Build latest HAProxy binary for CentOS/RHEL 6/7/8/9 with prometheus metrics support
trash
build regressionif
blocks instead of conditional expressions in matrix.pyGITHUB_TOKEN
name across matrix.py and vtest.ymlNone
in matrix.pymatrix.py
using black
2022/12/02 : 2.6.7
- REGTESTS: 4be_1srv_smtpchk_httpchk_layer47errors: Return valid SMTP replies
- BUG/MINOR: hlua: Remove \n in Lua error message built with memprintf
- BUG/MINOR: stream: Perform errors handling in right order in stream_new()
- BUG/MEDIUM: stconn: Reset SE descriptor when we fail to create a stream
- BUG/MEDIUM: resolvers: Remove aborted resolutions from query_ids tree
- BUG/MINOR: hlua: fixing hlua_http_msg_del_data behavior
- BUG/MINOR: hlua: fixing hlua_http_msg_insert_data behavior
- BUG/MINOR: hlua: _hlua_http_msg_delete incorrect behavior when offset is used
- DOC: management: httpclient can resolve server names in URLs
- BUG/MAJOR: conn-idle: fix hash indexing issues on idle conns
- BUG/MINOR: backend: only enforce turn-around state when not redispatching
- BUG/MINOR: checks: update pgsql regex on auth packet
- DOC: config: Fix pgsql-check documentation to make user param mandatory
- CLEANUP: mux-quic: remove usage of non-standard ull type
- CLEANUP: quic: remove global var definition in quic_tls header
- BUG/MINOR: quic: adjust quic_tls prototypes
- CLEANUP: quic: fix headers
- CLEANUP: quic: remove unused function prototype
- CLEANUP: quic: remove duplicated varint code from xprt_quic.h
- CLEANUP: quic: create a dedicated quic_conn module
- BUG/MINOR: mux-quic: ignore STOP_SENDING for locally closed stream
- BUG/MEDIUM: lua: Don't crash in hlua_lua2arg_check on failure
- BUG/MEDIUM: lua: handle stick table implicit arguments right.
- BUILD: h1: silence an initiialized warning with gcc-4.7 and -Os
- MINOR: fd: add a new function to only raise RLIMIT_NOFILE
- MINOR: init: do not try to shrink existing RLIMIT_NOFIlE
- BUG/MINOR: http-fetch: Update method after a prefetch in smp_fetch_meth()
- BUILD: http_fetch: silence an uninitiialized warning with gcc-4/5/6 at -Os
- BUG/MINOR: hlua: hlua_channel_insert_data() behavior conflicts with documentation
- MINOR: quic: limit usage of ssl_sock_ctx in favor of quic_conn
- MINOR: mux-quic: check quic-conn return code on Tx
- CLEANUP: quic: fix indentation
- BUG/MINOR: mux-h1: Account consumed output data on synchronous connection error
- MINOR: smtpchk: Update expect rule to fully match replies to EHLO commands
- BUG/MINOR: smtpchk: SMTP Service check should gracefully close SMTP transaction
- BUG/MINOR: config: don't count trailing spaces as empty arg (v2)
- BUG/MEDIUM: config: count line arguments without dereferencing the output
- MEDIUM: quic: retrieve frontend destination address
- CLEANUP: quic/receiver: remove the now unused tx_qring list
- BUG/MINOR: quic: set IP_PKTINFO socket option for QUIC receivers only
- DOC: configuration: missing 'if' in tcp-request content example
- BUG/MAJOR: stick-tables: do not try to index a server name for applets
- BUG/MINOR: server: make sure "show servers state" hides private bits
- MINOR: quic: New quic_cstream object implementation
- MINOR: quic: Extract CRYPTO frame parsing from qc_parse_pkt_frms()
- MINOR: quic: Use a non-contiguous buffer for RX CRYPTO data
- BUG/MINOR: quic: Stalled 0RTT connections with big ClientHello TLS message
- MINOR: quic: Split the secrets key allocation in two parts
- CLEANUP: quic: remove unused rxbufs member in receiver
- CLEANUP: quic: improve naming for rxbuf/datagrams handling
