" option (Bryan German) |
| - support for health-checks on other addresses (Fabrice Dulaunoy) |
| - makefile for MacOS 10.4 / Darwin (Dan Zinngrabe) |
| - do not insert "Connection: close" in HTTP/1.0 messages |
| |
| 2007/01/26 : 1.3.7 |
| - fix critical bug introduced with 1.3.6 : an empty request header |
| may lead to a crash due to missing pointer assignment |
| - hdr_idx might be left uninitialized in debug mode |
| - fixed build on FreeBSD due to missing fd_set declaration |
| |
| 2007/01/22 : 1.3.6.1 |
| - change in the header chaining broke cookies and authentication |
| |
| 2007/01/22 : 1.3.6 |
| - stats now support the HEAD method too |
| - extracted http request from the session |
| - huge rework of the HTTP parser which is now a 28-state FSM. |
| - linux-style likely/unlikely macros for optimization hints |
| - do not create a server socket when there's no server |
| - imported lots of docs |
| |
| 2007/01/07 : 1.3.5 |
| - stats: swap color sets for active and backup servers |
| - try to guess server check port when unset |
| - added complete support and doc for TCP Splicing |
| - replace the wait-queue linked list with an rbtree. |
| - a few bugfixes and cleanups |
| |
| 2007/01/02 : 1.3.4 |
| - support for cttproxy on the server side to present the client |
| address to the server. |
| - added support for SO_REUSEPORT on Linux (needs kernel patch) |
| - new RFC2616-compliant HTTP request parser with header indexing |
| - split proxies in frontends, rulesets and backends |
| - implemented the 'req[i]setbe' to select a backend depending |
| on the contents |
| - added the 'default_backend' keyword to select a default BE. |
| - new stats page featuring FEs and BEs + bytes in both dirs |
| - improved log format to indicate the backend and the time in ms. |
| - lots of cleanups |
| |
| 2006/10/15 : 1.3.3 |
| - fix broken redispatch option in case the connection has already |
| been marked "in progress" (ie: nearly always). |
| - support regparm on x86 to speed up some often called functions |
| - removed a few useless calls to gettimeofday() in log functions. |
| - lots of 'const char*' cleanups |
| - turn every FD_* into functions which are faster on recent CPUs |
| |
| 2006/09/03 : 1.3.2 |
| - started the changes towards I/O completion callbacks. stream_sock* have |
| replaced event_*. |
| - added the new "reqtarpit" and "reqitarpit" protection features |
| |
| 2006/07/09 : 1.3.1 (1.2.15) |
| - now, haproxy warns about missing timeout during startup to try to |
| eliminate all those buggy configurations. |
| - added "Content-Type: text/html" in responses wherever appropriate, as |
| suggested by Cameron Simpson. |
| - implemented "option ssl-hello-chk" to use SSLv3 CLIENT HELLO messages to |
| test server's health |
| - implemented "monitor-uri" so that haproxy can reply to a specific URI with |
| an "HTTP/1.0 200 OK" response. This is useful to validate multiple proxies |
| at once. |
| |
| 2006/06/29 : 1.3.0 |
| - exploded the whole file into multiple .c and .h. No functionnal |
| difference is expected at all. |
| - fixed a bug by which neither stats nor error messages could be returned if |
| 'clitimeout' was missing. |
| |
| 2006/05/21 : 1.2.14 |
| - new HTML status report with the 'stats' keyword. |
| - added the 'abortonclose' option to better resist traffic surges |
| - implemented dynamic traffic regulation with the 'minconn' option |
| - show request time on denied requests |
| - definitely fixed hot reconf on OpenBSD by the use of SO_REUSEPORT |
| - now a proxy instance is allowed to run without servers, which is |
| useful to dedicate one instance to stats |
| - added lots of error counters |
| - a missing parenthesis preventd matching of cacheable cookies |
| - a missing parenthesis in poll_loop() might have caused missed events. |
| |
| 2006/05/14 : 1.2.13.1 |
| - an uninitialized field in the struct session could cause a crash when |
| the session was freed. This has been encountered on Solaris only. |
