Changelog - HAProxy Enterprise 2.0r1

#2024/01/17 : 2.0r1 (1.0.0-253.1592)

#2023/10/10 : 2.0r1 (1.0.0-251.1592)

#2023/08/16 : 2.0r1 (1.0.0-250.1592)

BUG/MINORhttpskip leading zeroes in content-length values
DOCclarify the handling of URL fragments in requests
REGTESTShttp-rulesverify that we block '#' by default for normalize-uri
BUG/MINORh2reject more chars from the :path pseudo header
BUG/MINORh1do not accept '#' as part of the URI component
MINORh2pass accept-invalid-http-request down the request parser
MINORhttpadd new function http_path_has_forbidden_char()
MINORistAdd istend() function to return a pointer to the end of the string
MINORistadd new function ist_find_range() to find a character range
BUG/MAJORhttpreject any empty content-length header value
BUG/MAJORhttp-anaGet a fresh trash buffer for each header value replacement
BUG/MINORchunkfix chunk_appendf() to not write a zero if buffer is full
DOCconfigurationdescribe Td in Timing events
CIexplicitely highlight VTest result section if there's something
BUG/MINORhttpReturn the right reason for 302
BUG/MINORsampleFix wrong overflow detection in add/sub conveters
DOCAdd tune.h2.max-frame-size option to table of contents
BUG/MEDIUMmworkerincrease maxsock with each new worker
BUG/MINORnamespacemissing free in netns_sig_stop()
BUG/MINORserverinherit from netns in srv_settings_cpy()
BUG/MINORproxyadd missing interface bind free in free_proxy
BUG/MINORcfgparse-tcpleak when re-declaring interface from bind line

#2023/06/09 : 2.0r1 (1.0.0-250.1570)

#2023/06/06 : 2.0r1 (1.0.0-249.1570)

DOCconfigFix bind/server/peer documentation in the peers section
BUG/MINORspoeOnly skip sending new frame after a receive attempt
CONTRIBAdd vi file extensions to .gitignore

#2023/05/30 : 2.0r1 (1.0.0-249.1567)

BUG/MINORserverdon't use date when restoring last_change from state file
BUG/MINORserverdon't miss server stats update on server state transitions
BUG/MINORserverdon't miss proxy stats update on server state transitions
MINORserverexplicitly commit state change in srv_update_status()
BUG/MINORserverincorrect report for tracking servers leaving drain
BUG/MEDIUMspoeDon't start new applet if there are enough idle ones
BUG/MINORdebugdo not emit empty lines in thread dumps
BUG/MEDIUMfiltersDon't deinit filters for disabled proxies during startup
MINORspoeDon't stop disabled proxies
BUG/MINORproxymissing free in free_proxy for redirect rules
BUG/MINORlogfix memory error handling in parse_logsrv()
SCRIPTSpublish-releaseupdate the umask to keep group write access
BUG/MINORhluaunsafe hlua_lua2smp() usage
DOCconfigClarify conditions to shorten the inspect-delay for TCP rules
BUG/MINORtcp-rulesDon't shortened the inspect-delay when EOI is set
BUG/MEDIUMmux-h1do not refrain from signaling errors after end of input
BUG/MINORmux-h1Account consumed output data on synchronous connection error
BUG/MEDIUMmux-h1Handle connection error after a synchronous send

#2023/05/17 : 2.0r1 (1.0.0-249.1549)

BUG/MINORcheckspostpone the startup of health checks by the boot time
MINORclockmeasure the total boot time
MINORchecksmake sure spread-checks is used also at boot time

#2023/04/24 : 2.0r1 (1.0.0-249.1546)

BUG/MINORmux-h2make sure to produce a log on invalid requests
BUG/MEDIUMUpdate read expiration date on synchronous send
CIbump actions/checkout to v3 for cross zoo matrix
MINORproxy/poolprevent unnecessary calls to pool_gc()
BUG/MEDIUMmux-h1Wakeup H1C on shutw if there is no I/O subscription
BUG/MEDIUMmux-h2erase h2c->wait_event.tasklet on error path
BUG/MEDIUMspoeDon't set the default traget for the SPOE agent frontend
BUG/MINORmux-h2make sure the h2c task exists before refreshing it
BUG/MINORsslUse 'date' instead of 'now' in ocsp stapling callback
BUG/MINORmworkerprevent incorrect values in uptime
BUG/MEDIUMmworkerdon't register mworker_accept_wrapper() when master FD is wrong
CIgithubdon't warn on deprecated openssl functions on windows

#2023/02/13 : 2.0r1 (1.0.0-248.1534)

BUG/CRITICALhttpproperly reject empty http header field names
DOCproxy-protocolfix wrong byte in provided example
DOCconfig'http-send-name-header' option may be used in default section
DOCconfigfix option spop-check proxy compatibility
BUG/MEDIUMcacheuse the correct time reference when comparing dates
BUG/MEDIUMstick-tabledo not leave entries in end of window during purge
BUG/MEDIUMsslwrong eviction from the session cache tree
BUG/MINORhttp-anamake set-status also update txn->status
BUG/MINORhttp-fetchDon't block HTTP sample fetch eval in HTTP_MSG_ERROR state
BUG/MINORpromexDon't forget to consume the request on error
BUG/MINORresolversWait the resolution execution for a do_resolv action

#2023/02/08 : 2.0r1 (1.0.0-247.1523)

#2023/01/20 : 2.0r1 (1.0.0-245.1523)

BUG/MINORmux-fcgiCorrectly set pathinfo
BUG/MAJORfcgiFix uninitialized reserved bytes
BUG/MAJORbufFix copy of wrapping output data when a buffer is realigned
BUILDmakefilesort the features list
BUILDmakefilebuild the features list dynamically
BUG/MINORpool/statsUse ullong to report total pool usage in bytes in stats
BUG/MEDIUMmux-h2Refuse interim responses with end-stream flag set
LICENSEwurflclarify the dummy library license.
BUG/MEDIUMresolversUse tick_first() to update the resolvers task timeout
BUG/MEDIUMmworkerfix segv in early failure of mworker mode with peers
BUG/MINORsslFix potential overflow
BUG/MEDIUMsslVerify error codes can exceed 63
CIgithubchange ubuntu-latest to ubuntu-20.04
SCRIPTSannounce-releaseadd a link to the data plane API

#2022/12/27 : 2.0r1 (1.0.0-245.1509)

#2022/12/09 : 2.0r1 (1.0.0-244.1509)

DOCconfigclarify the -m dir and -m dom pattern matching methods
DOCconfigclarify the fact that retries is not just for connections
DOCconfigexplain how default matching method for ACL works
DOCconfigclarify the fact that SNI should not be used in HTTP scenarios
DOCconfigprovide some configuration hints for http-reuse

#2022/11/29 : 2.0r1 (1.0.0-244.1503)

BUILDlistenerfix build warning on global_listener_rwlock without threads
BUILDpeersRemove unused variables
BUG/MEDIUMpeersmessages about unkown tables not correctly ignored
BUG/MINORhttp_ana/txndon't re-initialize txn and req var lists
BUG/MEDIUMlistenerFix race condition when updating the global mngmt task
CIemit the compiler's version in the build reports
CIadd monthly gcc cross compile jobs
BUG/MEDIUMstick-tablefix a race condition when updating the expiration task

#2022/10/26 : 2.0r1 (1.0.0-244.1495)

BUILDssl-ckchFix GCC warning about a if statement always true
BUG/MAJORstick-tabledon't process store-response rules for applets
DOCmanagementadd forgotten show startup-logs
CIReplace the deprecated `::set-output` command by writing to $GITHUB_OUTPUT in workflow definition
CIReplace the deprecated `::set-output` command by writing to $GITHUB_OUTPUT in matrix.py
BUG/MAJORstick-tablesdo not try to index a server name for applets
DOCconfigurationmissing 'if' in tcp-request content example
BUILDhttp_fetchsilence an uninitiialized warning with gcc-4/5/6 at -Os
BUG/MINORhttp-fetchUpdate method after a prefetch in smp_fetch_meth()
BUG/MEDIUMluahandle stick table implicit arguments right.
BUILDcfgparseFix GCC warning about a variable used after realloc
BUILDfix compilation for OpenSSL-3.0.0-alpha17
BUG/MINORlogimproper behavior when escaping log data
SCRIPTSannounce-releaseupdate some URLs to https
BUG/MEDIUMcapturesfree() an error capture out of the proxy lock
BUG/MEDIUMproxyensure pause_proxy() and resume_proxy() own PROXY_LOCK
BUG/MINORsignals/pollerensure wakeup from signals
BUG/MINORsignals/pollerset the poller timeout to 0 when there are signals
BUG/MINORh1Support headers case adjustment for TCP proxies
REGTESTShttp_request_bufferAdd a barrier to not mix up log messages

#2022/08/30 : 2.0r1 (1.0.0-244.1475)

BUG/MEDIUMpeersDon't start resync on reload if local peer is not up-to-date
BUG/MEDIUMpeersDon't use resync timer when local resync is in progress
BUG/MEDIUMpeersAdd connect and server timeut to peers proxy
BUG/MEDIUMspoeProperly update streams waiting for a ACK in async mode
DOCconfigurationdo-resolve doesn't work with a port in the string
BUG/MINORresolversreturn the correct value in resolvers_finalize_config()
BUG/MEDIUMmux-h2do not fiddle with ->dsi to indicate demux is idle
BUILDhttpsilence an uninitialized warning affecting gcc-5
BUG/MEDIUMproxyPerform a custom copy for default server settings
REORGserverExport srv_settings_cpy() function
MINORserverConstify source server to copy its settings
BUG/MINORpeersUse right channel flag to consider the peer as connected
BUG/MEDIUMpeerslimit reconnect attempts of the old process on reload
MINORpeersUse a dedicated reconnect timeout when stopping the local peer
BUG/MINORsslfree the fields in srv->ssl_ctx

#2022/07/29 : 2.0r1 (1.0.0-243.1460)

BUG/MINORsockpairwrong return value for fd_send_uxst()
BUG/MINORbackendFallback on RR algo if balance on source is impossible
BUG/MINORpeersfix possible NULL dereferences at config parsing
BUG/MINORpeers/configalways fill the bind_conf's argument
BUG/MINORhttp-fetchUse integer value when possible in method sample fetch
BUG/MINORhttp-anaSet method to HTTP_METH_OTHER when an HTTP txn is created
BUG/MINORserverdo not enable DNS resolution on disabled proxies
BUILDcompilerimplement unreachable for older compilers too
REGTESTShttp_request_bufferIncrease client timeout to wait slow clients
REGTESTSabortoncloseAdd a barrier to not mix up log messages
BUG/MINORconn_streamdo not confirm a connection from the frontend path

#2022/06/10 : 2.0r1 (1.0.0-241.1449)

HAPEEupdate backported HAPEE patches
BUG/MINORsslFix crash when no private key is found in pem
BUG/MEDIUMfcgi-appUse http_msg flags to know if C-L header can be added
BUG/MINORfcgi-appDon't add C-L header on response to HEAD requests
DOCpeersfix port number and addresses on new peers section format
DOCpeersclarify when entry expiration date is renewed.
DOCpeersindicate that some server settings are not usable
SCRIPTSmake publish-release try to launch make-releases-json
SCRIPTSadd make-releases-json to recreate a releases.json file in download dirs
BUG/MEDIUMsampleFix adjusting size in word converter
BUG/MEDIUMpeersprevent unitialized multiple listeners on peers section
BUG/MEDIUMpeersfix segfault using multiple bind on peers sections
BUG/MEDIUMhttpProperly reject non-HTTP/1.x protocols
BUG/MINORpeersfix error reporting of bind lines
REGTESTSabortoncloseFix some race conditions
BUILDfix build warning on solaris based systems with __maybe_unused.
CIdetermine actual LibreSSL version dynamically
BUG/MINORsslfix build on development versions of openssl-1.1.x
CLEANUPmux-h1Fix comments and error messages for global options
BUG/MEDIUMwdtdon't trigger the watchdog when p is unitialized
BUG/MINORserverMake SRV_STATE_LINE_MAXLEN value from 512 to 2kB (2000 bytes).
DOCfix typo ant for and in INSTALL
BUG/MINORmap/climake sure patterns don't vanish under show map's init
BUG/MINORmap/cliprotect the backref list during show map errors
BUG/MEDIUMclimake show cli sockets really yield
BUG/MINORmux-h2mark the stream as open before processing it not after
SCRIPTSannounce-releaseadd URL of dev packages
CIgithub actions: update LibreSSL to 3.5.2
BUILDsockpairdo not set unused flag
BUILDproto_uxstdo not set unused flag
BUG/MINORpoolsmake sure to also destroy shared pools in pool_destroy_all()
REGTESTSfix the race conditions in be2dec.vtc ad field.vtc
DOCremove my name from the config doc
BUG/MINORcacheDisable cache if applet creation fails
SCRIPTSannounce-releaseadd shortened links to pending issues
DOCluaupdate a few doc URLs
SCRIPTSannounce-releaseupdate the doc's URL
BUG/MEDIUMcompressionDon't forget to update htx_sl and http_msg flags
BUG/MEDIUMmux-h1Don't request more room on partial trailers
BUG/MINORmux-h2use timeout http-request as a fallback for http-keep-alive
BUG/MINORmux-h2do not use timeout http-keep-alive on backend side
BUG/MINORcachedo not display expired entries in show cache
BUG/MINORmux-h2do not send GOAWAY if SETTINGS were not sent
CIUpdate to actions/cache@v3
CIUpdate to actions/checkout@v3
BUG/MEDIUMhttp-actDon't replace URI if path is not found or invalid
BUG/MAJORmux_ptalways report the connection error to the conn_stream
DOCreflect H2 timeout changes
BUG/MEDIUMmux-h2make use of http-request and keep-alive timeouts
MEDIUMmux-h2slightly relax timeout management rules
BUG/MEDIUMstream-intdo not rely on the connection error once established
BUG/MINORtoolsurl2sa reads too far when no port nor path
BUG/MEDIUMmux-h1only turn CO_FL_ERROR to CS_FL_ERROR with empty ibuf
CIgithub actions: switch to LibreSSL-3.5.1
BUILDdnsfix backport of previous dns fix
BUG/MAJORdnsmulti-thread concurrency issue on UDP socket

#2022/05/03 : 2.0r1 (1.0.0-241.1393)

#2022/04/11 : 2.0r1 (1.0.0-240.1393)

#2022/03/29 : 2.0r1 (1.0.0-240.1392)

