1ChangeLog : 2=========== 3 42021/04/12 : 1.8.30 5 - MINOR: time: also provide a global, monotonic global_now_ms timer 6 - BUG/MEDIUM: freq_ctr/threads: use the global_now_ms variable 7 - BUG/MEDIUM: time: make sure to always initialize the global tick 8 - MINOR: tools: make url2ipv4 return the exact number of bytes parsed 9 - BUG/MINOR: http_fetch: make hdr_ip() reject trailing characters 10 - BUG/MINOR: tcp: fix silent-drop workaround for IPv6 11 - BUILD: tcp: use IPPROTO_IPV6 instead of SOL_IPV6 on FreeBSD/MacOS 12 - BUG/MINOR: http_fetch: make hdr_ip() resistant to empty fields 13 142021/03/19 : 1.8.29 15 - BUG/MINOR: sample: Memory leak of sample_expr structure in case of error 16 - BUILD/MINOR: lua: define _GNU_SOURCE for LLONG_MAX 17 - BUG/MINOR: config: fix leak on proxy.conn_src.bind_hdr_name 18 - DOC: management: fix "show resolvers" alphabetical ordering 19 - BUG/MINOR: stick-table: Always call smp_fetch_src() with a valid arg list 20 - BUG/MINOR: xxhash: make sure armv6 uses memcpy() 21 - CLEANUP: remove unused src/cfgparse-listen.c 22 - BUG/MINOR: server: re-align state file fields number 23 - BUG/MINOR: server: Fix server-state-file-name directive 24 - CLEANUP: deinit: release global and per-proxy server-state variables on deinit 25 - BUG/MEDIUM: config: don't pick unset values from last defaults section 26 - BUG/MINOR: server: Don't call fopen() with server-state filepath set to NULL 27 - CLEANUP: channel: fix comment in ci_putblk. 28 - BUG/MINOR: server: Remove RMAINT from admin state when loading server state 29 - BUG/MINOR: session: atomically increment the tracked sessions counter 30 - BUG/MINOR: checks: properly handle wrapping time in __health_adjust() 31 - BUG/MINOR: sample: Always consider zero size string samples as unsafe 32 - BUG/MINOR: server: Init params before parsing a new server-state line 33 - BUG/MINOR: server: Be sure to cut the last parsed field of a server-state line 34 - BUG/MEDIUM: proxy: use thread-safe stream killing on hard-stop 35 - BUG/MEDIUM: cli/shutdown sessions: make it thread-safe 36 - BUG/MINOR: http-ana: Only consider dst address to process originalto option 37 - BUG/MINOR: tcp-act: Don't forget to set the original port for IPv4 set-dst rule 38 - BUG/MINOR: connection: Use the client's dst family for adressless servers 39 - BUG/MEDIUM: spoe: Kill applets if there are pending connections and nbthread > 1 40 - BUG/MAJOR: spoe: Be sure to remove all references on a released spoe applet 41 - BUG/MEDIUM: spoe: Explicitly wakeup SPOE stream if waiting for more data 42 - DOC: spoe: Add a note about fragmentation support in HAProxy 43 - BUG/MEDIUM: dns: Consider the fact that dns answers are case-insensitive 44 - BUG/MINOR: hlua: Don't strip last non-LWS char in hlua_pushstrippedstring() 45 - BUG/MINOR: ssl: don't truncate the file descriptor to 16 bits in debug mode 46 - BUG/MEDIUM: session: NULL dereference possible when accessing the listener 47 - BUG/MEDIUM: filters: Set CF_FL_ANALYZE on channels when filters are attached 48 - BUG/MINOR: proxy/session: Be sure to have a listener to increment its counters 49 - CLEANUP: tcp-rules: add missing actions in the tcp-request error message 50 - BUG/MINOR: resolvers: Consider server to have no IP on DNS resolution error 51 - BUG/MINOR: resolvers: Add missing case-insensitive comparisons of DNS hostnames 52 - MINOR: time: export the global_now variable 53 - OPTIM: freq-ctr: don't take the date lock for most updates 54 - BUG/MINOR: freq_ctr/threads: make use of the last updated global time 55 562021/01/13 : 1.8.28 57 - BUG/MINOR: config: copy extra cookie attributes from dfl proxy 58 - BUG/MINOR: http-fetch: Extract cookie value even when no cookie name 59 - BUG/MINOR: http-fetch: Fix calls w/o parentheses of the cookie sample fetches 60 - MINOR: spoe: Don't close connection in sync mode on processing timeout 61 - DOC: config: Move req.hdrs and req.hdrs_bin in L7 samples fetches section 62 - BUG/MINOR: lua: lua-load doesn't check its parameters 63 - BUG/MINOR: lua: Post init register function are not executed beyond the first one 64 - BUG/MINOR: lua: Some lua init operation are processed unsafe 65 - MINOR: actions: Export actions lookup functions 66 - MINOR: actions: add a function returning a service pointer from its name 67 - MINOR: cli: add a function to look up a CLI service description 68 - BUG/MINOR: lua: warn when registering action, conv, sf, cli or applet multiple times 69 - DOC/MINOR: Fix formatting in Management Guide 70 - DOC: email change of the DeviceAtlas maintainer 71 - BUG/MINOR: tools: make parse_time_err() more strict on the timer validity 72 - BUG/MINOR: tools: Reject size format not starting by a digit 73 - BUG/MEDIUM: lb-leastconn: Reposition a server using the right eweight 74 - CLEANUP: lua: Remove declaration of an inexistant function 75 - CLEANUP: stream: remove an obsolete debugging test 76 - BUG/MEDIUM: mworker: fix again copy_argv() 77 - BUILD: Makefile: have "make clean" destroy .o/.a/.s in contrib subdirs as well 78 - CONTRIB: halog: fix build issue caused by %L printf format 79 - CONTRIB: halog: mark the has_zero* functions unused 80 - CONTRIB: halog: fix signed/unsigned build warnings on counts and timestamps 81 - BUILD: plock: remove dead code that causes a warning in gcc 11 82 - BUILD: hpack: hpack-tbl-t.h uses VAR_ARRAY but does not include compiler.h 83 - MINOR: atomic: don't use ; to separate instruction on aarch64. 84 - BUG/MINOR: cfgparse: Fail if the strdup() for `rule->be.name` for `use_backend` fails 85 - SCRIPTS: improve announce-release to support different tag and versions 86 - SCRIPTS: make announce release support preparing announces before tag exists 87 - BUG/MINOR: srv: do not init address if backend is disabled 88 - DOC: fix some spelling issues over multiple files 89 - SCRIPTS: announce-release: fix typo in help message 90 912020/11/06 : 1.8.27 92 - BUG/MINOR: dns: ignore trailing dot 93 - BUG/MEDIUM: mux-h2: Don't fail if nothing is parsed for a legacy chunk response 94 - BUG/MEDIUM: map/lua: Return an error if a map is loaded during runtime 95 - BUG/MINOR: lua: Check argument type to convert it to IPv4/IPv6 arg validation 96 - BUG/MINOR: lua: Check argument type to convert it to IP mask in arg validation 97 - BUG/MINOR: stats: use strncmp() instead of memcmp() on health states 98 - BUG/MINOR: reload: do not fail when no socket is sent 99 - BUG/MINOR: startup: haproxy -s cause 100% cpu 100 - BUG/MEDIUM: ssl: check OCSP calloc in ssl_sock_load_ocsp() 101 - BUG/MINOR: threads: work around a libgcc_s issue with chrooting 102 - BUILD: thread: limit the libgcc_s workaround to glibc only 103 - MINOR: Commit .gitattributes 104 - CLEANUP: Update .gitignore 105 - BUILD: threads: better workaround for late loading of libgcc_s 106 - BUG/MEDIUM: pattern: Renew the pattern expression revision when it is pruned 107 - BUG/MEDIUM: pattern: fix memory leak in regex pattern functions 108 - BUG/MEDIUM: ssl: does not look for all SNIs before chosing a certificate 109 - BUG/MINOR: ssl: verifyhost is case sensitive 110 - BUG/MEDIUM: h2: report frame bits only for handled types 111 - BUG/MINOR: config: Fix memory leak on config parse listen 112 - BUG/MEDIUM: listeners: do not pause foreign listeners 113 - DOC: agent-check: fix typo in "fail" word expected reply 114 - REGTESTS: add a few load balancing tests 115 - REGTEST: fix host part in balance-uri-path-only.vtc 116 - REGTEST: make abns_socket.vtc require 1.8 117 - REGTEST: make map_regm_with_backref require 1.7 118 - DOC: ssl: crt-list negative filters are only a hint 119 - MINOR: counters: fix a typo in comment 120 - BUG/MINOR: stats: fix validity of the json schema 121 - MINOR: hlua: Display debug messages on stderr only in debug mode 122 - BUG/MEDIUM: spoe: Unset variable instead of set it if no data provided 123 - BUG/MEDIUM: lb: Always lock the server when calling server_{take,drop}_conn 124 - BUG/MINOR: queue: properly report redistributed connections 125 - BUG/MEDIUM: server: support changing the slowstart value from state-file 126 - BUG/MAJOR: mux-h2: Don't try to send data if we know it is no longer possible 127 - BUG/MINOR: extcheck: add missing checks on extchk_setenv() 128 - BUG/MINOR: server: fix srv downtime calcul on starting 129 - BUG/MINOR: server: fix down_time report for stats 130 - BUG/MINOR: lua: initialize sample before using it 131 - BUG/MINOR: cache: Inverted variables in http_calc_maxage function 132 - BUG/MEDIUM: filters: Don't try to init filters for disabled proxies 133 - BUG/MINOR: server: Set server without addr but with dns in RMAINT on startup 134 - MINOR: server: Copy configuration file and line for server templates 135 - BUG/MINOR: filters: Skip disabled proxies during startup only 136 1372020/08/03 : 1.8.26 138 - BUILD: chunk: properly declare pool_head_trash as extern 139 - BUILD: cache: avoid a build warning with some compilers/linkers 140 - BUG/MINOR: ssl: default settings for ssl server options are not used 141 - BUG/MINOR: tools: fix the i386 version of the div64_32 function 142 - DOC: option logasap does not depend on mode 143 - BUG/MINOR: check: Update server address and port to execute an external check 144 - BUG/MINOR: checks: Respect the no-check-ssl option 145 - BUG/MINOR: checks/server: use_ssl member must be signed 146 - BUG/MINOR: checks: chained expect will not properly wait for enough data 147 - BUG/MEDIUM: capture: capture-req/capture-res converters crash without a stream 148 - BUG/MEDIUM: capture: capture.{req,res}.* crash without a stream 149 - BUG/MEDIUM: http: the "http_first_req" sample fetch could crash without a steeam 150 - BUG/MEDIUM: http: the "unique-id" sample fetch could crash without a steeam 151 - BUG/MEDIUM: shctx: really check the lock's value while waiting 152 - BUG/MEDIUM: shctx: bound the number of loops that can happen around the lock 153 - REGTEST: ssl: test the client certificate authentication 154 - BUG/MINOR: sample: Set the correct type when a binary is converted to a string 155 - BUG/MINOR: config: Make use_backend and use-server post-parsing less obscur 156 - BUG/MEDIUM: http_ana: make the detection of NTLM variants safer 157 - BUG/MINOR: cfgparse: Abort parsing the current line if an invalid \x sequence is encountered 158 - BUG/MINOR: pollers: remove uneeded free in global init 159 - BUILD: select: only declare existing local labels to appease clang 160 - SCRIPTS: publish-release: pass -n to gzip to remove timestamp 161 - BUG/MINOR: peers: fix internal/network key type mapping. 162 - BUG/MEDIUM: lua: Reset analyse expiration timeout before executing a lua action 163 - BUG/MEDIUM: hlua: Lock pattern references to perform set/add/del operations 164 - BUG/MINOR: logs: prevent double line returns in some events. 165 - BUG/MEDIUM: logs: fix trailing zeros on log message. 166 - BUG/MINOR: proto-http: Fix detection of NTLM for the legacy HTTP version 167 - BUG/MEDIUM: mworker: fix the copy of options in copy_argv() 168 - BUG/MINOR: init: -x can have a parameter starting with a dash 169 - BUG/MEDIUM: mworker: fix the reload with an -- option 170 - BUG/MINOR: mworker: fix a memleak when execvp() failed 171 - BUG/MEDIUM: pattern: fix thread safety of pattern matching 172 - BUG/MINOR: ssl: fix ssl-{min,max}-ver with openssl < 1.1.0 173 - BUG/MINOR: tcp-rules: tcp-response must check the buffer's fullness 174 - BUG/MEDIUM: ebtree: use a byte-per-byte memcmp() to compare memory blocks 175 - BUG/MINOR: spoe: add missing key length check before checking key names 176 - BUG/MINOR: systemd: Wait for network to be online 177 - BUG/MINOR: spoe: correction of setting bits for analyzer 178 - BUG/MEDIUM: fetch: Fix hdr_ip misparsing IPv4 addresses due to missing NUL 179 - MINOR: cli: make "show sess" stop at the last known session 180 - DOC: ssl: add "allow-0rtt" and "ciphersuites" in crt-list 181 - BUG/MEDIUM: pattern: Add a trailing \0 to match strings only if possible 182 - BUG/MINOR: proxy: fix dump_server_state()'s misuse of the trash 183 - BUG/MINOR: proxy: always initialize the trash in show servers state 184 - BUG/MINOR: http_act: don't check capture id in backend (2) 185 - BUG/MINOR: sample: Free str.area in smp_check_const_bool 186 - BUG/MINOR: sample: Free str.area in smp_check_const_meth 187 - BUG/MEDIUM: channel: Be aware of SHUTW_NOW flag when output data are peeked 188 - BUILD: ebtree: fix build on libmusl after recent introduction of eb_memcmp() 189 - BUG/MINOR: cfgparse: don't increment linenum on incomplete lines 190 - BUG/MEDIUM: mux-h2: Emit an error if the response chunk formatting is incomplete 191 - BUG/MEDIUM: dns: Release answer items when a DNS resolution is freed 192 - BUG/MINOR: tcp-rules: Set the inspect-delay when a tcp-response action yields 193 - SCRIPTS: announce-release: add the link to the wiki in the announce messages 194 - SCRIPTS: git-show-backports: make -m most only show the left branch 195 - SCRIPTS: git-show-backports: emit the shell command to backport a commit 196 - DOC: Improve documentation on http-request set-src 197 - BUG/MINOR: http: make url_decode() optionally convert '+' to SP 198 - MINOR: checks: Add a way to send custom headers and payload during http chekcs 199 - BUG/MINOR: checks: Compute the right HTTP request length for HTTP health checks 200 - BUG/MINOR: checks: Remove a warning about http health checks 201 - BUG/MINOR: threads: fix multiple use of argument inside HA_ATOMIC_CAS() 202 - BUG/MINOR: threads: fix multiple use of argument inside HA_ATOMIC_UPDATE_{MIN,MAX}() 203 - BUG/MINOR: pools: use %u not %d to report pool stats in "show pools" 204 - MEDIUM: map: make the "clear map" operation yield 205 - BUG/MEDIUM: server/checks: Init server check during config validity check 206 - BUG/MEDIUM: checks: Always initialize checks before starting them 207 - BUG/MINOR: checks: Respect check-ssl param when a port or an addr is specified 208 - BUG/MINOR: server: Fix server_finalize_init() to avoid unused variable 209 2102020/04/02 : 1.8.25 211 - BUG/MINOR: namespace: avoid closing fd when socket failed in my_socketat 212 - SCRIPTS: announce-release: use mutt -H instead of -i to include the draft 213 - CONTRIB: debug: add the possibility to decode the value as certain types only 214 - CONTRIB: debug: support reporting multiple values at once 215 - CONTRIB: debug: also support reading values from stdin 216 - BUG/MEDIUM: shctx: make sure to keep all blocks aligned 217 - MINOR: compiler: move CPU capabilities definition from config.h and complete them 218 - BUG/MEDIUM: ebtree: don't set attribute packed without unaligned access support 219 - BUILD: fix recent build failure on unaligned archs 220 - MINOR: compiler: add new alignment macros 221 - BUILD: ebtree: improve architecture-specific alignment 222 - BUG/MINOR: sample: fix the json converter's endian-sensitivity 223 - BUG/MINOR: sample: Make sure to return stable IDs in the unique-id fetch 224 - BUG/MAJOR: list: fix invalid element address calculation 225 - DOC: fix incorrect indentation of http_auth_* 226 - BUG/MAJOR: proxy_protocol: Properly validate TLV lengths 227 - REGTEST: make the PROXY TLV validation depend on version 2.2 228 - BUG/MINOR: lua: Ignore the reserve to know if a channel is full or not 229 - BUG/MINOR: http-rules: Preserve FLT_END analyzers on reject action 230 - BUG/MINOR: http-rules: Fix a typo in the reject action function 231 - BUG/MINOR: rules: Preserve FLT_END analyzers on silent-drop action 232 - BUG/MINOR: rules: Increment be_counters if backend is assigned for a silent-drop 233 - DOC: fix typo about no-tls-tickets 234 - DOC: improve description of no-tls-tickets 235 - DOC: ssl: clarify security implications of TLS tickets 236 - DOC: proxy_protocol: Reserve TLV type 0x05 as PP2_TYPE_UNIQUE_ID 237 - DOC: assorted typo fixes in the documentation 238 - BUG/MINOR: peers: init bind_proc to 1 if it wasn't initialized 239 - BUG/MINOR: peers: avoid an infinite loop with peers_fe is NULL 240 - BUG/MINOR: stats: Fix color of draining servers on stats page 241 - DOC: internals: Fix spelling errors in filters.txt 242 - BUG/MEDIUM: http: unbreak redirects in legacy mode 243 - MINOR: http-rules: Add a flag on redirect rules to know the rule direction 244 - BUG/MINOR: http_ana: make sure redirect flags don't have overlapping bits 245 - MINOR: http-rules: Handle the rule direction when a redirect is evaluated 246 - BUG/MINOR: http-ana: Reset request analysers on error when waiting for response 247 - BUG/CRITICAL: hpack: never index a header into the headroom after wrapping 248 2492020/02/15 : 1.8.24 250 - DOC: clarify matching strings on binary fetches 251 - BUG/MEDIUM: listener/thread: fix a race when pausing a listener 252 - BUG/MINOR: ssl: certificate choice can be unexpected with openssl >= 1.1.1 253 - BUG/MINOR: proxy: make soft_stop() also close FDs in LI_PAUSED state 254 - BUG/MINOR: listener/threads: always use atomic ops to clear the FD events 255 - BUG/MINOR: listener: also clear the error flag on a paused listener 256 - BUG/MEDIUM: listener/threads: fix a remaining race in the listener's accept() 257 - DOC: document the listener state transitions 258 - BUG/MAJOR: dns: add minimalist error processing on the Rx path 259 - BUG/MEDIUM: proto_udp/threads: recv() and send() must not be exclusive. 260 - BUG/MEDIUM: kqueue: Make sure we report read events even when no data. 261 - DOC: listeners: add a few missing transitions 262 - BUILD/MINOR: ssl: shut up a build warning about format truncation 263 - BUILD/MINOR: tools: shut up the format truncation warning in get_gmt_offset() 264 - BUILD: do not disable -Wformat-truncation anymore 265 - DOC: remove references to the outdated architecture.txt 266 - BUG/MINOR: log: fix minor resource leaks on logformat error path 267 - BUG/MINOR: mworker: properly pass SIGTTOU/SIGTTIN to workers 268 - BUG/MINOR: listener: do not immediately resume on transient error 269 - BUG/MINOR: server: make "agent-addr" work on default-server line 270 - BUG/MINOR: listener: fix off-by-one in state name check 271 - BUILD/MINOR: unix sockets: silence an absurd gcc warning about strncpy() 272 - BUG/MINOR: sample: fix the closing bracket and LF in the debug converter 273 - BUG/MINOR: sample: always check converters' arguments 274 - BUG/MEDIUM: ssl: Don't set the max early data we can receive too early. 275 - BUG/MEDIUM: session: do not report a failure when rejecting a session 276 - BUG/MEDIUM: mworker: remain in mworker mode during reload 277 - BUG/MAJOR: hashes: fix the signedness of the hash inputs 278 - BUG/MEDIUM: cli: _getsocks must send the peers sockets 279 - BUG/MINOR: stream: don't mistake match rules for store-request rules 280 - BUG/MINOR: pattern: handle errors from fgets when trying to load patterns 281 - BUG/MINOR: dns: Make dns_query_id_seed unsigned 282 - BUG/MINOR: http-rules: Remove buggy deinit functions for HTTP rules 283 - BUG/MINOR: stick-table: Use MAX_SESS_STKCTR as the max track ID during parsing 284 - BUG/MINOR: tcp-rules: Fix memory releases on error path during action parsing 285 - MINOR: proxy/http-ana: Add support of extra attributes for the cookie directive 286 - BUG/MINOR: http_act: don't check capture id in backend 287 - BUG/MINOR: dns: allow srv record weight set to 0 288 - BUG/MEDIUM: pipe: fix a use-after-free in case of pipe creation error 289 - BUG/MINOR: connection: fix ip6 dst_port copy in make_proxy_line_v2 290 - MINOR: acl: Warn when an ACL is named 'or' 291 - SCRIPTS: announce-release: place the send command in the mail's header 292 - SCRIPTS: announce-release: allow the user to force to overwrite old files 293 - BUG/MINOR: unix: better catch situations where the unix socket path length is close to the limit 294 - BUG/MINOR: dns: allow 63 char in hostname 295 - BUG/MEDIUM: listener: only consider running threads when resuming listeners 296 - BUG/MINOR: tcp: avoid closing fd when socket failed in tcp_bind_listener 297 - BUG/MINOR: tcp: don't try to set defaultmss when value is negative 298 - SCRIPTS: make announce-release executable again 299 3002019/11/25 : 1.8.23 301 - MINOR: tcp: avoid confusion in time parsing init 302 - BUG/MINOR: cli: don't call the kw->io_release if kw->parse failed 303 - BUG/MINOR: config: Update cookie domain warn to RFC6265 304 - BUG/MEDIUM: stream: Be sure to support splicing at the mux level to enable it 305 - BUG/MEDIUM: stream: Be sure to release allocated captures for TCP streams 306 - BUG: dns: timeout resolve not applied for valid resolutions 307 - BUG/MEDIUM: listeners: always pause a listener on out-of-resource condition 308 - BUG/MINOR: ssl: fix crt-list neg filter for openssl < 1.1.1 309 - BUILD/MINOR: ssl: fix compiler warning about useless statement 310 - MINOR: ist: add ist_find_ctl() 311 - BUG/MAJOR: h2: reject header values containing invalid chars 312 - BUG/MAJOR: h2: make header field name filtering stronger 313 - SCRIPTS: create-release: show the correct origin name in suggested commands 314 - SCRIPTS: git-show-backports: add "-s" to proposed cherry-pick commands 315 3162019/10/25 : 1.8.22 317 - BUILD/MINOR: stream: avoid a build warning with threads disabled 318 - BUG/MINOR: haproxy: fix rule->file memory leak 319 - MINOR: connection: add new function conn_is_back() 320 - BUG/MEDIUM: ssl: Use the early_data API the right way. 321 - BUG/MEDIUM: checks: make sure the warmup task takes the server lock 322 - BUG/MINOR: logs/threads: properly split the log area upon startup 323 - MINOR: doc: Document allow-0rtt on the server line. 324 - BUG/MEDIUM: spoe: Be sure the sample is found before setting its context 325 - DOC: fixed typo in management.txt 326 - BUG/MINOR: mworker: disable SIGPROF on re-exec 327 - BUG/MEDIUM: listener/threads: fix an AB/BA locking issue in delete_listener() 328 - BUG/MEDIUM: proto-http: Always start the parsing if there is no outgoing data 329 - BUG/MEDIUM: http: also reject messages where "chunked" is missing from transfer-enoding 330 - BUG/MINOR: filters: Properly set the HTTP status code on analysis error 331 - BUG/MINOR: acl: Fix memory leaks when an ACL expression is parsed 332 - BUG/MEDIUM: check/threads: make external checks run exclusively on thread 1 333 - BUG/MEDIUM: namespace: close open namespaces during soft shutdown 334 - BUG/MAJOR: mux_h2: Don't consume more payload than received for skipped frames 335 - MINOR: tools: implement my_flsl() 336 - BUG/MEDIUM: spoe: Use a different engine-id per process 337 - DOC: Fix documentation about the cli command to get resolver stats 338 - BUG/MEDIUM: namespace: fix fd leak in master-worker mode 339 - BUG/MINOR: lua: Properly initialize the buffer's fields for string samples in hlua_lua2(smp|arg) 340 - BUG/MEDIUM: cache: make sure not to cache requests with absolute-uri 341 - DOC: clarify some points around http-send-name-header's behavior 342 - MINOR: stats: mention in the help message support for "json" and "typed" 343 - BUG/MINOR: ssl: free the sni_keytype nodes 344 - BUG/MINOR: chunk: Fix tests on the chunk size in functions copying data 345 - BUG/MINOR: WURFL: fix send_log() function arguments 346 - BUG/MINOR: tcp: Don't alter counters returned by tcp info fetchers 347 - BUG/MINOR: ssl: abort on sni allocation failure 348 - BUG/MINOR: ssl: abort on sni_keytypes allocation failure 349 - CLEANUP: ssl: make ssl_sock_load_cert*() return real error codes 350 - CLEANUP: ssl: make ssl_sock_put_ckch_into_ctx handle errcode/warn 351 - CLEANUP: ssl: make ssl_sock_load_dh_params handle errcode/warn 352 - CLEANUP: bind: handle warning label on bind keywords parsing. 353 - BUG/MEDIUM: ssl: 'tune.ssl.default-dh-param' value ignored with openssl > 1.1.1 354 - BUG/MINOR: mworker/ssl: close OpenSSL FDs on reload 355 - BUILD: ssl: fix again a libressl build failure after the openssl FD leak fix 356 - BUG/MINOR: mworker/ssl: close openssl FDs unconditionally 357 - BUG/MINOR: ssl: Fix fd leak on error path when a TLS ticket keys file is parsed 358 - BUG/MINOR: stick-table: Never exceed (MAX_SESS_STKCTR-1) when fetching a stkctr 359 - BUG/MINOR: sample: Make the `field` converter compatible with `-m found` 360 - BUG/MINOR: ssl: fix memcpy overlap without consequences. 361 - BUG/MINOR: stick-table: fix an incorrect 32 to 64 bit key conversion 362 - BUG/MEDIUM: pattern: make the pattern LRU cache thread-local and lockless 363 3642019/08/16 : 1.8.21 365 - BUG/MINOR: http: Call stream_inc_be_http_req_ctr() only one time per request 366 - BUG/MEDIUM: spoe: arg len encoded in previous frag frame but len changed 367 - MINOR: spoe: Use the sample context to pass frag_ctx info during encoding 368 - DOC: contrib/modsecurity: Typos and fix the reject example 369 - BUG/MEDIUM: contrib/modsecurity: If host header is NULL, don't try to strdup it 370 - MINOR: examples: Use right locale for the last changelog date in haproxy.spec 371 - BUG/MAJOR: map/acl: real fix segfault during show map/acl on CLI 372 - BUG/MEDIUM: listener: Fix how unlimited number of consecutive accepts is handled 373 - MINOR: config: Test validity of tune.maxaccept during the config parsing 374 - CLEANUP: config: Don't alter listener->maxaccept when nbproc is set to 1 375 - MINOR: threads: Implement HA_ATOMIC_LOAD(). 376 - BUG/MEDIUM: port_range: Make the ring buffer lock-free. 377 - BUG/MINOR: http_fetch: Rely on the smp direction for "cookie()" and "hdr()" 378 - BUG/MEDIUM: dns: make the port numbers unsigned 379 - BUG/MEDIUM: spoe: Don't use the SPOE applet after releasing it 380 - DOC: fix typos 381 - BUG/MINOR: ssl_sock: Fix memory leak when disabling compression 382 - BUILD: ssl: fix latest LibreSSL reg-test error 383 - BUG/MAJOR: lb/threads: make sure the avoided server is not full on second pass 384 - BUG/MEDIUM: http: fix "http-request reject" when not final 385 - BUG/MINOR: deinit/threads: make hard-stop-after perform a clean exit 386 - BUG/MEDIUM: connection: fix multiple handshake polling issues 387 - BUG/MEDIUM: vars: make sure the scope is always valid when accessing vars 388 - BUG/MEDIUM: vars: make the tcp/http unset-var() action support conditions 389 - BUG/MEDIUM: mux-h2: make sure the connection timeout is always set 390 - BUG/MINOR: http-rules: mention "deny_status" for "deny" in the error message 391 - MINOR: doc: Remove -Ds option in man page 392 - MINOR: doc: add master-worker in the man page 393 - BUG/MEDIUM: compression: Set Vary: Accept-Encoding for compressed responses 394 - BUG/MEDIUM: lb_fwlc: Don't test the server's lb_tree from outside the lock 395 - BUILD: makefile: use :space: instead of digits to count commits 396 - BUILD: makefile: do not rely on shell substitutions to determine git version 397 - BUG/MEDIUM: lb_fas: Don't test the server's lb_tree from outside the lock 398 - BUG/MEDIUM: da: cast the chunk to string. 399 - MINOR: task: introduce work lists 400 - BUG/MAJOR: listener: fix thread safety in resume_listener() 401 - BUG/MEDIUM: tcp-check: unbreak multiple connect rules again 402 - BUG/MEDIUM: http/htx: unbreak option http_proxy 403 - BUG/MEDIUM: tcp-checks: do not dereference inexisting conn_stream 404 - BUG/MEDIUM: protocols: add a global lock for the init/deinit stuff 405 - BUG/MINOR: proxy: always lock stop_proxy() 406 - BUILD: threads: add the definition of PROTO_LOCK 407 - BUG/MEDIUM: lb-chash: Fix the realloc() when the number of nodes is increased 408 - DOC: improve the wording in CONTRIBUTING about how to document a bug fix 409 - BUG/MEDIUM: hlua: Check the calling direction in lua functions of the HTTP class 410 - MINOR: hlua: Don't set request analyzers on response channel for lua actions 411 - MINOR: hlua: Add a flag on the lua txn to know in which context it can be used 412 - BUG/MINOR: hlua: Only execute functions of HTTP class if the txn is HTTP ready 413 - BUG/MAJOR: queue/threads: avoid an AB/BA locking issue in process_srv_queue() 414 - BUG/MINOR: lua: Set right direction and flags on new HTTP objects 415 - BUG/MEDIUM: protocols: properly initialize the proto_lock in 1.8 416 - BUG/MEDIUM: lb-chash: Ensure the tree integrity when server weight is increased 417 - BUG/MINOR: stream-int: also update analysers timeouts on activity 418 - BUG/MEDIUM: mux-h2: split the stream's and connection's window sizes 419 - BUG/MEDIUM: fd: Always reset the polled_mask bits in fd_dodelete(). 420 - BUG/MINOR: mux-h2: don't refrain from sending an RST_STREAM after another one 421 - BUG/MINOR: mux-h2: use CANCEL, not STREAM_CLOSED in h2c_frt_handle_data() 422 - BUG/MEDIUM: mux-h2: do not recheck a frame type after a state transition 423 - BUG/MINOR: mux-h2: always send stream window update before connection's 424 - BUG/MINOR: mux-h2: always reset rcvd_s when switching to a new frame 425 - MINOR: build: Disable -Wstringop-overflow. 426 - BUG/MINOR: ssl: fix 0-RTT for BoringSSL 427 - MINOR: ssl: ssl_fc_has_early should work for BoringSSL 428 - BUG/MEDIUM: lua: Fix test on the direction to set the channel exp timeout 429 4302019/04/25 : 1.8.20 431 - BUG/MAJOR: listener: Make sure the listener exist before using it. 432 - BUG/MINOR: listener: keep accept rate counters accurate under saturation 433 - BUG/MEDIUM: logs: Only attempt to free startup_logs once. 434 - BUG/MEDIUM: 51d: fix possible segfault on deinit_51degrees() 435 - BUG/MINOR: ssl: fix warning about ssl-min/max-ver support 436 - MEDIUM: threads: Use __ATOMIC_SEQ_CST when using the newer atomic API. 437 - BUG/MEDIUM: threads/fd: do not forget to take into account epoll_fd/pipes 438 - BUG/MAJOR: spoe: Fix initialization of thread-dependent fields 439 - BUG/MAJOR: stats: Fix how huge POST data are read from the channel 440 - BUG/MINOR: http/counters: fix missing increment of fe->srv_aborts 441 - BUG/MEDIUM: ssl: ability to set TLS 1.3 ciphers using ssl-default-server-ciphersuites 442 - DOC: The option httplog is no longer valid in a backend. 443 - BUG/MAJOR: checks: segfault during tcpcheck_main 444 - BUILD: makefile: work around an old bug in GNU make-3.80 445 - MINOR: tools: make memvprintf() never pass a NULL target to vsnprintf() 446 - BUILD: makefile: fix build of IPv6 header on aix51 447 - BUILD: makefile: add _LINUX_SOURCE_COMPAT to build on AIX-51 448 - BUILD: Makefile: disable shared cache on AIX 5.1 449 - BUG/MINOR: cli: correctly handle abns in 'show cli sockets' 450 - MINOR: cli: start addresses by a prefix in 'show cli sockets' 451 - BUG/MEDIUM: peers: fix a case where peer session is not cleanly reset on release. 452 - BUILD: use inttypes.h instead of stdint.h 453 - BUILD: connection: fix naming of ip_v field 454 - BUG/MEDIUM: pattern: assign pattern IDs after checking the config validity 455 - BUG/MEDIUM: spoe: Queue message only if no SPOE applet is attached to the stream 456 - BUG/MEDIUM: spoe: Return an error if nothing is encoded for fragmented messages 457 - BUG/MINOR: threads: fix the process range of thread masks 458 - MINOR: lists: Implement locked variations. 459 - BUG/MEDIUM: lists: Properly handle the case we're removing the first elt. 460 - BUG/MEDIUM: list: fix the rollback on addq in the locked liss 461 - BUG/MEDIUM: list: fix LIST_POP_LOCKED's removal of the last pointer 462 - BUG/MEDIUM: list: add missing store barriers when updating elements and head 463 - MINOR: list: make the delete and pop operations idempotent 464 - BUG/MEDIUM: list: correct fix for LIST_POP_LOCKED's removal of last element 465 - BUG/MEDIUM: list: fix again LIST_ADDQ_LOCKED 466 - BUG/MEDIUM: list: fix incorrect pointer unlocking in LIST_DEL_LOCKED() 467 - MAJOR: listener: do not hold the listener lock in listener_accept() 468 - BUG/MEDIUM: listener: use a self-locked list for the dequeue lists 469 - BUG/MEDIUM: listener: make sure the listener never accepts too many conns 470 - BUILD/MINOR: listener: Silent a few signedness warnings. 471 - MINOR: skip get_gmtime where tm is unused 472 - BUG/MAJOR: http_fetch: Get the channel depending on the keyword used 473 - BUG/MEDIUM: maps: only try to parse the default value when it's present 474 - BUG/MINOR: acl: properly detect pattern type SMP_T_ADDR 475 - BUG/MEDIUM: thread/http: Add missing locks in set-map and add-acl HTTP rules 476 - BUG/MINOR: 51d: Get the request channel to call CHECK_HTTP_MESSAGE_FIRST() 477 - BUG/MINOR: da: Get the request channel to call CHECK_HTTP_MESSAGE_FIRST() 478 - BUG/MINOR: spoe: Don't systematically wakeup SPOE stream in the applet handler 479 4802019/02/11 : 1.8.19 481 - DOC: ssl: Clarify when pre TLSv1.3 cipher can be used 482 - DOC: ssl: Stop documenting ciphers example to use 483 - BUG/MINOR: spoe: do not assume agent->rt is valid on exit 484 - BUG/MINOR: lua: initialize the correct idle conn lists for the SSL sockets 485 - BUG/MEDIUM: spoe: initialization depending on nbthread must be done last 486 - BUG/MEDIUM: server: initialize the idle conns list after parsing the config 487 - BUG/MAJOR: spoe: Don't try to get agent config during SPOP healthcheck 488 - BUG/MAJOR: stream: avoid double free on unique_id 489 - BUG/MINOR: config: Reinforce validity check when a process number is parsed 490 4912019/02/06 : 1.8.18 492 - DOC: http-request cache-use / http-response cache-store expects cache name 493 - BUG/MAJOR: cache: fix confusion between zero and uninitialized cache key 494 - BUG/MEDIUM: ssl: Disable anti-replay protection and set max data with 0RTT. 495 - DOC: Be a bit more explicit about allow-0rtt security implications. 496 - BUG/MEDIUM: ssl: missing allocation failure checks loading tls key file 497 - BUG/MINOR: backend: don't use url_param_name as a hint for BE_LB_ALGO_PH 498 - BUG/MINOR: backend: balance uri specific options were lost across defaults 499 - BUG/MINOR: backend: BE_LB_LKUP_CHTREE is a value, not a bit 500 - BUG/MINOR: stick_table: Prevent conn_cur from underflowing 501 - BUG/MINOR: server: don't always trust srv_check_health when loading a server state 502 - BUG/MINOR: check: Wake the check task if the check is finished in wake_srv_chk() 503 - BUG/MEDIUM: ssl: Fix handling of TLS 1.3 KeyUpdate messages 504 - DOC: mention the effect of nf_conntrack_tcp_loose on src/dst 505 - MINOR: h2: add a bit-based frame type representation 506 - MINOR: h2: declare new sets of frame types 507 - BUG/MINOR: mux-h2: CONTINUATION in closed state must always return GOAWAY 508 - BUG/MINOR: mux-h2: headers-type frames in HREM are always a connection error 509 - BUG/MINOR: mux-h2: make it possible to set the error code on an already closed stream 510 - BUG/MINOR: hpack: return a compression error on invalid table size updates 511 - DOC: nbthread is no longer experimental. 512 - BUG/MINOR: spoe: corrected fragmentation string size 513 - BUG/MINOR: deinit: tcp_rep.inspect_rules not deinit, add to deinit 514 - SCRIPTS: add the slack channel URL to the announce script 515 - SCRIPTS: add the issue tracker URL to the announce script 516 - BUG/MINOR: stream: don't close the front connection when facing a backend error 517 - MINOR: xref: Add missing barriers. 518 - BUG/MEDIUM: mux-h2: wake up flow-controlled streams on initial window update 519 - BUG/MEDIUM: mux-h2: fix two half-closed to closed transitions 520 - BUG/MEDIUM: mux-h2: make sure never to send GOAWAY on too old streams 521 - BUG/MEDIUM: mux-h2: wait for the mux buffer to be empty before closing the connection 522 - MINOR: stream-int: expand the flags to 32-bit 523 - MINOR: stream-int: add a new flag to mention that we want the connection to be killed 524 - MINOR: connstream: have a new flag CS_FL_KILL_CONN to kill a connection 525 - BUG/MEDIUM: mux-h2: do not close the connection on aborted streams 526 - BUG/MEDIUM: stream: Don't forget to free s->unique_id in stream_free(). 527 - BUG/MINOR: config: fix bind line thread mask validation 528 - BUG/MAJOR: config: verify that targets of track-sc and stick rules are present 529 - BUG/MAJOR: spoe: verify that backends used by SPOE cover all their callers' processes 530 - BUG/MINOR: config: make sure to count the error on incorrect track-sc/stick rules 531 5322019/01/08 : 1.8.17 533 - BUG/MAJOR: stream-int: Update the stream expiration date in stream_int_notify() 534 - MINOR: mux-h2: only increase the connection window with the first update 535 - BUG/MEDIUM: mux-h2: mark that we have too many CS once we have more than the max 536 - BUG/MEDIUM: server: Also copy "check-sni" for server templates. 537 - MINOR: lb: allow redispatch when using consistent hash 538 - MINOR: stream/cli: fix the location of the waiting flag in "show sess all" 539 - MINOR: stream/cli: report more info about the HTTP messages on "show sess all" 540 - BUG/MEDIUM: cli: make "show sess" really thread-safe 541 - BUG/MINOR: lua: Return an error if a legacy HTTP applet doesn't send anything 542 - BUG/MINOR: lua: bad args are returned for Lua actions 543 - BUG/MEDIUM: lua: dead lock when Lua tasks are trigerred 544 - BUG/CRITICAL: mux-h2: re-check the frame length when PRIORITY is used 545 5462018/12/21 : 1.8.16 547 - BUG/MINOR: logs: leave startup-logs global and not per-thread 548 - BUG/MEDIUM: dns: Don't prevent reading the last byte of the payload in dns_validate_response() 549 - BUG/MEDIUM: dns: overflowed dns name start position causing invalid dns error 550 5512018/12/13 : 1.8.15 552 - MINOR: threads: Make sure threads_sync_pipe is initialized before using it. 553 - DOC: clarify force-private-cache is an option 554 - BUG/MINOR: connection: avoid null pointer dereference in send-proxy-v2 555 - BUG/MINOR: backend: check that the mux installed properly 556 - BUG/MEDIUM: buffers: Make sure we don't wrap in buffer_insert_line2/replace2. 557 - MEDIUM: ssl: add support for ciphersuites option for TLSv1.3 558 - BUG/MEDIUM: Cur/CumSslConns counters not threadsafe. 559 - BUG/MINOR: checks: queues null-deref 560 - BUG/MEDIUM: mworker: segfault receiving SIGUSR1 followed by SIGTERM. 561 - BUG/MEDIUM: stream: don't crash on out-of-memory 562 - BUILD: ssl: fix null-deref warning in ssl_fc_cipherlist_str sample fetch 563 - BUILD: ssl: fix another null-deref warning in ssl_sock_switchctx_cbk() 564 - BUILD: stick-table: make sure not to fail on task_new() during initialization 565 - BUILD: peers: check allocation error during peers_init_sync() 566 - DOC: Fix a few typos 567 - BUG/MEDIUM: threads: fix thread_release() at the end of the rendez-vous point 568 - BUG/MEDIUM: threads: make sure threads_want_sync is marked volatile 569 - BUILD: compiler: add a new statement "__unreachable()" 570 - MINOR: lua: all functions calling lua_yieldk() may return 571 - BUILD: lua: silence some compiler warnings about potential null derefs (#2) 572 - BUILD: lua: silence some compiler warnings after WILL_LJMP 573 - CLEANUP: stick-tables: Remove unneeded double (()) around conditional clause 574 - BUILD: Makefile: add a "make opts" target to simply show the build options 575 - BUILD: Makefile: speed up compiler options detection 576 - BUILD: Makefile: silence an option conflict warning with clang 577 - MINOR: server: Use memcpy() instead of strncpy(). 578 - MINOR: cfgparse: Write 130 as 128 as 0x82 and 0x80. 579 - MINOR: peers: use defines instead of enums to appease clang. 580 - DOC: fix reference to map files in MAINTAINERS 581 - BUILD: compiler: rename __unreachable() to my_unreachable() 582 - BUG/MEDIUM: pools: Fix the usage of mmap()) with DEBUG_UAF. 583 - BUG/MEDIUM: h2: Close connection if no stream is left an GOAWAY was sent. 584 - BUILD: Makefile: add the new ERR variable to force -Werror 585 - BUG/MINOR: cache: Crashes with "total-max-size" > 2047(MB). 586 - BUG/MINOR: cache: Wrong usage of shctx_init(). 587 - BUG/MINOR: ssl: Wrong usage of shctx_init(). 588 - DOC: cache: Missing information about "total-max-size" 589 - BUG/MINOR: only mark connections private if NTLM is detected 590 - BUG/MINOR: only auto-prefer last server if lb-alg is non-deterministic 591 - BUG/MAJOR: http: http_txn_get_path() may deference an inexisting buffer 592 - BUG/MEDIUM: auth/threads: use of crypt() is not thread-safe 593 - BUG/MINOR: config: better detect the presence of the h2 pattern in npn/alpn 594 - BUG/MEDIUM: Make sure stksess is properly aligned. 595 - BUG/MINOR: config: Copy default error messages when parsing of a backend starts 596 - BUG/MEDIUM: hpack: fix encoding of "accept-ranges" field 597 - BUG/MINOR: ssl: ssl_sock_parse_clienthello ignores session id 598 - BUG/MINOR: cfgparse: Fix transition between 2 sections with the same name 599 - BUG/MINOR: cfgparse: Fix the call to post parser of the last sections parsed 600 - BUG/MINOR: lb-map: fix unprotected update to server's score 601 - BUG/MEDIUM: sample: Don't treat SMP_T_METH as SMP_T_STR. 602 - BUG/MINOR: hpack: fix off-by-one in header name encoding length calculation 603 - BUG/MINOR: mux-h2: refrain from muxing during the preface 604 - BUG/MINOR: mux-h2: advertise a larger connection window size 605 - BUILD: compression: fix build error with DEFAULT_MAXZLIBMEM 606 - BUILD: threads: fix minor build warnings when threads are disabled 607 - MINOR: stats: report the number of active jobs and listeners in "show info" 608 - MINOR: servers: Free [idle|safe|priv]_conns on exit. 609 - DOC: clarify that check-sni needs an argument. 610 - DOC: refer to check-sni in the documentation of sni 611 - BUG: dns: Prevent stack-exhaustion via recursion loop in dns_read_name 612 - BUG: dns: Prevent out-of-bounds read in dns_read_name() 613 - BUG: dns: Prevent out-of-bounds read in dns_validate_dns_response() 614 - BUG: dns: Fix out-of-bounds read via signedness error in dns_validate_dns_response() 615 - BUG: dns: Fix off-by-one write in dns_validate_dns_response() 616 - DOC: Update configuration doc about the maximum number of stick counters. 617 - DOC: restore note about "independant" typo 618 - DOC: Fix typos in README and CONTRIBUTING 619 - DOC: Fix typos in different subsections of the documentation 620 - DOC: fix a few typos in the documentation 621 6222018/09/20 : 1.8.14 623 - BUG/MEDIUM: servers: check the queues once enabling a server 624 - BUG/MEDIUM: queue: prevent a backup server from draining the proxy's connections 625 - MINOR: dns: fix wrong score computation in dns_get_ip_from_response 626 - MINOR: dns: new DNS options to allow/prevent IP address duplication 627 - BUG/MEDIUM: lua: possible CLOSE-WAIT state with '\n' headers 628 - MINOR: threads: Introduce double-width CAS on x86_64 and arm. 629 - BUG/MEDIUM: threads: fix the double CAS implementation for ARMv7 630 - MINOR: threads: add more consistency between certain variables in no-thread case 631 - BUG/MEDIUM: threads: fix the no-thread case after the change to the sync point 632 - MEDIUM: hathreads: implement a more flexible rendez-vous point 633 - BUG/MEDIUM: cli: make "show fd" thread-safe 634 - BUG/MINOR: ssl: empty connections reported as errors. 635 - BUG/MEDIUM: ssl: fix missing error loading a keytype cert from a bundle. 636 - BUG/MEDIUM: ssl: loading dh param from certifile causes unpredictable error. 637 - BUG/MINOR: map: fix map_regm with backref 638 - DOC: dns: explain set server ... fqdn requires resolver 639 - DOC: ssl: Use consistent naming for TLS protocols 640 - BUG/MEDIUM: lua: socket timeouts are not applied 641 - BUG/MEDIUM: cli/threads: protect all "proxy" commands against concurrent updates 642 - BUG/MEDIUM: cli/threads: protect some server commands against concurrent operations 643 - DOC: Fix spelling error in configuration doc 644 - BUG/MEDIUM: unix: provide a ->drain() function 645 - BUG/MINOR: lua: Bad HTTP client request duration. 646 - BUG/MEDIUM: mux_pt: dereference the connection with care in mux_pt_wake() 647 - BUG/MEDIUM: lua: reset lua transaction between http requests 648 - BUG/MEDIUM: hlua: Make sure we drain the output buffer when done. 649 - BUG/MAJOR: thread: lua: Wrong SSL context initialization. 650 - BUG/MEDIUM: hlua: Don't call RESET_SAFE_LJMP if SET_SAFE_LJMP returns 0. 651 - BUG/MEDIUM: dns/server: fix incomatibility between SRV resolution and server state file 652 - BUG/MEDIUM: ECC cert should work with TLS < v1.2 and openssl >= 1.1.1 653 - MINOR: thread: implement HA_ATOMIC_XADD() 654 - BUG/MINOR: stream: use atomic increments for the request counter 655 - BUG/MEDIUM: session: fix reporting of handshake processing time in the logs 656 - BUG/MEDIUM: h2: fix risk of memory leak on malformated wrapped frames 657 - BUG/MINOR: dns: check and link servers' resolvers right after config parsing 658 - BUG/MINOR: http/threads: atomically increment the error snapshot ID 659 - BUG/MEDIUM: snapshot: take the proxy's lock while dumping errors 660 - BUG/MAJOR: kqueue: Don't reset the changes number by accident. 661 - BUG/MINOR: server: Crash when setting FQDN via CLI. 662 - DOC: Fix typos in lua documentation 663 - BUG/MEDIUM: patterns: fix possible double free when reloading a pattern list 664 - BUG/MINOR: tools: fix set_net_port() / set_host_port() on IPv4 665 - BUG/MINOR: cli: make sure the "getsock" command is only called on connections 666 - BUG/CRITICAL: hpack: fix improper sign check on the header index value 667 6682018/07/30 : 1.8.13 669 - MINOR: systemd: consider exit status 143 as successful 670 - BUG/MINOR: ssl: properly ref-count the tls_keys entries 671 - MINOR: mux: add a "show_fd" function to dump debugging information for "show fd" 672 - MINOR: h2: implement a basic "show_fd" function 673 - BUG/MINOR: h2: remove accidental debug code introduced with show_fd function 674 - MINOR: h2: keep a count of the number of conn_streams attached to the mux 675 - MINOR: h2: add the mux and demux buffer lengths on "show fd" 676 - BUG/MEDIUM: h2: don't accept new streams if conn_streams are still in excess 677 - BUG/MEDIUM: h2: never leave pending data in the output buffer on close 678 - BUG/MEDIUM: h2: make sure the last stream closes the connection after a timeout 679 - BUG/MINOR: http: Set brackets for the unlikely macro at the right place 680 - BUILD: Generate sha256 checksums in publish-release 681 - MINOR: debug: Add check for CO_FL_WILL_UPDATE 682 - MINOR: debug: Add checks for conn_stream flags 683 - BUG/MEDIUM: threads: Fix the exit condition of the thread barrier 684 - MINOR: h2: add the error code and the max/last stream IDs to "show fd" 685 - BUG/MEDIUM: stream-int: don't immediately enable reading when the buffer was reportedly full 686 - BUG/MEDIUM: stats: don't ask for more data as long as we're responding 687 - BUG/MINOR: servers: Don't make "server" in a frontend fatal. 688 - BUG/MEDIUM: threads/sync: use sched_yield when available 689 - BUG/MEDIUM: h2: prevent orphaned streams from blocking a connection forever 690 - BUG/MINOR: config: stick-table is not supported in defaults section 691 - BUG/MINOR: threads: Handle nbthread == MAX_THREADS. 692 - BUG/MEDIUM: threads: properly fix nbthreads == MAX_THREADS 693 - MINOR: threads: move "nbthread" parsing to hathreads.c 694 - BUG/MEDIUM: threads: unbreak "bind" referencing an incorrect thread number 695 - MEDIUM: proxy_protocol: Convert IPs to v6 when protocols are mixed 696 - SCRIPTS: git-show-backports: add missing quotes to "echo" 697 6982018/06/27 : 1.8.12 699 - BUG/MAJOR: stick_table: Complete incomplete SEGV fix 700 - MINOR: stick-tables: make stktable_release() do nothing on NULL 701 7022018/06/26 : 1.8.11 703 - BUG/MAJOR: Stick-tables crash with segfault when the key is not in the stick-table 704 - BUG/BUILD: threads: unbreak build without threads 705 7062018/06/22 : 1.8.10 707 - BUG/MINOR: lua: Socket.send threw runtime error: 'close' needs 1 arguments. 708 - BUG/MEDIUM: spoe: Flags are not encoded in network order 709 - BUG/MEDIUM: contrib/mod_defender: Use network order to encode/decode flags 710 - BUG/MEDIUM: contrib/modsecurity: Use network order to encode/decode flags 711 - BUG/MINOR: ssl/lua: prevent lua from affecting automatic maxconn computation 712 - BUG/MEDIUM: cache: don't cache when an Authorization header is present 713 - BUG/MEDIUM: dns: Delay the attempt to run a DNS resolution on check failure. 714 - BUG/BUILD: threads: unbreak build without threads 715 - BUG/BUILD: fd: fix typo causing a warning when threads are disabled 716 - BUG/MEDIUM: fd: Only check update_mask against all_threads_mask. 717 - BUG/MEDIUM: servers: Add srv_addr default placeholder to the state file 718 - BUG/MEDIUM: lua/socket: Length required read doesn't work 719 - BUG/MEDIUM: stick-tables: Decrement ref_cnt in table_* converters 720 - BUG/MEDIUM: spoe: Return an error when the wrong ACK is received in sync mode 721 - MINOR: task/notification: Is notifications registered ? 722 - BUG/MEDIUM: lua/socket: wrong scheduling for sockets 723 - BUG/MAJOR: lua: Dead lock with sockets 724 - BUG/MEDIUM: lua/socket: Notification error 725 - BUG/MEDIUM: lua/socket: Sheduling error on write: may dead-lock 726 - BUG/MEDIUM: lua/socket: Buffer error, may segfault 727 - MAJOR: spoe: upgrade the SPOP version to 2.0 and remove the support for 1.0 728 - BUG/MINOR: contrib/spoa_example: Don't reset the status code during disconnect 729 - BUG/MINOR: contrib/mod_defender: Don't reset the status code during disconnect 730 - BUG/MINOR: contrib/modsecurity: Don't reset the status code during disconnect 731 - BUG/MINOR: contrib/mod_defender: update pointer on the end of the frame 732 - BUG/MINOR: contrib/modsecurity: update pointer on the end of the frame 733 - DOC: SPOE.txt: fix a typo 734 - DOC: contrib/modsecurity: few typo fixes 735 - BUG/MINOR: unix: Make sure we can transfer abns sockets on seamless reload. 736 - BUG/MEDIUM: threads: handle signal queue only in thread 0 737 - BUG/MINOR: don't ignore SIG{BUS,FPE,ILL,SEGV} during signal processing 738 - BUG/MINOR: signals: ha_sigmask macro for multithreading 739 - MINOR: lua: Increase debug information 740 - BUG/MAJOR: map: fix a segfault when using http-request set-map 741 - BUG/MINOR: lua: Segfaults with wrong usage of types. 742 - BUG/MAJOR: ssl: Random crash with cipherlist capture 743 - BUG/MAJOR: ssl: OpenSSL context is stored in non-reserved memory slot 744 - BUG/MEDIUM: fd: Don't modify the update_mask in fd_dodelete(). 745 - BUG/MEDIUM: threads: Use the sync point to check active jobs and exit 746 - MINOR: threads: Be sure to remove threads from all_threads_mask on exit 747 7482018/05/18 : 1.8.9 749 - BUG/MINOR: pattern: Add a missing HA_SPIN_INIT() in pat_ref_newid() 750 - BUG/MAJOR: channel: Fix crash when trying to read from a closed socket 751 - BUG/MINOR: log: t_idle (%Ti) is not set for some requests 752 - BUG/MEDIUM: lua: Fix segmentation fault if a Lua task exits 753 - MINOR: h2: detect presence of CONNECT and/or content-length 754 - BUG/MEDIUM: h2: implement missing support for chunked encoded uploads 755 - BUG/MINOR: lua/threads: Make lua's tasks sticky to the current thread 756 - BUG/MINOR: config: disable http-reuse on TCP proxies 757 - BUG/MINOR: checks: Fix check->health computation for flapping servers 758 - BUG/MEDIUM: threads: Fix the sync point for more than 32 threads 759 - BUG/MINOR: lua: Put tasks to sleep when waiting for data 760 - DOC/MINOR: clean up LUA documentation re: servers & array/table. 761 - BUG/MINOR: map: correctly track reference to the last ref_elt being dumped 762 - BUG/MEDIUM: task: Don't free a task that is about to be run. 763 - BUG/MINOR: lua: schedule socket task upon lua connect() 764 - BUG/MINOR: lua: ensure large proxy IDs can be represented 765 - BUG/MEDIUM: http: don't always abort transfers on CF_SHUTR 766 - BUG/MEDIUM: pollers: Use a global list for fd shared between threads. 767 - BUG/MEDIUM: ssl: properly protect SSL cert generation 768 - BUG/MINOR: spoe: Mistake in error message about SPOE configuration 769 7702018/04/19 : 1.8.8 771 - BUG/MEDIUM: threads: Fix the max/min calculation because of name clashes 772 - BUG/MEDIUM: connection: Make sure we have a mux before calling detach(). 773 - BUG/MINOR: http: Return an error in proxy mode when url2sa fails 774 - BUG/MEDIUM: kqueue: When adding new events, provide an output to get errors. 775 - BUG/MINOR: cli: Guard against NULL messages when using CLI_ST_PRINT_FREE 776 - MINOR: cli: Ensure the CLI always outputs an error when it should 777 - DOC: lua: update the links to the config and Lua API 778 - BUG/CRITICAL: h2: fix incorrect frame length check 779 7802018/04/07 : 1.8.7 781 - BUG/MAJOR: cache: always initialize newly created objects 782 - MINOR: servers: Support alphanumeric characters for the server templates names 783 7842018/04/05 : 1.8.6 785 - BUG/MINOR: lua: the function returns anything 786 - BUG/MINOR: lua funtion hlua_socket_settimeout don't check negative values 787 - BUILD/MINOR: fix build when USE_THREAD is not defined 788 - MINOR: cli/threads: make "show fd" report thread_sync_io_handler instead of "unknown" 789 - MINOR: cli: make "show fd" report the mux and mux_ctx pointers when available 790 - BUILD/MINOR: cli: fix a build warning introduced by last commit 791 - BUG/MINOR: hpack: fix harmless use of uninitialized value in hpack_dht_insert 792 - CLEANUP: h2: rename misleading h2c_stream_close() to h2s_close() 793 - MINOR: h2: provide and use h2s_detach() and h2s_free() 794 - BUG/MAJOR: h2: remove orphaned streams from the send list before closing 795 - MINOR: h2: always call h2s_detach() in h2_detach() 796 - MINOR: h2: fuse h2s_detach() and h2s_free() into h2s_destroy() 797 - BUG/MEDIUM: h2/threads: never release the task outside of the task handler 798 - BUG/MEDIUM: h2: don't consider pending data on detach if connection is in error 799 - BUILD/MINOR: threads: always export thread_sync_io_handler() 800 - BUG/MEDIUM: h2: always add a stream to the send or fctl list when blocked 801 - BUG/MINOR: checks: check the conn_stream's readiness and not the connection 802 - BUG/MINOR: email-alert: Set the mailer port during alert initialization 803 - BUG/MINOR: cache: fix "show cache" output 804 - BUG/MINOR: fd: Don't clear the update_mask in fd_insert. 805 - BUG/MAJOR: cache: fix random crashes caused by incorrect delete() on non-first blocks 806 - BUG/MINOR: spoe: Initialize variables used during conf parsing before any check 807 - BUG/MINOR: spoe: Don't release the context buffer in .check_timeouts callbaclk 808 8092018/03/23 : 1.8.5 810 - BUG/MINOR: threads: fix missing thread lock labels for 1.8 811 - BUG/MEDIUM: ssl: Don't always treat SSL_ERROR_SYSCALL as unrecovarable. 812 - BUG/MEDIUM: ssl: Shutdown the connection for reading on SSL_ERROR_SYSCALL 813 - BUG/MINOR: init: Add missing brackets in the code parsing -sf/-st 814 - BUG/MINOR: ssl/threads: Make management of the TLS ticket keys files thread-safe 815 - BUG/MEDIUM: http: Switch the HTTP response in tunnel mode as earlier as possible 816 - BUG/MEDIUM: ssl/sample: ssl_bc_* fetch keywords are broken. 817 - DOC: lua: new prototype for function "register_action()" 818 - DOC: cfgparse: Warn on option (tcp|http)log in backend 819 - BUG/MINOR: debug/pools: properly handle out-of-memory when building with DEBUG_UAF 820 - MINOR: debug/pools: make DEBUG_UAF also detect underflows 821 - BUG/MINOR: h2: Set the target of dbuf_wait to h2c 822 - MINOR: stats: display the number of threads in the statistics. 823 - BUG/MEDIUM: h2: always consume any trailing data after end of output buffers 824 - BUG/MEDIUM: buffer: Fix the wrapping case in bo_putblk 825 - BUG/MEDIUM: buffer: Fix the wrapping case in bi_putblk 826 - Revert "BUG/MINOR: send-proxy-v2: string size must include ('\0')" 827 - MINOR: systemd: Add section for SystemD sandboxing to unit file 828 - MINOR: systemd: Add SystemD's Protect*= options to the unit file 829 - MINOR: systemd: Add SystemD's SystemCallFilter option to the unit file 830 - MINOR/BUILD: fix Lua build on Mac OS X 831 - BUILD/MINOR: fix Lua build on Mac OS X (again) 832 - BUG/MINOR: session: Fix tcp-request session failure if handshake. 833 - CLEANUP: .gitignore: Ignore binaries from the contrib directory 834 - BUG/MINOR: unix: Don't mess up when removing the socket from the xfer_sock_list. 835 - BUG/MEDIUM: h2: also arm the h2 timeout when sending 836 - BUG/MINOR: cli: Fix a crash when passing a negative or too large value to "show fd" 837 - CLEANUP: ssl: Remove a duplicated #include 838 - CLEANUP: cli: Remove a leftover debug message 839 - BUG/MINOR: cli: Fix a typo in the 'set rate-limit' usage 840 - BUG/MEDIUM: fix a 100% cpu usage with cpu-map and nbthread/nbproc 841 - BUG/MINOR: force-persist and ignore-persist only apply to backends 842 - BUG/MEDIUM: spoe: Remove idle applets from idle list when HAProxy is stopping 843 - BUG/MEDIUM: threads/unix: Fix a deadlock when a listener is temporarily disabled 844 - BUG/MAJOR: threads/queue: Fix thread-safety issues on the queues management 845 - BUG/MINOR: dns: don't downgrade DNS accepted payload size automatically 846 - BUG/MINOR: seemless reload: Fix crash when an interface is specified. 847 - BUG/MINOR: cli: Fix a crash when sending a command with too many arguments 848 - BUILD: ssl: Fix build with OpenSSL without NPN capability 849 - BUG/MINOR: spoa-example: unexpected behavior for more than 127 args 850 - BUG/MINOR: lua: return bad error messages 851 - BUG/MEDIUM: tcp-check: single connect rule can't detect DOWN servers 852 - BUG/MINOR: tcp-check: use the server's service port as a fallback 853 - BUG/MEDIUM: threads/queue: wake up other threads upon dequeue 854 - MINOR: log: stop emitting alerts when it's not possible to write on the socket 855 - BUILD/BUG: enable -fno-strict-overflow by default 856 - DOC: log: more than 2 log servers are allowed 857 - DOC: don't suggest using http-server-close 858 - BUG/MEDIUM: h2: properly account for DATA padding in flow control 859 - BUG/MINOR: h2: ensure we can never send an RST_STREAM in response to an RST_STREAM 860 - BUG/MINOR: listener: Don't decrease actconn twice when a new session is rejected 861 8622018/02/08 : 1.8.4 863 - BUG/MEDIUM: h2: properly handle the END_STREAM flag on empty DATA frames 864 - BUILD: ssl: silence a warning when building without NPN nor ALPN support 865 - BUG/MEDIUM: ssl: cache doesn't release shctx blocks 866 - BUG/MINOR: lua: Fix default value for pattern in Socket.receive 867 - DOC: lua: Fix typos in comments of hlua_socket_receive 868 - BUG/MEDIUM: lua: Fix IPv6 with separate port support for Socket.connect 869 - BUG/MINOR: lua: Fix return value of Socket.settimeout 870 - MINOR: dns: Handle SRV record weight correctly. 871 - BUG/MEDIUM: mworker: execvp failure depending on argv[0] 872 - MINOR: hathreads: add support for gcc < 4.7 873 - BUILD/MINOR: ancient gcc versions atomic fix 874 - BUG/MEDIUM: stream: properly handle client aborts during redispatch 875 - DOC: clarify the scope of ssl_fc_is_resumed 876 - CONTRIB: debug: fix a few flags definitions 877 - BUG/MINOR: poll: too large size allocation for FD events 878 - BUG/MEDIUM: peers: fix expire date wasn't updated if entry is modified remotely. 879 - MINOR: servers: Don't report duplicate dyncookies for disabled servers. 880 - MINOR: global/threads: move cpu_map at the end of the global struct 881 - MINOR: threads: add a MAX_THREADS define instead of LONGBITS 882 - MINOR: global: add some global activity counters to help debugging 883 - MINOR: threads/fd: Use a bitfield to know if there are FDs for a thread in the FD cache 884 - BUG/MEDIUM: threads/polling: Use fd_cache_mask instead of fd_cache_num 885 - BUG/MEDIUM: fd: maintain a per-thread update mask 886 - MINOR: fd: add a bitmask to indicate that an FD is known by the poller 887 - BUG/MEDIUM: epoll/threads: use one epoll_fd per thread 888 - BUG/MEDIUM: kqueue/threads: use one kqueue_fd per thread 889 - BUG/MEDIUM: threads/mworker: fix a race on startup 890 - BUG/MINOR: mworker: only write to pidfile if it exists 891 - MINOR: threads: Fix build when we're not compiling with threads. 892 - BUG/MINOR: threads: always set an owner to the thread_sync pipe 893 - BUG/MEDIUM: threads/server: Fix deadlock in srv_set_stopping/srv_set_admin_flag 894 - BUG/MEDIUM: checks: Don't try to release undefined conn_stream when a check is freed 895 - BUG/MINOR: kqueue/threads: Don't forget to close kqueue_fd[tid] on each thread 896 - MINOR: threads: Use __decl_hathreads instead of #ifdef/#endif 897 - BUILD: epoll/threads: Add test on MAX_THREADS to avoid warnings when complied without threads 898 - BUILD: kqueue/threads: Add test on MAX_THREADS to avoid warnings when complied without threads 899 - CLEANUP: sample: Fix comment encoding of sample.c 900 - CLEANUP: sample: Fix outdated comment about sample casts functions 901 - BUG/MINOR: sample: Fix output type of c_ipv62ip 902 - CLEANUP: Fix typo in ARGT_MSK6 comment 903 - BUG/MINOR: cli: use global.maxsock and not maxfd to list all FDs 904 - BUG/MINOR: threads: Update labels array because of changes in lock_label enum 905 - BUG/MINOR: epoll/threads: only call epoll_ctl(DEL) on polled FDs 906 - BUG/MEDIUM: spoe: Always try to receive or send the frame to detect shutdowns 907 - BUG/MEDIUM: spoe: Allow producer to read and to forward shutdown on request side 908 - BUG/MINOR: time/threads: ensure the adjusted time is always correct 909 - BUG/MEDIUM: standard: Fix memory leak in str2ip2() 910 - MINOR: init: emit warning when -sf/-sd cannot parse argument 911 - DOC: Describe routing impact of using interface keyword on bind lines 912 - DOC: Mention -Ws in the list of available options 913 - BUG/MINOR: config: don't emit a warning when global stats is incompletely configured 914 9152017/12/30 : 1.8.3 916 - BUG/MEDIUM: h2: properly handle and report some stream errors 917 - BUG/MEDIUM: h2: improve handling of frames received on closed streams 918 - DOC/MINOR: configuration: typo, formatting fixes 919 - BUG/MEDIUM: h2: ensure we always know the stream before sending a reset 920 - BUG/MEDIUM: mworker: don't close stdio several time 921 - MINOR: don't close stdio anymore 922 - BUG/MEDIUM: http: don't automatically forward request close 923 - BUG/MAJOR: hpack: don't return direct references to the dynamic headers table 924 - MEDIUM: h2: prepare a graceful shutdown when the frontend is stopped 925 9262017/12/23 : 1.8.2 927 - BUG/MINOR: action: Don't check http capture rules when no id is defined 928 - BUG/MAJOR: hpack: don't pretend large headers fit in empty table 929 - BUG/MINOR: ssl: support tune.ssl.cachesize 0 again 930 - BUG/MEDIUM: mworker: also close peers sockets in the master 931 - BUG/MEDIUM: ssl engines: Fix async engines fds were not considered to fix fd limit automatically. 932 - BUG/MEDIUM: checks: a down server going to maint remains definitely stucked on down state. 933 - BUG/MEDIUM: peers: set NOLINGER on the outgoing stream interface 934 - BUG/MEDIUM: h2: fix handling of end of stream again 935 - MINOR: mworker: Update messages referencing exit-on-failure 936 - MINOR: mworker: Improve wording in `void mworker_wait()` 937 - CONTRIB: halog: Add help text for -s switch in halog program 938 - BUG/MEDIUM: email-alert: don't set server check status from a email-alert task 939 - BUG/MEDIUM: threads/vars: Fix deadlock in register_name 940 - MINOR: systemd: remove comment about HAPROXY_STATS_SOCKET 941 - DOC: notifications: add precisions about thread usage 942 - BUG/MEDIUM: lua/notification: memory leak 943 - MINOR: conn_stream: add new flag CS_FL_RCV_MORE to indicate pending data 944 - BUG/MEDIUM: stream-int: always set SI_FL_WAIT_ROOM on CS_FL_RCV_MORE 945 - BUG/MEDIUM: h2: automatically set CS_FL_RCV_MORE when the output buffer is full 946 - BUG/MEDIUM: h2: enable recv polling whenever demuxing is possible 947 - BUG/MEDIUM: h2: work around a connection API limitation 948 - BUG/MEDIUM: h2: debug incoming traffic in h2_wake() 949 - MINOR: h2: store the demux padding length in the h2c struct 950 - BUG/MEDIUM: h2: support uploading partial DATA frames 951 - MINOR: h2: don't demand that a DATA frame is complete before processing it 952 - BUG/MEDIUM: h2: don't switch the state to HREM before end of DATA frame 953 - BUG/MEDIUM: h2: don't close after the first DATA frame on tunnelled responses 954 - BUG/MEDIUM: http: don't disable lingering on requests with tunnelled responses 955 - BUG/MEDIUM: h2: fix stream limit enforcement 956 - BUG/MINOR: stream-int: don't try to receive again after receiving an EOS 957 - BUG: MAJOR: lb_map: server map calculation broken 958 - BUG: MINOR: http: don't check http-request capture id when len is provided 959 - BUILD/MINOR: Makefile : enabling USE_CPU_AFFINITY 960 - BUG/MEDIUM: mworker: Set FD_CLOEXEC flag on log fd 961 - DOC/MINOR: intro: typo, wording, formatting fixes 962 - MINOR: netscaler: respect syntax 963 - MINOR: netscaler: remove the use of cip_magic only used once 964 - MINOR: netscaler: rename cip_len to clarify its uage 965 - BUG/MEDIUM: netscaler: use the appropriate IPv6 header size 966 - BUG/MAJOR: netscaler: address truncated CIP header detection 967 - CONTRIB: iprange: Fix compiler warning in iprange.c 968 - CONTRIB: halog: Fix compiler warnings in halog.c 969 - BUG/MINOR: h2: properly report a stream error on RST_STREAM 970 - MINOR: mux: add flags to describe a mux's capabilities 971 - MINOR: stream-int: set flag SI_FL_CLEAN_ABRT when mux supports clean aborts 972 - BUG/MEDIUM: stream: don't consider abortonclose on muxes which close cleanly 973 - MINOR: netscaler: check in one-shot if buffer is large enough for IP and TCP header 974 - MEDIUM: netscaler: do not analyze original IP packet size 975 - MEDIUM: netscaler: add support for standard NetScaler CIP protocol 976 - BUG/MEDIUM: checks: a server passed in maint state was not forced down. 977 - BUG/MEDIUM: lua: fix crash when using bogus mode in register_service() 978 - MINOR: http: adjust the list of supposedly cacheable methods 979 - MINOR: http: update the list of cacheable status codes as per RFC7231 980 - MINOR: http: start to compute the transaction's cacheability from the request 981 - BUG/MINOR: http: do not ignore cache-control: public 982 - BUG/MINOR: http: properly detect max-age=0 and s-maxage=0 in responses 983 - BUG/MINOR: cache: do not force the TX_CACHEABLE flag before checking cacheability 984 - MINOR: http: add a function to check request's cache-control header field 985 - BUG/MEDIUM: cache: do not try to retrieve host-less requests from the cache 986 - BUG/MEDIUM: cache: replace old object on store 987 - BUG/MEDIUM: cache: respect the request cache-control header 988 - BUG/MEDIUM: cache: don't cache the response on no-cache="set-cookie" 989 - BUG/MAJOR: connection: refine the situations where we don't send shutw() 990 - BUG/MEDIUM: checks: properly set servers to stopping state on 404 991 9922017/12/03 : 1.8.1 993 - BUG/MEDIUM: kqueue: Don't bother closing the kqueue after fork. 994 - DOC: cache: update sections and fix some typos 995 - BUILD/MINOR: deviceatlas: enable thread support 996 - BUG/MEDIUM: tcp-check: Don't lock the server in tcpcheck_main 997 - BUG/MEDIUM: ssl: don't allocate shctx several time 998 - BUG/MEDIUM: cache: bad computation of the remaining size 999 - BUILD: checks: don't include server.h 1000 - BUG/MEDIUM: stream: fix session leak on applet-initiated connections 1001 - BUILD/MINOR: haproxy : FreeBSD/cpu affinity needs pthread_np header 1002 - BUG/MINOR: ssl: CO_FL_EARLY_DATA removal is managed by stream 1003 - BUG/MEDIUM: threads/peers: decrement, not increment jobs on quitting 1004 - BUG/MEDIUM: h2: don't report an error after parsing a 100-continue response 1005 - BUG/MEDIUM: peers: fix some track counter rules dont register entries for sync. 1006 - BUG/MAJOR: thread/peers: fix deadlock on peers sync. 1007 - BUILD/MINOR: haproxy: compiling config cpu parsing handling when needed 1008 - BUG/MINOR: mworker: fix validity check for the pipe FDs 1009 - BUG/MINOR: mworker: detach from tty when in daemon mode 1010 - MINOR: threads: Fix pthread_setaffinity_np on FreeBSD. 