Skip to content

Latest commit

 

History

History
5782 lines (4214 loc) · 215 KB

changes.rst

File metadata and controls

5782 lines (4214 loc) · 215 KB

About this document

This document contains notes from the Varnish developers about ongoing development and past versions:

  • Developers will note here changes which they consider particularly relevant or otherwise noteworthy
  • This document is not necessarily up-to-date with the code
  • It serves as a basis for release managers and others involved in release documentation
  • It is not rendered as part of the official documentation and thus only available in ReStructuredText (rst) format in the source repository and -distribution.

Official information about changes in releases and advise on the upgrade process can be found in the doc/sphinx/whats-new/ directory, also available in HTML format at http://varnish-cache.org/docs/trunk/whats-new/index.html and via individual releases. These documents are updated as part of the release process.

Varnish Cache 7.1.2 (2022-11-08)

  • Attempts to mark well-known headers like Content-Length and Host hop-by-hop through a Connection-header will now cause a 400 "Bad request" response. (VSV00010)
  • Apply the same character set rules to HTTP/2 pseudo-headers as is done on the corresponding HTTP/1 request-line field parsing. (VSV00011)

Varnish Cache 7.1.1 (2022-08-09)

  • Do not filter pseudo-headers as regular headers (VSV00009 / 3830).

Varnish Cache 7.1.0 (2022-03-15)

  • The cookie.format_rfc1123() function was renamed to cookie.format_date(), and the former was retained as a deprecated alias.

  • The VCC file $Alias stanza has been added to support vmod alias functions/methods.

  • VCC now supports alias symbols.

  • There is a new experimental parameter that is identical to the feature parameter, except that it guards features that may not be considered complete or stable. An experimental feature may be promoted to a regular feature or dropped without being considered a breaking change.

  • ESI includes now support the onerror="continue" attribute of <esi:include/> tags.

    The +esi_include_onerror feature flag controls if the attribute is honored: If enabled, failure of an include stops ESI processing unless the onerror="continue" attribute was set for it.

    The feature flag is off by default, preserving the existing behavior to continue ESI processing despite include failures.

  • The deprecated sub-argument of the -l option was removed, it is now a shorthand for the vsl_space parameter only.

  • The -T, -M and -P command line options can be used multiple times, instead of retaining only the last occurrence.

  • The debug.xid CLI command has been extended to also set and query the VXID cache chunk size.

  • The vtc.barrier_sync() VMOD function now also works in vcl_init

  • The abort command in the logexpect facility of varnishtest can now be used to trigger an abort() to help debugging the vsl client library code.

  • The vtc.vsl() and vtc.vsl_replay() functions have been added to the vtc vmod to generate arbitraty log lines for testing.

  • The limit of the vsl_reclen parameter has been corrected.

  • Varnish now closes client connections correctly when request body processing failed.

  • Filter init methods of types vdp_init_f and vfp_init_f gained a VRT_CTX argument.

  • The param.set CLI command accepts a -j option. In this case the JSON output is the same as param.show -j of the updated parameter.

  • A new cc_warnings parameter contains a subset of the compiler flags extracted from cc_command, which in turn grew new expansions:

    • %d: the raw default cc_command
    • %D: the expanded default cc_command
    • %w: the cc_warnings parameter
    • %n: the working directory (-n option)
  • For return(pipe), the backend transactions now emit a Start timestamp and both client and backend transactions emit the Process timestamp.

  • http_IsHdr() is now exposed as part of the strict ABI for VMODs.

  • The req.transport VCL variable has been added, which returns "HTTP/1" or "HTTP/2" as appropriate.

  • The vtc.workspace_reserve() VMOD function now zeroes memory.

  • Parameter aliases have been added to facilitate parameter deprecation.

  • Two bugs in the catflap facility have been fixed which could trigger panics due to the state pointer not being cleared. (3752, 3755)

  • It is now possible to assign to a BODY variable either a STRING type or a BLOB.

