Skip to content

Releases: philyuchkoff/HAProxy-2-RPM-builder

HAProxy 2.7.6

30 Mar 16:18
@philyuchkoff philyuchkoff
2.7.6
6111fc4
This commit was created on GitHub.com and signed with GitHub’s verified signature. The key has expired.
GPG key ID: 4AEE18F83AFDEB23
Expired
Learn about vigilant mode.
Compare
Choose a tag to compare
HAProxy 2.7.6 Latest
Latest

ChangeLog :

2023/03/28 : 2.7.6

  • MINOR: proto_uxst: add resume method
  • MINOR: listener/api: add lli hint to listener functions
  • MINOR: listener: add relax_listener() function
  • MINOR: listener: workaround for closing a tiny race between resume_listener() and stopping
  • MINOR: listener: make sure we don't pause/resume bypassed listeners
  • BUG/MEDIUM: listener: fix pause_listener() suspend return value handling
  • BUG/MINOR: listener: fix resume_listener() resume return value handling
  • BUG/MEDIUM: resume from LI_ASSIGNED in default_resume_listener()
  • MINOR: listener: pause_listener() becomes suspend_listener()
  • BUG/MEDIUM: listener/proxy: fix listeners notify for proxy resume
  • MEDIUM: proto_ux: properly suspend named UNIX listeners
  • MINOR: proto_ux: ability to dump ABNS names in error messages
  • MINOR: quic: Stop stressing the acknowledgments process (RX ACK frames)
  • BUG/MINOR: quic: Dysfunctional 01RTT packet number space probing
  • BUG/MEDIUM: stream: do not try to free a failed stream-conn
  • BUG/MEDIUM: mux-h2: do not try to free an unallocated h2s->sd
  • BUG/MEDIUM: mux-h2: erase h2c->wait_event.tasklet on error path
  • BUG/MEDIUM: stconn: don't set the type before allocation succeeds
  • BUG/MINOR: stconn: fix sedesc memory leak on stream allocation failure
  • BUG/MEDIUM: mux-h1: properly destroy a partially allocated h1s
  • BUG/MEDIUM: applet: only set appctx->sedesc on successful allocation
  • BUG/MINOR: quic: wake up MUX on probing only for 01RTT
  • BUG/MINOR: quic: ignore congestion window on probing for MUX wakeup
  • BUG/MINOR: trace: fix hardcoded level for TRACE_PRINTF
  • BUG/MEDIUM: mux-quic: release data from conn flow-control on qcs reset
  • MINOR: mux-quic: complete traces for qcs emission
  • MINOR: mux-quic: adjust trace level for MAX_DATA/MAX_STREAM_DATA recv
  • MINOR: mux-quic: add flow-control info to minimal trace level
  • BUG/MINOR: h3: properly handle incomplete remote uni stream type
  • BUG/MINOR: mux-quic: prevent CC status to be erased by shutdown
  • MINOR: mux-quic: interrupt qcc_recv*() operations if CC scheduled
  • MINOR: mux-quic: ensure CONNECTION_CLOSE is scheduled once per conn
  • MINOR: mux-quic: close on qcs allocation failure
  • MINOR: mux-quic: close on frame alloc failure
  • BUG/MEDIUM: stats: Consume the request except when parsing the POST payload
  • DOC: config: set-var() dconv rendering issues
  • BUG/MEDIUM: mux-h1: Wakeup H1C on shutw if there is no I/O subscription
  • BUG/MINOR: applet/new: fix sedesc freeing logic
  • BUG/MINOR: quic: Missing STREAM frame type updated

Changelog

Assets 3

HAProxy 2.7.4

13 Mar 13:33
@philyuchkoff philyuchkoff
2.7.4
95467bb
This commit was created on GitHub.com and signed with GitHub’s verified signature. The key has expired.
GPG key ID: 4AEE18F83AFDEB23
Expired
Learn about vigilant mode.
Compare
Choose a tag to compare
HAProxy 2.7.4

ChangeLog :