1011 - BUG/MAJOR: thread: Be sure to request a sync between threads only once at a time 1012 - BUILD: Fix LDFLAGS vs. LIBS re linking order in various makefiles 1013 - BUG/MEDIUM: checks: Be sure we have a mux if we created a cs. 1014 - BUG/MINOR: hpack: fix debugging output of pseudo header names 1015 - BUG/MINOR: hpack: must reject huffman literals padded with more than 7 bits 1016 - BUG/MINOR: hpack: reject invalid header index 1017 - BUG/MINOR: hpack: dynamic table size updates are only allowed before headers 1018 - BUG/MAJOR: h2: correctly check the request length when building an H1 request 1019 - BUG/MINOR: h2: immediately close if receiving GOAWAY after the last stream 1020 - BUG/MINOR: h2: try to abort closed streams as soon as possible 1021 - BUG/MINOR: h2: ":path" must not be empty 1022 - BUG/MINOR: h2: fix a typo causing PING/ACK to be responded to 1023 - BUG/MINOR: h2: the TE header if present may only contain trailers 1024 - BUG/MEDIUM: h2: enforce the per-connection stream limit 1025 - BUG/MINOR: h2: do not accept SETTINGS_ENABLE_PUSH other than 0 or 1 1026 - BUG/MINOR: h2: reject incorrect stream dependencies on HEADERS frame 1027 - BUG/MINOR: h2: properly check PRIORITY frames 1028 - BUG/MINOR: h2: reject response pseudo-headers from requests 1029 - BUG/MEDIUM: h2: remove connection-specific headers from request 1030 - BUG/MEDIUM: h2: do not accept upper case letters in request header names 1031 - BUG/MINOR: h2: use the H2_F_DATA_* macros for DATA frames 1032 10332017/11/26 : 1.8.0 1034 - BUG/MEDIUM: stream: don't automatically forward connect nor close 1035 - BUG/MAJOR: stream: ensure analysers are always called upon close 1036 - BUG/MINOR: stream-int: don't try to read again when CF_READ_DONTWAIT is set 1037 - MEDIUM: mworker: Add systemd `Type=notify` support 1038 - BUG/MEDIUM: cache: free callback to remove from tree 1039 - CLEANUP: cache: remove unused struct 1040 - MEDIUM: cache: enable the HTTP analysers 1041 - CLEANUP: cache: remove wrong comment 1042 - MINOR: threads/atomic: rename local variables in macros to avoid conflicts 1043 - MINOR: threads/plock: rename local variables in macros to avoid conflicts 1044 - MINOR: threads/atomic: implement pl_mb() in asm on x86 1045 - MINOR: threads/atomic: implement pl_bts() on non-x86 1046 - MINOR: threads/build: atomic: replace the few inlines with macros 1047 - BUILD: threads/plock: fix a build issue on Clang without optimization 1048 - BUILD: ebtree: don't redefine types u32/s32 in scope-aware trees 1049 - BUILD: compiler: add a new type modifier __maybe_unused 1050 - BUILD: h2: mark some inlined functions "unused" 1051 - BUILD: server: check->desc always exists 1052 - BUG/MEDIUM: h2: properly report connection errors in headers and data handlers 1053 - MEDIUM: h2: add a function to emit an HTTP/1 request from a headers list 1054 - MEDIUM: h2: change hpack_decode_headers() to only provide a list of headers 1055 - BUG/MEDIUM: h2: always reassemble the Cookie request header field 1056 - BUG/MINOR: systemd: ignore daemon mode 1057 - CONTRIB: spoa_example: allow to compile outside HAProxy. 1058 - CONTRIB: spoa_example: remove bref, wordlist, cond_wordlist 1059 - CONTRIB: spoa_example: remove last dependencies on type "sample" 1060 - CONTRIB: spoa_example: remove SPOE enums that are useless for clients 1061 - CLEANUP: cache: reorder includes 1062 - MEDIUM: shctx: use unsigned int for len and block_count 1063 - MEDIUM: cache: "show cache" on the cli 1064 - BUG/MEDIUM: cache: use key=0 as a condition for freeing 1065 - BUG/MEDIUM: cache: refcount forbids to free the objects 1066 - BUG/MEDIUM: cache fix cli_kws structure 1067 - BUG/MEDIUM: deinit: correctly deinitialize the proxy and global listener tasks 1068 - BUG/MINOR: ssl: Always start the handshake if we can't send early data. 1069 - MINOR: ssl: Don't disable early data handling if we could not write. 1070 - MINOR: pools: prepare functions to override malloc/free in pools 1071 - MINOR: pools: implement DEBUG_UAF to detect use after free 1072 - BUG/MEDIUM: threads/time: fix time drift correction 1073 - BUG/MEDIUM: threads/time: maintain a common time reference between all threads 1074 - MINOR: sample: Add "thread" sample fetch 1075 - BUG/MINOR: Use crt_base instead of ca_base when crt is parsed on a server line 1076 - BUG/MINOR: stream: fix tv_request calculation for applets 1077 - BUG/MAJOR: h2: always remove a stream from the send list before freeing it 1078 - BUG/MAJOR: threads/task: dequeue expired tasks under the WQ lock 1079 - MINOR: ssl: Handle reading early data after writing better. 1080 - MINOR: mux: Make sure every string is woken up after the handshake. 1081 - MEDIUM: cache: store sha1 for hashing the cache key 1082 - MINOR: http: implement the "http-request reject" rule 1083 - MINOR: h2: send RST_STREAM before GOAWAY on reject 1084 - MEDIUM: h2: don't gracefully close the connection anymore on Connection: close 1085 - MINOR: h2: make use of client-fin timeout after GOAWAY 1086 - MEDIUM: config: ensure that tune.bufsize is at least 16384 when using HTTP/2 1087 - MINOR: ssl: Handle early data with BoringSSL 1088 - BUG/MEDIUM: stream: always release the stream-interface on abort 1089 - BUG/MEDIUM: cache: free ressources in chn_end_analyze 1090 - MINOR: cache: move the refcount decrease in the applet release 1091 - BUG/MINOR: listener: Allow multiple "process" options on "bind" lines 1092 - MINOR: config: Support a range to specify processes in "cpu-map" parameter 1093 - MINOR: config: Slightly change how parse_process_number works 1094 - MINOR: config: Export parse_process_number and use it wherever it's applicable 1095 - MINOR: standard: Add my_ffsl function to get the position of the bit set to one 1096 - MINOR: config: Add auto-increment feature for cpu-map 1097 - MINOR: config: Support partial ranges in cpu-map directive 1098 - MINOR:: config: Remove thread-map directive 1099 - MINOR: config: Add the threads support in cpu-map directive 1100 - MINOR: config: Add threads support for "process" option on "bind" lines 1101 - MEDIUM: listener: Bind listeners on a thread subset if specified 1102 - CLEANUP: debug: Use DPRINTF instead of fprintf into #ifdef DEBUG_FULL/#endif 1103 - CLEANUP: log: Rename Alert/Warning in ha_alert/ha_warning 1104 - MINOR/CLEANUP: proxy: rename "proxy" to "proxies_list" 1105 - CLEANUP: pools: rename all pool functions and pointers to remove this "2" 1106 - DOC: update the roadmap file with the latest changes merged in 1.8 1107 - DOC: fix mangled version in peers protocol documentation 1108 - DOC: add initial peers protovol v2.0 documentation. 1109 - DOC: mention William as maintainer of the cache and master-worker 1110 - DOC: add Christopher and Emeric as maintainers of the threads 1111 - MINOR: cache: replace a fprint() by an abort() 1112 - MEDIUM: cache: max-age configuration keyword 1113 - DOC: explain HTTP2 timeout behavior 1114 - DOC: cache: configuration and management 1115 - MAJOR: mworker: exits the master on failure 1116 - BUG/MINOR: threads: don't drop "extern" on the lock in include files 1117 - MINOR: task: keep a pointer to the currently running task 1118 - MINOR: task: align the rq and wq locks 1119 - MINOR: fd: cache-align fdtab and fdcache locks 1120 - MINOR: buffers: cache-align buffer_wq_lock 1121 - CLEANUP: server: reorder some fields in struct server to save 40 bytes 1122 - CLEANUP: proxy: slightly reorder the struct proxy to reduce holes 1123 - CLEANUP: checks: remove 16 bytes of holes in struct check 1124 - CLEANUP: cache: more efficiently pack the struct cache 1125 - CLEANUP: fd: place the lock at the beginning of struct fdtab 1126 - CLEANUP: pools: align pools on a cache line 1127 - DOC: config: add a few bits about how to configure HTTP/2 1128 - BUG/MAJOR: threads/queue: avoid recursive locking in pendconn_get_next_strm() 1129 - BUILD: Makefile: reorder object files by size 1130 11312017/11/19 : 1.8-rc4 1132 - BUG/MEDIUM: cache: does not cache if no Content-Length 1133 - BUILD: thread/pipe: fix build without threads 1134 - BUG/MINOR: spoe: check buffer size before acquiring or releasing it 1135 - MINOR: debug/flags: Add missing flags 1136 - MINOR: threads: Use __decl_hathreads to declare locks 1137 - BUG/MINOR: buffers: Fix b_alloc_margin to be "fonctionnaly" thread-safe 1138 - BUG/MAJOR: ebtree/scope: fix insertion and removal of duplicates in scope-aware trees 1139 - BUG/MAJOR: ebtree/scope: fix lookup of next node in scope-aware trees 1140 - MINOR: ebtree/scope: add a function to find next node from a parent 1141 - MINOR: ebtree/scope: simplify the lookup functions by using eb32sc_next_with_parent() 1142 - BUG/MEDIUM: mworker: Fix re-exec when haproxy is started from PATH 1143 - BUG/MEDIUM: cache: use msg->sov to forward header 1144 - MINOR: cache: forward data with headers 1145 - MINOR: cache: disable cache if shctx_row_data_append fail 1146 - BUG/MINOR: threads: tid_bit must be a unsigned long 1147 - CLEANUP: tasks: Remove useless double test on rq_next 1148 - BUG/MEDIUM: standard: itao_str/idx and quote_str/idx must be thread-local 1149 - MINOR: tools: add a function to dump a scope-aware tree to a file 1150 - MINOR: tools: improve the DOT dump of the ebtree 1151 - MINOR: tools: emphasize the node being worked on in the tree dump 1152 - BUG/MAJOR: ebtree/scope: properly tag upper nodes during insertion 1153 - DOC: peers: Add a first version of peers protocol v2.1. 1154 - CONTRIB: Wireshark dissector for HAProxy Peer Protocol. 1155 - MINOR: mworker: display an accurate error when the reexec fail 1156 - BUG/MEDIUM: mworker: wait again for signals when execvp fail 1157 - BUG/MEDIUM: mworker: does not deinit anymore 1158 - BUG/MEDIUM: mworker: does not close inherited FD 1159 - MINOR: tests: add a python wrapper to test inherited fd 1160 - BUG/MINOR: Allocate the log buffers before the proxies startup 1161 - MINOR: tasks: Use a bitfield to track tasks activity per-thread 1162 - MAJOR: polling: Use active_tasks_mask instead of tasks_run_queue 1163 - MINOR: applets: Use a bitfield to track applets activity per-thread 1164 - MAJOR: polling: Use active_appels_mask instead of applets_active_queue 1165 - MEDIUM: applets: Don't process more than 200 active applets at once 1166 - MINOR: stream: Add thread-mask of tasks/FDs/applets in "show sess all" command 1167 - MINOR: SSL: Store the ASN1 representation of client sessions. 1168 - MINOR: ssl: Make sure we don't shutw the connection before the handshake. 1169 - BUG/MEDIUM: deviceatlas: ignore not valuable HTTP request data 1170 11712017/11/11 : 1.8-rc3 1172 - BUILD: use MAXPATHLEN instead of NAME_MAX. 1173 - BUG/MAJOR: threads/checks: add 4 missing spin_unlock() in various functions 1174 - BUG/MAJOR: threads/server: missing unlock in CLI fqdn parser 1175 - BUG/MINOR: cli: do not perform an invalid action on "set server check-port" 1176 - BUG/MAJOR: threads/checks: wrong use of SPIN_LOCK instead of SPIN_UNLOCK 1177 - CLEANUP: checks: remove return statements in locked functions 1178 - BUG/MINOR: cli: add severity in "set server addr" parser 1179 - CLEANUP: server: get rid of return statements in the CLI parser 1180 - BUG/MAJOR: cli/streams: missing unlock on exit "show sess" 1181 - BUG/MAJOR: threads/dns: add missing unlock on allocation failure path 1182 - BUG/MAJOR: threads/lb: fix missing unlock on consistent hash LB 1183 - BUG/MAJOR: threads/lb: fix missing unlock on map-based hash LB 1184 - BUG/MEDIUM: threads/stick-tables: close a race condition on stktable_trash_expired() 1185 - BUG/MAJOR: h2: set the connection's task to NULL when no client timeout is set 1186 - BUG/MAJOR: thread/listeners: enable_listener must not call unbind_listener() 1187 - BUG/MEDIUM: threads: don't try to free build option message on exit 1188 - MINOR: applets: no need to check for runqueue's emptiness in appctx_res_wakeup() 1189 - MINOR: add master-worker in the warning about nbproc 1190 - MINOR: mworker: allow pidfile in mworker + foreground 1191 - MINOR: mworker: write parent pid in the pidfile 1192 - MINOR: mworker: do not store child pid anymore in the pidfile 1193 - MINOR: ebtree: implement the scope-aware functions for eb32 1194 - MEDIUM: ebtree: specify the scope of every node inserted via eb32sc 1195 - MINOR: ebtree: update the eb32sc parent node's scope on delete 1196 - MEDIUM: ebtree: only consider the branches matching the scope in lookups 1197 - MINOR: ebtree: implement eb32sc_lookup_ge_or_first() 1198 - MAJOR: task: make use of the scope-aware ebtree functions 1199 - MINOR: task: simplify wake_expired_tasks() to avoid unlocking in the loop 1200 - MEDIUM: task: change the construction of the loop in process_runnable_tasks() 1201 - MINOR: threads: use faster locks for the spin locks 1202 - MINOR: tasks: only visit filled task slots after processing them 1203 - MEDIUM: tasks: implement a lockless scheduler for single-thread usage 1204 - BUG/MINOR: dns: Don't try to get the server lock if it's already held. 1205 - BUG/MINOR: dns: Don't lock the server lock in snr_check_ip_callback(). 1206 - DOC: Add note about encrypted password CPU usage 1207 - BUG/MINOR: h2: set the "HEADERS_SENT" flag on stream, not connection 1208 - BUG/MEDIUM: h2: properly send an RST_STREAM on mux stream error 1209 - BUG/MEDIUM: h2: properly send the GOAWAY frame in the mux 1210 - BUG/MEDIUM: h2: don't try (and fail) to send non-existing data in the mux 1211 - MEDIUM: h2: remove the H2_SS_RESET intermediate state 1212 - BUG/MEDIUM: h2: fix some wrong error codes on connections 1213 - BUILD: threads: Rename SPIN/RWLOCK macros using HA_ prefix 1214 - BUILD: enable USE_THREAD for Solaris build. 1215 - BUG/MEDIUM: h2: don't close the connection is there are data left 1216 - MINOR: h2: don't re-enable the connection's task when we're closing 1217 - BUG/MEDIUM: h2: properly set H2_SF_ES_SENT when sending the final frame 1218 - BUG/MINOR: h2: correctly check for H2_SF_ES_SENT before closing 1219 - MINOR: h2: add new stream flag H2_SF_OUTGOING_DATA 1220 - BUG/MINOR: h2: don't send GOAWAY on failed response 1221 - BUG/MEDIUM: splice/threads: pipe reuse list was not protected. 1222 - BUG/MINOR: comp: fix compilation warning compiling without compression. 1223 - BUG/MINOR: stream-int: don't set MSG_MORE on closed request path 1224 - BUG/MAJOR: threads/tasks: fix the scheduler again 1225 - BUG/MINOR; ssl: Don't assume we have a ssl_bind_conf because a SNI is matched. 1226 - MINOR: ssl: Handle session resumption with TLS 1.3 1227 - MINOR: ssl: Spell 0x10101000L correctly. 1228 - MINOR: ssl: Handle sending early data to server. 1229 - BUILD: ssl: fix build of backend without ssl 1230 - BUILD: shctx: do not depend on openssl anymore 1231 - BUG/MINOR: h1: the HTTP/1 make status code parser check for digits 1232 - BUG/MEDIUM: h2: reject non-3-digit status codes 1233 - BUG/MEDIUM: stream-int: Don't loss write's notifs when a stream is woken up 1234 - BUG/MINOR: pattern: Rely on the sample type to copy it in pattern_exec_match 1235 - BUG/MEDIUM: h2: split the function to send RST_STREAM 1236 - BUG/MEDIUM: h1: ensure the chunk size parser can deal with full buffers 1237 - MINOR: tools: don't use unlikely() in hex2i() 1238 - BUG/MEDIUM: h2: support orphaned streams 1239 - BUG/MEDIUM: threads/cli: fix "show sess" locking on release 1240 - CLEANUP: mux: remove the unused "release()" function 1241 - MINOR: cli: make "show fd" report the fd's thread mask 1242 - BUG/MEDIUM: stream: don't ignore res.analyse_exp anymore 1243 - CLEANUP: global: introduce variable pid_bit to avoid shifts with relative_pid 1244 - MEDIUM: http: always reject the "PRI" method 1245 12462017/11/03 : 1.8-rc2 1247 - BUG/MINOR: send-proxy-v2: fix dest_len in make_tlv call 1248 - BUG/MINOR: send-proxy-v2: string size must include ('\0') 1249 - MINOR: mux: Only define pipe functions on linux. 1250 - MINOR: cache: Remove useless test for nonzero. 1251 - MINOR: cache: Don't confuse act_return and act_parse_ret. 1252 - BUG/MEDIUM: h2: don't try to parse incomplete H1 responses 1253 - BUG/MEDIUM: checks/mux: always enable send-polling after connecting 1254 - BUG/MAJOR: fix deadlock on healthchecks. 1255 - BUG/MINOR: thread: fix a typo in the debug code 1256 - BUILD: shctx: allow to be built without openssl 1257 - BUG/MEDIUM: cache: don't try to resolve wrong filters 1258 - BUG/MAJOR: buffers: fix get_buffer_nc() for data at end of buffer 1259 - BUG/MINOR: freq: fix infinite loop on freq_ctr_period. 1260 - BUG/MINOR: stdarg.h inclusion 1261 - BUG/MINOR: dns: fix missing lock protection on server. 1262 - BUG/MINOR: lua: fix missing lock protection on server. 1263 - BUILD: enable USE_THREAD for OpenBSD build. 1264 - BUG/MAJOR: mux_pt: don't dereference a connstream after ->wake() 1265 - MINOR: thread: report multi-thread support in haproxy -vv 1266 12672017/10/31 : 1.8-rc1 1268 - BUG/MEDIUM: server: Allocate tmptrash before using it. 1269 - CONTRIB: trace: add the possibility to place trace calls in the code 1270 - CONTRIB: trace: try to display the function's return value on exit 1271 - CONTRIB: trace: report the base name only for file names 1272 - BUILD: ssl: support OPENSSL_NO_ASYNC #define 1273 - MINOR: ssl: build with recent BoringSSL library 1274 - BUG/MINOR: ssl: OCSP_single_get0_status can return -1 1275 - BUG/MINOR: cli: restore "set ssl tls-key" command 1276 - CLEANUP: cli: remove undocumented "set ssl tls-keys" command 1277 - IMPORT: sha1: import SHA1 functions 1278 - MINOR: sample: add the sha1 converter 1279 - MINOR: sample: add the hex2i converter 1280 - MINOR: stream-int: stop checking for useless connection flags in chk_snd_conn 1281 - MINOR: ssl: don't abort after sending 16kB 1282 - MINOR: connection: move the cleanup of flag CO_FL_WAIT_ROOM 1283 - MINOR: connection: add flag CO_FL_WILL_UPDATE to indicate when updates are granted 1284 - MEDIUM: connection: make use of CO_FL_WILL_UPDATE in conn_sock_shutw() 1285 - MINOR: raw_sock: make use of CO_FL_WILL_UPDATE 1286 - MINOR: ssl_sock: make use of CO_FL_WILL_UPDATE 1287 - BUG/MINOR: checks: Don't forget to release the connection on error case. 1288 - MINOR: buffer: add the buffer input manipulation functions 1289 - BUG/MEDIUM: prevent buffers being overwritten during build_logline() execution 1290 - MEDIUM: cfgparse: post section callback 1291 - MEDIUM: cfgparse: post parsing registration 1292 - MINOR: lua: add uuid to the Class Proxy 1293 - MINOR: hlua: Add regex class 1294 - MINOR: http: Mark the 425 code as "Too Early". 1295 - MEDIUM: ssl: convert CBS (BoringSSL api) usage to neutral code 1296 - MINOR: ssl: support Openssl 1.1.1 early callback for switchctx 1297 - MINOR: ssl: generated certificate is missing in switchctx early callback 1298 - MEDIUM: ssl: Handle early data with OpenSSL 1.1.1 1299 - BUILD: Makefile: disable -Wunused-label 1300 - MINOR: ssl/proto_http: Add keywords to take care of early data. 1301 - BUG/MINOR: lua: const attribute of a string is overridden 1302 - MINOR: ssl: Don't abuse ssl_options. 1303 - MINOR: update proxy-protocol-v2 #define 1304 - MINOR: merge ssl_sock_get calls for log and ppv2 1305 - MINOR: add ALPN information to send-proxy-v2 1306 - MEDIUM: h1: ensure that 1xx, 204 and 304 don't have a payload body 1307 - CLEANUP: shctx: get ride of the shsess_packet{_hdr} structures 1308 - MEDIUM: lists: list_for_each_entry{_safe}_from functions 1309 - REORG: shctx: move lock functions and struct 1310 - MEDIUM: shctx: allow the use of multiple shctx 1311 - REORG: shctx: move ssl functions to ssl_sock.c 1312 - MEDIUM: shctx: separate ssl and shctx 1313 - MINOR: shctx: rename lock functions 1314 - MINOR: h1: store the status code in the H1 message 1315 - BUG/MINOR: spoe: Don't compare engine name and SPOE scope when both are NULL 1316 - BUG/MINOR: spoa: Update pointer on the end of the frame when a reply is encoded 1317 - MINOR: action: Add trk_idx inline function 1318 - MINOR: action: Use trk_idx instead of tcp/http_trk_idx 1319 - MINOR: action: Add a function pointer in act_rule struct to check its validity 1320 - MINOR: action: Add function to check rules using an action ACT_ACTION_TRK_* 1321 - MINOR: action: Add a functions to check http capture rules 1322 - MINOR: action: Factorize checks on rules calling check_ptr if defined 1323 - MINOR: acl: Pass the ACLs as an explicit parameter of build_acl_cond 1324 - MEDIUM: spoe: Add support of ACLS to enable or disable sending of SPOE messages 1325 - MINOR: spoe: Check uniqness of SPOE engine names during config parsing 1326 - MEDIUM: spoe: Parse new "spoe-group" section in SPOE config file 1327 - MEDIUM: spoe/rules: Add "send-spoe-group" action for tcp/http rules 1328 - MINOR: spoe: Move message encoding in its own function 1329 - MINOR: spoe: Add a type to qualify the message list during encoding 1330 - MINOR: spoe: Add a generic function to encode a list of SPOE message 1331 - MEDIUM: spoe/rules: Process "send-spoe-group" action 1332 - BUG/MINOR: dns: Fix CLI keyword declaration 1333 - MAJOR: dns: Refactor the DNS code 1334 - BUG/MINOR: mailers: Fix a memory leak when email alerts are released 1335 - MEDIUM: mailers: Init alerts during conf parsing and refactor their processing 1336 - MINOR: mailers: Use pools to allocate email alerts and its tcpcheck_rules 1337 - MINOR: standard: Add memvprintf function 1338 - MINOR: log: Save alerts and warnings emitted during HAProxy startup 1339 - MINOR: cli: Add "show startup-logs" command 1340 - MINOR: startup: Extend the scope the MODE_STARTING flag 1341 - MINOR: threads: Prepare makefile to link with pthread 1342 - MINOR: threads: Add THREAD_LOCAL macro 1343 - MINOR: threads: Add atomic-ops and plock includes in import dir 1344 - MEDIUM: threads: Add hathreads header file 1345 - MINOR: threads: Add mechanism to register per-thread init/deinit functions 1346 - MINOR: threads: Add nbthread parameter 1347 - MEDIUM: threads: Adds a set of functions to handle sync-point 1348 - MAJOR: threads: Start threads to experiment multithreading 1349 - MINOR: threads: Define the sync-point inside run_poll_loop 1350 - MEDIUM: threads/buffers: Define and register per-thread init/deinit functions 1351 - MEDIUM: threads/chunks: Transform trash chunks in thread-local variables 1352 - MEDIUM: threads/time: Many global variables from time.h are now thread-local 1353 - MEDIUM: threads/logs: Make logs thread-safe 1354 - MEDIUM: threads/pool: Make pool thread-safe by locking all access to a pool 1355 - MAJOR: threads/fd: Make fd stuffs thread-safe 1356 - MINOR: threads/fd: Add a mask of threads allowed to process on each fd in fdtab array 1357 - MEDIUM: threads/fd: Initialize the process mask during the call to fd_insert 1358 - MINOR: threads/fd: Process cached events of FDs depending on the process mask 1359 - MINOR: threads/polling: pollers now handle FDs depending on the process mask 1360 - WIP: SQUASH WITH SYNC POINT 1361 - MAJOR: threads/task: handle multithread on task scheduler 1362 - MEDIUM: threads/signal: Add a lock to make signals thread-safe 1363 - MEDIUM: threads/listeners: Make listeners thread-safe 1364 - MEDIUM: threads/proxy: Add a lock per proxy and atomically update proxy vars 1365 - MEDIUM: threads/server: Make connection list (priv/idle/safe) thread-safe 1366 - MEDIUM: threads/server: Add a lock per server and atomically update server vars 1367 - MINOR: threads/server: Add a lock to deal with insert in updates_servers list 1368 - MEDIUM: threads/lb: Make LB algorithms (lb_*.c) thread-safe 1369 - MEDIUM: threads/stick-tables: handle multithreads on stick tables 1370 - MINOR: threads/sample: Change temp_smp into a thread local variable 1371 - MEDIUM: threads/http: Make http_capture_bad_message thread-safe 1372 - MINOR: threads/regex: Change Regex trash buffer into a thread local variable 1373 - MAJOR: threads/applet: Handle multithreading for applets 1374 - MAJOR: threads/peers: Make peers thread safe 1375 - MAJOR: threads/buffer: Make buffer wait queue thread safe 1376 - MEDIUM: threads/stream: Make streams list thread safe 1377 - MAJOR: threads/ssl: Make SSL part thread-safe 1378 - MEDIUM: threads/queue: Make queues thread-safe 1379 - MAJOR: threads/map: Make acls/maps thread safe 1380 - MEDIUM: threads/freq_ctr: Make the frequency counters thread-safe 1381 - MEDIUM: thread/vars: Make vars thread-safe 1382 - MEDIUM: threads/filters: Add init/deinit callback per thread 1383 - MINOR: threads/filters: Update trace filter to add _per_thread callbacks 1384 - MEDIUM: threads/compression: Make HTTP compression thread-safe 1385 - MEDIUM: threads/lua: Makes the jmpbuf and some other buffers local to the current thread. 1386 - MEDIUM: threads/lua: Add locks around the Lua execution parts. 1387 - MEDIUM: threads/lua: Ensure that the launched tasks runs on the same threads than me 1388 - MEDIUM: threads/lua: Cannot acces to the socket if we try to access from another thread. 1389 - MEDIUM: threads/xref: Convert xref function to a thread safe model 1390 - MEDIUM: threads/tasks: Add lock around notifications 1391 - MEDIUM: thread/spoe: Make the SPOE thread-safe 1392 - MEDIUM: thread/dns: Make DNS thread-safe 1393 - MINOR: threads: Add thread-map config parameter in the global section 1394 - MINOR: threads/checks: Add a lock to protect the pid list used by external checks 1395 - MINOR: threads/checks: Set the task process_mask when a check is executed 1396 - MINOR: threads/mailers: Add a lock to protect queues of email alerts 1397 - MEDIUM: threads/server: Use the server lock to protect health check and cli concurrency 1398 - MINOR: threads: Don't start when device a detection module is used 1399 - BUG/MEDIUM: threads: Run the poll loop on the main thread too 1400 - BUG/MINOR: threads: Add missing THREAD_LOCAL on static here and there 1401 - MAJOR: threads: Offically enable the threads support in HAProxy 1402 - BUG/MAJOR: threads/freq_ctr: fix lock on freq counters. 1403 - BUG/MAJOR: threads/time: Store the time deviation in an 64-bits integer 1404 - BUILD: stick-tables: silence an uninitialized variable warning 1405 - BUG/MINOR: dns: Fix SRV records with the new thread code. 1406 - MINOR: ssl: Remove the global allow-0rtt option. 1407 - CLEANUP: threads: replace the last few 1UL<<tid with tid_bit 1408 - CLEANUP: threads: rename process_mask to thread_mask 1409 - MINOR: h1: add a function to measure the trailers length 1410 - MINOR: threads: add a portable barrier for threads and non-threads 1411 - BUG/MAJOR: threads/freq_ctr: use a memory barrier to detect changes 1412 - BUG/MEDIUM: threads: Initialize the sync-point 1413 - MEDIUM: connection: start to introduce a mux layer between xprt and data 1414 - MINOR: connection: implement alpn registration of muxes 1415 - MINOR: mux: register the pass-through mux for any ALPN string 1416 - MEDIUM: session: use the ALPN token and proxy mode to select the mux 1417 - MINOR: connection: report the major HTTP version from the MUX for logging (fc_http_major) 1418 - MINOR: connection: introduce conn_stream 1419 - MINOR: mux: add more methods to mux_ops 1420 - MINOR: connection: introduce the conn_stream manipulation functions 1421 - MINOR: mux_pt: implement remaining mux_ops methods 1422 - MAJOR: connection : Split struct connection into struct connection and struct conn_stream. 1423 - MINOR: connection: make conn_stream users also check for per-stream error flag 1424 - MINOR: conn_stream: new shutr/w status flags 1425 - MINOR: conn_stream: modify cs_shut{r,w} API to pass the desired mode 1426 - MEDIUM: connection: make conn_sock_shutw() aware of lingering 1427 - MINOR: connection: add cs_close() to close a conn_stream 1428 - MEDIUM: mux_pt: make cs_shutr() / cs_shutw() properly close the connection 1429 - MEDIUM: connection: replace conn_full_close() with cs_close() 1430 - MEDIUM: connection: make mux->detach() release the connection 1431 - MEDIUM: stream: do not forcefully close the client connection anymore 1432 - MEDIUM: checks: exclusively use cs_destroy() to release a connection 1433 - MEDIUM: connection: add a destroy callback 1434 - MINOR: session: release the listener with the session, not the stream 1435 - MEDIUM: session: make use of the connection's destroy callback 1436 - CONTRIB: hpack: implement a reverse huffman table generator for hpack 1437 - MINOR: hpack: implement the HPACK Huffman table decoder 1438 - MINOR: hpack: implement the header tables management 1439 - MINOR: hpack: implement the decoder 1440 - MEDIUM: hpack: implement basic hpack encoding 1441 - MINOR: h2: centralize all HTTP/2 protocol elements and constants 1442 - MINOR: h2: create a very minimalistic h2 mux 1443 - MINOR: h2: expose tune.h2.header-table-size to configure the table size 1444 - MINOR: h2: expose tune.h2.initial-window-size to configure the window size 1445 - MINOR: h2: expose tune.h2.max-concurrent-streams to limit the number of streams 1446 - MINOR: h2: create the h2c struct and allocate its pool 1447 - MINOR: h2: create the h2s struct and the associated pool 1448 - MINOR: h2: handle two extra stream states for errors 1449 - MINOR: h2: add a frame header descriptor for incoming frames 1450 - MEDIUM: h2: allocate and release the h2c context on connection init/end 1451 - MEDIUM: h2: implement basic recv/send/wake functions 1452 - MEDIUM: h2: dynamically allocate the demux buffer on Rx 1453 - MEDIUM: h2: implement the mux buffer allocator 1454 - MINOR: h2: add the connection and stream flags listing the causes for blocking 1455 - MINOR: h2: add function h2s_id() to report a stream's ID 1456 - MINOR: h2: small function to know when the mux is busy 1457 - MINOR: h2: new function h2c_error to mark an error on the connection 1458 - MINOR: h2: new function h2s_error() to mark an error on a stream 1459 - MINOR: h2: add h2_set_frame_size() to update the size in a binary frame 1460 - MINOR: h2: new function h2_peek_frame_hdr() to retrieve a new frame header 1461 - MINOR: h2: add a few functions to retrieve contents from a wrapping buffer 1462 - MINOR: h2: add stream lookup function based on the stream ID 1463 - MINOR: h2: create dummy idle and closed streams 1464 - MINOR: h2: add the function to create a new stream 1465 - MINOR: h2: update the {MUX,DEM}_{M,D}ALLOC flags on buffer availability 1466 - MEDIUM: h2: start to consider the H2_CF_{MUX,DEM}_* flags for polling 1467 - MINOR: h2: also terminate the connection on shutr 1468 - MEDIUM: h2: properly consider all conditions for end of connection 1469 - MEDIUM: h2: wake the connection up for send on pending streams 1470 - MEDIUM: h2: start to implement the frames processing loop 1471 - MINOR: h2: add a function to send a GOAWAY error frame 1472 - MINOR: h2: match the H2 connection preface on init 1473 - MEDIUM: h2: enable connection polling for send when a cs wants to emit 1474 - MEDIUM: h2: enable reading again on the connection if it was blocked on stream buffer full 1475 - MEDIUM: h2: process streams pending for sending 1476 - MINOR: h2: send a real SETTINGS frame based on the configuration 1477 - MEDIUM: h2: detect the presence of the first settings frame 1478 - MINOR: h2: create a stream parser for the demuxer 1479 - MINOR: h2: implement PING frames 1480 - MEDIUM: h2: decode SETTINGS frames and extract relevant settings 1481 - MINOR: h2: lookup the stream during demuxing 1482 - MEDIUM: h2: honor WINDOW_UPDATE frames 1483 - MINOR: h2: implement h2_send_rst_stream() to send RST_STREAM frames 1484 - MINOR: h2: handle CONTINUATION frames 1485 - MEDIUM: h2: partial implementation of h2_detach() 1486 - MEDIUM: h2: unblock a connection when its current stream detaches 1487 - MEDIUM: h2: basic processing of HEADERS frame 1488 - MEDIUM: h2: don't use trash to decode headers! 1489 - MEDIUM: h2: implement the response HEADERS frame to encode the H1 response 1490 - MEDIUM: h2: send the H1 response body as DATA frames 1491 - MEDIUM: h2: skip the response trailers if any 1492 - MEDIUM: h2: properly continue to parse header block when facing a 1xx response 1493 - MEDIUM: h2: send WINDOW_UPDATE frames for connection 1494 - MEDIUM: h2: handle request body in DATA frames 1495 - MINOR: h2: handle RST_STREAM frames 1496 - MEDIUM: h2: send DATA+ES or RST_STREAM on shutw/shutr 1497 - MINOR: h2: use a common function to signal some and all streams. 1498 - MEDIUM: h2: handle GOAWAY frames 1499 - MINOR: h2: centralize the check for the idle streams 1500 - MINOR: h2: centralize the check for the half-closed(remote) streams 1501 - MEDIUM: h2: silently ignore frames higher than last_id after GOAWAY 1502 - MINOR: h2: properly reject PUSH_PROMISE frames coming from the client 1503 - MEDIUM: h2: perform a graceful shutdown on "Connection: close" 1504 - MEDIUM: h2: send a GOAWAY frame when dealing with an empty response 1505 - MEDIUM: h2: apply a timeout to h2 connections 1506 - BUG/MEDIUM: h2: fix incorrect timeout handling on the connection 1507 - MEDIUM: shctx: forbid shctx to read more than expected 1508 - MEDIUM: cache: configuration parsing and initialization 1509 - MEDIUM: cache: store objects in cache 1510 - MEDIUM: cache: deliver objects from cache 1511 15122017/10/22 : 1.8-dev3 1513 - REORG: ssl: move defines and methodVersions table upper 1514 - MEDIUM: ssl: ctx_set_version/ssl_set_version func for methodVersions table 1515 - MINOR: ssl: support ssl-min-ver and ssl-max-ver with crt-list 1516 - MEDIUM: ssl: disable SSLv3 per default for bind 1517 - BUG/MAJOR: ssl: fix segfault on connection close using async engines. 1518 - BUG/MAJOR: ssl: buffer overflow using offloaded ciphering on async engine 1519 - BUG/MINOR: ssl: do not call directly the conn_fd_handler from async_fd_handler 1520 - BUG/MINOR: haproxy/cli : fix for solaris/illumos distros for CMSG* macros 1521 - BUG/MEDIUM: build without openssl broken 1522 - BUG/MINOR: warning: need_resend may be used uninitialized 1523 - BUG/MEDIUM: misplaced exit and wrong exit code 1524 - BUG/MINOR: Makefile: fix compile error with USE_LUA=1 in ubuntu16.04 1525 - BUILD: scripts: make publish-release support bare repositories 1526 - BUILD: scripts: add an automatic mode for publish-release 1527 - BUILD: scripts: add a "quiet" mode to publish-release 1528 - BUG/MAJOR: http: call manage_client_side_cookies() before erasing the buffer 1529 - BUG/MINOR: buffers: Fix bi/bo_contig_space to handle full buffers 1530 - CONTRIB: plug qdiscs: Plug queuing disciplines mini HOWTO. 1531 - BUG/MINOR: acls: Set the right refflag when patterns are loaded from a map 1532 - BUG/MINOR: ssl: Be sure that SSLv3 connection methods exist for openssl < 1.1.0 1533 - BUG/MINOR: http/filters: Be sure to wait if a filter loops in HTTP_MSG_ENDING 1534 - BUG/MEDIUM: peers: Peers CLOSE_WAIT issue. 1535 - BUG/MAJOR: server: Segfault after parsing server state file. 1536 - BUG/MEDIUM: unix: never unlink a unix socket from the file system 1537 - scripts: create-release pass -n to tail 1538 - SCRIPTS: create-release: enforce GIT_COMMITTER_{NAME|EMAIL} validity 1539 - BUG/MEDIUM: fix segfault when no argument to -x option 1540 - MINOR: warning on multiple -x 1541 - MINOR: mworker: don't copy -x argument anymore in copy_argv() 1542 - BUG/MEDIUM: mworker: don't reuse PIDs passed to the master 1543 - BUG/MINOR: Wrong peer task expiration handling during synchronization processing. 1544 - BUG/MINOR: cfgparse: Check if tune.http.maxhdr is in the range 1..32767 1545 - BUG/MINOR: log: pin the front connection when front ip/ports are logged 1546 - DOC: fix references to the section about the unix socket 1547 - BUG/MINOR: stream: flag TASK_WOKEN_RES not set if task in runqueue 1548 - MAJOR: task: task scheduler rework. 1549 - MINOR: task/stream: tasks related to a stream must be init by the caller. 1550 - MINOR: queue: Change pendconn_get_next_strm into private function 1551 - MINOR: backends: Change get_server_sh/get_server_uh into private function 1552 - MINOR: queue: Change pendconn_from_srv/pendconn_from_px into private functions 1553 - MEDIUM: stream: make stream_new() always set the target and analysers 1554 - MINOR: frontend: initialize HTTP layer after the debugging code 1555 - MINOR: connection: add a .get_alpn() method to xprt_ops 1556 - MINOR: ssl: add a get_alpn() method to ssl_sock 1557 - MINOR: frontend: retrieve the ALPN name when available 1558 - MINOR: frontend: report the connection's ALPN in the debug output 1559 - MINOR: stream: don't set backend's nor response analysers on SF_TUNNEL 1560 - MINOR: connection: send data before receiving 1561 - MAJOR: applet: applet scheduler rework. 1562 - BUG/MAJOR: frontend: don't dereference a null conn on outgoing connections 1563 - BUG/MAJOR: cli: fix custom io_release was crushed by NULL. 1564 - BUG/MAJOR: map: fix segfault during 'show map/acl' on cli. 1565 - BUG/MAJOR: compression: Be sure to release the compression state in all cases 1566 - MINOR: compression: Use a memory pool to allocate compression states 1567 - BUG/MAJOR: applet: fix a freeze if data is immedately forwarded. 1568 - DOC: fix references to the section about time format. 1569 - BUG/MEDIUM: map/acl: fix unwanted flags inheritance. 1570 - BUG/MAJOR: http: fix buffer overflow on loguri buffer. 1571 - MINOR: ssl: compare server certificate names to the SNI on outgoing connections 1572 - BUG/MINOR: stream: Don't forget to remove CF_WAKE_ONCE flag on response channel 1573 - BUG/MINOR: http: Don't reset the transaction if there are still data to send 1574 - BUG/MEDIUM: filters: Be sure to call flt_end_analyze for both channels 1575 - MINOR: peers: Add additional information to stick-table definition messages. 1576 - BUG/MINOR: http: properly handle all 1xx informational responses 1577 - OPTIM: ssl: don't consider a small ssl_read() as an indication of end of buffer 1578 - BUG/MINOR: peers: peer synchronization issue (with several peers sections). 1579 - CLEANUP: hdr_idx: make some function arguments const where possible 1580 - BUG/MINOR: Prevent a use-after-free on error scenario on option "-x". 1581 - BUG/MINOR: lua: In error case, the safe mode is not removed 1582 - BUG/MINOR: lua: executes the function destroying the Lua session in safe mode 1583 - BUG/MAJOR: lua/socket: resources not detroyed when the socket is aborted 1584 - BUG/MEDIUM: lua: bad memory access 1585 - BUG/MINOR: Lua: variable already initialized 1586 - DOC: update CONTRIBUTING regarding optional parts and message format 1587 - DOC: update the list of OpenSSL versions in the README 1588 - BUG/MINOR: http: Set the response error state in http_sync_res_state 1589 - MINOR: http: Reorder/rewrite checks in http_resync_states 1590 - MINOR: http: Switch requests/responses in TUNNEL mode only by checking txn flags 1591 - BUG/MEDIUM: http: Switch HTTP responses in TUNNEL mode when body length is undefined 1592 - MINOR: http: Rely on analyzers mask to end processing in forward_body functions 1593 - BUG/MINOR: http: Fix bug introduced in previous patch in http_resync_states 1594 - BUG/MINOR: contrib/modsecurity: BSD build fix 1595 - BUG/MINOR: contrib/mod_defender: build fix 1596 - BUG/MINOR: ssl: remove haproxy SSLv3 support when ssl lib have no SSLv3 1597 - MINOR: ssl: remove an unecessary SSL_OP_NO_* dependancy 1598 - BUILD: ssl: fix compatibility with openssl without TLSEXT_signature_* 1599 - MINOR: tools: add a portable timegm() alternative 1600 - BUILD: lua: replace timegm() with my_timegm() to fix build on Solaris 10 1601 - DOC: Updated 51Degrees git URL to point to a stable version. 1602 - BUG/MAJOR: http: Fix possible infinity loop in http_sync_(req|res)_state 1603 - MINOR: memory: remove macros 1604 - BUG/MINOR: lua: Fix Server.get_addr() port values 1605 - BUG/MINOR: lua: Correctly use INET6_ADDRSTRLEN in Server.get_addr() 1606 - MINOR: samples: Handle the type SMP_T_METH when we duplicate a sample in smp_dup 1607 - MINOR: samples: Handle the type SMP_T_METH in smp_is_safe and smp_is_rw 1608 - MINOR: samples: Don't allocate memory for SMP_T_METH sample when method is known 1609 - BUG/MINOR: lua: always detach the tcp/http tasks before freeing them 1610 - MINOR: task: always preinitialize the task's timeout in task_init() 1611 - CLEANUP: task: remove all initializations to TICK_ETERNITY after task_new() 1612 - BUG/MAJOR: lua: properly dequeue hlua_applet_wakeup() for new scheduler 1613 - MINOR: lua: Add proxy as member of proxy object. 1614 - DOC: lua: Proxy class doc update 1615 - MINOR: lua: Add lists of frontends and backends 1616 - BUG/MINOR: ssl: Fix check against SNI during server certificate verification 1617 - BUG/MINOR: ssl: make use of the name in SNI before verifyhost 1618 - MINOR: ssl: add a new error codes for wrong server certificates 1619 - BUG/MEDIUM: stream: don't retry SSL connections which fail the SNI name check 1620 - MINOR: ssl: add "no-ca-names" parameter for bind 1621 - BUG/MINOR: lua: Fix bitwise logic for hlua_server_check_* functions. 1622 - DOC: fix alphabetical order of "show commands" in management.txt 1623 - MINOR: listener: add a function to return a listener's state as a string 1624 - MINOR: cli: add a new "show fd" command 1625 - BUG/MEDIUM: ssl: Fix regression about certificates generation 1626 - MINOR: Add server port field to server state file. 1627 - MINOR: ssl: allow to start without certificate if strict-sni is set 1628 - MINOR: dns: Cache previous DNS answers. 1629 - MINOR: obj: Add a new type of object, OBJ_TYPE_SRVRQ. 1630 - Add a few functions to do unaligned access. 1631 - MINOR: dns: Handle SRV records. 1632 - MINOR: check: Fix checks when using SRV records. 1633 - MINOR: doc: Document SRV label usage. 1634 - BUILD/MINOR: cli: shut a minor gcc warning in "show fd" 1635 - BUILD: ssl: replace SSL_CTX_get0_privatekey for openssl < 1.0.2 1636 - BUILD/MINOR: build without openssl still broken 1637 - BUG/MAJOR: stream: in stream_free(), close the front endpoint and not the origin 1638 - CLEANUP: raw_sock: Use a better name for the constructor than __ssl_sock_deinit() 1639 - MINOR: init: Fix CPU affinity setting on FreeBSD. 1640 - MINOR: dns: Update analysis of TRUNCATED response for SRV records 1641 - MINOR: dns: update record dname matching for SRV query types 1642 - MINOR: dns: update dns response buffer reading pointer due to SRV record 1643 - MINOR: dns: duplicate entries in resolution wait queue for SRV records 1644 - MINOR: dns: make debugging function dump_dns_config() compatible with SRV records 1645 - MINOR: dns: ability to use a SRV resolution for multiple backends 1646 - MINOR: dns: enable caching of responses for server set by a SRV record 1647 - MINOR: dns: new dns record type (RTYPE) for OPT 1648 - MINOR: dns: enabled edns0 extension and make accpeted payload size tunable 1649 - MINOR: dns: default "hold obsolete" timeout set to 0 1650 - MINOR: chunks: add chunk_memcpy() and chunk_memcat() 1651 - MINOR: session: add a streams field to the session struct 1652 - MINOR: stream: link the stream to its session 1653 - MEDIUM: session: do not free a session until no stream references it 1654 - MINOR: ist: implement very simple indirect strings 1655 - TESTS: ist: add a test file for the functions 1656 - MINOR: http: export some of the HTTP parser macros 1657 - BUG/MINOR: Wrong type used as argument for spoe_decode_buffer(). 1658 - BUG/MINOR: dns: server set by SRV records stay in "no resolution" status 1659 - MINOR: dns: Maximum DNS udp payload set to 8192 1660 - MINOR: dns: automatic reduction of DNS accpeted payload size 1661 - MINOR: dns: make SRV record processing more verbose 1662 - CLEANUP: dns: remove duplicated code in dns_resolve_recv() 1663 - CLEANUP: dns: remove duplicated code in dns_validate_dns_response() 1664 - BUG/MINOR: dns: wrong resolution interval lead to 100% CPU 1665 - BUG/MEDIUM: dns: fix accepted_payload_size parser to avoid integer overflow 1666 - BUG/MAJOR: lua: fix the impact of the scheduler changes again 1667 - BUG/MEDIUM: lua: HTTP services must take care of body-less status codes 1668 - MINOR: lua: properly process the contents of the content-length field 1669 - BUG/MEDIUM: stream: properly set the required HTTP analysers on use-service 1670 - OPTIM: lua: don't use expensive functions to parse headers in the HTTP applet 1671 - OPTIM: lua: don't add "Connection: close" on the response 1672 - REORG/MEDIUM: connection: introduce the notion of connection handle 1673 - BUG/MINOR: stream-int: don't check the CO_FL_CURR_WR_ENA flag 1674 - MEDIUM: connection: get rid of data->init() which was not for data 1675 - MEDIUM: stream: make stream_new() allocate its own task 1676 - CLEANUP: listener: remove the unused handler field 1677 - MEDIUM: session: add a pointer to a struct task in the session 1678 - MINOR: stream: provide a new stream creation function for connections 1679 - MEDIUM: connection: remove useless flag CO_FL_DATA_RD_SH 1680 - CLEANUP: connection: remove the unused conn_sock_shutw_pending() 1681 - MEDIUM: connection: remove useless flag CO_FL_DATA_WR_SH 1682 - DOC: add CLI info on privilege levels 1683 - DOC: Refer to Mozilla TLS info / config generator 1684 - MINOR: ssl: remove duplicate ssl_methods in struct bind_conf 1685 - BUG/MEDIUM: http: Fix a regression bug when a HTTP response is in TUNNEL mode 1686 - DOC: Add note about "* " prefix in CSV stats 1687 - CLEANUP: memory: Remove unused function pool_destroy 1688 - MINOR: listeners: Change listener_full and limit_listener into private functions 1689 - MINOR: listeners: Change enable_listener and disable_listener into private functions 1690 - MINOR: fd: Don't forget to reset fdtab[fd].update when a fd is added/removed 1691 - MINOR: fd: Set owner and iocb field before inserting a new fd in the fdtab 1692 - MINOR: backends: Make get_server_* functions explicitly static 1693 - MINOR: applet: Check applets_active_queue before processing applets queue 1694 - MINOR: chunks: Use dedicated function to init/deinit trash buffers 1695 - MEDIUM: chunks: Realloc trash buffers only after the config is parsed and checked 1696 - MINOR: logs: Use dedicated function to init/deinit log buffers 1697 - MINOR: logs: Realloc log buffers only after the config is parsed and checked 1698 - MINOR: buffers: Move swap_buffer into buffer.c and add deinit_buffer function 1699 - MINOR: stick-tables: Make static_table_key a struct variable instead of a pointer 1700 - MINOR: http: Use a trash chunk to store decoded string of the HTTP auth header 1701 - MINOR: fd: Add fd_active function 1702 - MINOR: fd: Use inlined functions to check fd state in fd_*_send/recv functions 1703 - MINOR: fd: Move (de)allocation of fdtab and fdinfo in (de)init_pollers 1704 - MINOR: freq_ctr: Return the new value after an update 1705 - MEDIUM: check: server states and weight propagation re-work 1706 - BUG/MEDIUM: epoll: ensure we always consider HUP and ERR 1707 - MINOR: fd: Add fd_update_events function 1708 - MINOR: polling: Use fd_update_events to update events seen for a fd 1709 - BUG/MINOR: server: Remove FQDN requirement for using init-addr and state file 1710 - Revert "BUG/MINOR: server: Remove FQDN requirement for using init-addr and state file" 1711 - MINOR: ssl: rework smp_fetch_ssl_fc_cl_str without internal ssl use 1712 - BUG/MEDIUM: http: Close streams for connections closed before a redirect 1713 - BUG/MINOR: Lua: The socket may be destroyed when we try to access. 1714 - MINOR: xref: Add a new xref system 1715 - MEDIUM: xref/lua: Use xref for referencing cosocket relation between stream and lua 1716 - MINOR: tasks: Move Lua notification from Lua to tasks 1717 - MINOR: net_helper: Inline functions meant to be inlined. 1718 - MINOR: cli: add socket commands and config to prepend informational messages with severity 1719 - MINOR: add severity information to cli feedback messages 1720 - BUILD: Makefile: add a function to detect support by the compiler of certain options 1721 - BUILD: Makefile: shut certain gcc/clang stupid warnings 1722 - BUILD: Makefile: improve detection of support for compiler warnings 1723 - MINOR: peers: don't reference the incoming listener on outgoing connections 1724 - MINOR: frontend: don't retrieve ALPN on the critical path 1725 - MINOR: protocols: always pass a "port" argument to the listener creation 1726 - MINOR: protocols: register the ->add function and stop calling them directly 1727 - MINOR: unix: remove the now unused proto_uxst.h file 1728 - MINOR: listeners: new function create_listeners 1729 - MINOR: listeners: make listeners count consistent with reality 1730 - MEDIUM: session: take care of incrementing/decrementing jobs 1731 - MINOR: listener: new function listener_release 1732 - MINOR: session: small cleanup of conn_complete_session() 1733 - MEDIUM: session: factor out duplicated code for conn_complete_session 1734 - MEDIUM: session: count the frontend's connections at a single place 1735 - BUG/MEDIUM: compression: Fix check on txn in smp_fetch_res_comp_algo 1736 - BUG/MINOR: compression: Check response headers before http-response rules eval 1737 - BUG/MINOR: spoe: Don't rely on SPOE ctx in debug message when its creation failed 1738 - BUG/MINOR: dns: Fix check on nameserver in snr_resolution_cb 1739 - MINOR: ssl: Remove useless checks on bind_conf or bind_conf->is_ssl 1740 - BUG/MINOR: contrib/mod_defender: close the va_list argp before return 1741 - BUG/MINOR: contrib/modsecurity: close the va_list ap before return 1742 - MINOR: tools: make my_htonll() more efficient on x86_64 1743 - MINOR: buffer: add b_del() to delete a number of characters 1744 - MINOR: buffer: add b_end() and b_to_end() 1745 - MINOR: net_helper: add functions to read from vectors 1746 - MINOR: net_helper: add write functions 1747 - MINOR: net_helper: add 64-bit read/write functions 1748 - MINOR: connection: adjust CO_FL_NOTIFY_DATA after removal of flags 1749 - MINOR: ist: add a macro to ease const array initialization 1750 - BUG/MEDIUM: server: unwanted behavior leaving maintenance mode on tracked stopping server 1751 - BUG/MEDIUM: server: unwanted behavior leaving maintenance mode on tracked stopping server (take2) 1752 - BUG/MINOR: log: fixing small memory leak in error code path. 1753 - BUG/MINOR: contrib/halog: fixing small memory leak 1754 - BUG/MEDIUM: tcp/http: set-dst-port action broken 1755 - CLEANUUP: checks: don't set conn->handle.fd to -1 1756 - BUG/MEDIUM: tcp-check: properly indicate polling state before performing I/O 1757 - BUG/MINOR: tcp-check: don't quit with pending data in the send buffer 1758 - BUG/MEDIUM: tcp-check: don't call tcpcheck_main() from the I/O handlers! 1759 - BUG/MINOR: unix: properly check for octal digits in the "mode" argument 1760 - MINOR: checks: make chk_report_conn_err() take a check, not a connection 1761 - CLEANUP: checks: remove misleading comments and statuses for external process 1762 - CLEANUP: checks: don't report report the fork() error twice 1763 - CLEANUP: checks: do not allocate a connection for process checks 1764 - TESTS: checks: add a simple test config for external checks 1765 - BUG/MINOR: tcp-check: don't initialize then break a connection starting with a comment 1766 - TESTS: checks: add a simple test config for tcp-checks 1767 - MINOR: tcp-check: make tcpcheck_main() take a check, not a connection 1768 - MINOR: checks: don't create then kill a dummy connection before tcp-checks 1769 - MEDIUM: checks: make tcpcheck_main() indicate if it recycled a connection 1770 - MEDIUM: checks: do not allocate a permanent connection anymore 1771 - BUG/MEDIUM: cli: fix "show fd" crash when dumping closed FDs 1772 - BUG/MEDIUM: http: Return an error when url_dec sample converter failed 1773 - BUG/MAJOR: stream-int: don't re-arm recv if send fails 1774 - BUILD/MINOR: 51d: fix warning when building with 51Degrees release version 3.2.12.12 1775 - DOC: 51d: add 51Degrees git URL that points to release version 3.2.12.12 1776 - DOC: 51d: Updated git URL and instructions for getting Hash Trie data files. 1777 - MINOR: compiler: restore the likely() wrapper for gcc 5.x 1778 - MINOR: session: remove the list of streams from struct session 1779 - DOC: fix some typos 1780 - MINOR: server: add the srv_queue() sample fetch method 1781 - MINOR: payload: add new sample fetch functions to process distcc protocol 1782 - MAJOR: servers: propagate server status changes asynchronously. 1783 - BUG/MEDIUM: ssl: fix OCSP expiry calculation 1784 - BUG/MINOR: stream-int: don't set MSG_MORE on SHUTW_NOW without AUTO_CLOSE 1785 - MINOR: server: Handle weight increase in consistent hash. 1786 - MINOR: checks: Add a new keyword to specify a SNI when doing SSL checks. 1787 - BUG/MINOR: tools: fix my_htonll() on x86_64 1788 - BUG/MINOR: stats: Clear a bit more counters with in cli_parse_clear_counters(). 1789 - BUG/MAJOR: lua: scheduled task is freezing. 1790 - MINOR: buffer: add bo_del() to delete a number of characters from output 1791 - MINOR: buffer: add a function to match against string patterns 1792 - MINOR: buffer: add two functions to inject data into buffers 1793 - MINOR: buffer: add buffer_space_wraps() 1794 - REORG: channel: finally rename the last bi_* / bo_* functions 1795 - MINOR: buffer: add bo_getblk() and bo_getblk_nc() 1796 - MINOR: channel: make use of bo_getblk{,_nc} for their channel equivalents 1797 - MINOR: channel: make the channel be a const in all {ci,co}_get* functions 1798 - MINOR: ist: add ist0() to add a trailing zero to a string. 1799 - BUG/MEDIUM: log: check result details truncated. 1800 - MINOR: buffer: make bo_getblk_nc() not return 2 for a full buffer 1801 - REORG: http: move some very http1-specific parts to h1.{c,h} 1802 - REORG: http: move the HTTP/1 chunk parser to h1.{c,h} 1803 - REORG: http: move the HTTP/1 header block parser to h1.c 1804 - MEDIUM: http: make the chunk size parser only depend on the buffer 1805 - MEDIUM: http: make the chunk crlf parser only depend on the buffer 1806 - MINOR: h1: add struct h1m for basic HTTP/1 messages 1807 - MINOR: http: add very simple header management based on double strings 1808 - MEDIUM: h1: reimplement the http/1 response parser for the gateway 1809 - REORG: connection: rename CO_FL_DATA_* -> CO_FL_XPRT_* 1810 - MEDIUM: connection: make conn_sock_shutw() aware of lingering 1811 - MINOR: connection: ensure conn_ctrl_close() also resets the fd 1812 - MINOR: connection: add conn_stop_tracking() to disable tracking 1813 - MINOR: tcp: use conn_full_close() instead of conn_force_close() 1814 - MINOR: unix: use conn_full_close() instead of conn_force_close() 1815 - MINOR: checks: use conn_full_close() instead of conn_force_close() 1816 - MINOR: session: use conn_full_close() instead of conn_force_close() 1817 - MINOR: stream: use conn_full_close() instead of conn_force_close() 1818 - MINOR: stream: use conn_full_close() instead of conn_force_close() 1819 - MINOR: backend: use conn_full_close() instead of conn_force_close() 1820 - MINOR: stream-int: use conn_full_close() instead of conn_force_close() 1821 - MINOR: connection: remove conn_force_close() 1822 - BUG/MINOR: ssl: ocsp response with 'revoked' status is correct 1823 18242017/06/02 : 1.8-dev2 1825 - CLEANUP: server: moving netinet/tcp.h inclusion 1826 - DOC: changed "block"(deprecated) examples to http-request deny 1827 - DOC: add few comments to examples. 1828 - DOC: update sample code for PROXY protocol 1829 - DOC: mention lighttpd 1.4.46 implements PROXY 1830 - MINOR server: Restrict dynamic cookie check to the same proxy. 1831 - DOC: stick-table is available in frontend sections 1832 - BUG/MINOR: server : no transparent proxy for DragonflyBSD 1833 - BUILD/MINOR: stats: remove unexpected argument to stats_dump_json_header() 1834 - BUILD/MINOR: tools: fix build warning in debug_hexdump() 1835 - BUG/MINOR: dns: Wrong address family used when creating IPv6 sockets. 1836 - BUG/MINOR: config: missing goto out after parsing an incorrect ACL character 1837 - BUG/MINOR: arg: don't try to add an argument on failed memory allocation 1838 - MEDIUM: server: Inherit CLI weight changes and agent-check weight responses 1839 - BUG/MEDIUM: arg: ensure that we properly unlink unresolved arguments on error 1840 - BUG/MEDIUM: acl: don't free unresolved args in prune_acl_expr() 1841 - BUG/MEDIUM: servers: unbreak server weight propagation 1842 - MINOR: lua: ensure the memory allocator is used all the time 1843 - MINOR: cli: Add a command to send listening sockets. 1844 - MINOR: global: Add an option to get the old listening sockets. 1845 - MINOR: tcp: When binding socket, attempt to reuse one from the old proc. 1846 - MINOR: doc: document the -x flag 1847 - MINOR: proxy: Don't close FDs if not our proxy. 1848 - MINOR: socket transfer: Set a timeout on the socket. 1849 - MINOR: systemd wrapper: add support for passing the -x option. 1850 - BUG/MINOR: server: Fix a wrong error message during 'usesrc' keyword parsing. 1851 - BUG/MAJOR: Broken parsing for valid keywords provided after 'source' setting. 1852 - CLEANUP: logs: typo: simgle => single 1853 - BUG/MEDIUM: acl: proprely release unused args in prune_acl_expr() 1854 - MEDIUM: config: don't check config validity when there are fatal errors 1855 - BUG/MAJOR: Use -fwrapv. 1856 - BUG/MINOR: server: don't use "proxy" when px is really meant. 1857 - BUG/MEDIUM: http: Drop the connection establishment when a redirect is performed 1858 - BUG/MINOR: server: missing default server 'resolvers' setting duplication. 1859 - MINOR: server: Extract the code responsible of copying default-server settings. 1860 - MINOR: server: Extract the code which finalizes server initializations after 'server' lines parsing. 1861 - MINOR: server: Add 'server-template' new keyword supported in backend sections. 1862 - MINOR: server: Add server_template_init() function to initialize servers from a templates. 1863 - DOC: Add documentation for new "server-template" keyword. 1864 - DOC: add layer 4 links/cross reference to "block" keyword. 1865 - DOC: errloc/errorloc302/errorloc303 missing status codes. 1866 - BUG/MEDIUM: lua: memory leak 1867 - CLEANUP: lua: remove test 1868 - BUG/MINOR: hash-balance-factor isn't effective in certain circumstances 1869 - BUG/MINOR: change header-declared function to static inline 1870 - REORG: spoe: move spoe_encode_varint / spoe_decode_varint from spoe to common 1871 - MINOR: Add binary encoding request header sample fetch 1872 - MINOR: proto-http: Add sample fetch wich returns all HTTP headers 1873 - MINOR: Add ModSecurity wrapper as contrib 1874 - BUG/MINOR: ssl: fix warnings about methods for opensslv1.1. 1875 - DOC: update RFC references 1876 - CONTRIB: tcploop: add action "X" to execute a command 1877 - MINOR: server: cli: Add server FQDNs to server-state file and stats socket. 1878 - BUG/MINOR: contrib/mod_security: fix build on FreeBSD 1879 - BUG/MINOR: checks: don't send proxy protocol with agent checks 1880 - MINOR: ssl: add prefer-client-ciphers 1881 - MEDIUM: ssl: revert ssl/tls version settings relative to default-server. 1882 - MEDIUM: ssl: ssl_methods implementation is reworked and factored for min/max tlsxx 1883 - MEDIUM: ssl: calculate the real min/max TLS version and find holes 1884 - MINOR: ssl: support TLSv1.3 for bind and server 1885 - MINOR: ssl: show methods supported by openssl 1886 - MEDIUM: ssl: add ssl-min-ver and ssl-max-ver parameters for bind and server 1887 - MEDIUM: ssl: ssl-min-ver and ssl-max-ver compatibility. 1888 - CLEANUP: retire obsoleted USE_GETSOCKNAME build option 1889 - BUG/MAJOR: dns: Broken kqueue events handling (BSD systems). 1890 - MINOR: sample: Add b64dec sample converter 1891 - BUG/MEDIUM: lua: segfault if a converter or a sample doesn't return anything 1892 - MINOR: cli: add ACCESS_LVL_MASK to store the access level 1893 - MINOR: cli: add 'expose-fd listeners' to pass listeners FDs 1894 - MEDIUM: proxy: zombify proxies only when the expose-fd socket is bound 1895 - MEDIUM: ssl: add basic support for OpenSSL crypto engine 1896 - MAJOR: ssl: add openssl async mode support 1897 - MEDIUM: ssl: handle multiple async engines 1898 - MINOR: boringssl: basic support for OCSP Stapling 1899 - MEDIUM: mworker: replace systemd mode by master worker mode 1900 - MEDIUM: mworker: handle reload and signals 1901 - MEDIUM: mworker: wait mode on reload failure 1902 - MEDIUM: mworker: try to guess the next stats socket to use with -x 1903 - MEDIUM: mworker: exit-on-failure option 1904 - MEDIUM: mworker: workers exit when the master leaves 1905 - DOC: add documentation for the master-worker mode 1906 - MEDIUM: systemd: Type=forking in unit file 1907 - MAJOR: systemd-wrapper: get rid of the wrapper 1908 - MINOR: log: Add logurilen tunable. 1909 - CLEANUP: server.c: missing prototype of srv_free_dns_resolution 1910 - MINOR: dns: smallest DNS fqdn size 1911 - MINOR: dns: functions to manage memory for a DNS resolution structure 1912 - MINOR: dns: parse_server() now uses srv_alloc_dns_resolution() 1913 - REORG: dns: dns_option structure, storage of hostname_dn 1914 - MINOR: dns: new snr_check_ip_callback function 1915 - MAJOR: dns: save a copy of the DNS response in struct resolution 1916 - MINOR: dns: implement a LRU cache for DNS resolutions 1917 - MINOR: dns: make 'ancount' field to match the number of saved records 1918 - MINOR: dns: introduce roundrobin into the internal cache (WIP) 1919 - MAJOR/REORG: dns: DNS resolution task and requester queues 1920 - BUILD: ssl: fix build with OPENSSL_NO_ENGINE 1921 - MINOR: Add Mod Defender integration as contrib 1922 - CLEANUP: str2mask return code comment: non-zero -> zero. 1923 - MINOR: tools: make debug_hexdump() use a const char for the string 1924 - MINOR: tools: make debug_hexdump() take a string prefix 1925 - CLEANUP: connection: remove unused CO_FL_WAIT_DATA 1926 19272017/04/03 : 1.8-dev1 1928 - BUG/MEDIUM: proxy: return "none" and "unknown" for unknown LB algos 1929 - BUG/MINOR: stats: make field_str() return an empty string on NULL 1930 - DOC: Spelling fixes 1931 - BUG/MEDIUM: http: Fix tunnel mode when the CONNECT method is used 1932 - BUG/MINOR: http: Keep the same behavior between 1.6 and 1.7 for tunneled txn 1933 - BUG/MINOR: filters: Protect args in macros HAS_DATA_FILTERS and IS_DATA_FILTER 1934 - BUG/MINOR: filters: Invert evaluation order of HTTP_XFER_BODY and XFER_DATA analyzers 1935 - BUG/MINOR: http: Call XFER_DATA analyzer when HTTP txn is switched in tunnel mode 1936 - BUG/MAJOR: stream: fix session abort on resource shortage 1937 - OPTIM: stream-int: don't disable polling anymore on DONT_READ 1938 - BUG/MINOR: cli: allow the backslash to be escaped on the CLI 1939 - BUG/MEDIUM: cli: fix "show stat resolvers" and "show tls-keys" 1940 - DOC: Fix map table's format 1941 - DOC: Added 51Degrees conv and fetch functions to documentation. 1942 - BUG/MINOR: http: don't send an extra CRLF after a Set-Cookie in a redirect 1943 - DOC: mention that req_tot is for both frontends and backends 1944 - BUG/MEDIUM: variables: some variable name can hide another ones 1945 - MINOR: lua: Allow argument for actions 1946 - BUILD: rearrange target files by build time 1947 - CLEANUP: hlua: just indent functions 1948 - MINOR: lua: give HAProxy variable access to the applets 1949 - BUG/MINOR: stats: fix be/sessions/max output in html stats 1950 - MINOR: proxy: Add fe_name/be_name fetchers next to existing fe_id/be_id 1951 - DOC: lua: Documentation about some entry missing 1952 - DOC: lua: Add documentation about variable manipulation from applet 1953 - MINOR: Do not forward the header "Expect: 100-continue" when the option http-buffer-request is set 1954 - DOC: Add undocumented argument of the trace filter 1955 - DOC: Fix some typo in SPOE documentation 1956 - MINOR: cli: Remove useless call to bi_putchk 1957 - BUG/MINOR: cli: be sure to always warn the cli applet when input buffer is full 1958 - MINOR: applet: Count number of (active) applets 1959 - MINOR: task: Rename run_queue and run_queue_cur counters 1960 - BUG/MEDIUM: stream: Save unprocessed events for a stream 1961 - BUG/MAJOR: Fix how the list of entities waiting for a buffer is handled 1962 - BUILD/MEDIUM: Fixing the build using LibreSSL 1963 - BUG/MEDIUM: lua: In some case, the return of sample-fetches is ignored (2) 1964 - SCRIPTS: git-show-backports: fix a harmless typo 1965 - SCRIPTS: git-show-backports: add -H to use the hash of the commit message 1966 - BUG/MINOR: stream-int: automatically release SI_FL_WAIT_DATA on SHUTW_NOW 1967 - CLEANUP: applet/lua: create a dedicated ->fcn entry in hlua_cli context 1968 - CLEANUP: applet/table: add an "action" entry in ->table context 1969 - CLEANUP: applet: remove the now unused appctx->private field 1970 - DOC: lua: documentation about time parser functions 1971 - DOC: lua: improve links 1972 - DOC: lua: section declared twice 1973 - MEDIUM: cli: 'show cli sockets' list the CLI sockets 1974 - BUG/MINOR: cli: "show cli sockets" wouldn't list all processes 1975 - BUG/MINOR: cli: "show cli sockets" would always report process 64 1976 - CLEANUP: lua: rename one of the lua appctx union 1977 - BUG/MINOR: lua/cli: bad error message 1978 - MEDIUM: lua: use memory pool for hlua struct in applets 1979 - MINOR: lua/signals: Remove Lua part from signals. 1980 - DOC: cli: show cli sockets 1981 - MINOR: cli: automatically enable a CLI I/O handler when there's no parser 1982 - CLEANUP: memory: remove the now unused cli_parse_show_pools() function 1983 - CLEANUP: applet: group all CLI contexts together 1984 - CLEANUP: stats: move a misplaced stats context initialization 1985 - MINOR: cli: add two general purpose pointers and integers in the CLI struct 1986 - MINOR: appctx/cli: remove the cli_socket entry from the appctx union 1987 - MINOR: appctx/cli: remove the env entry from the appctx union 1988 - MINOR: appctx/cli: remove the "be" entry from the appctx union 1989 - MINOR: appctx/cli: remove the "dns" entry from the appctx union 1990 - MINOR: appctx/cli: remove the "server_state" entry from the appctx union 1991 - MINOR: appctx/cli: remove the "tlskeys" entry from the appctx union 1992 - CONTRIB: tcploop: add limits.h to fix build issue with some compilers 1993 - MINOR/DOC: lua: just precise one thing 1994 - DOC: fix small typo in fe_id (backend instead of frontend) 1995 - BUG/MINOR: Fix the sending function in Lua's cosocket 1996 - BUG/MINOR: lua: memory leak executing tasks 1997 - BUG/MINOR: lua: bad return code 1998 - BUG/MINOR: lua: memleak when Lua/cli fails 1999 - MEDIUM: lua: remove Lua struct from session, and allocate it with memory pools 2000 - CLEANUP: haproxy: statify unexported functions 2001 - MINOR: haproxy: add a registration for build options 2002 - CLEANUP: wurfl: use the build options list to report it 2003 - CLEANUP: 51d: use the build options list to report it 2004 - CLEANUP: da: use the build options list to report it 2005 - CLEANUP: namespaces: use the build options list to report it 2006 - CLEANUP: tcp: use the build options list to report transparent modes 2007 - CLEANUP: lua: use the build options list to report it 2008 - CLEANUP: regex: use the build options list to report the regex type 2009 - CLEANUP: ssl: use the build options list to report the SSL details 2010 - CLEANUP: compression: use the build options list to report the algos 2011 - CLEANUP: auth: use the build options list to report its support 2012 - MINOR: haproxy: add a registration for post-check functions 2013 - CLEANUP: checks: make use of the post-init registration to start checks 2014 - CLEANUP: filters: use the function registration to initialize all proxies 2015 - CLEANUP: wurfl: make use of the late init registration 2016 - CLEANUP: 51d: make use of the late init registration 2017 - CLEANUP: da: make use of the late init registration code 2018 - MINOR: haproxy: add a registration for post-deinit functions 2019 - CLEANUP: wurfl: register the deinit function via the dedicated list 2020 - CLEANUP: 51d: register the deinitialization function 2021 - CLEANUP: da: register the deinitialization function 2022 - CLEANUP: wurfl: move global settings out of the global section 2023 - CLEANUP: 51d: move global settings out of the global section 2024 - CLEANUP: da: move global settings out of the global section 2025 - MINOR: cfgparse: add two new functions to check arguments count 2026 - MINOR: cfgparse: move parsing of "ca-base" and "crt-base" to ssl_sock 2027 - MEDIUM: cfgparse: move all tune.ssl.* keywords to ssl_sock 2028 - MEDIUM: cfgparse: move maxsslconn parsing to ssl_sock 2029 - MINOR: cfgparse: move parsing of ssl-default-{bind,server}-ciphers to ssl_sock 2030 - MEDIUM: cfgparse: move ssl-dh-param-file parsing to ssl_sock 2031 - MEDIUM: compression: move the zlib-specific stuff from global.h to compression.c 2032 - BUG/MEDIUM: ssl: properly reset the reused_sess during a forced handshake 2033 - BUG/MEDIUM: ssl: avoid double free when releasing bind_confs 2034 - BUG/MINOR: stats: fix be/sessions/current out in typed stats 2035 - MINOR: tcp-rules: check that the listener exists before updating its counters 2036 - MEDIUM: spoe: don't create a dummy listener for outgoing connections 2037 - MINOR: listener: move the transport layer pointer to the bind_conf 2038 - MEDIUM: move listener->frontend to bind_conf->frontend 2039 - MEDIUM: ssl: remote the proxy argument from most functions 2040 - MINOR: connection: add a new prepare_bind_conf() entry to xprt_ops 2041 - MEDIUM: ssl_sock: implement ssl_sock_prepare_bind_conf() 2042 - MINOR: connection: add a new destroy_bind_conf() entry to xprt_ops 2043 - MINOR: ssl_sock: implement ssl_sock_destroy_bind_conf() 2044 - MINOR: server: move the use_ssl field out of the ifdef USE_OPENSSL 2045 - MINOR: connection: add a minimal transport layer registration system 2046 - CLEANUP: connection: remove all direct references to raw_sock and ssl_sock 2047 - CLEANUP: connection: unexport raw_sock and ssl_sock 2048 - MINOR: connection: add new prepare_srv()/destroy_srv() entries to xprt_ops 2049 - MINOR: ssl_sock: implement and use prepare_srv()/destroy_srv() 2050 - CLEANUP: ssl: move tlskeys_finalize_config() to a post_check callback 2051 - CLEANUP: ssl: move most ssl-specific global settings to ssl_sock.c 2052 - BUG/MINOR: backend: nbsrv() should return 0 if backend is disabled 2053 - BUG/MEDIUM: ssl: for a handshake when server-side SNI changes 2054 - BUG/MINOR: systemd: potential zombie processes 2055 - DOC: Add timings events schemas 2056 - BUILD: lua: build failed on FreeBSD. 