Hi, HAProxy 2.6.14 was released on 2023/06/08. It added 55 new commits after version 2.6.13.
After the 2.7, it is the turn for the 2.6. However, this one is lighter. On QUIC side, a connection leak was fix when a request without payload was aborted because the end of the message was not properly reported to the upper layer. In addition, few minor bugs on error paths were also addressed. The SPOE was fixed to limit the number of idle applets on edge cases. On sporadic bursts, it was possible to systematically start new applets because the SPOE processing frequency was lower than the messages rate, and this independently on the number of idle applets. The idle applets tracking was improved to be able to properly reuse them. This fix revealed a flaw in the way synchronous frames were handled, leading to a raise of the message processing latency. To fix this issue, in synchronous mode, a SPOE applet will now systematically try to send a frame when it is woken up, except if it is still waiting for a ACK frame after a receive attempt. Finally, a crash for engines configured on disabled proxies was fixed. SPOE engines must not be released for such proxies during the startup because some resources may be shared with other engines, for instance the ACLs. The FCGI multiplexer was fixed to be sure to never request more room to the channel when the mux is waiting for more data. It is especially important to not do so if the channel buffer is empty. Otherwise, the situation cannot evolved and the session remains stuck. The total boot time is now measured. It is used to postpone the startup of health checks. It is pretty useful for very large configurations taking up few seconds to start, to not schedule some servers' checks in past. This also helps to have a better distribution of health-checks when "spread-checks" option is used. In addition, the spread-checks is also used at boot time, making the load much smoother from the start. More actions were added to the "http-after-response" (set-map, set-log-level, sc-inc-gpc etc) Finally, as usual, several minor bugs were fixed and the doc was improved. Most notably, a section about side format was added in the configuration manual. Thanks everyone for you help and your contributions ! Please find the usual URLs below : Site index : https://www.haproxy.org/ Documentation : https://docs.haproxy.org/ Wiki : https://github.com/haproxy/wiki/wiki Discourse : https://discourse.haproxy.org/ Slack channel : https://slack.haproxy.org/ Issue tracker : https://github.com/haproxy/haproxy/issues Sources : https://www.haproxy.org/download/2.6/src/ Git repository : https://git.haproxy.org/git/haproxy-2.6.git/ Git Web browsing : https://git.haproxy.org/?p=haproxy-2.6.git Changelog : https://www.haproxy.org/download/2.6/src/CHANGELOG Dataplane API : https://github.com/haproxytech/dataplaneapi/releases/latest Pending bugs : https://www.haproxy.org/l/pending-bugs Reviewed bugs : https://www.haproxy.org/l/reviewed-bugs Code reports : https://www.haproxy.org/l/code-reports Latest builds : https://www.haproxy.org/l/dev-packages --- Complete changelog : Aleksandar Lazic (1): DOC: configuration: add info about ssl-engine for 2.6 Amaury Denoyelle (10): MINOR: quic: use real sending rate measurement BUG/MINOR: mux-quic: prevent quic_conn error code to be overwritten MINOR: htx: add function to set EOM reliably BUG/MINOR: mux-quic: properly handle buf alloc failure BUG/MINOR: mux-quic: handle properly recv ncbuf alloc failure BUG/MINOR: quic: do not alloc buf count on alloc failure BUG/MINOR: mux-quic: differentiate failure on qc_stream_desc alloc BUG/MINOR: mux-quic: handle properly Tx buf exhaustion MINOR: mux-quic: uninline qc_attach_sc() BUG/MEDIUM: mux-quic: fix EOI for request without payload Aurelien DARRAGON (9): BUG/MINOR: proxy: missing free in free_proxy for redirect rules MINOR: proxy: add http_free_redirect_rule() function BUG/MINOR: http_rules: fix errors paths in http_parse_redirect_rule() BUG/MINOR: errors: handle malloc failure in usermsgs_put() BUG/MINOR: log: fix memory error handling in parse_logsrv() BUG/MINOR: hlua: unsafe hlua_lua2smp() usage DOC: config: fix jwt_verify() example using var() BUG/MINOR: cfgparse-tcp: leak when re-declaring interface from bind line BUG/MINOR: proxy: add missing interface bind free in free_proxy Christopher Faulet (13): BUG/MEDIUM: spoe: Don't start new applet if there are enough idle ones BUG/MINOR: resolvers: Use sc_need_room() to wait more room when dumping stats BUILD: mjson: Fix warning about unused variables MINOR: spoe: Don't stop disabled proxies BUG/MEDIUM: filters: Don't deinit filters for disabled proxies during startup MINOR: http-rules: Add missing actions in http-after-response ruleset BUG/MEDIUM: mux-fcgi: Don't request more room if mux is waiting for more data BUG/MINOR: tcp-rules: Don't shortened the inspect-delay when EOI is set REGTESTS: log: Reduce response inspect-delay for last_rule.vtc DOC: config: Clarify conditions to shorten the inspect-delay for TCP rules REGTESTS: log: Reduce again response inspect-delay for last_rule.vtc DOC: config: Fix bind/server/peer documentation in the peers section BUG/MINOR: spoe: Only skip sending new frame after a receive attempt Daniel Epperson (1): DOC: add size format section to manual Frédéric Lécaille (7): BUG/MINOR: quic: Wrong key update cipher context initialization for encryption BUG/MINOR: quic: Possible crash when dumping version information BUG/MINOR: quic: Buggy acknowlegments of acknowlegments function BUG/MINOR: quic: Wrong token length check (quic_generate_retry_token()) BUG/MINOR: quic: Missing Retry token length on receipt CONTRIB: Add vi file extensions to .gitignore BUG/MINOR: quic: Possible crash when SSL session init fails Ilia Shipitsin (2): CI: switch to Fastly CDN to download LibreSSL BUILD: ssl: switch LibreSSL to Fastly CDN Mariam John (1): DOC/MINOR: config: Fix typo in description for `ssl_bc` in configuration.txt William Lallemand (2): MINOR: ssl: ssl_sock_load_cert_chain() display error strings BUILD: ssl: buggy -Werror=dangling-pointer since gcc 13.0 Willy Tarreau (9): BUG/MINOR: fd: always remove late updates when freeing fd_updt[] DEV: haring: automatically disable DEBUG_STRICT DEV: haring: update readme to suggest using the same build options for haring BUG/MINOR: debug: do not emit empty lines in thread dumps MINOR: checks: make sure spread-checks is used also at boot time MINOR: clock: measure the total boot time BUG/MINOR: checks: postpone the startup of health checks by the boot time BUG/MINOR: clock: fix the boot time measurement method for 2.6 and older SCRIPTS: publish-release: update the umask to keep group write access -- Christopher Faulet