2023/03/10 : 2.7.4

  • BUG/MINOR: mworker: stop doing strtok directly from the env
  • BUG/MEDIUM: mworker: prevent inconsistent reload when upgrading from old versions
  • BUG/MEDIUM: mworker: don't register mworker_accept_wrapper() when master FD is wrong
  • MINOR: startup: HAPROXY_STARTUP_VERSION contains the version used to start
  • BUG/MINOR: lua/httpclient: missing free in hlua_httpclient_send()
  • BUG/MEDIUM: httpclient/lua: fix a race between lua GC and hlua_ctx_destroy
  • BUG/MEDIUM: stconn: Don't rearm the read expiration date if EOI was reached
  • BUG/MEDIUM: wdt: fix wrong thread being checked for sleeping
  • BUG/MINOR: sched: properly report long_rq when tasks remain in the queue
  • BUG/MEDIUM: sched: allow a bit more TASK_HEAVY to be processed when needed
  • MINOR: h3/hq-interop: handle no data in decode_qcs() with FIN set
  • BUG/MINOR: mux-quic: transfer FIN on empty STREAM frame
  • BUG/MINOR: mworker: prevent incorrect values in uptime
  • MINOR: h3: add traces on decode_qcs callback
  • BUG/MINOR: quic: Possible unexpected counter incrementation on send*() errors
  • MINOR: quic: Add new traces about by connection RX buffer handling
  • MINOR: quic: Move code to wakeup the timer task to avoid anti-amplication deadlock
  • BUG/MINOR: quic: Really cancel the connection timer from qc_set_timer()
  • MINOR: quic: Simplication for qc_set_timer()
  • MINOR: quic: Kill the connections on ICMP (port unreachable) packet receipt
  • MINOR: quic: Add traces to qc_kill_conn()
  • MINOR: quic: Make qc_dgrams_retransmit() return a status.
  • BUG/MINOR: quic: Missing call to task_queue() in qc_idle_timer_do_rearm()
  • MINOR: quic: Add a trace to identify connections which sent Initial packet.
  • MINOR: quic: Add <pto_count> to the traces
  • BUG/MINOR: quic: Do not probe with too little Initial packets
  • BUG/MINOR: quic: Wrong initialization for io_cb_wakeup boolean
  • BUG/MINOR: quic: Do not drop too small datagrams with Initial packets
  • BUG/MINOR: quic: Missing padding for short packets
  • MINOR: quic: adjust request reject when MUX is already freed
  • BUG/MINOR: quic: also send RESET_STREAM if MUX released
  • BUG/MINOR: quic: acknowledge STREAM frame even if MUX is released
  • BUG/MINOR: h3: prevent hypothetical demux failure on int overflow
  • MEDIUM: h3: enforce GOAWAY by resetting higher unhandled stream
  • MINOR: mux-quic: define qc_shutdown()
  • MINOR: mux-quic: define qc_process()
  • MINOR: mux-quic: implement client-fin timeout
  • MEDIUM: mux-quic: properly implement soft-stop
  • MINOR: quic: mark quic-conn as jobs on socket allocation
  • MEDIUM: quic: trigger fast connection closing on process stopping
  • MINOR: mux-h2/traces: do not log h2s pointer for dummy streams
  • MINOR: mux-h2/traces: add a missing TRACE_LEAVE() in h2s_frt_handle_headers()
  • BUG/MEDIUM: quic: Missing TX buffer draining from qc_send_ppkts()
  • DOC: config: Fix description of options about HTTP connection modes
  • DOC: config: Add the missing tune.fail-alloc option from global listing
  • REGTESTS: Fix ssl_errors.vtc script to wait for connections close
  • BUG/MINOR: cache: Cache response even if request has "no-cache" directive
  • BUG/MINOR: cache: Check cache entry is complete in case of Vary
  • BUILD: quic: 32-bits compilation issue with %zu in quic_rx_pkts_del()
  • BUG/MINOR: ring: do not realign ring contents on resize
  • BUILD: thead: Fix several 32 bits compilation issues with uint64_t variables
  • BUG/MEDIUM: fd: avoid infinite loops in fd_add_to_fd_list and fd_rm_from_fd_list
  • BUG/MEDIUM: h1-htx: Never copy more than the max data allowed during parsing
  • DOC: config: Clarify the meaning of 'hold' in the 'resolvers' section
  • BUG/MINOR: fd: used the update list from the fd's group instead of tgid
  • BUG/MEDIUM: fd: make fd_delete() support being called from a different group
  • CLEANUP: listener: only store conn counts for local threads
  • MEDIUM: quic: improve fatal error handling on send
  • MINOR: quic: consider EBADF as critical on send()
  • BUG/MEDIUM: connection: Clear flags when a conn is removed from an idle list
  • BUG/MINOR: mux-h1: Don't report an error on an early response close
  • BUG/MINOR: http-check: Don't set HTX_SL_F_BODYLESS flag with a log-format body
  • BUG/MINOR: http-check: Skip C-L header for empty body when it's not mandatory
  • MINOR: quic: simplify return path in send functions
  • MINOR: quic: implement qc_notify_send()
  • MINOR: quic: purge txbuf before preparing new packets
  • MEDIUM: quic: implement poller subscribe on sendto error
  • MINOR: quic: notify on send ready
  • BUG/MINOR: http-ana: Don't increment conn_retries counter before the L7 retry
  • BUG/MINOR: http-ana: Do a L7 retry on read error if there is no response
  • BUG/MINOR: mxu-h1: Report a parsing error on abort with pending data
  • BUG/MINOR: ssl: Use 'date' instead of 'now' in ocsp stapling callback
  • MINOR: ssl: rename confusing ssl_bind_kws
  • BUG/MINOR: config: crt-list keywords mistaken for bind ssl keywords
  • BUG/MEDIUM: quic: properly handle duplicated STREAM frames
  • BUG/MINOR: cli: fix CLI handler "set anon global-key" call
  • BUG/MINOR: quic: Do not send too small datagrams (with Initial packets)
  • MINOR: quic: Add a BUG_ON_HOT() call for too small datagrams
  • BUG/MINOR: quic: Ensure to be able to build datagrams to be retransmitted
  • BUG/MINOR: quic: v2 Initial packets decryption failed
  • MINOR: quic: Add traces about QUIC TLS key update
  • BUG/MINOR: quic: Remove force_ack for Initial,Handshake packets
  • BUG/MINOR: quic: Ensure not to retransmit packets with no ack-eliciting frames
  • BUG/MINOR: quic: Do not resend already acked frames
  • BUG/MINOR: quic: Missing detections of amplification limit reached
  • MINOR: quic: Send PING frames when probing Initial packet number space
  • BUG/MEDIUM: quic: do not crash when handling STREAM on released MUX
  • BUG/MAJOR: fd/thread: fix race between updates and closing FD
  • BUG/MINOR: mux-quic: properly init STREAM frame as not duplicated
  • MINOR: quic: Do not accept wrong active_connection_id_limit values
  • MINOR: quic: Store the next connection IDs sequence number in the connection
  • MINOR: quic: Typo fix for ACK_ECN frame
  • MINOR: quic: RETIRE_CONNECTION_ID frame handling (RX)
  • MINOR: quic: Useless TLS context allocations in qc_do_rm_hp()
  • MINOR: quic: Add spin bit support
  • MINOR: quic: Add transport parameters to "show quic"
  • MINOR: h3: add traces on h3_init_uni_stream() error paths
  • MINOR: quic: create a global list dedicated for closing QUIC conns
  • MINOR: quic: handle new closing list in show quic
  • MEDIUM: quic: release closing connections on stopping
  • BUG/MINOR: quic: Wrong RETIRE_CONNECTION_ID sequence number check
  • MINOR: fd/cli: report the polling mask in "show fd"
  • MINOR: quic: Do not stress the peer during retransmissions of lost packets
  • BUG/MINOR: init: properly detect NUMA bindings on large systems
  • BUG/MINOR: thread: report thread and group counts in the correct order
  • BUG/MAJOR: fd/threads: close a race on closing connections after takeover
  • BUG/MINOR: mworker: use MASTER_MAXCONN as default maxconn value
  • BUG/MINOR: quic: Missing listener accept queue tasklet wakeups
  • MINOR: quic_sock: un-statify quic_conn_sock_fd_iocb()
  • DOC/CLEANUP: fix typos
Assets 4

HAProxy 2.7.3

17 Feb 09:41
@philyuchkoff philyuchkoff
2.7.3
8347846
This commit was created on GitHub.com and signed with GitHub’s verified signature. The key has expired.
GPG key ID: 4AEE18F83AFDEB23
Expired
Learn about vigilant mode.
Compare
Choose a tag to compare
HAProxy 2.7.3

