Hi,

HAProxy 2.4-dev5 was released on 2021/01/06. It added 91 new commits
after version 2.4-dev4.

This version was mostly focused on new features, but a few bugs were
also addressed:

  - Fred's experimental QUIC code made its entrance! OK OK OK please calm
    down, it's just a part of the code that's needed to get merged to
    continue the required infrastructure changes and there is absolutely
    nothing functional at this step. I think at best it will handle a
    handshake. But these elements are terribly important to continue the
    parallel work on connections and muxes so they're better here than
    out-of-tree.

  - Rémi fixed the early issues reported by Tim on the handling of
    accept-encoding and Vary and improved the performance of the header
    processing. In addition, the header normalization should mechanically
    result in an increased cache hit ratio for those for whom this is an
    important factor. Finally responses using unknown encodings are not
    cached anymore (the list of supported ones is already wide and easy
    to extend).

  - Thayne McCombs implemented the ability to configure stickiness on the
    servers' addresses instead of just their ID or name, which will allow
    to persist connections over clusters even when DNS is involved and
    dynamic cookies are not usable for whatever reason.

  - Christopher finally found the cause of the corrupted stats output that
    a few already noticed and reported (there was a non-thread-safe variable
    in use in the middle of the chain, which indicates that those suffering
    from this issue are dumping stats from multiple points at the same time,
    possibly from various bots).

  - a build error triggered by gcc 11 was worked around by slightly changing
    the code (this way there's no pressure and the issue can be discussed
    calmly with the gcc team)

  - a significant amount of tree-wide code and doc cleanups was contributed
    by Tim and Ilya

  - Dragan upgraded XXHash to v0.8.0 to use the faster and even better XXH3.
    All exposed occurrences continue to use XXH2 however (e.g. converters,
    dynamic cookies etc).

  - Tim improved the makefile's help message to try to give more hints to
    the user about suggested build options. We've indeed seen a few times
    some users forgetting to enable SSL and admittedly it's not trivial to
    guess when you don't know where to start from.

  - Olivier fixed an interesting issue on the MacOS assembler which uses
    the semi-colon as a comment starter (like the old DOS-based assemblers)
    while other forms tend to use it as an instruction delimiter (which I
    used to ignore). This caused some recent issues on the new Macs with
    the M1 CPU where the double-word CAS was causing an endless loop.

  - Amaury allowed http-checks to set the Connection header so that it
    becomes possible to send WebSocket health checks now, and fixed two
    recently issues (crash with pool-max-conn 0 and disabled backends).

  - Another small change for those often debugging using strace, a very
    very long time ago, before the dinosaurs' fate, we used to force the
    poller to wake up every second to check the proxies state.  This is
    long gone but the wake up every second remained. When running haproxy
    under "strace -f" with 20 threads, it was quite annoying to see plenty
    of lines scroll all over the screen. And probably that in some VMs it
    would cause a small but measurable CPU usage for a totally idle
    system. This could have been completely removed but this frequent
    wakeup is also used to better detect and correct time drift in VMs.
    So the maximum sleep delay was increased to 60 seconds. This will
    still allow to correct serious time drifts and drastically reduce the
    unneeded wakeups on idle systems.

  - and a long tail of janitor stuff

It's fun to see that during this end-of-year period, while the usual
suspects were almost absent from the changelog, the usually more discrete
ones were very active, with Fred being far ahead with 36 patches! My
obvious conclusion is that we should take vacation more often :-)

Jokes aside, a few of us are currently busy eliminating recently reported
problems and backporting the missing fixes to issue a new set of stable
releases. I got a private report of at least one isolated issue still
affecting 2.2 which doesn't look like a recently fixed one but overall
it's rather clean.

As soon as I find enough time I'll do another set of 1.7 and 1.6 versions
with pending important fixes and close 1.6 as planned since 2020-Q4 is
behind us (and is encouraged to stay far away). I've heard plenty of times
from various people that 1.6 used to be "the best one". Let's allow it to
end its life in peace with all the fixes it deserves. As usual I don't
count on any of the rare users to upgrade that late, but sometimes it can
help a few to smoothen an upgrade.