2057 - MINOR: samples: add xx-hash functions 2058 - MEDIUM: regex: pcre2 support 2059 - BUG/MINOR: option prefer-last-server must be ignored in some case 2060 - MINOR: stats: Support "select all" for backend actions 2061 - BUG/MINOR: sample-fetches/stick-tables: bad type for the sample fetches sc*_get_gpt0 2062 - BUG/MAJOR: channel: Fix the definition order of channel analyzers 2063 - BUG/MINOR: http: report real parser state in error captures 2064 - BUILD: scripts: automatically update the branch in version.h when releasing 2065 - MINOR: tools: add a generic hexdump function for debugging 2066 - BUG/MAJOR: http: fix risk of getting invalid reports of bad requests 2067 - MINOR: http: custom status reason. 2068 - MINOR: connection: add sample fetch "fc_rcvd_proxy" 2069 - BUG/MINOR: config: emit a warning if http-reuse is enabled with incompatible options 2070 - BUG/MINOR: tools: fix off-by-one in port size check 2071 - BUG/MEDIUM: server: consider AF_UNSPEC as a valid address family 2072 - MEDIUM: server: split the address and the port into two different fields 2073 - MINOR: tools: make str2sa_range() return the port in a separate argument 2074 - MINOR: server: take the destination port from the port field, not the addr 2075 - MEDIUM: server: disable protocol validations when the server doesn't resolve 2076 - BUG/MEDIUM: tools: do not force an unresolved address to AF_INET:0.0.0.0 2077 - BUG/MINOR: ssl: EVP_PKEY must be freed after X509_get_pubkey usage 2078 - BUG/MINOR: ssl: assert on SSL_set_shutdown with BoringSSL 2079 - MINOR: Use "500 Internal Server Error" for 500 error/status code message. 2080 - MINOR: proto_http.c 502 error txt typo. 2081 - DOC: add deprecation notice to "block" 2082 - MINOR: compression: fix -vv output without zlib/slz 2083 - BUG/MINOR: Reset errno variable before calling strtol(3) 2084 - MINOR: ssl: don't show prefer-server-ciphers output 2085 - OPTIM/MINOR: config: Optimize fullconn automatic computation loading configuration 2086 - BUG/MINOR: stream: Fix how backend-specific analyzers are set on a stream 2087 - MAJOR: ssl: bind configuration per certificat 2088 - MINOR: ssl: add curve suite for ECDHE negotiation 2089 - MINOR: checks: Add agent-addr config directive 2090 - MINOR: cli: Add possiblity to change agent config via CLI/socket 2091 - MINOR: doc: Add docs for agent-addr configuration variable 2092 - MINOR: doc: Add docs for agent-addr and agent-send CLI commands 2093 - BUILD: ssl: fix to build (again) with boringssl 2094 - BUILD: ssl: fix build on OpenSSL 1.0.0 2095 - BUILD: ssl: silence a warning reported for ERR_remove_state() 2096 - BUILD: ssl: eliminate warning with OpenSSL 1.1.0 regarding RAND_pseudo_bytes() 2097 - BUILD: ssl: kill a build warning introduced by BoringSSL compatibility 2098 - BUG/MEDIUM: tcp: don't poll for write when connect() succeeds 2099 - BUG/MINOR: unix: fix connect's polling in case no data are scheduled 2100 - MINOR: server: extend the flags to 32 bits 2101 - BUG/MINOR: lua: Map.end are not reliable because "end" is a reserved keyword 2102 - MINOR: dns: give ability to dns_init_resolvers() to close a socket when requested 2103 - BUG/MAJOR: dns: restart sockets after fork() 2104 - MINOR: chunks: implement a simple dynamic allocator for trash buffers 2105 - BUG/MEDIUM: http: prevent redirect from overwriting a buffer 2106 - BUG/MEDIUM: filters: Do not truncate HTTP response when body length is undefined 2107 - BUG/MEDIUM: http: Prevent replace-header from overwriting a buffer 2108 - BUG/MINOR: http: Return an error when a replace-header rule failed on the response 2109 - BUG/MINOR: sendmail: The return of vsnprintf is not cleanly tested 2110 - BUG/MAJOR: ssl: fix a regression in ssl_sock_shutw() 2111 - BUG/MAJOR: lua segmentation fault when the request is like 'GET ?arg=val HTTP/1.1' 2112 - BUG/MEDIUM: config: reject anything but "if" or "unless" after a use-backend rule 2113 - MINOR: http: don't close when redirect location doesn't start with "/" 2114 - MEDIUM: boringssl: support native multi-cert selection without bundling 2115 - BUG/MEDIUM: ssl: fix verify/ca-file per certificate 2116 - BUG/MEDIUM: ssl: switchctx should not return SSL_TLSEXT_ERR_ALERT_WARNING 2117 - MINOR: ssl: removes SSL_CTX_set_ssl_version call and cleanup CTX creation. 2118 - BUILD: ssl: fix build with -DOPENSSL_NO_DH 2119 - MEDIUM: ssl: add new sample-fetch which captures the cipherlist 2120 - MEDIUM: ssl: remove ssl-options from crt-list 2121 - BUG/MEDIUM: ssl: in bind line, ssl-options after 'crt' are ignored. 2122 - BUG/MINOR: ssl: fix cipherlist captures with sustainable SSL calls 2123 - MINOR: ssl: improved cipherlist captures 2124 - BUG/MINOR: spoe: Fix soft stop handler using a specific id for spoe filters 2125 - BUG/MINOR: spoe: Fix parsing of arguments in spoe-message section 2126 - MAJOR: spoe: Add support of pipelined and asynchronous exchanges with agents 2127 - MINOR: spoe: Add support for pipelining/async capabilities in the SPOA example 2128 - MINOR: spoe: Remove SPOE details from the appctx structure 2129 - MINOR: spoe: Add status code in error variable instead of hardcoded value 2130 - MINOR: spoe: Send a log message when an error occurred during event processing 2131 - MINOR: spoe: Check the scope of sample fetches used in SPOE messages 2132 - MEDIUM: spoe: Be sure to wakeup the good entity waiting for a buffer 2133 - MINOR: spoe: Use the min of all known max_frame_size to encode messages 2134 - MAJOR: spoe: Add support of payload fragmentation in NOTIFY frames 2135 - MINOR: spoe: Add support for fragmentation capability in the SPOA example 2136 - MAJOR: spoe: refactor the filter to clean up the code 2137 - MINOR: spoe: Handle NOTIFY frames cancellation using ABORT bit in ACK frames 2138 - REORG: spoe: Move struct and enum definitions in dedicated header file 2139 - REORG: spoe: Move low-level encoding/decoding functions in dedicated header file 2140 - MINOR: spoe: Improve implementation of the payload fragmentation 2141 - MINOR: spoe: Add support of negation for options in SPOE configuration file 2142 - MINOR: spoe: Add "pipelining" and "async" options in spoe-agent section 2143 - MINOR: spoe: Rely on alertif_too_many_arg during configuration parsing 2144 - MINOR: spoe: Add "send-frag-payload" option in spoe-agent section 2145 - MINOR: spoe: Add "max-frame-size" statement in spoe-agent section 2146 - DOC: spoe: Update SPOE documentation to reflect recent changes 2147 - MINOR: config: warn when some HTTP rules are used in a TCP proxy 2148 - BUG/MEDIUM: ssl: Clear OpenSSL error stack after trying to parse OCSP file 2149 - BUG/MEDIUM: cli: Prevent double free in CLI ACL lookup 2150 - BUG/MINOR: Fix "get map <map> <value>" CLI command 2151 - MINOR: Add nbsrv sample converter 2152 - CLEANUP: Replace repeated code to count usable servers with be_usable_srv() 2153 - MINOR: Add hostname sample fetch 2154 - CLEANUP: Remove comment that's no longer valid 2155 - MEDIUM: http_error_message: txn->status / http_get_status_idx. 2156 - MINOR: http-request tarpit deny_status. 2157 - CLEANUP: http: make http_server_error() not set the status anymore 2158 - MEDIUM: stats: Add JSON output option to show (info|stat) 2159 - MEDIUM: stats: Add show json schema 2160 - BUG/MAJOR: connection: update CO_FL_CONNECTED before calling the data layer 2161 - MINOR: server: Add dynamic session cookies. 2162 - MINOR: cli: Let configure the dynamic cookies from the cli. 2163 - BUG/MINOR: checks: attempt clean shutw for SSL check 2164 - CONTRIB: tcploop: make it build on FreeBSD 2165 - CONTRIB: tcploop: fix time format to silence build warnings 2166 - CONTRIB: tcploop: report action 'K' (kill) in usage message 2167 - CONTRIB: tcploop: fix connect's address length 2168 - CONTRIB: tcploop: use the trash instead of NULL for recv() 2169 - BUG/MEDIUM: listener: do not try to rebind another process' socket 2170 - BUG/MEDIUM server: Fix crash when dynamic is defined, but not key is provided. 2171 - CLEANUP: config: Typo in comment. 2172 - BUG/MEDIUM: filters: Fix channels synchronization in flt_end_analyze 2173 - TESTS: add a test configuration to stress handshake combinations 2174 - BUG/MAJOR: stream-int: do not depend on connection flags to detect connection 2175 - BUG/MEDIUM: connection: ensure to always report the end of handshakes 2176 - MEDIUM: connection: don't test for CO_FL_WAKE_DATA 2177 - CLEANUP: connection: completely remove CO_FL_WAKE_DATA 2178 - BUG: payload: fix payload not retrieving arbitrary lengths 2179 - BUILD: ssl: simplify SSL_CTX_set_ecdh_auto compatibility 2180 - BUILD: ssl: fix OPENSSL_NO_SSL_TRACE for boringssl and libressl 2181 - BUG/MAJOR: http: fix typo in http_apply_redirect_rule 2182 - MINOR: doc: 2.4. Examples should be 2.5. Examples 2183 - BUG/MEDIUM: stream: fix client-fin/server-fin handling 2184 - MINOR: fd: add a new flag HAP_POLL_F_RDHUP to struct poller 2185 - BUG/MINOR: raw_sock: always perfom the last recv if RDHUP is not available 2186 - OPTIM: poll: enable support for POLLRDHUP 2187 - MINOR: kqueue: exclusively rely on the kqueue returned status 2188 - MEDIUM: kqueue: take care of EV_EOF to improve polling status accuracy 2189 - MEDIUM: kqueue: only set FD_POLL_IN when there are pending data 2190 - DOC/MINOR: Fix typos in proxy protocol doc 2191 - DOC: Protocol doc: add checksum, TLV type ranges 2192 - DOC: Protocol doc: add SSL TLVs, rename CHECKSUM 2193 - DOC: Protocol doc: add noop TLV 2194 - MEDIUM: global: add a 'hard-stop-after' option to cap the soft-stop time 2195 - MINOR: dns: improve DNS response parsing to use as many available records as possible 2196 - BUG/MINOR: cfgparse: loop in tracked servers lists not detected by check_config_validity(). 2197 - MINOR: server: irrelevant error message with 'default-server' config file keyword. 2198 - MINOR: server: Make 'default-server' support 'backup' keyword. 2199 - MINOR: server: Make 'default-server' support 'check-send-proxy' keyword. 2200 - CLEANUP: server: code alignement. 2201 - MINOR: server: Make 'default-server' support 'non-stick' keyword. 2202 - MINOR: server: Make 'default-server' support 'send-proxy' and 'send-proxy-v2 keywords. 2203 - MINOR: server: Make 'default-server' support 'check-ssl' keyword. 2204 - MINOR: server: Make 'default-server' support 'force-sslv3' and 'force-tlsv1[0-2]' keywords. 2205 - CLEANUP: server: code alignement. 2206 - MINOR: server: Make 'default-server' support 'no-ssl*' and 'no-tlsv*' keywords. 2207 - MINOR: server: Make 'default-server' support 'ssl' keyword. 2208 - MINOR: server: Make 'default-server' support 'send-proxy-v2-ssl*' keywords. 2209 - CLEANUP: server: code alignement. 2210 - MINOR: server: Make 'default-server' support 'verify' keyword. 2211 - MINOR: server: Make 'default-server' support 'verifyhost' setting. 2212 - MINOR: server: Make 'default-server' support 'check' keyword. 2213 - MINOR: server: Make 'default-server' support 'track' setting. 2214 - MINOR: server: Make 'default-server' support 'ca-file', 'crl-file' and 'crt' settings. 2215 - MINOR: server: Make 'default-server' support 'redir' keyword. 2216 - MINOR: server: Make 'default-server' support 'observe' keyword. 2217 - MINOR: server: Make 'default-server' support 'cookie' keyword. 2218 - MINOR: server: Make 'default-server' support 'ciphers' keyword. 2219 - MINOR: server: Make 'default-server' support 'tcp-ut' keyword. 2220 - MINOR: server: Make 'default-server' support 'namespace' keyword. 2221 - MINOR: server: Make 'default-server' support 'source' keyword. 2222 - MINOR: server: Make 'default-server' support 'sni' keyword. 2223 - MINOR: server: Make 'default-server' support 'addr' keyword. 2224 - MINOR: server: Make 'default-server' support 'disabled' keyword. 2225 - MINOR: server: Add 'no-agent-check' server keyword. 2226 - DOC: server: Add docs for "server" and "default-server" new "no-*" and other settings. 2227 - MINOR: doc: fix use-server example (imap vs mail) 2228 - BUG/MEDIUM: tcp: don't require privileges to bind to device 2229 - BUILD: make the release script use shortlog for the final changelog 2230 - BUILD: scripts: fix typo in announce-release error message 2231 - CLEANUP: time: curr_sec_ms doesn't need to be exported 2232 - BUG/MEDIUM: server: Wrong server default CRT filenames initialization. 2233 - BUG/MEDIUM: peers: fix buffer overflow control in intdecode. 2234 - BUG/MEDIUM: buffers: Fix how input/output data are injected into buffers 2235 - BUG/MINOR: http: Fix conditions to clean up a txn and to handle the next request 2236 - CLEANUP: http: Remove channel_congested function 2237 - CLEANUP: buffers: Remove buffer_bounce_realign function 2238 - CLEANUP: buffers: Remove buffer_contig_area and buffer_work_area functions 2239 - MINOR: http: remove useless check on HTTP_MSGF_XFER_LEN for the request 2240 - MINOR: http: Add debug messages when HTTP body analyzers are called 2241 - BUG/MEDIUM: http: Fix blocked HTTP/1.0 responses when compression is enabled 2242 - BUG/MINOR: filters: Don't force the stream's wakeup when we wait in flt_end_analyze 2243 - DOC: fix parenthesis and add missing "Example" tags 2244 - DOC: update the contributing file 2245 - DOC: log-format/tcplog/httplog update 2246 - MINOR: config parsing: add warning when log-format/tcplog/httplog is overriden in "defaults" sections 2247 22482016/11/25 : 1.8-dev0 2249 22502016/11/25 : 1.7.0 2251 - SCRIPTS: make publish-release also copy the new SPOE doc 2252 - BUILD: http: include types/sample.h in proto_http.h 2253 - BUILD: debug/flags: remove test for SF_COMP_READY 2254 - CONTRIB: debug/flags: add check for SF_ERR_CHK_PORT 2255 - MINOR: lua: add function which return true if the channel is full. 2256 - MINOR: lua: add ip addresses and network manipulation function 2257 - CONTRIB: tcploop: scriptable TCP I/O for debugging purposes 2258 - CONTRIB: tcploop: implement fork() 2259 - CONTRIB: tcploop: implement logging when called with -v 2260 - CONTRIB: tcploop: update the usage output 2261 - CONTRIB: tcploop: support sending plain strings 2262 - CONTRIB: tcploop: don't report failed send() or recv() 2263 - CONTRIB: tcploop: add basic loops via a jump instruction 2264 - BUG/MEDIUM: channel: bad unlikely macro 2265 - CLEANUP: lua: move comment 2266 - CLEANUP: lua: control executed twice 2267 - BUG/MEDIUM: ssl: Store certificate filename in a variable 2268 - BUG/MINOR: ssl: Print correct filename when error occurs reading OCSP 2269 - CLEANUP: ssl: Remove goto after return dead code 2270 - CLEANUP: ssl: Fix bind keywords name in comments 2271 - DOC: ssl: Use correct wording for ca-sign-pass 2272 - CLEANUP: lua: avoid directly calling getsockname/getpeername() 2273 - BUG/MINOR: stick-table: handle out-of-memory condition gracefully 2274 - MINOR: cli: add private pointer and release function 2275 - MEDIUM: lua: Add cli handler for Lua 2276 - BUG/MEDIUM: connection: check the control layer before stopping polling 2277 - DEBUG: connection: mark the closed FDs with a value that is easier to detect 2278 - BUG/MEDIUM: stick-table: fix regression caused by recent fix for out-of-memory 2279 - BUG/MINOR: cli: properly decrement ref count on tables during failed dumps 2280 - BUG/MEDIUM: lua: In some case, the return of sample-fetche is ignored 2281 - MINOR: filters: Add check_timeouts callback to handle timers expiration on streams 2282 - MINOR: spoe: Add 'timeout processing' option to limit time to process an event 2283 - MINOR: spoe: Remove useless 'timeout ack' option 2284 - MINOR: spoe: Add 'option continue-on-error' statement in spoe-agent section 2285 - MINOR: spoe: Add "maxconnrate" and "maxerrrate" statements 2286 - MINOR: spoe: Add "option set-on-error" statement 2287 - MINOR: stats: correct documentation of process ID for typed output 2288 - BUILD: contrib: fix ip6range build on Centos 7 2289 - BUILD: fix build on Solaris 10/11 2290 - BUG/MINOR: cli: fix pointer size when reporting data/transport layer name 2291 - BUG/MINOR: cli: dequeue from the proxy when changing a maxconn 2292 - BUG/MINOR: cli: wake up the CLI's task after a timeout update 2293 - MINOR: connection: add a few functions to report the data and xprt layers' names 2294 - MINOR: connection: add names for transport and data layers 2295 - REORG: cli: split dumpstats.c in src/cli.c and src/stats.c 2296 - REORG: cli: split dumpstats.h in stats.h and cli.h 2297 - REORG: cli: move ssl CLI functions to ssl_sock.c 2298 - REORG: cli: move map and acl code to map.c 2299 - REORG: cli: move show stat resolvers to dns.c 2300 - MINOR: cli: create new function cli_has_level() to validate permissions 2301 - MINOR: server: create new function cli_find_server() to find a server 2302 - MINOR: proxy: create new function cli_find_frontend() to find a frontend 2303 - REORG: cli: move 'set server' to server.c 2304 - REORG: cli: move 'show pools' to memory.c 2305 - REORG: cli: move 'show servers' to proxy.c 2306 - REORG: cli: move 'show sess' to stream.c 2307 - REORG: cli: move 'show backend' to proxy.c 2308 - REORG: cli: move get/set weight to server.c 2309 - REORG: cli: move "show stat" to stats.c 2310 - REORG: cli: move "show info" to stats.c 2311 - REORG: cli: move dump_text(), dump_text_line(), and dump_binary() to standard.c 2312 - REORG: cli: move table dump/clear/set to stick_table.c 2313 - REORG: cli: move "show errors" out of cli.c 2314 - REORG: cli: make "show env" also use the generic keyword registration 2315 - REORG: cli: move "set timeout" to its own handler 2316 - REORG: cli: move "clear counters" to stats.c 2317 - REORG: cli: move "set maxconn global" to its own handler 2318 - REORG: cli: move "set maxconn server" to server.c 2319 - REORG: cli: move "set maxconn frontend" to proxy.c 2320 - REORG: cli: move "shutdown sessions server" to stream.c 2321 - REORG: cli: move "shutdown session" to stream.c 2322 - REORG: cli: move "shutdown frontend" to proxy.c 2323 - REORG: cli: move "{enable|disable} frontend" to proxy.c 2324 - REORG: cli: move "{enable|disable} server" to server.c 2325 - REORG: cli: move "{enable|disable} health" to server.c 2326 - REORG: cli: move "{enable|disable} agent" to server.c 2327 - REORG: cli: move the "set rate-limit" functions to their own parser 2328 - CLEANUP: cli: rename STAT_CLI_* to CLI_ST_* 2329 - CLEANUP: cli: simplify the request parser a little bit 2330 - CLEANUP: cli: remove assignments to st0 and st2 in keyword parsers 2331 - BUILD: server: remove a build warning introduced by latest series 2332 - BUG/MINOR: log-format: uncatched memory allocation functions 2333 - CLEANUP: log-format: useless file and line in json converter 2334 - CLEANUP/MINOR: log-format: unexport functions parse_logformat_var_args() and parse_logformat_var() 2335 - CLEANUP: log-format: fix return code of the function parse_logformat_var() 2336 - CLEANUP: log-format: fix return code of function parse_logformat_var_args() 2337 - CLEANUP: log-format: remove unused arguments 2338 - MEDIUM: log-format: strict parsing and enable fail 2339 - MEDIUM: log-format/conf: take into account the parse_logformat_string() return code 2340 - BUILD: ssl: make the SSL layer build again with openssl 0.9.8 2341 - BUILD: vars: remove a build warning on vars.c 2342 - MINOR: lua: add utility function for check boolean argument 2343 - MINOR: lua: Add tokenize function. 2344 - BUG/MINOR: conf: calloc untested 2345 - MINOR: http/conf: store the use_backend configuration file and line for logs 2346 - MEDIUM: log-format: Use standard HAProxy log system to report errors 2347 - CLEANUP: sample: report "converter" instead of "conv method" in error messages 2348 - BUG: spoe: Fix parsing of SPOE actions in ACK frames 2349 - MINOR: cli: make "show stat" support a proxy name 2350 - MINOR: cli: make "show errors" support a proxy name 2351 - MINOR: cli: make "show errors" capable of dumping only request or response 2352 - BUG/MINOR: freq-ctr: make swrate_add() support larger values 2353 - CLEANUP: counters: move from 3 types to 2 types 2354 - CLEANUP: cfgparse: cascade the warnif_misplaced_* rules 2355 - REORG: tcp-rules: move tcp rules processing to their own file 2356 - REORG: stkctr: move all the stick counters processing to stick-tables.c 2357 - DOC: update the roadmap file with the latest changes 2358 23592016/11/09 : 1.7-dev6 2360 - DOC: fix the entry for hash-balance-factor config option 2361 - DOC: Fix typo in description of `-st` parameter in man page 2362 - CLEANUP: cfgparse: Very minor spelling correction 2363 - MINOR: examples: Update haproxy.spec URLs to haproxy.org 2364 - BUG/MEDIUM: peers: on shutdown, wake up the appctx, not the stream 2365 - BUG/MEDIUM: peers: fix use after free in peer_session_create() 2366 - MINOR: peers: make peer_session_forceshutdown() use the appctx and not the stream 2367 - MINOR: peers: remove the pointer to the stream 2368 - BUG/MEDIUM: systemd-wrapper: return correct exit codes 2369 - DOC: stats: provide state details for show servers state 2370 - MEDIUM: tools: make str2ip2() preserve existing ports 2371 - CLEANUP: tools: make ipcpy() preserve the original port 2372 - OPTIM: http: move all http character classs tables into a single one 2373 - OPTIM: http: improve parsing performance of long header lines 2374 - OPTIM: http: improve parsing performance of long URIs 2375 - OPTIM: http: optimize lookup of comma and quote in header values 2376 - BUG/MEDIUM: srv-state: properly restore the DRAIN state 2377 - BUG/MINOR: srv-state: allow to have both CMAINT and FDRAIN flags 2378 - MINOR: server: do not emit warnings/logs/alerts on server state changes at boot 2379 - BUG/MEDIUM: servers: properly propagate the maintenance states during startup 2380 - MEDIUM: wurfl: add Scientiamobile WURFL device detection module 2381 - DOC: move the device detection modules documentation to their own files 2382 - CLEANUP: wurfl: reduce exposure in the rest of the code 2383 - MEDIUM: ssl: Add support for OpenSSL 1.1.0 2384 - MINOR: stream: make option contstats usable again 2385 - MEDIUM: tools: make str2sa_range() return the FQDN even when not resolving 2386 - MINOR: init: move apply_server_state in haproxy.c before MODE_CHECK 2387 - MAJOR: server: postpone address resolution 2388 - MINOR: new srv_admin flag: SRV_ADMF_RMAINT 2389 - MINOR: server: indicate in the logs when RMAINT is cleared 2390 - MINOR: stats: indicate it when a server is down due to resolution 2391 - MINOR: server: make srv_set_admin_state() capable of telling why this happens 2392 - MINOR: dns: implement extra 'hold' timers. 2393 - MAJOR: dns: runtime resolution can change server admin state 2394 - MEDIUM: cli: leave the RMAINT state when setting an IP address on the CLI 2395 - MEDIUM: server: add a new init-addr server line setting 2396 - MEDIUM: server: make use of init-addr 2397 - MINOR: server: implement init-addr none 2398 - MEDIUM: server: make libc resolution failure non-fatal 2399 - MINOR: server: add support for explicit numeric address in init-addr 2400 - DOC: add some documentation for the "init-addr" server keyword 2401 - MINOR: init: add -dr to ignore server address resolution failures 2402 - MEDIUM: server: do not restrict anymore usage of IP address from the state file 2403 - BUG: vars: Fix 'set-var' converter because of a typo 2404 - CLEANUP: remove last references to 'ruleset' section 2405 - MEDIUM: filters: Add attch/detach and stream_set_backend callbacks 2406 - MINOR: filters: Update filters documentation accordingly to recent changes 2407 - MINOR: filters: Call stream_set_backend callbacks before updating backend stats 2408 - MINOR: filters: Remove backend filters attached to a stream only for HTTP streams 2409 - MINOR: flt_trace: Add hexdump option to dump forwarded data 2410 - MINOR: cfgparse: Add functions to backup and restore registered sections 2411 - MINOR: cfgparse: Parse scope lines and save the last one parsed 2412 - REORG: sample: move code to release a sample expression in sample.c 2413 - MINOR: vars: Allow '.' in variable names 2414 - MINOR: vars: Add vars_set_by_name_ifexist function 2415 - MEDIUM: vars: Add a per-process scope for variables 2416 - MINOR: vars: Add 'unset-var' action/converter 2417 - MAJOR: spoe: Add an experimental Stream Processing Offload Engine 2418 - MINOR: spoe: add random ip-reputation service as SPOA example 2419 - MINOR: spoe/checks: Add support for SPOP health checks 2420 - DOC: update ROADMAP file 2421 24222016/10/25 : 1.7-dev5 2423 - MINOR: cfgparse: few memory leaks fixes. 2424 - MEDIUM: log: Decompose %Tq in %Th %Ti %TR 2425 - CLEANUP: logs: remove unused log format field definitions 2426 - BUILD/MAJOR:updated 51d Trie implementation to incorperate latest update to 51Degrees.c 2427 - BUG/MAJOR: stream: properly mark the server address as unset on connect retry 2428 - CLEANUP: proto_http: Removing useless variable assignation 2429 - CLEANUP: dumpstats: Removing useless variables allocation 2430 - CLEANUP: dns: Removing usless variable & assignation 2431 - BUG/MINOR: payload: fix SSLv2 version parser 2432 - MINOR: cli: allow the semi-colon to be escaped on the CLI 2433 - MINOR: cli: change a server health check port through the stats socket 2434 - BUG/MINOR: Fix OSX compilation errors 2435 - MAJOR: check: find out which port to use for health check at run time 2436 - MINOR: server: introduction of 3 new server flags 2437 - MINOR: new update_server_addr_port() function to change both server's ADDR and service PORT 2438 - MINOR: cli: ability to change a server's port 2439 - CLEANUP/MINOR dns: comment do not follow up code update 2440 - MINOR: chunk: new strncat function 2441 - MINOR: dns: wrong DNS_MAX_UDP_MESSAGE value 2442 - MINOR: dns: new MAX values 2443 - MINOR: dns: new macro to compute DNS header size 2444 - MINOR: dns: new DNS structures to store received packets 2445 - MEDIUM: dns: new DNS response parser 2446 - MINOR: dns: query type change when last record is a CNAME 2447 - MINOR: dns: proper domain name validation when receiving DNS response 2448 - MINOR: dns: comments in types/dns.h about structures endianness 2449 - BUG/MINOR: displayed PCRE version is running release 2450 - MINOR: show Built with PCRE version 2451 - MINOR: show Running on zlib version 2452 - MEDIUM: make SO_REUSEPORT configurable 2453 - MINOR: enable IP_BIND_ADDRESS_NO_PORT on backend connections 2454 - BUG/MEDIUM: http/compression: Fix how chunked data are copied during the HTTP body parsing 2455 - BUG/MINOR: stats: report the correct conn_time in backend's html output 2456 - BUG/MEDIUM: dns: don't randomly crash on out-of-memory 2457 - MINOR: Add fe_req_rate sample fetch 2458 - MEDIUM: peers: Fix a peer stick-tables synchronization issue. 2459 - MEDIUM: cli: register CLI keywords with cli_register_kw() 2460 - BUILD: Make use of accept4() on OpenBSD. 2461 - MINOR: tcp: make set-src/set-src-port and set-dst/set-dst-port commutative 2462 - DOC: fix missed entry for "set-{src,dst}{,-port}" 2463 - BUG/MINOR: vars: use sess and not s->sess in action_store() 2464 - BUG/MINOR: vars: make smp_fetch_var() more robust against misuses 2465 - BUG/MINOR: vars: smp_fetch_var() doesn't depend on HTTP but on the session 2466 - MINOR: stats: output dcon 2467 - CLEANUP: tcp rules: mention everywhere that tcp-conn rules are L4 2468 - MINOR: counters: add new fields for denied_sess 2469 - MEDIUM: tcp: add registration and processing of TCP L5 rules 2470 - MINOR: stats: emit dses 2471 - DOC: document tcp-request session 2472 - MINOR: ssl: add debug traces 2473 - BUILD/CLEANUP: ssl: Check BIO_reset() return code 2474 - BUG/MINOR: ssl: Check malloc return code 2475 - BUG/MINOR: ssl: prevent multiple entries for the same certificate 2476 - BUG/MINOR: systemd: make the wrapper return a non-null status code on error 2477 - BUG/MINOR: systemd: always restore signals before execve() 2478 - BUG/MINOR: systemd: check return value of calloc() 2479 - MINOR: systemd: report it when execve() fails 2480 - BUG/MEDIUM: systemd: let the wrapper know that haproxy has completed or failed 2481 - MINOR: proxy: add 'served' field to proxy, equal to total of all servers' 2482 - MINOR: backend: add hash-balance-factor option for hash-type consistent 2483 - MINOR: server: compute a "cumulative weight" to allow chash balancing to hit its target 2484 - MEDIUM: server: Implement bounded-load hash algorithm 2485 - SCRIPTS: make git-show-backports also dump a "git show" command 2486 - MINOR: build: Allow linking to device-atlas library file 2487 - MINOR: stats: Escape equals sign on socket dump 2488 24892016/08/14 : 1.7-dev4 2490 - MINOR: add list_append_word function 2491 - MEDIUM: init: use list_append_word in haproxy.c 2492 - MEDIUM: init: allow directory as argument of -f 2493 - CLEANUP: config: detect double registration of a config section 2494 - MINOR: log: add the %Td log-format specifier 2495 - MEDIUM: filters: Move HTTP headers filtering in its own callback 2496 - MINOR: filters: Simplify calls to analyzers using 2 new macros 2497 - MEDIUM: filters: Add pre and post analyzer callbacks 2498 - DOC: filters: Update the filters documentation accordingly to recent changes 2499 - BUG/MEDIUM: init: don't use environment locale 2500 - SCRIPTS: teach git-show-backports how to report upstream commits 2501 - SCRIPTS: make git-show-backports capable of limiting its history 2502 - BUG/MAJOR: fix listening IP address storage for frontends 2503 - BUG/MINOR: fix listening IP address storage for frontends (cont) 2504 - DOC: Fix typo so fetch is properly parsed by Cyril's converter 2505 - BUG/MAJOR: http: fix breakage of "reqdeny" causing random crashes 2506 - BUG/MEDIUM: stick-tables: fix breakage in table converters 2507 - MINOR: stick-table: change all stick-table converters' inputs to SMP_T_ANY 2508 - BUG/MEDIUM: dns: unbreak DNS resolver after header fix 2509 - BUILD: fix build on Solaris 11 2510 - BUG/MEDIUM: config: fix multiple declaration of section parsers 2511 - BUG/MEDIUM: stats: show servers state may show an servers from another backend 2512 - BUG/MEDIUM: fix risk of segfault with "show tls-keys" 2513 - MEDIUM: dumpstats: 'show tls-keys' is now able to show secrets 2514 - DOC: update doc about tls-tickets-keys dump 2515 - MEDIUM: tcp: add 'set-src' to 'tcp-request connection' 2516 - MINOR: set the CO_FL_ADDR_FROM_SET flags with 'set-src' 2517 - MEDIUM: tcp/http: add 'set-src-port' action 2518 - MEDIUM: tcp/http: new set-dst/set-dst-port actions 2519 - BUG/MEDIUM: sticktables: segfault in some configuration error cases 2520 - BUILD/MEDIUM: rebuild everything when an include file is changed 2521 - BUILD/MEDIUM: force a full rebuild if some build options change 2522 - BUG/MEDIUM: lua: converters doesn't work 2523 - BUG/MINOR: http: add-header: header name copied twice 2524 - BUG/MEDIUM: http: add-header: buffer overwritten 2525 - BUG/MINOR: ssl: fix potential memory leak in ssl_sock_load_dh_params() 2526 - MINOR: stream: export the function 'smp_create_src_stkctr' 2527 - BUG/MEDIUM: dumpstats: undefined behavior in stats_tlskeys_list() 2528 - MEDIUM: dumpstats: make stats_tlskeys_list() yield-aware during tls-keys dump 2529 - BUG/MINOR: http: url32+src should use the big endian version of url32 2530 - BUG/MINOR: http: url32+src should check cli_conn before using it 2531 - DOC: http: add documentation for url32 and url32+src 2532 - BUG/MINOR: fix http-response set-log-level parsing error 2533 - MINOR: systemd: Use variable for config and pidfile paths 2534 - MINOR: systemd: Perform sanity check on config before reload 2535 - MEDIUM: ssl: support SNI filters with multicerts 2536 - MINOR: ssl: crt-list parsing factor 2537 - BUILD: ssl: fix typo causing a build failure in the multicert patch 2538 - MINOR: listener: add the "accept-netscaler-cip" option to the "bind" keyword 2539 - MINOR: tcp: add "tcp-request connection expect-netscaler-cip layer4" 2540 - BUG/MINOR: init: always ensure that global.rlimit_nofile matches actual limits 2541 - BUG/MINOR: init: ensure that FD limit is raised to the max allowed 2542 - BUG/MEDIUM: external-checks: close all FDs right after the fork() 2543 - BUG/MAJOR: external-checks: use asynchronous signal delivery 2544 - BUG/MINOR: external-checks: do not unblock undesired signals 2545 - CLEANUP: external-check: don't block/unblock SIGCHLD when manipulating the list 2546 - BUG/MEDIUM: filters: Fix data filtering when data are modified 2547 - BUG/MINOR: filters: Fix HTTP parsing when a filter loops on data forwarding 2548 - BUG/MINOR: srv-state: fix incorrect output of state file 2549 - BUG/MINOR: ssl: close ssl key file on error 2550 - BUG/MINOR: http: fix misleading error message for response captures 2551 - BUG/BUILD: don't automatically run "make" on "make install" 2552 - DOC: add missing doc for http-request deny [deny_status <status>] 2553 - CLEANUP: dumpstats: u64 field is an unsigned type. 2554 - BUG/MEDIUM: http: unbreak uri/header/url_param hashing 2555 - BUG/MINOR: Rework slightly commit 9962f8fc to clean code and avoid mistakes 2556 - MINOR: new function my_realloc2 = realloc + free upon failure 2557 - CLEANUP: fixed some usages of realloc leading to memory leak 2558 - Revert "BUG/MINOR: ssl: fix potential memory leak in ssl_sock_load_dh_params()" 2559 - CLEANUP: connection: using internal struct to hold source and dest port. 2560 - DOC: spelling fixes 2561 - BUG/MINOR: ssl: fix potential memory leak in ssl_sock_load_dh_params() 2562 - BUG/MEDIUM: dns: fix alignment issues in the DNS response parser 2563 - BUG/MINOR: Fix endiness issue in DNS header creation code 2564 - BUG/MEDIUM: lua: the function txn_done() from sample fetches can crash 2565 - BUG/MEDIUM: lua: the function txn_done() from action wrapper can crash 2566 - MEDIUM: http: implement http-response track-sc* directive 2567 - BUG/MINOR: peers: Fix peers data decoding issue 2568 - BUG/MINOR: peers: don't count track-sc multiple times on errors 2569 - MINOR: standard: add function "escape_string" 2570 - BUG/MEDIUM: log: use function "escape_string" instead of "escape_chunk" 2571 - MINOR: tcp: Return TCP statistics like RTT and RTT variance 2572 - DOC: lua: remove old functions 2573 - BUG/MEDIUM: lua: somme HTTP manipulation functions are called without valid requests 2574 - DOC: fix json converter example and error message 2575 - BUG/MEDIUM: stream-int: completely detach connection on connect error 2576 - DOC: minor typo fixes to improve HTML parsing by haproxy-dconv 2577 - BUILD: make proto_tcp.c compatible with musl library 2578 - BUG/MAJOR: compression: initialize avail_in/next_in even during flush 2579 - BUG/MEDIUM: samples: make smp_dup() always duplicate the sample 2580 - MINOR: sample: implement smp_is_safe() and smp_make_safe() 2581 - MINOR: sample: provide smp_is_rw() and smp_make_rw() 2582 - BUG/MAJOR: server: the "sni" directive could randomly cause trouble 2583 - BUG/MEDIUM: stick-tables: do not fail on string keys with no allocated size 2584 - BUG/MEDIUM: stick-table: properly convert binary samples to keys 2585 - MINOR: sample: use smp_make_rw() in upper/lower converters 2586 - MINOR: tcp: add dst_is_local and src_is_local 2587 - BUG/MINOR: peers: some updates are pushed twice after a resync. 2588 - BUILD: protocol: fix some build errors on OpenBSD 2589 - BUILD: log: iovec requires to include sys/uio.h on OpenBSD 2590 - BUILD: tcp: do not include netinet/ip.h for IP_TTL 2591 - BUILD: connection: fix build breakage on openbsd due to missing in_systm.h 2592 - BUILD: checks: remove the last strcat and eliminate a warning on OpenBSD 2593 - BUILD: tcp: define SOL_TCP when only IPPROTO_TCP exists 2594 - BUILD: compression: remove a warning when no compression lib is used 2595 - BUILD: poll: remove unused hap_fd_isset() which causes a warning with clang 2596 - MINOR: tcp: add further tcp info fetchers 2597 - BUG/MINOR: peers: empty chunks after a resync. 2598 - BUG/MAJOR: stick-counters: possible crash when using sc_trackers with wrong table 2599 - MINOR: standard.c: ipcmp() function to compare 2 IP addresses stored in 2 struct sockaddr_storage 2600 - MINOR: standard.c: ipcpy() function to copy an IP address from a struct sockaddr_storage into an other one 2601 - MAJOR: listen section: don't use first bind port anymore when no server ports are provided 2602 26032016/05/10 : 1.7-dev3 2604 - MINOR: sample: Moves ARGS underlying type from 32 to 64 bits. 2605 - BUG/MINOR: log: Don't use strftime() which can clobber timezone if chrooted 2606 - BUILD: namespaces: fix a potential build warning in namespaces.c 2607 - MINOR: da: Using ARG12 macro for the sample fetch and the convertor. 2608 - DOC: add encoding to json converter example 2609 - BUG/MINOR: conf: "listener id" expects integer, but its not checked 2610 - DOC: Clarify tunes.vars.xxx-max-size settings 2611 - CLEANUP: chunk: adding NULL check to chunk_dup allocation. 2612 - CLEANUP: connection: fix double negation on memcmp() 2613 - BUG/MEDIUM: peers: fix incorrect age in frequency counters 2614 - BUG/MEDIUM: Fix RFC5077 resumption when more than TLS_TICKETS_NO are present 2615 - BUG/MAJOR: Fix crash in http_get_fhdr with exactly MAX_HDR_HISTORY headers 2616 - BUG/MINOR: lua: can't load external libraries 2617 - BUG/MINOR: prevent the dump of uninitialized vars 2618 - CLEANUP: map: it seems that the map were planed to be chained 2619 - MINOR: lua: move class registration facilities 2620 - MINOR: lua: remove some useless checks 2621 - CLEANUP: lua: Remove two same functions 2622 - MINOR: lua: refactor the Lua object registration 2623 - MINOR: lua: precise message when a critical error is catched 2624 - MINOR: lua: post initialization 2625 - MINOR: lua: Add internal function which strip spaces 2626 - MINOR: lua: convert field to lua type 2627 - DOC: "addr" parameter applies to both health and agent checks 2628 - DOC: timeout client: pointers to timeout http-request 2629 - DOC: typo on stick-store response 2630 - DOC: stick-table: amend paragraph blaming the loss of table upon reload 2631 - DOC: typo: ACL subdir match 2632 - DOC: typo: maxconn paragraph is wrong due to a wrong buffer size 2633 - DOC: regsub: parser limitation about the inability to use closing square brackets 2634 - DOC: typo: req.uri is now replaced by capture.req.uri 2635 - DOC: name set-gpt0 mismatch with the expected keyword 2636 - MINOR: http: sample fetch which returns unique-id 2637 - MINOR: dumpstats: extract stats fields enum and names 2638 - MINOR: dumpstats: split stats_dump_info_to_buffer() in two parts 2639 - MINOR: dumpstats: split stats_dump_fe_stats() in two parts 2640 - MINOR: dumpstats: split stats_dump_li_stats() in two parts 2641 - MINOR: dumpstats: split stats_dump_sv_stats() in two parts 2642 - MINOR: dumpstats: split stats_dump_be_stats() in two parts 2643 - MINOR: lua: dump general info 2644 - MINOR: lua: add class proxy 2645 - MINOR: lua: add class server 2646 - MINOR: lua: add class listener 2647 - BUG/MEDIUM: stick-tables: some sample-fetch doesn't work in the connection state. 2648 - MEDIUM: proxy: use dynamic allocation for error dumps 2649 - CLEANUP: remove unneeded casts 2650 - CLEANUP: uniformize last argument of malloc/calloc 2651 - DOC: fix "needed" typo 2652 - BUG/MINOR: dumpstats: fix write to global chunk 2653 - BUG/MINOR: dns: inapropriate way out after a resolution timeout 2654 - BUG/MINOR: dns: trigger a DNS query type change on resolution timeout 2655 - CLEANUP: proto_http: few corrections for gcc warnings. 2656 - BUG/MINOR: DNS: resolution structure change 2657 - BUG/MINOR : allow to log cookie for tarpit and denied request 2658 - BUG/MEDIUM: ssl: rewind the BIO when reading certificates 2659 - OPTIM/MINOR: session: abort if possible before connecting to the backend 2660 - DOC: http: rename the unique-id sample and add the documentation 2661 - BUG/MEDIUM: trace.c: rdtsc() is defined in two files 2662 - BUG/MEDIUM: channel: fix miscalculation of available buffer space (2nd try) 2663 - BUG/MINOR: server: risk of over reading the pref_net array. 2664 - BUG/MINOR: cfgparse: couple of small memory leaks. 2665 - BUG/MEDIUM: sample: initialize the pointer before parse_binary call. 2666 - DOC: fix discrepancy in the example for http-request redirect 2667 - MINOR: acl: Add predefined METH_DELETE, METH_PUT 2668 - CLEANUP: .gitignore cleanup 2669 - DOC: Clarify IPv4 address / mask notation rules 2670 - CLEANUP: fix inconsistency between fd->iocb, proto->accept and accept() 2671 - BUG/MEDIUM: fix maxaccept computation on per-process listeners 2672 - BUG/MINOR: listener: stop unbound listeners on startup 2673 - BUG/MINOR: fix maxaccept computation according to the frontend process range 2674 - TESTS: add blocksig.c to run tests with all signals blocked 2675 - MEDIUM: unblock signals on startup. 2676 - MINOR: filters: Print the list of existing filters during HA startup 2677 - MINOR: filters: Typo in an error message 2678 - MINOR: filters: Filters must define the callbacks struct during config parsing 2679 - DOC: filters: Add filters documentation 2680 - BUG/MEDIUM: channel: don't allow to overwrite the reserve until connected 2681 - BUG/MEDIUM: channel: incorrect polling condition may delay event delivery 2682 - BUG/MEDIUM: channel: fix miscalculation of available buffer space (3rd try) 2683 - BUG/MEDIUM: log: fix risk of segfault when logging HTTP fields in TCP mode 2684 - MINOR: Add ability for agent-check to set server maxconn 2685 - CLEANUP: Use server_parse_maxconn_change_request for maxconn CLI updates 2686 - MINOR: filters: add opaque data 2687 - BUG/MEDIUM: lua: protects the upper boundary of the argument list for converters/fetches. 2688 - MINOR: lua: migrate the argument mask to 64 bits type. 2689 - BUG/MINOR: dumpstats: Fix the "Total bytes saved" counter in backends stats 2690 - BUG/MINOR: log: fix a typo that would cause %HP to log <BADREQ> 2691 - BUG/MEDIUM: http: fix incorrect reporting of server errors 2692 - MINOR: channel: add new function channel_congested() 2693 - BUG/MEDIUM: http: fix risk of CPU spikes with pipelined requests from dead client 2694 - BUG/MAJOR: channel: fix miscalculation of available buffer space (4th try) 2695 - BUG/MEDIUM: stream: ensure the SI_FL_DONT_WAKE flag is properly cleared 2696 - BUG/MEDIUM: channel: fix inconsistent handling of 4GB-1 transfers 2697 - BUG/MEDIUM: stats: show servers state may show an empty or incomplete result 2698 - BUG/MEDIUM: stats: show backend may show an empty or incomplete result 2699 - MINOR: stats: fix typo in help messages 2700 - MINOR: stats: show stat resolvers missing in the help message 2701 - BUG/MINOR: dns: fix DNS header definition 2702 - BUG/MEDIUM: dns: fix alignment issue when building DNS queries 2703 - CLEANUP: don't ignore scripts in .gitignore 2704 - BUILD: add a few release and backport scripts in scripts/ 2705 27062016/03/14 : 1.7-dev2 2707 - DOC: lua: fix lua API 2708 - DOC: mailers: typo in 'hostname' description 2709 - DOC: compression: missing mention of libslz for compression algorithm 2710 - BUILD/MINOR: regex: missing header 2711 - BUG/MINOR: stream: bad return code 2712 - DOC: lua: fix somme errors and add implicit types 2713 - MINOR: lua: add set/get priv for applets 2714 - BUG/MINOR: http: fix several off-by-one errors in the url_param parser 2715 - BUG/MINOR: http: Be sure to process all the data received from a server 2716 - MINOR: filters/http: Use a wrapper function instead of stream_int_retnclose 2717 - BUG/MINOR: chunk: make chunk_dup() always check and set dst->size 2718 - DOC: ssl: fixed some formatting errors in crt tag 2719 - MINOR: chunks: ensure that chunk_strcpy() adds a trailing zero 2720 - MINOR: chunks: add chunk_strcat() and chunk_newstr() 2721 - MINOR: chunk: make chunk_initstr() take a const string 2722 - MEDIUM: tools: add csv_enc_append() to preserve the original chunk 2723 - MINOR: tools: make csv_enc_append() always start at the first byte of the chunk 2724 - MINOR: lru: new function to delete <nb> least recently used keys 2725 - DOC: add Ben Shillito as the maintainer of 51d 2726 - BUG/MINOR: 51d: Ensures a unique domain for each configuration 2727 - BUG/MINOR: 51d: Aligns Pattern cache implementation with HAProxy best practices. 2728 - BUG/MINOR: 51d: Releases workset back to pool. 2729 - BUG/MINOR: 51d: Aligned const pointers to changes in 51Degrees. 2730 - CLEANUP: 51d: Aligned if statements with HAProxy best practices and removed casts from malloc. 2731 - MINOR: rename master process name in -Ds (systemd mode) 2732 - DOC: fix a few spelling mistakes 2733 - DOC: fix "workaround" spelling 2734 - BUG/MINOR: examples: Fixing haproxy.spec to remove references to .cfg files 2735 - MINOR: fix the return type for dns_response_get_query_id() function 2736 - MINOR: server state: missing LF (\n) on error message printed when parsing server state file 2737 - BUG/MEDIUM: dns: no DNS resolution happens if no ports provided to the nameserver 2738 - BUG/MAJOR: servers state: server port is erased when dns resolution is enabled on a server 2739 - BUG/MEDIUM: servers state: server port is used uninitialized 2740 - BUG/MEDIUM: config: Adding validation to stick-table expire value. 2741 - BUG/MEDIUM: sample: http_date() doesn't provide the right day of the week 2742 - BUG/MEDIUM: channel: fix miscalculation of available buffer space. 2743 - MEDIUM: pools: add a new flag to avoid rounding pool size up 2744 - BUG/MEDIUM: buffers: do not round up buffer size during allocation 2745 - BUG/MINOR: stream: don't force retries if the server is DOWN 2746 - BUG/MINOR: counters: make the sc-inc-gpc0 and sc-set-gpt0 touch the table 2747 - MINOR: unix: don't mention free ports on EAGAIN 2748 - BUG/CLEANUP: CLI: report the proper field states in "show sess" 2749 - MINOR: stats: send content-length with the redirect to allow keep-alive 2750 - BUG: stream_interface: Reuse connection even if the output channel is empty 2751 - DOC: remove old tunnel mode assumptions 2752 - BUG/MAJOR: http-reuse: fix risk of orphaned connections 2753 - BUG/MEDIUM: http-reuse: do not share private connections across backends 2754 - BUG/MINOR: ssl: Be sure to use unique serial for regenerated certificates 2755 - BUG/MINOR: stats: fix missing comma in stats on agent drain 2756 - MAJOR: filters: Add filters support 2757 - MINOR: filters: Do not reset stream analyzers if the client is gone 2758 - REORG: filters: Prepare creation of the HTTP compression filter 2759 - MAJOR: filters/http: Rewrite the HTTP compression as a filter 2760 - MEDIUM: filters: Use macros to call filters callbacks to speed-up processing 2761 - MEDIUM: filters: remove http_start_chunk, http_last_chunk and http_chunk_end 2762 - MEDIUM: filters: Replace filter_http_headers callback by an analyzer 2763 - MEDIUM: filters/http: Move body parsing of HTTP messages in dedicated functions 2764 - MINOR: filters: Add stream_filters structure to hide filters info 2765 - MAJOR: filters: Require explicit registration to filter HTTP body and TCP data 2766 - MINOR: filters: Remove unused or useless stuff and do small optimizations 2767 - MEDIUM: filters: Optimize the HTTP compression for chunk encoded response 2768 - MINOR: filters/http: Slightly update the parsing of chunks 2769 - MINOR: filters/http: Forward remaining data when a channel has no "data" filters 2770 - MINOR: filters: Add an filter example 2771 - MINOR: filters: Extract proxy stuff from the struct filter 2772 - MINOR: map: Add regex matching replacement 2773 - BUG/MINOR: lua: unsafe initialization 2774 - DOC: lua: fix somme errors 2775 - MINOR: lua: file dedicated to unsafe functions 2776 - MINOR: lua: add "now" time function 2777 - MINOR: standard: add RFC HTTP date parser 2778 - MINOR: lua: Add date functions 2779 - MINOR: lua: move common function 2780 - MINOR: lua: merge function 2781 - MINOR: lua: Add concat class 2782 - MINOR: standard: add function "escape_chunk" 2783 - MEDIUM: log: add a new log format flag "E" 2784 - DOC: add server name at rate-limit sessions example 2785 - BUG/MEDIUM: ssl: fix off-by-one in ALPN list allocation 2786 - BUG/MEDIUM: ssl: fix off-by-one in NPN list allocation 2787 - DOC: LUA: fix some typos and syntax errors 2788 - MINOR: cli: add a new "show env" command 2789 - MEDIUM: config: allow to manipulate environment variables in the global section 2790 - MEDIUM: cfgparse: reject incorrect 'timeout retry' keyword spelling in resolvers 2791 - MINOR: mailers: increase default timeout to 10 seconds 2792 - MINOR: mailers: use <CRLF> for all line endings 2793 - BUG/MAJOR: lua: segfault using Concat object 2794 - DOC: lua: copyrights 2795 - MINOR: common: mask conversion 2796 - MEDIUM: dns: extract options 2797 - MEDIUM: dns: add a "resolve-net" option which allow to prefer an ip in a network 2798 - MINOR: mailers: make it possible to configure the connection timeout 2799 - BUG/MAJOR: lua: applets can't sleep. 2800 - BUG/MINOR: server: some prototypes are renamed 2801 - BUG/MINOR: lua: Useless copy 2802 - BUG/MEDIUM: stats: stats bind-process doesn't propagate the process mask correctly 2803 - BUG/MINOR: server: fix the format of the warning on address change 2804 - CLEANUP: server: add "const" to some message strings 2805 - MINOR: server: generalize the "updater" source 2806 - BUG/MEDIUM: chunks: always reject negative-length chunks 2807 - BUG/MINOR: systemd: ensure we don't miss signals 2808 - BUG/MINOR: systemd: report the correct signal in debug message output 2809 - BUG/MINOR: systemd: propagate the correct signal to haproxy 2810 - MINOR: systemd: ensure a reload doesn't mask a stop 2811 - BUG/MEDIUM: cfgparse: wrong argument offset after parsing server "sni" keyword 2812 - CLEANUP: stats: Avoid computation with uninitialized bits. 2813 - CLEANUP: pattern: Ignore unknown samples in pat_match_ip(). 2814 - CLEANUP: map: Avoid memory leak in out-of-memory condition. 2815 - BUG/MINOR: tcpcheck: fix incorrect list usage resulting in failure to load certain configs 2816 - BUG/MAJOR: samples: check smp->strm before using it 2817 - MINOR: sample: add a new helper to initialize the owner of a sample 2818 - MINOR: sample: always set a new sample's owner before evaluating it 2819 - BUG/MAJOR: vars: always retrieve the stream and session from the sample 2820 - CLEANUP: payload: remove useless and confusing nullity checks for channel buffer 2821 - BUG/MINOR: ssl: fix usage of the various sample fetch functions 2822 - MINOR: stats: create fields types suitable for all CSV output data 2823 - MINOR: stats: add all the "show info" fields in a table 2824 - MEDIUM: stats: fill all the show info elements prior to displaying them 2825 - MINOR: stats: add a function to emit fields into a chunk 2826 - MINOR: stats: add stats_dump_info_fields() to dump one field per line 2827 - MEDIUM: stats: make use of stats_dump_info_fields() for "show info" 2828 - MINOR: stats: add a declaration of all stats fields 2829 - MINOR: stats: don't hard-code the CSV fields list anymore 2830 - MINOR: stats: create stats fields storage and CSV dump function 2831 - MEDIUM: stats: convert stats_dump_fe_stats() to use stats_dump_fields_csv() 2832 - MEDIUM: stats: make stats_dump_fe_stats() use stats fields for HTML dump 2833 - MEDIUM: stats: convert stats_dump_li_stats() to use stats_dump_fields_csv() 2834 - MEDIUM: stats: make stats_dump_li_stats() use stats fields for HTML dump 2835 - MEDIUM: stats: convert stats_dump_be_stats() to use stats_dump_fields_csv() 2836 - MEDIUM: stats: make stats_dump_be_stats() use stats fields for HTML dump 2837 - MEDIUM: stats: convert stats_dump_sv_stats() to use stats_dump_fields_csv() 2838 - MEDIUM: stats: make stats_dump_sv_stats() use the stats field for HTML 2839 - MEDIUM: stats: move the server state coloring logic to the server dump function 2840 - MINOR: stats: do not use srv->admin & STATS_ADMF_MAINT in HTML dumps 2841 - MINOR: stats: do not check srv->state for SRV_ST_STOPPED in HTML dumps 2842 - MINOR: stats: make CSV report server check status only when enabled 2843 - MINOR: stats: only report backend's down time if it has servers 2844 - MINOR: stats: prepend '*' in front of the check status when in progress 2845 - MINOR: stats: make HTML stats dump rely on the table for the check status 2846 - MINOR: stats: add agent_status, agent_code, agent_duration to output 2847 - MINOR: stats: add check_desc and agent_desc to the output fields 2848 - MINOR: stats: add check and agent's health values in the output 2849 - MEDIUM: stats: make the HTML server state dump use the CSV states 2850 - MEDIUM: stats: only report observe errors when observe is set 2851 - MEDIUM: stats: expose the same flags for CLI and HTTP accesses 2852 - MEDIUM: stats: report server's address in the CSV output 2853 - MEDIUM: stats: report the cookie value in the server & backend CSV dumps 2854 - MEDIUM: stats: compute the color code only in the HTML form 2855 - MEDIUM: stats: report the listeners' address in the CSV output 2856 - MEDIUM: stats: make it possible to report the WAITING state for listeners 2857 - REORG: stats: dump the frontend's HTML stats via a generic function 2858 - REORG: stats: dump the socket stats via the generic function 2859 - REORG: stats: dump the server stats via the generic function 2860 - REORG: stats: dump the backend stats via the generic function 2861 - MEDIUM: stats: add a new "mode" column to report the proxy mode 2862 - MINOR: stats: report the load balancing algorithm in CSV output 2863 - MINOR: stats: add 3 fields to report the frontend-specific connection stats 2864 - MINOR: stats: report number of intercepted requests for frontend and backends 2865 - MINOR: stats: introduce stats_dump_one_line() to dump one stats line 2866 - CLEANUP: stats: make stats_dump_fields_html() not rely on proxy anymore 2867 - MINOR: stats: add ST_SHOWADMIN to pass the admin info in the regular flags 2868 - MINOR: stats: make stats_dump_fields_html() not use &trash by default 2869 - MINOR: stats: add functions to emit typed fields into a chunk 2870 - MEDIUM: stats: support "show info typed" on the CLI 2871 - MEDIUM: stats: implement a typed output format for stats 2872 - DOC: document the "show info typed" and "show stat typed" output formats 2873 - MINOR: cfgparse: warn when uid parameter is not a number 2874 - MINOR: cfgparse: warn when gid parameter is not a number 2875 - BUG/MINOR: standard: Avoid free of non-allocated pointer 2876 - BUG/MINOR: pattern: Avoid memory leak on out-of-memory condition 2877 - CLEANUP: http: fix a build warning introduced by a recent fix 2878 - BUG/MINOR: log: GMT offset not updated when entering/leaving DST 2879 28802015/12/20 : 1.7-dev1 2881 - DOC: specify that stats socket doc (section 9.2) is in management 2882 - BUILD: install only relevant and existing documentation 2883 - CLEANUP: don't ignore debian/ directory if present 2884 - BUG/MINOR: dns: parsing error of some DNS response 2885 - BUG/MEDIUM: namespaces: don't fail if no namespace is used 2886 - BUG/MAJOR: ssl: free the generated SSL_CTX if the LRU cache is disabled 2887 - MEDIUM: dns: Don't use the ANY query type 2888 - BUILD: ssl: fix build error introduced in commit 7969a3 with OpenSSL < 1.0.0 2889 - DOC: fix a typo for a "deviceatlas" keyword 2890 - FIX: small typo in an example using the "Referer" header 2891 - MINOR: cli: ability to set per-server maxconn 2892 - DEBUG/MINOR: memory: add a build option to disable memory pools sharing 2893 - DEBUG/MEDIUM: memory: optionally protect free data in pools 2894 - DEBUG/MEDIUM: memory: add optional control pool memory operations 2895 - MEDIUM: memory: add accounting for failed allocations 2896 - BUG/MEDIUM: config: count memory limits on 64 bits, not 32 2897 - BUG/MAJOR: dns: first DNS response packet not matching queried hostname may lead to a loop 2898 - BUG/MINOR: dns: unable to parse CNAMEs response 2899 - BUG/MINOR: examples/haproxy.init: missing brace in quiet_check() 2900 - DOC: deviceatlas: more example use cases. 2901 - MINOR: config: allow IPv6 bracketed literals 2902 - BUG/BUILD: replace haproxy-systemd-wrapper with $(EXTRA) in install-bin. 2903 - BUILD: add Haiku as supported target. 2904 - BUG/MAJOR: http: don't requeue an idle connection that is already queued 2905 - DOC: typo on capture.res.hdr and capture.req.hdr 2906 - BUG/MINOR: dns: check for duplicate nameserver id in a resolvers section was missing 2907 - CLEANUP: use direction names in place of numeric values 2908 - BUG/MEDIUM: lua: sample fetches based on response doesn't work 2909 - MINOR: check: add agent-send server parameter 2910 - BUG/MINOR: http rule: http capture 'id' rule points to a non existing id 2911 - BUG/MINOR: server: check return value of fgets() in apply_server_state() 2912 - BUG/MINOR: acl: don't use record layer in req_ssl_ver 2913 - BUILD: freebsd: double declaration 2914 - BUG/MEDIUM: lua: clean output buffer 2915 - BUILD: check for libressl to be able to build against it 2916 - DOC: lua-api/index.rst small example fixes, spelling correction. 2917 - DOC: lua: architecture and first steps 2918 - DOC: relation between timeout http-request and option http-buffer-request 2919 - BUILD: Make deviceatlas require PCRE 2920 - BUG: http: do not abort keep-alive connections on server timeout 2921 - BUG/MEDIUM: http: switch the request channel to no-delay once done. 2922 - BUG/MINOR: lua: don't force-sslv3 LUA's SSL socket 2923 - BUILD/MINOR: http: proto_http.h needs sample.h 2924 - BUG/MEDIUM: http: don't enable auto-close on the response side 2925 - BUG/MEDIUM: stream: fix half-closed timeout handling 2926 - CLEANUP: compression: don't allocate DEFAULT_MAXZLIBMEM without USE_ZLIB 2927 - BUG/MEDIUM: cli: changing compression rate-limiting must require admin level 2928 - BUG/MEDIUM: sample: urlp can't match an empty value 2929 - BUILD: dumpstats: silencing warning for printf format specifier / time_t 2930 - CLEANUP: proxy: calloc call inverted arguments 2931 - MINOR: da: silent logging by default and displaying DeviceAtlas support if built. 2932 - BUG/MEDIUM: da: stop DeviceAtlas processing in the convertor if there is no input. 2933 - DOC: Edited 51Degrees section of README/ 2934 - BUG/MEDIUM: checks: email-alert not working when declared in defaults 2935 - BUG/MINOR: checks: email-alert causes a segfault when an unknown mailers section is configured 2936 - BUG/MINOR: checks: typo in an email-alert error message 2937 - BUG/MINOR: tcpcheck: conf parsing error when no port configured on server and last rule is a CONNECT with no port 2938 - BUG/MINOR: tcpcheck: conf parsing error when no port configured on server and first rule(s) is (are) COMMENT 2939 - BUG/MEDIUM: http: fix http-reuse when frontend and backend differ 2940 - DOC: prefer using http-request/response over reqXXX/rspXXX directives 2941 - CLEANUP: haproxy: using _GNU_SOURCE instead of __USE_GNU macro. 2942 - MINOR: ssl: Added cert_key_and_chain struct 2943 - MEDIUM: ssl: Added support for creating SSL_CTX with multiple certs 2944 - MINOR: ssl: Added multi cert support for crt-list config keyword 2945 - MEDIUM: ssl: Added multi cert support for loading crt directories 2946 - MEDIUM: ssl: Added support for Multi-Cert OCSP Stapling 2947 - BUILD: ssl: set SSL_SOCK_NUM_KEYTYPES with openssl < 1.0.2 2948 - MINOR: config: make tune.recv_enough configurable 2949 - BUG/MEDIUM: config: properly adjust maxconn with nbproc when memmax is forced 2950 - DOC: ssl: Adding docs for Multi-Cert bundling 2951 - BUG/MEDIUM: peers: table entries learned from a remote are pushed to others after a random delay. 2952 - BUG/MEDIUM: peers: old stick table updates could be repushed. 2953 - MINOR: lua: service/applet can have access to the HTTP headers when a POST is received 2954 - REORG/MINOR: lua: convert boolean "int" to bitfield 2955 - BUG/MEDIUM: lua: Lua applets must not fetch samples using http_txn 2956 - BUG/MINOR: lua: Lua applets must not use http_txn 2957 - BUG/MEDIUM: lua: Forbid HTTP applets from being called from tcp rulesets 2958 - BUG/MAJOR: lua: Do not force the HTTP analysers in use-services 2959 - CLEANUP: lua: bad error messages 2960 - CONTRIB: initiate a debugging suite to make debugging easier 2961 29622015/10/13 : 1.7-dev0 2963 - exact copy of 1.6.0 2964 29652015/10/13 : 1.6.0 2966 - BUG/MINOR: Handle interactive mode in cli handler 2967 - DOC: global section missing parameters 2968 - DOC: backend section missing parameters 2969 - DOC: stats paramaters available in frontend 2970 - MINOR: lru: do not allocate useless memory in lru64_lookup 2971 - BUG/MINOR: http: Add OPTIONS in supported http methods (found by find_http_meth) 2972 - BUG/MINOR: ssl: fix management of the cache where forged certificates are stored 2973 - MINOR: ssl: Release Servers SSL context when HAProxy is shut down 2974 - MINOR: ssl: Read the file used to generate certificates in any order 2975 - MINOR: ssl: Add support for EC for the CA used to sign generated certificates 2976 - MINOR: ssl: Add callbacks to set DH/ECDH params for generated certificates 2977 - BUG/MEDIUM: logs: fix time zone offset format in RFC5424 2978 - BUILD: Fix the build on OSX (htonll/ntohll) 2979 - BUILD: enable build on Linux/s390x 2980 - BUG/MEDIUM: lua: direction test failed 2981 - MINOR: lua: fix a spelling error in some error messages 2982 - CLEANUP: cli: ensure we can never double-free error messages 2983 - BUG/MEDIUM: lua: force server-close mode on Lua services 2984 - MEDIUM: init: support more command line arguments after pid list 2985 - MEDIUM: init: support a list of files on the command line 2986 - MINOR: debug: enable memory poisonning to use byte 0 2987 - BUILD: ssl: fix build error introduced by recent commit 2988 - BUG/MINOR: config: make the stats socket pass the correct proxy to the parsers 2989 - MEDIUM: server: implement TCP_USER_TIMEOUT on the server 2990 - DOC: mention the "namespace" options for bind and server lines 2991 - DOC: add the "management" documentation 2992 - DOC: move the stats socket documentation from config to management 2993 - MINOR: examples: update haproxy.spec to mention new docs 2994 - DOC: mention management.txt in README 2995 - DOC: remove haproxy-{en,fr}.txt 2996 - BUILD: properly report when USE_ZLIB and USE_SLZ are used together 2997 - MINOR: init: report use of libslz instead of "no compression" 2998 - CLEANUP: examples: remove some obsolete and confusing files 2999 - CLEANUP: examples: remove obsolete configuration file samples 3000 - CLEANUP: examples: fix the example file content-sw-sample.cfg 3001 - CLEANUP: examples: update sample file option-http_proxy.cfg 3002 - CLEANUP: examples: update sample file ssl.cfg 3003 - CLEANUP: tests: move a test file from examples/ to tests/ 3004 - CLEANUP: examples: shut up warnings in transparent proxy example 3005 - CLEANUP: tests: removed completely obsolete test files 3006 - DOC: update ROADMAP to remove what was done in 1.6 3007 - BUG/MEDIUM: pattern: fixup use_after_free in the pat_ref_delete_by_id 3008 30092015/10/06 : 1.6-dev7 3010 - MINOR: cli: Dump all resolvers stats if no resolver section is given 3011 - BUG: config: external-check command validation is checking for incorrect arguments. 3012 - DOC: documentation format cleanups 3013 - DOC: lua: few typos. 3014 - BUG/MEDIUM: str2ip: make getaddrinfo() consider local address selection policy 3015 - BUG/MEDIUM: logs: segfault writing to log from Lua 3016 - DOC: fix lua use-service example 3017 - MINOR: payload: add support for tls session ticket ext 3018 - MINOR: lua: remove the run flag 3019 - MEDIUM: lua: change the timeout execution 3020 - MINOR: lua: rename the tune.lua.applet-timeout 3021 - DOC: lua: update Lua doc 3022 - DOC: lua: update doc according with the last Lua changes 3023 - MINOR: http/tcp: fill the avalaible actions 3024 - DOC: reorder misplaced res.ssl_hello_type in the doc 3025 - BUG/MINOR: tcp: make silent-drop always force a TCP reset 3026 - CLEANUP: tcp: silent-drop: only drain the connection when quick-ack is disabled 3027 - BUILD: tcp: use IPPROTO_IP when SOL_IP is not available 3028 - BUILD: server: fix build warnings introduced by load-server-state 3029 - BUG/MEDIUM: server: fix misuse of format string in load-server-state's warnings 3030 30312015/09/28 : 1.6-dev6 3032 - BUG/MAJOR: can't enable a server through the stat socket 3033 - MINOR: server: Macro definition for server-state 3034 - MINOR: cli: new stats socket command: show servers state 3035 - DOC: stats socket command: show servers state 3036 - MINOR: config: new global directive server-state-base 3037 - DOC: global directive server-state-base 3038 - MINOR: config: new global section directive: server-state-file 3039 - DOC: new global directive: server-state-file 3040 - MINOR: config: new backend directives: load-server-state-from-file and server-state-file-name 3041 - DOC: load-server-state-from-file 3042 - MINOR: init: server state loaded from file 3043 - MINOR: server: startup slowstart task when using seamless reload of HAProxy 3044 - MINOR: cli: new stats socket command: show backend 3045 - DOC: servers state seamless reload example 3046 - BUG: dns: can't connect UDP socket on FreeBSD 3047 - MINOR: cfgparse: New function cfg_unregister_sections() 3048 - MINOR: chunk: New function free_trash_buffers() 3049 - BUG/MEDIUM: main: Freeing a bunch of static pointers 3050 - MINOR: proto_http: Externalisation of previously internal functions 3051 - MINOR: global: Few new struct fields for da module 3052 - MAJOR: da: Update of the DeviceAtlas API module 3053 - DOC: DeviceAtlas new keywords 3054 - DOC: README: DeviceAtlas sample configuration updates 3055 - MEDIUM: log: replace sendto() with sendmsg() in __send_log() 3056 - MEDIUM: log: use a separate buffer for the header and for the message 3057 - MEDIUM: logs: remove the hostname, tag and pid part from the logheader 3058 - MEDIUM: logs: add support for RFC5424 header format per logger 3059 - MEDIUM: logs: add a new RFC5424 log-format for the structured-data 3060 - DOC: mention support for the RFC5424 syslog message format 3061 - MEDIUM: logs: have global.log_send_hostname not contain the trailing space 3062 - MEDIUM: logs: pass the trailing "\n" as an iovec 3063 - BUG/MEDIUM: peers: some table updates are randomly not pushed. 3064 - BUG/MEDIUM: peers: same table updates re-pushed after a re-connect 3065 - BUG/MINOR: fct peer_prepare_ackmsg should not use trash. 3066 - MINOR: http: made CHECK_HTTP_MESSAGE_FIRST accessible to other functions 3067 - MINOR: global: Added new fields for 51Degrees device detection 3068 - DOC: Added more explanation for 51Degrees V3.2 3069 - BUILD: Changed 51Degrees option to support V3.2 3070 - MAJOR: 51d: Upgraded to support 51Degrees V3.2 and new features 3071 - MINOR: 51d: Improved string handling for LRU cache 3072 - DOC: add references to rise/fall for the fastinter explanation 3073 - MINOR: support cpu-map feature through the compile option USE_CPU_AFFINITY on FreeBSD 3074 - BUG/MAJOR: lua: potential unexpected aborts() 3075 - BUG/MINOR: lua: breaks the log message if his size exceed one buffer 3076 - MINOR: action: add private configuration 3077 - MINOR: action: add reference to the original keywork matched for the called parser. 3078 - MINOR: lua: change actions registration 3079 - MEDIUM: proto_http: smp_prefetch_http initialize txn 3080 - MINOR: channel: rename function chn_sess to chn_strm 3081 - CLEANUP: lua: align defines 3082 - MINOR: http: export http_get_path() function 3083 - MINOR: http: export the get_reason() function 3084 - MINOR: http: export function http_msg_analyzer() 3085 - MINOR: http: split initialization 3086 - MINOR: lua: reset pointer after use 3087 - MINOR: lua: identify userdata objects 3088 - MEDIUM: lua: use the function lua_rawset in place of lua_settable 3089 - BUG/MAJOR: lua: segfault after the channel data is modified by some Lua action. 