- MINOR: quic: implement datagram cleanup for quic_receiver_buf
- BUILD: ssl_sock: bind_conf uninitialized in ssl_sock_bind_verifycbk()
- BUG/MEDIUM: httpclient: Don't set EOM flag on an empty HTX message
- MINOR: httpclient/lua: Don't set req_payload callback if body is empty
- CI: Replace the deprecated ::set-output
command by writing to $GITHUB_OUTPUT in matrix.py
- CI: Replace the deprecated ::set-output
command by writing to $GITHUB_OUTPUT in workflow definition
- BUILD: quic: QUIC mux build fix for 32-bit build
- BUG/MEDIUM: httpclient: segfault when the httpclient parser fails
- BUILD: ssl_sock: fix null dereference for QUIC build
- BUILD: quic: Fix build for m68k cross-compilation
- BUG/MINOR: quic: fix buffer overflow on retry token generation
- MINOR: quic: add version field on quic_rx_packet
- MINOR: quic: extend pn_offset field from quic_rx_packet
- MINOR: quic: define first packet flag
- MINOR: quic: extract connection retrieval
- MINOR: quic: split and rename qc_lstnr_pkt_rcv()
- MINOR: quic: refactor packet drop on reception
- MINOR: quic: extend Retry token check function
- BUG/MINOR: log: Preserve message facility when the log target is a ring buffer
- BUG/MINOR: ring: Properly parse connect timeout
- BUG/MEDIUM: httpclient/lua: crash when the lua task timeout before the httpclient
- BUG/MEDIUM: httpclient: check if the httpclient was released in the IO handler
- REGTESTS: httpclient/lua: test the lua task timeout with the httpclient
- CI: github: dump the backtrace of coredumps in the alpine container
- BUILD: Makefile: add "USE_SHM_OPEN" on the linux-musl target
- BUG/MINOR: mux-quic: complete flow-control for uni streams
- BUG/MEDIUM: compression: handle rewrite errors when updating response headers
- MINOR: quic: do not crash on unhandled sendto error
- MINOR: quic: display unknown error sendto counter on stat page
- BUG/MINOR: sink: Only use backend capability for the sink proxies
- BUG/MINOR: sink: Set default connect/server timeout for implicit ring buffers
- CI: SSL: use proper version generating when "latest" semantic is used
- CI: SSL: temporarily stick to LibreSSL=3.5.3
- DOC: management: add forgotten "show startup-logs"
- DOC: lua: add a note about compression w/ httpclient
- BUG/MAJOR: stick-table: don't process store-response rules for applets
- BUG/MEDIUM: stick-table: fix a race condition when updating the expiration task
- MINOR: quic: remove unnecessary quic_session_accept()
- BUG/MINOR: quic: fix subscribe operation
- BUG/MINOR: log: fixing bug in tcp syslog_io_handler Octet-Counting
- BUG/MINOR: quic: fix race condition on datagram purging
- CI: add monthly gcc cross compile jobs
- BUG/MINOR: httpclient: fixed memory allocation for the SSL ca_file
- BUG/MINOR: ssl: Memory leak of DH BIGNUM fields
- BUG/MINOR: ssl: Memory leak of AUTHORITY_KEYID struct when loading issuer
- BUG/MINOR: ssl: ocsp structure not freed properly in case of error
- CI: switch to the "latest" LibreSSL
- CI: enable QUIC for LibreSSL builds
- CI: emit the compiler's version in the build reports
- BUG/MEDIUM: wdt/clock: properly handle early task hangs
- BUG/MINOR: http-htx: Fix error handling during parsing http replies
- BUG/MINOR: resolvers: Don't wait periodic resolution on healthcheck failure
- BUG/MINOR: resolvers: Set port before IP address when processing SRV records
- BUG/MINOR: mux-fcgi: Be sure to send empty STDING record in case of zero-copy
- BUG/MEDIUM: mux-fcgi: Avoid value length overflow when it doesn't fit at once