  • When the vcl.show CLI command is invoked without a parameter, it now defaults to the active VCL.

  • The reporting of logexpect events in varnishtest was rearranged for readability.

  • Workspace debugging as enabled by the +workspace debug flag is now logged with the corresponding transaction.

  • VMODs should now register and unregister fetch and delivery filters with VRT_AddFilter() and VRT_RemoveFilter().

  • HSH_purge() has been rewritten to properly handle concurrent purges on the same object head.

  • VSL_WriteOpen(), varnishlog and varnishncsa have been changed to support writing to stdout with -w - when not in daemon mode.

  • In VSL, the case has been optimized that the space remaining in a buffer is close to vsl_reclen.

  • std.ip() has been changed to always return a valid (bogo ip) fallback if the fallback argument is invalid.

  • New VCL variables {req,req_top,resp,bereq,beresp,obj}.time have been added to track when the respective object was born.

  • VRT_StaticDirector() has been added to mark directors with VCL lifetime, to avoid the overhead of reference counting.

  • Dynamic backends are now reference-counted, and VMOD authors must explicitly track assignments with VRT_Assign_Backend().

  • Varnish will use libunwind by default when available at configure time, the --without-unwind configure flag can prevent this and fall back to libexecinfo to generate backtraces.

  • A new debug.shutdown.delay command is available in the Varnish CLI for testing purposes.

  • New utility macros vmin[_t], vmax[_t] and vlimit[_t] available in vdef.h.

  • The macros TOSTRAND(s) and TOSTRANDS(x, ...) have been added to create a struct strands * (intended to be used as a VCL_STANDS) from a single string s or x strings, respectively.

    Note that the macros create a compund literal whose scope is the enclosing block. Their value must thus only be used within the same block (it can be passed to called functions) and must not be returned or referenced for use outside the enclosing block.

    As before, VRT_AllocStrandsWS() or VRT_StrandsWS() must be used to create VCL_STRANDS with task scope for use outside the current block.

  • A bug in the backend connection handling code has been fixed which could trigger an unwarranted assertion failure (3664).

  • std.strftime() has been added.

  • Lck_CondWait() has lost the timeout argument and now waits forever. Lck_CondWaitUntil() and Lck_CondWaitTimeout() have been added to wait on a condition variable until some point in time or until a timeout expires, respectively.

  • All mutex locks in core code have been given the PTHREAD_MUTEX_ERRORCHECK attribute.

  • Host and Content-Length header checks have been moved to protocol independent code and thus implicitly extended to HTTP2.

  • A potential race on busy objects has been closed.

  • Use of the ObjGetSpace() for synthetic objects has been fixed to support stevedores returning less space than requested (as permitted by the API).

  • The FINI_OBJ() macro has been added to standardize the common pattern of zeroing a mini object and clearing a pointer to it.

  • The deprecated vsm_space parameter was removed.

  • The varnishtest err_shell commando has been removed after having been deprecated since release 5.1.0.

Varnish Cache 7.0.1 (2021-11-23)

  • An assertion failure has been fixed which triggered when matching bans on non-existing headers (3706).

  • A VCL compilation issue has been fixed when calling builtin functions directly (3719).

  • It is now again possible to concatenate static strings to produce combined strings of type VCL_REGEX (3721).

  • An issue has been fixed that would cause the VCL dependency checker to incorrectly flag VCLs as dependants of other VCLs when using labels, preventing them from being discarded (3734).

  • VCLs loaded through CLI or the use of startup CLI scripts (-I option to varnishd) will, when no active VCL has previously been set, no longer automatically set the first VCL loaded to the active VCL. This prevents situations where it was possible to make a cold VCL the active VCL (3737).

  • There is now a configure build-time requirement on working SO_RCVTIMEO and SO_SNDTIMEO socket options.

    We no longer check whether they effectively work, so the SO_RCVTIMEO_WORKS feature check has been removed from varnishtest.

