#2024/01/17 : 2.7r1 (1.0.0-306.1077)

• BUG/MINORmux-quicdo not prevent non-STREAM sending on flow control
• BUG/MEDIUMspoeNever create new spoe applet if there is no server up
• BUG/MEDIUMstconnForward shutdown on write timeout only if it is forwardable
• BUG/MEDIUMh3fix incorrect snd_buf return value
• CLEANUPquicRemaining useless code into server part
• BUG/MINORh3close connection on sending alloc errors
• BUG/MINORh3properly handle alloc failure on finalize
• BUG/MINORh3close connection on header list too big
• MINORh3check connection error during sending
• BUG/MINORmux-quicalways report error to SC on RESET_STREAM emission
• BUG/MEDIUMstatsunhandled switching rules with TCP frontend
• MINORstatsstore the parent proxy in stats ctx (http)
• DOCconfigUpdate documentation about local haproxy response
• BUG/MINORresolversdefault resolvers fails when network not configured
• BUG/MEDIUMmux-h2Report too large HEADERS frame only when rxbuf is empty
• BUG/MEDIUMquicQUIC CID removed from tree without locking
• BUG/MINORmworker/clifix set severity-output support
• DOCconfigurationtypo req.ssl_hello_type

#2023/12/14 : 2.7r1 (1.0.0-305.1059)

• BUG/MEDIUMproxyalways initialize the default settings after init
• BUG/MINORquicPossible leak of TX packets under heavy load
• BUG/MEDIUMquicPossible crash during retransmissions and heavy load
• BUG/MINORcacheRemove incomplete entries from the cache when stream is closed
• DOCClarify the differences between field() and word()
• BUG/MINORsampleMake the `word` converter compatible with `-m found`
• REGTESTSsampleTest the behavior of consecutive delimiters for the field converter
• DOCconfigfix monitor-fail typo
• DOCconfigadd matrix entry for max-session-srv-conns
• DOCconfigspecify supported sections for max-session-srv-conns
• BUG/MINORcfgparse-listenfix warning being reported as an alert
• BUG/MINORconfigStopped parsing upon unmatched environment variables
• BUG/MINORquic_tpfix preferred_address decoding
• DOCconfigfix missing characters in set-spoe-group action
• BUG/MINORh3always reject PUSH_PROMISE
• BUG/MINORh3fix TRAILERS encoding
• BUG/MINORquicfix CONNECTION_CLOSE_APP encoding
• DOCluafix Proxy.get_mode() output
• DOCluaadd sticktable class reference from Proxy.stktable
• REGTESTSconnectiondisable http_reuse_be_transparent.vtc if !TPROXY
• DOCconfigfix timeout check inheritance restrictions
• DOC51dupdated 51Degrees repo URL for v3.2.10
• BUG/MINORserverdo not leak default-server in defaults sections
• BUG/MINORquicPossible RX packet memory leak under heavy load
• BUG/MEDIUMquicPossible crash for connections to be killed
• BUG/MINORsockmark abns sockets as non-suspendable and always unbind them
• BUG/MINORstartupset GTUNE_SOCKET_TRANSFER correctly
• REGTESTShttpadd a test to validate chunked responses delivery
• BUG/MINORproxy/stktablemissing frees on proxy cleanup
• MINORstktableadd stktable_deinit function
• BUG/MINORstream/clireport correct stream age in show sess
• BUG/MEDIUMmux-fcgifail earlier on malloc in takeover()
• BUG/MEDIUMmux-h1fail earlier on malloc in takeover()
• BUG/MEDIUMmux-h2fail earlier on malloc in takeover()
• BUG/MAJORquiccomplete thread migration before tcp-rules
• BUG/MINORstconnUse HTX-aware channel's functions to get info on buffer
• BUG/MINORstconnFix streamer detection for HTX streams
• MINORchannelAdd functions to get info on buffers and deal with HTX streams
• MINORhtxUse a macro for overhead induced by HTX

#2023/11/16 : 2.7r1 (1.0.0-305.1020)

• BUG/MEDIUMquicfix sslconns on quic_conn alloc failure
• BUG/MEDIUMquicfix actconn on quic_conn alloc failure
• MEDIUMquiccount quic_conn for global sslconns
• MEDIUMquiccount quic_conn instance for maxconn
• BUG/MEDIUMstreamDon't call mux .ctl() callback if not implemented
• BUG/MEDIUMmworkerset the master variable earlier
• BUG/MINORhttp-clientDon't forget to commit changes on HTX message
• REGTESTShttpImprove script testing abortonclose option
• BUG/MEDIUMstreamProperly handle abortonclose when set on backend only
• MEDIUMmux-h1Handle MUX_SUBS_RECV flag in h1_ctl() and susbscribe for reads
• MINORconnectionAdd a CTL flag to notify mux it should wait for reads again
• BUG/MINORstconnHandle abortonclose if backend connection was already set up
• BUG/MEDIUMconnectionreport connection errors even when no mux is installed
• DOCquicWrong syntax for quic-cc-algo keyword.
• BUG/MINORsinkdon't learn srv port from srv addr
• BUG/MEDIUMappletRemove appctx from buffer wait list on release
• DOCconfiguse the word 'backend' instead of 'proxy' in 'track' description
• BUG/MINORquicfix retry token check inconsistency
• DOCmanagement-q is quiet all the time
• BUG/MEDIUMquicAvoid some crashes upon TX packet allocation failures
• BUG/MEDIUMquicPossible crashes when sending too short Initial packets
• BUG/MEDIUMquicAvoid trying to send ACK frames from an empty ack ranges tree
• BUG/MINORquicidle timer task requeued in the past
• BUG/MEDIUMpoolfix releasable pool calculation when overloaded
• BUG/MEDIUMfreq-ctrDon't report overshoot for long inactivity period
• BUG/MINORmux-h1Properly handle http-request and http-keep-alive timeouts
• BUG/MINORstick-table/cliCheck for invalid ipv4 key
• CLEANUPhtxProperly indent htx_reserve_max_data() function
• BUG/MEDIUMpatterndon't trim pools under lock in pat_ref_purge_range()
• BUG/MINORcfgparse/stktablefix error message on stktable_init() failure
• BUG/MINORstktablemissing free in parse_stick_table()
• BUG/MINORtcpcheckReport hexstring instead of binary one on check failure
• BUG/MEDIUMsslsegfault when cipher is NULL
• BUG/MINORmux-quicfix early close if unset client timeout
• BUG/MINORsslsuboptimal certificate selection with TLSv1.3 and dual ECDSA/RSA
• MINORfrontendimplement a dedicated actconn increment function
• BUG/MINORssluse a thread-safe sslconns increment
• BUG/MINORquicdo not consider idle timeout on CLOSING state
• BUG/MEDIUMserverproto not working for dynamic servers
• MINORconnectionadd conn_pr_mode_to_proto_mode() helper func
• DEBUGmux-h2/flagsfix list of h2c flags used by the flags decoder
• BUG/MINORsslload correctly @system-ca when ca-base is define
• DOCinternalfilters: fix reference to entities.pdf
• BUG/MINORmux-h2update tracked counters with req cnt/req err
• BUG/MINORmux-h2commit the current stream ID even on reject
• BUG/MEDIUMpeersFix synchro for huge number of tables
• BUG/MEDIUMpeersBe sure to always refresh recconnect timer in sync task
• BUG/MINORtracefix trace parser error reporting
• BUG/MINORmux-h2fix http-request and http-keep-alive timeouts again
• BUG/MEDIUMmux-h2Don't report an error on shutr if a shutw is pending
• BUG/MINORmux-h2make up other blocked streams upon removal from list
• BUG/MINORmux-h1Send a 400-bad-request on shutdown before the first request
• BUG/MEDIUMquic-connfree unsent frames on retransmit to prevent crash
• BUG/MINORmux-quicfix free on qcs-new fail alloc
• BUG/MINORh3strengthen host/authority header parsing
• BUG/MINORmux-quicsupport initial 0 max-stream-data
• BUG/MEDIUMmux-quicfix RESET_STREAM on send-only stream
• BUG/MINORquicreject packet with no frame
• BUG/MINORquicAvoid crashing with unsupported cryptographic algos
• BUG/MINORhq-interopsimplify parser requirement
• BUG/MEDIUMh1Ignore C-L value in the H1 parser if T-E is also set
• BUG/MINORmux-h1Ignore C-L when sending H1 messages if T-E is also set
• BUG/MINORmux-h1Handle read0 in rcv_pipe() only when data receipt was tried
• BUG/MEDIUMhluaInitialize appctx used by a lua socket on connect only
• MINORhluaTest the hlua struct first when the lua socket is connecting
• MINORhluaSave the lua socket's server in its context
• MINORhluaSave the lua socket's timeout in its context
• MINORhluaDon't preform operations on a not connected socket
• MINORhluaSet context's appctx when the lua socket is created
• BUG/MEDIUMhttp-anaTry to handle response before handling server abort

#2023/11/13 : 2.7r1 (1.0.0-305.950)

#2023/10/24 : 2.7r1 (1.0.0-303.950)