| - Solaris and OpenBSD no not support shutdown() on listening socket. Let's |
| be nice to them by performing a soft stop if pause fails. |
| |
| 2006/05/13 : 1.2.13 |
| - 'maxconn' server parameter to do per-server session limitation |
| - queueing to support non-blocking session limitation |
| - fixed removal of cookies for cookie-less servers such as backup servers |
| - two separate wait queues for expirable and non-expirable tasks provide |
| better performance with lots of sessions. |
| - some code cleanups and performance improvements |
| - made state dumps a bit more verbose |
| - fixed missing checks for NULL srv in dispatch mode |
| - load balancing on backup servers was not possible in source hash mode. |
| - two session flags shared the same bit, but fortunately they were not |
| compatible. |
| |
| 2006/04/15 : 1.2.12 |
| Very few changes preparing for more important changes to support per-server |
| session limitations and queueing : |
| - ignore leading empty lines in HTTP requests as suggested by RFC2616. |
| - added the 'weight' parameter to the servers, limited to 1..256. It applies |
| to roundrobin and source hash. |
| - the optional '-s' option could clobber '-st' and '-sf' if compiled in. |
| |
| 2006/03/30 : 1.2.11.1 |
| - under some conditions, it might have been possible that when the |
| last dead server became available, it would not have been used |
| till another one would have changed state. Could not be reproduced |
| at all, however seems possible from the code. |
| |
| 2006/03/25 : 1.2.11 |
| - added the '-db' command-line option to disable backgrounding. |
| - added the -sf/-st command-line arguments which are used to specify |
| a list of pids to send a FINISH or TERMINATE signal upon startup. |
| They will also be asked to release their port if a bind fails. |
| - reworked the startup mechanism to allow the sending of a signal to a list |
| of old pids if a socket cannot be bound, with a retry for a limited amount |
| of time (1 second by default). |
| - added the ability to enforce limits on memory usage. |
| - added the 'source' load-balancing algorithm which uses the source IP(v4|v6) |
| - re-architectured the server round-robin mechanism to ease integration of |
| other algorithms. It now relies on the number of active and backup servers. |
| - added a counter for the number of active and backup servers, and report |
| these numbers upon SIGHUP or state change. |
| |
| 2006/03/23 : 1.2.10.1 |
| - while fixing the backup server round-robin "feature", a new bug was |
| introduced which could miss some backup servers. |
| - the displayed proxy name was wrong when dumping upon SIGHUP. |
| |
| 2006/03/19 : 1.2.10 |
| - assert.h is needed when DEBUG is defined. |
| - ENORMOUS long standing bug affecting the epoll polling system : |
| event_data is a union, not a structure ! |
| - Make fd management more robust and easier to debug. Also some |
| micro-optimisations. |
| - Limit the number of consecutive accept() in multi-process mode. |
| This produces a more evenly distributed load across the processes and |
| slightly improves performance by reducing bottlenecks. |
| - Make health-checks be more regular, and faster to retry after a timeout. |
| - Fixed some messages to ease parsing of alerts. |
| - provided a patch to enable epoll on RHEL3 kernels. |
| - Separated OpenBSD build from the main Makefile into a new one. |
| |
| 2006/03/15 : 1.2.9 |
| - haproxy could not be stopped after being paused, it had to be woken up |
| first. This has been fixed. |
| - the 'ulimit-n' parameter is now optional and by default computed from |
| maxconn + the number of listeners + the number of health-checks. |
| - it is now possible to specify a maximum number of connections at build |
| time with the SYSTEM_MAXCONN define. The value set in the configuration |
| file will then be limited to this value, and only the command-line '-n' |
| option will be able to bypass it. It will prevent against accidental |
| high memory usage on small systems. |