  • The socket option inheritance checks now correctly identifies situations where UDS and TCP listening sockets behave differently, and are no longer subject to the order the inheritance checks happens to be executed (3732).

  • IPv6 listen endpoint address strings are now printed using brackets.

Varnish Cache 7.0.0 (2021-09-15)

  • Added convenience vrt_null_strands and vrt_null_blob constants.
  • New VCL flag syntax foo <name> +bar -baz { ... }, starting with ACL flags log, pedantic and table.
  • ACLs no longer produce VSL VCL_acl records by default, this must be explicitly enabled with acl <name> +log { ... }.
  • ACLs can be compiled into a table format, which runs a little bit slower, but compiles much faster for large ACLs.
  • ACLs default to pedantic which is now a per-ACL feature flag.
  • New glob flag for VCL include (3193).
  • The maximum number of headers for a request or a response in varnishtest was increased to 64.
  • The backend lock class from struct backend was moved to struct director and renamed accordingly.
  • New %{sec,msec,usec,msec_frac,usec_frac}t formats in varnishncsa.
  • vstrerror() was renamed to VAS_errtxt().
  • New varnishncsa -j option to format for JSON (3595).
  • To skip a test in the presence of a feature instead of it absence, a new feature !<name> syntax was added to varnishtest.
  • Accept-Ranges headers are no longer generated for passed objects, but must either come from the backend or be created in vcl_deliver{} (3251).
  • The busyobj do_pass flag is gone in favor of uncacheable.
  • The objcore flag ABANDON was renamed to CANCEL.
  • 'Scientific Notation' numbers like 6.62607004e-34 are no longer supported in VCL. (The preparation of RFC8941 made it clear that there are neither reason nor any need to support scientific notation in context of HTTP headers.
  • New tunnel command in varnishtest to gain the ability to shape traffic between two peers without having to change their implementation.
  • Global VCL symbols can be defined after use (3555).
  • New req.hash_ignore_vary flag in VCL.
  • varnishtest can register macros backed by functions, which is the case for ${date} and the brand new ${string,<action>[,<args>...]} macro (3627).
  • Migration to pcre2 with extensive changes to the VRE API, parameters renamed to pcre2_match_limit and pcre2_depth_limit, and the addition of a new pcre2_jit_compilation parameter. The varnishtest undocumented feature check pcre_jit is gone (3635). This change is transparent at the VRT layer and only affects direct VRE consumers.
  • New inverted mode in vtc-bisect.sh to find the opposite of regressions.
  • The default values for workspace_client, workspace_backend and vsl_buffer on 64bit systems were increased to respectively 96kB, 96kB and 16kB (3648).
  • The deprecated WS_Inside() was replaced with WS_Allocated() and WS_Front() was removed.
  • VCL header names can be quoted, for example req.http."valid.name".
  • Added VRT_UnsetHdr() and removed vrt_magic_string_unset.
  • Removed depcreated STRING_LIST in favor of STRANDS. All functions that previously took a STRING_LIST had const char *, ... arguments, they now take const char *, VCL_STRANDS arguments. The magic cookie vrt_magic_string_end is gone and VRT_CollectStrands() was renamed to VRT_STRANDS_string().
  • The default value for thread_pool_stack was increased to 80kB for 64bit systems and 64kB for 32bit to accomodate the PCRE2 jit compiler.
  • Removed deprecated VSB_new() and VSB_delete(), which resulted in a major soname bump of libvarnishapi to 3.0.0, instead of the 2.7.0 version initially planned.
  • The default workdir (the default -n argument) is now /var/run instead of ${prefix}/var (3672). Packages usually configure this to match local customs.
  • The minimum session_workspace is now 384 bytes
  • Emit minimal 500 response if vcl_synth fails (3441).
  • New --enable-coverage configure flag, and renovated sanitizer setup.
  • New feature checks in varnishtest: sanitizer, asan, lsan, msan, ubsan and coverage.
  • New --enable-workspace-emulator configure flag to swap the worksapce implementation with a sparse one ideal for fuzzing (3644).
  • Strict comparison of items from the HTTP grammar (3650).
  • New request body h2 window handling using a buffer to avoid stalling an entire h2 session until the relevant stream starts consuming DATA frames. As a result the minimum value for h2_initial_window_size is now 65535B to avoid running out of buffer with a negative window that was simpler to not tolerate, and a new h2_rxbuf_storage parameter was added (3661).
  • SLT_Hit now includes streaming progress when relevant.
  • The http_range_support adds consistency checks for pass transactions (3673).
  • New VNUM_uint() and VNUM_hex() functions geared at token parsing.