• BUG/MINORstreamfurther protect stream_dump() against incomplete sessions
• BUG/MINORstreamprotect stream_dump() against incomplete streams

#2023/10/17 : 2.7r1 (1.0.0-303.948)

• BUG/MEDIUMquic_connlet the scheduler kill the task when needed

#2023/10/16 : 2.7r1 (1.0.0-303.947)

• HAPEEDOCdocument the GPTSTR extensions in configuration.txt
• HAPEERevert GPTSTR

#2023/10/06 : 2.7r1 (1.0.0-302.945)

• BUG/MEDIUMhapee/addonsfix incorrect gpt index being used in sc-set-gptstr()
• HAPEEaddonsuse GPT arrays to store regular strings
• HAPEEmakefileautomatically build objects in addons/hapee_*
• HAPEEmakefileupdate the cleanup rule to also remove *.i from addons
• MINORhaproxypermit to register features during boot
• BUG/MEDIUMactionsalways apply a longest match on prefix lookup

#2023/10/04 : 2.7r1 (1.0.0-302.939)

• MINORhapeeupdate list of backports
• BUG/MINORmux-quicremove full demux flag on ncbuf release
• BUG/MEDIUMserver/clidon't delete a dynamic server that has streams
• MINORpatternfix pat_{parse,match}_ip() function comments
• BUG/MINORserveradd missing free for server->rdr_pfx
• BUG/MAJORmux-h2Report a protocol error for any DATA frame before headers
• BUG/MINORfreq_ctrfix possible negative rate with the scaled API
• BUG/MINORpromexfix backend_agg_check_status
• BUG/MEDIUMmux-fcgiDon't swap trash and dbuf when handling STDERR records
• BUG/MINORhlua/initcoroutine may not resume itself
• BUG/MEDIUMhluadon't pass stale nargs argument to lua_resume()
• CImusldrop shopt in workflow invocation
• CImuslhighlight section if there are coredumps
• BUG/MEDIUMconnectionfix pool free regression with recent ppv2 TLV patches
• MINORsampleAdd common TLV types as constants for fc_pp_tlv
• MINORsampleRefactor fc_pp_unique_id by wrapping the generic TLV fetch
• MINORsampleRefactor fc_pp_authority by wrapping the generic TLV fetch
• MEDIUMsampleAdd fetch for arbitrary TLVs
• MEDIUMconnectionGeneric, list-based allocation and look-up of PPv2 TLVs
• CLEANUP/MINORconnectionImprove consistency of PPv2 related constants

#2023/09/29 : 2.7r1 (1.0.0-302.919)

• BUG/MEDIUMhluastreams don't support mixing lua-load with lua-load-per-thread
• MINORhluaadd hlua_stream_ctx_prepare helper function
• BUG/MINORquicWrong cluster secret initialization
• BUG/MINORquicLeak of frames to send.
• BUILDbugmake BUG_ON() void to avoid a rare warning
• MINORhapeeupdate list of backports
• MEDIUMserver/sslpick another thread's session when we have none yet
• MINORserver/sslclear the shared good session index on failure
• MINORserver/sslmaintain an index of the last known valid SSL session
• MEDIUMserver/sslplace an rwlock in the per-thread ssl server session
• MEDIUMssl_sockalways use the SSL's server name, not the one from the tid
• CLEANUPsslkeep a pointer to the server in ssl_sock_init()
• DOCssladd some comments about the non-obvious session allocation stuff
• MINORssl_sockavoid iterating realloc(+1) on stored context

#2023/09/08 : 2.7r1 (1.0.0-301.904)

• MINORssladd support for 'curves' keyword on server lines

#2023/09/07 : 2.7r1 (1.0.0-301.903)

• MINORhapeeUpdate list of backported commit
• CIUpdate to actions/checkout@v4
• BUG/MINORhlua/actionincorrect message on E_YIELD error
• BUG/MEDIUMstconn/streamForward shutdown on write timeout
• BUG/MINORquicWrong RTT computation (srtt and rrt_var)
• BUG/MINORquicWrong RTT adjusments
• MINORhttpclientallow to configure the timeout.connect
• MINORhttpclientallow to configure the retries
• DOCconfigurationupdate examples for req.ver
• BUG/MEDIUMh1-htxEnsure chunked parsing with full output buffer
• BUG/MAJORquicReally ignore malformed ACK frames.
• BUG/MINORquicPossible skipped RTT sampling
• BUG/MEDIUMstconnDon't block sends if there is a pending shutdown
• BUG/MEDIUMstconnWake applets on sending path if there is a pending shutdown
• BUG/MINORchecksdo not queue/wake a bounced check
• BUG/MINORssl/clican't find .crt files when replacing a certificate
• BUILDimportguard plock.h against multiple inclusion
• BUG/MINORssl_sockfix possible memory leak on OOM
• DOCluafix core.register_action typo
• BUG/MINORhlua_fcnpotentially unsafe stktable_data_ptr usage
• IMPORTxxhashupdate xxHash to version 0.8.2
• MINORatomicmake sure to always relax after a failed CAS
• MINORthreadsinline the wait function for pthread_rwlock emulation
• IMPORTplockalso support inlining the int code
• BUILDMakefileadd the USE_QUIC option to make help
• SCRIPTSgit-show-backportsautomatic ref and base detection with -m
• DOCtypofix sc-set-gpt references
• BUG/MINORstktableallow sc-set-gpt(0) from tcp-request connection
• DEVflags/show-sess-to-flagsproperly decode fd.state
• BUG/MINORhluafix invalid use of lua_pop on error paths
• BUG/MEDIUMquicfix tasklet_wakeup loop on connection closing
• CIget rid of travis-ci wrapper for Coverity scan
• MINORsslallow to change the client-sigalgs on server lines
• MINORsslallow to change the server signature algorithm on server lines
• MINORsslallow to change the signature algorithm for client authentication
• MINORsslallow to change the server signature algorithm

#2023/08/17 : 2.7r1 (1.0.0-301.867)

#2023/08/11 : 2.7r1 (1.0.0-300.867)

• MINORpeersadd peers keyword registration
• BUG/MINORhttpskip leading zeroes in content-length values
• DOCclarify the handling of URL fragments in requests
• REGTESTShttp-rulesverify that we block '#' by default for normalize-uri
• BUG/MINORh3reject more chars from the :path pseudo header
• BUG/MINORh2reject more chars from the :path pseudo header
• BUG/MINORh1do not accept '#' as part of the URI component
• REGTESTShttp-rulesadd accept-invalid-http-request for normalize-uri tests
• MINORh2pass accept-invalid-http-request down the request parser
• MINORhttpadd new function http_path_has_forbidden_char()
• MINORistadd new function ist_find_range() to find a character range
• BUG/MAJORhttpreject any empty content-length header value
• BUG/MAJORh3reject header values containing invalid chars
• REORGhttpmove has_forbidden_char() from h2.c to http.h
• BUG/MAJORhttp-anaGet a fresh trash buffer for each header value replacement
• BUILDquicfix wrong potential NULL dereference
• BUG/MINORquicreappend rxbuf buffer on fake dgram alloc error
• BUG/MEDIUMquicconsume contig space on requeue datagram
• BUG/MEDIUMbwlimReset analyse expiration date when then channel analyse ends
• BUG/MEDIUMh3Be sure to handle fin bit on the last DATA frame
• BUG/MINORchunkfix chunk_appendf() to not write a zero if buffer is full
• DOCconfigurationdescribe Td in Timing events
• BUG/MEDIUMh3Properly report a C-L header was found to the HTX start-line
• MINORquicUseless call to SSL_CTX_set_quic_method()
• MINORquicMake ->set_encryption_secrets() be callable two times
• BUG/MINORcpusetremove the bogus proc from the cpu_map struct
• BUG/MINORconfigdo not detect NUMA topology when cpu-map is configured
• MINORcpusetadd cpu_map_configured() to know if a cpu-map was found
• BUG/MEDIUMlistenerAcquire proxy's lock in relax_listener() if necessary
• BUG/MINORquicMissing parentheses around PTO probe variable.
• BUG/MINORh1-htxReturn the right reason for 302 FCGI responses
• BUG/MINORhluaadd check for lua_newstate
• BUILDquicfix warning during compilation using gcc-6.5
• CIexplicitely highlight VTest result section if there's something
• CIadd naming convention documentation
• BUG/MINORhttpReturn the right reason for 302
• BUG/MINORsampleFix wrong overflow detection in add/sub conveters
• DOCconfigFix fc_src description to state the source address is returned
• BUG/MINORhluahlua_yieldk ctx argument should support pointers
• CLEANUPquicremove useless parameter 'key' from quic_packet_encrypt
• BUG/MEDIUMquictimestamp shared in token was using internal time clock
• BUG/MEDIUMquicmissing check of dcid for init pkt including a token
• BUG/MINORquicretry token remove one useless intermediate expand
• BUG/MEDIUMquictoken IV was not computed using a strong secret
• BUG/MINORconfigRemove final '\n' in error messages
• BUG/MINORsink/logproperly deinit srv in sink_new_from_logsrv()
• BUG/MINORsinkfix errors handling in cfg_post_parse_ring()
• BUG/MINORsinkinvalid sft free in sink_deinit()
• BUG/MINORlogfree errmsg on error in cfg_parse_log_forward()
• BUG/MINORlogfix multiple error paths in cfg_parse_log_forward()
• BUG/MINORlogfix missing name error message in cfg_parse_log_forward()
• BUG/MEDIUMlogimproper use of logsrv->maxlen for buffer targets
• MINORsink/apipass explicit maxlen parameter to sink_write()
• BUG/MINORlogLF upsets maxlen for UDP targets
• BUG/MINORringmaxlen warning reported as alert
• BUG/MINORringsize warning incorrectly reported as fatal error
• BUG/MINORsinkmissing sft free in sink_deinit()
• BUG/MEDIUMsinkinvalid server list in sink_new_from_logsrv()
• BUG/MINORcacheA 'max-age=0' cache-control directive can be overriden by a s-maxage
• BUG/MINORtcp_samplebc_{dst,src} return IP not INT
• CLEANUPquicRemove server specific about Initial packet number space
• MINORquicReduce the maximum length of TLS secrets
• MINORquicMove packet number space related functions
• MINORquicMove QUIC encryption level structure definition
• BUILDdebugavoid a build warning related to epoll_wait() in debug code
• MINORcompression/slzadd support for a pure flush of pending bytes
• IMPORTslzimplement a synchronous flush() operation
• BUG/MINORquicWrong endianess for version field in Retry token
• BUG/MINORquicWrong Retry paquet version field endianess
• BUG/MINORquicMissing random bits in Retry packet header
• BUG/MINORconfigfix stick table duplicate name check
• BUG/MEDIUMquicerror checking buffer large enought to receive the retry tag
• BUG/MINORquicPrevent deadlock with CID tree lock