2023/02/14 : 2.7.3

  • BUG/MINOR: jwt: Wrong return value checked
  • BUG/MINOR: quic: Do not request h3 clients to close its unidirection streams
  • MEDIUM: quic-sock: fix udp source address for send on listener socket
  • BUG/MINOR: sink: make sure to always properly unmap a file-backed ring
  • DEV: haring: add a new option "-r" to automatically repair broken files
  • MINOR: connection: add a BUG_ON() to detect destroying connection in idle list
  • MINOR: mux-quic/h3: send SETTINGS as soon as transport is ready
  • BUG/MINOR: h3: fix GOAWAY emission
  • BUG/MEDIUM: mux-quic: fix crash on H3 SETTINGS emission
  • BUG/MEDIUM: hpack: fix incorrect huffman decoding of some control chars
  • BUG/MINOR: log: release global log servers on exit
  • BUG/MINOR: ring: release the backing store name on exit
  • BUG/MINOR: sink: free the forwarding task on exit
  • DEV: hpack: fix trash build regression
  • MINOR: trace: add a TRACE_ENABLED() macro to determine if a trace is active
  • MINOR: trace: add a trace_no_cb() dummy callback for when to use no callback
  • MINOR: trace: add the long awaited TRACE_PRINTF()
  • BUG/MINOR: fcgi-app: prevent 'use-fcgi-app' in default section
  • BUG/MEDIUM: h3: do not crash if no buf space for trailers
  • OPTIM: h3: skip buf realign if no trailer to encode
  • MINOR: mux-quic/h3: define stream close callback
  • BUG/MEDIUM: h3: handle STOP_SENDING on control stream
  • BUG/MINOR: h3: reject RESET_STREAM received for control stream
  • MINOR: h3: add missing traces on closure
  • BUG/MEDIUM: ssl: wrong eviction from the session cache tree
  • BUG/MINOR: h3: fix crash due to h3 traces
  • BUG/MINOR: stats: use proper buffer size for http dump
  • BUG/MINOR: stats: fix source buffer size for http dump
  • BUG/MEDIUM: stats: fix resolvers dump
  • BUG/MINOR: stats: fix ctx->field update in stats_dump_proxy_to_buffer()
  • BUG/MINOR: stats: fix show stats field ctx for servers
  • BUG/MINOR: stats: fix STAT_STARTED behavior with full htx
  • MINOR: stats: add by HTTP version cumulated number of sessions and requests
  • BUG/MINOR: stats: Prevent HTTP "other sessions" counter underflows
  • MINOR: quic: remove fin from quic_stream frame type
  • MINOR: quic: ensure offset is properly set for STREAM frames
  • MINOR: quic: define new functions for frame alloc
  • MINOR: quic: refactor frame deallocation
  • MEDIUM: quic: implement a retransmit limit per frame
  • MINOR: quic: add config for retransmit limit
  • CLEANUP: quic: no need for atomics on packet refcnt
  • BUG/MINOR: quic: Possible stream truncations under heavy loss
  • BUG/MINOR: quic: Too big PTO during handshakes
  • MINOR: quic: Add a trace about variable states in qc_prep_fast_retrans()
  • BUG/MINOR: quic: Do not ignore coalesced packets in qc_prep_fast_retrans()
  • MINOR: quic: When probing Handshake packet number space, also probe the Initial one
  • BUG/MAJOR: quic: Possible crash when processing 1-RTT during 0-RTT session
  • MEDIUM: quic: Remove qc_conn_finalize() from the ClientHello TLS callbacks
  • BUG/MINOR: quic: Unchecked source connection ID
  • BUG/MEDIUM: quic: do not split STREAM frames if no space
  • MINOR: quic: Update version_information transport parameter to draft-14
  • BUG/MINOR: ssl/crt-list: warn when a line is malformated
  • BUG/MEDIUM: stick-table: do not leave entries in end of window during purge
  • BUG/MINOR: clock: do not mix wall-clock and monotonic time in uptime calculation
  • BUG/MEDIUM: cache: use the correct time reference when comparing dates
  • DOC: config: fix option spop-check proxy compatibility
  • DOC: config: 'http-send-name-header' option may be used in default section
  • BUG/MINOR: h3: fix crash due to h3 traces
  • MINOR: cfgparse/server: move (min/max)conn postparsing logic into dedicated function
  • BUG/MINOR: server/add: ensure minconn/maxconn consistency when adding server
  • BUG/MEDIUM: stconn: Schedule a shutw on shutr if data must be sent first
  • BUG/MEDIUM: quic: fix crash when "option nolinger" is set in the frontend
  • MINOR: quic: implement a basic "show quic" CLI handler
  • MINOR: quic: display CIDs and state in "show quic"
  • MINOR: quic: display socket info on "show quic"
  • MINOR: quic: display infos about various encryption level on "show quic"
  • MINOR: quic: display Tx stream info on "show quic"
  • MINOR: quic: filter closing conn on "show quic"
  • BUG/MINOR: quic: fix filtering of closing connections on "show quic"
  • BUG/MINOR: quic: fix type bug on "show quic" for 32-bits arch
  • BUG/MINOR: mworker: fix uptime for master process
  • BUG/MINOR: clock/stats: also use start_time not start_date in HTML info
  • BUG/MEDIUM: quic: Buffer overflow when looking through QUIC CLI keyword list
  • DOC: proxy-protocol: fix wrong byte in provided example
  • BUG/MINOR: quic: Wrong datagram dispatch because of qc_check_dcid()
  • BUG/CRITICAL: http: properly reject empty http header field names
Assets 4

HAProxy 2.7.2

20 Jan 13:40
@philyuchkoff philyuchkoff
2.7.2
34d071a
This commit was created on GitHub.com and signed with GitHub’s verified signature. The key has expired.
GPG key ID: 4AEE18F83AFDEB23
Expired
Learn about vigilant mode.
Compare
Choose a tag to compare
HAProxy 2.7.2

2023/01/20 : 2.7.2

  • OPTIM: pool: split the read_mostly from read_write parts in pool_head
  • REGTESTS: ssl: enable the ssl_reuse.vtc test for WolfSSL
  • BUG/MEDIUM: mux-quic: fix double delete from qcc.opening_list
  • BUG/MEDIUM: quic: properly take shards into account on bind lines
  • BUG/MINOR: quic: do not allocate more rxbufs than necessary
  • BUG/MEDIUM: mux-h2: Refuse interim responses with end-stream flag set