| - RFC2616 expects that any HTTP agent accepts multi-line headers. Earlier |
| versions did not detect a line beginning with a space as the continuation |
| of previous header. It is now correct. |
| - health checks sent to servers configured with identical intervals were |
| sent in perfect synchronisation because the initial time was the same |
| for all. This could induce high load peaks when fragile servers were |
| hosting tens of instances for the same application. Now the load is |
| spread evenly across the smallest interval amongst a listener. |
| - a new 'forceclose' option was added to make the proxy close the outgoing |
| channel to the server once it has sent all its headers and the server |
| starts responding. This helps some servers which don't close upon the |
| 'Connection: close' header. It implies 'option httpclose'. |
| - there was a bug in the way the backup servers were handled. They were |
| erroneously load-balanced while the doc said the opposite. Since |
| load-balanced backup servers is one of the features some people have |
| been asking for, the problem was fixed to reflect the documented |
| behaviour and a new option 'allbackups' was introduced to provide the |
| feature to those who need it. |
| - a never ending connect() could lead to a fast select() loop if its |
| timeout times the number of retransmits exceeded the server read or write |
| timeout, because the later was used to compute select()'s timeout while |
| the connection timeout was not reached. |
| - now we initialize the libc's localtime structures very early so that even |
| under OOM conditions, we can still send dated error messages without |
| segfaulting. |
| - the 'daemon' mode implies 'quiet' and disables 'verbose' because file |
| descriptors are closed. |
| |
| 2006/01/29 : 1.2.8 |
| - fixed a nasty bug affecting poll/epoll which could return unmodified data |
| from the server to the client, and sometimes lead to memory corruption |
| crashing the process. |
| - added the new pause/play mechanism with SIGTTOU/SIGTTIN for hot-reconf. |
| |
| 2005/12/18 : 1.2.7.1 |
| - the "retries" option was ignored because connect() could not return an |
| error if the connection failed before the timeout. |
| - TCP health-checks could not detect a connection refused in poll/epoll |
| mode. |
| |
| 2005/11/13 : 1.2.7 |
| - building with -DUSE_PCRE should include PCRE headers and not regex.h. At |
| least on Solaris, this caused the libc's regex primitives to be used instead |
| of PCRE, which caused trouble on group references. This is now fixed. |
| - delayed the quiet mode during startup so that most of the startup alerts can |
| be displayed even in quiet mode. |
| - display an alert when a listener has no address, invalid or no port, or when |
| there are no enabled listeners upon startup. |
| - added "static-pcre" to the list of supported regex options in the Makefile. |
| |
| 2005/10/09 : 1.2.7rc (1.1.33rc) |
| - second batch of socklen_t changes. |
| - clean-ups from Cameron Simpson. |
| - because tv_remain() does not know about eternity, using no timeout can |
| make select() spin around a null time-out. Bug reported by Cameron Simpson. |
| - client read timeout was not properly set to eternity initialized after an |
| accept() if it was not set in the config. It remained undetected so long |
| because eternity is 0 and newly allocated pages are zeroed by the system. |
| - do not call get_original_dst() when not in transparent mode. |
| - implemented a workaround for a bug in certain epoll() implementations on |
| linux-2.4 kernels (epoll-lt <= 0.21). |
| - implemented TCP keepalive with new options : tcpka, clitcpka, srvtcpka. |
| |
| 2005/08/07 : 1.2.6 |
| - clean-up patch from Alexander Lazic fixes build on Debian 3.1 (socklen_t). |
| |
| 2005/07/06 : 1.2.6-pre5 (1.1.32) |
| - added the number of active sessions (proxy/process) in the logs |
| |
| 2005/07/06 : 1.2.6-pre4 (1.1.32-pre4) |
| - the time-out fix introduced in 1.1.25 caused a corner case where it was |