#2023/06/22 : 2.7r1 (1.0.0-300.794)

• BUG/MINORmworkerleak of a socketpair during startup failure
• REGTESTSh1_host_normalization : Add a barrier to not mix up log messages
• DOCAdd tune.h2.max-frame-size option to table of contents
• BUG/MINORquicticks comparison without ticks API use
• BUG/MEDIUMmworkerincrease maxsock with each new worker
• BUG/MINORquicPossible endless loop in quic_lstnr_dghdlr()
• BUG/MINORquicPossible crash in quic_conn_prx_cntrs_update()
• BUG/MINORquicMissing initialization (packet number space probing)
• BUG/MINORnamespacemissing free in netns_sig_stop()
• BUG/MINORserverinherit from netns in srv_settings_cpy()
• BUG/MINORquicAddress inversion in show quic full
• BUG/MINORquicWrong encryption level flags checking

#2023/06/14 : 2.7r1 (1.0.0-300.782)

#2023/06/12 : 2.7r1 (1.0.0-299.782)

• BUG/MINORproxyadd missing interface bind free in free_proxy
• BUG/MINORcfgparse-tcpleak when re-declaring interface from bind line
• DOCconfigfix jwt_verify() example using var()
• DOCquicfix misspelled tune.quic.socket-owner
• BUILDinitprint rlim_cur as regular integer
• MINORinitpre-allocate kernel data structures on init

#2023/06/06 : 2.7r1 (1.0.0-298.776)

• MINORhapeeUpdate list of backported commit
• MINORcompressionImprove the way Vary header is added
• MINORhttp_htxadd http_append_header() to append value to header
• BUG/MINORspoeOnly skip sending new frame after a receive attempt
• CONTRIBAdd vi file extensions to .gitignore
• BUG/MINORquicPossible crash when SSL session init fails
• MINORquic/cliclarify the show quic help message
• MINORquicAdd QUIC connection statistical counters values to show quic
• DOCconfigFix bind/server/peer documentation in the peers section
• BUG/MINORmux-h2refresh the idle_timer when the mux is empty
• CLEANUPmux-quicrename internal functions
• CLEANUPmux-quicrename functions for mux_ops
• BUG/MEDIUMthreadsfix a tiny race in thread_isolate()
• BUG/MEDIUMmux-quiconly set EOI on FIN
• MINORquicfix stats naming for flow control BLOCKED frames
• MINORmux-quicremove nb_streams from qcc
• CLEANUPmux-quicremove unneeded fields in qcc

#2023/05/31 : 2.7r1 (1.0.0-298.759)

#2023/05/26 : 2.7r1 (1.0.0-297.759)

• SCRIPTSpublish-releaseupdate the umask to keep group write access
• BUG/MINORhluaunsafe hlua_lua2smp() usage
• MINORquicAdd a counter for sent packets
• MINORquicAdd some counters at QUIC connection level
• CLEANUPquicUseless tests in qc_rx_pkt_handle()
• CLEANUPquicIndentation fix quic_rx_pkt_retrieve_conn()
• MINORquicAlign show quic command help information
• BUG/MINORquicMissing Retry token length on receipt
• BUG/MINORquicWrong token length check (quic_generate_retry_token())
• MINORquicAdd low level traces (addresses, DCID)
• BUG/MEDIUMmux-h2Propagate termination flags when frontend SC is created
• MINORmux-h2Add a function to propagate termination flags from h2s to SE
• MINORmux-h2Set H2_SF_ES_RCVD flag when decoding the HEADERS frame
• MINORmux-quicreport error on stream-endpoint earlier
• MINORmux-quiconly set EOS on RESET_STREAM recv
• MINORmux-quicset both EOI EOS for stream fin
• DOC/MINORconfigFix typo in description for `ssl_bc` in configuration.txt
• MINORquicfix alignment of oneline show quic
• BUG/MINORquichandle Tx packet allocation failure properly
• MINORquicuse WARN_ON for encrypt failures
• MINORquicremove return val of quic_aead_iv_build()
• CLEANUPmux-quic/h3complete BUG_ON with comments
• DOCadd size format section to manual
• CIdrop Fedora m32 pipeline in favour of cross matrix

#2023/05/17 : 2.7r1 (1.0.0-297.735)