HAPEEupdate backported HAPEE patches
BUG/MEDIUMmux-fcgiProperly handle return value of headers/trailers parsing
DOCFix usage/examples of deprecated ACLs
BUG/MINORstreammake the call_rate only count the no-progress calls
DOCuse the req.ssl_sni in examples
DOCsslreq_ssl_sni needs implicit TLS
BUG/MAJORmux-ptAlways destroy the backend connection on detach
BUG/MEDIUMmcliProperly handle errors and timeouts during reponse processing
DEBUGcacheUpdate underlying buffer when loading HTX message in cache applet
BUG/MINORpromexSet conn-stream/channel EOI flags at the end of request
BUG/MINORcacheSet conn-stream/channel EOI flags at the end of request
BUG/MINORstatsSet conn-stream/channel EOI flags at the end of request
BUG/MINORhluaSet conn-stream/channel EOI flags at the end of request
BUG/MINORclishows correct mode in show sess

#2022/03/25 : 2.0r1 (1.0.0-239.1378)

BUG/MINORtoolsfix url2sa return value with IPv4

#2022/03/17 : 2.0r1 (1.0.0-239.1377)

#2022/03/01 : 2.0r1 (1.0.0-238.1377)

BUG/MAJORschedprevent rare concurrent wakeup of multi-threaded tasks
CLEANUPatomicadd a fetch-and-xxx variant for common operations
CIgithub actions: use cache for SSL libs
CIgithub actions: add the output of $CC -dM -E-
BUG/MEDIUMstreamAbort processing if response buffer allocation fails
BUG/MAJORmux-h2Be sure to always report HTX parsing error to the app layer
BUG/MEDIUMmux-h1Don't wake h1s if mux is blocked on lack of output buffer
BUG/MINORtoolsurl2sa reads ipv4 too far
BUG/MINORmailersnegotiate SMTP, not ESMTP
CIsslkeep the old method for ancient OpenSSL versions
CIssldo not needlessly build the OpenSSL docs
CIsslenable parallel builds for OpenSSL on Linux
BUG/MEDIUMresolversReally ignore trailing dot in domain names
BUG/MINORmworkerfix a FD leak of a sockpair upon a failed reload
BUG/MEDIUMmworkerclose unused transferred FDs on load failure
MINORsockmove the unused socket cleaning code into its own function
BUG/MAJORspoeproperly detach all agents when releasing the applet
BUG/MAJORhttp/htxprevent unbounded loop in http_manage_server_side_cookies
BUG/MINORmworkerdoes not erase the pidfile upon reload
BUG/MEDIUMmworkerdon't lose the stats socket on failed reload
BUG/MEDIUMmclialways realign wrapping buffers before parsing them
BUG/MEDIUMmclido not try to parse empty buffers
BUG/MINORcliavoid O(bufsize) parsing cost on pipelined commands
MINORchanneladd new function co_getdelim() to support multiple delimiters
MEDIUMcliyield between each pipelined command

#2022/02/25 : 2.0r1 (1.0.0-238.1352)

BUG/MEDIUMhtxAdjust length to add DATA block in an empty HTX buffer
BUG/MEDIUMcliNever wait for more data on client shutdown
BUILD/MINORfix solaris build with clang.
BUG/MEDIUMmworkerdon't use _getsocks in wait mode
BUG/MEDIUMhttp-anaPreserve response's FLT_END analyser on L7 retry
BUG/MINORclifix _getsocks with musl libc
CLEANUPsslmake ssl_sock_free_srv_ctx() zero the pointers after free
BUILDmakefileadd -Wno-atomic-alignment to work around clang abusive warning
DOCfix misspelled keyword resolve_retries in resolvers
BUILDsslunbreak the build with newer libressl
BUILDcliclear a maybe-unused warning on some older compilers

#2022/01/19 : 2.0r1 (1.0.0-238.1341)

BUG/MINORhttpfix recent regression on authorization in legacy mode

#2022/01/13 : 2.0r1 (1.0.0-238.1340)

BUG/MINORbackendrestore the SF_SRV_REUSED flag original purpose
BUG/MINORbackenddo not set sni on connection reuse
BUG/MEDIUMmworker/clicrash when trying to access an old PID in prompt mode
DOCconfigSpecify %Ta is only available in HTTP mode
DOCspoeClarify use of the event directive in spoe-message section
MINORsslmake tlskeys_list_get_next() take a list element
CLEANUPsslRemove useless local variable in tlskeys_list_get_next()
CLEANUPsslRemove useless loop in tlskeys_list_get_next()
BUG/MEDIUMcliProperly set stream analyzers to process one command at a time
MINORclishow version displays the current process version
BUILDgeneralalways pass unsigned chars to is* functions
CLEANUPpeersRemove unused static function `free_dcache_tx`
CLEANUPpeersRemove unused static function `free_dcache`
REGTESTSmark the abns test as broken again
BUILDscripts/build-ssl.shuse uname instead of ${TRAVIS_OS_NAME}
BUILDmakefileadd entries to build common debugging tools
CIGithub Actions: temporarily disable BoringSSL builds
CIGithub Actions: switch to LibreSSL-3.3.3
CIgithub actions: update LibreSSL to 3.2.5
CIgithub actions: switch to stable LibreSSL release
CIFix the coverity builds
CIFix DEBUG_STRICT definition for Coverity
CIPin VTest to a known good commit
CIgithub actions: build several popular contrib tools
CIGitHub Actions: enable daily Coverity scan
CIgithub actions: enable 51degrees feature
CIgithub actions: update LibreSSL to 3.3.0
CIClean up Windows CI
CIPass the github.event_name to matrix.py
CIGithub Action: run apt-get update before packages restore
CIGithub Actions: enable BoringSSL builds
CIGithub Actions: remove LibreSSL-3.0.2 builds
CIGithub Actions: enable prometheus exporter
CIStop hijacking the hosts file
CIExpand use of GitHub Actions for CI

#2021/12/03 : 2.0r1 (1.0.0-238.1303)

BUG/MEDIUMsslabort with the correct SSL error when SNI not found
BUG/MINORshctxdo not look for available blocks when the first one is enough
BUG/MEDIUMshctxleave the block allocator when enough blocks are found
BUG/MEDIUMmux-h2always process a pending shut read
BUG/MEDIUMsslbackend TLS resumption with sni and TLSv1.3
CLEANUPsslRelease cached SSL sessions on deinit
MINORmux-h2perform a full cycle shutdown+drain on close
MINORconnectionadd a new CO_FL_WANT_DRAIN flag to force drain on close
BUG/MINORstick-table/cliCheck for invalid ipv6 key
BUG/MEDIUMconnectionmake cs_shutr/cs_shutw//cs_close() idempotent
BUG/MINORmux-h2Fix H2_CF_DEM_SHORT_READ value
BUG/MINORmworkerdoesn't launch the program postparser
BUG/MEDIUMconn-streamDon't reset CS flags on close
BUG/MINORhttp-anaApply stop to the current section for http-response rules
DOCconfigFix typo in ssl_fc_unique_id description
BUG/MEDIUMmux-h1Fix H1C_F_ST_SILENT_SHUT value
BUG/MEDIUMstream-intDefrag HTX message in si_cs_recv() if necessary
MINORhtxAdd a function to know if the free space wraps
MINORhtxAdd an HTX flag to know when a message is fragmented

#2021/12/02 : 2.0r1 (1.0.0-238.1284)

MEDIUMactionsFix block ACL.
BUG/MINORtcpcheckImprove LDAP response parsing to fix LDAP check
MINORstreamImprove dump of bogus streams
DOCconfigFix alphabetical order of fc_* samples
BUG/MINORhttpAuthorization value can have multiple spaces after the scheme
BUG/MEDIUMhttp-anaDrain request data waiting the tarpit timeout expiration
CLEANUPresolversreplace all LIST_DELETE with LIST_DEL_INIT
CLEANUPalways initialize the answer_list
CLEANUPresolversdo not export resolv_purge_resolution_answer_records()
BUG/MEDIUMmux-h1Perform a connection shutdown when the h1c is released
BUG/MINORmux-h1Save shutdown mode if the shutdown is delayed
BUG/MINORmux-h2do not prevent from sending a final GOAWAY frame
BUG/MEDIUMresolversalways check a valid item in query_list
BUILDresolversavoid a possible warning on null-deref
MINORresolversmerge address and target into a union data
BUG/MEDIUMresolversuse correct storage for the target address
BUG/MEDIUMresolversfix truncated TLD consecutive to the API fix
MINORresolversfix the resolv_dn_label_to_str() API about trailing zero
BUG/MINORresolversdo not reject host names of length 255 in SRV records
BUG/MEDIUMresolvermake sure to always use the correct hostname length
MINORresolversfix the resolv_str_to_dn_label() API about trailing zero
BUG/MEDIUMsampleproperly verify that variables cast to sample
MINORsampleprovide a generic var-to-sample conversion function
CLEANUPsampleuninline sample_conv_var2smp_str()
CLEANUPsamplerename sample_conv_var2smp() to *_sint
BUG/MEDIUMstreamKeep FLT_END analyzers if a stream detects a channel error
BUG/MEDIUMmux_h2Handle others remaining read0 cases on partial frames
BUG/MEDIUMhttp-anaClear request analyzers when applying redirect rule
BUG/MEDIUMfiltersFix a typo when a filter is attached blocking the release
BUG/MINORfiltersSet right FLT_END analyser depending on channel
BUG/MINORfiltersAlways set FLT_END analyser when CF_FLT_ANALYZE flag is set
BUG/MEDIUMhttp-anaReset channels analysers when returning an error
BUG/MINORstreamDon't release a stream if FLT_END is still registered
BUG/MINORtcp-rulesStop content rules eval on read error and end-of-input
BUG/MAJORluause task_wakeup() to properly run a task once
BUG/MEDIUMluafix wakeup condition from sleep()
DOCpeersfix doc enable statement on peers sections
BUG/MINORmux-h1/mux-fcgiSanitize TE header to only send trailers
BUG/MEDIUMstreamStop waiting for more data if SI is blocked on RXBLK_ROOM
BUG/MEDIUMstream-intNotify stream that the mux wants more room to xfer data
BUG/MEDIUMmux-h1Adjust conditions to ask more space in the channel buffer
BUG/MINORserverallow 'enable health' only if check configured
BUG/MEDIUMstream-intDon't block SI on a channel policy if EOI is reached
BUILDhapee/modulesselect either md5 or md5sum

#2021/09/20 : 2.0r1 (1.0.0-236.1239)

MINORhapeeUpdate the list of dropped/hapee patches
BUG/MINORstatsfix the POST requests processing in legacy mode
BUG/MEDIUMhttpcheck for a channel pending data before waiting
BUG/MINORcli/payloaddo not search for args inside payload
BUG/MINORcompatmake sure __WORDSIZE is always defined
BUG/MINORsystemdExecStartPre must use -Ws
REGTESTSmark http_abortonclose as broken
MINORactionUse a generic function to check validity of an action rule list

#2021/09/07 : 2.0r1 (1.0.0-236.1230)

#2021/09/03 : 2.0r1 (1.0.0-235.1230)

BUG/MAJORhtxfix missing header name length check in htx_add_header/trailer
CLEANUPhtxremove comments about "must be < 256 MB"
BUG/MINORconfigreject configs using HTTP with bufsize >= 256 MB
DOCconfigurationremove wrong tcp-request examples in tcp-response
CLEANUPAdd missing include guard to signal.h
BUG/MINORtoolsFix loop condition in dump_text()
BUG/MINORebtreeremove dependency on incorrect macro for bits per long
BUG/MINORluause strlcpy2() not strncpy() to copy sample keywords
MINORcompilerimplement an ONLY_ONCE() macro
BUG/MEDIUMbase64check output boundaries within base64{dec,urldec}
REGTESTSabortoncloseafter retries, 503 is expected, not close
BUG/MEDIUMsockreally fix detection of early connection failures in for 2.3-
DOC/MINORfix typo in management document
MINORmux-h1/proxyAdd a proxy option to disable clear h2 upgrade

#2021/08/13 : 2.0r1 (1.0.0-234.1215)

REGTESTSadd a test to prevent h2 desync attacks
BUG/MAJORh2enforce checks on the method syntax before translating to HTX

#2021/08/13 : 2.0r1 (1.0.0-234.1213)

DOCconfigFix 'http-response send-spoe-group' documentation
DOCImprove the lua documentation
BUG/MEDIUMspoeFix policy to close applets when SPOE connections are queued
BUG/MEDIUMspoeCreate a SPOE applet if necessary when the last one is released
MINORspoeAdd a pointer on the filter config in the spoe_agent structure
BUG/MINORserverupdate last_change on maint->ready transitions too
BUG/MINORconnectionAdd missing error labels to conn_err_code_str
BUG/MEDIUMmux-h2Handle remaining read0 cases on partial frames
BUG/MINORmux-h2Obey dontlognull option during the preface
BUG/MINORsystemdmust check the configuration using -Ws
BUG/MINORmworkerdo not export HAPROXY_MWORKER_REEXEC across programs
BUG/MEDIUMmworkerdo not register an exit handler if exit is expected
BUILDadd detection of missing important CFLAGS
BUG/MEDIUMtcp-checkDo not dereference inexisting connection
BUG/MINORserverForbid to set fqdn on the CLI if SRV resolution is enabled
BUG/MINORserver-stateload SRV resolution only if params match the config

#2021/07/09 : 2.0r1 (1.0.0-232.1197)

CLEANUPpoolsremove now unused seq and pool_free_list
BUG/MAJORpoolsfix possible race with free() in the lockless variant
MEDIUMpoolsuse a single pool_gc() function for locked and lockless
MEDIUMmemorymake pool_gc() run under thread isolation
BUG/MEDIUMpoolsAlways update free_list in pool_gc().
MINORpoolsdo not maintain the lock during pool_flush()
BUG/MINORpoolsfix a possible memory leak in the lockless pool_flush()
MINORpools/debugslightly relax DEBUG_DONT_SHARE_POOLS
BUG/MINORpeersfix data_type bit computation more than 32 data_types
MINORresolversReset server IP on error in resolv_get_ip_from_response()
BUG/MINORresolversReset server IP when no ip is found in the response
DOCconfiguse CREATE USER for mysql-check
DOCpeersfix the protocol tag name in the doc
DOCstick-tableadd missing documentation about gpt0 stored type
BUG/MINORstick-tablefix several printf sign errors dumping tables
BUG/MINORclifix server name output in show fd
BUG/MEDIUMsockmake sure to never miss early connection failures
BUG/MINORserver/cliFix locking in function processing set server command
BUG/MEDIUMserver/cliFix ABBA deadlock when fqdn is set from the CLI
BUG/MINORresolversanswser item list was randomly purged or errors
DOCconfigAdd missing actions in tcp-request session documentation
MINORtcp-actAdd set-src/set-src-port for tcp-request content rules
BUG/MAJORserverfix deadlock when changing maxconn via agent-check

