Search filters

Type

Section

Actions

Changelog - HAProxy Enterprise 2.9r1

#2025/01/28 : 2.9r1 (1.0.0-330.708)

  • MINORhapeeUpdate backports list
  • MINORepollpermit to mask certain specific events
  • BUG/MINORstreamProperly handle on-marked-up shutdown-backup-sessions
  • BUG/MINORsslput ssl_sock_load_ca under SSL_NO_GENERATE_CERTIFICATES
  • BUG/MINORquicdo not increase congestion window if app limited

#2025/01/23 : 2.9r1 (1.0.0-330.703)

  • BUG/MEDIUMpromexUse right context pointers to dump backends extra-counters
  • BUG/MEDIUMmux-h1Properly close H1C if an error is reported before sending data
  • BUILDquicMove an ASSUME_NONNULL() for variable which is not null
  • MINORquicAdd a BUG_ON() on quic_tx_packet refcount
  • BUG/MINORquicensure a detached coalesced packet can't access its neighbours
  • BUG/MINORinitset HAPROXY_STARTUP_VERSION from the variable, not the macro
  • BUG/MAJORlog/sinkpossible sink collision in sink_new_from_srv()
  • BUG/MAJORquicreject too large CRYPTO frames
  • BUG/MEDIUMstktablefix missing lock on some table converters
  • BUG/MINORquicreject NEW_TOKEN frames from clients
  • BUG/MINORstktablefix big-endian compatiblity in smp_to_stkey()

#2025/01/09 : 2.9r1 (1.0.0-330.692)

  • BUG/MEDIUMpromex/resolversDon't dump metrics if no nameserver is defined
  • BUG/MEDIUMh1-htxProperly handle bodyless messages
  • MINORconfigAlert about extra arguments for errorfile and errorloc
  • DOCconfigadd missing track-sc0 in action keywords matrix
  • BUG/MEDIUMqueueMake process_srv_queue return the number of streams
  • BUG/MINORh2/rhttpfix HTTP2 conn counters on reverse
  • DOCconfigadd tune.lua.burst-timeout to the list of global parameters
  • DOCconfigreorder tune.lua.* keywords by alphabetical order
  • DOCconfigadd example for server track keyword
  • BUG/MEDIUMqueuesDo not use pendconn_grab_from_px().
  • BUG/MEDIUMqueuesMake sure we call process_srv_queue() when leaving
  • BUG/MEDIUMstconnOnly consider I/O timers to update stream's expiration date
  • BUG/MEDIUMclockmake sure now_ms cannot be TICK_ETERNITY
  • BUG/MEDIUMstconnDon't forward shut for SC in connecting state
  • BUG/MEDIUMquicprevent crash due to CRYPTO parsing error
  • BUG/MINORquicrepeat packet parsing to deal with fragmented CRYPTO
  • MINORquicextend return value of CRYPTO parsing
  • MINORquicuse dynamically allocated frame on parsing
  • MINORquicsimplify qc_parse_pkt_frms() return path
  • BUG/MEDIUMquicsupport wait-for-handshake
  • BUG/MINORstreamunblock stream on wait-for-handshake completion
  • MINORquicnotify connection layer on handshake completion
  • BUG/MEDIUMpatternprevent uninitialized reads in pat_match_{str,beg}

#2024/12/17 : 2.9r1 (1.0.0-330.669)

  • MINORssl/cliadd -A to the 'show ssl sni' command description
  • MINORssl/cliallow to filter expired certificates with 'show ssl sni'
  • MINORssladd utils functions to extract X509 notAfter date
  • MINORssl/cliadd negative filters to show ssl sni
  • CLEANUPsslfix comment in 'show ssl sni'
  • DOCmanagementfix typos and paragraph ordering in 'show ssl sni'
  • MEDIUMssl/clishow ssl sni list the loaded SNI in frontends
  • MINORssladd notBefore and notAfter utility functions

#2024/12/16 : 2.9r1 (1.0.0-330.661)

  • BUG/MINORserver-stateFix expiration date of srvrq_check tasks
  • BUG/MINORquicremove startup alert if conn socket-owner unsupported
  • BUG/MINORsignalregister default handler for SIGINT in signal_init()
  • BUG/MINORh1-htxUse default reason if not set when formatting the response
  • BUG/MEDIUMhttp-anaReset request flag about data sent to perform a L7 retry
  • BUG/MEDIUMevent_hdlfix uninitialized value in async mode when no data is provided

#2024/12/02 : 2.9r1 (1.0.0-330.655)

#2024/11/27 : 2.9r1 (1.0.0-329.655)

  • BUG/MEDIUMsockRemove FD_POLL_HUP during connect() if FD_POLL_ERR is not set
  • BUG/MEDIUMhttp-anaDon't release too early the L7 buffer
  • DEVlags/show-sess-to-flagsProperly handle fd state on server side
  • BUG/MAJORquicfix wrong packet building due to already acked frames

#2024/11/22 : 2.9r1 (1.0.0-329.651)

  • BUG/MAJORmux-h1Properly handle wrapping on obuf when dumping the first-line
  • BUG/MEDIUMpools/memprofilealways clean stale pool info on pool_destroy()
  • MINORactivity/memprofileoffer a function to unregister stale info
  • BUG/MINORactivity/memprofilereinitialize the free calls on DSO summary
  • BUG/MEDIUMwdtfix the stuck detection for warnings
  • BUG/MEDIUMdebugdon't set the STUCK flag from debug_handler()
  • DOCconfigImprove documentation of tune.http.maxhdr directive
  • BUG/MEDIUMh3Increase max number of headers when sending headers
  • BUG/MEDIUMh3Properly limit the number of headers received
  • BUG/MEDIUMmux-h2Check the number of headers in HEADERS frame after decoding
  • BUG/MEDIUMmux-h2Increase max number of headers when encoding HEADERS frames
  • BUG/MINORhttp-anaAdjust the server status before the L7 retries
  • DOCconfigurationwrap long line for strstr() conditional expression
  • DOCconfigurationexplain quotes and spaces in conditional blocks
  • DOCluafix yield-dependent methods expected contexts
  • DOCconfigMove wait_end in section about internal samples
  • DOCconfigSlightly improve the %Tr documentation
  • BUG/MINORhttp_anaReport -1 for %Tr for invalid response only
  • DOCconfigFix a typo in 1.3.1. The Request line
  • BUG/MINORpeersmake sure to always apply offsets to now_ms in expiration
  • BUG/MINORmux_quicmake sure to always apply offsets to now_ms in expiration
  • BUG/MEDIUMmailersmake sure to always apply offsets to now_ms in expiration
  • BUG/MEDIUMchecksmake sure to always apply offsets to now_ms in expiration
  • BUG/MINORDon't report early srv aborts on request forwarding in DONE state
  • BUG/MEDIUMmux-h2Don't send RST_STREAM frame for streams with no ID