| possible for a client to keep a connection maintained regardless of the |
| timeout if the server closed the connection during the HEADER phase, |
| while the client ignored the close request while doing nothing in the |
| other direction. This has been fixed now by ensuring that read timeouts |
| are re-armed when switching to any SHUTW state. |
| |
| 2005/07/05 : 1.2.6-pre3 (1.1.32-pre3) |
| - enhanced error reporting in the logs. Now the proxy will precisely detect |
| various error conditions related to the system and/or process limits, and |
| generate LOG_EMERG logs indicating that a resource has been exhausted. |
| - logs will contain two new characters for the error cause : 'R' indicates |
| a resource exhausted, and 'I' indicates an internal error, though this |
| one should never happen. |
| - server connection timeouts can now be reported in the logs (sC), as well |
| as connections refused because of maxconn limitations (PC). |
| |
| 2005/07/05 : 1.2.6-pre2 (1.1.32-pre2) |
| - new global configuration keyword "ulimit-n" may be used to raise the FD |
| limit to usable values. |
| - a warning is now displayed on startup if the FD limit is lower than the |
| configured maximum number of sockets. |
| |
| 2005/07/05 : 1.2.6-pre1 (1.1.32-pre1) |
| - new configuration keyword "monitor-net" makes it possible to be monitored |
| by external devices which connect to the proxy without being logged nor |
| forwarded to any server. Particularly useful on generic TCPv4 relays. |
| |
| 2005/06/21 : 1.2.5.2 |
| - fixed build on PPC where chars are unsigned by default |
| |
| 2005/05/02 : 1.2.5.1 |
| - dirty hack to fix a bug introduced with epoll : if we close an FD and |
| immediately reassign it to another session through a connect(), the |
| Prev{Read,Write}Events are not updated, which causes trouble detecting |
| changes, thus leading to many timeouts at high loads. |
| |
| 2005/04/30 : 1.2.5 (1.1.31) |
| - changed the runtime argument to disable epoll() to '-de' |
| - changed the runtime argument to disable poll() to '-dp' |
| - added global options 'nopoll' and 'noepoll' to do the same at the |
| configuration level. |
| - added a 'linux24e' target to the Makefile for Linux 2.4 systems patched to |
| support epoll(). |
| - changed default FD_SETSIZE to 65536 on Solaris (default=1024) |
| - conditionned signals redirection to #ifdef DEBUG_MEMORY |
| |
| 2005/04/26 : 1.2.5-pre4 |
| - made epoll() support a compile-time option : ENABLE_EPOLL |
| - provided a very little libc replacement for a possibly missing epoll() |
| implementation which can be enabled by -DUSE_MY_EPOLL |
| - implemented the poll() poller, which can be enabled with -DENABLE_POLL. |
| The equivalent runtime argument becomes '-P'. A few tests show that it |
| performs like select() with many fds, but slightly slower (certainly |
| because of the higher amount of memory involved). |
| - separated the 3 polling methods and the tasks scheduler into 4 distinct |
| functions which makes the code a lot more modular. |
| - moved some event tables to private static declarations inside the poller |
| functions. |
| - the poller functions can now initialize themselves, run, and cleanup. |
| - changed the runtime argument to enable epoll() to '-E'. |
| - removed buggy epoll_ctl() code in the client_retnclose() function. This |
| function was never meant to remove anything. |
| - fixed a typo which caused glibc to yell about a double free on exit. |
| - removed error checking after epoll_ctl(DEL) because we can never know if |
| the fd is still active or already closed. |
| - added a few entries in the makefile |
| |
| 2005/04/25 : 1.2.5-pre3 |
| - experimental epoll() support (use temporary '-e' argument) |
| |
| 2005/04/24 : 1.2.5-pre2 |
| - implemented the HTTP 303 code for error redirection. This forces the |
| browser to fetch the given URI with a GET request. The new keyword for |
| this is 'errorloc303', and a new 'errorloc302' keyword has been created |
| to make them easily distinguishable. |
