[ I'm resending as I'm not seeing these messages on the list ]
Hi,
HAProxy 2.0.13 was released on 2020/02/13. It added 67 new commits
after version 2.0.12.
Unsurprisingly the changelog is essentially the same as for 2.1, minus
what only affected 2.1. So I'm copy-pasting the relevant parts from the
2.1 announcement here, and will likely proceed similarly for 1.9.
Main fixes are:
- pools: there is an ABA race condition in pool_flush() (which is called
when stopping as well as under memory pressure) which can lead to a
crash. It's been there since 1.9 and is very hard to trigger, but if
you run with many threads and reload very often you may occasionally
hit it, seeing a trace of the old process crashing in your system
logs.
- there was a bug in the way our various hashes were calculated, some
of them were considering the inputs as signed chars instead of
unsigned ones, so some non-ASCII characters would hash differently
across different architectures and wouldn't match another component's
calculation (e.g. a CRC32 inserted in a header would differ when given
values with the 8th bit set, or applied to the PROXY protocol header).
The bug has been there since 1.5-dev20 but became visible since it
affected Postfix's validation of the PROXY protocol's CRC32. It's
unlikely that anyone will ever witness it if it didn't happen already,
but I tagged it "major" to make sure it is properly backported to
distro packages, since not having it on certain nodes may sometimes
result in hash inconsistencies which can be very hard to diagnose.
- the addition of the Early-Data header when using 0rtt could wrongly
be emitted during SSL handshake as well.
- health checks could crash if using handshakes (e.g. SSL) mixed with
DNS that takes time to retrieve an address, causing an attempt to
use an incompletely initialized connection.
- the peers listening socket was missing from the seamless reload,
possibly causing some failed bindings when not using reuseport,
resulting in the new process giving up.
- splicing could often end up on a timeout because after the last block
we did not switch back to HTX to complete the message.
- fixed a small race affecting idle connections, allowing one thread to
pick a connection at the same moment another one would decide to free
it because there are too many idle.
- response redirects were appended to the actual response instead of
replacing it. This could cause various errors, including data
corruption on the client if the entire response didn't fit into the
buffer at once.
- when stopping or when releasing a few connections after a listener's
maxconn was reached, we could distribute some work to inexistent
threads if the listener had "1/odd" or "1/even" while the process
had less than 64 threads. An easy workaround for this is to explicitly
reference the thread numbers instead.
- when proxying an HTTP/1 client to an HTTP/2 server, make sure to clean
up the "TE" header from anything but "trailers", otherwise the server
may reject a request if it came from a browser placing "gzip" there.
- the H2 mux had an incorrect buffer full detection causing the send
phase to stop on a fragment boundary then to immediately wake up all
waiting threads to go on, resulting in an excessive CPU usage in some
tricky situations. It is possible that those using H2 with many streams
per connection and moderately large objects, like Luke's maps servers,
could observe a CPU usage drop (maybe Luke on his map servers).
- it was possible to lose the master-worker status after a failed reload
when it was only mentioned in the config and not on the command line.
- upon pipe creation failure due to shortage of file descriptors, the
struct pipe was still returned after having been released, quickly
crashing the process. Fortunately the automatic maxconn/maxpipe
settings do not allow this situation to happen but very old configs
still having "ulimit-n" could have been affected.
- the "tcp-request session" rules would report an error upon a "reject"
action, making the listener throttle itself to protect resources,
which could actually amplify the problem.
- the H1 mux could attempt to perform a sendto() when facing new data
after having already failed, resulting in excess calls to sendto().
And lots of more usual stuff. As you can see, nothing requiring to
immediately jump onto it. Of course in case you're already facing any
issue, please first upgrade to 2.0.13 to verify it's still there before
reporting it.
Please find the usual URLs below :
Site index : http://www.haproxy.org/
Discourse : http://discourse.haproxy.org/
Slack channel : https://slack.haproxy.org/
Issue tracker : https://github.com/haproxy/haproxy/issues
Sources : http://www.haproxy.org/download/2.0/src/
Git repository : http://git.haproxy.org/git/haproxy-2.0.git/
Git Web browsing : http://git.haproxy.org/?p=haproxy-2.0.git
Changelog : http://www.haproxy.org/download/2.0/src/CHANGELOG
Cyril's HTML doc : http://cbonte.github.io/haproxy-dconv/
Willy
---
Complete changelog :
Baptiste Assmann (2):
BUG/MINOR: http_act: don't check capture id in backend
BUG/MINOR: dns: allow srv record weight set to 0
Ben51Degrees (1):
BUG/MINOR: 51d: Fix bug when HTX is enabled
Christopher Faulet (9):
BUG/MINOR: h1: Report the right error position when a header value is
invalid
BUG/MINOR: proxy: Fix input data copy when an error is captured
BUG/MINOR: channel: inject output data at the end of output
BUG/MINOR: stream-int: Don't trigger L7 retry if max retries is already
reached
BUG/MINOR: http-ana/filters: Wait end of the http_end callback for all
filters
BUG/MINOR: http-rules: Remove buggy deinit functions for HTTP rules
BUG/MINOR: stick-table: Use MAX_SESS_STKCTR as the max track ID during
parsing
BUG/MINOR: tcp-rules: Fix memory releases on error path during action
parsing
MINOR: proxy/http-ana: Add support of extra attributes for the cookie
directive
Frédéric Lécaille (1):
BUG/MINOR: ssl: Possible memleak when allowing the 0RTT data buffer.