- BUG/MINOR: mux-h1: Do not send a last null chunk on body-less answers
- REG-TESTS: cache: Remove T-E header for 304-Not-Modified responses
- DOC: config: fix alphabetical ordering of global section
- BUG/MEDIUM: ring: fix creation of server in uninitialized ring
- BUILD: quic: fix dubious 0-byte overflow on qc_release_lost_pkts
- BUG/MINOR: pool/cli: use ullong to report total pool usage in bytes
- BUG/MEDIUM: listener: Fix race condition when updating the global mngmt task
- BUG/MINOR: http_ana/txn: don't re-initialize txn and req var lists
- BUG/MEDIUM: raw-sock: Don't report connection error if something was received
- BUG/MINOR: ssl: don't initialize the keylog callback when not required
- BUG/MEDIUM: peers: messages about unkown tables not correctly ignored
- BUILD: peers: Remove unused variables
- MINOR: ncbuf: complete doc for ncb_advance()
- BUG/MEDIUM: quic: fix unsuccessful handshakes on ncb_advance error
- BUG/MEDIUM: quic: fix memleak for out-of-order crypto data
- MINOR: quic: complete traces/debug for handshake
- BUG/MAJOR: quic: Crash upon retransmission of dgrams with several packets
- BUG/MAJOR: quic: Crash after discarding packet number spaces
- DOC: configuration: fix quic prefix typo
- MINOR: quic: report error if force-retry without cluster-secret
- MINOR: global: generate random cluster.secret if not defined
- BUG/MINOR: server/idle: at least use atomic stores when updating max_used_conns
- BUILD: listener: fix build warning on global_listener_rwlock without threads
- DOC: quic: add note on performance issue with listener contention
- BUG/MINOR: cfgparse-listen: fix ebpt_next_dup pointer dereference on proxy "from" inheritance
- BUG/MINOR: log: fix parse_log_message rfc5424 size check
- BUG/MINOR: http-htx: Don't consider an URI as normalized after a set-uri action
- BUILD: http-htx: Silent build error about a possible NULL start-line
- DOC: configuration.txt: add default_value for table_idle signature
- BUILD: ssl-sock: Silent error about NULL deref in ssl_sock_bind_verifycbk()
- BUG/MINOR: mux-h1: Fix handling of 408-Request-Time-Out
- DOC: configuration.txt: fix typo in table_idle signature
- BUG/MEDIUM: quic: fix datagram dropping on queueing failed
- MINOR: ssl: enhance ca-file error emitting
- MINOR: ssl: forgotten newline in error messages on ca-file
- BUG/MINOR: ssl: shut the ca-file errors emitted during httpclient init
- Revert "BUG/MINOR: http-htx: Don't consider an URI as normalized after a set-uri action"
- DOC: config: provide some configuration hints for "http-reuse"
- DOC: config: refer to section about quoting in the "add_item" converter
- DOC: config: clarify the fact that SNI should not be used in HTTP scenarios
- DOC: config: mention that a single monitor-uri rule is supported
- DOC: config: explain how default matching method for ACL works
- DOC: config: clarify the fact that "retries" is not just for connections
- DOC: config: clarify the -m dir and -m dom pattern matching methods
- SCRIPTS: announce-release: add a link to the data plane API
- CLEANUP: ncbuf: remove ncb_blk args by value
- CLEANUP: ncbuf: inline small functions
- CLEANUP: ncbuf: use standard BUG_ON with DEBUG_STRICT
- BUG/MINOR: quic: Endless loop during retransmissions
- MINOR: mux-h2: add the expire task and its expiration date in "show fd"
- MINOR: mux-h1: add the expire task and its expiration date in "show fd"
December, 1st, 2022 : HAProxy 2.7.0 release Please see the announnce for more details and/or consult the HAProxyTech blog article for more details.
