Summary
2024/12/16 : 3.0r1 (1.0.0-339.415)
- MINOR: ssl/cli: add -A to the 'show ssl sni' command description
- MINOR: ssl/cli: allow to filter expired certificates with 'show ssl sni'
- MINOR: ssl: add utils functions to extract X509 notAfter date
- MINOR: ssl/cli: add negative filters to "show ssl sni"
- CLEANUP: ssl: fix comment in 'show ssl sni'
- DOC: management: fix typos and paragraph ordering in 'show ssl sni'
- MEDIUM: ssl/cli: "show ssl sni" list the loaded SNI in frontends
- MINOR: ssl: add notBefore and notAfter utility functions
- MINOR: hapee/modules: report the per-stream allocated size for each module
- BUG/MINOR: hapee/modules: do not send trailing LFs on "modules list"
2024/12/16 : 3.0r1 (1.0.0-339.405)
- BUG/MINOR: server-state: Fix expiration date of srvrq_check tasks
- CLEANUP: mux-h2/traces: reword certain ambiguous traces
- MINOR: mux-h2/traces: add a missing trace on negative initial window size
- BUG/MINOR: quic: remove startup alert if conn socket-owner unsupported
- BUG/MINOR: signal: register default handler for SIGINT in signal_init()
- BUG/MINOR: h1-htx: Use default reason if not set when formatting the response
- BUG/MEDIUM: http-ana: Reset request flag about data sent to perform a L7 retry
- BUG/MEDIUM: event_hdl: fix uninitialized value in async mode when no data is provided
- BUG/MINOR: log: fix lf_text() behavior with empty string
- MINOR: mux-quic: Don't send an emtpy H3 DATA frame during zero-copy forwarding
2024/12/05 : 3.0r1 (1.0.0-339.395)
- MINOR: stktable: implement "recv-only" table option
2024/11/27 : 3.0r1 (1.0.0-337.394)
- BUG/MEDIUM: sock: Remove FD_POLL_HUP during connect() if FD_POLL_ERR is not set
- BUG/MEDIUM: http-ana: Don't release too early the L7 buffer
- DEV: lags/show-sess-to-flags: Properly handle fd state on server side
- BUG/MAJOR: quic: fix wrong packet building due to already acked frames
2024/11/22 : 3.0r1 (1.0.0-337.390)
- BUG/MAJOR: mux-h1: Properly handle wrapping on obuf when dumping the first-line
- BUG/MEDIUM: pools/memprofile: always clean stale pool info on pool_destroy()
- MINOR: activity/memprofile: offer a function to unregister stale info
- BUG/MINOR: activity/memprofile: reinitialize the free calls on DSO summary
- BUG/MEDIUM: wdt: fix the stuck detection for warnings
- BUG/MEDIUM: debug: don't set the STUCK flag from debug_handler()
- DOC: config: Improve documentation of tune.http.maxhdr directive
- BUG/MEDIUM: h3: Increase max number of headers when sending headers
- BUG/MEDIUM: h3: Properly limit the number of headers received
- BUG/MEDIUM: mux-h2: Check the number of headers in HEADERS frame after decoding
- BUG/MEDIUM: mux-h2: Increase max number of headers when encoding HEADERS frames
- BUG/MINOR: http-ana: Adjust the server status before the L7 retries
- DOC: configuration: wrap long line for "strstr()" conditional expression
- DOC: configuration: explain quotes and spaces in conditional blocks
- DOC: lua: fix yield-dependent methods expected contexts
- DOC: config: Move fs.* and bs.* in section about L5 samples
- DOC: config: Move wait_end in section about internal samples
- DOC: config: Slightly improve the %Tr documentation
- BUG/MINOR: http_ana: Report -1 for %Tr for invalid response only
- DOC: config: Fix a typo in "1.3.1. The Request line"
- DOC: config: A a space before ':' for {bs,fs}.aborted and {bs,fs}.rst_code
- BUG/MINOR: peers: make sure to always apply offsets to now_ms in expiration
- BUG/MINOR: mux_quic: make sure to always apply offsets to now_ms in expiration
