Summary

2021/10/08 : 2.1r1 (1.0.0-239.715) - BUG/MEDIUM: http-ana: Clear request analyzers when applying redirect rule - BUG/MEDIUM: filters: Fix a typo when a filter is attached blocking the release - BUG/MINOR: filters: Set right FLT_END analyser depending on channel - BUG/MINOR: filters: Always set FLT_END analyser when CF_FLT_ANALYZE flag is set - BUG/MEDIUM: http-ana: Reset channels analysers when returning an error - BUG/MINOR: stream: Don't release a stream if FLT_END is still registered - BUG/MINOR: tcp-rules: Stop content rules eval on read error and end-of-input - BUG/MAJOR: lua: use task_wakeup() to properly run a task once - BUG/MEDIUM: lua: fix wakeup condition from sleep() - DOC: peers: fix doc "enable" statement on "peers" sections - BUG/MINOR: mux-h1/mux-fcgi: Sanitize TE header to only send "trailers" - BUG/MEDIUM: stream: Stop waiting for more data if SI is blocked on RXBLK_ROOM - BUG/MEDIUM: stream-int: Notify stream that the mux wants more room to xfer data - BUG/MEDIUM: mux-h1: Adjust conditions to ask more space in the channel buffer - BUG/MINOR: http-ana: increment internal_errors counter on response error - BUG/MINOR: h1-htx: Fix a typo when request parser is reset - BUG/MINOR: server: allow 'enable health' only if check configured - BUG/MINOR: cli/payload: do not search for args inside payload - DOC: management: certificate files must be sanitized before injection - BUG/MINOR: compat: make sure __WORDSIZE is always defined - BUG/MEDIUM: stream-int: Don't block SI on a channel policy if EOI is reached - BUG/MINOR: systemd: ExecStartPre must use -Ws - MINOR: action: Use a generic function to check validity of an action rule list - Revert "BUG/MINOR: stream-int: Don't block reads in si_update_rx() if chn may receive" 2021/09/09 : 2.1r1 (1.0.0-239.691) - DOC/MINOR: fix typo in management document - MINOR: mux-h1/proxy: Add a proxy option to disable clear h2 upgrade - DOC: config: Fix 'http-response send-spoe-group' documentation - DOC: Improve the lua documentation - BUG/MEDIUM: spoe: Fix policy to close applets when SPOE connections are queued - BUG/MEDIUM: spoe: Create a SPOE applet if necessary when the last one is released - MINOR: spoe: Add a pointer on the filter config in the spoe_agent structure - BUG/MINOR: server: update last_change on maint->ready transitions too - BUG/MINOR: connection: Add missing error labels to conn_err_code_str - BUG/MINOR: mux-h2: Obey dontlognull option during the preface - BUG/MINOR: systemd: must check the configuration using -Ws - BUG/MINOR: mworker: do not export HAPROXY_MWORKER_REEXEC across programs - BUG/MEDIUM: tcp-check: Do not dereference inexisting connection - BUG/MINOR: server: Forbid to set fqdn on the CLI if SRV resolution is enabled - BUG/MINOR: server-state: load SRV resolution only if params match the config - CLEANUP: pools: remove now unused seq and pool_free_list - BUG/MAJOR: pools: fix possible race with free() in the lockless variant - MEDIUM: pools: use a single pool_gc() function for locked and lockless - MINOR: pools: do not maintain the lock during pool_flush() - BUG/MINOR: pools: fix a possible memory leak in the lockless pool_flush() - MINOR: pools/debug: slightly relax DEBUG_DONT_SHARE_POOLS - BUG/MINOR: peers: fix data_type bit computation more than 32 data_types - MINOR: resolvers: Reset server IP on error in resolv_get_ip_from_response() - BUG/MINOR: resolvers: Reset server IP when no ip is found in the response - DOC: config: use CREATE USER for mysql-check - DOC: peers: fix the protocol tag name in the doc - DOC: stick-table: add missing documentation about gpt0 stored type - BUG/MINOR: stick-table: fix several printf sign errors dumping tables - BUG/MINOR: cli: fix server name output in "show fd" - BUG/MINOR: server/cli: Fix locking in function processing "set server" command - BUG/MEDIUM: server/cli: Fix ABBA deadlock when fqdn is set from the CLI - BUG/MINOR: resolvers: answser item list was randomly purged or errors - DOC: config: Add missing actions in "tcp-request session" documentation - BUG/MINOR: mux-fcgi: Expose SERVER_SOFTWARE parameter by default - BUG/MEDIUM: dns: send messages on closed/reused fd if fd was detected broken - MINOR: mux-h2: obey http-ignore-probes during the preface - BUG/MINOR: mworker: fix typo in chroot error message - BUG/MINOR: ssl: use atomic ops to update global shctx stats - BUG/MEDIUM: shctx: use at least thread-based locking on USE_PRIVATE_CACHE - BUG/MINOR: stick-table: insert srv in used_name tree even with fixed id - DOC: lua: Add a warning about buffers modification in HTTP - BUG/MEDIUM: dns: reset file descriptor if send returns an error - BUG/MINOR: ssl: OCSP stapling does not work if expire too far in the future - BUG/MINOR: proxy: Missing calloc return value check in chash_init_server_tree - BUG/MINOR: http: Missing calloc return value check in make_arg_list - BUG/MINOR: http: Missing calloc return value check while parsing redirect rule - BUG/MINOR: worker: Missing calloc return value check in mworker_env_to_proc_list - BUG/MINOR: compression: Missing calloc return value check in comp_append_type/algo - BUG/MINOR: http: Missing calloc return value check while parsing tcp-request rule - BUG/MINOR: http: Missing calloc return value check while parsing tcp-request/tcp-response - BUG/MINOR: proxy: Missing calloc return value check in proxy_defproxy_cpy - BUG/MINOR: proxy: Missing calloc return value check in proxy_parse_declare - BUG/MINOR: http: Missing calloc return value check in parse_http_req_capture - BUG/MINOR: ssl: Missing calloc return value check in ssl_init_single_engine - BUG/MINOR: peers: Missing calloc return value check in peers_register_table - BUG/MINOR: server: Missing calloc return value check in srv_parse_source - BUG/MINOR: http-ana: Handle L7 retries on refused early data before K/A aborts - BUG/MINOR: http-comp: Preserve HTTP_MSGF_COMPRESSIONG flag on the response - BUG/MEDIUM: filters: Exec pre/post analysers only one time per filter - BUG/MINOR: stream-int: Don't block reads in si_update_rx() if chn may receive - MINOR: channel: Rely on HTX version if appropriate in channel_may_recv() - BUG/MINOR: http_fetch: fix possible uninit sockaddr in fetch_url_ip/port - BUG/MINOR: stream: Reset stream