#2024/11/13 : 2.9r1 (1.0.0-329.626)

  • BUG/MEDIUMresolversInsert a non-executed resulution in front of the wait list
  • BUG/MINORclidon't show sockpairs in HAPROXY_CLI and HAPROXY_MASTER_CLI

#2024/11/07 : 2.9r1 (1.0.0-329.624)

  • MINORdebugmove the recover now warn message after the optional notes
  • DEBUGwdtmake the blocked traffic warning delay configurable
  • DEBUGclimake it possible for debug dev loop to trigger warnings
  • DEBUGwdtbetter detect apparently locked up threads and warn about them
  • MINORdebugadd a function to dump a stuck thread
  • MINORwdtmove the local timers to a struct
  • MINORdebugremove the redundant process.thread_info array from post_mortem
  • MINORdebugalso add fdtab and acitvity to struct post_mortem
  • MINORdebugalso add a pointer to struct global to post_mortem
  • MINORdebugdo not limit backtraces to stuck threads
  • MINORdebugprint gdb hints when crashing
  • MINORstreammaintain a counter of the number of active streams.
  • MINORconnectionadd new sample fetch functions fc_err_name and bc_err_name
  • MINORrawsockset connection error codes when returning from recv/send/splice
  • MINORconnectionadd more connection error codes to cover common errno
  • MINORcli/debugshow dev: add cmdline and version
  • BUG/MEDIUMpromexFix dump of extra counters
  • MINORtcpcheckAdd support for an option host header value for httpchk option
  • CLEANUPconnectionproperly name the CO_ER_SSL_FATAL enum entry
  • DOCconfigdocument connection error 44 (reverse connect failure)
  • MINORstreamSave last evaluated rule on invalid yield
  • BUG/MINORhttp-anaReport internal error if an action yields on a final eval
  • BUG/MEDIUMmux-h1Fix how timeouts are applied on H1 connections
  • BUG/MINORssl/cli'set ssl cert' does not check the transaction name correctly
  • BUG/MINORtracestop rewriting argv with -dt

#2024/10/24 : 2.9r1 (1.0.0-329.599)

  • MINORcliremove non-printable characters from 'debug dev fd'
  • MINORdebugstore important pointers in post_mortem
  • MINORdebugplace the post_mortem struct in its own section.
  • MINORdebugplace a magic pattern at the beginning of post_mortem
  • MINORpoolsexport the pools variable
  • BUILDdebugsilence a build warning with threads disabled
  • BUG/MEDIUMserverfix race on servers_list during server deletion
  • BUG/MINORstconnDon't disable 0-copy FF if EOS was reported on consumer side
  • BUG/MINORhttp-anaFix wrong client abort reports during responses forwarding
  • BUG/MEDIUMstconnReport blocked send if sends are blocked by an error
  • BUG/MINORserverfix dynamic server leak with check on failed init
  • BUG/MINORmux-quicdo not close STREAM with empty FIN if no data sent
  • MINORactivity/memprofileshow per-DSO stats
  • BUG/MEDIUMconnection/http-reusefix address collision on unhandled address families
  • MINORactivity/memprofilealways return other bin on NULL return address
  • BUG/MEDIUMmux-h2Remove H2S from send list if data are sent via 0-copy FF
  • BUG/MINORmworkerfix mworker-max-reloads parser
  • DOCconfigfix rfc7239 forwarded typo in desc
  • BUG/MEDIUMquicavoid freezing 0RTT connections
  • BUG/MINORquicavoid leaking post handshake frames
  • REGTESTSNever reuse server connection in http-messaging/truncated.vtc
  • BUG/MAJORfilters/htxAdd a flag to state the payload is altered by a filter
  • BUG/MEDIUMstconnCheck FF data of SC to perform a shutdown in sc_notify()
  • BUG/MINORhttp-anaDon't report a server abort if response payload is invalid
  • BUG/MEDIUMstconnWait iobuf is empty to shut SE down during a check send
  • BUG/MINORhttpclientreturn NULL when no proxy available during httpclient_new()
  • BUG/MEDIUMqueuemake sure never to queue when there's no more served conns
  • BUG/MEDIUMmux-quicensure timeout server is active for short requests
  • BUG/MEDIUMhluaproperly handle sample func errors in hlua_run_sample_{fetch,conv}()
  • BUG/MEDIUMhluamake hlua_ctx_renew() safe
  • MEDIUMdebugon panic, make the target thread automatically allocate its buf
  • MINORdebugreplace ha_thread_dump() with its two components
  • MINORdebugmake ha_thread_dump_done() take the pointer to be used
  • MINORdebugslightly change the thread_dump_pointer signification
  • MINORdebugsplit ha_thread_dump() in two parts
  • MINORchunkdrop the global thread_dump_buffer
  • MINORdebugmake mark_tainted() return the previous value

#2024/10/21 : 2.9r1 (1.0.0-329.562)

  • MINORargadd an argument type for identifier
  • BUG/MEDIUMserverserver stuck in maintenance after FQDN change

#2024/10/07 : 2.9r1 (1.0.0-329.560)

  • BUG/MINORproxyfix option tcplog clf invalid free

#2024/10/02 : 2.9r1 (1.0.0-329.559)

  • BUG/MINORhttp-anaDisable fast-fwd for unfinished req waiting for upgrade
  • BUG/MINORmux-h1Fix condition to set EOI on SE during zero-copy forwarding
  • BUG/MEDIUMqueuealways dequeue the backend when redistributing the last server
  • MINORservermake srv_shutdown_sessions() call pendconn_redistribute()
  • BUG/MINORqueuemake sure that maintenance redispatches server queue
  • BUG/MEDIUMstreammake stream_shutdown() async-safe
  • MINORtaskdefine two new one-shot events for use with WOKEN_OTHER or MSG
  • BUG/MINORquicprevent freeze after early QCS closure
  • BUG/MEDIUMquichandle retransmit for standalone FIN STREAM
  • MINORquicimplement function to check if STREAM is fully acked
  • MINORquicconvert qc_stream_desc release field to flags
  • BUG/MINORcfgparse-globalfix allowed args number for setenv
  • BUG/MINORservermake sure the HMAINT state is part of MAINT
  • BUG/MEDIUMcliDeadlock when setting frontend maxconn
  • REGTESTSshorten a bit the delay for the h1/h2 upgrade test
  • REGTESTSh1/h2Update script testing H1/H2 protocol upgrades
  • BUG/MEDIUMmux-h1/mux-h2Reject upgrades with payload on H2 side only
  • MINORmux-h1Set EOI on SE during demux when both side are in DONE state
  • BUG/MINORh2reject extended connect for h2c protocol
  • BUG/MINORh1do not forward h2c upgrade header token
  • BUG/MINORssl_sockfix xprt_set_used() to properly clear the TASK_F_USR1 bit
  • BUG/MINORcfgparse-listenfix option httpslog override warning message