• DEVflags/show-sess-to-flagsadd support for color output
• DEVflags/show-sess-to-flagsonly retrieve hex digits from hex fields
• DEVflagsadd missing stream flags to show-sess-to-flags
• DEVflagsadd a script to decode most flags in the show sess all output
• MINORchecksmake sure spread-checks is used also at boot time
• REGTESTSlogReduce again response inspect-delay for last_rule.vtc
• BUG/MINORcheckspostpone the startup of health checks by the boot time
• MINORclockmeasure the total boot time
• DOCconfigClarify conditions to shorten the inspect-delay for TCP rules
• REGTESTSlogReduce response inspect-delay for last_rule.vtc
• BUG/MINORtcp-rulesDon't shortened the inspect-delay when EOI is set
• BUG/MEDIUMmux-quicfix EOI for request without payload
• MINORmux-quicuninline qc_attach_sc()
• MINORmux-quicproperly report end-of-stream on recv
• MINORmux-quicadd trace to stream rcv_buf operation
• BUG/MINORh3missing goto on buf alloc failure
• BUG/MINORmux-quichandle properly Tx buf exhaustion
• BUG/MEDIUMmux-h2make sure control frames do not refresh the idle timeout
• BUG/MINORmux-quicfree task on qc_init() app ops failure
• BUG/MINORmux-quicdifferentiate failure on qc_stream_desc alloc
• BUG/MINORquicdo not alloc buf count on alloc failure
• BUG/MINORmux-quichandle properly recv ncbuf alloc failure
• BUG/MINORmux-quicproperly handle buf alloc failure
• MINORmux-quicremove dedicated function to handle standalone FIN
• MINORhtxadd function to set EOM reliably
• BUG/MINORquicWrong redispatch for external data on connection socket
• BUG/MINORlogfix memory error handling in parse_logsrv()
• BUG/MINORerrorshandle malloc failure in usermsgs_put()
• BUG/MINORhttp_rulesfix errors paths in http_parse_redirect_rule()
• MINORproxyadd http_free_redirect_rule() function
• BUG/MINORproxymissing free in free_proxy for redirect rules
• BUG/MEDIUMmux-fcgiDon't request more room if mux is waiting for more data
• MEDIUMmux-quicadjust transport layer error handling
• MEDIUMquicstreamline error notification
• MINORmux-quicsimplify return path of qc_send()
• MINORmux-quicfactorize send subscribing
• MINORmux-quicdo not send STREAM frames if already subscribe
• MINORmux-quicadd traces for stream wake
• BUG/MINORmux-quicno need to subscribe for detach streams
• BUG/MINORmux-quicdo not free frame already released by quic-conn
• BUG/MINORmux-quicdo not prevent shutw on error
• BUG/MINORquicBuggy acknowlegments of acknowlegments function
• BUG/MEDIUMfiltersDon't deinit filters for disabled proxies during startup
• MINORspoeDon't stop disabled proxies
• BUILDmjsonFix warning about unused variables
• BUG/MINORquicPossible crash when dumping version information
• BUG/MEDIUMmux-quicwakeup tasklet to close on error
• BUG/MINORmux-quicfix transport VS app CONNECTION_CLOSE
• DOCconfigurationadd info about ssl-engine for 2.6
• BUILDsslbuggy -Werror=dangling-pointer since gcc 13.0
• BUG/MINORquicWrong key update cipher context initialization for encryption
• CLEANUPquicTypo fix for quic_connection_id pool
• CLEANUPquicRename several <buf> variables in quic_frame.(c|h)
• CLEANUPquicNo more used q_buf structure
• BUILDthreadimplement thread_harmless_end_sig() for threadless builds
• BUILDquicfix build warning when threads are disabled
• BUILDdebugdo not check the isolated_thread variable in non-threaded builds
• MINORquicimplement oneline format for show quic
• MINORquicadd format argument for show quic
• BUG/MINORdebugdo not emit empty lines in thread dumps
• MINORmux-quicclose connection asap on local error
• MINORmux-quicreport local error on stream endpoint asap
• MINORmux-quicadjust local error API
• MINORmux-quicwake up after recv only if avail data
• MINORmux-quicadd trace event for local error
• BUG/MINORmux-quicprevent quic_conn error code to be overwritten
• BUG/MINORdebugfix incorrect profiling status reporting in show threads
• DEVharingupdate readme to suggest using the same build options for haring
• DEVharingautomatically disable DEBUG_STRICT
• BUG/MINORssl/samplex509_v_err_str converter output when not found
• MINORquicuse real sending rate measurement
• BUG/MINORresolversUse sc_need_room() to wait more room when dumping stats
• BUG/MEDIUMspoeDon't start new applet if there are enough idle ones
• BUILDsslswitch LibreSSL to Fastly CDN
• CIswitch to Fastly CDN to download LibreSSL
• MINORlistenerremove the now useless LI_F_QUIC_LISTENER flag
• BUG/MINORtoolscheck libssl and libcrypto separately
• MINORpoolsreport a replaced memory allocator instead of just malloc_trim()
• BUG/MINORpoolsrestore detection of built-in allocator
• MEDIUMtoolsfurther relax dlopen() checks too consider grouped symbols
• MINORtoolsrelax dlopen() on malloc/free checks
• MINORpatternuse trim_all_pools() instead of a conditional malloc_trim()
• MINORpoolsexport trim_all_pools()
• MEDIUMpoolsmove the compat code from trim_all_pools() to malloc_trim()
• MINORpoolsintercept malloc_trim() instead of trying to plug holes
• MINORpoolsmake sure 'no-memory-trimming' is always used
• BUG/MINORillegal use of the malloc_trim() function if jemalloc is used
• BUG/MINORquicfix race on quic_conns list during affinity rebind
• MINORquicfinalize affinity change as soon as possible
• MINORmux-quicdo not allocate Tx buf for empty STREAM frame
• MINORmux-quicdo not set buffer for empty STREAM frame
• BUG/MINORquicprevent buggy memcpy for empty STREAM
• BUG/MEDIUMmux-quicimprove streams fairness to prevent early timeout
• BUG/MEDIUMmux-quicdo not emit RESET_STREAM for unknown length
• CLEANUPquicRename several <buf> variables into quic_sock.c
• CLEANUPquicRename <buf> variable into qc_parse_hd_form()
• CLEANUPquicRename <buf> variable into quic_packet_read_long_header()
• CLEANUPquicRename several <buf> variables at low level
• CLEANUPquicRename quic_get_dgram_dcid() <buf> variable
• CLEANUPquicMake qc_build_pkt() be more readable
• CLEANUPquicRename <buf> variable for several low level functions
• CLEANUPquicRename <buf> variable into quic_rx_pkt_parse()
• CLEANUPquicRename <buf> variable into quic_padding_check()
• CLEANUPquicRename <buf> variable to <token> in quic_generate_retry_token()
• CLEANUPquicRemove useless parameters passes to qc_purge_tx_buf()
• CLEANUPquicrename frame variables
• CLEANUPquicrename frame types with an explicit prefix
• BUG/MINORquicUseless I/O handler task wakeups (draining, killing state)
• BUG/MINORquicUseless probing retransmission in draining or killing state
• BUG/MINORquicPossible leak during probing retransmissions
• BUG/MINORquicPossible memory leak from TX packets
• MINORquicMove traces at proto level
• BUILDproto_tcpexport the correct names for proto_tcpv[46]
• BUILDsock_inetforward-declare struct receiver
• BUG/MINORconfigfix NUMA topology detection on FreeBSD
• CIcirrus-cibump FreeBSD image to 13-1
• BUG/MINORcliclarify error message about stats bind-process
• MINORlistenerremove unneeded local accept flag
• MAJORquicsupport thread balancing on accept
• MINORquicproperly finalize thread rebinding
• MEDIUMquicimplement thread affinity rebinding
• MINORfdimplement fd_migrate_on() to migrate on a non-local thread
• MINORfdadd a lock bit with the tgid
• MINORfdoptimize fd_claim_tgid() for use in fd_insert()
• MINORquicdelay post handshake frames after accept
• MINORprotocoldefine new callback set_affinity
• MINORquicdo not proceed to accept for closing conn
• MEDIUMquichandle conn bootstrap/handshake on a random thread
• MINORquicremove TID encoding in CID
• MEDIUMquicuse a global CID trees list
• BUG/MINORserverdon't use date when restoring last_change from state file
• BUG/MINORserverdon't miss server stats update on server state transitions
• BUG/MINORserverdon't miss proxy stats update on server state transitions
• MINORserverexplicitly commit state change in srv_update_status()
• BUG/MINORserverincorrect report for tracking servers leaving drain

#2023/04/21 : 2.7r1 (1.0.0-297.600)