| - added more controls in the parser for valid use of '\x' sequence. |
| - few fixes from Alex & Klaus |
| |
| 2005/02/17 : 1.2.5-pre1 |
| - fixed a few errors in the documentation |
| |
| 2005/02/13 |
| - do not pre-initialize unused file-descriptors before select() anymore. |
| |
| 2005/01/22 : 1.2.4 |
| - merged Alexander Lazic's and Klaus Wagner's work on application |
| cookie-based persistence. Since this is the first merge, this version is |
| not intended for general use and reports are more than welcome. Some |
| documentation is really needed though. |
| |
| 2005/01/22 : 1.2.3 (1.1.30) |
| - add an architecture guide to the documentation |
| - released without any changes |
| |
| 2004/12/26 : 1.2.3-pre1 (1.1.30-pre1) |
| - increased default BUFSIZE to 16 kB to accept max headers of 8 kB which is |
| compatible with Apache. This limit can be configured in the makefile now. |
| Thanks to Eric Fehr for the checks. |
| - added a per-server "source" option which now makes it possible to bind to |
| a different source for each (potentially identical) server. |
| - changed cookie-based server selection slightly to allow several servers to |
| share a same cookie, thus making it possible to associate backup servers to |
| live servers and ease soft-stop for maintenance periods. (Alexander Lazic) |
| - added the cookie 'prefix' mode which makes it possible to use persistence |
| with thin clients which support only one cookie. The server name is prefixed |
| before the application cookie, and restore back. |
| - fixed the order of servers within an instance to match documentation. Now |
| the servers are *really* used in the order of their declaration. This is |
| particularly important when multiple backup servers are in use. |
| |
| 2004/10/18 : 1.2.2 (1.1.29) |
| - fixed a bug where a TCP connection would be logged twice if the 'logasap' |
| option was enabled without the 'tcplog' option. |
| - encode_string() would use hdr_encode_map instead of the map argument. |
| |
| 2004/08/10 : (1.1.29-pre2) |
| - the logged request is now encoded with '#XX' for unprintable characters |
| - new keywords 'capture request header' and 'capture response header' enable |
| logging of arbitrary HTTP headers in requests and responses |
| - removed "-DSOLARIS" after replacing the last inet_aton() with inet_pton() |
| |
| 2004/06/06 : 1.2.1 (1.1.28) |
| - added the '-V' command line option to verbosely report errors even though |
| the -q or 'quiet' options are specified. This is useful with '-c'. |
| - added a Red Hat init script and a .spec from Simon Matter <simon.matter@invoca.ch> |
| |
| 2004/06/05 : |
| - added the "logasap" option which produces a log without waiting for the data |
| to be transferred from the server to the client. |
| - added the "httpclose" option which removes any "connection:" header and adds |
| "Connection: close" in both direction. |
| - added the 'checkcache' option which blocks cacheable responses containing |
| dangerous headers, such as 'set-cookie'. |
| - added 'rspdeny' and 'rspideny' to block certain responses to avoid sensible |
| information leak from servers. |
| |
| 2004/04/18 : |
| - send an EMERG log when no server is available for a given proxy |
| - added the '-c' command line option to syntactically check the |
| configuration file without starting the service. |
| |
| 2003/11/09 : 1.2.0 |
| - the same as 1.1.27 + IPv6 support on the client side |
| |
| 2003/10/27 : 1.1.27 |
| - the configurable HTTP health check introduced in 1.1.23 revealed a shameful |
| bug : the code still assumed that HTTP requests were the same size as the |
| original ones (22 bytes), and failed if they were not. |
| - added support for pidfiles. |
| |
| 2003/10/22 : 1.1.26 |
| - the fix introduced in 1.1.25 for client timeouts while waiting for servers |
| broke almost all compatibility with POST requests, because the proxy |
| stopped to read anything from the client as soon as it got all of its |
| headers. |
| |
| 2003/10/15 : 1.1.25 |