Full Changelog: https://github.com/philyuchkoff/HAProxy-2-RPM-builder/compare/2.6.6...2.7.0
2022/09/22 : 2.6.6 - MEDIUM: peers: limit the number of updates sent at once - MINOR: Revert part of clarifying samples support per os commit - BUILD: makefile: enable crypt(3) for NetBSD - BUG/MINOR: quic: Retransmitted frames marked as acknowledged - BUG/MINOR: quic: Possible crash with "tls-ticket-keys" on QUIC bind lines - BUG/MINOR: h1: Support headers case adjustment for TCP proxies - BUG/MINOR: quic: Possible crash when verifying certificates - BUILD: quic: add some ifdef around the SSL_ERROR_* for libressl - BUILD: ssl: fix ssl_sock_switchtx_cbk when no client_hello_cb - BUILD: quic: temporarly ignore chacha20_poly1305 for libressl - BUILD: quic: enable early data only with >= openssl 1.1.1 - BUILD: ssl: fix the ifdef mess in ssl_sock_initial_ctx - BUILD: quic: fix the #ifdef in ssl_quic_initial_ctx() - MINOR: quic: add QUIC support when no client_hello_cb - MINOR: quic: Add traces about sent or resent TX frames - MINOR: quic: No TRACE_LEAVE() in retrieve_qc_conn_from_cid() - BUG/MINOR: quic: Wrong connection ID to thread ID association - BUG/MINOR: task: always reset a new tasklet's call date - BUG/MINOR: task: make task_instant_wakeup() work on a task not a tasklet - MINOR: task: permanently enable latency measurement on tasklets - CLEANUP: task: rename ->call_date to ->wake_date - BUG/MINOR: task: Fix detection of tasks profiling in tasklet_wakeup_after() - BUG/MINOR: sched: properly account for the CPU time of dying tasks - MINOR: sched: store the current profile entry in the thread context - BUG/MINOR: stream/sched: take into account CPU profiling for the last call - BUG/MINOR: signals/poller: set the poller timeout to 0 when there are signals - BUG/MINOR: quic: Speed up the handshake completion only one time - BUG/MINOR: quic: Trace fix about packet number space information. - BUG/MINOR: h3: Crash when h3 trace verbosity is "minimal" - MINOR: h3: Add the quic_conn object to h3 traces - MINOR: h3: Missing connection argument for a TRACE_LEAVE() argument - MINOR: h3: Send the h3 settings with others streams (requests) - BUG/MINOR: signals/poller: ensure wakeup from signals - CI: cirrus-ci: bump FreeBSD image to 13-1 - DEV: flags: fix usage message to reflect available options - DEV: flags: add missing CO_FL_FDLESS connection flag - BUG/MEDIUM: proxy: ensure pause_proxy() and resume_proxy() own PROXY_LOCK - MINOR: listener: small API change - MINOR: proxy/listener: support for additional PAUSED state - BUG/MINOR: stats: fixing stat shows disabled frontend status as 'OPEN' - CLEANUP: pollers: remove dead code in the polling loop - BUG/MINOR: mux-h1: Increment open_streams counter when H1 stream is created - REGTESTS: healthcheckmail: Relax matching on the healthcheck log message - CLEANUP: listener: function comment typo in stop_listener() - BUG/MINOR: listener: null pointer dereference suspected by coverity - REGTESTS: log: test the log-forward feature - BUG/MEDIUM: sink: bad init sequence on tcp sink from a ring. - REGTESTS: ssl/log: test the log-forward with SSL - DOC: fix TOC in starter guide for subsection 3.3.8. Statistics - MEDIUM: quic: separate path for rx and tx with set_encryption_secrets - BUG/MEDIUM: mux-quic: fix crash on early app-ops release - CLEANUP: mux-quic: remove stconn usage in h3/hq - BUG/MINOR: mux-quic: do not remotely close stream too early - BUG/MEDIUM: server: segv when adding server with hostname from CLI - CLEANUP: quic,ssl: fix tiny typos in C comments - BUG/MEDIUM: captures: free() an error capture out of the proxy lock - BUILD: fd: fix a build warning on the DWCAS - SCRIPTS: announce-release: update some URLs to https - BUG/MEDIUM: mux-quic: fix nb_hreq decrement - BUG/MINOR: mux-quic: do not keep detached qcs with empty Tx buffers - REORG: mux-quic: extract traces in a dedicated source file - REORG: mux-quic: export HTTP related function in a dedicated file - MINOR: mux-quic: refactor snd_buf - BUG/MEDIUM: mux-quic: properly trim HTX buffer on snd_buf reset - REGTESTS: ssl: adopt tests to OpenSSL-3.0.N - REGTESTS: ssl: adopt tests to OpenSSL-3.0.N - REGTESTS: ssl: fix grep invocation to use extended regex in ssl_generate_certificate.vtc - BUG/MINOR: log: improper behavior when escaping log data
2022/09/03 : 2.6.5
- BUG/MINOR: quic: Wrong list_for_each_entry() use when building packets from qc_do_build_pkt()
- BUG/MINOR: quic: Safer QUIC frame builders
- BUILD: tcp_sample: fix build of get_tcp_info() on OpenBSD
- BUG/MINOR: resolvers: return the correct value in resolvers_finalize_config()
- BUG/MINOR: mworker: does not create the "default" resolvers in wait mode
- BUG/MINOR: tcpcheck: Disable QUICKACK only if data should be sent after connect
- REGTESTS: Fix prometheus script to perform HTTP health-checks
- MINOR: resolvers: shut the warning when "default" resolvers is implicit
- BUG/MINOR: quic: Leak in qc_release_lost_pkts() for non in flight TX packets
- BUG/MINOR: quic: Stalled connections (missing I/O handler wakeup)
- CLEANUP: quic: No more use ->rx_list MT_LIST entry point (quic_rx_packet)
- CLEANUP: quic: Remove a useless check in qc_lstnr_pkt_rcv()
- DOC: configuration: do-resolve doesn't work with a port in the string
- MINOR: sample: add the host_only and port_only converters
- BUG/MINOR: httpclient: fix resolution with port
- DOC: configuration.txt: do-resolve must use host_only to remove its port.
- BUG/MINOR: quic: Frames added to packets even if not built.
- BUG/MEDIUM: spoe: Properly update streams waiting for a ACK in async mode
- BUG/MEDIUM: peers: Add connect and server timeut to peers proxy
- BUG/MEDIUM: peers: Don't use resync timer when local resync is in progress
- BUG/MEDIUM: peers: Don't start resync on reload if local peer is not up-to-date
- BUG/MINOR: hlua: Rely on CF_EOI to detect end of message in HTTP applets
- MINOR: quic: Replace MT_LISTs by LISTs for RX packets.
- BUG/MEDIUM: applet: fix incorrect check for abnormal return condition from handler
- BUG/MINOR: applet: make the call_rate only count the no-progress calls
- MINOR: quic: Add a trace to distinguish the datagram from the packets inside
- BUG/MINOR: tcpcheck: Disable QUICKACK for default tcp-check (with no rule)
- BUG/MINOR: ssl: fix deinit of the ca-file tree
- BUG/MINOR: ssl: leak of ckch_inst_link in ckch_inst_free()
- BUG/MEDIUM: ssl: Fix a UAF when old ckch instances are released
- MINOR: quic: Revert recent QUIC commits
- BUG/MINOR: ssl: revert two wrong fixes with ckhi_link
- BUG/MEDIUM: mux-h1: do not refrain from signaling errors after end of input
- BUG/MINOR: dev/udp: properly preset the rx address size
- MINOR: connection: support HTTP/3.0 for smp_*_http_major fetch
- CLEANUP: Re-apply xalloc_size.cocci (2)
- MINOR: mux-quic: simplify decode_qcs API
- MINOR: mux-quic/h3: adjust demuxing function return values
- BUG/MINOR: h3: fix return value on decode_qcs on error
- BUG/MINOR: h3: fix incorrect BUG_ON assert on SETTINGS parsing
- BUG/MEDIUM: h3: fix SETTINGS parsing
- MINOR: mux-quic: complete BUG_ON on TX flow-control enforcing
- CLEANUP: quic: use task_new_on() for single-threaded tasks
- MINOR: qpack: reduce dependencies on other modules
- MINOR: qpack: add ABORT_NOW on unimplemented decoding