- BUG/MEDIUM: mailers: make sure to always apply offsets to now_ms in expiration
- BUG/MEDIUM: checks: make sure to always apply offsets to now_ms in expiration
- BUG/MINOR: Don't report early srv aborts on request forwarding in DONE state
- BUG/MEDIUM: mux-h2: Don't send RST_STREAM frame for streams with no ID
2024/11/13 : 3.0r1 (1.0.0-337.363)
- BUG/MEDIUM: resolvers: Insert a non-executed resulution in front of the wait list
- BUG/MINOR: cli: don't show sockpairs in HAPROXY_CLI and HAPROXY_MASTER_CLI
- BUG/MEDIUM: quic: prevent crash due to CRYPTO parsing error
- BUG/MINOR: guid/server: ensure thread-safety on GUID insert/delete
- CLEANUP: guid: remove global tree export
- BUG/MINOR: quic: repeat packet parsing to deal with fragmented CRYPTO
- MINOR: quic: extend return value of CRYPTO parsing
- MINOR: quic: use dynamically allocated frame on parsing
- MINOR: quic: simplify qc_parse_pkt_frms() return path
- BUG/MEDIUM: quic: support wait-for-handshake
- BUG/MINOR: stream: unblock stream on wait-for-handshake completion
- MINOR: quic: notify connection layer on handshake completion
- BUG/MEDIUM: pattern: prevent uninitialized reads in pat_match_{str,beg}
- BUG/MINOR: hapee: Makefile: bad substitution for MODVERSION variable
- BUG/MINOR: hapee: relax __vers symbol check
- MINOR: debug: move the "recover now" warn message after the optional notes
- BUILD: Missing inclusion header for ssize_t type
- BUILD: debug: also declare strlen() in __ABORT_NOW()
- DEBUG: wdt: add a stats counter "BlockedTrafficWarnings" in show info
- DEBUG: wdt: make the blocked traffic warning delay configurable
- DEBUG: cli: make it possible for "debug dev loop" to trigger warnings
- DEBUG: wdt: better detect apparently locked up threads and warn about them
- MINOR: debug: add a function to dump a stuck thread
- MINOR: wdt: move the local timers to a struct
- MINOR: debug: remove the redundant process.thread_info array from post_mortem
- MINOR: debug: also add fdtab and acitvity to struct post_mortem
- MINOR: debug: also add a pointer to struct global to post_mortem
- MINOR: debug: do not limit backtraces to stuck threads
- MINOR: debug: print gdb hints when crashing
- MINOR: connection: add new sample fetch functions fc_err_name and bc_err_name
- MINOR: rawsock: set connection error codes when returning from recv/send/splice
- MINOR: connection: add more connection error codes to cover common errno
- BUG/MINOR: stats: Fix the name for the total number of streams created
- MINOR: cli/debug: show dev: add cmdline and version
- MINOR: tcpcheck: Add support for an option host header value for httpchk option
- BUG/MINOR: quic: fix malformed probing packet building
- CLEANUP: connection: properly name the CO_ER_SSL_FATAL enum entry
- DOC: config: document connection error 44 (reverse connect failure)
- BUG/MEDIUM: promex: Fix dump of extra counters
- MINOR: stream: Save last evaluated rule on invalid yield
- BUG/MINOR: http-ana: Report internal error if an action yields on a final eval
- BUG/MEDIUM: mux-h1: Fix how timeouts are applied on H1 connections
- DOC: config: add missing glitch_{cnt,rate} sample definitions
- DOC: config: add missing glitch_{cnt,rate} data types
- BUG/MINOR: ssl/cli: 'set ssl cert' does not check the transaction name correctly
- BUG/MINOR: trace: stop rewriting argv with -dt
- MINOR: cli: remove non-printable characters from 'debug dev fd'
- MINOR: debug: store important pointers in post_mortem
- MINOR: debug: place the post_mortem struct in its own section.