#2021/06/28 : 2.0r1 (1.0.0-232.1173)

BUG/MEDIUMspoeRegister pre/post analyzers in start_analyze callback function

#2021/06/18 : 2.0r1 (1.0.0-232.1172)

MINORhapeeUpdate the list of backported/hapee patches
BUG/MINORmux-fcgiExpose SERVER_SOFTWARE parameter by default
BUG/MEDIUMdnssend messages on closed/reused fd if fd was detected broken
MINORmux-h2obey http-ignore-probes during the preface
BUG/MAJORqueueset SF_ASSIGNED when setting strm->target on dequeue
BUG/MINORmworkerfix typo in chroot error message
BUG/MINORssluse atomic ops to update global shctx stats
BUG/MEDIUMshctxuse at least thread-based locking on USE_PRIVATE_CACHE
BUG/MINORstick-tableinsert srv in used_name tree even with fixed id
DOCluaAdd a warning about buffers modification in HTTP
BUG/MAJORhtxFix htx_defrag() when an HTX block is expanded

#2021/06/17 : 2.0r1 (1.0.0-232.1161)

BUG/MEDIUMdnsreset file descriptor if send returns an error
BUG/MEDIUMcompressionAdd a flag to know the filter is still processing data
BUG/MINORsslOCSP stapling does not work if expire too far in the future
BUG/MINORproxyMissing calloc return value check in chash_init_server_tree
BUG/MINORhttpMissing calloc return value check in make_arg_list
BUG/MINORhttpMissing calloc return value check while parsing redirect rule
BUG/MINORworkerMissing calloc return value check in mworker_env_to_proc_list
BUG/MINORcompressionMissing calloc return value check in comp_append_type/algo
BUG/MINORhttpMissing calloc return value check while parsing tcp-request rule
BUG/MINORhttpMissing calloc return value check while parsing tcp-request/tcp-response
BUG/MINORproxyMissing calloc return value check in proxy_defproxy_cpy
BUG/MINORproxyMissing calloc return value check in proxy_parse_declare
BUG/MINORhttpMissing calloc return value check in parse_http_req_capture
BUG/MINORsslMissing calloc return value check in ssl_init_single_engine
BUG/MINORpeersMissing calloc return value check in peers_register_table
BUG/MINORserverMissing calloc return value check in srv_parse_source
BUG/MINORhttp-anaHandle L7 retries on refused early data before K/A aborts
BUG/MINORhttp-compPreserve HTTP_MSGF_COMPRESSIONG flag on the response
BUG/MEDIUMfiltersExec pre/post analysers only one time per filter
BUG/MAJORserverprevent deadlock when using 'set maxconn server'
BUG/MEDIUMebtreeInvalid read when looking for dup entry
REGTESTSAdd script to test abortonclose option
MEDIUMmux-h1Don't block reads when waiting for the other side
BUG/MINORstream-intDon't block reads in si_update_rx() if chn may receive
MINORchannelRely on HTX version if appropriate in channel_may_recv()
BUG/MINORhttp_fetchfix possible uninit sockaddr in fetch_url_ip/port
BUG/MINORstreamReset stream final state and si error type on L7 retry
BUG/MINORstreamproperly clear the previous error mask on L7 retries
BUG/MINORstreamDecrement server current session counter on L7 retry
BUG/MEDIUMcliprevent memory leak on write errors
BUG/MINORhluaDon't rely on top of the stack when using Lua buffers
MINORhluaAdd error message relative to the Channel manipulation and HTTP mode

#2021/04/29 : 2.0r1 (1.0.0-232.1129)

MINORpeersadd informative flags about resync process for debugging
BUG/MEDIUMpeersreset tables stage flags stages on new conns
BUG/MEDIUMpeersre-work updates lookup during the sync on the fly
BUG/MEDIUMpeersreset commitupdate value in new conns
BUG/MEDIUMpeersreset starting point if peers appears longly disconnected
BUG/MEDIUMpeersstop considering ack messages teaching a full resync
BUG/MEDIUMpeersregister last acked value as origin receiving a resync req
BUG/MEDIUMpeersinitialize resync timer to get an initial full resync
BUG/MINORappletNotify the other side if data were consumed by an applet
BUG/MINORhtxPreserve HTX flags when draining data from an HTX message
BUG/MEDIUMpeersre-work refcnt on table to protect against flush
BUG/MEDIUMpeersre-work connection to new process during reload.
BUG/MINORpeersremove useless table check if initial resync is finished
BUG/MEDIUMmux-h2Properly handle shutdowns when received with data
BUG/MINORmworkerdon't use oldpids[] anymore for reload
BUG/MINORmworker/initdon't reset nb_oldpids in non-mworker cases
BUG/MEDIUMconfigfix cpu-map notation with both process and threads
BUG/MEDIUMmux-h2Fix dfl calculation when merging CONTINUATION frames
BUG/MAJORmux-h2Properly detect too large frames when decoding headers
BUG/MINORserverfree srv.lb_nodes in free_server
BUG/MINORmux-h1Release idle server H1 connection if data are received
BUG/MINORlogsReport the true number of retries if there was no connection
BUG/MINORhttp_htxRemove BUG_ON() from http_get_stline() function
BUG/MINORhttp-fetchMake method smp safe if headers were already forwarded
BUG/MEDIUMthreadsIgnore current thread to end its harmless period
BUG/MEDIUMsampleFix adjusting size in field converter
DOCclarify that compression works for HTTP/2
BUG/MINORtoolsfix parsing us unit for timers
DOCExplicitly state only IPv4 are supported by forwardfor/originalto options
BUG/MEDIUMresolversDon't release resolution from a requester callbacks
MINORresolversDirectly call srvrq_update_srv_state() when possible
MINORresolversAdd function to change the srv status based on SRV resolution
MINORresolversPurge answer items when a SRV resolution triggers an error
MINORresolversUse a function to remove answers attached to a resolution
BUG/MINORresolversUnlink DNS resolution to set RMAINT on SRV resolution
BUG/MAJORdnsdisabled servers through SRV records never recover
BUG/MAJORdnsfix null pointer dereference in snr_update_srv_status

#2021/04/02 : 2.0r1 (1.0.0-232.1092)

BUG/MINORhttp_fetchmake hdr_ip() resistant to empty fields
BUILDtcpuse IPPROTO_IPV6 instead of SOL_IPV6 on FreeBSD/MacOS
BUG/MINORtcpfix silent-drop workaround for IPv6
BUG/MINORstatsApply proper styles in HTML status page.
BUG/MEDIUMmux-h1make h1_shutw_conn() idempotent
BUG/MINORhttp_fetchmake hdr_ip() reject trailing characters
MINORtoolsmake url2ipv4 return the exact number of bytes parsed
BUG/MEDIUMthreadFix a deadlock if an isolated thread is marked as harmless
BUG/MEDIUMtimemake sure to always initialize the global tick

#2021/03/24 : 2.0r1 (1.0.0-231.1083)

BUG/MEDIUMluaAlways init the lua stack before referencing the context
BUG/MEDIUMdebug/luaUse internal hlua function to dump the lua traceback
MINORluaSlightly improve function dumping the lua traceback
MINOR/BUGmworker/clido not use the unix_bind prefix for the master CLI socket
BUG/MEDIUMfreq_ctr/threadsuse the global_now_ms variable
MINORtimealso provide a global, monotonic global_now_ms timer

#2021/03/18 : 2.0r1 (1.0.0-231.1077)

MINORhapeeUpdate the list of backported/hapee patches
BUG/MEDIUMmux-fcgiDon't handle pending read0 too early on streams
BUG/MINORssl/clipotential null pointer dereference in set ssl cert
BUG/MINORfreq_ctr/threadsmake use of the last updated global time
MINORtimeexport the global_now variable
BUG/MINORresolversAdd missing case-insensitive comparisons of DNS hostnames
BUG/MINORresolversReset server address on DNS error only on status change
BUG/MINORresolversConsider server to have no IP on DNS resolution error
CLEANUPtcp-rulesadd missing actions in the tcp-request error message
BUG/MINORsessionAdd some forgotten tests on session's listener
BUG/MINORproxy/sessionBe sure to have a listener to increment its counters
BUG/MEDIUMfiltersSet CF_FL_ANALYZE on channels when filters are attached
BUG/MEDIUMsessionNULL dereference possible when accessing the listener
BUG/MINORssldon't truncate the file descriptor to 16 bits in debug mode
BUG/MINORhluaDon't strip last non-LWS char in hlua_pushstrippedstring()
BUG/MEDIUMdnsConsider the fact that dns answers are case-insensitive
BUG/MINORhttp-anaDon't increment HTTP error counter on read error/timeout
DOCspoeAdd a note about fragmentation support in HAProxy
BUG/MEDIUMspoeKill applets if there are pending connections and nbthread > 1
BUG/MINORconnectionUse the client's dst family for adressless servers
BUG/MINORtcp-actDon't forget to set the original port for IPv4 set-dst rule
BUG/MINORhttp-anaOnly consider dst address to process originalto option
BUG/MINORmux-h1Immediately report H1C errors from h1_snd_buf()
BUG/MEDIUMresolversReset address for unresolved servers
BUG/MEDIUMresolversReset server address and port for obselete SRV records
BUG/MINORresolversnew callback to properly handle SRV record errors
BUG/MINORproxywake up all threads when sending the hard-stop signal
BUG/MEDIUMcli/shutdown sessions: make it thread-safe
BUG/MEDIUMproxyuse thread-safe stream killing on hard-stop
BUG/MEDIUMvarsmake functions vars_get_by_{name,desc} thread-safe
BUG/MINORsamplesecure convs that accept base64 string and var name as args
BUG/MEDIUMmux-h1Fix handling of responses to CONNECT other than 200-ok
BUG/MINORserverBe sure to cut the last parsed field of a server-state line
BUG/MINORserverInit params before parsing a new server-state line
BUG/MINORsampleAlways consider zero size string samples as unsafe
BUG/MINORchecksproperly handle wrapping time in __health_adjust()
BUG/MINORsessionatomically increment the tracked sessions counter
BUG/MINORserverRemove RMAINT from admin state when loading server state
CLEANUPchannelfix comment in ci_putblk.
BUG/MINORserverDon't call fopen() with server-state filepath set to NULL
BUG/MINORcfgparsedo not mention addr:port as supported on proxy lines
BUG/MEDIUMconfigdon't pick unset values from last defaults section
CLEANUPdeinitrelease global and per-proxy server-state variables on deinit
BUG/MINORserverFix server-state-file-name directive
BUG/MINORbackendhold correctly lock when killing idle conn
BUG/MINORtoolsFix a memory leak on error path in parse_dotted_uints()
BUG/MINORserverre-align state file fields number
BUG/MEDIUMmux-h1Always set CS_FL_EOI for response in MSG_DONE state

#2021/03/16 : 2.0r1 (1.0.0-231.1029)

#2021/02/12 : 2.0r1 (1.0.0-229.1029)

BUG/MEDIUMmux-h2Be sure to enter in demux loop even if dbuf is empty

#2021/02/05 : 2.0r1 (1.0.0-229.1028)

BUG/MEDIUMmux-h2do not quit the demux loop before setting END_REACHED
BUG/MEDIUMmux-h2handle remaining read0 cases
BUILDMakefilemove REGTESTST_TYPE default setting
MINORhapeeUpdate the list of backported/hapee patches
BUG/MEDIUMssl/cliabort ssl cert is freeing the old store
BUG/MINORsslinit tmp chunk correctly in ssl_sock_load_sctl_from_file()
BUG/MINORxxhashmake sure armv6 uses memcpy()
BUG/MEDIUMsslcheck a connection's status before computing a handshake
BUG/MINORstick-tableAlways call smp_fetch_src() with a valid arg list
DOCmanagementfix show resolvers alphabetical ordering
BUG/MINORconfigfix leak on proxy.conn_src.bind_hdr_name

#2021/02/01 : 2.0r1 (1.0.0-228.1017)

BUG/MEDIUMfilters/htxFix data forwarding when payload length is unknown

#2021/01/28 : 2.0r1 (1.0.0-228.1016)

BUG/MEDIUMstatsadd missing INF_BUILD_INFO definition
BUILD/MINORluadefine _GNU_SOURCE for LLONG_MAX
BUG/MEDIUMmux-h2fix read0 handling on partial frames
BUG/MINORmworkerdefine _GNU_SOURCE for strsignal()
BUG/MINORpeersWrong new_conn value for show peers CLI command.
BUG/MINORinitUse a dynamic buffer to set HAPROXY_CFGFILES env variable
BUG/MINORsampleMemory leak of sample_expr structure in case of error
BUG/MINORsamplecheck alloc_trash_chunk return value in concat()

#2021/01/08 : 2.0r1 (1.0.0-228.1008)

BUG/MINORsamplefix concat() converter's corruption with non-string variables
DOCAdd maintainers for the Prometheus exporter
SCRIPTSannounce-releasefix typo in help message
DOCfix some spelling issues over multiple files
MINORcontrib/prometheus-exporterexport build_info
BUILDMakefileexclude broken tests by default
BUG/MINORsrvdo not init address if backend is disabled
SCRIPTSmake announce release support preparing announces before tag exists
SCRIPTSimprove announce-release to support different tag and versions
BUG/MINORcfgparseFail if the strdup() for `rule->be.name` for `use_backend` fails
MINORatomicdon't use ; to separate instruction on aarch64.
BUILDhpackhpack-tbl-t.h uses VAR_ARRAY but does not include compiler.h
BUILDplockremove dead code that causes a warning in gcc 11
CONTRIBhalogfix signed/unsigned build warnings on counts and timestamps
CONTRIBhalogmark the has_zero* functions unused
CONTRIBhalogfix build issue caused by %L printf format
BUG/MEDIUMhttp-anaNever for sending data in TUNNEL mode
BUG/MINORmux-h1Don't set CS_FL_EOI too early for protocol upgrade requests
BUILDMakefilehave make clean destroy .o/.a/.s in contrib subdirs as well
REGTESTSmake use of HAPROXY_ARGS and pass -dM by default
CLEANUPcontrib/prometheus-exportertypo fixes for ssl reuse metric

#2020/12/14 : 2.0r1 (1.0.0-227.987)

