Hi,
I'm announcing haproxy 1.4.12. I know I did not take the time to announce
1.4.11 to the list when I released it one month ago, but now spare time
seems to get available again so here are the two announcements at once.
First, here's the short changelog between 1.4.10 and 1.4.11 :
- [MINOR] cfgparse: Check whether the path given for the stats socket
- [DOC] fix a minor typo
- [DOC] fix ignore-persist documentation
- [BUG] http: fix http-pretend-keepalive and httpclose/tunnel mode
- [MINOR] add warnings on features not compatible with multi-process
mode
- [MINOR] acl: add be_id/srv_id to match backend's and server's id
- [MINOR] log: add support for passing the forwarded hostname
- [MINOR] log: ability to override the syslog tag
- [DOC] fix minor typos in the doc
- [DOC] fix another typo in the doc
- [BUG] http chunking: don't report a parsing error on connection errors
- [BUG] stream_interface: truncate buffers when sending error messages
- [BUG] http: fix incorrect error reporting during data transfers
- [CRITICAL] session: correctly leave turn-around and queue states on
abort
- [BUG] session: release slot before processing pending connections
- [MINOR] stats: report HTTP message state and buffer flags in error
dumps
- [MINOR] http: support wrapping messages in error captures
- [MINOR] http: capture incorrectly chunked message bodies
- [MINOR] stats: add global event ID and count
- [OPTIM] http: don't send each chunk in a separate packet
- [BUG] acl: fix handling of empty lines in pattern files
- [BUG] ebtree: fix ebmb_lookup() with len smaller than the tree's keys
- [OPTIM] ebtree: ebmb_lookup: reduce stack usage by moving the return
code out of the loop
Second, here's the same changelog for 1.4.11 to 1.4.12 :
- [MINOR] stats: add support for several packets in stats admin
- [BUG] stats: admin commands must check the proxy state
- [BUG] stats: admin web interface must check the proxy state
- [BUG] http: update the header list's tail when removing the last
header
- [DOC] fix typos (http-request instead of http-check)
- [BUG] http: use correct ACL pointer when evaluating authentication
- [BUG] cfgparse: correctly count one socket per port in ranges
- [BUG] startup: set the rlimits before binding ports, not after.
- [BUG] acl: srv_id must return no match when the server is NULL
- [BUG] acl: fd leak when reading patterns from file
- [DOC] fix minor typo in "usesrc"
- [BUG] http: fix possible incorrect forwarded wrapping chunk size
- [BUG] http: fix computation of message body length after forwarding
has started
- [BUG] http: balance url_param did not work with first parameters on
POST
- [TESTS] update the url_param regression test to test check_post too
As you can see, those are quite a number of bugs. It does not mean the
product is getting worse, rather that users are exploiting more and more
its possibilities, that the quality of bug reports really increases, and
that we're discovering bugs in the code when developing on new branches.
Many of these issues above are really just minor annoyances (mainly wrong
flags reported in the logs for some errors for instance). They're still
worth upgrading at least to avoid wasting time trying to debug wrong issues.
However, there are three in 1.4.11 that I consider more important depending
on the use cases :
- 1.4.11 : http-pretend-keepalive was definitely fixed for httpclose and
tunnel modes. Prior to 1.4.11, it was still possible to see some requests
wait for a timeout with some setups and combinations of client/servers.
Cyril did an extensive work at testing all imaginable combinations and
all happened to work as expected.
- 1.4.11 : fix for correctly leaving the turn-around state. While working
on 1.5, I discovered a scary bug which could cause some sessions to
remain hung forever in the debugger. In theory it is possible to trigger
this bug with a faulty server that regularly dies, if the client knows
exactly when the connection will abort. The effect is that such sessions
will remain present until the process is restarted. The risk that it
happens is very low and in fact nobody has ever reported such a situation,
still this is something to care about.
- 1.4.11 : fix ebtrees in stick tables. A bug in the ebtree code made it
possible to have the same binary key at multiple places in the tree,
causing it to be larger than necessary and to take more time to be walked
through. I have not studied if the insertion sequence can be remotely
triggered when making use of stick tables with binary data. Anyway, 1.4
does not yet make use of binary patterns, but I don't know if some people
run their own patches out of mainline to add stickiness to other data
types.
In 1.4.12, this are more balanced. Some headers were not correctly processed
after removal of the last header (issue reported to the list by Stefan Behte),
disabling a disabled proxy from the CLI could result in a segfault (reported
by Bryan Talbot, fixed by Cyril Bonté), "balance url_param" was completely
broken on POST requests (reported by Bryan Talbot too), it is theorically
possible to get HTTP chunk size wrong if only the CR is sent as the last byte
of the buffer, waiting for the LF to wrap around in a subsequent packet, ACLs
loaded from a file did not correctly close the file descriptor upon success
(reported by Bertrand Jacquin), the recently added srv_id ACL could segfault
if the server is not known (reported by Hervé Commowick), rlimits were not
correctly updated for listening sockets (reported by the loadbalancer.org
team), the stats page in admin mode did not support multi-packet requests
(fixed by Cyril).
All of those bugs fixed in 1.4.12 are more annoying than the cosmetic ones
in 1.4.11, though not critical, and were discovered, diagnosed and fixed by
many people. The speed at which we're now able to fix bugs indicates to me
that they're less dramatic than they used to be, that they're much better
reported and that more people are able to work on the code and to provide
fixes. This is the really nice point because it shows that our working
capacity is starting to scale :-)
Speaking of users and scaling, I recently added a section "they use it" on the
web site. I happened too often that some people were asking for examples of
sites running haproxy, and since in parallel some users regularly like to send
me a little note about their success story, I found it logical to have them say
what they think of it. Of course, you'll only find there the ones who publicly
admit using it, we all know a number of very cool sites who don't want to be
reported there :-)
I'm still working on 1.5, trying to get server-side keep-alive working. Now I
think I have found the correct architectural changes to perform prior to that,
it's not easy but thing seem to go smoothly in one of my experimental branches.
If I can at least reach a point I'm satisfied with, I'll release 1.5-dev4 so
that 1.5-dev users can update and get their bugs fixed too.
Enough talking, the sources and builds are available at the usual place. This
time I took the time to also provide the Sparc builds, that were delayed since
1.4.9 :
site index : http://haproxy.1wt.eu/
sources : http://haproxy.1wt.eu/download/1.4/src/
changelog : http://haproxy.1wt.eu/download/1.4/src/CHANGELOG
binaries : http://haproxy.1wt.eu/download/1.4/bin/
Willy