Jerome Magnin (4):
BUG/MINOR: stream: don't mistake match rules for store-request rules
BUG/MINOR: pattern: handle errors from fgets when trying to load patterns
BUILD: pattern: include errno.h
DOC: word converter ignores delimiters at the start or end of input string
Kevin Zhu (1):
BUG/MEDIUM: http-ana: Truncate the response when a redirect rule is
applied
Lukas Tribus (1):
MINOR: build: add linux-glibc-legacy build TARGET
Olivier Houchard (11):
BUG/MEDIUM: checks: Only attempt to do handshakes if the connection is
ready.
BUG/MEDIUM: connections: Hold the lock when wanting to kill a connection.
MINOR: ssl: Remove unused variable "need_out".
BUG/MEDIUM: mux_h1: Don't call h1_send if we subscribed().
BUG/MEDIUM: 0rtt: Only consider the SSL handshake.
BUG/MEDIUM: ssl: Don't forget to free ctx->ssl on failure.
BUG/MEDIUM: connections: Don't forget to unlock when killing a connection.
BUG/MEDIUM: memory_pool: Update the seq number in pool_flush().
MINOR: memory: Only init the pool spinlock once.
BUG/MEDIUM: memory: Add a rwlock before freeing memory.
BUG/MAJOR: memory: Don't forget to unlock the rwlock if the pool is empty.
Tim Duesterhus (3):
BUG/MINOR: cache: Fix leak of cache name in error path
BUG/MINOR: dns: Make dns_query_id_seed unsigned
MINOR: acl: Warn when an ACL is named 'or'
William Dauchy (5):
MINOR: config: disable busy polling on old processes
BUG/MINOR: connection: fix ip6 dst_port copy in make_proxy_line_v2
BUG/MINOR: dns: allow 63 char in hostname
BUG/MINOR: tcp: avoid closing fd when socket failed in tcp_bind_listener
BUG/MINOR: tcp: don't try to set defaultmss when value is negative
William Lallemand (4):
BUG/MINOR: cli/mworker: can't start haproxy with 2 programs
REGTEST: mcli/mcli_start_progs: start 2 programs
BUG/MEDIUM: mworker: remain in mworker mode during reload
BUG/MEDIUM: cli: _getsocks must send the peers sockets
Willy Tarreau (25):
BUG/MINOR: checks: refine which errno values are really errors.
BUG/MEDIUM: session: do not report a failure when rejecting a session
BUG/MINOR: mux-h2: use a safe list_for_each_entry in h2_send()
BUG/MEDIUM: mux-h2: fix missing test on sending_list in previous patch
BUG/MEDIUM: mux-h2: don't stop sending when crossing a buffer boundary
BUG/MAJOR: hashes: fix the signedness of the hash inputs
REGTEST: add sample_fetches/hashes.vtc to validate hashes
BUG/MEDIUM: connection: add a mux flag to indicate splice usability
BUG/MINOR: stktable: report the current proxy name in error messages
BUG/MEDIUM: mux-h2: make sure we don't emit TE headers with anything but
"trailers"
BUILD: cfgparse: silence a bogus gcc warning on 32-bit machines
BUG/MINOR: tcpchecks: fix the connect() flags regarding delayed ack
BUG/MEDIUM: pipe: fix a use-after-free in case of pipe creation error
BUG/MINOR: ssl: we may only ignore the first 64 errors
CONTRIB: debug: add missing flags SF_HTX and SF_MUX
CONTRIB: debug: add the possibility to decode the value as certain types
only
CONTRIB: debug: support reporting multiple values at once
CONTRIB: debug: also support reading values from stdin
SCRIPTS: announce-release: place the send command in the mail's header
SCRIPTS: announce-release: allow the user to force to overwrite old files
BUG/MINOR: unix: better catch situations where the unix socket path
length is close to the limit
MINOR: http: add a new "replace-path" action
BUG/MEDIUM: listener: only consider running threads when resuming
listeners
BUG/MINOR: listener: enforce all_threads_mask on bind_thread on init
SCRIPTS: make announce-release executable again
---