#2024/09/17 : 2.9r1 (1.0.0-329.537)

  • BUG/MEDIUMcfgparse-listenfix option tcplog regression
  • BUG/MINORfix missing 'option httpslog' overrides previous 'option tcplog clf'... detection
  • BUG/MINORfix missing log-format overrides previous 'option tcplog clf'... detection
  • BUG/MEDIUMpromexWait to have the request before sending the response
  • BUG/MEDIUMcache/statsWait to have the request before sending the response
  • DOCconfigExplicitly list relaxing rules for accept-invalid-http-* options
  • BUG/MEDIUMqueueimplement a flag to check for the dequeuing
  • BUG/MINORclockvalidate that now_offset still applies to the current date
  • BUG/MINORclockmake time jump corrections a bit more accurate
  • BUG/MINORpollingfix time reporting when using busy polling
  • MEDIUMh1Accept invalid T-E values with accept-invalid-http-response option
  • BUG/MINORpatterndo not leave a leading comma on set error messages

#2024/09/09 : 2.9r1 (1.0.0-329.525)

  • HAPEEupdate list of backported patches (tcplog clf)
  • MINORconfigCreated env variables for http and tcp clf formats
  • MINORImplements new log format of option tcplog clf
  • BUG/MINORh1-htxDon't flag response as bodyless when a tunnel is established
  • BUG/MAJORmux-h1Wake SC to perform 0-copy forwarding in CLOSING state
  • BUG/MEDIUMpatternprevent UAF on reused pattern expr
  • BUG/MINORpatternprevent const sample from being tampered in pat_match_beg()
  • BUG/MEDIUMclockdetect and cover jumps during execution
  • REGTESTSfix random failures with wrong_ip_port_logging.vtc under load
  • DOCconfigurationplace the HAPROXY_HTTP_LOG_FMT example on the correct line
  • BUG/MINORquicToo short datagram during packet building failures (aws-lc only)
  • BUG/MINORquicCrash from trace dumping SSL eary data status (AWS-LC)
  • BUG/MEDIUMquicalways validate sender address on 0-RTT
  • MINORquicAdd trace for QUIC_EV_CONN_IO_CB event.
  • MINORquicImplement qc_ssl_eary_data_accepted().
  • MINORquicModify NEW_TOKEN frame structure (qf_new_token struct)
  • BUG/MINORquicMissing incrementation in NEW_TOKEN frame builder
  • MINORquicToken for future connections implementation.
  • MEDIUMssl/quicimplement quic crypto with EVP_AEAD
  • MINORquicImplement quic_tls_derive_token_secret().
  • MINORtoolsImplement ipaddrcpy().
  • BUG/MEDIUMclockalso update the date offset on time jumps

#2024/09/04 : 2.9r1 (1.0.0-329.503)

  • BUG/MINORcfgparse-globalremove tune.fast-forward from common_kw_list
  • DOCconfigcorrect the table for option tcplog
  • BUG/MINORpatternpat_ref_set: return 0 if err was found
  • BUG/MINORpatternpat_ref_set: fix UAF reported by coverity
  • BUG/MINORh3properly reject too long header responses
  • BUG/MINORproto_uxstdelete fd from fdtab if listen() fails
  • BUG/MINORmux-quicdo not send too big MAX_STREAMS ID
  • REGTESTSmclitest the pipelined commands on master CLI
  • BUG/MEDIUMmworker/clifix pipelined modes on master CLI
  • MINORchannelimplement ci_insert() function
  • BUG/MINORproto_tcpkeep error msg if listen() fails
  • BUG/MINORproto_tcpdelete fd from fdtab if listen() fails
  • BUG/MINORquic/tracemake quic_conn_enc_level_init() emit NEW not CLOSE
  • BUG/MINORtrace/quicmake qconn selectable as a lockon criterion
  • BUG/MINORtraceautomatically start in waiting mode with "start <evt>"
  • BUG/MEDIUMtracefix null deref in lockon mechanism since TRACE_ENABLED()
  • BUG/MINORtrace/quicpermit to lock on frontend/connect/session etc
  • BUG/MINORtrace/quicenable conn/session pointer recovery from quic_conn
  • BUG/MINORfcgi-apphandle a possible strdup() failure
  • BUG/MEDIUMmux-h2Propagate term flags to SE on error in h2s_wake_one_stream
  • BUG/MEDIUMh2Only report early HTX EOM for tunneled streams
  • BUG/MEDIUMhttp-anaReport error on write error waiting for the response
  • BUG/MEDIUMquicprevent conn freeze on 0RTT undeciphered content
  • BUG/MINORstconnbs.id and fs.id had their dependencies incorrect
  • BUILDmux-ptUse the right name for the sedesc variable
  • BUG/MEDIUMmux-pt/mux-h1Release the pipe on connection error on sending path
  • BUG/MEDIUMstconnReport error on SC on send if a previous SE error was set
  • BUG/MEDIUMserver/addrfix tune.events.max-events-at-once event miss and leak

#2024/09/03 : 2.9r1 (1.0.0-328.475)

  • BUG/MINORCrash on O-RTT RX packet after dropping Initial pktns
  • BUG/MINORquicToo shord datagram during O-RTT handshakes (aws-lc only)
  • BUG/MAJORmux-h2always clear MUX_MFULL and DEM_MROOM when clearing the mbuf
  • MINORmux-h2try to clear DEM_MROOM and MUX_MFULL at more places
  • BUG/MEDIUMmux-h1Properly handle empty message when an error is triggered
  • BUG/MINORquicunexploited retransmission cases for Initial pktns.
  • BUG/MEDIUMcliAlways release back endpoint between two commands on the mcli
  • BUG/MEDIUMmux-ptNever fully close the connection on shutdown
  • BUG/MEDIUMstreamPrevent mux upgrades if client connection is no longer ready
  • BUG/MEDIUMmux-h2Set ES flag when necessary on 0-copy data forwarding
  • DOCquicfix default minimal value for max window size

#2024/08/02 : 2.9r1 (1.0.0-328.464)