CLEANUPluaRemove declaration of an inexistant function
BUG/MEDIUMlb-leastconnReposition a server using the right eweight
BUG/MINORtoolsReject size format not starting by a digit
BUG/MINORtoolsmake parse_time_err() more strict on the timer validity
DOCemail change of the DeviceAtlas maintainer
BUG/MEDIUMspoa/pythonFixing references to None
BUG/MEDIUMspoa/pythonFixing PyObject_Call positional arguments
BUG/MINORspoa/pythonCleanup ipaddress objects if initialization fails
BUG/MINORspoa/pythonCleanup references for failed Module Addobject operations
DOCspoa/pythonFixing typos in comments
DOCspoa/pythonRephrasing memory related error messages
DOCspoa/pythonFixing typo in IP related error messages
BUG/MAJORspoa/pythonFixing return None
DOC/MINORFix formatting in Management Guide
BUG/MINORluawarn when registering action, conv, sf, cli or applet multiple times
MINORcliadd a function to look up a CLI service description
MINORactionsadd a function returning a service pointer from its name
MINORactionsExport actions lookup functions
BUG/MINORluaSome lua init operation are processed unsafe
BUG/MINORluaPost init register function are not executed beyond the first one
BUG/MINORlualua-load doesn't check its parameters
MINORplockuse an ARMv8 instruction barrier for the pause instruction
DOCconfigMove req.hdrs and req.hdrs_bin in L7 samples fetches section
BUG/MAJORpeersfix partial message decoding

#2020/11/24 : 2.0r1 (1.0.0-226.963)

BUG/MAJORfiltersAlways keep all offsets up to date during data filtering

#2020/11/18 : 2.0r1 (1.0.0-226.962)

BUG/MINORhttp-anaDon't wait for the body of CONNECT requests
BUG/MEDIUMfiltersForward all filtered data at the end of http filtering
BUILDhttp-htxfix build warning regarding long type in printf
MINORcfgparsetighten the scope of newnameserver variable, free it on error.
MINORspoeDon't close connection in sync mode on processing timeout
BUG/MAJORspoeBe sure to remove all references on a released spoe applet
BUG/MINORhttp-fetchFix calls w/o parentheses of the cookie sample fetches
BUG/MINORhttp-fetchExtract cookie value even when no cookie name
BUG/MEDIUMpeersfix decoding of multi-byte length in stick-table messages
BUG/MINORpeersMissing TX cache entries reset.
BUG/MINORpeersDo not ignore a protocol error for dictionary entries.
BUG/MINORluaset buffer size during map lookups
BUG/MINORpatterna sample marked as const could be written
BUG/MINORhttp-htxJust warn if payload of an errorfile doesn't match the C-L
MINORhttp-htxAdd understandable errors for the errorfiles parsing

#2020/11/04 : 2.0r1 (1.0.0-225.947)

BUG/MEDIUMsslOCSP must work with BoringSSL
BUG/MEDIUMstick-tablelimit the time spent purging old entries
BUG/MINORfiltersSkip disabled proxies during startup only
BUG/MEDIUMmux-ptRelease the tasklet during an HTTP upgrade
MINORserverCopy configuration file and line for server templates
BUG/MINORserverSet server without addr but with dns in RMAINT on startup
BUG/MEDIUMfiltersDon't try to init filters for disabled proxies
BUG/MINORcacheInverted variables in http_calc_maxage function
BUG/MINORluainitialize sample before using it
BUG/MINORserverfix down_time report for stats
BUG/MINORserverfix srv downtime calcul on starting
BUG/MINORlogfix memory leak on logsrv parse error
BUG/MINORextcheckadd missing checks on extchk_setenv()
BUG/MAJORmux-h2Don't try to send data if we know it is no longer possible
BUG/MINORhttp-anaDon't send payload for internal responses to HEAD requests
BUG/MEDIUMserversupport changing the slowstart value from state-file
BUG/MINORqueueproperly report redistributed connections

#2020/10/19 : 2.0r1 (1.0.0-225.930)

MINORhapeeUpdate the list of backported/hapee patches
MINORbackendAdd sample fetches to get the server's weight
BUG/MINORpeersPossible unexpected peer seesion reset after collisions.
BUG/MEDIUMlbAlways lock the server when calling server_{take,drop}_conn
BUG/MEDIUMmux-h1Get the session from the H1S when capturing bad messages
BUG/MEDIUMspoeUnset variable instead of set it if no data provided
BUG/MEDIUMtaskbound the number of tasks picked from the wait queue at once
MINORfdreport an error message when failing initial allocations
BUG/MINORmux-h2do not stop outgoing connections on stopping
BUG/MINORinitonly keep rlim_fd_cur if max is unlimited
BUG/MEDIUMh1Always try to receive more in h1_rcv_buf().
BUG/MINORhttp-htxExpect no body for 204/304 internal HTTP responses
BUG/MEDIUMmux-h2Don't handle pending read0 too early on streams

#2020/10/08 : 2.0r1 (1.0.0-224.917)

MINORhapeeUpdate the list of backported patches
MINORsslreach a ckch_store from a sni_ctx
BUG/MEDIUMsslcrt-list negative filters don't work
BUG/MINORmux-h1Always set the session on frontend h1 stream
BUG/MINORpeersInconsistency when dumping peer status codes.
MINORhluaDisplay debug messages on stderr only in debug mode
BUG/MINORstatsfix validity of the json schema
MINORcountersfix a typo in comment
BUG/MEDIUMqueuemake pendconn_cond_unlink() really thread-safe
BUG/MINORFix several leaks of 'log_tag' in init().
BUILDmakefileFix building with closefrom() support enabled
DOCsslcrt-list negative filters are only a hint

#2020/10/02 : 2.0r1 (1.0.0-224.905)

MINORhapeeadd a .hapee directory to list backporting notes
BUG/MINORsslverifyhost is case sensitive
BUG/MEDIUMssldoes not look for all SNIs before chosing a certificate
BUG/MEDIUMsslmemory leak of ocsp data at SSL_CTX_free()
BUG/MINORsslfix memory leak at OCSP loading
BUG/MEDIUMsslcrt-list must continue parsing on ERR_WARN
BUG/MINORsslfix a trash buffer leak in some error cases
BUG/MINORsslmemleak of the struct cert_key_and_chain
BUG/MINORssl/climemory leak in 'set ssl cert'
MINORsslimprove the errors when a crt can't be open
BUG/MINORmux-fcgiDon't url-decode the QUERY_STRING parameter anymore
BUG/MEDIUMfcgi-appfix memory leak in fcgi_flt_http_headers
BUG/MINORmux-fcgiSet flags on the right stream field for empty FCGI_STDOUT
BUG/MINORmux-fcgiSet conn state to RECORD_P when skipping the record padding
BUG/MINORmux-fcgiHandle empty STDERR record
REGTESTmake map_regm_with_backref require 1.7
REGTESTmake abns_socket.vtc require 1.8
REGTESTfix host part in balance-uri-path-only.vtc
REGTESTSadd a few load balancing tests
DOCagent-checkfix typo in fail word expected reply
DOCspoa-serverfix false friends `actually`
BUG/MEDIUMlistenersdo not pause foreign listeners
BUG/MINORconfigFix memory leak on config parse listen
BUG/MINORFix memory leaks cfg_parse_peers
BUG/MEDIUMh2report frame bits only for handled types
BUG/MINORhttp-fetchDon't set the sample type during the htx prefetch
BUG/MINORserverreport correct error message for invalid port on socks4
BUG/MEDIUMhttp-anaDon't wait to send 1xx responses received from servers

#2020/09/18 : 2.0r1 (1.0.0-224.877)

BUG/MEDIUMpatternRenew the pattern expression revision when it is pruned
BUILDthreadsbetter workaround for late loading of libgcc_s
BUG/MEDIUMmux-h1always apply the timeout on half-closed connections
BUG/MINORauthreport valid crypto(3) support depending on build options
CLEANUPUpdate .gitignore
MINORCommit .gitattributes
BUILDthreadlimit the libgcc_s workaround to glibc only
BUG/MINORthreadswork around a libgcc_s issue with chrooting
BUG/MEDIUMsslcheck OCSP calloc in ssl_sock_load_ocsp()
BUG/MEDIUMdocFix replace-path action description
BUG/MINORstartuphaproxy -s cause 100% cpu
BUG/MEDIUMcontrib/spoa-serverFix ipv4_address used instead of ipv6_address
BUG/MINORcontrib/spoa-serverUpdating references to free in case of failure
BUG/MINORcontrib/spoa-serverDo not free reference to NULL
BUG/MINORcontrib/spoa-serverEnsure ip address references are freed
BUG/MAJORcontrib/spoa-serverFix unhandled python call leading to memory leak
DOCcacheUse '<name>' instead of '<id>' in error message
BUG/MINORreloaddo not fail when no socket is sent

#2020/08/13 : 2.0r1 (1.0.0-224.859)

BUG/MEDIUMhtxsmp_prefetch_htx() must always validate the direction
BUG/MINORstatsuse strncmp() instead of memcmp() on health states
BUG/MINORsnapshotsleak of snapshots on deinit()
BUG/MINORluaCheck argument type to convert it to IP mask in arg validation
BUG/MINORluaCheck argument type to convert it to IPv4/IPv6 arg validation
BUG/MEDIUMmap/luaReturn an error if a map is loaded during runtime
BUG/MEDIUMmux-h1Refresh H1 connection timeout after a synchronous send
BUG/MEDIUMmux-h2Don't fail if nothing is parsed for a legacy chunk response

#2020/07/31 : 2.0r1 (1.0.0-222.851)

SCRIPTSgit-show-backportsemit the shell command to backport a commit
SCRIPTSgit-show-backportsmake -m most only show the left branch
SCRIPTSannounce-releaseadd the link to the wiki in the announce messages
MINORstream-intBe sure to have a mux to do sends and receives
MINORconnectionPreinstall the mux for non-ssl connect
BUG/MINORtcp-rulesSet the inspect-delay when a tcp-response action yields
BUG/MEDIUMdnsDon't yield in do-resolve action on a final evaluation
MEDIUMluaAdd support for the Lua 5.4
BUG/MINORdebugDon't dump the lua stack if it is not initialized
BUG/MEDIUMmux-h1Disable the splicing when nothing is received
BUG/MEDIUMmux-h1Wakeup the H1C in h1_rcv_buf() if more data are expected
BUG/MEDIUMdnsRelease answer items when a DNS resolution is freed
BUG/MAJORdnsMake the do-resolve action thread-safe
BUG/MEDIUMmux-h2Emit an error if the response chunk formatting is incomplete
BUG/MEDIUMresolvefix init resolving for ring and peers section.
BUG/MINORcfgparsedon't increment linenum on incomplete lines
BUILDthreadadd parenthesis around values of locking macros
MINORpoolsincrease MAX_BASE_POOLS to 64
BUG/MINORthreadsDon't forget to init each thread toremove_lock.
REGESTAdd reg tests about error files
BUILDebtreefix build on libmusl after recent introduction of eb_memcmp()
BUG/MEDIUMchannelBe aware of SHUTW_NOW flag when output data are peeked
BUG/MEDIUMlogissue mixing sampled to not sampled log servers.
BUG/MEDIUMmux-h1Continue to process request when switching in tunnel mode
CONTRIBdafix memory leak in dummy function da_atlas_open()
BUG/MINORsampleFree str.area in smp_check_const_meth
BUG/MINORsampleFree str.area in smp_check_const_bool
DOCconfigurationremove obsolete mentions of H2 being converted to HTTP/1.x
BUG/MEDIUMstream-intDisable connection retries on plain HTTP proxy mode
BUG/MAJORstreamMark the server address as unset on new outgoing connection
MINORhttpAdd support for http 413 status
BUG/MINORbackendRemove CO_FL_SESS_IDLE if a client remains on the last server
BUG/MEDIUMconnectionContinue to recv data to a pipe when the FD is not ready
MINORconnectionmove the CO_FL_WAIT_ROOM cleanup to the reader only
BUG/MEDIUMmux-h1Subscribe rather than waking up in h1_rcv_buf()
BUG/MEDIUMmux-h1Disable splicing for the conn-stream if read0 is received
BUG/MINORmux-h1Disable splicing only if input data was processed
BUG/MINORmux-h1Don't read data from a pipe if the mux is unable to receive
BUG/MINORmux-h1Fix the splicing in TUNNEL mode
BUG/MINORhttp_actdon't check capture id in backend (2)
DOCconfigurationfix alphabetical ordering for tune.pool-{high,low}-fd-ratio
DOCconfigurationadd missing index entries for tune.pool-{low,high}-fd-ratio
BUG/MINORproxyalways initialize the trash in show servers state
BUG/MINORproxyfix dump_server_state()'s misuse of the trash
BUG/MEDIUMpatternAdd a trailing \0 to match strings only if possible
DOCssladd allow-0rtt and ciphersuites in crt-list
MINORclimake show sess stop at the last known session
BUG/MEDIUMfetchFix hdr_ip misparsing IPv4 addresses due to missing NUL
REGTESTssladd some ssl_c_* sample fetches test
REGTESTssltests the ssl_f_* sample fetches
MINORspoeDon't systematically create new applets if processing rate is low
BUG/MINORhttp_anaclarify connection pointer check on L7 retry
BUG/MINORspoecorrection of setting bits for analyzer
REGTESTAdd a simple script to tests errorfile directives in proxy sections
BUG/MINORsystemdWait for network to be online
MEDIUMmapmake the clear map operation yield
REGTESThttp-rulestest spaces in ACLs with master CLI
REGTESThttp-rulestest spaces in ACLs
BUG/MINORmworker/clifix semicolon escaping in master CLI
BUG/MINORmworker/clifix the escaping in the master CLI
BUG/MINORcliallow space escaping on the CLI
BUG/MINORspoeadd missing key length check before checking key names
BUG/MEDIUMebtreeuse a byte-per-byte memcmp() to compare memory blocks
BUG/MINORtcp-rulestcp-response must check the buffer's fullness
MINORhttpAdd 404 to http-request deny
MINORhttpAdd 410 to http-request deny
REGTESTSchecksFix tls_health_checks when IPv6 addresses are used
BUG/MINORsslfix ssl-{min,max}-ver with openssl < 1.1.0
REGTESTSAdd missing OPENSSL to REQUIRE_OPTIONS for compression/lua_validation
REGTESTSAdd missing OPENSSL to REQUIRE_OPTIONS for lua/txn_get_priv
BUG/MEDIUMpatternfix thread safety of pattern matching
BUG/MEDIUMlogdon't hold the log lock during writev() on a file descriptor
BUG/MINORmworkerfix a memleak when execvp() failed
BUG/MEDIUMmworkerfix the reload with an -- option
BUG/MINORinit-S can have a parameter starting with a dash
BUG/MINORinit-x can have a parameter starting with a dash
BUG/MEDIUMmworkerfix the copy of options in copy_argv()
BUILDmakefileadjust the sed expression of make help for solaris