Ah, last minute report, Christopher noticed that some of the recent changes
in mux-h1 that went into 2.4-dev3 broke setups in which a TCP frontend
connects to an HTTP backend. Thus if you're before 2.4-dev3 with such an
unusual setup, better wait a bit before upgrading.

Now I'm going to deploy on haproxy.org and see if this version works as
well as the previous one (it should).

Please find the usual URLs below :
   Site index       : http://www.haproxy.org/
   Discourse        : http://discourse.haproxy.org/
   Slack channel    : https://slack.haproxy.org/
   Issue tracker    : https://github.com/haproxy/haproxy/issues
   Wiki             : https://github.com/haproxy/wiki/wiki
   Sources          : http://www.haproxy.org/download/2.4/src/
   Git repository   : http://git.haproxy.org/git/haproxy.git/
   Git Web browsing : http://git.haproxy.org/?p=haproxy.git
   Changelog        : http://www.haproxy.org/download/2.4/src/CHANGELOG
   Cyril's HTML doc : http://cbonte.github.io/haproxy-dconv/

Willy
---
Complete changelog :
Amaury Denoyelle (4):
      MINOR: check: do not ignore a connection header for http-check send
      REGTESTS: complete http-check test
      BUG/MINOR: srv: do not init address if backend is disabled
      BUG/MINOR: srv: do not cleanup idle conns if pool max is null

Christian Ruppert (1):
      BUILD: hpack: hpack-tbl-t.h uses VAR_ARRAY but does not include compiler.h

Christopher Faulet (2):
      BUG/MINOR: tcpcheck: Report a L7OK if the last evaluated rule is a send 
rule
      BUG/MINOR: stats: Make stat_l variable used to dump a stat line thread 
local

Dragan Dosen (6):
      IMPORT: xxhash: update to v0.8.0 that introduces stable XXH3 variant
      MEDIUM: xxhash: use the XXH3 functions to generate 64-bit hashes
      MEDIUM: xxhash: use the XXH_INLINE_ALL macro to inline all functions
      CLEANUP: xxhash: remove the unused src/xxhash.c
      MINOR: sample: add the xxh3 converter
      REGTESTS: add tests for the xxh3 converter

Frédéric Lécaille (36):
      MINOR: protocol: Create proto_quic QUIC protocol layer.
      MINOR: connection: Attach a "quic_conn" struct to "connection" struct.
      MINOR: quic: Redefine control layer callbacks which are QUIC specific.
      MINOR: ssl_sock: Initialize BIO and SSL objects outside of ssl_sock_init()
      MINOR: connection: Add a new xprt to connection.
      MINOR: ssl: Export definitions required by QUIC.
      MINOR: cfgparse: Do not modify the QUIC xprt when parsing "ssl".
      MINOR: tools: Add support for QUIC addresses parsing.
      MINOR: quic: Add definitions for QUIC protocol.
      MINOR: quic: Import C source code files for QUIC protocol.
      MINOR: listener: Add QUIC info to listeners and receivers.
      MINOR: server: Add QUIC definitions to servers.
      MINOR: ssl: SSL CTX initialization modifications for QUIC.
      MINOR: ssl: QUIC transport parameters parsing.
      MINOR: quic: QUIC socket management finalization.
      MINOR: cfgparse: QUIC default server transport parameters init.
      MINOR: quic: Enable the compilation of QUIC modules.
      MAJOR: quic: Make usage of ebtrees to store QUIC ACK ranges.
      MINOR: quic: Attempt to make trace more readable
      MINOR: quic: Make usage of the congestion control window.
      MINOR: quic: Flag RX packet as ack-eliciting from the generic parser.
      MINOR: quic: Code reordering to help in reviewing/modifying.
      MINOR: quic: Add traces to congestion avoidance NewReno callback.
      MINOR: quic: Display the SSL alert in ->ssl_send_alert() callback.
      MINOR: quic: Update the initial salt to that of draft-29.
      MINOR: quic: Add traces for in flght ack-eliciting packet counter.
      MINOR: quic: make a packet build fails when qc_build_frm() fails.
      MINOR: quic: Add traces for quic_packet_encrypt().
      MINOR: qpack: Add static header table definitions for QPACK.
      CLEANUP: qpack: Wrong comment about the draft for QPACK static header 
table.
      CLEANUP: quic: Remove useless QUIC event trace definitions.
      BUG/MINOR: quic: Possible CRYPTO frame building errors.
      MINOR: quic: Pass quic_conn struct to frame parsers.
      BUG/MINOR: quic: Wrong STREAM frames parsing.
      MINOR: quic: Drop packets with STREAM frames with wrong direction.
      BUG/MINOR: quic: NULL pointer dereferences when building post handshake 
frames.