  • HAPEEDOCfix gptstr for dconv parsing
  • MEDIUMh1allow to preserve keep-alive on T-E + C-L
  • BUG/MEDIUMinitfix fd_hard_limit default in compute_ideal_maxconn
  • MEDIUMinitset default for fd_hard_limit via DEFAULT_MAXFD (take #2)
  • BUG/MEDIUMqueuedeal with a rare TOCTOU in assign_server_and_queue()
  • MINORqueueadd a function to check for TOCTOU after queueing
  • BUG/MEDIUMjwtClear SSL error queue on error when checking the signature
  • BUG/MINORquicLack of precision when computing K (cubic only cc)
  • BUG/MINORcliAtomically inc the global request counter between CLI commands
  • BUG/MINORserverDon't warn fallback IP is used during init-addr resolution
  • BUG/MINORstick-tablefix crash for src_inc_gpc() without stkcounter
  • DOCconfigimprove the http-keep-alive section
  • DOCconfigurationissuers-chain-path not compatible with OCSP
  • BUG/MAJORmux-h2force a hard error upon short read with pending error
  • BUG/MEDIUMssl_sockfix deadlock in ssl_sock_load_ocsp() on error path
  • BUG/MEDIUMdebug/clifix show threads crashing with low thread counts
  • BUG/MINORsessionEval L4/L5 rules defined in the default section
  • BUG/MEDIUMbwlimBe sure to never set the analyze expiration date in past
  • BUG/MEDIUMspoeBe sure to create a SPOE applet if none on the current thread
  • BUG/MEDIUMh1Reject empty Transfer-encoding header
  • BUG/MINORh1Reject empty coding name as last transfer-encoding value
  • BUG/MINORh1Fail to parse empty transfer coding names
  • BUG/MINORjwtfix variable initialisation
  • DOCconfigurationupdate maxconn description
  • BUG/MINORjwtdon't try to load files with HMAC algorithm
  • HAPEEDOC: document the GPTSTR extensions in configuration.txt

#2024/07/03 : 2.9r1 (1.0.0-328.438)

  • MINORhapeeupdate the notes to reflect backport of RLIMIT_DATA
  • MINORhapeerefresh the list of backported commits
  • MINORinituse RLIMIT_DATA instead of RLIMIT_AS
  • MINORhapeeupdate backports list
  • BUG/MINORpromexRemove Help prefix repeated twice for each metric
  • BUG/MINORpromexSkip resolvers metrics when there is no resolver section
  • DOCconfigurationmore details about the master-worker mode
  • BUG/MEDIUMquicfix possible exit from qc_check_dcid() without unlocking
  • BUG/MINORquicfix race-condition on trace for CID retrieval
  • BUG/MINORquicfix race condition in qc_check_dcid()
  • BUG/MEDIUMquicfix race-condition in quic_get_cid_tid()
  • BUG/MEDIUMh3ensure the :scheme pseudo header is totally valid
  • BUG/MEDIUMh3ensure the :method pseudo header is totally valid
  • MINORactivitymake the memory profiling hash size configurable at build time
  • BUG/MEDIUMstick-tableDecrement the ref count inside lock to kill a session
  • BUG/MINORhluareport proper context upon error in hlua_cli_io_handler_fct()
  • BUG/MINORquicfix BUG_ON() on Tx pkt alloc failure
  • BUG/MINORmux-quicfix crash on qcs SD alloc failure
  • BUG/MINORh3fix crash on STOP_SENDING receive after GOAWAY emission
  • DOCapi/event_hdlsmall updates, fix an example and add some precisions
  • SCRIPTSgit-show-backportsdo not truncate git-show output
  • DOCconfigurationfix alphabetical order of bind options
  • BUG/MEDIUMproxyfix email-alert invalid free
  • REGTESTSsslfix some regtests 'feature cmd' start condition
  • DOCmanagementrename show stats domain cli dns to resolvers
  • DOC/MINORmanagementadd -dZ option
  • DOC/MINORmanagementadd missed -dR and -dv options
  • BUG/MAJORmux-h1Prevent any UAF on H1 connection after draining a request
  • BUG/MINORproxyfix header_unique_id leak on deinit()
  • BUG/MINORproxyfix source interface and usesrc leaks on deinit()
  • BUG/MINORproxyfix dyncookie_key leak on deinit()
  • BUG/MINORproxyfix check_{command,path} leak on deinit()
  • BUG/MINORproxyfix email-alert leak on deinit()
  • BUG/MINORproxyfix log_tag leak on deinit()
  • BUG/MINORproxyfix server_id_hdr_name leak on deinit()
  • MINORlogfix http-send-name-header ignore warning message
  • BUG/MINORquicfix computed length of emitted STREAM frames
  • BUG/MEDIUMsslbad auth selection with TLS1.2 and WolfSSL

#2024/06/10 : 2.9r1 (1.0.0-327.400)