Varnish Cache 6.6.0 (2021-03-15)

  • Body bytes accounting has been fixed to always represent the number of bodybytes moved on the wire, exclusive of protocol-specific overhead like HTTP/1 chunked encoding or HTTP/2 framing.

    This change affects counters like

    • MAIN.s_req_bodybytes,
    • MAIN.s_resp_bodybytes,
    • VBE.*.*.bereq_bodybytes and
    • VBE.*.*.beresp_bodybytes

    as well as the VSL records

    • ReqAcct,
    • PipeAcct and
    • BereqAcct.
  • VdpAcct log records have been added to output delivery filter (VDP) accounting details analogous to the existing VfpAcct. Both tags are masked by default.

  • Many filter (VDP/VFP) related signatures have been changed:

    • vdp_init_f
    • vdp_fini_f
    • vdp_bytes_f
    • VDP_bytes()

    as well as struct vdp_entry and struct vdp_ctx

    VFP_Push() and VDP_Push() are no longer intended for VMOD use and have been removed from the API.

  • The VDP code is now more strict about VDP_END, which must be sent down the filter chain at most once.

  • Core code has been changed to ensure for most cases that VDP_END gets signaled with the object's last bytes, rather than with an extra zero-data call.

  • Reason phrases for more HTTP Status codes have been added to core code.

  • Connection pooling behavior has been improved with respect to Connection: close (3400, 3405).

  • Handling of the Keep-Alive HTTP header as hop-by-hop has been fixed (3417).

  • Handling of hop-by-hop headers has been fixed for HTTP/2 (3416).

  • The stevedore API has been changed:

    • OBJ_ITER_FINAL has been renamed to OBJ_ITER_END
    • ObjExtend() signature has been changed to also cover the ObjTrimStore() use case and
    • ObjTrimStore() has been removed.
  • The verrno.h header file has been removed and merged into vas.h

  • The connection close reason has been fixed to properly report SC_RESP_CLOSE / resp_close where previously only SC_REQ_CLOSE / req_close was reported.

  • Unless the new validate_headers feature is disabled, all newly set headers are now validated to contain only characters allowed by RFC7230. A (runtime) VCL failure is triggered if not (3407).

  • VRT_ValidHdr() has been added for vmods to conduct the same check as the validate_headers feature, for example when headers are set by vmods using the cache_http.c Functions like http_ForceHeader() from untrusted input.

  • The shard director now supports reconfiguration (adding/removing backends) of several instances without any special ordering requirement.

  • Calling the shard director .reconfigure() method is now optional. If not called explicitly, any shard director backend changes are applied at the end of the current task.

  • Shard director Error log messages with (notice) have been turned into Notice log messages.

  • All shard Error and Notice messages now use the unified prefix vmod_directors: shard %s.

  • In the shard director, use of parameter sets with resolve=NOW has been fixed.

  • Performance of log-processing tools like varnishlog has been improved by using mmap() if possible when reading from log files.

  • An assertion failure has been fixed which could be triggered when a request body was used with restarts (3433, 3434).

  • A signal handling bug in the Varnish Utility API (VUT) has been fixed which caused log-processing utilities to perform poorly after a signal had been received (3436).

  • The client.identity variable is now accessible on the backend side.

  • Client and backend finite state machine internals (enum req_step and enum fetch_step) have been removed from cache.h.