  • BUG/MINOR: pool/stats: Use ullong to report total pool usage in bytes in stats
  • MINOR: httpclient: don't add body when istlen is empty
  • MEDIUM: mux-quic: implement shutw
  • MINOR: mux-quic: do not count stream flow-control if already closed
  • MINOR: mux-quic: handle RESET_STREAM reception
  • MEDIUM: mux-quic: implement STOP_SENDING emission
  • MINOR: h3: use stream error when needed instead of connection
  • CI: github: enable github api authentication for OpenSSL tags read
  • BUG/MINOR: mux-quic: ignore remote unidirectional stream close
  • CI: github: use the GITHUB_TOKEN instead of a manually generated token
  • BUILD: makefile: build the features list dynamically
  • BUILD: makefile: sort the features list
  • BUILD: makefile: clean the wolfssl include and lib generation rules
  • BUILD: makefile: make sure to also ignore SSL_INC when using wolfssl
  • BUG/MINOR: debug: don't mask the TH_FL_STUCK flag before dumping threads
  • MINOR: cfgparse-ssl: avoid a possible crash on OOM in ssl_bind_parse_npn()
  • BUG/MINOR: stick-table: report the correct action name in error message
  • CI: Improve headline in matrix.py
  • CI: Add in-memory cache for the latest OpenSSL/LibreSSL
  • CI: Use proper if blocks instead of conditional expressions in matrix.py
  • CI: Unify the GITHUB_TOKEN name across matrix.py and vtest.yml
  • CI: Explicitly check environment variable against None in matrix.py
  • CI: Reformat matrix.py using black
  • MINOR: config: add environment variables for default log format
  • BUG/MINOR: http-fetch: Only fill txn status during prefetch if not already set
  • BUG/MAJOR: buf: Fix copy of wrapping output data when a buffer is realigned
  • DOC: config: fix alphabetical ordering of http-after-response rules
  • DOC: config: remove duplicated "http-response sc-set-gpt0" directive
  • BUG/MINOR: proxy: free orgto_hdr_name in free_proxy()
  • REGTEST: fix the race conditions in json_query.vtc
  • REGTEST: fix the race conditions in add_item.vtc
  • REGTEST: fix the race conditions in digest.vtc
  • REGTEST: fix the race conditions in hmac.vtc
  • BUG/MINOR: fd: avoid bad tgid assertion in fd_delete() from deinit()
  • BUG/MINOR: http: Memory leak of http redirect rules' format string
  • CLEANUP: htx: fix a typo in an error message of http_str_to_htx
  • DOC: config: added optional rst-ttl argument to silent-drop in action lists
  • DOC: management: add details on "Used" status
  • DOC: management: add details about @system-ca in "show ssl ca-file"
  • BUG/MINOR: mux-quic: fix transfer of empty HTTP response
  • MINOR: mux-quic: add traces for flow-control limit reach
  • MAJOR: mux-quic: rework stream sending priorization
  • MEDIUM: h3: send SETTINGS before STREAM frames
  • MINOR: mux-quic: use send-list for STOP_SENDING/RESET_STREAM emission
  • MINOR: mux-quic: use send-list for immediate sending retry
  • BUG/MINOR: h1-htx: Remove flags about protocol upgrade on non-101 responses
  • BUG/MINOR: hlua: Fix Channel.line and Channel.data behavior regarding the doc
  • BUG/MINOR: resolvers: Wait the resolution execution for a do_resolv action
  • DEV: tcploop: add minimal support for unix sockets
  • BUG/MEDIUM: peers: make "show peers" more careful about partial initialization
  • BUG/MINOR: promex: Don't forget to consume the request on error
  • BUG/MINOR: http-ana: Report SF_FINST_R flag on error waiting the request body
  • BUG/MINOR: http-fetch: Don't block HTTP sample fetch eval in HTTP_MSG_ERROR state
  • BUG/MEDIUM: mux-h2: Don't send CANCEL on shutw when response length is unkown
  • BUG/MINOR: http-ana: make set-status also update txn->status
  • BUG/MINOR: listeners: fix suspend/resume of inherited FDs
  • DOC: config: fix wrong section number for "protocol prefixes"
  • DOC: config: fix aliases for protocol prefixes "udp4@" and "udp6@"
  • DOC: config: mention the missing "quic4@" and "quic6@" in protocol prefixes
  • MINOR: listener: also support "quic+" as an address prefix
  • CLEANUP: stconn: always use se_fl_set_error() to set the pending error
  • BUG/MEDIUM: stconn: also consider SE_FL_EOI to switch to SE_FL_ERROR
  • MINOR: quic: Useless test about datagram destination addresses
  • MINOR: quic: Disable the active connection migrations
  • MINOR: quic: Add "no-quic" global option
  • MINOR: sample: Add "quic_enabled" sample fetch
  • MINOR: quic: Replace v2 draft definitions by those of the final 2 version
  • BUG/MINOR: mux-fcgi: Correctly set pathinfo
  • DOC: config: fix "Address formats" chapter syntax
  • BUG/MEDIUM: jwt: Properly process ecdsa signatures (concatenated R and S params)
  • BUG/MINOR: ssl: Fix compilation with OpenSSL 1.0.2 (missing ECDSA_SIG_set0)
  • BUG/MINOR: listener: close tiny race between resume_listener() and stopping
  • BUG/MEDIUM: fd/threads: fix again incorrect thread selection in wakeup broadcast
  • BUG/MINOR: thread: always reload threads_enabled in loops
  • MINOR: threads: add a thread_harmless_end() version that doesn't wait
  • BUG/MEDIUM: debug/thread: make the debug handler not wait for !rdv_requests
  • BUG/MINOR: bwlim: Check scope for period expr for set-bandwitdh-limit actions
  • BUG/MINOR: bwlim: Fix parameters check for set-bandwidth-limit actions
  • BUG/MINOR: h3: properly handle connection headers
  • MINOR: h3: extend function for QUIC varint encoding
  • MINOR: h3: implement TRAILERS encoding
  • MINOR: h3: implement TRAILERS decoding
  • BUG/MINOR: mux-h2: make sure to produce a log on invalid requests
  • BUG/MINOR: mux-h2: add missing traces on failed headers decoding
  • BUILD: hpack: include global.h for the trash that is needed in debug mode
Assets 3