3090 - CLEANUP: lua: use calloc in place of malloc 3091 - BUG/MEDIUM: lua: longjmp function must be unregistered 3092 - BUG/MEDIUM: lua: forces a garbage collection 3093 - BUG/MEDIUM: lua: wakeup task on bad conditions 3094 - MINOR: standard: avoid DNS resolution from the function str2sa_range() 3095 - MINOR: lua: extend socket address to support non-IP families 3096 - MINOR: lua/applet: the cosocket applet should use appctx_wakeup in place of task_wakeup 3097 - BUG/MEDIUM: lua: socket destroy before reading pending data 3098 - MEDIUM: lua: change the GC policy 3099 - OPTIM/MEDIUM: lua: executes the garbage collector only when using cosocket 3100 - BUG/MEDIUM: lua: don't reset undesired flags in hlua_ctx_resume 3101 - MINOR: applet: add init function 3102 - MINOR: applet: add an execution timeout 3103 - MINOR: stream/applet: add use-service action 3104 - MINOR: lua: add AppletTCP class and service 3105 - MINOR: lua: add AppletHTTP class and service 3106 - DOC: lua: some documentation update 3107 - DOC: add the documentation about internal circular lists 3108 - DOC: add a CONTRIBUTING file 3109 - DOC: add a MAINTAINERS file 3110 - BUG/MAJOR: peers: fix a crash when stopping peers on unbound processes 3111 - DOC: update coding-style to reference checkpatch.pl 3112 - BUG/MEDIUM: stick-tables: fix double-decrement of tracked entries 3113 - BUG/MINOR: args: add name for ARGT_VAR 3114 - DOC: add more entries to MAINTAINERS 3115 - DOC: add more entries to MAINTAINERS 3116 - CLEANUP: stream-int: remove obsolete function si_applet_call() 3117 - BUG/MAJOR: cli: do not dereference strm_li()->proto->name 3118 - BUG/MEDIUM: http: do not dereference strm_li(stream) 3119 - BUG/MEDIUM: proxy: do not dereference strm_li(stream) 3120 - BUG/MEDIUM: stream: do not dereference strm_li(stream) 3121 - MINOR: stream-int: use si_release_endpoint() to close idle conns 3122 - BUG/MEDIUM: payload: make req.payload and payload_lv aware of dynamic buffers 3123 - BUG/MEDIUM: acl: always accept match "found" 3124 - MINOR: applet: rename applet_runq to applet_active_queue 3125 - BUG/MAJOR: applet: use a separate run queue to maintain list integrity 3126 - MEDIUM: stream-int: split stream_int_update_conn() into si- and conn-specific parts 3127 - MINOR: stream-int: implement a new stream_int_update() function 3128 - MEDIUM: stream-int: factor out the stream update functions 3129 - MEDIUM: stream-int: call stream_int_update() from si_update() 3130 - MINOR: stream-int: export stream_int_update_* 3131 - MINOR: stream-int: move the applet_pause call out of the stream updates 3132 - MEDIUM: stream-int: clean up the conditions to enable reading in si_conn_wake_cb 3133 - MINOR: stream-int: implement the stream_int_notify() function 3134 - MEDIUM: stream-int: use the same stream notification function for applets and conns 3135 - MEDIUM: stream-int: completely remove stream_int_update_embedded() 3136 - MINOR: stream-int: rename si_applet_done() to si_applet_wake_cb() 3137 - BUG/MEDIUM: applet: fix reporting of broken write situation 3138 - BUG/MINOR: stats: do not call cli_release_handler 3 times 3139 - BUG/MEDIUM: cli: properly handle closed output 3140 - MINOR: cli: do not call the release handler on internal error. 3141 - BUG/MEDIUM: stream-int: avoid double-call to applet->release 3142 - DEBUG: add p_malloc() to return a poisonned memory area 3143 - CLEANUP: lua: remove unneeded memset(0) after calloc() 3144 - MINOR: lua: use the proper applet wakeup mechanism 3145 - BUG/MEDIUM: lua: better fix for the protocol check 3146 - BUG/MEDIUM: lua: properly set the target on the connection 3147 - MEDIUM: actions: pass a new "flags" argument to custom actions 3148 - MEDIUM: actions: add new flag ACT_FLAG_FINAL to notify about last call 3149 - MEDIUM: http: pass ACT_FLAG_FINAL to custom actions 3150 - MEDIUM: lua: only allow actions to yield if not in a final call 3151 - DOC: clarify how to make use of abstract sockets in socat 3152 - CLEANUP: config: make the errorloc/errorfile messages less confusing 3153 - MEDIUM: action: add a new flag ACT_FLAG_FIRST 3154 - BUG/MINOR: config: check that tune.bufsize is always positive 3155 - MEDIUM: config: set tune.maxrewrite to 1024 by default 3156 - DOC: add David Carlier as maintainer of da.c 3157 - DOC: fix some broken unexpected unicode chars in the Lua doc. 3158 - BUG/MEDIUM: proxy: ignore stopped peers 3159 - BUG/MEDIUM: proxy: do not wake stopped proxies' tasks during soft_stop() 3160 - MEDIUM: init: completely deallocate unused peers 3161 - BUG/MEDIUM: tcp: fix inverted condition to call custom actions 3162 - DOC: remove outdated actions lists on tcp-request/response 3163 - MEDIUM: tcp: add new tcp action "silent-drop" 3164 - DOC: add URLs to optional libraries in the README 3165 31662015/09/14 : 1.6-dev5 3167 - MINOR: dns: dns_resolution structure update: time_t to unsigned int 3168 - BUG/MEDIUM: dns: DNS resolution doesn't start 3169 - BUG/MAJOR: dns: dns client resolution infinite loop 3170 - MINOR: dns: coding style update 3171 - MINOR: dns: new bitmasks to use against DNS flags 3172 - MINOR: dns: dns_nameserver structure update: new counter for truncated response 3173 - MINOR: dns: New DNS response analysis code: DNS_RESP_TRUNCATED 3174 - MEDIUM: dns: handling of truncated response 3175 - MINOR: DNS client query type failover management 3176 - MINOR: dns: no expected DNS record type found 3177 - MINOR: dns: new flag to report that no IP can be found in a DNS response packet 3178 - BUG/MINOR: DNS request retry counter used for retry only 3179 - DOC: DNS documentation updated 3180 - MEDIUM: actions: remove ACTION_STOP 3181 - BUG/MEDIUM: lua: outgoing connection was broken since 1.6-dev2 (bis) 3182 - BUG/MINOR: lua: last log character truncated. 3183 - CLEANUP: typo: bad indent 3184 - CLEANUP: actions: missplaced includes 3185 - MINOR: build: missing header 3186 - CLEANUP: lua: Merge log functions 3187 - BUG/MAJOR: http: don't manipulate the server connection if it's killed 3188 - BUG/MINOR: http: remove stupid HTTP_METH_NONE entry 3189 - BUG/MAJOR: http: don't call http_send_name_header() after an error 3190 - MEDIUM: tools: make str2sa_range() optionally return the FQDN 3191 - BUG/MINOR: tools: make str2sa_range() report unresolvable addresses 3192 - BUG/MEDIUM: dns: use the correct server hostname when resolving 3193 31942015/08/30 : 1.6-dev4 3195 - MINOR: log: Add log-format variable %HQ, to log HTTP query strings 3196 - DOC: typo in 'redirect', 302 code meaning 3197 - DOC: typos in tcp-check expect examples 3198 - DOC: resolve-prefer default value and default-server update 3199 - MINOR: DNS counters: increment valid counter 3200 - BUG/MEDIUM: DNS resolution response parsing broken 3201 - MINOR: server: add new SRV_ADMF_CMAINT flag 3202 - MINOR: server SRV_ADMF_CMAINT flag doesn't imply SRV_ADMF_FMAINT 3203 - BUG/MEDIUM: dns: wrong first time DNS resolution 3204 - BUG/MEDIUM: lua: Lua tasks fail to start. 3205 - BUILD: add USE_LUA to BUILD_OPTIONS when it's used 3206 - DOC/MINOR: fix OpenBSD versions where haproxy works 3207 - MINOR: 51d: unable to start haproxy without "51degrees-data-file" 3208 - BUG/MEDIUM: peers: fix wrong message id on stick table updates acknowledgement. 3209 - BUG/MAJOR: peers: fix current table pointer not re-initialized on session release. 3210 - BUILD: ssl: Allow building against libssl without SSLv3. 3211 - DOC: clarify some points about SSL and the proxy protocol 3212 - DOC: mention support for RFC 5077 TLS Ticket extension in starter guide 3213 - BUG/MEDIUM: mailer: DATA part must be terminated with <CRLF>.<CRLF> 3214 - DOC: match several lua configuration option names to those implemented in code 3215 - MINOR cfgparse: Correct the mailer warning text to show the right names to the user 3216 - BUG/MINOR: ssl: TLS Ticket Key rotation broken via socket command 3217 - MINOR: stream: initialize the current_rule field to NULL on stream init 3218 - BUG/MEDIUM: lua: timeout error with converters, wrapper and actions. 3219 - CLEANUP: proto_http: remove useless initialisation 3220 - CLEANUP: http/tcp actions: remove the scope member 3221 - BUG/MINOR: proto_tcp: custom action continue is ignored 3222 - MINOR: proto_tcp: add session in the action prototype 3223 - MINOR: vars: reduce the code size of some wrappers 3224 - MINOR: Move http method enum from proto_http to sample 3225 - MINOR: sample: Add ipv6 to ipv4 and sint to ipv6 casts 3226 - MINOR: sample/proto_tcp: export "smp_fetch_src" 3227 - MEDIUM: cli: rely on the map's output type instead of the sample type 3228 - BUG/MEDIUM: stream: The stream doen't inherit SC from the session 3229 - BUG/MEDIUM: vars: segfault during the configuration parsing 3230 - BUG/MEDIUM: stick-tables: refcount error after copying SC for the session to the stream 3231 - BUG/MEDIUM: lua: bad error processing 3232 - MINOR: samples: rename a struct from sample_storage to sample_data 3233 - MINOR: samples: rename some struct member from "smp" to "data" 3234 - MEDIUM: samples: Use the "struct sample_data" in the "struct sample" 3235 - MINOR: samples: extract the anonymous union and create the union sample_value 3236 - MINOR: samples: rename union from "data" to "u" 3237 - MEDIUM: 51degrees: Adapt the 51Degrees library 3238 - MINOR: samples: data assignation simplification 3239 - MEDIUM: pattern/map: Maps can returns various types 3240 - MINOR: map: The map can return IPv4 and IPv6 3241 - MEDIUM: actions: Merge (http|tcp)-(request|reponse) action structs 3242 - MINOR: actions: Remove the data opaque pointer 3243 - MINOR: lua: use the hlua_rule type in place of opaque type 3244 - MINOR: vars: use the vars types as argument in place of opaque type 3245 - MINOR: proto_http: use an "expr" type in place of generic opaque type. 3246 - MINOR: proto_http: replace generic opaque types by real used types for the actions on thr request line 3247 - MINOR: proto_http: replace generic opaque types by real used types in "http_capture" 3248 - MINOR: proto_http: replace generic opaque types by real used types in "http_capture" by id 3249 - MEDIUM: track-sc: Move the track-sc configuration storage in the union 3250 - MEDIUM: capture: Move the capture configuration storage in the union 3251 - MINOR: actions: add "from" information 3252 - MINOR: actions: remove the mark indicating the last entry in enum 3253 - MINOR: actions: Declare all the embedded actions in the same header file 3254 - MINOR: actions: change actions names 3255 - MEDIUM: actions: Add standard return code for the action API 3256 - MEDIUM: actions: Merge (http|tcp)-(request|reponse) keywords structs 3257 - MINOR: proto_tcp: proto_tcp.h is now useles 3258 - MINOR: actions: mutualise the action keyword lookup 3259 - MEDIUM: actions: Normalize the return code of the configuration parsers 3260 - MINOR: actions: Remove wrappers 3261 - MAJOR: stick-tables: use sample types in place of dedicated types 3262 - MEDIUM: stick-tables: use the sample type names 3263 - MAJOR: stick-tables: remove key storage from the key struct 3264 - MEDIUM: stick-tables: Add GPT0 in the stick tables 3265 - MINOR: stick-tables: Add GPT0 access 3266 - MINOR: stick-tables: Add GPC0 actions 3267 - BUG/MEDIUM: lua: the lua fucntion Channel:close() causes a segfault 3268 - DOC: ssl: missing LF 3269 - MINOR: lua: add core.done() function 3270 - DOC: fix function name 3271 - BUG/MINOR: lua: in some case a sample may remain undefined 3272 - DOC: fix "http_action_set_req_line()" comments 3273 - MINOR: http: Action for manipulating the returned status code. 3274 - MEDIUM: lua: turns txn:close into txn:done 3275 - BUG/MEDIUM: lua: cannot process more Lua hooks after a "done()" function call 3276 - BUILD: link with libdl if needed for Lua support 3277 - CLEANUP: backend: factor out objt_server() in connect_server() 3278 - MEDIUM: backend: don't call si_alloc_conn() when we reuse a valid connection 3279 - MEDIUM: stream-int: simplify si_alloc_conn() 3280 - MINOR: stream-int: add new function si_detach_endpoint() 3281 - MINOR: server: add a list of private idle connections 3282 - MINOR: connection: add a new list member in the connection struct 3283 - MEDIUM: stream-int: queue idle connections at the server 3284 - MINOR: stream-int: make si_idle_conn() only accept valid connections 3285 - MINOR: server: add a list of already used idle connections 3286 - MINOR: connection: add a new flag CO_FL_PRIVATE 3287 - MINOR: config: add new setting "http-reuse" 3288 - MAJOR: backend: initial work towards connection reuse 3289 - MAJOR: backend: improve the connection reuse mechanism 3290 - MEDIUM: backend: implement "http-reuse safe" 3291 - MINOR: server: add a list of safe, already reused idle connections 3292 - MEDIUM: backend: add the "http-reuse aggressive" strategy 3293 - DOC: document the new http-reuse directive 3294 - DOC: internals: document next steps for HTTP connection reuse 3295 - DOC: mention that %ms is left-padded with zeroes. 3296 - MINOR: init: indicate to check 'bind' lines when no listeners were found. 3297 - MAJOR: http: remove references to appsession 3298 - CLEANUP: config: remove appsession initialization 3299 - CLEANUP: appsession: remove appsession.c and sessionhash.c 3300 - CLEANUP: tests: remove sessionhash_test.c and test-cookie-appsess.cfg 3301 - CLEANUP: proxy: remove last references to appsession 3302 - CLEANUP: appsession: remove the last include files 3303 - DOC: remove documentation about appsession 3304 - CLEANUP: .gitignore: ignore more test files 3305 - CLEANUP: .gitignore: finally ignore everything but what is known. 3306 - MEDIUM: config: emit a warning on a frontend without listener 3307 - DOC: add doc/internals/entities-v2.txt 3308 - DOC: add doc/linux-syn-cookies.txt 3309 - DOC: add design thoughts on HTTP/2 3310 - DOC: add some thoughts on connection sharing for HTTP/2 3311 - DOC: add design thoughts on dynamic buffer allocation 3312 - BUG/MEDIUM: counters: ensure that src_{inc,clr}_gpc0 creates a missing entry 3313 - DOC: add new file intro.txt 3314 - MAJOR: tproxy: remove support for cttproxy 3315 - BUG/MEDIUM: lua: outgoing connection was broken since 1.6-dev2 3316 - DOC: lua: replace txn:close with txn:done in lua-api 3317 - DOC: intro: minor updates and fixes 3318 - DOC: intro: fix too long line. 3319 - DOC: fix example of http-request using ssl_fc_session_id 3320 - BUG/MEDIUM: lua: txn:done() still causes a segfault in TCP mode 3321 - CLEANUP: lua: fix some indent issues 3322 - BUG/MEDIUM: lua: fix a segfault in txn:done() if called twice 3323 - DOC: lua: mention than txn:close was renamed txn:done. 3324 33252015/07/22 : 1.6-dev3 3326 - CLEANUP: sample: generalize sample_fetch_string() as sample_fetch_as_type() 3327 - MEDIUM: http: Add new 'set-src' option to http-request 3328 - DOC usesrc root privileges requirments 3329 - BUG/MINOR: dns: wrong time unit for some DNS default parameters 3330 - MINOR: proxy: bit field for proxy_find_best_match diff status 3331 - MINOR: server: new server flag: SRV_F_FORCED_ID 3332 - MINOR: server: server_find functions: id, name, best_match 3333 - DOC: dns: fix chapters syntax 3334 - BUILD/MINOR: tools: rename popcount to my_popcountl 3335 - BUILD: add netbsd TARGET 3336 - MEDIUM: 51Degrees code refactoring and cleanup 3337 - MEDIUM: 51d: add LRU-based cache on User-Agent string detection 3338 - DOC: add notes about the "51degrees-cache-size" parameter 3339 - BUG/MEDIUM: 51d: possible incorrect operations on smp->data.str.str 3340 - BUG/MAJOR: connection: fix TLV offset calculation for proxy protocol v2 parsing 3341 - MINOR: Add sample fetch to detect Supported Elliptic Curves Extension 3342 - BUG/MINOR: payload: Add volatile flag to smp_fetch_req_ssl_ec_ext 3343 - BUG/MINOR: lua: type error in the arguments wrapper 3344 - CLEANUP: vars: remove unused struct 3345 - BUG/MINOR: http/sample: gmtime/localtime can fail 3346 - MINOR: standard: add 64 bits conversion functions 3347 - MAJOR: sample: converts uint and sint in 64 bits signed integer 3348 - MAJOR: arg: converts uint and sint in sint 3349 - MEDIUM: sample: switch to saturated arithmetic 3350 - MINOR: vars: returns variable content 3351 - MEDIUM: vars/sample: operators can use variables as parameter 3352 - BUG/MINOR: ssl: fix smp_fetch_ssl_fc_session_id 3353 - BUILD/MINOR: lua: fix a harmless build warning 3354 - BUILD/MINOR: stats: fix build warning due to condition always true 3355 - BUG/MAJOR: lru: fix unconditional call to free due to unexpected semi-colon 3356 - BUG/MEDIUM: logs: fix improper systematic use of quotes with a few tags 3357 - BUILD/MINOR: lua: ensure that hlua_ctx_destroy is properly defined 3358 - BUG/MEDIUM: lru: fix possible memory leak when ->free() is used 3359 - MINOR: vars: make the accounting not depend on the stream 3360 - MEDIUM: vars: move the session variables to the session, not the stream 3361 - BUG/MEDIUM: vars: do not freeze the connection when the expression cannot be fetched 3362 - BUG/MAJOR: buffers: make the buffer_slow_realign() function respect output data 3363 - BUG/MAJOR: tcp: tcp rulesets were still broken 3364 - MINOR: stats: improve compression stats reporting 3365 - MINOR: ssl: make self-generated certs also work with raw IPv6 addresses 3366 - CLEANUP: ssl: make ssl_sock_generated_cert_serial() take a const 3367 - CLEANUP: ssl: make ssl_sock_generate_certificate() use ssl_sock_generated_cert_serial() 3368 - BUG/MINOR: log: missing some ARGC_* entries in fmt_directives() 3369 - MINOR: args: add new context for servers 3370 - MINOR: stream: maintain consistence between channel_forward and HTTP forward 3371 - MINOR: ssl: provide ia function to set the SNI extension on a connection 3372 - MEDIUM: ssl: add sni support on the server lines 3373 - CLEANUP: stream: remove a useless call to si_detach() 3374 - CLEANUP: stream-int: fix a few outdated comments about stream_int_register_handler() 3375 - CLEANUP: stream-int: remove stream_int_unregister_handler() and si_detach() 3376 - MINOR: stream-int: only use si_release_endpoint() to release a connection 3377 - MINOR: standard: provide htonll() and ntohll() 3378 - CLEANUP/MINOR: dns: dns_str_to_dn_label() only needs a const char 3379 - BUG/MAJOR: dns: fix the length of the string to be copied 3380 33812015/06/17 : 1.6-dev2 3382 - BUG/MINOR: ssl: Display correct filename in error message 3383 - MEDIUM: logs: Add HTTP request-line log format directives 3384 - BUG/MEDIUM: check: tcpcheck regression introduced by e16c1b3f 3385 - BUG/MINOR: check: fix tcpcheck error message 3386 - MINOR: use an int instead of calling tcpcheck_get_step_id 3387 - MINOR: tcpcheck_rule structure update 3388 - MINOR: include comment in tcpcheck error log 3389 - DOC: tcpcheck comment documentation 3390 - MEDIUM: server: add support for changing a server's address 3391 - MEDIUM: server: change server ip address from stats socket 3392 - MEDIUM: protocol: add minimalist UDP protocol client 3393 - MEDIUM: dns: implement a DNS resolver 3394 - MAJOR: server: add DNS-based server name resolution 3395 - DOC: server name resolution + proto DNS 3396 - MINOR: dns: add DNS statistics 3397 - MEDIUM: http: configurable http result codes for http-request deny 3398 - BUILD: Compile clean when debug options defined 3399 - MINOR: lru: Add the possibility to free data when an item is removed 3400 - MINOR: lru: Add lru64_lookup function 3401 - MEDIUM: ssl: Add options to forge SSL certificates 3402 - MINOR: ssl: Export functions to manipulate generated certificates 3403 - MEDIUM: config: add DeviceAtlas global keywords 3404 - MEDIUM: global: add the DeviceAtlas required elements to struct global 3405 - MEDIUM: sample: add the da-csv converter 3406 - MEDIUM: init: DeviceAtlas initialization 3407 - BUILD: Makefile: add options to build with DeviceAtlas 3408 - DOC: README: explain how to build with DeviceAtlas 3409 - BUG/MEDIUM: http: fix the url_param fetch 3410 - BUG/MEDIUM: init: segfault if global._51d_property_names is not initialized 3411 - MAJOR: peers: peers protocol version 2.0 3412 - MINOR: peers: avoid re-scheduling of pending stick-table's updates still not pushed. 3413 - MEDIUM: peers: re-schedule stick-table's entry for sync when data is modified. 3414 - MEDIUM: peers: support of any stick-table data-types for sync 3415 - BUG/MAJOR: sample: regression on sample cast to stick table types. 3416 - CLEANUP: deinit: remove codes for cleaning p->block_rules 3417 - DOC: Fix L4TOUT typo in documentation 3418 - DOC: set-log-level in Logging section preamble 3419 - BUG/MEDIUM: compat: fix segfault on FreeBSD 3420 - MEDIUM: check: include server address and port in the send-state header 3421 - MEDIUM: backend: Allow redispatch on retry intervals 3422 - MINOR: Add TLS ticket keys reference and use it in the listener struct 3423 - MEDIUM: Add support for updating TLS ticket keys via socket 3424 - DOC: Document new socket commands "show tls-keys" and "set ssl tls-key" 3425 - MINOR: Add sample fetch which identifies if the SSL session has been resumed 3426 - DOC: Update doc about weight, act and bck fields in the statistics 3427 - BUG/MEDIUM: ssl: fix tune.ssl.default-dh-param value being overwritten 3428 - MINOR: ssl: add a destructor to free allocated SSL ressources 3429 - MEDIUM: ssl: add the possibility to use a global DH parameters file 3430 - MEDIUM: ssl: replace standards DH groups with custom ones 3431 - MEDIUM: stats: Add enum srv_stats_state 3432 - MEDIUM: stats: Separate server state and colour in stats 3433 - MEDIUM: stats: Only report drain state in stats if server has SRV_ADMF_DRAIN set 3434 - MEDIUM: stats: Differentiate between DRAIN and DRAIN (agent) 3435 - MEDIUM: Lower priority of email alerts for log-health-checks messages 3436 - MEDIUM: Send email alerts when servers are marked as UP or enter the drain state 3437 - MEDIUM: Document when email-alerts are sent 3438 - BUG/MEDIUM: lua: bad argument number in analyser and in error message 3439 - MEDIUM: lua: automatically converts strings in proxy, tables, server and ip 3440 - BUG/MINOR: utf8: remove compilator warning 3441 - MEDIUM: map: uses HAProxy facilities to store default value 3442 - BUG/MINOR: lua: error in detection of mandatory arguments 3443 - BUG/MINOR: lua: set current proxy as default value if it is possible 3444 - BUG/MEDIUM: http: the action set-{method|path|query|uri} doesn't run. 3445 - BUG/MEDIUM: lua: undetected infinite loop 3446 - BUG/MAJOR: http: don't read past buffer's end in http_replace_value 3447 - BUG/MEDIUM: http: the function "(req|res)-replace-value" doesn't respect the HTTP syntax 3448 - MEDIUM/CLEANUP: http: rewrite and lighten http_transform_header() prototype 3449 - BUILD: lua: it miss the '-ldl' directive 3450 - MEDIUM: http: allows 'R' and 'S' in the protocol alphabet 3451 - MINOR: http: split the function http_action_set_req_line() in two parts 3452 - MINOR: http: split http_transform_header() function in two parts. 3453 - MINOR: http: export function inet_set_tos() 3454 - MINOR: lua: txn: add function set_(loglevel|tos|mark) 3455 - MINOR: lua: create and register HTTP class 3456 - DOC: lua: fix some typos 3457 - MINOR: lua: add log functions 3458 - BUG/MINOR: lua: Fix SSL initialisation 3459 - DOC: lua: some fixes 3460 - MINOR: lua: (req|res)_get_headers return more than one header value 3461 - MINOR: lua: map system integration in Lua 3462 - BUG/MEDIUM: http: functions set-{path,query,method,uri} breaks the HTTP parser 3463 - MINOR: sample: add url_dec converter 3464 - MEDIUM: sample: fill the struct sample with the session, proxy and stream pointers 3465 - MEDIUM: sample change the prototype of sample-fetches and converters functions 3466 - MINOR: sample: fill the struct sample with the options. 3467 - MEDIUM: sample: change the prototype of sample-fetches functions 3468 - MINOR: http: split the url_param in two parts 3469 - CLEANUP: http: bad indentation 3470 - MINOR: http: add body_param fetch 3471 - MEDIUM: http: url-encoded parsing function can run throught wrapped buffer 3472 - DOC: http: req.body_param documentation 3473 - MINOR: proxy: custom capture declaration 3474 - MINOR: capture: add two "capture" converters 3475 - MEDIUM: capture: Allow capture with slot identifier 3476 - MINOR: http: add array of generic pointers in http_res_rules 3477 - MEDIUM: capture: adds http-response capture 3478 - MINOR: common: escape CSV strings 3479 - MEDIUM: stats: escape some strings in the CSV dump 3480 - MINOR: tcp: add custom actions that can continue tcp-(request|response) processing 3481 - MINOR: lua: Lua tcp action are not final action 3482 - DOC: lua: schematics about lua socket organization 3483 - BUG/MINOR: debug: display (null) in place of "meth" 3484 - DOC: mention the "lua action" in documentation 3485 - MINOR: standard: add function that converts signed int to a string 3486 - BUG/MINOR: sample: wrong conversion of signed values 3487 - MEDIUM: sample: Add type any 3488 - MINOR: debug: add a special converter which display its input sample content. 3489 - MINOR: tcp: increase the opaque data array 3490 - MINOR: tcp/http/conf: extends the keyword registration options 3491 - MINOR: build: fix build dependency 3492 - MEDIUM: vars: adds support of variables 3493 - MINOR: vars: adds get and set functions 3494 - MINOR: lua: Variable access 3495 - MINOR: samples: add samples which returns constants 3496 - BUG/MINOR: vars/compil: fix some warnings 3497 - BUILD: add 51degrees options to makefile. 3498 - MINOR: global: add several 51Degrees members to global 3499 - MINOR: config: add 51Degrees config parsing. 3500 - MINOR: init: add 51Degrees initialisation code 3501 - MEDIUM: sample: add fiftyone_degrees converter. 3502 - MEDIUM: deinit: add cleanup for 51Degrees to deinit 3503 - MEDIUM: sample: add trie support to 51Degrees 3504 - DOC: add 51Degrees notes to configuration.txt. 3505 - DOC: add build indications for 51Degrees to README. 3506 - MEDIUM: cfgparse: introduce weak and strong quoting 3507 - BUG/MEDIUM: cfgparse: incorrect memmove in quotes management 3508 - MINOR: cfgparse: remove line size limitation 3509 - MEDIUM: cfgparse: expand environment variables 3510 - BUG/MINOR: cfgparse: fix typo in 'option httplog' error message 3511 - BUG/MEDIUM: cfgparse: segfault when userlist is misused 3512 - CLEANUP: cfgparse: remove reference to 'ruleset' section 3513 - MEDIUM: cfgparse: check section maximum number of arguments 3514 - MEDIUM: cfgparse: max arguments check in the global section 3515 - MEDIUM: cfgparse: check max arguments in the proxies sections 3516 - CLEANUP: stream-int: remove a redundant clearing of the linger_risk flag 3517 - MINOR: connection: make conn_sock_shutw() actually perform the shutdown() call 3518 - MINOR: stream-int: use conn_sock_shutw() to shutdown a connection 3519 - MINOR: connection: perform the call to xprt->shutw() in conn_data_shutw() 3520 - MEDIUM: stream-int: replace xprt->shutw calls with conn_data_shutw() 3521 - MINOR: checks: use conn_data_shutw_hard() instead of call via xprt 3522 - MINOR: connection: implement conn_sock_send() 3523 - MEDIUM: stream-int: make conn_si_send_proxy() use conn_sock_send() 3524 - MEDIUM: connection: make conn_drain() perform more controls 3525 - REORG: connection: move conn_drain() to connection.c and rename it 3526 - CLEANUP: stream-int: remove inclusion of fd.h that is not used anymore 3527 - MEDIUM: channel: don't always set CF_WAKE_WRITE on bi_put* 3528 - CLEANUP: lua: don't use si_ic/si_oc on known stream-ints 3529 - BUG/MEDIUM: peers: correctly configure the client timeout 3530 - MINOR: peers: centralize configuration of the peers frontend 3531 - MINOR: proxy: store the default target into the frontend's configuration 3532 - MEDIUM: stats: use frontend_accept() as the accept function 3533 - MEDIUM: peers: use frontend_accept() instead of peer_accept() 3534 - CLEANUP: listeners: remove unused timeout 3535 - MEDIUM: listener: store the default target per listener 3536 - BUILD: fix automatic inclusion of libdl. 3537 - MEDIUM: lua: implement a simple memory allocator 3538 - MEDIUM: compression: postpone buffer adjustments after compression 3539 - MEDIUM: compression: don't send leading zeroes with chunk size 3540 - BUG/MINOR: compression: consider the expansion factor in init 3541 - MINOR: http: check the algo name "identity" instead of the function pointer 3542 - CLEANUP: compression: statify all algo-specific functions 3543 - MEDIUM: compression: add a distinction between UA- and config- algorithms 3544 - MEDIUM: compression: add new "raw-deflate" compression algorithm 3545 - MEDIUM: compression: split deflate_flush() into flush and finish 3546 - CLEANUP: compression: remove unused reset functions 3547 - MAJOR: compression: integrate support for libslz 3548 - BUG/MEDIUM: http: hdr_cnt would not count any header when called without name 3549 - BUG/MAJOR: http: null-terminate the http actions keywords list 3550 - CLEANUP: lua: remove the unused hlua_sleep memory pool 3551 - BUG/MAJOR: lua: use correct object size when initializing a new converter 3552 - CLEANUP: lua: remove hard-coded sizeof() in object creations and mallocs 3553 - CLEANUP: lua: fix confusing local variable naming in hlua_txn_new() 3554 - CLEANUP: hlua: stop using variable name "s" alternately for hlua_txn and hlua_smp 3555 - CLEANUP: lua: get rid of the last "*ht" for struct hlua_txn. 3556 - CLEANUP: lua: rename last occurrences of "*s" to "*htxn" for hlua_txn 3557 - CLEANUP: lua: rename variable "sc" for struct hlua_smp 3558 - CLEANUP: lua: get rid of the last two "*hs" for hlua_smp 3559 - REORG/MAJOR: session: rename the "session" entity to "stream" 3560 - REORG/MEDIUM: stream: rename stream flags from SN_* to SF_* 3561 - MINOR: session: start to reintroduce struct session 3562 - MEDIUM: stream: allocate the session when a stream is created 3563 - MEDIUM: stream: move the listener's pointer to the session 3564 - MEDIUM: stream: move the frontend's pointer to the session 3565 - MINOR: session: add a pointer to the session's origin 3566 - MEDIUM: session: use the pointer to the origin instead of s->si[0].end 3567 - CLEANUP: sample: remove useless tests in fetch functions for l4 != NULL 3568 - MEDIUM: http: move header captures from http_txn to struct stream 3569 - MINOR: http: create a dedicated pool for http_txn 3570 - MAJOR: http: move http_txn out of struct stream 3571 - MAJOR: sample: don't pass l7 anymore to sample fetch functions 3572 - CLEANUP: lua: remove unused hlua_smp->l7 and hlua_txn->l7 3573 - MEDIUM: http: remove the now useless http_txn from {req/res} rules 3574 - CLEANUP: lua: don't pass http_txn anymore to hlua_request_act_wrapper() 3575 - MAJOR: sample: pass a pointer to the session to each sample fetch function 3576 - MINOR: stream: provide a few helpers to retrieve frontend, listener and origin 3577 - CLEANUP: stream: don't set ->target to the incoming connection anymore 3578 - MINOR: stream: move session initialization before the stream's 3579 - MINOR: session: store the session's accept date 3580 - MINOR: session: don't rely on s->logs.logwait in embryonic sessions 3581 - MINOR: session: implement session_free() and use it everywhere 3582 - MINOR: session: add stick counters to the struct session 3583 - REORG: stktable: move the stkctr_* functions from stream to sticktable 3584 - MEDIUM: streams: support looking up stkctr in the session 3585 - MEDIUM: session: update the session's stick counters upon session_free() 3586 - MEDIUM: proto_tcp: track the session's counters in the connection ruleset 3587 - MAJOR: tcp: make tcp_exec_req_rules() only rely on the session 3588 - MEDIUM: stream: don't call stream_store_counters() in kill_mini_session() nor session_accept() 3589 - MEDIUM: stream: move all the session-specific stuff of stream_accept() earlier 3590 - MAJOR: stream: don't initialize the stream anymore in stream_accept 3591 - MEDIUM: session: remove the task pointer from the session 3592 - REORG: session: move the session parts out of stream.c 3593 - MINOR: stream-int: make appctx_new() take the applet in argument 3594 - MEDIUM: peers: move the appctx initialization earlier 3595 - MINOR: session: introduce session_new() 3596 - MINOR: session: make use of session_new() when creating a new session 3597 - MINOR: peers: make use of session_new() when creating a new session 3598 - MEDIUM: peers: initialize the task before the stream 3599 - MINOR: session: set the CO_FL_CONNECTED flag on the connection once ready 3600 - CLEANUP: stream.c: do not re-attach the connection to the stream 3601 - MEDIUM: stream: isolate connection-specific initialization code 3602 - MEDIUM: stream: also accept appctx as origin in stream_accept_session() 3603 - MEDIUM: peers: make use of stream_accept_session() 3604 - MEDIUM: frontend: make ->accept only return +/-1 3605 - MEDIUM: stream: return the stream upon accept() 3606 - MEDIUM: frontend: move some stream initialisation to stream_new() 3607 - MEDIUM: frontend: move the fd-specific settings to session_accept_fd() 3608 - MEDIUM: frontend: don't restrict frontend_accept() to connections anymore 3609 - MEDIUM: frontend: move some remaining stream settings to stream_new() 3610 - CLEANUP: frontend: remove one useless local variable 3611 - MEDIUM: stream: don't rely on the session's listener anymore in stream_new() 3612 - MEDIUM: lua: make use of stream_new() to create an outgoing connection 3613 - MINOR: lua: minor cleanup in hlua_socket_new() 3614 - MINOR: lua: no need for setting timeouts / conn_retries in hlua_socket_new() 3615 - MINOR: peers: no need for setting timeouts / conn_retries in peer_session_create() 3616 - CLEANUP: stream-int: swap stream-int and appctx declarations 3617 - CLEANUP: namespaces: fix protection against multiple inclusions 3618 - MINOR: session: maintain the session count stats in the session, not the stream 3619 - MEDIUM: session: adjust the connection flags before stream_new() 3620 - MINOR: stream: pass the pointer to the origin explicitly to stream_new() 3621 - CLEANUP: poll: move the conditions for waiting out of the poll functions 3622 - BUG/MEDIUM: listener: don't report an error when resuming unbound listeners 3623 - BUG/MEDIUM: init: don't limit cpu-map to the first 32 processes only 3624 - BUG/MAJOR: tcp/http: fix current_rule assignment when restarting over a ruleset 3625 - BUG/MEDIUM: stream-int: always reset si->ops when si->end is nullified 3626 - DOC: update the entities diagrams 3627 - BUG/MEDIUM: http: properly retrieve the front connection 3628 - MINOR: applet: add a new "owner" pointer in the appctx 3629 - MEDIUM: applet: make the applet not depend on a stream interface anymore 3630 - REORG: applet: move the applet definitions out of stream_interface 3631 - CLEANUP: applet: rename struct si_applet to applet 3632 - REORG: stream-int: create si_applet_ops dedicated to applets 3633 - MEDIUM: applet: add basic support for an applet run queue 3634 - MEDIUM: applet: implement a run queue for active appctx 3635 - MEDIUM: stream-int: add a new function si_applet_done() 3636 - MAJOR: applet: now call si_applet_done() instead of si_update() in I/O handlers 3637 - MAJOR: stream: use a regular ->update for all stream interfaces 3638 - MEDIUM: dumpstats: don't unregister the applet anymore 3639 - MEDIUM: applet: centralize the call to si_applet_done() in the I/O handler 3640 - MAJOR: stream: do not allocate request buffers anymore when the left side is an applet 3641 - MINOR: stream-int: add two flags to indicate an applet's wishes regarding I/O 3642 - MEDIUM: applet: make the applets only use si_applet_{cant|want|stop}_{get|put} 3643 - MEDIUM: stream-int: pause the appctx if the task is woken up 3644 - BUG/MAJOR: tcp: only call registered actions when they're registered 3645 - BUG/MEDIUM: peers: fix applet scheduling 3646 - BUG/MEDIUM: peers: recent applet changes broke peers updates scheduling 3647 - MINOR: tools: provide an rdtsc() function for time comparisons 3648 - IMPORT: lru: import simple ebtree-based LRU functions 3649 - IMPORT: hash: import xxhash-r39 3650 - MEDIUM: pattern: add a revision to all pattern expressions 3651 - MAJOR: pattern: add LRU-based cache on pattern matching 3652 - BUG/MEDIUM: http: remove content-length from chunked messages 3653 - DOC: http: update the comments about the rules for determining transfer-length 3654 - BUG/MEDIUM: http: do not restrict parsing of transfer-encoding to HTTP/1.1 3655 - BUG/MEDIUM: http: incorrect transfer-coding in the request is a bad request 3656 - BUG/MEDIUM: http: remove content-length form responses with bad transfer-encoding 3657 - MEDIUM: http: restrict the HTTP version token to 1 digit as per RFC7230 3658 - MEDIUM: http: disable support for HTTP/0.9 by default 3659 - MEDIUM: http: add option-ignore-probes to get rid of the floods of 408 3660 - BUG/MINOR: config: clear proxy->table.peers.p for disabled proxies 3661 - MEDIUM: init: don't stop proxies in parent process when exiting 3662 - MINOR: stick-table: don't attach to peers in stopped state 3663 - MEDIUM: config: initialize stick-tables after peers, not before 3664 - MEDIUM: peers: add the ability to disable a peers section 3665 - MINOR: peers: store the pointer to the signal handler 3666 - MEDIUM: peers: unregister peers that were never started 3667 - MEDIUM: config: propagate the table's process list to the peers sections 3668 - MEDIUM: init: stop any peers section not bound to the correct process 3669 - MEDIUM: config: validate that peers sections are bound to exactly one process 3670 - MAJOR: peers: allow peers section to be used with nbproc > 1 3671 - DOC: relax the peers restriction to single-process 3672 - DOC: document option http-ignore-probes 3673 - DOC: fix the comments about the meaning of msg->sol in HTTP 3674 - BUG/MEDIUM: http: wait for the exact amount of body bytes in wait_for_request_body 3675 - BUG/MAJOR: http: prevent risk of reading past end with balance url_param 3676 - MEDIUM: stream: move HTTP request body analyser before process_common 3677 - MEDIUM: http: add a new option http-buffer-request 3678 - MEDIUM: http: provide 3 fetches for the body 3679 - DOC: update the doc on the proxy protocol 3680 - BUILD: pattern: fix build warnings introduced in the LRU cache 3681 - BUG/MEDIUM: stats: properly initialize the scope before dumping stats 3682 - CLEANUP: config: fix misleading information in error message. 3683 - MINOR: config: report the number of processes using a peers section in the error case 3684 - BUG/MEDIUM: config: properly compute the default number of processes for a proxy 3685 - MEDIUM: http: add new "capture" action for http-request 3686 - BUG/MEDIUM: http: fix the http-request capture parser 3687 - BUG/MEDIUM: http: don't forward client shutdown without NOLINGER except for tunnels 3688 - BUILD/MINOR: ssl: fix build failure introduced by recent patch 3689 - BUG/MAJOR: check: fix breakage of inverted tcp-check rules 3690 - CLEANUP: checks: fix double usage of cur / current_step in tcp-checks 3691 - BUG/MEDIUM: checks: do not dereference head of a tcp-check at the end 3692 - CLEANUP: checks: simplify the loop processing of tcp-checks 3693 - BUG/MAJOR: checks: always check for end of list before proceeding 3694 - BUG/MEDIUM: checks: do not dereference a list as a tcpcheck struct 3695 - BUG/MAJOR: checks: break infinite loops when tcp-checks starts with comment 3696 - MEDIUM: http: make url_param iterate over multiple occurrences 3697 - BUG/MEDIUM: peers: apply a random reconnection timeout 3698 - MEDIUM: config: reject invalid config with name duplicates 3699 - MEDIUM: config: reject conflicts in table names 3700 - CLEANUP: proxy: make the proxy lookup functions more user-friendly 3701 - MINOR: proxy: simply ignore duplicates in proxy name lookups 3702 - MINOR: config: don't open-code proxy name lookups 3703 - MEDIUM: config: clarify the conflicting modes detection for backend rules 3704 - CLEANUP: proxy: remove now unused function findproxy_mode() 3705 - MEDIUM: stick-table: remove the now duplicate find_stktable() function 3706 - MAJOR: config: remove the deprecated reqsetbe / reqisetbe actions 3707 - MINOR: proxy: add a new function proxy_find_by_id() 3708 - MINOR: proxy: add a flag to memorize that the proxy's ID was forced 3709 - MEDIUM: proxy: add a new proxy_find_best_match() function 3710 - CLEANUP: http: explicitly reference request in http_apply_redirect_rules() 3711 - MINOR: http: prepare support for parsing redirect actions on responses 3712 - MEDIUM: http: implement http-response redirect rules 3713 - MEDIUM: http: no need to close the request on redirect if data was parsed 3714 - BUG/MEDIUM: http: fix body processing for the stats applet 3715 - BUG/MINOR: da: fix log-level comparison to emove annoying warning 3716 - CLEANUP: global: remove one ifdef USE_DEVICEATLAS 3717 - CLEANUP: da: move the converter registration to da.c 3718 - CLEANUP: da: register the config keywords in da.c 3719 - CLEANUP: adjust the envelope name in da.h to reflect the file name 3720 - CLEANUP: da: remove ifdef USE_DEVICEATLAS from da.c 3721 - BUILD: make 51D easier to build by defaulting to 51DEGREES_SRC 3722 - BUILD: fix build warning when not using 51degrees 3723 - BUILD: make DeviceAtlas easier to build by defaulting to DEVICEATLAS_SRC 3724 - BUILD: ssl: fix recent build breakage on older SSL libs 3725 37262015/03/11 : 1.6-dev1 3727 - CLEANUP: extract temporary $CFG to eliminate duplication 3728 - CLEANUP: extract temporary $BIN to eliminate duplication 3729 - CLEANUP: extract temporary $PIDFILE to eliminate duplication 3730 - CLEANUP: extract temporary $LOCKFILE to eliminate duplication 3731 - CLEANUP: extract quiet_check() to avoid duplication 3732 - BUG/MINOR: don't start haproxy on reload 3733 - DOC: Address issue where documentation is excluded due to a gitignore rule. 3734 - BUG/MEDIUM: systemd: set KillMode to 'mixed' 3735 - BUILD: fix "make install" to support spaces in the install dirs 3736 - BUG/MINOR: config: http-request replace-header arg typo 3737 - BUG: config: error in http-response replace-header number of arguments 3738 - DOC: missing track-sc* in http-request rules 3739 - BUILD: lua: missing ifdef related to SSL when enabling LUA 3740 - BUG/MEDIUM: regex: fix pcre_study error handling 3741 - MEDIUM: regex: Use pcre_study always when PCRE is used, regardless of JIT 3742 - BUG/MINOR: Fix search for -p argument in systemd wrapper. 3743 - MEDIUM: Improve signal handling in systemd wrapper. 3744 - DOC: fix typo in Unix Socket commands 3745 - BUG/MEDIUM: checks: external checks can't change server status to UP 3746 - BUG/MEDIUM: checks: segfault with external checks in a backend section 3747 - BUG/MINOR: checks: external checks shouldn't wait for timeout to return the result 3748 - BUG/MEDIUM: auth: fix segfault with http-auth and a configuration with an unknown encryption algorithm 3749 - BUG/MEDIUM: config: userlists should ensure that encrypted passwords are supported 3750 - BUG/MINOR: config: don't propagate process binding for dynamic use_backend 3751 - BUG/MINOR: log: fix request flags when keep-alive is enabled 3752 - BUG/MEDIUM: checks: fix conflicts between agent checks and ssl healthchecks 3753 - MINOR: checks: allow external checks in backend sections 3754 - MEDIUM: checks: provide environment variables to the external checks 3755 - MINOR: checks: update dynamic environment variables in external checks 3756 - DOC: checks: environment variables used by "external-check command" 3757 - BUG/MEDIUM: backend: correctly detect the domain when use_domain_only is used 3758 - MINOR: ssl: load certificates in alphabetical order 3759 - BUG/MINOR: checks: prevent http keep-alive with http-check expect 3760 - MINOR: lua: typo in an error message 3761 - MINOR: report the Lua version in -vv 3762 - MINOR: lua: add a compilation error message when compiled with an incompatible version 3763 - BUG/MEDIUM: lua: segfault when calling haproxy sample fetches from lua 3764 - BUILD: try to automatically detect the Lua library name 3765 - BUILD/CLEANUP: systemd: avoid a warning due to mixed code and declaration 3766 - BUG/MEDIUM: backend: Update hash to use unsigned int throughout 3767 - BUG/MEDIUM: connection: fix memory corruption when building a proxy v2 header 3768 - MEDIUM: connection: add new bit in Proxy Protocol V2 3769 - BUG/MINOR: ssl: rejects OCSP response without nextupdate. 3770 - BUG/MEDIUM: ssl: Fix to not serve expired OCSP responses. 3771 - BUG/MINOR: ssl: Fix OCSP resp update fails with the same certificate configured twice. 3772 - BUG/MINOR: ssl: Fix external function in order not to return a pointer on an internal trash buffer. 3773 - MINOR: add fetchs 'ssl_c_der' and 'ssl_f_der' to return DER formatted certs 3774 - MINOR: ssl: add statement to force some ssl options in global. 3775 - BUG/MINOR: ssl: correctly initialize ssl ctx for invalid certificates 3776 - BUG/MEDIUM: ssl: fix bad ssl context init can cause segfault in case of OOM. 3777 - BUG/MINOR: samples: fix unnecessary memcopy converting binary to string. 3778 - MINOR: samples: adds the bytes converter. 3779 - MINOR: samples: adds the field converter. 3780 - MINOR: samples: add the word converter. 3781 - BUG/MINOR: server: move the directive #endif to the end of file 3782 - BUG/MAJOR: buffer: check the space left is enough or not when input data in a buffer is wrapped 3783 - DOC: fix a few typos 3784 - CLEANUP: epoll: epoll_events should be allocated according to global.tune.maxpollevents 3785 - BUG/MINOR: http: fix typo: "401 Unauthorized" => "407 Unauthorized" 3786 - BUG/MINOR: parse: refer curproxy instead of proxy 3787 - BUG/MINOR: parse: check the validity of size string in a more strict way 3788 - BUILD: add new target 'make uninstall' to support uninstalling haproxy from OS 3789 - DOC: expand the docs for the provided stats. 3790 - BUG/MEDIUM: unix: do not unlink() abstract namespace sockets upon failure. 3791 - MEDIUM: ssl: Certificate Transparency support 3792 - MEDIUM: stats: proxied stats admin forms fix 3793 - MEDIUM: http: Compress HTTP responses with status codes 201,202,203 in addition to 200 3794 - BUG/MEDIUM: connection: sanitize PPv2 header length before parsing address information 3795 - MAJOR: namespace: add Linux network namespace support 3796 - MINOR: systemd: Check configuration before start 3797 - BUILD: ssl: handle boringssl in openssl version detection 3798 - BUILD: ssl: disable OCSP when using boringssl 3799 - BUILD: ssl: don't call get_rfc2409_prime when using boringssl 3800 - MINOR: ssl: don't use boringssl's cipher_list 3801 - BUILD: ssl: use OPENSSL_NO_OCSP to detect OCSP support 3802 - MINOR: stats: fix minor typo in HTML page 3803 - MINOR: Also accept SIGHUP/SIGTERM in systemd-wrapper 3804 - MEDIUM: Add support for configurable TLS ticket keys 3805 - DOC: Document the new tls-ticket-keys bind keyword 3806 - DOC: clearly state that the "show sess" output format is not fixed 3807 - MINOR: stats: fix minor typo fix in stats_dump_errors_to_buffer() 3808 - DOC: httplog does not support 'no' 3809 - BUG/MEDIUM: ssl: Fix a memory leak in DHE key exchange 3810 - MINOR: ssl: use SSL_get_ciphers() instead of directly accessing the cipher list. 3811 - BUG/MEDIUM: Consistently use 'check' in process_chk 3812 - MEDIUM: Add external check 3813 - BUG/MEDIUM: Do not set agent health to zero if server is disabled in config 3814 - MEDIUM/BUG: Only explicitly report "DOWN (agent)" if the agent health is zero 3815 - MEDIUM: Remove connect_chk 3816 - MEDIUM: Refactor init_check and move to checks.c 3817 - MEDIUM: Add free_check() helper 3818 - MEDIUM: Move proto and addr fields struct check 3819 - MEDIUM: Attach tcpcheck_rules to check 3820 - MEDIUM: Add parsing of mailers section 3821 - MEDIUM: Allow configuration of email alerts 3822 - MEDIUM: Support sending email alerts 3823 - DOC: Document email alerts 3824 - MINOR: Remove trailing '.' from email alert messages 3825 - MEDIUM: Allow suppression of email alerts by log level 3826 - BUG/MEDIUM: Do not consider an agent check as failed on L7 error 3827 - MINOR: deinit: fix memory leak 3828 - MINOR: http: export the function 'smp_fetch_base32' 3829 - BUG/MEDIUM: http: tarpit timeout is reset 3830 - MINOR: sample: add "json" converter 3831 - BUG/MEDIUM: pattern: don't load more than once a pattern list. 3832 - MINOR: map/acl/dumpstats: remove the "Done." message 3833 - BUG/MAJOR: ns: HAProxy segfault if the cli_conn is not from a network connection 3834 - BUG/MINOR: pattern: error message missing 3835 - BUG/MEDIUM: pattern: some entries are not deleted with case insensitive match 3836 - BUG/MINOR: ARG6 and ARG7 don't fit in a 32 bits word 3837 - MAJOR: poll: only rely on wake_expired_tasks() to compute the wait delay 3838 - MEDIUM: task: call session analyzers if the task is woken by a message. 3839 - MEDIUM: protocol: automatically pick the proto associated to the connection. 3840 - MEDIUM: channel: wake up any request analyzer on response activity 3841 - MINOR: converters: add a "void *private" argument to converters 3842 - MINOR: converters: give the session pointer as converter argument 3843 - MINOR: sample: add private argument to the struct sample_fetch 3844 - MINOR: global: export function and permits to not resolve DNS names 3845 - MINOR: sample: add function for browsing samples. 3846 - MINOR: global: export many symbols. 3847 - MINOR: includes: fix a lot of missing or useless includes 3848 - MEDIUM: tcp: add register keyword system. 3849 - MEDIUM: buffer: make bo_putblk/bo_putstr/bo_putchk return the number of bytes copied. 3850 - MEDIUM: http: change the code returned by the response processing rule functions 3851 - MEDIUM: http/tcp: permit to resume http and tcp custom actions 3852 - MINOR: channel: functions to get data from a buffer without copy 3853 - MEDIUM: lua: lua integration in the build and init system. 3854 - MINOR: lua: add ease functions 3855 - MINOR: lua: add runtime execution context 3856 - MEDIUM: lua: "com" signals 3857 - MINOR: lua: add the configuration directive "lua-load" 3858 - MINOR: lua: core: create "core" class and object 3859 - MINOR: lua: post initialisation bindings 3860 - MEDIUM: lua: add coroutine as tasks. 3861 - MINOR: lua: add sample and args type converters 3862 - MINOR: lua: txn: create class TXN associated with the transaction. 3863 - MINOR: lua: add shared context in the lua stack 3864 - MINOR: lua: txn: import existing sample-fetches in the class TXN 3865 - MINOR: lua: txn: add lua function in TXN that returns an array of http headers 3866 - MINOR: lua: register and execute sample-fetches in LUA 3867 - MINOR: lua: register and execute converters in LUA 3868 - MINOR: lua: add bindings for tcp and http actions 3869 - MINOR: lua: core: add sleep functions 3870 - MEDIUM: lua: socket: add "socket" class for TCP I/O 3871 - MINOR: lua: core: pattern and acl manipulation 3872 - MINOR: lua: channel: add "channel" class 3873 - MINOR: lua: txn: object "txn" provides two objects "channel" 3874 - MINOR: lua: core: can set the nice of the current task 3875 - MINOR: lua: core: can yield an execution stack 3876 - MINOR: lua: txn: add binding for closing the client connection. 3877 - MEDIUM: lua: Lua initialisation "on demand" 3878 - BUG/MAJOR: lua: send function fails and return bad bytes 3879 - MINOR: remove unused declaration. 3880 - MINOR: lua: remove some #define 3881 - MINOR: lua: use bitfield and macro in place of integer and enum 3882 - MINOR: lua: set skeleton for Lua execution expiration 3883 - MEDIUM: lua: each yielding function returns a wake up time. 3884 - MINOR: lua: adds "forced yield" flag 3885 - MEDIUM: lua: interrupt the Lua execution for running other process 3886 - MEDIUM: lua: change the sleep function core 3887 - BUG/MEDIUM: lua: the execution timeout is ignored in yield case 3888 - DOC: lua: Lua configuration documentation 3889 - MINOR: lua: add the struct session in the lua channel struct 3890 - BUG/MINOR: lua: set buffer if it is nnot avalaible. 3891 - BUG/MEDIUM: lua: reset flags before resuming execution 3892 - BUG/MEDIUM: lua: fix infinite loop about channel 3893 - BUG/MEDIUM: lua: the Lua process is not waked up after sending data on requests side 3894 - BUG/MEDIUM: lua: many errors when we try to send data with the channel API 3895 - MEDIUM: lua: use the Lua-5.3 version of the library 3896 - BUG/MAJOR: lua: some function are not yieldable, the forced yield causes errors 3897 - BUG/MEDIUM: lua: can't handle the response bytes 3898 - BUG/MEDIUM: lua: segfault with buffer_replace2 3899 - BUG/MINOR: lua: check buffers before initializing socket 3900 - BUG/MINOR: log: segfault if there are no proxy reference 3901 - BUG/MEDIUM: lua: sockets don't have buffer to write data 3902 - BUG/MEDIUM: lua: cannot connect socket 3903 - BUG/MINOR: lua: sockets receive behavior doesn't follows the specs 3904 - BUG/BUILD: lua: The strict Lua 5.3 version check is not done. 3905 - BUG/MEDIUM: buffer: one byte miss in buffer free space check 3906 - MEDIUM: lua: make the functions hlua_gethlua() and hlua_sethlua() faster 3907 - MINOR: replace the Core object by a simple model. 3908 - MEDIUM: lua: change the objects configuration 3909 - MEDIUM: lua: create a namespace for the fetches 3910 - MINOR: converters: add function to browse converters 3911 - MINOR: lua: wrapper for converters 3912 - MINOR: lua: replace function (req|get)_channel by a variable 3913 - MINOR: lua: fetches and converters can return an empty string in place of nil 3914 - DOC: lua api 3915 - BUG/MEDIUM: sample: fix random number upper-bound 3916 - BUG/MINOR: stats:Fix incorrect printf type. 3917 - BUG/MAJOR: session: revert all the crappy client-side timeout changes 3918 - BUG/MINOR: logs: properly initialize and count log sockets 3919 - BUG/MEDIUM: http: fetch "base" is not compatible with set-header 3920 - BUG/MINOR: counters: do not untrack counters before logging 3921 - BUG/MAJOR: sample: correctly reinitialize sample fetch context before calling sample_process() 3922 - MINOR: stick-table: make stktable_fetch_key() indicate why it failed 3923 - BUG/MEDIUM: counters: fix track-sc* to wait on unstable contents 3924 - BUILD: remove TODO from the spec file and add README 3925 - MINOR: log: make MAX_SYSLOG_LEN overridable at build time 3926 - MEDIUM: log: support a user-configurable max log line length 3927 - DOC: provide an example of how to use ssl_c_sha1 3928 - BUILD: checks: external checker needs signal.h 3929 - BUILD: checks: kill a minor warning on Solaris in external checks 3930 - BUILD: http: fix isdigit & isspace warnings on Solaris 3931 - BUG/MINOR: listener: set the listener's fd to -1 after deletion 3932 - BUG/MEDIUM: unix: failed abstract socket binding is retryable 3933 - MEDIUM: listener: implement a per-protocol pause() function 3934 - MEDIUM: listener: support rebinding during resume() 3935 - BUG/MEDIUM: unix: completely unbind abstract sockets during a pause() 3936 - DOC: explicitly mention the limits of abstract namespace sockets 3937 - DOC: minor fix on {sc,src}_kbytes_{in,out} 3938 - DOC: fix alphabetical sort of converters 3939 - MEDIUM: stick-table: implement lookup from a sample fetch 3940 - MEDIUM: stick-table: add new converters to fetch table data 3941 - MINOR: samples: add two converters for the date format 3942 - BUG/MAJOR: http: correctly rewind the request body after start of forwarding 3943 - DOC: remove references to CPU=native in the README 3944 - DOC: mention that "compression offload" is ignored in defaults section 3945 - DOC: mention that Squid correctly responds 400 to PPv2 header 3946 - BUILD: fix dependencies between config and compat.h 3947 - MINOR: session: export the function 'smp_fetch_sc_stkctr' 3948 - MEDIUM: stick-table: make it easier to register extra data types 3949 - BUG/MINOR: http: base32+src should use the big endian version of base32 3950 - MINOR: sample: allow IP address to cast to binary 3951 - MINOR: sample: add new converters to hash input 3952 - MINOR: sample: allow integers to cast to binary 3953 - BUILD: report commit ID in git versions as well 3954 - CLEANUP: session: move the stick counters declarations to stick_table.h 3955 - MEDIUM: http: add the track-sc* actions to http-request rules 3956 - BUG/MEDIUM: connection: fix proxy v2 header again! 3957 - BUG/MAJOR: tcp: fix a possible busy spinning loop in content track-sc* 3958 - OPTIM/MINOR: proxy: reduce struct proxy by 48 bytes on 64-bit archs 3959 - MINOR: log: add a new field "%lc" to implement a per-frontend log counter 3960 - BUG/MEDIUM: http: fix inverted condition in pat_match_meth() 3961 - BUG/MEDIUM: http: fix improper parsing of HTTP methods for use with ACLs 3962 - BUG/MINOR: pattern: remove useless allocation of unused trash in pat_parse_reg() 3963 - BUG/MEDIUM: acl: correctly compute the output type when a converter is used 3964 - CLEANUP: acl: cleanup some of the redundancy and spaghetti after last fix 3965 - BUG/CRITICAL: http: don't update msg->sov once data start to leave the buffer 3966 - MEDIUM: http: enable header manipulation for 101 responses 3967 - BUG/MEDIUM: config: propagate frontend to backend process binding again. 3968 - MEDIUM: config: properly propagate process binding between proxies 3969 - MEDIUM: config: make the frontends automatically bind to the listeners' processes 3970 - MEDIUM: config: compute the exact bind-process before listener's maxaccept 3971 - MEDIUM: config: only warn if stats are attached to multi-process bind directives 3972 - MEDIUM: config: report it when tcp-request rules are misplaced 3973 - DOC: indicate in the doc that track-sc* can wait if data are missing 3974 - MINOR: config: detect the case where a tcp-request content rule has no inspect-delay 3975 - MEDIUM: systemd-wrapper: support multiple executable versions and names 3976 - BUG/MEDIUM: remove debugging code from systemd-wrapper 3977 - BUG/MEDIUM: http: adjust close mode when switching to backend 3978 - BUG/MINOR: config: don't propagate process binding on fatal errors. 3979 - BUG/MEDIUM: check: rule-less tcp-check must detect connect failures 3980 - BUG/MINOR: tcp-check: report the correct failed step in the status 3981 - DOC: indicate that weight zero is reported as DRAIN 3982 - BUG/MEDIUM: config: avoid skipping disabled proxies 3983 - BUG/MINOR: config: do not accept more track-sc than configured 3984 - BUG/MEDIUM: backend: fix URI hash when a query string is present 3985 - BUG/MEDIUM: http: don't dump debug headers on MSG_ERROR 3986 - BUG/MAJOR: cli: explicitly call cli_release_handler() upon error 3987 - BUG/MEDIUM: tcp: fix outgoing polling based on proxy protocol 3988 - BUILD/MINOR: ssl: de-constify "ciphers" to avoid a warning on openssl-0.9.8 3989 - BUG/MEDIUM: tcp: don't use SO_ORIGINAL_DST on non-AF_INET sockets 3990 - BUG/BUILD: revert accidental change in the makefile from latest SSL fix 3991 - BUG/MEDIUM: ssl: force a full GC in case of memory shortage 3992 - MEDIUM: ssl: add support for smaller SSL records 3993 - MINOR: session: release a few other pools when stopping 3994 - MINOR: task: release the task pool when stopping 3995 - BUG/MINOR: config: don't inherit the default balance algorithm in frontends 3996 - BUG/MAJOR: frontend: initialize capture pointers earlier 3997 - BUG/MINOR: stats: correctly set the request/response analysers 3998 - MAJOR: polling: centralize calls to I/O callbacks 3999 - DOC: fix typo in the body parser documentation for msg.sov 4000 - BUG/MINOR: peers: the buffer size is global.tune.bufsize, not trash.size 4001 - MINOR: sample: add a few basic internal fetches (nbproc, proc, stopping) 4002 - DEBUG: pools: apply poisonning on every allocated pool 4003 - BUG/MAJOR: sessions: unlink session from list on out of memory 4004 - BUG/MEDIUM: patterns: previous fix was incomplete 4005 - BUG/MEDIUM: payload: ensure that a request channel is available 4006 - BUG/MINOR: tcp-check: don't condition data polling on check type 4007 - BUG/MEDIUM: tcp-check: don't rely on random memory contents 4008 - BUG/MEDIUM: tcp-checks: disable quick-ack unless next rule is an expect 4009 - BUG/MINOR: config: fix typo in condition when propagating process binding 4010 - BUG/MEDIUM: config: do not propagate processes between stopped processes 4011 - BUG/MAJOR: stream-int: properly check the memory allocation return 4012 - BUG/MEDIUM: memory: fix freeing logic in pool_gc2() 4013 - BUG/MAJOR: namespaces: conn->target is not necessarily a server 4014 - BUG/MEDIUM: compression: correctly report zlib_mem 4015 - CLEANUP: lists: remove dead code 4016 - CLEANUP: memory: remove dead code 4017 - CLEANUP: memory: replace macros pool_alloc2/pool_free2 with functions 4018 - MINOR: memory: cut pool allocator in 3 layers 4019 - MEDIUM: memory: improve pool_refill_alloc() to pass a refill count 4020 - MINOR: stream-int: retrieve session pointer from stream-int 4021 - MINOR: buffer: reset a buffer in b_reset() and not channel_init() 4022 - MEDIUM: buffer: use b_alloc() to allocate and initialize a buffer 4023 - MINOR: buffer: move buffer initialization after channel initialization 4024 - MINOR: buffer: only use b_free to release buffers 4025 - MEDIUM: buffer: always assign a dummy empty buffer to channels 4026 - MEDIUM: buffer: add a new buf_wanted dummy buffer to report failed allocations 4027 - MEDIUM: channel: do not report full when buf_empty is present on a channel 4028 - MINOR: session: group buffer allocations together 4029 - MINOR: buffer: implement b_alloc_fast() 4030 - MEDIUM: buffer: implement b_alloc_margin() 4031 - MEDIUM: session: implement a basic atomic buffer allocator 4032 - MAJOR: session: implement a wait-queue for sessions who need a buffer 4033 - MAJOR: session: only allocate buffers when needed 4034 - MINOR: stats: report a "waiting" flags for sessions 4035 - MAJOR: session: only wake up as many sessions as available buffers permit 4036 - MINOR: config: implement global setting tune.buffers.reserve 4037 - MINOR: config: implement global setting tune.buffers.limit 4038 - MEDIUM: channel: implement a zero-copy buffer transfer 4039 - MEDIUM: stream-int: support splicing from applets 4040 - OPTIM: stream-int: try to send pending spliced data 4041 - CLEANUP: session: remove session_from_task() 4042 - DOC: add missing entry for log-format and clarify the text 4043 - MINOR: logs: add a new per-proxy "log-tag" directive 4044 - BUG/MEDIUM: http: fix header removal when previous header ends with pure LF 4045 - MINOR: config: extend the default max hostname length to 64 and beyond 4046 - BUG/MEDIUM: channel: fix possible integer overflow on reserved size computation 4047 - BUG/MINOR: channel: compare to_forward with buf->i, not buf->size 4048 - MINOR: channel: add channel_in_transit() 4049 - MEDIUM: channel: make buffer_reserved() use channel_in_transit() 4050 - MEDIUM: channel: make bi_avail() use channel_in_transit() 4051 - BUG/MEDIUM: channel: don't schedule data in transit for leaving until connected 4052 - CLEANUP: channel: rename channel_reserved -> channel_is_rewritable 4053 - MINOR: channel: rename channel_full() to !channel_may_recv() 4054 - MINOR: channel: rename buffer_reserved() to channel_reserved() 4055 - MINOR: channel: rename buffer_max_len() to channel_recv_limit() 4056 - MINOR: channel: rename bi_avail() to channel_recv_max() 4057 - MINOR: channel: rename bi_erase() to channel_truncate() 4058 - BUG/MAJOR: log: don't try to emit a log if no logger is set 4059 - MINOR: tools: add new round_2dig() function to round integers 4060 - MINOR: global: always export some SSL-specific metrics 4061 - MINOR: global: report information about the cost of SSL connections 4062 - MAJOR: init: automatically set maxconn and/or maxsslconn when possible 4063 - MINOR: http: add a new fetch "query" to extract the request's query string 4064 - MINOR: hash: add new function hash_crc32 4065 - MINOR: samples: provide a "crc32" converter 4066 - MEDIUM: backend: add the crc32 hash algorithm for load balancing 4067 - BUG/MINOR: args: add missing entry for ARGT_MAP in arg_type_names 4068 - BUG/MEDIUM: http: make http-request set-header compute the string before removal 4069 - MEDIUM: args: use #define to specify the number of bits used by arg types and counts 4070 - MEDIUM: args: increase arg type to 5 bits and limit arg count to 5 4071 - MINOR: args: add type-specific flags for each arg in a list 4072 - MINOR: args: implement a new arg type for regex : ARGT_REG 4073 - MEDIUM: regex: add support for passing regex flags to regex_exec_match() 4074 - MEDIUM: samples: add a regsub converter to perform regex-based transformations 4075 - BUG/MINOR: sample: fix case sensitivity for the regsub converter 4076 - MEDIUM: http: implement http-request set-{method,path,query,uri} 4077 - DOC: fix missing closing brackend on regsub 4078 - MEDIUM: samples: provide basic arithmetic and bitwise operators 4079 - MEDIUM: init: continue to enforce SYSTEM_MAXCONN with auto settings if set 4080 - BUG/MINOR: http: fix incorrect header value offset in replace-hdr/replace-value 4081 - BUG/MINOR: http: abort request processing on filter failure 4082 - MEDIUM: tcp: implement tcp-ut bind option to set TCP_USER_TIMEOUT 4083 - MINOR: ssl/server: add the "no-ssl-reuse" server option 4084 - BUG/MAJOR: peers: initialize s->buffer_wait when creating the session 4085 - MINOR: http: add a new function to iterate over each header line 4086 - MINOR: http: add the new sample fetches req.hdr_names and res.hdr_names 4087 - MEDIUM: task: always ensure that the run queue is consistent 4088 - BUILD: Makefile: add -Wdeclaration-after-statement 4089 - BUILD/CLEANUP: ssl: avoid a warning due to mixed code and declaration 4090 - BUILD/CLEANUP: config: silent 3 warnings about mixed declarations with code 4091 - MEDIUM: protocol: use a family array to index the protocol handlers 4092 - BUILD: lua: cleanup many mixed occurrences declarations & code 4093 - BUG/MEDIUM: task: fix recently introduced scheduler skew 4094 - BUG/MINOR: lua: report the correct function name in an error message 4095 - BUG/MAJOR: http: fix stats regression consecutive to HTTP_RULE_RES_YIELD 4096 - Revert "BUG/MEDIUM: lua: can't handle the response bytes" 4097 - MINOR: lua: convert IP addresses to type string 4098 - CLEANUP: lua: use the same function names in C and Lua 4099 - REORG/MAJOR: move session's req and resp channels back into the session 4100 - CLEANUP: remove now unused channel pool 4101 - REORG/MEDIUM: stream-int: introduce si_ic/si_oc to access channels 4102 - MEDIUM: stream-int: add a flag indicating which side the SI is on 4103 - MAJOR: stream-int: only rely on SI_FL_ISBACK to find the requested channel 4104 - MEDIUM: stream-interface: remove now unused pointers to channels 4105 - MEDIUM: stream-int: make si_sess() use the stream int's side 4106 - MEDIUM: stream-int: use si_task() to retrieve the task from the stream int 4107 - MEDIUM: stream-int: remove any reference to the owner 4108 - CLEANUP: stream-int: add si_ib/si_ob to dereference the buffers 4109 - CLEANUP: stream-int: add si_opposite() to find the other stream interface 4110 - REORG/MEDIUM: channel: only use chn_prod / chn_cons to find stream-interfaces 4111 - MEDIUM: channel: add a new flag "CF_ISRESP" for the response channel 4112 - MAJOR: channel: only rely on the new CF_ISRESP flag to find the SI 4113 - MEDIUM: channel: remove now unused ->prod and ->cons pointers 4114 - CLEANUP: session: simplify references to chn_{prod,cons}(&s->{req,res}) 4115 - CLEANUP: session: use local variables to access channels / stream ints 4116 - CLEANUP: session: don't needlessly pass a pointer to the stream-int 4117 - CLEANUP: session: don't use si_{ic,oc} when we know the session. 4118 - CLEANUP: stream-int: limit usage of si_ic/si_oc 4119 - CLEANUP: lua: limit usage of si_ic/si_oc 4120 - MINOR: channel: add chn_sess() helper to retrieve session from channel 4121 - MEDIUM: session: simplify receive buffer allocator to only use the channel 4122 - MEDIUM: lua: use CF_ISRESP to detect the channel's side 4123 - CLEANUP: lua: remove the session pointer from hlua_channel 4124 - CLEANUP: lua: hlua_channel_new() doesn't need the pointer to the session anymore 4125 - MEDIUM: lua: remove struct hlua_channel 4126 - MEDIUM: lua: remove hlua_sample_fetch 4127 41282014/06/19 : 1.6-dev0 4129 - exact copy of 1.5.0 4130 41312014/06/19 : 1.5.0 4132 - MEDIUM: ssl: ignored file names ending as '.issuer' or '.ocsp'. 4133 - MEDIUM: ssl: basic OCSP stapling support. 4134 - MINOR: ssl/cli: Fix unapropriate comment in code on 'set ssl ocsp-response' 4135 - MEDIUM: ssl: add 300s supported time skew on OCSP response update. 4136 - MINOR: checks: mysql-check: Add support for v4.1+ authentication 4137 - MEDIUM: ssl: Add the option to use standardized DH parameters >= 1024 bits 4138 - MEDIUM: ssl: fix detection of ephemeral diffie-hellman key exchange by using the cipher description. 4139 - MEDIUM: http: add actions "replace-header" and "replace-values" in http-req/resp 4140 - MEDIUM: Break out check establishment into connect_chk() 4141 - MEDIUM: Add port_to_str helper 4142 - BUG/MEDIUM: fix ignored values for half-closed timeouts (client-fin and server-fin) in defaults section. 4143 - BUG/MEDIUM: Fix unhandled connections problem with systemd daemon mode and SO_REUSEPORT. 4144 - MINOR: regex: fix a little configuration memory leak. 4145 - MINOR: regex: Create JIT compatible function that return match strings 4146 - MEDIUM: regex: replace all standard regex function by own functions 4147 - MEDIUM: regex: Remove null terminated strings. 4148 - MINOR: regex: Use native PCRE API. 4149 - MINOR: missing regex.h include 4150 - DOC: Add Exim as Proxy Protocol implementer. 