  • Three new Timestamp VSL records have been added to backend request processing:

    • The Process timestamp after return(deliver) or return(pass(x)) from vcl_backend_response,
    • the Fetch timestamp before a backend connection is requested and
    • the Connected timestamp when a connection to a regular backend (VBE) is established, or when a recycled connection was selected for reuse.
  • The VRT backend interface has been changed:

    • struct vrt_endpoint has been added describing a UDS or TCP endpoint for a backend to connect to.

      Endpoints also support a preamble to be sent with every new connection.

    • This structure needs to be passed via the endpoint member of struct vrt_backend when creating backends with VRT_new_backend() or VRT_new_backend_clustered().

  • VRT_Endpoint_Clone() has been added to facilitate working with endpoints.

  • The variables bereq.is_hitpass and bereq.is_hitmiss have been added to the backend side matching req.is_hitpass and req.is_hitmiss on the client side.

  • The set_ip_tos() function from the bundled std vmod now sets the IPv6 Taffic Class (TCLASS) when used on an IPv6 connection.

  • A bug has been fixed which could lead to varnish failing to start after updates due to outdated content of the vmod_cache directory (3243).

  • An issue has been addressed where using VCL with a high number of literal strings could lead to prolonged c-compiler runtimes since Varnish-Cache 6.3 (3392).

  • The MAIN.esi_req counter has been added as a statistic of the number of ESI sub requests created.

  • The vcl.discard CLI command can now be used to discard more than one VCL with a single command, which succeeds only if all given VCLs could be discarded (atomic behavior).

  • The vcl.discard CLI command now supports glob patterns for vcl names.

  • The vcl.deps CLI command has been added to output dependencies between VCLs (because of labels and return(vcl) statements).

  • The FetchError log message Timed out reusing backend connection has been renamed to first byte timeout (reused connection) to clarify that it is emit for effectively the same reason as first byte timeout.

  • Long strings in VCL can now also be denoted using """ ... """ in addition to the existing {" ... "}.

  • The pdiff() function declaration has been moved from cache.h to vas.h.

  • The interface for private pointers in VMODs has been changed:

    • The free pointer in struct vmod_priv has been replaced with a pointer to struct vmod_priv_methods, to where the pointer to the former free callback has been moved as the fini member.
    • The former free callback type has been renamed from vmod_priv_free_f to vmod_priv_fini_f and as gained a VRT_CTX argument
  • The MAIN.s_bgfetch counter has been added as a statistic on the number of background fetches issues.

  • Various improvements have been made to the varnishtest facility:

    • the loop keyword now works everywhere
    • HTTP/2 logging has been improved
    • Default HTTP/2 parameters have been tweaked (3442)
    • Varnish listen address information is now available by default in the macros ${vNAME_addr}, ${vNAME_port} and ${vNAME_sock}. Macros by the names ${vNAME_SOCKET_*} contain the address information for each listen socket as created with the -a argument to varnishd.
    • Synchronization points for counters (VSCs) have been added as varnish vNAME -expect PATTERN OP PATTERN
    • varnishtest now also works with IPv6 setups
    • feature ipv4 and feature ipv6 can be used to control execution of test cases which require one or the other protocol.
    • haproxy arguments can now be externally provided through the HAPROXY_ARGS variable.
    • logexpect now supports alternatives with the expect ? ... syntax and negative matches with the fail add ... and fail clear syntax.
    • The overall logexpect match expectation can now be inverted using the -err argument.
    • Numeric comparisons for HTTP headers have been added: -lt, -le, -eq, -ne, -ge, -gt
    • rxdata -some has been fixed.
  • The ban_cutoff parameter now refers to the overall length of the ban list, including completed bans, where before only non-completed ("active") bans were counted towards ban_cutoff.

  • A race in the round-robin director has been fixed which could lead to backend requests failing when backends in the director were sick (3473).

  • A race in the probe management has been fixed which could lead to a panic when VCLs changed temperature in general and when vcl.discard was used in particular (3362).