• MINORhapeeUpdate list of backported commit
• MINORserver/event_hdlprepare for server event data wrapper
• MINORevent_hdlprovide event->when for advanced handlers
• MINORevent_hdldynamically allocated event data members
• CLEANUPevent_hdlfix comment typo about _sync assertion
• CLEANUPevent_hdlupdating obsolete comment for EVENT_HDL_CB_DATA
• BUG/MINORevent_hdldon't waste 1 event subtype slot
• MINORserver/event_hdlprepare for upcoming refactors
• MINORserver/event_hdladd proxy_uuid to event_hdl_cb_data_server
• MINORproxyadd findserver_unique_id() and findserver_unique_name()
• MINORevent_hdlpause/resume for subscriptions
• MINORevent_hdladd event_hdl_async_equeue_size() function
• MINORevent_hdladd event_hdl_async_equeue_isempty() function
• MINORevent_hdlnormal tasks support for advanced async mode
• BUG/MEDIUMevent_hdlfix async data refcount issue
• BUG/MEDIUMevent_hdlclean soft-stop handling
• MINORevent_hdlglobal sublist management clarification
• BUG/MINORevent_hdlmake event_hdl_subscribe thread-safe
• BUG/MINORevent_hdlfix rid storage type
• BUG/MEDIUMUpdate read expiration date on synchronous send
• BUG/MINORquicconsume Rx datagram even on error
• BUG/MINORquicprevent crash on qc_new_conn() failure
• BUG/MINORh3fix crash on h3s alloc failure
• BUG/MINORmux-quicproperly handle STREAM frame alloc failure
• BUG/MINORmux-quicfix crash with app ops install failure
• BUG/MINORquicWrong Retry token generation timestamp computing
• BUG/MINORquicUnchecked buffer length when building the token
• MINORquicDo not allocate too much ack ranges
• BUG/MINORquicStop removing ACK ranges when building packets
• BUG/MINORcfgparsemake sure to include openssl-compat
• BUG/MEDIUMquicprevent crash on Retry sending
• CLEANUPbackendRemove useless debug message in assign_server()
• BUG/MINORquictransform qc_set_timer() as a reentrant function
• MINORquicremove TID ref from quic_conn
• MINORquicadjust quic CID derive API
• MINORquicadjust Rx packet type parsing
• MINORquicremove uneeded tasklet_wakeup after accept
• CLEANUPquicrename quic_connection_id vars
• CLEANUPquicremove unused qc param on stateless reset token
• CLEANUPquicremove unused scid_node
• CLEANUPquicremove unused QUIC_LOCK label
• BUG/MINORtaskallow to use tasklet_wakeup_after with tid -1
• BUG/MEDIUMlogProperly handle client aborts in syslog applet
• MINORsslremove OpenSSL 1.0.2 mention into certificate loading error
• BUG/MINORquicDo not use ack delay during the handshakes
• REGTESTSfix the race conditions in log_uri.vtc
• BUG/MINORstreamFix test on SE_FL_ERROR on the wrong entity
• CIbump actions/checkout to v3 for cross zoo matrix
• BUG/MINORquicWrong Application encryption level selection when probing
• MINORquicRemove a useless test about probing in qc_prep_pkts()
• MINORquicDisplay the packet number space flags in traces
• BUG/MINORquicSIGFPE in quic_cubic_update()
• BUG/MINORquicPossible wrapped values used as ACK tree purging limit.
• BUG/MEDIUMquicCode sanitization about acknowledgements requirements
• MINORquicAdd connection flags to traces
• BUG/MINORquicIgnored less than 1ms RTTs
• MINORquicAdd packet loss and maximum cc window to show quic
• BUG/MEDIUMfddon't wait for tmask to stabilize if we're not in it.
• BUG/MINORstick_tablealert when type len has incorrect characters
• MINORactivityadd a line reporting the average CPU usage to show activity
• MINORquicAdd a trace for packet with an ACK frame
• MINORquicDump more information at proto level when building packets
• MINORquicModify qc_try_rm_hp() traces
• BUG/MINORquicWrong packet number space probing before confirmed handshake
• MINORquicTrace fix in quic_pto_pktns() (handshaske status)
• BUG/MEDIUMresolversForce the connect timeout for DNS resolutions
• BUG/MINORresolversWakeup DNS idle task on stopping
• BUG/MEDIUMdnsKill idle DNS sessions during stopping stage
• BUILDcompilerfix __equals_1() on older compilers
• BUG/MINORerrorsinvalid use of memprintf in startup_logs_init()
• BUG/MINORmworkerunset more internal variables from program section
• MINORquicremove address concatenation to ODCID
• MINORquicremove ODCID dedicated tree
• MINORquicderive first DCID from client ODCID
• BUG/MINORquicPossible crashes in qc_idle_timer_task()
• BUG/MINORhttp-anaDon't switch message to DATA when waiting for payload
• MINORhttp-anaAdd a HTTP_MSGF flag to state the Expect header was checked
• BUG/MEDIUMhluaprevent deadlocks with main lua lock
• MINORhluasimplify lua locking
• BUG/MINORhluaprevent function and table reference leaks on errors
• BUG/MINORhluafix reference leak in hlua_post_init_state()
• BUG/MINORhluafix reference leak in core.register_task()
• MINORhluaadd simple hlua reference handling API
• CLEANUPhluafix conflicting comment in hlua_ctx_destroy()
• BUG/MINORhluaenforce proper running context for register_x functions
• BUG/MINORhluahook yield does not behave as expected
• BUG/MINORlogfree log forward proxies on deinit()
• BUG/MINORsinkfree forward_px on deinit()
• BUG/MINORstatsproperly handle server stats dumping resumption
• BUG/MINORserver/delfix srv->next pointer consistency
• MINORserveradd SRV_F_DELETED flag
• BUG/MEDIUMdnsProperly handle error when a response consumed
• BUG/MEDIUMchannelImprove reports for shut in co_getblk()
• BUG/MINORquicPossible wrong PTO computing
• BUILDquic32bits compilation issue in cli_io_handler_dump_quic()
• BUG/MINORquicWrong idle timer expiration (during 20s)
• BUG/MINORquicUnexpected connection closures upon idle timer task execution
• MINORquicAdd trace to debug idle timer task issues
• DOCconfigstrict-sni allows to start without certificate
• MINORhttp-actemit a warning when a header field name contains forbidden chars
• BUG/MINORquicRemove useless BUG_ON() in newreno and cubic algo implementation
• BUG/MAJORquicCongestion algorithms states shared between the connection
• MINORquicAdd missing traces in cubic algorithm implementation
• BUG/MINORquicCubic congestion control window may wrap
• BUG/MINORquicRemaining useless statements in cubic slow start callback
• BUG/MINORquicWrong rtt variance computing
• MEDIUMquicAck delay implementation
• MINORquicTraces adjustments at proto level.
• MINORquicAdjustments for generic control congestion traces
• MINORquicImplement cubic state trace callback
• BUG/MINORquicMissing max_idle_timeout initialization for the connection
• BUG/MINORquicWrong use of now_ms timestamps (newreno algo)
• MINORquicAdd recovery related information to show quic
• BUG/MINORquicWrong use of now_ms timestamps (cubic algo)
• BUG/MINORbackendmake be_usable_srv() consistent when stopping
• BUG/MEDIUMproxy/sktableprevent watchdog trigger on soft-stop
• DOC/MINORreformat configuration.txt's quoting and escaping table
• MINORproxy/poolprevent unnecessary calls to pool_gc()
• BUG/MINORquicMissing padding in very short probe packets
• BUG/MEDIUMmux-h2Be able to detect connection error during handshake
• BUILDdaextends CFLAGS to support API v3 from 3.1.7 and onwards.
• BUG/MINORsslssl-(min|max)-ver parameter not duplicated for bundles in crt-list
• BUG/MINORquicMissing STREAM frame type updated
• BUG/MINORapplet/newfix sedesc freeing logic
• BUG/MEDIUMmux-h1Wakeup H1C on shutw if there is no I/O subscription
• DOCconfigset-var() dconv rendering issues
• BUG/MEDIUMstatsConsume the request except when parsing the POST payload
• MINORmux-quicclose on frame alloc failure
• MINORmux-quicclose on qcs allocation failure
• MINORmux-quicensure CONNECTION_CLOSE is scheduled once per conn
• MINORmux-quicinterrupt qcc_recv*() operations if CC scheduled
• BUG/MINORmux-quicprevent CC status to be erased by shutdown
• BUG/MINORh3properly handle incomplete remote uni stream type
• MINORmux-quicadd flow-control info to minimal trace level
• MINORmux-quicadjust trace level for MAX_DATA/MAX_STREAM_DATA recv
• MINORmux-quiccomplete traces for qcs emission
• BUG/MEDIUMmux-quicrelease data from conn flow-control on qcs reset
• BUG/MINORtracefix hardcoded level for TRACE_PRINTF
• BUG/MINORquicignore congestion window on probing for MUX wakeup
• BUG/MINORquicwake up MUX on probing only for 01RTT
• BUG/MEDIUMappletonly set appctx->sedesc on successful allocation
• BUG/MEDIUMmux-h1properly destroy a partially allocated h1s
• BUG/MINORstconnfix sedesc memory leak on stream allocation failure
• BUG/MEDIUMstconndon't set the type before allocation succeeds
• BUG/MEDIUMmux-h2erase h2c->wait_event.tasklet on error path
• BUG/MEDIUMmux-h2do not try to free an unallocated h2s->sd
• BUG/MEDIUMstreamdo not try to free a failed stream-conn
• BUG/MINORquicDysfunctional 01RTT packet number space probing
• MINORquicStop stressing the acknowledgments process (RX ACK frames)
• MINORproto_uxability to dump ABNS names in error messages
• MEDIUMproto_uxproperly suspend named UNIX listeners
• BUG/MEDIUMlistener/proxyfix listeners notify for proxy resume
• MINORlistenerpause_listener() becomes suspend_listener()
• BUG/MEDIUMresume from LI_ASSIGNED in default_resume_listener()
• BUG/MINORlistenerfix resume_listener() resume return value handling
• BUG/MEDIUMlistenerfix pause_listener() suspend return value handling
• MINORlistenermake sure we don't pause/resume bypassed listeners
• MINORlistenerworkaround for closing a tiny race between resume_listener() and stopping
• MINORlisteneradd relax_listener() function
• MINORlistener/apiadd lli hint to listener functions
• MINORproto_uxstadd resume method

#2023/03/17 : 2.7r1 (1.0.0-296.438)

• MINORhapeeupdate list of backported patches
• MINORssl-sockpass the CO_SFL_MSG_MORE info down the stack
• MINORmux-h2set CO_SFL_MSG_MORE when sending multiple buffers
• MINORbufferadd br_count() to return the number of allocated bufs
• OPTIMmux-h1limit first read size to avoid wrapping
• BUG/MAJORqpackfix possible read out of bounds in static table
• MINORdocmissing entries for sc-add-gpc()
• MINORstick-tableadd sc-add-gpc() to http-after-response
• BUG/MINORsock_unixmatch finalname with tempname in sock_unix_addrcmp()
• BUG/MINORprotocolfix minor memory leak in protocol_bind_all()
• BUG/MINORproto_uxreport correct error when bind_listener fails
• BUG/MEDIUMspoeDon't set the default traget for the SPOE agent frontend
• BUG/MINORmux-h2Fix possible null pointer deref on h2c in _h2_trace_header()
• MEDIUMmux-h2/traceadd tracing support for headers
• MINORh2add h2_phdr_to_ist() to make ISTs from pseudo headers
• BUG/MEDIUMlistenerduplicate inherited FDs if needed
• BUG/MINORquicMissing STREAM frame data pointer updates
• BUG/MINORmux-h2set CO_SFL_STREAMER when sending lots of data
• BUG/MEDIUMmux-h2only restart sending when mux buffer is decongested
• MINORbufferadd br_single() to check if a buffer ring has more than one buf
• BUG/MINORmux-h2make sure the h2c task exists before refreshing it
• BUG/MEDIUMconnectionPreserve flags when a conn is removed from an idle list
• BUG/MINORquicMissing STREAM frame length updates
• BUG/MINORtcp_samplefix a bug in fc_dst_port and fc_dst_is_local sample fetches
• BUG/MEDIUMmux-h1Don't block SE_FL_ERROR if EOS is not reported on H1C
• DEBUGssl-sock/show_fdDisplay SSL error code
• DEBUGcli/show_fdDisplay connection error code
• BUG/MEDIUMresolversProperly stop server resolutions on soft-stop
• BUG/MEDIUMproxyproperly stop backends on soft-stop
• BUG/MINORmux-h1Don't report an H1C error on client timeout