final state and si error type on L7 retry - BUG/MINOR: stream: properly clear the previous error mask on L7 retries - BUG/MINOR: stream: Decrement server current session counter on L7 retry - BUG/MINOR: hlua: Don't rely on top of the stack when using Lua buffers 2021/09/03 : 2.1r1 (1.0.0-238.625) - BUG/MAJOR: htx: fix missing header name length check in htx_add_header/trailer - CLEANUP: htx: remove comments about "must be < 256 MB" - BUG/MINOR: config: reject configs using HTTP with bufsize >= 256 MB - DOC: configuration: remove wrong tcp-request examples in tcp-response - CLEANUP: Add missing include guard to signal.h - BUG/MINOR: tools: Fix loop condition in dump_text() - BUG/MINOR threads: Use get_(local|gm)time instead of (local|gm)time - BUG/MINOR: ebtree: remove dependency on incorrect macro for bits per long - BUG/MINOR: lua: use strlcpy2() not strncpy() to copy sample keywords - MINOR: compiler: implement an ONLY_ONCE() macro - BUG/MEDIUM: base64: check output boundaries within base64{dec,urldec} - BUG/MINOR: stick-table: fix the sc-set-gpt* parser when using expressions - BUG/MEDIUM: sock: really fix detection of early connection failures in for 2.3- 2021/08/20 : 2.1r1 (1.0.0-238.612) - BUG/MEDIUM: h2: match absolute-path not path-absolute for :path 2021/08/17 : 2.1r1 (1.0.0-237.611) - REGTESTS: add a test to prevent h2 desync attacks - BUG/MEDIUM: h2: give :authority precedence over Host - BUG/MAJOR: h2: enforce stricter syntax checks on the :method pseudo-header - BUG/MAJOR: h2: verify that :path starts with a '/' before concatenating it - BUG/MAJOR: h2: verify early that non-http/https schemes match the valid syntax - MINOR: http: add a new function http_validate_scheme() to validate a scheme - BUG/MEDIUM: mux-h2: Handle remaining read0 cases on partial frames - BUG/MEDIUM: mworker: do not register an exit handler if exit is expected - BUILD: add detection of missing important CFLAGS - BUG/MEDIUM: sock: make sure to never miss early connection failures - BUG/MAJOR: server: fix deadlock when changing maxconn via agent-check - BUG/MAJOR: queue: set SF_ASSIGNED when setting strm->target on dequeue - BUG/MAJOR: htx: Fix htx_defrag() when an HTX block is expanded - BUG/MAJOR: server: prevent deadlock when using 'set maxconn server' - BUG/MEDIUM: ebtree: Invalid read when looking for dup entry - BUG/MEDIUM: cli: prevent memory leak on write errors 2021/04/29 : 2.1r1 (1.0.0-235.595) - BUG/MINOR: mux-fcgi: Don't send normalized uri to FCGI application - MINOR: No longer rely on deprecated sample fetches for predefined ACLs - DOC: clarify that compression works for HTTP/2 - MINOR: peers: add informative flags about resync process for debugging - BUG/MEDIUM: peers: reset tables stage flags stages on new conns - BUG/MEDIUM: peers: re-work updates lookup during the sync on the fly - BUG/MEDIUM: peers: reset commitupdate value in new conns - BUG/MEDIUM: peers: reset starting point if peers appears longly disconnected - BUG/MEDIUM: peers: stop considering ack messages teaching a full resync - BUG/MEDIUM: peers: register last acked value as origin receiving a resync req - BUG/MEDIUM: peers: initialize resync timer to get an initial full resync - BUG/MINOR: applet: Notify the other side if data were consumed by an applet - BUG/MINOR: htx: Preserve HTX flags when draining data from an HTX message - BUG/MEDIUM: peers: re-work refcnt on table to protect against flush - BUG/MEDIUM: peers: re-work connection to new process during reload. - BUG/MINOR: peers: remove useless table check if initial resync is finished - BUG/MEDIUM: mux-h2: Properly handle shutdowns when received with data - BUG/MINOR: mworker: don't use oldpids[] anymore for reload - BUG/MINOR: mworker/init: don't reset nb_oldpids in non-mworker cases - BUG/MEDIUM: config: fix cpu-map notation with both process and threads - BUG/MEDIUM: mux-h2: Fix dfl calculation when merging CONTINUATION frames - BUG/MAJOR: mux-h2: Properly detect too large frames when decoding headers - BUG/MINOR: server: free srv.lb_nodes in free_server - BUG/MINOR: mux-h1: Release idle server H1 connection if data are received - BUG/MINOR: logs: Report the true number of retries if there was no connection - BUG/MINOR: http_htx: Remove BUG_ON() from http_get_stline() function - BUG/MINOR: http-fetch: Make method smp safe if headers were already forwarded - BUG/MINOR: connection: Fix fc_http_major and bc_http_major for TCP connections - BUG/MEDIUM: threads: Ignore current thread to end its harmless period - DOC: ssl: Certificate hot update only works on fronted certificates - BUG/MEDIUM: sample: Fix adjusting size in field converter - BUG/MINOR: tools: fix parsing "us" unit for timers - MINOR/BUG: mworker/cli: do not use the unix_bind prefix for the master CLI socket 2021/04/14 : 2.1r1 (1.0.0-235.562) - BUG/MEDIUM: task: close a possible data race condition on a tasklet's list link - MINOR: task: remove __tasklet_remove_from_tasklet_list() 2021/04/09 : 2.1r1 (1.0.0-235.560) - BUG/MINOR: stats: Apply proper styles in HTML status page. - BUG/MEDIUM: lua: Always init the lua stack before referencing the context - BUG/MEDIUM: debug/lua: Use internal hlua function to dump the lua traceback - MINOR: lua: Slightly improve function dumping the lua traceback - DOC: tune: explain the origin of block size for ssl.cachesize - DOC: Explicitly state only IPv4 are supported by forwardfor/originalto options 2021/04/02 : 2.1r1 (1.0.0-235.554) - BUG/MINOR: http_fetch: make hdr_ip() resistant to empty fields - BUILD: tcp: use IPPROTO_IPV6 instead of SOL_IPV6 on FreeBSD/MacOS - BUG/MINOR: tcp: fix silent-drop workaround for IPv6 - BUG/MEDIUM: mux-h1: make h1_shutw_conn() idempotent - BUG/MINOR: http_fetch: make hdr_ip() reject trailing characters - MINOR: tools: make url2ipv4 return the exact number of bytes parsed - BUG/MEDIUM: thread: Fix a deadlock if an isolated thread is marked as harmless - BUG/MEDIUM: time: make sure to always initialize the global tick 2021/03/24 : 2.1r1 (1.0.0-234.546) - BUG/MEDIUM: freq_ctr/threads: use the global_now_ms variable - MINOR: time: also provide a global, monotonic global_now_ms timer 2021/03/18 : 2.1r1 (1.0.0-234.544) - MINOR: hapee: Update the list of backported/hapee/dropped patches - BUG/MINOR: resolvers: