Hi,
as promised, here comes version 1.6.3 which fixes a significant number
of bugs since 1.6.2. This is expected to be the last version of the year.
Let's try to summarize the most important ones :
- HTTP responses forged in Lua could be truncated
- POST data could occasionally experience a 200ms delay due to a
missing CF_NEVER_WAIT flag
- sometimes a close from the server could propagate to the client
and terminate a keep-alive connection
- an occasional CPU busy loop could happen when client-fin and
server-fin were used
- urlp coudln't match an empty value
- the DeviceAtlas converter could segfault if the user-agent was
removed using req*del
- email-alerts would not work in default sections
- http-reuse would sometimes not properly reuse idle connections
- the automatic maxconn calculation would be incorrect when nbproc > 1
- two bugs affecting peers could cause some entries not to be immediately
pushed to the peers.
- Lua couldn't access HTTP headers from a POST request, please see the
doc for the changes that were necessary to make it work.
- Lua services cannot reliably use L7 fetches. Now we check for this
case and doc was updated to mention it.
- Lua services didn't refuse to be called from TCP rulesets.
- HTTP analysers must not be forced in Lua services. This was causing
crashes in buffer_insert_line2().
Note that I got a report of urlp_val() not always properly retrieving the
value, which I could reproduce once and never since. I audited the code
and found nothing explaining this. I suspected an improperly initialized
variable but I couldn't find anything looking like this. If anyone believes
to have found a bug there as well, I'm interested in their feedback on the
subject. The urlp_val() was used as an ACL from a TCP ruleset in an HTTP
frontend if that matters.
Most of the other patches are doc and code cleanups, and a few minor fixes,
as can be seen in the full changelog below :
- BUG/MINOR: http rule: http capture 'id' rule points to a non existing id
- BUG/MINOR: server: check return value of fgets() in apply_server_state()
- BUG/MINOR: acl: don't use record layer in req_ssl_ver
- BUILD: freebsd: double declaration
- BUG/MEDIUM: lua: clean output buffer
- BUILD: check for libressl to be able to build against it
- DOC: lua-api/index.rst small example fixes, spelling correction.
- DOC: lua: architecture and first steps
- DOC: relation between timeout http-request and option http-buffer-request
- BUILD: Make deviceatlas require PCRE
- BUG: http: do not abort keep-alive connections on server timeout
- BUG/MEDIUM: http: switch the request channel to no-delay once done.
- BUG/MINOR: lua: don't force-sslv3 LUA's SSL socket
- BUILD/MINOR: http: proto_http.h needs sample.h
- BUG/MEDIUM: http: don't enable auto-close on the response side
- BUG/MEDIUM: stream: fix half-closed timeout handling
- CLEANUP: compression: don't allocate DEFAULT_MAXZLIBMEM without USE_ZLIB
- BUG/MEDIUM: cli: changing compression rate-limiting must require admin level
- BUG/MEDIUM: sample: urlp can't match an empty value
- BUILD: dumpstats: silencing warning for printf format specifier / time_t
- CLEANUP: proxy: calloc call inverted arguments
- MINOR: da: silent logging by default and displaying DeviceAtlas support if
built.
- BUG/MEDIUM: da: stop DeviceAtlas processing in the convertor if there is no
input.
- DOC: Edited 51Degrees section of README/
- BUG/MEDIUM: checks: email-alert not working when declared in defaults
- BUG/MINOR: checks: email-alert causes a segfault when an unknown mailers
section is configured
- BUG/MINOR: checks: typo in an email-alert error message
- BUG/MINOR: tcpcheck: conf parsing error when no port configured on server
and last rule is a CONNECT with no port
- BUG/MINOR: tcpcheck: conf parsing error when no port configured on server
and first rule(s) is (are) COMMENT
- BUG/MEDIUM: http: fix http-reuse when frontend and backend differ
- DOC: prefer using http-request/response over reqXXX/rspXXX directives
- BUG/MEDIUM: config: properly adjust maxconn with nbproc when memmax is
forced
- BUG/MEDIUM: peers: table entries learned from a remote are pushed to others
after a random delay.
- BUG/MEDIUM: peers: old stick table updates could be repushed.
- CLEANUP: haproxy: using _GNU_SOURCE instead of __USE_GNU macro.
- MINOR: lua: service/applet can have access to the HTTP headers when a POST
is received
- REORG/MINOR: lua: convert boolean "int" to bitfield
- BUG/MEDIUM: lua: Lua applets must not fetch samples using http_txn
- BUG/MINOR: lua: Lua applets must not use http_txn
- BUG/MEDIUM: lua: Forbid HTTP applets from being called from tcp rulesets
- BUG/MAJOR: lua: Do not force the HTTP analysers in use-services
- CLEANUP: lua: bad error messages
- DOC: lua: fix lua API
- DOC: mailers: typo in 'hostname' description
- DOC: compression: missing mention of libslz for compression algorithm
- BUILD/MINOR: regex: missing header
- BUG/MINOR: stream: bad return code
- DOC: lua: fix somme errors and add implicit types
The usual URLs come below :
Site index : http://www.haproxy.org/
Discourse : http://discourse.haproxy.org/
Sources : http://www.haproxy.org/download/1.6/src/
Git repository : http://git.haproxy.org/git/haproxy-1.6.git/
Git Web browsing : http://git.haproxy.org/?p=haproxy-1.6.git
Changelog : http://www.haproxy.org/download/1.6/src/CHANGELOG
Cyril's HTML doc : http://cbonte.github.io/haproxy-dconv/
Willy