#2020/06/30 : 2.0r1 (1.0.0-222.773)

MINORpeersdo not use localpeer as an array anymore
MEDIUMpeersadd the localpeer global option

#2020/06/05 : 2.0r1 (1.0.0-222.771)

BUG/MINORproto-httpFix detection of NTLM for the legacy HTTP version
BUG/MEDIUMlogsfix trailing zeros on log message.
BUG/MINORlogsprevent double line returns in some events.
BUG/MEDIUMcontrib/prometheus-exporterProperly set flags to dump metrics
BUG/MEDIUMhluaLock pattern references to perform set/add/del operations
BUG/MEDIUMluaReset analyse expiration timeout before executing a lua action
BUG/MINORpeersfix internal/network key type mapping.
SCRIPTSpublish-releasepass -n to gzip to remove timestamp
BUG/MINORnameserversfix error handling in parsing of resolv.conf
BUG/MINORluaAdd missing string length for lua sticktable lookup

#2020/05/26 : 2.0r1 (1.0.0-222.760)

BUG/MINORserverFix server_finalize_init() to avoid unused variable
BUG/MINORchecksRespect check-ssl param when a port or an addr is specified
BUG/MINORcacheDon't needlessly test cache keyword in parse_cache_flt()
BUILDselectonly declare existing local labels to appease clang
BUG/MINORsoft-stopalways wake up waiting threads on stopping
BUG/MINORpollersremove uneeded free in global init
BUG/MINORpoolsuse %u not %d to report pool stats in show pools
BUG/MINORcfgparseAbort parsing the current line if an invalid \x sequence is encountered
BUG/MEDIUMhttp_anamake the detection of NTLM variants safer
BUG/MINORhttp-anafix NTLM response parsing again
BUG/MINORconfigMake use_backend and use-server post-parsing less obscur
BUG/MEDIUMluaFix dumping of stick table entries for STD_T_DICT
BUG/MINORthreadsfix multiple use of argument inside HA_ATOMIC_UPDATE_{MIN,MAX}()
BUG/MINORthreadsfix multiple use of argument inside HA_ATOMIC_CAS()
BUG/MINORsampleSet the correct type when a binary is converted to a string
CLEANUPconnectionsalign function declaration
BUG/MEDIUMsslfix the id length check within smp_fetch_ssl_fc_session_id()
BUG/MEDIUMconnectionsforce connections cleanup on server changes
BUG/MEDIUMmux-fcgiCall destroy method with the mux context as argument
BUG/MAJORmux-fcgiStop sending loop if FCGI stream is blocked for any reason
BUG/MEDIUMmux-fcgiFix wrong test on FCGI_CF_KEEP_CONN in fcgi_detach()
BUG/MEDIUMmux_fcgiFree the FCGI connection at the end of fcgi_release()
BUG/MINORmux-fcgiBe sure to have a connection as session's origin to use it
MINORmux-fcgiMake the capture of the path-info optional in pathinfo regex
BUG/MINORmux-fcgiForbid special characters when matching PATH_INFO param

#2020/05/22 : 2.0r1 (1.0.0-222.735)

BUG/MEDIUMringwrite-lock the ring while attaching/detaching
BUG/MAJORstream-intalways detach a faulty endpoint on connect failure
BUG/MEDIUMstreamOnly allow L7 retries when using HTTP.
BUG/MEDIUMstreamsRemove SF_ADDR_SET if we're retrying due to L7 retry.
BUG/MINORchecksRemove a warning about http health checks
BUG/MINORchecksCompute the right HTTP request length for HTTP health checks

#2020/05/12 : 2.0r1 (1.0.0-222.729)

BUG/MEDIUMchecksAlways initialize checks before starting them
BUG/MEDIUMserver/checksInit server check during config validity check
BUG/MEDIUMbackenddon't access a non-existing mux from a previous connection
REGTESTssltest the client certificate authentication
MINORstreamreport the list of active filters on stream crashes
BUG/MEDIUMshctxbound the number of loops that can happen around the lock
BUG/MEDIUMshctxreally check the lock's value while waiting
BUG/MINORdebugproperly use long long instead of long for the thread ID
MINORthreadsexport the POSIX thread ID in panic dumps
BUG/MEDIUMlistenermark the thread as not stuck inside the loop
BUG/MEDIUMsamplemake the CPU and latency sample fetches check for a stream
BUG/MEDIUMhttpthe unique-id sample fetch could crash without a steeam
BUG/MEDIUMhttpthe http_first_req sample fetch could crash without a steeam
BUG/MEDIUMcapturecapture.{req,res}.* crash without a stream
BUG/MEDIUMcapturecapture-req/capture-res converters crash without a stream
BUG/MINORobj_typeHandle stream object in obj_base_ptr() function
BUG/MINORcheckschained expect will not properly wait for enough data
BUG/MINORchecks/serveruse_ssl member must be signed
BUG/MINORchecksRespect the no-check-ssl option
MINORchecksAdd a way to send custom headers and payload during http chekcs
BUG/MINORcheckUpdate server address and port to execute an external check
DOCoption logasap does not depend on mode
BUG/MINORhttpmake url_decode() optionally convert '+' to SP
BUG/MINORtoolsfix the i386 version of the div64_32 function
BUG/MEDIUMhttp-anaHandle NTLM messages correctly.
BUG/MINORssldefault settings for ssl server options are not used
DOCImprove documentation on http-request set-src
DOChashingupdate link to hashing functions
BUG/MINORpeersIncomplete peers sections should be validated.
BUG/MINORprotocol_bufferWrong maximum shifting.

#2020/04/21 : 2.0r1 (1.0.0-221.698)

#2020/04/01 : 2.0r1 (1.0.0-220.698)

BUG/CRITICALhpacknever index a header into the headroom after wrapping
BUG/MINORhttp-anaReset request analysers on a response side error
BUG/MINORhttp-anaReset request analysers on error when waiting for response
BUG/MINORfiltersForward everything if no data filters are called
BUG/MINORfiltersUse filter offset to decude the amount of forwarded data
MINORhttp-rulesHandle the rule direction when a redirect is evaluated
BUG/MINORhttp_anamake sure redirect flags don't have overlapping bits
MINORhttp-rulesAdd a flag on redirect rules to know the rule direction
DOCinternalsFix spelling errors in filters.txt
BUG/MINORstatsFix color of draining servers on stats page
BUILDsslonly pass unsigned chars to isspace()
MINORlisteneradd so_name sample fetch
BUG/MINORpeersUse after free of peers section.
BUG/MINORpeersavoid an infinite loop with peers_fe is NULL
BUG/MINORpeersinit bind_proc to 1 if it wasn't initialized
BUG/MINORhaproxy/threadsclose a possible race in soft-stop detection
REGTESTincrease timeouts on the seamless-reload test
REGTESTSuse command -v instead of which
BUG/MINORconnectionsMake sure we free the connection on failure.
MINORmemoryChange the flush_lock to a spinlock, and don't get it in alloc.
BUG/MEDIUMwdtDon't ignore WDTSIG and DEBUGSIG in __signal_process_queue().
MINORwdtMove the definitions of WDTSIG and DEBUGSIG into types/signal.h.
DOCassorted typo fixes in the documentation
BUG/MEDIUMpeersresync ended with RESYNC_PARTIAL in wrong cases.
BUILDmakefilefix expression again to detect ARM platform
BUILDmakefilefix regex syntax in ARM platform detection
BUILDon ARM, must be linked to libatomic.
DOCproxy_protocolReserve TLV type 0x05 as PP2_TYPE_UNIQUE_ID
BUG/MINORhaproxy/threadstry to make all threads leave together
BUG/MINORlistener/mqdo not dispatch connections to remote threads when stopping
BUG/MINORhaproxyalways initialize sleeping_thread_mask
BUG/MEDIUMrandomalign the state on 2*64 bits for ARM64
BUILDwdtonly test for SI_TKILL when compiled with thread support
DOCsslclarify security implications of TLS tickets
DOCimprove description of no-tls-tickets
DOCfix typo about no-tls-tickets
BUG/MINORrulesIncrement be_counters if backend is assigned for a silent-drop
BUG/MINORrulesPreserve FLT_END analyzers on silent-drop action
BUG/MINORhttp-rulesFix a typo in the reject action function
BUG/MINORhttp-rulesPreserve FLT_END analyzers on reject action
BUG/MINORluaIgnore the reserve to know if a channel is full or not
BUG/MEDIUMcompression/filtersFix loop on HTX blocks compressing the payload
BUG/MEDIUMcache/filtersFix loop on HTX blocks caching the response payload
MINORhtxAdd a function to return a block at a specific offset
REGTESTmake the PROXY TLV validation depend on version 2.2
BUG/MAJORproxy_protocolProperly validate TLV lengths
BUG/MINORinitmake the automatic maxconn consider the max of soft/hard limits
DOCassorted typo fixes in the documentation and Makefile
DOCconfiguration.txtfix various typos
BUG/MINORpatternDo not pass len = 0 to calloc()
OPTIMstartupfast unique_id allocation for acl.
DOCfix incorrect indentation of http_auth_*
BUG/MAJORlistfix invalid element address calculation

#2020/03/27 : 2.0r1 (1.0.0-219.645)

#2020/03/17 : 2.0r1 (1.0.0-217.645)

BUG/MINORchecks/threadsuse ha_random() and not rand()
MINORbackenduse a single call to ha_random32() for the random LB algo
BUG/MEDIUMrandomimplement a thread-safe and process-safe PRNG
MINORtoolsadd 64-bit rotate operators
BUG/MEDIUMrandominitialize the random pool a bit better

#2020/03/06 : 2.0r1 (1.0.0-217.640)

#2020/03/05 : 2.0r1 (1.0.0-215.640)

BUILDtoolsrely on __ELF__ not USE_DL to enable use of dladdr()
BUILDtoolsunbreak resolve_sym_name() on non-GNU platforms
MINORdebugdump the whole trace if we can't spot the starting point
MINORdebuguse our own backtrace function on clang+x86_64
MINORdebugimprove backtrace() on aarch64 and possibly other systems
MINORdebugreport the number of entries in the backtrace
MINORwdtdo not depend on USE_THREAD
BUILDMakefileinclude librt before libpthread
BUG/MINORwdtdo not return an error when the watchdog couldn't be enabled
MINORdebugcall backtrace() once upon startup
MEDIUMdebugadd support for dumping backtraces of stuck threads
MINORclimake show fd rely on resolve_sym_name()
MINORdebuguse resolve_sym_name() to dump task handlers
MINORtoolsadd resolve_sym_name() to resolve function pointers
MINORtoolsadd new function dump_addr_and_bytes()
MINORhaproxyexport run_poll_loop
MINORhaproxyexport main to ease access from debugger
BUG/MEDIUMdebugmake the debug_handler check for the thread in threads_to_dump
MINORdebugreport the task handler's pointer relative to main

#2020/03/04 : 2.0r1 (1.0.0-213.621)

MINORssl/clireorder 'show ssl cert' output
MINORssl/cli'show ssl cert'displays the issuer in the chain
MINORssl/cli'show ssl cert' displays the chain
BUG/MEDIUMsslfix several bad pointer aliases in a few sample fetch functions
BUG/MINORsslload .key in a directory only after PEM
MINORsslload the key from a dedicated file
MINORsslssl-load-extra-files configure loading of files
MINORcontrib/prometheus-exporterAdd the last heathcheck duration metric
MINORcontrib/prometheus-exporterAdd heathcheck status/code in server metrics
BUG/MINORdnsignore trailing dot
BUG/MINORsampleMake sure to return stable IDs in the unique-id fetch
BUILDebtreeimprove architecture-specific alignment
MINORcompileradd new alignment macros
BUG/MINORconnectionmake sure to correctly tag local PROXY connections
BUG/MEDIUMsslfix several bad pointer aliases in a few sample fetch functions
BUG/MINORsamplefix the json converter's endian-sensitivity
CLEANUPcfgparseFix type of second calloc() parameter
BUILDfix recent build failure on unaligned archs
BUG/MEDIUMebtreedon't set attribute packed without unaligned access support
MINORcompilermove CPU capabilities definition from config.h and complete them
BUG/MEDIUMshctxmake sure to keep all blocks aligned
BUG/MINORhttphttp-request replace-path duplicates the query string
MINORistadd an iststop() function
BUG/MAJORhttp-anaAlways abort the request when a tarpit is triggered
BUG/MINORhttp-anaMatching on monitor-uri should be case-sensitive
BUG/MINORfiltersCount HTTP headers as filtered data but don't forward them
MINORfiltersForward data only if the last filter forwards something
MINORhttp-htxAdd a function to retrieve the headers size of an HTX message
SCRIPTSannounce-releaseuse mutt -H instead of -i to include the draft
BUG/MEDIUMmuxesUse the right argument when calling the destroy method.
BUG/MINORnamespaceavoid closing fd when socket failed in my_socketat
SCRIPTSmake announce-release executable again
BUG/MINORtcpdon't try to set defaultmss when value is negative
DOCword converter ignores delimiters at the start or end of input string
BUG/MINORtcpavoid closing fd when socket failed in tcp_bind_listener
BUG/MINORlistenerenforce all_threads_mask on bind_thread on init
BUG/MEDIUMlisteneronly consider running threads when resuming listeners
BUG/MINORdnsallow 63 char in hostname
CLEANUPbindhandle warning label on bind keywords parsing.