  • CIscriptsreset backported changes on macOS version
  • BUG/MEDIUMstick-tablesFix locking of updt_lock when trashing oldest entries
  • BUG/MEDIUMsslwrong priority whem limiting ECDSA ciphers in ECDSA+RSA configuration
  • CLEANUPhluasimplify ambiguous lua_insert() usage in hlua_ctx_resume()
  • BUG/MINORhluafix leak in hlua_ckch_set() error path
  • BUG/MINORhluaprevent LJMP in hlua_traceback()
  • BUG/MINORhluafix unsafe hlua_pusherror() usage
  • BUG/MINORhluadon't use lua_pushfstring() when we don't expect LJMP
  • CLEANUPhluause hlua_pusherror() where relevant
  • BUG/MINORquicprevent crash on qc_kill_conn()
  • BUG/MEDIUMh1-htxDon't state interim responses are bodyless
  • BUG/MINORhluause CertCache.set() from various hlua contexts
  • BUG/MINORtoolsfix possible null-deref in env_expand() on out-of-memory
  • BUG/MINORtcpcheckreport correct error in tcp-check rule parser
  • BUG/MINORcfgparseremove the correct option on httpcheck send-state warning
  • BUG/MINORactivityfix Delta_calls and Delta_bytes count
  • BUG/MINORssl/ocspinit callback func ptr as NULL
  • CLEANUPssl/ocspreadable ifdef in ssl_sock_load_ocsp
  • DOCconfigadd %ID logformat alias alternative
  • BUILDfderrno is also needed without poll()
  • CIscriptsfix build of vtest regarding option -C
  • CImodernize macos matrix
  • REGTESTSacl_cli_spacesavoid a warning caused by undefined logs
  • DOCconfigfix incorrect section reference about custom log format
  • DOCquicspecify that connection migration is not supported
  • BUG/MINORserverDon't reset resolver options on a new default-server line
  • BUG/MINORhttp-htxSupport default path during scheme based normalization
  • BUG/MINORquicadjust restriction for stateless reset emission
  • MEDIUMconfigprevent communication with privileged ports
  • BUG/MEDIUMstick-tablesmake sure never to create two same remote entries
  • BUG/MEDIUMstick-tablesFix race with peers when killing a sticky session
  • BUG/MEDIUMstick-tablesFix race with peers when trashing oldest entries
  • BUILDquicfix unused variable warning when threads are disabled
  • BUG/MEDIUMmux-quicCreate sedesc in same time of the QUIC stream
  • BUG/MEDIUMquic_tlsprevent LibreSSL < 4.0 from negotiating CHACHA20_POLY1305
  • BUG/MAJORquicCrash with TLS_AES_128_CCM_SHA256 (libressl only)
  • BUG/MINORrhttpfix task_wakeup state
  • BUG/MINORrhttpprevent listener suspend
  • BUG/MEDIUMrhttpfix preconnect on single-thread
  • BUG/MINORserverfree PROXY v2 TLVs on srv drop
  • BUG/MINORconnectionparse PROXY TLV for LOCAL mode
  • BUG/MINORhttp-anaDon't crush stream termination condition on internal error
  • DOCconfigurationupdate the crt-list documentation
  • CLEANUPssl/cliremove unused code in dump_crtlist_conf
  • MEDIUMmux-h1Support C-L/T-E header suppressions when sending messages
  • MINORmux-h1Add a flag to ignore the request payload
  • BUG/MINORstatsDon't state the 303 redirect response is chunked
  • BUG/MEDIUMfdprevent memory waste in fdtab array
  • BUILDstick-tablesbetter mark the stktable_data as 32-bit aligned
  • BUG/MEDIUMh1Reject CONNECT request if the target has a scheme
  • BUG/MINORh1Check authority for non-CONNECT methods only if a scheme is found
  • BUG/MEDIUMstick-tablesproperly mark stktable_data as packed
  • BUG/MEDIUMhtxmark htx_sl as packed since it may be realigned
  • BUG/MINORqpackfix error code reported on QPACK decoding failure
  • BUG/MINORmux-quicfix error code on shutdown for non HTTP/3
  • BUG/MINORlogsmp_rgs array issues with inherited global log directives
  • DOCluafix filters.txt file location
  • BUG/MINORcfgparseuse curproxy global var from config post validation
  • BUG/MINORaclsupport built-in ACLs with acl() sample
  • REGTESTadd tests for acl() sample fetch
  • BUG/MINORhaproxyonly tid 0 must not sleep if got signal
  • BUILDclockimprove check for pthread_getcpuclockid()
  • BUG/MINORmworkerreintroduce way to disable seamless reload with -x /dev/null
  • BUG/MINORh1fix detection of upper bytes in the URI
  • BUG/MINORbackenduse cum_sess counters instead of cum_conn
  • BUG/MINORfdmy_closefrom() on Linux could skip contiguous series of sockets
  • BUG/MINORsockhandle a weird condition with connect()
  • BUG/MINORstconnFix sc_mux_strm() return value

#2024/05/03 : 2.9r1 (1.0.0-325.332)

#2024/04/29 : 2.9r1 (1.0.0-321.332)

  • REGTESTScacheAdd test on 'vary' other than accept-encoding
  • BUG/MEDIUMcacheVary not working properly on anything other than accept-encoding

#2024/04/19 : 2.9r1 (1.0.0-320.330)

  • BUG/MINORserverfix slowstart behavior
  • BUG/MEDIUMpeersFix exit condition when max-updates-at-once is reached
  • BUG/MEDIUMspoeAlways retry when an applet fails to send a frame
  • BUG/MEDIUMappletFix applet API to put input data in a buffer
  • BUG/MEDIUMevportsdo not clear returned events list on signal
  • BUG/MEDIUMstconnDon't forward channel data if input data must be filtered
  • BUG/MEDIUMgrpcFix several unaligned 32/64 bits accesses
  • MINORnet_helperAdd support for floats/doubles.
  • CIrevert kernel addr randomization introduced in 3a0fc864
  • BUG/MAJORstick-tablesfix race with peers in entry expiration
  • BUG/MEDIUMpeers/tracefix crash when listing event types
  • BUILDcachefix non-inline vs inline declaration mismatch to silence a warning
  • BUG/MINORdebugmake sure DEBUG_STRICT=0 does work as documented
  • BUG/MINORhttp-anaFix TX_L7_RETRY and TX_D_L7_RETRY values
  • BUG/MEDIUMhttp-anaDeliver 502 on keep-alive for fressh server connection
  • CLEANUPloglf_text_len() returns a pointer not an integer
  • BUG/MINORloginvalid snprintf() usage in sess_build_logline()
  • BUG/MINORtools/loginvalid encode_{chunk,string} usage
  • BUG/MINORlogfix lf_text_len() truncate inconsistency
  • BUG/MINORlisteneralways assign distinct IDs to shards
  • BUG/MEDIUMquicdon't blindly rely on unaligned accesses
  • BUG/MINORcliReport an error to user if command or payload is too big
  • BUG/MAJORconnectionfix server used_conns with H2 + reuse safe
  • BUG/MEDIUMhttp_anaignore NTLM for reuse aggressive/always and no H1
  • BUG/MAJORserverdo not delete srv referenced by session
  • MINORsessionrename private conns elements
  • BUG/MEDIUMsslFix crash when calling update ssl ocsp-response when an update is ongoing
  • BUG/MAJORocspSeparate refcount per instance and per store
  • MEDIUMsslinitialize the SSL stack explicitely
  • BUG/MEDIUMquicfix connection freeze on post handshake
  • MEDIUMhtx/http-anaNo longer close connection on early HAProxy response
  • MAJORmux-h1Drain requests on client side before shut a stream down
  • MINORmux-h1Move all stuff to detach a stream in an internal function
  • MINORmux-h1Move checks performed before a shutdown in a dedicated function
  • BUG/MEDIUMserverfix dynamic servers initial settings
  • BUG/MINORinitrelax LSTCHK_NETADM checks for non root
  • BUG/MINORproxyfix logformat expression leak in use_backend rules

#2024/04/04 : 2.9r1 (1.0.0-320.293)