  • A bug has been fixed which lead to counters (VSCs) of backends from cold VCLs being presented (3358).

  • A bug in varnishncsa has been fixed which could lead to it crashing when header fields were referenced which did not exist in the processed logs (3485).

  • For failing PROXY connections, SessClose now provides more detailed information on the cause of the failure.

  • The std.ban() and std.ban_error() functions have been added to the std vmod, allowing VCL to check for ban errors.

  • Use of the ban() built-in VCL command is now deprecated.

  • The source tree has been reorganized with all vmods now moved to a single vmod directory.

  • vmodtool.py has been improved to simplify Makefiles when many VMODs are built in a single directory.

  • The VSA_getsockname() and VSA_getpeername() functions have been added to get address information of file descriptors.

  • varnishd now supports the -b none argument to start with only the builtin VCL and no backend at all (3067).

  • Some corner cases of IPv6 support in varnishd have been fixed.

  • vcl_pipe {}: return(synth) and vmod private state support have been fixed. Trying to use std.rollback() from vcl_pipe now results in VCL failure (3329, 3330, 3385).

  • The bereq.xid variable is now also available in vcl_pipe {}

  • The VRT_priv_task_get() and VRT_priv_top_get() functions have been added to VRT to allow vmods to retrieve existing PRIV_TASK / PRIV_TOP private pointers without creating any.

  • varnishstat now avoids display errors of gauges which previously could underflow to negative values, being displayed as extremely high positive values.

    The -r option and the r key binding have been added to return to the previous behavior. When raw mode is active in varnishstat interactive (curses) mode, the word RAW is displayed at the right hand side in the lower status line.

  • The VSC_IsRaw() function has been added to libvarnishapi to query if a gauge is being returned raw or adjusted.

  • The busy_stats_rate feature flag has been added to ensure statistics updates (as configured using the thread_stats_rate parameter) even in scenarios where worker threads never run out of tasks and may remain forever busy.

  • ExpKill log (VSL) records are now masked by default. See the vsl_mask parameter.

  • A bug has been fixed which could lead to panics when ESI was used with ESI-aware VMODs were used because PRIV_TOP vmod private state was created on a wrong workspace (3496).

  • The VCL_REGEX data type is now supported for VMODs, allowing them to use regular expression literals checked and compiled by the VCL compiler infrastructure.

    Consequently, the VRT_re_init() and VRT_re_fini() functions have been removed, because they are not required and their use was probably wrong anyway.

  • The filter_re, keep_re and get_re functions from the bundled cookie vmod have been changed to take the VCL_REGEX type. This implies that their regular expression arguments now need to be literal, whereas before they could be taken from some other variable or function returning VCL_STRING.

    Note that these functions never actually handled _dynamic_ regexen, the string passed with the first call was compiled to a regex, which was then used for the lifetime of the respective VCL.

  • The %{X}T format has been added to varnishncsa, which generalizes %D and %T, but also support milliseconds (ms) output.

  • Error handling has been fixed when vmod functions/methods with PRIV_TASK arguments were wrongly called from the backend side (3498).

  • The varnishncsa -E argument to show ESI requests has been changed to imply -c (client mode).

  • Error handling and performance of the VSL (shared log) client code in libvarnishapi have been improved (3501).

  • varnishlog now supports the -u option to write to a file specified with -w unbuffered.

  • Comparisons of numbers in VSL queries have been improved to match better the behavior which is likely expected by users who have not read the documentation in all detail (3463).

  • A bug in the ESI code has been fixed which could trigger a panic when no storage space was available (3502).

  • The resp.proto variable is now read-only as it should have been for long.

  • VTCP_open() has been fixed to try all possible addresses from the resolver before giving up (3509). This bug could cause confusing error messages (3510).

  • VRT_synth_blob() and VRT_synth_strands() have been added. The latter should now be used instead of VRT_synth_page().