4151 - BUILD: don't use type "uint" which is not portable 4152 - BUILD: stats: workaround stupid and bogus -Werror=format-security behaviour 4153 - BUG/MEDIUM: http: clear CF_READ_NOEXP when preparing a new transaction 4154 - CLEANUP: http: don't clear CF_READ_NOEXP twice 4155 - DOC: fix proxy protocol v2 decoder example 4156 - DOC: fix remaining occurrences of "pattern extraction" 4157 - MINOR: log: allow the HTTP status code to be logged even in TCP frontends 4158 - MINOR: logs: don't limit HTTP header captures to HTTP frontends 4159 - MINOR: sample: improve sample_fetch_string() to report partial contents 4160 - MINOR: capture: extend the captures to support non-header keys 4161 - MINOR: tcp: prepare support for the "capture" action 4162 - MEDIUM: tcp: add a new tcp-request capture directive 4163 - MEDIUM: session: allow shorter retry delay if timeout connect is small 4164 - MEDIUM: session: don't apply the retry delay when redispatching 4165 - MEDIUM: session: redispatch earlier when possible 4166 - MINOR: config: warn when tcp-check rules are used without option tcp-check 4167 - BUG/MINOR: connection: make proxy protocol v1 support the UNKNOWN protocol 4168 - DOC: proxy protocol example parser was still wrong 4169 - DOC: minor updates to the proxy protocol doc 4170 - CLEANUP: connection: merge proxy proto v2 header and address block 4171 - MEDIUM: connection: add support for proxy protocol v2 in accept-proxy 4172 - MINOR: tools: add new functions to quote-encode strings 4173 - DOC: clarify the CSV format 4174 - MEDIUM: stats: report the last check and last agent's output on the CSV status 4175 - MINOR: freq_ctr: introduce a new averaging method 4176 - MEDIUM: session: maintain per-backend and per-server time statistics 4177 - MEDIUM: stats: report per-backend and per-server time stats in HTML and CSV outputs 4178 - BUG/MINOR: http: fix typos in previous patch 4179 - DOC: remove the ultra-obsolete TODO file 4180 - DOC: update roadmap 4181 - DOC: minor updates to the README 4182 - DOC: mention the maxconn limitations with the select poller 4183 - DOC: commit a few old design thoughts files 4184 41852014/05/28 : 1.5-dev26 4186 - BUG/MEDIUM: polling: fix possible CPU hogging of worker processes after receiving SIGUSR1. 4187 - BUG/MINOR: stats: fix a typo on a closing tag for a server tracking another one 4188 - OPTIM: stats: avoid the calculation of a useless link on tracking servers in maintenance 4189 - MINOR: fix a few memory usage errors 4190 - CONTRIB: halog: Filter input lines by date and time through timestamp 4191 - MINOR: ssl: SSL_CTX_set_options() and SSL_CTX_set_mode() take a long, not an int 4192 - BUG/MEDIUM: regex: fix risk of buffer overrun in exp_replace() 4193 - MINOR: acl: set "str" as default match for strings 4194 - DOC: Add some precisions about acl default matching method 4195 - MEDIUM: acl: strenghten the option parser to report invalid options 4196 - BUG/MEDIUM: config: a stats-less config crashes in 1.5-dev25 4197 - BUG/MINOR: checks: tcp-check must not stop on '\0' for binary checks 4198 - MINOR: stats: improve alignment of color codes to save one line of header 4199 - MINOR: checks: simplify and improve reporting of state changes when using log-health-checks 4200 - MINOR: server: remove the SRV_DRAIN flag which can always be deduced 4201 - MINOR: server: use functions to detect state changes and to update them 4202 - MINOR: server: create srv_was_usable() from srv_is_usable() and use a pointer 4203 - BUG/MINOR: stats: do not report "100%" in the thottle column when server is draining 4204 - BUG/MAJOR: config: don't free valid regex memory 4205 - BUG/MEDIUM: session: don't clear CF_READ_NOEXP if analysers are not called 4206 - BUG/MINOR: stats: tracking servers may incorrectly report an inherited DRAIN status 4207 - MEDIUM: proxy: make timeout parser a bit stricter 4208 - REORG/MEDIUM: server: split server state and flags in two different variables 4209 - REORG/MEDIUM: server: move the maintenance bits out of the server state 4210 - MAJOR: server: use states instead of flags to store the server state 4211 - REORG: checks: put the functions in the appropriate files ! 4212 - MEDIUM: server: properly support and propagate the maintenance status 4213 - MEDIUM: server: allow multi-level server tracking 4214 - CLEANUP: checks: rename the server_status_printf function 4215 - MEDIUM: checks: simplify server up/down/nolb transitions 4216 - MAJOR: checks: move health checks changes to set_server_check_status() 4217 - MINOR: server: make the status reporting function support a reason 4218 - MINOR: checks: simplify health check reporting functions 4219 - MINOR: server: implement srv_set_stopped() 4220 - MINOR: server: implement srv_set_running() 4221 - MINOR: server: implement srv_set_stopping() 4222 - MEDIUM: checks: simplify failure notification using srv_set_stopped() 4223 - MEDIUM: checks: simplify success notification using srv_set_running() 4224 - MEDIUM: checks: simplify stopping mode notification using srv_set_stopping() 4225 - MEDIUM: stats: report a server's own state instead of the tracked one's 4226 - MINOR: server: make use of srv_is_usable() instead of checking eweight 4227 - MAJOR: checks: add support for a new "drain" administrative mode 4228 - MINOR: stats: use the admin flags for soft enable/disable/stop/start on the web page 4229 - MEDIUM: stats: introduce new actions to simplify admin status management 4230 - MINOR: cli: introduce a new "set server" command 4231 - MINOR: stats: report a distinct output for DOWN caused by agent 4232 - MINOR: checks: support specific check reporting for the agent 4233 - MINOR: checks: support a neutral check result 4234 - BUG/MINOR: cli: "agent" was missing from the "enable"/"disable" help message 4235 - MEDIUM: cli: add support for enabling/disabling health checks. 4236 - MEDIUM: stats: report down caused by agent prior to reporting up 4237 - MAJOR: agent: rework the response processing and support additional actions 4238 - MINOR: stats: improve the stats web page to support more actions 4239 - CONTRIB: halog: avoid calling time/localtime/mktime for each line 4240 - DOC: document the workarouds for Google Chrome's bogus pre-connect 4241 - MINOR: stats: report SSL key computations per second 4242 - MINOR: stats: add counters for SSL cache lookups and misses 4243 42442014/05/10 : 1.5-dev25 4245 - MEDIUM: connection: Implement and extented PROXY Protocol V2 4246 - MINOR: ssl: clean unused ACLs declarations 4247 - MINOR: ssl: adds fetchs and ACLs for ssl back connection. 4248 - MINOR: ssl: merge client's and frontend's certificate functions. 4249 - MINOR: ssl: adds ssl_f_sha1 fetch to return frontend's certificate fingerprint 4250 - MINOR: ssl: adds sample converter base64 for binary type. 4251 - MINOR: ssl: convert to binary ssl_fc_unique_id and ssl_bc_unique_id. 4252 - BUG/MAJOR: ssl: Fallback to private session cache if current lock mode is not supported. 4253 - MAJOR: ssl: Change default locks on ssl session cache. 4254 - BUG/MINOR: chunk: Fix function chunk_strcmp and chunk_strcasecmp match a substring. 4255 - MINOR: ssl: add global statement tune.ssl.force-private-cache. 4256 - MINOR: ssl: remove fallback to SSL session private cache if lock init fails. 4257 - BUG/MEDIUM: patterns: last fix was still not enough 4258 - MINOR: http: export the smp_fetch_cookie function 4259 - MINOR: http: generic pointer to rule argument 4260 - BUG/MEDIUM: pattern: a typo breaks automatic acl/map numbering 4261 - BUG/MAJOR: patterns: -i and -n are ignored for inlined patterns 4262 - BUG/MINOR: proxy: unsafe initialization of HTTP transaction when switching from TCP frontend 4263 - BUG/MINOR: http: log 407 in case of proxy auth 4264 - MINOR: http: rely on the message body parser to send 100-continue 4265 - MEDIUM: http: move reqadd after execution of http_request redirect 4266 - MEDIUM: http: jump to dedicated labels after http-request processing 4267 - BUG/MINOR: http: block rules forgot to increment the denied_req counter 4268 - BUG/MINOR: http: block rules forgot to increment the session's request counter 4269 - MEDIUM: http: move Connection header processing earlier 4270 - MEDIUM: http: remove even more of the spaghetti in the request path 4271 - MINOR: http: silently support the "block" action for http-request 4272 - CLEANUP: proxy: rename "block_cond" to "block_rules" 4273 - MEDIUM: http: emulate "block" rules using "http-request" rules 4274 - MINOR: http: remove the now unused loop over "block" rules 4275 - MEDIUM: http: factorize the "auth" action of http-request and stats 4276 - MEDIUM: http: make http-request rules processing return a verdict instead of a rule 4277 - MINOR: config: add minimum support for emitting warnings only once 4278 - MEDIUM: config: inform the user about the deprecatedness of "block" rules 4279 - MEDIUM: config: inform the user that "reqsetbe" is deprecated 4280 - MEDIUM: config: inform the user only once that "redispatch" is deprecated 4281 - MEDIUM: config: warn that '{cli,con,srv}timeout' are deprecated 4282 - BUG/MINOR: auth: fix wrong return type in pat_match_auth() 4283 - BUILD: config: remove a warning with clang 4284 - BUG/MAJOR: http: connection setup may stall on balance url_param 4285 - BUG/MEDIUM: http/session: disable client-side expiration only after body 4286 - BUG/MEDIUM: http: correctly report request body timeouts 4287 - BUG/MEDIUM: http: disable server-side expiration until client has sent the body 4288 - MEDIUM: listener: make the accept function more robust against pauses 4289 - BUILD: syscalls: remove improper inline statement in front of syscalls 4290 - BUILD: ssl: SSL_CTX_set_msg_callback() needs openssl >= 0.9.7 4291 - BUG/MAJOR: session: recover the correct connection pointer in half-initialized sessions 4292 - DOC: add some explanation on the shared cache build options in the readme. 4293 - MEDIUM: proxy: only adjust the backend's bind-process when already set 4294 - MEDIUM: config: limit nbproc to the machine's word size 4295 - MEDIUM: config: check the bind-process settings according to nbproc 4296 - MEDIUM: listener: parse the new "process" bind keyword 4297 - MEDIUM: listener: inherit the process mask from the proxy 4298 - MAJOR: listener: only start listeners bound to the same processes 4299 - MINOR: config: only report a warning when stats sockets are bound to more than 1 process 4300 - CLEANUP: config: set the maxaccept value for peers listeners earlier 4301 - BUG/MINOR: backend: only match IPv4 addresses with RDP cookies 4302 - BUG/MINOR: checks: correctly configure the address family and protocol 4303 - MINOR: tools: split is_addr() and is_inet_addr() 4304 - MINOR: protocols: use is_inet_addr() when only INET addresses are desired 4305 - MEDIUM: unix: add preliminary support for connecting to servers over UNIX sockets 4306 - MEDIUM: checks: only complain about the missing port when the check uses TCP 4307 - MEDIUM: unix: implement support for Linux abstract namespace sockets 4308 - DOC: map_beg was missing from the table of map_* converters 4309 - DOC: ebtree: indicate that prefix insertion/lookup may be used with strings 4310 - MEDIUM: pattern: use ebtree's longest match to index/lookup string beginning 4311 - BUILD: remove the obsolete BSD and OSX makefiles 4312 - MEDIUM: unix: avoid a double connect probe when no data are sent 4313 - DOC: stop referencing the slow git repository in the README 4314 - BUILD: only build the systemd wrapper on Linux 2.6 and above 4315 - DOC: update roadmap with completed tasks 4316 - MEDIUM: session: implement half-closed timeouts (client-fin and server-fin) 4317 43182014/04/26 : 1.5-dev24 4319 - MINOR: pattern: find element in a reference 4320 - MEDIUM: http: ACL and MAP updates through http-(request|response) rules 4321 - MEDIUM: ssl: explicitly log failed handshakes after a heartbeat 4322 - DOC: Full section dedicated to the converters 4323 - MEDIUM: http: register http-request and http-response keywords 4324 - BUG/MINOR: compression: correctly report incoming byte count 4325 - BUG/MINOR: http: don't report server aborts as client aborts 4326 - BUG/MEDIUM: channel: bi_putblk() must not wrap before the end of buffer 4327 - CLEANUP: buffers: remove unused function buffer_contig_space_with_res() 4328 - MEDIUM: stats: reimplement HTTP keep-alive on the stats page 4329 - BUG/MAJOR: http: fix timeouts during data forwarding 4330 - BUG/MEDIUM: http: 100-continue responses must process the next part immediately 4331 - MEDIUM: http: move skipping of 100-continue earlier 4332 - BUILD: stats: let gcc know that last_fwd cannot be used uninitialized... 4333 - CLEANUP: general: get rid of all old occurrences of "session *t" 4334 - CLEANUP: http: remove the useless "if (1)" inherited from version 1.4 4335 - BUG/MEDIUM: stats: mismatch between behaviour and doc about front/back 4336 - MEDIUM: http: enable analysers to have keep-alive on stats 4337 - REORG: http: move HTTP Connection response header parsing earlier 4338 - MINOR: stats: always emit HTTP/1.1 in responses 4339 - MINOR: http: add capture.req.ver and capture.res.ver 4340 - MINOR: checks: add a new global max-spread-checks directive 4341 - BUG/MAJOR: http: fix the 'next' pointer when performing a redirect 4342 - MINOR: http: implement the max-keep-alive-queue setting 4343 - DOC: fix alphabetic order of tcp-check 4344 - MINOR: connection: add a new error code for SSL with heartbeat 4345 - MEDIUM: ssl: implement a workaround for the OpenSSL heartbleed attack 4346 - BUG/MEDIUM: Revert "MEDIUM: ssl: Add standardized DH parameters >= 1024 bits" 4347 - BUILD: http: remove a warning on strndup 4348 - BUILD: ssl: avoid a warning about conn not used with OpenSSL < 1.0.1 4349 - BUG/MINOR: ssl: really block OpenSSL's response to heartbleed attack 4350 - MINOR: ssl: finally catch the heartbeats missing the padding 4351 43522014/04/23 : 1.5-dev23 4353 - BUG/MINOR: reject malformed HTTP/0.9 requests 4354 - MINOR: systemd wrapper: re-execute on SIGUSR2 4355 - MINOR: systemd wrapper: improve logging 4356 - MINOR: systemd wrapper: propagate exit status 4357 - BUG/MINOR: tcpcheck connect wrong behavior 4358 - MEDIUM: proxy: support use_backend with dynamic names 4359 - MINOR: stats: Enhancement to stats page to provide information of last session time. 4360 - BUG/MEDIUM: peers: fix key consistency for integer stick tables 4361 - DOC: fix a typo on http-server-close and encapsulate options with double-quotes 4362 - DOC: fix fetching samples syntax 4363 - MINOR: ssl: add ssl_fc_unique_id to fetch TLS Unique ID 4364 - MEDIUM: ssl: Use ALPN support as it will be available in OpenSSL 1.0.2 4365 - DOC: fix typo 4366 - CLEANUP: code style: use tabs to indent codes instead of spaces 4367 - DOC: fix a few config typos. 4368 - BUG/MINOR: raw_sock: also consider ENOTCONN in addition to EAGAIN for recv() 4369 - DOC: lowercase format string in unique-id 4370 - MINOR: set IP_FREEBIND on IPv6 sockets in transparent mode 4371 - BUG/MINOR: acl: req_ssl_sni fails with SSLv3 record version 4372 - BUG/MINOR: build: add missing objects in osx and bsd Makefiles 4373 - BUG/MINOR: build: handle whitespaces in wc -l output 4374 - BUG/MINOR: Fix name lookup ordering when compiled with USE_GETADDRINFO 4375 - MEDIUM: ssl: Add standardized DH parameters >= 1024 bits 4376 - BUG/MEDIUM: map: The map parser includes blank lines. 4377 - BUG/MINOR: log: The log of quotted capture header has been terminated by 2 quotes. 4378 - MINOR: standard: add function "encode_chunk" 4379 - BUG/MINOR: http: fix encoding of samples used in http headers 4380 - MINOR: sample: add hex converter 4381 - MEDIUM: sample: change the behavior of the bin2str cast 4382 - MAJOR: auth: Change the internal authentication system. 4383 - MEDIUM: acl/pattern: standardisation "of pat_parse_int()" and "pat_parse_dotted_ver()" 4384 - MEDIUM: pattern: The pattern parser no more uses <opaque> and just takes one string. 4385 - MEDIUM: pattern: Change the prototype of the function pattern_register(). 4386 - CONTRIB: ip6range: add a network IPv6 range to mask converter 4387 - MINOR: pattern: separe list element from the data part. 4388 - MEDIUM: pattern: add indexation function. 4389 - MEDIUM: pattern: The parse functions just return "struct pattern" without memory allocation 4390 - MINOR: pattern: Rename "pat_idx_elt" to "pattern_tree" 4391 - MINOR: sample: dont call the sample cast function "c_none" 4392 - MINOR: standard: Add function for converting cidr to network mask. 4393 - MEDIUM: sample: Remove types SMP_T_CSTR and SMP_T_CBIN, replace it by SMP_F_CONST flags 4394 - MEDIUM: sample/http_proto: Add new type called method 4395 - MINOR: dumpstats: Group map inline help 4396 - MEDIUM: pattern: The function pattern_exec_match() returns "struct pattern" if the patten match. 4397 - MINOR: dumpstats: change map inline sentences 4398 - MINOR: dumpstats: change the "get map" display management 4399 - MINOR: map/dumpstats: The cli cmd "get map ..." display the "int" format. 4400 - MEDIUM: pattern: The match function browse itself the list or the tree. 4401 - MEDIUM: pattern: Index IPv6 addresses in a tree. 4402 - MEDIUM: pattern: add delete functions 4403 - MEDIUM: pattern: add prune function 4404 - MEDIUM: pattern: add sample lookup function. 4405 - MEDIUM: pattern/dumpstats: The function pattern_lookup() is no longer used 4406 - MINOR: map/pattern: The sample parser is stored in the pattern 4407 - MAJOR: pattern/map: Extends the map edition system in the patterns 4408 - MEDIUM: pattern: merge same pattern 4409 - MEDIUM: pattern: The expected type is stored in the pattern head, and conversion is executed once. 4410 - MINOR: pattern: Each pattern is identified by unique id. 4411 - MINOR: pattern/acl: Each pattern of each acl can be load with specified id 4412 - MINOR: pattern: The function "pattern_register()" is no longer used. 4413 - MINOR: pattern: Merge function pattern_add() with pat_ref_push(). 4414 - MINOR: pattern: store configuration reference for each acl or map pattern. 4415 - MINOR: pattern: Each pattern expression element store the reference struct. 4416 - MINOR: dumpstats: display the reference for th key/pattern and value. 4417 - MEDIUM: pattern: delete() function uses the pat_ref_elt to find the element to be removed 4418 - MEDIUM: pattern_find_smp: functions find_smp uses the pat_ref_elt to find the element to be removed 4419 - MEDIUM: dumpstats/pattern: display and use each pointer of each pattern dumped 4420 - MINOR: pattern/map/acl: Centralization of the file parsers 4421 - MINOR: pattern: Check if the file reference is not used with acl and map 4422 - MINOR: acl/pattern: Acl "-M" option force to load file as map file with two columns 4423 - MEDIUM: dumpstats: Display error message during add of values. 4424 - MINOR: pattern: The function pat_ref_set() have now atomic behavior 4425 - MINOR: regex: The pointer regstr in the struc regex is no longer used. 4426 - MINOR: cli: Block the usage of the command "acl add" in many cases. 4427 - MINOR: doc: Update the documentation about the map and acl 4428 - MINOR: pattern: index duplicates 4429 - MINOR: configuration: File and line propagation 4430 - MINOR: dumpstat/conf: display all the configuration lines that using pattern reference 4431 - MINOR: standard: Disable ip resolution during the runtime 4432 - MINOR: pattern: Remove the flag "PAT_F_FROM_FILE". 4433 - MINOR: pattern: forbid dns resolutions 4434 - DOC: document "get map" / "get acl" on the CLI 4435 - MEDIUM: acl: Change the acl register struct 4436 - BUG/MEDIUM: acl: boolean only matches were broken by recent changes 4437 - DOC: pattern: pattern organisation schematics 4438 - MINOR: pattern/cli: Update used terms in documentation and cli 4439 - MINOR: cli: remove information about acl or map owner. 4440 - MINOR: session: don't always assume there's a listener 4441 - MINOR: pattern: Add function to prune and reload pattern list. 4442 - MINOR: standard: Add ipv6 support in the function url2sa(). 4443 - MEDIUM: config: Dynamic sections. 4444 - BUG/MEDIUM: stick-table: fix IPv4-to-IPv6 conversion in src_* fetches 4445 - MINOR: http: Add the "language" converter to for use with accept-language 4446 - BUG/MINOR: log: Don't dump empty unique-id 4447 - BUG/MAJOR: session: fix a possible crash with src_tracked 4448 - DOC: Update "language" documentation 4449 - MINOR: http: add the function "del-header" to the directives http-request and http-response 4450 - DOC: add some information on capture.(req|res).hdr 4451 - MINOR: http: capture.req.method and capture.req.uri 4452 - MINOR: http: optimize capture.req.method and capture.req.uri 4453 - MINOR: session: clean up the connection free code 4454 - BUG/MEDIUM: checks: immediately report a connection success 4455 - MEDIUM: connection: don't use real send() flags in snd_buf() 4456 - OPTIM: ssl: implement dynamic record size adjustment 4457 - MINOR: stats: report exact last session time in backend too 4458 - BUG/MEDIUM: stats: the "lastsess" field must appear last in the CSV. 4459 - BUG/MAJOR: check: fix memory leak in "tcp-check connect" over SSL 4460 - BUG/MINOR: channel: initialize xfer_small/xfer_large on new buffers 4461 - MINOR: channel: add the date of last read in the channel 4462 - MEDIUM: stream-int: automatically disable CF_STREAMER flags after idle 4463 - MINOR: ssl: add DEFAULT_SSL_MAX_RECORD to set the record size at build time 4464 - MINOR: config: make the stream interface idle timer user-configurable 4465 - MINOR: config: add global directives to set default SSL ciphers 4466 - MINOR: sample: add a rand() sample fetch to return a sample. 4467 - BUG/MEDIUM: config: immediately abort if peers section has no name 4468 - BUG/MINOR: ssl: fix syntax in config error message 4469 - BUG/MEDIUM: ssl: always send a full buffer after EAGAIN 4470 - BUG/MINOR: config: server on-marked-* statement is ignored in default-server 4471 - BUG/MEDIUM: backend: prefer-last-server breaks redispatch 4472 - BUG/MEDIUM: http: continue to emit 503 on keep-alive to different server 4473 - MEDIUM: acl: fix pattern type for payload / payload_lv 4474 - BUG/MINOR: config: fix a crash on startup when a disabled backend references a peer 4475 - BUG/MEDIUM: compression: fix the output type of the compressor name 4476 - BUG/MEDIUM: http: don't start to forward request data before the connect 4477 - MINOR: http: release compression context only in http_end_txn() 4478 - MINOR: protect ebimtree/ebistree against multiple inclusions 4479 - MEDIUM: proxy: create a tree to store proxies by name 4480 - MEDIUM: proxy: make findproxy() use trees to look up proxies 4481 - MEDIUM: proxy: make get_backend_server() use findproxy() to lookup proxies 4482 - MEDIUM: stick-table: lookup table names using trees. 4483 - MEDIUM: config: faster lookup for duplicated proxy name 4484 - CLEANUP: acl: remove obsolete test in parse_acl_expr() 4485 - MINOR: sample: move smp_to_type to sample.c 4486 - MEDIUM: compression: consider the "q=" attribute in Accept-Encoding 4487 - REORG: cfgparse: move server keyword parsing to server.c 4488 - BUILD: adjust makefile for AIX 5.1 4489 - BUG/MEDIUM: pattern: fix wrong definition of the pat_prune_fcts array 4490 - CLEANUP: pattern: move array definitions to proto/ and not types/ 4491 - BUG/MAJOR: counters: check for null-deref when looking up an alternate table 4492 - BUILD: ssl: previous patch failed 4493 - BUILD/MEDIUM: standard: get rid of the last strcpy() 4494 - BUILD/MEDIUM: standard: get rid of sprintf() 4495 - BUILD/MEDIUM: cfgparse: get rid of sprintf() 4496 - BUILD/MEDIUM: checks: get rid of sprintf() 4497 - BUILD/MEDIUM: http: remove calls to sprintf() 4498 - BUG/MEDIUM: systemd-wrapper: fix locating of haproxy binary 4499 - BUILD/MINOR: ssl: remove one call to sprintf() 4500 - MEDIUM: http: don't reject anymore message bodies not containing the url param 4501 - MEDIUM: http: wait for the first chunk or message body length in http_process_body 4502 - CLEANUP: http: rename http_process_request_body() 4503 - CLEANUP: http: prepare dedicated processing for chunked encoded message bodies 4504 - MINOR: http: make msg->eol carry the last CRLF length 4505 - MAJOR: http: do not use msg->sol while processing messages or forwarding data 4506 - MEDIUM: http: http_parse_chunk_crlf() must not advance the buffer pointer 4507 - MAJOR: http: don't update msg->sov anymore while processing the body 4508 - MINOR: http: add a small helper to compute the amount of body bytes present 4509 - MEDIUM: http: add a small helper to compute how far to rewind to find headers 4510 - MINOR: http: add a small helper to compute how far to rewind to find URI 4511 - MEDIUM: http: small helpers to compute how far to rewind to find BODY and DATA 4512 - MAJOR: http: reset msg->sov after headers are forwarded 4513 - MEDIUM: http: forward headers again while waiting for connection to complete 4514 - BUG/MINOR: http: deinitialize compression after a parsing error 4515 - BUG/MINOR: http: deinitialize compression after a compression error 4516 - MEDIUM: http: headers must be forwarded even if data was already inspected 4517 - MAJOR: http: re-enable compression on chunked encoding 4518 - MAJOR: http/compression: fix chunked-encoded response processing 4519 - MEDIUM: http: cleanup: centralize a little bit HTTP compression end 4520 - MEDIUM: http: start to centralize the forwarding code 4521 - MINOR: http: further cleanups of response forwarding function 4522 - MEDIUM: http: only allocate the temporary compression buffer when needed 4523 - MAJOR: http: centralize data forwarding in the request path 4524 - CLEANUP: http: document the response forwarding states 4525 - CLEANUP: http: remove all calls to http_silent_debug() 4526 - DOC: internal: add some reminders about HTTP parsing and pointer states 4527 - BUG/MAJOR: http: fix bug in parse_qvalue() when selecting compression algo 4528 - BUG/MINOR: stats: last session was not always set 4529 - DOC: add pointer to the Cyril's HTML doc in the README 4530 - MEDIUM: config: relax use_backend check to make the condition optional 4531 - MEDIUM: config: report misplaced http-request rules 4532 - MEDIUM: config: report misplaced use-server rules 4533 - DOC: update roadmap with what was done. 4534 45352014/02/03 : 1.5-dev22 4536 - MEDIUM: tcp-check new feature: connect 4537 - MEDIUM: ssl: Set verify 'required' as global default for servers side. 4538 - MINOR: ssl: handshake optim for long certificate chains. 4539 - BUG/MINOR: pattern: pattern comparison executed twice 4540 - BUG/MEDIUM: map: segmentation fault with the stats's socket command "set map ..." 4541 - BUG/MEDIUM: pattern: Segfault in binary parser 4542 - MINOR: pattern: move functions for grouping pat_match_* and pat_parse_* and add documentation. 4543 - MINOR: standard: The parse_binary() returns the length consumed and his documentation is updated 4544 - BUG/MINOR: payload: the patterns of the acl "req.ssl_ver" are no parsed with the good function. 4545 - BUG/MEDIUM: pattern: "pat_parse_dotted_ver()" set bad expect_type. 4546 - BUG/MINOR: sample: The c_str2int converter does not fail if the entry is not an integer 4547 - BUG/MEDIUM: http/auth: Sometimes the authentication credentials can be mix between two requests 4548 - MINOR: doc: Bad cli function name. 4549 - MINOR: http: smp_fetch_capture_header_* fetch captured headers 4550 - BUILD: last release inadvertently prepended a "+" in front of the date 4551 - BUG/MEDIUM: stream-int: fix the keep-alive idle connection handler 4552 - BUG/MEDIUM: backend: do not re-initialize the connection's context upon reuse 4553 - BUG: Revert "OPTIM/MEDIUM: epoll: fuse active events into polled ones during polling changes" 4554 - BUG/MINOR: checks: successful check completion must not re-enable MAINT servers 4555 - MINOR: http: try to stick to same server after status 401/407 4556 - BUG/MINOR: http: always disable compression on HTTP/1.0 4557 - OPTIM: poll: restore polling after a poll/stop/want sequence 4558 - OPTIM: http: don't stop polling for read on the client side after a request 4559 - BUG/MEDIUM: checks: unchecked servers could not be enabled anymore 4560 - BUG/MEDIUM: stats: the web interface must check the tracked servers before enabling 4561 - BUG/MINOR: channel: CHN_INFINITE_FORWARD must be unsigned 4562 - BUG/MINOR: stream-int: do not clear the owner upon unregister 4563 - MEDIUM: stats: add support for HTTP keep-alive on the stats page 4564 - BUG/MEDIUM: stats: fix HTTP/1.0 breakage introduced in previous patch 4565 - Revert "MEDIUM: stats: add support for HTTP keep-alive on the stats page" 4566 - MAJOR: channel: add a new flag CF_WAKE_WRITE to notify the task of writes 4567 - OPTIM: session: set the READ_DONTWAIT flag when connecting 4568 - BUG/MINOR: http: don't clear the SI_FL_DONT_WAKE flag between requests 4569 - MINOR: session: factor out the connect time measurement 4570 - MEDIUM: session: prepare to support earlier transitions to the established state 4571 - MEDIUM: stream-int: make si_connect() return an established state when possible 4572 - MINOR: checks: use an inline function for health_adjust() 4573 - OPTIM: session: put unlikely() around the freewheeling code 4574 - MEDIUM: config: report a warning when multiple servers have the same name 4575 - BUG: Revert "OPTIM: poll: restore polling after a poll/stop/want sequence" 4576 - BUILD/MINOR: listener: remove a glibc warning on accept4() 4577 - BUG/MAJOR: connection: fix mismatch between rcv_buf's API and usage 4578 - BUILD: listener: fix recent accept4() again 4579 - BUG/MAJOR: ssl: fix breakage caused by recent fix abf08d9 4580 - BUG/MEDIUM: polling: ensure we update FD status when there's no more activity 4581 - MEDIUM: listener: fix polling management in the accept loop 4582 - MINOR: protocol: improve the proto->drain() API 4583 - MINOR: connection: add a new conn_drain() function 4584 - MEDIUM: tcp: report in tcp_drain() that lingering is already disabled on close 4585 - MEDIUM: connection: update callers of ctrl->drain() to use conn_drain() 4586 - MINOR: connection: add more error codes to report connection errors 4587 - MEDIUM: tcp: report connection error at the connection level 4588 - MEDIUM: checks: make use of chk_report_conn_err() for connection errors 4589 - BUG/MEDIUM: unique_id: HTTP request counter is not stable 4590 - DOC: fix misleading information about SIGQUIT 4591 - BUG/MAJOR: fix freezes during compression 4592 - BUG/MEDIUM: stream-interface: don't wake the task up before end of transfer 4593 - BUILD: fix VERDATE exclusion regex 4594 - CLEANUP: polling: rename "spec_e" to "state" 4595 - DOC: add a diagram showing polling state transitions 4596 - REORG: polling: rename "spec_e" to "state" and "spec_p" to "cache" 4597 - REORG: polling: rename "fd_spec" to "fd_cache" 4598 - REORG: polling: rename the cache allocation functions 4599 - REORG: polling: rename "fd_process_spec_events()" to "fd_process_cached_events()" 4600 - MAJOR: polling: rework the whole polling system 4601 - MAJOR: connection: remove the CO_FL_WAIT_{RD,WR} flags 4602 - MEDIUM: connection: remove conn_{data,sock}_poll_{recv,send} 4603 - MEDIUM: connection: add check for readiness in I/O handlers 4604 - MEDIUM: stream-interface: the polling flags must always be updated in chk_snd_conn 4605 - MINOR: stream-interface: no need to call fd_stop_both() on error 4606 - MEDIUM: connection: no need to recheck FD state 4607 - CLEANUP: connection: use conn_ctrl_ready() instead of checking the flag 4608 - CLEANUP: connection: use conn_xprt_ready() instead of checking the flag 4609 - CLEANUP: connection: fix comments in connection.h to reflect new behaviour. 4610 - OPTIM: raw-sock: don't speculate after a short read if polling is enabled 4611 - MEDIUM: polling: centralize polled events processing 4612 - MINOR: polling: create function fd_compute_new_polled_status() 4613 - MINOR: cli: add more information to the "show info" output 4614 - MEDIUM: listener: add support for limiting the session rate in addition to the connection rate 4615 - MEDIUM: listener: apply a limit on the session rate submitted to SSL 4616 - REORG: stats: move the stats socket states to dumpstats.c 4617 - MINOR: cli: add the new "show pools" command 4618 - BUG/MEDIUM: counters: flush content counters after each request 4619 - BUG/MEDIUM: counters: fix stick-table entry leak when using track-sc2 in connection 4620 - MINOR: tools: add very basic support for composite pointers 4621 - MEDIUM: counters: stop relying on session flags at all 4622 - BUG/MINOR: cli: fix missing break in command line parser 4623 - BUG/MINOR: config: correctly report when log-format headers require HTTP mode 4624 - MAJOR: http: update connection mode configuration 4625 - MEDIUM: http: make keep-alive + httpclose be passive mode 4626 - MAJOR: http: switch to keep-alive mode by default 4627 - BUG/MEDIUM: http: fix regression caused by recent switch to keep-alive by default 4628 - BUG/MEDIUM: listener: improve detection of non-working accept4() 4629 - BUILD: listener: add fcntl.h and unistd.h 4630 - BUG/MINOR: raw_sock: correctly set the MSG_MORE flag 4631 46322013/12/17 : 1.5-dev21 4633 - MINOR: stats: don't use a monospace font to report numbers 4634 - MINOR: session: remove debugging code 4635 - BUG/MAJOR: patterns: fix double free caused by loading strings from files 4636 - MEDIUM: http: make option http_proxy automatically rewrite the URL 4637 - BUG/MEDIUM: http: cook_cnt() forgets to set its output type 4638 - BUG/MINOR: stats: correctly report throttle rate of low weight servers 4639 - BUG/MEDIUM: checks: servers must not start in slowstart mode 4640 - BUG/MINOR: acl: parser must also stop at comma on ACL-only keywords 4641 - MEDIUM: stream-int: implement a very simplistic idle connection manager 4642 - DOC: update the ROADMAP file 4643 46442013/12/16 : 1.5-dev20 4645 - DOC: add missing options to the manpage 4646 - DOC: add manpage references to all system calls 4647 - DOC: update manpage reference to haproxy-en.txt 4648 - DOC: remove -s and -l options from the manpage 4649 - DOC: missing information for the "description" keyword 4650 - DOC: missing http-send-name-header keyword in keyword table 4651 - MINOR: tools: function my_memmem() to lookup binary contents 4652 - MEDIUM: checks: add send/expect tcp based check 4653 - MEDIUM: backend: Enhance hash-type directive with an algorithm options 4654 - MEDIUM: backend: Implement avalanche as a modifier of the hashing functions. 4655 - DOC: Documentation for hashing function, with test results. 4656 - BUG/MEDIUM: ssl: potential memory leak using verifyhost 4657 - BUILD: ssl: compilation issue with openssl v0.9.6. 4658 - BUG/MINOR: ssl: potential memory leaks using ssl_c_key_alg or ssl_c_sig_alg. 4659 - MINOR: ssl: optimization of verifyhost on wildcard certificates. 4660 - BUG/MINOR: ssl: verifyhost does not match empty strings on wildcard. 4661 - MINOR: ssl: Add statement 'verifyhost' to "server" statements 4662 - CLEANUP: session: remove event_accept() which was not used anymore 4663 - BUG/MINOR: deinit: free fdinfo while doing cleanup 4664 - DOC: minor typo fix in documentation 4665 - BUG/MEDIUM: server: set the macro for server's max weight SRV_UWGHT_MAX to SRV_UWGHT_RANGE 4666 - BUG/MINOR: use the same check condition for server as other algorithms 4667 - DOC: fix typo in comments 4668 - BUG/MINOR: deinit: free server map which is allocated in init_server_map() 4669 - CLEANUP: stream_interface: cleanup loop information in si_conn_send_loop() 4670 - MINOR: buffer: align the last output line of buffer_dump() 4671 - MINOR: buffer: align the last output line if there are less than 8 characters left 4672 - DOC: stick-table: modify the description 4673 - OPTIM: stream_interface: return directly if the connection flag CO_FL_ERROR has been set 4674 - CLEANUP: code style: use tabs to indent codes 4675 - DOC: checkcache: block responses with cacheable cookies 4676 - BUG/MINOR: check_config_validity: check the returned value of stktable_init() 4677 - MEDIUM: haproxy-systemd-wrapper: Use haproxy in same directory 4678 - MEDIUM: systemd-wrapper: Kill child processes when interrupted 4679 - LOW: systemd-wrapper: Write debug information to stdout 4680 - BUG/MINOR: http: fix "set-tos" not working in certain configurations 4681 - MEDIUM: http: add IPv6 support for "set-tos" 4682 - DOC: ssl: update build instructions to use new SSL_* variables 4683 - BUILD/MINOR: systemd: fix compiler warning about unused result 4684 - url32+src - like base32+src but whole url including parameters 4685 - BUG/MINOR: fix forcing fastinter in "on-error" 4686 - CLEANUP: Make parameters of srv_downtime and srv_getinter const 4687 - CLEANUP: Remove unused 'last_slowstart_change' field from struct peer 4688 - MEDIUM: Split up struct server's check element 4689 - MEDIUM: Move result element to struct check 4690 - MEDIUM: Paramatise functions over the check of a server 4691 - MEDIUM: cfgparse: Factor out check initialisation 4692 - MEDIUM: Add state to struct check 4693 - MEDIUM: Move health element to struct check 4694 - MEDIUM: Add helper for task creation for checks 4695 - MEDIUM: Add helper function for failed checks 4696 - MEDIUM: Log agent fail, stopped or down as info 4697 - MEDIUM: Remove option lb-agent-chk 4698 - MEDIUM: checks: Add supplementary agent checks 4699 - MEDIUM: Do not mark a server as down if the agent is unavailable 4700 - MEDIUM: Set rise and fall of agent checks to 1 4701 - MEDIUM: Add enable and disable agent unix socket commands 4702 - MEDIUM: Add DRAIN state and report it on the stats page 4703 - BUILD/MINOR: missing header file 4704 - CLEANUP: regex: Create regex_comp function that compiles regex using compilation options 4705 - CLEANUP: The function "regex_exec" needs the string length but in many case they expect null terminated char. 4706 - MINOR: http: some exported functions were not in the header file 4707 - MINOR: http: change url_decode to return the size of the decoded string. 4708 - BUILD/MINOR: missing header file 4709 - BUG/MEDIUM: sample: The function v4tov6 cannot support input and output overlap 4710 - BUG/MINOR: arg: fix error reporting for add-header/set-header sample fetch arguments 4711 - MINOR: sample: export the generic sample conversion parser 4712 - MINOR: sample: export sample_casts 4713 - MEDIUM: acl: use the fetch syntax 'fetch(args),conv(),conv()' into the ACL keyword 4714 - MINOR: stick-table: use smp_expr_output_type() to retrieve the output type of a "struct sample_expr" 4715 - MINOR: sample: provide the original sample_conv descriptor struct to the argument checker function. 4716 - MINOR: tools: Add a function to convert buffer to an ipv6 address 4717 - MINOR: acl: export acl arrays 4718 - MINOR: acl: Extract the pattern parsing and indexation from the "acl_read_patterns_from_file()" function 4719 - MINOR: acl: Extract the pattern matching function 4720 - MINOR: sample: Define new struct sample_storage 4721 - MEDIUM: acl: associate "struct sample_storage" to each "struct acl_pattern" 4722 - REORG: acl/pattern: extract pattern matching from the acl file and create pattern.c 4723 - MEDIUM: pattern: create pattern expression 4724 - MEDIUM: pattern: rename "acl" prefix to "pat" 4725 - MEDIUM: sample: let the cast functions set their output type 4726 - MINOR: sample: add a private field to the struct sample_conv 4727 - MINOR: map: Define map types 4728 - MEDIUM: sample: add the "map" converter 4729 - MEDIUM: http: The redirect strings follows the log format rules. 4730 - BUG/MINOR: acl: acl parser does not recognize empty converter list 4731 - BUG/MINOR: map: The map list was declared in the map.h file 4732 - MINOR: map: Cleanup the initialisation of map descriptors. 4733 - MEDIUM: map: merge identical maps 4734 - BUG/MEDIUM: pattern: Pattern node has type of "struct pat_idx_elt" in place of "struct eb_node" 4735 - BUG/MEDIUM: map: Bad map file parser 4736 - CLEANUP/MINOR: standard: use the system define INET6_ADDRSTRLEN in place of MAX_IP6_LEN 4737 - BUG/MEDIUM: sample: conversion from str to ipv6 may read data past end 4738 - MINOR: map: export map_get_reference() function 4739 - MINOR: pattern: Each pattern sets the expected input type 4740 - MEDIUM: acl: Last patch change the output type 4741 - MEDIUM: pattern: Extract the index process from the pat_parse_*() functions 4742 - MINOR: standard: The function parse_binary() can use preallocated buffer 4743 - MINOR: regex: Change the struct containing regex 4744 - MINOR: regex: Copy the original regex expression into string. 4745 - MINOR: pattern: add support for compiling patterns for lookups 4746 - MINOR: pattern: make the pattern matching function return a pointer to the matched element 4747 - MINOR: map: export parse output sample functions 4748 - MINOR: pattern: add function to lookup a specific entry in pattern list 4749 - MINOR: pattern/map: Each pattern must free the associated sample 4750 - MEDIUM: dumpstat: make the CLI parser understand the backslash as an escape char 4751 - MEDIUM: map: dynamic manipulation of maps 4752 - BUG/MEDIUM: unique_id: junk in log on empty unique_id 4753 - BUG/MINOR: log: junk at the end of syslog packet 4754 - MINOR: Makefile: provide cscope rule 4755 - DOC: compression: chunk are not compressed anymore 4756 - MEDIUM: session: disable lingering on the server when the client aborts 4757 - BUG/MEDIUM: prevent gcc from moving empty keywords lists into BSS 4758 - DOC: remove the comment saying that SSL certs are not checked on the server side 4759 - BUG: counters: third counter was not stored if others unset 4760 - BUG/MAJOR: http: don't emit the send-name-header when no server is available 4761 - BUG/MEDIUM: http: "option checkcache" fails with the no-cache header 4762 - BUG/MAJOR: http: sample prefetch code was not properly migrated 4763 - BUG/MEDIUM: splicing: fix abnormal CPU usage with splicing 4764 - BUG/MINOR: stream_interface: don't call chk_snd() on polled events 4765 - OPTIM: splicing: use splice() for the last block when relevant 4766 - MEDIUM: sample: handle comma-delimited converter list 4767 - MINOR: sample: fix sample_process handling of unstable data 4768 - CLEANUP: acl: move the 3 remaining sample fetches to samples.c 4769 - MINOR: sample: add a new "date" fetch to return the current date 4770 - MINOR: samples: add the http_date([<offset>]) sample converter. 4771 - DOC: minor improvements to the part on the stats socket. 4772 - MEDIUM: sample: systematically pass the keyword pointer to the keyword 4773 - MINOR: payload: split smp_fetch_rdp_cookie() 4774 - MINOR: counters: factor out smp_fetch_sc*_tracked 4775 - MINOR: counters: provide a generic function to retrieve a stkctr for sc* and src. 4776 - MEDIUM: counters: factor out smp_fetch_sc*_get_gpc0 4777 - MEDIUM: counters: factor out smp_fetch_sc*_gpc0_rate 4778 - MEDIUM: counters: factor out smp_fetch_sc*_inc_gpc0 4779 - MEDIUM: counters: factor out smp_fetch_sc*_clr_gpc0 4780 - MEDIUM: counters: factor out smp_fetch_sc*_conn_cnt 4781 - MEDIUM: counters: factor out smp_fetch_sc*_conn_rate 4782 - MEDIUM: counters: factor out smp_fetch_sc*_conn_cur 4783 - MEDIUM: counters: factor out smp_fetch_sc*_sess_cnt 4784 - MEDIUM: counters: factor out smp_fetch_sc*_sess_rate 4785 - MEDIUM: counters: factor out smp_fetch_sc*_http_req_cnt 4786 - MEDIUM: counters: factor out smp_fetch_sc*_http_req_rate 4787 - MEDIUM: counters: factor out smp_fetch_sc*_http_err_cnt 4788 - MEDIUM: counters: factor out smp_fetch_sc*_http_err_rate 4789 - MEDIUM: counters: factor out smp_fetch_sc*_kbytes_in 4790 - MEDIUM: counters: factor out smp_fetch_sc*_bytes_in_rate 4791 - MEDIUM: counters: factor out smp_fetch_sc*_kbytes_out 4792 - MEDIUM: counters: factor out smp_fetch_sc*_bytes_out_rate 4793 - MEDIUM: counters: factor out smp_fetch_sc*_trackers 4794 - MINOR: session: make the number of stick counter entries more configurable 4795 - MEDIUM: counters: support passing the counter number as a fetch argument 4796 - MEDIUM: counters: support looking up a key in an alternate table 4797 - MEDIUM: cli: adjust the method for feeding frequency counters in tables 4798 - MINOR: cli: make it possible to enter multiple values at once with "set table" 4799 - MINOR: payload: allow the payload sample fetches to retrieve arbitrary lengths 4800 - BUG/MINOR: cli: "clear table" must not kill entries that don't match condition 4801 - MINOR: ssl: use MAXPATHLEN instead of PATH_MAX 4802 - MINOR: config: warn when a server with no specific port uses rdp-cookie 4803 - BUG/MEDIUM: unique_id: HTTP request counter must be unique! 4804 - DOC: add a mention about the limited chunk size 4805 - BUG/MEDIUM: fix broken send_proxy on FreeBSD 4806 - MEDIUM: stick-tables: flush old entries upon soft-stop 4807 - MINOR: tcp: add new "close" action for tcp-response 4808 - MINOR: payload: provide the "res.len" fetch method 4809 - BUILD: add SSL_INC/SSL_LIB variables to force the path to openssl 4810 - MINOR: http: compute response time before processing headers 4811 - BUG/MINOR: acl: fix improper string size assignment in proxy argument 4812 - BUG/MEDIUM: http: accept full buffers on smp_prefetch_http 4813 - BUG/MINOR: acl: implicit arguments of ACL keywords were not properly resolved 4814 - BUG/MEDIUM: session: risk of crash on out of memory conditions 4815 - BUG/MINOR: peers: set the accept date in outgoing connections 4816 - BUG/MEDIUM: tcp: do not skip tracking rules on second pass 4817 - BUG/MEDIUM: acl: do not evaluate next terms after a miss 4818 - MINOR: acl: add a warning when an ACL keyword is used without any value 4819 - MINOR: tcp: don't use tick_add_ifset() when timeout is known to be set 4820 - BUG/MINOR: acl: remove patterns from the tree before freeing them 4821 - MEDIUM: backend: add support for the wt6 hash 4822 - OPTIM/MEDIUM: epoll: fuse active events into polled ones during polling changes 4823 - OPTIM/MINOR: mark the source address as already known on accept() 4824 - BUG/MINOR: stats: don't count tarpitted connections twice 4825 - CLEANUP: http: homogenize processing of denied req counter 4826 - CLEANUP: http: merge error handling for req* and http-request * 4827 - BUG/MEDIUM: http: fix possible parser crash when parsing erroneous "http-request redirect" rules 4828 - BUG/MINOR: http: fix build warning introduced with url32/url32_src 4829 - BUG/MEDIUM: checks: fix slow start regression after fix attempt 4830 - BUG/MAJOR: server: weight calculation fails for map-based algorithms 4831 - MINOR: stats: report correct throttling percentage for servers in slowstart 4832 - OPTIM: connection: fold the error handling with handshake handling 4833 - MINOR: peers: accept to learn strings of different lengths 4834 - BUG/MAJOR: fix haproxy crash when using server tracking instead of checks 4835 - BUG/MAJOR: check: fix haproxy crash during soft-stop/soft-start 4836 - BUG/MINOR: stats: do not report "via" on tracking servers in maintenance 4837 - BUG/MINOR: connection: fix typo in error message report 4838 - BUG/MINOR: backend: fix target address retrieval in transparent mode 4839 - BUG/MINOR: config: report the correct track-sc number in tcp-rules 4840 - BUG/MINOR: log: fix log-format parsing errors 4841 - DOC: add some information about how to apply converters to samples 4842 - MINOR: acl/pattern: use types different from int to clarify who does what. 4843 - MINOR: pattern: import acl_find_match_name() into pattern.h 4844 - MEDIUM: stick-tables: support automatic conversion from ipv4<->ipv6 4845 - MEDIUM: log-format: relax parsing of '%' followed by unsupported characters 4846 - BUG/MINOR: http: usual deinit stuff in last commit 4847 - BUILD: log: silent a warning about isblank() with latest patches 4848 - BUG/MEDIUM: checks: fix health check regression causing them to depend on declaration order 4849 - BUG/MEDIUM: checks: fix a long-standing issue with reporting connection errors 4850 - BUG/MINOR: checks: don't consider errno and use conn->err_code 4851 - BUG/MEDIUM: checks: also update the DRAIN state from the web interface 4852 - MINOR: stats: remove some confusion between the DRAIN state and NOLB 4853 - BUG/MINOR: tcp: check that no error is pending during a connect probe 4854 - BUG/MINOR: connection: check EINTR when sending a PROXY header 4855 - MEDIUM: connection: set the socket shutdown flags on socket errors 4856 - BUG/MEDIUM: acl: fix regression introduced by latest converters support 4857 - MINOR: connection: clear errno prior to checking for errors 4858 - BUG/MINOR: checks: do not trust errno in write event before any syscall 4859 - MEDIUM: checks: centralize error reporting 4860 - OPTIM: checks: don't poll on recv when using plain TCP connects 4861 - OPTIM: checks: avoid setting SO_LINGER twice 4862 - MINOR: tools: add a generic binary hex string parser 4863 - BUG/MEDIUM: checks: tcp-check: do not poll when there's nothing to send 4864 - BUG/MEDIUM: check: tcp-check might miss some outgoing data when socket buffers are full 4865 - BUG/MEDIUM: args: fix double free on error path in argument expression parser 4866 - BUG/MINOR: acl: fix sample expression error reporting 4867 - BUG/MINOR: checks: tcp-check actions are enums, not flags 4868 - MEDIUM: checks: make tcp-check perform multiple send() at once 4869 - BUG/MEDIUM: stick: completely remove the unused flag from the store entries 4870 - OPTIM: ebtree: pack the struct eb_node to avoid holes on 64-bit 4871 - BUG/MEDIUM: stick-tables: complete the latest fix about store-responses 4872 - CLEANUP: stream_interface: remove unused field err_loc 4873 - MEDIUM: stats: don't use conn->xprt_st anymore 4874 - MINOR: session: add a simple function to retrieve a session from a task 4875 - MEDIUM: stats: don't use conn->xprt_ctx anymore 4876 - MEDIUM: peers: don't rely on conn->xprt_ctx anymore 4877 - MINOR: http: prevent smp_fetch_url_{ip,port} from using si->conn 4878 - MINOR: connection: make it easier to emit proxy protocol for unknown addresses 4879 - MEDIUM: stats: prepare the HTTP stats I/O handler to support more states 4880 - MAJOR: stats: move the HTTP stats handling to its applet 4881 - MEDIUM: stats: move request argument processing to the final step 4882 - MEDIUM: session: detect applets from the session by using s->target 4883 - MAJOR: session: check for a connection to an applet in sess_prepare_conn_req() 4884 - MAJOR: session: pass applet return traffic through the response analysers 4885 - MEDIUM: stream-int: split the shutr/shutw functions between applet and conn 4886 - MINOR: stream-int: make the shutr/shutw functions void 4887 - MINOR: obj: provide a safe and an unsafe access to pointed objects 4888 - MINOR: connection: add a field to store an object type 4889 - MINOR: connection: always initialize conn->objt_type to OBJ_TYPE_CONN 4890 - MEDIUM: stream interface: move the peers' ptr into the applet context 4891 - MINOR: stream-interface: move the applet context to its own struct 4892 - MINOR: obj: introduce a new type appctx 4893 - MINOR: stream-int: rename ->applet to ->appctx 4894 - MINOR: stream-int: split si_prepare_embedded into si_prepare_none and si_prepare_applet 4895 - MINOR: stream-int: add a new pointer to the end point 4896 - MEDIUM: stream-interface: set the pointer to the applet into the applet context 4897 - MAJOR: stream interface: remove the ->release function pointer 4898 - MEDIUM: stream-int: make ->end point to the connection or the appctx 4899 - CLEANUP: stream-int: remove obsolete si_ctrl function 4900 - MAJOR: stream-int: stop using si->conn and use si->end instead 4901 - MEDIUM: stream-int: do not allocate a connection in parallel to applets 4902 - MEDIUM: session: attach incoming connection to target on embryonic sessions 4903 - MINOR: connection: add conn_init() to (re)initialize a connection 4904 - MINOR: checks: call conn_init() to properly initialize the connection. 4905 - MINOR: peers: make use of conn_init() to initialize the connection 4906 - MINOR: session: use conn_init() to initialize the connections 4907 - MINOR: http: use conn_init() to reinitialize the server connection 4908 - MEDIUM: connection: replace conn_prepare with conn_assign 4909 - MINOR: get rid of si_takeover_conn() 4910 - MINOR: connection: add conn_new() / conn_free() 4911 - MAJOR: connection: add two new flags to indicate readiness of control/transport 4912 - MINOR: stream-interface: introduce si_reset() and si_set_state() 4913 - MINOR: connection: reintroduce conn_prepare to set the protocol and transport 4914 - MINOR: connection: replace conn_assign with conn_attach 4915 - MEDIUM: stream-interface: introduce si_attach_conn to replace si_prepare_conn 4916 - MAJOR: stream interface: dynamically allocate the outgoing connection 4917 - MEDIUM: connection: move the send_proxy offset to the connection 4918 - MINOR: connection: check for send_proxy during the connect(), not the SI 4919 - MEDIUM: connection: merge the send_proxy and local_send_proxy calls 4920 - MEDIUM: stream-int: replace occurrences of si->appctx with si_appctx() 4921 - MEDIUM: stream-int: return the allocated appctx in stream_int_register_handler() 4922 - MAJOR: stream-interface: dynamically allocate the applet context 4923 - MEDIUM: session: automatically register the applet designated by the target 4924 - MEDIUM: stats: delay appctx initialization 4925 - CLEANUP: peers: use less confusing state/status code names 4926 - MEDIUM: peers: delay appctx initialization 4927 - MINOR: stats: provide some appctx information in "show sess all" 4928 - DIET/MINOR: obj: pack the obj_type enum to 8 bits 4929 - DIET/MINOR: connection: rearrange a few fields to save 8 bytes in the struct 4930 - DIET/MINOR: listener: rearrange a few fields in struct listener to save 16 bytes 4931 - DIET/MINOR: proxy: rearrange a few fields in struct proxy to save 16 bytes 4932 - DIET/MINOR: session: reduce the struct session size by 8 bytes 4933 - DIET/MINOR: stream-int: rearrange a few fields in struct stream_interface to save 8 bytes 4934 - DIET/MINOR: http: reduce the size of struct http_txn by 8 bytes 4935 - MINOR: http: switch the http state to an enum 4936 - MINOR: http: use an enum for the auth method in http_auth_data 4937 - DIET/MINOR: task: reduce struct task size by 8 bytes 4938 - MINOR: stream_interface: add reporting of ressouce allocation errors 4939 - MINOR: session: report lack of resources using the new stream-interface's error code 4940 - BUILD: simplify the date and version retrieval in the makefile 4941 - BUILD: prepare the makefile to skip format lines in SUBVERS and VERDATE 4942 - BUILD: use format tags in VERDATE and SUBVERS files 4943 - BUG/MEDIUM: channel: bo_getline() must wait for \n until buffer is full 4944 - CLEANUP: check: server port is unsigned 4945 - BUG/MEDIUM: checks: agent doesn't get the response if server does not closes 4946 - MINOR: tools: buf2ip6 must not modify output on failure 4947 - MINOR: pattern: do not assign SMP_TYPES by default to patterns 4948 - MINOR: sample: make sample_parse_expr() use memprintf() to report parse errors 4949 - MINOR: arg: improve wording on error reporting 4950 - BUG/MEDIUM: sample: simplify and fix the argument parsing 4951 - MEDIUM: acl: fix the argument parser to let the lower layer report detailed errors 4952 - MEDIUM: acl: fix the initialization order of the ACL expression 4953 - CLEANUP: acl: remove useless blind copy-paste from sample converters 4954 - TESTS: add regression tests for ACL and sample expression parsers 4955 - BUILD: time: adapt the type of TV_ETERNITY to the local system 4956 - MINOR: chunks: allocate the trash chunks before parsing the config 4957 - BUILD: definitely silence some stupid GCC warnings 4958 - MINOR: chunks: always initialize the output chunk in get_trash_chunk() 4959 - MINOR: checks: improve handling of the servers tracking chain 4960 - REORG: checks: retrieve the check-specific defines from server.h to checks.h 4961 - MINOR: checks: use an enum instead of flags to report a check result 4962 - MINOR: checks: rename the state flags 4963 - MINOR: checks: replace state DISABLED with CONFIGURED and ENABLED 4964 - MINOR: checks: use check->state instead of srv->state & SRV_CHECKED 4965 - MINOR: checks: fix agent check interval computation 4966 - MINOR: checks: add a PAUSED state for the checks 4967 - MINOR: checks: create the agent tasks even when no check is configured 4968 - MINOR: checks: add a flag to indicate what check is an agent 4969 - MEDIUM: checks: enable agent checks even if health checks are disabled 4970 - BUG/MEDIUM: checks: ensure we can enable a server after boot 4971 - BUG/MEDIUM: checks: tracking servers must not inherit the MAINT flag 4972 - BUG/MAJOR: session: repair tcp-request connection rules 4973 - BUILD: fix SUBVERS extraction in the Makefile 4974 - BUILD: pattern: silence a warning about uninitialized value 4975 - BUILD: log: fix build warning on Solaris 4976 - BUILD: dumpstats: fix build error on Solaris 4977 - DOC: move option pgsql-check to the correct place 4978 - DOC: move option tcp-check to the proper place 4979 - MINOR: connection: add simple functions to report connection readiness 4980 - MEDIUM: connection: centralize handling of nolinger in fd management 4981 - OPTIM: http: set CF_READ_DONTWAIT on response message 4982 - OPTIM: http: do not re-enable reading on client side while closing the server side 4983 - MINOR: config: add option http-keep-alive 4984 - MEDIUM: connection: inform si_alloc_conn() whether existing conn is OK or not 4985 - MAJOR: stream-int: handle the connection reuse in si_connect() 4986 - MAJOR: http: add the keep-alive transition on the server side 4987 - MAJOR: backend: enable connection reuse 4988 - MINOR: http: add option prefer-last-server 4989 - MEDIUM: http: do not report connection errors for second and further requests 4990 49912013/06/17 : 1.5-dev19 4992 - MINOR: stats: remove the autofocus on the scope input field 4993 - BUG/MEDIUM: Fix crt-list file parsing error: filtered name was ignored. 4994 - BUG/MEDIUM: ssl: EDH ciphers are not usable if no DH parameters present in pem file. 4995 - BUG/MEDIUM: shctx: makes the code independent on SSL runtime version. 4996 - MEDIUM: ssl: improve crt-list format to support negation 4997 - BUG: ssl: fix crt-list for clients not supporting SNI 4998 - MINOR: stats: show soft-stopped servers in different color 4999 - BUG/MINOR: config: "source" does not work in defaults section 5000 - BUG: regex: fix pcre compile error when using JIT 5001 - MINOR: ssl: add pattern fetch 'ssl_c_sha1' 5002 - BUG: ssl: send payload gets corrupted if tune.ssl.maxrecord is used 5003 - MINOR: show PCRE version and JIT status in -vv 5004 - BUG/MINOR: jit: don't rely on USE flag to detect support 5005 - DOC: readme: add suggestion to link against static openssl 5006 - DOC: examples: provide simplified ssl configuration 5007 - REORG: tproxy: prepare the transparent proxy defines for accepting other OSes 5008 - MINOR: tproxy: add support for FreeBSD 5009 - MINOR: tproxy: add support for OpenBSD 5010 - DOC: examples: provide an example of transparent proxy configuration for FreeBSD 8 5011 - CLEANUP: fix minor typo in error message. 5012 - CLEANUP: fix missing include <string.h> in proto/listener.h 5013 - CLEANUP: protect checks.h from multiple inclusions 5014 - MINOR: compression: acl "res.comp" and fetch "res.comp_algo" 5015 - BUG/MINOR: http: add-header/set-header did not accept the ACL condition 5016 - BUILD: mention in the Makefile that USE_PCRE_JIT is for libpcre >= 8.32 5017 - BUG/MEDIUM: splicing is broken since 1.5-dev12 5018 - BUG/MAJOR: acl: add implicit arguments to the resolve list 5019 - BUG/MINOR: tcp: fix error reporting for TCP rules 5020 - CLEANUP: peers: remove a bit of spaghetti to prepare for the next bugfix 5021 - MINOR: stick-table: allow to allocate an entry without filling it 5022 - BUG/MAJOR: peers: fix an overflow when syncing strings larger than 16 bytes 5023 - MINOR: session: only call http_send_name_header() when changing the server 5024 - MINOR: tcp: report the erroneous word in tcp-request track* 5025 - BUG/MAJOR: backend: consistent hash can loop forever in certain circumstances 5026 - BUG/MEDIUM: log: fix regression on log-format handling 5027 - MEDIUM: log: report file name, line number, and directive name with log-format errors 5028 - BUG/MINOR: cli: "clear table" did not work anymore without a key 5029 - BUG/MINOR: cli: "clear table xx data.xx" does not work anymore 5030 - BUG/MAJOR: http: compression still has defects on chunked responses 5031 - BUG/MINOR: stats: fix confirmation links on the stats interface 5032 - BUG/MINOR: stats: the status bar does not appear anymore after a change 5033 - BUG/MEDIUM: stats: allocate the stats frontend also on "stats bind-process" 5034 - BUG/MEDIUM: stats: fix a regression when dealing with POST requests 5035 - BUG/MINOR: fix unterminated ACL array in compression 5036 - BUILD: last fix broke non-linux platforms 5037 - MINOR: init: indicate the SSL runtime version on -vv. 5038 - BUG/MEDIUM: compression: the deflate algorithm must use global settings as well 5039 - BUILD: stdbool is not portable (again) 5040 - DOC: readme: add a small reminder about restrictions to respect in the code 5041 - MINOR: ebtree: add new eb_next_dup/eb_prev_dup() functions to visit duplicates 5042 - BUG/MINOR: acl: fix a double free during exit when using PCRE_JIT 5043 - DOC: fix wrong copy-paste in the rspdel example 5044 - MINOR: counters: make it easier to extend the amount of tracked counters 5045 - MEDIUM: counters: add support for tracking a third counter 5046 - MEDIUM: counters: add a new "gpc0_rate" counter in stick-tables 5047 - BUG/MAJOR: http: always ensure response buffer has some room for a response 5048 - MINOR: counters: add fetch/acl sc*_tracked to indicate whether a counter is tracked 5049 - MINOR: defaults: allow REQURI_LEN and CAPTURE_LEN to be redefined 5050 - MINOR: log: add a new flag 'L' for locally processed requests 5051 - MINOR: http: add full-length header fetch methods 5052 - MEDIUM: protocol: implement a "drain" function in protocol layers 5053 - MEDIUM: http: add a new "http-response" ruleset 5054 - MEDIUM: http: add the "set-nice" action to http-request and http-response 5055 - MEDIUM: log: add a log level override value in struct session 5056 - MEDIUM: http: add support for action "set-log-level" in http-request/http-response 5057 - MEDIUM: http: add support for "set-tos" in http-request/http-response 5058 - MEDIUM: http: add the "set-mark" action on http-request/http-response rules 5059 - MEDIUM: tcp: add "tcp-request connection expect-proxy layer4" 5060 - MEDIUM: acl: automatically detect the type of certain fetches 5061 - MEDIUM: acl: remove a lot of useless ACLs that are equivalent to their fetches 5062 - MEDIUM: acl: remove 15 additional useless ACLs that are equivalent to their fetches 5063 - DOC: major reorg of ACL + sample fetch 5064 - CLEANUP: http: remove the bogus urlp_ip ACL match 5065 - MINOR: acl: add the new "env()" fetch method to retrieve an environment variable 5066 - BUG/MINOR: acl: correctly consider boolean fetches when doing casts 5067 - BUG/CRITICAL: fix a possible crash when using negative header occurrences 5068 - DOC: update ROADMAP file 5069 - MEDIUM: counters: use sc0/sc1/sc2 instead of sc1/sc2/sc3 5070 - MEDIUM: stats: add proxy name filtering on the statistic page 5071 50722013/04/03 : 1.5-dev18 5073 - DOCS: Add explanation of intermediate certs to crt paramater 5074 - DOC: typo and minor fixes in compression paragraph 5075 - MINOR: config: http-request configuration error message misses new keywords 5076 - DOC: minor typo fix in documentation 5077 - BUG/MEDIUM: ssl: ECDHE ciphers not usable without named curve configured. 5078 - MEDIUM: ssl: add bind-option "strict-sni" 5079 - MEDIUM: ssl: add mapping from SNI to cert file using "crt-list" 5080 - MEDIUM: regex: Use PCRE JIT in acl 5081 - DOC: simplify bind option "interface" explanation 5082 - DOC: tfo: bump required kernel to linux-3.7 5083 - BUILD: add explicit support for TFO with USE_TFO 5084 - MEDIUM: New cli option -Ds for systemd compatibility 5085 - MEDIUM: add haproxy-systemd-wrapper 5086 - MEDIUM: add systemd service 5087 - BUG/MEDIUM: systemd-wrapper: don't leak zombie processes 5088 - BUG/MEDIUM: remove supplementary groups when changing gid 5089 - BUG/MEDIUM: config: fix parser crash with bad bind or server address 5090 - BUG/MINOR: Correct logic in cut_crlf() 5091 - CLEANUP: checks: Make desc argument to set_server_check_status const 5092 - CLEANUP: dumpstats: Make cli_release_handler() static 5093 - MEDIUM: server: Break out set weight processing code 5094 - MEDIUM: server: Allow relative weights greater than 100% 5095 - MEDIUM: server: Tighten up parsing of weight string 5096 - MEDIUM: checks: Add agent health check 5097 - BUG/MEDIUM: ssl: openssl 0.9.8 doesn't open /dev/random before chroot 5098 - BUG/MINOR: time: frequency counters are not totally accurate 5099 - BUG/MINOR: http: don't process abortonclose when request was sent 5100 - BUG/MEDIUM: stream_interface: don't close outgoing connections on shutw() 5101 - BUG/MEDIUM: checks: ignore late resets after valid responses 5102 - DOC: fix bogus recommendation on usage of gpc0 counter 5103 - BUG/MINOR: http-compression: lookup Cache-Control in the response, not the request 5104 - MINOR: signal: don't block SIGPROF by default 5105 - OPTIM: epoll: make use of EPOLLRDHUP 5106 - OPTIM: splice: detect shutdowns and avoid splice() == 0 5107 - OPTIM: splice: assume by default that splice is working correctly 5108 - BUG/MINOR: log: temporary fix for lost SSL info in some situations 5109 - BUG/MEDIUM: peers: only the last peers section was used by tables 5110 - BUG/MEDIUM: config: verbosely reject peers sections with multiple local peers 5111 - BUG/MINOR: epoll: use a fix maxevents argument in epoll_wait() 5112 - BUG/MINOR: config: fix improper check for failed memory alloc in ACL parser 5113 - BUG/MINOR: config: free peer's address when exiting upon parsing error 5114 - BUG/MINOR: config: check the proper variable when parsing log minlvl 5115 - BUG/MEDIUM: checks: ensure the health_status is always within bounds 5116 - BUG/MINOR: cli: show sess should always validate s->listener 5117 - BUG/MINOR: log: improper NULL return check on utoa_pad() 5118 - CLEANUP: http: remove a useless null check 5119 - CLEANUP: tcp/unix: remove useless NULL check in {tcp,unix}_bind_listener() 5120 - BUG/MEDIUM: signal: signal handler does not properly check for signal bounds 5121 - BUG/MEDIUM: tools: off-by-one in quote_arg() 5122 - BUG/MEDIUM: uri_auth: missing NULL check and memory leak on memory shortage 5123 - BUG/MINOR: unix: remove the 'level' field from the ux struct 5124 - CLEANUP: http: don't try to deinitialize http compression if it fails before init 5125 - CLEANUP: config: slowstart is never negative 5126 - CLEANUP: config: maxcompcpuusage is never negative 5127 - BUG/MEDIUM: log: emit '-' for empty fields again 5128 - BUG/MEDIUM: checks: fix a race condition between checks and observe layer7 5129 - BUILD: fix a warning emitted by isblank() on non-c99 compilers 5130 - BUILD: improve the makefile's support for libpcre 5131 - MEDIUM: halog: add support for counting per source address (-ic) 5132 - MEDIUM: tools: make str2sa_range support all address syntaxes 5133 - MEDIUM: config: make use of str2sa_range() instead of str2sa() 5134 - MEDIUM: config: use str2sa_range() to parse server addresses 5135 - MEDIUM: config: use str2sa_range() to parse peers addresses 5136 - MINOR: tests: add a config file to ease address parsing tests. 5137 - MINOR: ssl: add a global tunable for the max SSL/TLS record size 5138 - BUG/MINOR: syscall: fix NR_accept4 system call on sparc/linux 5139 - BUILD/MINOR: syscall: add definition of NR_accept4 for ARM 5140 - MINOR: config: report missing peers section name 5141 - BUG/MEDIUM: tools: fix bad character handling in str2sa_range() 5142 - BUG/MEDIUM: stats: never apply "unix-bind prefix" to the global stats socket 5143 - MINOR: tools: prepare str2sa_range() to return an error message 5144 - BUG/MEDIUM: checks: don't call connect() on unsupported address families 5145 - MINOR: tools: prepare str2sa_range() to accept a prefix 5146 - MEDIUM: tools: make str2sa_range() parse unix addresses too 5147 - MEDIUM: config: make str2listener() use str2sa_range() to parse unix addresses 5148 - MEDIUM: config: use a single str2sa_range() call to parse bind addresses 5149 - MEDIUM: config: use str2sa_range() to parse log addresses 5150 - CLEANUP: tools: remove str2sun() which is not used anymore. 