  • MINORhapeeUpdate list of dropped commits
  • BUG/MEDIUMstick-tableuse the update lock when reading tables from peers
  • BUG/MEDIUMstconnDon't forward shutdown to SE if iobuf is not empty
  • BUG/MINORbackendproperly handle redispatch 0
  • BUG/MEDIUMstick-tablesfix a small remaining race in expiration task
  • BUG/MINORlog/balancedetect if user tries to use unsupported algo
  • DOCconfigbalance 'first' not usable in LOG mode
  • BUG/MINORserverignore 'enabled' for dynamic servers
  • MINORserverallow cookie for dynamic servers
  • BUG/MINORserverfix persistence cookie for dynamic servers
  • BUG/MINORsslDetect more 'ocsp-update' incompatibilities
  • BUG/MINORsslWrong ocsp-update incompatibility error message
  • BUILDsslfix build error on older compilers with openssl-3.2
  • BUG/MINORserver'source' interface ignored from 'default-server' directive
  • OPTIMhttp_extavoid useless copy in http_7239_extract_{ipv4,ipv6}
  • BUG/MEDIUMmux-fcgiProperly handle EOM flag on end-of-trailers HTX block
  • BUG/MINORmux-quicclose all QCS before freeing QCC tasklet
  • BUG/MEDIUMsslFix crash in ocsp-update log function
  • BUG/MINORsessionensure conn owner is set after insert into session
  • BUG/MEDIUMspoeReturn an invalid frame on recv if size is too small
  • CItemporarily adjust kernel entropy to work with ASAN/clang
  • BUG/MINORspoeBe sure to be able to quickly close IDLE applets on soft-stop
  • BUG/MEDIUMspoeDon't rely on stream's expiration to detect processing timeout
  • BUG/MINORlistenerDon't schedule frontend without task in listener_release()
  • BUG/MINORlistenerWake proxy's mngmt task up if necessary on session release
  • BUG/MEDIUMhluastreams don't support mixing lua-load with lua-load-per-thread (2nd try)
  • MINORhluause accessors for stream hlua ctx
  • DEBUGluaprecisely identify if stream is stuck inside lua or not
  • BUG/MINORhluafix missing lock in hlua_filter_delete()
  • BUG/MINORhluamissing lock in hlua_filter_new()
  • BUG/MINORhluasegfault when loading the same filter from different contexts
  • CIgithubadd -DDEBUG_LIST to the default builds
  • BUG/MINORsslfix possible ctx memory leak in sample_conv_aes_gcm()
  • DOCconfigurationclarify ciphersuites usage (V2)
  • BUILDsolarisfix compilation errors
  • MINORquicalways use ncbuf for rx CRYPTO
  • BUG/MEDIUMquicfix handshake freeze under high traffic
  • BUG/MINORcfgparsereport proper location for log-format-sd errors
  • BUG/MINORssl/clitypo in new ssl crl-file CLI description
  • CIskip scheduled builds on forks
  • BUG/MINORsinkfix a race condition in the TCP log forwarding code
  • BUG/MINORhluadon't call ha_alert() in hlua_event_subscribe()
  • BUG/MAJORhluaimproper lock usage with hlua_ctx_resume()
  • BUG/MEDIUMhluaimproper lock usage with SET_SAFE_LJMP()
  • BUG/MINORhluaimproper lock usage in hlua_filter_new()
  • BUG/MINORhluaimproper lock usage in hlua_filter_callback()
  • BUG/MINORhluafix possible crash in hlua_filter_new() under load
  • BUG/MINORhluadon't use lua_tostring() from unprotected contexts
  • BUG/MINORhluafix unsafe lua_tostring() usage with empty stack
  • BUG/MINORtoolsseed the statistical PRNG slightly better
  • MINORhluaBe able to disable logging from lua
  • BUG/MINORhluaFix log level to the right value when set via TXN:set_loglevel
  • BUG/MINORconfig/quicAlert about PROXY protocol use on a QUIC listener
  • DOCconfigurationclarify ciphersuites usage
  • BUG/MINORmux-h1Properly report when mux is blocked during a nego
  • LICENSEhttp_extfix GPL license version
  • LICENSEevent_hdlfix GPL license version
  • BUG/MINORssl/cliduplicate cleaning code in cli_parse_del_crtlist
  • BUG/MINORistonly store NUL byte on succeeded alloc
  • BUG/MINORquicfix output of show quic
  • BUG/MEDIUMcliWarn if pipelined commands are delimited by a \n
  • MINORcliRemove useless loop on commands to find unescaped semi-colon
  • BUG/MAJORserverfix stream crash due to deleted server
  • BUG/MINORstatsdrop srv refcount on early release
  • BUG/MINORistallocate nul byte on istdup
  • MINORquicwarn on bind on multiple addresses if no IP_PKTINFO support
  • DOCquicfix recommandation for bind on multiple address
  • BUG/MEDIUMquicfix transient send error with listener socket
  • BUG/MEDIUMhluaDon't loop if a lua socket does not consume received data
  • BUG/MEDIUMhluaBe able to garbage collect uninitialized lua sockets
  • BUG/MEDIUMappletImmediately free appctx on early error
  • DOCquicMissing tuning setting in Global parameters
  • BUG/MINORqpackreject invalid dynamic table capacity
  • BUG/MINORqpackreject invalid increment count decoding
  • BUG/MINORquicreject HANDSHAKE_DONE as server
  • BUG/MINORquicreject unknown frame type
  • MINORconnectionadd sample fetches to report per-connection glitches
  • MINORmux-h2implement MUX_CTL_GET_GLITCHES
  • MINORconnectionadd a new mux_ctl to report number of connection glitches
  • MEDIUMmux-h2allow to set the glitches threshold to kill a connection
  • MINORmux-h2always use h2c_report_glitch()
  • MINORmux-h2count late reduction of INITIAL_WINDOW_SIZE as a glitch
  • MINORmux-h2count excess of CONTINUATION frames as a glitch
  • BUG/MINORmux-h2count rejected DATA frames against the connection's flow control
  • MINORmux-h2add a counter of glitches on a connection
  • BUG/MAJORssl/ocspcrash with ocsp when old process exit or using ocsp CLI
  • BUG/MAJORpromexfix crash on deleted server
  • BUG/MEDIUMmux-h2Don't report error on SE for closed H2 streams
  • BUG/MEDIUMmux-h2Don't report error on SE if error is only pending on H2C
  • BUG/MEDIUMmux-h2Only Report H2C error on read error if demux buffer is empty
  • BUG/MEDIUMmux-h2Switch pending error to error if demux buffer is empty
  • MINORmuxes/appletSimplify checks on options to disable zero-copy forwarding
  • BUG/MAJORstconnCheck support for zero-copy forwarding on both sides
  • MINORmuxesAnnounce support for zero-copy forwarding on consumer side
  • MINORstconnAdd SE flag to announce zero-copy forwarding on consumer side
  • MINORstconnRename SE_FL_MAY_FASTFWD and reorder bitfield
  • CLEANUPstconnMove SE flags set by app layer at the end of the bitfield
  • BUG/MEDIUMstconnDon't check pending shutdown to wake an applet up
  • BUG/MEDIUMstconnAllow expiration update when READ/WRITE event is pending
  • MINORquicAdd a counter for reordered packets
  • MINORquicDynamic packet reordering threshold
  • MINORquicUpdate K CUBIC calculation (RFC 9438)
  • BUG/MEDIUMquicWrong K CUBIC calculation.
  • BUG/MEDIUMsslFix crash when calling update ssl ocsp-response when an update is ongoing
  • BUG/MEDIUMpoolfix rare risk of deadlock in pool_flush()
  • BUILDaddress a few remaining calloc(size, n) cases
  • CIUpdate to actions/cache@v4
  • BUG/MEDIUMclifix once for all the problem of missing trailing LFs
  • BUG/MINORvars/clifix missing LF after get var output
  • DOCinternalupdate missing data types in peers-v2.0.txt
  • DOCconfigfix misplaced bytes_{in,out}
  • DOCconfigfix typos for bytes_{in,out}
  • DOCconfigfix misplaced txn.conn_retries
  • DOCinstallrecommend pcre2
  • REGTESTSsslAdd OCSP related tests
  • REGTESTSsslFix empty line in cli command input
  • BUG/MINORsslReenable ocsp auto-update after an add ssl crt-list
  • BUG/MINORsslDestroy ckch instances before the store during deinit
  • BUG/MEDIUMocspSeparate refcount per instance and per store
  • MINORsslUse OCSP_CERTID instead of ckch_store in ckch_store_build_certid
  • BUG/MINORsslClear the ckch instance when deleting a crt-list line
  • BUG/MINORsslDuplicate ocsp update mode when dup'ing ckch

