Hi guys,
Here's an update of current 1.5 status. All reported bugs were fixed.
I'm currently working on something that was just reported to me today
which is not exactly a bug but a design mistake around the way track-
counters are tracked between HTTP requests when they're done in "content"
rules. And we'll probably be ready for a dev22 that should fix all the
reported issues.
The hard things that I still have in my todo list before the release
are :
- Thomas' apparent memory leak is still under observation with more
debugging information. It might "just" be caused by a small SSL
connection DoS but I'd like to be sure of it before declaring a
victory.
- merge the ACL update feature that Thierry almost finished
- finish the agent-check mods. I have the response parser, but need
to stuff this in the middle of the rest.
- fix the buffer management to finally support compressing chunks
-> I had a 3000-lines patch one year ago, I just have to redo it
from scratch now, which enjoys me to the best :-/
- fix bind-process as recently discussed so that it's supported per
listener, allowing multiple individual stats socket statements and
get rid of the possible peer-vs-backend inconsistencies in multi-
process.
- maybe try again the keep-alive supports for the stats page (Igor
got an awfully bogus page so I immediately reverted it). Otherwise
we'll try it in 1.6 and backport it later once stabilized.
The easier things :
- switch to default keep-alive instead of tunnel mode since it's
not needed anymore by default (should half the number of requests
here for "I randomly get 404"). I need to add a "http-tunnel"
option for those who still want it for whatever reason.
- tcp-check connect : Baptiste has done the job, we just need a
few tweaks and to merge it.
- pending SSL optims suggested by Ilya and discussed with Emeric
- harden the SSL server verify mode by default as suggested by Lukas
(Emeric has taken a look at it).
To be postponed after 1.5 :
- dump+reload of server check status
- external password server for cert passwords, or whatever method
to make it easier to enter passwords to decipher cert keys.
If someone thinks I forgot something that must absolutely be in 1.5-final
and is not mentionned here, please let me know.
Thanks,
Willy