#2020/02/20 : 2.0r1 (1.0.0-213.582)

BUG/MINORsslclear the SSL errors on DH loading failure

#2020/02/12 : 2.0r1 (1.0.0-213.581)

BUG/MEDIUMssl/cli'commit ssl cert' wrong SSL_CTX init

#2020/02/11 : 2.0r1 (1.0.0-213.580)

BUG/MINORsslPossible memleak when allowing the 0RTT data buffer.
MINORhttpadd a new replace-path action
BUG/MINORunixbetter catch situations where the unix socket path length is close to the limit
MINORbuildadd linux-glibc-legacy build TARGET
SCRIPTSannounce-releaseallow the user to force to overwrite old files
SCRIPTSannounce-releaseplace the send command in the mail's header
CONTRIBdebugalso support reading values from stdin
MINORaclWarn when an ACL is named 'or'
CONTRIBdebugsupport reporting multiple values at once
CONTRIBdebugadd the possibility to decode the value as certain types only
CONTRIBdebugadd missing flags SF_HTX and SF_MUX
BUG/MINORsslwe may only ignore the first 64 errors
BUG/MAJORmemoryDon't forget to unlock the rwlock if the pool is empty.
BUG/MEDIUMmemoryAdd a rwlock before freeing memory.
MINORmemoryOnly init the pool spinlock once.
BUG/MEDIUMmemory_poolUpdate the seq number in pool_flush().
BUG/MEDIUMconnectionsDon't forget to unlock when killing a connection.
BUG/MINORconnectionfix ip6 dst_port copy in make_proxy_line_v2
BUG/MEDIUMpipefix a use-after-free in case of pipe creation error
BUG/MINORssl/clifix unused variable with openssl < 1.0.2

#2020/01/27 : 2.0r1 (1.0.0-211.560)

REGTESTSmake the set_ssl_cert test require version 2.2
MINORsslaccept 'verify' bind option with 'set ssl cert'
CLEANUPsslremove opendir call in ssl_sock_load_cert
REGTESTset_ssl_cert.vtcreplace echo with printf
REGTESTmake the set ssl cert require version 2.1
REGTESTssltest the set ssl cert CLI command
BUG/MINORssl/clifix build for openssl < 1.0.2
MINORssl/cli'show ssl cert' give information on the certificates
BUG/MINORsslfix X509 compatibility for openssl < 1.1.0
MINORssldeduplicate crl-file
MINORsslcompute ca-list from deduplicate ca-file
MINORssldeduplicate ca-file
CLEANUPsslClean up error handling
BUG/MINORssl/cliocsp_issuer must be set w/ set ssl cert
BUG/MINORssltypo in previous patch
BUG/MINORsslmemory leak w/ the ocsp_issuer
BUG/MINORsslincrement issuer refcount if in chain
BUG/MINORssl/clifree the previous ckch content once a PEM is loaded
BUG/MINORsslssl_sock_load_pem_into_ckch is not consistent
BUG/MINORsslssl_sock_load_sctl_from_file memory leak
BUG/MINORsslssl_sock_load_issuer_file_into_ckch memory leak
BUG/MINORsslssl_sock_load_ocsp_response_from_file memory leak
BUG/MINORssl/clidon't overwrite the filters variable
BUG/MINORssl/cli'ssl cert' cmd only usable w/ admin rights
BUG/MINORsslfix SSL_CTX_set1_chain compatibility for openssl < 1.0.2
DOCssl/cliset/commit/abort ssl cert
BUG/MINORtcpchecksfix the connect() flags regarding delayed ack
BUG/MEDIUMsslDon't forget to free ctx->ssl on failure.
MEDIUMdnsAdd resolve-opts ignore-weight
BUG/MINORdnsallow srv record weight set to 0
BUILDcfgparsesilence a bogus gcc warning on 32-bit machines
BUG/MEDIUMmux-h2make sure we don't emit TE headers with anything but trailers
BUG/MINORstktablereport the current proxy name in error messages
BUG/MEDIUM0rttOnly consider the SSL handshake.
BUG/MINORhttp_actdon't check capture id in backend
MINORproxy/http-anaAdd support of extra attributes for the cookie directive
BUG/MINORtcp-rulesFix memory releases on error path during action parsing
BUG/MINORstick-tableUse MAX_SESS_STKCTR as the max track ID during parsing
BUG/MINORhttp-rulesRemove buggy deinit functions for HTTP rules
BUG/MINORhttp-ana/filtersWait end of the http_end callback for all filters
BUILDpatterninclude errno.h
BUG/MINOR51dFix bug when HTX is enabled
BUG/MINORdnsMake dns_query_id_seed unsigned
BUG/MINORcacheFix leak of cache name in error path
BUG/MINORpatternhandle errors from fgets when trying to load patterns
BUG/MEDIUMconnectionadd a mux flag to indicate splice usability
BUG/MINORstreamdon't mistake match rules for store-request rules
BUG/MEDIUMcli_getsocks must send the peers sockets
REGTESTadd sample_fetches/hashes.vtc to validate hashes
BUG/MAJORhashesfix the signedness of the hash inputs
BUG/MEDIUMmux_h1Don't call h1_send if we subscribed().
BUG/MEDIUMmworkerremain in mworker mode during reload
REGTESTmcli/mcli_start_progsstart 2 programs
BUG/MINORcli/mworkercan't start haproxy with 2 programs
BUG/MEDIUMmux-h2don't stop sending when crossing a buffer boundary
BUG/MEDIUMmux-h2fix missing test on sending_list in previous patch
BUG/MINORmux-h2use a safe list_for_each_entry in h2_send()
BUG/MINORstream-intDon't trigger L7 retry if max retries is already reached
BUG/MEDIUMsessiondo not report a failure when rejecting a session
BUG/MINORchannelinject output data at the end of output
BUG/MEDIUMhttp-anaTruncate the response when a redirect rule is applied
BUG/MINORproxyFix input data copy when an error is captured
BUG/MINORh1Report the right error position when a header value is invalid
MINORsslRemove unused variable need_out.
MINORconfigdisable busy polling on old processes
BUG/MEDIUMconnectionsHold the lock when wanting to kill a connection.
BUG/MEDIUMchecksOnly attempt to do handshakes if the connection is ready.
BUG/MINORchecksrefine which errno values are really errors.
BUILDsslimprove SSL_CTX_set_ecdh_auto compatibility
BUG/MEDIUMstreamBe sure to never assign a TCP backend to an HTX stream

#2019/12/20 : 2.0r1 (1.0.0-208.490)

BUG/MINORsslopenssl-compat: Fix getm_ defines
BUG/MEDIUMfd/threadsfix a concurrency issue between add and rm on the same fd
MINORfd/threadsmake _GET_NEXT()/_GET_PREV() use the volatile attribute
BUG/MEDIUMsslRevamp the way early data are handled.
BUG/MAJORtaskadd a new TASK_SHARED_WQ flag to fix foreing requeuing
MINORtaskonly check TASK_WOKEN_ANY to decide to requeue a task
BUG/MEDIUMsslDon't set the max early data we can receive too early.
BUG/MINORsamplealways check converters' arguments
BUG/MINORsamplefix the closing bracket and LF in the debug converter
DOCclarify the fact that replace-uri works on a full URI
DOCImprove documentation of http-re(quest|sponse) replace-(header|value|uri)

#2019/12/11 : 2.0r1 (1.0.0-208.479)

BUILD/MINORunix sockets: silence an absurd gcc warning about strncpy()
BUG/MINORlistenerfix off-by-one in state name check
BUG/MINORservermake agent-addr work on default-server line
BUG/MINORlistenerdo not immediately resume on transient error
BUG/MINORmworkerproperly pass SIGTTOU/SIGTTIN to workers
BUG/MINORlogfix minor resource leaks on logformat error path
DOCremove references to the outdated architecture.txt
BUILDdo not disable -Wformat-truncation anymore
BUILD/MINORtoolsshut up the format truncation warning in get_gmt_offset()
DOCproxiesHAProxy only supports 3 connection modes
BUG/MEDIUMmux-fcgiHandle cases where the HTX EOM block cannot be inserted
BUG/MINORfcgi-appMake the directive pass-header case insensitive
BUG/MINORtasksonly requeue a task if it was already in the queue
DOClistenersadd a few missing transitions
BUG/MEDIUMkqueueMake sure we report read events even when no data.
BUG/MEDIUMproto_udp/threadsrecv() and send() must not be exclusive.
BUG/MAJORdnsadd minimalist error processing on the Rx path
DOCdocument the listener state transitions
BUG/MEDIUMlistener/threadsfix a remaining race in the listener's accept()
BUG/MINORlisteneralso clear the error flag on a paused listener
BUG/MINORlistener/threadsalways use atomic ops to clear the FD events
BUG/MINORproxymake soft_stop() also close FDs in LI_PAUSED state
BUG/MINORmux-h1Be sure to set CS_FL_WANT_ROOM when EOM can't be added

#2019/12/06 : 2.0r1 (1.0.0-208.456)

BUG/MEDIUMchecksMake sure we set the task affinity just before connecting.
BUG/MEDIUMtasksMake sure we switch wait queues in task_set_affinity().
BUG/MINORmux-h1Fix conditions to know whether or not we may receive data
BUG/MINORmux-h1Don't rely on CO_FL_SOCK_RD_SH to set H1C_F_CS_SHUTDOWN
BUG/MEDIUMmux-h1Never reuse H1 connection if a shutw is pending
BUG/MINORsslcertificate choice can be unexpected with openssl >= 1.1.1
BUG/MEDIUMlistener/threadfix a race when pausing a listener
BUG/MINORstream-intavoid calling rcv_buf() when splicing is still possible
BUG/MEDIUMstream-intdon't subscribed for recv when we're trying to flush data
DOCmove the group keyword at the right place
DOCclarify matching strings on binary fetches
DOCClarify behavior of server maxconn in HTTP mode
BUG/MINORhttp-htxDon't make http_find_header() fail if the value is empty
CLEANUPsslcheck if a transaction exists once before setting it
BUG/MINORsslStop passing dynamic strings as format arguments
MINORsslfix possible null dereference in error handling
MINORssl/clidisplay warning during 'commit ssl cert'
MEDIUMssl/cliapply SSL configuration on SSL_CTX during commit
MINORsslssl_sock_prepare_ctx() return an error code
BUILD/MINORsslfix compiler warning about useless statement
MINORssl/cli'abort ssl cert' deletes an on-going transaction
BUG/MINORsslssl_pkey_info_index ex_data can store a dereferenced pointer
MINORssl/clireplace the default_ctx during 'commit ssl cert'
BUG/MINORssl/clifix an error when a file is not found
BUG/MINORssl/cliunable to update a certificate without bundle extension
BUG/MEDIUMssl/clidon't alloc path when cert not found
MINORsslBoringSSL ocsp_response does not need issuer
BUG/MEDIUMssl/clifix dot research in cli_parse_set_cert
BUG/MINORssldouble free on error for ckch->{key,cert}
BUG/MINORsslckch->chain must be initialized
BUG/MINORsslsegfault in cli_parse_set_cert with old openssl/boringssl
BUG/MINORssl/clicheck trash allocation in cli_io_handler_commit_cert()
CLEANUPssl/cliremove leftovers of bundle/certs (it < 2)
MINORssl/clirework 'set ssl cert' as 'set/commit'
BUILD/MINORsslshut up a build warning about format truncation
MINORssl/clirework the 'set ssl cert' IO handler
BUG/MINORssl/clicleanup on cli_parse_set_cert error
BUG/MINORsslfix build of X509_chain_up_ref() w/ libreSSL
BUG/MINORsslfix build with openssl < 1.1.0
BUG/MINORssl/cliout of bounds when built without ocsp/sctl
BUG/MINORssl/clifix build of SCTL and OCSP
MEDIUMcli/sslhandle the creation of SSL_CTX in an IO handler
MINORssl/cliassignate a new ckch_store
MINORsslnew functions duplicate and free a ckch_store
MINORsslcopy a ckch from src to dst
MINORsslupdate ssl_sock_free_cert_key_and_chain_contents
MINORssl/cliupdate ocsp/issuer/sctl file from the CLI
BUG/MINORssl/clifix looking up for a bundle
MINORsslsplit ssl_sock_load_crt_file_into_ckch()
MINORsslload issuer from file or from buffer
MINORsslload sctl from buf OR from a file
MINORsslOCSP functions can load from file or buffer
CLEANUPsslfix SNI/CKCH lock labels
CLEANUPsslremove old TODO commentary
BUG/MEDIUMssl'tune.ssl.default-dh-param' value ignored with openssl > 1.1.1
CLEANUPsslmake ssl_sock_load_dh_params handle errcode/warn
CLEANUPsslmake ssl_sock_put_ckch_into_ctx handle errcode/warn
CLEANUPsslmake ckch_inst_new_load_(multi_)store handle errcode/warn
CLEANUPsslmake cli_parse_set_cert handle errcode and warnings.
CLEANUPsslmake ssl_sock_load_ckchs() return a set of ERR_*
CLEANUPsslmake ssl_sock_load_cert*() return real error codes
BUG/MINORsslcan't load ocsp files
BUG/MINORsslfix error messages for OCSP loading
BUG/MINORsslfix OCSP build with BoringSSL
BUG/MINORsslfix build without multi-cert bundles
BUG/MINORsslfix build without SSL
BUG/MEDIUMsslNULL dereference in ssl_sock_load_cert_sni()
MINORsslload the ocsp in/from the ckch
MINORsslload the sctl in/from the ckch
MEDIUMssl/cli'set ssl cert' updates a certificate from the CLI
MINORsslssl_sock_load_crt_file_into_ckch() is filling from a BIO
MEDIUMsslssl_sock_load_ckchs() alloc a ckch_inst
MINORsslssl_sock_load_multi_ckchs() can properly fail
MINORsslssl_sock_load_ckchn() can properly fail
MEDIUMsslsplit ssl_sock_add_cert_sni()
MEDIUMsslintroduce the ckch instance structure
MINORsslinitialize explicitly the sni_ctx trees
MINORsslinitialize the sni_keytypes_map as EB_ROOT
REORGsslmove structures to ssl_sock.h
REORGsslrename ckch_node to ckch_store
MINORsslcrt-list do ckchn_lookup

#2019/11/27 : 2.0r1 (1.0.0-208.375)

BUG/MINORcontrib/prometheus-exporterdecode parameter and value only
BUG/MINORcontrib/prometheus-exporterUse HTX errors and not legacy ones
BUG/MINORstreaminit variables when the list is empty
SCRIPTSgit-show-backportsadd -s to proposed cherry-pick commands
SCRIPTScreate-releaseshow the correct origin name in suggested commands
BUG/MAJORmux-h2don't try to decode a response HEADERS frame in idle state
BUG/MAJORh2make header field name filtering stronger
BUG/MAJORh2reject header values containing invalid chars
MINORistadd ist_find_ctl()
BUG/MINORsslfix curve setup with LibreSSL
BUG/MINORclifix out of bounds in -S parser
DOCAdd documentation about the use-service action
DOCAdd missing stats fields in the management manual
BUG/MINORmux-h1Adjust header case when chunked encoding is add to a message
BUG/MINORmux-h1Fix a UAF in cfg_h1_headers_case_adjust_postparser()
MEDIUMmux-h1Add the support of headers adjustment for bogus HTTP/1 apps
REGTESTvtest can now enable mcli with its own flag
MINORstatsReport max times in addition of the averages for sessions
BUG/MINORstream-intFix si_cs_recv() return value
MINORcontrib/prometheus-exporterAdd a param to ignore servers in maintenance
MINORcontrib/prometheus-exporterfilter exported metrics by scope
MINORcontrib/prometheus-exporterreport the number of idle conns per server
BUG/MINORcontrib/prometheus-exporterRename some metrics
MINORcontrib/prometheus-exporterReport metrics about max times for sessions
MINORcountersAdd fields to store the max observed for {q,c,d,t}_time
MINORstreamRemove the lock on the proxy to update time stats
MINORfreq_ctrMake the sliding window sums thread-safe
BUG/MINORhttp-anaProperly catch aborts during the payload forwarding
BUG/MINORmux-h1Fix tunnel mode detection on the response path
BUILDdebugAvoid warnings in dev mode with -02 because of some BUG_ON tests
BUG/MEDIUMstream-intDon't loose events on the CS when an EOS is reported
BUG/MINORpeerspeer alive flag not reset when deconnecting.
BUG/MEDIUMmworkerdon't fill the -sf argument with -1 during the reexec
BUG/MINORsslfix crt-list neg filter for openssl < 1.1.1
BUG/MINORpeersWrong null server_name data field handling.
MINORpeersAdd debugging information to show peers.
MINORpeersAdd TX/RX heartbeat counters.
MINORpeersAlway show the table info for disconnected peers.
BUG/MINORinitfix set-dumpable when using uid/gid
BUG/MINORmux-h1Don't set CS_FL_EOS on a read0 when receiving data to pipe
BUG/MEDIUMfiltersDon't call TCP callbacks for HTX streams
BUG/MINORmux-h1Properly catch parsing errors on payload and trailers
MINORh1-htxUpdate h1_copy_msg_data() to ease the traces in the mux-h1

#2019/11/15 : 2.0r1 (1.0.0-208.332)

BUG/MINORloglimit the size of the startup-logs
BUILDcontrib/daremove an unused warning
MINORmemoryalso poison the area on freeing
BUG/MEDIUMlistenersalways pause a listener on out-of-resource condition
CLEANUPsessionslightly simplify idle connection cleanup logic
BUG/MEDIUMMake sure we leave the session list in session_free().