| - added the 'tcplog' option, which provides enhanced, HTTP-like logs for |
| generic TCP proxies, or lighter logs for HTTP proxies. |
| - fixed a time-out condition wrongly reported as client time-out in data |
| phase if the client timeout was lower than the connect timeout times the |
| number of retries. |
| |
| 2003/09/21 : 1.1.24 |
| - if a client sent a full request then shut its write connection down, then |
| the request was aborted. This case was detected only when using haproxy |
| both as health-check client and as a server. |
| - if 'option httpchk' is used in a 'health' mode server, then responses will |
| change from 'OK' to 'HTTP/1.0 200 OK'. |
| - fixed a Linux-only bug in case of HTTP server health-checks, where a single |
| server response followed by a close could be ignored, and the server seen |
| as failed. |
| |
| 2003/09/19 : 1.1.23 |
| - fixed a stupid bug introduced in 1.1.22 which caused second and subsequent |
| 'default' sections to keep previous parameters, and not initialize logs |
| correctly. |
| - fixed a second stupid bug introduced in 1.1.22 which caused configurations |
| relying on 'dispatch' mode to segfault at the first connection. |
| - 'option httpchk' now supports method, HTTP version and a few headers. |
| - now, 'option httpchk', 'cookie' and 'capture' can be specified in |
| 'defaults' section |
| |
| 2003/09/10 : 1.1.22 |
| - 'listen' now supports optionnal address:port-range lists |
| - 'bind' introduced to add new listen addresses |
| - fixed a bug which caused a session to be kept established on a server till |
| it timed out if the client closed during the DATA phase. |
| - the port part of each server address can now be empty to make the proxy |
| connect to the server on the same port it was connected to, be an absolute |
| unsigned number to reflect a single port (as in older versions), or an |
| explicitly signed number (+N/-N) to indicate that this offset must be |
| applied to the port the proxy was connected to, when connecting to the |
| server. |
| - the 'port' server option allows the user to specify a different |
| health-check port than the service one. It is mandatory when only relative |
| ports have been specified and check is required. By default, the checks are |
| sent to the service port. |
| - new 'defaults' section which is rather similar to 'listen' except that all |
| values are only used as default values for future 'listen' sections, until |
| a new 'defaults' resets them. At the moment, server options, regexes, |
| cookie names and captures cannot be set in the 'defaults' section. |
| |
| 2003/05/06 : 1.1.21 |
| - changed the debug output format so that it now includes the session unique |
| ID followed by the instance name at the beginning of each line. |
| - in debug mode, accept now shows the client's IP and port. |
| - added one 3 small debugging scripts to search and pretty print debug output |
| - changed the default health check request to "OPTIONS /" instead of |
| "OPTIONS *" since not all servers implement the later one. |
| - "option httpchk" now accepts an optional parameter allowing the user to |
| specify and URI other than '/' during health-checks. |
| |
| 2003/04/21 : 1.1.20 |
| - fixed two problems with time-outs, one where a server would be logged as |
| timed out during transfer that take longer to complete than the fixed |
| time-out, and one where clients were logged as timed-out during the data |
| phase because they didn't have anything to send. This sometimes caused |
| slow client connections to close too early while in fact there was no |
| problem. The proper fix would be to have a per-fd time-out with |
| conditions depending on the state of the HTTP FSM. |
| |
| 2003/04/16 : 1.1.19 |
| - haproxy was NOT RFC compliant because it was case-sensitive on HTTP |
| "Cookie:" and "Set-Cookie:" headers. This caused JVM 1.4 to fail on |
| cookie persistence because it uses "cookie:". Two memcmp() have been |
| replaced with strncasecmp(). |
| |
| 2003/04/02 : 1.1.18 |
