Hi,

HAProxy 2.0.6 was released on 2019/09/13. It added 36 new commits 
after version 2.0.5.

A major issue was fixed in the SSL part. When a SSL socket was created, its
context was not fully initialized. Because this context is allocated from a
memory pool, it was possible to inherit some information from a previous
session. Thus, some fetches, related to client's certificate presence or its
verify status and errors, was returning erroneous values. So SSL connections
without client certificate were able to be accepted by HAProxy from the time a
previous one was already accepted with a valid client certificate. This issue
was reported on GitHub (#248).

An AB/BA locking issue was fixed about the listeners. The functions
protocol_enable_all() and delete_listener() were using the same locks in a
reverse order. The former being used during startup and the latter during stop,
it was possible to have a deadlock during reload floods. Note though, it is
pretty hard to hit this issue in 2.0 and above.

Nathan Davison (@ndavison) reported that in legacy mode we didn't correctly
rejected messages featuring a transfer-encoding header missing the "chunked"
value. The impact was limited, but if combined with "http-reuse always", it
could be used as an help to construct a content smuggling attack against a
vulnerable component employing a lenient parser which would ignore the
content-length header as soon as it sees a transfer-encoding one, without even
parsing it.

An improvement was made on the idle connections management. Now, we don't keep
more idle connections than we've ever had outstanding requests on a server. This
way the total number of idle connections will never exceed the sum of maximum
connections. Thus highly loaded servers will be able to get many connections and
slightly loaded servers will keep less. This address performance issues with the
option "http-reuse safe" (the default) because of too many idle connections kept
opened and never reused.

An old bug on legacy HTTP analyzers was fixed. When HAProxy was waiting for a 
request or a response, the parsing was delayed if the buffer appeared as not
rewritable (reserve not fully free), without any other criteria. It might 
blocked
the message analysis for a while, sometime infinitely depending on
circumstances. For instance, It was happening when the cache applet used the
reserve to added the header "Age" on cached responses. This test was based an 
old
implicit assumption that stated if a buffer was not rewritable, it meant some
outgoing data were pending to be sent. On recent versions, this is not true
anymore because all outgoing data are sent before starting the analysis of the
next transaction.

Several bugs was fixed into the H1 multiplexer. The trailers of chunked messages
were sometimes truncated on buffer boundary because the parser systematically
reported an error when the buffer was full during trailers parsing. Now, an
error is only reported if the buffer is full because trailers are too huge. In
the same spirit, errors might be reported on transfers ending if the buffer was
full because no more space left to add the EOM block. SD termination state was
erroneously reported in HAProxy logs for successful transfers.

Two bugs was fixed on the cache. Both concerned the way messages with a huge
header part were handled by the cache. First, messages with an header part
impinging upon the buffer's reserved were stored in the cache. Now these
messages are not cached anymore. The reserve must remain available to handle
the response processing when a cached object is served, just like any other
response. Then, in the cache, messages with an header part stored on several
shctx blocks (> 1024 bytes) were not correctly served.

Finally, the usual bunch of bug fixes here and there. Some improvements were
made on checks to adapt them to recent changes on the connections layer. The
sample fetch url32 was fixed to really take the path part into account. A memory
leak during configuration parsing was fixed, when an ACL expression was
parsed. Response flags are now correctly reset when 1xx messages are handled so
it is possible to compress HTTP responses preceded by a 100-Continue. The server
weights are now ignored for empty servers to not always pick the same server on
low load (thanks to @malsumis and @jaroslawr for this fix). And so on.

It is also noticeable that Luca Schimweg added the sample fetch uuid() to get an
UUID following the format of version 4 in the RFC4122 standard. The
DRAIN/MAINT/NOLB status are now reported for servers by the Prometheus 
exporter. And
the number of idle connections for each server is now reported on the stats page
likewise the configuration limit.

All users of the 2.0 are encouraged to upgrade, especially those using
authentication with SSL client certificate.


Please find the usual URLs below :
   Site index       : http://www.haproxy.org/
   Discourse        : http://discourse.haproxy.org/
   Slack channel    : https://slack.haproxy.org/
   Issue tracker    : https://github.com/haproxy/haproxy/issues
   Sources          : http://www.haproxy.org/download/2.0/src/
   Git repository   : http://git.haproxy.org/git/haproxy-2.0.git/
   Git Web browsing : http://git.haproxy.org/?p=haproxy-2.0.git
   Changelog        : http://www.haproxy.org/download/2.0/src/CHANGELOG
   Cyril's HTML doc : http://cbonte.github.io/haproxy-dconv/

---
Complete changelog :
Adis Nezirovic (1):
      BUG/MINOR: Missing stat_field_names (since f21d17bb)

Christopher Faulet (14):
      BUG/MEDIUM: proto-http: Always start the parsing if there is no outgoing 
data
      BUG/MINOR: http-ana: Reset response flags when 1xx messages are handled
      BUG/MINOR: h1: Properly reset h1m when parsing is restarted
      BUG/MINOR: mux-h1: Fix size evaluation of HTX messages after headers 
parsing
      BUG/MINOR: mux-h1: Don't stop anymore input processing when the max is 
reached
      BUG/MINOR: mux-h1: Be sure to update the count before adding EOM after 
trailers
      BUG/MEDIUM: cache: Properly copy headers splitted on several shctx blocks
      BUG/MEDIUM: cache: Don't cache objects if the size of headers is too big
      MINOR: contrib/prometheus-exporter: Report DRAIN/MAINT/NOLB status for 
servers
      BUG/MINOR: listener: Fix a possible null pointer dereference
      BUG/MINOR: ssl: always check for ssl connection before getting its XPRT 
context
      BUG/MINOR: filters: Properly set the HTTP status code on analysis error
      BUG/MINOR: acl: Fix memory leaks when an ACL expression is parsed
      BUG/MINOR: backend: Fix a possible null pointer dereference

Emeric Brun (1):
      BUG/MAJOR: ssl: ssl_sock was not fully initialized.

Frédéric Lécaille (1):
      BUG/MEDIUM: peers: local peer socket not bound.

Jerome Magnin (1):
      BUG/MEDIUM: url32 does not take the path part into account in the 
returned hash.

Luca Schimweg (1):
      MINOR: sample: Add UUID-fetch

Willy Tarreau (16):
      MINOR: debug: indicate the applet name when the task is task_run_applet()
      MINOR: tools: add append_prefixed_str()
      MINOR: lua: export applet and task handlers
      MEDIUM: debug: make the thread dump code show Lua backtraces
      BUG/MEDIUM: mux-h1: do not truncate trailing 0CRLF on buffer boundary
      BUG/MEDIUM: mux-h1: do not report errors on transfers ending on buffer 
full
      BUG/MINOR: mworker: disable SIGPROF on re-exec
      BUG/MEDIUM: listener/threads: fix an AB/BA locking issue in 
delete_listener()
      BUG/MINOR: checks: stop polling for write when we have nothing left to 
send
      BUG/MINOR: checks: start sending the request right after connect()
      BUG/MINOR: checks: make __event_chk_srv_r() report success before closing
      BUG/MINOR: checks: do not uselessly poll for reads before the connection 
is up
      BUG/MINOR: lb/leastconn: ignore the server weights for empty servers
      BUG/MEDIUM: connection: don't keep more idle connections than ever needed
      MINOR: stats: report the number of idle connections for each server
      BUG/MEDIUM: http: also reject messages where "chunked" is missing from 
transfer-enoding

n...@users.noreply.github.com (1):
      DOC: fixed typo in management.txt

-- 
Christopher Faulet

Reply via email to