HAProxy 2.7.1

27 Dec 12:12
@philyuchkoff philyuchkoff
2.7.1
1ad5bda
This commit was created on GitHub.com and signed with GitHub’s verified signature. The key has expired.
GPG key ID: 4AEE18F83AFDEB23
Expired
Learn about vigilant mode.
Compare
Choose a tag to compare
HAProxy 2.7.1

2022/12/19 : 2.7.1

  • BUG/MINOR: ssl: initialize SSL error before parsing
  • BUG/MINOR: ssl: initialize WolfSSL before parsing
  • BUG/MEDIIM: stconn: Flush output data before forwarding close to write side
  • CI: github: reintroduce openssl 1.1.1
  • CI: github: split ssl lib selection based on git branch
  • BUG/MEDIUM: checks: do not reschedule a possibly running task on state change
  • BUG/MINOR: checks: make sure fastinter is used even on forced transitions
  • MINOR: mworker: display an alert upon a wait-mode exit
  • BUG/MEDIUM: mworker: fix segv in early failure of mworker mode with peers
  • BUG/MEDIUM: mworker: create the mcli_reload socketpairs in case of upgrade
  • BUG/MINOR: checks: restore legacy on-error fastinter behavior
  • BUG/MINOR: init/threads: continue to limit default thread count to max per group
  • BUILD: atomic: atomic.h may need compiler.h on ARMv8.2-a
  • BUILD: makefile/da: also clean Os/ in Device Atlas dummy lib dir
  • BUG/MEDIUM: httpclient/lua: double LIST_DELETE on end of lua task
  • CLEANUP: pools: move the write before free to the uaf-only function
  • CLEANUP: pool: only include pool-os from pool.c not pool.h
  • REORG: pool: move all the OS specific code to pool-os.h
  • CLEANUP: pools: get rid of CONFIG_HAP_POOLS
  • DEBUG: pool: show a few examples in -dMhelp
  • MINOR: pools: make DEBUG_UAF a runtime setting
  • BUG/MINOR: promex: create haproxy_backend_agg_server_status
  • MINOR: promex: introduce haproxy_backend_agg_check_status
  • DOC: promex: Add missing backend metrics
  • BUG/MAJOR: fcgi: Fix uninitialized reserved bytes
  • REGTESTS: fix the race conditions in iff.vtc
  • REGTESTS: startup: check maxconn computation
  • BUG/MINOR: startup: don't use internal proxies to compute the maxconn
  • REGTESTS: startup: change the expected maxconn to 11000
  • CI: github: set ulimit -n to a greater value
  • REGTESTS: startup: activate automatic_maxconn.vtc
  • CLEANUP: ssl: remove check on srv->proxy
  • BUG/MEDIUM: freq-ctr: Don't compute overshoot value for empty counters
  • BUG/MEDIUM: resolvers: Use tick_first() to update the resolvers task timeout
  • REGTESTS: startup: add alternatives values in automatic_maxconn.vtc
  • BUG/MEDIUM: h3: reject request with invalid header name
  • BUG/MEDIUM: h3: reject request with invalid pseudo header
  • MINOR: http: extract content-length parsing from H2
  • BUG/MEDIUM: h3: parse content-length and reject invalid messages
  • MINOR: debug: support pool filtering on "debug dev memstats"
  • MINOR: debug: add a balance of alloc - free at the end of the memstats dump
  • CI: github: remove redundant ASAN loop
  • CI: github: split matrix for development and stable branches
  • BUILD: peers: peers-t.h depends on stick-table-t.h
  • MINOR: quic: remove qc from quic_rx_packet
  • MINOR: quic: complete traces in qc_rx_pkt_handle()
  • MINOR: quic: extract datagram parsing code
  • MINOR: tools: add port for ipcmp as optional criteria
  • MINOR: quic: detect connection migration
  • MINOR: quic: ignore address migration during handshake
  • MINOR: quic: startup detect for quic-conn owned socket support
  • MINOR: quic: test IP_PKTINFO support for quic-conn owned socket
  • MINOR: quic: define config option for socket per conn
  • MINOR: quic: allocate a socket per quic-conn
  • MINOR: quic: use connection socket for emission
  • MEDIUM: quic: use quic-conn socket for reception
  • MEDIUM: quic: move receive out of FD handler to quic-conn io-cb
  • MINOR: mux-quic: rename duplicate function names
  • MEDIUM: quic: requeue datagrams received on wrong socket
  • MINOR: quic: reconnect quic-conn socket on address migration
  • BUG/MINOR: quic: fix fd leak on startup check quic-conn owned socket
  • BUG/MINOR: quic: properly handle alloc failure in qc_new_conn()
  • BUG/MINOR: quic: handle alloc failure on qc_new_conn() for owned socket
  • CLEANUP: mux-quic: remove unused attribute on qcs_is_close_remote()
  • BUG/MINOR: mux-quic: remove qcs from opening-list on free
  • BUG/MINOR: mux-quic: handle properly alloc error in qcs_new()
  • LICENSE: wurfl: clarify the dummy library license.
  • BUG/MEDIUM: mux-h1: Don't release H1 stream upgraded from TCP on error
  • BUG/MINOR: mux-h1: Fix test instead a BUG_ON() in h1_send_error()
  • BUG/MEDIUM: h3: fix cookie header parsing
  • BUG/MINOR: h3: fix memleak on HEADERS parsing failure
  • MINOR: h3: check return values of htx_add_* on headers parsing
  • BUG/MINOR: ssl: Fix memory leak of find_chain in ssl_sock_load_cert_chain
  • MINOR: stats: provide ctx for dumping functions
  • MINOR: stats: introduce stats field ctx
  • BUG/MINOR: stats: fix show stat json buffer limitation
  • BUG/MINOR: quic: fix crash on PTO rearm if anti-amplification reset
  • REGTESTS: startup: disable automatic_maxconn.vtc
  • BUG/MEDIUM: tests: use tmpdir to create UNIX socket
  • BUG/MINOR: mux-h1: Report EOS on parsing/internal error for not running stream
  • BUG/MINOR:: mux-h1: Never handle error at mux level for running connection
  • BUG/MEDIUM: stats: Rely on a local trash buffer to dump the stats
Assets 3