  • The VCL_SUB data type is now supported for VMODs to save references to subroutines to be called later using VRT_call(). Calls from a wrong context (e.g. calling a subroutine accessing req from the backend side) and recursive calls fail the VCL.

    See VMOD - Varnish Modules in the Reference Manual.

VMOD functions can also return the VCL_SUB data type for calls from VCL as in call vmod.returning_sub();.
  • VRT_check_call() can be used to check if a VRT_call() would succeed in order to avoid the potential VCL failure in case it would not.

    It returns NULL if VRT_call() would make the call or an error string why not.

  • VRT_handled() has been added, which is now to be used instead of access to the handling member of VRT_CTX.

  • The session close reason logging/statistics for HTTP/2 connections have been improved (3393)

  • varnishadm now has the -p option to disable readline support for use in scripts and as a generic CLI connector.

  • A log (VSL) Notice record is now emitted whenever more than vary_notice variants are encountered in the cache for a specific hash. The new vary_notice parameter defaults to 10.

  • The modulus operator % has been added to VCL.

  • return(retry) from vcl_backend_error {} now correctly resets beresp.status and beresp.reason (3525).

  • Handling of the gunzip filter with ESI has been fixed (3529).

  • A bug where the threads_limited counter could be increased without reason has been fixed (3531).

  • All varnish tools using the VUT library utilities for argument processing now support the --optstring argument to return a string suitable for use with getopts from shell scripts.

  • An issue with high CPU consumption when the maximum number of threads was reached has been fixed (2942, 3531)

  • HTTP/2 streams are now reset for filter chain (VDP) errors.

  • The task priority of incoming connections has been fixed.

  • An issue has been addressed where the watchdog facility could misfire when tasks are queued.

  • The builtin VCL has been reworked: VCL code has been split into small subroutines, which custom VCL can prepend custom code to.

    This allows for better integration of custom VCL and the built-in VCL and better reuse.

Varnish Cache 6.5.1 (2020-09-25)

  • Bump the VRT_MAJOR_VERSION from 11 to 12, to reflect the API changes that went into the 6.5.0 release. This step was forgotten for that release.

Varnish Cache 6.5.0 (2020-09-15)

[ABI] marks potentially breaking changes to binary compatibility.

[API] marks potentially breaking changes to source compatibility (implies [ABI]).

  • varnishstat now has a help screen, available via the h key in curses mode

  • The initial varnishstat verbosity has been changed to ensure any fields specified by the -f argument are visible (2990)

  • Fixed handling of out-of-workspace conditions after vcl_backend_response and vcl_deliver during filter initialization (3253, 3241)

  • PRIV_TOP is now thread-safe to support parallel ESI implementations

  • varnishstat JSON format (-j option) has been changed:

    • on the top level, a version identifier has been introduced, which will be used to mark future breaking changes to the JSON formatting. It will not be used to mark changes to the counters themselves.

      The new version is 1.

    • All counters have been moved down one level to the counters object.

  • VSA_BuildFAP() has been added as a convenience function to build a struct suckaddr

  • Depending on the setting of the new vcc_acl_pedantic parameter, VCC now either emits a warning or fails if network numbers used in ACLs do not have an all-zero host part.

    For vcc_acl_pedantic off, the host part is fixed to all-zero and that fact logged with the ACL VSL tag.

  • Fixed error handling during object creation after vcl_backend_response (3273)

  • obj.can_esi has been added to identify if the response can be ESI processed (3002)

  • resp.filters now contains a correct value when the auto-determined filter list is read (3002)

  • It is now a VCL (runtime) error to write to resp.do_* and beresp.do_* fields which determine the filter list after setting resp.filters and beresp.filters, respectively

  • Behavior for 304 responses was changed not to update the Content-Encoding response header of the stored object.

  • [ABI] struct vfp_entry and struct vdp_ctx changed

  • [API] VSB_QUOTE_GLOB, which was prematurely added to 6.4, has been removed again.

  • [API] Add VDP_END action for delivery processors, which has to be sent with or after the last buffer.