Ilya Shipitsin (4):
      CI: travis-ci: drop coverity scan builds
      CI: GitHub Actions: enable daily Coverity scan
      CI: github actions: build several popular "contrib" tools
      CLEANUP: assorted typo fixes in the code and comments

Olivier Houchard (1):
      MINOR: atomic: don't use ; to separate instruction on aarch64.

Remi Tricot-Le Breton (10):
      MINOR: cache: Refactoring of secondary_key building functions
      MINOR: cache: Avoid storing responses whose secondary key was not 
correctly calculated
      BUG/MINOR: cache: Manage multiple headers in accept-encoding normalization
      MINOR: cache: Add specific secondary key comparison mechanism
      MINOR: http: Add helper functions to trim spaces and tabs
      MEDIUM: cache: Manage a subset of encodings in accept-encoding normalizer
      REGTESTS: cache: Simplify vary.vtc file
      REGTESTS: cache: Add a specific test for the accept-encoding normalizer
      MINOR: cache: Remove redundant test in http_action_req_cache_use
      MINOR: cache: Replace the "process-vary" option's expected values

Thayne McCombs (3):
      MEDIUM: stick-tables: Add srvkey option to stick-table
      REGTESTS: add test for stickiness using "srvkey addr"
      BUG/MEDIUM: server: srv_set_addr_desc() crashes when a server has no 
address

Tim Duesterhus (14):
      BUG/MEDIUM: mux_h2: Add missing braces in h2_snd_buf()around trace+wakeup
      BUG/MEDIUM: cache: Fix hash collision in `accept-encoding` handling for 
`Vary`
      BUG/MINOR: sink: Return an allocation failure in __sink_new if strdup() 
fails
      BUG/MINOR: lua: Fix memory leak error cases in hlua_config_prepend_path
      MINOR: lua: Use consistent error message 'memory allocation failed'
      CLEANUP: Compare the return value of `XXXcmp()` functions with zero
      CLEANUP: Apply the coccinelle patch for `XXXcmp()` on include/
      CLEANUP: Apply the coccinelle patch for `XXXcmp()` on contrib/
      CLEANUP: ssl: Remove useless loop in tlskeys_list_get_next()
      CLEANUP: ssl: Remove useless local variable in tlskeys_list_get_next()
      BUG/MINOR: cfgparse: Fail if the strdup() for `rule->be.name` for 
`use_backend` fails
      CLEANUP: Reduce scope of `header_name` in http_action_store_cache()
      CLEANUP: Reduce scope of `hdr_age` in http_action_store_cache()
      DOC: Improve the message printed when running `make` w/o `TARGET`

William Dauchy (1):
      CLEANUP: spoe: fix typo on `var_check_arg` comment

Willy Tarreau (8):
      MINOR: time: increase the minimum wakeup interval to 60s
      BUILD: Makefile: disable -Warray-bounds until it's fixed in gcc 11
      MINOR: ssl: make tlskeys_list_get_next() take a list element
      Revert "BUILD: Makefile: disable -Warray-bounds until it's fixed in gcc 
11"
      CLEANUP: mworker: remove duplicate pointer tests in cfg_parse_program()
      REGTESTS: add unresolvable servers to srvkey-addr
      SCRIPTS: improve announce-release to support different tag and versions
      SCRIPTS: make announce release support preparing announces before tag 
exists

---

Reply via email to