HAProxy 2.7.0

06 Dec 16:26
@philyuchkoff philyuchkoff
2.7.0
c6e9047
This commit was created on GitHub.com and signed with GitHub’s verified signature. The key has expired.
GPG key ID: 4AEE18F83AFDEB23
Expired
Learn about vigilant mode.
Compare
Choose a tag to compare
HAProxy 2.7.0

December, 1st, 2022 : HAProxy 2.7.0 release
Please see the announnce for more details and/or consult the HAProxyTech blog article for more details.

What's Changed

New Contributors

Full Changelog: 2.6.6...2.7.0

Contributors

mdzidic and trengri
Assets 3

HAProxy 2.6.7

09 Dec 10:49
@philyuchkoff philyuchkoff
2.6.7
c6e9047
This commit was created on GitHub.com and signed with GitHub’s verified signature. The key has expired.
GPG key ID: 4AEE18F83AFDEB23
Expired
Learn about vigilant mode.
Compare
Choose a tag to compare
HAProxy 2.6.7

2022/12/02 : 2.6.7
- REGTESTS: 4be_1srv_smtpchk_httpchk_layer47errors: Return valid SMTP replies
- BUG/MINOR: hlua: Remove \n in Lua error message built with memprintf
- BUG/MINOR: stream: Perform errors handling in right order in stream_new()
- BUG/MEDIUM: stconn: Reset SE descriptor when we fail to create a stream
- BUG/MEDIUM: resolvers: Remove aborted resolutions from query_ids tree
- BUG/MINOR: hlua: fixing hlua_http_msg_del_data behavior
- BUG/MINOR: hlua: fixing hlua_http_msg_insert_data behavior
- BUG/MINOR: hlua: _hlua_http_msg_delete incorrect behavior when offset is used
- DOC: management: httpclient can resolve server names in URLs
- BUG/MAJOR: conn-idle: fix hash indexing issues on idle conns
- BUG/MINOR: backend: only enforce turn-around state when not redispatching
- BUG/MINOR: checks: update pgsql regex on auth packet
- DOC: config: Fix pgsql-check documentation to make user param mandatory
- CLEANUP: mux-quic: remove usage of non-standard ull type
- CLEANUP: quic: remove global var definition in quic_tls header
- BUG/MINOR: quic: adjust quic_tls prototypes
- CLEANUP: quic: fix headers
- CLEANUP: quic: remove unused function prototype
- CLEANUP: quic: remove duplicated varint code from xprt_quic.h
- CLEANUP: quic: create a dedicated quic_conn module
- BUG/MINOR: mux-quic: ignore STOP_SENDING for locally closed stream
- BUG/MEDIUM: lua: Don't crash in hlua_lua2arg_check on failure
- BUG/MEDIUM: lua: handle stick table implicit arguments right.
- BUILD: h1: silence an initiialized warning with gcc-4.7 and -Os
- MINOR: fd: add a new function to only raise RLIMIT_NOFILE
- MINOR: init: do not try to shrink existing RLIMIT_NOFIlE
- BUG/MINOR: http-fetch: Update method after a prefetch in smp_fetch_meth()
- BUILD: http_fetch: silence an uninitiialized warning with gcc-4/5/6 at -Os
- BUG/MINOR: hlua: hlua_channel_insert_data() behavior conflicts with documentation
- MINOR: quic: limit usage of ssl_sock_ctx in favor of quic_conn
- MINOR: mux-quic: check quic-conn return code on Tx
- CLEANUP: quic: fix indentation
- BUG/MINOR: mux-h1: Account consumed output data on synchronous connection error
- MINOR: smtpchk: Update expect rule to fully match replies to EHLO commands
- BUG/MINOR: smtpchk: SMTP Service check should gracefully close SMTP transaction
- BUG/MINOR: config: don't count trailing spaces as empty arg (v2)
- BUG/MEDIUM: config: count line arguments without dereferencing the output
- MEDIUM: quic: retrieve frontend destination address
- CLEANUP: quic/receiver: remove the now unused tx_qring list
- BUG/MINOR: quic: set IP_PKTINFO socket option for QUIC receivers only
- DOC: configuration: missing 'if' in tcp-request content example
- BUG/MAJOR: stick-tables: do not try to index a server name for applets
- BUG/MINOR: server: make sure "show servers state" hides private bits
- MINOR: quic: New quic_cstream object implementation
- MINOR: quic: Extract CRYPTO frame parsing from qc_parse_pkt_frms()
- MINOR: quic: Use a non-contiguous buffer for RX CRYPTO data
- BUG/MINOR: quic: Stalled 0RTT connections with big ClientHello TLS message
- MINOR: quic: Split the secrets key allocation in two parts
- CLEANUP: quic: remove unused rxbufs member in receiver
- CLEANUP: quic: improve naming for rxbuf/datagrams handling
- MINOR: quic: implement datagram cleanup for quic_receiver_buf
- BUILD: ssl_sock: bind_conf uninitialized in ssl_sock_bind_verifycbk()
- BUG/MEDIUM: httpclient: Don't set EOM flag on an empty HTX message
- MINOR: httpclient/lua: Don't set req_payload callback if body is empty
- CI: Replace the deprecated ::set-output command by writing to $GITHUB_OUTPUT in matrix.py
- CI: Replace the deprecated ::set-output command by writing to $GITHUB_OUTPUT in workflow definition
- BUILD: quic: QUIC mux build fix for 32-bit build
- BUG/MEDIUM: httpclient: segfault when the httpclient parser fails
- BUILD: ssl_sock: fix null dereference for QUIC build
- BUILD: quic: Fix build for m68k cross-compilation
- BUG/MINOR: quic: fix buffer overflow on retry token generation
- MINOR: quic: add version field on quic_rx_packet
- MINOR: quic: extend pn_offset field from quic_rx_packet
- MINOR: quic: define first packet flag
- MINOR: quic: extract connection retrieval
- MINOR: quic: split and rename qc_lstnr_pkt_rcv()
- MINOR: quic: refactor packet drop on reception
- MINOR: quic: extend Retry token check function
- BUG/MINOR: log: Preserve message facility when the log target is a ring buffer
- BUG/MINOR: ring: Properly parse connect timeout
- BUG/MEDIUM: httpclient/lua: crash when the lua task timeout before the httpclient
- BUG/MEDIUM: httpclient: check if the httpclient was released in the IO handler
- REGTESTS: httpclient/lua: test the lua task timeout with the httpclient
- CI: github: dump the backtrace of coredumps in the alpine container
- BUILD: Makefile: add "USE_SHM_OPEN" on the linux-musl target
- BUG/MINOR: mux-quic: complete flow-control for uni streams
- BUG/MEDIUM: compression: handle rewrite errors when updating response headers
- MINOR: quic: do not crash on unhandled sendto error
- MINOR: quic: display unknown error sendto counter on stat page
- BUG/MINOR: sink: Only use backend capability for the sink proxies
- BUG/MINOR: sink: Set default connect/server timeout for implicit ring buffers
- CI: SSL: use proper version generating when "latest" semantic is used
- CI: SSL: temporarily stick to LibreSSL=3.5.3
- DOC: management: add forgotten "show startup-logs"
- DOC: lua: add a note about compression w/ httpclient
- BUG/MAJOR: stick-table: don't process store-response rules for applets
- BUG/MEDIUM: stick-table: fix a race condition when updating the expiration task
- MINOR: quic: remove unnecessary quic_session_accept()
- BUG/MINOR: quic: fix subscribe operation
- BUG/MINOR: log: fixing bug in tcp syslog_io_handler Octet-Counting
- BUG/MINOR: quic: fix race condition on datagram purging
- CI: add monthly gcc cross compile jobs
- BUG/MINOR: httpclient: fixed memory allocation for the SSL ca_file
- BUG/MINOR: ssl: Memory leak of DH BIGNUM fields
- BUG/MINOR: ssl: Memory leak of AUTHORITY_KEYID struct when loading issuer
- BUG/MINOR: ssl: ocsp structure not freed properly in case of error
- CI: switch to the "latest" LibreSSL
- CI: enable QUIC for LibreSSL builds
- CI: emit the compiler's version in the build reports
- BUG/MEDIUM: wdt/clock: properly handle early task hangs
- BUG/MINOR: http-htx: Fix error handling during parsing http replies
- BUG/MINOR: resolvers: Don't wait periodic resolution on healthcheck failure
- BUG/MINOR: resolvers: Set port before IP address when processing SRV records
- BUG/MINOR: mux-fcgi: Be sure to send empty STDING record in case of zero-copy
- BUG/MEDIUM: mux-fcgi: Avoid value length overflow when it doesn't fit at once
- BUG/MINOR: mux-h1: Do not send a last null chunk on body-less answers
- REG-TESTS: cache: Remove T-E header for 304-Not-Modified responses
- DOC: config: fix alphabetical ordering of global section
- BUG/MEDIUM: ring: fix creation of server in uninitialized ring
- BUILD: quic: fix dubious 0-byte overflow on qc_release_lost_pkts
- BUG/MINOR: pool/cli: use ullong to report total pool usage in bytes
- BUG/MEDIUM: listener: Fix race condition when updating the global mngmt task
- BUG/MINOR: http_ana/txn: don't re-initialize txn and req var lists
- BUG/MEDIUM: raw-sock: Don't report connection error if something was received
- BUG/MINOR: ssl: don't initialize the keylog callback when not required
- BUG/MEDIUM: peers: messages about unkown tables not correctly ignored
- BUILD: peers: Remove unused variables
- MINOR: ncbuf: complete doc for ncb_advance()
- BUG/MEDIUM: quic: fix unsuccessful handshakes on ncb_advance error
- BUG/MEDIUM: quic: fix memleak for out-of-order crypto data
- MINOR: quic: complete traces/debug for handshake
- BUG/MAJOR: quic: Crash upon retransmission of dgrams with several packets
- BUG/MAJOR: quic: Crash after discarding packet number spaces
- DOC: configuration: fix quic prefix typo
- MINOR: quic: report error if force-retry without cluster-secret
- MINOR: global: generate random cluster.secret if not defined
- BUG/MINOR: server/idle: at least use atomic stores when updating max_used_conns
- BUILD: listener: fix build warning on global_listener_rwlock without threads
- DOC: quic: add note on performance issue with listener contention
- BUG/MINOR: cfgparse-listen: fix ebpt_next_dup pointer dereference on proxy "from" inheritance
- BUG/MINOR: log: fix parse_log_message rfc5424 size check
- BUG/MINOR: http-htx: Don't consider an URI as normalized after a set-uri action
- BUILD: http-htx: Silent build error about a possible NULL start-line
- DOC: configuration.txt: add default_value for table_idle signature
- BUILD: ssl-sock: Silent error about NULL deref in ssl_sock_bind_verifycbk()
- BUG/MINOR: mux-h1: Fix handling of 408-Request-Time-Out
- DOC: configuration.txt: fix typo in table_idle signature
- BUG/MEDIUM: quic: fix datagram dropping on queueing failed
- MINOR: ssl: enhance ca-file error emitting
- MINOR: ssl: forgotten newline in error messages on ca-file
- BUG/MINOR: ssl: shut the ca-file errors emitted during httpclient init
- Revert "BUG/MINOR: http-htx: Don't consider an URI as normalized after a set-uri action"
- DO...

Read more
Assets 3

HAProxy 2.6.6

29 Sep 10:16
@philyuchkoff philyuchkoff
2.6.6
ef0e557
This commit was created on GitHub.com and signed with GitHub’s verified signature. The key has expired.
GPG key ID: 4AEE18F83AFDEB23
Expired
Learn about vigilant mode.
Compare
Choose a tag to compare
HAProxy 2.6.6