5151 - MEDIUM: config: add complete support for str2sa_range() in dispatch 5152 - MEDIUM: config: add complete support for str2sa_range() in server addr 5153 - MEDIUM: config: add complete support for str2sa_range() in 'server' 5154 - MEDIUM: config: add complete support for str2sa_range() in 'peer' 5155 - MEDIUM: config: add complete support for str2sa_range() in 'source' and 'usesrc' 5156 - CLEANUP: minor cleanup in str2sa_range() and str2ip() 5157 - CLEANUP: config: do not use multiple errmsg at once 5158 - MEDIUM: tools: support specifying explicit address families in str2sa_range() 5159 - MAJOR: listener: support inheriting a listening fd from the parent 5160 - MAJOR: tools: support environment variables in addresses 5161 - BUG/MEDIUM: http: add-header should not emit "-" for empty fields 5162 - BUG/MEDIUM: config: ACL compatibility check on "redirect" was wrong 5163 - BUG/MEDIUM: http: fix another issue caused by http-send-name-header 5164 - DOC: mention the new HTTP 307 and 308 redirect statues 5165 - MEDIUM: poll: do not use FD_* macros anymore 5166 - BUG/MAJOR: ev_select: disable the select() poller if maxsock > FD_SETSIZE 5167 - BUG/MINOR: acl: ssl_fc_{alg,use}_keysize must parse integers, not strings 5168 - BUG/MINOR: acl: ssl_c_used, ssl_fc{,_has_crt,_has_sni} take no pattern 5169 - BUILD: fix usual isdigit() warning on solaris 5170 - BUG/MEDIUM: tools: vsnprintf() is not always reliable on Solaris 5171 - OPTIM: buffer: remove one jump in buffer_count() 5172 - OPTIM: http: improve branching in chunk size parser 5173 - OPTIM: http: optimize the response forward state machine 5174 - BUILD: enable poll() by default in the makefile 5175 - BUILD: add explicit support for Mac OS/X 5176 - BUG/MAJOR: http: use a static storage for sample fetch context 5177 - BUG/MEDIUM: ssl: improve error processing and reporting in ssl_sock_load_cert_list_file() 5178 - BUG/MAJOR: http: fix regression introduced by commit a890d072 5179 - BUG/MAJOR: http: fix regression introduced by commit d655ffe 5180 - BUG/CRITICAL: using HTTP information in tcp-request content may crash the process 5181 - MEDIUM: acl: remove flag ACL_MAY_LOOKUP which is improperly used 5182 - MEDIUM: samples: use new flags to describe compatibility between fetches and their usages 5183 - MINOR: log: indicate it when some unreliable sample fetches are logged 5184 - MEDIUM: samples: move payload-based fetches and ACLs to their own file 5185 - MINOR: backend: rename sample fetch functions and declare the sample keywords 5186 - MINOR: frontend: rename sample fetch functions and declare the sample keywords 5187 - MINOR: listener: rename sample fetch functions and declare the sample keywords 5188 - MEDIUM: http: unify acl and sample fetch functions 5189 - MINOR: session: rename sample fetch functions and declare the sample keywords 5190 - MAJOR: acl: make all ACLs reference the fetch function via a sample. 5191 - MAJOR: acl: remove the arg_mask from the ACL definition and use the sample fetch's 5192 - MAJOR: acl: remove fetch argument validation from the ACL struct 5193 - MINOR: http: add new direction-explicit sample fetches for headers and cookies 5194 - MINOR: payload: add new direction-explicit sample fetches 5195 - CLEANUP: acl: remove ACL hooks which were never used 5196 - MEDIUM: proxy: remove acl_requires and just keep a flag "http_needed" 5197 - MINOR: sample: provide a function to report the name of a sample check point 5198 - MAJOR: acl: convert all ACL requires to SMP use+val instead of ->requires 5199 - CLEANUP: acl: remove unused references to ACL_USE_* 5200 - MINOR: http: replace acl_parse_ver with acl_parse_str 5201 - MEDIUM: acl: move the ->parse, ->match and ->smp fields to acl_expr 5202 - MAJOR: acl: add option -m to change the pattern matching method 5203 - MINOR: acl: remove the use_count in acl keywords 5204 - MEDIUM: acl: have a pointer to the keyword name in acl_expr 5205 - MEDIUM: acl: support using sample fetches directly in ACLs 5206 - MEDIUM: http: remove val_usr() to validate user_lists 5207 - MAJOR: sample: maintain a per-proxy list of the fetch args to resolve 5208 - MINOR: ssl: add support for the "alpn" bind keyword 5209 - MINOR: http: status code 303 is HTTP/1.1 only 5210 - MEDIUM: http: implement redirect 307 and 308 5211 - MINOR: http: status 301 should not be marked non-cacheable 5212 52132012/12/28 : 1.5-dev17 5214 - MINOR: ssl: Setting global tune.ssl.cachesize value to 0 disables SSL session cache. 5215 - BUG/MEDIUM: stats: fix stats page regression introduced by commit 20b0de5 5216 - BUG/MINOR: stats: last fix was still wrong 5217 - BUG/MINOR: stats: http-request rules still don't cope with stats 5218 - BUG/MINOR: http: http-request add-header emits a corrupted header 5219 - BUG/MEDIUM: stats: disable request analyser when processing POST or HEAD 5220 - BUG/MINOR: log: make log-format, unique-id-format and add-header more independant 5221 - BUILD: log: unused variable svid 5222 - CLEANUP: http: rename the misleading http_check_access_rule 5223 - MINOR: http: move redirect rule processing to its own function 5224 - REORG: config: move the http redirect rule parser to proto_http.c 5225 - MEDIUM: http: add support for "http-request redirect" rules 5226 - MEDIUM: http: add support for "http-request tarpit" rule 5227 52282012/12/24 : 1.5-dev16 5229 - BUG/MEDIUM: ssl: Prevent ssl error from affecting other connections. 5230 - BUG/MINOR: ssl: error is not reported if it occurs simultaneously with peer close detection. 5231 - MINOR: ssl: add fetch and acl "ssl_c_used" to check if current SSL session uses a client certificate. 5232 - MINOR: contrib: make the iprange tool grep for addresses 5233 - CLEANUP: polling: gcc doesn't always optimize constants away 5234 - OPTIM: poll: optimize fd management functions for low register count CPUs 5235 - CLEANUP: poll: remove a useless double-check on fdtab[fd].owner 5236 - OPTIM: epoll: use a temp variable for intermediary flag computations 5237 - OPTIM: epoll: current fd does not count as a new one 5238 - BUG/MINOR: poll: the I/O handler was called twice for polled I/Os 5239 - MINOR: http: make resp_ver and status ACLs check for the presence of a response 5240 - BUG/MEDIUM: stream-interface: fix possible stalls during transfers 5241 - BUG/MINOR: stream_interface: don't return when the fd is already set 5242 - BUG/MEDIUM: connection: always update connection flags prior to computing polling 5243 - CLEANUP: buffer: use buffer_empty() instead of buffer_len()==0 5244 - BUG/MAJOR: stream_interface: fix occasional data transfer freezes 5245 - BUG/MEDIUM: stream_interface: fix another case where the reader might not be woken up 5246 - BUG/MINOR: http: don't abort client connection on premature responses 5247 - BUILD: no need to clean up when making git-tar 5248 - MINOR: log: add a tag for amount of bytes uploaded from client to server 5249 - BUG/MEDIUM: log: fix possible segfault during config parsing 5250 - MEDIUM: log: change a few log tokens to make them easier to remember 5251 - BUG/MINOR: log: add_to_logformat_list() used the wrong constants 5252 - MEDIUM: log-format: make the format parser more robust and more extensible 5253 - MINOR: sample: support cast from bool to string 5254 - MINOR: samples: add a function to fetch and convert any sample to a string 5255 - MINOR: log: add lf_text_len 5256 - MEDIUM: log: add the ability to include samples in logs 5257 - REORG: stats: massive code reorg and cleanup 5258 - REORG: stats: move the HTTP header injection to proto_http 5259 - REORG: stats: functions are now HTTP/CLI agnostic 5260 - BUG/MINOR: log: fix regression introduced by commit 8a3f52 5261 - MINOR: chunks: centralize the trash chunk allocation 5262 - MEDIUM: stats: use hover boxes instead of title to report details 5263 - MEDIUM: stats: use multi-line tips to display detailed counters 5264 - MINOR: tools: simplify the use of the int to ascii macros 5265 - MINOR: stats: replace STAT_FMT_CSV with STAT_FMT_HTML 5266 - MINOR: http: prepare to support more http-request actions 5267 - MINOR: log: make parse_logformat_string() take a const char * 5268 - MEDIUM: http: add http-request 'add-header' and 'set-header' to build headers 5269 52702012/12/12 : 1.5-dev15 5271 - DOC: add a few precisions on compression 5272 - BUG/MEDIUM: ssl: Fix handshake failure on session resumption with client cert. 5273 - BUG/MINOR: ssl: One free session in cache remains unused. 5274 - BUG/MEDIUM: ssl: first outgoing connection would fail with {ca,crt}-ignore-err 5275 - MEDIUM: ssl: manage shared cache by blocks for huge sessions. 5276 - MINOR: acl: add fetch for server session rate 5277 - BUG/MINOR: compression: Content-Type is case insensitive 5278 - MINOR: compression: disable on multipart or status != 200 5279 - BUG/MINOR: http: don't report client aborts as server errors 5280 - MINOR: stats: compute the ratio of compressed response based on 2xx responses 5281 - MINOR: http: factor out the content-type checks 5282 - BUG/MAJOR: stats: correctly check for a possible divide error when showing compression ratios 5283 - BUILD: ssl: OpenSSL 0.9.6 has no renegociation 5284 - BUG/MINOR: http: disable compression when message has no body 5285 - MINOR: compression: make the stats a bit more robust 5286 - BUG/MEDIUM: comp: DEFAULT_MAXZLIBMEM was expressed in bytes and not megabytes 5287 - MINOR: connection: don't remove failed handshake flags 5288 - MEDIUM: connection: add an error code in connections 5289 - MEDIUM: connection: add minimal error reporting in logs for incomplete connections 5290 - MEDIUM: connection: add error reporting for the PROXY protocol header 5291 - MEDIUM: connection: add error reporting for the SSL 5292 - DOC: document the connection error format in logs 5293 - BUG/MINOR: http: don't log a 503 on client errors while waiting for requests 5294 - BUILD: stdbool is not portable 5295 - BUILD: ssl: NAME_MAX is not portable, use MAXPATHLEN instead 5296 - BUG/MAJOR: raw_sock: must check error code on hangup 5297 - BUG/MAJOR: polling: do not set speculative events on ERR nor HUP 5298 - BUG/MEDIUM: session: fix FD leak when transport layer logging is enabled 5299 - MINOR: stats: add a few more information on session dump 5300 - BUG/MINOR: tcp: set the ADDR_TO_SET flag on outgoing connections 5301 - CLEANUP: connection: remove unused server/proxy/task/si_applet declarations 5302 - BUG/MEDIUM: tcp: process could theorically crash on lack of source ports 5303 - MINOR: cfgparse: mention "interface" in the list of allowed "source" options 5304 - MEDIUM: connection: introduce "struct conn_src" for servers and proxies 5305 - CLEANUP: proto_tcp: use the same code to bind servers and backends 5306 - CLEANUP: backend: use the same tproxy address selection code for servers and backends 5307 - BUG/MEDIUM: stick-tables: conversions to strings were broken in dev13 5308 - MEDIUM: proto_tcp: add support for tracking L7 information 5309 - MEDIUM: counters: add sc1_trackers/sc2_trackers 5310 - MINOR: http: add the "base32" pattern fetch function 5311 - MINOR: http: add the "base32+src" fetch method. 5312 - CLEANUP: session: use an array for the stick counters 5313 - BUG/MINOR: proto_tcp: fix parsing of "table" in track-sc1/2 5314 - BUG/MINOR: proto_tcp: bidirectional fetches not supported anymore in track-sc1/2 5315 - BUG/MAJOR: connection: always recompute polling status upon I/O 5316 - BUG/MINOR: connection: remove a few synchronous calls to polling updates 5317 - MINOR: config: improve error checking on TCP stick-table tracking 5318 - DOC: add some clarifications to the readme 5319 53202012/11/26 : 1.5-dev14 5321 - DOC: fix minor typos 5322 - BUG/MEDIUM: compression: does not forward trailers 5323 - MINOR: buffer_dump with ASCII 5324 - BUG/MEDIUM: checks: mark the check as stopped after a connect error 5325 - BUG/MEDIUM: checks: ensure we completely disable polling upon success 5326 - BUG/MINOR: checks: don't mark the FD as closed before transport close 5327 - MEDIUM: checks: avoid accumulating TIME_WAITs during checks 5328 - MINOR: cli: report the msg state in full text in "show sess $PTR" 5329 - CLEANUP: checks: rename some server check flags 5330 - MAJOR: checks: rework completely bogus state machine 5331 - BUG/MINOR: checks: slightly clean the state machine up 5332 - MEDIUM: checks: avoid waking the application up for pure TCP checks 5333 - MEDIUM: checks: close the socket as soon as we have a response 5334 - BUG/MAJOR: checks: close FD on all timeouts 5335 - MINOR: checks: fix recv polling after connect() 5336 - MEDIUM: connection: provide a common conn_full_close() function 5337 - BUG/MEDIUM: checks: prevent TIME_WAITs from appearing also on timeouts 5338 - BUG/MAJOR: peers: the listener's maxaccept was not set and caused loops 5339 - MINOR: listeners: make the accept loop more robust when maxaccept==0 5340 - BUG/MEDIUM: acl: correctly resolve all args, not just the first one 5341 - BUG/MEDIUM: acl: make prue_acl_expr() correctly free ACL expressions upon exit 5342 - BUG/MINOR: stats: fix inversion of the report of a check in progress 5343 - MEDIUM: tcp: add explicit support for delayed ACK in connect() 5344 - BUG/MEDIUM: connection: always disable polling upon error 5345 - MINOR: connection: abort earlier when errors are detected 5346 - BUG/MEDIUM: checks: report handshake failures 5347 - BUG/MEDIUM: connection: local_send_proxy must wait for connection to establish 5348 - MINOR: tcp: add support for the "v6only" bind option 5349 - MINOR: stats: also report the computed compression savings in html stats 5350 - MINOR: stats: report the total number of compressed responses per front/back 5351 - MINOR: tcp: add support for the "v4v6" bind option 5352 - DOC: stats: document the comp_rsp stats column 5353 - BUILD: buffer: fix another isprint() warning on solaris 5354 - MINOR: cli: add support for the "show sess all" command 5355 - BUG/MAJOR: cli: show sess <id> may randomly corrupt the back-ref list 5356 - MINOR: cli: improve output format for show sess $ptr 5357 53582012/11/22 : 1.5-dev13 5359 - BUILD: fix build issue without USE_OPENSSL 5360 - BUILD: fix compilation error with DEBUG_FULL 5361 - DOC: ssl: remove prefer-server-ciphers documentation 5362 - DOC: ssl: surround keywords with quotes 5363 - DOC: fix minor typo on http-send-name-header 5364 - BUG/MEDIUM: acls using IPv6 subnets patterns incorrectly match IPs 5365 - BUG/MAJOR: fix a segfault on option http_proxy and url_ip acl 5366 - MEDIUM: http: accept IPv6 values with (s)hdr_ip acl 5367 - BUILD: report zlib support in haproxy -vv 5368 - DOC: compression: add some details and clean up the formatting 5369 - DOC: Change is_ssl acl to ssl_fc acl in example 5370 - DOC: make it clear what the HTTP request size is 5371 - MINOR: ssl: try to load Diffie-Hellman parameters from cert file 5372 - DOC: ssl: update 'crt' statement on 'bind' about Diffie-Hellman parameters loading 5373 - MINOR: ssl: add elliptic curve Diffie-Hellman support for ssl key generation 5374 - DOC: ssl: add 'ecdhe' statement on 'bind' 5375 - MEDIUM: ssl: add client certificate authentication support 5376 - DOC: ssl: add 'verify', 'cafile' and 'crlfile' statements on 'bind' 5377 - MINOR: ssl: add fetch and ACL 'client_crt' to test a client cert is present 5378 - DOC: ssl: add fetch and ACL 'client_cert' 5379 - MINOR: ssl: add ignore verify errors options 5380 - DOC: ssl: add 'ca-ignore-err' and 'crt-ignore-err' statements on 'bind' 5381 - MINOR: ssl: add fetch and ACL 'ssl_verify_result' 5382 - DOC: ssl: add fetch and ACL 'ssl_verify_result' 5383 - MINOR: ssl: add fetches and ACLs to return verify errors 5384 - DOC: ssl: add fetches and ACLs 'ssl_verify_crterr', 'ssl_verify_caerr', and 'ssl_verify_crterr_depth' 5385 - MINOR: ssl: disable shared memory and locks on session cache if nbproc == 1 5386 - MINOR: ssl: add build param USE_PRIVATE_CACHE to build cache without shared memory 5387 - MINOR: ssl : add statements 'notlsv11' and 'notlsv12' and rename 'notlsv1' to 'notlsv10'. 5388 - DOC: ssl : add statements 'notlsv11' and 'notlsv12' and rename 'notlsv1' to 'notlsv10'. 5389 - MEDIUM: config: authorize frontend and listen without bind. 5390 - MINOR: ssl: add statement 'no-tls-tickets' on bind to disable stateless session resumption 5391 - DOC: ssl: add 'no-tls-tickets' statement documentation. 5392 - BUG/MINOR: ssl: Fix CRL check was not enabled when crlfile was specified. 5393 - BUG/MINOR: build: Fix compilation issue on openssl 0.9.6 due to missing CRL feature. 5394 - BUG/MINOR: conf: Fix 'maxsslconn' statement error if built without OPENSSL. 5395 - BUG/MINOR: build: Fix failure with USE_OPENSSL=1 and USE_FUTEX=1 on archs i486 and i686. 5396 - MINOR: ssl: remove prefer-server-ciphers statement and set it as the default on ssl listeners. 5397 - BUG/MEDIUM: ssl: subsequent handshakes fail after server configuration changes 5398 - MINOR: ssl: add 'crt-base' and 'ca-base' global statements. 5399 - MEDIUM: conf: rename 'nosslv3' and 'notlsvXX' statements 'no-sslv3' and 'no-tlsvXX'. 5400 - MEDIUM: conf: rename 'cafile' and 'crlfile' statements 'ca-file' and 'crl-file' 5401 - MINOR: ssl: use bit fields to store ssl options instead of one int each 5402 - MINOR: ssl: add 'force-sslv3' and 'force-tlsvXX' statements on bind. 5403 - MINOR: ssl: add 'force-sslv3' and 'force-tlsvXX' statements on server 5404 - MINOR: ssl: add defines LISTEN_DEFAULT_CIPHERS and CONNECT_DEFAULT_CIPHERS. 5405 - BUG/MINOR: ssl: Fix issue on server statements 'no-tls*' and 'no-sslv3' 5406 - MINOR: ssl: move ssl context init for servers from cfgparse.c to ssl_sock.c 5407 - MEDIUM: ssl: reject ssl server keywords in default-server statement 5408 - MINOR: ssl: add statement 'no-tls-tickets' on server side. 5409 - MINOR: ssl: add statements 'verify', 'ca-file' and 'crl-file' on servers. 5410 - DOC: Fix rename of options cafile and crlfile to ca-file and crl-file. 5411 - MINOR: sample: manage binary to string type convertion in stick-table and samples. 5412 - MINOR: acl: add parse and match primitives to use binary type on ACLs 5413 - MINOR: sample: export 'sample_get_trash_chunk(void)' 5414 - MINOR: conf: rename all ssl modules fetches using prefix 'ssl_fc' and 'ssl_c' 5415 - MINOR: ssl: add pattern and ACLs fetches 'ssl_fc_protocol', 'ssl_fc_cipher', 'ssl_fc_use_keysize' and 'ssl_fc_alg_keysize' 5416 - MINOR: ssl: add pattern fetch 'ssl_fc_session_id' 5417 - MINOR: ssl: add pattern and ACLs fetches 'ssl_c_version' and 'ssl_f_version' 5418 - MINOR: ssl: add pattern and ACLs fetches 'ssl_c_s_dn', 'ssl_c_i_dn', 'ssl_f_s_dn' and 'ssl_c_i_dn' 5419 - MINOR: ssl: add pattern and ACLs 'ssl_c_sig_alg' and 'ssl_f_sig_alg' 5420 - MINOR: ssl: add pattern and ACLs fetches 'ssl_c_key_alg' and 'ssl_f_key_alg' 5421 - MINOR: ssl: add pattern and ACLs fetches 'ssl_c_notbefore', 'ssl_c_notafter', 'ssl_f_notbefore' and 'ssl_f_notafter' 5422 - MINOR: ssl: add 'crt' statement on server. 5423 - MINOR: ssl: checks the consistency of a private key with the corresponding certificate 5424 - BUG/MEDIUM: ssl: review polling on reneg. 5425 - BUG/MEDIUM: ssl: Fix some reneg cases not correctly handled. 5426 - BUG/MEDIUM: ssl: Fix sometimes reneg fails if requested by server. 5427 - MINOR: build: allow packagers to specify the ssl cache size 5428 - MINOR: conf: add warning if ssl is not enabled and a certificate is present on bind. 5429 - MINOR: ssl: Add tune.ssl.lifetime statement in global. 5430 - MINOR: compression: Enable compression for IE6 w/SP2, IE7 and IE8 5431 - BUG: http: revert broken optimisation from 82fe75c1a79dac933391501b9d293bce34513755 5432 - DOC: duplicate ssl_sni section 5433 - MEDIUM: HTTP compression (zlib library support) 5434 - CLEANUP: use struct comp_ctx instead of union 5435 - BUILD: remove dependency to zlib.h 5436 - MINOR: compression: memlevel and windowsize 5437 - MEDIUM: use pool for zlib 5438 - MINOR: compression: try init in cfgparse.c 5439 - MINOR: compression: init before deleting headers 5440 - MEDIUM: compression: limit RAM usage 5441 - MINOR: compression: tune.comp.maxlevel 5442 - MINOR: compression: maximum compression rate limit 5443 - MINOR: log-format: check number of arguments in cfgparse.c 5444 - BUG/MEDIUM: compression: no Content-Type header but type in configuration 5445 - BUG/MINOR: compression: deinit zlib only when required 5446 - MEDIUM: compression: don't compress when no data 5447 - MEDIUM: compression: use pool for comp_ctx 5448 - MINOR: compression: rate limit in 'show info' 5449 - MINOR: compression: report zlib memory usage 5450 - BUG/MINOR: compression: dynamic level increase 5451 - DOC: compression: unsupported cases. 5452 - MINOR: compression: CPU usage limit 5453 - MEDIUM: http: add "redirect scheme" to ease HTTP to HTTPS redirection 5454 - BUG/MAJOR: ssl: missing tests in ACL fetch functions 5455 - MINOR: config: add a function to indent error messages 5456 - REORG: split "protocols" files into protocol and listener 5457 - MEDIUM: config: replace ssl_conf by bind_conf 5458 - CLEANUP: listener: remove unused conf->file and conf->line 5459 - MEDIUM: listener: add a minimal framework to register "bind" keyword options 5460 - MEDIUM: config: move the "bind" TCP parameters to proto_tcp 5461 - MEDIUM: move bind SSL parsing to ssl_sock 5462 - MINOR: config: improve error reporting for "bind" lines 5463 - MEDIUM: config: move the common "bind" settings to listener.c 5464 - MEDIUM: config: move all unix-specific bind keywords to proto_uxst.c 5465 - MEDIUM: config: enumerate full list of registered "bind" keywords upon error 5466 - MINOR: listener: add a scope field in the bind keyword lists 5467 - MINOR: config: pass the file and line to config keyword parsers 5468 - MINOR: stats: fill the file and line numbers in the stats frontend 5469 - MINOR: config: set the bind_conf entry on listeners created from a "listen" line. 5470 - MAJOR: listeners: use dual-linked lists to chain listeners with frontends 5471 - REORG: listener: move unix perms from the listener to the bind_conf 5472 - BUG: backend: balance hdr was broken since 1.5-dev11 5473 - MINOR: standard: make memprintf() support a NULL destination 5474 - MINOR: config: make str2listener() use memprintf() to report errors. 5475 - MEDIUM: stats: remove the stats_sock struct from the global struct 5476 - MINOR: ssl: set the listeners' data layer to ssl during parsing 5477 - MEDIUM: stats: make use of the standard "bind" parsers to parse global socket 5478 - DOC: move bind options to their own section 5479 - DOC: stats: refer to "bind" section for "stats socket" settings 5480 - DOC: fix index to reference bind and server options 5481 - BUG: http: do not print garbage on invalid requests in debug mode 5482 - BUG/MINOR: config: check the proper pointer to report unknown protocol 5483 - CLEANUP: connection: offer conn_prepare() to set up a connection 5484 - CLEANUP: config: fix typo inteface => interface 5485 - BUG: stats: fix regression introduced by commit 4348fad1 5486 - MINOR: cli: allow to set frontend maxconn to zero 5487 - BUG/MAJOR: http: chunk parser was broken with buffer changes 5488 - MEDIUM: monitor: simplify handling of monitor-net and mode health 5489 - MINOR: connection: add a pointer to the connection owner 5490 - MEDIUM: connection: make use of the owner instead of container_of 5491 - BUG/MINOR: ssl: report the L4 connection as established when possible 5492 - BUG/MEDIUM: proxy: must not try to stop disabled proxies upon reload 5493 - BUG/MINOR: config: use a copy of the file name in proxy configurations 5494 - BUG/MEDIUM: listener: don't pause protocols that do not support it 5495 - MEDIUM: proxy: add the global frontend to the list of normal proxies 5496 - BUG/MINOR: epoll: correctly disable FD polling in fd_rem() 5497 - MINOR: signal: really ignore signals configured with no handler 5498 - MINOR: buffers: add a few functions to write chars, strings and blocks 5499 - MINOR: raw_sock: always report asynchronous connection errors 5500 - MEDIUM: raw_sock: improve connection error reporting 5501 - REORG: connection: rename the data layer the "transport layer" 5502 - REORG: connection: rename app_cb "data" 5503 - MINOR: connection: provide a generic data layer wakeup callback 5504 - MINOR: connection: split conn_prepare() in two functions 5505 - MINOR: connection: add an init callback to the data_cb struct 5506 - MEDIUM: session: use a specific data_cb for embryonic sessions 5507 - MEDIUM: connection: use a generic data-layer init() callback 5508 - MEDIUM: connection: reorganize connection flags 5509 - MEDIUM: connection: only call the data->wake callback on activity 5510 - MEDIUM: connection: make it possible for data->wake to return an error 5511 - MEDIUM: session: register a data->wake callback to process errors 5512 - MEDIUM: connection: don't call the data->init callback upon error 5513 - MEDIUM: connection: it's not the data layer's role to validate the connection 5514 - MEDIUM: connection: automatically disable polling on error 5515 - REORG: connection: move the PROXY protocol management to connection.c 5516 - MEDIUM: connection: add a new local send-proxy transport callback 5517 - MAJOR: checks: make use of the connection layer to send checks 5518 - REORG: server: move the check-specific parts into a check subsection 5519 - MEDIUM: checks: use real buffers to store requests and responses 5520 - MEDIUM: check: add the ctrl and transport layers in the server check structure 5521 - MAJOR: checks: completely use the connection transport layer 5522 - MEDIUM: checks: add the "check-ssl" server option 5523 - MEDIUM: checks: enable the PROXY protocol with health checks 5524 - CLEANUP: checks: remove minor warnings for assigned but not used variables 5525 - MEDIUM: tcp: enable TCP Fast Open on systems which support it 5526 - BUG: connection: fix regression from commit 9e272bf9 5527 - CLEANUP: cttproxy: remove a warning on undeclared close() 5528 - BUG/MAJOR: ensure that hdr_idx is always reserved when L7 fetches are used 5529 - MEDIUM: listener: add support for linux's accept4() syscall 5530 - MINOR: halog: sort output by cookie code 5531 - BUG/MINOR: halog: -ad/-ac report the correct number of output lines 5532 - BUG/MINOR: halog: fix help message for -ut/-uto 5533 - MINOR: halog: add a parameter to limit output line count 5534 - BUILD: accept4: move the socketcall declaration outside of accept4() 5535 - MINOR: server: add minimal infrastructure to parse keywords 5536 - MINOR: standard: make indent_msg() support empty messages 5537 - MEDIUM: server: check for registered keywords when parsing unknown keywords 5538 - MEDIUM: server: move parsing of keyword "id" to server.c 5539 - BUG/MEDIUM: config: check-send-proxy was ignored if SSL was not builtin 5540 - MEDIUM: ssl: move "server" keyword SSL options parsing to ssl_sock.c 5541 - MEDIUM: log: suffix the frontend's name with '~' when using SSL 5542 - MEDIUM: connection: always unset the transport layer upon close 5543 - BUG/MINOR: session: fix some leftover from debug code 5544 - BUG/MEDIUM: session: enable the conn_session_update() callback 5545 - MEDIUM: connection: add a flag to hold the transport layer 5546 - MEDIUM: log: add a new LW_XPRT flag to pin the transport layer 5547 - MINOR: log: make lf_text use a const char * 5548 - MEDIUM: log: report SSL ciphers and version in logs using logformat %sslc/%sslv 5549 - REORG: http: rename msg->buf to msg->chn since it's a channel 5550 - CLEANUP: http: use 'chn' to name channel variables, not 'buf' 5551 - CLEANUP: channel: use 'chn' instead of 'buf' as local variable names 5552 - CLEANUP: tcp: use 'chn' instead of 'buf' or 'b' for channel pointer names 5553 - CLEANUP: stream_interface: use 'chn' instead of 'b' to name channel pointers 5554 - CLEANUP: acl: use 'chn' instead of 'b' to name channel pointers 5555 - MAJOR: channel: replace the struct buffer with a pointer to a buffer 5556 - OPTIM: channel: reorganize struct members to improve cache efficiency 5557 - CLEANUP: session: remove term_trace which is not used anymore 5558 - OPTIM: session: reorder struct session fields 5559 - OPTIM: connection: pack the struct target 5560 - DOC: document relations between internal entities 5561 - MINOR: ssl: add 'ssl_npn' sample/acl to extract TLS/NPN information 5562 - BUILD: ssl: fix shctx build on older compilers 5563 - MEDIUM: ssl: add support for the "npn" bind keyword 5564 - BUG: ssl: fix ssl_sni ACLs to correctly process regular expressions 5565 - MINOR: chunk: provide string compare functions 5566 - MINOR: sample: accept fetch keywords without parenthesis 5567 - MEDIUM: sample: pass an empty list instead of a null for fetch args 5568 - MINOR: ssl: improve socket behaviour upon handshake abort. 5569 - BUG/MEDIUM: http: set DONTWAIT on data when switching to tunnel mode 5570 - MEDIUM: listener: provide a fallback for accept4() when not supported 5571 - BUG/MAJOR: connection: risk of crash on certain tricky close scenario 5572 - MEDIUM: cli: allow the stats socket to be bound to a specific set of processes 5573 - OPTIM: channel: inline channel_forward's fast path 5574 - OPTIM: http: inline http_parse_chunk_size() and http_skip_chunk_crlf() 5575 - OPTIM: tools: inline hex2i() 5576 - CLEANUP: http: rename HTTP_MSG_DATA_CRLF state 5577 - MINOR: compression: automatically disable compression for older browsers 5578 - MINOR: compression: optimize memLevel to improve byte rate 5579 - BUG/MINOR: http: compression should consider all Accept-Encoding header values 5580 - BUILD: fix coexistence of openssl and zlib 5581 - MINOR: ssl: add pattern and ACLs fetches 'ssl_c_serial' and 'ssl_f_serial' 5582 - BUG/MEDIUM: command-line option -D must have precedence over "debug" 5583 - MINOR: tools: add a clear_addr() function to unset an address 5584 - BUG/MEDIUM: tcp: transparent bind to the source only when address is set 5585 - CLEANUP: remove trashlen 5586 - MAJOR: session: detach the connections from the stream interfaces 5587 - DOC: update document describing relations between internal entities 5588 - BUILD: make it possible to specify ZLIB path 5589 - MINOR: compression: add an offload option to remove the Accept-Encoding header 5590 - BUG: compression: disable auto-close and enable MSG_MORE during transfer 5591 - CLEANUP: completely remove trashlen 5592 - MINOR: chunk: add a function to reset a chunk 5593 - CLEANUP: replace chunk_printf() with chunk_appendf() 5594 - MEDIUM: make the trash be a chunk instead of a char * 5595 - MEDIUM: remove remains of BUFSIZE in HTTP auth and sample conversions 5596 - MEDIUM: stick-table: allocate the table key of size buffer size 5597 - BUG/MINOR: stream_interface: don't loop over ->snd_buf() 5598 - BUG/MINOR: session: ensure that we don't retry connection if some data were sent 5599 - OPTIM: session: don't process the whole session when only timers need a refresh 5600 - BUG/MINOR: session: mark the handshake as complete earlier 5601 - MAJOR: connection: remove the CO_FL_CURR_*_POL flag 5602 - BUG/MAJOR: always clear the CO_FL_WAIT_* flags after updating polling flags 5603 - MAJOR: sepoll: make the poller totally event-driven 5604 - OPTIM: stream_interface: disable reading when CF_READ_DONTWAIT is set 5605 - BUILD: compression: remove a build warning 5606 - MEDIUM: fd: don't unset fdtab[].updated upon delete 5607 - REORG: fd: move the speculative I/O management from ev_sepoll 5608 - REORG: fd: move the fd state management from ev_sepoll 5609 - REORG: fd: centralize the processing of speculative events 5610 - BUG: raw_sock: also consider ENOTCONN in addition to EAGAIN 5611 - BUILD: stream_interface: remove si_fd() and its references 5612 - BUILD: compression: enable build in BSD and OSX Makefiles 5613 - MAJOR: ev_select: make the poller support speculative events 5614 - MAJOR: ev_poll: make the poller support speculative events 5615 - MAJOR: ev_kqueue: make the poller support speculative events 5616 - MAJOR: polling: replace epoll with sepoll and remove sepoll 5617 - MAJOR: polling: remove unused callbacks from the poller struct 5618 - MEDIUM: http: refrain from sending "Connection: close" when Upgrade is present 5619 - CLEANUP: channel: remove any reference of the hijackers 5620 - CLEANUP: stream_interface: remove the external task type target 5621 - MAJOR: connection: replace struct target with a pointer to an enum 5622 - BUG: connection: fix typo in previous commit 5623 - BUG: polling: don't skip polled events in the spec list 5624 - MINOR: splice: disable it when the system returns EBADF 5625 - MINOR: build: allow packagers to specify the default maxzlibmem 5626 - BUG: halog: fix broken output limitation 5627 - BUG: proxy: fix server name lookup in get_backend_server() 5628 - BUG: compression: do not always increment the round counter on allocation failure 5629 - BUG/MEDIUM: compression: release the zlib pools between keep-alive requests 5630 - MINOR: global: don't prevent nbproc from being redefined 5631 - MINOR: config: support process ranges for "bind-process" 5632 - MEDIUM: global: add support for CPU binding on Linux ("cpu-map") 5633 - MINOR: ssl: rename and document the tune.ssl.cachesize option 5634 - DOC: update the PROXY protocol spec to support v2 5635 - MINOR: standard: add a simple popcount function 5636 - MEDIUM: adjust the maxaccept per listener depending on the number of processes 5637 - BUG: compression: properly disable compression when content-type does not match 5638 - MINOR: cli: report connection status in "show sess xxx" 5639 - BUG/MAJOR: stream_interface: certain workloads could cause get stuck 5640 - BUILD: cli: fix build when SSL is enabled 5641 - MINOR: cli: report the fd state in "show sess xxx" 5642 - MINOR: cli: report an error message on missing argument to compression rate 5643 - MINOR: http: add some debugging functions to pretty-print msg state names 5644 - BUG/MAJOR: stream_interface: read0 not always handled since dev12 5645 - DOC: documentation on http header capture is wrong 5646 - MINOR: http: allow the cookie capture size to be changed 5647 - DOC: http header capture has not been limited in size for a long time 5648 - DOC: update readme with build methods for BSD 5649 - BUILD: silence a warning on Solaris about usage of isdigit() 5650 - MINOR: stats: report HTTP compression stats per frontend and per backend 5651 - MINOR: log: add '%Tl' to log-format 5652 - MINOR: samples: update the url_param fetch to match parameters in the path 5653 56542012/09/10 : 1.5-dev12 5655 - CONTRIB: halog: sort URLs by avg bytes_read or total bytes_read 5656 - MEDIUM: ssl: add support for prefer-server-ciphers option 5657 - MINOR: IPv6 support for transparent proxy 5658 - MINOR: protocol: add SSL context to listeners if USE_OPENSSL is defined 5659 - MINOR: server: add SSL context to servers if USE_OPENSSL is defined 5660 - MEDIUM: connection: add a new handshake flag for SSL (CO_FL_SSL_WAIT_HS). 5661 - MEDIUM: ssl: add new files ssl_sock.[ch] to provide the SSL data layer 5662 - MEDIUM: config: add the 'ssl' keyword on 'bind' lines 5663 - MEDIUM: config: add support for the 'ssl' option on 'server' lines 5664 - MEDIUM: ssl: protect against client-initiated renegociation 5665 - BUILD: add optional support for SSL via the USE_OPENSSL flag 5666 - MEDIUM: ssl: add shared memory session cache implementation. 5667 - MEDIUM: ssl: replace OpenSSL's session cache with the shared cache 5668 - MINOR: ssl add global setting tune.sslcachesize to set SSL session cache size. 5669 - MEDIUM: ssl: add support for SNI and wildcard certificates 5670 - DOC: Typos cleanup 5671 - DOC: fix name for "option independant-streams" 5672 - DOC: specify the default value for maxconn in the context of a proxy 5673 - BUG/MINOR: to_log erased with unique-id-format 5674 - LICENSE: add licence exception for OpenSSL 5675 - BUG/MAJOR: cookie prefix doesn't support cookie-less servers 5676 - BUILD: add an AIX 5.2 (and later) target. 5677 - MEDIUM: fd/si: move peeraddr from struct fdinfo to struct connection 5678 - MINOR: halog: use the more recent dual-mode fgets2 implementation 5679 - BUG/MEDIUM: ebtree: ebmb_insert() must not call cmp_bits on full-length matches 5680 - CLEANUP: halog: make clean should also remove .o files 5681 - OPTIM: halog: make use of memchr() on platforms which provide a fast one 5682 - OPTIM: halog: improve cold-cache behaviour when loading a file 5683 - BUG/MINOR: ACL implicit arguments must be created with unresolved flag 5684 - MINOR: replace acl_fetch_{path,url}* with smp_fetch_* 5685 - MEDIUM: pattern: add the "base" sample fetch method 5686 - OPTIM: i386: make use of kernel-mode-linux when available 5687 - BUG/MINOR: tarpit: fix condition to return the HTTP 500 message 5688 - BUG/MINOR: polling: some events were not set in various pollers 5689 - MINOR: http: add the urlp_val ACL match 5690 - BUG: stktable: tcp_src_to_stktable_key() must return NULL on invalid families 5691 - MINOR: stats/cli: add plans to support more stick-table actions 5692 - MEDIUM: stats/cli: add support for "set table key" to enter values 5693 - REORG/MEDIUM: fd: remove FD_STCLOSE from struct fdtab 5694 - REORG/MEDIUM: fd: remove checks for FD_STERROR in ev_sepoll 5695 - REORG/MEDIUM: fd: get rid of FD_STLISTEN 5696 - REORG/MINOR: connection: move declaration to its own include file 5697 - REORG/MINOR: checks: put a struct connection into the server 5698 - MINOR: connection: add flags to the connection struct 5699 - MAJOR: get rid of fdtab[].state and use connection->flags instead 5700 - MINOR: fd: add a new I/O handler to fdtab 5701 - MEDIUM: polling: prepare to call the iocb() function when defined. 5702 - MEDIUM: checks: make use of fdtab->iocb instead of cb[] 5703 - MEDIUM: protocols: use the generic I/O callback for accept callbacks 5704 - MINOR: connection: add a handler for fd-based connections 5705 - MAJOR: connection: replace direct I/O callbacks with the connection callback 5706 - MINOR: fd: make fdtab->owner a connection and not a stream_interface anymore 5707 - MEDIUM: connection: remove the FD_POLL_* flags only once 5708 - MEDIUM: connection: extract the send_proxy callback from proto_tcp 5709 - MAJOR: tcp: remove the specific I/O callbacks for TCP connection probes 5710 - CLEANUP: remove the now unused fdtab direct I/O callbacks 5711 - MAJOR: remove the stream interface and task management code from sock_* 5712 - MEDIUM: stream_interface: pass connection instead of fd in sock_ops 5713 - MEDIUM: stream_interface: centralize the SI_FL_ERR management 5714 - MAJOR: connection: add a new CO_FL_CONNECTED flag 5715 - MINOR: rearrange tcp_connect_probe() and fix wrong return codes 5716 - MAJOR: connection: call data layer handshakes from the handler 5717 - MEDIUM: fd: remove the EV_FD_COND_* primitives 5718 - MINOR: sock_raw: move calls to si_data_close upper 5719 - REORG: connection: replace si_data_close() with conn_data_close() 5720 - MEDIUM: sock_raw: introduce a read0 callback that is different from shutr 5721 - MAJOR: stream_int: use a common stream_int_shut*() functions regardless of the data layer 5722 - MAJOR: fd: replace all EV_FD_* macros with new fd_*_* inline calls 5723 - MEDIUM: fd: add fd_poll_{recv,send} for use when explicit polling is required 5724 - MEDIUM: connection: add definitions for dual polling mechanisms 5725 - MEDIUM: connection: make use of the new polling functions 5726 - MAJOR: make use of conn_{data|sock}_{poll|stop|want}* in connection handlers 5727 - MEDIUM: checks: don't use FD_WAIT_* anymore 5728 - MINOR: fd: get rid of FD_WAIT_* 5729 - MEDIUM: stream_interface: offer a generic function for connection updates 5730 - MEDIUM: stream-interface: offer a generic chk_rcv function for connections 5731 - MEDIUM: stream-interface: add a snd_buf() callback to sock_ops 5732 - MEDIUM: stream-interface: provide a generic stream_int_chk_snd_conn() function 5733 - MEDIUM: stream-interface: provide a generic si_conn_send_cb callback 5734 - MEDIUM: stream-interface: provide a generic stream_sock_read0() function 5735 - REORG/MAJOR: use "struct channel" instead of "struct buffer" 5736 - REORG/MAJOR: extract "struct buffer" from "struct channel" 5737 - MINOR: connection: provide conn_{data|sock}_{read0|shutw} functions 5738 - REORG: sock_raw: rename the files raw_sock* 5739 - MAJOR: raw_sock: extract raw_sock_to_buf() from raw_sock_read() 5740 - MAJOR: raw_sock: temporarily disable splicing 5741 - MINOR: stream-interface: add an rcv_buf callback to sock_ops 5742 - REORG: stream-interface: move sock_raw_read() to si_conn_recv_cb() 5743 - MAJOR: connection: split the send call into connection and stream interface 5744 - MAJOR: stream-interface: restore splicing mechanism 5745 - MAJOR: stream-interface: make conn_notify_si() more robust 5746 - MEDIUM: proxy-proto: don't use buffer flags in conn_si_send_proxy() 5747 - MAJOR: stream-interface: don't commit polling changes in every callback 5748 - MAJOR: stream-interface: fix splice not to call chk_snd by itself 5749 - MEDIUM: stream-interface: don't remove WAIT_DATA when a handshake is in progress 5750 - CLEANUP: connection: split sock_ops into data_ops, app_cp and si_ops 5751 - REORG: buffers: split buffers into chunk,buffer,channel 5752 - MAJOR: channel: remove the BF_OUT_EMPTY flag 5753 - REORG: buffer: move buffer_flush, b_adv and b_rew to buffer.h 5754 - MINOR: channel: rename bi_full to channel_full as it checks the whole channel 5755 - MINOR: buffer: provide a new buffer_full() function 5756 - MAJOR: channel: stop relying on BF_FULL to take action 5757 - MAJOR: channel: remove the BF_FULL flag 5758 - REORG: channel: move buffer_{replace,insert_line}* to buffer.{c,h} 5759 - CLEANUP: channel: usr CF_/CHN_ prefixes instead of BF_/BUF_ 5760 - CLEANUP: channel: use "channel" instead of "buffer" in function names 5761 - REORG: connection: move the target pointer from si to connection 5762 - MAJOR: connection: move the addr field from the stream_interface 5763 - MEDIUM: stream_interface: remove CAP_SPLTCP/CAP_SPLICE flags 5764 - MEDIUM: proto_tcp: remove any dependence on stream_interface 5765 - MINOR: tcp: replace tcp_src_to_stktable_key with addr_to_stktable_key 5766 - MEDIUM: connection: add an ->init function to data layer 5767 - MAJOR: session: introduce embryonic sessions 5768 - MAJOR: connection: make the PROXY decoder a handshake handler 5769 - CLEANUP: frontend: remove the old proxy protocol decoder 5770 - MAJOR: connection: rearrange the polling flags. 5771 - MEDIUM: connection: only call tcp_connect_probe when nothing was attempted yet 5772 - MEDIUM: connection: complete the polling cleanups 5773 - MEDIUM: connection: avoid calling handshakes when polling is required 5774 - MAJOR: stream_interface: continue to update data polling flags during handshakes 5775 - CLEANUP: fd: remove fdtab->flags 5776 - CLEANUP: fdtab: flatten the struct and merge the spec struct with the rest 5777 - CLEANUP: includes: fix includes for a number of users of fd.h 5778 - MINOR: ssl: disable TCP quick-ack by default on SSL listeners 5779 - MEDIUM: config: add a "ciphers" keyword to set SSL cipher suites 5780 - MEDIUM: config: add "nosslv3" and "notlsv1" on bind and server lines 5781 - BUG: ssl: mark the connection as waiting for an SSL connection during the handshake 5782 - BUILD: http: rename error_message http_error_message to fix conflicts on RHEL 5783 - BUILD: ssl: fix shctx build on RHEL with futex 5784 - BUILD: include sys/socket.h to fix build failure on FreeBSD 5785 - BUILD: fix build error without SSL (ssl_cert) 5786 - BUILD: ssl: use MAP_ANON instead of MAP_ANONYMOUS 5787 - BUG/MEDIUM: workaround an eglibc bug which truncates the pidfiles when nbproc > 1 5788 - MEDIUM: config: support per-listener backlog and maxconn 5789 - MINOR: session: do not send an HTTP/500 error on SSL sockets 5790 - MEDIUM: config: implement maxsslconn in the global section 5791 - BUG: tcp: close socket fd upon connect error 5792 - MEDIUM: connection: improve error handling around the data layer 5793 - MINOR: config: make the tasks "nice" value configurable on "bind" lines. 5794 - BUILD: shut a gcc warning introduced by commit 269ab31 5795 - MEDIUM: config: centralize handling of SSL config per bind line 5796 - BUILD: makefile: report USE_OPENSSL status in build options 5797 - BUILD: report openssl build settings in haproxy -vv 5798 - MEDIUM: ssl: add sample fetches for is_ssl, ssl_has_sni, ssl_sni_* 5799 - DOC: add a special acknowledgement for the stud project 5800 - DOC: add missing SSL options for servers and listeners 5801 - BUILD: automatically add -lcrypto for SSL 5802 - DOC: add some info about openssl build in the README 5803 58042012/06/04 : 1.5-dev11 5805 - BUG/MEDIUM: option forwardfor if-none doesn't work with some configurations 5806 - BUG/MAJOR: trash must always be the size of a buffer 5807 - DOC: fix minor regex example issue and improve doc on stats 5808 - MINOR: stream_interface: add a pointer to the listener for TARG_TYPE_CLIENT 5809 - MEDIUM: protocol: add a pointer to struct sock_ops to the listener struct 5810 - MINOR: checks: add on-marked-up option 5811 - MINOR: balance uri: added 'whole' parameter to include query string in hash calculation 5812 - MEDIUM: stream_interface: remove the si->init 5813 - MINOR: buffers: add a rewind function 5814 - BUG/MAJOR: fix regression on content-based hashing and http-send-name-header 5815 - MAJOR: http: stop using msg->sol outside the parsers 5816 - CLEANUP: http: make it more obvious that msg->som is always null outside of chunks 5817 - MEDIUM: http: get rid of msg->som which is not used anymore 5818 - MEDIUM: http: msg->sov and msg->sol will never wrap 5819 - BUG/MAJOR: checks: don't call set_server_status_* when no LB algo is set 5820 - BUG/MINOR: stop connect timeout when connect succeeds 5821 - REORG: move the send-proxy code to tcp_connect_write() 5822 - REORG/MINOR: session: detect the TCP monitor checks at the protocol accept 5823 - MINOR: stream_interface: introduce a new "struct connection" type 5824 - REORG/MINOR: stream_interface: move si->fd to struct connection 5825 - REORG/MEDIUM: stream_interface: move applet->state and private to connection 5826 - MINOR: stream_interface: add a data channel close function 5827 - MEDIUM: stream_interface: call si_data_close() before releasing the si 5828 - MINOR: peers: use the socket layer operations from the peer instead of sock_raw 5829 - BUG/MINOR: checks: expire on timeout.check if smaller than timeout.connect 5830 - MINOR: add a new function call tracer for debugging purposes 5831 - BUG/MINOR: perform_http_redirect also needs to rewind the buffer 5832 - BUG/MAJOR: b_rew() must pass a signed offset to b_ptr() 5833 - BUG/MEDIUM: register peer sync handler in the proper order 5834 - BUG/MEDIUM: buffers: fix bi_putchr() to correctly advance the pointer 5835 - BUG/MINOR: fix option httplog validation with TCP frontends 5836 - BUG/MINOR: log: don't report logformat errors in backends 5837 - REORG/MINOR: use dedicated proxy flags for the cookie handling 5838 - BUG/MINOR: config: do not report twice the incompatibility between cookie and non-http 5839 - MINOR: http: add support for "httponly" and "secure" cookie attributes 5840 - BUG/MEDIUM: ensure that unresolved arguments are freed exactly once 5841 - BUG/MINOR: commit 196729ef used wrong condition resulting in freeing constants 5842 - MEDIUM: stats: add support for soft stop/soft start in the admin interface 5843 - MEDIUM: stats: add the ability to kill sessions from the admin interface 5844 - BUILD: add support for linux kernels >= 2.6.28 5845 58462012/05/14 : 1.5-dev10 5847 - BUG/MINOR: stats admin: "Unexpected result" was displayed unconditionally 5848 - BUG/MAJOR: acl: http_auth_group() must not accept any user from the userlist 5849 - CLEANUP: auth: make the code build again with DEBUG_AUTH 5850 - BUG/MEDIUM: config: don't crash at config load time on invalid userlist names 5851 - REORG: use the name sock_raw instead of stream_sock 5852 - MINOR: stream_interface: add a client target : TARG_TYPE_CLIENT 5853 - BUG/MEDIUM: stream_interface: restore get_src/get_dst 5854 - CLEANUP: sock_raw: remove last references to stream_sock 5855 - CLEANUP: stream_interface: stop exporting socket layer functions 5856 - MINOR: stream_interface: add an init callback to sock_ops 5857 - MEDIUM: stream_interface: derive the socket operations from the target 5858 - MAJOR: fd: remove the need for the socket layer to recheck the connection 5859 - MINOR: session: call the socket layer init function when a session establishes 5860 - MEDIUM: session: add support for tunnel timeouts 5861 - MINOR: standard: add a new debug macro : fddebug() 5862 - CLEANUP: fd: remove unused cb->b pointers in the struct fdtab 5863 - OPTIM: proto_http: don't enable quick-ack on empty buffers 5864 - OPTIM/MAJOR: ev_sepoll: process spec events after polled events 5865 - OPTIM/MEDIUM: stream_interface: add a new SI_FL_NOHALF flag 5866 58672012/05/08 : 1.5-dev9 5868 - MINOR: Add release callback to si_applet 5869 - CLEANUP: Fix some minor typos 5870 - MINOR: Add TO/FROM_SET flags to struct stream_interface 5871 - CLEANUP: Fix some minor whitespace issues 5872 - MINOR: stats admin: allow unordered parameters in POST requests 5873 - CLEANUP: fix typo in findserver() log message 5874 - MINOR: stats admin: use the backend id instead of its name in the form 5875 - MINOR: stats admin: reduce memcmp()/strcmp() calls on status codes 5876 - DOC: cleanup indentation, alignment, columns and chapters 5877 - DOC: fix some keywords arguments documentation 5878 - MINOR: cli: display the 4 IP addresses and ports on "show sess XXX" 5879 - BUG/MAJOR: log: possible segfault with logformat 5880 - MEDIUM: log: split of log_format generation 5881 - MEDIUM: log: New format-log flags: %Fi %Fp %Si %Sp %Ts %rt %H %pid 5882 - MEDIUM: log: Unique ID 5883 - MINOR: log: log-format: usable without httplog and tcplog 5884 - BUG/MEDIUM: balance source did not properly hash IPv6 addresses 5885 - MINOR: contrib/iprange: add a network IP range to mask converter 5886 - MEDIUM: session: implement the "use-server" directive 5887 - MEDIUM: log: add a new cookie flag 'U' to report situations where cookie is not used 5888 - MEDIUM: http: make extract_cookie_value() iterate over cookie values 5889 - MEDIUM: http: add cookie and scookie ACLs 5890 - CLEANUP: lb_first: add reference to a paper describing the original idea 5891 - MEDIUM: stream_sock: add a get_src and get_dst callback and remove SN_FRT_ADDR_SET 5892 - BUG/MINOR: acl: req_ssl_sni would randomly fail if a session ID is present 5893 - BUILD: http: make extract_cookie_value() return an int not size_t 5894 - BUILD: http: stop gcc-4.1.2 from complaining about possibly uninitialized values 5895 - CLEANUP: http: message parser must ignore HTTP_MSG_ERROR 5896 - MINOR: standard: add a memprintf() function to build formatted error messages 5897 - CLEANUP: remove a few warning about unchecked return values in debug code 5898 - MEDIUM: move message-related flags from transaction to message 5899 - DOC: add a diagram to explain how circular buffers work 5900 - MAJOR: buffer rework: replace ->send_max with ->o 5901 - MAJOR: buffer: replace buf->l with buf->{o+i} 5902 - MINOR: buffers: provide simple pointer normalization functions 5903 - MINOR: buffers: remove unused function buffer_contig_data() 5904 - MAJOR: buffers: replace buf->w with buf->p - buf->o 5905 - MAJOR: buffers: replace buf->r with buf->p + buf->i 5906 - MAJOR: http: move buffer->lr to http_msg->next 5907 - MAJOR: http: change msg->{som,col,sov,eoh} to be relative to buffer origin 5908 - CLEANUP: http: remove unused http_msg->col 5909 - MAJOR: http: turn http_msg->eol to a buffer-relative offset 5910 - MEDIUM: http: add a pointer to the buffer in http_msg 5911 - MAJOR: http: make http_msg->sol relative to buffer's origin 5912 - MEDIUM: http: http_send_name_header: remove references to msg and buffer 5913 - MEDIUM: http: remove buffer arg in a few header manipulation functions 5914 - MEDIUM: http: remove buffer arg in http_capture_bad_message 5915 - MEDIUM: http: remove buffer arg in http_msg_analyzer 5916 - MEDIUM: http: remove buffer arg in http_upgrade_v09_to_v10 5917 - MEDIUM: http: remove buffer arg in http_buffer_heavy_realign 5918 - MEDIUM: http: remove buffer arg in chunk parsing functions 5919 - MINOR: http: remove useless wrapping checks in http_msg_analyzer 5920 - MEDIUM: buffers: fix unsafe use of buffer_ignore at some places 5921 - MEDIUM: buffers: add new pointer wrappers and get rid of almost all buffer_wrap_add calls 5922 - MEDIUM: buffers: implement b_adv() to advance a buffer's pointer 5923 - MEDIUM: buffers: rename a number of buffer management functions 5924 - MEDIUM: http: add a prefetch function for ACL pattern fetch 5925 - MEDIUM: http: make all ACL fetch function use acl_prefetch_http() 5926 - BUG/MINOR: http_auth: ACLs are volatile, not permanent 5927 - MEDIUM: http/acl: merge all request and response ACL fetches of headers and cookies 5928 - MEDIUM: http/acl: make acl_fetch_hdr_{ip,val} rely on acl_fetch_hdr() 5929 - MEDIUM: add a new typed argument list parsing framework 5930 - MAJOR: acl: make use of the new argument parsing framework 5931 - MAJOR: acl: store the ACL argument types in the ACL keyword declaration 5932 - MEDIUM: acl: acl_find_target() now resolves arguments based on their types 5933 - MAJOR: acl: make acl_find_targets also resolve proxy names at config time 5934 - MAJOR: acl: ensure that implicit table and proxies are valid 5935 - MEDIUM: acl: remove unused tests for missing args when args are mandatory 5936 - MEDIUM: pattern: replace type pattern_arg with type arg 5937 - MEDIUM: pattern: get rid of arg_i in all functions making use of arguments 5938 - MEDIUM: pattern: use the standard arg parser 5939 - MEDIUM: pattern: add an argument validation callback to pattern descriptors 5940 - MEDIUM: pattern: report the precise argument parsing error when known. 5941 - MEDIUM: acl: remove the ACL_TEST_F_NULL_MATCH flag 5942 - MINOR: pattern: add a new 'sample' type to store fetched data 5943 - MEDIUM: pattern: add new sample types to replace pattern types 5944 - MAJOR: acl: make use of the new sample struct and get rid of acl_test 5945 - MEDIUM: pattern/acl: get rid of temp_pattern in ACLs 5946 - MEDIUM: acl: get rid of the SET_RES flags 5947 - MEDIUM: get rid of SMP_F_READ_ONLY and SMP_F_MUST_FREE 5948 - MINOR: pattern: replace struct pattern with struct sample 5949 - MEDIUM: pattern: integrate pattern_data into sample and use sample everywhere 5950 - MEDIUM: pattern: retrieve the sample type in the sample, not in the keyword description 5951 - MEDIUM: acl/pattern: switch rdp_cookie functions stack up-down 5952 - MEDIUM: acl: replace acl_expr with args in acl fetch_* functions 5953 - MINOR: tcp: replace acl_fetch_rdp_cookie with smp_fetch_rdp_cookie 5954 - MEDIUM: acl/pattern: use the same direction scheme 5955 - MEDIUM: acl/pattern: start merging common sample fetch functions 5956 - MEDIUM: pattern: ensure that sample types always cast into other types. 5957 - MEDIUM: acl/pattern: factor out the src/dst address fetches 5958 - MEDIUM: acl: implement payload and payload_lv 5959 - CLEANUP: pattern: ensure that payload and payload_lv always stay in the buffer 5960 - MINOR: stick_table: centralize the handling of empty keys 5961 - MINOR: pattern: centralize handling of unstable data in pattern_process() 5962 - MEDIUM: pattern: use smp_fetch_rdp_cookie instead of the pattern specific version 5963 - MINOR: acl: set SMP_OPT_ITERATE on fetch functions 5964 - MINOR: acl: add a val_args field to keywords 5965 - MINOR: proto_tcp: validate arguments of payload and payload_lv ACLs 5966 - MEDIUM: http: merge acl and pattern header fetch functions 5967 - MEDIUM: http: merge ACL and pattern cookie fetches into a single one 5968 - MEDIUM: acl: report parsing errors to the caller 5969 - MINOR: arg: improve error reporting on invalid arguments 5970 - MINOR: acl: report errors encountered when loading patterns from files 5971 - MEDIUM: acl: extend the pattern parsers to report meaningful errors 5972 - REORG: use the name "sample" instead of "pattern" to designate extracted data 5973 - REORG: rename "pattern" files 5974 - MINOR: acl: add types to ACL patterns 5975 - MINOR: standard: add an IPv6 parsing function (str62net) 5976 - MEDIUM: acl: support IPv6 address matching 5977 - REORG: stream_interface: create a struct sock_ops to hold socket operations 5978 - REORG/MEDIUM: move protocol->{read,write} to sock_ops 5979 - REORG/MEDIUM: stream_interface: initialize socket ops from descriptors 5980 - REORG/MEDIUM: replace stream interface protocol functions by a proto pointer 5981 - REORG/MEDIUM: move the default accept function from sockstream to protocols.c 5982 - MEDIUM: proto_tcp: remove src6 and dst6 pattern fetch methods 5983 - BUG/MINOR: http: error snapshots are wrong if buffer wraps 5984 - BUG/MINOR: http: ensure that msg->err_pos is always relative to buf->p 5985 - MEDIUM: http: improve error capture reports 5986 - MINOR: acl: add the cook_val() match to match a cookie against an integer 5987 - BUG/MEDIUM: send_proxy: fix initialisation of send_proxy_ofs 5988 - MEDIUM: memory: add the ability to poison memory at run time 5989 - BUG/MEDIUM: log: ensure that unique_id is properly initialized 5990 - MINOR: cfgparse: use a common errmsg pointer for all parsers 5991 - MEDIUM: cfgparse: make backend_parse_balance() use memprintf to report errors 5992 - MEDIUM: cfgparse: use the new error reporting framework for remaining cfg_keywords 5993 - MINOR: http: replace http_message_realign() with buffer_slow_realign() 5994 59952012/03/26 : 1.5-dev8 5996 - MINOR: patch for minor typo (ressources/resources) 5997 - MEDIUM: http: add support for sending the server's name in the outgoing request 5998 - DOC: mention that default checks are TCP connections 5999 - BUG/MINOR: fix options forwardfor if-none when an alternative header name is specified 6000 - CLEANUP: Make check_statuses, analyze_statuses and process_chk static 6001 - CLEANUP: Fix HCHK spelling errors 6002 - BUG/MINOR: fix typo in processing of http-send-name-header 6003 - MEDIUM: log: Use linked lists for loggers 6004 - BUILD: fix declaration inside a scope block 6005 - REORG: log: split send_log function 6006 - MINOR: config: Parse the string of the log-format config keyword 6007 - MINOR: add ultoa, ulltoa, ltoa, lltoa implementations 6008 - MINOR: Date and time fonctions that don't use snprintf 6009 - MEDIUM: log: make http_sess_log use log_format 6010 - DOC: log-format documentation 6011 - MEDIUM: log: use log_format for mode tcplog 6012 - MEDIUM: log-format: backend source address %Bi %Bp 6013 - BUG/MINOR: log-format: fix %o flag 6014 - BUG/MEDIUM: bad length in log_format and __send_log 6015 - MINOR: logformat %st is signed 6016 - BUILD/MINOR: fix the source URL in the spec file 6017 - DOC: acl is http_first_req, not http_req_first 6018 - BUG/MEDIUM: don't trim last spaces from headers consisting only of spaces 6019 - MINOR: acl: add new matches for header/path/url length 6020 - BUILD: halog: make halog build on solaris 6021 - BUG/MINOR: don't use a wrong port when connecting to a server with mapped ports 6022 - MINOR: remove the client/server side distinction in SI addresses 6023 - MINOR: halog: add support for matching queued requests 6024 - DOC: indicate that cookie "prefix" and "indirect" should not be mixed 6025 - OPTIM/MINOR: move struct sockaddr_storage to the tail of structs 6026 - OPTIM/MINOR: make it possible to change pipe size (tune.pipesize) 6027 - BUILD/MINOR: silent a build warning in src/pipe.c (fcntl) 6028 - OPTIM/MINOR: move the hdr_idx pools out of the proxy struct 6029 - MEDIUM: tune.http.maxhdr makes it possible to configure the maximum number of HTTP headers 6030 - BUG/MINOR: fix a segfault when parsing a config with undeclared peers 6031 - CLEANUP: rename possibly confusing struct field "tracked" 6032 - BUG/MEDIUM: checks: fix slowstart behaviour when server tracking is in use 6033 - MINOR: config: tolerate server "cookie" setting in non-HTTP mode 6034 - MEDIUM: buffers: add some new primitives and rework existing ones 6035 - BUG: buffers: don't return a negative value on buffer_total_space_res() 6036 - MINOR: buffers: make buffer_pointer() support negative pointers too 6037 - CLEANUP: kill buffer_replace() and use an inline instead 6038 - BUG: tcp: option nolinger does not work on backends 6039 - CLEANUP: ebtree: remove a few annoying signedness warnings 6040 - CLEANUP: ebtree: clarify licence and update to 6.0.6 6041 - CLEANUP: ebtree: remove 4-year old harmless typo in duplicates insertion code 6042 - CLEANUP: ebtree: remove another typo, a wrong initialization in insertion code 6043 - BUG: ebtree: ebst_lookup() could return the wrong entry 6044 - OPTIM: stream_sock: reduce the amount of in-flight spliced data 6045 - OPTIM: stream_sock: save a failed recv syscall when splice returns EAGAIN 6046 - MINOR: acl: add support for TLS server name matching using SNI 6047 - BUG: http: re-enable TCP quick-ack upon incomplete HTTP requests 6048 - BUG: proto_tcp: don't try to bind to a foreign address if sin_family is unknown 6049 - MINOR: pattern: export the global temporary pattern 6050 - CLEANUP: patterns: get rid of pattern_data_setstring() 6051 - MEDIUM: acl: use temp_pattern to store fetched information in the "method" match 6052 - MINOR: acl: include pattern.h to make pattern migration more transparent 6053 - MEDIUM: pattern: change the pattern data integer from unsigned to signed 6054 - MEDIUM: acl: use temp_pattern to store any integer-type information 6055 - MEDIUM: acl: use temp_pattern to store any address-type information 6056 - CLEANUP: acl: integer part of acl_test is not used anymore 6057 - MEDIUM: acl: use temp_pattern to store any string-type information 6058 - CLEANUP: acl: remove last data fields from the acl_test struct 6059 - MEDIUM: http: replace get_ip_from_hdr2() with http_get_hdr() 6060 - MEDIUM: patterns: the hdr() pattern is now of type string 6061 - DOC: add minimal documentation on how ACLs work internally 6062 - DOC: add a coding-style file 6063 - OPTIM: halog: keep a fast path for the lines-count only 6064 - CLEANUP: silence a warning when building on sparc 6065 - BUG: http: tighten the list of allowed characters in a URI 6066 - MEDIUM: http: block non-ASCII characters in URIs by default 6067 - DOC: add some documentation from RFC3986 about URI format 6068 - BUG/MINOR: cli: correctly remove the whole table on "clear table" 6069 - BUG/MEDIUM: correctly disable servers tracking another disabled servers. 6070 - BUG/MEDIUM: zero-weight servers must not dequeue requests from the backend 6071 - MINOR: halog: add some help on the command line 6072 - BUILD: fix build error on FreeBSD 6073 - BUG: fix double free in peers config error path 6074 - MEDIUM: improve config check return codes 6075 - BUILD: make it possible to look for pcre in the default system paths 6076 - MINOR: config: emit a warning when 'default_backend' masks servers 6077 - MINOR: backend: rework the LC definition to support other connection-based algos 6078 - MEDIUM: backend: add the 'first' balancing algorithm 6079 - BUG: fix httplog trailing LF 6080 - MEDIUM: increase chunk-size limit to 2GB-1 6081 - BUG: queue: fix dequeueing sequence on HTTP keep-alive sessions 6082 - BUG: http: disable TCP delayed ACKs when forwarding content-length data 6083 - BUG: checks: fix server maintenance exit sequence 6084 - BUG/MINOR: stream_sock: don't remove BF_EXPECT_MORE and BF_SEND_DONTWAIT on partial writes 6085 - DOC: enumerate valid status codes for "observe layer7" 6086 - MINOR: buffer: switch a number of buffer args to const 6087 - CLEANUP: silence signedness warning in acl.c 6088 - BUG: stream_sock: si->release was not called upon shutw() 6089 - MINOR: log: use "%ts" to log term status only and "%tsc" to log with cookie 6090 - BUG/CRITICAL: log: fix risk of crash in development snapshot 6091 - BUG/MAJOR: possible crash when using capture headers on TCP frontends 6092 - MINOR: config: disable header captures in TCP mode and complain 6093 60942011/09/10 : 1.5-dev7 6095 - [BUG] fix binary stick-tables 6096 - [MINOR] http: *_dom matching header functions now also split on ":" 6097 - [BUG] checks: fix support of Mysqld >= 5.5 for mysql-check 6098 - [MINOR] acl: add srv_conn acl to count connections on a specific backend server 6099 - [MINOR] check: add redis check support 6100 - [DOC] small fixes to clearly distinguish between keyword and variables 6101 - [MINOR] halog: add support for termination code matching (-tcn/-TCN) 6102 - [DOC] Minor spelling fixes and grammatical enhancements 6103 - [CLEANUP] dumpstats: make symbols static where possible 6104 - [MINOR] Break out dumping table 6105 - [MINOR] Break out processing of clear table 6106 - [MINOR] Allow listing of stick table by key 6107 - [MINOR] Break out all stick table socat command parsing 6108 - [MINOR] More flexible clearing of stick table 6109 - [MINOR] Allow showing and clearing by key of ipv6 stick tables 6110 - [MINOR] Allow showing and clearing by key of integer stick tables 6111 - [MINOR] Allow showing and clearing by key of string stick tables 6112 - [CLEANUP] Remove assigned but unused variables 6113 - [CLEANUP] peers.h: fix declarations 6114 - [CLEANUP] session.c: Make functions static where possible 6115 - [MINOR] Add active connection list to server 6116 - [MINOR] Allow shutdown of sessions when a server becomes unavailable 6117 - [MINOR] Add down termination condition 6118 - [MINOR] Make appsess{,ion}_refresh static 6119 - [MINOR] Add rdp_cookie pattern fetch function 6120 - [CLEANUP] Remove unnecessary casts 6121 - [MINOR] Add non-stick server option 6122 - [MINOR] Consistently use error in tcp_parse_tcp_req() 6123 - [MINOR] Consistently free expr on error in cfg_parse_listen() 6124 - [MINOR] Free rdp_cookie_name on denint() 6125 - [MINOR] Free tcp rules on denint() 6126 - [MINOR] Free stick table pool on denint() 6127 - [MINOR] Free stick rules on denint() 6128 - [MEDIUM] Fix stick-table replication on soft-restart 6129 - [MEDIUM] Correct ipmask() logic 6130 - [MINOR] Correct type in table dump examples 6131 - [MINOR] Fix build error in stream_int_register_handler() 6132 - [MINOR] Use DPRINTF in assign_server() 6133 - [BUG] checks: http-check expect could fail a check on multi-packet responses 6134 - [DOC] fix minor typo in the "dispatch" doc 6135 - [BUG] proto_tcp: fix address binding on remote source 6136 - [MINOR] http: don't report the "haproxy" word on the monitoring response 6137 - [REORG] http: move HTTP error codes back to proto_http.h 6138 - [MINOR] http: make the "HTTP 200" status code configurable. 6139 - [MINOR] http: partially revert the chunking optimization for now 6140 - [MINOR] stream_sock: always clear BF_EXPECT_MORE upon complete transfer 6141 - [CLEANUP] stream_sock: remove unneeded FL_TCP and factor out test 6142 - [MEDIUM] http: add support for "http-no-delay" 6143 - [OPTIM] http: optimize chunking again in non-interactive mode 6144 - [OPTIM] stream_sock: avoid fast-forwarding of partial data 6145 - [OPTIM] stream_sock: don't use splice on too small payloads 6146 - [MINOR] config: make it possible to specify a cookie even without a server 6147 - [BUG] stats: support url-encoded forms 6148 - [MINOR] config: automatically compute a default fullconn value 6149 - [CLEANUP] config: remove some left-over printf debugging code from previous patch 6150 - [DOC] add missing entry or stick store-response 6151 - [MEDIUM] http: add support for 'cookie' and 'set-cookie' patterns 6152 - [BUG] halog: correctly handle truncated last line 6153 - [MINOR] halog: make SKIP_CHAR stop on field delimiters 6154 - [MINOR] halog: add support for HTTP log matching (-H) 6155 - [MINOR] halog: gain back performance before SKIP_CHAR fix 6156 - [OPTIM] halog: cache some common fields positions 6157 - [OPTIM] halog: check once for correct line format and reuse the pointer 6158 - [OPTIM] halog: remove many 'if' by using a function pointer for the filters 6159 - [OPTIM] halog: remove support for tab delimiters in input data 6160 - [BUG] session: risk of crash on out of memory (1.5-dev regression) 6161 - [MINOR] session: try to emit a 500 response on memory allocation errors 6162 - [OPTIM] stream_sock: reduce the default number of accepted connections at once 6163 - [BUG] stream_sock: disable listener when system resources are exhausted 6164 - [MEDIUM] proxy: add a PAUSED state to listeners and move socket tricks out of proxy.c 6165 - [BUG] stream_sock: ensure orphan listeners don't accept too many connections 6166 - [MINOR] listeners: add listen_full() to mark a listener full 6167 - [MINOR] listeners: add support for queueing resource limited listeners 6168 - [MEDIUM] listeners: put listeners in queue upon resource shortage 6169 - [MEDIUM] listeners: queue proxy-bound listeners at the proxy's 6170 - [MEDIUM] listeners: don't stop proxies when global maxconn is reached 6171 - [MEDIUM] listeners: don't change listeners states anymore in maintain_proxies 6172 - [CLEANUP] proxy: rename a few proxy states (PR_STIDLE and PR_STRUN) 6173 - [MINOR] stats: report a "WAITING" state for sockets waiting for resource 6174 - [MINOR] proxy: make session rate-limit more accurate 6175 - [MINOR] sessions: only wake waiting listeners up if rate limit is OK 6176 - [BUG] proxy: peers must only be stopped once, not upon every call to maintain_proxies 6177 - [CLEANUP] proxy: merge maintain_proxies() operation inside a single loop 6178 - [MINOR] task: new function task_schedule() to schedule a wake up 6179 - [MAJOR] proxy: finally get rid of maintain_proxies() 6180 - [BUG] proxy: stats frontend and peers were missing many initializers 6181 - [MEDIUM] listeners: add a global listener management task 6182 - [MINOR] proxy: make findproxy() return proxies from numeric IDs too 6183 - [DOC] fix typos, "#" is a sharp, not a dash 6184 - [MEDIUM] stats: add support for changing frontend's maxconn at runtime 6185 - [MEDIUM] checks: group health checks methods by values and save option bits 6186 - [MINOR] session-counters: add the ability to clear the counters 6187 - [BUG] check: http-check expect + regex would crash in defaults section 6188 - [MEDIUM] http: make x-forwarded-for addition conditional 6189 - [REORG] build: move syscall redefinition to specific places 6190 - [CLEANUP] update the year in the copyright banner 6191 - [BUG] possible crash in 'show table' on stats socket 6192 - [BUG] checks: use the correct destination port for sending checks 6193 - [BUG] backend: risk of picking a wrong port when mapping is used with crossed families 6194 - [MINOR] make use of set_host_port() and get_host_port() to get rid of family mismatches 6195 - [DOC] fixed a few "sensible" -> "sensitive" errors 6196 - [MINOR] make use of addr_to_str() and get_host_port() to replace many inet_ntop() 6197 - [BUG] http: trailing white spaces must also be trimmed after headers 6198 - [MINOR] stats: display "<NONE>" instead of the frontend name when unknown 6199 - [MINOR] http: take a capture of too large requests and responses 6200 - [MINOR] http: take a capture of truncated responses 6201 - [MINOR] http: take a capture of bad content-lengths. 