| - Haproxy can be compiled with PCRE regex instead of libc regex, by setting |
| REGEX=pcre on the make command line. |
| - HTTP health-checks now use "OPTIONS *" instead of "OPTIONS /". |
| - when explicit source address binding is required, it is now also used for |
| health-checks. |
| - added 'reqpass' and 'reqipass' to allow certain headers but not the request |
| itself. |
| - factored several strings to reduce binary size by about 2 kB. |
| - replaced setreuid() and setregid() with more standard setuid() and setgid(). |
| - added 4 status flags to the log line indicating who ended the connection |
| first, the sessions state, the validity of the cookie, and action taken on |
| the set-cookie header. |
| |
| 2002/10/18 : 1.1.17 |
| - add the notion of "backup" servers, which are used only when all other |
| servers are down. |
| - make Set-Cookie return "" instead of "(null)" when the server has no |
| cookie assigned (useful for backup servers). |
| - "log" now supports an optionnal level name (info, notice, err ...) above |
| which nothing is sent. |
| - replaced some strncmp() with memcmp() for better efficiency. |
| - added "capture cookie" option which logs client and/or server cookies |
| - cleaned up/down messages and dump servers states upon SIGHUP |
| - added a redirection feature for errors : "errorloc <errnum> <url>" |
| - now we won't insist on connecting to a dead server, even with a cookie, |
| unless option "persist" is specified. |
| - added HTTP/408 response for client request time-out and HTTP/50[234] for |
| server reply time-out or errors. |
| |
| 2002/09/01 : 1.1.16 |
| - implement HTTP health checks when option "httpchk" is specified. |
| |
| 2002/08/07 : 1.1.15 |
| - replaced setpgid()/setpgrp() with setsid() for better portability, because |
| setpgrp() doesn't have the same meaning under Solaris, Linux, and OpenBSD. |
| |
| 2002/07/20 : 1.1.14 |
| - added "postonly" cookie mode |
| |
| 2002/07/15 : 1.1.13 |
| - tv_diff used inverted parameters which led to negative times ! |
| |
| 2002/07/13 : 1.1.12 |
| - fixed stats monitoring, and optimized some tv_* for most common cases. |
| - replaced temporary 'newhdr' with 'trash' to reduce stack size |
| - made HTTP errors more HTML-fiendly. |
| - renamed strlcpy() to strlcpy2() because of a slightly difference between |
| their behaviour (return value), to avoid confusion. |
| - restricted HTTP messages to HTTP proxies only |
| - added a 502 message when the connection has been refused by the server, |
| to prevent clients from believing this is a zero-byte HTTP 0.9 reply. |
| - changed 'Cache-control:' from 'no-cache="set-cookie"' to 'private' when |
| inserting a cookie, because some caches (apache) don't understand it. |
| - fixed processing of server headers when client is in SHUTR state |
| |
| 2002/07/04 : |
| - automatically close fd's 0,1 and 2 when going daemon ; setpgrp() after |
| setpgid() |
| |
| 2002/06/04 : 1.1.11 |
| - fixed multi-cookie handling in client request to allow clean deletion |
| in insert+indirect mode. Now, only the server cookie is deleted and not |
| all the header. Should now be compliant to RFC2965. |
| - added a "nocache" option to "cookie" to specify that we explicitly want |
| to add a "cache-control" header when we add a cookie. |
| It is also possible to add an "Expires: <old-date>" to keep compatibility |
| with old/broken caches. |
| |
| 2002/05/10 : 1.1.10 |
| - if a cookie is used in insert+indirect mode, it's desirable that the |
| the servers don't see it. It was not possible to remove it correctly |
| with regexps, so now it's removed automatically. |
| |
| 2002/04/19 : 1.1.9 |
| - don't use snprintf()'s return value as an end of message since it may |
| be larger. This caused bus errors and segfaults in internal libc's |
| getenv() during localtime() in send_log(). |
| - removed dead insecure send_syslog() function and all references to it. |
| - fixed warnings on Solaris due to buggy implementation of isXXXX(). |
| |