- MINOR: debug: place a magic pattern at the beginning of post_mortem
- MINOR: pools: export the pools variable
- BUILD: debug: silence a build warning with threads disabled
- BUG/MEDIUM: server: fix race on servers_list during server deletion
- BUG/MINOR: stconn: Don't disable 0-copy FF if EOS was reported on consumer side
- BUG/MINOR: http-ana: Fix wrong client abort reports during responses forwarding
- BUG/MEDIUM: stconn: Report blocked send if sends are blocked by an error
- BUG/MINOR: server: fix dynamic server leak with check on failed init
- MINOR: activity/memprofile: show per-DSO stats
- MEDIUM: debug: on panic, make the target thread automatically allocate its buf
- MINOR: debug: replace ha_thread_dump() with its two components
- MINOR: debug: make ha_thread_dump_done() take the pointer to be used
- MINOR: debug: slightly change the thread_dump_pointer signification
- MINOR: debug: split ha_thread_dump() in two parts
- MINOR: chunk: drop the global thread_dump_buffer
- MINOR: debug: make mark_tainted() return the previous value
- MINOR: activity/memprofile: always return "other" bin on NULL return address
- BUG/MEDIUM: connection/http-reuse: fix address collision on unhandled address families
- BUG/MEDIUM: mux-h2: Remove H2S from send list if data are sent via 0-copy FF
- BUG/MEDIUM: stats-html: Never dump more data than expected during 0-copy FF
- BUG/MINOR: mux-quic: do not close STREAM with empty FIN if no data sent
- BUG/MINOR: mworker: fix mworker-max-reloads parser
- DOC: config: fix rfc7239 forwarded typo in desc
- BUG/MEDIUM: quic: avoid freezing 0RTT connections
- BUG/MINOR: quic: avoid leaking post handshake frames
- REGTESTS: Never reuse server connection in http-messaging/truncated.vtc
- BUG/MAJOR: filters/htx: Add a flag to state the payload is altered by a filter
- BUG/MEDIUM: stconn: Check FF data of SC to perform a shutdown in sc_notify()
- BUG/MINOR: http-ana: Don't report a server abort if response payload is invalid
- BUG/MEDIUM: stconn: Wait iobuf is empty to shut SE down during a check send
- BUG/MINOR: httpclient: return NULL when no proxy available during httpclient_new()
- BUG/MEDIUM: queue: make sure never to queue when there's no more served conns
- BUG/MEDIUM: mux-quic: ensure timeout server is active for short requests
- BUG/MEDIUM: hlua: properly handle sample func errors in hlua_run_sample_{fetch,conv}()
- BUG/MEDIUM: hlua: make hlua_ctx_renew() safe
- MINOR: arg: add an argument type for identifier
- BUG/MEDIUM: server: server stuck in maintenance after FQDN change
- MINOR: hapee/da: alert in case of incorrect data version
- BUG/MINOR: hapee/da: enabling use of precompiled json database in 'deviceatlas-json-file'
- MINOR: hapee: Update backports list and hapee commit list
- BUG/MINOR: http-ana: Disable fast-fwd for unfinished req waiting for upgrade
- BUG/MINOR: mux-h1: Fix condition to set EOI on SE during zero-copy forwarding
- MEDIUM: bwlim: Use a read-lock on the sticky session to apply a shared limit
- MEDIUM: stick-table: Add support of a factor for IN/OUT bytes rates
- MINOR: stream/stats: Expose the total number of streams ever created in stats
- MINOR: stream/stats: Expose the current number of streams in stats
- MINOR: stream: Support dynamic changes of the number of connection retries
- MINOR: stream: Rely on a per-stream max connection retries value
- MINOR: action: Export release_expr_int_action() release function
- BUG/MEDIUM: queue: always dequeue the backend when redistributing the last server
- MINOR: server: make srv_shutdown_sessions() call pendconn_redistribute()
- BUG/MINOR: queue: make sure that maintenance redispatches server queue
- BUG/MEDIUM: stream: make stream_shutdown() async-safe