#2024/04/04 : 2.9r1 (1.0.0-319.171)

  • MINORsslCall callback function after loading SSL CRL data

#2024/02/27 : 2.9r1 (1.0.0-315.170)

  • MINORhapeeadd a .hapee directory to list backporting notes
  • MINORdebugmake BUG_ON() catch build errors even without DEBUG_STRICT
  • BUILDdebugremove leftover parentheses in ABORT_NOW()
  • MINORdebugmake ABORT_NOW() store the caller's line number when using abort
  • MINORdebugmake sure calls to ha_crash_now() are never merged
  • MINORcompileradd a new DO_NOT_FOLD() macro to prevent code folding
  • MINORquicStop using 1024th of a second.
  • BUG/MINORquicfix possible integer wrap around in cubic window calculation
  • CLEANUPquicCode clarifications for QUIC CUBIC (RFC 9438)
  • BUG/MINORsslFix error message after ssl_sock_load_ocsp call
  • BUILDquicVariable name typo inside a BUG_ON().
  • BUG/MINORquicWrong ack ranges handling when reaching the limit.
  • BUG/MINORdiagrun the final diags before quitting when using -c
  • BUG/MINORdiagalways show the version before dumping a diag warning
  • REGTESTSpromexAdapt script to be less verbose
  • MEDIUMpromexAdd support for filters on metric names
  • MINORpromexAlways pass the final name and description to promex_dmp_ts()
  • MINORpromexRename dump functions to use the right wording
  • MEDIUMpromex/resolversDump resolvers metrics via a promex module
  • MEDIUMpromex/stick-tableDump stick-table metrics via a promex module
  • MEDIUMpromexDump metrics of registered modules with a way to filter them
  • MEDIUMpromexAdd a registration mechanism to support modules
  • MINORpromexRemove unsued htx parameter when a metric is dumped
  • MEDIUMpromexSimplify the context using generic pointers for restart points
  • MINORpromexAlways limit the number of labels dumped for each metric
  • DOCpromexAdd documentation about extra-counters
  • MEDIUMpromexDump listeners extra counters if requested
  • MEDIUMpromexDump servers extra counters if requested
  • MEDIUMpromexDump backends extra counters if requested
  • MEDIUMpromexDump frontends extra counters if requested
  • MINORpromexAdd info in the promex context to dump extra counters
  • MINORpromexAdd a param to override the description when a metric is dumped
  • MEDIUMstatsBe able to access a specific field into a stats module
  • MINORstatsBe able to access to registered stats modules from anywhere
  • MINORpromexExport active/backup metrics per-server
  • MINORpromexAdd support for specialized front/back/li/srv metric names
  • MEDIUMtcp-act/backendsupport for set-bc-{mark,tos} actions
  • MEDIUMtcp-act<expr> support for set-fc-{mark,tos} actions
  • MINORhluaRename set_{tos, mark} to set_fc_{tos, mark}
  • MINORtcp-actRename set-{mark,tos} to set-fc-{mark,tos}
  • MINORtcp_actfix alphabetical ordering of tcp request content actions
  • OPTIMconnectionprogressive hash for conn_calculate_hash()
  • CLEANUPconnectionremove obsolete comment in header file
  • BUG/MEDIUMh1always reject the NUL character in header values
  • BUG/MINORh1-htxproperly initialize the err_pos field
  • DOChttpclientadd dedicated httpclient section
  • BUG/MEDIUMh1Don't support LF only to mark the end of a chunk size
  • BUG/MINORh1Don't support LF only at the end of chunks
  • BUG/MEDIUMquicfix crash on invalid qc_stream_buf_free() BUG_ON
  • BUG/MEDIUMqpackallow 6xx..9xx status codes
  • BUG/MEDIUMh3do not crash on invalid response status code
  • MINORh3add traces for stream sending function
  • BUG/MAJORssl_sockAlways clear retry flags in read/write functions
  • DOCconfigurationclarify http-request wait-for-body
  • BUG/MEDIUMquicremove unsent data from qc_stream_desc buf
  • MINORquicextract qc_stream_buf free in a dedicated function
  • MINORquicStop hardcoding a scale shifting value (CUBIC_BETA_SCALE_FACTOR_SHIFT)
  • CLEANUPquicRemove unused CUBIC_BETA_SCALE_FACTOR_SHIFT macro.
  • BUG/MINORquicnewreno QUIC congestion control algorithm no more available
  • BUG/MEDIUMcacheFix crash when deleting secondary entry
  • BUG/MINORhluafix uninitialized var in hlua_core_get_var()
  • BUG/MINORjwtfix jwt_verify crash on 32-bit archs
  • BUG/MEDIUMclisome err/warn msg dumps add LR into CSV output on stat's CLI
  • MINORmux-h2/tracesadd a missing trace on connection WU with negative inc
  • BUG/MEDIUMmux-h2refine connection vs stream error on headers
  • DOCconfigurationfix set-dst in actions keywords matrix
  • BUG/MINORh3fix checking on NULL Tx buffer
  • BUG/MEDIUMquickeylog callback not called (USE_OPENSSL_COMPAT)
  • BUG/MINORmux-h2also count streams for refused ones
  • BUG/MINORmux-quicdo not prevent non-STREAM sending on flow control
  • BUILDquicmissing include for quic_tp
  • DOCconfigurationcorrected description of keyword tune.ssl.ocsp-update.mindelay
  • REGTESTSadd a test to ensure map-ordering is preserved
  • BUG/MINORmaplist-based matching potential ordering regression
  • CLEANUPquicDouble quic_dgram_parse() prototype declaration.
  • MINORsslUpdate ssl_fc_curve/ssl_bc_curve to use SSL_get0_group_name
  • MINORotlogsrv struct becomes logger
  • MINORmux-h2support limiting the total number of H2 streams per connection
  • BUG/MEDIUMspoeNever create new spoe applet if there is no server up
  • BUG/MEDIUMstconnSet fsb date if zero-copy forwarding is blocked during nego
  • BUG/MEDIUMstconnForward shutdown on write timeout only if it is forwardable
  • BUG/MEDIUMh3fix incorrect snd_buf return value
  • BUILDquicMissing quic_ssl.h header protection
  • CLEANUPquicRemaining useless code into server part
  • REGTESTScheck attach-srv out of order declaration
  • MINORdebugadd features and build options to show dev
  • MINORglobalexport a way to list build options
  • CIuse semantic version compare for determing latest OpenSSL
  • BUG/MINORh3disable fast-forward on buffer alloc failure
  • BUG/MINORh3close connection on sending alloc errors
  • BUG/MINORh3properly handle alloc failure on finalize
  • MINORh3add traces for connection init stage
  • BUG/MINORh3close connection on header list too big
  • MINORh3check connection error during sending
  • BUG/MINORquicMissing call to TLS message callbacks
  • BUG/MINORquicWrong keylog callback setting.
  • BUG/MINORmux-quicdisable fast-fwd if connection on error
  • BUG/MINORmux-quicalways report error to SC on RESET_STREAM emission
  • DOCfix typo for fastfwd QUIC option
  • BUG/MINORserver/event_hdlpropagate map port info through inetaddr event
  • MINORserver/event_hdlupdate _srv_event_hdl_prepare_inetaddr prototype
  • MINORserver/event_hdladd server_inetaddr struct to facilitate event data usage
  • BUG/MEDIUMstatsunhandled switching rules with TCP frontend
  • MINORstatsstore the parent proxy in stats ctx (http)
  • BUG/MAJORstconnDisable zero-copy forwarding if consumer is shut or in error
  • BUG/MINORserverUse the configured address family for the initial resolution