- MINOR: qpack: improve decoding function
- MINOR: quic: Add several nonce and key definitions for Retry tag
- MINOR: quic: Parse long packet version from qc_parse_hd_form()
- CLEANUP: quid: QUIC draft-28 no more supported
- MEDIUM: quic: Add QUIC v2 draft support
- MINOR: quic: Released QUIC TLS extension for QUIC v2 draft
- MEDIUM: quic: Compatible version negotiation implementation (draft-08)
- CLEANUP: quic: Remove any reference to boringssl
- BUILD: quic: Wrong HKDF label constant variable initializations
- BUG/MINOR: qpack: abort on dynamic index field line decoding
- MINOR: quic: Dump version_information transport parameter
- CLEANUP: pool/quic: remove suffix "_pool" from certain pool names
- BUG/MINOR: qpack: fix build with QPACK_DEBUG
- BUG/MINOR: qpack: abort on dynamic index field line decoding
- CLEANUP: mux-quic: adjust comment on qcs_consume()
- CLEANUP: mux-quic: do not export qc_get_ncbuf
- REORG: mux-quic: reorganize flow-control fields
- MINOR: mux-quic: implement accessor for sedesc
- MEDIUM: mux-quic: refactor streams opening
- MINOR: mux-quic: rename qcs flag FIN_RECV to SIZE_KNOWN
- MINOR: mux-quic: emit FINAL_SIZE_ERROR on invalid STREAM size
- REORG: mux-quic: rename stream initialization function
- MINOR: mux-quic: rename stream purge function
- MINOR: mux-quic: add traces on frame parsing functions
- MINOR: mux-quic: implement qcs_alert()
- MINOR: mux-quic: filter send/receive-only streams on frame parsing
- MINOR: mux-quic: do not ack STREAM frames on unrecoverable error
- MINOR: mux-quic: support stream opening via MAX_STREAM_DATA
- MINOR: mux-quic: define basic stream states
- MINOR: mux-quic: use stream states to mark as detached
- MEDIUM: mux-quic: implement RESET_STREAM emission
- MEDIUM: mux-quic: implement STOP_SENDING handling
- CLEANUP: quic: clean up include on quic_frame-t.h
- MINOR: quic: define a generic QUIC error type
- MINOR: mux-quic: support app graceful shutdown
- MINOR: mux-quic/h3: prepare CONNECTION_CLOSE on release
- MEDIUM: quic: send CONNECTION_CLOSE on released MUX
- CLEANUP: mux-quic: move qc_release()
- MINOR: mux-quic: send one last time before release
- MINOR: h3: store control stream in h3c
- MINOR: h3: implement graceful shutdown with GOAWAY
- MINOR: mux-quic: save proxy instance into qcc
- MINOR: mux-quic: use timeout server for backend conns
- MEDIUM: mux-quic: adjust timeout refresh
- MINOR: mux-quic: count in-progress requests
- MEDIUM: mux-quic: implement http-keep-alive timeout
- MINOR: h3: support HTTP request framing state
- MINOR: mux-quic: refresh timeout on frame decoding
- MINOR: mux-quic: refactor refresh timeout function
- MEDIUM: mux-quic: implement http-request timeout
- MINOR: quic: Add two new stats counters for sendto() errors
- BUG/MINOR: quic: adjust errno handling on sendto
- MINOR: quic: Replace pool_zalloc() by pool_malloc() for fake datagrams
- MINOR: quic: replace custom buf on Tx by default struct buffer
- MINOR: quic: release Tx buffer on each send
- MINOR: quic: refactor datagram commit in Tx buffer
- MINOR: quic: skip sending if no frame to send in io-cb
- BUG/MINOR: mux-quic: open stream on STOP_SENDING
- BUG/MINOR: quic: fix crash on handshake io-cb for null next enc level
- MEDIUM: quic: xprt traces rework
- MINOR: quic: Remove useless lock for RX packets
- CLEANUP: quic: Remove trailing spaces
- MINOR: mux-quic: adjust enter/leave traces
- MINOR: mux-quic: define protocol error traces
- CLEANUP: mux-quic: adjust traces level
- MINOR: mux-quic: define new traces
- BUG/MEDIUM: mux-quic: fix crash due to invalid trace arg
- BUG/MEDIUM: quic: Possible use of uninitialized