- MINOR: task: define two new one-shot events for use with WOKEN_OTHER or MSG
- MINOR: tools: do not attempt to use backtrace() on linux without glibc
- BUILD: tools: only include execinfo.h for the real backtrace() function
- BUG/MINOR: cfgparse-global: fix allowed args number for setenv
- BUG/MINOR: server: make sure the HMAINT state is part of MAINT
- BUG/MEDIUM: cli: Deadlock when setting frontend maxconn
- BUG/MEDIUM: cli: Be sure to catch immediate client abort
- BUG/MINOR: mux-quic: report glitches to session
- REGTESTS: shorten a bit the delay for the h1/h2 upgrade test
- REGTESTS: h1/h2: Update script testing H1/H2 protocol upgrades
- BUG/MEDIUM: mux-h1/mux-h2: Reject upgrades with payload on H2 side only
- MINOR: mux-h1: Set EOI on SE during demux when both side are in DONE state
- BUG/MINOR: h2: reject extended connect for h2c protocol
- BUG/MINOR: h1: do not forward h2c upgrade header token
- MINOR: connection: No longer include stconn type header in connection-t.h
- BUG/MINOR: quic: prevent freeze after early QCS closure
- BUG/MEDIUM: quic: handle retransmit for standalone FIN STREAM
- MINOR: quic: implement function to check if STREAM is fully acked
- MINOR: quic: convert qc_stream_desc release field to flags
- BUG/MINOR: cfgparse-listen: fix option httpslog override warning message
- BUG/MINOR: fix missing "'option httpslog' overrides previous 'option tcplog clf'..." detection
- BUG/MINOR: fix missing "log-format overrides previous 'option tcplog clf'..." detection
- BUG/MEDIUM: promex: Wait to have the request before sending the response
- BUG/MEDIUM: cache/stats: Wait to have the request before sending the response
- BUG/MEDIUM: sc_strm/applet: Wake applet after a successfull synchronous send
- DOC: config: Explicitly list relaxing rules for accept-invalid-http-* options
- BUG/MINOR: peers: local entries updates may not be advertised after resync
- BUG/MEDIUM: queue: implement a flag to check for the dequeuing
- BUG/MINOR: clock: validate that now_offset still applies to the current date
- BUG/MINOR: clock: make time jump corrections a bit more accurate
- BUG/MINOR: polling: fix time reporting when using busy polling
- MEDIUM: h1: Accept invalid T-E values with accept-invalid-http-response option
- MEDIUM: hapee/51d: support data reload for 51Degrees V4 engine
- BUG/MINOR: pattern: do not leave a leading comma on "set" error messages
- BUG/MINOR: h1-htx: Don't flag response as bodyless when a tunnel is established
- BUG/MAJOR: mux-h1: Wake SC to perform 0-copy forwarding in CLOSING state
- BUG/MEDIUM: pattern: prevent UAF on reused pattern expr
- BUG/MINOR: pattern: prevent const sample from being tampered in pat_match_beg()
- BUG/MEDIUM: clock: detect and cover jumps during execution
- REGTESTS: fix random failures with wrong_ip_port_logging.vtc under load
- MINOR: hapee: add a .hapee directory to list backporting notes
- DOC: configuration: place the HAPROXY_HTTP_LOG_FMT example on the correct line
- MINOR: config: Created env variables for http and tcp clf formats
- MINOR: Implements new log format of option tcplog clf
- BUG/MINOR: quic: Too short datagram during packet building failures (aws-lc only)
- BUG/MINOR: quic: Crash from trace dumping SSL eary data status (AWS-LC)
- BUG/MEDIUM: quic: always validate sender address on 0-RTT
- MINOR: quic: Add trace for QUIC_EV_CONN_IO_CB event.
- MINOR: quic: Implement qc_ssl_eary_data_accepted().
- MINOR: quic: Modify NEW_TOKEN frame structure (qf_new_token struct)
- BUG/MINOR: quic: Missing incrementation in NEW_TOKEN frame builder
- MINOR: quic: Token for future connections implementation.
- MEDIUM: ssl/quic: implement quic crypto with EVP_AEAD
- MINOR: quic: Implement quic_tls_derive_token_secret().