6202 - [DOC] add a few old and uncommitted docs 6203 - [CLEANUP] cfgparse: fix reported options for the "bind" keyword 6204 - [MINOR] halog: add -hs/-HS to filter by HTTP status code range 6205 - [MINOR] halog: support backslash-escaped quotes 6206 - [CLEANUP] remove dirty left-over of a debugging message 6207 - [MEDIUM] stats: disable complex socket reservation for stats socket 6208 - [CLEANUP] remove a useless test in manage_global_listener_queue() 6209 - [MEDIUM] stats: add the "set maxconn" setting to the command line interface 6210 - [MEDIUM] add support for global.maxconnrate to limit the per-process conn rate. 6211 - [MINOR] stats: report the current and max global connection rates 6212 - [MEDIUM] stats: add the ability to adjust the global maxconnrate 6213 - [BUG] peers: don't pre-allocate 65000 connections to each peer 6214 - [MEDIUM] don't limit peers nor stats socket to maxconn nor maxconnrate 6215 - [BUG] peers: the peer frontend must not emit any log 6216 - [CLEANUP] proxy: make pause_proxy() perform the required controls and emit the logs 6217 - [BUG] peers: don't keep a peers section which has a NULL frontend 6218 - [BUG] peers: ensure the peers are resumed if they were paused 6219 - [MEDIUM] stats: add the ability to enable/disable/shutdown a frontend at runtime 6220 - [MEDIUM] session: make session_shutdown() an independant function 6221 - [MEDIUM] stats: offer the possibility to kill a session from the CLI 6222 - [CLEANUP] stats: centralize tests for backend/server inputs on the CLI 6223 - [MEDIUM] stats: offer the possibility to kill sessions by server 6224 - [MINOR] halog: do not consider byte 0x8A as end of line 6225 - [MINOR] frontend: ensure debug message length is always initialized 6226 - [OPTIM] halog: make fgets parse more bytes by blocks 6227 - [OPTIM] halog: add assembly version of the field lookup code 6228 - [MEDIUM] poll: add a measurement of idle vs work time 6229 - [CLEANUP] startup: report only the basename in the usage message 6230 - [MINOR] startup: add an option to change to a new directory 6231 - [OPTIM] task: don't scan the run queue if we know it's empty 6232 - [BUILD] stats: stdint is not present on solaris 6233 - [DOC] update the README file to reflect new naming rules for patches 6234 - [MINOR] stats: report the number of requests intercepted by the frontend 6235 - [DOC] update ROADMAP file 6236 62372011/04/08 : 1.5-dev6 6238 - [BUG] stream_sock: use get_addr_len() instead of sizeof() on sockaddr_storage 6239 - [BUG] TCP source tracking was broken with IPv6 changes 6240 - [BUG] stick-tables did not work when converting IPv6 to IPv4 6241 - [CRITICAL] fix risk of crash when dealing with space in response cookies 6242 62432011/03/29 : 1.5-dev5 6244 - [BUG] standard: is_addr return value for IPv4 was inverted 6245 - [MINOR] update comment about IPv6 support for server 6246 - [MEDIUM] use getaddrinfo to resolve names if gethostbyname fail 6247 - [DOC] update IPv6 support for bind 6248 - [DOC] document IPv6 support for server 6249 - [DOC] fix a minor typo 6250 - [MEDIUM] IPv6 support for syslog 6251 - [DOC] document IPv6 support for syslog 6252 - [MEDIUM] IPv6 support for stick-tables 6253 - [DOC] document IPv6 support for stick-tables 6254 - [DOC] update ROADMAP file 6255 - [BUG] session: src_conn_cur was returning src_conn_cnt instead 6256 - [MINOR] frontend: add a make_proxy_line function 6257 - [MEDIUM] stream_sock: add support for sending the proxy protocol header line 6258 - [MEDIUM] server: add support for the "send-proxy" option 6259 - [DOC] update the spec on the proxy protocol 6260 - [BUILD] proto_tcp: fix build issue with CTTPROXY 6261 - [DOC] update ROADMAP file 6262 - [MEDIUM] config: rework the IPv4/IPv6 address parser to support host-only addresses 6263 - [MINOR] cfgparse: better report wrong listening addresses and make use of str2sa_range 6264 - [BUILD] add the USE_GETADDRINFO build option 6265 - [TESTS] provide a test case for various address formats 6266 - [BUG] session: conn_retries was not always initialized 6267 - [BUG] log: retrieve the target from the session, not the SI 6268 - [BUG] http: fix possible incorrect forwarded wrapping chunk size (take 2) 6269 - [MINOR] tools: add two macros MID_RANGE and MAX_RANGE 6270 - [BUG] http: fix content-length handling on 32-bit platforms 6271 - [OPTIM] buffers: uninline buffer_forward() 6272 - [BUG] stream_sock: fix handling for server side PROXY protocol 6273 - [MINOR] acl: add support for table_cnt and table_avl matches 6274 - [DOC] update ROADMAP file 6275 62762011/03/13 : 1.5-dev4 6277 - [MINOR] cfgparse: Check whether the path given for the stats socket actually fits into the sockaddr_un structure to avoid truncation. 6278 - [MINOR] unix sockets : inherits the backlog size from the listener 6279 - [CLEANUP] unix sockets : move create_uxst_socket() in uxst_bind_listener() 6280 - [DOC] fix a minor typo 6281 - [DOC] fix ignore-persist documentation 6282 - [MINOR] add warnings on features not compatible with multi-process mode 6283 - [BUG] http: fix http-pretend-keepalive and httpclose/tunnel mode 6284 - [MINOR] stats: add support for several packets in stats admin 6285 - [BUG] stats: admin commands must check the proxy state 6286 - [BUG] stats: admin web interface must check the proxy state 6287 - [MINOR] http: add pattern extraction method to stick on query string parameter 6288 - [MEDIUM] add internal support for IPv6 server addresses 6289 - [MINOR] acl: add be_id/srv_id to match backend's and server's id 6290 - [MINOR] log: add support for passing the forwarded hostname 6291 - [MINOR] log: ability to override the syslog tag 6292 - [MINOR] checks: add PostgreSQL health check 6293 - [DOC] update ROADMAP file 6294 - [BUILD] pattern: use 'int' instead of 'int32_t' 6295 - [OPTIM] linux: add support for bypassing libc to force using vsyscalls 6296 - [BUG] debug: report the correct poller list in verbose mode 6297 - [BUG] capture: do not capture a cookie if there is no memory left 6298 - [BUG] appsession: fix possible double free in case of out of memory 6299 - [CRITICAL] cookies: mixing cookies in indirect mode and appsession can crash the process 6300 - [BUG] http: correctly update the header list when removing two consecutive headers 6301 - [BUILD] add the CPU=native and ARCH=32/64 build options 6302 - [BUILD] add -fno-strict-aliasing to fix warnings with gcc >= 4.4 6303 - [CLEANUP] hash: move the avalanche hash code globally available 6304 - [MEDIUM] hash: add support for an 'avalanche' hash-type 6305 - [DOC] update roadmap file 6306 - [BUG] http: do not re-enable the PROXY analyser on keep-alive 6307 - [OPTIM] http: don't send each chunk in a separate packet 6308 - [DOC] fix minor typos reported recently in the peers section 6309 - [DOC] fix another typo in the doc 6310 - [MINOR] stats: report HTTP message state and buffer flags in error dumps 6311 - [BUG] http chunking: don't report a parsing error on connection errors 6312 - [BUG] stream_interface: truncate buffers when sending error messages 6313 - [MINOR] http: support wrapping messages in error captures 6314 - [MINOR] http: capture incorrectly chunked message bodies 6315 - [MINOR] stats: add global event ID and count 6316 - [BUG] http: analyser optimizations broke pipelining 6317 - [CLEANUP] frontend: only apply TCP-specific settings to TCP/TCP6 sockets 6318 - [BUG] http: fix incorrect error reporting during data transfers 6319 - [CRITICAL] session: correctly leave turn-around and queue states on abort 6320 - [BUG] session: release slot before processing pending connections 6321 - [MINOR] tcp: add support for dynamic MSS setting 6322 - [BUG] stick-table: correctly terminate string keys during lookups 6323 - [BUG] acl: fix handling of empty lines in pattern files 6324 - [BUG] stick-table: use the private buffer when padding strings 6325 - [BUG] ebtree: fix ebmb_lookup() with len smaller than the tree's keys 6326 - [OPTIM] ebtree: ebmb_lookup: reduce stack usage by moving the return code out of the loop 6327 - [OPTIM] ebtree: inline ebst_lookup_len and ebis_lookup_len 6328 - [REVERT] undo the stick-table string key lookup fixes 6329 - [MINOR] http: improve url_param pattern extraction to ignore empty values 6330 - [BUILD] frontend: shut a warning with TCP_MAXSEG 6331 - [BUG] http: update the header list's tail when removing the last header 6332 - [DOC] fix minor typo in the proxy protocol doc 6333 - [DOC] fix typos (http-request instead of http-check) 6334 - [BUG] http: use correct ACL pointer when evaluating authentication 6335 - [BUG] cfgparse: correctly count one socket per port in ranges 6336 - [BUG] startup: set the rlimits before binding ports, not after. 6337 - [BUG] acl: srv_id must return no match when the server is NULL 6338 - [MINOR] acl: add ability to check for internal response-only parameters 6339 - [MINOR] acl: srv_id is only valid in responses 6340 - [MINOR] config: warn if response-only conditions are used in "redirect" rules 6341 - [BUG] acl: fd leak when reading patterns from file 6342 - [DOC] fix minor typo in "usesrc" 6343 - [BUG] http: fix possible incorrect forwarded wrapping chunk size 6344 - [BUG] http: fix computation of message body length after forwarding has started 6345 - [BUG] http: balance url_param did not work with first parameters on POST 6346 - [TESTS] update the url_param regression test to test check_post too 6347 - [DOC] update ROADMAP 6348 - [DOC] internal: reflect the fact that SI_ST_ASS is transient 6349 - [BUG] config: don't crash on empty pattern files. 6350 - [MINOR] stream_interface: make use of an applet descriptor for IO handlers 6351 - [REORG] stream_interface: move the st0, st1 and private members to the applet 6352 - [REORG] stream_interface: split the struct members in 3 parts 6353 - [REORG] session: move client and server address to the stream interface 6354 - [REORG] tcp: make tcpv4_connect_server() take the target address from the SI 6355 - [MEDIUM] stream_interface: store the target pointer and type 6356 - [CLEANUP] stream_interface: remove the applet.handler pointer 6357 - [MEDIUM] log: take the logged server name from the stream interface 6358 - [CLEANUP] session: remove data_source from struct session 6359 - [CLEANUP] stats: make all dump functions only rely on the stream interface 6360 - [REORG] session: move the data_ctx struct to the stream interface's applet 6361 - [MINOR] proxy: add PR_O2_DISPATCH to detect dispatch mode 6362 - [MINOR] cfgparse: only keep one of dispatch, transparent, http_proxy 6363 - [MINOR] session: add a pointer to the new target into the session 6364 - [MEDIUM] session: remove s->prev_srv which is not needed anymore 6365 - [CLEANUP] stream_interface: use inline functions to manipulate targets 6366 - [MAJOR] session: remove the ->srv pointer from struct session 6367 - [MEDIUM] stats: split frontend and backend stats 6368 - [MEDIUM] http: always evaluate http-request rules before stats http-request 6369 - [REORG] http: move the http-request rules to proto_http 6370 - [BUG] http: stats were not incremented on http-request deny 6371 - [MINOR] checks: report it if checks fail due to socket creation error 6372 63732010/11/11 : 1.5-dev3 6374 - [DOC] fix http-request documentation 6375 - [MEDIUM] enable/disable servers from the stats web interface 6376 - [MEDIUM] stats: add an admin level 6377 - [DOC] stats: document the "stats admin" statement 6378 - [MINOR] startup: print the proxy socket which caused an error 6379 - [CLEANUP] Remove unneeded chars allocation 6380 - [MINOR] config: detect options not supported due to compilation options 6381 - [MINOR] Add pattern's fetchs payload and payload_lv 6382 - [MINOR] frontend: improve accept-proxy header parsing 6383 - [MINOR] frontend: add tcpv6 support on accept-proxy bind 6384 - [MEDIUM] Enhance message errors management on binds 6385 - [MINOR] Manage unix socket source field on logs 6386 - [MINOR] Manage unix socket source field on session dump on sock stats 6387 - [MINOR] Support of unix listener sockets for debug and log event messages on frontend.c 6388 - [MINOR] Add some tests on sockets family for port remapping and mode transparent. 6389 - [MINOR] Manage socket type unix for some logs 6390 - [MINOR] Enhance controls of socket's family on acls and pattern fetch 6391 - [MINOR] Support listener's sockets unix on http logs. 6392 - [MEDIUM] Add supports of bind on unix sockets. 6393 - [BUG] stick table purge failure if size less than 255 6394 - [BUG] stick table entries expire on counters updates/read or show table, even if there is no "expire" parameter 6395 - [MEDIUM] Implement tcp inspect response rules 6396 - [DOC] tcp-response content and inspect 6397 - [MINOR] new acls fetch req_ssl_hello_type and rep_ssl_hello_type 6398 - [DOC] acls rep_ssl_hello and req_ssl_hello 6399 - [MEDIUM] Create new protected pattern types CONSTSTRING and CONSTDATA to force memcpy if data from protected areas need to be manipulated. 6400 - [DOC] new type binary in stick-table 6401 - [DOC] stick store-response and new patterns payload and payload_lv 6402 - [MINOR] Manage all types (ip, integer, string, binary) on cli "show table" command 6403 - [MEDIUM] Create updates tree on stick table to manage sync. 6404 - [MAJOR] Add new files src/peer.c, include/proto/peers.h and include/types/peers.h for sync stick table management 6405 - [MEDIUM] Manage peers section parsing and stick table registration on peers. 6406 - [MEDIUM] Manage soft stop on peers proxy 6407 - [DOC] add documentation for peers section 6408 - [MINOR] checks: add support for LDAPv3 health checks 6409 - [MINOR] add better support to "mysql-check" 6410 - [BUG] Restore info about available active/backup servers 6411 - [CONTRIB] Update haproxy.pl 6412 - [CONTRIB] Update Cacti Tempates 6413 - [CONTRIB] add templates for Cacti. 6414 - [BUG] http: don't consider commas as a header delimitor within quotes 6415 - [MINOR] support a global jobs counter 6416 - [DOC] add a summary about cookie incompatibilities between specs and browsers 6417 - [DOC] fix description of cookie "insert" and "indirect" modes 6418 - [MEDIUM] http: fix space handling in the request cookie parser 6419 - [MEDIUM] http: fix space handling in the response cookie parser 6420 - [DOC] fix typo in the queue() definition (backend, not frontend) 6421 - [BUG] deinit: unbind listeners before freeing them 6422 - [BUG] stream_interface: only call si->release when both dirs are closed 6423 - [MEDIUM] buffers: rework the functions to exchange between SI and buffers 6424 - [DOC] fix typo in the avg_queue() and be_conn() definition (backend, not frontend) 6425 - [MINOR] halog: add '-tc' to sort by termination codes 6426 - [MINOR] halog: skip non-traffic logs for -st and -tc 6427 - [BUG] stream_sock: cleanly disable the listener in case of resource shortage 6428 - [BUILD] stream_sock: previous fix lacked the #include, causing a warning. 6429 - [DOC] bind option is "defer-accept", not "defer_accept" 6430 - [DOC] missing index entry for http-check send-state 6431 - [DOC] tcp-request inspect-delay is for backends too 6432 - [BUG] ebtree: string_equal_bits() could return garbage on identical strings 6433 - [BUG] stream_sock: try to flush any extra pending request data after a POST 6434 - [BUILD] proto_http: eliminate some build warnings with gcc-2.95 6435 - [MEDIUM] make it possible to combine http-pretend-keepalived with httpclose 6436 - [MEDIUM] tcp-request : don't wait for inspect-delay to expire when the buffer is full 6437 - [MEDIUM] checks: add support for HTTP contents lookup 6438 - [TESTS] add test-check-expect to test various http-check methods 6439 - [MINOR] global: add "tune.chksize" to change the default check buffer size 6440 - [MINOR] cookie: add options "maxidle" and "maxlife" 6441 - [MEDIUM] cookie: support client cookies with some contents appended to their value 6442 - [MINOR] http: make some room in the transaction flags to extend cookies 6443 - [MINOR] cookie: add the expired (E) and old (O) flags for request cookies 6444 - [MEDIUM] cookie: reassign set-cookie status flags to store more states 6445 - [MINOR] add encode/decode function for 30-bit integers from/to base64 6446 - [MEDIUM] cookie: check for maxidle and maxlife for incoming dated cookies 6447 - [MEDIUM] cookie: set the date in the cookie if needed 6448 - [DOC] document the cookie maxidle and maxlife parameters 6449 - [BUG] checks: don't log backend down for all zero-weight servers 6450 - [MEDIUM] checks: set server state to one state from failure when leaving maintenance 6451 - [BUG] config: report correct keywords for "observe" 6452 - [MINOR] checks: ensure that we can inherit binary checks from the defaults section 6453 - [MINOR] acl: add the http_req_first match 6454 - [DOC] fix typos about bind-process syntax 6455 - [BUG] cookie: correctly unset default cookie parameters 6456 - [MINOR] cookie: add support for the "preserve" option 6457 - [BUG] ebtree: fix duplicate strings insertion 6458 - [CONTRIB] halog: report per-url counts, errors and times 6459 - [CONTRIB] halog: minor speed improvement in timer parser 6460 - [MINOR] buffers: add a new request analyser flag for PROXY mode 6461 - [MINOR] listener: add the "accept-proxy" option to the "bind" keyword 6462 - [MINOR] standard: add read_uint() to parse a delimited unsigned integer 6463 - [MINOR] standard: change arg type from const char* to char* 6464 - [MINOR] frontend: add a new analyser to parse a proxied connection 6465 - [MEDIUM] session: call the frontend_decode_proxy analyser on proxied connections 6466 - [DOC] add the proxy protocol's specifications 6467 - [DOC] document the 'accept-proxy' bind option 6468 - [MINOR] cfgparse: report support of <path> for the 'bind' statements 6469 - [DOC] add references to unix socket handling 6470 - [MINOR] move MAXPATHLEN definition to compat.h 6471 - [MEDIUM] unix sockets: cleanup the error reporting path 6472 - [BUG] session: don't stop forwarding of data upon last packet 6473 - [CLEANUP] accept: replace some inappropriate Alert() calls with send_log() 6474 - [BUILD] peers: shut a printf format warning (key_size is a size_t) 6475 - [BUG] accept: don't close twice upon error 6476 - [OPTIM] session: don't recheck analysers when buffer flags have not changed 6477 - [OPTIM] stream_sock: don't clear FDs that are already cleared 6478 - [BUG] proto_tcp: potential bug on pattern fetch dst and dport 6479 64802010/08/28 : 1.5-dev2 6481 - [MINOR] startup: release unused structs after forking 6482 - [MINOR] startup: don't wait for nothing when no old pid remains 6483 - [CLEANUP] reference product branch 1.5 6484 - [MEDIUM] signals: add support for registering functions and tasks 6485 - [MEDIUM] signals: support redistribution of signal zero when stopping 6486 - [BUG] http: don't set auto_close if more data are expected 6487 64882010/08/25 : 1.5-dev1 6489 - [BUG] stats: session rate limit gets garbaged in the stats 6490 - [DOC] mention 'option http-server-close' effect in Tq section 6491 - [DOC] summarize and highlight persistent connections behaviour 6492 - [DOC] add configuration samples 6493 - [BUG] http: dispatch and http_proxy modes were broken for a long time 6494 - [BUG] http: the transaction must be initialized even in TCP mode 6495 - [BUG] tcp: dropped connections must be counted as "denied" not "failed" 6496 - [BUG] consistent hash: balance on all servers, not only 2 ! 6497 - [CONTRIB] halog: report per-server status codes, errors and response times 6498 - [BUG] http: the transaction must be initialized even in TCP mode (part 2) 6499 - [BUG] client: always ensure to zero rep->analysers 6500 - [BUG] session: clear BF_READ_ATTACHED before next I/O 6501 - [BUG] http: automatically close response if req is aborted 6502 - [BUG] proxy: connection rate limiting was eating lots of CPU 6503 - [BUG] http: report correct flags in case of client aborts during body 6504 - [TESTS] refine non-regression tests and add 4 new tests 6505 - [BUG] debug: wrong pointer was used to report a status line 6506 - [BUG] debug: correctly report truncated messages 6507 - [DOC] document the "dispatch" keyword 6508 - [BUG] stick_table: fix possible memory leak in case of connection error 6509 - [CLEANUP] acl: use 'L6' instead of 'L4' in ACL flags relying on contents 6510 - [MINOR] accept: count the incoming connection earlier 6511 - [CLEANUP] tcp: move some non tcp-specific layer6 processing out of proto_tcp 6512 - [CLEANUP] client: move some ACLs away to their respective locations 6513 - [CLEANUP] rename client -> frontend 6514 - [MEDIUM] separate protocol-level accept() from the frontend's 6515 - [MINOR] proxy: add a list to hold future layer 4 rules 6516 - [MEDIUM] config: parse tcp layer4 rules (tcp-request accept/reject) 6517 - [MEDIUM] tcp: check for pure layer4 rules immediately after accept() 6518 - [OPTIM] frontend: tell the compiler that errors are unlikely to occur 6519 - [MEDIUM] frontend: check for LI_O_TCP_RULES in the listener 6520 - [MINOR] frontend: only check for monitor-net rules if LI_O_CHK_MONNET is set 6521 - [CLEANUP] buffer->cto is not used anymore 6522 - [MEDIUM] session: finish session establishment sequence in with I/O handlers 6523 - [MEDIUM] session: initialize server-side timeouts after connect() 6524 - [MEDIUM] backend: initialize the server stream_interface upon connect() 6525 - [MAJOR] frontend: don't initialize the server-side stream_int anymore 6526 - [MEDIUM] session: move the conn_retries attribute to the stream interface 6527 - [MEDIUM] session: don't assign conn_retries upon accept() anymore 6528 - [MINOR] frontend: rely on the frontend and not the backend for INDEPSTR 6529 - [MAJOR] frontend: reorder the session initialization upon accept 6530 - [MINOR] proxy: add an accept() callback for the application layer 6531 - [MAJOR] frontend: split accept() into frontend_accept() and session_accept() 6532 - [MEDIUM] stats: rely on the standard session_accept() function 6533 - [MINOR] buffer: refine the flags that may wake an analyser up. 6534 - [MINOR] stream_sock: don't dereference a non-existing frontend 6535 - [MINOR] session: differenciate between accepted connections and received connections 6536 - [MEDIUM] frontend: count the incoming connection earlier 6537 - [MINOR] frontend: count denied TCP requests separately 6538 - [CLEANUP] stick_table: add/clarify some comments 6539 - [BUILD] memory: add a few missing parenthesis to the pool management macros 6540 - [MINOR] stick_table: add support for variable-sized data 6541 - [CLEANUP] stick_table: rename some stksess struct members to avoid confusion 6542 - [CLEANUP] stick_table: move pattern to key functions to stick_table.c 6543 - [MEDIUM] stick_table: add room for extra data types 6544 - [MINOR] stick_table: add support for "conn_cum" data type. 6545 - [MEDIUM] stick_table: don't overwrite data when storing an entry 6546 - [MINOR] config: initialize stick tables after all the parsing 6547 - [MINOR] stick_table: provide functions to return stksess data from a type 6548 - [MEDIUM] stick_table: move the server ID to a generic data type 6549 - [MINOR] stick_table: enable it for frontends too 6550 - [MINOR] stick_table: export the stick_table_key 6551 - [MINOR] tcp: add per-source connection rate limiting 6552 - [MEDIUM] stick_table: separate storage and update of session entries 6553 - [MEDIUM] stick-tables: add a reference counter to each entry 6554 - [MINOR] session: add a pointer to the tracked counters for the source 6555 - [CLEANUP] proto_tcp: make the config parser a little bit more flexible 6556 - [BUG] config: report the correct proxy type in tcp-request errors 6557 - [MINOR] config: provide a function to quote args in a more friendly way 6558 - [BUG] stick_table: the fix for the memory leak caused a regression 6559 - [MEDIUM] backend: support servers on 0.0.0.0 6560 - [BUG] stick-table: correctly refresh expiration timers 6561 - [MEDIUM] stream-interface: add a ->release callback 6562 - [MINOR] proxy: add a "parent" member to the structure 6563 - [MEDIUM] session: make it possible to call an I/O handler on both SI 6564 - [MINOR] tools: add a fast div64_32 function 6565 - [MINOR] freq_ctr: add new types and functions for periods different from 1s 6566 - [MINOR] errors: provide new status codes for config parsing functions 6567 - [BUG] http: denied requests must not be counted as denied resps in listeners 6568 - [MINOR] tools: add a get_std_op() function to parse operators 6569 - [MEDIUM] acl: make use of get_std_op() to parse intger ranges 6570 - [MAJOR] stream_sock: better wakeup conditions on read() 6571 - [BUG] session: analysers must be checked when SI state changes 6572 - [MINOR] http: reset analysers to listener's, not frontend's 6573 - [MEDIUM] session: support "tcp-request content" rules in backends 6574 - [BUILD] always match official tags when doing git-tar 6575 - [MAJOR] stream_interface: fix the wakeup conditions for embedded iohandlers 6576 - [MEDIUM] buffer: make buffer_feed* support writing non-contiguous chunks 6577 - [MINOR] tcp: src_count acl does not have a permanent result 6578 - [MAJOR] session: add track-counters to track counters related to the session 6579 - [MINOR] stick-table: provide a table lookup function 6580 - [MINOR] stick-table: use suffix "_cnt" for cumulated counts 6581 - [MEDIUM] session: move counter ACL fetches from proto_tcp 6582 - [MEDIUM] session: add concurrent connections counter 6583 - [MEDIUM] session: add data in and out volume counters 6584 - [MINOR] session: add the trk_conn_cnt ACL keyword to track connection counts 6585 - [MEDIUM] session-counters: automatically update tracked connection count 6586 - [MINOR] session: add the trk_conn_cur ACL keyword to track concurrent connection 6587 - [MINOR] session: add trk_kbytes_* ACL keywords to track data size 6588 - [MEDIUM] session: add a counter on the cumulated number of sessions 6589 - [MINOR] config: support a comma-separated list of store data types in stick-table 6590 - [MEDIUM] stick-tables: add support for arguments to data_types 6591 - [MEDIUM] stick-tables: add stored data argument type checking 6592 - [MEDIUM] session counters: add conn_rate and sess_rate counters 6593 - [MEDIUM] session counters: add bytes_in_rate and bytes_out_rate counters 6594 - [MINOR] stktable: add a stktable_update_key() function 6595 - [MINOR] session-counters: add a general purpose counter (gpc0) 6596 - [MEDIUM] session-counters: add HTTP req/err tracking 6597 - [MEDIUM] stats: add "show table [<name>]" to dump a stick-table 6598 - [MEDIUM] stats: add "clear table <name> key <value>" to clear table entries 6599 - [CLEANUP] stick-table: declare stktable_data_types as extern 6600 - [MEDIUM] stick-table: make use of generic types for stored data 6601 - [MINOR] stats: correctly report errors on "show table" and "clear table" 6602 - [MEDIUM] stats: add the ability to dump table entries matching criteria 6603 - [DOC] configuration: document all the new tracked counters 6604 - [DOC] stats: document "show table" and "clear table" 6605 - [MAJOR] session-counters: split FE and BE track counters 6606 - [MEDIUM] tcp: accept the "track-counters" in "tcp-request content" rules 6607 - [MEDIUM] session counters: automatically remove expired entries. 6608 - [MEDIUM] config: replace 'tcp-request <action>' with "tcp-request connection" 6609 - [MEDIUM] session-counters: make it possible to count connections from frontend 6610 - [MINOR] session-counters: use "track-sc{1,2}" instead of "track-{fe,be}-counters" 6611 - [MEDIUM] session-counters: correctly unbind the counters tracked by the backend 6612 - [CLEANUP] stats: use stksess_kill() to remove table entries 6613 - [DOC] update the references to session counters and to tcp-request connection 6614 - [DOC] cleanup: split a few long lines 6615 - [MEDIUM] http: forward client's close when abortonclose is set 6616 - [BUG] queue: don't dequeue proxy-global requests on disabled servers 6617 - [BUG] stats: global stats timeout may be specified before stats socket. 6618 - [BUG] conf: add tcp-request content rules to the correct list 6619 66202010/05/23 : 1.5-dev0 6621 - exact copy of 1.4.6 6622 66232010/05/16 : 1.4.6 6624 - [BUILD] ebtree: update to v6.0.1 to remove references to dprintf() 6625 - [CLEANUP] acl: make use of eb_is_empty() instead of open coding the tree's emptiness test 6626 - [MINOR] acl: add srv_is_up() to check that a specific server is up or not 6627 - [DOC] add a few precisions about the use of RDP cookies 6628 66292010/05/13 : 1.4.5 6630 - [DOC] report minimum kernel version for tproxy in the Makefile 6631 - [MINOR] add the "ignore-persist" option to conditionally ignore persistence 6632 - [DOC] add the "ignore-persist" option to conditionally ignore persistence 6633 - [DOC] fix ignore-persist/force-persist documentation 6634 - [BUG] cttproxy: socket fd leakage in check_cttproxy_version 6635 - [DOC] doc/configuration.txt: fix typos 6636 - [MINOR] option http-pretend-keepalive is both for FEs and BEs 6637 - [MINOR] fix possible crash in debug mode with invalid responses 6638 - [MINOR] halog: add support for statisticts on status codes 6639 - [OPTIM] halog: use a faster zero test in fgets() 6640 - [OPTIM] halog: minor speedup by using unlikely() 6641 - [OPTIM] halog: speed up fgets2-64 by about 10% 6642 - [DOC] refresh the README file and merge the CONTRIB file into it 6643 - [MINOR] acl: support loading values from files 6644 - [MEDIUM] ebtree: upgrade to version 6.0 6645 - [MINOR] acl trees: add flags and union members to store values in trees 6646 - [MEDIUM] acl: add ability to insert patterns in trees 6647 - [MEDIUM] acl: add tree-based lookups of exact strings 6648 - [MEDIUM] acl: add tree-based lookups of networks 6649 - [MINOR] acl: ignore empty lines and comments in pattern files 6650 - [MINOR] stick-tables: add support for "stick on hdr" 6651 66522010/04/07 : 1.4.4 6653 - [BUG] appsession should match the whole cookie name 6654 - [CLEANUP] proxy: move PR_O_SSL3_CHK to options2 to release one flag 6655 - [MEDIUM] backend: move the transparent proxy address selection to backend 6656 - [MINOR] add very fast IP parsing functions 6657 - [MINOR] add new tproxy flags for dynamic source address binding 6658 - [MEDIUM] add ability to connect to a server from an IP found in a header 6659 - [BUILD] config: last patch breaks build without CONFIG_HAP_LINUX_TPROXY 6660 - [MINOR] http: make it possible to pretend keep-alive when doing close 6661 - [MINOR] config: report "default-server" instead of "(null)" in error messages 6662 66632010/03/30 : 1.4.3 6664 - [CLEANUP] stats: remove printf format warning in stats_dump_full_sess_to_buffer() 6665 - [MEDIUM] session: better fix for connection to servers with closed input 6666 - [DOC] indicate in the doc how to bind to port ranges 6667 - [BUG] backend: L7 hashing must not be performed on incomplete requests 6668 - [TESTS] add a simple program to test connection resets 6669 - [MINOR] cli: "show errors" should display "backend <NONE>" when backend was not used 6670 - [MINOR] config: emit warnings when HTTP-only options are used in TCP mode 6671 - [MINOR] config: allow "slowstart 0s" 6672 - [BUILD] 'make tags' did not consider files ending in '.c' 6673 - [MINOR] checks: add the ability to disable a server in the config 6674 66752010/03/17 : 1.4.2 6676 - [CLEANUP] product branch update 6677 - [DOC] Some more documentation cleanups 6678 - [BUG] clf logs segfault when capturing a non existant header 6679 - [OPTIM] config: only allocate check buffer when checks are enabled 6680 - [MEDIUM] checks: support multi-packet health check responses 6681 - [CLEANUP] session: remove duplicate test 6682 - [BUG] http: don't wait for response data to leave buffer is client has left 6683 - [MINOR] proto_uxst: set accept_date upon accept() to the wall clock time 6684 - [MINOR] stats: don't send empty lines in "show errors" 6685 - [MINOR] stats: make the data dump function reusable for other purposes 6686 - [MINOR] stats socket: add show sess <id> to dump details about a session 6687 - [BUG] stats: connection reset counters must be plain ascii, not HTML 6688 - [BUG] url_param hash may return a down server 6689 - [MINOR] force null-termination of hostname 6690 - [MEDIUM] connect to servers even when the input has already been closed 6691 - [BUG] don't merge anonymous ACLs ! 6692 - [BUG] config: fix endless loop when parsing "on-error" 6693 - [MINOR] http: don't mark a server as failed when it returns 501/505 6694 - [OPTIM] checks: try to detect the end of response without polling again 6695 - [BUG] checks: don't report an error when recv() returns an error after data 6696 - [BUG] checks: don't abort when second poll returns an error 6697 - [MINOR] checks: make shutdown() silently fail 6698 - [BUG] http: fix truncated responses on chunk encoding when size divides buffer size 6699 - [BUG] init: unconditionally catch SIGPIPE 6700 - [BUG] checks: don't wait for a close to start parsing the response 6701 67022010/03/04 : 1.4.1 6703 - [BUG] Clear-cookie path issue 6704 - [DOC] fix typo on stickiness rules 6705 - [BUILD] fix BSD and OSX makefiles for missing files 6706 - [BUILD] includes order breaks OpenBSD build 6707 - [BUILD] fix some build warnings on Solaris with is* macros 6708 - [BUG] logs: don't report "last data" when we have just closed after an error 6709 - [BUG] logs: don't report "proxy request" when server closes early 6710 - [BUILD] fix platform-dependant build issues related to crypt() 6711 - [STATS] count transfer aborts caused by client and by server 6712 - [STATS] frontend requests were not accounted for failed requests 6713 - [MINOR] report total number of processed connections when stopping a proxy 6714 - [DOC] be more clear about the limitation to one single monitor-net entry 6715 67162010/02/26 : 1.4.0 6717 - [MINOR] stats: report maint state for tracking servers too 6718 - [DOC] fix summary to add pattern extraction 6719 - [DOC] Documentation cleanups 6720 - [BUG] cfgparse memory leak and missing free calls in deinit() 6721 - [BUG] pxid/puid/luid: don't shift IDs when some of them are forced 6722 - [EXAMPLES] add auth.cfg 6723 - [BUG] uri_auth: ST_SHLGNDS should be 0x00000008 not 0x0000008 6724 - [BUG] uri_auth: do not attemp to convert uri_auth -> http-request more than once 6725 - [BUILD] auth: don't use unnamed unions 6726 - [BUG] config: report unresolvable host names as errors 6727 - [BUILD] fix build breakage with DEBUG_FULL 6728 - [DOC] fix a typo about timeout check and clarify the explanation. 6729 - [MEDIUM] http: don't use trash to realign large buffers 6730 - [STATS] report HTTP requests (total and rate) in frontends 6731 - [STATS] separate frontend and backend HTTP stats 6732 - [MEDIUM] http: revert to use a swap buffer for realignment 6733 - [MINOR] stats: report the request rate in frontends as cell titles 6734 - [MINOR] stats: mark areas with an underline when tooltips are available 6735 - [DOC] reorder some entries to maintain the alphabetical order 6736 - [DOC] cleanup of the keyword matrix 6737 67382010/02/02 : 1.4-rc1 6739 - [MEDIUM] add a maintenance mode to servers 6740 - [MINOR] http-auth: last fix was wrong 6741 - [CONTRIB] add base64rev-gen.c that was used to generate the base64rev table. 6742 - [MINOR] Base64 decode 6743 - [MINOR] generic auth support with groups and encrypted passwords 6744 - [MINOR] add ACL_TEST_F_NULL_MATCH 6745 - [MINOR] http-request: allow/deny/auth support for frontend/backend/listen 6746 - [MINOR] acl: add http_auth and http_auth_group 6747 - [MAJOR] use the new auth framework for http stats 6748 - [DOC] add info about userlists, http-request and http_auth/http_auth_group acls 6749 - [STATS] make it possible to change a CLI connection timeout 6750 - [BUG] patterns: copy-paste typo in type conversion arguments 6751 - [MINOR] pattern: make the converter more flexible by supporting void* and int args 6752 - [MINOR] standard: str2mask: string to netmask converter 6753 - [MINOR] pattern: add support for argument parsers for converters 6754 - [MINOR] pattern: add the "ipmask()" converting function 6755 - [MINOR] config: off-by-one in "stick-table" after list of converters 6756 - [CLEANUP] acl, patterns: make use of my_strndup() instead of malloc+memcpy 6757 - [BUG] restore accidentely removed line in last patch ! 6758 - [MINOR] checks: make the HTTP check code add the CRLF itself 6759 - [MINOR] checks: add the server's status in the checks 6760 - [BUILD] halog: make without arch-specific optimizations 6761 - [BUG] halog: fix segfault in case of empty log in PCT mode (cherry picked from commit fe362fe4762151d209b9656639ee1651bc2b329d) 6762 - [MINOR] http: disable keep-alive when process is going down 6763 - [MINOR] acl: add build_acl_cond() to make it easier to add ACLs in config 6764 - [CLEANUP] config: use build_acl_cond() instead of parse_acl_cond() 6765 - [CLEANUP] config: use warnif_cond_requires_resp() to check for bad ACLs 6766 - [MINOR] prepare req_*/rsp_* to receive a condition 6767 - [CLEANUP] config: specify correct const char types to warnif_* functions 6768 - [MEDIUM] config: factor out the parsing of 20 req*/rsp* keywords 6769 - [MEDIUM] http: make the request filter loop check for optional conditions 6770 - [MEDIUM] http: add support for conditional request filter execution 6771 - [DOC] add some build info about the AIX platform (cherry picked from commit e41914c77edbc40aebf827b37542d37d758e371e) 6772 - [MEDIUM] http: add support for conditional request header addition 6773 - [MEDIUM] http: add support for conditional response header rewriting 6774 - [DOC] add some missing ACLs about response header matching 6775 - [MEDIUM] http: add support for proxy authentication 6776 - [MINOR] http-auth: make the 'unless' keyword work as expected 6777 - [CLEANUP] config: use build_acl_cond() to simplify http-request ACL parsing 6778 - [MEDIUM] add support for anonymous ACLs 6779 - [MEDIUM] http: switch to tunnel mode after status 101 responses 6780 - [MEDIUM] http: stricter processing of the CONNECT method 6781 - [BUG] config: reset check request to avoid double free when switching to ssl/sql 6782 - [MINOR] config: fix too large ssl-hello-check message. 6783 - [BUG] fix error response in case of server error 6784 67852010/01/25 : 1.4-dev8 6786 - [CLEANUP] Keep in sync "defaults" support between documentation and code 6787 - [MEDIUM] http: add support for Proxy-Connection header 6788 - [CRITICAL] buffers: buffer_insert_line2 must not change the ->w entry 6789 - [MINOR] http: remove a copy-paste typo in transaction cleaning 6790 - [BUG] http: trim any excess buffer data when recycling a connection 6791 67922010/01/25 : 1.4-dev7 6793 - [BUG] appsession: possible memory leak in case of out of memory condition 6794 - [MINOR] config: don't accept 'appsession' in defaults section 6795 - [MINOR] Add function to parse a size in configuration 6796 - [MEDIUM] Add stick table (persistence) management functions and types 6797 - [MEDIUM] Add pattern fetch management types and functions 6798 - [MEDIUM] Add src dst and dport pattern fetches. 6799 - [MEDIUM] Add stick table configuration and init. 6800 - [MEDIUM] Add stick and store rules analysers. 6801 - [MINOR] add option "mysql-check" to use MySQL health checks 6802 - [BUG] health checks: fix requeued message 6803 - [OPTIM] remove SSP_O_VIA and SSP_O_STATUS 6804 - [BUG] checks: fix newline termination 6805 - [MINOR] acl: add fe_id/so_id to match frontend's and socket's id 6806 - [BUG] appsession's sessid must be reset at end of transaction 6807 - [BUILD] appsession did not build anymore under gcc-2.95 6808 - [BUG] server redirection used an uninitialized string. 6809 - [MEDIUM] http: fix handling of message pointers 6810 - [MINOR] http: fix double slash prefix with server redirect 6811 - [MINOR] http redirect: add the ability to append a '/' to the URL 6812 - [BUG] stream_interface: fix retnclose and remove cond_close 6813 - [MINOR] http redirect: don't explicitly state keep-alive on 1.1 6814 - [MINOR] http: move appsession 'sessid' from session to http_txn 6815 - [OPTIM] reorder http_txn to optimize cache lines placement 6816 - [MINOR] http: differentiate waiting for new request and waiting for a complete requst 6817 - [MINOR] http: add a separate "http-keep-alive" timeout 6818 - [MINOR] config: remove undocumented and buggy 'timeout appsession' 6819 - [DOC] fix various too large lines 6820 - [DOC] remove several trailing spaces 6821 - [DOC] add the doc about stickiness 6822 - [BUILD] remove a warning in standard.h on AIX 6823 - [BUG] checks: chars are unsigned on AIX, check was always true 6824 - [CLEANUP] stream_sock: MSG_NOSIGNAL is only for send(), not recv() 6825 - [BUG] check: we must not check for error before reading a response 6826 - [BUG] buffers: remove remains of wrong obsolete length check 6827 - [OPTIM] stream_sock: don't shutdown(write) when the socket is in error 6828 - [BUG] http: don't count req errors on client resets or t/o during keep-alive 6829 - [MEDIUM] http: don't switch to tunnel mode upon close 6830 - [DOC] add documentation about connection header processing 6831 - [MINOR] http: add http_remove_header2() to remove a header value. 6832 - [MINOR] tools: add a "word_match()" function to match words and ignore spaces 6833 - [MAJOR] http: rework request Connection header handling 6834 - [MAJOR] http: rework response Connection header handling 6835 - [MINOR] add the ability to force kernel socket buffer size. 6836 - [BUG] http_server_error() must not purge a previous pending response 6837 - [OPTIM] http: don't delay response if next request is incomplete 6838 - [MINOR] add the "force-persist" statement to force persistence on down servers 6839 - [MINOR] http: logs must report persistent connections to down servers 6840 - [BUG] buffer_replace2 must never change the ->w entry 6841 68422010/01/08 : 1.4-dev6 6843 - [BUILD] warning in stream_interface.h 6844 - [BUILD] warning ultoa_r returns char * 6845 - [MINOR] hana: only report stats if it is enabled 6846 - [MINOR] stats: add "a link" & "a href" for sockets 6847 - [MINOR]: stats: add show-legends to report additional informations 6848 - [MEDIUM] default-server support 6849 - [BUG]: add 'observer', 'on-error', 'error-limit' to supported options list 6850 - [MINOR] stats: add href to tracked server 6851 - [BUG] stats: show UP/DOWN status also in tracking servers 6852 - [DOC] Restore ability to search a keyword at the beginning of a line 6853 - [BUG] stats: cookie should be reported under backend not under proxy 6854 - [BUG] cfgparser/stats: fix error message 6855 - [BUG] http: disable auto-closing during chunk analysis 6856 - [BUG] http: fix hopefully last closing issue on data forwarding 6857 - [DEBUG] add an http_silent_debug function to debug HTTP states 6858 - [MAJOR] http: fix again the forward analysers 6859 - [BUG] http_process_res_common() must not skip the forward analyser 6860 - [BUG] http: some possible missed close remain in the forward chain 6861 - [BUG] http: redirect needed to be updated after recent changes 6862 - [BUG] http: don't set no-linger on response in case of forced close 6863 - [MEDIUM] http: restore the original behaviour of option httpclose 6864 - [TESTS] add a file to test various connection modes 6865 - [BUG] http: check options before the connection header 6866 - [MAJOR] session: fix the order by which the analysers are run 6867 - [MEDIUM] session: also consider request analysers added during response 6868 - [MEDIUM] http: make safer use of the DONT_READ and AUTO_CLOSE flags 6869 - [BUG] http: memory leak with captures when using keep-alive 6870 - [BUG] http: fix for capture memory leak was incorrect 6871 - [MINOR] http redirect: use proper call to return last response 6872 - [MEDIUM] http: wait for some flush of the response buffer before a new request 6873 - [MEDIUM] session: limit the number of analyser loops 6874 68752010/01/03 : 1.4-dev5 6876 - [MINOR] server tracking: don't care about the tracked server's mode 6877 - [MEDIUM] appsession: add "len", "prefix" and "mode" options 6878 - [MEDIUM] appsession: add the "request-learn" option 6879 - [BUG] Configuration parser bug when escaping characters 6880 - [MINOR] CSS & HTML fun 6881 - [MINOR] Collect & provide http response codes received from servers 6882 - [BUG] Fix silly typo: hspr_other -> hrsp_other 6883 - [MINOR] Add "a name" to stats page 6884 - [MINOR] add additional "a href"s to stats page 6885 - [MINOR] Collect & provide http response codes for frontends, fix backends 6886 - [DOC] some small spell fixes and unifications 6887 - [MEDIUM] Decrease server health based on http responses / events, version 3 6888 - [BUG] format '%d' expects type 'int', but argument 5 has type 'long int' 6889 - [BUG] config: fix erroneous check on cookie domain names, again 6890 - [BUG] Healthchecks: get a proper error code if connection cannot be completed immediately 6891 - [DOC] trivial fix for man page 6892 - [MINOR] config: report all supported options for the "bind" keyword 6893 - [MINOR] tcp: add support for the defer_accept bind option 6894 - [MINOR] unix socket: report the socket path in case of bind error 6895 - [CONTRIB] halog: support searching by response time 6896 - [DOC] add a reminder about obsolete documents 6897 - [DOC] point to 1.4 doc, not 1.3 6898 - [DOC] option tcp-smart-connect was missing from index 6899 - [MINOR] http: detect connection: close earlier 6900 - [CLEANUP] sepoll: clean up the fd_clr/fd_set functions 6901 - [OPTIM] move some rarely used fields out of fdtab 6902 - [MEDIUM] fd: merge fd_list into fdtab 6903 - [MAJOR] buffer: flag BF_DONT_READ to disable reads when not required 6904 - [MINOR] http: add new transaction flags for keep-alive and content-length 6905 - [MEDIUM] http request: parse connection, content-length and transfer-encoding 6906 - [MINOR] http request: update the TX_SRV_CONN_KA flag on rewrite 6907 - [MINOR] http request: simplify the test of no-data 6908 - [MEDIUM] http request: simplify POST length detection 6909 - [MEDIUM] http request: make use of pre-parsed transfer-encoding header 6910 - [MAJOR] http: create the analyser which waits for a response 6911 - [MINOR] http: pre-set the persistent flags in the transaction 6912 - [MEDIUM] http response: check body length and set transaction flags 6913 - [MINOR] http response: update the TX_CLI_CONN_KA flag on rewrite 6914 - [MINOR] http: remove the last call to stream_int_return 6915 - [IMPORT] import ebtree v5.0 into directory ebtree/ 6916 - [MEDIUM] build: switch ebtree users to use new ebtree version 6917 - [CLEANUP] ebtree: remove old unused files 6918 - [BUG] definitely fix regparm issues between haproxy core and ebtree 6919 - [CLEANUP] ebtree: cast to char * to get rid of gcc warning 6920 - [BUILD] missing #ifndef in ebmbtree.h 6921 - [BUILD] missing #ifndef in ebsttree.h 6922 - [MINOR] tools: add hex2i() function to convert hex char to int 6923 - [MINOR] http: create new MSG_BODY sub-states 6924 - [BUG] stream_sock: BUF_INFINITE_FORWARD broke splice on 64-bit platforms 6925 - [DOC] option is "defer-accept", not "defer_accept" 6926 - [MINOR] http: keep pointer to beginning of data 6927 - [BUG] x-original-to: name was not set in default instance 6928 - [MINOR] http: detect tunnel mode and set it in the session 6929 - [BUG] config: fix error message when config file is not found 6930 - [BUG] config: fix wrong handling of too large argument count 6931 - [BUG] config: disable 'option httplog' on TCP proxies 6932 - [BUG] config: fix erroneous check on cookie domain names 6933 - [BUG] config: cookie domain was ignored in defaults sections 6934 - [MINOR] config: support passing multiple "domain" statements to cookies 6935 - [MINOR] ebtree: add functions to lookup non-null terminated strings 6936 - [MINOR] config: don't report error on all subsequent files on failure 6937 - [BUG] second fix for the printf format warning 6938 - [BUG] check_post: limit analysis to the buffer length 6939 - [MEDIUM] http: process request body in a specific analyser 6940 - [MEDIUM] backend: remove HTTP POST parsing from get_server_ph_post() 6941 - [MAJOR] http: completely process the "connection" header 6942 - [MINOR] http: only consider chunk encoding with HTTP/1.1 6943 - [MAJOR] buffers: automatically compute the maximum buffer length 6944 - [MINOR] http: move the http transaction init/cleanup code to proto_http 6945 - [MINOR] http: move 1xx handling earlier to eliminate a lot of ifs 6946 - [MINOR] http: introduce a new synchronisation state : HTTP_MSG_DONE 6947 - [MEDIUM] http: rework chunk-size parser 6948 - [MEDIUM] http: add a new transaction flags indicating if we know the transfer length 6949 - [MINOR] buffers: add buffer_ignore() to skip some bytes 6950 - [BUG] http: offsets are relative to the buffer, not to ->som 6951 - [MEDIUM] http: automatically re-aling request buffer 6952 - [BUG] http: body parsing must consider the start of message 6953 - [MINOR] new function stream_int_cond_close() 6954 - [MAJOR] http: implement body parser 6955 - [BUG] http: typos on several unlikely() around header insertion 6956 - [BUG] stream_sock: wrong max computation on recv 6957 - [MEDIUM] http: rework the buffer alignment logic 6958 - [BUG] buffers: wrong size calculation for displaced data 6959 - [MINOR] stream_sock: prepare for closing when all pending data are sent 6960 - [MEDIUM] http: add two more states for the closing period 6961 - [MEDIUM] http: properly handle "option forceclose" 6962 - [MINOR] stream_sock: add SI_FL_NOLINGER for faster close 6963 - [MEDIUM] http: make forceclose use SI_FL_NOLINGER 6964 - [MEDIUM] session: set SI_FL_NOLINGER when aborting on write timeouts 6965 - [MEDIUM] http: add some SI_FL_NOLINGER around server errors 6966 - [MINOR] config: option forceclose is valid in frontends too 6967 - [BUILD] halog: insufficient include path in makefile 6968 - [MEDIUM] http: make the analyser not rely on msg being initialized anymore 6969 - [MEDIUM] http: make the parsers able to wait for a buffer flush 6970 - [MAJOR] http: add support for option http-server-close 6971 - [BUG] http: ensure we abort data transfer on write error 6972 - [BUG] last fix was overzealous and disabled server-close 6973 - [BUG] http: fix erroneous trailers size computation 6974 - [MINOR] stream_sock: enable MSG_MORE when forwarding finite amount of data 6975 - [OPTIM] http: set MSG_MORE on response when a pipelined request is pending 6976 - [BUG] http: redirects were broken by chunk changes 6977 - [BUG] http: the request URI pointer is relative to the buffer 6978 - [OPTIM] http: don't immediately enable reading on request 6979 - [MINOR] http: move redirect messages to HTTP/1.1 with a content-length 6980 - [BUG] http: take care of errors, timeouts and aborts during the data phase 6981 - [MINOR] http: don't wait for sending requests to the server 6982 - [MINOR] http: make the conditional redirect support keep-alive 6983 - [BUG] http: fix cookie parser to support spaces and commas in values 6984 - [MINOR] config: some options were missing for "redirect" 6985 - [MINOR] redirect: add support for unconditional rules 6986 - [MINOR] config: centralize proxy struct initialization 6987 - [MEDIUM] config: remove the limitation of 10 reqadd/rspadd statements 6988 - [MEDIUM] config: remove the limitation of 10 config files 6989 - [CLEANUP] http: remove a remaining impossible condition 6990 - [OPTIM] http: optimize a bit the construct of the forward loops 6991 69922009/10/12 : 1.4-dev4 6993 - [DOC] add missing rate_lim and rate_max 6994 - [MAJOR] struct chunk rework 6995 - [MEDIUM] Health check reporting code rework + health logging, v3 6996 - [BUG] check if rise/fall has an argument and it is > 0 6997 - [MINOR] health checks logging unification 6998 - [MINOR] add "description", "node" and show-node"/"show-desc", remove "node-name", v2 6999 - [MINOR] Allow dots in show-node & add "white-space: nowrap" in th.pxname. 7000 - [DOC] Add information about http://haproxy.1wt.eu/contrib.html 7001 - [MINOR] Introduce include/types/counters.h 7002 - [CLEANUP] Move counters to dedicated structures 7003 - [MINOR] Add "clear counters" to clear statistics counters 7004 - [MEDIUM] Collect & provide separate statistics for sockets, v2 7005 - [BUG] Fix NULL pointer dereference in stats_check_uri_auth(), v2 7006 - [MINOR] acl: don't report valid acls as potential mistakes 7007 - [MINOR] Add cut_crlf(), ltrim(), rtrim() and alltrim() 7008 - [MINOR] Add chunk_htmlencode and chunk_asciiencode 7009 - [MINOR] Capture & display more data from health checks, v2 7010 - [BUG] task.c: don't assing last_timer to node-less entries 7011 - [BUG] http stats: large outputs sometimes got some parts chopped off 7012 - [MINOR] backend: export some functions to recount servers 7013 - [MINOR] backend: uninline some LB functions 7014 - [MINOR] include time.h from freq_ctr.h as is uses "now". 7015 - [CLEANUP] backend: move LB algos to individual files 7016 - [MINOR] lb_map: reorder code in order to ease integration of new hash functions 7017 - [CLEANUP] proxy: move last lb-specific bits to their respective files 7018 - [MINOR] backend: separate declarations of LB algos from their lookup method 7019 - [MINOR] backend: reorganize the LB algorithm selection 7020 - [MEDIUM] backend: introduce the "static-rr" LB algorithm 7021 - [MINOR] report list of supported pollers with -vv 7022 - [DOC] log-health-checks is an option, not a directive 7023 - [MEDIUM] new option "independant-streams" to stop updating read timeout on writes 7024 - [BUG] stats: don't call buffer_shutw(), but ->shutw() instead 7025 - [MINOR] stats: strip CR and LF from the input command line 7026 - [BUG] don't refresh timeouts late after detected activity 7027 - [MINOR] stats_dump_errors_to_buffer: use buffer_feed_chunk() 7028 - [MINOR] stats_dump_sess_to_buffer: use buffer_feed_chunk() 7029 - [MINOR] stats: make stats_dump_raw_to_buffer() use buffer_feed_chunk 7030 - [MEDIUM] stats: don't use s->ana_state anymore 7031 - [MINOR] remove now obsolete ana_state from the session struct 7032 - [MEDIUM] stats: make HTTP stats use an I/O handler 7033 - [MEDIUM] stream_int: adjust WAIT_ROOM handling 7034 - [BUG] config: look for ID conflicts in all sockets, not only last ones. 7035 - [MINOR] config: reference file and line with any listener/proxy/server declaration 7036 - [MINOR] config: report places of duplicate names or IDs 7037 - [MINOR] config: add pointer to file name in block/redirect/use_backend/monitor rules 7038 - [MINOR] tools: add a new get_next_id() function 7039 - [MEDIUM] config: automatically find unused IDs for proxies, servers and listeners 7040 - [OPTIM] counters: move some max numbers to the counters struct 7041 - [BUG] counters: fix segfault on missing counters for a listener 7042 - [MEDIUM] backend: implement consistent hashing variation 7043 - [MINOR] acl: add fe_conn, be_conn, queue, avg_queue 7044 - [MINOR] stats: use 'clear counters all' to clear all values 7045 - [MEDIUM] add access restrictions to the stats socket 7046 - [MINOR] buffers: add buffer_feed2() and make buffer_feed() measure string length 7047 - [MINOR] proxy: provide function to retrieve backend/server pointers 7048 - [MINOR] add the "initial weight" to the server struct. 7049 - [MEDIUM] stats: add the "get weight" command to report a server's weight 7050 - [MEDIUM] stats: add the "set weight" command 7051 - [BUILD] add a 'make tags' target 7052 - [MINOR] stats: add support for numeric IDs in set weight/get weight 7053 - [MINOR] stats: use a dedicated state to output static data 7054 - [OPTIM] stats: check free space before trying to print 7055 70562009/09/24 : 1.4-dev3 7057 - [BUILD] compilation of haproxy-1.4-dev2 on FreeBSD 7058 - [MEDIUM] Collect & show information about last health check, v3 7059 - [MINOR] export the hostname variable so that all the code can access it 7060 - [MINOR] stats: add a new node-name setting 7061 - [MEDIUM] remove old experimental tcpsplice option 7062 - [BUILD] fix build for systems without SOL_TCP 7063 - [MEDIUM] move connection establishment from backend to the SI. 7064 - [MEDIUM] make the global stats socket part of a frontend 7065 - [MEDIUM] session: account per-listener connections 7066 - [MINOR] session: switch to established state if no connect function 7067 - [MEDIUM] make the unix stats sockets use the generic session handler 7068 - [CLEANUP] unix: remove uxst_process_session() 7069 - [CLEANUP] move remaining stats sockets code to dumpstats 7070 - [MINOR] move the initial task's nice value to the listener 7071 - [MINOR] cleanup set_session_backend by using pre-computed analysers 7072 - [MINOR] set s->srv_error according to the analysers 7073 - [MEDIUM] set rep->analysers from fe and be analysers 7074 - [MEDIUM] replace BUFSIZE with buf->size in computations 7075 - [MEDIUM] make it possible to change the buffer size in the configuration 7076 - [MEDIUM] report error on buffer writes larger than buffer size 7077 - [MEDIUM] stream_interface: add and use ->update function to resync 7078 - [CLEANUP] remove ifdef MSG_NOSIGNAL and define it instead 7079 - [MEDIUM] remove TCP_CORK and make use of MSG_MORE instead 7080 - [BUG] tarpit did not work anymore 7081 - [MINOR] acl: add support for hdr_ip to match IP addresses in headers 7082 - [MAJOR] buffers: fix misuse of the BF_SHUTW_NOW flag 7083 - [MINOR] buffers: provide more functions to handle buffer data 7084 - [MEDIUM] buffers: provide new buffer_feed*() function 7085 - [MINOR] buffers: add peekchar and peekline functions for stream interfaces 7086 - [MINOR] buffers: provide buffer_si_putchar() to send a char from a stream interface 7087 - [BUG] buffer_forward() would not correctly consider data already scheduled 7088 - [MINOR] buffers: add buffer_cut_tail() to cut only unsent data 7089 - [MEDIUM] stream_interface: make use of buffer_cut_tail() to report errors 7090 - [MAJOR] http: add support for HTTP 1xx informational responses 7091 - [MINOR] buffers: inline buffer_si_putchar() 7092 - [MAJOR] buffers: split BF_WRITE_ENA into BF_AUTO_CONNECT and BF_AUTO_CLOSE 7093 - [MAJOR] buffers: fix the BF_EMPTY flag's meaning 7094 - [BUG] stream_interface: SI_ST_CLO must have buffers SHUT 7095 - [MINOR] stream_sock: don't set SI_FL_WAIT_DATA if BF_SHUTW_NOW is set 7096 - [MEDIUM] add support for infinite forwarding 7097 - [BUILD] stream_interface: fix conflicting declaration 7098 - [BUG] buffers: buffer_forward() must not always clear BF_OUT_EMPTY 7099 - [BUG] variable buffer size ignored at initialization time 7100 - [MINOR] ensure that buffer_feed() and buffer_skip() set BF_*_PARTIAL 7101 - [BUG] fix buffer_skip() and buffer_si_getline() to correctly handle wrap-arounds 7102 - [MINOR] stream_interface: add SI_FL_DONT_WAKE flag 7103 - [MINOR] stream_interface: add iohandler callback 7104 - [MINOR] stream_interface: add functions to support running as internal/external tasks 7105 - [MEDIUM] session: call iohandler for embedded tasks (applets) 7106 - [MINOR] add a ->private member to the stream_interface 7107 - [MEDIUM] stats: prepare the connection for closing before dumping 7108 - [MEDIUM] stats: replace the stats socket analyser with an SI applet 7109 71102009/08/09 : 1.4-dev2 7111 - [BUG] task: fix possible crash when some timeouts are not configured 7112 - [BUG] log: option tcplog would log to global if no logger was defined 7113 71142009/07/29 : 1.4-dev1 7115 - [MINOR] acl: add support for matching of RDP cookies 7116 - [MEDIUM] add support for RDP cookie load-balancing 7117 - [MEDIUM] add support for RDP cookie persistence 7118 - [MINOR] add a new CLF log format 7119 - [MINOR] startup: don't imply -q with -D 7120 - [BUG] ensure that we correctly re-start old process in case of error 7121 - [MEDIUM] add support for binding to source port ranges during connect 7122 - [MINOR] config: track "no option"/"option" changes 7123 - [MINOR] config: support resetting options do default values 7124 - [MEDIUM] implement option tcp-smart-accept at the frontend 7125 - [MEDIUM] stream_sock: implement tcp-cork for use during shutdowns on Linux 7126 - [MEDIUM] implement tcp-smart-connect option at the backend 7127 - [MEDIUM] add support for TCP MSS adjustment for listeners 7128 - [MEDIUM] support setting a server weight to zero 7129 - [MINOR] make DEFAULT_MAXCONN user-configurable at build time 7130 - [MAJOR] session: don't clear buffer status flags anymore 7131 - [MAJOR] session: only check for timeouts when they have just occurred. 7132 - [MAJOR] session: simplify buffer error handling 7133 - [MEDIUM] config: split parser and checker in two functions 7134 - [MEDIUM] config: support loading multiple configuration files 7135 - [MEDIUM] stream_sock: don't close prematurely when nolinger is set 7136 - [MEDIUM] session: rework buffer analysis to permit permanent analysers 7137 - [MEDIUM] splice: set the capability on each stream_interface 7138 - [BUG] http: redirect rules were processed too early 7139 - [CLEANUP] remove unused DEBUG_PARSE_NO_SPEEDUP define 7140 - [MEDIUM] http: split request waiter from request processor 7141 - [MEDIUM] session: tell analysers what bit they were called for 7142 - [MAJOR] http: complete splitting of the remaining stages 7143 - [MINOR] report in the proxies the requirements for ACLs 7144 - [MINOR] http: rely on proxy->acl_requires to allocate hdr_idx 7145 - [MINOR] acl: add HTTP protocol detection (req_proto_http) 7146 - [MINOR] prepare callers of session_set_backend to handle errors 7147 - [BUG] default ACLs did not properly set the ->requires flag 7148 - [MEDIUM] allow a TCP frontend to switch to an HTTP backend 7149 - [MINOR] ensure we can jump from swiching rules to http without data 7150 - [MINOR] http: take http request timeout from the backend 7151 - [MINOR] allow TCP inspection rules to make use of HTTP ACLs 7152 - [BUILD] report commit date and not author's date as build date 7153 - [MINOR] acl: don't complain anymore when using L7 acls in TCP 7154 - [BUG] stream_sock: always shutdown(SHUT_WR) before closing 7155 - [BUG] stream_sock: don't stop reading when the poller reports an error 7156 - [BUG] config: tcp-request content only accepts "if" or "unless" 7157 - [BUG] task: fix possible timer drift after update 7158 - [MINOR] apply tcp-smart-connect option for the checks too 7159 - [MINOR] stats: better displaying in MSIE 7160 - [MINOR] config: improve error reporting in global section 7161 - [MINOR] config: improve error reporting in listen sections 7162 - [MINOR] config: the "capture" keyword is not allowed in backends 7163 - [MINOR] config: improve error reporting when checking configuration 7164 - [BUILD] fix a minor build warning on AIX 7165 - [BUILD] use "git cmd" instead of "git-cmd" 7166 - [CLEANUP] report 2009 not 2008 in the copyright banner. 7167 - [MINOR] print usage on the stats sockets upon invalid commands 7168 - [MINOR] acl: detect and report potential mistakes in ACLs 7169 - [BUILD] fix incorrect printf arg count with tcp_splice 7170 - [BUG] fix random pauses on last segment of a series 7171 - [BUILD] add support for build under Cygwin 7172 71732009/06/09 : 1.4-dev0 7174 - exact copy of 1.3.18 7175 71762009/05/10 : 1.3.18 7177 - [MEDIUM] add support for "balance hdr(name)" 7178 - [CLEANUP] give a little bit more information in error message 7179 - [MINOR] add X-Original-To: header 7180 - [BUG] x-original-to: fix missing initialization to default value 7181 - [BUILD] spec file: fix broken pipe during rpmbuild and add man file 7182 - [MINOR] improve reporting of misplaced acl/reqxxx rules 7183 - [MEDIUM] http: add options to ignore invalid header names 7184 - [MEDIUM] http: capture invalid requests/responses even if accepted 7185 - [BUILD] add format(printf) to printf-like functions 7186 - [MINOR] fix several printf formats and missing arguments 7187 - [BUG] stats: total and lbtot are unsigned 7188 - [MINOR] fix a few remaining printf-like formats on 64-bit platforms 7189 - [CLEANUP] remove unused make option from haproxy.spec 7190 - [BUILD] make it possible to pass alternative arch at build time 7191 - [MINOR] switch all stat counters to 64-bit 7192 - [MEDIUM] ensure we don't recursively call pool_gc2() 7193 - [CRITICAL] uninitialized response field can sometimes cause crashes 7194 - [BUG] fix wrong pointer arithmetics in HTTP message captures 7195 - [MINOR] rhel init script : support the reload operation 7196 - [MINOR] add basic signal handling functions 7197 - [BUILD] add signal.o to all makefiles 7198 - [MEDIUM] call signal_process_queue from run_poll_loop 7199 - [MEDIUM] pollers: don't wait if a signal is pending 7200 - [MEDIUM] convert all signals to asynchronous signals 7201 - [BUG] O(1) pollers should check their FD before closing it 7202 - [MINOR] don't close stdio fds twice 7203 - [MINOR] add options dontlog-normal and log-separate-errors 7204 - [DOC] minor fixes and rearrangements 7205 - [BUG] fix parser crash on unconditional tcp content rules 7206 - [DOC] rearrange the configuration manual and add a summary 7207 - [MINOR] standard: provide a new 'my_strndup' function 7208 - [MINOR] implement per-logger log level limitation 7209 - [MINOR] compute the max of sessions/s on fe/be/srv 7210 - [MINOR] stats: report max sessions/s and limit in CSV export 7211 - [MINOR] stats: report max sessions/s and limit in HTML stats 7212 - [MINOR] stats/html: use the arial font before helvetica 7213 72142009/03/29 : 1.3.17 7215 - Update specfile to build for v2.6 kernel. 7216 - [BUG] reset the stream_interface connect timeout upon connect or error 7217 - [BUG] reject unix accepts when connection limit is reached 7218 - [MINOR] show sess: report number of calls to each task 7219 - [BUG] don't call epoll_ctl() on closed sockets 7220 - [BUG] stream_sock: disable I/O on fds reporting an error 7221 - [MINOR] sepoll: don't count two events on the same FD. 7222 - [MINOR] show sess: report a lot more information about sessions 7223 - [BUG] stream_sock: check for shut{r,w} before refreshing some timeouts 7224 - [BUG] don't set an expiration date directly from now_ms 7225 - [MINOR] implement ulltoh() to write HTML-formatted numbers 7226 - [MINOR] stats/html: group digits by 3 to clarify numbers 7227 - [BUILD] remove haproxy-small.spec 7228 - [BUILD] makefile: remove unused references to linux24eold and EPOLL_CTL_WORKAROUND 7229 72302009/03/22 : 1.3.16 7231 - [BUILD] Fixed Makefile for linking pcre 7232 - [CONTRIB] selinux policy for haproxy 7233 - [MINOR] show errors: encode backslash as well as non-ascii characters 7234 - [MINOR] cfgparse: some cleanups in the consistency checks 7235 - [MINOR] cfgparse: set backends to "balance roundrobin" by default 7236 - [MINOR] tcp-inspect: permit the use of no-delay inspection 7237 - [MEDIUM] reverse internal proxy declaration order to match configuration 7238 - [CLEANUP] config: catch and report some possibly wrong rule ordering 7239 - [BUG] connect timeout is in the stream interface, not the buffer 7240 - [BUG] session: errors were not reported in termination flags in TCP mode 7241 - [MINOR] tcp_request: let the caller take care of errors and timeouts 7242 - [CLEANUP] http: remove some commented out obsolete code in process_response 7243 - [MINOR] update ebtree to version 4.1 7244 - [MEDIUM] scheduler: get rid of the 4 trees thanks and use ebtree v4.1 7245 - [BUG] sched: don't leave 3 lasts tasks unprocessed when niced tasks are present 7246 - [BUG] scheduler: fix improper handling of duplicates __task_queue() 7247 - [MINOR] sched: permit a task to stay up between calls 7248 - [MINOR] task: keep a task count and clean up task creators 7249 - [MINOR] stats: report number of tasks (active and running) 7250 - [BUG] server check intervals must not be null 7251 - [OPTIM] stream_sock: don't retry to read after a large read 7252 - [OPTIM] buffer: new BF_READ_DONTWAIT flag reduces EAGAIN rates 7253 - [MEDIUM] session: don't resync FSMs on non-interesting changes 7254 - [BUG] check for global.maxconn before doing accept() 7255 - [OPTIM] sepoll: do not re-check whole list upon accepts 7256 72572009/03/09 : 1.3.16-rc2 7258 - [BUG] stream_sock: write timeout must be updated when forwarding ! 