Add missing case-insensitive comparisons of DNS hostnames - MINOR: resolvers: Don't try to match immediatly renewed ADD items - MINOR: resolvers: Use milliseconds for cached items in resolver responses - BUG/MEDIUM: resolvers: Skip DNS resolution at startup if SRV resolution is set - BUG/MEDIUM: resolvers: Don't release resolution from a requester callbacks - MINOR: resolvers: Directly call srvrq_update_srv_state() when possible - MINOR: resolvers: Add function to change the srv status based on SRV resolution - MINOR: resolvers: Purge answer items when a SRV resolution triggers an error - MINOR: resolvers: Use a function to remove answers attached to a resolution - BUG/MEDIUM: resolvers: Trigger a DNS resolution if an ADD item is obsolete - BUG/MINOR; resolvers: Ignore DNS resolution for expired SRV item - MINOR: resolvers: new function find_srvrq_answer_record() - BUG/MEDIUM: resolvers: Fix the loop looking for an existing ADD item - BUG/MEDIUM: resolvers: Don't set an address-less server as UP - BUG/MINOR: resolvers: Unlink DNS resolution to set RMAINT on SRV resolution - BUG/MINOR: resolvers: Reset server address on DNS error only on status change - BUG/MINOR: resolvers: Consider server to have no IP on DNS resolution error - Revert "BUG/MINOR: resolvers: Only renew TTL for SRV records with an additional record" - BUG/MEDIUM: resolvers: Reset address for unresolved servers - BUG/MEDIUM: resolvers: Reset server address and port for obselete SRV records - BUG/MINOR: resolvers: new callback to properly handle SRV record errors - BUG/MINOR: resolvers: Only renew TTL for SRV records with an additional record - BUG/MINOR: resolvers: Fix condition to release received ARs if not assigned - BUG/MINOR: freq_ctr/threads: make use of the last updated global time - MINOR: time: export the global_now variable - CLEANUP: tcp-rules: add missing actions in the tcp-request error message - BUG/MINOR: session: Add some forgotten tests on session's listener - BUG/MINOR: proxy/session: Be sure to have a listener to increment its counters - BUG/MEDIUM: filters: Set CF_FL_ANALYZE on channels when filters are attached - BUG/MEDIUM: session: NULL dereference possible when accessing the listener - BUG/MINOR: ssl: don't truncate the file descriptor to 16 bits in debug mode - BUG/MINOR: hlua: Don't strip last non-LWS char in hlua_pushstrippedstring() - BUG/MEDIUM: lists: Avoid an infinite loop in MT_LIST_TRY_ADDQ(). - BUG/MEDIUM: lists: Lock the element while we check if it is in a list. - BUG/MINOR: http-ana: Don't increment HTTP error counter on read error/timeout - BUG/MINOR: mux-h2: Fix typo in scheme adjustment - DOC: spoe: Add a note about fragmentation support in HAProxy - BUG/MEDIUM: spoe: Kill applets if there are pending connections and nbthread > 1 - BUG/MINOR: connection: Use the client's dst family for adressless servers - BUG/MINOR: tcp-act: Don't forget to set the original port for IPv4 set-dst rule - BUG/MINOR: http-ana: Only consider dst address to process originalto option - BUG/MINOR: mux-h1: Immediately report H1C errors from h1_snd_buf() - BUG/MINOR: proxy: wake up all threads when sending the hard-stop signal - BUG/MEDIUM: cli/shutdown sessions: make it thread-safe - BUG/MEDIUM: proxy: use thread-safe stream killing on hard-stop - BUG/MEDIUM: vars: make functions vars_get_by_{name,desc} thread-safe - BUG/MINOR: sample: secure convs that accept base64 string and var name as args - BUG/MINOR: ssl/cli: potential null pointer dereference in "set ssl cert" - BUG/MEDIUM: mux-h1: Fix handling of responses to CONNECT other than 200-ok - BUG/MINOR: server: Be sure to cut the last parsed field of a server-state line - BUG/MINOR: server: Init params before parsing a new server-state line - BUG/MINOR: sample: Always consider zero size string samples as unsafe - BUG/MINOR: checks: properly handle wrapping time in __health_adjust() - BUG/MINOR: session: atomically increment the tracked sessions counter - BUG/MINOR: server: Remove RMAINT from admin state when loading server state - CLEANUP: channel: fix comment in ci_putblk. - BUG/MINOR: server: Don't call fopen() with server-state filepath set to NULL - BUG/MINOR: cfgparse: do not mention "addr:port" as supported on proxy lines - BUG/MINOR: stats: revert the change on ST_CONVDONE - BUG/MEDIUM: config: don't pick unset values from last defaults section - CLEANUP: deinit: release global and per-proxy server-state variables on deinit - BUG/MINOR: server: Fix server-state-file-name directive - BUG/MINOR: backend: hold correctly lock when killing idle conn - BUG/MINOR: tools: Fix a memory leak on error path in parse_dotted_uints() - BUG/MINOR: server: re-align state file fields number - BUG/MEDIUM: mux-h1: Always set CS_FL_EOI for response in MSG_DONE state - BUG/MINOR: http-ana: Don't increment HTTP error counter on internal errors 2021/03/16 : 2.1r1 (1.0.0-234.476) 2021/02/05 : 2.1r1 (1.0.0-232.476) - BUG/MEDIUM: mux-h2: do not quit the demux loop before setting END_REACHED - BUG/MEDIUM: mux-h2: handle remaining read0 cases - BUILD: Makefile: move REGTESTST_TYPE default setting - BUG/MEDIUM: ssl/cli: abort ssl cert is freeing the old store - BUG/MINOR: ssl: init tmp chunk correctly in ssl_sock_load_sctl_from_file() - BUG/MINOR: xxhash: make sure armv6 uses memcpy() - BUG/MEDIUM: ssl: check a connection's status before computing a handshake - BUG/MINOR: stick-table: Always call smp_fetch_src() with a valid arg list - DOC: management: fix "show resolvers" alphabetical ordering - MINOR: contrib: Make the wireshark peers dissector compile for more distribs. - BUG/MINOR: config: fix leak on proxy.conn_src.bind_hdr_name 2021/02/01 : 2.1r1 (1.0.0-231.465) - BUG/MEDIUM: filters/htx: Fix data forwarding when payload length is unknown 2021/01/28 : 2.1r1 (1.0.0-231.464) - BUG/MEDIUM: stats: add missing INF_BUILD_INFO definition - MINOR: hapee: Update the list of backported/hapee patches - BUG/MINOR: dns: SRV records ignores duplicated AR records (v2) - BUILD/MINOR: lua: define _GNU_SOURCE for LLONG_MAX - BUG/MEDIUM: mux-h2: fix read0 handling on partial frames - BUG/MINOR: mworker: define _GNU_SOURCE for strsignal() - BUG/MINOR: mux_h2: missing space between "st" and ".flg" in the "show fd" helper - BUG/MINOR: peers: Wrong "new_conn" value for "show peers" CLI command. - BUG/MINOR: threads: Fixes the number of possible cpus report for Mac. - BUG/MINOR: init: Use a dynamic buffer to set HAPROXY_CFGFILES env variable - BUG/MINOR: init: enforce strict-limits when using master-worker - BUG/MINOR: sample: Memory leak of sample_expr structure in case of error - BUG/MINOR: sample: check alloc_trash_chunk return value in concat() 2021/01/08 : 2.1r1 (1.0.0-231.451) - BUG/MINOR: sample: fix concat() converter's corruption with non-string variables - DOC: Add maintainers for the Prometheus exporter - SCRIPTS: announce-release: fix typo in help message - DOC: fix some spelling issues over multiple files - MINOR: contrib/prometheus-exporter: export build_info - BUILD: Makefile: exclude broken tests by default - BUG/MINOR: srv: do not init address if backend is disabled - SCRIPTS: make announce release support preparing announces before tag exists - SCRIPTS: improve announce-release to support different tag and versions - BUG/MINOR: cfgparse: Fail if the strdup() for `rule->be.name` for `use_backend` fails - MINOR: atomic: don't use ; to separate instruction on aarch64. - BUILD: hpack: hpack-tbl-t.h uses VAR_ARRAY but does not include compiler.h - BUG/MEDIUM: mux_h2: Add missing braces in h2_snd_buf()around trace+wakeup - BUILD: plock: remove dead code that causes a warning in gcc 11 - CONTRIB: debug: address "poll" utility build on non-linux platforms - CONTRIB: halog: fix signed/unsigned build warnings on counts and timestamps - CONTRIB: halog: mark the has_zero* functions unused - CONTRIB: halog: fix build issue caused by %L printf format - BUG/MEDIUM: http-ana: Never for sending data in TUNNEL mode - BUG/MINOR: mux-h1: Don't set CS_FL_EOI too early for protocol upgrade requests - BUILD: Makefile: have "make clean" destroy .o/.a/.s in contrib subdirs as well - REGTESTS: make use of HAPROXY_ARGS and pass -dM by default - CLEANUP: contrib/prometheus-exporter: typo fixes for ssl reuse metric - CLEANUP: lua: Remove declaration of an inexistant function 2020/12/14 : 2.1r1 (1.0.0-230.427) - BUG/MEDIUM: lb-leastconn: Reposition a server using the right eweight - BUG/MINOR: tools: Reject size format not starting by a digit - BUG/MINOR: tools: make parse_time_err() more strict on the timer validity - DOC: email change of the DeviceAtlas maintainer - BUG/MEDIUM: spoa/python: Fixing references to None - BUG/MEDIUM: spoa/python: Fixing PyObject_Call positional arguments - BUG/MINOR: spoa/python: Cleanup ipaddress objects if initialization fails - BUG/MINOR: spoa/python: Cleanup references for failed Module Addobject operations - DOC: spoa/python: Fixing typos in comments - DOC: spoa/python: Rephrasing memory related error messages - DOC: spoa/python: Fixing typo in IP related error messages - BUG/MAJOR: spoa/python: Fixing return None - DOC/MINOR: Fix formatting in Management Guide - BUG/MINOR: lua: warn when registering action, conv, sf, cli or applet multiple times - MINOR: cli: add a function to look up a CLI service description - MINOR: actions: add a function returning a service pointer from its name - MINOR: actions: Export actions lookup functions - BUG/MINOR: lua: Some lua init operation are processed unsafe - BUG/MINOR: lua: Post init register function are not executed beyond the first one - BUG/MINOR: lua: lua-load doesn't check its parameters - BUG/MINOR: lua: missing "\n" in error message - MINOR: plock: use an ARMv8 instruction barrier for the pause instruction - DOC: config: Move req.hdrs and req.hdrs_bin in L7 samples fetches section - DOC: Clarify %HP description in log-format - BUG/MAJOR: peers: fix partial message decoding 2020/11/24 : 2.1r1 (1.0.0-229.402) - BUG/MAJOR: filters: Always keep all offsets up to date during data filtering 2020/11/20 : 2.1r1 (1.0.0-229.401) - MINOR: hapee: Update the list of backported/hapee patches - BUG/MEDIUM: http-ana: Don't eval http-after-response ruleset on empty messages 2020/11/18 : 2.1r1 (1.0.0-229.399) - BUG/MINOR: http-ana: Don't wait for the body of CONNECT requests - BUG/MEDIUM: filters: Forward all filtered data at the end of http filtering - BUILD: http-htx: fix build warning regarding long type in printf - MINOR: cfgparse: tighten the scope of newnameserver variable, free it on error. - MINOR: spoe: Don't close connection in sync mode on processing timeout - BUG/MAJOR: spoe: Be sure to remove all references on a released spoe applet - BUG/MINOR: http-fetch: Fix calls w/o parentheses of the cookie sample fetches - BUG/MINOR: http-fetch: Extract cookie value even when no cookie name - BUG/MEDIUM: peers: fix decoding of multi-byte length in stick-table messages - BUG/MINOR: peers: Missing TX cache entries reset. - BUG/MINOR: peers: Do not ignore a protocol error for dictionary entries. - BUG/MINOR: lua: set buffer size during map lookups - BUG/MINOR: pattern: a sample marked as const could be written - BUG/MINOR: http-htx: Just warn if payload of an errorfile doesn't match the C-L - MINOR: http-htx: Add understandable errors for the errorfiles parsing 2020/11/04 : 2.1r1 (1.0.0-228.384) - CLEANUP: mux-h2: Remove the h1 parser state from the h2 stream - BUG/MEDIUM: stick-table: limit the time spent purging old entries - BUG/MINOR: filters: Skip disabled proxies during startup only - BUG/MEDIUM: mux-pt: Release the tasklet during an HTTP upgrade - MINOR: server: Copy configuration file and line for server templates - BUG/MINOR: server: Set server without addr but with dns in RMAINT on startup - BUG/MINOR: proxy/server: Skip per-proxy/server post-check for disabled proxies - BUG/MEDIUM: filters: Don't try to init filters for disabled proxies - BUG/MINOR: cache: Inverted variables in http_calc_maxage function - BUG/MINOR: cache: Manage multiple values in cache-control header value - MINOR: ist: Add a case insensitive istmatch function - BUG/MINOR: lua: initialize sample before using it - BUG/MINOR: server: fix down_time report for stats - BUG/MINOR: server: fix srv downtime calcul on starting - BUG/MINOR: log: fix memory leak on logsrv parse error - BUG/MINOR: extcheck: add missing checks on extchk_setenv() - BUG/MAJOR: mux-h2: Don't try to send data if we know it is no longer possible - BUG/MINOR: http-ana: Don't send payload for internal