- MINOR: tools: Implement ipaddrcpy().
- BUG/MEDIUM: clock: also update the date offset on time jumps
- BUILD: quic: 32bits build broken by wrong integer conversions for printf()
- BUG/MINOR: cfgparse-global: remove tune.fast-forward from common_kw_list
- DOC: config: correct the table for option tcplog
- BUG/MINOR: pattern: pat_ref_set: return 0 if err was found
- BUG/MINOR: pattern: pat_ref_set: fix UAF reported by coverity
- BUG/MINOR: h3: properly reject too long header responses
- BUG/MINOR: proto_uxst: delete fd from fdtab if listen() fails
- BUG/MINOR: mux-quic: do not send too big MAX_STREAMS ID
- REGTESTS: mcli: test the pipelined commands on master CLI
- BUG/MEDIUM: mworker/cli: fix pipelined modes on master CLI
- MINOR: channel: implement ci_insert() function
- BUG/MINOR: proto_tcp: keep error msg if listen() fails
- BUG/MINOR: proto_tcp: delete fd from fdtab if listen() fails
- BUG/MINOR: quic/trace: make quic_conn_enc_level_init() emit NEW not CLOSE
- BUG/MINOR: trace/quic: make "qconn" selectable as a lockon criterion
- BUG/MINOR: trace: automatically start in waiting mode with "start <evt>"
- BUG/MEDIUM: trace: fix null deref in lockon mechanism since TRACE_ENABLED()
- BUG/MINOR: trace/quic: permit to lock on frontend/connect/session etc
- BUG/MINOR: trace/quic: enable conn/session pointer recovery from quic_conn
- DOC: configuration: fix alphabetical ordering of {bs,fs}.aborted
- BUG/MINOR: fcgi-app: handle a possible strdup() failure
- BUG/MEDIUM: peer: Notify the applet won't consume data when it waits for sync
- BUG/MEDIUM: mux-h2: Propagate term flags to SE on error in h2s_wake_one_stream
- BUG/MEDIUM: h2: Only report early HTX EOM for tunneled streams
- BUG/MEDIUM: http-ana: Report error on write error waiting for the response
- BUG/MEDIUM: quic: prevent conn freeze on 0RTT undeciphered content
- BUG/MEDIUM: ssl: 0-RTT initialized at the wrong place for AWS-LC
- BUG/MEDIUM: ssl: reactivate 0-RTT for AWS-LC
- BUG/MINOR: stconn: bs.id and fs.id had their dependencies incorrect
- BUILD: mux-pt: Use the right name for the sedesc variable
- BUG/MEDIUM: mux-pt/mux-h1: Release the pipe on connection error on sending path
- BUG/MEDIUM: stconn: Report error on SC on send if a previous SE error was set
- BUG/MEDIUM: server/addr: fix tune.events.max-events-at-once event miss and leak
- BUG/MEDIUM: mux-pt: Fix condition to perform a shutdown for writes in mux_pt_shut()
- BUG/MINOR: Crash on O-RTT RX packet after dropping Initial pktns
- BUG/MINOR: quic: Too shord datagram during O-RTT handshakes (aws-lc only)
- BUG/MAJOR: mux-h2: always clear MUX_MFULL and DEM_MROOM when clearing the mbuf
- MINOR: mux-h2: try to clear DEM_MROOM and MUX_MFULL at more places
- BUG/MEDIUM: mux-h1: Properly handle empty message when an error is triggered
- BUG/MINOR: quic: unexploited retransmission cases for Initial pktns.