7259 72602009/03/09 : 1.3.16-rc1 7261 - appsessions: cleanup DEBUG_HASH and initialize request_counter 7262 - [MINOR] acl: add new keyword "connslots" 7263 - [MINOR] cfgparse: fix off-by 2 in error message size 7264 - [BUILD] fix build with gcc 4.3 7265 - [BUILD] fix MANDIR default location to match documentation 7266 - [TESTS] add a debug patch to help trigger the stats bug 7267 - [BUG] Flush buffers also where there are exactly 0 bytes left 7268 - [MINOR] Allow to specify a domain for a cookie 7269 - [BUG/CLEANUP] cookiedomain -> cookie_domain rename + free(p->cookie_domain) 7270 - [MEDIUM] Fix memory freeing at exit 7271 - [MEDIUM] Fix memory freeing at exit, part 2 7272 - [BUG] Fix listen & more of 2 couples <ip>:<port> 7273 - [DOC] remove buggy comment for use_backend 7274 - [CRITICAL] fix server state tracking: it was O(n!) instead of O(n) 7275 - [MEDIUM] add support for URI hash depth and length limits 7276 - [MINOR] permit renaming of x-forwarded-for header 7277 - [BUILD] fix Makefile.bsd and Makefile.osx for stream_interface 7278 - [BUILD] Haproxy won't compile if DEBUG_FULL is defined 7279 - [MEDIUM] upgrade to ebtree v4.0 7280 - [DOC] update the README file with new build options 7281 - [MEDIUM] reduce risk of event starvation in ev_sepoll 7282 - [MEDIUM] detect streaming buffers and tag them as such 7283 - [MEDIUM] add support for conditional HTTP redirection 7284 - [BUILD] make install should depend on haproxy not "all" 7285 - [DEBUG] add a TRACE macro to facilitate runtime data extraction 7286 - [BUG] event pollers must not wait if a task exists in the run queue 7287 - [BUG] queue management: wake oldest request in queues 7288 - [BUG] log: reported queue position was offed-by-one 7289 - [BUG] fix the dequeuing logic to ensure that all requests get served 7290 - [DOC] documentation for the "retries" parameter was missing. 7291 - [MEDIUM] implement a monotonic internal clock 7292 - [MEDIUM] further improve monotonic clock by check forward jumps 7293 - [OPTIM] add branch prediction hints in list manipulations 7294 - [MAJOR] replace ultree with ebtree in wait-queues 7295 - [BUG] we could segfault during exit while freeing uri_auths 7296 - [BUG] wqueue: perform proper timeout comparisons with wrapping values 7297 - [MINOR] introduce now_ms, the current date in milliseconds 7298 - [BUG] disable buffer read timeout when reading stats 7299 - [MEDIUM] rework the wait queue mechanism 7300 - [BUILD] change declaration of base64tab to fix build with Intel C++ 7301 - [OPTIM] shrink wake_expired_tasks() by using task_wakeup() 7302 - [MAJOR] use an ebtree instead of a list for the run queue 7303 - [MEDIUM] introduce task->nice and boot access to statistics 7304 - [OPTIM] task_queue: assume most consecutive timers are equal 7305 - [BUILD] silent a warning in unlikely() with gcc 4.x 7306 - [MAJOR] convert all expiration timers from timeval to ticks 7307 - [BUG] use_backend would not correctly consider "unless" 7308 - [TESTS] added test-acl.cfg to test some ACL combinations 7309 - [MEDIUM] add support for configuration keyword registration 7310 - [MEDIUM] modularize the global "stats" keyword configuration parser 7311 - [MINOR] cfgparse: add support for warnings in external functions 7312 - [MEDIUM] modularize the "timeout" keyword configuration parser 7313 - [MAJOR] implement tcp request content inspection 7314 - [MINOR] acl: add a new parsing function: parse_dotted_ver 7315 - [MINOR] acl: add req_ssl_ver in TCP, to match an SSL version 7316 - [CLEANUP] remove unused include/types/client.h 7317 - [CLEANUP] remove many #include <types/xxx> from C files 7318 - [CLEANUP] remove dependency on obsolete INTBITS macro 7319 - [DOC] document the new "tcp-request" keyword and associated ACLs 7320 - [MINOR] acl: add REQ_CONTENT to the list of default acls 7321 - [MEDIUM] acl: permit fetch() functions to set the result themselves 7322 - [MEDIUM] acl: get rid of dummy values in always_true/always_false 7323 - [MINOR] acl: add the "wait_end" acl verb 7324 - [MEDIUM] acl: enforce ACL type checking 7325 - [MEDIUM] acl: set types on all currently known ACL verbs 7326 - [MEDIUM] acl: when possible, report the name and requirements of ACLs in warnings 7327 - [CLEANUP] remove 65 useless NULL checks before free 7328 - [MEDIUM] memory: update pool_free2() to support NULL pointers 7329 - [MEDIUM] buffers: ensure buffer_shut* are properly called upon shutdowns 7330 - [MEDIUM] process_srv: rely on buffer flags for client shutdown 7331 - [MEDIUM] process_srv: don't rely at all on client state 7332 - [MEDIUM] process_cli: don't rely at all on server state 7333 - [BUG] fix segfault with url_param + check_post 7334 - [BUG] server timeout was not considered in some circumstances 7335 - [BUG] client timeout incorrectly rearmed while waiting for server 7336 - [MAJOR] kill CL_STINSPECT and CL_STHEADERS (step 1) 7337 - [MAJOR] get rid of SV_STANALYZE (step 2) 7338 - [MEDIUM] simplify and centralize request timeout cancellation and request forwarding 7339 - [MAJOR] completely separate HTTP and TCP states on the request path 7340 - [BUG] fix recently introduced loop when client closes early 7341 - [MAJOR] get rid of the SV_STHEADERS state 7342 - [MAJOR] better separation of response processing and server state 7343 - [MAJOR] clearly separate HTTP response processing from TCP server state 7344 - [MEDIUM] remove unused references to {CL|SV}_STSHUT* 7345 - [MINOR] term_trace: add better instrumentations to trace the code 7346 - [BUG] ev_sepoll: closed file descriptors could persist in the spec list 7347 - [BUG] process_response must not enable the read FD 7348 - [BUG] buffers: remove BF_MAY_CONNECT and fix forwarding issue 7349 - [BUG] process_response: do not touch srv_state 7350 - [BUG] maintain_proxies must not disable backends 7351 - [CLEANUP] get rid of BF_SHUT*_PENDING 7352 - [MEDIUM] buffers: add BF_EMPTY and BF_FULL to remove dependency on req/rep->l 7353 - [MAJOR] process_session: rely only on buffer flags 7354 - [MEDIUM] use buffer->wex instead of buffer->cex for connect timeout 7355 - [MEDIUM] centralize buffer timeout checks at the top of process_session 7356 - [MINOR] ensure the termination flags are set by process_xxx 7357 - [MEDIUM] session: move the analysis bit field to the buffer 7358 - [OPTIM] process_cli/process_srv: reduce the number of tests 7359 - [BUG] regparm is broken on gcc < 3 7360 - [BUILD] fix warning in proto_tcp.c with gcc >= 4 7361 - [MEDIUM] merge inspect_exp and txn->exp into request buffer 7362 - [BUG] process_cli/process_srv: don't call shutdown when already done 7363 - [BUG] process_request: HTTP body analysis must return zero if missing data 7364 - [TESTS] test-fsm: 22 regression tests for state machines 7365 - [BUG] Fix empty X-Forwarded-For header name when set in defaults section 7366 - [BUG] fix harmless but wrong fd insertion sequence 7367 - [MEDIUM] make it possible for analysers to follow the whole session 7368 - [MAJOR] rework of the server FSM 7369 - [OPTIM] remove useless fd_set(read) upon shutdown(write) 7370 - [MEDIUM] massive cleanup of process_srv() 7371 - [MEDIUM] second level of code cleanup for process_srv_data 7372 - [MEDIUM] third cleanup and optimization of process_srv_data() 7373 - [MEDIUM] process_srv_data: ensure that we always correctly re-arm timeouts 7374 - [MEDIUM] stream_sock_process_data moved to stream_sock.c 7375 - [MAJOR] make the client side use stream_sock_process_data() 7376 - [MEDIUM] split stream_sock_process_data 7377 - [OPTIM] stream_sock_read must check for null-reads more often 7378 - [MINOR] only call flow analysers when their read side is connected. 7379 - [MEDIUM] reintroduce BF_HIJACK with produce_content 7380 - [MINOR] re-arrange buffer flags and rename some of them 7381 - [MINOR] do not check for BF_SHUTR when computing write timeout 7382 - [OPTIM] ev_sepoll: detect newly created FDs and check them once 7383 - [OPTIM] reduce the number of calls to task_wakeup() 7384 - [OPTIM] force inlining of large functions with gcc >= 3 7385 - [MEDIUM] indicate a reason for a task wakeup 7386 - [MINOR] change type of fdtab[]->owner to void* 7387 - [MAJOR] make stream sockets aware of the stream interface 7388 - [MEDIUM] stream interface: add the ->shutw method as well as in and out buffers 7389 - [MEDIUM] buffers: add BF_READ_ATTACHED and BF_ANA_TIMEOUT 7390 - [MEDIUM] process_session: make use of the new buffer flags 7391 - [CLEANUP] process_session: move debug outputs out of the critical loop 7392 - [MEDIUM] move QUEUE and TAR timers to stream interfaces 7393 - [OPTIM] add compiler hints in tick_is_expired() 7394 - [MINOR] add buffer_check_timeouts() to check what timeouts have fired. 7395 - [MEDIUM] use buffer_check_timeouts instead of stream_sock_check_timeouts() 7396 - [MINOR] add an expiration flag to the stream_sock_interface 7397 - [MAJOR] migrate the connection logic to stream interface 7398 - [MAJOR] add a connection error state to the stream_interface 7399 - [MEDIUM] add the SN_CURR_SESS flag to the session to track open sessions 7400 - [MEDIUM] continue layering cleanups. 7401 - [MEDIUM] stream_interface: added a DISconnected state between CON/EST and CLO 7402 - [MEDIUM] remove stream_sock_update_data() 7403 - [MINOR] maintain a global session list in order to ease debugging 7404 - [BUG] shutw must imply close during a connect 7405 - [MEDIUM] process shutw during connection attempt 7406 - [MEDIUM] make the stream interface control the SHUT{R,W} bits 7407 - [MAJOR] complete layer4/7 separation 7408 - [CLEANUP] move the session-related functions to session.c 7409 - [MINOR] call session->do_log() for logging 7410 - [MINOR] replace the ambiguous client_return function by stream_int_return 7411 - [MINOR] replace client_retnclose() with stream_int_retnclose() 7412 - [MINOR] replace srv_close_with_err() with http_server_error() 7413 - [MEDIUM] make the http server error function a pointer in the session 7414 - [CLEANUP] session.c: removed some migration left-overs in sess_establish() 7415 - [MINOR] stream_sock_data_finish() should not expose fd 7416 - [MEDIUM] extract TCP request processing from HTTP 7417 - [MEDIUM] extract the HTTP tarpit code from process_request(). 7418 - [MEDIUM] move the HTTP request body analyser out of process_request(). 7419 - [MEDIUM] rename process_request to http_process_request 7420 - [BUG] fix forgotten server session counter 7421 - [MINOR] declare process_session in session.h, not proto_http.h 7422 - [MEDIUM] first pass of lifting to proto_uxst.c:uxst_event_accept() 7423 - [MINOR] add an analyser code for UNIX stats request 7424 - [MINOR] pre-set analyser flags on the listener at registration time 7425 - [BUG] do not forward close from cons to prod with analysers 7426 - [MEDIUM] ensure that sock->shutw() also closes read for init states 7427 - [MINOR] add an analyser state in struct session 7428 - [MAJOR] make unix sockets work again with stats 7429 - [MEDIUM] remove cli_fd, srv_fd, cli_state and srv_state from the session 7430 - [MINOR] move the listener reference from fd to session 7431 - [MEDIUM] reference the current hijack function in the buffer itself 7432 - [MINOR] slightly rebalance stats_dump_{raw,http} 7433 - [MINOR] add a new back-reference type : struct bref 7434 - [MINOR] add back-references to sessions for later use by a dumper. 7435 - [MEDIUM] add support for "show sess" in unix stats socket 7436 - [BUG] do not release the connection slot during a retry 7437 - [BUG] dynamic connection throttling could return a max of zero conns 7438 - [BUG] do not try to pause backends during reload 7439 - [BUG] ensure that listeners from disabled proxies are correctly unbound. 7440 - [BUG] acl-related keywords are not allowed in defaults sections 7441 - [BUG] cookie capture is declared in the frontend but checked on the backend 7442 - [BUG] critical errors should be reported even in daemon mode 7443 - [MINOR] redirect: add support for the "drop-query" option 7444 - [MINOR] redirect: add support for "set-cookie" and "clear-cookie" 7445 - [MINOR] redirect: in prefix mode a "/" means not to change the URI 7446 - [BUG] do not dequeue requests on a dead server 7447 - [BUG] do not dequeue the backend's pending connections on a dead server 7448 - [MINOR] stats: indicate if a task is running in "show sess" 7449 - [BUG] check timeout must not be changed if timeout.check is not set 7450 - [BUG] "option transparent" is for backend, not frontend ! 7451 - [MINOR] transfer errors were not reported anymore in data phase 7452 - [MEDIUM] add a send limit to a buffer 7453 - [MEDIUM] don't report buffer timeout when there is I/O activity 7454 - [MEDIUM] indicate when we don't care about read timeout 7455 - [MINOR] add flags to indicate when a stream interface is waiting for space/data 7456 - [MEDIUM] enable inter-stream_interface wakeup calls 7457 - [MAJOR] implement autonomous inter-socket forwarding 7458 - [MINOR] add the splice_len member to the buffer struct in preparation of splice support 7459 - [MEDIUM] stream_sock: factor out the return path in case of no-writes 7460 - [MEDIUM] i/o: rework ->to_forward and ->send_max 7461 - [OPTIM] stream_sock: do not ask for polling on EAGAIN if we have read 7462 - [OPTIM] buffer: replace rlim by max_len 7463 - [OPTIM] stream_sock: factor out the buffer full handling out of the loop 7464 - [CLEANUP] replace a few occurrences of (flags & X) && !(flags & Y) 7465 - [CLEANUP] stream_sock: move the write-nothing condition out of the loop 7466 - [MEDIUM] split stream_sock_write() into callback and core functions 7467 - [MEDIUM] stream_sock_read: call ->chk_snd whenever there are data pending 7468 - [MINOR] stream_sock: fix a few wrong empty calculations 7469 - [MEDIUM] stream_sock: try to send pending data on chk_snd() 7470 - [MINOR] global.maxpipes: add the ability to reserve file descriptors for pipes 7471 - [MEDIUM] splice: add configuration options and set global.maxpipes 7472 - [MINOR] introduce structures required to support Linux kernel splicing 7473 - [MEDIUM] add definitions for Linux kernel splicing 7474 - [MAJOR] complete support for linux 2.6 kernel splicing 7475 - [BUG] reserve some pipes for backends with splice enabled 7476 - [MEDIUM] splice: add hints to support older buggy kernels 7477 - [MEDIUM] introduce pipe pools 7478 - [MEDIUM] splice: make use of pipe pools 7479 - [STATS] report pipe usage in the statistics 7480 - [OPTIM] make global.maxpipes default to global.maxconn/4 when not specified 7481 - [BUILD] fix snapshot date extraction with negative timezones 7482 - [MEDIUM] move global tuning options to the global structure 7483 - [MEDIUM] splice: add the global "nosplice" option 7484 - [BUILD] add USE_LINUX_SPLICE to enable LINUX_SPLICE on linux 2.6 7485 - [BUG] we must not exit if protocol binding only returns a warning 7486 - [MINOR] add support for bind interface name 7487 - [BUG] inform the user when root is expected but not set 7488 - [MEDIUM] add support for source interface binding 7489 - [MEDIUM] add support for source interface binding at the server level 7490 - [MEDIUM] implement bind-process to limit service presence by process 7491 - [DOC] document maxpipes, nosplice, option splice-{auto,request,response} 7492 - [DOC] filled the logging section of the configuration manual 7493 - [DOC] document HTTP status codes 7494 - [DOC] document a few missing info about errorfile 7495 - [BUG] fix random memory corruption using "show sess" 7496 - [BUG] fix unix socket processing of interrupted output 7497 - [DOC] add diagrams of queuing and future ACL design 7498 - [BUILD] proto_http did not build on gcc-2.95 7499 - [BUG] the "source" keyword must first clear optional settings 7500 - [BUG] global.tune.maxaccept must be limited even in mono-process mode 7501 - [MINOR] ensure that http_msg_analyzer updates pointer to invalid char 7502 - [MEDIUM] store a complete dump of request and response errors in proxies 7503 - [MEDIUM] implement error dump on unix socket with "show errors" 7504 - [DOC] document "show errors" 7505 - [MINOR] errors dump must use user-visible date, not internal date. 7506 - [MINOR] time: add __usec_to_1024th to convert usecs to 1024th of second 7507 - [MINOR] add curr_sec_ms and curr_sec_ms_scaled for current second. 7508 - [MEDIUM] measure and report session rate on frontend, backends and servers 7509 - [BUG] the "connslots" keyword was matched as "connlots" 7510 - [MINOR] acl: add 2 new verbs: fe_sess_rate and be_sess_rate 7511 - [MEDIUM] implement "rate-limit sessions" for the frontend 7512 - [BUG] interface binding: length must include the trailing zero 7513 - [BUG] typo in timeout error reporting : report *res and not *err 7514 - [OPTIM] maintain_proxies: only wake up when the frontend will be ready 7515 - [OPTIM] rate-limit: cleaner behaviour on low rates and reduce consumption 7516 - [BUG] switch server-side stream interface to close in case of abort 7517 - [CLEANUP] remove last references to term_trace 7518 - [OPTIM] freq_ctr: do not rotate the counters when reading 7519 - [BUG] disable any analysers for monitoring requests 7520 - [BUG] rate-limit in defaults section was ignored 7521 - [BUG] task: fix handling of duplicate keys 7522 - [OPTIM] task: don't unlink a task from a wait queue when waking it up 7523 - [OPTIM] displace tasks in the wait queue only if absolutely needed 7524 - [MEDIUM] minor update to the task api: let the scheduler queue itself 7525 - [BUG] event_accept() must always wake the task up, even in health mode 7526 - [CLEANUP] task: distinguish between clock ticks and timers 7527 - [OPTIM] task: reduce the number of calls to task_queue() 7528 - [OPTIM] do not re-check req buffer when only response has changed 7529 - [CLEANUP] don't enable kernel splicing when socket is closed 7530 - [CLEANUP] buffer_flush() was misleading, rename it as buffer_erase 7531 - [MINOR] buffers: implement buffer_flush() 7532 - [MEDIUM] rearrange forwarding condition to enable splice during analysis 7533 - [BUILD] build fixes for Solaris 7534 - [BUILD] proto_http did not build on gcc-2.95 (again) 7535 - [CONTRIB] halog: fast log parser for haproxy 7536 - [CONTRIB] halog: faster fgets() and add support for percentile reporting 7537 75382008/04/19 : 1.3.15 7539 - [BUILD] Added support for 'make install' 7540 - [BUILD] Added 'install-man' make target for installing the man page 7541 - [BUILD] Added 'install-bin' make target 7542 - [BUILD] Added 'install-doc' make target 7543 - [BUILD] Removed "/" after '$(DESTDIR)' in install targets 7544 - [BUILD] Changed 'install' target to install the binaries first 7545 - [BUILD] Replace hardcoded 'LD = gcc' with 'LD = $(CC)' 7546 - [MEDIUM]: Inversion for options 7547 - [MEDIUM]: Count retries and redispatches also for servers, fix redistribute_pending, extend logs, %d->%u cleanup 7548 - [BUG]: Restore clearing t->logs.bytes 7549 - [MEDIUM]: rework checks handling 7550 - [DOC] Update a "contrib" file with a hint about a scheme used for formathing subjects 7551 - [MEDIUM] Implement "track [<backend>/]<server>" 7552 - [MINOR] Implement persistent id for proxies and servers 7553 - [BUG] Don't increment server connections too much + fix retries 7554 - [MEDIUM]: Prevent redispatcher from selecting the same server, version #3 7555 - [MAJOR] proto_uxst rework -> SNMP support 7556 - [BUG] appsession lookup in URL does not work 7557 - [BUG] transparent proxy address was ignored in backend 7558 - [BUG] hot reconfiguration failed because of a wrong error check 7559 - [DOC] big update to the configuration manual 7560 - [DOC] large update to the configuration manual 7561 - [DOC] document more options 7562 - [BUILD] major rework of the GNU Makefile 7563 - [STATS] add support for "show info" on the unix socket 7564 - [DOC] document options forwardfor to logasap 7565 - [MINOR] add support for the "backlog" parameter 7566 - [OPTIM] introduce global parameter "tune.maxaccept" 7567 - [MEDIUM] introduce "timeout http-request" in frontends 7568 - [MINOR] tarpit timeout is also allowed in backends 7569 - [BUG] increment server connections for each connect() 7570 - [MEDIUM] add a turn-around state of one second after a connection failure 7571 - [BUG] fix typo in redispatched connection 7572 - [DOC] document options nolinger to ssl-hello-chk 7573 - [DOC] added documentation for "option tcplog" to "use_backend" 7574 - [BUG] connect_server: server might not exist when sending error report 7575 - [MEDIUM] support fully transparent proxy on Linux (USE_LINUX_TPROXY) 7576 - [MEDIUM] add non-local bind to connect() on Linux 7577 - [MINOR] add transparent proxy support for balabit's Tproxy v4 7578 - [BUG] use backend's source and not server's source with tproxy 7579 - [BUG] fix overlapping server flags 7580 - [MEDIUM] fix server health checks source address selection 7581 - [BUG] build failed on CONFIG_HAP_LINUX_TPROXY without CONFIG_HAP_CTTPROXY 7582 - [DOC] added "server", "source" and "stats" keywords 7583 - [DOC] all server parameters have been documented 7584 - [DOC] document all req* and rsp* keywords. 7585 - [DOC] added documentation about HTTP header manipulations 7586 - [BUG] log response byte count, not request 7587 - [BUILD] code did not build in full debug mode 7588 - [BUG] fix truncated responses with sepoll 7589 - [MINOR] use s->frt_addr as the server's address in transparent proxy 7590 - [MINOR] fix configuration hint about timeouts 7591 - [DOC] minor cleanup of the doc and notice to contributors 7592 - [MINOR] report correct section type for unknown keywords. 7593 - [BUILD] update MacOS Makefile to build on newer versions 7594 - [DOC] fix erroneous "useallbackups" option in the doc 7595 - [DOC] applied small fixes from early readers 7596 - [MINOR] add configuration support for "redir" server keyword 7597 - [MEDIUM] completely implement the server redirection method 7598 - [TESTS] add a test case for the server redirection mechanism 7599 - [DOC] add a configuration entry for "server ... redir <prefix>" 7600 - [BUILD] backend.c and checks.c did not build without tproxy ! 7601 - Revert "[BUILD] backend.c and checks.c did not build without tproxy !" 7602 - [BUILD] backend.c and checks.c did not build without tproxy ! 7603 - [OPTIM] used unsigned ints for HTTP state and message offsets 7604 - [OPTIM] GCC4's builtin_expect() is suboptimal 7605 - [BUG] failed conns were sometimes incremented in the frontend! 7606 - [BUG] timeout.check was not pre-set to eternity 7607 - [TESTS] add test-pollers.cfg to easily report pollers in use 7608 - [BUG] do not apply timeout.connect in checks if unset 7609 - [BUILD] ensure that makefile understands USE_DLMALLOC=1 7610 - [MINOR] silent gcc for a wrong warning 7611 - [CLEANUP] update .gitignore to ignore more temporary files 7612 - [CLEANUP] report dlmalloc's source path only if explictly specified 7613 - [BUG] str2sun could leak a small buffer in case of error during parsing 7614 - [BUG] option allbackups was not working anymore in roundrobin mode 7615 - [MAJOR] implementation of the "leastconn" load balancing algorithm 7616 - [BUILD] ensure that users don't build without setting the target anymore. 7617 - [DOC] document the leastconn LB algo 7618 - [MEDIUM] fix stats socket limitation to 16 kB 7619 - [DOC] fix unescaped space in httpchk example. 7620 - [BUG] fix double-decrement of server connections 7621 - [TESTS] add a test case for port mapping 7622 - [TESTS] add a benchmark for integer hashing 7623 - [TESTS] add new methods in ip-hash test file 7624 - [MAJOR] implement parameter hashing for POST requests 7625 76262007/12/06 : 1.3.14 7627 - New option http_proxy (Alexandre Cassen) 7628 - add support for "maxqueue" to limit server queue overload (Elijah Epifanov) 7629 - Check for duplicated conflicting proxies (Krzysztof Oledzki) 7630 - stats: report server and backend cumulated downtime (Krzysztof Oledzki) 7631 - use backends only with use_backend directive (Krzysztof Oledzki) 7632 - Handle long lines properly (Krzysztof Oledzki) 7633 - Implement and use generic findproxy and relax duplicated proxy check (Krzysztof Oledzki) 7634 - continous statistics (Krzysztof Oledzki) 7635 - add support for logging via a UNIX socket (Robert Tsai) 7636 - fix error checking in strl2ic/strl2uic() 7637 - fix calls to localtime() 7638 - provide easier-to-use ultoa_* functions 7639 - provide easy-to-use limit_r and LIM2A* macros 7640 - add a simple test for the status page 7641 - move error codes to common/errors.h 7642 - silent warning about LIST_* being redefined on OpenBSD 7643 - add socket address length to the protocols 7644 - group PR_O_BALANCE_* bits into a checkable value 7645 - externalize the "balance" option parser to backend.c 7646 - introduce the "url_param" balance method 7647 - make default_backend work in TCP mode too 7648 - disable warning about localtime_r on Solaris 7649 - adjust error messages about conflicting proxies 7650 - avoid calling some layer7 functions if not needed 7651 - simplify error path in event_accept() 7652 - add an options field to the listeners 7653 - added a new state to listeners 7654 - unbind_listener() must use fd_delete() and not close() 7655 - add a generic unbind_listener() primitive 7656 - add a generic delete_listener() primitive 7657 - add a generic unbind_all_listeners() primitive 7658 - create proto_tcp and move initialization of proxy listeners 7659 - stats: report numerical process ID, proxy ID and server ID 7660 - relative_pid was not initialized 7661 - missing header names in raw stats output 7662 - fix missing parenthesis in check_response_for_cacheability 7663 - small optimization on session_process_counters() 7664 - merge ebtree version 3.0 7665 - make ebtree headers multiple-include compatible 7666 - ebtree: include config.h for REGPRM* 7667 - differentiate between generic LB params and map-specific ones 7668 - add a weight divisor to the struct proxy 7669 - implement the Fast Weighted Round Robin (FWRR) algo 7670 - include filltab25.c to experiment on FWRR for dynamic weights 7671 - merge test-fwrr.cfg to validate dynamic weights 7672 - move the load balancing algorithm to be->lbprm.algo 7673 - change server check result to a bit field 7674 - implement "http-check disable-on-404" for graceful shutdown 7675 - secure the calling conditions of ->set_server_status_{up,down} 7676 - report disabled servers as "NOLB" when they are still UP 7677 - document the "http-check disable-on-404" option 7678 - http-check disable-on-404 is not limited to HTTP mode 7679 - add a test file for disable-on-404 7680 - use distinct bits per load-balancing algorithm type 7681 - implement the slowstart parameter for servers 7682 - document the server's slowstart parameter 7683 - stats: report the server warm up status in a "throttle" column 7684 - fix 2 minor issues on AIX 7685 - add the "nbsrv" ACL verb 7686 - add the "fail" condition to monitor requests 7687 - remove a warning from gcc due to htons() in standard.c 7688 - fwrr: ensure that we never overflow in placements 7689 - store the build options to report with -vv 7690 - fix the status return of the init script (R.I. Pienaar) 7691 - stats: real time monitoring script for unix socket (Prizee) 7692 - document "nbsrv" and "monitor fail" 7693 - restrict the set of allowed characters for identifiers 7694 - implement a time parsing function 7695 - add support for time units in the configuration 7696 - add a bit of documentation about timers 7697 - introduce separation between contimeout, and tarpit + queue 7698 - introduce the "timeout" keyword 7699 - grouped all timeouts in one structure 7700 - slowstart is in ms, not seconds 7701 - slowstart: ensure we don't start with a null weight 7702 - report the number of times each server was selected 7703 - fix build on AIX due to recent log changes 7704 - fix build on Solaris due to recent log changes 7705 77062007/10/18 : 1.3.13 7707 - replace the code under O'Reilly license (Arnaud Cornet) 7708 - add a small man page (Arnaud Cornet) 7709 - stats: report haproxy's version by default (Krzysztof Oledzki) 7710 - stats: count server retries and redispatches (Krzysztof Oledzki) 7711 - core: added easy support for Doug Lea's malloc (dlmalloc) 7712 - core: fade out memory usage when stopping proxies 7713 - core: moved the sockaddr pointer to the fdtab structure 7714 - core: add generic protocol support 7715 - core: implement client-side support for PF_UNIX sockets 7716 - stats: implement the CSV output 7717 - stats: add a link to the CSV export HTML page 7718 - stats: implement the statistics output on a unix socket 7719 - config: introduce the "stats" keyword in global section 7720 - build: centralize version and date into one file for each 7721 - tests: added a new hash algorithm 7722 77232007/10/18 : 1.3.12.3 7724 - add the "nolinger" option to disable data lingering (Alexandre Cassen) 7725 - fix double-free during clean exit (Krzysztof Oledzki) 7726 - prevent the system from sending an RST when closing health-checks 7727 (Krzysztof Oledzki) 7728 - do not add a cache-control header when on non-cacheable responses 7729 (Krzysztof Oledzki) 7730 - spread health checks even more (Krzysztof Oledzki) 7731 - stats: scope "." must match the backend and not the frontend 7732 - fixed call to chroot() during startup 7733 - fix wrong timeout computation in event_accept() 7734 - remove condition for exit() under fork() failure 7735 77362007/09/20 : 1.3.12.2 7737 - fix configuration sanity checks for TCP listeners 7738 - set the log socket receive window to zero bytes 7739 - pre-initialize timeouts to infinity, not zero 7740 - fix the SIGHUP message not to alert on server-less proxies 7741 - timeouts and retries could be ignored when switching backend 7742 - added a file to check that "retries" works. 7743 - O'Reilly has clarified its license 7744 77452007/09/05 : 1.3.12.1 7746 - spec I/O: fix allocations of spec entries for an FD 7747 - ensure we never overflow in chunk_printf() 7748 - improve behaviour with large number of servers per proxy 7749 - add support for "stats refresh <interval>" 7750 - stats page: added links for 'refresh' and 'hide down' 7751 - fix backend's weight in the stats page. 7752 - the "stats" keyword is not allowed in a pure frontend. 7753 - provide a test configuration file for stats and checks 7754 77552007/06/17 : 1.3.12 7756 - fix segfault at exit when using captures 7757 - bug: negation in ACL conds was not cleared between terms 7758 - errorfile: use a local file to feed error messages 7759 - acl: support '-i' to ignore case when matching 7760 - acl: smarter integer comparison with operators eq,lt,gt,le,ge 7761 - acl: support maching on 'path' component 7762 - acl: implement matching on header values 7763 - acl: distinguish between request and response headers 7764 - acl: permit to return any header when no name specified 7765 - acl: provide default ACLs 7766 - added the 'use_backend' keyword for full content-switching 7767 - acl: specify the direction during fetches 7768 - acl: provide the argument length for fetch functions 7769 - acl: provide a reference to the expr to fetch() 7770 - improve memory freeing upon exit 7771 - str2net() must not change the const char * 7772 - shut warnings 'is*' macros from ctype.h on solaris 7773 77742007/06/03 : 1.3.11.4 7775 - do not re-arm read timeout in SHUTR state ! 7776 - optimize I/O by detecting system starvation 7777 - the epoll FD must not be shared between processes 7778 - limit the number of events returned by *poll* 7779 77802007/05/14 : 1.3.11.3 7781 - pre-initialize timeouts with tv_eternity during parsing 7782 77832007/05/14 : 1.3.11.2 7784 - fixed broken health-checks since switch to timeval 7785 77862007/05/14 : 1.3.11.1 7787 - fixed ev_kqueue which was forgotten during the switch to timeval 7788 - allowed null timeouts for past events in select 7789 77902007/05/14 : 1.3.11 7791 - fixed ev_sepoll again by rewriting the state machine 7792 - switched all timeouts to timevals instead of milliseconds 7793 - improved memory management using mempools v2. 7794 - several minor optimizations 7795 77962007/05/09 : 1.3.10.2 7797 - fixed build on OpenBSD (missing types.h) 7798 77992007/05/09 : 1.3.10.1 7800 - fixed sepoll transition matrix (two states were missing) 7801 78022007/05/08 : 1.3.10 7803 - several fixes in ev_sepoll 7804 - fixed some expiration dates on some tasks 7805 - fixed a bug in connection establishment detection due to speculative I/O 7806 - fixed rare bug occuring on TCP with early close (reported by Andy Smith) 7807 - implemented URI hashing algorithm (Guillaume Dallaire) 7808 - implemented SMTP health checks (Peter van Dijk) 7809 - replaced the rbtree with ul2tree from old scheduler project 7810 - new framework for generic ACL support 7811 - added the 'acl' and 'block' keywords to the config language 7812 - added several ACL criteria and matches (IP, port, URI, ...) 7813 - cleaned up and better modularization for some time functions 7814 - fixed list macros 7815 - fixed useless memory allocation in str2net() 7816 - store the original destination address in the session 7817 78182007/04/15 : 1.3.9 7819 - modularized the polling mechanisms and use function pointers instead 7820 of macros at many places 7821 - implemented support for FreeBSD's kqueue() polling mechanism 7822 - fixed a warning on OpenBSD : MIN/MAX redefined 7823 - change socket registration order at startup to accomodate kqueue. 7824 - several makefile cleanups to support old shells 7825 - fix build with limits.h once for all 7826 - ev_epoll: do not rely on fd_sets anymore, use changes stacks instead. 7827 - fdtab now holds the results of polling 7828 - implemented support for speculative I/O processing with epoll() 7829 - remove useless calls to shutdown(SHUT_RD), resulting in small speed boost 7830 - auto-registering of pollers at load time 7831 78322007/04/03 : 1.3.8.2 7833 - rewriting either the status line or request line could crash the 7834 process due to a pointer which ought to be reset before parsing. 7835 - rewriting the status line in the response did not work, it caused 7836 a 502 Bad Gateway due to an erroneous state during parsing 7837 78382007/04/01 : 1.3.8.1 7839 - fix reqadd when no option httpclose is used. 7840 - removed now unused fiprm and beprm from proxies 7841 - split logs into two versions : TCP and HTTP 7842 - added some docs about http headers storage and acls 7843 - added a VIM script for syntax color highlighting (Bruno Michel) 7844 78452007/03/25 : 1.3.8 7846 - fixed several bugs which might have caused a crash with bad configs 7847 - several optimizations in header processing 7848 - many progresses towards transaction-based processing 7849 - option forwardfor may be used in frontends 7850 - completed HTTP response processing 7851 - some code refactoring between request and response processing 7852 - new HTTP header manipulation functions 7853 - optimizations on the recv() patch to reduce CPU usage under very 7854 high data rates. 7855 - more user-friendly help about the 'usesrc' keyword (CTTPROXY) 7856 - username/groupname support from Marcus Rueckert 7857 - added the "except" keyword to the "forwardfor" option (Bryan German) 7858 - support for health-checks on other addresses (Fabrice Dulaunoy) 7859 - makefile for MacOS 10.4 / Darwin (Dan Zinngrabe) 7860 - do not insert "Connection: close" in HTTP/1.0 messages 7861 78622007/01/26 : 1.3.7 7863 - fix critical bug introduced with 1.3.6 : an empty request header 7864 may lead to a crash due to missing pointer assignment 7865 - hdr_idx might be left uninitialized in debug mode 7866 - fixed build on FreeBSD due to missing fd_set declaration 7867 78682007/01/22 : 1.3.6.1 7869 - change in the header chaining broke cookies and authentication 7870 78712007/01/22 : 1.3.6 7872 - stats now support the HEAD method too 7873 - extracted http request from the session 7874 - huge rework of the HTTP parser which is now a 28-state FSM. 7875 - linux-style likely/unlikely macros for optimization hints 7876 - do not create a server socket when there's no server 7877 - imported lots of docs 7878 78792007/01/07 : 1.3.5 7880 - stats: swap color sets for active and backup servers 7881 - try to guess server check port when unset 7882 - added complete support and doc for TCP Splicing 7883 - replace the wait-queue linked list with an rbtree. 7884 - a few bugfixes and cleanups 7885 78862007/01/02 : 1.3.4 7887 - support for cttproxy on the server side to present the client 7888 address to the server. 7889 - added support for SO_REUSEPORT on Linux (needs kernel patch) 7890 - new RFC2616-compliant HTTP request parser with header indexing 7891 - split proxies in frontends, rulesets and backends 7892 - implemented the 'req[i]setbe' to select a backend depending 7893 on the contents 7894 - added the 'default_backend' keyword to select a default BE. 7895 - new stats page featuring FEs and BEs + bytes in both dirs 7896 - improved log format to indicate the backend and the time in ms. 7897 - lots of cleanups 7898 78992006/10/15 : 1.3.3 7900 - fix broken redispatch option in case the connection has already 7901 been marked "in progress" (ie: nearly always). 7902 - support regparm on x86 to speed up some often called functions 7903 - removed a few useless calls to gettimeofday() in log functions. 7904 - lots of 'const char*' cleanups 7905 - turn every FD_* into functions which are faster on recent CPUs 7906 79072006/09/03 : 1.3.2 7908 - started the changes towards I/O completion callbacks. stream_sock* have 7909 replaced event_*. 7910 - added the new "reqtarpit" and "reqitarpit" protection features 7911 79122006/07/09 : 1.3.1 (1.2.15) 7913 - now, haproxy warns about missing timeout during startup to try to 7914 eliminate all those buggy configurations. 7915 - added "Content-Type: text/html" in responses wherever appropriate, as 7916 suggested by Cameron Simpson. 7917 - implemented "option ssl-hello-chk" to use SSLv3 CLIENT HELLO messages to 7918 test server's health 7919 - implemented "monitor-uri" so that haproxy can reply to a specific URI with 7920 an "HTTP/1.0 200 OK" response. This is useful to validate multiple proxies 7921 at once. 7922 79232006/06/29 : 1.3.0 7924 - exploded the whole file into multiple .c and .h. No functionnal 7925 difference is expected at all. 7926 - fixed a bug by which neither stats nor error messages could be returned if 7927 'clitimeout' was missing. 7928 79292006/05/21 : 1.2.14 7930 - new HTML status report with the 'stats' keyword. 7931 - added the 'abortonclose' option to better resist traffic surges 7932 - implemented dynamic traffic regulation with the 'minconn' option 7933 - show request time on denied requests 7934 - definitely fixed hot reconf on OpenBSD by the use of SO_REUSEPORT 7935 - now a proxy instance is allowed to run without servers, which is 7936 useful to dedicate one instance to stats 7937 - added lots of error counters 7938 - a missing parenthesis preventd matching of cacheable cookies 7939 - a missing parenthesis in poll_loop() might have caused missed events. 7940 79412006/05/14 : 1.2.13.1 7942 - an uninitialized field in the struct session could cause a crash when 7943 the session was freed. This has been encountered on Solaris only. 7944 - Solaris and OpenBSD no not support shutdown() on listening socket. Let's 7945 be nice to them by performing a soft stop if pause fails. 7946 79472006/05/13 : 1.2.13 7948 - 'maxconn' server parameter to do per-server session limitation 7949 - queueing to support non-blocking session limitation 7950 - fixed removal of cookies for cookie-less servers such as backup servers 7951 - two separate wait queues for expirable and non-expirable tasks provide 7952 better performance with lots of sessions. 7953 - some code cleanups and performance improvements 7954 - made state dumps a bit more verbose 7955 - fixed missing checks for NULL srv in dispatch mode 7956 - load balancing on backup servers was not possible in source hash mode. 7957 - two session flags shared the same bit, but fortunately they were not 7958 compatible. 7959 79602006/04/15 : 1.2.12 7961 Very few changes preparing for more important changes to support per-server 7962 session limitations and queueing : 7963 - ignore leading empty lines in HTTP requests as suggested by RFC2616. 7964 - added the 'weight' parameter to the servers, limited to 1..256. It applies 7965 to roundrobin and source hash. 7966 - the optional '-s' option could clobber '-st' and '-sf' if compiled in. 7967 79682006/03/30 : 1.2.11.1 7969 - under some conditions, it might have been possible that when the 7970 last dead server became available, it would not have been used 7971 till another one would have changed state. Could not be reproduced 7972 at all, however seems possible from the code. 7973 79742006/03/25 : 1.2.11 7975 - added the '-db' command-line option to disable backgrounding. 7976 - added the -sf/-st command-line arguments which are used to specify 7977 a list of pids to send a FINISH or TERMINATE signal upon startup. 7978 They will also be asked to release their port if a bind fails. 7979 - reworked the startup mechanism to allow the sending of a signal to a list 7980 of old pids if a socket cannot be bound, with a retry for a limited amount 7981 of time (1 second by default). 7982 - added the ability to enforce limits on memory usage. 7983 - added the 'source' load-balancing algorithm which uses the source IP(v4|v6) 7984 - re-architectured the server round-robin mechanism to ease integration of 7985 other algorithms. It now relies on the number of active and backup servers. 7986 - added a counter for the number of active and backup servers, and report 7987 these numbers upon SIGHUP or state change. 7988 79892006/03/23 : 1.2.10.1 7990 - while fixing the backup server round-robin "feature", a new bug was 7991 introduced which could miss some backup servers. 7992 - the displayed proxy name was wrong when dumping upon SIGHUP. 7993 79942006/03/19 : 1.2.10 7995 - assert.h is needed when DEBUG is defined. 7996 - ENORMOUS long standing bug affecting the epoll polling system : 7997 event_data is a union, not a structure ! 7998 - Make fd management more robust and easier to debug. Also some 7999 micro-optimisations. 8000 - Limit the number of consecutive accept() in multi-process mode. 8001 This produces a more evenly distributed load across the processes and 8002 slightly improves performance by reducing bottlenecks. 8003 - Make health-checks be more regular, and faster to retry after a timeout. 8004 - Fixed some messages to ease parsing of alerts. 8005 - provided a patch to enable epoll on RHEL3 kernels. 8006 - Separated OpenBSD build from the main Makefile into a new one. 8007 80082006/03/15 : 1.2.9 8009 - haproxy could not be stopped after being paused, it had to be woken up 8010 first. This has been fixed. 8011 - the 'ulimit-n' parameter is now optional and by default computed from 8012 maxconn + the number of listeners + the number of health-checks. 8013 - it is now possible to specify a maximum number of connections at build 8014 time with the SYSTEM_MAXCONN define. The value set in the configuration 8015 file will then be limited to this value, and only the command-line '-n' 8016 option will be able to bypass it. It will prevent against accidental 8017 high memory usage on small systems. 8018 - RFC2616 expects that any HTTP agent accepts multi-line headers. Earlier 8019 versions did not detect a line beginning with a space as the continuation 8020 of previous header. It is now correct. 8021 - health checks sent to servers configured with identical intervals were 8022 sent in perfect synchronisation because the initial time was the same 8023 for all. This could induce high load peaks when fragile servers were 8024 hosting tens of instances for the same application. Now the load is 8025 spread evenly across the smallest interval amongst a listener. 8026 - a new 'forceclose' option was added to make the proxy close the outgoing 8027 channel to the server once it has sent all its headers and the server 8028 starts responding. This helps some servers which don't close upon the 8029 'Connection: close' header. It implies 'option httpclose'. 8030 - there was a bug in the way the backup servers were handled. They were 8031 erroneously load-balanced while the doc said the opposite. Since 8032 load-balanced backup servers is one of the features some people have 8033 been asking for, the problem was fixed to reflect the documented 8034 behaviour and a new option 'allbackups' was introduced to provide the 8035 feature to those who need it. 8036 - a never ending connect() could lead to a fast select() loop if its 8037 timeout times the number of retransmits exceeded the server read or write 8038 timeout, because the later was used to compute select()'s timeout while 8039 the connection timeout was not reached. 8040 - now we initialize the libc's localtime structures very early so that even 8041 under OOM conditions, we can still send dated error messages without 8042 segfaulting. 8043 - the 'daemon' mode implies 'quiet' and disables 'verbose' because file 8044 descriptors are closed. 8045 80462006/01/29 : 1.2.8 8047 - fixed a nasty bug affecting poll/epoll which could return unmodified data 8048 from the server to the client, and sometimes lead to memory corruption 8049 crashing the process. 8050 - added the new pause/play mechanism with SIGTTOU/SIGTTIN for hot-reconf. 8051 80522005/12/18 : 1.2.7.1 8053 - the "retries" option was ignored because connect() could not return an 8054 error if the connection failed before the timeout. 8055 - TCP health-checks could not detect a connection refused in poll/epoll 8056 mode. 8057 80582005/11/13 : 1.2.7 8059 - building with -DUSE_PCRE should include PCRE headers and not regex.h. At 8060 least on Solaris, this caused the libc's regex primitives to be used instead 8061 of PCRE, which caused trouble on group references. This is now fixed. 8062 - delayed the quiet mode during startup so that most of the startup alerts can 8063 be displayed even in quiet mode. 8064 - display an alert when a listener has no address, invalid or no port, or when 8065 there are no enabled listeners upon startup. 8066 - added "static-pcre" to the list of supported regex options in the Makefile. 8067 80682005/10/09 : 1.2.7rc (1.1.33rc) 8069 - second batch of socklen_t changes. 8070 - clean-ups from Cameron Simpson. 8071 - because tv_remain() does not know about eternity, using no timeout can 8072 make select() spin around a null time-out. Bug reported by Cameron Simpson. 8073 - client read timeout was not properly set to eternity initialized after an 8074 accept() if it was not set in the config. It remained undetected so long 8075 because eternity is 0 and newly allocated pages are zeroed by the system. 8076 - do not call get_original_dst() when not in transparent mode. 8077 - implemented a workaround for a bug in certain epoll() implementations on 8078 linux-2.4 kernels (epoll-lt <= 0.21). 8079 - implemented TCP keepalive with new options : tcpka, clitcpka, srvtcpka. 8080 80812005/08/07 : 1.2.6 8082 - clean-up patch from Alexander Lazic fixes build on Debian 3.1 (socklen_t). 8083 80842005/07/06 : 1.2.6-pre5 (1.1.32) 8085 - added the number of active sessions (proxy/process) in the logs 8086 80872005/07/06 : 1.2.6-pre4 (1.1.32-pre4) 8088 - the time-out fix introduced in 1.1.25 caused a corner case where it was 8089 possible for a client to keep a connection maintained regardless of the 8090 timeout if the server closed the connection during the HEADER phase, 8091 while the client ignored the close request while doing nothing in the 8092 other direction. This has been fixed now by ensuring that read timeouts 8093 are re-armed when switching to any SHUTW state. 8094 80952005/07/05 : 1.2.6-pre3 (1.1.32-pre3) 8096 - enhanced error reporting in the logs. Now the proxy will precisely detect 8097 various error conditions related to the system and/or process limits, and 8098 generate LOG_EMERG logs indicating that a resource has been exhausted. 8099 - logs will contain two new characters for the error cause : 'R' indicates 8100 a resource exhausted, and 'I' indicates an internal error, though this 8101 one should never happen. 8102 - server connection timeouts can now be reported in the logs (sC), as well 8103 as connections refused because of maxconn limitations (PC). 8104 81052005/07/05 : 1.2.6-pre2 (1.1.32-pre2) 8106 - new global configuration keyword "ulimit-n" may be used to raise the FD 8107 limit to usable values. 8108 - a warning is now displayed on startup if the FD limit is lower than the 8109 configured maximum number of sockets. 8110 81112005/07/05 : 1.2.6-pre1 (1.1.32-pre1) 8112 - new configuration keyword "monitor-net" makes it possible to be monitored 8113 by external devices which connect to the proxy without being logged nor 8114 forwarded to any server. Particularly useful on generic TCPv4 relays. 8115 81162005/06/21 : 1.2.5.2 8117 - fixed build on PPC where chars are unsigned by default 8118 81192005/05/02 : 1.2.5.1 8120 - dirty hack to fix a bug introduced with epoll : if we close an FD and 8121 immediately reassign it to another session through a connect(), the 8122 Prev{Read,Write}Events are not updated, which causes trouble detecting 8123 changes, thus leading to many timeouts at high loads. 8124 81252005/04/30 : 1.2.5 (1.1.31) 8126 - changed the runtime argument to disable epoll() to '-de' 8127 - changed the runtime argument to disable poll() to '-dp' 8128 - added global options 'nopoll' and 'noepoll' to do the same at the 8129 configuration level. 8130 - added a 'linux24e' target to the Makefile for Linux 2.4 systems patched to 8131 support epoll(). 8132 - changed default FD_SETSIZE to 65536 on Solaris (default=1024) 8133 - conditionned signals redirection to #ifdef DEBUG_MEMORY 8134 81352005/04/26 : 1.2.5-pre4 8136 - made epoll() support a compile-time option : ENABLE_EPOLL 8137 - provided a very little libc replacement for a possibly missing epoll() 8138 implementation which can be enabled by -DUSE_MY_EPOLL 8139 - implemented the poll() poller, which can be enabled with -DENABLE_POLL. 8140 The equivalent runtime argument becomes '-P'. A few tests show that it 8141 performs like select() with many fds, but slightly slower (certainly 8142 because of the higher amount of memory involved). 8143 - separated the 3 polling methods and the tasks scheduler into 4 distinct 8144 functions which makes the code a lot more modular. 8145 - moved some event tables to private static declarations inside the poller 8146 functions. 8147 - the poller functions can now initialize themselves, run, and cleanup. 8148 - changed the runtime argument to enable epoll() to '-E'. 8149 - removed buggy epoll_ctl() code in the client_retnclose() function. This 8150 function was never meant to remove anything. 8151 - fixed a typo which caused glibc to yell about a double free on exit. 8152 - removed error checking after epoll_ctl(DEL) because we can never know if 8153 the fd is still active or already closed. 8154 - added a few entries in the makefile 8155 81562005/04/25 : 1.2.5-pre3 8157 - experimental epoll() support (use temporary '-e' argument) 8158 81592005/04/24 : 1.2.5-pre2 8160 - implemented the HTTP 303 code for error redirection. This forces the 8161 browser to fetch the given URI with a GET request. The new keyword for 8162 this is 'errorloc303', and a new 'errorloc302' keyword has been created 8163 to make them easily distinguishable. 8164 - added more controls in the parser for valid use of '\x' sequence. 8165 - few fixes from Alex & Klaus 8166 81672005/02/17 : 1.2.5-pre1 8168 - fixed a few errors in the documentation 8169 81702005/02/13 8171 - do not pre-initialize unused file-descriptors before select() anymore. 8172 81732005/01/22 : 1.2.4 8174 - merged Alexander Lazic's and Klaus Wagner's work on application 8175 cookie-based persistence. Since this is the first merge, this version is 8176 not intended for general use and reports are more than welcome. Some 8177 documentation is really needed though. 8178 81792005/01/22 : 1.2.3 (1.1.30) 8180 - add an architecture guide to the documentation 8181 - released without any changes 8182 81832004/12/26 : 1.2.3-pre1 (1.1.30-pre1) 8184 - increased default BUFSIZE to 16 kB to accept max headers of 8 kB which is 8185 compatible with Apache. This limit can be configured in the makefile now. 8186 Thanks to Eric Fehr for the checks. 8187 - added a per-server "source" option which now makes it possible to bind to 8188 a different source for each (potentially identical) server. 8189 - changed cookie-based server selection slightly to allow several servers to 8190 share a same cookie, thus making it possible to associate backup servers to 8191 live servers and ease soft-stop for maintenance periods. (Alexander Lazic) 8192 - added the cookie 'prefix' mode which makes it possible to use persistence 8193 with thin clients which support only one cookie. The server name is prefixed 8194 before the application cookie, and restore back. 8195 - fixed the order of servers within an instance to match documentation. Now 8196 the servers are *really* used in the order of their declaration. This is 8197 particularly important when multiple backup servers are in use. 8198 81992004/10/18 : 1.2.2 (1.1.29) 8200 - fixed a bug where a TCP connection would be logged twice if the 'logasap' 8201 option was enabled without the 'tcplog' option. 8202 - encode_string() would use hdr_encode_map instead of the map argument. 8203 82042004/08/10 : (1.1.29-pre2) 8205 - the logged request is now encoded with '#XX' for unprintable characters 8206 - new keywords 'capture request header' and 'capture response header' enable 8207 logging of arbitrary HTTP headers in requests and responses 8208 - removed "-DSOLARIS" after replacing the last inet_aton() with inet_pton() 8209 82102004/06/06 : 1.2.1 (1.1.28) 8211 - added the '-V' command line option to verbosely report errors even though 8212 the -q or 'quiet' options are specified. This is useful with '-c'. 8213 - added a Red Hat init script and a .spec from Simon Matter <simon.matter@invoca.ch> 8214 82152004/06/05 : 8216 - added the "logasap" option which produces a log without waiting for the data 8217 to be transferred from the server to the client. 8218 - added the "httpclose" option which removes any "connection:" header and adds 8219 "Connection: close" in both direction. 8220 - added the 'checkcache' option which blocks cacheable responses containing 8221 dangerous headers, such as 'set-cookie'. 8222 - added 'rspdeny' and 'rspideny' to block certain responses to avoid sensible 8223 information leak from servers. 8224 82252004/04/18 : 8226 - send an EMERG log when no server is available for a given proxy 8227 - added the '-c' command line option to syntactically check the 8228 configuration file without starting the service. 8229 82302003/11/09 : 1.2.0 8231 - the same as 1.1.27 + IPv6 support on the client side 8232 82332003/10/27 : 1.1.27 8234 - the configurable HTTP health check introduced in 1.1.23 revealed a shameful 8235 bug : the code still assumed that HTTP requests were the same size as the 8236 original ones (22 bytes), and failed if they were not. 8237 - added support for pidfiles. 8238 82392003/10/22 : 1.1.26 8240 - the fix introduced in 1.1.25 for client timeouts while waiting for servers 8241 broke almost all compatibility with POST requests, because the proxy 8242 stopped to read anything from the client as soon as it got all of its 8243 headers. 8244 82452003/10/15 : 1.1.25 8246 - added the 'tcplog' option, which provides enhanced, HTTP-like logs for 8247 generic TCP proxies, or lighter logs for HTTP proxies. 8248 - fixed a time-out condition wrongly reported as client time-out in data 8249 phase if the client timeout was lower than the connect timeout times the 8250 number of retries. 8251 82522003/09/21 : 1.1.24 8253 - if a client sent a full request then shut its write connection down, then 8254 the request was aborted. This case was detected only when using haproxy 8255 both as health-check client and as a server. 8256 - if 'option httpchk' is used in a 'health' mode server, then responses will 8257 change from 'OK' to 'HTTP/1.0 200 OK'. 8258 - fixed a Linux-only bug in case of HTTP server health-checks, where a single 8259 server response followed by a close could be ignored, and the server seen 8260 as failed. 8261 82622003/09/19 : 1.1.23 8263 - fixed a stupid bug introduced in 1.1.22 which caused second and subsequent 8264 'default' sections to keep previous parameters, and not initialize logs 8265 correctly. 8266 - fixed a second stupid bug introduced in 1.1.22 which caused configurations 8267 relying on 'dispatch' mode to segfault at the first connection. 8268 - 'option httpchk' now supports method, HTTP version and a few headers. 8269 - now, 'option httpchk', 'cookie' and 'capture' can be specified in 8270 'defaults' section 8271 82722003/09/10 : 1.1.22 8273 - 'listen' now supports optionnal address:port-range lists 8274 - 'bind' introduced to add new listen addresses 8275 - fixed a bug which caused a session to be kept established on a server till 8276 it timed out if the client closed during the DATA phase. 8277 - the port part of each server address can now be empty to make the proxy 8278 connect to the server on the same port it was connected to, be an absolute 8279 unsigned number to reflect a single port (as in older versions), or an 8280 explicitly signed number (+N/-N) to indicate that this offset must be 8281 applied to the port the proxy was connected to, when connecting to the 8282 server. 8283 - the 'port' server option allows the user to specify a different 8284 health-check port than the service one. It is mandatory when only relative 8285 ports have been specified and check is required. By default, the checks are 8286 sent to the service port. 8287 - new 'defaults' section which is rather similar to 'listen' except that all 8288 values are only used as default values for future 'listen' sections, until 8289 a new 'defaults' resets them. At the moment, server options, regexes, 8290 cookie names and captures cannot be set in the 'defaults' section. 8291 82922003/05/06 : 1.1.21 8293 - changed the debug output format so that it now includes the session unique 8294 ID followed by the instance name at the beginning of each line. 8295 - in debug mode, accept now shows the client's IP and port. 8296 - added one 3 small debugging scripts to search and pretty print debug output 8297 - changed the default health check request to "OPTIONS /" instead of 8298 "OPTIONS *" since not all servers implement the later one. 8299 - "option httpchk" now accepts an optional parameter allowing the user to 8300 specify and URI other than '/' during health-checks. 8301 83022003/04/21 : 1.1.20 8303 - fixed two problems with time-outs, one where a server would be logged as 8304 timed out during transfer that take longer to complete than the fixed 8305 time-out, and one where clients were logged as timed-out during the data 8306 phase because they didn't have anything to send. This sometimes caused 8307 slow client connections to close too early while in fact there was no 8308 problem. The proper fix would be to have a per-fd time-out with 8309 conditions depending on the state of the HTTP FSM. 8310 83112003/04/16 : 1.1.19 8312 - haproxy was NOT RFC compliant because it was case-sensitive on HTTP 8313 "Cookie:" and "Set-Cookie:" headers. This caused JVM 1.4 to fail on 8314 cookie persistence because it uses "cookie:". Two memcmp() have been 8315 replaced with strncasecmp(). 8316 83172003/04/02 : 1.1.18 8318 - Haproxy can be compiled with PCRE regex instead of libc regex, by setting 8319 REGEX=pcre on the make command line. 8320 - HTTP health-checks now use "OPTIONS *" instead of "OPTIONS /". 8321 - when explicit source address binding is required, it is now also used for 8322 health-checks. 8323 - added 'reqpass' and 'reqipass' to allow certain headers but not the request 8324 itself. 8325 - factored several strings to reduce binary size by about 2 kB. 8326 - replaced setreuid() and setregid() with more standard setuid() and setgid(). 8327 - added 4 status flags to the log line indicating who ended the connection 8328 first, the sessions state, the validity of the cookie, and action taken on 8329 the set-cookie header. 8330 83312002/10/18 : 1.1.17 8332 - add the notion of "backup" servers, which are used only when all other 8333 servers are down. 8334 - make Set-Cookie return "" instead of "(null)" when the server has no 8335 cookie assigned (useful for backup servers). 8336 - "log" now supports an optionnal level name (info, notice, err ...) above 8337 which nothing is sent. 8338 - replaced some strncmp() with memcmp() for better efficiency. 8339 - added "capture cookie" option which logs client and/or server cookies 8340 - cleaned up/down messages and dump servers states upon SIGHUP 8341 - added a redirection feature for errors : "errorloc <errnum> <url>" 8342 - now we won't insist on connecting to a dead server, even with a cookie, 8343 unless option "persist" is specified. 8344 - added HTTP/408 response for client request time-out and HTTP/50[234] for 8345 server reply time-out or errors. 8346 83472002/09/01 : 1.1.16 8348 - implement HTTP health checks when option "httpchk" is specified. 8349 83502002/08/07 : 1.1.15 8351 - replaced setpgid()/setpgrp() with setsid() for better portability, because 8352 setpgrp() doesn't have the same meaning under Solaris, Linux, and OpenBSD. 8353 83542002/07/20 : 1.1.14 8355 - added "postonly" cookie mode 8356 83572002/07/15 : 1.1.13 8358 - tv_diff used inverted parameters which led to negative times ! 8359 83602002/07/13 : 1.1.12 8361 - fixed stats monitoring, and optimized some tv_* for most common cases. 8362 - replaced temporary 'newhdr' with 'trash' to reduce stack size 8363 - made HTTP errors more HTML-fiendly. 8364 - renamed strlcpy() to strlcpy2() because of a slightly difference between 8365 their behaviour (return value), to avoid confusion. 8366 - restricted HTTP messages to HTTP proxies only 8367 - added a 502 message when the connection has been refused by the server, 8368 to prevent clients from believing this is a zero-byte HTTP 0.9 reply. 8369 - changed 'Cache-control:' from 'no-cache="set-cookie"' to 'private' when 8370 inserting a cookie, because some caches (apache) don't understand it. 8371 - fixed processing of server headers when client is in SHUTR state 8372 83732002/07/04 : 8374 - automatically close fd's 0,1 and 2 when going daemon ; setpgrp() after 8375 setpgid() 8376 83772002/06/04 : 1.1.11 8378 - fixed multi-cookie handling in client request to allow clean deletion 8379 in insert+indirect mode. Now, only the server cookie is deleted and not 8380 all the header. Should now be compliant to RFC2965. 8381 - added a "nocache" option to "cookie" to specify that we explicitly want 8382 to add a "cache-control" header when we add a cookie. 8383 It is also possible to add an "Expires: <old-date>" to keep compatibility 8384 with old/broken caches. 8385 83862002/05/10 : 1.1.10 8387 - if a cookie is used in insert+indirect mode, it's desirable that the 8388 the servers don't see it. It was not possible to remove it correctly 8389 with regexps, so now it's removed automatically. 8390 83912002/04/19 : 1.1.9 8392 - don't use snprintf()'s return value as an end of message since it may 8393 be larger. This caused bus errors and segfaults in internal libc's 8394 getenv() during localtime() in send_log(). 8395 - removed dead insecure send_syslog() function and all references to it. 8396 - fixed warnings on Solaris due to buggy implementation of isXXXX(). 8397 83982002/04/18 : 1.1.8 8399 - option "dontlognull" 8400 - fixed "double space" bug in config parser 8401 - fixed an uninitialized server field in case of dispatch 8402 with no existing server which could cause a segfault during 8403 logging. 8404 - the pid logged was always the father's, which was wrong for daemons. 8405 - fixed wrong level "LOG_INFO" for message "proxy started". 8406 84072002/04/13 : 8408 - http logging is now complete : 8409 - ip:port, date, proxy, server 8410 - req_time, conn_time, hdr_time, tot_time 8411 - status, size, request 8412 - source address 8413 84142002/04/12 : 1.1.7 8415 - added option forwardfor 8416 - added reqirep, reqidel, reqiallow, reqideny, rspirep, rspidel 8417 - added "log global" in "listen" section. 8418 84192002/04/09 : 8420 - added a new "global" section : 8421 - logs 8422 - debug, quiet, daemon modes 8423 - uid, gid, chroot, nbproc, maxconn 8424 84252002/04/08 : 1.1.6 8426 - regex are now chained and not limited anymore. 8427 - unavailable server now returns HTTP/502. 8428 - increased per-line args limit to 40 8429 - added reqallow/reqdeny to block some request on matches 8430 - added HTTP 400/403 responses 8431 84322002/04/03 : 1.1.5 8433 - connection logging displayed incorrect source address. 8434 - added proxy start/stop and server up/down log events. 8435 - replaced log message short buffers with larger trash. 8436 - enlarged buffer to 8 kB and replace buffer to 4 kB. 8437 84382002/03/25 : 1.1.4 8439 - made rise/fall/interval time configurable 8440 84412002/03/22 : 1.1.3 8442 - fixed a bug : cr_expire and cw_expire were inverted in CL_STSHUT[WR] 8443 which could lead to loops. 8444 84452002/03/21 : 1.1.2 8446 - fixed a bug in buffer management where we could have a loop 8447 between event_read() and process_{cli|srv} if R==BUFSIZE-MAXREWRITE. 8448 => implemented an adjustable buffer limit. 8449 - fixed a bug : expiration of tasks in wait queue timeout is used again, 8450 and running tasks are skipped. 8451 - added some debug lines for accept events. 8452 - send warnings for servers up/down. 8453 84542002/03/12 : 1.1.1 8455 - fixed a bug in total failure handling 8456 - fixed a bug in timestamp comparison within same second (tv_cmp_ms) 8457 84582002/03/10 : 1.1.0 8459 - fixed a few timeout bugs 8460 - rearranged the task scheduler subsystem to improve performance, 8461 add new tasks, and make it easier to later port to librt ; 8462 - allow multiple accept() for one select() wake up ; 8463 - implemented internal load balancing with basic health-check ; 8464 - cookie insertion and header add/replace/delete, with better strings 8465 support. 8466 84672002/03/08 8468 - reworked buffer handling to fix a few rewrite bugs, and 8469 improve overall performance. 8470 - implement the "purge" option to delete server cookies in direct mode. 8471 84722002/03/07 8473 - fixed some error cases where the maxfd was not decreased. 8474 84752002/02/26 8476 - now supports transparent proxying, at least on linux 2.4. 8477 84782002/02/12 8479 - soft stop works again (fixed select timeout computation). 8480 - it seems that TCP proxies sometimes cannot timeout. 8481 - added a "quiet" mode. 8482 - enforce file descriptor limitation on socket() and accept(). 8483 84842001/12/30 : release of version 1.0.2 : fixed a bug in header processing 84852001/12/19 : release of version 1.0.1 : no MSG_NOSIGNAL on solaris 84862001/12/16 : release of version 1.0.0. 84872001/12/16 : added syslog capability for each accepted connection. 84882001/11/19 : corrected premature end of files and occasional SIGPIPE. 84892001/10/31 : added health-check type servers (mode health) which replies OK then closes. 84902001/10/30 : added the ability to support standard TCP proxies and HTTP proxies 8491 with or without cookies (use keyword http for this). 84922001/09/01 : added client/server header replacing with regexps. 8493 eg: 8494 cliexp ^(Host:\ [^:]*).* Host:\ \1:80 8495 srvexp ^Server:\ .* Server:\ Apache 84962000/11/29 : first fully working release with complete FSMs and timeouts. 84972000/11/28 : major rewrite 84982000/11/26 : first write 8499