responses to HEAD requests - BUG/MEDIUM: server: support changing the slowstart value from state-file - BUG/MINOR: queue: properly report redistributed connections - BUG/MEDIUM: ssl: OCSP must work with BoringSSL - BUG/MINOR: disable dynamic OCSP load with BoringSSL - BUILD: ssl: make BoringSSL use its own version numbers 2020/10/19 : 2.1r1 (1.0.0-228.361) - MINOR: hapee: Update the list of backported/hapee patches - MINOR: backend: Add sample fetches to get the server's weight - BUG/MINOR: peers: Possible unexpected peer seesion reset after collisions. - BUG/MEDIUM: lb: Always lock the server when calling server_{take,drop}_conn - BUG/MEDIUM: mux-h1: Get the session from the H1S when capturing bad messages - BUG/MEDIUM: spoe: Unset variable instead of set it if no data provided - BUG/MEDIUM: task: bound the number of tasks picked from the wait queue at once - MINOR: fd: report an error message when failing initial allocations - BUG/MINOR: mux-h2: do not stop outgoing connections on stopping - BUG/MINOR: init: only keep rlim_fd_cur if max is unlimited - BUG/MINOR: http-htx: Expect no body for 204/304 internal HTTP responses - BUG/MEDIUM: mux-h2: Don't handle pending read0 too early on streams - BUG/MEDIUM: mux-fcgi: Don't handle pending read0 too early on streams 2020/10/08 : 2.1r1 (1.0.0-226.348) - BUG/MINOR: mux-h1: Always set the session on frontend h1 stream - BUG/MINOR: peers: Inconsistency when dumping peer status codes. - MINOR: hlua: Display debug messages on stderr only in debug mode - BUG/MINOR: stats: fix validity of the json schema - MINOR: counters: fix a typo in comment - BUG/MEDIUM: queue: make pendconn_cond_unlink() really thread-safe - DOC: tcp-rules: Refresh details about L7 matching for tcp-request content rules - BUG/MINOR: Fix several leaks of 'log_tag' in init(). - BUILD: makefile: Fix building with closefrom() support enabled - MINOR: ssl: reach a ckch_store from a sni_ctx - BUG/MEDIUM: ssl: crt-list negative filters don't work 2020/10/02 : 2.1r1 (1.0.0-226.337) - MINOR: hapee: add a .hapee directory to list backporting notes - BUILD: makefile: add an EXTRAVERSION variable to ease local naming - REGTEST: make map_regm_with_backref require 1.7 - REGTEST: make abns_socket.vtc require 1.8 - REGTEST: fix host part in balance-uri-path-only.vtc - DOC: agent-check: fix typo in "fail" word expected reply - BUG/MEDIUM: listeners: do not pause foreign listeners - BUG/MINOR: config: Fix memory leak on config parse listen - DOC: spoa-server: fix false friends `actually` - REGTESTS: add a few load balancing tests - MINOR: backend: add a new "path-only" option to "balance uri" - MINOR: backend: make the "whole" option of balance uri take only one bit - BUG/MINOR: Fix memory leaks cfg_parse_peers - MINOR: h2/trace: also display the remaining frame length in traces - BUG/MEDIUM: h2: report frame bits only for handled types - BUG/MINOR: http-fetch: Don't set the sample type during the htx prefetch - BUG/MINOR: h2/trace: do not display "stream error" after a frame ACK - BUG/MINOR: server: report correct error message for invalid port on "socks4" - BUG/MINOR: ssl: verifyhost is case sensitive - BUG/MEDIUM: ssl: does not look for all SNIs before chosing a certificate - BUG/MEDIUM: http-ana: Don't wait to send 1xx responses received from servers 2020/09/18 : 2.1r1 (1.0.0-226.316) - MEDIUM: dns: implement synchronous send - BUG/MEDIUM: dns: Be sure to renew IP address for already known servers - BUG/MEDIUM: dns: Don't store additional records in a linked-list - CLEANUP: remove obsolete comments - CLEANUP: dns: remove 45 "return" statements from dns_validate_dns_response() - BUG/MEDIUM: dns: Consider the fact that dns answers are case-insensitive - BUG/MAJOR: dns: disabled servers through SRV records never recover - CLEANUP: dns: typo in reported error message - MINOR: arg: Use chunk_destroy() to release string arguments - BUG/MEDIUM: pattern: Renew the pattern expression revision when it is pruned - BUILD: threads: better workaround for late loading of libgcc_s - BUG/MEDIUM: mux-h1: always apply the timeout on half-closed connections - BUG/MINOR: auth: report valid crypto(3) support depending on build options - CLEANUP: Update .gitignore - MINOR: Commit .gitattributes - BUILD: thread: limit the libgcc_s workaround to glibc only - BUG/MINOR: threads: work around a libgcc_s issue with chrooting - BUG/MEDIUM: ssl: check OCSP calloc in ssl_sock_load_ocsp() - BUG/MEDIUM: doc: Fix replace-path action description - BUG/MINOR: startup: haproxy -s cause 100% cpu - BUG/MEDIUM: contrib/spoa-server: Fix ipv4_address used instead of ipv6_address - BUG/MINOR: contrib/spoa-server: Updating references to free in case of failure - BUG/MINOR: contrib/spoa-server: Do not free reference to NULL - BUG/MINOR: contrib/spoa-server: Ensure ip address references are freed - BUG/MAJOR: contrib/spoa-server: Fix unhandled python call leading to memory leak - DOC: cache: Use '<name>' instead of '<id>' in error message - MINOR: http-htx: Add an option to eval query-string when the path is replaced - BUG/MINOR: reload: do not fail when no socket is sent 2020/08/13 : 2.1r1 (1.0.0-226.288) - BUG/MEDIUM: htx: smp_prefetch_htx() must always validate the direction - BUG/MINOR: stats: use strncmp() instead of memcmp() on health states - BUG/MINOR: snapshots: leak of snapshots on deinit() - MEDIUM: lua: Don't filter exported fetches and converters - BUG/MINOR: lua: Duplicate lua strings in sample fetches/converters arg array - MINOR: hlua: Don't needlessly copy lua strings in trash during args validation - BUG/MINOR: lua: Check argument type to convert it to IP mask in arg validation - BUG/MINOR: lua: Check argument type to convert it to IPv4/IPv6 arg validation - BUG/MINOR: arg: Fix leaks during arguments validation for fetches/converters - BUG/MINOR: lua: Duplicate map name to load it when a new Map object is created - BUG/MINOR: converters: Store the sink in an arg pointer for debug() converter - MINOR: arg: Add an argument type to keep a reference on opaque data - BUG/MEDIUM: map/lua: Return an error if a map is loaded during runtime - BUG/MEDIUM: ssl: memory leak of ocsp data at SSL_CTX_free() - BUG/MINOR: ssl: fix memory leak at OCSP loading - BUG/MEDIUM: mux-h1: Refresh H1 connection