#2023/03/13 : 2.7r1 (1.0.0-293.408)

• MINORjwtAdd support for RSA-PSS signatures (PS256 algorithm)
• BUG/MEDIUMmux-ptSet EOS on error on sending path if read0 was received
• MINORhapeeBackport an improvement about the bwlim filter
• MEDIUMbwlimSupport constants limit or period on set-bandwidth-limit actions

#2023/03/10 : 2.7r1 (1.0.0-293.404)

• DOC/CLEANUPfix typos
• MINORquic_sockun-statify quic_conn_sock_fd_iocb()
• BUG/MINORquicMissing listener accept queue tasklet wakeups
• BUG/MINORmworkeruse MASTER_MAXCONN as default maxconn value
• BUG/MAJORfd/threadsclose a race on closing connections after takeover
• BUG/MINORthreadreport thread and group counts in the correct order
• BUG/MINORinitproperly detect NUMA bindings on large systems
• MINORquicDo not stress the peer during retransmissions of lost packets
• MINORfd/clireport the polling mask in show fd
• BUG/MINORquicWrong RETIRE_CONNECTION_ID sequence number check
• MEDIUMquicrelease closing connections on stopping
• MINORquichandle new closing list in show quic
• MINORquiccreate a global list dedicated for closing QUIC conns
• MINORh3add traces on h3_init_uni_stream() error paths
• MINORquicAdd transport parameters to show quic
• MINORquicAdd spin bit support
• MINORquicUseless TLS context allocations in qc_do_rm_hp()
• MINORquicRETIRE_CONNECTION_ID frame handling (RX)
• MINORquicTypo fix for ACK_ECN frame
• MINORquicStore the next connection IDs sequence number in the connection
• MINORquicDo not accept wrong active_connection_id_limit values
• BUG/MINORmux-quicproperly init STREAM frame as not duplicated

#2023/03/07 : 2.7r1 (1.0.0-293.382)

• BUG/MAJORfd/threadfix race between updates and closing FD

#2023/03/06 : 2.7r1 (1.0.0-293.381)

• BUG/MEDIUMquicdo not crash when handling STREAM on released MUX
• MINORquicSend PING frames when probing Initial packet number space
• BUG/MINORquicMissing detections of amplification limit reached
• BUG/MINORquicDo not resend already acked frames
• BUG/MINORquicEnsure not to retransmit packets with no ack-eliciting frames
• BUG/MINORquicRemove force_ack for Initial,Handshake packets
• MINORquicAdd traces about QUIC TLS key update
• BUG/MINORquicv2 Initial packets decryption failed
• BUG/MINORquicEnsure to be able to build datagrams to be retransmitted
• MINORquicAdd a BUG_ON_HOT() call for too small datagrams
• BUG/MINORquicDo not send too small datagrams (with Initial packets)
• BUG/MINORclifix CLI handler set anon global-key call
• BUG/MEDIUMquicproperly handle duplicated STREAM frames
• BUG/MINORconfigcrt-list keywords mistaken for bind ssl keywords
• MINORsslrename confusing ssl_bind_kws
• BUG/MINORsslUse 'date' instead of 'now' in ocsp stapling callback
• BUG/MINORmxu-h1Report a parsing error on abort with pending data
• BUG/MINORhttp-anaDo a L7 retry on read error if there is no response
• BUG/MINORhttp-anaDon't increment conn_retries counter before the L7 retry
• MINORquicnotify on send ready
• MEDIUMquicimplement poller subscribe on sendto error
• MINORquicpurge txbuf before preparing new packets
• MINORquicimplement qc_notify_send()
• MINORquicsimplify return path in send functions
• BUG/MINORhttp-checkSkip C-L header for empty body when it's not mandatory
• BUG/MINORhttp-checkDon't set HTX_SL_F_BODYLESS flag with a log-format body
• BUG/MINORmux-h1Don't report an error on an early response close
• BUG/MEDIUMconnectionClear flags when a conn is removed from an idle list
• MINORquicconsider EBADF as critical on send()
• MEDIUMquicimprove fatal error handling on send
• CLEANUPlisteneronly store conn counts for local threads
• BUG/MEDIUMfdmake fd_delete() support being called from a different group
• BUG/MINORfdused the update list from the fd's group instead of tgid
• DOCconfigClarify the meaning of 'hold' in the 'resolvers' section
• BUG/MEDIUMh1-htxNever copy more than the max data allowed during parsing
• BUG/MEDIUMfdavoid infinite loops in fd_add_to_fd_list and fd_rm_from_fd_list
• BUILDtheadFix several 32 bits compilation issues with uint64_t variables
• BUG/MINORringdo not realign ring contents on resize
• BUILDquic32-bits compilation issue with %zu in quic_rx_pkts_del()
• BUG/MINORcacheCheck cache entry is complete in case of Vary
• BUG/MINORcacheCache response even if request has no-cache directive
• REGTESTSFix ssl_errors.vtc script to wait for connections close
• DOCconfigAdd the missing tune.fail-alloc option from global listing
• DOCconfigFix description of options about HTTP connection modes
• BUG/MEDIUMquicMissing TX buffer draining from qc_send_ppkts()
• MINORmux-h2/tracesadd a missing TRACE_LEAVE() in h2s_frt_handle_headers()
• MINORmux-h2/tracesdo not log h2s pointer for dummy streams
• MEDIUMquictrigger fast connection closing on process stopping
• MINORquicmark quic-conn as jobs on socket allocation
• MEDIUMmux-quicproperly implement soft-stop
• MINORmux-quicimplement client-fin timeout
• MINORmux-quicdefine qc_process()
• MINORmux-quicdefine qc_shutdown()
• MEDIUMh3enforce GOAWAY by resetting higher unhandled stream
• BUG/MINORh3prevent hypothetical demux failure on int overflow
• BUG/MINORquicacknowledge STREAM frame even if MUX is released
• BUG/MINORquicalso send RESET_STREAM if MUX released
• MINORquicadjust request reject when MUX is already freed
• BUG/MINORquicMissing padding for short packets
• BUG/MINORquicDo not drop too small datagrams with Initial packets
• BUG/MINORquicWrong initialization for io_cb_wakeup boolean
• BUG/MINORquicDo not probe with too little Initial packets
• MINORquicAdd <pto_count> to the traces
• MINORquicAdd a trace to identify connections which sent Initial packet.
• BUG/MINORquicMissing call to task_queue() in qc_idle_timer_do_rearm()
• MINORquicMake qc_dgrams_retransmit() return a status.
• MINORquicAdd traces to qc_kill_conn()
• MINORquicKill the connections on ICMP (port unreachable) packet receipt
• MINORquicSimplication for qc_set_timer()
• BUG/MINORquicReally cancel the connection timer from qc_set_timer()
• MINORquicMove code to wakeup the timer task to avoid anti-amplication deadlock
• MINORquicAdd new traces about by connection RX buffer handling
• BUG/MINORquicPossible unexpected counter incrementation on send*() errors
• MINORh3add traces on decode_qcs callback
• BUG/MINORmworkerprevent incorrect values in uptime
• BUG/MINORmux-quictransfer FIN on empty STREAM frame
• MINORh3/hq-interophandle no data in decode_qcs() with FIN set
• BUG/MEDIUMschedallow a bit more TASK_HEAVY to be processed when needed
• BUG/MINORschedproperly report long_rq when tasks remain in the queue
• BUG/MEDIUMwdtfix wrong thread being checked for sleeping
• BUG/MEDIUMstconnDon't rearm the read expiration date if EOI was reached
• BUG/MEDIUMhttpclient/luafix a race between lua GC and hlua_ctx_destroy
• BUG/MINORlua/httpclientmissing free in hlua_httpclient_send()
• MEDIUMhapeedoes not pass OPTION_LDFLAGS to modules

#2023/03/02 : 2.7r1 (1.0.0-293.297)

#2023/02/25 : 2.7r1 (1.0.0-292.297)