2022/09/22 : 2.6.6
- MEDIUM: peers: limit the number of updates sent at once
- MINOR: Revert part of clarifying samples support per os commit
- BUILD: makefile: enable crypt(3) for NetBSD
- BUG/MINOR: quic: Retransmitted frames marked as acknowledged
- BUG/MINOR: quic: Possible crash with "tls-ticket-keys" on QUIC bind lines
- BUG/MINOR: h1: Support headers case adjustment for TCP proxies
- BUG/MINOR: quic: Possible crash when verifying certificates
- BUILD: quic: add some ifdef around the SSL_ERROR_* for libressl
- BUILD: ssl: fix ssl_sock_switchtx_cbk when no client_hello_cb
- BUILD: quic: temporarly ignore chacha20_poly1305 for libressl
- BUILD: quic: enable early data only with >= openssl 1.1.1
- BUILD: ssl: fix the ifdef mess in ssl_sock_initial_ctx
- BUILD: quic: fix the #ifdef in ssl_quic_initial_ctx()
- MINOR: quic: add QUIC support when no client_hello_cb
- MINOR: quic: Add traces about sent or resent TX frames
- MINOR: quic: No TRACE_LEAVE() in retrieve_qc_conn_from_cid()
- BUG/MINOR: quic: Wrong connection ID to thread ID association
- BUG/MINOR: task: always reset a new tasklet's call date
- BUG/MINOR: task: make task_instant_wakeup() work on a task not a tasklet
- MINOR: task: permanently enable latency measurement on tasklets
- CLEANUP: task: rename ->call_date to ->wake_date
- BUG/MINOR: task: Fix detection of tasks profiling in tasklet_wakeup_after()
- BUG/MINOR: sched: properly account for the CPU time of dying tasks
- MINOR: sched: store the current profile entry in the thread context
- BUG/MINOR: stream/sched: take into account CPU profiling for the last call
- BUG/MINOR: signals/poller: set the poller timeout to 0 when there are signals
- BUG/MINOR: quic: Speed up the handshake completion only one time
- BUG/MINOR: quic: Trace fix about packet number space information.
- BUG/MINOR: h3: Crash when h3 trace verbosity is "minimal"
- MINOR: h3: Add the quic_conn object to h3 traces
- MINOR: h3: Missing connection argument for a TRACE_LEAVE() argument
- MINOR: h3: Send the h3 settings with others streams (requests)
- BUG/MINOR: signals/poller: ensure wakeup from signals
- CI: cirrus-ci: bump FreeBSD image to 13-1
- DEV: flags: fix usage message to reflect available options
- DEV: flags: add missing CO_FL_FDLESS connection flag
- BUG/MEDIUM: proxy: ensure pause_proxy() and resume_proxy() own PROXY_LOCK
- MINOR: listener: small API change
- MINOR: proxy/listener: support for additional PAUSED state
- BUG/MINOR: stats: fixing stat shows disabled frontend status as 'OPEN'
- CLEANUP: pollers: remove dead code in the polling loop
- BUG/MINOR: mux-h1: Increment open_streams counter when H1 stream is created
- REGTESTS: healthcheckmail: Relax matching on the healthcheck log message
- CLEANUP: listener: function comment typo in stop_listener()
- BUG/MINOR: listener: null pointer dereference suspected by coverity
- REGTESTS: log: test the log-forward feature
- BUG/MEDIUM: sink: bad init sequence on tcp sink from a ring.
- REGTESTS: ssl/log: test the log-forward with SSL
- DOC: fix TOC in starter guide for subsection 3.3.8. Statistics
- MEDIUM: quic: separate path for rx and tx with set_encryption_secrets
- BUG/MEDIUM: mux-quic: fix crash on early app-ops release
- CLEANUP: mux-quic: remove stconn usage in h3/hq
- BUG/MINOR: mux-quic: do not remotely close stream too early
- BUG/MEDIUM: server: segv when adding server with hostname from CLI
- CLEANUP: quic,ssl: fix tiny typos in C comments
- BUG/MEDIUM: captures: free() an error capture out of the proxy lock
- BUILD: fd: fix a build warning on the DWCAS
- SCRIPTS: announce-release: update some URLs to https
- BUG/MEDIUM: mux-quic: fix nb_hreq decrement
- BUG/MINOR: mux-quic: do not keep detached qcs with empty Tx buffers
- REORG: mux-quic: extract traces in a dedicated source file
- REORG: mux-quic: export HTTP related function in a dedicated file
- MINOR: mux-quic: refactor snd_buf
- BUG/MEDIUM: mux-quic: properly trim HTX buffer on snd_buf reset
- REGTESTS: ssl: adopt tests to OpenSSL-3.0.N
- REGTESTS: ssl: adopt tests to OpenSSL-3.0.N
- REGTESTS: ssl: fix grep invocation to use extended regex in ssl_generate_certificate.vtc
- BUG/MINOR: log: improper behavior when escaping log data

Assets 3

HAProxy 2.6.5

06 Sep 08:54
@philyuchkoff philyuchkoff
2.6.5
5d7b788
This commit was created on GitHub.com and signed with GitHub’s verified signature. The key has expired.
GPG key ID: 4AEE18F83AFDEB23
Expired
Learn about vigilant mode.
Compare
Choose a tag to compare
HAProxy 2.6.5