  • Respect the administrative health for "real" (VBE) backends (3299)

  • Fixed handling of illegal (internal) four-digit response codes and with HTTP/2 (3301)

  • Fixed backend connection pooling of closed connections (3266)

  • Added the .resolve method for the BACKEND type to resolve (determine the "real" backend) a director.

  • Improved vmodtool support for out-of-tree builds

  • Added VJ_unlink() and VJ_rmdir() jail functions

  • Fixed workdir cleanup (3307)

  • Added JAIL_MASTER_SYSTEM jail level

  • The Varnish Jail (least privileges) code for Solaris has been largely rewritten. It now reduces privileges even further and thus should improve the security of Varnish on Solaris even more.

  • The Varnish Jail for Solaris now accepts an optional worker= argument which allows to extend the effective privilege set of the worker process.

  • The shard director and shard director parameter objects should now work in vcl_pipe {} like in vcl_backend_* {} subs.

  • For a failure in vcl_recv {}, the VCL state engine now returns right after return from that subroutine. (3303)

  • The shard director now supports weights by scaling the number of replicas of each backend on the consistent hashing ring

  • Fixed a race in the cache expiry code which could lead to a panic (2999)

  • Added VRE_quote() to facilitate building literal string matches with regular expressions.

  • The BackendReuse VSL (log) tag has been retired and replaced with BackendClose, which has been changed to contain either close or recycle to signify whether the connection was closed or returned to a pool for later reuse.

  • BackendOpen VSL entries have been changed to contain reuse or connect in the last column to signify whether the connection was reused from a pool or newly opened.

  • std.rollback() of backend requests with return(retry) has been fixed (3353)

  • FetchError logs now differentiate between No backend and "none resolved" as Director %s returned no backend

  • Added VRT_DirectorResolve() to resolve a director

  • Improved VCC handling of symbols and, in particular, type methods

  • Fixed use of the shard director from vcl_pipe {} (3361)

  • Handle recursive use of vcl include (3360)

  • VCL: Added native support for BLOBs in structured fields notation (:<base64>:)

  • Fixed handling of the Connection: header when multiple instances of the named headers existed.

  • Added support for naming PRIV_ arguments to vmod methods/functions

  • The varnish binary heap implementation has been renamed to use the VBH_ prefix, complemented with a destructor and added to header files for use with vmods (via include of vbh.h).

  • A bug in vmod_blob for base64 decoding with a length argument and non-padding decoding has been fixed (3378)

  • Added VRT_BLOB_string() to vrt.h

  • VSB support for dynamic vs. static allocations has been changed:

    For dynamic allocations use:

    VSB_new_auto() + VSB_destroy()
    

    For preexisting buffers use:

    VSB_init() + VSB_fini()
    

    VSB_new() + VSB_delete() are now deprecated.

  • std.blobread() has been added

  • New MAIN.beresp_uncacheable and MAIN.beresp_shortlived counters have been added.

  • The I, X and R arguments have been added to the VSC API and varnishstat for inclusion, exclusion and required glob patterns on the statistic field names. (3394)

    • Added the missing VSC_OPT_f macro and the new VSC_OPT_I and VSC_OPT_X to libvarnishapi headers.
    • Added -I and -X options to varnishstat.
  • Overhaul of the workspace API

    • The previously deprecated WS_Reserve() has been removed
    • The signature of WS_Printf() has been changed to return const char * instead of void * (we do not consider this a breaking change).
    • Add WS_ReservationSize()
    • WS_Front() is now deprecated and replaced by WS_Reservation()
  • Handle a workspace overflow in VRY_Validate() (3319)

  • Fixed the backend probe .timeout handling for "dripping" responses (3402)

  • New VARNISH_VMODS_GENERATED() macro in varnish.m4.

  • Prevent pooling of a Connection: close backend response.

    When this header is present, be it sent by the backend or added in vcl_backend_response {}, varnish closes the connection after the current request. (3400)

Varnish Cache 6.4.0 (2020-03-16)