• MINORstartupHAPROXY_STARTUP_VERSION contains the version used to start
• BUG/MEDIUMmworkerdon't register mworker_accept_wrapper() when master FD is wrong
• BUG/MEDIUMmworkerprevent inconsistent reload when upgrading from old versions
• BUG/MINORmworkerstop doing strtok directly from the env
• BUG/MINORquicWrong datagram dispatch because of qc_check_dcid()
• BUG/CRITICALhttpproperly reject empty http header field names
• DOCproxy-protocolfix wrong byte in provided example
• BUG/MEDIUMquicBuffer overflow when looking through QUIC CLI keyword list
• BUG/MINORclock/statsalso use start_time not start_date in HTML info
• BUG/MINORmworkerfix uptime for master process
• BUG/MINORquicfix type bug on show quic for 32-bits arch
• BUG/MINORquicfix filtering of closing connections on show quic
• MINORquicfilter closing conn on show quic
• MINORquicdisplay Tx stream info on show quic
• MINORquicdisplay infos about various encryption level on show quic
• MINORquicdisplay socket info on show quic
• MINORquicdisplay CIDs and state in show quic
• MINORquicimplement a basic show quic CLI handler
• BUG/MEDIUMquicfix crash when option nolinger is set in the frontend
• BUG/MEDIUMstconnSchedule a shutw on shutr if data must be sent first
• BUG/MINORserver/addensure minconn/maxconn consistency when adding server
• MINORcfgparse/servermove (min/max)conn postparsing logic into dedicated function
• BUG/MINORh3fix crash due to h3 traces
• DOCconfig'http-send-name-header' option may be used in default section
• DOCconfigfix option spop-check proxy compatibility
• BUG/MEDIUMcacheuse the correct time reference when comparing dates
• BUG/MINORclockdo not mix wall-clock and monotonic time in uptime calculation
• BUG/MEDIUMstick-tabledo not leave entries in end of window during purge
• BUG/MINORssl/crt-listwarn when a line is malformated
• MINORquicUpdate version_information transport parameter to draft-14
• BUG/MEDIUMquicdo not split STREAM frames if no space
• BUG/MINORquicUnchecked source connection ID
• MEDIUMquicRemove qc_conn_finalize() from the ClientHello TLS callbacks
• BUG/MAJORquicPossible crash when processing 1-RTT during 0-RTT session
• MINORquicWhen probing Handshake packet number space, also probe the Initial one
• BUG/MINORquicDo not ignore coalesced packets in qc_prep_fast_retrans()
• MINORquicAdd a trace about variable states in qc_prep_fast_retrans()
• BUG/MINORquicToo big PTO during handshakes
• BUG/MINORquicPossible stream truncations under heavy loss
• CLEANUPquicno need for atomics on packet refcnt
• MINORquicadd config for retransmit limit
• MEDIUMquicimplement a retransmit limit per frame
• MINORquicrefactor frame deallocation
• MINORquicdefine new functions for frame alloc
• MINORquicensure offset is properly set for STREAM frames
• MINORquicremove fin from quic_stream frame type
• BUG/MINORstatsPrevent HTTP other sessions counter underflows
• MINORstatsadd by HTTP version cumulated number of sessions and requests
• BUG/MINORstatsfix STAT_STARTED behavior with full htx
• BUG/MINORstatsfix show stats field ctx for servers
• BUG/MINORstatsfix ctx->field update in stats_dump_proxy_to_buffer()
• BUG/MEDIUMstatsfix resolvers dump
• BUG/MINORstatsfix source buffer size for http dump
• BUG/MINORstatsuse proper buffer size for http dump
• BUG/MINORh3fix crash due to h3 traces
• BUG/MEDIUMsslwrong eviction from the session cache tree
• MINORh3add missing traces on closure
• BUG/MINORh3reject RESET_STREAM received for control stream
• BUG/MEDIUMh3handle STOP_SENDING on control stream
• MINORmux-quic/h3define stream close callback
• OPTIMh3skip buf realign if no trailer to encode
• BUG/MEDIUMh3do not crash if no buf space for trailers
• BUG/MINORfcgi-appprevent 'use-fcgi-app' in default section
• MINORtraceadd the long awaited TRACE_PRINTF()
• MINORtraceadd a trace_no_cb() dummy callback for when to use no callback
• MINORtraceadd a TRACE_ENABLED() macro to determine if a trace is active
• DEVhpackfix `trash` build regression
• BUG/MINORsinkfree the forwarding task on exit
• BUG/MINORringrelease the backing store name on exit
• BUG/MINORlogrelease global log servers on exit
• BUG/MEDIUMhpackfix incorrect huffman decoding of some control chars
• BUG/MEDIUMmux-quicfix crash on H3 SETTINGS emission
• BUG/MINORh3fix GOAWAY emission
• MINORmux-quic/h3send SETTINGS as soon as transport is ready
• MINORconnectionadd a BUG_ON() to detect destroying connection in idle list
• DEVharingadd a new option -r to automatically repair broken files
• BUG/MINORsinkmake sure to always properly unmap a file-backed ring
• MEDIUMquic-sockfix udp source address for send on listener socket
• BUG/MINORquicDo not request h3 clients to close its unidirection streams
• MINORhapeeadd a .hapee directory to list backporting notes
• MINORstick-tableimplement the sc-add-gpc() action
• MEDIUMstick-tableset the track-sc limit at boottime via tune.stick-counters
• MINORhttp-rulesAdd missing actions in http-after-response ruleset
• MINORserver/event_hdladd support for SERVER_UP and SERVER_DOWN events
• MINORserver/event_hdladd support for SERVER_ADD and SERVER_DEL events
• MINORstatsadd server revision id support
• MINORserveradd srv->rid (revision id) value
• DOC/MINORapiadd documentation for event_hdl feature
• MINORevent_hdladd event handler base api
• BUG/MINORjwtWrong return value checked
• BUILDhpackinclude global.h for the trash that is needed in debug mode
• BUG/MINORmux-h2add missing traces on failed headers decoding
• BUG/MINORmux-h2make sure to produce a log on invalid requests
• MINORh3implement TRAILERS decoding
• MINORh3implement TRAILERS encoding
• MINORh3extend function for QUIC varint encoding
• BUG/MINORh3properly handle connection headers
• BUG/MINORbwlimFix parameters check for set-bandwidth-limit actions
• BUG/MINORbwlimCheck scope for period expr for set-bandwitdh-limit actions
• BUG/MEDIUMdebug/threadmake the debug handler not wait for !rdv_requests
• MINORthreadsadd a thread_harmless_end() version that doesn't wait
• BUG/MINORthreadalways reload threads_enabled in loops
• BUG/MEDIUMfd/threadsfix again incorrect thread selection in wakeup broadcast
• BUG/MINORlistenerclose tiny race between resume_listener() and stopping
• BUG/MINORsslFix compilation with OpenSSL 1.0.2 (missing ECDSA_SIG_set0)
• BUG/MEDIUMjwtProperly process ecdsa signatures (concatenated R and S params)
• DOCconfigfix Address formats chapter syntax
• BUG/MINORmux-fcgiCorrectly set pathinfo
• MINORquicReplace v2 draft definitions by those of the final 2 version
• MINORsampleAdd quic_enabled sample fetch
• MINORquicAdd no-quic global option
• MINORquicDisable the active connection migrations
• MINORquicUseless test about datagram destination addresses
• BUG/MEDIUMstconnalso consider SE_FL_EOI to switch to SE_FL_ERROR
• CLEANUPstconnalways use se_fl_set_error() to set the pending error
• MINORlisteneralso support quic+ as an address prefix
• DOCconfigmention the missing quic4@ and quic6@ in protocol prefixes
• DOCconfigfix aliases for protocol prefixes udp4@ and udp6@
• DOCconfigfix wrong section number for protocol prefixes
• BUG/MINORlistenersfix suspend/resume of inherited FDs
• BUG/MINORhttp-anamake set-status also update txn->status
• BUG/MEDIUMmux-h2Don't send CANCEL on shutw when response length is unkown
• BUG/MINORhttp-fetchDon't block HTTP sample fetch eval in HTTP_MSG_ERROR state
• BUG/MINORhttp-anaReport SF_FINST_R flag on error waiting the request body
• BUG/MINORpromexDon't forget to consume the request on error
• BUG/MEDIUMpeersmake show peers more careful about partial initialization
• DEVtcploopadd minimal support for unix sockets
• BUG/MINORresolversWait the resolution execution for a do_resolv action
• BUG/MINORhluaFix Channel.line and Channel.data behavior regarding the doc
• BUG/MINORh1-htxRemove flags about protocol upgrade on non-101 responses
• MINORmux-quicuse send-list for immediate sending retry
• MINORmux-quicuse send-list for STOP_SENDING/RESET_STREAM emission
• MEDIUMh3send SETTINGS before STREAM frames
• MAJORmux-quicrework stream sending priorization
• MINORmux-quicadd traces for flow-control limit reach
• BUG/MINORmux-quicfix transfer of empty HTTP response
• DOCmanagementadd details about @system-ca in show ssl ca-file
• DOCmanagementadd details on Used status
• DOCconfigadded optional rst-ttl argument to silent-drop in action lists
• CLEANUPhtxfix a typo in an error message of http_str_to_htx
• BUG/MINORhttpMemory leak of http redirect rules' format string
• BUG/MINORfdavoid bad tgid assertion in fd_delete() from deinit()
• REGTESTfix the race conditions in hmac.vtc
• REGTESTfix the race conditions in digest.vtc
• REGTESTfix the race conditions in add_item.vtc
• REGTESTfix the race conditions in json_query.vtc
• BUG/MINORproxyfree orgto_hdr_name in free_proxy()