2022/09/03 : 2.6.5
- BUG/MINOR: quic: Wrong list_for_each_entry() use when building packets from qc_do_build_pkt()
- BUG/MINOR: quic: Safer QUIC frame builders
- BUILD: tcp_sample: fix build of get_tcp_info() on OpenBSD
- BUG/MINOR: resolvers: return the correct value in resolvers_finalize_config()
- BUG/MINOR: mworker: does not create the "default" resolvers in wait mode
- BUG/MINOR: tcpcheck: Disable QUICKACK only if data should be sent after connect
- REGTESTS: Fix prometheus script to perform HTTP health-checks
- MINOR: resolvers: shut the warning when "default" resolvers is implicit
- BUG/MINOR: quic: Leak in qc_release_lost_pkts() for non in flight TX packets
- BUG/MINOR: quic: Stalled connections (missing I/O handler wakeup)
- CLEANUP: quic: No more use ->rx_list MT_LIST entry point (quic_rx_packet)
- CLEANUP: quic: Remove a useless check in qc_lstnr_pkt_rcv()
- DOC: configuration: do-resolve doesn't work with a port in the string
- MINOR: sample: add the host_only and port_only converters
- BUG/MINOR: httpclient: fix resolution with port
- DOC: configuration.txt: do-resolve must use host_only to remove its port.
- BUG/MINOR: quic: Frames added to packets even if not built.
- BUG/MEDIUM: spoe: Properly update streams waiting for a ACK in async mode
- BUG/MEDIUM: peers: Add connect and server timeut to peers proxy
- BUG/MEDIUM: peers: Don't use resync timer when local resync is in progress
- BUG/MEDIUM: peers: Don't start resync on reload if local peer is not up-to-date
- BUG/MINOR: hlua: Rely on CF_EOI to detect end of message in HTTP applets
- MINOR: quic: Replace MT_LISTs by LISTs for RX packets.
- BUG/MEDIUM: applet: fix incorrect check for abnormal return condition from handler
- BUG/MINOR: applet: make the call_rate only count the no-progress calls
- MINOR: quic: Add a trace to distinguish the datagram from the packets inside
- BUG/MINOR: tcpcheck: Disable QUICKACK for default tcp-check (with no rule)
- BUG/MINOR: ssl: fix deinit of the ca-file tree
- BUG/MINOR: ssl: leak of ckch_inst_link in ckch_inst_free()
- BUG/MEDIUM: ssl: Fix a UAF when old ckch instances are released
- MINOR: quic: Revert recent QUIC commits
- BUG/MINOR: ssl: revert two wrong fixes with ckhi_link
- BUG/MEDIUM: mux-h1: do not refrain from signaling errors after end of input
- BUG/MINOR: dev/udp: properly preset the rx address size
- MINOR: connection: support HTTP/3.0 for smp_*_http_major fetch
- CLEANUP: Re-apply xalloc_size.cocci (2)
- MINOR: mux-quic: simplify decode_qcs API
- MINOR: mux-quic/h3: adjust demuxing function return values
- BUG/MINOR: h3: fix return value on decode_qcs on error
- BUG/MINOR: h3: fix incorrect BUG_ON assert on SETTINGS parsing
- BUG/MEDIUM: h3: fix SETTINGS parsing
- MINOR: mux-quic: complete BUG_ON on TX flow-control enforcing
- CLEANUP: quic: use task_new_on() for single-threaded tasks
- MINOR: qpack: reduce dependencies on other modules
- MINOR: qpack: add ABORT_NOW on unimplemented decoding
- MINOR: qpack: improve decoding function
- MINOR: quic: Add several nonce and key definitions for Retry tag
- MINOR: quic: Parse long packet version from qc_parse_hd_form()
- CLEANUP: quid: QUIC draft-28 no more supported
- MEDIUM: quic: Add QUIC v2 draft support
- MINOR: quic: Released QUIC TLS extension for QUIC v2 draft
- MEDIUM: quic: Compatible version negotiation implementation (draft-08)
- CLEANUP: quic: Remove any reference to boringssl
- BUILD: quic: Wrong HKDF label constant variable initializations
- BUG/MINOR: qpack: abort on dynamic index field line decoding
- MINOR: quic: Dump version_information transport parameter
- CLEANUP: pool/quic: remove suffix "_pool" from certain pool names
- BUG/MINOR: qpack: fix build with QPACK_DEBUG
- BUG/MINOR: qpack: abort on dynamic index field line decoding
- CLEANUP: mux-quic: adjust comment on qcs_consume()
- CLEANUP: mux-quic: do not export qc_get_ncbuf
- REORG: mux-quic: reorganize flow-control fields
- MINOR: mux-quic: implement accessor for sedesc
- MEDIUM: mux-quic: refactor streams opening
- MINOR: mux-quic: rename qcs flag FIN_RECV to SIZE_KNOWN
- MINOR: mux-quic: emit FINAL_SIZE_ERROR on invalid STREAM size
- REORG: mux-quic: rename stream initialization function
- MINOR: mux-quic: rename stream purge function
- MINOR: mux-quic: add traces on frame parsing functions
- MINOR: mux-quic: implement qcs_alert()
- MINOR: mux-quic: filter send/receive-only streams on frame parsing
- MINOR: mux-quic: do not ack STREAM frames on unrecoverable error
- MINOR: mux-quic: support stream opening via MAX_STREAM_DATA
- MINOR: mux-quic: define basic stream states
- MINOR: mux-quic: use stream states to mark as detached
- MEDIUM: mux-quic: implement RESET_STREAM emission
- MEDIUM: mux-quic: implement STOP_SENDING handling
- CLEANUP: quic: clean up include on quic_frame-t.h
- MINOR: quic: define a generic QUIC error type
- MINOR: mux-quic: support app graceful shutdown
- MINOR: mux-quic/h3: prepare CONNECTION_CLOSE on release
- MEDIUM: quic: send CONNECTION_CLOSE on released MUX
- CLEANUP: mux-quic: move qc_release()
- MINOR: mux-quic: send one last time before release
- MINOR: h3: store control stream in h3c
- MINOR: h3: implement graceful shutdown with GOAWAY
- MINOR: mux-quic: save proxy instance into qcc
- MINOR: mux-quic: use timeout server for backend conns
- MEDIUM: mux-quic: adjust timeout refresh
- MINOR: mux-quic: count in-progress requests
- MEDIUM: mux-quic: implement http-keep-alive timeout
- MINOR: h3: support HTTP request framing state
- MINOR: mux-quic: refresh timeout on frame decoding
- MINOR: mux-quic: refactor refresh timeout function
- MEDIUM: mux-quic: implement http-request timeout
- MINOR: quic: Add two new stats counters for sendto() errors
- BUG/MINOR: quic: adjust errno handling on sendto
- MINOR: quic: Replace pool_zalloc() by pool_malloc() for fake datagrams
- MINOR: quic: replace custom buf on Tx by default struct buffer
- MINOR: quic: release Tx buffer on each send
- MINOR: quic: refactor datagram commit in Tx buffer
- MINOR: quic: skip sending if no frame to send in io-cb
- BUG/MINOR: mux-quic: open stream on STOP_SENDING
- BUG/MINOR: quic: fix crash on handshake io-cb for null next enc level
- MEDIUM: quic: xprt traces rework
- MINOR: quic: Remove useless lock for RX packets
- CLEANUP: quic: Remove trailing spaces
- MINOR: mux-quic: adjust enter/leave traces
- MINOR: mux-quic: define protocol error traces
- CLEANUP: mux-quic: adjust traces level
- MINOR: mux-quic: define new traces
- BUG/MEDIUM: mux-quic: fix crash due to invalid trace arg
- BUG/MEDIUM: quic: Possible use of uninitialized variable in qc_lstnr_params_init()
- BUG/MEDIUM: quic: Wrong use of <token_odcid> in qc_lsntr_pkt_rcv()
- BUG/MINOR: mux-quic: fix crash with traces in qc_detach()
- BUG/MINOR: quic: MIssing check when building TX packets
- BUG/MINOR: quic: Wrong status returned by qc_pkt_decrypt()
- MINOR: quic: adjust quic_frame flag manipulation
- MINOR: h3: report error on control stream close
- MINOR: qpack: report error on enc/dec stream close
- BUG/MEDIUM: mux-quic: reject uni stream ID exceeding flow control
- MINOR: mux-quic: adjust traces on stream init
- MINOR: mux-quic: add missing args on some traces
- MINOR: quic: refactor application send
- BUG/MINOR: quic: do not notify MUX on frame retransmit
- BUG/MINOR: quic: Missing initializations for ducplicated frames.
- BUG/MEDIUM: quic: fix crash on MUX send notification
- REORG: h2: extract cookies concat function in http_htx
- REGTESTS: add test for HTTP/2 cookies concatenation
- MEDIUM: h3: concatenate multiple cookie headers
- BUG/MINOR: quic: Possible crashes when dereferencing ->pkt quic_frame struct member
- MINOR: quic: Add frame addresses to QUIC_EV_CONN_PRSAFRM event traces
- BUG/MINOR: quic: Wrong splitted duplicated frames handling
- MINOR: quic: Add the QUIC connection to mux traces
- MINOR: quic: Trace fix in qc_release_frm()
- MINOR: quic: Add reusable cipher contexts for header protection
- BUG/MINOR: mux-quic: Fix memleak on QUIC stream buffer for unacknowledged data
- BUG/MINOR: quix: Memleak for non in flight TX packets
- BUG/MINOR: quic: Wrong list_for_each_entry() use when building packets from qc_do_build_pkt()
- BUG/MINOR: quic: Safer QUIC frame builders
- MINOR: quic: Replace MT_LISTs by LISTs for RX packets.
- Revert "BUG/MINOR: quix: Memleak for non in flight TX packets"
- BUG/MINOR: quic: Leak in qc_release_lost_pkts() for non in flight TX packets
- BUG/MINOR: quic: Stalled connections (missing I/O handler wakeup)
- CLEANUP: quic: No more use ->rx_list MT_LIST entry point (quic_rx_packet)
- CLEANUP: quic: Remove a useless check in qc_lstnr_pkt_rcv()
- MINOR: quic: Remove useless traces about references to TX packets
- Revert "MINOR: quic: Remove useless traces about references to TX packets"
- BUG/MINOR: quic: Null packet dereferencing from qc_dup_pkt_frms() trace
- BUG/MINOR: quic: Frames added to packets even if not built.
- BUG/MINOR: quic: Missing header protection AES cipher context initialisations (draft-v2)
- MINOR: quic: Add a trace to distinguish the datagram from the packets inside
- MINOR: quic: Move traces about RX/TX bytes from QUIC_EV_CONN_PRSAFRM event
- BUG/MINOR: quic: TX frames memleak
- B...

Read more
Assets 3

HAProxy 2.6.4

24 Aug 08:59
@philyuchkoff philyuchkoff
2.6.4
a154c94
This commit was created on GitHub.com and signed with GitHub’s verified signature. The key has expired.
GPG key ID: 4AEE18F83AFDEB23
Expired
Learn about vigilant mode.
Compare
Choose a tag to compare
HAProxy 2.6.4 
bump to 2.6.4

bump to 2.6.4
Assets 3