| 2002/04/18 : 1.1.8 |
| - option "dontlognull" |
| - fixed "double space" bug in config parser |
| - fixed an uninitialized server field in case of dispatch |
| with no existing server which could cause a segfault during |
| logging. |
| - the pid logged was always the father's, which was wrong for daemons. |
| - fixed wrong level "LOG_INFO" for message "proxy started". |
| |
| 2002/04/13 : |
| - http logging is now complete : |
| - ip:port, date, proxy, server |
| - req_time, conn_time, hdr_time, tot_time |
| - status, size, request |
| - source address |
| |
| 2002/04/12 : 1.1.7 |
| - added option forwardfor |
| - added reqirep, reqidel, reqiallow, reqideny, rspirep, rspidel |
| - added "log global" in "listen" section. |
| |
| 2002/04/09 : |
| - added a new "global" section : |
| - logs |
| - debug, quiet, daemon modes |
| - uid, gid, chroot, nbproc, maxconn |
| |
| 2002/04/08 : 1.1.6 |
| - regex are now chained and not limited anymore. |
| - unavailable server now returns HTTP/502. |
| - increased per-line args limit to 40 |
| - added reqallow/reqdeny to block some request on matches |
| - added HTTP 400/403 responses |
| |
| 2002/04/03 : 1.1.5 |
| - connection logging displayed incorrect source address. |
| - added proxy start/stop and server up/down log events. |
| - replaced log message short buffers with larger trash. |
| - enlarged buffer to 8 kB and replace buffer to 4 kB. |
| |
| 2002/03/25 : 1.1.4 |
| - made rise/fall/interval time configurable |
| |
| 2002/03/22 : 1.1.3 |
| - fixed a bug : cr_expire and cw_expire were inverted in CL_STSHUT[WR] |
| which could lead to loops. |
| |
| 2002/03/21 : 1.1.2 |
| - fixed a bug in buffer management where we could have a loop |
| between event_read() and process_{cli|srv} if R==BUFSIZE-MAXREWRITE. |
| => implemented an adjustable buffer limit. |
| - fixed a bug : expiration of tasks in wait queue timeout is used again, |
| and running tasks are skipped. |
| - added some debug lines for accept events. |
| - send warnings for servers up/down. |
| |
| 2002/03/12 : 1.1.1 |
| - fixed a bug in total failure handling |
| - fixed a bug in timestamp comparison within same second (tv_cmp_ms) |
| |
| 2002/03/10 : 1.1.0 |
| - fixed a few timeout bugs |
| - rearranged the task scheduler subsystem to improve performance, |
| add new tasks, and make it easier to later port to librt ; |
| - allow multiple accept() for one select() wake up ; |
| - implemented internal load balancing with basic health-check ; |
| - cookie insertion and header add/replace/delete, with better strings |
| support. |
| |
| 2002/03/08 |
| - reworked buffer handling to fix a few rewrite bugs, and |
| improve overall performance. |
| - implement the "purge" option to delete server cookies in direct mode. |
| |
| 2002/03/07 |
| - fixed some error cases where the maxfd was not decreased. |
| |
| 2002/02/26 |
| - now supports transparent proxying, at least on linux 2.4. |
| |
| 2002/02/12 |
| - soft stop works again (fixed select timeout computation). |
| - it seems that TCP proxies sometimes cannot timeout. |
| - added a "quiet" mode. |
| - enforce file descriptor limitation on socket() and accept(). |
| |
| 2001/12/30 : release of version 1.0.2 : fixed a bug in header processing |
| 2001/12/19 : release of version 1.0.1 : no MSG_NOSIGNAL on solaris |
| 2001/12/16 : release of version 1.0.0. |
| 2001/12/16 : added syslog capability for each accepted connection. |
| 2001/11/19 : corrected premature end of files and occasional SIGPIPE. |
| 2001/10/31 : added health-check type servers (mode health) which replies OK then closes. |
| 2001/10/30 : added the ability to support standard TCP proxies and HTTP proxies |
| with or without cookies (use keyword http for this). |
| 2001/09/01 : added client/server header replacing with regexps. |
| eg: |
| cliexp ^(Host:\ [^:]*).* Host:\ \1:80 |
| srvexp ^Server:\ .* Server:\ Apache |
| 2000/11/29 : first fully working release with complete FSMs and timeouts. |
| 2000/11/28 : major rewrite |
| 2000/11/26 : first write |