#2024/01/17 : 2.9r1 (1.0.0-311.64)

  • HAPEEudpupdate structs and functions required for the UDP module
  • MEDIUMudpallow to retrieve the frontend destination address
  • MINORtcpcheckexport proxy_parse_tcpcheck()
  • MINORbackendexport get_server_*() functions
  • BUILDhapee/addonsfix build without USE_QUIC=1
  • HAPEEmakefileautomatically build objects in addons/hapee_*
  • HAPEEmakefileupdate the cleanup rule to also remove *.i from addons
  • HAPEEaddonsquic CID in -vv
  • HAPEEaddonsadds quic CID generator to interop with packetshield
  • MINORhapee/WURFLtransfer error status from the _wurfl_reload() function
  • MINORhapee/WURFLadded live update database function
  • MINORhapee/WURFLadded custom API log function
  • MINORhapee/WURFLadded function to check correct module initialization
  • BUG/MINORhapee/WURFLcorrected version check of used wurfl library
  • BUILDhapee/darepaired build in case of using old DeviceAtlas library
  • MINORhapee/daadd function that allow data reload
  • MINORhapee/daadd spin locking
  • MINORhapee/daadd support for loading a precompiled json data
  • MEDIUMhapee/daRevert MEDIUM: da: update module to handle schedule mode.
  • MINORhapee/51dadd function that returns path to 51Degrees data file
  • MINORhapee/51dadd function that allow data reload
  • BUG/MINORhapee/51dadd spin locking
  • BUILDhapee/51dfix error when building with 51Degrees enabled
  • BUG/MEDIUMhapee/51dfix a segfault on exit when 51d configuration is not loaded
  • MEDIUMhapee/51duse fiftyoneDegreesProvider to access the pool and dataset
  • DOCconfigUpdate documentation about local haproxy response
  • BUG/MINORresolversdefault resolvers fails when network not configured
  • DOCconfigalso add arguments to the converters in the table
  • DOCconfigadd arguments to sample fetch methods in the table
  • BUG/MEDIUMmux-quicreport early error on stream
  • BUG/MEDIUMmux-h2Report too large HEADERS frame only when rxbuf is empty
  • CLEANUPmux-h1Fix a trace message about C-L header addition
  • BUG/MEDIUMmux-h1Explicitly skip request's C-L header if not set originally
  • BUG/MEDIUMmux-h1Cound data from input buf during zero-copy forwarding
  • BUG/MEDIUMstconnBlock zero-copy forwarding if EOS/ERROR on consumer side
  • BUG/MEDIUMquicQUIC CID removed from tree without locking
  • BUG/MINORext-checkcannot use without preserve-env
  • BUG/MEDIUMmap/aclpat_ref_{set,delete}_by_id regressions
  • BUILDsslupdate types in wolfssl cert selection callback
  • BUG/MEDIUMquicPossible buffer overflow when building TLS records
  • BUG/MINORmworker/clifix set severity-output support
  • DOCconfigurationtypo req.ssl_hello_type
  • BUG/MINORluaWrong OCSP CID after modifying an SSL certficate (LUA)
  • BUG/MINORsslWrong OCSP CID after modifying an SSL certficate
  • MINORssl/cliAdd ha_(warning|alert) msgs to CLI ckch callback
  • BUG/MINORsslDouble free of OCSP Certificate ID
  • MEDIUMhapeedoes not pass OPTION_LDFLAGS to modules
  • MINORhapee/modulescheck if we generate the API hash correctly
  • BUG/MINORhapee/modulesadjust include match() in gen-modules-config-h.awk
  • BUG/MINORhapee/modulesinitialize the module head list
  • BUILDhapee/modulesselect either md5 or md5sum
  • MEDIUMhapee/modulesload the STG_REGISTER initcalls
  • BUG/MINORhapee/modulesdisplay detailed error message on mod_init() failure
  • MINORhapee/modulesadd a new label MODULES_LOCK to the lock_label enum
  • MINORhapee/modulesadd the ability to register variable and functions.
  • MEDIUMhapee/modules'modules list' on the cli shows currently loaded modules
  • MINORhapee/modulesterminate properly loaded modules if possible
  • MEDIUMhapee/modulesadd memory reservation support for the modules
  • MINORhapeechange URLs for 2.9r1
  • BUILDhapee/modulesupdate HAPEE version macro to 2.9r1
  • BUILDhapee/modulesadd macros to compute numerical value of a HAPEE version
  • BUILDhapee/modulesadd version of the module in the defines
  • MEDIUMhapee/modulesadd modules support
  • MINORversionmention that it's stable now
×

About the new layout

For 2025, we're happy to introduce a redesigned HAProxy Configuration Manual!

The new manual enhances the user experience by providing more help for keywords, including more details about context, usage, and syntax. New search filters help you find keywords faster, with separate coverage for each variant.

If you would prefer to use the older layout click here.