timeout after a synchronous send 2020/07/31 : 2.1r1 (1.0.0-223.272) - SCRIPTS: git-show-backports: emit the shell command to backport a commit - SCRIPTS: git-show-backports: make -m most only show the left branch - BUG/MEDIUM: backend: always attach the transport before installing the mux - SCRIPTS: announce-release: add the link to the wiki in the announce messages - MINOR: stream-int: Be sure to have a mux to do sends and receives - MINOR: connection: Preinstall the mux for non-ssl connect - BUG/MINOR: tcp-rules: Preserve the right filter analyser on content eval abort - BUG/MAJOR: dns: don't treat Authority records as an error - BUG/MAJOR: dns: fix null pointer dereference in snr_update_srv_status - BUG/MINOR: tcp-rules: Set the inspect-delay when a tcp-response action yields - BUG/MEDIUM: dns: Don't yield in do-resolve action on a final evaluation - MEDIUM: lua: Add support for the Lua 5.4 - BUG/MINOR: debug: Don't dump the lua stack if it is not initialized - BUILD: tools: fix build with static only toolchains - BUG/MEDIUM: mux-h1: Disable the splicing when nothing is received - BUG/MEDIUM: mux-h1: Wakeup the H1C in h1_rcv_buf() if more data are expected - BUG/MINOR: mux-fcgi: Don't url-decode the QUERY_STRING parameter anymore - BUG/MEDIUM: dns: Release answer items when a DNS resolution is freed - BUG/MAJOR: dns: Make the do-resolve action thread-safe - BUG/MEDIUM: resolve: fix init resolving for ring and peers section. - BUG/MINOR: cfgparse: don't increment linenum on incomplete lines - BUILD: thread: add parenthesis around values of locking macros - BUILD: ebtree: fix build on libmusl after recent introduction of eb_memcmp() - BUG/MEDIUM: channel: Be aware of SHUTW_NOW flag when output data are peeked 2020/07/17 : 2.1r1 (1.0.0-223.248) - MINOR: ssl: add a new function ssl_sock_get_ssl_object() - MEDIUM: ssl: split ssl_sock_msgcbk() and use a new callback mechanism - MEDIUM: ssl: allow to register callbacks for SSL/TLS protocol messages 2020/07/16 : 2.1r1 (1.0.0-223.245) - BUG/MEDIUM: server: fix possibly uninitialized state file on close - BUG/MEDIUM: server: resolve state file handle leak on reload - BUG/MEDIUM: fcgi-app: fix memory leak in fcgi_flt_http_headers - BUG/MEDIUM: log: issue mixing sampled to not sampled log servers. - BUG/MINOR: mux-fcgi: Set flags on the right stream field for empty FCGI_STDOUT - BUG/MINOR: mux-fcgi: Set conn state to RECORD_P when skipping the record padding - BUG/MINOR: mux-fcgi: Handle empty STDERR record - BUG/MEDIUM: mux-h1: Continue to process request when switching in tunnel mode - CONTRIB: da: fix memory leak in dummy function da_atlas_open() - BUG/MEDIUM: lists: add missing store barrier in MT_LIST_ADD/MT_LIST_ADDQ - BUG/MEDIUM: lists: add missing store barrier on MT_LIST_BEHEAD() - BUG/MINOR: sample: Free str.area in smp_check_const_meth - BUG/MINOR: sample: Free str.area in smp_check_const_bool - DOC: configuration: remove obsolete mentions of H2 being converted to HTTP/1.x - MINOR: pools: increase MAX_BASE_POOLS to 64 - BUG/MINOR: threads: Don't forget to init each thread toremove_lock. - MINOR: http: Add support for http 413 status - BUG/MINOR: backend: Remove CO_FL_SESS_IDLE if a client remains on the last server - BUG/MEDIUM: connection: Continue to recv data to a pipe when the FD is not ready - MINOR: connection: move the CO_FL_WAIT_ROOM cleanup to the reader only - BUG/MEDIUM: mux-h1: Subscribe rather than waking up in h1_rcv_buf() - MINOR: mux-h1: Improve traces about the splicing - BUG/MEDIUM: mux-h1: Disable splicing for the conn-stream if read0 is received - BUG/MINOR: mux-h1: Disable splicing only if input data was processed - BUG/MINOR: mux-h1: Don't read data from a pipe if the mux is unable to receive - BUG/MINOR: mux-h1: Fix the splicing in TUNNEL mode - BUG/MINOR: http_act: don't check capture id in backend (2) - BUILD: haproxy: fix build error when RLIMIT_AS is not set - DOC: configuration: fix alphabetical ordering for tune.pool-{high,low}-fd-ratio - DOC: configuration: add missing index entries for tune.pool-{low,high}-fd-ratio - BUG/MINOR: proxy: always initialize the trash in show servers state - BUG/MINOR: proxy: fix dump_server_state()'s misuse of the trash - BUG/MEDIUM: pattern: Add a trailing \0 to match strings only if possible - DOC: ssl: add "allow-0rtt" and "ciphersuites" in crt-list - MINOR: cli: make "show sess" stop at the last known session - BUG/MEDIUM: fetch: Fix hdr_ip misparsing IPv4 addresses due to missing NUL - REGTEST: ssl: add some ssl_c_* sample fetches test - REGTEST: ssl: tests the ssl_f_* sample fetches - MINOR: spoe: Don't systematically create new applets if processing rate is low - BUG/MINOR: http_ana: clarify connection pointer check on L7 retry - BUG/MINOR: spoe: correction of setting bits for analyzer - REGTEST: Add a simple script to tests errorfile directives in proxy sections - BUG/MINOR: systemd: Wait for network to be online - MEDIUM: map: make the "clear map" operation yield - REGTEST: http-rules: test spaces in ACLs with master CLI - REGTEST: http-rules: test spaces in ACLs - BUG/MINOR: mworker/cli: fix semicolon escaping in master CLI - BUG/MINOR: mworker/cli: fix the escaping in the master CLI - BUG/MINOR: cli: allow space escaping on the CLI - BUG/MINOR: spoe: add missing key length check before checking key names - BUG/MEDIUM: ebtree: use a byte-per-byte memcmp() to compare memory blocks - BUG/MINOR: tcp-rules: tcp-response must check the buffer's fullness - BUG/MINOR: http: make smp_fetch_body() report that the contents may change - BUG/MEDIUM: ssl: crt-list must continue parsing on ERR_WARN - BUG/MINOR: ssl: fix ssl-{min,max}-ver with openssl < 1.1.0 - REGTESTS: Add missing OPENSSL to REQUIRE_OPTIONS for compression/lua_validation - REGTESTS: Add missing OPENSSL to REQUIRE_OPTIONS for lua/txn_get_priv - BUILD: make dladdr1 depend on glibc version and not __USE_GNU - BUG/MEDIUM: pattern: fix thread safety of pattern matching - BUG/MEDIUM: log: don't hold the log lock during writev() on a file descriptor 2020/06/30 : 2.1r1 (1.0.0-223.185) - MEDIUM: peers: add the "localpeer" global option - MINOR: peers: do not use localpeer as an array anymore 2020/06/08 : 2.1r1 (1.0.0-223.183) - BUG/MINOR: mworker: fix a memleak when execvp() failed - BUG/MINOR: ssl: fix a trash buffer leak in some error cases - BUG/MEDIUM: mworker: fix the reload with an -- option - BUG/MINOR: init: -S can have a parameter starting with a dash - BUG/MINOR: init: -x can have a parameter starting with a dash - BUG/MEDIUM: mworker: fix the copy of options in copy_argv() 2020/06/05 : 2.1r1 (1.0.0-223.177) - BUG/MEDIUM: contrib/prometheus-exporter: Properly set flags to dump metrics - BUG/MEDIUM: hlua: Lock pattern references to perform set/add/del operations - BUG/MEDIUM: lua: Reset analyse expiration timeout before executing a lua action - BUG/MINOR: peers: fix internal/network key type mapping. - SCRIPTS: publish-release: pass -n to gzip to remove timestamp - Revert "BUG/MEDIUM: connections: force connections cleanup on server changes" - BUG/MINOR: nameservers: fix error handling in parsing of resolv.conf - BUG/MINOR: lua: Add missing string length for lua sticktable lookup - BUG/MEDIUM: logs: fix trailing zeros on log message. - REGTESTS: checks: Fix tls_health_checks when IPv6 addresses are used - BUG/MINOR: logs: prevent double line returns in some events. - DOC: SPOE is no longer experimental - DOC/MINOR: halog: Add long help info for ic flag - DOC: retry-on can only be used with mode http 2020/05/26 : 2.1r1 (1.0.0-223.163) - BUG/MINOR: server: Fix server_finalize_init() to avoid unused variable - BUG/MINOR: checks: Respect check-ssl param when a port or an addr is specified - BUG/MEDIUM: ring: write-lock the ring while attaching/detaching - BUG/MAJOR: mux-fcgi: Stop sending loop if FCGI stream is blocked for any reason - BUG/MINOR: cache: Don't needlessly test "cache" keyword in parse_cache_flt() - BUG/MEDIUM: stream: Only allow L7 retries when using HTTP. - BUG/MEDIUM: streams: Remove SF_ADDR_SET if we're retrying due to L7 retry. - BUILD: select: only declare existing local labels to appease clang - BUG/MINOR: soft-stop: always wake up waiting threads on stopping - BUG/MINOR: pollers: remove uneeded free in global init - BUG/MINOR: pools: use %u not %d to report pool stats in "show pools" - BUG/MINOR: cfgparse: Abort parsing the current line if an invalid \x sequence is encountered - BUG/MEDIUM: http_ana: make the detection of NTLM variants safer - BUG/MINOR: http-ana: fix NTLM response parsing again - BUG/MINOR: config: Make use_backend and use-server post-parsing less obscur - BUG/MEDIUM: lua: Fix dumping of stick table entries for STD_T_DICT - BUG/MINOR: threads: fix multiple use of argument inside HA_ATOMIC_UPDATE_{MIN,MAX}() - BUG/MINOR: threads: fix multiple use of argument inside HA_ATOMIC_CAS() - BUG/MINOR: sample: Set the correct type when a binary is converted to a string - CLEANUP: connections: align function declaration - BUG/MEDIUM: ssl: fix the id length check within smp_fetch_ssl_fc_session_id() - BUG/MEDIUM: h1: Don't compare host and authority if only h1 headers are parsed - BUG/MEDIUM: connections: force connections cleanup on server changes - BUG/MEDIUM: mux-fcgi: Fix wrong test on FCGI_CF_KEEP_CONN in fcgi_detach() - BUG/MEDIUM: mux_fcgi: Free the FCGI connection at the end of fcgi_release() - BUG/MINOR: checks: Remove a warning about http health checks - BUG/MINOR: checks: Compute the right HTTP request length for HTTP health checks - BUG/MINOR: checks/server: use_ssl member must be signed - Revert "BUG/MINOR: connection: make sure to correctly tag local PROXY connections" - Revert "BUG/MINOR: connection: always send address-less LOCAL PROXY connections" 2020/05/19 : 2.1r1 (1.0.0-223.133) - MEDIUM: stats: Enable more accurate moving average calculation for stats - MINOR: stats: Expose native cum_req metric for a server - MINOR: stats: Prepare for more accurate moving averages 2020/05/06 : 2.1r1 (1.0.0-223.130) 2020/05/04 : 2.1r1 (1.0.0-222.130) - REGTEST: http-rules: Require PCRE or PCRE2 option to run map_redirect script - REGTEST: ssl: test the client certificate authentication - BUILD: Makefile: add linux-musl to TARGET - MINOR: stream: report the list of active filters on stream crashes - BUG/MEDIUM: shctx: bound the number of loops that can happen around the lock - BUG/MEDIUM: shctx: really check the lock's value while waiting - BUG/MINOR: debug: properly use long long instead of long for the thread ID - MINOR: threads: export the POSIX thread ID in panic dumps - BUG/MEDIUM: listener: mark the thread as not stuck inside the loop - BUG/MEDIUM: sample: make the CPU and latency sample fetches check for a stream - BUG/MEDIUM: http: the "unique-id" sample fetch could crash without a steeam - BUG/MEDIUM: http: the "http_first_req" sample fetch could crash without a steeam - BUG/MEDIUM: capture: capture.{req,res}.* crash without a stream - BUG/MEDIUM: capture: capture-req/capture-res converters crash without a stream - BUG/MINOR: mux-fcgi: Be sure to have a connection as session's origin to use it - BUG/MINOR: obj_type: Handle stream object in obj_base_ptr() function - BUG/MINOR: checks: chained expect will not properly wait for enough data - BUG/MEDIUM: server/checks: Init server check during config validity check - BUG/MINOR: checks: Respect the no-check-ssl option - MINOR: checks: Add a way to send custom headers and payload during http chekcs - BUG/MINOR: check: Update server address and port to execute an external check - MINOR: contrib: make the peers wireshark dissector a plugin - MEDIUM: memory: make pool_gc() run under thread isolation - DOC: option logasap does not depend on mode - BUG/MINOR: http: make url_decode() optionally convert '+' to SP - BUG/MINOR: tools: fix the i386 version of the div64_32 function - BUG/MEDIUM: http-ana: Handle NTLM messages correctly. - BUG/MINOR: ssl: default settings for ssl server options are not used - DOC: Improve documentation on http-request set-src - MINOR: version: Show uname output in display_version() - DOC: hashing: update link to hashing functions - BUG/MINOR: peers: Incomplete peers sections should be validated. - BUG/MINOR: connection: always send address-less LOCAL PROXY connections - BUG/MINOR: ssl: memleak of the struct cert_key_and_chain - BUG/MINOR: ssl/cli: memory leak in 'set ssl cert' - MINOR: ssl: improve the errors when a crt can't be open - BUG/MINOR: protocol_buffer: Wrong maximum shifting. 