- BUG/MEDIUM: cli: Always release back endpoint between two commands on the mcli
- BUG/MEDIUM: mux-pt: Never fully close the connection on shutdown
- BUG/MINIR: proxy: Match on 429 status when trying to perform a L7 retry
- BUG/MEDIUM: stream: Prevent mux upgrades if client connection is no longer ready
- BUG/MEDIUM: mux-h2: Set ES flag when necessary on 0-copy data forwarding
- MINOR: proxy: Add support of 429-Too-Many-Requests in retry-on status
- DOC: quic: fix default minimal value for max window size
- MEDIUM: log: relax some checks and emit diag warnings instead in lf_expr_postcheck()
- BUG/MINOR: hapee/da: fixed bug when using binary version of database
- BUG/BUILD: hapee/da: added preprocessed source code generation for *.cpp files
- MINOR: hapee/WURFL: transfer error status from the _wurfl_reload() function
- MINOR: hapee/WURFL: added live update database function
- MINOR: hapee/WURFL: added custom API log function
- MINOR: hapee/WURFL: added function to check correct module initialization
- BUG/MINOR: hapee/WURFL: corrected version check of used wurfl library
- BUILD: hapee/da: repaired build in case of using old DeviceAtlas library
- MINOR: hapee/da: add function that allow data reload
- MINOR: hapee/da: add spin locking
- MINOR: hapee/da: add support for loading a precompiled json data
- MEDIUM: hapee/da: Revert "MEDIUM: da: update module to handle schedule mode."
- MINOR: hapee/51d: add function that returns path to 51Degrees data file
- MINOR: hapee/51d: add function that allow data reload
- BUG/MINOR: hapee/51d: add spin locking
- BUILD: hapee/51d: fix error when building with 51Degrees enabled
- BUG/MEDIUM: hapee/51d: fix a segfault on exit when 51d configuration is not loaded
- MEDIUM: hapee/51d: use fiftyoneDegreesProvider to access the pool and dataset
- Revert "MEDIUM: sink: don't set NOLINGER flag on the outgoing stream interface"
- BUG/MEDIUM: init: fix fd_hard_limit default in compute_ideal_maxconn
- MEDIUM: init: set default for fd_hard_limit via DEFAULT_MAXFD (take #2)
- BUG/MEDIUM: queue: deal with a rare TOCTOU in assign_server_and_queue()
- MINOR: queue: add a function to check for TOCTOU after queueing
- MEDIUM: h1: allow to preserve keep-alive on T-E + C-L
- MINOR: quic: Add information to "show quic" for CUBIC cc.
- MINOR: quic: Dump TX in flight bytes vs window values ratio.
- BUG/MEDIUM: jwt: Clear SSL error queue on error when checking the signature
- BUG/MINOR: quic: Lack of precision when computing K (cubic only cc)
- MEDIUM: sink: don't set NOLINGER flag on the outgoing stream interface
- BUG/MINOR: quic: Non optimal first datagram.
- BUG/MINOR: cli: Atomically inc the global request counter between CLI commands
- BUG/MINOR: server: Don't warn fallback IP is used during init-addr resolution
- BUG/MINOR: stick-table: fix crash for src_inc_gpc() without stkcounter
- DOC: config: improve the http-keep-alive section
- DOC: configuration: issuers-chain-path not compatible with OCSP
- BUG/MAJOR: mux-h2: force a hard error upon short read with pending error
- BUG/MEDIUM: ssl_sock: fix deadlock in ssl_sock_load_ocsp() on error path
- DOC: install: don't reference removed CPU arg
- BUG/MEDIUM: debug/cli: fix "show threads" crashing with low thread counts
- BUG/MINOR: session: Eval L4/L5 rules defined in the default section
- CLEANUP: quic: rename TID affinity elements
- CLEANUP: proto: rename TID affinity callbacks
- BUG/MEDIUM: quic: prevent crash on accept queue full
- BUILD: listener: silence a build warning about unused value without threads
- MINOR: proto: extend connection thread rebind API