• DOCconfigremove duplicated http-response sc-set-gpt0 directive
• DOCconfigfix alphabetical ordering of http-after-response rules
• BUG/MAJORbufFix copy of wrapping output data when a buffer is realigned
• BUG/MINORhttp-fetchOnly fill txn status during prefetch if not already set
• MINORconfigadd environment variables for default log format
• CIReformat `matrix.py` using `black`
• CIExplicitly check environment variable against `None` in matrix.py
• CIUnify the `GITHUB_TOKEN` name across matrix.py and vtest.yml
• CIUse proper `if` blocks instead of conditional expressions in matrix.py
• CIAdd in-memory cache for the latest OpenSSL/LibreSSL
• CIImprove headline in matrix.py
• BUG/MINORstick-tablereport the correct action name in error message
• MINORcfgparse-sslavoid a possible crash on OOM in ssl_bind_parse_npn()
• BUG/MINORdebugdon't mask the TH_FL_STUCK flag before dumping threads
• BUILDmakefilemake sure to also ignore SSL_INC when using wolfssl
• BUILDmakefileclean the wolfssl include and lib generation rules
• BUILDmakefilesort the features list
• BUILDmakefilebuild the features list dynamically
• CIgithubuse the GITHUB_TOKEN instead of a manually generated token
• BUG/MINORmux-quicignore remote unidirectional stream close
• CIgithubenable github api authentication for OpenSSL tags read
• MINORh3use stream error when needed instead of connection
• MEDIUMmux-quicimplement STOP_SENDING emission
• MINORmux-quichandle RESET_STREAM reception
• MINORmux-quicdo not count stream flow-control if already closed
• MEDIUMmux-quicimplement shutw
• MINORhttpclientdon't add body when istlen is empty
• BUG/MINORpool/statsUse ullong to report total pool usage in bytes in stats
• BUG/MEDIUMmux-h2Refuse interim responses with end-stream flag set
• BUG/MINORquicdo not allocate more rxbufs than necessary
• BUG/MEDIUMquicproperly take shards into account on bind lines
• BUG/MEDIUMmux-quicfix double delete from qcc.opening_list
• REGTESTSsslenable the ssl_reuse.vtc test for WolfSSL
• OPTIMpoolsplit the read_mostly from read_write parts in pool_head
• BUG/MINORhttpclient/logfree of invalid ptr with httpclient_log_format
• MEDIUMhttpclientchange the default log format to skip duplicate proxy data
• BUG/MEDIUMstatsRely on a local trash buffer to dump the stats
• BUG/MINOR:mux-h1Never handle error at mux level for running connection
• BUG/MINORmux-h1Report EOS on parsing/internal error for not running stream
• BUG/MEDIUMtestsuse tmpdir to create UNIX socket
• REGTESTSstartupdisable automatic_maxconn.vtc
• BUG/MINORquicfix crash on PTO rearm if anti-amplification reset
• BUG/MINORstatsfix show stat json buffer limitation
• MINORstatsintroduce stats field ctx
• MINORstatsprovide ctx for dumping functions
• BUG/MINORsslFix memory leak of find_chain in ssl_sock_load_cert_chain
• MINORh3check return values of htx_add_* on headers parsing
• BUG/MINORh3fix memleak on HEADERS parsing failure
• BUG/MEDIUMh3fix cookie header parsing
• BUG/MINORmux-h1Fix test instead a BUG_ON() in h1_send_error()
• BUG/MEDIUMmux-h1Don't release H1 stream upgraded from TCP on error
• LICENSEwurflclarify the dummy library license.
• BUG/MINORmux-quichandle properly alloc error in qcs_new()
• BUG/MINORmux-quicremove qcs from opening-list on free
• CLEANUPmux-quicremove unused attribute on qcs_is_close_remote()
• BUG/MINORquichandle alloc failure on qc_new_conn() for owned socket
• BUG/MINORquicproperly handle alloc failure in qc_new_conn()
• BUG/MINORquicfix fd leak on startup check quic-conn owned socket
• MINORquicreconnect quic-conn socket on address migration
• MEDIUMquicrequeue datagrams received on wrong socket
• MINORmux-quicrename duplicate function names
• MEDIUMquicmove receive out of FD handler to quic-conn io-cb
• MEDIUMquicuse quic-conn socket for reception
• MINORquicuse connection socket for emission
• MINORquicallocate a socket per quic-conn
• MINORquicdefine config option for socket per conn
• MINORquictest IP_PKTINFO support for quic-conn owned socket
• MINORquicstartup detect for quic-conn owned socket support
• MINORquicignore address migration during handshake
• MINORquicdetect connection migration
• MINORtoolsadd port for ipcmp as optional criteria
• MINORquicextract datagram parsing code
• MINORquiccomplete traces in qc_rx_pkt_handle()
• MINORquicremove qc from quic_rx_packet
• CIgithubsplit matrix for development and stable branches
• CIgithubremove redundant ASAN loop
• MINORdebugadd a balance of alloc - free at the end of the memstats dump
• MINORdebugsupport pool filtering on debug dev memstats
• BUG/MEDIUMh3parse content-length and reject invalid messages
• MINORhttpextract content-length parsing from H2
• BUG/MEDIUMh3reject request with invalid pseudo header
• BUG/MEDIUMh3reject request with invalid header name
• REGTESTSstartupadd alternatives values in automatic_maxconn.vtc
• BUG/MEDIUMresolversUse tick_first() to update the resolvers task timeout
• BUG/MEDIUMfreq-ctrDon't compute overshoot value for empty counters
• CLEANUPsslremove check on srv->proxy
• REGTESTSstartupactivate automatic_maxconn.vtc
• CIgithubset ulimit -n to a greater value
• REGTESTSstartupchange the expected maxconn to 11000
• BUG/MINORstartupdon't use internal proxies to compute the maxconn
• REGTESTSstartupcheck maxconn computation
• REGTESTSfix the race conditions in iff.vtc
• BUG/MAJORfcgiFix uninitialized reserved bytes
• DOCpromexAdd missing backend metrics
• MINORpromexintroduce haproxy_backend_agg_check_status
• BUG/MINORpromexcreate haproxy_backend_agg_server_status
• MINORpoolsmake DEBUG_UAF a runtime setting
• DEBUGpoolshow a few examples in -dMhelp
• CLEANUPpoolsget rid of CONFIG_HAP_POOLS
• REORGpoolmove all the OS specific code to pool-os.h
• CLEANUPpoolonly include pool-os from pool.c not pool.h
• CLEANUPpoolsmove the write before free to the uaf-only function
• BUG/MEDIUMhttpclient/luadouble LIST_DELETE on end of lua task
• BUILDmakefile/daalso clean Os/ in Device Atlas dummy lib dir
• BUILDatomicatomic.h may need compiler.h on ARMv8.2-a
• BUG/MINORinit/threadscontinue to limit default thread count to max per group
• BUG/MINORchecksrestore legacy on-error fastinter behavior
• BUG/MEDIUMmworkercreate the mcli_reload socketpairs in case of upgrade
• BUG/MEDIUMmworkerfix segv in early failure of mworker mode with peers
• MINORmworkerdisplay an alert upon a wait-mode exit
• BUG/MINORchecksmake sure fastinter is used even on forced transitions
• BUG/MEDIUMchecksdo not reschedule a possibly running task on state change
• CIgithubsplit ssl lib selection based on git branch
• CIgithubreintroduce openssl 1.1.1
• BUG/MEDIIMstconnFlush output data before forwarding close to write side
• BUG/MINORsslinitialize WolfSSL before parsing
• BUG/MINORsslinitialize SSL error before parsing
• BUILDpeerspeers-t.h depends on stick-table-t.h
• BUG/MINORhapee/modulesmake sure generated includes and structs are sorted
• MINORhapee/modulescheck if we generate the API hash correctly
• BUG/MINORhapee/modulesadjust include match() in gen-modules-config-h.awk
• MINORhapee/WURFLtransfer error status from the _wurfl_reload() function
• MINORhapee/WURFLadded live update database function
• MINORhapee/WURFLadded custom API log function
• MINORhapee/WURFLadded function to check correct module initialization
• BUG/MINORhapee/WURFLcorrected version check of used wurfl library
• BUILDhapee/darepaired build in case of using old DeviceAtlas library
• MINORhapee/daadd function that allow data reload
• MINORhapee/daadd spin locking
• MINORhapee/daadd support for loading a precompiled json data
• MEDIUMhapee/daRevert MEDIUM: da: update module to handle schedule mode.
• MINORhapee/51dadd function that allow data reload
• BUG/MINORhapee/51dadd spin locking
• BUILDhapee/51dfix error when building with 51Degrees enabled
• BUG/MEDIUMhapee/51dfix a segfault on exit when 51d configuration is not loaded
• MEDIUMhapee/51duse fiftyoneDegreesProvider to access the pool and dataset
• BUG/MINORhapee/modulesinitialize the module head list
• BUILDhapee/modulesselect either md5 or md5sum
• MEDIUMhapee/modulesload the STG_REGISTER initcalls
• BUG/MINORhapee/modulesdisplay detailed error message on mod_init() failure
• MINORhapee/modulesadd a new label MODULES_LOCK to the lock_label enum
• MINORhapee/modulesadd the ability to register variable and functions.
• MEDIUMhapee/modules'modules list' on the cli shows currently loaded modules
• MINORhapee/modulesterminate properly loaded modules if possible
• MEDIUMhapee/modulesadd memory reservation support for the modules
• MINORhapeechange URLs for 2.7r1
• BUILDhapee/modulesupdate HAPEE version macro to 2.7r1
• BUILDhapee/modulesadd macros to compute numerical value of a HAPEE version
• BUILDhapee/modulesadd version of the module in the defines
• MEDIUMhapee/modulesadd modules support