#2019/11/14 : 2.0r1 (1.0.0-208.326)

DOCmanagementfix typo on cache_lookups stats output
BUGdnstimeout resolve not applied for valid resolutions
BUG/MINORactiondo-resolve now use cached response
BUG/MEDIUMstreamBe sure to release allocated captures for TCP streams
MINORdochttp-reuse connection pool fix
BUG/MEDIUMstreamBe sure to support splicing at the mux level to enable it
BUG/MEDIUMmux-h1Disable splicing for chunked messages
BUG/MEDIUMmux-h2immediately report connection errors on streams
BUG/MEDIUMmux-h2immediately remove a failed connection from the idle list
BUG/MEDIUMmux-h2report no available stream on a connection having errors
BUG/MINORconfigUpdate cookie domain warn to RFC6265
BUG/MEDIUMserversOnly set SF_SRV_REUSED if the connection if fully ready.
BUG/MEDIUMstream_interfaceOnly use SI_ST_RDY when the mux is ready.
MINORmuxAdd a new method to get informations about a mux.
BUG/MINORspoefix off-by-one length in UUID format string
BUG/MAJORstream-intDon't receive data from mux until SI_ST_EST is reached
BUG/MINORmux-h2Don't pretend mux buffers aren't full anymore if nothing sent
BUG/MINORclidon't call the kw->io_release if kw->parse failed
MINORtcpavoid confusion in time parsing init
BUG/MINORmux-h2do not emit logs on backend connections
MINORconfigwarn on presence of \n in header values/replacements
BUG/MEDIUMhttpunbreak redirects in legacy mode
BUG/MINORqueue/threadsmake the queue unlinking atomic
BUG/MINORservercheck return value of fopen() in apply_server_state()

#2019/10/23 : 2.0r1 (1.0.0-207.302)

BUG/MEDIUMpatternmake the pattern LRU cache thread-local and lockless
BUG/MINORstick-tablefix an incorrect 32 to 64 bit key conversion

#2019/10/22 : 2.0r1 (1.0.0-207.300)

BUG/MINORsslfix memcpy overlap without consequences.
BUG/MINORmux-h2also make sure blocked legacy connections may expire
BUG/MINORsampleMake the `field` converter compatible with `-m found`
BUG/MINORcachealloc shctx after check config
BUG/MINORstick-tableNever exceed (MAX_SESS_STKCTR-1) when fetching a stkctr
BUG/MINORsslFix fd leak on error path when a TLS ticket keys file is parsed
BUG/MINORmworker/clireload fail with inherited FD
REGTESTmcli/mcli_show_infolaunch a 'show info' on the master CLI
BUG/MEDIUMmux_ptOnly call the wake emthod if nobody subscribed to receive.
BUG/MEDIUMmux_ptDon't destroy the connection if we have a stream attached.
BUG/MAJORidle conns: schedule the cleanup task on the correct threads
BUG/MEDIUMmux_ptMake sure we don't have a conn_stream before freeing.
BUG/MINORtcpDon't alter counters returned by tcp info fetchers
BUG/MINORmworker/sslclose openssl FDs unconditionally
MINORmux-h2also support emitting CONTINUATION on trailers
MEDIUMmux-h2support emitting CONTINUATION frames after HEADERS
BUG/MINORhttp-htxProperly set htx flags on error files to support keep-alive
MINORversionmake the version strings variables, not constants
BUG/MINORWURFLfix send_log() function arguments
BUG/MINORmux-h1Capture ignored parsing errors
BUG/MINORmux-h1Mark the output buffer as full when the xfer is interrupted
BUG/MINORchunkFix tests on the chunk size in functions copying data
BUG/MEDIUMhtxCatch chunk_memcat() failures when HTX data are formatted to h1
BUILDsslwrong #ifdef for SSL engines code
BUG/MINORsslabort on sni_keytypes allocation failure
BUG/MINORsslfree the sni_keytype nodes
BUG/MINORsslabort on sni allocation failure

#2019/10/11 : 2.0r1 (1.0.0-207.272)

BUG/MEDIUMappletalways check a fast running applet's activity before killing
MINORstatsmention in the help message support for json and typed
DOCfix typo in Prometheus exporter doc
DOCclarify some points around http-send-name-header's behavior
BUG/MEDIUMcachemake sure not to cache requests with absolute-uri
BUG/MINORpeerscrash on reload without local peer.
BUG/MEDIUMmux-h2do not enforce timeout on long connections
BUILDebtreemake eb_is_empty() and eb_is_dup() take a const
MINORmux-h2add a per-connection list of blocked streams
BUG/MINORactiondo-resolve does not yield on requests with body
BUG/MEDIUMluaStore stick tables into the sample's `t` field
BUG/MINORluaProperly initialize the buffer's fields for string samples in hlua_lua2(smp|arg)

#2019/10/04 : 2.0r1 (1.0.0-207.260)

#2019/09/30 : 2.0r1 (1.0.0-204.260)