- BUG/MEDIUM: bwlim: Be sure to never set the analyze expiration date in past
- DEV: flags/quic: decode quic_conn flags
- BUG/MEDIUM: spoe: Be sure to create a SPOE applet if none on the current thread
- BUG/MEDIUM: h1: Reject empty Transfer-encoding header
- BUG/MINOR: h1: Reject empty coding name as last transfer-encoding value
- BUG/MINOR: h1: Fail to parse empty transfer coding names
- BUG/MINOR: jwt: fix variable initialisation
- Revert "MEDIUM: init: set default for fd_hard_limit via DEFAULT_MAXFD"
- BUG/MEDIUM: peers: Fix crash when syncing learn state of a peer without appctx
- DOC: configuration: update maxconn description
- MEDIUM: init: set default for fd_hard_limit via DEFAULT_MAXFD
- BUG/MINOR: jwt: don't try to load files with HMAC algorithm
- BUG/MEDIUM: server: fix race on server_atomic_sync()
- DOC: configuration: more details about the master-worker mode
- BUG/MEDIUM: hlua/cli: Fix lua CLI commands to work with applet's buffers
- BUG/MINOR: promex: Remove Help prefix repeated twice for each metric
- BUG/MEDIUM: quic: fix possible exit from qc_check_dcid() without unlocking
- BUG/MINOR: quic: fix race-condition on trace for CID retrieval
- BUG/MINOR: quic: fix race condition in qc_check_dcid()
- BUG/MEDIUM: quic: fix race-condition in quic_get_cid_tid()
- BUG/MEDIUM: h3: ensure the ":scheme" pseudo header is totally valid
- BUG/MEDIUM: h3: ensure the ":method" pseudo header is totally valid
- BUG/MEDIUM: server/dns: prevent DOWN/UP flap upon resolution timeout or error
- MINOR: activity: make the memory profiling hash size configurable at build time
- BUG/MINOR: server: fix first server template name lookup UAF
- DOC: configuration: add details about crt-store in bind "crt" keyword
- BUG/MEDIUM: stick-table: Decrement the ref count inside lock to kill a session
- BUG/MINOR: hlua: report proper context upon error in hlua_cli_io_handler_fct()
- DEV: flags/show-fd-to-flags: adapt to recent versions
- BUG/MINOR: quic: fix BUG_ON() on Tx pkt alloc failure
- BUG/MINOR: h3: fix BUG_ON() crash on control stream alloc failure
- BUG/MINOR: mux-quic: fix crash on qcs SD alloc failure
- BUG/MINOR: h3: fix crash on STOP_SENDING receive after GOAWAY emission
- DOC: api/event_hdl: small updates, fix an example and add some precisions
- SCRIPTS: git-show-backports: do not truncate git-show output
- BUG/MAJOR: quic: fix padding with short packets
- DOC: management: document ptr lookup for table commands
- DOC: configuration: fix alphabetical order of bind options
- BUG/MEDIUM: proxy: fix email-alert invalid free
- REGTESTS: ssl: fix some regtests 'feature cmd' start condition
- DEBUG: hlua: distinguish burst timeout errors from exec timeout errors
- BUG/MINOR: log: fix broken '+bin' logformat node option
- DOC: management: rename show stats domain cli "dns" to "resolvers"
- DOC/MINOR: management: add -dZ option
- DOC/MINOR: management: add missed -dR and -dv options
- BUG/MINOR: quic: fix padding of INITIAL packets
- BUG/MAJOR: mux-h1: Prevent any UAF on H1 connection after draining a request
- CLEANUP: log/proxy: fix comment in proxy_free_common()
- BUG/MEDIUM: proxy: fix UAF with {tcp,http}checks logformat expressions
- MINOR: proxy: add proxy_free_common() helper function
- BUG/MINOR: promex: Skip resolvers metrics when there is no resolver section
- DOC: config: add missing context hint for new server and proxy keywords
- DOC: config: add missing section hint for "guid" proxy keyword
- DOC: config: move "hash-key" from proxy to server options
- BUG/MEDIUM: log: fix lf_expr_postcheck() behavior with default section
- BUG/MINOR: proxy: fix header_unique_id leak on deinit()