2020/04/21 : 2.1r1 (1.0.0-222.93) 2020/04/01 : 2.1r1 (1.0.0-221.93) - BUG/CRITICAL: hpack: never index a header into the headroom after wrapping - BUG/MINOR: http-ana: Reset request analysers on error when waiting for response - BUG/MINOR: http_ana: make sure redirect flags don't have overlapping bits - DOC: internals: Fix spelling errors in filters.txt - BUG/MINOR: stats: Fix color of draining servers on stats page - BUILD: ssl: only pass unsigned chars to isspace() - MINOR: listener: add so_name sample fetch - BUG/MINOR: peers: Use after free of "peers" section. - BUG/MINOR: peers: avoid an infinite loop with peers_fe is NULL - BUG/MINOR: peers: init bind_proc to 1 if it wasn't initialized - BUG/MINOR: haproxy/threads: close a possible race in soft-stop detection - REGTEST: increase timeouts on the seamless-reload test - REGTESTS: use "command -v" instead of "which" - BUG/MINOR: connections: Make sure we free the connection on failure. - MINOR: memory: Change the flush_lock to a spinlock, and don't get it in alloc. - BUG/MEDIUM: wdt: Don't ignore WDTSIG and DEBUGSIG in __signal_process_queue(). - MINOR: wdt: Move the definitions of WDTSIG and DEBUGSIG into types/signal.h. - DOC: assorted typo fixes in the documentation - BUG/MEDIUM: peers: resync ended with RESYNC_PARTIAL in wrong cases. - BUILD: makefile: fix expression again to detect ARM platform - BUILD: makefile: fix regex syntax in ARM platform detection - BUILD: on ARM, must be linked to libatomic. - DOC: correct typo in alert message about rspirep - DOC: proxy_protocol: Reserve TLV type 0x05 as PP2_TYPE_UNIQUE_ID - BUG/MINOR: haproxy/threads: try to make all threads leave together - BUG/MINOR: listener/mq: do not dispatch connections to remote threads when stopping - BUG/MINOR: haproxy: always initialize sleeping_thread_mask - BUG/MEDIUM: pools: Always update free_list in pool_gc(). - BUG/MEDIUM: random: align the state on 2*64 bits for ARM64 - MINOR: mt_lists: Appease gcc. - BUG/MEDIUM: mt_lists: Make sure we set the deleted element to NULL; - BUILD: wdt: only test for SI_TKILL when compiled with thread support - DOC: ssl: clarify security implications of TLS tickets - DOC: assorted typo fixes in the documentation - DOC: improve description of no-tls-tickets - DOC: fix typo about no-tls-tickets - BUG/MINOR: rules: Increment be_counters if backend is assigned for a silent-drop - BUG/MINOR: rules: Preserve FLT_END analyzers on silent-drop action - BUG/MINOR: http-rules: Fix a typo in the reject action function - BUG/MINOR: http-rules: Preserve FLT_END analyzers on reject action - BUG/MINOR: lua: Ignore the reserve to know if a channel is full or not - BUG/MINOR: http-ana: Reset request analysers on a response side error - BUG/MEDIUM: compression/filters: Fix loop on HTX blocks compressing the payload - BUG/MEDIUM: cache/filters: Fix loop on HTX blocks caching the response payload - MINOR: htx: Add a function to return a block at a specific offset - BUG/MINOR: filters: Forward everything if no data filters are called - BUG/MINOR: filters: Use filter offset to decude the amount of forwarded data - REGTEST: make the PROXY TLV validation depend on version 2.2 - BUG/MAJOR: proxy_protocol: Properly validate TLV lengths - BUG/MINOR: init: make the automatic maxconn consider the max of soft/hard limits - DOC: assorted typo fixes in the documentation and Makefile - DOC: configuration.txt: fix various typos - BUG/MINOR: pattern: Do not pass len = 0 to calloc() - OPTIM: startup: fast unique_id allocation for acl. - DOC: fix incorrect indentation of http_auth_* 2020/03/31 : 2.1r1 (1.0.0-221.38) - BUG/MEDIUM: dns: improper parsing of aditional records 2020/03/27 : 2.1r1 (1.0.0-220.37) 2020/03/18 : 2.1r1 (1.0.0-219.37) - Revert "BUG/MEDIUM: random: implement a thread-safe and process-safe PRNG" - BUG/MAJOR: list: fix invalid element address calculation - BUG/MINOR: checks/threads: use ha_random() and not rand() - MINOR: backend: use a single call to ha_random32() for the random LB algo - BUG/MEDIUM: random: implement a thread-safe and process-safe PRNG - BUG/MEDIUM: random: implement a thread-safe and process-safe PRNG - MINOR: tools: add 64-bit rotate operators - BUG/MEDIUM: random: initialize the random pool a bit better - MINOR: contrib/prometheus-exporter: Add the last heathcheck duration metric - BUG/MINOR: http-htx: Do case-insensive comparisons on Host header name - BUG/MINOR: dns: ignore trailing dot - BUG/MINOR: sample: Make sure to return stable IDs in the unique-id fetch - BUG/MINOR: h2: reject again empty :path pseudo-headers - BUILD: ebtree: improve architecture-specific alignment - MINOR: compiler: add new alignment macros - BUG/MINOR: connection: make sure to correctly tag local PROXY connections - BUG/MEDIUM: ssl: fix several bad pointer aliases in a few sample fetch functions - BUG/MINOR: sample: fix the json converter's endian-sensitivity - CLEANUP: cfgparse: Fix type of second calloc() parameter - BUILD: fix recent build failure on unaligned archs - BUG/MEDIUM: ebtree: don't set attribute packed without unaligned access support - MINOR: compiler: move CPU capabilities definition from config.h and complete them - BUG/MEDIUM: shctx: make sure to keep all blocks aligned - BUG/MINOR: http: http-request replace-path duplicates the query string - MINOR: ist: add an iststop() function - BUG/MAJOR: http-ana: Always abort the request when a tarpit is triggered - MINOR: http-ana: Match on the path if the monitor-uri starts by a / - BUG/MINOR: http-ana: Matching on monitor-uri should be case-sensitive - BUG/MINOR: http-htx: Don't return error if authority is updated without changes - BUG/MINOR: filters: Count HTTP headers as filtered data but don't forward them - MINOR: filters: Forward data only if the last filter forwards something - MINOR: http-htx: Add a function to retrieve the headers size of an HTX message - SCRIPTS: announce-release: use mutt -H instead of -i to include the draft - MINOR: mux-fcgi: Make the capture of the path-info optional in pathinfo regex - BUG/MINOR: mux-fcgi: Forbid special characters when matching PATH_INFO param - BUG/MEDIUM: muxes: Use the right argument when calling the destroy method. - BUG/MINOR: namespace: avoid closing fd when socket failed in my_socketat 2020/03/06 : 2.1r1 (1.0.0-217.0)