DOCreplace utf-8 quotes by ascii ones
BUILDsslfix a warning when built with openssl < 1.0.2
BUG/MINORstatsAdd a missing break in a switch statement
BUG/MEDIUMfcgifix missing list tail in sample fetch registration
BUG/MEDIUMnamespacefix fd leak in master-worker mode
DOCFix documentation about the cli command to get resolver stats
BUG/MINORcontrib/prometheus-exporterReturn the time averages in seconds
MINORstatsAdd the support of float fields in stats
MINORspoeSupport the async mode with several threads
MINORspoeImprove generation of the engine-id
BUG/MEDIUMspoeUse a different engine-id per process
BUG/MINORmux-h1Do h2 upgrade only on the first request
BUG/MAJORmux_h2Don't consume more payload than received for skipped frames
BUG/MINORmux-h2Use the dummy error when decoding headers for a closed stream
BUG/MEDIUMmux-h2don't reject valid frames on closed streams
BUG/MEDIUMnamespaceclose open namespaces during soft shutdown
BUG/MINORmux-h2do not wake up blocked streams before the mux is ready
MINORbackendAdd srv_queue converter
BUG/MINORbuildFix compilation of mux_fcgi.c when compiled without SSL
BUG/MINORmux-fcgisilence a gcc warning about null dereference
MINORmux-h1Report a processing error during output processing
BUG/MINORmux-fcgiUse a literal string as format in app_log()
CLEANUPmux-fcgiRemove the unused function fcgi_strm_id()
BUG/MINORmux-fcgiDon't compare the filter name in its parsing callback
CLEANUPfcgi-appRemove useless test on fcgi_conf pointer
BUG/MINORmux-fcgiBe sure to have a connection to unsubcribe
MINORdocAdd documentation about the FastCGI support
MEDIUMmux-fcgiAdd the FCGI multiplexer
MINORconnectionadd conn_get_src() and conn_get_dst()
MEDIUMfcgi-appAdd FCGI application and filter
MINORfcgiAdd code related to FCGI protocol
MINORmuxes/htxIgnore pseudo header during message formatting
MINORhtxAdd a flag on HTX message to report processing errors
MINORhttp-anaHandle HTX errors first during message analysis
MINORh1-htxUse the same function to copy message payload in all cases
MEDIUMmux-h1/h1-htxmove HTX convertion of H1 messages in dedicated file
MINORhttpAdd function to parse value of the header Status
MINORlogProvide a function to emit a log for an application
MINORistbufAdd the function b_isteqi()
MINORhttp_fetchAdd sample fetches to get auth method/user/pass
MINORstatsAdd JSON export from the stats page
MEDIUMlogadd support for logging to a ring buffer
MEDIUMloguse the new generic fd_write_frag_line() function
MINORlogadd a target type instead of hacking the address family
MINORfd/log/sinkmake the non-blocking initialization depend on the initialized bit
MINORfdadd a new initialized bit in the fdtab struct
MEDIUMringimplement a wait mode for watchers
MINORsinknow report the number of dropped events on output
MINORsinkimplement show events to show supported sinks and dump the rings
MINORsinkadd support for ring buffers
MINORsinknow call the generic fd write function
MINORfdadd fd_write_frag_line() to send a fragmented line to an fd
MINORsinkset the fd-type sinks to non-blocking
MINORsinkadd a support for file descriptors
MINORsinkcreate definitions a minimal code for event sinks
BUG/MINORringb_peek_varint() returns a uint64_t, not a size_t
BUG/MINORringfix the way watchers are counted
MINORringadd a generic CLI io_handler to dump a ring buffer
MINORringadd a ring_write() function
MINORringadd a new mechanism for retrieving/storing ring data in buffers
MINORbufferadd functions to read/write varints from/to buffers
MINORtoolsadd a function varint_bytes() to report the size of a varint
MINORcliextend the CLI context with a list and two offsets
MINORcliadd cli_msg(), cli_err(), cli_dynmsg(), cli_dynerr()
MINORcliadd two new states to print messages on the CLI
BUG/MEDIUMsslopen the right path for multi-cert bundle
BUG/MINORsslfix ressource leaks on error
BUG/MEDIUMssldon't free the ckch in multi-cert bundle
BUILDsslBoringSSL add EVP_PKEY_base_id
BUG/MEDIUMssldoes not try to free a DH in a ckch
BUG/BUILDsslfix build with openssl < 1.0.2
MINORsslclean ret variable in ssl_sock_load_ckchn
CLEANUPsslssl_sock_load_crt_file_into_ckch
MINORssldo not look at DHparam with OPENSSL_NO_DH
MINORsslcheck private key consistency in loading
MINORssladd extra chain compatibility
MINORssluse STACK_OF for chain certs
MEDIUMsslload DH param in struct cert_key_and_chain
MEDIUMssllookup and store in a ckch_node tree
MEDIUMsslsplit the loading of the certificates
MEDIUMssluse cert_key_and_chain struct in ssl_sock_load_cert_file()
MINORsslmerge ssl_sock_load_cert_file() and ssl_sock_load_cert_chain_file()
MINORglobalPreset tune.max_http_hdr to its default value
DOCmanagementdocument cache_hits and cache_lookups in the CSV format
DOCmanagementdocument reuse and connect counters in the CSV format
MEDIUMserverserver-state global file stored in a tree
MINORsampleAdd sha2([<bits>]) converter
BUG/MEDIUMchecksmake sure the connection is ready before trying to recv
BUG/MEDIUMstream-intProcess connection/CS errors during synchronous sends
BUG/MINORstream-intProcess connection/CS errors first in si_cs_send()
BUG/MEDIUMcheck/threadsmake external checks run exclusively on thread 1
BUG/MAJORmux-h2Handle HEADERS frames received after a RST_STREAM frame
BUG/MINORmux-h2Be sure to have a connection to unsubcribe
BUG/MEDIUMstick-tableProperly handle show table with a data type argument
MINORsampleAdd UUID-fetch
BUG/MINORMissing stat_field_names (since f21d17bb)
BUG/MINORbackendFix a possible null pointer dereference
BUG/MINORaclFix memory leaks when an ACL expression is parsed
BUG/MINORfiltersProperly set the HTTP status code on analysis error
BUG/MEDIUMhttpalso reject messages where chunked is missing from transfer-enoding
MINORhapee/WURFLadded live update database function
MINORhapee/WURFLadded custom API log function
MINORhapee/WURFLadded function to check correct module initialization
BUG/MINORhapee/WURFLcorrected version check of used wurfl library
BUILDhapee/darepaired build in case of using old DeviceAtlas library
MINORhapee/daadd function that allow data reload
MINORhapee/daadd spin locking
MINORhapee/daadd support for loading a precompiled json data
MINORhapee/51dadd function that allow data reload
BUG/MINORhapee/51dadd spin locking
BUG/MINORsslalways check for ssl connection before getting its XPRT context
BUG/MINORlistenerFix a possible null pointer dereference
MINORstatsreport the number of idle connections for each server
BUG/MEDIUMconnectiondon't keep more idle connections than ever needed
BUG/MAJORsslssl_sock was not fully initialized.
BUG/MINORlb/leastconnignore the server weights for empty servers
MINORcontrib/prometheus-exporterReport DRAIN/MAINT/NOLB status for servers
BUG/MINORchecksdo not uselessly poll for reads before the connection is up
BUG/MINORchecksmake __event_chk_srv_r() report success before closing
BUG/MINORchecksstart sending the request right after connect()
BUG/MINORchecksstop polling for write when we have nothing left to send
BUG/MEDIUMcacheDon't cache objects if the size of headers is too big
BUG/MEDIUMcacheProperly copy headers splitted on several shctx blocks
BUG/MINORmux-h1Be sure to update the count before adding EOM after trailers
BUG/MINORmux-h1Don't stop anymore input processing when the max is reached
BUG/MINORmux-h1Fix size evaluation of HTX messages after headers parsing
BUG/MINORh1Properly reset h1m when parsing is restarted
BUG/MINORhttp-anaReset response flags when 1xx messages are handled
BUG/MEDIUMpeerslocal peer socket not bound.
BUG/MEDIUMproto-httpAlways start the parsing if there is no outgoing data
BUG/MEDIUMurl32 does not take the path part into account in the returned hash.
BUG/MEDIUMlistener/threadsfix an AB/BA locking issue in delete_listener()
BUG/MINORmworkerdisable SIGPROF on re-exec
DOCfixed typo in management.txt
BUG/MEDIUMmux-h1do not report errors on transfers ending on buffer full
BUG/MEDIUMmux-h1do not truncate trailing 0CRLF on buffer boundary
MEDIUMdebugmake the thread dump code show Lua backtraces
MINORluaexport applet and task handlers
MINORtoolsadd append_prefixed_str()
MINORdebugindicate the applet name when the task is task_run_applet()
BUG/MEDIUMmux_ptDon't call unsubscribe if we did not subscribe.
MINORfdmake sure to mark the thread as not stuck in fd_update_events()
BUG/MINORstatsWait the body before processing POST requests
BUG/MEDIUMluaFix test on the direction to set the channel exp timeout
BUG/MEDIUMmux_h1Don't bother subscribing in recv if we're not connected.
BUG/MINORFix prometheus '# TYPE' and '# HELP' headers
BUG/MINORluafix setting netfilter mark
BUG/MEDIUMproxyDon't use cs_destroy() when freeing the conn_stream.
BUG/MEDIUMproxyDon't forget the SF_HTX flag when upgrading TCP=>H1+HTX.
BUG/MINORbuffers/threadsalways clear a buffer's head before releasing it
MINORsslssl_fc_has_early should work for BoringSSL
BUG/MINORsslfix 0-RTT for BoringSSL
BUG/MEDIUMstick-tableWrong stick-table backends parsing.
BUG/MEDIUMchecksmake sure to close nicely when we're the last to speak
BUG/MINORmux-h2always reset rcvd_s when switching to a new frame
BUG/MINORmux-h2always send stream window update before connection's
BUG/MEDIUMmux-h2do not recheck a frame type after a state transition
BUG/MINORmux-h2do not send REFUSED_STREAM on aborted uploads
BUG/MINORmux-h2use CANCEL, not STREAM_CLOSED in h2c_frt_handle_data()
BUG/MINORmux-h2don't refrain from sending an RST_STREAM after another one
BUG/MEDIUMfdAlways reset the polled_mask bits in fd_dodelete().
BUG/MEDIUMproxyMake sure to destroy the stream on upgrade from TCP to H2
BUG/MEDIUMmux-h2split the stream's and connection's window sizes
BUG/MEDIUMmux-h2unbreak receipt of large DATA frames
BUG/MINORstream-intalso update analysers timeouts on activity
BUG/MAJORhttp/sampleuse a static buffer for raw -> htx conversion
BUG/MEDIUMlb-chashEnsure the tree integrity when server weight is increased
MINORwdtalso consider that waiting in the thread dumper is normal
BUG/MINORdebugfix a small race in the thread dumping code
BUG/MAJORqueue/threadsavoid an AB/BA locking issue in process_srv_queue()
BUG/MINORhtxFix free space addresses calculation during a block expansion
BUG/MINORhluaOnly execute functions of HTTP class if the txn is HTTP ready
MINORhluaAdd a flag on the lua txn to know in which context it can be used
MINORhluaDon't set request analyzers on response channel for lua actions
BUG/MEDIUMhluaCheck the calling direction in lua functions of the HTTP class
BUG/MINORhlua/htxReset channels analyzers when txn:done() is called
DOCimprove the wording in CONTRIBUTING about how to document a bug fix
BUG/MINORlogmake sure writev() is not interrupted on a file output
BUG/MEDIUMstreamsDon't switch the SI to SI_ST_DIS if we have data to send.
BUG/MEDIUMlb-chashFix the realloc() when the number of nodes is increased
BUILDthreadsadd the definition of PROTO_LOCK
BUG/MINORproxyalways lock stop_proxy()
BUG/MEDIUMprotocolsadd a global lock for the init/deinit stuff
BUG/CRITICALhttp_anaFix parsing of malformed cookies which start by a delimiter
BUG/MINORhttp_htxSupport empty errorfiles
BUG/MINORhttp_anaBe sure to have an allocated buffer to generate an error
BUG/MEDIUMtcp-checksdo not dereference inexisting conn_stream
BUG/MINORmux-h1Close server connection if input data remains in h1_detach()
BUG/MEDIUMmux-h1Trim excess server data at the end of a transaction
BUG/MINORchecksdo not exit tcp-checks from the middle of the loop
BUG/MINORsessionSend a default HTTP error if accept fails for a H1 socket
BUG/MINORsessionEmit an HTTP error if accept fails only for H1 connection
BUG/MINORdebugRemove flags CO_FL_SOCK_WR_ENA/CO_FL_SOCK_RD_ENA
DOChtxUpdate comments in HTX files
BUG/MINORhluaMake the function txn:done() HTX aware
BUG/MINORcache/htxMake maxage calculation HTX aware
BUG/MINORhttp_htxInitialize HTX error messages for TCP proxies
BUG/MINORhttp_fetchFix http_auth/http_auth_group when called from TCP rules
BUG/MINORbackenddo not try to install a mux when the connection failed
BUG/MEDIUMhttp/htxunbreak option http_proxy
BUG/MEDIUMchecksDon't attempt to receive data if we already subscribed.
BUG/MINORdnsremove irrelevant dependency on a client connection
BUG/MEDIUMthreadscpu-map designating a single thread/process are ignored
BUG/MEDIUMtcp-checkunbreak multiple connect rules again
BUG/MINORmux-ptdo not pretend there's more data after a read0
BUG/MEDIUMstreamsDon't redispatch with L7 retries if redispatch isn't set.
BUG/MEDIUMstreamsDon't give up if we couldn't send the request.
BUG/MINORmux-h1Correctly report Ti timer when HTX and keepalives are used
BUG/MEDIUMmux-h1Don't release h1 connection if there is still data to send
BUG/MAJORlistenerfix thread safety in resume_listener()
MINORtaskintroduce work lists
BUG/MEDIUMserversFix a race condition with idle connections.
DOCFix typos and grammer in configuration.txt
BUG/MEDIUMdacast the chunk to string.
BUG/MEDIUMchecksDon't attempt to read if we destroyed the connection.
BUG/MINORserverBe really able to keep pool-max-conn idle connections
BUG/MEDIUMfd/threadsfix excessive CPU usage on multi-thread accept
BUG/MINORsslrevert empty handshake detection in OpenSSL <= 1.0.2
BUG/MEDIUMserversDon't forget to set srv_cs to NULL if we can't reuse it.
BUG/MEDIUMstream-intDon't rely on CF_WRITE_PARTIAL to unblock opposite si
MINORstream-intFactorize processing done after sending data in si_cs_send()
BUG/MINORmux-h1Don't process input or ouput if an error occurred
BUG/MEDIUMmux-h1Handle TUNNEL state when outgoing messages are formatted
BUG/MEDIUMlb_fasDon't test the server's lb_tree from outside the lock
BUG/MEDIUMhttp/appletFinish request processing when a service is registered
MINORactionAdd the return code ACT_RET_DONE for actions
BUG/MINORcontrib/prometheus-exporterDon't try to add empty data blocks
MINORserverAdd no-tfo option.
BUG/MEDIUMsessionsDon't keep an extra idle connection in sessions.
BUG/MEDIUMserversAuthorize tfo in default-server.
BUG/MEDIUMconnectionsMake sure we're unsubscribe before upgrading the mux.
BUG/MINORcontrib/prometheus-exporterRespect the reserve when data are sent
BUG/MINORhlua/htxRespect the reserve when HTX data are sent
BUG/MEDIUMchannel/htxUse the total HTX size in channel_htx_recv_limit()
BUG/MINORhluaDon't use channel_htx_recv_max()
BUG/MINORcontrib/prometheus-exporterDon't use channel_htx_recv_max()
BUG/MEDIUMchecksMake sure the tasklet won't run if the connection is closed.
BUG/MEDIUMconnectionsAlways call shutdown, with no linger.
BUG/MINORmux-h1Don't return the empty chunk on HEAD responses
BUG/MINORmux-h1Skip trailers for non-chunked outgoing messages
BUG/MEDIUMchecksunblock signals in external checks
BUG/MEDIUMmux-h1Always release H1C if a shutdown for writes was reported
BUG/MEDIUMsslDon't attempt to set alpn if we're not using SSL.
BUG/MINORmworker/clidon't output a \n before the response
BUILDhapee/51dfix error when building with 51Degrees enabled
MEDIUMhapee/modulesload the STG_REGISTER initcalls
BUG/MEDIUMhapee/51dfix a segfault on exit when 51d configuration is not loaded
BUILDhapee/modulesclean(up) the copts-hash file not copts_hash
MEDIUMhapee/51duse fiftyoneDegreesProvider to access the pool and dataset
BUG/MINORhapee/modulesdisplay detailed error message on mod_init() failure
MINORhapee/modulesadd a new label MODULES_LOCK to the lock_label enum
MINORhapee/modulesadd the ability to register variable and functions.
MEDIUMhapee/modules'modules list' on the cli shows currently loaded modules
MINORhapee/modulesterminate properly loaded modules if possible
MINORhapee/modulesregister function called after the main config check
MEDIUMhapee/modulesadd memory reservation support for the modules
BUILDhapee/modulesupdate HAPEE version macro to 2.0r1
BUILDhapee/modulesadd macros to compute numerical value of a HAPEE version
BUILDhapee/modulesadd version of the module in the defines
MEDIUMhapee/modulesadd modules support

Search filters

Type

Section

Actions

Product Documentation

API Documentation

Configuration Documentation

Changelog - HAProxy Enterprise 2.0r1

#2024/01/17 : 2.0r1 (1.0.0-253.1592)

#2023/10/10 : 2.0r1 (1.0.0-251.1592)

#2023/08/16 : 2.0r1 (1.0.0-250.1592)

#2023/06/09 : 2.0r1 (1.0.0-250.1570)

#2023/06/06 : 2.0r1 (1.0.0-249.1570)

#2023/05/30 : 2.0r1 (1.0.0-249.1567)

#2023/05/17 : 2.0r1 (1.0.0-249.1549)

#2023/04/24 : 2.0r1 (1.0.0-249.1546)

#2023/02/13 : 2.0r1 (1.0.0-248.1534)

#2023/02/08 : 2.0r1 (1.0.0-247.1523)

#2023/01/20 : 2.0r1 (1.0.0-245.1523)

#2022/12/27 : 2.0r1 (1.0.0-245.1509)

#2022/12/09 : 2.0r1 (1.0.0-244.1509)

#2022/11/29 : 2.0r1 (1.0.0-244.1503)

#2022/10/26 : 2.0r1 (1.0.0-244.1495)

#2022/08/30 : 2.0r1 (1.0.0-244.1475)

#2022/07/29 : 2.0r1 (1.0.0-243.1460)

#2022/06/10 : 2.0r1 (1.0.0-241.1449)

#2022/05/03 : 2.0r1 (1.0.0-241.1393)

#2022/04/11 : 2.0r1 (1.0.0-240.1393)

#2022/03/29 : 2.0r1 (1.0.0-240.1392)

#2022/03/25 : 2.0r1 (1.0.0-239.1378)

#2022/03/17 : 2.0r1 (1.0.0-239.1377)

#2022/03/01 : 2.0r1 (1.0.0-238.1377)

#2022/02/25 : 2.0r1 (1.0.0-238.1352)

#2022/01/19 : 2.0r1 (1.0.0-238.1341)

#2022/01/13 : 2.0r1 (1.0.0-238.1340)

#2021/12/03 : 2.0r1 (1.0.0-238.1303)

#2021/12/02 : 2.0r1 (1.0.0-238.1284)

#2021/09/20 : 2.0r1 (1.0.0-236.1239)

#2021/09/07 : 2.0r1 (1.0.0-236.1230)

#2021/09/03 : 2.0r1 (1.0.0-235.1230)

#2021/08/13 : 2.0r1 (1.0.0-234.1215)

#2021/08/13 : 2.0r1 (1.0.0-234.1213)

#2021/07/09 : 2.0r1 (1.0.0-232.1197)

#2021/06/28 : 2.0r1 (1.0.0-232.1173)

#2021/06/18 : 2.0r1 (1.0.0-232.1172)

#2021/06/17 : 2.0r1 (1.0.0-232.1161)

#2021/04/29 : 2.0r1 (1.0.0-232.1129)

#2021/04/02 : 2.0r1 (1.0.0-232.1092)

#2021/03/24 : 2.0r1 (1.0.0-231.1083)

#2021/03/18 : 2.0r1 (1.0.0-231.1077)

#2021/03/16 : 2.0r1 (1.0.0-231.1029)

#2021/02/12 : 2.0r1 (1.0.0-229.1029)

#2021/02/05 : 2.0r1 (1.0.0-229.1028)

#2021/02/01 : 2.0r1 (1.0.0-228.1017)

#2021/01/28 : 2.0r1 (1.0.0-228.1016)

#2021/01/08 : 2.0r1 (1.0.0-228.1008)

#2020/12/14 : 2.0r1 (1.0.0-227.987)

#2020/11/24 : 2.0r1 (1.0.0-226.963)

#2020/11/18 : 2.0r1 (1.0.0-226.962)

#2020/11/04 : 2.0r1 (1.0.0-225.947)

#2020/10/19 : 2.0r1 (1.0.0-225.930)

#2020/10/08 : 2.0r1 (1.0.0-224.917)

#2020/10/02 : 2.0r1 (1.0.0-224.905)

#2020/09/18 : 2.0r1 (1.0.0-224.877)

#2020/08/13 : 2.0r1 (1.0.0-224.859)

#2020/07/31 : 2.0r1 (1.0.0-222.851)

#2020/06/30 : 2.0r1 (1.0.0-222.773)

#2020/06/05 : 2.0r1 (1.0.0-222.771)

#2020/05/26 : 2.0r1 (1.0.0-222.760)

#2020/05/22 : 2.0r1 (1.0.0-222.735)

#2020/05/12 : 2.0r1 (1.0.0-222.729)

#2020/04/21 : 2.0r1 (1.0.0-221.698)

#2020/04/01 : 2.0r1 (1.0.0-220.698)

#2020/03/27 : 2.0r1 (1.0.0-219.645)

#2020/03/17 : 2.0r1 (1.0.0-217.645)

#2020/03/06 : 2.0r1 (1.0.0-217.640)

#2020/03/05 : 2.0r1 (1.0.0-215.640)

#2020/03/04 : 2.0r1 (1.0.0-213.621)

#2020/02/20 : 2.0r1 (1.0.0-213.582)

#2020/02/12 : 2.0r1 (1.0.0-213.581)