- BUG/MINOR: proxy: fix source interface and usesrc leaks on deinit()
- BUG/MINOR: proxy: fix dyncookie_key leak on deinit()
- BUG/MINOR: proxy: fix check_{command,path} leak on deinit()
- BUG/MINOR: proxy: fix email-alert leak on deinit()
- BUG/MINOR: proxy: fix log_tag leak on deinit()
- BUG/MINOR: proxy: fix server_id_hdr_name leak on deinit()
- MINOR: log: fix "http-send-name-header" ignore warning message
- BUG/MINOR: mux-h1: Use the right variable to set NEGO_FF_FL_EXACT_SIZE flag
- BUG/MAJOR: mux-h1: Properly copy chunked input data during zero-copy nego
- BUG/MEDIUM: stconn/mux-h1: Fix suspect change causing timeouts
- BUG/MINOR: quic: ensure Tx buf is always purged
- BUG/MINOR: quic: fix computed length of emitted STREAM frames
- BUG/MEDIUM: ssl: bad auth selection with TLS1.2 and WolfSSL
- BUG/MINOR: hapee: remove leading \n on __vers error
- MEDIUM: hapee: warn on unsupported initcalls
- BUG/MINOR: hapee: forbid to load a module twice
- BUG/MEDIUM: ssl: wrong priority whem limiting ECDSA ciphers in ECDSA+RSA configuration
- BUG/MEDIUM: mux-quic: Don't unblock zero-copy fwding if blocked during nego
- CLEANUP: hlua: simplify ambiguous lua_insert() usage in hlua_ctx_resume()
- BUG/MINOR: hlua: fix leak in hlua_ckch_set() error path
- BUG/MINOR: hlua: prevent LJMP in hlua_traceback()
- BUG/MINOR: hlua: fix unsafe hlua_pusherror() usage
- BUG/MINOR: hlua: don't use lua_pushfstring() when we don't expect LJMP
- CLEANUP: hlua: use hlua_pusherror() where relevant
- BUG/MINOR: quic: prevent crash on qc_kill_conn()
- BUG/MEDIUM: mux-quic: Unblock zero-copy forwarding if the txbuf can be released
- MEDIUM: stconn: Be able to unblock zero-copy data forwarding from done_fastfwd
- BUG/MEDIUM: h1-htx: Don't state interim responses are bodyless
- BUG/MINOR: hlua: use CertCache.set() from various hlua contexts
- DOC: configuration: add an example for keywords from crt-store
- BUG/MINOR: tools: fix possible null-deref in env_expand() on out-of-memory
- BUG/MINOR: tcpcheck: report correct error in tcp-check rule parser
- BUG/MINOR: cfgparse: remove the correct option on httpcheck send-state warning
- HAPEE: udp: update structs and functions required for the UDP module
- BUILD: hapee/addons: fix build without USE_QUIC=1
- HAPEE: makefile: automatically build objects in addons/hapee_*
- HAPEE: makefile: update the cleanup rule to also remove *.i from addons
- HAPEE: addons: quic CID in -vv
- HAPEE: addons: adds quic CID generator to interop with packetshield
- MEDIUM: hapee: does not pass OPTION_LDFLAGS to modules
- MINOR: hapee/modules: check if we generate the API hash correctly
- BUG/MINOR: hapee/modules: adjust include match() in gen-modules-config-h.awk
- BUG/MINOR: hapee/modules: initialize the module head list
- BUILD: hapee/modules: select either md5 or md5sum
- MEDIUM: hapee/modules: load the STG_REGISTER initcalls
- BUG/MINOR: hapee/modules: display detailed error message on mod_init() failure
- MINOR: hapee/modules: add a new label MODULES_LOCK to the lock_label enum
- MINOR: hapee/modules: add the ability to register variable and functions.
- MEDIUM: hapee/modules: 'modules list' on the cli shows currently loaded modules
- MINOR: hapee/modules: terminate properly loaded modules if possible
- MEDIUM: hapee/modules: add memory reservation support for the modules
- MINOR: hapee: change URLs for 3.0r1
- BUILD: hapee/modules: update HAPEE version macro to 3.0r1
- BUILD: hapee/modules: add macros to compute numerical value of a HAPEE version
- BUILD: hapee/modules: add version of the module in the defines
- MEDIUM: hapee/modules: add modules support
HAPEE-LB 3.0r1 – Changelog